last executing test programs: 4.775358303s ago: executing program 4 (id=5629): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x24000]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r2, &(0x7f0000005800)=[{{0x0, 0x0, 0x0}}], 0x1, 0x8014) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = socket$inet(0x2, 0x3, 0x4) sendmmsg$inet(r4, &(0x7f0000000280)=[{{&(0x7f0000000240)={0x2, 0x4e01, @private=0xa010100}, 0x10, 0x0, 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='4\x00\x00\x00\x00\x00\x00\x00', @ANYRES32=r4], 0x38}}], 0x1, 0x46000) 4.374559023s ago: executing program 4 (id=5639): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003780)=[{{0x0, 0x0, 0x0}}], 0x1, 0x8014) r3 = gettid() timer_create(0x1, &(0x7f0000000800)={0x0, 0x21, 0x4, @tid=r3}, &(0x7f0000000000)) fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x3ed4, 0x5}) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x9) timer_settime(0x0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0) 3.233978327s ago: executing program 0 (id=5663): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$can_raw(0x1d, 0x3, 0x1) ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000100)={'vcan0\x00', 0x0}) bind$can_raw(r2, &(0x7f00000001c0)={0x1d, r3}, 0x10) recvmmsg(r2, &(0x7f0000000a00)=[{{0x0, 0x0, &(0x7f0000000800)=[{&(0x7f0000004040)=""/4096, 0x1000}], 0x1}, 0x3ff}], 0x1, 0x40000002, 0x0) setsockopt$CAN_RAW_RECV_OWN_MSGS(r2, 0x65, 0x4, &(0x7f00000003c0)=0x1, 0x4) sendmsg$can_raw(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)=@can={{}, 0x0, 0x0, 0x0, 0x0, "0000000000000003"}, 0x10}}, 0x20000000) 2.626565728s ago: executing program 1 (id=5671): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = socket$inet(0xa, 0x801, 0x0) setsockopt$IPT_SO_SET_REPLACE(r4, 0x0, 0x40, &(0x7f0000000040)=@mangle={'mangle\x00', 0x44, 0x6, 0x3b8, 0x1f0, 0x288, 0x158, 0x0, 0x98, 0x320, 0x320, 0x320, 0x320, 0x320, 0x6, 0x0, {[{{@ip={@broadcast, @dev, 0xff, 0x0, 'pim6reg0\x00', 'ip6gre0\x00'}, 0x0, 0x70, 0x98}, @common=@unspec=@STANDARD={0x28, '\x00', 0x0, 0x158}}, {{@ip={@rand_addr=0x64010100, @local, 0x0, 0x0, 'pim6reg1\x00', 'veth0_virt_wifi\x00', {0xff}, {}, 0x6, 0x3, 0x40}, 0x0, 0x90, 0xc0, 0x0, {}, [@common=@socket0={{0x20}}]}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x0, 0x0, @multicast2}}}, {{@uncond, 0x0, 0x70, 0x98}, @TTL={0x28, 'TTL\x00', 0x0, {0xfe, 0x7}}}, {{@ip={@rand_addr, @local, 0x0, 0x0, 'syzkaller0\x00', 'macvlan0\x00', {0xff}, {0xff}, 0x33, 0x3}, 0x0, 0x70, 0x98}, @unspec=@CHECKSUM={0x28}}, {{@ip={@broadcast, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0xff, 'ip6tnl0\x00', 'batadv_slave_1\x00', {}, {0xff}}, 0x0, 0x70, 0x98}, @common=@inet=@SET1={0x28, 'SET\x00', 0x1, {{0x4, 0x4, 0x5}, {0x0, 0x6, 0x5}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x418) getsockopt$IP6T_SO_GET_REVISION_MATCH(r0, 0x29, 0x44, &(0x7f0000000000)={'TPROXY\x00'}, &(0x7f0000000040)=0x1e) 2.324854178s ago: executing program 0 (id=5674): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0xd3283d0368e269b3, 0x8031, 0xffffffffffffffff, 0x0) r2 = socket$inet(0x2, 0x4000000000000001, 0x0) sendto$inet(r2, 0x0, 0x0, 0x28040041, &(0x7f0000000000)={0x2, 0x24e23, @loopback}, 0x10) sendmsg$inet(r2, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x40041) recvmmsg(r2, &(0x7f00000005c0), 0x40000000000026c, 0x0, 0x0) 1.387424522s ago: executing program 1 (id=5676): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) write(r0, 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r2, &(0x7f0000003780)=[{{0x0, 0x0, 0x0}}], 0x1, 0x8014) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) 1.315702489s ago: executing program 3 (id=5677): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.throttle.io_serviced\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8=0x0, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = socket$inet6_udplite(0xa, 0x2, 0x88) recvmmsg(r4, 0x0, 0x0, 0x12122, 0x0) 1.292990261s ago: executing program 1 (id=5678): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) select(0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)={0x0, 0x2}) 1.275462723s ago: executing program 0 (id=5679): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x24000]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r2, &(0x7f0000005800)=[{{0x0, 0x0, 0x0}}], 0x1, 0x8014) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = socket$inet(0x2, 0x3, 0x4) sendmmsg$inet(r4, &(0x7f0000000280)=[{{&(0x7f0000000240)={0x2, 0x4e01, @private=0xa010100}, 0x10, 0x0, 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='4\x00\x00\x00\x00\x00\x00\x00', @ANYRES32=r4], 0x38}}], 0x1, 0x46000) 1.236561877s ago: executing program 3 (id=5680): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) pselect6(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 1.215220909s ago: executing program 0 (id=5681): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='binder\x00', 0x0, 0x0) fspick(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0) 1.181252953s ago: executing program 1 (id=5682): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0) sendto$inet(r2, 0x0, 0x0, 0x80, 0x0, 0x0) capset(0x0, 0x0) 1.119965769s ago: executing program 1 (id=5683): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) write(r0, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000003780)=[{{0x0, 0x0, 0x0}}], 0x1, 0x8014) r4 = socket$netlink(0x10, 0x3, 0xc) setsockopt$sock_int(r4, 0x1, 0x8, &(0x7f0000000200), 0x4) 1.119082159s ago: executing program 2 (id=5684): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x275a, 0x0) fcntl$lock(r3, 0x26, &(0x7f0000000040)={0x0, 0x0, 0x10, 0x3}) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0) 1.100621931s ago: executing program 0 (id=5685): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) ioctl$FIONCLEX(r0, 0x5450) 1.045506526s ago: executing program 1 (id=5686): r0 = socket$netlink(0x10, 0x3, 0x0) prctl$PR_SET_SECUREBITS(0x1c, 0x4) r1 = socket$inet6(0xa, 0x3, 0x8000000003c) connect$inet6(r1, &(0x7f0000000080)={0xa, 0x2, 0x0, @dev={0xfe, 0x80, '\x00', 0x3c}, 0x4}, 0x1c) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000bc0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{r2}, &(0x7f0000000800), &(0x7f0000000840)=r3}, 0x20) r4 = socket$can_bcm(0x1d, 0x2, 0x2) connect$can_bcm(r4, 0x0, 0x0) close(r4) sendmsg(r1, &(0x7f00000000c0)={0x0, 0x9504, &(0x7f0000000100)=[{&(0x7f0000000000)="2b10", 0xffbd}], 0x1, 0x0, 0x0, 0x2c}, 0x4) sendmsg$nl_route_sched(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=@newqdisc={0x54, 0x10, 0x1, 0xfffffffc, 0x0, {0x0, 0x0, 0x0, 0x0, {0xffe0}, {0xf}, {0xe}}, [@TCA_RATE={0x6, 0x5, {0x9, 0x1}}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1a, {0x0, 0xf, 0x491, 0x3, 0x0, 0x0, 0x8, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x80}, 0x4000c00) 1.00891752s ago: executing program 2 (id=5687): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) write(r0, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x0, 0x200000005c831, 0xffffffffffffffff, 0x0) 995.729591ms ago: executing program 0 (id=5688): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) write(r0, 0x0, 0x0) r3 = socket$can_raw(0x1d, 0x3, 0x1) ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000000080)={'vcan0\x00', 0x0}) bind$can_raw(r3, &(0x7f0000000100)={0x1d, r4}, 0x10) setsockopt$CAN_RAW_FILTER(r3, 0x65, 0x1, 0x0, 0x0) 985.383832ms ago: executing program 4 (id=5689): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0xd3283d0368e269b3, 0x8031, 0xffffffffffffffff, 0x0) r2 = socket$inet(0x2, 0x4000000000000001, 0x0) sendto$inet(r2, 0x0, 0x0, 0x28040041, &(0x7f0000000000)={0x2, 0x24e23, @loopback}, 0x10) sendmsg$inet(r2, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x40041) recvmmsg(r2, &(0x7f00000005c0), 0x40000000000026c, 0x0, 0x0) 881.652042ms ago: executing program 2 (id=5690): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0) sendto$inet(r2, 0x0, 0x0, 0x80, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) recvfrom$inet(r2, 0x0, 0x0, 0x2041, 0x0, 0x0) 785.078332ms ago: executing program 2 (id=5691): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendmmsg$inet(r2, &(0x7f0000000a40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40040) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) fgetxattr(r4, 0x0, 0x0, 0x0) 706.73771ms ago: executing program 4 (id=5692): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_tx_ring(r4, 0x107, 0xd, &(0x7f0000000180)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) sendto(r4, 0x0, 0x0, 0x4884, 0x0, 0x0) 684.677552ms ago: executing program 2 (id=5693): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendmmsg$inet(r2, &(0x7f0000000a40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40040) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0) 609.95049ms ago: executing program 2 (id=5694): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x1]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) openat$ashmem(0xffffffffffffff9c, &(0x7f0000000080), 0xe0f01, 0x0) r2 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r2, 0x10e, 0xc, &(0x7f0000000280)={0x4000}, 0x10) r3 = socket$inet6(0xa, 0x802, 0x0) sendmsg$nl_generic(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="200000001600010a00000000000000000c0000000c0000800800", @ANYRES16=r3], 0x20}}, 0x40816) 408.12758ms ago: executing program 4 (id=5695): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r4, &(0x7f0000000000)={0x1f, 0xffff, 0x2}, 0x6) recvmmsg(r4, &(0x7f0000000580)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) 338.348047ms ago: executing program 3 (id=5696): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x1]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) munmap(&(0x7f0000002000/0x4000)=nil, 0x4000) sigaltstack(&(0x7f0000000480)={&(0x7f0000004000)=""/4126, 0x80000001, 0x101e}, 0x0) r2 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc)) futex(&(0x7f000000cffc), 0x80000000000b, 0x0, 0x0, &(0x7f0000048000), 0x0) timer_settime(0x0, 0x0, &(0x7f0000000240)={{}, {0x0, 0x9}}, 0x0) 319.552449ms ago: executing program 4 (id=5697): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x0, &(0x7f0000000280)={[{@nojournal_checksum}, {@grpquota}]}, 0x4, 0x4eb, &(0x7f0000000540)="$eJzs3c9vVFsdAPDvnXZoKQMFZaFGBRFFQ5j+ABqCC2GjMYTESFy5gNoOTdMZpum0SCuLsnRvIokr/RPcuTBh5cKdO925wYUJKnkv9CVvMS/3zqUd2g7te7Qd6Hw+ye2955xhvufMcM6Ze2B6AuhZZyNiNSKORMS9iBjO85P8iButI33cq5ePp9ZePp5Kotm8878kK0/zou3PpI7lzzkYET/7ccQvk61xG8src5PVamUhT48s1uZHGssrl2YLec74xNjE6LXLV8f3rK1nan968aPZWz//y5+/8fzvq9//dVqt0m+OZ2Xt7dhLraYXo9SW1x8Rt/YjWJf0539/+PCkve1LEXEu6//D0Ze9mwDAYdZsDkdzuD0NABx26f1/KZJCOV8LKEWhUC631vBOx1ChWm8sXhyuLz2YjmwN62QUC/dnq5XRfK3wZBSTND2WXW+kxzelL0fEqYj47cDRLF2eqlenu/nBBwB62LFN8//HA635HwA45Aa7XQEA4MCZ/wGg95j/AaD3fI7537cDAeCQcP8PAL3H/A8AvWfH+f/JwdQDADgQP719Oz2aa/nvv55+uLz0g9LDS9OVxly5tjRVnqovzJdn6vWZaqU81Wzu9HzVen1+7Mp6srG8crdWX3qweHe2NjlTuVsp7nN7AICdnTrz7J9JRKxeP5od0baXg7kaDrdCtysAdE1ftysAdI3v80Dv2sU9vmUAOOS22aL3DR3/i9BTm7/Ch+rCV63/Q6+y/g+964ut//9wz+sBHDzr/9C7ms3Env8A0GOs8QPv9O//AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0KNK2ZEUytle4Kvpz0K5HHE8Ik5GMbk/W62MRsSJiPjHQHEgTY91u9IAwDsq/CfJ9/+6MHy+tLn0SPLJQHaOiF/9/s7vHk0uLi6Mpfn/X89ffJrnjx/pRgMAgHY3tma15un83HYj/+rl46nXx0FW8cXN1uaiady1/GiV9Ed/dh6MYkQMfZTk6Zb080rfHsRffRIRX9lo/6O2CKVsDaS18+nm+Gns4/sQf+P13xy/8Eb8QlaWnovZa/HlPagL9JpnN1vjZN730i6W979CnM3O2/f/wWyEenevx7+1LeNfYX3869sSP8n6/Nn19Ntr8uLKX3+yJbM53Cp7EvG1/u3iJ+vxkw7j7/ldtvFfX//muU5lzT9EXIjt47fUsmF2ZLE2P9JYXrk0W5ucqcxUHoyPT4xNjF67fHV8JFujbv3823Yx/nv94olO8dP2D3WIP7hD+7+zy/b/8dN7v/jWW+J/79vbv/+n3xI/nRO/u8v4k0M3Om7fncaf7tD+nd7/i7uM//zfK9O7fCgAcAAayytzk9VqZWGHi/Sz5k6PcfFhXsRqxHtQDRfv1UW3RyZgv210+m7XBAAAAAAAAAAAAAAA6KSxvDI3EPv7daJutxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDD67MAAAD//w/PzvM=") r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) pwrite64(r4, &(0x7f0000000100)='r', 0x1, 0x8080c63) 223.878978ms ago: executing program 3 (id=5698): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = socket(0x40000000015, 0x5, 0x0) bind$inet6(r4, &(0x7f0000000040)={0xa, 0x0, 0x0, @loopback}, 0x1c) sendto$inet6(r4, 0x0, 0x0, 0x0, &(0x7f0000000240)={0xa, 0x0, 0x0, @dev, 0xfffffffc}, 0x1c) 142.264466ms ago: executing program 3 (id=5699): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0xb, 0x84) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r3, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) mount$binderfs(0x0, &(0x7f0000000080)='./binderfs\x00', &(0x7f0000000140), 0x4a81, &(0x7f0000000040)=ANY=[@ANYBLOB='max=00']) 0s ago: executing program 3 (id=5700): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) futex(&(0x7f000000cffc)=0x4, 0x0, 0x4, 0x0, 0x0, 0x0) futex(&(0x7f000000cffc)=0x1, 0x5, 0x1, 0x0, &(0x7f0000000000)=0xffffffff, 0x5000001) kernel console output (not intermixed with test programs): 88.223670][ T26] kauditd_printk_skb: 3 callbacks suppressed [ 88.223687][ T26] audit: type=1326 audit(1763445750.267:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4828 comm="syz.3.230" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7ff1946b06c9 code=0x7fc00000 [ 88.626511][ T4854] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 89.160009][ T4854] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1147: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4128793 free clusters [ 89.271555][ T4877] process 'syz.1.250' launched './file1' with NULL argv: empty string added [ 89.416544][ T4880] syz.3.251 uses obsolete (PF_INET,SOCK_PACKET) [ 89.513627][ T4882] loop0: detected capacity change from 0 to 1024 [ 89.656185][ T4882] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 89.668647][ T4882] ext4 filesystem being mounted at /50/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 89.731545][ T4882] EXT4-fs error (device loop0): ext4_lookup:1858: inode #15: comm syz.0.252: inode has both inline data and extents flags [ 90.015956][ T4906] binfmt_misc: register: failed to install interpreter file ./cgroup [ 90.701190][ T4944] loop0: detected capacity change from 0 to 128 [ 90.829525][ T4944] FAT-fs (loop0): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1) [ 92.239019][ T5012] loop0: detected capacity change from 0 to 512 [ 92.262103][ T5008] loop4: detected capacity change from 0 to 4096 [ 92.282583][ T5013] loop2: detected capacity change from 0 to 2048 [ 92.347545][ T5013] EXT4-fs (loop2): couldn't mount as ext3 due to feature incompatibilities [ 92.439029][ T5012] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: inode #11: comm syz.0.313: ea_inode with extended attributes [ 92.477413][ T5002] netlink: 12 bytes leftover after parsing attributes in process `syz.4.310'. [ 92.574339][ T5025] netlink: 5 bytes leftover after parsing attributes in process `syz.3.318'. [ 92.593635][ T5012] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz.0.313: error while reading EA inode 11 err=-117 [ 92.656100][ T5012] EXT4-fs (loop0): 1 orphan inode deleted [ 92.661922][ T5012] EXT4-fs (loop0): mounted filesystem without journal. Opts: nodioread_nolock,journal_dev=0x00000000000000ff,debug_want_extra_isize=0x000000000000004c,nouid32,resgid=0x0000000000000000,acl,init_itable=0x0000000000008d55,,errors=continue. Quota mode: none. [ 93.107117][ T26] audit: type=1326 audit(1763445755.177:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5046 comm="syz.0.326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80019086c9 code=0x7ffc0000 [ 93.127725][ T5045] netlink: 'syz.1.328': attribute type 11 has an invalid length. [ 93.170306][ T26] audit: type=1326 audit(1763445755.207:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5046 comm="syz.0.326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f80019086c9 code=0x7ffc0000 [ 93.182841][ T5045] netlink: 32 bytes leftover after parsing attributes in process `syz.1.328'. [ 93.284251][ T26] audit: type=1326 audit(1763445755.207:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5046 comm="syz.0.326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80019086c9 code=0x7ffc0000 [ 93.399729][ T26] audit: type=1326 audit(1763445755.217:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5046 comm="syz.0.326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f80019086c9 code=0x7ffc0000 [ 93.520414][ T26] audit: type=1326 audit(1763445755.217:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5046 comm="syz.0.326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80019086c9 code=0x7ffc0000 [ 93.562098][ T5068] overlayfs: workdir and upperdir must be separate subtrees [ 93.624087][ T26] audit: type=1326 audit(1763445755.217:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5046 comm="syz.0.326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=100 compat=0 ip=0x7f80019086c9 code=0x7ffc0000 [ 93.738922][ T26] audit: type=1326 audit(1763445755.217:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5046 comm="syz.0.326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80019086c9 code=0x7ffc0000 [ 93.901919][ T26] audit: type=1326 audit(1763445755.967:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5083 comm="syz.4.347" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f323e77a6c9 code=0x7ffc0000 [ 93.986320][ T26] audit: type=1326 audit(1763445755.967:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5083 comm="syz.4.347" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f323e77a6c9 code=0x7ffc0000 [ 94.113424][ T26] audit: type=1326 audit(1763445755.997:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5083 comm="syz.4.347" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f323e77a6c9 code=0x7ffc0000 [ 94.171877][ T26] audit: type=1326 audit(1763445755.997:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5083 comm="syz.4.347" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f323e77a6c9 code=0x7ffc0000 [ 94.276856][ T26] audit: type=1326 audit(1763445755.997:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5083 comm="syz.4.347" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f323e77a6c9 code=0x7ffc0000 [ 94.495157][ T5106] bpf: Bad value for 'mode' [ 94.567648][ T5108] uffd: Set unprivileged_userfaultfd sysctl knob to 1 if kernel faults must be handled without obtaining CAP_SYS_PTRACE capability [ 94.773115][ T5120] netlink: 64 bytes leftover after parsing attributes in process `syz.3.365'. [ 94.823070][ T5122] netlink: 12 bytes leftover after parsing attributes in process `syz.4.366'. [ 94.883796][ T5122] netlink: 16 bytes leftover after parsing attributes in process `syz.4.366'. [ 95.678305][ T5160] overlayfs: workdir and upperdir must be separate subtrees [ 95.751275][ T5164] netlink: 156 bytes leftover after parsing attributes in process `syz.0.387'. [ 95.772816][ T5166] netlink: 20 bytes leftover after parsing attributes in process `syz.3.386'. [ 95.824382][ T5170] netlink: 20 bytes leftover after parsing attributes in process `syz.3.386'. [ 96.214583][ T5192] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 97.065517][ T5215] netlink: 16 bytes leftover after parsing attributes in process `syz.1.409'. [ 97.710226][ T5209] netlink: 104 bytes leftover after parsing attributes in process `syz.3.406'. [ 97.853220][ T5235] loop2: detected capacity change from 0 to 128 [ 98.009742][ T5235] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 54) [ 98.034806][ T5235] FAT-fs (loop2): Filesystem has been set read-only [ 98.064267][ T5235] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 54) [ 98.097773][ T5235] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 54) [ 98.371560][ T5254] netlink: 44 bytes leftover after parsing attributes in process `syz.2.424'. [ 98.865704][ T5274] netlink: 32 bytes leftover after parsing attributes in process `syz.3.434'. [ 99.291282][ T5297] loop2: detected capacity change from 0 to 512 [ 99.390266][ T5301] loop4: detected capacity change from 0 to 512 [ 99.452583][ T5297] EXT4-fs (loop2): Ignoring removed mblk_io_submit option [ 99.466951][ T5301] EXT4-fs (loop4): Ignoring removed mblk_io_submit option [ 99.474520][ T5297] EXT4-fs (loop2): inline encryption not supported [ 99.486861][ T5297] EXT4-fs (loop2): Test dummy encryption mode enabled [ 99.494351][ T5301] EXT4-fs (loop4): inline encryption not supported [ 99.501722][ T5301] EXT4-fs (loop4): Test dummy encryption mode enabled [ 99.534602][ T5297] EXT4-fs (loop2): Ignoring removed mblk_io_submit option [ 99.552835][ T5301] EXT4-fs (loop4): Ignoring removed mblk_io_submit option [ 99.574210][ T5297] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 99.594318][ T5301] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 99.616820][ T5297] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 99.724489][ T5297] EXT4-fs (loop2): 1 truncate cleaned up [ 99.727994][ T5301] EXT4-fs (loop4): 1 truncate cleaned up [ 99.730447][ T5297] EXT4-fs (loop2): mounted filesystem without journal. Opts: errors=remount-ro,mblk_io_submit,inlinecrypt,test_dummy_encryption=v1,barrier,mblk_io_submit,nogrpid,. Quota mode: none. [ 99.759099][ T5301] EXT4-fs (loop4): mounted filesystem without journal. Opts: errors=remount-ro,mblk_io_submit,inlinecrypt,test_dummy_encryption=v1,barrier,mblk_io_submit,nogrpid,. Quota mode: none. [ 100.052785][ T5297] fscrypt (loop2): Missing crypto API support for AES-256-XTS (API name: "xts(aes)") [ 100.193701][ T5301] fscrypt (loop4): Missing crypto API support for AES-256-XTS (API name: "xts(aes)") [ 100.765073][ T5363] netlink: 8 bytes leftover after parsing attributes in process `syz.3.465'. [ 101.724668][ T5417] sctp: [Deprecated]: syz.1.491 (pid 5417) Use of int in max_burst socket option. [ 101.724668][ T5417] Use struct sctp_assoc_value instead [ 101.808798][ T5422] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 101.823577][ T5412] 8021q: adding VLAN 0 to HW filter on device bond1 [ 101.883793][ T5418] bond1: (slave ip6gretap1): Enslaving as an active interface with an up link [ 101.973303][ T4455] IPv6: ADDRCONF(NETDEV_CHANGE): bond1: link becomes ready [ 103.220537][ T5441] loop0: detected capacity change from 0 to 512 [ 103.307098][ T5441] EXT4-fs (loop0): Ignoring removed mblk_io_submit option [ 103.384434][ T5441] EXT4-fs (loop0): inline encryption not supported [ 103.391072][ T5441] EXT4-fs (loop0): Test dummy encryption mode enabled [ 103.467703][ T5441] EXT4-fs (loop0): Ignoring removed mblk_io_submit option [ 103.503033][ T5441] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 103.551977][ T5441] EXT4-fs (loop0): 1 truncate cleaned up [ 103.564071][ T5441] EXT4-fs (loop0): mounted filesystem without journal. Opts: errors=remount-ro,mblk_io_submit,inlinecrypt,test_dummy_encryption=v1,barrier,mblk_io_submit,nogrpid,. Quota mode: none. [ 103.759661][ T5441] fscrypt: AES-256-XTS using implementation "xts-aes-aesni" [ 104.477409][ T5494] capability: warning: `syz.2.522' uses 32-bit capabilities (legacy support in use) [ 104.787782][ T5505] netlink: 4 bytes leftover after parsing attributes in process `syz.1.527'. [ 104.946605][ T5507] loop2: detected capacity change from 0 to 2048 [ 105.095995][ T5507] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 105.514711][ T5506] UDF-fs: warning (device loop2): udf_truncate_tail_extent: Too long extent after EOF in inode 1436: i_size: 303104 lbcount: 307200 extent 33+12288 [ 106.028824][ T5548] netlink: 44 bytes leftover after parsing attributes in process `syz.4.550'. [ 106.086649][ T5548] netlink: 12 bytes leftover after parsing attributes in process `syz.4.550'. [ 110.530412][ T5678] mmap: syz.0.608 (5678) uses deprecated remap_file_pages() syscall. See Documentation/vm/remap_file_pages.rst. [ 111.316414][ T5706] loop4: detected capacity change from 0 to 256 [ 111.538779][ T5716] device batadv_slave_1 entered promiscuous mode [ 111.592197][ T5715] device batadv_slave_1 left promiscuous mode [ 113.182445][ T5770] netlink: 8 bytes leftover after parsing attributes in process `syz.1.649'. [ 114.034273][ T1111] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 114.284571][ T1111] usb 2-1: Using ep0 maxpacket: 8 [ 114.414377][ T5829] 9pnet: p9_errstr2errno: server reported unknown error 1844674 [ 114.434608][ T1111] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 114.457837][ T1111] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 114.502077][ T1111] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 114.527196][ T1111] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 114.594414][ T1111] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 114.603510][ T1111] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 114.954464][ T1111] usb 2-1: GET_CAPABILITIES returned 0 [ 114.960365][ T1111] usbtmc 2-1:16.0: can't read capabilities [ 115.035499][ T5856] netlink: 32 bytes leftover after parsing attributes in process `syz.3.684'. [ 115.243856][ T1111] usb 2-1: USB disconnect, device number 2 [ 116.901945][ T5938] overlayfs: option "volatile" is meaningless in a non-upper mount, ignoring it. [ 116.923575][ T5938] overlayfs: missing 'lowerdir' [ 117.007940][ T5943] 9pnet: p9_errstr2errno: server reported unknown error 18446744 [ 117.097513][ T5945] netlink: 8 bytes leftover after parsing attributes in process `syz.4.728'. [ 117.795429][ T5972] netlink: 8 bytes leftover after parsing attributes in process `syz.0.741'. [ 118.062927][ T5986] netlink: 'syz.4.747': attribute type 4 has an invalid length. [ 118.109154][ T5986] netlink: 17 bytes leftover after parsing attributes in process `syz.4.747'. [ 118.226626][ T5991] netlink: 12 bytes leftover after parsing attributes in process `syz.1.751'. [ 118.310283][ T5994] netlink: 'syz.3.752': attribute type 1 has an invalid length. [ 118.498233][ T5999] 8021q: adding VLAN 0 to HW filter on device bond2 [ 118.517503][ T5999] bond1: (slave bond2): making interface the new active one [ 118.533271][ T5999] bond1: (slave bond2): Enslaving as an active interface with an up link [ 118.543453][ T6002] netlink: 28 bytes leftover after parsing attributes in process `syz.3.752'. [ 118.568044][ T6002] 8021q: adding VLAN 0 to HW filter on device bond1 [ 119.263676][ T6037] loop1: detected capacity change from 0 to 512 [ 119.427890][ T6045] netlink: 72 bytes leftover after parsing attributes in process `syz.0.775'. [ 119.491426][ T6037] EXT4-fs (loop1): mounted filesystem without journal. Opts: grpid,lazytime,,errors=continue. Quota mode: writeback. [ 119.510312][ T6037] ext4 filesystem being mounted at /148/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 119.556970][ T6057] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 120.981098][ T6122] loop2: detected capacity change from 0 to 512 [ 121.185726][ T6122] EXT4-fs error (device loop2): ext4_do_update_inode:5218: inode #16: comm syz.2.809: corrupted inode contents [ 121.297997][ T6122] EXT4-fs error (device loop2): ext4_dirty_inode:6054: inode #16: comm syz.2.809: mark_inode_dirty error [ 121.343080][ T6122] EXT4-fs error (device loop2): ext4_do_update_inode:5218: inode #16: comm syz.2.809: corrupted inode contents [ 121.367654][ T6122] EXT4-fs error (device loop2): __ext4_ext_dirty:183: inode #16: comm syz.2.809: mark_inode_dirty error [ 121.388254][ T6122] EXT4-fs error (device loop2): ext4_do_update_inode:5218: inode #16: comm syz.2.809: corrupted inode contents [ 121.409316][ T6122] EXT4-fs error (device loop2) in ext4_orphan_del:301: Corrupt filesystem [ 121.418711][ T6122] EXT4-fs error (device loop2): ext4_do_update_inode:5218: inode #16: comm syz.2.809: corrupted inode contents [ 121.437255][ T6122] EXT4-fs error (device loop2): ext4_truncate:4279: inode #16: comm syz.2.809: mark_inode_dirty error [ 121.457283][ T6142] Cannot find set identified by id 0 to match [ 121.481936][ T6122] EXT4-fs error (device loop2) in ext4_process_orphan:343: Corrupt filesystem [ 121.564447][ T6122] EXT4-fs (loop2): 1 truncate cleaned up [ 121.601159][ T6122] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 121.665871][ T6122] ext4 filesystem being mounted at /153/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 121.779825][ T6154] syz.4.824 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 122.925587][ T6197] netlink: 'syz.2.844': attribute type 1 has an invalid length. [ 123.492958][ T6217] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 123.961263][ T6231] netlink: 76 bytes leftover after parsing attributes in process `syz.0.861'. [ 125.865177][ T6282] netlink: 44 bytes leftover after parsing attributes in process `syz.0.884'. [ 125.898813][ T6282] netlink: 67 bytes leftover after parsing attributes in process `syz.0.884'. [ 126.073480][ T6292] binder: 6291:6292 ioctl c0306201 0 returned -14 [ 126.814655][ T6326] netlink: 12 bytes leftover after parsing attributes in process `syz.1.905'. [ 127.159419][ T26] kauditd_printk_skb: 18 callbacks suppressed [ 127.159435][ T26] audit: type=1326 audit(1763445789.217:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6340 comm="syz.3.911" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1946b06c9 code=0x50000 [ 127.249777][ T26] audit: type=1326 audit(1763445789.237:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6340 comm="syz.3.911" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1946b06c9 code=0x50000 [ 127.350115][ T26] audit: type=1326 audit(1763445789.237:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6340 comm="syz.3.911" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1946b06c9 code=0x50000 [ 127.384888][ T6350] netlink: 32 bytes leftover after parsing attributes in process `syz.0.915'. [ 127.469313][ T26] audit: type=1326 audit(1763445789.237:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6340 comm="syz.3.911" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1946b06c9 code=0x50000 [ 127.539840][ T26] audit: type=1326 audit(1763445789.237:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6340 comm="syz.3.911" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1946b06c9 code=0x50000 [ 127.585605][ T6357] netlink: 64 bytes leftover after parsing attributes in process `syz.0.918'. [ 127.601761][ T26] audit: type=1326 audit(1763445789.237:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6340 comm="syz.3.911" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1946b06c9 code=0x50000 [ 127.667838][ T26] audit: type=1326 audit(1763445789.237:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6340 comm="syz.3.911" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1946b06c9 code=0x50000 [ 127.759980][ T26] audit: type=1326 audit(1763445789.237:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6340 comm="syz.3.911" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1946b06c9 code=0x50000 [ 127.861227][ T26] audit: type=1326 audit(1763445789.237:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6340 comm="syz.3.911" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1946b06c9 code=0x50000 [ 127.933896][ T26] audit: type=1326 audit(1763445789.237:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6340 comm="syz.3.911" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1946b06c9 code=0x50000 [ 128.510550][ T6397] netlink: 'syz.2.936': attribute type 4 has an invalid length. [ 128.540707][ T6397] netlink: 17 bytes leftover after parsing attributes in process `syz.2.936'. [ 129.387685][ T6438] netlink: 'syz.1.955': attribute type 12 has an invalid length. [ 129.574252][ T21] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 129.752617][ T6453] netlink: 8 bytes leftover after parsing attributes in process `syz.3.963'. [ 129.834241][ T21] usb 1-1: Using ep0 maxpacket: 32 [ 129.954618][ T21] usb 1-1: config 0 has no interfaces? [ 130.099313][ T6467] overlayfs: unrecognized mount option "/" or missing value [ 130.151742][ T21] usb 1-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 130.169483][ T21] usb 1-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 130.198905][ T21] usb 1-1: Product: syz [ 130.209016][ T21] usb 1-1: Manufacturer: syz [ 130.226006][ T21] usb 1-1: SerialNumber: syz [ 130.249028][ T21] usb 1-1: config 0 descriptor?? [ 130.532028][ T21] usb 1-1: USB disconnect, device number 2 [ 130.816477][ T6492] binder: 6491:6492 ioctl c0306201 200000000180 returned -14 [ 131.752306][ T6529] netlink: 188 bytes leftover after parsing attributes in process `syz.1.998'. [ 131.954946][ T6536] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1002'. [ 132.718444][ T1424] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.725074][ T1424] ieee802154 phy1 wpan1: encryption failed: -22 [ 134.046150][ T26] kauditd_printk_skb: 33 callbacks suppressed [ 134.046164][ T26] audit: type=1326 audit(1763445796.117:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6593 comm="syz.0.1028" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80019086c9 code=0x7ffc0000 [ 134.112000][ T26] audit: type=1326 audit(1763445796.167:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6593 comm="syz.0.1028" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80019086c9 code=0x7ffc0000 [ 134.508107][ T6611] Cannot find set identified by id 3 to match [ 136.470909][ T6680] loop3: detected capacity change from 0 to 128 [ 136.649629][ T6686] xt_CHECKSUM: CHECKSUM should be avoided. If really needed, restrict with "-p udp" and only use in OUTPUT [ 136.661731][ T6686] Cannot find add_set index 0 as target [ 136.844827][ T6680] FAT-fs (loop3): Directory bread(block 32) failed [ 136.988642][ T6680] FAT-fs (loop3): Directory bread(block 33) failed [ 137.254164][ T6680] FAT-fs (loop3): Directory bread(block 34) failed [ 137.314178][ T6680] FAT-fs (loop3): Directory bread(block 35) failed [ 137.347968][ T6680] FAT-fs (loop3): Directory bread(block 36) failed [ 137.413355][ T6680] FAT-fs (loop3): Directory bread(block 37) failed [ 137.468978][ T6680] FAT-fs (loop3): Directory bread(block 38) failed [ 137.518686][ T6680] FAT-fs (loop3): Directory bread(block 39) failed [ 137.579134][ T6680] FAT-fs (loop3): Directory bread(block 40) failed [ 137.598854][ T6680] FAT-fs (loop3): Directory bread(block 41) failed [ 137.803242][ T6707] loop0: detected capacity change from 0 to 256 [ 137.906624][ T26] audit: type=1326 audit(1763445799.977:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6709 comm="syz.1.1082" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b2794a6c9 code=0x7ffc0000 [ 137.946072][ T6707] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 137.990231][ T26] audit: type=1326 audit(1763445800.007:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6709 comm="syz.1.1082" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f1b2794a6c9 code=0x7ffc0000 [ 138.134724][ T26] audit: type=1326 audit(1763445800.007:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6709 comm="syz.1.1082" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b2794a6c9 code=0x7ffc0000 [ 138.204342][ T26] audit: type=1326 audit(1763445800.007:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6709 comm="syz.1.1082" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b2794a6c9 code=0x7ffc0000 [ 138.349508][ T6719] loop2: detected capacity change from 0 to 512 [ 138.370371][ T26] audit: type=1326 audit(1763445800.007:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6709 comm="syz.1.1082" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f1b2794a6c9 code=0x7ffc0000 [ 138.457465][ T6719] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 138.546284][ T6719] EXT4-fs (loop2): 1 truncate cleaned up [ 138.551985][ T6719] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 138.576088][ T26] audit: type=1326 audit(1763445800.007:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6709 comm="syz.1.1082" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b2794a6c9 code=0x7ffc0000 [ 138.708455][ T26] audit: type=1326 audit(1763445800.007:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6709 comm="syz.1.1082" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b2794a6c9 code=0x7ffc0000 [ 138.782730][ T26] audit: type=1326 audit(1763445800.007:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6709 comm="syz.1.1082" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f1b2794a6c9 code=0x7ffc0000 [ 138.889613][ T21] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 139.104077][ T1327] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 139.320368][ T21] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 139.351287][ T21] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 139.393390][ T21] usb 5-1: New USB device found, idVendor=1e7d, idProduct=30d4, bcdDevice= 0.00 [ 139.414018][ T21] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 139.435261][ T21] usb 5-1: config 0 descriptor?? [ 139.464379][ T1327] usb 2-1: config 0 has an invalid descriptor of length 134, skipping remainder of the config [ 139.485083][ T1327] usb 2-1: too many endpoints for config 0 interface 0 altsetting 209: 129, using maximum allowed: 30 [ 139.528451][ T1327] usb 2-1: config 0 interface 0 altsetting 209 has 0 endpoint descriptors, different from the interface descriptor's value: 129 [ 139.542675][ T1327] usb 2-1: config 0 interface 0 has no altsetting 0 [ 139.574964][ T1327] usb 2-1: New USB device found, idVendor=1b96, idProduct=0009, bcdDevice= 0.00 [ 139.595059][ T1327] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 139.615310][ T1327] usb 2-1: config 0 descriptor?? [ 139.910928][ T1327] usb 2-1: string descriptor 0 read error: -71 [ 139.951051][ T1327] usb 2-1: USB disconnect, device number 3 [ 141.101230][ T6774] loop3: detected capacity change from 0 to 32768 [ 141.173410][ T6774] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 scanned by syz.3.1108 (6774) [ 141.201079][ T6774] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm [ 141.210104][ T6774] BTRFS info (device loop3): using free space tree [ 141.216836][ T6774] BTRFS info (device loop3): has skinny extents [ 141.294885][ T6782] loop2: detected capacity change from 0 to 8 [ 141.414166][ T21] usbhid 5-1:0.0: can't add hid device: -71 [ 141.420197][ T21] usbhid: probe of 5-1:0.0 failed with error -71 [ 141.456035][ T21] usb 5-1: USB disconnect, device number 2 [ 141.710296][ T6774] BTRFS info (device loop3): enabling ssd optimizations [ 142.917651][ T6842] loop1: detected capacity change from 0 to 512 [ 143.056818][ T6842] EXT4-fs (loop1): Ignoring removed mblk_io_submit option [ 143.066138][ T6842] EXT4-fs (loop1): inline encryption not supported [ 143.084936][ T6842] EXT4-fs (loop1): Test dummy encryption mode enabled [ 143.115606][ T6842] EXT4-fs (loop1): Ignoring removed mblk_io_submit option [ 143.128705][ T6842] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 143.228565][ T6842] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c018, mo2=0002] [ 143.264499][ T6842] System zones: 1-12 [ 143.320772][ T6842] EXT4-fs (loop1): 1 truncate cleaned up [ 143.344881][ T6842] EXT4-fs (loop1): mounted filesystem without journal. Opts: debug,mblk_io_submit,inlinecrypt,test_dummy_encryption=v1,barrier,mblk_io_submit,nogrpid,,errors=continue. Quota mode: none. [ 143.619734][ T6875] netlink: 'syz.4.1139': attribute type 4 has an invalid length. [ 143.644119][ T6875] netlink: 17 bytes leftover after parsing attributes in process `syz.4.1139'. [ 143.724719][ T6889] loop1: detected capacity change from 0 to 256 [ 143.995365][ T4559] attempt to access beyond end of device [ 143.995365][ T4559] loop1: rw=1, want=260, limit=256 [ 144.088122][ T6903] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1149'. [ 144.128453][ T6903] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 144.137674][ T6903] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 144.146444][ T6903] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 144.155404][ T6903] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 144.216079][ T6903] netdevsim netdevsim3 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 144.225177][ T6903] netdevsim netdevsim3 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 144.234158][ T6903] netdevsim netdevsim3 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 144.243068][ T6903] netdevsim netdevsim3 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 144.424994][ T6903] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1149'. [ 144.474736][ T6903] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 144.483554][ T6903] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 144.492368][ T6903] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 144.501142][ T6903] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 144.604748][ T6903] netdevsim netdevsim3 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 144.614099][ T6903] netdevsim netdevsim3 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 144.623016][ T6903] netdevsim netdevsim3 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 144.631959][ T6903] netdevsim netdevsim3 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 144.825773][ T6903] Zero length message leads to an empty skb [ 146.987382][ T6954] tmpfs: Unknown parameter 'noswap' [ 147.884159][ T21] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 148.254487][ T21] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 148.281426][ T21] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 148.308515][ T21] usb 3-1: New USB device found, idVendor=1e7d, idProduct=30d4, bcdDevice= 0.00 [ 148.346038][ T21] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 148.388467][ T21] usb 3-1: config 0 descriptor?? [ 148.621317][ T7022] loop3: detected capacity change from 0 to 1024 [ 148.670743][ T7022] EXT4-fs (loop3): Ignoring removed mblk_io_submit option [ 148.699148][ T7027] loop0: detected capacity change from 0 to 512 [ 148.709681][ T7022] EXT4-fs (loop3): Ignoring removed oldalloc option [ 148.754200][ T7022] EXT4-fs (loop3): Ignoring removed nomblk_io_submit option [ 148.759367][ T7027] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 148.841466][ T7022] EXT4-fs (loop3): mounted filesystem without journal. Opts: mblk_io_submit,quota,resuid=0x0000000000000000,oldalloc,discard,max_dir_size_kb=0x00000000000007b1,nolazytime,nodioread_nolock,nomblk_io_submit,nodelalloc,inode_readahead_blks=0x0000000000000400,,errors=continue. Quota mode: writeback. [ 148.872891][ T7027] EXT4-fs warning (device loop0): ext4_expand_extra_isize_ea:2826: Unable to expand inode 17. Delete some EAs or run e2fsck. [ 148.921012][ T7027] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #16: comm syz.0.1206: invalid indirect mapped block 4294967295 (level 0) [ 148.936509][ T7027] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #16: comm syz.0.1206: invalid indirect mapped block 4294967295 (level 1) [ 148.983253][ T7027] EXT4-fs (loop0): 1 orphan inode deleted [ 148.989205][ T7027] EXT4-fs (loop0): 1 truncate cleaned up [ 148.995115][ T7027] EXT4-fs (loop0): mounted filesystem without journal. Opts: resgid=0x000000000000ee01,data=journal,debug_want_extra_isize=0x000000000000006e,block_validity,block_validity,quota,,errors=continue. Quota mode: writeback. [ 149.080583][ T7041] hugetlbfs: syz.1.1211 (7041): Using mlock ulimits for SHM_HUGETLB is deprecated [ 149.144140][ T21] usbhid 3-1:0.0: can't add hid device: -71 [ 149.150176][ T21] usbhid: probe of 3-1:0.0 failed with error -71 [ 149.184608][ T21] usb 3-1: USB disconnect, device number 2 [ 151.003323][ T26] kauditd_printk_skb: 22 callbacks suppressed [ 151.003337][ T26] audit: type=1326 audit(1763445813.067:122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7076 comm="syz.0.1229" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80019086c9 code=0x7ffc0000 [ 151.115239][ T26] audit: type=1326 audit(1763445813.127:123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7076 comm="syz.0.1229" exe="/root/syz-executor" sig=0 arch=c000003e syscall=7 compat=0 ip=0x7f80019086c9 code=0x7ffc0000 [ 151.234370][ T26] audit: type=1326 audit(1763445813.127:124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7076 comm="syz.0.1229" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80019086c9 code=0x7ffc0000 [ 151.351075][ T26] audit: type=1326 audit(1763445813.127:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7076 comm="syz.0.1229" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f80019086c9 code=0x7ffc0000 [ 151.460122][ T26] audit: type=1326 audit(1763445813.127:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7076 comm="syz.0.1229" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80019086c9 code=0x7ffc0000 [ 151.480023][ T7100] device syzkaller0 entered promiscuous mode [ 151.568177][ T26] audit: type=1326 audit(1763445813.127:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7076 comm="syz.0.1229" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f80019086c9 code=0x7ffc0000 [ 151.654045][ T26] audit: type=1326 audit(1763445813.127:128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7076 comm="syz.0.1229" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80019086c9 code=0x7ffc0000 [ 151.774418][ T26] audit: type=1326 audit(1763445813.137:129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7076 comm="syz.0.1229" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f80019086c9 code=0x7ffc0000 [ 151.859104][ T26] audit: type=1326 audit(1763445813.137:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7076 comm="syz.0.1229" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80019086c9 code=0x7ffc0000 [ 151.977808][ T26] audit: type=1326 audit(1763445813.137:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7076 comm="syz.0.1229" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f80019086c9 code=0x7ffc0000 [ 152.358008][ T7145] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1260'. [ 152.511236][ T7145] tipc: Started in network mode [ 152.572873][ T7145] tipc: Node identity 00000000000000000000000000000001, cluster identity 4711 [ 152.594984][ T7145] tipc: Enabled bearer , priority 10 [ 153.625478][ T1327] tipc: Node number set to 1 [ 153.674282][ T7167] netlink: 156 bytes leftover after parsing attributes in process `syz.2.1269'. [ 154.201894][ T7192] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1282'. [ 154.229979][ T7195] loop3: detected capacity change from 0 to 128 [ 154.320282][ T7195] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256 [ 154.749179][ T7211] netlink: 1004 bytes leftover after parsing attributes in process `syz.2.1290'. [ 155.322131][ T7236] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1302'. [ 155.355377][ T7236] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1302'. [ 155.390956][ T7236] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1302'. [ 155.400888][ T7236] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1302'. [ 157.939932][ T7305] x_tables: duplicate underflow at hook 1 [ 158.289390][ T7324] 9pnet: Insufficient options for proto=fd [ 158.543121][ T7338] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1349'. [ 158.880516][ T26] kauditd_printk_skb: 26 callbacks suppressed [ 158.880531][ T26] audit: type=1326 audit(2000000006.100:158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7352 comm="syz.2.1355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d5225a6c9 code=0x7ffc0000 [ 159.813311][ T26] audit: type=1326 audit(2000000006.110:159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7352 comm="syz.2.1355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d5225a6c9 code=0x7ffc0000 [ 159.854063][ T26] audit: type=1326 audit(2000000006.110:160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7352 comm="syz.2.1355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d5225a6c9 code=0x7ffc0000 [ 159.883641][ T26] audit: type=1326 audit(2000000006.110:161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7352 comm="syz.2.1355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f1d5225a6c9 code=0x7ffc0000 [ 159.919121][ T26] audit: type=1326 audit(2000000006.940:162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7352 comm="syz.2.1355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f1d5228cf85 code=0x7ffc0000 [ 160.004792][ T26] audit: type=1326 audit(2000000006.940:163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7352 comm="syz.2.1355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d5225a6c9 code=0x7ffc0000 [ 160.104089][ T26] audit: type=1326 audit(2000000006.940:164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7352 comm="syz.2.1355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d5225a6c9 code=0x7ffc0000 [ 160.142233][ T26] audit: type=1326 audit(2000000006.990:165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7352 comm="syz.2.1355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f1d5225a6c9 code=0x7ffc0000 [ 160.172122][ T26] audit: type=1326 audit(2000000006.990:166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7352 comm="syz.2.1355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f1d5225a6c9 code=0x7ffc0000 [ 161.470410][ T7424] netlink: 68 bytes leftover after parsing attributes in process `syz.3.1389'. [ 162.731691][ T7499] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1425'. [ 163.859367][ T7511] loop3: detected capacity change from 0 to 2048 [ 164.010569][ T7511] loop3: p1 < > p4 < > [ 164.082614][ T7524] netlink: 96 bytes leftover after parsing attributes in process `syz.0.1433'. [ 164.178044][ T7528] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1437'. [ 164.322064][ T4178] udevd[4178]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory [ 164.345868][ T4796] udevd[4796]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory [ 164.375104][ T7532] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1439'. [ 164.414187][ T4796] udevd[4796]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory [ 164.429446][ T4178] udevd[4178]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory [ 164.438341][ T7532] device erspan0 entered promiscuous mode [ 167.190415][ T7653] binder: 7652:7653 ioctl c018620b 0 returned -14 [ 167.415228][ T7661] netlink: 'syz.2.1501': attribute type 4 has an invalid length. [ 168.603127][ T7715] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1527'. [ 169.156181][ T7746] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1541'. [ 169.212181][ T7746] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1541'. [ 171.392513][ T7821] loop0: detected capacity change from 0 to 1024 [ 172.384973][ T7876] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1598'. [ 172.462954][ T7882] netlink: 104 bytes leftover after parsing attributes in process `syz.1.1600'. [ 173.291395][ T7948] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready [ 173.383757][ T7948] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 173.450924][ T7948] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 173.944060][ T7965] 9pnet: p9_errstr2errno: server reported unknown error 184467 [ 173.947601][ T7968] 9pnet: p9_errstr2errno: server reported unknown error [ 179.126112][ T8112] bridge0: port 2(bridge_slave_1) entered disabled state [ 179.135184][ T8112] bridge0: port 1(bridge_slave_0) entered disabled state [ 179.274415][ T8120] device bridge_slave_1 left promiscuous mode [ 179.281834][ T8120] bridge0: port 2(bridge_slave_1) entered disabled state [ 179.371891][ T8125] x_tables: ip6_tables: TCPMSS target: only valid for protocol 6 [ 179.426051][ T8120] device bridge_slave_0 left promiscuous mode [ 179.434160][ T8120] bridge0: port 1(bridge_slave_0) entered disabled state [ 179.822351][ T8145] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1704'. [ 179.876644][ T8145] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1704'. [ 179.924239][ T8145] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1704'. [ 179.979791][ T8145] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1704'. [ 181.240777][ T8207] binder: 8206:8207 ioctl c018620b 0 returned -14 [ 181.445319][ T8212] netlink: 96 bytes leftover after parsing attributes in process `syz.2.1731'. [ 181.871821][ T8224] loop4: detected capacity change from 0 to 2048 [ 181.969209][ T4178] loop4: p1 < > p4 < > [ 181.984887][ T8224] loop4: p1 < > p4 < > [ 182.922480][ T4178] udevd[4178]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory [ 182.943901][ T4796] udevd[4796]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory [ 182.970236][ T8237] netlink: 17 bytes leftover after parsing attributes in process `syz.0.1742'. [ 183.017568][ T4796] udevd[4796]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory [ 183.018431][ T4178] udevd[4178]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory [ 183.125108][ T4796] udevd[4796]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory [ 183.132710][ T4178] udevd[4178]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory [ 183.566373][ T8262] IPv6: NLM_F_CREATE should be specified when creating new route [ 184.872109][ T8310] netlink: 96 bytes leftover after parsing attributes in process `syz.4.1772'. [ 185.872789][ T8321] sctp: [Deprecated]: syz.2.1778 (pid 8321) Use of int in max_burst socket option deprecated. [ 185.872789][ T8321] Use struct sctp_assoc_value instead [ 185.994281][ T1111] Bluetooth: hci2: command 0x0406 tx timeout [ 186.000458][ T1111] Bluetooth: hci3: command 0x0406 tx timeout [ 186.026358][ T1111] Bluetooth: hci1: command 0x0406 tx timeout [ 186.044201][ T1111] Bluetooth: hci4: command 0x0406 tx timeout [ 186.060877][ T1111] Bluetooth: hci0: command 0x0406 tx timeout [ 186.158560][ T8336] sch_tbf: burst 2 is lower than device lo mtu (65550) ! [ 186.210692][ T8340] sch_tbf: burst 2 is lower than device lo mtu (65550) ! [ 186.235352][ T8340] sch_tbf: burst 2 is lower than device lo mtu (65550) ! [ 186.805824][ T8362] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1798'. [ 187.846672][ T8415] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1823'. [ 187.972197][ T8419] overlayfs: statfs failed on './file0' [ 187.996843][ T8419] overlayfs: statfs failed on './file0' [ 189.472168][ T8484] device batadv_slave_1 entered promiscuous mode [ 189.486887][ T8484] device batadv_slave_1 left promiscuous mode [ 189.829448][ T8506] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1868'. [ 192.788866][ T26] audit: type=1326 audit(2000000040.010:167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8594 comm="syz.1.1906" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1b2794a6c9 code=0x0 [ 193.326097][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #28a!!! [ 193.464059][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #280!!! [ 193.528670][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #40!!! [ 193.666073][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #40!!! [ 193.689336][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #08!!! [ 193.768244][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #140!!! [ 193.870613][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #140!!! [ 193.972908][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #140!!! [ 194.108072][ T8611] loop0: detected capacity change from 0 to 1024 [ 194.167411][ T1424] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.176785][ T1424] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.577753][ T8611] hfsplus: xattr searching failed [ 194.909608][ T8630] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1921'. [ 194.957511][ T8630] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 194.982943][ T8630] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 195.006749][ T8630] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 195.053758][ T8630] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 195.101775][ T8639] syz.4.1927 (8639): attempted to duplicate a private mapping with mremap. This is not supported. [ 195.128603][ T8640] loop1: detected capacity change from 0 to 128 [ 195.167986][ T8640] FAT-fs (loop1): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1) [ 197.327956][ T8698] netlink: 288 bytes leftover after parsing attributes in process `syz.3.1953'. [ 197.379149][ T26] audit: type=1326 audit(2000000044.600:168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8699 comm="syz.0.1954" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f80019086c9 code=0x0 [ 197.418554][ T8703] netlink: 100 bytes leftover after parsing attributes in process `syz.1.1955'. [ 197.434208][ T6882] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 197.640878][ T8712] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1958'. [ 197.678731][ T6882] usb 5-1: Using ep0 maxpacket: 32 [ 197.804296][ T6882] usb 5-1: config index 0 descriptor too short (expected 29220, got 36) [ 197.812689][ T6882] usb 5-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 197.841243][ T6882] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 197.878912][ T6882] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 197.889389][ T6882] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 197.919680][ T6882] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 197.958920][ T6882] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0 [ 197.999365][ T6882] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 198.025632][ T8726] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1966'. [ 198.043604][ T6882] usb 5-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 198.063218][ T6882] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 198.103580][ T6882] usb 5-1: config 0 descriptor?? [ 198.188920][ T8732] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1969'. [ 198.201300][ T8731] IPVS: set_ctl: invalid protocol: 255 172.20.20.187:20004 [ 198.371416][ T6882] usblp 5-1:0.0: usblp0: USB Bidirectional printer dev 3 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 198.430917][ T6882] usb 5-1: USB disconnect, device number 3 [ 198.494314][ T6882] usblp0: removed [ 199.014888][ T6882] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 199.344304][ T6882] usb 5-1: Using ep0 maxpacket: 32 [ 199.764277][ T26] audit: type=1326 audit(2000000046.960:169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8751 comm="syz.3.1979" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1946b06c9 code=0x7fc00000 [ 199.804358][ T6882] usb 5-1: config index 0 descriptor too short (expected 29220, got 36) [ 199.815512][ T6882] usb 5-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 199.859205][ T6882] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 199.892371][ T26] audit: type=1326 audit(2000000046.970:170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8751 comm="syz.3.1979" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7ff1946b06c9 code=0x7fc00000 [ 199.904125][ T6882] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 199.980477][ T26] audit: type=1326 audit(2000000046.970:171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8751 comm="syz.3.1979" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1946b06c9 code=0x7fc00000 [ 199.996048][ T6882] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 200.034574][ T6882] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 200.054340][ T6882] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0 [ 200.080662][ T26] audit: type=1326 audit(2000000046.970:172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8751 comm="syz.3.1979" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1946b06c9 code=0x7fc00000 [ 200.129269][ T6882] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 200.178895][ T26] audit: type=1326 audit(2000000046.970:173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8751 comm="syz.3.1979" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1946b06c9 code=0x7fc00000 [ 200.201487][ T6882] usb 5-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 200.201517][ T6882] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 200.221613][ T6882] usb 5-1: config 0 descriptor?? [ 200.254254][ T6882] usb 5-1: can't set config #0, error -71 [ 200.257133][ T26] audit: type=1326 audit(2000000046.970:174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8751 comm="syz.3.1979" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1946b06c9 code=0x7fc00000 [ 200.303171][ T6882] usb 5-1: USB disconnect, device number 4 [ 200.383044][ T26] audit: type=1326 audit(2000000046.970:175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8751 comm="syz.3.1979" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1946b06c9 code=0x7fc00000 [ 200.488695][ T26] audit: type=1326 audit(2000000046.970:176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8751 comm="syz.3.1979" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1946b06c9 code=0x7fc00000 [ 200.588099][ T26] audit: type=1326 audit(2000000046.970:177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8751 comm="syz.3.1979" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1946b06c9 code=0x7fc00000 [ 200.684303][ T26] audit: type=1326 audit(2000000046.970:178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8751 comm="syz.3.1979" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1946b06c9 code=0x7fc00000 [ 202.003789][ T8819] overlayfs: missing 'lowerdir' [ 202.038952][ T8821] netlink: 92 bytes leftover after parsing attributes in process `syz.4.2010'. [ 202.283258][ T8831] netlink: 'syz.3.2013': attribute type 4 has an invalid length. [ 202.302933][ T8831] netlink: 'syz.3.2013': attribute type 5 has an invalid length. [ 202.331655][ T8831] netlink: 3657 bytes leftover after parsing attributes in process `syz.3.2013'. [ 202.637434][ T8844] netlink: 44 bytes leftover after parsing attributes in process `syz.4.2020'. [ 202.687300][ T8844] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2020'. [ 202.836609][ T8858] tmpfs: Bad value for 'mpol' [ 203.106462][ T8868] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 203.242692][ T8877] xt_CT: You must specify a L4 protocol and not use inversions on it [ 203.615293][ T8893] binder: Bad value for 'stats' [ 203.947695][ T8905] loop2: detected capacity change from 0 to 1024 [ 205.776052][ T8986] fuse: Bad value for 'group_id' [ 205.803730][ T8988] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2086'. [ 205.979269][ T8996] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2091'. [ 206.416019][ T9020] xt_bpf: check failed: parse error [ 206.642581][ T9039] netlink: 200 bytes leftover after parsing attributes in process `syz.2.2110'. [ 206.980375][ T9055] netlink: 156 bytes leftover after parsing attributes in process `syz.0.2119'. [ 207.179159][ T9065] loop0: detected capacity change from 0 to 512 [ 207.292744][ T9065] EXT4-fs (loop0): Mount option "nodioread_nolock" incompatible with ext2 [ 207.646543][ T9092] loop1: detected capacity change from 0 to 128 [ 207.746206][ T9088] device geneve2 entered promiscuous mode [ 207.847511][ T9101] netlink: 92 bytes leftover after parsing attributes in process `syz.2.2139'. [ 208.149271][ T9113] loop2: detected capacity change from 0 to 512 [ 208.203117][ T9113] EXT4-fs (loop2): Mount option "nodioread_nolock" incompatible with ext2 [ 209.501848][ T9145] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 209.744946][ T9149] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 209.993473][ T9149] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 210.117867][ T26] kauditd_printk_skb: 56 callbacks suppressed [ 210.117882][ T26] audit: type=1326 audit(2000000000.830:235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9169 comm="syz.1.2171" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1b2794a6c9 code=0x0 [ 210.128907][ T9171] netlink: 100 bytes leftover after parsing attributes in process `syz.0.2173'. [ 210.193032][ T9149] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 210.330641][ T9149] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 210.493805][ T9183] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2179'. [ 210.732377][ T9149] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 210.816180][ T9149] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 210.901235][ T9149] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 210.973665][ T9149] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 212.305703][ T9267] loop4: detected capacity change from 0 to 4096 [ 212.356632][ T9273] netlink: 120 bytes leftover after parsing attributes in process `syz.1.2214'. [ 212.387938][ T9273] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2214'. [ 212.408285][ T9267] EXT4-fs (loop4): Test dummy encryption mode enabled [ 212.476030][ T9273] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2214'. [ 212.489891][ T9267] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c018, mo2=0003] [ 212.524234][ T9273] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2214'. [ 212.534900][ T9267] System zones: 0-5 [ 212.588121][ T9267] EXT4-fs (loop4): mounted filesystem without journal. Opts: debug,delalloc,journal_ioprio=0x0000000000000000,test_dummy_encryption,nodiscard,min_batch_time=0x0000000000000004,acl,debug_want_extra_isize=0x0000000000000040,,errors=continue. Quota mode: writeback. [ 214.011374][ T9323] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2233'. [ 214.412532][ T9349] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2244'. [ 214.451617][ T9349] device ip_vti0 entered promiscuous mode [ 214.476862][ T9347] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2241'. [ 214.862544][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #40!!! [ 214.992643][ T9363] device syzkaller0 entered promiscuous mode [ 216.203763][ T9397] netlink: 'syz.2.2264': attribute type 10 has an invalid length. [ 216.242524][ T9397] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2264'. [ 216.262969][ T9397] device dummy0 entered promiscuous mode [ 216.451857][ T9412] netlink: 128 bytes leftover after parsing attributes in process `syz.0.2271'. [ 216.501418][ T9412] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2271'. [ 216.529974][ T9412] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2271'. [ 216.632800][ T9418] tipc: Started in network mode [ 216.642724][ T9418] tipc: Node identity c29c8ba1cda7, cluster identity 4711 [ 216.677219][ T9418] tipc: Enabled bearer , priority 0 [ 216.784515][ T9424] device syzkaller0 entered promiscuous mode [ 216.956708][ T9417] tipc: Resetting bearer [ 217.095675][ T9417] tipc: Disabling bearer [ 217.649863][ T9481] overlayfs: missing 'lowerdir' [ 218.072958][ T26] audit: type=1326 audit(2000000008.800:236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9500 comm="syz.1.2314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b2794a6c9 code=0x7ffc0000 [ 218.183406][ T26] audit: type=1326 audit(2000000008.820:237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9500 comm="syz.1.2314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b2794a6c9 code=0x7ffc0000 [ 218.301065][ T26] audit: type=1326 audit(2000000008.820:238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9500 comm="syz.1.2314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b2794a6c9 code=0x7ffc0000 [ 218.327567][ T9515] loop4: detected capacity change from 0 to 2048 [ 218.413138][ T9515] EXT4-fs (loop4): Ignoring removed nomblk_io_submit option [ 218.442993][ T26] audit: type=1326 audit(2000000008.840:239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9500 comm="syz.1.2314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f1b2794a6c9 code=0x7ffc0000 [ 218.493277][ T9515] EXT4-fs (loop4): mounted filesystem without journal. Opts: inode_readahead_blks=0x0000000000000000,grpquota,nomblk_io_submit,stripe=0x000000000004ffff,norecovery,errors=remount-ro,max_batch_time=0x0000000000000814,. Quota mode: writeback. [ 218.612117][ T26] audit: type=1326 audit(2000000008.840:240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9500 comm="syz.1.2314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b2794a6c9 code=0x7ffc0000 [ 218.749755][ T26] audit: type=1326 audit(2000000008.840:241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9500 comm="syz.1.2314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b2794a6c9 code=0x7ffc0000 [ 218.866431][ T26] audit: type=1326 audit(2000000008.840:242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9500 comm="syz.1.2314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b2794a6c9 code=0x7ffc0000 [ 218.992184][ T26] audit: type=1326 audit(2000000008.850:243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9500 comm="syz.1.2314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7f1b2794a6c9 code=0x7ffc0000 [ 219.090392][ T26] audit: type=1326 audit(2000000008.850:244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9500 comm="syz.1.2314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b2794a6c9 code=0x7ffc0000 [ 219.202116][ T26] audit: type=1326 audit(2000000008.850:245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9500 comm="syz.1.2314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b2794a6c9 code=0x7ffc0000 [ 219.381769][ T9562] loop2: detected capacity change from 0 to 2048 [ 219.438975][ T9562] EXT4-fs (loop2): Ignoring removed nomblk_io_submit option [ 219.486903][ T9562] EXT4-fs (loop2): mounted filesystem without journal. Opts: inode_readahead_blks=0x0000000000000000,grpquota,nomblk_io_submit,stripe=0x000000000004ffff,norecovery,errors=remount-ro,max_batch_time=0x0000000000000814,. Quota mode: writeback. [ 220.042439][ T9587] netlink: 108 bytes leftover after parsing attributes in process `syz.1.2353'. [ 220.109087][ T9587] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2353'. [ 221.272254][ T9639] can: request_module (can-proto-0) failed. [ 222.052381][ T9701] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2407'. [ 223.156924][ T9769] fuse: Bad value for 'group_id' [ 223.215205][ T9771] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2441'. [ 225.714650][ T9861] netlink: 132 bytes leftover after parsing attributes in process `syz.2.2481'. [ 225.760764][ T9864] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 225.818360][ T9865] netlink: 44 bytes leftover after parsing attributes in process `syz.0.2482'. [ 226.622231][ T9930] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 226.905623][ T9939] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2515'. [ 229.472614][T10059] netlink: 'syz.3.2570': attribute type 4 has an invalid length. [ 229.510361][T10059] netlink: 'syz.3.2570': attribute type 5 has an invalid length. [ 229.554873][T10059] netlink: 'syz.3.2570': attribute type 1 has an invalid length. [ 231.138348][T10136] netlink: 'syz.2.2607': attribute type 16 has an invalid length. [ 231.163637][T10136] netlink: 64138 bytes leftover after parsing attributes in process `syz.2.2607'. [ 232.850243][T10191] netlink: 'syz.0.2633': attribute type 15 has an invalid length. [ 232.889865][T10191] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2633'. [ 232.999498][T10194] syz.2.2634 (10194) used greatest stack depth: 18048 bytes left [ 233.093130][T10202] unsupported nla_type 35 [ 233.149493][T10192] loop4: detected capacity change from 0 to 8192 [ 233.947042][T10246] netlink: 140 bytes leftover after parsing attributes in process `syz.4.2659'. [ 234.008852][T10227] loop0: detected capacity change from 0 to 8192 [ 234.089158][ T4178] loop0: p1 p2 [ 234.092727][ T4178] loop0: partition table partially beyond EOD, truncated [ 234.128637][ T4178] loop0: p1 start 16777216 is beyond EOD, truncated [ 234.146291][ T4178] loop0: p2 size 515840 extends beyond EOD, truncated [ 234.178454][T10227] loop0: p1 p2 [ 234.182685][T10227] loop0: partition table partially beyond EOD, truncated [ 234.228916][T10227] loop0: p1 start 16777216 is beyond EOD, truncated [ 234.270544][T10227] loop0: p2 size 515840 extends beyond EOD, truncated [ 234.282791][T10256] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2664'. [ 234.501595][T10269] netlink: 224 bytes leftover after parsing attributes in process `syz.4.2670'. [ 234.756015][ T4178] udevd[4178]: inotify_add_watch(7, /dev/loop0p2, 10) failed: No such file or directory [ 234.837100][ T4178] udevd[4178]: inotify_add_watch(7, /dev/loop0p2, 10) failed: No such file or directory [ 234.850127][T10286] lo speed is unknown, defaulting to 1000 [ 234.877877][T10286] lo speed is unknown, defaulting to 1000 [ 234.955039][T10286] lo speed is unknown, defaulting to 1000 [ 234.987141][T10286] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 235.025169][T10286] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98 [ 235.228850][T10286] lo speed is unknown, defaulting to 1000 [ 235.314231][T10286] lo speed is unknown, defaulting to 1000 [ 235.332630][T10286] lo speed is unknown, defaulting to 1000 [ 235.370738][T10286] lo speed is unknown, defaulting to 1000 [ 235.406320][T10286] lo speed is unknown, defaulting to 1000 [ 235.429392][T10286] lo speed is unknown, defaulting to 1000 [ 235.724256][T10310] TCP: TCP_TX_DELAY enabled [ 235.890132][T10318] trusted_key: encrypted_key: keyword 'new0default' not recognized [ 235.997553][T10321] netlink: 64 bytes leftover after parsing attributes in process `syz.3.2693'. [ 239.452330][T10420] netlink: 72 bytes leftover after parsing attributes in process `syz.1.2740'. [ 239.495982][ T26] kauditd_printk_skb: 10 callbacks suppressed [ 239.495998][ T26] audit: type=1326 audit(2000000012.640:256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10421 comm="syz.4.2741" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f323e77a6c9 code=0x7ffc0000 [ 239.550457][T10424] netlink: 'syz.0.2742': attribute type 6 has an invalid length. [ 239.610042][ T26] audit: type=1326 audit(2000000012.640:257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10421 comm="syz.4.2741" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f323e77a6c9 code=0x7ffc0000 [ 239.764138][ T26] audit: type=1326 audit(2000000012.640:258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10421 comm="syz.4.2741" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f323e77a6c9 code=0x7ffc0000 [ 240.060117][T10449] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2755'. [ 240.198673][T10459] netlink: 44 bytes leftover after parsing attributes in process `syz.0.2759'. [ 240.216954][T10459] netlink: 59 bytes leftover after parsing attributes in process `syz.0.2759'. [ 240.263257][T10459] netlink: 59 bytes leftover after parsing attributes in process `syz.0.2759'. [ 240.373462][ T26] audit: type=1326 audit(2000000013.510:259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10467 comm="syz.1.2764" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1b2794a6c9 code=0x0 [ 240.875154][T10496] netlink: 100 bytes leftover after parsing attributes in process `syz.1.2777'. [ 242.078715][T10573] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2813'. [ 242.237255][T10580] xt_bpf: check failed: parse error [ 242.518232][T10592] loop0: detected capacity change from 0 to 512 [ 242.584287][T10592] EXT4-fs (loop0): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 242.695638][T10592] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_nolock,nodiscard,quota,,errors=continue. Quota mode: writeback. [ 242.810095][T10592] ext4 filesystem being mounted at /577/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 243.010985][T10592] EXT4-fs error (device loop0): ext4_do_update_inode:5218: inode #2: comm syz.0.2822: corrupted inode contents [ 243.135442][T10592] EXT4-fs error (device loop0): ext4_dirty_inode:6054: inode #2: comm syz.0.2822: mark_inode_dirty error [ 243.211065][T10592] EXT4-fs error (device loop0): ext4_do_update_inode:5218: inode #2: comm syz.0.2822: corrupted inode contents [ 243.271054][T10592] EXT4-fs error (device loop0): __ext4_ext_dirty:183: inode #2: comm syz.0.2822: mark_inode_dirty error [ 244.995726][T10677] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2858'. [ 245.310359][T10694] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2866'. [ 245.555051][T10710] futex_wake_op: syz.3.2873 tries to shift op by 32; fix this program [ 245.577549][T10709] loop4: detected capacity change from 0 to 512 [ 245.588627][T10694] team0 (unregistering): Port device team_slave_0 removed [ 245.613651][T10709] EXT4-fs (loop4): Ignoring removed mblk_io_submit option [ 245.629974][T10709] EXT4-fs (loop4): inline encryption not supported [ 245.659866][T10694] team0 (unregistering): Port device team_slave_1 removed [ 245.670100][T10709] EXT4-fs (loop4): Test dummy encryption mode enabled [ 245.686101][T10709] EXT4-fs (loop4): Ignoring removed mblk_io_submit option [ 245.708858][T10709] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 245.849154][T10709] EXT4-fs (loop4): 1 truncate cleaned up [ 245.872917][T10709] EXT4-fs (loop4): mounted filesystem without journal. Opts: errors=remount-ro,mblk_io_submit,inlinecrypt,test_dummy_encryption=v1,barrier,mblk_io_submit,nogrpid,. Quota mode: none. [ 246.661602][T10776] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2905'. [ 246.899912][T10795] x_tables: duplicate underflow at hook 2 [ 247.247010][T10820] x_tables: duplicate underflow at hook 1 [ 247.265704][ T26] audit: type=1326 audit(2000000020.410:260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10817 comm="syz.2.2927" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d5225a6c9 code=0x7ffc0000 [ 247.337125][T10823] netlink: 100 bytes leftover after parsing attributes in process `syz.3.2929'. [ 247.394150][ T26] audit: type=1326 audit(2000000020.410:261): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10817 comm="syz.2.2927" exe="/root/syz-executor" sig=0 arch=c000003e syscall=35 compat=0 ip=0x7f1d5225a6c9 code=0x7ffc0000 [ 247.503687][ T26] audit: type=1326 audit(2000000020.410:262): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10817 comm="syz.2.2927" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d5225a6c9 code=0x7ffc0000 [ 247.649971][ T26] audit: type=1326 audit(2000000020.410:263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10817 comm="syz.2.2927" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d5225a6c9 code=0x7ffc0000 [ 248.273486][T10886] netlink: 92 bytes leftover after parsing attributes in process `syz.4.2957'. [ 250.517735][T10918] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2971'. [ 250.687919][T10924] futex_wake_op: syz.0.2973 tries to shift op by 32; fix this program [ 251.283938][ C0] sched: RT throttling activated [ 251.411527][T10918] team0 (unregistering): Port device team_slave_0 removed [ 251.501695][T10918] team0 (unregistering): Port device team_slave_1 removed [ 251.712203][T10940] bridge0: port 1(bridge_slave_0) entered disabled state [ 251.722570][T10947] overlayfs: overlapping lowerdir path [ 251.745353][T10940] bridge0: port 2(bridge_slave_1) entered disabled state [ 251.793573][T10941] netlink: 'syz.3.2981': attribute type 16 has an invalid length. [ 251.802843][T10941] netlink: 'syz.3.2981': attribute type 17 has an invalid length. [ 251.868079][T10941] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 251.887024][T10941] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 251.921449][T10941] bridge0: port 1(bridge_slave_0) entered blocking state [ 251.928892][T10941] bridge0: port 1(bridge_slave_0) entered forwarding state [ 251.948158][T10941] bridge0: port 2(bridge_slave_1) entered blocking state [ 251.955486][T10941] bridge0: port 2(bridge_slave_1) entered forwarding state [ 252.575891][T10987] tmpfs: Unknown parameter 'noswap' [ 253.238487][T11035] loop2: detected capacity change from 0 to 1024 [ 253.369344][T11035] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 253.397355][T11035] ext4 filesystem being mounted at /592/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 253.417463][T11035] EXT4-fs error (device loop2): ext4_lookup:1858: inode #15: comm syz.2.3023: inode has both inline data and extents flags [ 253.559988][T11060] netlink: 'syz.4.3037': attribute type 1 has an invalid length. [ 253.601718][T11060] netlink: 'syz.4.3037': attribute type 2 has an invalid length. [ 253.706053][T11068] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3038'. [ 253.743766][T11068] netlink: 116 bytes leftover after parsing attributes in process `syz.2.3038'. [ 254.104147][ T1111] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 255.142404][T11105] loop2: detected capacity change from 0 to 131072 [ 255.196497][T11105] F2FS-fs (loop2): Wrong CP boundary, start(512) end(1536) blocks(0) [ 255.205158][T11105] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 255.241328][T11105] F2FS-fs (loop2): invalid crc value [ 255.300516][T11105] F2FS-fs (loop2): Found nat_bits in checkpoint [ 255.386817][T11105] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 255.394382][T11105] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4 [ 255.417182][ T1111] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 255.446439][ T1111] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 255.459750][ T1111] usb 1-1: config 1 has no interface number 0 [ 255.466294][ T1111] usb 1-1: config 1 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 255.658632][ T1424] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.665171][ T1424] ieee802154 phy1 wpan1: encryption failed: -22 [ 256.007416][ T1111] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 257.218142][ T26] audit: type=1800 audit(2000000030.230:264): pid=11146 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.3058" name="bus" dev="loop2" ino=10 res=0 errno=0 [ 257.412692][ T1111] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 257.420839][ T1111] usb 1-1: Product: syz [ 257.425088][ T1111] usb 1-1: Manufacturer: syz [ 257.430118][ T1111] usb 1-1: SerialNumber: syz [ 257.464120][ T1111] usb 1-1: can't set config #1, error -71 [ 257.495131][ T1111] usb 1-1: USB disconnect, device number 3 [ 258.937307][T11173] netlink: 80 bytes leftover after parsing attributes in process `syz.3.3086'. [ 260.575863][T11228] netlink: 256 bytes leftover after parsing attributes in process `syz.2.3076'. [ 261.746932][T11243] netlink: 'syz.4.3118': attribute type 6 has an invalid length. [ 262.003847][T11250] lo speed is unknown, defaulting to 1000 [ 262.081240][T11256] netlink: 156 bytes leftover after parsing attributes in process `syz.3.3124'. [ 262.482367][T11271] loop4: detected capacity change from 0 to 256 [ 263.494821][T11281] netlink: 140 bytes leftover after parsing attributes in process `syz.0.3133'. [ 264.521048][ T26] audit: type=1326 audit(2000000037.660:265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11336 comm="syz.3.3161" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff1946b06c9 code=0x0 [ 266.169427][T11390] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3182'. [ 267.196694][T11430] netlink: 'syz.0.3203': attribute type 4 has an invalid length. [ 267.492965][ T26] audit: type=1326 audit(2000000040.630:266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11443 comm="syz.0.3209" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f80019086c9 code=0x0 [ 267.723240][T11441] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3207'. [ 268.147258][ T26] audit: type=1326 audit(2000000041.290:267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11470 comm="syz.4.3223" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f323e77a6c9 code=0x0 [ 268.715500][T11485] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3228'. [ 268.950555][ T26] audit: type=1326 audit(2000000042.090:268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11508 comm="syz.0.3242" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f80019086c9 code=0x0 [ 269.312217][T11515] gfs2: gfs2 mount does not exist [ 270.437116][T11531] loop2: detected capacity change from 0 to 256 [ 271.982057][T11535] netlink: 'syz.1.3247': attribute type 4 has an invalid length. [ 272.008683][T11536] loop4: detected capacity change from 0 to 512 [ 272.365401][T11536] EXT4-fs (loop4): orphan cleanup on readonly fs [ 272.403481][T11536] Quota error (device loop4): do_check_range: Getting dqdh_prev_free 1536 out of range 0-5 [ 272.550470][T11536] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota [ 272.738053][T11536] EXT4-fs error (device loop4): ext4_acquire_dquot:6209: comm syz.4.3248: Failed to acquire dquot type 1 [ 272.785186][T11536] EXT4-fs (loop4): 1 truncate cleaned up [ 272.802315][T11536] EXT4-fs (loop4): mounted filesystem without journal. Opts: grpid,resuid=0x0000000000000000,nodelalloc,dioread_nolock,quota,,errors=continue. Quota mode: writeback. [ 272.892072][T11560] gfs2: gfs2 mount does not exist [ 273.273544][T11551] lo speed is unknown, defaulting to 1000 [ 273.616611][ T26] audit: type=1326 audit(2000000046.760:269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11557 comm="syz.2.3257" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1d5225a6c9 code=0x0 [ 275.889532][T11627] netlink: 68 bytes leftover after parsing attributes in process `syz.3.3287'. [ 275.897123][T11628] netlink: 16 bytes leftover after parsing attributes in process `syz.4.3288'. [ 275.909192][ T26] audit: type=1326 audit(2000000049.050:270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11615 comm="syz.0.3284" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80019086c9 code=0x7fc00000 [ 277.392181][T11652] loop0: detected capacity change from 0 to 512 [ 277.612727][T11652] EXT4-fs (loop0): mounted filesystem without journal. Opts: max_dir_size_kb=0x0000000000001000,nodiscard,quota,,errors=continue. Quota mode: writeback. [ 277.740799][ T26] audit: type=1326 audit(2000000050.880:271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11672 comm="syz.4.3308" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f323e77a6c9 code=0x7ffc0000 [ 277.769592][T11652] ext4 filesystem being mounted at /656/file0/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 277.862640][ T26] audit: type=1326 audit(2000000050.900:272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11672 comm="syz.4.3308" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f323e77a6c9 code=0x7ffc0000 [ 277.889068][T11652] EXT4-fs error (device loop0): ext4_do_update_inode:5218: inode #2: comm syz.0.3300: corrupted inode contents [ 277.966267][T11652] EXT4-fs error (device loop0): ext4_dirty_inode:6054: inode #2: comm syz.0.3300: mark_inode_dirty error [ 277.983420][ T26] audit: type=1326 audit(2000000050.900:273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11672 comm="syz.4.3308" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f323e77a6c9 code=0x7ffc0000 [ 278.050006][T11652] EXT4-fs error (device loop0): ext4_do_update_inode:5218: inode #2: comm syz.0.3300: corrupted inode contents [ 278.137980][ T26] audit: type=1326 audit(2000000050.910:274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11672 comm="syz.4.3308" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f323e77a6c9 code=0x7ffc0000 [ 278.139081][T11652] EXT4-fs error (device loop0): __ext4_ext_dirty:183: inode #2: comm syz.0.3300: mark_inode_dirty error [ 278.297580][ T26] audit: type=1326 audit(2000000050.910:275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11672 comm="syz.4.3308" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f323e77a6c9 code=0x7ffc0000 [ 278.463870][ T26] audit: type=1326 audit(2000000050.910:276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11672 comm="syz.4.3308" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f323e77a6c9 code=0x7ffc0000 [ 278.481544][T11697] loop1: detected capacity change from 0 to 2048 [ 278.603826][ T26] audit: type=1326 audit(2000000050.910:277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11672 comm="syz.4.3308" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f323e77a6c9 code=0x7ffc0000 [ 278.687300][T11697] Alternate GPT is invalid, using primary GPT. [ 278.706790][T11697] loop1: p2 p3 p7 [ 278.714779][ T26] audit: type=1326 audit(2000000050.910:278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11672 comm="syz.4.3308" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f323e77a6c9 code=0x7ffc0000 [ 278.856299][ T26] audit: type=1326 audit(2000000050.910:279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11672 comm="syz.4.3308" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f323e77a6c9 code=0x7ffc0000 [ 278.956798][ T26] audit: type=1326 audit(2000000050.910:280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11672 comm="syz.4.3308" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7f323e77a6c9 code=0x7ffc0000 [ 279.742957][ T4988] udevd[4988]: inotify_add_watch(7, /dev/loop1p7, 10) failed: No such file or directory [ 279.761328][ T4796] udevd[4796]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory [ 279.774543][ T4178] udevd[4178]: inotify_add_watch(7, /dev/loop1p2, 10) failed: No such file or directory [ 279.803698][T11759] netlink: 'syz.3.3347': attribute type 3 has an invalid length. [ 279.842335][T11759] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3347'. [ 280.607974][T11796] lo speed is unknown, defaulting to 1000 [ 281.346874][T11825] loop4: detected capacity change from 0 to 2048 [ 281.456339][T11825] Alternate GPT is invalid, using primary GPT. [ 281.479511][T11834] netlink: 9 bytes leftover after parsing attributes in process `syz.1.3382'. [ 281.498973][T11825] loop4: p2 p3 p7 [ 281.683965][T11844] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 281.895722][ T4176] udevd[4176]: inotify_add_watch(7, /dev/loop4p3, 10) failed: No such file or directory [ 281.962976][ T4988] udevd[4988]: inotify_add_watch(7, /dev/loop4p2, 10) failed: No such file or directory [ 281.975022][ T4700] udevd[4700]: inotify_add_watch(7, /dev/loop4p7, 10) failed: No such file or directory [ 284.053439][T11926] IPv6: A: Disabled Multicast RS [ 284.308367][T11938] lo speed is unknown, defaulting to 1000 [ 285.208986][T11985] loop2: detected capacity change from 0 to 164 [ 285.558502][T12004] loop2: detected capacity change from 0 to 2048 [ 285.654789][T12012] tmpfs: Unknown parameter 'noswap' [ 285.838339][ T3563] Alternate GPT is invalid, using primary GPT. [ 285.844737][ T3563] loop2: p2 p3 p7 [ 285.863006][ T26] kauditd_printk_skb: 15 callbacks suppressed [ 285.863021][ T26] audit: type=1326 audit(2000000059.000:296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12015 comm="syz.1.3464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b2794a6c9 code=0x7ffc0000 [ 285.890196][ T3563] Alternate GPT is invalid, using primary GPT. [ 286.025270][ T3563] loop2: p2 p3 p7 [ 286.750463][ T26] audit: type=1326 audit(2000000059.040:297): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12015 comm="syz.1.3464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f1b2794a6c9 code=0x7ffc0000 [ 286.773132][ T26] audit: type=1326 audit(2000000059.040:298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12015 comm="syz.1.3464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b2794a6c9 code=0x7ffc0000 [ 286.795926][ T26] audit: type=1326 audit(2000000059.050:299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12015 comm="syz.1.3464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f1b2794a6c9 code=0x7ffc0000 [ 286.832270][ T26] audit: type=1326 audit(2000000059.050:300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12015 comm="syz.1.3464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b2794a6c9 code=0x7ffc0000 [ 286.863943][T12004] Alternate GPT is invalid, using primary GPT. [ 286.907494][T12004] loop2: p2 p3 p7 [ 286.911289][ T26] audit: type=1326 audit(2000000059.050:301): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12015 comm="syz.1.3464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f1b2794a6c9 code=0x7ffc0000 [ 286.911336][ T26] audit: type=1326 audit(2000000059.050:302): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12015 comm="syz.1.3464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b2794a6c9 code=0x7ffc0000 [ 286.987360][ T26] audit: type=1326 audit(2000000059.050:303): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12015 comm="syz.1.3464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f1b2794a6c9 code=0x7ffc0000 [ 287.011133][ T26] audit: type=1326 audit(2000000059.290:304): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12015 comm="syz.1.3464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b2794a6c9 code=0x7ffc0000 [ 287.099052][ T26] audit: type=1326 audit(2000000059.340:305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12015 comm="syz.1.3464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b2794a6c9 code=0x7ffc0000 [ 287.316264][T12041] lo speed is unknown, defaulting to 1000 [ 288.127889][T12080] tmpfs: Unknown parameter 'noswap' [ 289.637330][T12113] netlink: 32 bytes leftover after parsing attributes in process `syz.2.3506'. [ 289.676905][ T4176] udevd[4176]: inotify_add_watch(7, /dev/loop2p7, 10) failed: No such file or directory [ 289.699379][ T6788] udevd[6788]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory [ 289.748352][ T4178] udevd[4178]: inotify_add_watch(7, /dev/loop2p2, 10) failed: No such file or directory [ 290.083048][ T4178] udevd[4178]: inotify_add_watch(7, /dev/loop2p2, 10) failed: No such file or directory [ 290.083198][ T4796] udevd[4796]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory [ 290.117592][ T4988] udevd[4988]: inotify_add_watch(7, /dev/loop2p7, 10) failed: No such file or directory [ 290.336705][ T6788] udevd[6788]: inotify_add_watch(7, /dev/loop2p7, 10) failed: No such file or directory [ 290.349993][ T4988] udevd[4988]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory [ 290.368151][ T4178] udevd[4178]: inotify_add_watch(7, /dev/loop2p2, 10) failed: No such file or directory [ 293.680832][T12211] netlink: 20 bytes leftover after parsing attributes in process `syz.1.3545'. [ 294.191179][T12224] netlink: 'syz.0.3552': attribute type 4 has an invalid length. [ 294.234751][T12224] netlink: 'syz.0.3552': attribute type 5 has an invalid length. [ 294.300628][T12224] netlink: 3657 bytes leftover after parsing attributes in process `syz.0.3552'. [ 295.897839][T12253] netlink: 32 bytes leftover after parsing attributes in process `syz.1.3564'. [ 297.206505][T12324] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3597'. [ 297.733403][T12335] netlink: 'syz.2.3604': attribute type 2 has an invalid length. [ 297.773699][T12335] netlink: 1 bytes leftover after parsing attributes in process `syz.2.3604'. [ 297.869848][T12339] netlink: 68 bytes leftover after parsing attributes in process `syz.0.3606'. [ 298.423835][ T4197] Bluetooth: hci1: Received unexpected HCI Event 00000000 [ 298.898491][T12397] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3633'. [ 299.023414][T12405] netlink: 756 bytes leftover after parsing attributes in process `syz.3.3637'. [ 299.674086][ T1111] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 299.929316][T12437] xt_policy: output policy not valid in PREROUTING and INPUT [ 300.124338][ T1111] usb 3-1: unable to get BOS descriptor or descriptor too short [ 300.267943][ T1111] usb 3-1: unable to read config index 0 descriptor/start: -71 [ 300.415614][ T1111] usb 3-1: can't read configurations, error -71 [ 300.822119][T12443] overlayfs: unrecognized mount option "verity=require:/" or missing value [ 300.957044][T12450] netlink: 52 bytes leftover after parsing attributes in process `syz.0.3656'. [ 301.159748][T12462] loop2: detected capacity change from 0 to 512 [ 301.258362][T12462] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a803c02c, mo2=0002] [ 301.310171][T12462] System zones: 1-12 [ 301.401433][T12462] EXT4-fs error (device loop2): ext4_xattr_inode_iget:409: comm syz.2.3661: error while reading EA inode 32 err=-116 [ 301.499757][T12462] EXT4-fs (loop2): Remounting filesystem read-only [ 301.585467][T12462] EXT4-fs error (device loop2): ext4_xattr_inode_iget:409: comm syz.2.3661: error while reading EA inode 32 err=-116 [ 301.658114][T12462] EXT4-fs (loop2): Remounting filesystem read-only [ 301.691215][T12462] EXT4-fs (loop2): 1 orphan inode deleted [ 301.743285][T12462] EXT4-fs (loop2): mounted filesystem without journal. Opts: errors=remount-ro,debug,debug_want_extra_isize=0x000000000000005e,noauto_da_alloc,bsddf,jqfmt=vfsv1,grpid,. Quota mode: none. [ 302.811763][T12541] loop2: detected capacity change from 0 to 512 [ 303.914198][ T23] Bluetooth: hci4: command 0x0405 tx timeout [ 304.021500][T12623] device ip_vti0 left promiscuous mode [ 304.769600][T12662] xt_policy: output policy not valid in PREROUTING and INPUT [ 305.676939][T12668] loop0: detected capacity change from 0 to 128 [ 306.340500][T12709] netlink: 132 bytes leftover after parsing attributes in process `syz.1.3776'. [ 306.853522][T12745] netlink: 132 bytes leftover after parsing attributes in process `syz.3.3792'. [ 307.295545][T12764] trusted_key: encrypted_key: master key parameter 'd' is invalid [ 307.683210][T12787] netlink: 172 bytes leftover after parsing attributes in process `syz.3.3812'. [ 307.713064][T12787] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3812'. [ 307.747129][T12787] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3812'. [ 310.215505][T12861] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3843'. [ 310.964635][T12907] 9pnet: Insufficient options for proto=fd [ 311.287172][T12917] lo speed is unknown, defaulting to 1000 [ 311.429196][T12931] netlink: 104 bytes leftover after parsing attributes in process `syz.0.3877'. [ 311.480468][T12933] netlink: 44 bytes leftover after parsing attributes in process `syz.3.3878'. [ 312.572215][T12984] A link change request failed with some changes committed already. Interface ip_vti0 may have been left with an inconsistent configuration, please check. [ 316.034908][T13083] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3942'. [ 316.103908][T13085] serio: Serial port ptm0 [ 317.035476][ T1424] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.041857][ T1424] ieee802154 phy1 wpan1: encryption failed: -22 [ 317.906103][T13149] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3972'. [ 317.945718][T13149] tipc: Enabling of bearer rejected, failed to enable media [ 319.791856][T13191] device batadv_slave_1 entered promiscuous mode [ 319.813997][T13189] device batadv_slave_1 left promiscuous mode [ 321.300095][T13270] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4031'. [ 321.352276][T13271] binder: Unknown parameter 'defcontext' [ 321.806114][T13296] loop4: detected capacity change from 0 to 1024 [ 321.887696][T13296] EXT4-fs (loop4): Ignoring removed oldalloc option [ 321.969423][T13296] EXT4-fs (loop4): mounted filesystem without journal. Opts: nodelalloc,auto_da_alloc=0x00000000000000e6,oldalloc,barrier,auto_da_alloc,nodioread_nolock,,errors=continue. Quota mode: none. [ 322.079948][T13296] ext4 filesystem being mounted at /816/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 322.224779][T13316] binder: Unknown parameter 's' [ 322.354194][T13327] netlink: 44 bytes leftover after parsing attributes in process `syz.1.4056'. [ 323.535642][T13347] overlayfs: failed to resolve '/g'': -2 [ 324.455603][T13401] netlink: 9 bytes leftover after parsing attributes in process `syz.4.4089'. [ 324.461334][T13403] loop2: detected capacity change from 0 to 1024 [ 326.360331][T13469] lo speed is unknown, defaulting to 1000 [ 326.538795][T13480] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4125'. [ 326.622133][T13480] netlink: 16 bytes leftover after parsing attributes in process `syz.3.4125'. [ 326.689447][T13480] netlink: 16 bytes leftover after parsing attributes in process `syz.3.4125'. [ 327.520293][T13510] device syzkaller0 entered promiscuous mode [ 327.570366][T13510] netlink: 44 bytes leftover after parsing attributes in process `syz.3.4140'. [ 329.090498][T13548] lo speed is unknown, defaulting to 1000 [ 329.141023][T13549] 9pnet: Could not find request transport: f [ 330.468758][T13606] overlayfs: missing 'lowerdir' [ 330.786631][T13622] netlink: 836 bytes leftover after parsing attributes in process `syz.1.4190'. [ 331.114769][ T26] audit: type=1326 audit(2000000104.261:306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13637 comm="syz.4.4199" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f323e771567 code=0x7ffc0000 [ 331.262142][ T26] audit: type=1326 audit(2000000104.261:307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13637 comm="syz.4.4199" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f323e716789 code=0x7ffc0000 [ 331.445121][ T26] audit: type=1326 audit(2000000104.261:308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13637 comm="syz.4.4199" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f323e77a6c9 code=0x7ffc0000 [ 331.536504][T13662] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4209'. [ 331.615454][ T26] audit: type=1326 audit(2000000104.261:309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13637 comm="syz.4.4199" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f323e771567 code=0x7ffc0000 [ 331.749224][T13668] netlink: 'syz.3.4213': attribute type 3 has an invalid length. [ 331.777298][ T26] audit: type=1326 audit(2000000104.261:310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13637 comm="syz.4.4199" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f323e716789 code=0x7ffc0000 [ 331.944740][ T26] audit: type=1326 audit(2000000104.261:311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13637 comm="syz.4.4199" exe="/root/syz-executor" sig=0 arch=c000003e syscall=71 compat=0 ip=0x7f323e77a6c9 code=0x7ffc0000 [ 332.045097][T13679] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4218'. [ 332.122728][ T26] audit: type=1326 audit(2000000104.261:312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13637 comm="syz.4.4199" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f323e77a6c9 code=0x7ffc0000 [ 332.289308][ T26] audit: type=1326 audit(2000000104.261:313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13637 comm="syz.4.4199" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7f323e77a6c9 code=0x7ffc0000 [ 332.520178][ T26] audit: type=1326 audit(2000000104.261:314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13637 comm="syz.4.4199" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f323e77a6c9 code=0x7ffc0000 [ 332.740043][ T26] audit: type=1326 audit(2000000104.261:315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13637 comm="syz.4.4199" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f323e771567 code=0x7ffc0000 [ 335.637838][T13781] lo speed is unknown, defaulting to 1000 [ 336.184834][T13786] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4266'. [ 339.676108][T13849] netlink: 44 bytes leftover after parsing attributes in process `syz.0.4297'. [ 339.784752][T13850] loop3: detected capacity change from 0 to 1024 [ 339.982075][T13850] EXT4-fs (loop3): Ignoring removed oldalloc option [ 340.114465][T13850] EXT4-fs (loop3): mounted filesystem without journal. Opts: nodelalloc,auto_da_alloc=0x00000000000000e6,oldalloc,barrier,auto_da_alloc,nodioread_nolock,,errors=continue. Quota mode: none. [ 340.134323][T13850] ext4 filesystem being mounted at /877/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 340.157727][T13850] EXT4-fs (loop3): re-mounted. Opts: (null). Quota mode: none. [ 340.463823][T13876] netlink: 140 bytes leftover after parsing attributes in process `syz.0.4306'. [ 340.909345][T13900] A link change request failed with some changes committed already. Interface ip6_vti0 may have been left with an inconsistent configuration, please check. [ 341.826021][ T26] kauditd_printk_skb: 35 callbacks suppressed [ 341.826036][ T26] audit: type=1326 audit(2000000114.972:351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13936 comm="syz.1.4334" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1b2794a6c9 code=0x0 [ 342.240607][T13955] loop1: detected capacity change from 0 to 1024 [ 342.333845][T13955] EXT4-fs (loop1): Ignoring removed nobh option [ 342.375487][T13955] EXT4-fs (loop1): Ignoring removed bh option [ 342.402343][T13955] EXT4-fs (loop1): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 342.518928][T13955] EXT4-fs (loop1): mounted filesystem without journal. Opts: resuid=0x0000000000000000,data_err=abort,barrier=0x0000000000000001,dioread_nolock,grpjquota=,quota,data_err=ignore,grpquota,nobh,user_xattr,bh,minixdf,,errors=continue. Quota mode: writeback. [ 342.862034][ T7] usb 5-1: new full-speed USB device number 5 using dummy_hcd [ 343.232215][ T7] usb 5-1: config 0 has an invalid interface number: 133 but max is 0 [ 343.259471][ T7] usb 5-1: config 0 has no interface number 0 [ 343.482114][ T7] usb 5-1: New USB device found, idVendor=06cd, idProduct=0121, bcdDevice=dd.3d [ 343.491260][ T7] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 343.530658][ T7] usb 5-1: Product: syz [ 343.570977][ T7] usb 5-1: Manufacturer: syz [ 343.611790][ T7] usb 5-1: SerialNumber: syz [ 343.635754][ T7] usb 5-1: config 0 descriptor?? [ 344.913603][ T7] keyspan 5-1:0.133: Keyspan 1 port adapter converter detected [ 344.924833][ T7] keyspan 5-1:0.133: found no endpoint descriptor for endpoint 81 [ 344.934723][ T7] keyspan 5-1:0.133: found no endpoint descriptor for endpoint 1 [ 344.942665][ T7] keyspan 5-1:0.133: found no endpoint descriptor for endpoint 2 [ 344.958391][ T7] usb 5-1: Keyspan 1 port adapter converter now attached to ttyUSB0 [ 344.981251][ T7] usb 5-1: USB disconnect, device number 5 [ 345.003161][ T7] keyspan_1 ttyUSB0: Keyspan 1 port adapter converter now disconnected from ttyUSB0 [ 345.015097][ T7] keyspan 5-1:0.133: device disconnected [ 345.547925][T14045] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 345.576619][T14045] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 345.778648][T14059] netlink: 68 bytes leftover after parsing attributes in process `syz.0.4394'. [ 345.909134][T14064] netlink: 136 bytes leftover after parsing attributes in process `syz.2.4397'. [ 346.075018][T14073] loop0: detected capacity change from 0 to 1024 [ 346.137553][ T26] audit: type=1326 audit(2000000119.282:352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14065 comm="syz.4.4380" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f323e77a6c9 code=0x0 [ 346.177364][T14073] EXT4-fs (loop0): Ignoring removed oldalloc option [ 346.237387][T14073] EXT4-fs (loop0): mounted filesystem without journal. Opts: nodelalloc,auto_da_alloc=0x00000000000000e6,oldalloc,barrier,auto_da_alloc,nodioread_nolock,,errors=continue. Quota mode: none. [ 346.311802][T14073] ext4 filesystem being mounted at /912/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 346.420672][T14073] EXT4-fs (loop0): re-mounted. Opts: (null). Quota mode: none. [ 347.693011][T14113] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4417'. [ 347.713126][T14113] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4417'. [ 347.964735][T14126] loop0: detected capacity change from 0 to 512 [ 348.032744][T14126] EXT4-fs (loop0): Ignoring removed mblk_io_submit option [ 348.065726][T14126] EXT4-fs (loop0): Ignoring removed oldalloc option [ 348.102801][T14126] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended [ 348.197230][T14126] EXT4-fs (loop0): failed to initialize system zone (-117) [ 348.216233][T14126] EXT4-fs (loop0): mount failed [ 348.228954][ T26] audit: type=1326 audit(2000000121.372:353): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14140 comm="syz.2.4429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d5225a6c9 code=0x7ffc0000 [ 348.270831][ T26] audit: type=1326 audit(2000000121.402:354): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14140 comm="syz.2.4429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f1d5225a6c9 code=0x7ffc0000 [ 348.346101][ T26] audit: type=1326 audit(2000000121.402:355): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14140 comm="syz.2.4429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d5225a6c9 code=0x7ffc0000 [ 348.405286][ T26] audit: type=1326 audit(2000000121.432:356): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14140 comm="syz.2.4429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f1d5225a6c9 code=0x7ffc0000 [ 348.464977][ T26] audit: type=1326 audit(2000000121.432:357): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14140 comm="syz.2.4429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d5225a6c9 code=0x7ffc0000 [ 348.501045][ T26] audit: type=1326 audit(2000000121.442:358): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14140 comm="syz.2.4429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f1d5225a6c9 code=0x7ffc0000 [ 348.534844][ T26] audit: type=1326 audit(2000000121.442:359): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14140 comm="syz.2.4429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d5225a6c9 code=0x7ffc0000 [ 348.578402][ T26] audit: type=1326 audit(2000000121.442:360): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14140 comm="syz.2.4429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f1d5225a6c9 code=0x7ffc0000 [ 348.608114][ T26] audit: type=1326 audit(2000000121.442:361): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14140 comm="syz.2.4429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d5225a6c9 code=0x7ffc0000 [ 348.648158][ T26] audit: type=1326 audit(2000000121.442:362): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14140 comm="syz.2.4429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f1d5225a6c9 code=0x7ffc0000 [ 352.580605][T14275] netlink: 20 bytes leftover after parsing attributes in process `syz.0.4488'. [ 354.656536][T14349] netlink: 104 bytes leftover after parsing attributes in process `syz.3.4522'. [ 355.285710][T14383] netlink: 'syz.1.4537': attribute type 1 has an invalid length. [ 355.422354][T14392] netlink: 100 bytes leftover after parsing attributes in process `syz.1.4541'. [ 356.814541][T14474] tmpfs: Unknown parameter 'no' [ 357.206889][T14501] ptrace attach of "./syz-executor exec"[14504] was attempted by "./syz-executor exec"[14501] [ 357.821213][T14538] netlink: 48 bytes leftover after parsing attributes in process `syz.2.4609'. [ 357.985905][T14542] lo speed is unknown, defaulting to 1000 [ 359.346756][T14602] 9pnet_virtio: no channels available for device [ 359.465149][T14608] trusted_key: encrypted_key: insufficient parameters specified [ 360.433663][T14656] loop0: detected capacity change from 0 to 128 [ 360.526700][T14656] FAT-fs (loop0): bogus number of FAT sectors [ 360.533305][T14656] FAT-fs (loop0): Can't find a valid FAT filesystem [ 361.616039][T14692] overlayfs: failed to resolve './file2': -2 [ 361.894899][T14700] netlink: 132 bytes leftover after parsing attributes in process `syz.1.4685'. [ 363.105640][T14740] overlayfs: failed to resolve './file2': -2 [ 363.105831][T14741] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4701'. [ 363.430324][T14763] uffd: Set unprivileged_userfaultfd sysctl knob to 1 if kernel faults must be handled without obtaining CAP_SYS_PTRACE capability [ 363.552350][T14768] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4712'. [ 365.183073][T14811] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4731'. [ 365.308215][T14816] netlink: 16 bytes leftover after parsing attributes in process `syz.2.4739'. [ 366.832203][T14857] netlink: 76 bytes leftover after parsing attributes in process `syz.3.4751'. [ 366.848545][T14857] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4751'. [ 366.867946][T14857] netlink: 40 bytes leftover after parsing attributes in process `syz.3.4751'. [ 366.881498][T14857] netlink: 40 bytes leftover after parsing attributes in process `syz.3.4751'. [ 367.418654][T14883] netlink: 24 bytes leftover after parsing attributes in process `syz.0.4761'. [ 368.505820][T14905] lo speed is unknown, defaulting to 1000 [ 369.597196][T14950] lo speed is unknown, defaulting to 1000 [ 369.899316][T14962] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4796'. [ 369.929092][T14962] device bridge_slave_1 left promiscuous mode [ 369.967171][T14962] bridge0: port 2(bridge_slave_1) entered disabled state [ 369.999037][T14962] device bridge_slave_0 left promiscuous mode [ 370.015763][T14962] bridge0: port 1(bridge_slave_0) entered disabled state [ 372.025627][ T26] kauditd_printk_skb: 21 callbacks suppressed [ 372.025643][ T26] audit: type=1326 audit(2000000145.173:384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15006 comm="syz.1.4816" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b2794a6c9 code=0x7ffc0000 [ 372.190428][ T26] audit: type=1326 audit(2000000145.233:385): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15006 comm="syz.1.4816" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f1b2794a6c9 code=0x7ffc0000 [ 372.339517][ T26] audit: type=1326 audit(2000000145.233:386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15006 comm="syz.1.4816" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b2794a6c9 code=0x7ffc0000 [ 372.449420][ T26] audit: type=1326 audit(2000000145.233:387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15006 comm="syz.1.4816" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b2794a6c9 code=0x7ffc0000 [ 372.548405][ T26] audit: type=1326 audit(2000000145.233:388): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15006 comm="syz.1.4816" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f1b27948f10 code=0x7ffc0000 [ 372.575964][T15038] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4831'. [ 372.644444][ T26] audit: type=1326 audit(2000000145.233:389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15006 comm="syz.1.4816" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f1b27948f10 code=0x7ffc0000 [ 372.734424][ T26] audit: type=1326 audit(2000000145.233:390): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15006 comm="syz.1.4816" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b2794a6c9 code=0x7ffc0000 [ 372.767751][ T26] audit: type=1326 audit(2000000145.233:391): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15006 comm="syz.1.4816" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b2794a6c9 code=0x7ffc0000 [ 372.781575][T15047] loop0: detected capacity change from 0 to 512 [ 372.833462][ T26] audit: type=1326 audit(2000000145.233:392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15006 comm="syz.1.4816" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f1b2794a6c9 code=0x7ffc0000 [ 372.917400][ T26] audit: type=1326 audit(2000000145.233:393): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15006 comm="syz.1.4816" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b2794a6c9 code=0x7ffc0000 [ 373.006374][T15047] EXT4-fs (loop0): mounted filesystem without journal. Opts: max_dir_size_kb=0x0000000000001000,nodiscard,quota,,errors=continue. Quota mode: writeback. [ 373.087550][T15047] ext4 filesystem being mounted at /1007/file0/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 373.137438][T15047] EXT4-fs error (device loop0): ext4_do_update_inode:5218: inode #2: comm syz.0.4834: corrupted inode contents [ 373.190491][T15047] EXT4-fs error (device loop0): ext4_dirty_inode:6054: inode #2: comm syz.0.4834: mark_inode_dirty error [ 373.269713][T15047] EXT4-fs error (device loop0): ext4_do_update_inode:5218: inode #2: comm syz.0.4834: corrupted inode contents [ 373.330585][T15047] EXT4-fs error (device loop0): __ext4_ext_dirty:183: inode #2: comm syz.0.4834: mark_inode_dirty error [ 374.090218][ T6882] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 374.340096][ T6882] usb 2-1: Using ep0 maxpacket: 16 [ 374.462050][ T6882] usb 2-1: config 0 has an invalid interface number: 41 but max is 0 [ 374.480153][ T6882] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 374.500827][ T6882] usb 2-1: config 0 has no interface number 0 [ 374.507015][ T6882] usb 2-1: config 0 interface 41 altsetting 2 has an invalid endpoint with address 0x0, skipping [ 374.538112][ T6882] usb 2-1: config 0 interface 41 altsetting 2 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 374.564328][ T6882] usb 2-1: config 0 interface 41 has no altsetting 0 [ 374.756936][ T6882] usb 2-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=d1.9a [ 374.799087][ T6882] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 374.826872][ T6882] usb 2-1: Product: syz [ 374.844011][ T6882] usb 2-1: Manufacturer: syz [ 374.848780][ T6882] usb 2-1: SerialNumber: syz [ 374.897240][ T6882] usb 2-1: config 0 descriptor?? [ 374.953924][ T6882] CoreChips: probe of 2-1:0.41 failed with error -22 [ 375.187081][ T4248] usb 2-1: USB disconnect, device number 4 [ 375.950046][ T6882] usb 5-1: new full-speed USB device number 6 using dummy_hcd [ 376.745682][T15148] netlink: 132 bytes leftover after parsing attributes in process `syz.1.4888'. [ 377.060157][ T6882] usb 5-1: config 0 has an invalid interface number: 133 but max is 0 [ 377.089200][ T6882] usb 5-1: config 0 has no interface number 0 [ 377.310036][ T6882] usb 5-1: New USB device found, idVendor=06cd, idProduct=0121, bcdDevice=dd.3d [ 377.319147][ T6882] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 377.381675][ T6882] usb 5-1: Product: syz [ 377.402769][ T6882] usb 5-1: Manufacturer: syz [ 377.437934][ T6882] usb 5-1: SerialNumber: syz [ 377.469922][ T6882] usb 5-1: config 0 descriptor?? [ 377.601359][T15183] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4896'. [ 377.918697][ T6882] keyspan 5-1:0.133: Keyspan 1 port adapter converter detected [ 377.946578][ T6882] keyspan 5-1:0.133: found no endpoint descriptor for endpoint 81 [ 377.964337][ T6882] keyspan 5-1:0.133: found no endpoint descriptor for endpoint 1 [ 378.621526][ T1424] ieee802154 phy0 wpan0: encryption failed: -22 [ 378.627932][ T1424] ieee802154 phy1 wpan1: encryption failed: -22 [ 378.725764][ T6882] keyspan 5-1:0.133: found no endpoint descriptor for endpoint 2 [ 378.745574][ T6882] usb 5-1: Keyspan 1 port adapter converter now attached to ttyUSB0 [ 378.756069][ T6882] usb 5-1: USB disconnect, device number 6 [ 378.805060][ T6882] keyspan_1 ttyUSB0: Keyspan 1 port adapter converter now disconnected from ttyUSB0 [ 378.835132][ T6882] keyspan 5-1:0.133: device disconnected [ 379.282144][T15227] netem: change failed [ 379.891007][T15238] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 382.564094][T15342] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4964'. [ 382.597218][T15342] netlink: 16 bytes leftover after parsing attributes in process `syz.2.4964'. [ 383.013761][T15361] lo speed is unknown, defaulting to 1000 [ 385.070569][T15442] netlink: 45 bytes leftover after parsing attributes in process `syz.0.5010'. [ 385.137711][T15440] loop2: detected capacity change from 0 to 2048 [ 385.335456][T15440] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 385.870228][T15470] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5019'. [ 386.162587][T15484] loop0: detected capacity change from 0 to 1024 [ 388.277912][T15531] lo speed is unknown, defaulting to 1000 [ 389.074373][T15556] syz.3.5062[15556] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 389.074807][T15556] syz.3.5062[15556] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 389.124068][T15556] netlink: 96 bytes leftover after parsing attributes in process `syz.3.5062'. [ 390.427188][T15578] x_tables: ip_tables: TCPMSS target: only valid for protocol 6 [ 390.969800][T15597] overlayfs: missing 'lowerdir' [ 391.024288][T15601] netlink: 20 bytes leftover after parsing attributes in process `syz.1.5084'. [ 392.498559][T15635] lo speed is unknown, defaulting to 1000 [ 393.973548][ T4248] usb 4-1: new full-speed USB device number 2 using dummy_hcd [ 394.389149][ T4248] usb 4-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0x0, skipping [ 394.416214][ T4248] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 394.449717][ T4248] usb 4-1: New USB device found, idVendor=172f, idProduct=0037, bcdDevice= 0.00 [ 394.482061][ T4248] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 394.516099][ T4248] usb 4-1: config 0 descriptor?? [ 394.566157][ T4248] usbhid 4-1:0.0: couldn't find an input interrupt endpoint [ 394.797343][ T4248] usb 4-1: USB disconnect, device number 2 [ 396.461373][T15758] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5149'. [ 396.668224][ T26] kauditd_printk_skb: 25 callbacks suppressed [ 396.668241][ T26] audit: type=1326 audit(2000000169.815:419): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15766 comm="syz.0.5157" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f80019086c9 code=0x0 [ 397.386926][T15795] loop2: detected capacity change from 0 to 256 [ 401.879826][T15930] fuse: Bad value for 'fd' [ 402.289895][T15953] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5244'. [ 402.676670][T15973] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5255'. [ 403.959165][T16039] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5286'. [ 405.147968][T16102] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5317'. [ 405.177547][T16102] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5317'. [ 405.489354][T16117] netlink: 44 bytes leftover after parsing attributes in process `syz.1.5323'. [ 405.518375][T16117] netlink: 59 bytes leftover after parsing attributes in process `syz.1.5323'. [ 405.539650][T16117] netlink: 59 bytes leftover after parsing attributes in process `syz.1.5323'. [ 405.685750][ T26] audit: type=1326 audit(2000000178.835:420): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16121 comm="syz.1.5326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b2794a6c9 code=0x7ffc0000 [ 405.813713][ T26] audit: type=1326 audit(2000000178.865:421): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16121 comm="syz.1.5326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b2794a6c9 code=0x7ffc0000 [ 406.022931][ T26] audit: type=1326 audit(2000000178.875:422): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16121 comm="syz.1.5326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f1b2794a6c9 code=0x7ffc0000 [ 406.202993][ T26] audit: type=1326 audit(2000000178.875:423): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16121 comm="syz.1.5326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b2794a6c9 code=0x7ffc0000 [ 407.018074][ T26] audit: type=1326 audit(2000000178.875:424): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16121 comm="syz.1.5326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b2794a6c9 code=0x7ffc0000 [ 407.090764][T16144] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5335'. [ 407.167799][ T26] audit: type=1326 audit(2000000178.875:425): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16121 comm="syz.1.5326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f1b2794a6c9 code=0x7ffc0000 [ 407.225435][ T6882] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 407.264466][ T6882] hid-generic 0000:0000:0000.0001: hidraw0: HID v0.00 Device [syz1] on syz0 [ 407.320775][ T26] audit: type=1326 audit(2000000178.875:426): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16121 comm="syz.1.5326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b2794a6c9 code=0x7ffc0000 [ 407.411481][ T26] audit: type=1326 audit(2000000178.875:427): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16121 comm="syz.1.5326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b2794a6c9 code=0x7ffc0000 [ 407.542061][ T26] audit: type=1326 audit(2000000178.875:428): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16121 comm="syz.1.5326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f1b2794a6c9 code=0x7ffc0000 [ 407.631028][T16163] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5344'. [ 407.655519][T16163] netlink: 24 bytes leftover after parsing attributes in process `syz.2.5344'. [ 407.667984][ T26] audit: type=1326 audit(2000000178.875:429): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16121 comm="syz.1.5326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b2794a6c9 code=0x7ffc0000 [ 408.167331][T16195] overlayfs: overlapping lowerdir path [ 408.180740][T16138] loop4: detected capacity change from 0 to 1024 [ 408.456562][T16138] EXT4-fs (loop4): Quota format mount options ignored when QUOTA feature is enabled [ 408.475916][T16138] EXT4-fs (loop4): Ignoring removed nomblk_io_submit option [ 408.485698][T16138] EXT4-fs (loop4): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 408.654593][T16138] EXT4-fs (loop4): mounted filesystem without journal. Opts: nodioread_nolock,nolazytime,abort,errors=continue,dioread_nolock,jqfmt=vfsv0,nomblk_io_submit,nobarrier,,errors=continue. Quota mode: writeback. [ 409.002316][T16242] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5378'. [ 409.287539][T16255] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5383'. [ 409.310550][T16255] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5383'. [ 409.869458][T16288] netlink: 12 bytes leftover after parsing attributes in process `syz.3.5401'. [ 410.479609][T16324] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(8) [ 410.486868][T16324] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 410.507115][T16324] vhci_hcd vhci_hcd.0: Device attached [ 410.552704][T16325] vhci_hcd: connection closed [ 410.556697][ T4867] vhci_hcd: stop threads [ 410.602951][ T4867] vhci_hcd: release socket [ 410.614306][ T4867] vhci_hcd: disconnect device [ 411.963858][T16396] netlink: 44 bytes leftover after parsing attributes in process `syz.3.5451'. [ 411.985906][T16396] netlink: 12 bytes leftover after parsing attributes in process `syz.3.5451'. [ 411.995673][T16396] netlink: 16 bytes leftover after parsing attributes in process `syz.3.5451'. [ 412.017607][T16396] netlink: 16 bytes leftover after parsing attributes in process `syz.3.5451'. [ 412.046149][T16398] loop0: detected capacity change from 0 to 512 [ 412.140500][T16398] EXT4-fs (loop0): Ignoring removed nomblk_io_submit option [ 412.176750][T16398] EXT4-fs (loop0): Ignoring removed nomblk_io_submit option [ 412.210761][T16398] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a816c099, mo2=0002] [ 412.241046][T16398] System zones: 1-12 [ 412.321211][T16398] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: comm syz.0.5452: inode #1: comm syz.0.5452: iget: illegal inode # [ 412.395807][T16398] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz.0.5452: error while reading EA inode 1 err=-117 [ 412.463412][T16398] EXT4-fs (loop0): 1 orphan inode deleted [ 412.476570][T16398] EXT4-fs (loop0): mounted filesystem without journal. Opts: nodioread_nolock,usrjquota=,usrjquota=,journal_dev=0x0000000000000dcd,resgid=0x0000000000000000,minixdf,debug,grpquota,nombcache,minixdf,nomblk_io_submit,nomblk_io_submit,i_version,,errors=continue. Quota mode: writeback. [ 414.101528][T16439] loop0: detected capacity change from 0 to 2048 [ 414.274495][T16439] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 414.881581][T16486] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5490'. [ 415.148873][T16491] netlink: 20 bytes leftover after parsing attributes in process `syz.3.5488'. [ 416.420531][T16528] netlink: 44 bytes leftover after parsing attributes in process `syz.0.5506'. [ 416.444398][T16528] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5506'. [ 416.472515][T16528] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5506'. [ 416.492278][T16528] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5506'. [ 416.625712][ T26] kauditd_printk_skb: 38 callbacks suppressed [ 416.625729][ T26] audit: type=1326 audit(2000000189.776:468): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16533 comm="syz.0.5510" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f80019086c9 code=0x0 [ 416.884542][T16548] netlink: 'syz.3.5514': attribute type 13 has an invalid length. [ 416.908016][T16548] IPv6: ADDRCONF(NETDEV_CHANGE): syz_tun: link becomes ready [ 416.930018][T16548] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 417.070620][T16549] netlink: 28 bytes leftover after parsing attributes in process `syz.0.5515'. [ 417.286056][T16566] 9pnet: Insufficient options for proto=fd [ 418.400782][T16630] loop1: detected capacity change from 0 to 8192 [ 418.443080][T16632] netlink: 172 bytes leftover after parsing attributes in process `syz.4.5554'. [ 418.453499][T16632] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5554'. [ 418.463097][T16632] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5554'. [ 422.196250][ T26] audit: type=1326 audit(2000000195.346:469): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16704 comm="syz.3.5584" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1946b06c9 code=0x7ffc0000 [ 422.263145][ T26] audit: type=1326 audit(2000000195.346:470): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16704 comm="syz.3.5584" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1946b06c9 code=0x7ffc0000 [ 422.387102][ T26] audit: type=1326 audit(2000000195.386:471): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16704 comm="syz.3.5584" exe="/root/syz-executor" sig=0 arch=c000003e syscall=74 compat=0 ip=0x7ff1946b06c9 code=0x7ffc0000 [ 422.412521][ T26] audit: type=1326 audit(2000000195.386:472): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16704 comm="syz.3.5584" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1946b06c9 code=0x7ffc0000 [ 422.477831][ T26] audit: type=1326 audit(2000000195.386:473): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16704 comm="syz.3.5584" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1946b06c9 code=0x7ffc0000 [ 425.384109][T16820] ieee802154 phy0 wpan0: encryption failed: -22 [ 425.496565][T16828] netlink: 'syz.1.5642': attribute type 1 has an invalid length. [ 425.608825][T16832] bond1: (slave ip6gretap0): Enslaving as a backup interface with an up link [ 425.718015][T16834] device veth3 entered promiscuous mode [ 425.730351][T16834] bond1: (slave veth3): Enslaving as a backup interface with a down link [ 425.867405][T16838] __nla_validate_parse: 1 callbacks suppressed [ 425.867424][T16838] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5644'. [ 425.906561][T16842] overlayfs: overlapping lowerdir path [ 425.918763][T16838] netlink: 24 bytes leftover after parsing attributes in process `syz.3.5644'. [ 425.952194][T16843] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5645'. [ 427.529173][T16906] xt_TPROXY: Can be used only with -p tcp or -p udp [ 429.522025][T16960] loop4: detected capacity change from 0 to 512 [ 429.713729][T16960] EXT4-fs (loop4): mounted filesystem without journal. Opts: nojournal_checksum,grpquota,,errors=continue. Quota mode: writeback. [ 429.761015][T16960] ext4 filesystem being mounted at /922/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 429.790720][T16960] [ 429.793128][T16960] ====================================================== [ 429.800170][T16960] WARNING: possible circular locking dependency detected [ 429.807217][T16960] syzkaller #0 Not tainted [ 429.811652][T16960] ------------------------------------------------------ [ 429.818691][T16960] syz.4.5697/16960 is trying to acquire lock: [ 429.824865][T16960] ffff888061dee268 (&dquot->dq_lock){+.+.}-{3:3}, at: dquot_commit+0x5a/0x410 [ 429.833794][T16960] [ 429.833794][T16960] but task is already holding lock: [ 429.841183][T16960] ffff888061e44840 (&ei->i_data_sem/2){++++}-{3:3}, at: ext4_map_blocks+0x8b2/0x1b30 [ 429.850708][T16960] [ 429.850708][T16960] which lock already depends on the new lock. [ 429.850708][T16960] [ 429.861122][T16960] [ 429.861122][T16960] the existing dependency chain (in reverse order) is: [ 429.870146][T16960] [ 429.870146][T16960] -> #2 (&ei->i_data_sem/2){++++}-{3:3}: [ 429.877976][T16960] down_read+0x44/0x2e0 [ 429.882668][T16960] ext4_map_blocks+0x32f/0x1b30 [ 429.888066][T16960] ext4_getblk+0x16d/0x630 [ 429.893010][T16960] ext4_bread+0x26/0x180 [ 429.897775][T16960] ext4_quota_write+0x230/0x570 [ 429.903152][T16960] get_free_dqblk+0x387/0x7d0 [ 429.908355][T16960] do_insert_tree+0x214/0x1970 [ 429.913645][T16960] do_insert_tree+0x5b1/0x1970 [ 429.918936][T16960] do_insert_tree+0x5b1/0x1970 [ 429.924223][T16960] do_insert_tree+0x5b1/0x1970 [ 429.929512][T16960] qtree_write_dquot+0x361/0x4b0 [ 429.934973][T16960] v2_write_dquot+0x108/0x190 [ 429.940175][T16960] dquot_acquire+0x2d5/0x520 [ 429.945286][T16960] ext4_acquire_dquot+0x2d9/0x4a0 [ 429.950833][T16960] dqget+0x778/0xeb0 [ 429.955248][T16960] __dquot_initialize+0x3b6/0xcb0 [ 429.960955][T16960] ext4_process_orphan+0x54/0x300 [ 429.966526][T16960] ext4_orphan_cleanup+0xaa9/0x12e0 [ 429.972251][T16960] ext4_fill_super+0x92f0/0x9a60 [ 429.977717][T16960] mount_bdev+0x287/0x3c0 [ 429.982573][T16960] legacy_get_tree+0xe6/0x180 [ 429.987781][T16960] vfs_get_tree+0x88/0x270 [ 429.992729][T16960] do_new_mount+0x24a/0xa40 [ 429.997759][T16960] __se_sys_mount+0x2d6/0x3c0 [ 430.002966][T16960] do_syscall_64+0x4c/0xa0 [ 430.007913][T16960] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 430.014331][T16960] [ 430.014331][T16960] -> #1 (&s->s_dquot.dqio_sem){++++}-{3:3}: [ 430.022564][T16960] down_read+0x44/0x2e0 [ 430.027260][T16960] v2_read_dquot+0x4a/0x110 [ 430.032296][T16960] dquot_acquire+0x152/0x520 [ 430.037420][T16960] ext4_acquire_dquot+0x2d9/0x4a0 [ 430.042970][T16960] dqget+0x778/0xeb0 [ 430.047386][T16960] __dquot_initialize+0x3b6/0xcb0 [ 430.052934][T16960] ext4_process_orphan+0x54/0x300 [ 430.058477][T16960] ext4_orphan_cleanup+0xaa9/0x12e0 [ 430.064199][T16960] ext4_fill_super+0x92f0/0x9a60 [ 430.069681][T16960] mount_bdev+0x287/0x3c0 [ 430.074534][T16960] legacy_get_tree+0xe6/0x180 [ 430.079875][T16960] vfs_get_tree+0x88/0x270 [ 430.084832][T16960] do_new_mount+0x24a/0xa40 [ 430.089867][T16960] __se_sys_mount+0x2d6/0x3c0 [ 430.095067][T16960] do_syscall_64+0x4c/0xa0 [ 430.100006][T16960] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 430.106424][T16960] [ 430.106424][T16960] -> #0 (&dquot->dq_lock){+.+.}-{3:3}: [ 430.114068][T16960] __lock_acquire+0x2c33/0x7c60 [ 430.119471][T16960] lock_acquire+0x197/0x3f0 [ 430.124507][T16960] __mutex_lock_common+0x1eb/0x2390 [ 430.130395][T16960] mutex_lock_nested+0x17/0x20 [ 430.135707][T16960] dquot_commit+0x5a/0x410 [ 430.140657][T16960] ext4_write_dquot+0x1f0/0x360 [ 430.146043][T16960] mark_all_dquot_dirty+0x1e3/0x400 [ 430.151773][T16960] __dquot_alloc_space+0x5d0/0xe20 [ 430.157413][T16960] ext4_mb_new_blocks+0xf68/0x4940 [ 430.163137][T16960] ext4_ext_map_blocks+0x191a/0x6650 [ 430.168943][T16960] ext4_map_blocks+0x981/0x1b30 [ 430.174313][T16960] _ext4_get_block+0x1d7/0x4e0 [ 430.179697][T16960] ext4_block_write_begin+0x60f/0x1210 [ 430.185682][T16960] ext4_write_begin+0x6c2/0x15c0 [ 430.191145][T16960] generic_perform_write+0x2aa/0x530 [ 430.196969][T16960] ext4_buffered_write_iter+0x25f/0x3b0 [ 430.203052][T16960] ext4_file_write_iter+0x773/0x17b0 [ 430.208866][T16960] vfs_write+0x712/0xd00 [ 430.213645][T16960] __x64_sys_pwrite64+0x194/0x220 [ 430.219190][T16960] do_syscall_64+0x4c/0xa0 [ 430.224130][T16960] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 430.230547][T16960] [ 430.230547][T16960] other info that might help us debug this: [ 430.230547][T16960] [ 430.240769][T16960] Chain exists of: [ 430.240769][T16960] &dquot->dq_lock --> &s->s_dquot.dqio_sem --> &ei->i_data_sem/2 [ 430.240769][T16960] [ 430.254422][T16960] Possible unsafe locking scenario: [ 430.254422][T16960] [ 430.261877][T16960] CPU0 CPU1 [ 430.267240][T16960] ---- ---- [ 430.272599][T16960] lock(&ei->i_data_sem/2); [ 430.277194][T16960] lock(&s->s_dquot.dqio_sem); [ 430.284583][T16960] lock(&ei->i_data_sem/2); [ 430.291696][T16960] lock(&dquot->dq_lock); [ 430.296200][T16960] [ 430.296200][T16960] *** DEADLOCK *** [ 430.296200][T16960] [ 430.304342][T16960] 4 locks held by syz.4.5697/16960: [ 430.309534][T16960] #0: ffff88802aaae460 (sb_writers#5){.+.+}-{0:0}, at: vfs_write+0x28a/0xd00 [ 430.318417][T16960] #1: ffff888061e449b8 (&sb->s_type->i_mutex_key#9){++++}-{3:3}, at: ext4_buffered_write_iter+0xa6/0x3b0 [ 430.329734][T16960] #2: ffff888061e44840 (&ei->i_data_sem/2){++++}-{3:3}, at: ext4_map_blocks+0x8b2/0x1b30 [ 430.339674][T16960] #3: ffffffff8c23f118 (dquot_srcu){....}-{0:0}, at: rcu_lock_acquire+0x5/0x30 [ 430.348747][T16960] [ 430.348747][T16960] stack backtrace: [ 430.354632][T16960] CPU: 0 PID: 16960 Comm: syz.4.5697 Not tainted syzkaller #0 [ 430.362087][T16960] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 430.372149][T16960] Call Trace: [ 430.375427][T16960] [ 430.378358][T16960] dump_stack_lvl+0x168/0x230 [ 430.383038][T16960] ? load_image+0x3b0/0x3b0 [ 430.387545][T16960] ? show_regs_print_info+0x20/0x20 [ 430.392751][T16960] ? print_circular_bug+0x12b/0x1a0 [ 430.397952][T16960] check_noncircular+0x274/0x310 [ 430.402889][T16960] ? add_chain_block+0x940/0x940 [ 430.407827][T16960] ? lockdep_lock+0xdc/0x1e0 [ 430.412423][T16960] ? mark_lock+0x94/0x320 [ 430.416755][T16960] ? mark_lock+0x94/0x320 [ 430.421099][T16960] ? mark_lock+0x94/0x320 [ 430.425431][T16960] __lock_acquire+0x2c33/0x7c60 [ 430.430292][T16960] ? hlock_conflict+0x59/0x1f0 [ 430.435063][T16960] ? check_noncircular+0x16f/0x310 [ 430.440180][T16960] ? add_chain_block+0x940/0x940 [ 430.445116][T16960] ? lockdep_lock+0xdc/0x1e0 [ 430.449710][T16960] ? verify_lock_unused+0x140/0x140 [ 430.454911][T16960] ? lockdep_unlock+0x134/0x2d0 [ 430.459759][T16960] ? lockdep_lock+0x1e0/0x1e0 [ 430.464441][T16960] ? check_noncircular+0x16f/0x310 [ 430.469561][T16960] ? mark_lock+0x94/0x320 [ 430.473896][T16960] ? __lock_acquire+0x289d/0x7c60 [ 430.478938][T16960] lock_acquire+0x197/0x3f0 [ 430.483473][T16960] ? dquot_commit+0x5a/0x410 [ 430.488073][T16960] ? __might_sleep+0xf0/0xf0 [ 430.492667][T16960] ? read_lock_is_recursive+0x10/0x10 [ 430.498045][T16960] ? dquot_commit+0x5a/0x410 [ 430.502636][T16960] __mutex_lock_common+0x1eb/0x2390 [ 430.507840][T16960] ? dquot_commit+0x5a/0x410 [ 430.512435][T16960] ? __might_sleep+0xf0/0xf0 [ 430.517029][T16960] ? mutex_lock_io_nested+0x60/0x60 [ 430.522242][T16960] mutex_lock_nested+0x17/0x20 [ 430.527007][T16960] dquot_commit+0x5a/0x410 [ 430.531431][T16960] ? __ext4_journal_start_sb+0x1bd/0x360 [ 430.537067][T16960] ext4_write_dquot+0x1f0/0x360 [ 430.541941][T16960] mark_all_dquot_dirty+0x1e3/0x400 [ 430.547145][T16960] __dquot_alloc_space+0x5d0/0xe20 [ 430.552269][T16960] ext4_mb_new_blocks+0xf68/0x4940 [ 430.557380][T16960] ? _raw_write_unlock+0x36/0x40 [ 430.562340][T16960] ? ext4_mb_pa_callback+0xd0/0xd0 [ 430.567455][T16960] ? ext4_ext_check_overlap+0x31c/0x560 [ 430.573091][T16960] ? ext4_ext_find_goal+0xed/0x1d0 [ 430.578201][T16960] ext4_ext_map_blocks+0x191a/0x6650 [ 430.583503][T16960] ? ext4_ext_release+0x10/0x10 [ 430.588366][T16960] ? rwsem_write_trylock+0x12f/0x1b0 [ 430.593662][T16960] ext4_map_blocks+0x981/0x1b30 [ 430.598517][T16960] ? ext4_issue_zeroout+0x250/0x250 [ 430.603725][T16960] _ext4_get_block+0x1d7/0x4e0 [ 430.608498][T16960] ? ext4_get_block+0x40/0x40 [ 430.613182][T16960] ext4_block_write_begin+0x60f/0x1210 [ 430.618647][T16960] ? ext4_es_is_delayed+0x40/0x40 [ 430.623672][T16960] ? ext4_print_free_blocks+0x390/0x390 [ 430.629219][T16960] ? __ext4_journal_start_sb+0x1bd/0x360 [ 430.634859][T16960] ext4_write_begin+0x6c2/0x15c0 [ 430.639805][T16960] ? __ext4_mark_inode_dirty+0x4d5/0x700 [ 430.645532][T16960] ? ext4_readahead+0x110/0x110 [ 430.650388][T16960] generic_perform_write+0x2aa/0x530 [ 430.655702][T16960] ? grab_cache_page_write_begin+0xa0/0xa0 [ 430.661516][T16960] ? ext4_write_checks+0x24b/0x2c0 [ 430.666809][T16960] ext4_buffered_write_iter+0x25f/0x3b0 [ 430.672361][T16960] ext4_file_write_iter+0x773/0x17b0 [ 430.677657][T16960] ? ext4_file_read_iter+0x700/0x700 [ 430.682944][T16960] ? end_current_label_crit_section+0x14b/0x170 [ 430.689221][T16960] ? memset+0x1e/0x40 [ 430.693208][T16960] ? iov_iter_init+0xb4/0x170 [ 430.697906][T16960] vfs_write+0x712/0xd00 [ 430.702148][T16960] ? file_end_write+0x250/0x250 [ 430.706998][T16960] ? __fget_files+0x40f/0x480 [ 430.711678][T16960] ? __fdget+0x18b/0x210 [ 430.715920][T16960] ? __x64_sys_pwrite64+0xec/0x220 [ 430.721031][T16960] __x64_sys_pwrite64+0x194/0x220 [ 430.726071][T16960] ? ksys_pwrite64+0x1c0/0x1c0 [ 430.730854][T16960] ? lockdep_hardirqs_on+0x94/0x140 [ 430.736072][T16960] do_syscall_64+0x4c/0xa0 [ 430.740502][T16960] ? clear_bhb_loop+0x30/0x80 [ 430.745183][T16960] ? clear_bhb_loop+0x30/0x80 [ 430.749865][T16960] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 430.755772][T16960] RIP: 0033:0x7f323e77a6c9 [ 430.760189][T16960] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 430.779795][T16960] RSP: 002b:00007f323c9e1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000012 [ 430.788215][T16960] RAX: ffffffffffffffda RBX: 00007f323e9d0fa0 RCX: 00007f323e77a6c9 [ 430.796193][T16960] RDX: 0000000000000001 RSI: 0000200000000100 RDI: 0000000000000008 [ 430.804164][T16960] RBP: 00007f323e7fcf91 R08: 0000000000000000 R09: 0000000000000000 [ 430.812137][T16960] R10: 0000000008080c63 R11: 0000000000000246 R12: 0000000000000000 [ 430.820106][T16960] R13: 00007f323e9d1038 R14: 00007f323e9d0fa0 R15: 00007ffe2dc55d78 [ 430.828087][T16960] [ 431.053069][T16935] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 431.081709][T16935] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 431.153547][T16935] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 431.162648][T16935] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 431.172973][T16935] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 431.183737][T16935] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0