last executing test programs: 55.087984938s ago: executing program 1 (id=1197): r0 = syz_open_dev$usbfs(&(0x7f0000000240), 0xb, 0x101301) r1 = socket$l2tp(0x2, 0x2, 0x73) r2 = memfd_create(0x0, 0x0) write$binfmt_script(r2, &(0x7f00000001c0)={'#! ', './file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0'}, 0x1002) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r3 = getpid() sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) execveat(r2, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000) sendmmsg(r1, &(0x7f000000dd80)=[{{&(0x7f00000000c0)=@in={0x2, 0x4e22, @remote}, 0x80, &(0x7f0000000400)=[{0x0}, {&(0x7f0000000200)="97ff", 0x2}], 0x2}}], 0x1, 0x0) ioctl$USBDEVFS_IOCTL(r0, 0xc0105512, &(0x7f0000000200)) ioctl$USBDEVFS_SETCONFIGURATION(r0, 0x80045505, &(0x7f0000000000)=0x1) 52.614959916s ago: executing program 1 (id=1199): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) r1 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0) ioctl$int_in(r1, 0x40000000af01, 0x0) ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f00000007c0)) r2 = socket$packet(0x11, 0x2, 0x300) r3 = dup(r0) r4 = fcntl$dupfd(r1, 0x406, r2) read$FUSE(r3, &(0x7f0000000a40)={0x2020}, 0x1fe4) ioctl$VHOST_SET_VRING_ADDR(r4, 0x4028af11, &(0x7f0000000100)={0x0, 0x0, 0x0, &(0x7f0000000180)=""/251, 0x0, 0x4000}) r5 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') syz_genetlink_get_family_id$nl80211(0x0, r5) sendmsg$NL80211_CMD_CANCEL_REMAIN_ON_CHANNEL(0xffffffffffffffff, 0x0, 0x4054) mount$9p_fd(0x0, &(0x7f0000000300)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r5}, 0x2c, {'wfdno', 0x3d, r5}}) ioctl$VHOST_NET_SET_BACKEND(r4, 0x4008af30, &(0x7f0000000080)={0x0, r3}) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) r6 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) 47.373362176s ago: executing program 1 (id=1210): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100"/14], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) socket(0x27, 0x3, 0x80000000) madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000340)={r0, 0xffffffffffffffff, 0x0, 0x1, &(0x7f00000000c0)='\x00'}, 0x30) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$devlink(&(0x7f0000001a00), r3) sendmsg$DEVLINK_CMD_TRAP_POLICER_GET(r3, &(0x7f0000001b40)={0x0, 0x0, &(0x7f0000001b00)={&(0x7f0000001a40)={0x14, r4, 0x528ea124191aeb57, 0x70bd2b, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x20000084}, 0x48044) syz_clone(0x1000, 0x0, 0x0, 0x0, 0x0, 0x0) 43.395410537s ago: executing program 1 (id=1212): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000180)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19) mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) setsockopt$inet_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, 0x0, 0x0) r3 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r3, 0x11b, 0x4, 0x0, 0x0) 38.833533756s ago: executing program 1 (id=1222): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) openat$rdma_cm(0xffffff9c, &(0x7f0000000200), 0x2, 0x0) openat$rdma_cm(0xffffffffffffff9c, 0x0, 0x2, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) getpid() sched_setaffinity(0x0, 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r1, &(0x7f0000000000), 0x400000000000041, 0x0) recvmmsg(r0, 0x0, 0x0, 0x2, 0x0) socket$inet6(0xa, 0x80003, 0x6) r2 = syz_open_dev$vim2m(&(0x7f0000000040), 0x7f, 0x2) ioctl$vim2m_VIDIOC_S_CTRL(r2, 0xc008561c, &(0x7f0000000000)={0xf0f01f}) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYRES32, @ANYBLOB='\x00'/19, @ANYRES32, @ANYBLOB='\x00'/25], 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000600), &(0x7f0000001f80), 0xfffffffb, r3}, 0x38) 34.297435986s ago: executing program 1 (id=1229): recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2000, 0x0) socket$nl_generic(0x10, 0x3, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) r0 = getpid() bind$alg(0xffffffffffffffff, &(0x7f0000000080)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha256\x00'}, 0x58) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) landlock_restrict_self(0xffffffffffffffff, 0x0) r3 = landlock_create_ruleset(&(0x7f00000002c0)={0x2001}, 0x18, 0x0) r4 = openat$dir(0xffffffffffffff9c, &(0x7f0000000300)='./file1\x00', 0x200000, 0x0) landlock_add_rule$LANDLOCK_RULE_PATH_BENEATH(r3, 0x1, &(0x7f0000000340)={0x2000, r4}, 0x0) landlock_restrict_self(r3, 0x0) 20.716641292s ago: executing program 2 (id=1251): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000400)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) openat$sw_sync(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$DMA_HEAP_IOCTL_ALLOC(0xffffffffffffffff, 0xc0184800, 0x0) r3 = openat$sysctl(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0) sendfile(r3, 0xffffffffffffffff, &(0x7f0000002080)=0x3a, 0x23b) 18.54747837s ago: executing program 32 (id=1229): recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2000, 0x0) socket$nl_generic(0x10, 0x3, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) r0 = getpid() bind$alg(0xffffffffffffffff, &(0x7f0000000080)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha256\x00'}, 0x58) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) landlock_restrict_self(0xffffffffffffffff, 0x0) r3 = landlock_create_ruleset(&(0x7f00000002c0)={0x2001}, 0x18, 0x0) r4 = openat$dir(0xffffffffffffff9c, &(0x7f0000000300)='./file1\x00', 0x200000, 0x0) landlock_add_rule$LANDLOCK_RULE_PATH_BENEATH(r3, 0x1, &(0x7f0000000340)={0x2000, r4}, 0x0) landlock_restrict_self(r3, 0x0) 13.027469345s ago: executing program 0 (id=1265): r0 = syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x0, &(0x7f00000002c0), 0x0, 0x236, &(0x7f0000000300)="$eJzs3TFoM2UcBvDnLomf/b4gVRdBUEFEtFDqJrjURaEgpYgIKlREXJRWqC1urZOLg84qnVyKuFkdpUtxUQSnqh3qImhxsDjoELlcK9VGFFNz8t3vB5fcJe97//e4e95kOS5Aa00nmU/SSTKTpJekON/grnqZPt3cntpfTgaDx38shu3q7dpZv2tJtpI8mGSvLPJiN9nYffro54NH731jvXfPe7tPTU30IE8dHx0+dvLu4usfLjyw8fmX3y8WmU//D8d1+YoRn3WL5Jb/otj/RNFtegT8E0uvfvBVlftbk9w9zH8vZeqT9+baDXu93P/OX/V964cvbp/kWIHLNxj0qt/ArQHQOmWSfopyNkm9Xpazs/V/+K87V8uXVtdemXlhdX3l+aZnKuCy9JPDRz6+8tG1P+X/u06df+D6VeX/iaWdb6r1k07TowEmqcr/zLOb90X+oXXkH9pL/qG95B/aS/6hveQf2kv+ob3kH9pL/qG95B/a63z+AYB2GVxp+g5koClNzz8AAAAAAAAAAAAAAAAAAMBF21P7y2fLpGp++nZy/HCS7qj6neHziJMbh69XfyqqZr8r6m5jeebOMXcwpvcbvvv6pm+brf/ZHc3W31xJtl5LMtftXrz+itPr79+7+W++7z03ZoExPfRks/V/3Wm2/sJB8kk1/8yNmn/K3DZ8Hz3/9KvzN2b9l38ZcwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABMzG8BAAD//8n0bSk=") ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY_ALL_USERS(r0, 0xc0406619, 0x0) 12.896630316s ago: executing program 0 (id=1266): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f066bbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f0000000400)='./file3\x00', 0x2218448, &(0x7f00000003c0)=ANY=[], 0xfd, 0x1de, &(0x7f0000000440)="$eJzsljurE0EUx/8zk7vJFUWwtLHwggq6d3ejIsgF01hZCD6ChWAwa4iuBpIUJiAxn8DezsKPIWjrh5Boo02stF6Zx2YnIZt3iHDPrzj578zZ2fNYzgYEQRxbfnz/O4j/HP0sADiJA+TN+i+R+nDL/1vh95svd26X3z3++DU/cPennRnHiz8/B+BzSaA9unf87gPzex98pB+A45LRZTC4Rj8Bx0OjQzA8Mvq5pRvS33Wf1aPQfdqIqlJ40vjSBNIUJ+Mb9hmqVnzM2m91ui8qURQ2tyjm1W9Y4jhK4hPj+y50tJ5VPx8cvtFFMNwz+gbySW10Saz8z+bS/MXM/B0sleTNy8CSFZGhLPGIM6cyW+UAWK0xe5vrPd6aV3ab71CGEFAi6eiGThYZWwKbzUIOpjk+yO2gqmu9UdN7IWZ259MtfU+yEvf0tfI5ndHcuLdghA5WySudT/EHhgvW/NSj5L361MgWHrY63Sv1l5VaWAtfBUHxunfV864Fh2oQaTtj/u2r+XQiPX/qN0niMAevK+1209d2dB1oOzlxmYlv2Oe4eD5dcybOLSRiL13jypeNbRMEQfxPnANTM1nN5USYrwms/7p3dxgjQRAEQRAEQRAEQRDr8S8AAP//p+Y+dA==") r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file2\x00', 0x0, 0x0) mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x10012, r3, 0x0) madvise(&(0x7f0000003000/0x1000)=nil, 0x1000, 0x3) read$FUSE(r3, &(0x7f0000004100)={0x2020}, 0x2020) 11.302581868s ago: executing program 4 (id=1269): socket$nl_route(0x10, 0x3, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file1\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/card0/oss_mixer\x00', 0x2002, 0x0) write$proc_mixer(r3, &(0x7f0000000180)=ANY=[@ANYBLOB='RECLEV\nPHONEOUT\nSPEAKER \'CD\' 00000000000000000'], 0xb8) r4 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/asound/card0/oss_mixer\x00', 0x0, 0x0) dup3(r4, r3, 0x0) 11.295571198s ago: executing program 3 (id=1270): prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = syz_io_uring_setup(0x40f, &(0x7f0000000000), &(0x7f0000000080)=0x0, &(0x7f00000000c0)=0x0) r6 = syz_io_uring_setup(0x2bac, &(0x7f0000000340), &(0x7f0000000100)=0x0, &(0x7f0000000000)) r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r6, 0x9, 0x0, 0x0) syz_io_uring_submit(r7, r5, &(0x7f0000000100)=@IORING_OP_READ=@pass_buffer={0x16, 0x29, 0x4000, @fd_index=0x5, 0x9, 0x0, 0x0, 0x14, 0x0, {0x0, r8}}) syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x40, &(0x7f0000000140)=0x80000004, 0x0, 0x4) io_uring_enter(r3, 0x1469, 0x0, 0x0, 0x0, 0x0) io_uring_enter(r3, 0x47e9, 0xeb13, 0x6, 0x0, 0x0) 11.14305888s ago: executing program 0 (id=1271): openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000dc0)=@file={0x0, './bus\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(0xffffffffffffffff, 0x40505330, 0x0) r3 = eventfd2(0x1, 0x0) r4 = epoll_create1(0x0) io_setup(0x4, &(0x7f00000001c0)=0x0) io_submit(r5, 0x2, &(0x7f0000000240)=[&(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x0, 0x0, 0x0, 0x1, r3}, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x7, 0x9, r4, 0x0, 0x0, 0x5e}]) 8.666438023s ago: executing program 3 (id=1272): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) setuid(0xee01) socket$inet_udp(0x2, 0x2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x2000007, 0x401d031, 0xffffffffffffffff, 0x0) r3 = userfaultfd(0x801) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000000)) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000000100)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1}) ioctl$UFFDIO_ZEROPAGE(r3, 0xc020aa04, &(0x7f0000000300)={{&(0x7f0000a92000/0x1000)=nil, 0x1000}}) 8.665577394s ago: executing program 2 (id=1273): openat$userio(0xffffffffffffff9c, &(0x7f0000000080), 0x22242, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDFONTOP_SET(r3, 0x4b72, &(0x7f0000000040)={0x4, 0x0, 0x3, 0x1d, 0x100, &(0x7f00000000c0)="387ed7626d850509a2d6c1aa38f15cd00f85c263cb226db671261fff7ce9c555f18dafae3530db6dd493f2a3cc88721b9ae21b3e3b4523ae2594f47d8f62b480c4160b1f90ac9c41fae6ab12ac4c113fef588684ef494c89092883b902a41cd75387ef6f7bc7d460d5e665f398ff95596dc94ec97003c7e6f3c82fbd8de6e11aa4031a61c51caf7a65a2b613bda33f3eaeae635d7cd81761e74c38a7695800a15516eb337056e02335f9a7d10aa2eaf7beb7e1aed6e850ecb3421143c5c4ded0f06affc524dcf3208272619b6a952db5bc96141b26c54d13c7a5416287a3b6f7aadf50bc549974b6401a19cdb130282b955592efa94242065a4c8d695a2cdd9ada350defd58c775b92d348305774d3a256c7520b285d8da0dbf5e20d604413ed2ddf9bcbf881caf811852806175d63892a15234fbcd7a88a2a0aea45d19148f0e7dada7d6d0d77881387fdeaa0284abe90b88dfff412bff40c31c6415c54ae3335e54a49d315851feffe30d999c36def4df7df747695efbd649f42f310859122c0d2c1e558dc6586958a283762386ecf369274e43003a0fdff59ea515eb44504901ef0d00baa91c10a8e44a76aac3468a15bd3d45ad389977467f306f9bcde071b30769795eed2f1580414d168f557cd90040c4bd2a3d6bc5092548feaef7204a12cece59181fcb5bad8c24bd9f8f78d17ab82831325501e80d899e9252f99d3a2666343392fda11504800f4dd9f45657f8224fc78eb1168fe0527fac33466aadf48f16994d29a47778566e0f3945b2bf36b6eecc7fa18914beb66ac9e519bd333b30d3ce2f50dddeea3447aebbe3bed781e39d5a0fb0cdc60e196f2261305feb596b68986af3eee7b199fefb5f79ffb2d1050e46982af1c14a88dd9000400002f56a8404755c73e74bb90e64bab9647c70ed5afca1c3d87907d01000100df6f40a80ace2bb8a2aad3b0c66915927db4233181943d88c0c76d5969e2043db5bd77fd60ba0f013139929ccfec965c0c769785a4d23332ba1f0875e3146afef5b20cc306d3ecee65944fe9829e0ad0c3f6bb2fd81bc31152538db50f47dc38ba908a0d808687e478a609fe0daa02d4e9c618b99266e7f2e98597e2813e1dba9c3c16e9fab3bda6ed33cb1c75513e2264b69d472dd0e1338688ba782b41bde141f99c4894ded98eff9aa53d22eb77c9d93169c04ab2490bf28106f770e07eb7a9e87dde71929f918b98c4cbfcb11a90139264a9ee8081973167f493760278df0cc34be9e8f86f948d9a62e63ad6ca9d2195ff9c6320c85bddc42915e4f3a5db642447bc2195a3d64e04c9ecd1c313c08e29b814bd8fed1ab6d2846c73345962895d289ac77152cac2e0e32b75ce814731c542091f218dd1e68a15f8226577bf9481ae0555db64a717eb23a811356d00"}) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000340)={{}, &(0x7f0000000240), &(0x7f0000000b80)='%pB \x00'}, 0x20) r4 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) futex_waitv(&(0x7f0000001080)=[{0x3, &(0x7f0000001040)=0x3, 0x82}], 0x1, 0x0, 0x0, 0x1) 8.636972224s ago: executing program 4 (id=1274): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) ioctl$sock_FIOSETOWN(r0, 0x8901, 0x0) 6.868035778s ago: executing program 0 (id=1275): r0 = syz_io_uring_setup(0x10d, &(0x7f0000000980)={0x0, 0x5885, 0x80, 0x10000000}, &(0x7f0000000340)=0x0, &(0x7f0000000280)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x4004, @fd_index=0x3, 0x0, 0x0}) io_uring_enter(r0, 0x3516, 0x0, 0x0, 0x0, 0x0) 6.840193438s ago: executing program 3 (id=1276): r0 = socket(0x23, 0x5, 0x0) listen(r0, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000000180), r0) 6.69813199s ago: executing program 4 (id=1277): socket$nl_netfilter(0x10, 0x3, 0xc) r0 = syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x0, &(0x7f00000002c0), 0x0, 0x236, &(0x7f0000000300)="$eJzs3TFoM2UcBvDnLomf/b4gVRdBUEFEtFDqJrjURaEgpYgIKlREXJRWqC1urZOLg84qnVyKuFkdpUtxUQSnqh3qImhxsDjoELlcK9VGFFNz8t3vB5fcJe97//e4e95kOS5Aa00nmU/SSTKTpJekON/grnqZPt3cntpfTgaDx38shu3q7dpZv2tJtpI8mGSvLPJiN9nYffro54NH731jvXfPe7tPTU30IE8dHx0+dvLu4usfLjyw8fmX3y8WmU//D8d1+YoRn3WL5Jb/otj/RNFtegT8E0uvfvBVlftbk9w9zH8vZeqT9+baDXu93P/OX/V964cvbp/kWIHLNxj0qt/ArQHQOmWSfopyNkm9Xpazs/V/+K87V8uXVtdemXlhdX3l+aZnKuCy9JPDRz6+8tG1P+X/u06df+D6VeX/iaWdb6r1k07TowEmqcr/zLOb90X+oXXkH9pL/qG95B/aS/6hveQf2kv+ob3kH9pL/qG95B/a63z+AYB2GVxp+g5koClNzz8AAAAAAAAAAAAAAAAAAMBF21P7y2fLpGp++nZy/HCS7qj6neHziJMbh69XfyqqZr8r6m5jeebOMXcwpvcbvvv6pm+brf/ZHc3W31xJtl5LMtftXrz+itPr79+7+W++7z03ZoExPfRks/V/3Wm2/sJB8kk1/8yNmn/K3DZ8Hz3/9KvzN2b9l38ZcwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABMzG8BAAD//8n0bSk=") prlimit64(0x0, 0xe, &(0x7f0000000140)={0xe, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) socket$inet_tcp(0x2, 0x1, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) close_range(r3, 0xffffffffffffffff, 0x0) socket(0x23, 0x5, 0x0) ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY_ALL_USERS(r0, 0xc0406619, 0x0) 6.618886291s ago: executing program 0 (id=1278): bpf$PROG_LOAD(0x5, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) openat$sysfs(0xffffffffffffff9c, 0x0, 0x21a02, 0x62) r3 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_EVENTS(r3, 0x84, 0xb, &(0x7f0000000180)={0x20, 0xff, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x2, 0x0, 0x93}, 0xe) ioctl$int_in(r3, 0x5452, &(0x7f0000000280)=0xffffffffffffffff) sendto$inet6(r3, &(0x7f0000000300)="8b", 0x34000, 0x0, &(0x7f0000000000)={0xa, 0x0, 0x0, @private1}, 0x1c) shutdown(r3, 0x1) 6.449216953s ago: executing program 2 (id=1279): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x5e22, 0x0, @empty}, 0x1c) listen(r0, 0x0) r4 = socket$netlink(0x10, 0x3, 0x4) writev(r4, &(0x7f0000000140)=[{&(0x7f0000000200)="580000001400add4275a1bf00c45b45602067fffffff81005e22000d00ff0028925aa8002000eaa57b00090080000efffeffe809000000ff0000f03a0200f0ffffffffffffffffffffffffe7ee0000000000000000020000", 0x58}], 0x1) 3.582412052s ago: executing program 2 (id=1280): r0 = socket(0x23, 0x5, 0x0) listen(r0, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000000180), r0) 3.582200462s ago: executing program 3 (id=1281): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e23}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$pppl2tp(0x18, 0x1, 0x1) r4 = socket$inet6_udp(0xa, 0x2, 0x0) connect$pppl2tp(r3, &(0x7f0000000000)=@pppol2tp={0x18, 0x1, {0x0, r4, {0x2, 0x4e24, @broadcast}, 0x2, 0x0, 0x3}}, 0x26) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$L2TP_CMD_TUNNEL_GET(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, r6, 0x325, 0x400, 0x0, {0x8}}, 0x14}}, 0x4800) 3.581626142s ago: executing program 4 (id=1282): r0 = openat$fb0(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) read$FUSE(0xffffffffffffffff, &(0x7f0000001600)={0x2020}, 0x2020) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sendmsg$key(0xffffffffffffffff, 0x0, 0x0) connect$packet(0xffffffffffffffff, &(0x7f0000000000)={0x1f, 0xf8, 0x0, 0x1, 0x2, 0x6, @broadcast}, 0x14) bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000cc0)=ANY=[@ANYBLOB], &(0x7f0000000080)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x94) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000240)={0x400, 0x30, 0xf0, 0x30, 0x0, 0x0, 0x0, 0x0, {}, {}, {}, {}, 0x0, 0x40, 0x0, 0x7, 0x0, 0x5, 0x0, 0x1, 0x4000, 0x0, 0x0, 0x0, 0x16, 0x0, 0x0, 0x5}) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r3, 0x29, 0x40, &(0x7f0000000880)=@raw={'raw\x00', 0x3c1, 0x3, 0x510, 0x0, 0x940c, 0x3002, 0x440, 0x2c0, 0x440, 0x3d8, 0x3d8, 0x440, 0x3d8, 0x3, 0x0, {[{{@uncond, 0x0, 0x2f8, 0x320, 0x0, {}, [@common=@inet=@recent0={{0xf8}, {0x0, 0x2, 0x1, 0x0, 'syz0\x00'}}, @common=@inet=@policy={{0x158}, {[{@ipv6=@loopback, [0xffffff00, 0xffff00, 0x0, 0xff000000], @ipv6=@private1={0xfc, 0x1, '\x00', 0x1}, [0x0, 0xff, 0x0, 0xffffff00], 0x4d6, 0x3506, 0x5e, 0x0, 0x7, 0x1e}, {@ipv6=@local, [0x0, 0x0, 0xffffffff, 0xff], @ipv6=@mcast2, [0xffffff00, 0x0, 0x0, 0xff000000], 0x4d4, 0x3504, 0x33, 0x1, 0x12}, {@ipv4=@remote, [0x0, 0xff, 0x0, 0xffffff00], @ipv6=@ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x2f}}, [0xff, 0xffffff, 0xff, 0xffffffff], 0x4d3, 0x3502, 0x2c, 0x1, 0xb, 0x7}, {@ipv4=@private=0xa010102, [0xffffffff, 0xffffff00, 0xffffff00, 0xffffffff], @ipv6=@remote, [0xef7a3ce5cc6f2af0, 0x0, 0xffffff00, 0xffffff00], 0x4d2, 0x3507, 0x5e, 0x1, 0xa, 0x1e}], 0x3, 0x4}}]}, @common=@inet=@TCPMSS={0x28, 'TCPMSS\x00', 0x0, {0x3}}}, {{@ipv6={@private0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', [0xffffff00, 0xffffff00, 0xffffff00], [0xff000000, 0xff, 0xc33e1565a1dcd696, 0xff000000], 'veth1_to_bond\x00', 'erspan0\x00', {}, {0xff}, 0xc, 0x8, 0x2, 0x10}, 0x0, 0xd8, 0x120, 0x0, {}, [@common=@srh={{0x30}, {0x33, 0x1, 0x2, 0x0, 0x1, 0x182, 0x2214}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x1, 0x9, 0x9, 0x7, 'netbios-ns\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x570) 3.329056185s ago: executing program 0 (id=1283): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000400)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/partitions\x00', 0x0, 0x0) openat$sw_sync(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$DMA_HEAP_IOCTL_ALLOC(0xffffffffffffffff, 0xc0184800, 0x0) r4 = openat$sysctl(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0) sendfile(r4, r3, &(0x7f0000002080)=0x3a, 0x23b) 2.313277949s ago: executing program 4 (id=1284): syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x840, &(0x7f0000000340)={[{@test_dummy_encryption_v1}, {@test_dummy_encryption_v1}, {@nomblk_io_submit}, {@nomblk_io_submit}]}, 0x2, 0x241, &(0x7f0000000540)="$eJzs3U9oFFccB/DfzO42TbKUtL0UCm2hlNIGQnor9JJeWgiUEEoptIUUES9KIsQEb4knLx70rJKTlyDejB4ll+BFETxFzSFeBA0eDB70sDI7iUSz/oGJO+J8PjC7M7vvze8Ns983exkmgMoaiIiRiKhFxGBENCIi2dngm3wZ2Npc6F2ZiGi1/nyYtNvl27ntfv0RMR8RP0fEcprEwXrE7NK/649Xf//+xEzju3NL//R29SC3bKyv/bF5duz4xdGfZq/fvD+WxEg0XziuvZd0+KyeRHz2Loq9J5J62SPgbYwfvXAry/3nEfFtO/+NSCM/eSenP1puxI9nXtX31IMbX3ZzrMDea7Ua2TVwvgVUThoRzUjSoYjI19N0aCj/D3+71pcempo+MnhgamZyf9kzFbBXmhFrv13uudT/Uv7v1fL8Ax+uLP9/jS/eydY3a2WPBuimLP+D/8/9EPIPlSP/UF3yD9Ul/1Bdr8t/WtKYgO5w/Yfqkn+oLvmH6pJ/qC75h+ramX8AoFpaPWXfgQyUpez5BwAAAAAAAAAAAAAAAAAA2G2hd2Vie+lWzaunIzZ+jYh6p/q1recQfNx+7XuUZM2eS/Juhfz3dcEdFHS+5LuvP7lbbv1rX5Vbf24yYv5YRAzX67t/f0nh52B8+obvG/sKFijol7/Lrf90sdz6o6sRV7L5Z7jT/JPGF+33zvNPMzt/BesfflJwBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHTNswAAAP//ceptKw==") prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) bind$netlink(r3, &(0x7f0000000080)={0x10, 0x0, 0x0, 0xfffffffffffffffd}, 0xc) r4 = socket$inet6(0xa, 0x3, 0x1) connect$inet6(r4, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_IPV6_XFRM_POLICY(r4, 0x29, 0x23, &(0x7f0000000200)={{{@in=@local, @in6=@private1, 0x0, 0x0, 0x0, 0x0, 0xa}, {0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, {}, 0x0, 0x0, 0x1}, {{@in=@dev={0xac, 0x14, 0x14, 0x33}, 0xfffffffd, 0x33}, 0x0, @in6=@dev={0xfe, 0x80, '\x00', 0x2}, 0x1000000, 0x0, 0x0, 0xfd}}, 0xe8) sendmmsg(r4, &(0x7f0000000480), 0x21, 0x0) 2.299198539s ago: executing program 2 (id=1285): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="fc0000001900674c0000000000000000e0000001000000000000000000000000e000000200000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000400000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000044000500000000000000000000000000000000000000000033"], 0xfc}}, 0x0) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xf0667000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bind$netlink(r1, &(0x7f0000000080)={0x10, 0x0, 0x0, 0x1}, 0xc) r5 = socket$inet6(0xa, 0x80003, 0x6) connect$inet6(r5, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) sendmmsg(r5, &(0x7f0000000480), 0x2e9, 0x0) 2.284596509s ago: executing program 3 (id=1286): socket$nl_generic(0x10, 0x3, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r3 = syz_open_dev$tty1(0xc, 0x4, 0x1) r4 = dup(r3) write$UHID_INPUT(r4, &(0x7f0000001040)={0x12, {"a2e3ad21ed0d09f91b23090987f70906d038e7ff7fc6e5539b0d3d0e8b089b323b6d07060890e0878f0e1ac6e7049b3342959b3e9a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31070b07580936cd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0931a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5bcd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383701d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b6080000007a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39dd0000000039ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb06ffc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00b98e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb15da202d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d877a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006) mremap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x4000, 0x3, &(0x7f0000ff9000/0x4000)=nil) 42.828999ms ago: executing program 2 (id=1287): r0 = syz_io_uring_setup(0x10d, &(0x7f0000000980)={0x0, 0x5885, 0x80, 0x10000000}, &(0x7f0000000340)=0x0, &(0x7f0000000280)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x4004, @fd_index=0x3, 0x0, 0x0}) io_uring_enter(r0, 0x3516, 0x0, 0x0, 0x0, 0x0) 42.382279ms ago: executing program 3 (id=1288): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f00000000c0)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000380)=@file={0x0, './file0\x00'}, 0x3e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r3, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) sendto$inet6(r3, 0x0, 0x0, 0x4098884, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @mcast2}, 0x1c) setsockopt$sock_int(r3, 0x1, 0x2a, &(0x7f0000000140)=0x2f, 0x4) syz_emit_vhci(&(0x7f0000002c00)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x0, 0xa}, @l2cap_cid_le_signaling={{0x6}, @l2cap_cmd_rej_unk={{0x1, 0x8, 0x2}, {0x6}}}}, 0xf) recvmmsg(r3, &(0x7f0000008880), 0x483, 0x44000102, 0x0) sendto$inet6(r3, 0x0, 0x0, 0x2000, 0x0, 0x0) syz_emit_ethernet(0xbe, &(0x7f0000000000)={@local, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "7b4b143b7461fd777b1c012bd14efb9f49fcdb8f080c26a04883ad5c8c82b8af", "584cbf2649a50f2dbc43efa8698dfa871c51852e4451b57d037ad3c045942824251d7d17b5191584cdd4fbe40a27424d", "bcfd56f1373669caaa2f19935e6996c7096ffe4f3a4745a8f762b964", {"9a3bfbc1f39cb307b3472eb9cdb042d2", "643fcbb2c5a57df67d544af6e8dafe09"}}}}}}}, 0x0) sendmsg$NFC_CMD_GET_TARGET(0xffffffffffffffff, 0x0, 0x0) 0s ago: executing program 4 (id=1289): socket$nl_generic(0x10, 0x3, 0x10) socket$nl_xfrm(0x10, 0x3, 0x6) socket$nl_netfilter(0x10, 0x3, 0xc) socket$nl_route(0x10, 0x3, 0x0) socket$inet_udp(0x2, 0x2, 0x0) socket$inet_udp(0x2, 0x2, 0x0) socket$inet_udp(0x2, 0x2, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) r0 = socket(0x10, 0x3, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000780)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x50) socket(0x10, 0x3, 0x0) socket$packet(0x11, 0x2, 0x300) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xd, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000bc00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000400850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000340)={{r1, 0xffffffffffffffff}, &(0x7f00000001c0), &(0x7f0000000300)=r2}, 0x20) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000004c0)={r3, &(0x7f0000000640)="8d", &(0x7f00000007c0)=@tcp=r0, 0x2}, 0x20) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000280)={r2, 0x5, 0xe, 0x0, &(0x7f00000003c0)="000000000000000000000001e370", 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x20}, 0x50) kernel console output (not intermixed with test programs): set [1, 0] type 2 family 0 port 6081 - 0 [ 44.134846][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 44.137249][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 44.141009][ T515] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 44.266184][ T4429] 8021q: adding VLAN 0 to HW filter on device bond0 [ 44.290478][ T4429] bond0: (slave rose0): Enslaving as an active interface with an up link [ 44.366808][ T4432] netlink: 12 bytes leftover after parsing attributes in process `syz.2.9'. [ 44.373939][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 44.376458][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 44.379671][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 44.391889][ T4433] bond0: (slave rose0): Releasing backup interface [ 44.402829][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 44.410724][ T4416] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 44.413134][ T4416] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 44.469928][ T515] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 44.473579][ T515] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 44.889363][ T515] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 45.487363][ T4432] device veth3 entered promiscuous mode [ 45.604281][ T4452] netlink: 348 bytes leftover after parsing attributes in process `syz.1.12'. [ 45.848597][ T4301] Bluetooth: hci4: command 0x0419 tx timeout [ 45.851061][ T4301] Bluetooth: hci1: command 0x0419 tx timeout [ 45.853424][ T4301] Bluetooth: hci0: command 0x0419 tx timeout [ 45.855711][ T4301] Bluetooth: hci2: command 0x0419 tx timeout [ 45.882282][ T4301] Bluetooth: hci3: command 0x0419 tx timeout [ 46.552213][ C0] sched: RT throttling activated [ 47.884404][ T4466] binder: BINDER_SET_CONTEXT_MGR already set [ 47.886263][ T4466] binder: 4465:4466 ioctl 4018620d 20000040 returned -16 [ 47.954736][ T4474] binder: tried to use weak ref as strong ref [ 47.956539][ T4474] binder: 4465:4474 Acquire 1 refcount change on invalid ref 0 ret -22 [ 47.994822][ T4466] binder: 4465:4466 got transaction to invalid handle, 1 [ 47.997020][ T4466] binder: 4466:4465 cannot find target node [ 47.998734][ T4466] binder: 4465:4466 transaction call to 0:0 failed 3/29201/-22, size 0-0 line 3054 [ 48.042175][ T4466] binder: 4465:4466 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10) [ 48.063829][ T4466] binder: 4466 RLIMIT_NICE not set [ 48.065303][ T4466] binder: 4465:4466 ioctl c0306201 20000240 returned -11 [ 48.083162][ T4466] binder: 4465:4466 got reply transaction with no transaction stack [ 48.101037][ T4466] binder: 4465:4466 transaction reply to 0:0 failed 4/29201/-71, size 0-0 line 2955 [ 48.129946][ T4481] dccp_close: ABORT with 32 bytes unread [ 48.191195][ T4378] binder: undelivered TRANSACTION_ERROR: 29201 [ 48.194753][ T4378] binder: undelivered TRANSACTION_ERROR: 29201 [ 48.538999][ T4485] loop3: detected capacity change from 0 to 8192 [ 49.525835][ T4506] loop0: detected capacity change from 0 to 2048 [ 49.564278][ T4506] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 49.609651][ T4510] loop4: detected capacity change from 0 to 2048 [ 50.962617][ T4525] capability: warning: `syz.0.22' uses deprecated v2 capabilities in a way that may be insecure [ 51.550991][ T4523] loop1: detected capacity change from 0 to 4096 [ 51.627939][ T4523] ntfs: volume version 3.1. [ 51.721393][ T4510] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 51.836445][ T4530] batman_adv: batadv0: Adding interface: dummy0 [ 51.843765][ T4530] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 51.864056][ T4530] batman_adv: batadv0: Interface activated: dummy0 [ 51.908015][ T4533] netlink: 8 bytes leftover after parsing attributes in process `syz.0.28'. [ 51.923950][ T4533] netlink: 48 bytes leftover after parsing attributes in process `syz.0.28'. [ 51.974186][ T4503] dccp_close: ABORT with 32 bytes unread [ 51.983198][ T4530] batadv0: mtu less than device minimum [ 51.988315][ T4530] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 51.994565][ T4530] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 52.000432][ T4530] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 52.006406][ T4530] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 52.012490][ T4530] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 52.018386][ T4530] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 52.024383][ T4530] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 52.081975][ T4309] EXT4-fs (loop4): unmounting filesystem. [ 52.165259][ T4543] trusted_key: encrypted_key: insufficient parameters specified [ 52.209438][ T4546] loop0: detected capacity change from 0 to 512 [ 52.284115][ T4539] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 53.048410][ T4565] loop0: detected capacity change from 0 to 47 [ 53.070405][ T4548] loop4: detected capacity change from 0 to 4197 [ 53.092333][ T4548] F2FS-fs (loop4): build fault injection attr: rate: 771, type: 0x3ffff [ 53.256416][ T4546] infiniband syz1: set active [ 53.263855][ T4548] syz.4.31: attempt to access beyond end of device [ 53.263855][ T4548] loop4: rw=12288, sector=8192, nr_sectors = 8 limit=4197 [ 54.126166][ T4546] infiniband syz1: added syz_tun [ 54.173418][ T4548] syz.4.31: attempt to access beyond end of device [ 54.173418][ T4548] loop4: rw=12288, sector=12288, nr_sectors = 8 limit=4197 [ 54.177178][ T4548] syz.4.31: attempt to access beyond end of device [ 54.177178][ T4548] loop4: rw=12288, sector=12288, nr_sectors = 8 limit=4197 [ 54.332563][ T4548] F2FS-fs (loop4): Failed to initialize F2FS segment manager (-5) [ 55.825639][ T4546] RDS/IB: syz1: added [ 55.842727][ T4546] smc: adding ib device syz1 with port count 1 [ 55.857346][ T4546] smc: ib device syz1 port 1 has pnetid [ 57.987527][ T4625] loop2: detected capacity change from 0 to 1024 [ 62.564004][ T4636] loop4: detected capacity change from 0 to 512 [ 64.565940][ T2060] ieee802154 phy0 wpan0: encryption failed: -22 [ 64.567851][ T2060] ieee802154 phy1 wpan1: encryption failed: -22 [ 65.810345][ T4636] EXT4-fs warning (device loop4): ext4_multi_mount_protect:404: Unable to create kmmpd thread for loop4. [ 68.123375][ T4469] wlan1: Trigger new scan to find an IBSS to join [ 68.266596][ T4656] loop4: detected capacity change from 0 to 32768 [ 68.329603][ T4363] kernel write not supported for file bpf-prog (pid: 4363 comm: kworker/0:5) [ 69.782970][ T1515] cfg80211: failed to load regulatory.db [ 69.997638][ C0] net_ratelimit: 12 callbacks suppressed [ 69.997651][ C0] TCP: request_sock_subflow_v4: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. [ 70.031136][ T4692] loop4: detected capacity change from 0 to 128 [ 70.033804][ T4692] ======================================================= [ 70.033804][ T4692] WARNING: The mand mount option has been deprecated and [ 70.033804][ T4692] and is ignored by this kernel. Remove the mand [ 70.033804][ T4692] option from the mount to silence this warning. [ 70.033804][ T4692] ======================================================= [ 70.128885][ T4692] EXT4-fs (loop4): Test dummy encryption mode enabled [ 70.883574][ T4692] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 70.999385][ T4692] netlink: 4 bytes leftover after parsing attributes in process `syz.4.67'. [ 71.058389][ T4692] netlink: 4 bytes leftover after parsing attributes in process `syz.4.67'. [ 72.333482][ T4309] EXT4-fs (loop4): unmounting filesystem. [ 73.133036][ T4664] wlan1: Trigger new scan to find an IBSS to join [ 73.213162][ T4713] loop1: detected capacity change from 0 to 8192 [ 74.633720][ T39] wlan1: Creating new IBSS network, BSSID 00:00:00:8d:00:00 [ 74.729334][ T4743] loop3: detected capacity change from 0 to 16 [ 75.431789][ T4743] erofs: (device loop3): mounted with root inode @ nid 36. [ 75.467243][ T4300] erofs: (device loop3): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[9000] [ 75.473101][ T4740] erofs: (device loop3): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[9000] [ 75.476559][ T4740] erofs: (device loop3): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[9000] [ 75.479985][ T4740] erofs: (device loop3): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[9000] [ 75.483076][ T4740] erofs: (device loop3): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[9000] [ 75.550206][ T4742] sch_tbf: burst 7710 is lower than device lo mtu (65550) ! [ 77.679884][ T4342] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 77.882055][ T4780] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check. [ 79.534697][ T4349] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 79.537776][ T4378] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 80.504815][ T4342] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 80.694100][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 81.342539][ T4816] loop0: detected capacity change from 0 to 256 [ 81.431280][ T4818] loop1: detected capacity change from 0 to 256 [ 81.497964][ T4816] FAT-fs (loop0): Directory bread(block 64) failed [ 81.500179][ T4816] FAT-fs (loop0): Directory bread(block 65) failed [ 81.502062][ T4816] FAT-fs (loop0): Directory bread(block 66) failed [ 81.506553][ T4816] FAT-fs (loop0): Directory bread(block 67) failed [ 81.508423][ T4816] FAT-fs (loop0): Directory bread(block 68) failed [ 81.510399][ T4816] FAT-fs (loop0): Directory bread(block 69) failed [ 81.512302][ T4816] FAT-fs (loop0): Directory bread(block 70) failed [ 81.514199][ T4816] FAT-fs (loop0): Directory bread(block 71) failed [ 81.516253][ T4816] FAT-fs (loop0): Directory bread(block 72) failed [ 81.518095][ T4816] FAT-fs (loop0): Directory bread(block 73) failed [ 81.766429][ T4378] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 81.769849][ T4824] loop4: detected capacity change from 0 to 512 [ 82.721564][ T4407] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 82.725753][ T4363] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 82.762159][ T4833] Dead loop on virtual device ip6_vti0, fix it urgently! [ 82.765561][ T4824] EXT2-fs (loop4): warning: mounting ext3 filesystem as ext2 [ 82.805475][ T4835] loop2: detected capacity change from 0 to 164 [ 82.854695][ T4342] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 82.874473][ T4835] rock: directory entry would overflow storage [ 82.876606][ T4835] rock: sig=0x5053, size=7, remaining=4 [ 82.878205][ T4835] isofs_fill_super: root inode is not a directory. Corrupted media? [ 82.971306][ T4539] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 83.165609][ T4842] infiniband syz1: set active [ 83.171386][ T4842] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 83.186385][ T4842] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 83.190129][ T4842] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 83.242650][ T4843] loop0: detected capacity change from 0 to 8192 [ 83.725221][ T4407] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 83.985430][ T4378] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 84.012086][ T4850] bridge0: port 3(vxlan0) entered blocking state [ 84.024830][ T4850] bridge0: port 3(vxlan0) entered disabled state [ 84.027388][ T4850] device vxlan0 entered promiscuous mode [ 85.900385][ T4342] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 86.922458][ T4407] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 86.925172][ T4342] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 87.170122][ T4887] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 87.174159][ T4887] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 87.176236][ T4887] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 87.179863][ T4887] device bridge_slave_0 left promiscuous mode [ 87.182940][ T4887] bridge0: port 1(bridge_slave_0) entered disabled state [ 87.402452][ T4887] device bridge_slave_1 left promiscuous mode [ 87.406502][ T4887] bridge0: port 2(bridge_slave_1) entered disabled state [ 87.412926][ T4890] netlink: 165 bytes leftover after parsing attributes in process `syz.1.117'. [ 87.967384][ T4563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 88.179504][ T4899] loop1: detected capacity change from 0 to 4096 [ 88.234758][ T4899] ntfs3: loop1: Different NTFS' sector size (1024) and media sector size (512) [ 88.250742][ T4887] bond0: (slave bond_slave_0): Releasing backup interface [ 88.349681][ T4899] ntfs3: loop1: Failed to load $Secure. [ 88.373557][ T4887] bond0: (slave bond_slave_1): Releasing backup interface [ 89.191864][ T4378] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 89.253475][ T4915] netlink: 8 bytes leftover after parsing attributes in process `syz.1.122'. [ 89.265907][ T4887] team0: Port device team_slave_0 removed [ 89.292769][ T4887] team0: Port device team_slave_1 removed [ 89.298726][ T4887] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 89.301072][ T4887] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 89.305663][ T4887] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 89.308036][ T4887] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 89.340219][ T4894] team0: Mode changed to "loadbalance" [ 89.345153][ T4909] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 89.359151][ T4909] device batadv_slave_0 entered promiscuous mode [ 89.501388][ T4917] loop4: detected capacity change from 0 to 8 [ 89.618418][ T4917] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 89.637796][ T4917] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 89.709794][ T4917] SQUASHFS error: Unable to read directory block [629:2b] [ 90.491511][ T4407] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 90.548265][ T4342] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 90.612127][ T4932] device ip6tnl1 entered promiscuous mode [ 91.653823][ T4378] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 92.432651][ T4407] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 92.494757][ T4953] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 92.499096][ T4953] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 92.501368][ T4953] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 92.505029][ T4953] device bridge_slave_0 left promiscuous mode [ 92.506946][ T4953] bridge0: port 1(bridge_slave_0) entered disabled state [ 92.672031][ T4953] device bridge_slave_1 left promiscuous mode [ 92.693389][ T4342] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 92.705030][ T4953] bridge0: port 2(bridge_slave_1) entered disabled state [ 92.764792][ T4966] netlink: 156 bytes leftover after parsing attributes in process `syz.3.137'. [ 92.860530][ T4953] bond0: (slave bond_slave_0): Releasing backup interface [ 92.911038][ T4953] bond0: (slave bond_slave_1): Releasing backup interface [ 93.712842][ T4349] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 93.737036][ T4563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 93.748702][ T4953] team0: Port device team_slave_0 removed [ 93.766575][ T4963] Process accounting resumed [ 93.777760][ T4953] team0: Port device team_slave_1 removed [ 93.791381][ T4953] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 93.794174][ T4953] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 93.798011][ T4953] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 93.800017][ T4953] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 93.843472][ T4349] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 93.853558][ T4959] team0: Mode changed to "loadbalance" [ 93.921199][ T4974] device batadv_slave_0 entered promiscuous mode [ 94.002525][ T4349] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 96.257823][ T4342] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 96.262934][ T4998] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 96.265625][ T4998] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 96.763259][ T4407] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 97.127252][ T5012] netlink: 8 bytes leftover after parsing attributes in process `syz.1.152'. [ 97.236470][ T5017] netlink: 156 bytes leftover after parsing attributes in process `syz.0.153'. [ 97.293365][ T5018] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 97.298165][ T5018] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 97.324983][ T4378] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 97.464767][ T5021] batman_adv: batadv0: Local translation table size (116) exceeds maximum packet size (-320); Ignoring new local tt entry: ba:52:c4:42:77:fb [ 97.469216][ T5021] batman_adv: batadv0: Local translation table size (116) exceeds maximum packet size (-320); Ignoring new local tt entry: ba:52:c4:42:77:fb [ 97.473596][ T5021] batman_adv: batadv0: Local translation table size (116) exceeds maximum packet size (-320); Ignoring new local tt entry: ba:52:c4:42:77:fb [ 99.507718][ T5039] infiniband syz1: set active [ 99.509769][ T5039] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 99.513479][ T5039] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 99.515627][ T5039] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 99.519196][ T5039] device bridge_slave_0 left promiscuous mode [ 99.521176][ T5039] bridge0: port 1(bridge_slave_0) entered disabled state [ 99.667467][ T4342] net_ratelimit: 252 callbacks suppressed [ 99.667483][ T4342] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 99.790380][ T14] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 100.354692][ T5039] device bridge_slave_1 left promiscuous mode [ 100.359857][ T5039] bridge0: port 2(bridge_slave_1) entered disabled state [ 100.417613][ T5039] bond0: (slave bond_slave_0): Releasing backup interface [ 100.481856][ T5039] bond0: (slave bond_slave_1): Releasing backup interface [ 100.597071][ T5039] team0: Port device team_slave_0 removed [ 100.637938][ T5042] Process accounting resumed [ 100.647988][ T5039] team0: Port device team_slave_1 removed [ 100.671539][ T5039] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 100.679523][ T5039] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 100.690156][ T5039] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 100.692914][ T4342] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 100.716235][ T5039] device vxlan0 left promiscuous mode [ 100.717861][ T5039] bridge0: port 3(vxlan0) entered disabled state [ 100.766301][ T5040] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 100.768593][ T5040] batadv0: mtu less than device minimum [ 100.773413][ T5040] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 100.779394][ T5040] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 100.785447][ T5040] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 100.791656][ T5040] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 100.797781][ T5040] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 100.803757][ T5040] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 100.851577][ T5040] device batadv_slave_0 entered promiscuous mode [ 100.870368][ T5048] team0: Mode changed to "loadbalance" [ 102.361567][ T5080] netlink: 'syz.2.170': attribute type 4 has an invalid length. [ 102.616481][ T5087] netlink: 'syz.2.170': attribute type 4 has an invalid length. [ 104.728894][ T515] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 105.171232][ T4378] net_ratelimit: 18 callbacks suppressed [ 105.171247][ T4378] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 106.714840][ T5111] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 106.718490][ T5111] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 106.902330][ T5111] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 106.905950][ T5111] device bridge_slave_0 left promiscuous mode [ 106.907691][ T5111] bridge0: port 1(bridge_slave_0) entered disabled state [ 106.938364][ T4342] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 106.956761][ T4365] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 106.959272][ T14] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 106.967460][ T5111] device bridge_slave_1 left promiscuous mode [ 106.969334][ T5111] bridge0: port 2(bridge_slave_1) entered disabled state [ 107.576792][ T174] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 107.876261][ T5111] bond0: (slave bond_slave_0): Releasing backup interface [ 107.940834][ T5111] bond0: (slave bond_slave_1): Releasing backup interface [ 107.963014][ T4378] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 108.020841][ T5111] team0: Port device team_slave_0 removed [ 108.034599][ T5111] team0: Port device team_slave_1 removed [ 108.036869][ T5111] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 108.038957][ T5111] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 108.045146][ T5111] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 108.047186][ T5111] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 108.079286][ T5123] team0: Mode changed to "loadbalance" [ 108.171858][ T5130] mmap: syz.0.183 (5130) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 108.353448][ T27] audit: type=1326 audit(364.290:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5138 comm="syz.2.185" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa7f5a9a8 code=0x7fc00000 [ 109.195747][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 109.218449][ T27] audit: type=1326 audit(365.160:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5138 comm="syz.2.185" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=211 compat=0 ip=0xffffa7f5a9a8 code=0x7fc00000 [ 109.388586][ T5147] loop3: detected capacity change from 0 to 2048 [ 109.456352][ T5147] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 110.437380][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 110.611680][ T4563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 111.021787][ T4304] EXT4-fs (loop3): unmounting filesystem. [ 111.261283][ T4349] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 111.264961][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 112.209644][ T4563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 113.294433][ T5180] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 113.319455][ T4342] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 113.349792][ T5180] batman_adv: batadv0: Interface deactivated: dummy0 [ 113.351733][ T5180] batman_adv: batadv0: Removing interface: dummy0 [ 113.362357][ T5193] loop0: detected capacity change from 0 to 2048 [ 113.373493][ T5180] IPv6: ADDRCONF(NETDEV_CHANGE): dummy0: link becomes ready [ 113.376399][ T5180] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 113.378626][ T5180] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 113.382135][ T5180] device bridge_slave_0 left promiscuous mode [ 113.393152][ T5180] bridge0: port 1(bridge_slave_0) entered disabled state [ 113.404667][ T4300] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0 [ 113.407150][ T4300] Bluetooth: hci3: Injecting HCI hardware error event [ 113.410393][ T4301] Bluetooth: hci3: hardware error 0x00 [ 113.464252][ T5180] device bridge_slave_1 left promiscuous mode [ 113.466399][ T5180] bridge0: port 2(bridge_slave_1) entered disabled state [ 113.500554][ T5199] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 113.649174][ T5180] bond0: (slave bond_slave_0): Releasing backup interface [ 113.773421][ T5180] bond0: (slave bond_slave_1): Releasing backup interface [ 114.198397][ T5208] loop1: detected capacity change from 0 to 16 [ 114.217054][ T5208] MTD: Attempt to mount non-MTD device "/dev/loop1" [ 115.274060][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 115.393735][ T4363] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 115.431869][ T5180] team0: Port device team_slave_0 removed [ 115.451025][ T5180] team0: Port device team_slave_1 removed [ 115.495005][ T5180] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 115.536250][ T5180] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 115.538567][ T5180] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 115.607263][ T5196] team0: Mode changed to "loadbalance" [ 115.639659][ T5197] sch_tbf: burst 4398 is lower than device lo mtu (65550) ! [ 115.642345][ T4301] Bluetooth: hci3: Opcode 0x0c03 failed: -110 [ 115.716740][ T5200] netlink: 12 bytes leftover after parsing attributes in process `syz.4.201'. [ 115.746860][ T5211] overlayfs: workdir and upperdir must reside under the same mount [ 115.809545][ T5215] netlink: 24 bytes leftover after parsing attributes in process `syz.0.215'. [ 116.720749][ T14] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 116.723361][ T14] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 116.738566][ T5218] loop4: detected capacity change from 0 to 2048 [ 118.821064][ T5230] loop0: detected capacity change from 0 to 32768 [ 118.846116][ T4563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 118.967700][ T4363] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 118.971490][ T14] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 118.999547][ T5230] Dev loop0 SGI disklabel: csum bad, label corrupted [ 119.024443][ T5218] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 119.150561][ T4309] EXT4-fs (loop4): unmounting filesystem. [ 119.186252][ T5237] netlink: 4 bytes leftover after parsing attributes in process `syz.1.210'. [ 120.133792][ T4301] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0 [ 120.137004][ T4301] Bluetooth: hci4: Injecting HCI hardware error event [ 120.143267][ T4300] Bluetooth: hci4: hardware error 0x00 [ 120.194297][ T4563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 121.843715][ T5256] loop4: detected capacity change from 0 to 512 [ 122.357655][ T5256] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 122.424629][ T4563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 122.433228][ T5248] netlink: 'syz.0.213': attribute type 1 has an invalid length. [ 122.443026][ T5252] netlink: 'syz.0.213': attribute type 1 has an invalid length. [ 122.452844][ T4363] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 122.464992][ T5253] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters [ 122.582841][ T5262] loop2: detected capacity change from 0 to 128 [ 122.667684][ T4309] EXT4-fs (loop4): unmounting filesystem. [ 122.760739][ T4365] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 122.786319][ T5262] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 122.805175][ T4365] hid-generic 0000:0000:0000.0001: hidraw0: HID v0.00 Device [syz1] on syz0 [ 123.642503][ T5262] process 'syz.2.216' launched '/dev/fd/3' with NULL argv: empty string added [ 123.664328][ T4563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 123.951285][ T5275] loop4: detected capacity change from 0 to 4096 [ 124.781848][ T5275] ntfs: volume version 3.1. [ 124.799316][ T4300] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 124.811092][ T4297] EXT4-fs (loop2): unmounting filesystem. [ 124.824436][ T4563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 124.918842][ T5282] loop0: detected capacity change from 0 to 512 [ 124.921639][ T5282] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 124.924831][ T5275] bridge0: port 1(batadv0) entered blocking state [ 124.924986][ T5275] bridge0: port 1(batadv0) entered disabled state [ 124.930181][ T5275] device batadv0 entered promiscuous mode [ 124.939762][ T5282] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -2 [ 124.948114][ T5282] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #13: comm syz.0.223: invalid indirect mapped block 2683928664 (level 1) [ 124.960003][ T5275] bridge0: port 1(batadv0) entered blocking state [ 124.961341][ T5282] EXT4-fs (loop0): Remounting filesystem read-only [ 124.962104][ T5275] bridge0: port 1(batadv0) entered forwarding state [ 124.966063][ T5282] EXT4-fs (loop0): 1 truncate cleaned up [ 124.967700][ T5282] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 125.024602][ T5287] device batadv0 left promiscuous mode [ 125.027236][ T5287] bridge0: port 1(batadv0) entered disabled state [ 125.078423][ T5286] block device autoloading is deprecated and will be removed. [ 125.081083][ T5284] md2: error: bitmap file must be a regular file [ 125.215448][ T4302] EXT4-fs (loop0): unmounting filesystem. [ 125.331540][ T5292] netlink: 'syz.0.224': attribute type 4 has an invalid length. [ 125.421143][ T5296] device batadv0 entered promiscuous mode [ 125.439095][ T5296] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 125.454037][ T5296] bond0: (slave macvlan2): Enslaving as an active interface with an up link [ 125.459021][ T5299] netlink: 'syz.0.224': attribute type 4 has an invalid length. [ 125.483232][ T4349] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 125.514717][ T5301] netlink: 60 bytes leftover after parsing attributes in process `syz.1.227'. [ 125.895375][ T4378] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 125.974743][ T2060] ieee802154 phy0 wpan0: encryption failed: -22 [ 125.976793][ T2060] ieee802154 phy1 wpan1: encryption failed: -22 [ 128.243380][ T4563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 128.307718][ T5323] batman_adv: batadv0: Adding interface: ip6gretap1 [ 128.309522][ T5323] batman_adv: batadv0: The MTU of interface ip6gretap1 is too small (1434) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 129.264815][ T5323] batman_adv: batadv0: Not using interface ip6gretap1 (retrying later): interface not active [ 129.413062][ T4363] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 129.579359][ T4342] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 129.640234][ T5323] batman_adv: batadv0: Removing interface: ip6gretap1 [ 130.303071][ T4365] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 130.610482][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 130.675410][ T5353] loop1: detected capacity change from 0 to 64 [ 130.759605][ T5345] netlink: 28 bytes leftover after parsing attributes in process `syz.0.239'. [ 130.762392][ T5345] netlink: 8 bytes leftover after parsing attributes in process `syz.0.239'. [ 132.062107][ T5350] netlink: 'syz.0.239': attribute type 10 has an invalid length. [ 132.073694][ T5350] bridge0: port 1(team0) entered blocking state [ 132.152344][ T5350] bridge0: port 1(team0) entered disabled state [ 132.186507][ T5350] bridge0: port 1(team0) entered blocking state [ 132.189119][ T5350] bridge0: port 1(team0) entered forwarding state [ 132.372148][ T4342] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 133.297599][ T4363] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 135.176447][ T5369] netlink: 'syz.1.245': attribute type 11 has an invalid length. [ 135.273217][ T4342] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 135.435869][ T27] audit: type=1326 audit(391.380:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5378 comm="syz.2.250" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa7f5a9a8 code=0x7ffc0000 [ 135.491634][ T27] audit: type=1326 audit(391.430:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5378 comm="syz.2.250" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffa7f5a9a8 code=0x7ffc0000 [ 135.501464][ T27] audit: type=1326 audit(391.440:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5378 comm="syz.2.250" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa7f5a9a8 code=0x7ffc0000 [ 135.507737][ T27] audit: type=1326 audit(391.440:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5378 comm="syz.2.250" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa7f5a9a8 code=0x7ffc0000 [ 135.759020][ T27] audit: type=1326 audit(391.450:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5378 comm="syz.2.250" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=4 compat=0 ip=0xffffa7f5a9a8 code=0x7ffc0000 [ 136.079508][ T27] audit: type=1326 audit(391.450:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5378 comm="syz.2.250" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa7f5a9a8 code=0x7ffc0000 [ 136.284154][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 136.318179][ T27] audit: type=1326 audit(391.450:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5378 comm="syz.2.250" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa7f5a9a8 code=0x7ffc0000 [ 136.324367][ T27] audit: type=1326 audit(391.450:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5378 comm="syz.2.250" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffa7f5a9a8 code=0x7ffc0000 [ 136.330439][ T27] audit: type=1326 audit(391.450:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5378 comm="syz.2.250" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa7f5a9a8 code=0x7ffc0000 [ 136.336492][ T27] audit: type=1326 audit(391.450:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5378 comm="syz.2.250" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa7f5a9a8 code=0x7ffc0000 [ 136.368781][ T4363] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 137.330011][ T1515] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 137.514352][ T5403] loop2: detected capacity change from 0 to 128 [ 138.881252][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 138.999604][ T4874] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 139.031316][ T5403] EXT4-fs (loop2): Test dummy encryption mode enabled [ 139.058071][ T5403] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 139.129543][ T5416] loop4: detected capacity change from 0 to 4096 [ 139.320040][ T5416] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 139.452155][ T5425] fscrypt: AES-256-XTS using implementation "xts-aes-ce" [ 140.211457][ T4349] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 140.288690][ T4365] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 140.291153][ T4365] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 141.084817][ T4297] EXT4-fs (loop2): unmounting filesystem. [ 141.243810][ T5431] input: syz1 as /devices/virtual/input/input2 [ 141.286910][ T4309] EXT4-fs (loop4): unmounting filesystem. [ 141.323947][ T4342] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 141.545249][ T5445] syz.4.268 sent an empty control message without MSG_MORE. [ 141.548102][ T5436] syz.2.264 uses obsolete (PF_INET,SOCK_PACKET) [ 141.560699][ T11] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 143.097189][ T1515] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 143.137521][ T5456] loop1: detected capacity change from 0 to 128 [ 143.197495][ T5456] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 143.372963][ T4349] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 144.560234][ T4563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 144.597997][ T5462] loop3: detected capacity change from 0 to 16 [ 144.785568][ T4296] EXT4-fs (loop1): unmounting filesystem. [ 144.795421][ T5462] erofs: (device loop3): mounted with root inode @ nid 36. [ 144.914895][ T5473] input: syz1 as /devices/virtual/input/input3 [ 145.572823][ T1515] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 145.775464][ T5482] loop2: detected capacity change from 0 to 2048 [ 145.798428][ T5485] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 145.799179][ T5478] netlink: 8 bytes leftover after parsing attributes in process `syz.4.275'. [ 145.857926][ T5478] netlink: 'syz.4.275': attribute type 5 has an invalid length. [ 146.072495][ T5478] netlink: 28 bytes leftover after parsing attributes in process `syz.4.275'. [ 146.665878][ T4363] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 146.694635][ T1515] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 146.699782][ T5478] netdevsim netdevsim4 netdevsim0: set [1, 1] type 2 family 0 port 256 - 0 [ 146.702467][ T5478] netdevsim netdevsim4 netdevsim1: set [1, 1] type 2 family 0 port 256 - 0 [ 146.705024][ T5478] netdevsim netdevsim4 netdevsim2: set [1, 1] type 2 family 0 port 256 - 0 [ 146.707478][ T5478] netdevsim netdevsim4 netdevsim3: set [1, 1] type 2 family 0 port 256 - 0 [ 146.709665][ T5478] device geneve2 entered promiscuous mode [ 148.403292][ T1515] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 148.704861][ T5509] device gtp0 entered promiscuous mode [ 150.952414][ T4365] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 150.955060][ T4365] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 150.957751][ T1515] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 151.055512][ T5524] binder: 5521:5524 tried to acquire reference to desc 0, got 1 instead [ 151.087806][ T5524] binder: 5521:5524 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10) [ 151.091435][ T5524] binder: 5524 RLIMIT_NICE not set [ 151.100535][ T5524] binder: 5524 RLIMIT_NICE not set [ 151.103459][ T5524] binder: 5524 RLIMIT_NICE not set [ 151.110755][ T5524] binder: 5521:5524 got transaction with invalid data ptr [ 151.113287][ T5524] binder: 5521:5524 transaction reply to 5521:5524 failed 10/29201/-14, size 16384-0 line 3574 [ 151.121415][ T5524] binder: send failed reply for transaction 9 to 5521:5524 [ 151.172346][ T1515] binder: undelivered TRANSACTION_ERROR: 29190 [ 151.174712][ T1515] binder: undelivered TRANSACTION_COMPLETE [ 151.176406][ T1515] binder: undelivered TRANSACTION_ERROR: 29201 [ 151.220617][ T5532] loop3: detected capacity change from 0 to 1024 [ 151.226260][ T5532] EXT4-fs: Ignoring removed oldalloc option [ 151.228307][ T5532] EXT4-fs: Ignoring removed nobh option [ 151.229987][ T5532] EXT4-fs: Ignoring removed bh option [ 151.232117][ T5532] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 152.234511][ T5532] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 152.564350][ T1515] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 153.198151][ T4304] EXT4-fs (loop3): unmounting filesystem. [ 154.529961][ T5565] ptrace attach of "./syz-executor exec"[4296] was attempted by ""[5565] [ 155.255788][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 155.260696][ T4349] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 155.550287][ T5580] loop0: detected capacity change from 0 to 1024 [ 156.077636][ T5580] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 156.276691][ T5588] netlink: 24 bytes leftover after parsing attributes in process `syz.2.305'. [ 156.291214][ T4342] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 156.294001][ T4342] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 156.296560][ T4342] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 156.299043][ T4342] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 156.301682][ T4342] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 156.306003][ T1515] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 156.309873][ T4342] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 156.312689][ T4342] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 156.315342][ T4342] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 156.318016][ T4342] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 156.604196][ T5595] netlink: 12 bytes leftover after parsing attributes in process `syz.4.308'. [ 156.642347][ T5597] netlink: 8 bytes leftover after parsing attributes in process `syz.2.309'. [ 156.647595][ T5597] IPv6: ADDRCONF(NETDEV_CHANGE): gre1: link becomes ready [ 156.671778][ T4302] EXT4-fs (loop0): unmounting filesystem. [ 157.029446][ T5593] loop1: detected capacity change from 0 to 32768 [ 158.909263][ T5630] netlink: 'syz.2.319': attribute type 3 has an invalid length. [ 158.928940][ T5630] netlink: 'syz.2.319': attribute type 3 has an invalid length. [ 160.538104][ T5647] xt_nat: multiple ranges no longer supported [ 161.790917][ T14] net_ratelimit: 274 callbacks suppressed [ 161.790933][ T14] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 161.812544][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 161.818383][ T14] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 163.280670][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 163.346355][ T5664] loop3: detected capacity change from 0 to 512 [ 163.347068][ T5662] binder: 5661:5662 tried to acquire reference to desc 0, got 1 instead [ 163.410629][ T5664] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 163.483374][ T5665] loop0: detected capacity change from 0 to 1024 [ 163.485856][ T5665] EXT4-fs: Ignoring removed orlov option [ 163.517571][ T5662] binder: 5661:5662 ioctl c0306201 20000280 returned -14 [ 163.532625][ T5664] EXT4-fs: Cannot change quota options when quota turned on [ 163.537916][ T5665] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 163.539830][ T24] binder: undelivered TRANSACTION_COMPLETE [ 163.542077][ T24] binder: undelivered TRANSACTION_COMPLETE [ 163.564463][ T24] binder: undelivered transaction 16, process died. [ 163.568610][ T24] binder: undelivered transaction 15, process died. [ 163.882687][ T4301] Bluetooth: hci1: command 0x0406 tx timeout [ 163.884642][ T4305] Bluetooth: hci2: command 0x0406 tx timeout [ 163.886622][ T4305] Bluetooth: hci0: command 0x0406 tx timeout [ 164.276992][ T5665] Zero length message leads to an empty skb [ 164.297005][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 164.309998][ T4304] EXT4-fs (loop3): unmounting filesystem. [ 164.443512][ T5681] loop1: detected capacity change from 0 to 2048 [ 164.491918][ T5681] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 165.440802][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 165.453056][ T1515] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 165.521034][ T27] kauditd_printk_skb: 27 callbacks suppressed [ 165.521047][ T27] audit: type=1326 audit(421.460:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5686 comm="syz.4.334" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb735a9a8 code=0x7ffc0000 [ 165.522738][ T14] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 165.527152][ T27] audit: type=1326 audit(421.470:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5686 comm="syz.4.334" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb735a9a8 code=0x7ffc0000 [ 165.619558][ T4302] EXT4-fs (loop0): unmounting filesystem. [ 165.655270][ T27] audit: type=1326 audit(421.600:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5686 comm="syz.4.334" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=172 compat=0 ip=0xffffb735a9a8 code=0x7ffc0000 [ 165.661397][ T27] audit: type=1326 audit(421.600:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5686 comm="syz.4.334" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb735a9a8 code=0x7ffc0000 [ 165.718571][ T27] audit: type=1326 audit(421.600:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5686 comm="syz.4.334" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb735a9a8 code=0x7ffc0000 [ 166.972498][ T1515] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 166.980051][ T4407] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 166.990683][ T4445] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 166.996949][ T4363] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 167.036317][ T4363] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 167.069866][ T5709] loop1: detected capacity change from 0 to 128 [ 167.143275][ T5709] FAT-fs (loop1): bogus logical sector size 0 [ 167.145082][ T5709] FAT-fs (loop1): Can't find a valid FAT filesystem [ 167.181681][ T5711] netlink: 96 bytes leftover after parsing attributes in process `syz.2.340'. [ 168.053389][ T4342] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 168.602882][ T4407] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 170.623726][ T1515] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 172.508643][ T4300] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0 [ 172.511270][ T4300] Bluetooth: hci1: Injecting HCI hardware error event [ 172.525171][ T4300] Bluetooth: hci1: hardware error 0x00 [ 172.546552][ T14] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 172.656113][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 172.658646][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 172.662051][ T4416] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 173.001609][ T5763] Cannot find set identified by id 0 to match [ 173.044276][ T4407] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 173.781099][ T1515] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 173.785394][ T1515] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 174.456910][ T27] audit: type=1326 audit(430.340:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5771 comm="syz.2.362" exe="/root/syz-executor" sig=31 arch=c00000b7 syscall=98 compat=0 ip=0xffffa7f5a9a8 code=0x0 [ 175.108261][ T1515] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 175.197125][ T5779] xt_CT: You must specify a L4 protocol and not use inversions on it [ 175.303590][ T5785] loop3: detected capacity change from 0 to 2048 [ 175.404708][ T5785] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 176.130647][ T4342] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 176.189101][ T5785] netlink: 'syz.3.366': attribute type 13 has an invalid length. [ 176.190509][ T5797] xt_bpf: check failed: parse error [ 176.848095][ T5806] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 176.920566][ T4300] Bluetooth: hci1: Opcode 0x0c03 failed: -110 [ 177.082841][ T5811] loop0: detected capacity change from 0 to 1024 [ 177.102772][ T5811] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 177.928797][ T4342] net_ratelimit: 3 callbacks suppressed [ 177.928813][ T4342] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 177.985464][ T4304] EXT4-fs (loop3): unmounting filesystem. [ 178.205401][ T5823] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 179.483799][ T4342] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 179.502406][ T4416] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 179.514199][ T5823] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 179.559597][ T5811] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 180.640530][ T14] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 180.803002][ T4302] EXT4-fs (loop0): unmounting filesystem. [ 180.841828][ T5840] binder: 5839:5840 tried to acquire reference to desc 0, got 1 instead [ 180.850649][ T5840] binder: 5839:5840 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10) [ 180.856622][ T5840] binder: 5840 RLIMIT_NICE not set [ 180.858238][ T5840] binder: 5840 RLIMIT_NICE not set [ 180.860406][ T5840] binder: 5840 RLIMIT_NICE not set [ 180.862053][ T5840] binder_alloc: 5839: binder_alloc_buf size 61696 failed, no address space [ 180.868481][ T5840] binder_alloc: allocated: 0 (num: 0 largest: 0), free: 16384 (num: 1 largest: 16384) [ 180.871281][ T5840] binder: cannot allocate buffer: no space left [ 180.871312][ T5840] binder: 5839:5840 transaction reply to 5839:5840 failed 22/29201/-28, size 61695-0 line 3239 [ 180.923220][ T5840] binder: send failed reply for transaction 21 to 5839:5840 [ 181.007271][ T4349] binder: undelivered TRANSACTION_ERROR: 29190 [ 181.009519][ T4349] binder: undelivered TRANSACTION_COMPLETE [ 181.011311][ T4349] binder: undelivered TRANSACTION_ERROR: 29201 [ 181.032726][ T4342] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 181.179664][ T5844] netlink: 76 bytes leftover after parsing attributes in process `syz.4.382'. [ 182.527220][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 183.308678][ T4349] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 183.312658][ T4342] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 183.447771][ T5869] binder: 5868:5869 tried to acquire reference to desc 0, got 1 instead [ 183.453488][ T5869] binder: 5868:5869 tried to acquire reference to desc 0, got 2 instead [ 183.456269][ T5869] binder: tried to use weak ref as strong ref [ 183.458224][ T5869] binder: 5868:5869 got transaction to invalid handle, 1 [ 183.460142][ T5869] binder: 5869:5868 cannot find target node [ 183.461802][ T5869] binder: 5868:5869 transaction call to 0:0 failed 29/29201/-22, size 0-0 line 3054 [ 183.469998][ T14] binder: undelivered TRANSACTION_ERROR: 29201 [ 184.433818][ T4349] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 184.494952][ T4563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 186.367798][ T4378] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 186.603462][ T5900] netlink: 28 bytes leftover after parsing attributes in process `syz.3.397'. [ 187.405638][ T2060] ieee802154 phy0 wpan0: encryption failed: -22 [ 187.407591][ T2060] ieee802154 phy1 wpan1: encryption failed: -22 [ 187.410542][ T4342] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 187.488045][ T4407] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 187.697217][ T5920] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x1000 phys_seg 1 prio class 2 [ 187.701442][ T5920] XFS (loop1): SB validate failed with error -5. [ 189.134315][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 190.149395][ T5942] device syzkaller0 entered promiscuous mode [ 190.205316][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 190.278062][ T5948] loop3: detected capacity change from 0 to 512 [ 190.290195][ T5948] EXT4-fs: Ignoring removed mblk_io_submit option [ 190.299840][ T5948] EXT4-fs: Ignoring removed bh option [ 190.343982][ T5948] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 190.347180][ T5948] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 190.350644][ T5948] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 190.427657][ T5948] EXT4-fs (loop3): 1 truncate cleaned up [ 190.429411][ T5948] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 190.437610][ T5955] netlink: 28 bytes leftover after parsing attributes in process `syz.4.413'. [ 190.544388][ T14] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 190.646670][ T5962] loop2: detected capacity change from 0 to 1024 [ 190.750601][ T4304] EXT4-fs (loop3): unmounting filesystem. [ 190.839252][ T5967] binder: 5965:5967 tried to acquire reference to desc 0, got 1 instead [ 190.858263][ T14] binder: release 5965:5967 transaction 35 out, still active [ 190.860811][ T14] binder: undelivered TRANSACTION_COMPLETE [ 190.862967][ T14] binder: undelivered TRANSACTION_COMPLETE [ 190.904994][ T5964] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 190.961083][ T5964] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 190.966676][ T14] binder: undelivered transaction 34, process died. [ 190.968758][ T14] binder: send failed reply for transaction 35, target dead [ 190.976230][ T5964] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 191.705821][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 191.710248][ T5964] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 191.720310][ T5964] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 191.723284][ T5964] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 192.626865][ T5985] loop2: detected capacity change from 0 to 1024 [ 193.022344][ T5990] delete_channel: no stack [ 193.054133][ T5981] loop3: detected capacity change from 0 to 131072 [ 193.075075][ T5985] EXT4-fs: Ignoring removed nobh option [ 193.076623][ T5985] EXT4-fs: Ignoring removed bh option [ 193.084809][ T5981] F2FS-fs (loop3): Wrong CP boundary, start(512) end(1536) blocks(0) [ 193.087717][ T5981] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 193.100976][ T5981] F2FS-fs (loop3): invalid crc value [ 193.101073][ T5985] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 193.111827][ T27] audit: type=1326 audit(449.050:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5991 comm="syz.1.425" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff89b5a9a8 code=0x7ffc0000 [ 193.124273][ T27] audit: type=1326 audit(449.070:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5991 comm="syz.1.425" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff89b5a9a8 code=0x7ffc0000 [ 193.142757][ T27] audit: type=1326 audit(449.080:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5991 comm="syz.1.425" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=209 compat=0 ip=0xffff89b5a9a8 code=0x7ffc0000 [ 193.150467][ T5981] F2FS-fs (loop3): Found nat_bits in checkpoint [ 193.169952][ T5985] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 193.172796][ T27] audit: type=1326 audit(449.080:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5991 comm="syz.1.425" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff89b5a9a8 code=0x7ffc0000 [ 193.186945][ T27] audit: type=1326 audit(449.080:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5991 comm="syz.1.425" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff89b5a9a8 code=0x7ffc0000 [ 193.195360][ T27] audit: type=1326 audit(449.080:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5991 comm="syz.1.425" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=57 compat=0 ip=0xffff89b5a9a8 code=0x7ffc0000 [ 193.201506][ T27] audit: type=1326 audit(449.080:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5991 comm="syz.1.425" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff89b5a9a8 code=0x7ffc0000 [ 193.210444][ T27] audit: type=1326 audit(449.080:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5991 comm="syz.1.425" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff89b5a9a8 code=0x7ffc0000 [ 193.235439][ T5981] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 193.237612][ T5981] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4 [ 193.260403][ T5981] F2FS-fs (loop3): checksum invalid, nid = 4, ino_of_node = 4, 8e2acc4a vs. 159afe7 [ 193.425356][ T27] audit: type=1326 audit(449.080:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5991 comm="syz.1.425" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=198 compat=0 ip=0xffff89b5a9a8 code=0x7ffc0000 [ 193.522526][ T27] audit: type=1326 audit(449.080:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5991 comm="syz.1.425" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff89b5a9a8 code=0x7ffc0000 [ 193.588342][ T6002] loop0: detected capacity change from 0 to 16 [ 193.610192][ T5981] syz.3.422 (5981): drop_caches: 2 [ 193.611665][ T4297] EXT4-fs (loop2): unmounting filesystem. [ 193.664801][ T6002] erofs: Unknown parameter '' [ 193.794676][ T6009] netlink: 36 bytes leftover after parsing attributes in process `syz.2.429'. [ 194.071928][ T6017] netlink: 16 bytes leftover after parsing attributes in process `syz.3.430'. [ 194.161551][ T6018] loop4: detected capacity change from 0 to 128 [ 194.841040][ T4563] net_ratelimit: 368 callbacks suppressed [ 194.841055][ T4563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 194.866805][ T6018] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 195.146098][ T4309] EXT4-fs (loop4): unmounting filesystem. [ 195.333312][ T6026] netlink: 116 bytes leftover after parsing attributes in process `syz.0.434'. [ 196.163598][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 197.075344][ T4407] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 197.173870][ T6029] 9pnet_fd: Insufficient options for proto=fd [ 197.183600][ T6029] loop4: detected capacity change from 0 to 512 [ 197.194305][ T6029] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 197.232364][ T6029] EXT4-fs (loop4): required journal recovery suppressed and not mounted read-only [ 197.256505][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 197.263516][ T6039] loop2: detected capacity change from 0 to 1764 [ 197.475485][ T6039] Illegal XDP return value 4159772160 on prog (id 51) dev syz_tun, expect packet loss! [ 197.492728][ T4419] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 197.725458][ T6048] netlink: 'syz.3.440': attribute type 10 has an invalid length. [ 198.016274][ T6060] loop1: detected capacity change from 0 to 1024 [ 199.844103][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 199.852782][ T6060] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 199.990503][ T6048] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 200.013412][ T6055] netlink: 4 bytes leftover after parsing attributes in process `syz.2.443'. [ 200.082967][ T6064] netlink: 4 bytes leftover after parsing attributes in process `syz.2.443'. [ 200.122578][ T14] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 201.119413][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 201.171671][ T6083] netlink: 12 bytes leftover after parsing attributes in process `syz.1.451'. [ 202.137710][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 202.325731][ T6098] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 203.197824][ T4342] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 203.923123][ T14] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 203.928104][ T4407] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 204.203277][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 204.591607][ T6133] loop1: detected capacity change from 0 to 512 [ 204.627586][ T6133] EXT4-fs error (device loop1): ext4_orphan_get:1400: inode #15: comm syz.1.465: casefold flag without casefold feature [ 204.655597][ T6133] EXT4-fs error (device loop1): ext4_orphan_get:1405: comm syz.1.465: couldn't read orphan inode 15 (err -117) [ 204.669455][ T6133] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 204.826570][ T6141] binder: 6139:6141 tried to acquire reference to desc 0, got 1 instead [ 204.830488][ T6141] binder: 6139:6141 got transaction with invalid data ptr [ 204.840556][ T6141] binder: 6139:6141 transaction async to 6139:0 failed 41/29201/-14, size 0-24 line 3342 [ 204.844676][ T6141] binder: 6139:6141 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10) [ 204.856950][ T6141] binder: 6141 RLIMIT_NICE not set [ 204.858709][ T6141] binder: 6141 RLIMIT_NICE not set [ 204.861144][ T6141] binder: 6141 RLIMIT_NICE not set [ 204.866792][ T6141] binder_alloc: 6139: binder_alloc_buf, no vma [ 204.868557][ T6141] binder: cannot allocate buffer: vma cleared, target dead or dying [ 204.868588][ T6141] binder: 6139:6141 transaction reply to 6139:6141 failed 42/29189/-3, size 0-0 line 3239 [ 204.874887][ T6141] binder: send failed reply for transaction 40 to 6139:6141 [ 204.879644][ T14] binder: undelivered TRANSACTION_COMPLETE [ 204.881298][ T14] binder: undelivered TRANSACTION_ERROR: 29201 [ 204.887367][ T14] binder: undelivered TRANSACTION_ERROR: 29189 [ 204.894499][ T24] binder: undelivered TRANSACTION_ERROR: 29190 [ 205.023269][ T4296] EXT4-fs (loop1): unmounting filesystem. [ 205.246658][ T4342] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 206.957507][ T4563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 207.002673][ T4363] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 209.279627][ T6165] loop2: detected capacity change from 0 to 4096 [ 209.327455][ T6174] loop0: detected capacity change from 0 to 256 [ 209.346467][ T4342] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 209.368384][ T6177] netlink: 28 bytes leftover after parsing attributes in process `syz.3.480'. [ 209.371123][ T6177] netlink: 28 bytes leftover after parsing attributes in process `syz.3.480'. [ 209.377369][ T1700] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 209.396006][ T4342] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 209.400929][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 210.218788][ T4363] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 210.260537][ T6174] FAT-fs (loop0): Directory bread(block 64) failed [ 210.286615][ T6174] FAT-fs (loop0): Directory bread(block 65) failed [ 210.288658][ T6174] FAT-fs (loop0): Directory bread(block 66) failed [ 210.304333][ T6174] FAT-fs (loop0): Directory bread(block 67) failed [ 210.307002][ T6174] FAT-fs (loop0): Directory bread(block 68) failed [ 210.308994][ T6174] FAT-fs (loop0): Directory bread(block 69) failed [ 210.310898][ T6174] FAT-fs (loop0): Directory bread(block 70) failed [ 210.322439][ T6174] FAT-fs (loop0): Directory bread(block 71) failed [ 210.324469][ T6174] FAT-fs (loop0): Directory bread(block 72) failed [ 210.326422][ T6174] FAT-fs (loop0): Directory bread(block 73) failed [ 210.401945][ T6188] netlink: 32 bytes leftover after parsing attributes in process `syz.4.484'. [ 210.566695][ T4563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 211.322015][ T6188] netlink: 32 bytes leftover after parsing attributes in process `syz.4.484'. [ 212.436433][ T4563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 212.482970][ T6213] loop1: detected capacity change from 0 to 512 [ 212.528618][ T6213] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 212.583483][ T6213] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 213.622480][ T4363] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 213.624999][ T4363] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 213.685024][ T4342] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 213.767675][ T6236] loop2: detected capacity change from 0 to 1024 [ 213.776826][ T6236] EXT4-fs (loop2): revision level too high, forcing read-only mode [ 213.779925][ T6236] EXT4-fs (loop2): orphan cleanup on readonly fs [ 213.784277][ T6236] EXT4-fs error (device loop2): ext4_free_blocks:6210: comm syz.2.496: Freeing blocks not in datazone - block = 0, count = 4096 [ 213.917062][ T6236] EXT4-fs (loop2): 1 orphan inode deleted [ 213.918866][ T6236] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 214.844512][ T4296] EXT4-fs (loop1): unmounting filesystem. [ 214.908599][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 215.099418][ T4297] EXT4-fs (loop2): unmounting filesystem. [ 215.973476][ T4378] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 216.683753][ T4407] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 216.728621][ T6273] loop2: detected capacity change from 0 to 512 [ 216.855682][ T6280] loop3: detected capacity change from 0 to 256 [ 217.008589][ T4563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 217.092754][ T6280] FAT-fs (loop3): Directory bread(block 64) failed [ 217.094818][ T6280] FAT-fs (loop3): Directory bread(block 65) failed [ 217.097336][ T6280] FAT-fs (loop3): Directory bread(block 66) failed [ 217.099362][ T6280] FAT-fs (loop3): Directory bread(block 67) failed [ 217.101805][ T6280] FAT-fs (loop3): Directory bread(block 68) failed [ 217.103958][ T6280] FAT-fs (loop3): Directory bread(block 69) failed [ 217.106449][ T6280] FAT-fs (loop3): Directory bread(block 70) failed [ 217.108402][ T6280] FAT-fs (loop3): Directory bread(block 71) failed [ 217.110845][ T6280] FAT-fs (loop3): Directory bread(block 72) failed [ 217.112900][ T6280] FAT-fs (loop3): Directory bread(block 73) failed [ 217.574407][ T6273] EXT4-fs warning (device loop2): ext4_expand_extra_isize_ea:2818: Unable to expand inode 11. Delete some EAs or run e2fsck. [ 217.579505][ T6273] EXT4-fs (loop2): 1 truncate cleaned up [ 217.590963][ T6273] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 218.673111][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 218.693684][ T6294] netlink: 8 bytes leftover after parsing attributes in process `syz.1.513'. [ 218.984861][ T6353] netlink: 4 bytes leftover after parsing attributes in process `syz.3.514'. [ 219.407459][ T4297] EXT4-fs (loop2): unmounting filesystem. [ 219.524964][ T6384] xt_bpf: check failed: parse error [ 219.723031][ T4378] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 219.763935][ T6386] mac80211_hwsim hwsim10 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33) [ 219.830513][ T4363] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 221.203730][ T4563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 221.254062][ T6390] netlink: 136 bytes leftover after parsing attributes in process `syz.4.519'. [ 221.264173][ T6403] tipc: Started in network mode [ 221.265734][ T6403] tipc: Node identity ac1414aa, cluster identity 4711 [ 221.268820][ T6403] tipc: Enabled bearer , priority 10 [ 221.311366][ T6403] tipc: Enabled bearer , priority 0 [ 221.348822][ T6408] loop1: detected capacity change from 0 to 64 [ 221.380759][ T6408] BFS-fs: bfs_fill_super(): loop1 is unclean, continuing [ 221.392348][ T6408] BFS-fs: bfs_fill_super(): Inode 0x00000002 corrupted on loop1 [ 221.493751][ T6417] netlink: 'syz.3.531': attribute type 8 has an invalid length. [ 221.511536][ T6410] loop2: detected capacity change from 0 to 2048 [ 221.609444][ T4419] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 221.630969][ T6408] netlink: 'syz.1.527': attribute type 2 has an invalid length. [ 222.465887][ T4378] tipc: Node number set to 2886997162 [ 222.468433][ T4378] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 223.283034][ T4363] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 223.299841][ T14] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 223.608008][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 224.685092][ T4378] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 225.823562][ T4563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 225.909669][ T6452] loop2: detected capacity change from 0 to 128 [ 226.526819][ T4363] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 227.471654][ T4563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 227.539642][ T6464] netlink: 4 bytes leftover after parsing attributes in process `syz.1.545'. [ 227.563778][ T6466] xt_hashlimit: overflow, try lower: 18446744073709551615/255 [ 228.548794][ T4563] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 229.578803][ T14] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 229.629530][ T4378] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 231.596492][ T6496] bridge0: port 2(vlan2) entered blocking state [ 231.608706][ T6496] bridge0: port 2(vlan2) entered disabled state [ 231.623884][ T6496] device vlan2 entered promiscuous mode [ 231.625464][ T6496] device bond0 entered promiscuous mode [ 231.656882][ T4378] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 231.678312][ T6496] device team0 entered promiscuous mode [ 231.714234][ T6498] loop3: detected capacity change from 0 to 64 [ 231.837188][ T6498] hfs: invalid btree extent records (0 size) [ 231.843641][ T6498] hfs: unable to open catalog tree [ 231.845660][ T6498] hfs: can't find a HFS filesystem on dev loop3 [ 231.919600][ T6504] loop0: detected capacity change from 0 to 2048 [ 231.947457][ T6504] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 233.005865][ T6504] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz.0.558: bg 0: block 234: padding at end of block bitmap is not set [ 234.306526][ T6504] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 286 with error 28 [ 234.310296][ T6504] EXT4-fs (loop0): This should not happen!! Data will be lost [ 234.310296][ T6504] [ 234.345467][ T6504] EXT4-fs (loop0): Total free blocks count 0 [ 234.347247][ T6504] EXT4-fs (loop0): Free/Dirty block details [ 234.375499][ T6504] EXT4-fs (loop0): free_blocks=0 [ 234.376997][ T6504] EXT4-fs (loop0): dirty_blocks=288 [ 234.378429][ T6504] EXT4-fs (loop0): Block reservation details [ 234.380105][ T6504] EXT4-fs (loop0): i_reserved_data_blocks=18 [ 236.181985][ T4302] EXT4-fs (loop0): unmounting filesystem. [ 236.263546][ T6540] loop1: detected capacity change from 0 to 512 [ 236.274727][ T6534] loop3: detected capacity change from 0 to 4096 [ 236.287082][ T6540] EXT4-fs (loop1): Test dummy encryption mode enabled [ 236.289060][ T6540] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 236.313743][ T6540] EXT4-fs error (device loop1): ext4_orphan_get:1426: comm syz.1.568: bad orphan inode 131083 [ 236.326141][ T6534] ntfs: volume version 3.1. [ 236.326975][ T6540] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 236.345961][ T6538] netlink: 32 bytes leftover after parsing attributes in process `syz.2.567'. [ 236.443045][ T6548] netlink: 'syz.2.570': attribute type 1 has an invalid length. [ 236.474381][ T6548] bond1: (slave ip6gretap1): Enslaving as a backup interface with an up link [ 236.563363][ T6548] device veth5 entered promiscuous mode [ 236.573963][ T6548] bond1: (slave veth5): Enslaving as a backup interface with a down link [ 236.831430][ T4296] EXT4-fs (loop1): unmounting filesystem. [ 237.716968][ T6567] loop0: detected capacity change from 0 to 512 [ 237.893333][ T6567] EXT4-fs (loop0): orphan cleanup on readonly fs [ 237.910876][ T6567] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz.0.575: bg 0: block 248: padding at end of block bitmap is not set [ 238.048836][ T6567] __quota_error: 46 callbacks suppressed [ 238.049104][ T6567] Quota error (device loop0): write_blk: dquota write failed [ 238.233432][ T6567] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota [ 238.428643][ T6567] EXT4-fs error (device loop0): ext4_acquire_dquot:6814: comm syz.0.575: Failed to acquire dquot type 1 [ 238.633774][ T6567] EXT4-fs (loop0): 1 truncate cleaned up [ 238.642083][ T6567] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 238.752477][ T6582] netlink: set zone limit has 8 unknown bytes [ 238.788549][ T6584] EXT4-fs (loop0): warning: mounting fs with errors, running e2fsck is recommended [ 238.904261][ T6584] EXT4-fs (loop0): re-mounted. Quota mode: writeback. [ 238.908024][ T6586] Quota error (device loop0): do_check_range: Getting block 1536 out of range 0-5 [ 238.969688][ T6567] could not allocate digest TFM handle sha1-ssse3 [ 239.137525][ T27] audit: type=1326 audit(495.080:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6596 comm="syz.3.584" exe="/root/syz-executor" sig=31 arch=c00000b7 syscall=98 compat=0 ip=0xffffb435a9a8 code=0x0 [ 240.161544][ T4302] EXT4-fs (loop0): unmounting filesystem. [ 240.377005][ T6607] loop0: detected capacity change from 0 to 8192 [ 243.121850][ T4874] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 245.490484][ T6644] netlink: 4 bytes leftover after parsing attributes in process `syz.3.597'. [ 245.842095][ T6649] loop0: detected capacity change from 0 to 256 [ 246.030028][ T6649] FAT-fs (loop0): Directory bread(block 64) failed [ 246.032099][ T6649] FAT-fs (loop0): Directory bread(block 65) failed [ 246.034608][ T6649] FAT-fs (loop0): Directory bread(block 66) failed [ 246.036587][ T6649] FAT-fs (loop0): Directory bread(block 67) failed [ 246.039098][ T6649] FAT-fs (loop0): Directory bread(block 68) failed [ 246.041191][ T6649] FAT-fs (loop0): Directory bread(block 69) failed [ 246.043546][ T6649] FAT-fs (loop0): Directory bread(block 70) failed [ 246.045486][ T6649] FAT-fs (loop0): Directory bread(block 71) failed [ 246.047897][ T6649] FAT-fs (loop0): Directory bread(block 72) failed [ 246.049859][ T6649] FAT-fs (loop0): Directory bread(block 73) failed [ 246.933920][ T6658] loop0: detected capacity change from 0 to 512 [ 249.623582][ T6664] loop1: detected capacity change from 0 to 512 [ 249.627319][ T2060] ieee802154 phy0 wpan0: encryption failed: -22 [ 249.629440][ T2060] ieee802154 phy1 wpan1: encryption failed: -22 [ 249.815385][ T6658] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 250.085344][ T6664] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 250.294647][ T6664] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters [ 250.324246][ T6658] EXT4-fs warning (device loop0): ext4_multi_mount_protect:404: Unable to create kmmpd thread for loop0. [ 250.424799][ T6671] loop3: detected capacity change from 0 to 512 [ 250.432253][ T6671] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 250.451692][ T6671] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -2 [ 250.454891][ T6671] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #13: comm syz.3.602: invalid indirect mapped block 2683928664 (level 1) [ 250.460387][ T6671] EXT4-fs (loop3): Remounting filesystem read-only [ 250.465992][ T6671] EXT4-fs (loop3): 1 truncate cleaned up [ 250.467734][ T6671] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 250.527028][ T4296] EXT4-fs (loop1): unmounting filesystem. [ 250.532465][ T6672] Dead loop on virtual device ip6_vti0, fix it urgently! [ 250.629186][ T6677] loop1: detected capacity change from 0 to 512 [ 250.660593][ T6677] rdma_rxe: rxe_register_device failed with error -23 [ 250.670249][ T6677] rdma_rxe: failed to add syz_tun [ 250.686489][ T4304] EXT4-fs (loop3): unmounting filesystem. [ 250.764866][ T6680] batman_adv: batadv0: Adding interface: dummy0 [ 250.768903][ T6680] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 250.789233][ T6680] batman_adv: batadv0: Interface activated: dummy0 [ 251.007803][ T6680] batadv0: mtu less than device minimum [ 251.014539][ T6680] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 251.020780][ T6680] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 251.026857][ T6680] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 251.032984][ T6680] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 251.038795][ T6680] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 251.044701][ T6680] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 251.050663][ T6680] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 251.056602][ T6680] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 252.198257][ T6699] loop0: detected capacity change from 0 to 512 [ 252.229160][ T6699] EXT2-fs (loop0): warning: mounting ext3 filesystem as ext2 [ 254.832837][ T6722] loop3: detected capacity change from 0 to 512 [ 256.530949][ T6722] EXT4-fs: failed to create workqueue [ 256.532516][ T6722] EXT4-fs (loop3): mount failed [ 257.510554][ T6735] loop1: detected capacity change from 0 to 1024 [ 257.565917][ T6731] binder: 6730:6731 tried to acquire reference to desc 0, got 1 instead [ 257.569005][ T6735] EXT4-fs: Ignoring removed orlov option [ 257.586576][ T6731] binder: 6730:6731 ioctl c0306201 20000280 returned -14 [ 257.624818][ T4407] binder: undelivered TRANSACTION_COMPLETE [ 257.626429][ T4407] binder: undelivered TRANSACTION_COMPLETE [ 257.736624][ T4407] binder: undelivered transaction 48, process died. [ 257.738469][ T4407] binder: undelivered transaction 47, process died. [ 257.772455][ T6735] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 259.468929][ T4296] EXT4-fs (loop1): unmounting filesystem. [ 259.534042][ T6756] loop2: detected capacity change from 0 to 2048 [ 259.682930][ T6756] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 259.831326][ C0] af_packet: tpacket_rcv: packet too big, clamped from 102 to 4294967272. macoff=96 [ 259.845889][ T6771] binder: 6770:6771 tried to acquire reference to desc 0, got 1 instead [ 259.850219][ T6771] binder: 6770:6771 sending u0000000000000002 node 54, cookie mismatch 0000000002000000 != 0000000000000000 [ 259.857063][ T6771] binder: 6771:6770 translate binder failed [ 259.858674][ T6771] binder: 6770:6771 transaction call to 6770:0 failed 60/29201/-22, size 80-24 line 3383 [ 259.864959][ T4407] binder: undelivered TRANSACTION_COMPLETE [ 259.866520][ T4407] binder: undelivered TRANSACTION_ERROR: 29201 [ 260.719384][ T4407] binder: undelivered transaction 53, process died. [ 260.736730][ T4297] EXT4-fs (loop2): unmounting filesystem. [ 260.748242][ T6774] netlink: 8 bytes leftover after parsing attributes in process `syz.1.630'. [ 260.750788][ T6774] netlink: 'syz.1.630': attribute type 5 has an invalid length. [ 260.754037][ T6774] netlink: 28 bytes leftover after parsing attributes in process `syz.1.630'. [ 260.758743][ T6774] netdevsim netdevsim1 netdevsim0: set [1, 1] type 2 family 0 port 256 - 0 [ 260.761172][ T6774] netdevsim netdevsim1 netdevsim1: set [1, 1] type 2 family 0 port 256 - 0 [ 260.764197][ T6774] netdevsim netdevsim1 netdevsim2: set [1, 1] type 2 family 0 port 256 - 0 [ 260.766529][ T6774] netdevsim netdevsim1 netdevsim3: set [1, 1] type 2 family 0 port 256 - 0 [ 260.768855][ T6774] device geneve2 entered promiscuous mode [ 260.793601][ T6777] loop0: detected capacity change from 0 to 128 [ 260.884990][ T6777] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 262.590573][ T6790] netlink: 348 bytes leftover after parsing attributes in process `syz.2.633'. [ 262.909992][ T6794] loop3: detected capacity change from 0 to 512 [ 262.988631][ T6794] rdma_rxe: rxe_register_device failed with error -23 [ 262.990636][ T6794] rdma_rxe: failed to add syz_tun [ 263.181647][ T4302] EXT4-fs (loop0): unmounting filesystem. [ 263.373059][ T6800] loop1: detected capacity change from 0 to 1024 [ 267.294823][ T6827] loop3: detected capacity change from 0 to 2048 [ 267.343506][ T6827] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 270.007045][ T6846] netlink: 'syz.4.649': attribute type 1 has an invalid length. [ 271.014738][ T6846] bond1: (slave ip6gretap1): Enslaving as a backup interface with an up link [ 271.148532][ T6853] loop3: detected capacity change from 0 to 128 [ 271.191769][ T6846] device veth3 entered promiscuous mode [ 271.199135][ T6846] bond1: (slave veth3): Enslaving as a backup interface with a down link [ 271.206825][ T6853] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 274.417331][ T4304] EXT4-fs (loop3): unmounting filesystem. [ 274.638097][ T6879] loop1: detected capacity change from 0 to 512 [ 274.640398][ T6879] EXT4-fs: Ignoring removed mblk_io_submit option [ 274.652416][ T6879] EXT4-fs: Ignoring removed bh option [ 274.654728][ T6879] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 275.560538][ T6879] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 275.613345][ T6879] EXT4-fs (loop1): 1 truncate cleaned up [ 275.615051][ T6879] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 275.883831][ T4296] EXT4-fs (loop1): unmounting filesystem. [ 276.660983][ T4874] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 277.821391][ T6906] netlink: 'syz.1.666': attribute type 1 has an invalid length. [ 277.878564][ T6910] tmpfs: Unknown parameter 'nolazytime' [ 277.922507][ T6904] netlink: 12 bytes leftover after parsing attributes in process `syz.4.667'. [ 277.946357][ T6911] loop2: detected capacity change from 0 to 4096 [ 277.957618][ T6906] bond1: (slave ip6gretap1): Enslaving as a backup interface with an up link [ 278.066684][ T6906] device veth5 entered promiscuous mode [ 278.070241][ T6906] bond1: (slave veth5): Enslaving as a backup interface with a down link [ 278.239043][ T6911] Injecting memory failure for pfn 0x1360e9 at process virtual address 0x20000000 [ 278.246951][ T6911] Memory failure: 0x1360e9: corrupted page was clean: dropped without side effects [ 278.250621][ T6911] Memory failure: 0x1360e9: recovery action for clean LRU page: Recovered [ 278.253955][ T6911] Injecting memory failure for pfn 0x135c48 at process virtual address 0x20001000 [ 278.275206][ T6911] Memory failure: 0x135c48: corrupted page was clean: dropped without side effects [ 278.277947][ T6911] Memory failure: 0x135c48: recovery action for clean LRU page: Recovered [ 278.287003][ T6911] Injecting memory failure for pfn 0x1217af at process virtual address 0x20002000 [ 278.289386][ T6923] netlink: 4 bytes leftover after parsing attributes in process `syz.3.674'. [ 278.289829][ T6911] Memory failure: 0x1217af: corrupted page was clean: dropped without side effects [ 278.319940][ T6911] Memory failure: 0x1217af: recovery action for clean LRU page: Recovered [ 278.323762][ T6911] Injecting memory failure for pfn 0x121bea at process virtual address 0x20003000 [ 278.441299][ T6911] Memory failure: 0x121bea: corrupted page was clean: dropped without side effects [ 278.444537][ T6911] Memory failure: 0x121bea: recovery action for clean LRU page: Recovered [ 278.446942][ T6911] Injecting memory failure for pfn 0x121b40 at process virtual address 0x20004000 [ 278.458060][ T6911] Memory failure: 0x121b40: corrupted page was clean: dropped without side effects [ 278.460980][ T6911] Memory failure: 0x121b40: recovery action for clean LRU page: Recovered [ 278.463614][ T6911] Injecting memory failure for pfn 0x137ce1 at process virtual address 0x20005000 [ 278.466336][ T6911] Memory failure: 0x137ce1: corrupted page was clean: dropped without side effects [ 278.469515][ T6911] Memory failure: 0x137ce1: recovery action for clean LRU page: Recovered [ 278.471901][ T6911] Injecting memory failure for pfn 0x121a41 at process virtual address 0x20006000 [ 278.474842][ T6911] Memory failure: 0x121a41: corrupted page was clean: dropped without side effects [ 278.477581][ T6911] Memory failure: 0x121a41: recovery action for clean LRU page: Recovered [ 278.479978][ T6911] Injecting memory failure for pfn 0x1361f2 at process virtual address 0x20007000 [ 278.482871][ T6911] Memory failure: 0x1361f2: corrupted page was clean: dropped without side effects [ 278.485488][ T6911] Memory failure: 0x1361f2: recovery action for clean LRU page: Recovered [ 278.487848][ T6911] Injecting memory failure for pfn 0x13b0a3 at process virtual address 0x20008000 [ 278.490414][ T6911] Memory failure: 0x13b0a3: corrupted page was clean: dropped without side effects [ 278.493104][ T6911] Memory failure: 0x13b0a3: recovery action for clean LRU page: Recovered [ 278.495447][ T6911] Injecting memory failure for pfn 0x11d50b at process virtual address 0x20009000 [ 278.498018][ T6911] Memory failure: 0x11d50b: corrupted page was clean: dropped without side effects [ 278.500717][ T6911] Memory failure: 0x11d50b: recovery action for clean LRU page: Recovered [ 278.504815][ T6911] Injecting memory failure for pfn 0x13b1b4 at process virtual address 0x2000a000 [ 279.395078][ T6911] Memory failure: 0x13b1b4: corrupted page was clean: dropped without side effects [ 279.432700][ T6911] Memory failure: 0x13b1b4: recovery action for clean LRU page: Recovered [ 279.435152][ T6911] Injecting memory failure for pfn 0x138bc0 at process virtual address 0x2000b000 [ 279.599296][ T6911] Memory failure: 0x138bc0: corrupted page was clean: dropped without side effects [ 279.602058][ T6911] Memory failure: 0x138bc0: recovery action for clean LRU page: Recovered [ 279.604852][ T6911] Injecting memory failure for pfn 0x1239e5 at process virtual address 0x2000c000 [ 280.149217][ T6911] Memory failure: 0x1239e5: corrupted page was clean: dropped without side effects [ 280.152934][ T6911] Memory failure: 0x1239e5: recovery action for clean LRU page: Recovered [ 280.166264][ T6911] Injecting memory failure for pfn 0x1206d8 at process virtual address 0x2000d000 [ 280.910180][ T6911] Memory failure: 0x1206d8: corrupted page was clean: dropped without side effects [ 280.922593][ T6911] Memory failure: 0x1206d8: recovery action for clean LRU page: Recovered [ 280.925151][ T6911] Injecting memory failure for pfn 0x13b1ec at process virtual address 0x2000e000 [ 281.116808][ T6911] Memory failure: 0x13b1ec: corrupted page was clean: dropped without side effects [ 281.119593][ T6911] Memory failure: 0x13b1ec: recovery action for clean LRU page: Recovered [ 281.121958][ T6911] Injecting memory failure for pfn 0x121b52 at process virtual address 0x2000f000 [ 281.151119][ T6911] Memory failure: 0x121b52: corrupted page was clean: dropped without side effects [ 282.600827][ T6911] Memory failure: 0x121b52: recovery action for clean LRU page: Recovered [ 283.273748][ T4297] ntfs3: loop2: ntfs_evict_inode r=5 failed, -22. [ 283.276827][ T4297] ntfs3: loop2: Mark volume as dirty due to NTFS errors [ 283.564743][ T27] audit: type=1326 audit(539.510:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6971 comm="syz.0.687" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffabb5a9a8 code=0x7ffc0000 [ 283.572627][ T27] audit: type=1326 audit(539.520:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6971 comm="syz.0.687" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffabb5a9a8 code=0x7ffc0000 [ 283.640744][ T27] audit: type=1326 audit(539.560:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6971 comm="syz.0.687" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=211 compat=0 ip=0xffffabb5a9a8 code=0x7ffc0000 [ 283.661079][ T6972] loop1: detected capacity change from 0 to 4096 [ 283.674537][ T6980] loop2: detected capacity change from 0 to 8192 [ 283.682123][ T27] audit: type=1326 audit(539.560:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6971 comm="syz.0.687" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffabb5a9a8 code=0x7ffc0000 [ 283.862810][ T6982] netlink: 4 bytes leftover after parsing attributes in process `syz.4.689'. [ 283.879358][ T27] audit: type=1326 audit(539.560:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6971 comm="syz.0.687" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffabb5a9a8 code=0x7ffc0000 [ 285.503736][ T27] audit: type=1326 audit(539.560:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6971 comm="syz.0.687" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=56 compat=0 ip=0xffffabb58ed4 code=0x7ffc0000 [ 285.509891][ T27] audit: type=1326 audit(539.560:110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6971 comm="syz.0.687" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffabb5a9a8 code=0x7ffc0000 [ 285.519988][ T27] audit: type=1326 audit(539.560:111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6971 comm="syz.0.687" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffabb5a9a8 code=0x7ffc0000 [ 285.526606][ T27] audit: type=1326 audit(539.570:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6971 comm="syz.0.687" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=29 compat=0 ip=0xffffabb5a9a8 code=0x7ffc0000 [ 285.533169][ T27] audit: type=1326 audit(539.570:113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6971 comm="syz.0.687" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffabb5a9a8 code=0x7ffc0000 [ 285.849716][ T6972] Injecting memory failure for pfn 0x13ab3b at process virtual address 0x20000000 [ 285.866042][ T6972] Memory failure: 0x13ab3b: corrupted page was clean: dropped without side effects [ 285.868752][ T6972] Memory failure: 0x13ab3b: recovery action for clean LRU page: Recovered [ 286.235855][ T6972] Injecting memory failure for pfn 0x13ab3c at process virtual address 0x20001000 [ 286.455038][ T6972] Memory failure: 0x13ab3c: corrupted page was clean: dropped without side effects [ 286.686252][ T6972] Memory failure: 0x13ab3c: recovery action for clean LRU page: Recovered [ 286.688679][ T6972] Injecting memory failure for pfn 0x13ab3d at process virtual address 0x20002000 [ 286.777341][ T6972] Memory failure: 0x13ab3d: corrupted page was clean: dropped without side effects [ 286.780185][ T6972] Memory failure: 0x13ab3d: Failed to invalidate [ 287.491727][ T6972] Memory failure: 0x13ab3d: clean LRU page still referenced by 1 users [ 287.510723][ T6972] Memory failure: 0x13ab3d: recovery action for clean LRU page: Failed [ 287.642618][ T4296] ntfs3: loop1: ntfs_evict_inode r=5 failed, -22. [ 287.644454][ T4296] ntfs3: loop1: Mark volume as dirty due to NTFS errors [ 292.808578][ T7052] input: syz1 as /devices/virtual/input/input4 [ 295.133209][ T7046] loop3: detected capacity change from 0 to 8192 [ 305.945745][ T7148] netlink: 'syz.3.733': attribute type 4 has an invalid length. [ 308.130715][ T7169] netlink: 28 bytes leftover after parsing attributes in process `syz.2.748'. [ 308.143959][ T7169] netlink: 28 bytes leftover after parsing attributes in process `syz.2.748'. [ 309.671122][ T4664] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 310.290156][ T2060] ieee802154 phy0 wpan0: encryption failed: -22 [ 310.298358][ T2060] ieee802154 phy1 wpan1: encryption failed: -22 [ 310.579028][ T7186] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 310.581582][ T7186] IPv6: NLM_F_CREATE should be set when creating new route [ 310.670987][ T27] kauditd_printk_skb: 25 callbacks suppressed [ 310.670999][ T27] audit: type=1326 audit(566.610:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7183 comm="syz.0.738" exe="/root/syz-executor" sig=31 arch=c00000b7 syscall=98 compat=0 ip=0xffffabb5a9a8 code=0x0 [ 312.517798][ T7197] netlink: 12 bytes leftover after parsing attributes in process `syz.2.742'. [ 314.682771][ T7224] netlink: 4 bytes leftover after parsing attributes in process `syz.4.752'. [ 314.728523][ T7227] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 314.744934][ T7227] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 314.809966][ T7227] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 314.812897][ T7227] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 314.815221][ T7227] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 314.817701][ T7227] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 314.825762][ T7227] bond0: (slave vxlan0): Enslaving as an active interface with an up link [ 315.779890][ T7238] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 315.794116][ T7238] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 316.785222][ T27] audit: type=1400 audit(572.730:140): apparmor="DENIED" operation="stack_onexec" info="label not found" error=-2 profile="unconfined" name=3A1CD2A12F2F263E pid=7239 comm="syz.3.760" [ 322.345684][ T7263] loop1: detected capacity change from 0 to 40427 [ 322.376231][ T7263] F2FS-fs (loop1): Invalid SB checksum offset: 0 [ 322.378030][ T7263] F2FS-fs (loop1): Can't find valid F2FS filesystem in 2th superblock [ 322.393183][ T7263] F2FS-fs (loop1): invalid crc value [ 322.414541][ T7263] F2FS-fs (loop1): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437) [ 323.315120][ T7299] loop3: detected capacity change from 0 to 128 [ 323.317805][ T7299] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 326.766371][ T7338] loop2: detected capacity change from 0 to 16 [ 326.896138][ T7338] erofs: (device loop2): mounted with root inode @ nid 36. [ 327.205753][ T4300] erofs: (device loop2): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[9000] [ 327.210448][ T7338] erofs: (device loop2): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[9000] [ 327.217480][ T7338] erofs: (device loop2): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[9000] [ 327.221770][ T7338] erofs: (device loop2): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[9000] [ 327.226538][ T7338] erofs: (device loop2): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[9000] [ 338.147667][ T7418] loop1: detected capacity change from 0 to 256 [ 338.853487][ T7418] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x0ede1155, utbl_chksum : 0xe619d30d) [ 342.732059][ T7445] syz.0.812 (7445): drop_caches: 1 [ 342.737110][ T4390] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 342.775630][ T7445] syz.0.812 (7445): drop_caches: 1 [ 346.511314][ T7491] loop1: detected capacity change from 0 to 16 [ 346.528923][ T7491] erofs: (device loop1): mounted with root inode @ nid 36. [ 346.660847][ T4300] erofs: (device loop1): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[9000] [ 346.664942][ T7491] erofs: (device loop1): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[9000] [ 346.668777][ T7491] erofs: (device loop1): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[9000] [ 346.672789][ T7491] erofs: (device loop1): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[9000] [ 346.676748][ T7491] erofs: (device loop1): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[9000] [ 349.960612][ T7524] net_ratelimit: 11 callbacks suppressed [ 349.960627][ T7524] batman_adv: batadv0: Local translation table size (128) exceeds maximum packet size (-320); Ignoring new local tt entry: aa:aa:aa:aa:aa:2a [ 350.400304][ T7533] loop2: detected capacity change from 0 to 256 [ 352.854871][ T7547] tipc: Started in network mode [ 352.856340][ T7547] tipc: Node identity f286483989b7, cluster identity 4711 [ 352.858264][ T7547] tipc: Enabled bearer , priority 0 [ 352.861766][ T7547] device syzkaller0 entered promiscuous mode [ 353.027034][ T7549] tipc: Resetting bearer [ 353.085879][ T7545] tipc: Resetting bearer [ 353.275808][ T7545] tipc: Disabling bearer [ 353.498875][ T7555] tipc: Enabling of bearer rejected, failed to enable media [ 354.439345][ T7536] loop3: detected capacity change from 0 to 32768 [ 354.496892][ T7536] [ 354.496892][ T7536] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 354.496892][ T7536] [ 355.775974][ T4304] [ 355.775974][ T4304] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 355.775974][ T4304] [ 355.779453][ T4304] [ 355.779453][ T4304] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 355.779453][ T4304] [ 358.812396][ T27] audit: type=1326 audit(614.600:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7594 comm="syz.3.860" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb435a9a8 code=0x7ffc0000 [ 358.827132][ T27] audit: type=1326 audit(614.600:142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7594 comm="syz.3.860" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb435a9a8 code=0x7ffc0000 [ 358.833727][ T27] audit: type=1326 audit(614.610:143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7594 comm="syz.3.860" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=56 compat=0 ip=0xffffb435a9a8 code=0x7ffc0000 [ 358.839418][ T27] audit: type=1326 audit(614.610:144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7594 comm="syz.3.860" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb435a9a8 code=0x7ffc0000 [ 360.412438][ T7609] vxcan1: tx drop: invalid da for name 0x0000000000000001 [ 360.834150][ T27] audit: type=1326 audit(614.610:145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7594 comm="syz.3.860" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb435a9a8 code=0x7ffc0000 [ 362.554884][ T7619] loop1: detected capacity change from 0 to 1024 [ 363.562827][ T7633] loop2: detected capacity change from 0 to 2048 [ 363.693103][ T7633] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 365.282236][ T7654] netlink: 'syz.4.873': attribute type 1 has an invalid length. [ 365.505586][ T7654] 8021q: adding VLAN 0 to HW filter on device bond2 [ 369.355681][ T7690] loop1: detected capacity change from 0 to 512 [ 369.417579][ T7690] EXT2-fs (loop1): warning: feature flags set on rev 0 fs, running e2fsck is recommended [ 369.440909][ T7690] EXT2-fs (loop1): error: couldn't mount because of unsupported optional features (4740) [ 369.562898][ T7694] loop2: detected capacity change from 0 to 128 [ 369.579185][ T7694] EXT4-fs: Ignoring removed nomblk_io_submit option [ 369.590783][ T7694] EXT4-fs: Ignoring removed nomblk_io_submit option [ 369.635199][ T7694] EXT4-fs (loop2): Test dummy encryption mode enabled [ 370.855849][ T7694] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 371.802490][ T2060] ieee802154 phy0 wpan0: encryption failed: -22 [ 371.804466][ T2060] ieee802154 phy1 wpan1: encryption failed: -22 [ 372.112380][ T4297] EXT4-fs (loop2): unmounting filesystem. [ 372.849174][ T7723] usb usb8: usbfs: process 7723 (syz.1.890) did not claim interface 0 before use [ 379.453417][ T4874] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 380.410277][ T7775] netlink: 12 bytes leftover after parsing attributes in process `syz.4.898'. [ 380.495444][ T7777] netlink: 'syz.2.908': attribute type 10 has an invalid length. [ 381.110259][ T6355] Bluetooth: (null): Invalid header checksum [ 381.115934][ T6355] Bluetooth: (null): Invalid header checksum [ 381.214835][ T6350] Bluetooth: (null): Invalid header checksum [ 381.590206][ T7777] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 382.269132][ T7791] loop2: detected capacity change from 0 to 256 [ 382.274818][ T7791] exfat: Unknown parameter '0xffffffffffffffff' [ 386.702615][ T7808] netlink: 'syz.1.915': attribute type 1 has an invalid length. [ 386.927845][ T7819] loop3: detected capacity change from 0 to 256 [ 386.930350][ T7819] exfat: Deprecated parameter 'namecase' [ 386.947434][ T7818] loop2: detected capacity change from 0 to 1024 [ 386.966513][ T7818] EXT4-fs (loop2): Test dummy encryption mode enabled [ 386.989389][ T7819] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x25fbf2c1, utbl_chksum : 0xe619d30d) [ 387.016288][ T7818] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 391.167137][ T7849] netlink: 4 bytes leftover after parsing attributes in process `syz.3.921'. [ 392.403611][ T7862] ptrace attach of "./syz-executor exec"[4309] was attempted by " eth0 #uu0*iƇ޿_k.\x22#p/yLa~+>3l{@!2!9k\x0b8I$Q=r\x09/vӧJ#KT_$A=z/XmOX)s޾_N)6m\x0a\x0b뻑z|d\x1byx\x1bLTrw|0\x09\x5c[ ]V:Þ\x07x.TTϿa%QCuTYZy!Ѧ7vs\x07j*I{]*5JtsĪ~0fۮG:Q\x1b㣤}`eL\x0dyg1\x09i/!,u~)\x1b2jNTh\x1bo:\x0bq7SHLBq([aF*q v ANTeL+u^\x07sha 넙LD7DQ2!8,%$֜yKƴ%:0dLWՐl\x1b\x0bh=m.\x0bhQ}8/P+:E\x5cԬטլCRr^gQ( [ 392.465353][ T7867] netlink: 4 bytes leftover after parsing attributes in process `syz.1.928'. [ 394.627641][ T4297] EXT4-fs (loop2): unmounting filesystem. [ 397.512454][ T7895] netlink: 'syz.2.934': attribute type 1 has an invalid length. [ 397.683350][ T7895] netdevsim netdevsim2 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0 [ 397.685857][ T7895] netdevsim netdevsim2 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0 [ 397.688265][ T7895] netdevsim netdevsim2 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0 [ 397.690847][ T7900] serio: Serial port pts0 [ 397.709662][ T7895] netdevsim netdevsim2 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0 [ 397.742842][ T7895] bond2: (slave geneve2): making interface the new active one [ 397.762393][ T7895] bond2: (slave geneve2): Enslaving as an active interface with an up link [ 397.846733][ T7895] netlink: 28 bytes leftover after parsing attributes in process `syz.2.934'. [ 399.734229][ T7917] usb usb3: usbfs: interface 0 claimed by hub while 'syz.0.940' sets config #0 [ 399.941553][ T7926] loop3: detected capacity change from 0 to 256 [ 399.987089][ T7926] FAT-fs (loop3): count of clusters too big (66845694) [ 399.989110][ T7926] FAT-fs (loop3): Can't find a valid FAT filesystem [ 401.607853][ T7912] loop2: detected capacity change from 0 to 32768 [ 402.113561][ T7912] [ 402.113561][ T7912] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 402.113561][ T7912] [ 402.205389][ T4297] [ 402.205389][ T4297] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 402.205389][ T4297] [ 402.208733][ T4297] [ 402.208733][ T4297] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 402.208733][ T4297] [ 402.278079][ T27] audit: type=1326 audit(658.220:146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7944 comm="syz.1.948" exe="/root/syz-executor" sig=31 arch=c00000b7 syscall=98 compat=0 ip=0xffff89b5a9a8 code=0x0 [ 403.704961][ T7954] serio: Serial port pts0 [ 407.242707][ T7995] tipc: Enabling of bearer rejected, failed to enable media [ 410.104890][ T27] audit: type=1326 audit(666.050:147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8016 comm="syz.2.966" exe="/root/syz-executor" sig=31 arch=c00000b7 syscall=98 compat=0 ip=0xffffa7f5a9a8 code=0x0 [ 410.370217][ T8032] serio: Serial port pts0 [ 411.497783][ T6357] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 412.565175][ T8053] netlink: 'syz.2.973': attribute type 4 has an invalid length. [ 412.721755][ T8058] netlink: 28 bytes leftover after parsing attributes in process `syz.1.974'. [ 412.724491][ T8058] netlink: 28 bytes leftover after parsing attributes in process `syz.1.974'. [ 414.898892][ T8072] loop3: detected capacity change from 0 to 256 [ 414.912510][ T8072] exFAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 414.935891][ T8072] exFAT-fs (loop3): Medium has reported failures. Some data may be lost. [ 414.950890][ T8072] exFAT-fs (loop3): failed to load upcase table (idx : 0x0000ff98, chksum : 0xc64c1d22, utbl_chksum : 0xe619d30d) [ 417.735895][ T8090] xt_policy: output policy not valid in PREROUTING and INPUT [ 418.986853][ T8107] tipc: Enabling of bearer rejected, failed to enable media [ 419.941823][ T8108] serio: Serial port pts0 [ 420.769673][ T8137] loop2: detected capacity change from 0 to 256 [ 420.782756][ T8137] exFAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 420.789128][ T8137] exFAT-fs (loop2): Medium has reported failures. Some data may be lost. [ 420.807333][ T8137] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000ff98, chksum : 0xc64c1d22, utbl_chksum : 0xe619d30d) [ 435.032133][ T2060] ieee802154 phy0 wpan0: encryption failed: -22 [ 435.034118][ T2060] ieee802154 phy1 wpan1: encryption failed: -22 [ 436.089936][ T8266] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1031'. [ 440.056855][ T8301] loop2: detected capacity change from 0 to 256 [ 444.097768][ T4857] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 448.595496][ T8353] Bluetooth: MGMT ver 1.22 [ 450.349694][ T8368] xt_hashlimit: max too large, truncated to 1048576 [ 459.339559][ T8429] loop1: detected capacity change from 0 to 40427 [ 459.344057][ T8429] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12 [ 459.346160][ T8429] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 459.350309][ T8429] F2FS-fs (loop1): invalid crc value [ 459.389912][ T8429] F2FS-fs (loop1): Found nat_bits in checkpoint [ 459.413601][ T8429] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 459.415504][ T8429] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 464.038143][ T8459] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 464.040221][ T8459] IPv6: NLM_F_CREATE should be set when creating new route [ 464.042302][ T8459] IPv6: NLM_F_CREATE should be set when creating new route [ 464.248154][ T8468] loop2: detected capacity change from 0 to 1024 [ 465.688640][ T8475] hfsplus: xattr searching failed [ 466.004792][ T8478] loop3: detected capacity change from 0 to 2048 [ 466.091825][ T8481] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 466.095283][ T8481] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 466.184127][ T11] hfsplus: b-tree write err: -5, ino 4 [ 466.202444][ T8482] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 469.483202][ T8487] netlink: 'syz.0.1090': attribute type 10 has an invalid length. [ 469.488936][ T8487] bond0: (slave wlan1): refused to change device type [ 469.523232][ T8482] NILFS (loop3): vblocknr = 18 has abnormal lifetime: start cno (= 504403158265495554) > current cno (= 3) [ 469.536648][ T8482] NILFS error (device loop3): nilfs_bmap_propagate: broken bmap (inode number=2) [ 469.598388][ T8482] Remounting filesystem read-only [ 469.601841][ T4304] NILFS (loop3): disposed unprocessed dirty file(s) when stopping log writer [ 472.557902][ T8533] loop3: detected capacity change from 0 to 128 [ 473.130261][ T8533] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 476.170106][ T4304] EXT4-fs (loop3): unmounting filesystem. [ 480.141502][ T4664] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 480.355766][ T8598] loop3: detected capacity change from 0 to 256 [ 481.777734][ T8609] loop3: detected capacity change from 0 to 128 [ 483.138466][ T8609] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 484.247476][ T4304] EXT4-fs (loop3): unmounting filesystem. [ 490.701236][ T8657] loop3: detected capacity change from 0 to 1024 [ 492.679765][ T8657] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 494.604522][ T2060] ieee802154 phy0 wpan0: encryption failed: -22 [ 494.614294][ T2060] ieee802154 phy1 wpan1: encryption failed: -22 [ 496.641970][ T4304] EXT4-fs (loop3): unmounting filesystem. [ 501.238520][ T8742] block device autoloading is deprecated and will be removed. [ 501.435092][ T27] audit: type=1326 audit(757.380:148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8747 comm="syz.3.1150" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb435a9a8 code=0x7ffc0000 [ 501.449783][ T27] audit: type=1326 audit(757.380:149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8747 comm="syz.3.1150" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=220 compat=0 ip=0xffffb435a9a8 code=0x7ffc0000 [ 501.513171][ T27] audit: type=1326 audit(757.460:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8747 comm="syz.3.1150" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb435a9a8 code=0x7ffc0000 [ 501.522572][ T27] audit: type=1326 audit(757.460:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8747 comm="syz.3.1150" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb435a9a8 code=0x7ffc0000 [ 501.597073][ T27] audit: type=1326 audit(757.480:152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8747 comm="syz.3.1150" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=261 compat=0 ip=0xffffb435a9a8 code=0x7ffc0000 [ 502.910907][ T27] audit: type=1326 audit(757.480:153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8747 comm="syz.3.1150" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb435a9a8 code=0x7ffc0000 [ 502.921027][ T27] audit: type=1326 audit(757.480:154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8747 comm="syz.3.1150" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb435a9a8 code=0x7ffc0000 [ 502.980515][ T27] audit: type=1326 audit(757.480:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8747 comm="syz.3.1150" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=119 compat=0 ip=0xffffb435a9a8 code=0x7ffc0000 [ 504.460099][ T27] audit: type=1326 audit(757.480:156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8747 comm="syz.3.1150" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb435a9a8 code=0x7ffc0000 [ 504.511495][ T27] audit: type=1326 audit(757.480:157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8747 comm="syz.3.1150" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb435a9a8 code=0x7ffc0000 [ 505.849055][ T8789] fuse: Bad value for 'fd' [ 507.465959][ T8807] loop1: detected capacity change from 0 to 16 [ 507.585110][ T8807] erofs: (device loop1): mounted with root inode @ nid 36. [ 507.805816][ T8807] erofs: (device loop1): z_erofs_readahead: readahead error at page 2 @ nid 89 [ 507.825683][ T8807] erofs: (device loop1): z_erofs_readahead: readahead error at page 1 @ nid 89 [ 507.828560][ T8807] erofs: (device loop1): z_erofs_readahead: readahead error at page 0 @ nid 89 [ 507.831154][ T8807] erofs: (device loop1): z_erofs_pcluster_readmore: readmore error at page 0 @ nid 89 [ 507.834231][ T8807] erofs: (device loop1): z_erofs_pcluster_readmore: readmore error at page 0 @ nid 89 [ 507.836957][ T8807] erofs: (device loop1): z_erofs_read_folio: failed to read, err [-117] [ 515.747586][ T8872] overlayfs: failed to clone upperpath [ 516.743125][ T11] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 523.801043][ T8932] hub 1-0:1.0: USB hub found [ 523.805842][ T8932] hub 1-0:1.0: 1 port detected [ 525.634688][ T8941] loop2: detected capacity change from 0 to 256 [ 529.408214][ T8974] loop3: detected capacity change from 0 to 512 [ 529.419222][ T8974] EXT4-fs: Ignoring removed oldalloc option [ 529.436962][ T8974] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 529.649520][ T8977] MPTCP: kernel_bind error, err=-98 [ 530.404095][ T8981] loop2: detected capacity change from 0 to 128 [ 530.437747][ T8974] EXT4-fs (loop3): 1 truncate cleaned up [ 530.439336][ T8974] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 531.088198][ T8981] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 533.972021][ T27] kauditd_printk_skb: 21 callbacks suppressed [ 533.972062][ T27] audit: type=1326 audit(789.830:179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8973 comm="syz.3.1206" exe="/root/syz-executor" sig=31 arch=c00000b7 syscall=98 compat=0 ip=0xffffb435a9a8 code=0x0 [ 534.534908][ T4297] EXT4-fs (loop2): unmounting filesystem. [ 534.808001][ T4304] EXT4-fs (loop3): unmounting filesystem. [ 537.169553][ T9017] loop3: detected capacity change from 0 to 512 [ 539.200526][ T9035] loop2: detected capacity change from 0 to 16 [ 539.279034][ T9035] erofs: (device loop2): mounted with root inode @ nid 36. [ 539.572958][ T9035] erofs: (device loop2): z_erofs_readahead: readahead error at page 2 @ nid 89 [ 539.576108][ T9035] erofs: (device loop2): z_erofs_readahead: readahead error at page 1 @ nid 89 [ 539.578581][ T9035] erofs: (device loop2): z_erofs_readahead: readahead error at page 0 @ nid 89 [ 539.581062][ T9035] erofs: (device loop2): z_erofs_pcluster_readmore: readmore error at page 0 @ nid 89 [ 539.584048][ T9035] erofs: (device loop2): z_erofs_pcluster_readmore: readmore error at page 0 @ nid 89 [ 539.586839][ T9035] erofs: (device loop2): z_erofs_read_folio: failed to read, err [-117] [ 540.066288][ T9017] EXT4-fs error (device loop3): ext4_do_update_inode:5254: inode #16: comm syz.3.1216: corrupted inode contents [ 540.150629][ T9017] EXT4-fs error (device loop3): ext4_dirty_inode:6119: inode #16: comm syz.3.1216: mark_inode_dirty error [ 540.155793][ T9017] EXT4-fs error (device loop3): ext4_do_update_inode:5254: inode #16: comm syz.3.1216: corrupted inode contents [ 540.176523][ T9017] EXT4-fs error (device loop3): __ext4_ext_dirty:202: inode #16: comm syz.3.1216: mark_inode_dirty error [ 540.186666][ T9017] EXT4-fs error (device loop3): ext4_do_update_inode:5254: inode #16: comm syz.3.1216: corrupted inode contents [ 540.214566][ T9017] EXT4-fs error (device loop3) in ext4_orphan_del:305: Corrupt filesystem [ 540.217514][ T9017] EXT4-fs error (device loop3): ext4_do_update_inode:5254: inode #16: comm syz.3.1216: corrupted inode contents [ 540.236161][ T9017] EXT4-fs error (device loop3): ext4_truncate:4312: inode #16: comm syz.3.1216: mark_inode_dirty error [ 540.239953][ T9017] EXT4-fs error (device loop3) in ext4_process_orphan:347: Corrupt filesystem [ 540.244295][ T9017] EXT4-fs (loop3): 1 truncate cleaned up [ 540.246128][ T9017] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 540.264634][ T4874] Quota error (device loop3): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 540.267700][ T4874] EXT4-fs error (device loop3): ext4_release_dquot:6850: comm kworker/u4:18: Failed to release dquot type 1 [ 540.291639][ T4304] EXT4-fs (loop3): unmounting filesystem. [ 547.593687][ T9112] loop2: detected capacity change from 0 to 512 [ 547.643144][ T9112] EXT2-fs (loop2): error: revision level too high, forcing read-only mode [ 547.648266][ T9112] EXT2-fs (loop2): 0.5b, 95/08/09, bs=4096, gc=1, bpg=32768, ipg=32, mo=a00a8] [ 548.617860][ T9116] loop3: detected capacity change from 0 to 16 [ 549.790988][ T9116] erofs: (device loop3): mounted with root inode @ nid 36. [ 550.080106][ T9116] erofs: (device loop3): z_erofs_readahead: readahead error at page 2 @ nid 89 [ 550.092868][ T9116] erofs: (device loop3): z_erofs_readahead: readahead error at page 1 @ nid 89 [ 550.095474][ T9116] erofs: (device loop3): z_erofs_readahead: readahead error at page 0 @ nid 89 [ 550.098048][ T9116] erofs: (device loop3): z_erofs_pcluster_readmore: readmore error at page 0 @ nid 89 [ 550.101035][ T9116] erofs: (device loop3): z_erofs_pcluster_readmore: readmore error at page 0 @ nid 89 [ 550.103727][ T9116] erofs: (device loop3): z_erofs_read_folio: failed to read, err [-117] [ 550.480815][ T4445] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 551.115418][ T9128] loop2: detected capacity change from 0 to 2048 [ 551.327292][ T9132] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 554.376043][ T9132] NILFS (loop2): vblocknr = 18 has abnormal lifetime: start cno (= 504403158265495554) > current cno (= 3) [ 554.379246][ T9132] NILFS error (device loop2): nilfs_bmap_propagate: broken bmap (inode number=2) [ 554.395973][ T9132] Remounting filesystem read-only [ 554.399269][ T4297] NILFS (loop2): disposed unprocessed dirty file(s) when stopping log writer [ 554.429394][ T9144] loop3: detected capacity change from 0 to 512 [ 554.435789][ T9144] EXT4-fs: Ignoring removed nobh option [ 554.451088][ T9144] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 554.495218][ T9144] EXT4-fs error (device loop3): ext4_orphan_get:1400: inode #15: comm syz.3.1245: iget: bad i_size value: 38620345925642 [ 554.514837][ T9144] EXT4-fs error (device loop3): ext4_orphan_get:1405: comm syz.3.1245: couldn't read orphan inode 15 (err -117) [ 554.522909][ T9152] loop2: detected capacity change from 0 to 128 [ 554.528502][ T9144] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 556.296211][ T9155] EXT4-fs error (device loop3): ext4_lookup:1858: inode #15: comm syz.3.1245: iget: bad i_size value: 38620345925642 [ 556.307251][ T2060] ieee802154 phy0 wpan0: encryption failed: -22 [ 556.309101][ T2060] ieee802154 phy1 wpan1: encryption failed: -22 [ 556.315484][ T9146] EXT4-fs error (device loop3): ext4_validate_block_bitmap:429: comm ext4lazyinit: bg 0: block 5: invalid block bitmap [ 556.470237][ T9157] EXT4-fs error (device loop3): ext4_lookup:1858: inode #15: comm syz.3.1245: iget: bad i_size value: 38620345925642 [ 556.477147][ T9152] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 557.105858][ T4304] EXT4-fs (loop3): unmounting filesystem. [ 557.154517][ T4297] EXT4-fs (loop2): unmounting filesystem. [ 559.375067][ T9178] netlink: 'syz.4.1254': attribute type 10 has an invalid length. [ 559.391041][ T9178] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 559.433444][ T9179] ptrace attach of "./syz-executor exec"[4302] was attempted by " eth0 #uu0*iƇ޿_k.\x22#p/yLa~+>3l{@!2!9k\x0b8I$Q=r\x09/vӧJ#KT_$A=z/XmOX)s޾_N)6m\x0a\x0b뻑z|d\x1byx\x1bLTrw|0\x09\x5c[ ]V:Þ\x07x.TTϿa%QCuTYZy!Ѧ7vs\x07j*I{]*5JtsĪ~0fۮG:Q\x1b㣤}`eL\x0dyg1\x09i/!,u~)\x1b2jNTh\x1bo:\x0bq7SHLBq([aF*q v ANTeL+u^\x07sha 넙LD7DQ2!8,%$֜yKƴ%:0dLWՐl\x1b\x0bh=m.\x0bhQ}8/P+:E\x5cԬטլCRr^gQ( [ 560.615824][ T4305] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 561.205245][ T4305] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 561.208510][ T9190] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 561.211135][ T9190] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 561.214693][ T9190] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 561.216854][ T9190] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 561.829695][ T9198] loop3: detected capacity change from 0 to 512 [ 561.999922][ T9198] EXT2-fs (loop3): error: revision level too high, forcing read-only mode [ 562.002478][ T9198] EXT2-fs (loop3): 0.5b, 95/08/09, bs=4096, gc=1, bpg=32768, ipg=32, mo=a00a8] [ 563.148719][ T11] wlan1: Trigger new scan to find an IBSS to join [ 563.282410][ T4305] Bluetooth: hci5: command 0x0409 tx timeout [ 565.972422][ T4305] Bluetooth: hci5: command 0x041b tx timeout [ 566.495458][ T6375] netdevsim netdevsim1 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 566.498828][ T6375] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 566.557013][ T6375] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 1] type 2 family 0 port 256 - 0 [ 568.708253][ T4445] wlan1: Trigger new scan to find an IBSS to join [ 568.713102][ T4300] Bluetooth: hci5: command 0x040f tx timeout [ 570.820097][ T4305] Bluetooth: hci5: command 0x0419 tx timeout [ 570.981811][ T6375] netdevsim netdevsim1 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 571.008957][ T6375] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 571.011802][ T6375] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 1] type 2 family 0 port 256 - 0 [ 572.634213][ T9188] chnl_net:caif_netlink_parms(): no params data found [ 574.757676][ T9285] xt_policy: output policy not valid in PREROUTING and INPUT [ 574.774385][ T4390] wlan1: Creating new IBSS network, BSSID 0a:d2:32:f9:1e:83 [ 574.964310][ T6375] netdevsim netdevsim1 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 574.976643][ T6375] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 574.979755][ T6375] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 1] type 2 family 0 port 256 - 0 [ 575.779178][ T6375] netdevsim netdevsim1 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 575.782594][ T6375] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 575.785427][ T6375] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 1] type 2 family 0 port 256 - 0 [ 577.907181][ T9188] bridge0: port 1(bridge_slave_0) entered blocking state [ 577.909271][ T9188] bridge0: port 1(bridge_slave_0) entered disabled state [ 577.911976][ T9188] device bridge_slave_0 entered promiscuous mode [ 577.917191][ T9188] bridge0: port 2(bridge_slave_1) entered blocking state [ 577.919161][ T9188] bridge0: port 2(bridge_slave_1) entered disabled state [ 577.921739][ T9188] device bridge_slave_1 entered promiscuous mode [ 577.940705][ T9188] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 577.945750][ T9188] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 577.964389][ T9188] team0: Port device team_slave_0 added [ 577.968675][ T9188] team0: Port device team_slave_1 added [ 578.012153][ T9188] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 578.021146][ T9188] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 578.052474][ T9312] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000000 [ 578.055206][ T9312] Mem abort info: [ 578.056171][ T9312] ESR = 0x0000000086000006 [ 578.057434][ T9312] EC = 0x21: IABT (current EL), IL = 32 bits [ 578.059094][ T9312] SET = 0, FnV = 0 [ 578.060153][ T9312] EA = 0, S1PTW = 0 [ 578.061298][ T9312] FSC = 0x06: level 2 translation fault [ 578.062919][ T9312] user pgtable: 4k pages, 48-bit VAs, pgdp=000000011b179000 [ 578.064970][ T9312] [0000000000000000] pgd=0800000114bba003, p4d=0800000114bba003, pud=080000012b844003, pmd=0000000000000000 [ 578.068247][ T9312] Internal error: Oops: 0000000086000006 [#1] PREEMPT SMP [ 578.070171][ T9312] Modules linked in: [ 578.071234][ T9312] CPU: 1 PID: 9312 Comm: syz.4.1289 Not tainted 6.1.142-syzkaller #0 [ 578.073530][ T9312] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 578.076319][ T9312] pstate: 80400005 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 578.078517][ T9312] pc : 0x0 [ 578.079347][ T9312] lr : bond_xdp_xmit+0x27c/0x45c [ 578.080691][ T9312] sp : ffff800021bd7020 [ 578.081806][ T9312] x29: ffff800021bd70e0 x28: 000000000000000f x27: ffff800021bd7048 [ 578.084015][ T9312] x26: dfff800000000000 x25: ffff800013b38898 x24: ffff0000cf274000 [ 578.086277][ T9312] x23: fffffbffeff5c460 x22: ffff0000d5ac4000 x21: fffffbffeff5c460 [ 578.088421][ T9312] x20: 0000000000000000 x19: 0000000000000000 x18: 0000000000000000 [ 578.090668][ T9312] x17: 0000000000000000 x16: ffff8000082d0f50 x15: 0000000000000002 [ 578.092900][ T9312] x14: 0000000000000001 x13: 0000000000ff0100 x12: 0000000000080000 [ 578.095155][ T9312] x11: 0000000000002d82 x10: ffff80002717a000 x9 : ffff800021bd7080 [ 578.097303][ T9312] x8 : 0000000000000000 x7 : 0000000000000000 x6 : 0000000000000000 [ 578.099517][ T9312] x5 : 0000000000000000 x4 : 0000000000000008 x3 : 0000000000000000 [ 578.101685][ T9312] x2 : ffff800021bd70a0 x1 : 0000000000000001 x0 : ffff0000cf274000 [ 578.103829][ T9312] Call trace: [ 578.104687][ T9312] 0x0 [ 578.105392][ T9312] bq_xmit_all+0xab0/0xf10 [ 578.106593][ T9312] bq_enqueue+0x288/0x30c [ 578.107818][ T9312] dev_map_enqueue_multi+0x9c8/0xd8c [ 578.109290][ T9312] xdp_do_redirect_frame+0x3e4/0x578 [ 578.110743][ T9312] bpf_test_run_xdp_live+0x840/0x1544 [ 578.112212][ T9312] bpf_prog_test_run_xdp+0x560/0xb88 [ 578.113592][ T9312] bpf_prog_test_run+0x2dc/0x364 [ 578.114943][ T9312] __sys_bpf+0x4ec/0x634 [ 578.116174][ T9312] __arm64_sys_bpf+0x80/0x98 [ 578.117435][ T9312] invoke_syscall+0x98/0x2bc [ 578.118671][ T9312] el0_svc_common+0x138/0x258 [ 578.119990][ T9312] do_el0_svc+0x58/0x13c [ 578.121133][ T9312] el0_svc+0x58/0x138 [ 578.122160][ T9312] el0t_64_sync_handler+0x84/0xf0 [ 578.123460][ T9312] el0t_64_sync+0x18c/0x190 [ 578.124640][ T9312] Code: bad PC value [ 578.125644][ T9312] ---[ end trace 0000000000000000 ]--- [ 578.297977][ T9312] pstore: crypto_comp_compress failed, ret = -22! [ 578.631529][ T9312] Kernel panic - not syncing: Oops: Fatal exception in interrupt [ 578.633733][ T9312] SMP: stopping secondary CPUs [ 578.635034][ T9312] Kernel Offset: disabled [ 578.636231][ T9312] CPU features: 0x080000,02070084,26017203 [ 578.637776][ T9312] Memory Limit: none [ 578.803495][ T9312] pstore: crypto_comp_compress failed, ret = -22! [ 579.138519][ T9312] Rebooting in 86400 seconds..