last executing test programs: 7.488377647s ago: executing program 4 (id=368): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000000000d00000000080000000850000006d00000095"], &(0x7f00000005c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f00000000c0)='netlink_extack\x00', r0}, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff) sendmsg$TIPC_NL_BEARER_SET(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)={0x28, r2, 0x1, 0x70bd28, 0x25dfdbfb, {}, [@TIPC_NLA_BEARER={0x14, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}]}]}, 0x28}, 0x1, 0x0, 0x0, 0x48c05}, 0x4040140) 7.26638605s ago: executing program 4 (id=374): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000600000027"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000500)={'syzkaller0\x00', 0x7101}) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0xa802, 0x0) ioctl$KDSIGACCEPT(0xffffffffffffffff, 0x541b, 0x100000001ffffffd) close(r3) socketpair(0x1, 0x1, 0x0, &(0x7f0000000200)) ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f00000000c0)={'syzkaller0\x00', @broadcast}) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) r5 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@gettclass={0x24, 0x2a, 0x129, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {0xb, 0xd}, {0x9}, {0x8, 0xfff1}}}, 0x24}}, 0x40004) recvmmsg(r5, &(0x7f0000005140)=[{{0x0, 0x0, &(0x7f0000000b80)=[{&(0x7f0000000640)=""/216, 0xd8}, {&(0x7f0000003080)=""/4085, 0xff5}], 0x2}, 0x3}], 0x1, 0x0, 0x0) 4.68223751s ago: executing program 3 (id=401): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x3804402, &(0x7f0000000240)={[{@user_xattr}, {@abort}, {@resuid}, {@user_xattr}, {@discard}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x7b1}}, {@nolazytime}, {@noinit_itable}, {@nomblk_io_submit}, {@nodelalloc}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x40000}}]}, 0x1, 0x55f, &(0x7f0000000540)="$eJzs3d9rW+UbAPDnpO1+77sOxvgqIoVdOJlL19YfE7yYl6LDgd7PkmRlNFlGk461Dtwu3I03MgQRB+K1eu/l8B/wrxjoYMgoingTOelJl7VJm3XZmpnPB077vuec9D1Pznnevm9OQgIYWhPpj1zECxHxZRJxqG3baGQbJ1b3W3lwrZAuSTQaH/2RRJKta+2fZL/3Z5X/R8Qvn0ecyG1st7a0PD9bLpcWsvpkvXJ5sra0fPJiZXauNFe6ND0zc/qNmem333qzb7G+eu6vbz68897pL46tfP3TvcO3kjgTB7Jt7XE8gevtlYmYyJ6TsTizbsepPjQ2SJKdPgC2ZSTL87FI+4BDMZJlPfDf91lENIAhlch/GFKtcUBrbt+nefBz4/67qxOgjfGPrr42Enuac6N9K8kjM6N0vjveh/bTNn7+/fatdIn+vQ4BsKXrNyLi1Ojoxv4vyfq/7TvVwz7r29D/wbNzJx3/vNZp/JNbG/9Eh/HP/g65ux1b53/uXh+a6Sod/73Tcfy7dtNqfCSrHWyO+caSCxfLpbRv+19EHI+x3Wl9s/s5p1fuNrptax//pUvafmssmB3HvdHdjz6mOFuffZKY292/EfFix/Fvsnb+kw7nP30+zvXYxtHS7Ze7bds6/qer8X3EKx3P/8M7Wsnm9ycnm9fDZOuq2OjPm0d/7db+Tsefnv99q/H/nU0J18c/nrTfr609fhvf7fmn1G3bdq//XcnHzfKubN3V2Xp9YSpiV/LBxvXTDx/bqrf2T+M/fmzz/q/T9b83Ij7pMf6bR358afvxP11p/MXNr/915//xC3ff//Tbbu33dv5fb5aOZ2t66f96PcAnee4AAAAAAABg0OQi4kAkufxaOZfL51ff33Ek9uXK1Vr9xIXq4qViND8rOx5judad7kNt74eYyt4P26pPr6vPRMThiPhqZG+zni9Uy8WdDh4AAAAAAAAAAAAAAAAAAAAGxP4un/9P/Tay00cHPHW+8huG15b5349vegIGkv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX507ezZdGisPrhXSevHK0uJ89crJYqk2n68sFvKF6sLl/Fy1Olcu5QvVylZ/r1ytXp6ajsWrk/VSrT5ZW1o+X6kuXqqfv1j54WBEaeyZRAUAAAAAAAAAAAAAAAAAAADPl9rS8vxsuVxaUGgWdsdAHMZzVBgdjMNQ6HNhp3smAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHjo3wAAAP//waw5Ug==") r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f0000000740)=@framed, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa40, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000180)='mm_page_free\x00', r0, 0x0, 0x1000000}, 0x18) r1 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0) ftruncate(r1, 0x2007ffc) sendfile(r1, r1, 0x0, 0x800000009) 4.336887005s ago: executing program 3 (id=405): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) creat(&(0x7f0000000280)='./bus\x00', 0x1) bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x20, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000040000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x18) mount(0x0, &(0x7f0000000280)='./bus\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000300)='trans=rdma,') r2 = getpid() prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r3 = getpid() sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[], 0x48) r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000000000", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000014000000b703000000000000850000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0, r7}, 0x18) r8 = syz_pidfd_open(r2, 0x0) setns(r8, 0x24020000) syz_clone(0xf5982500, 0x0, 0x0, 0x0, 0x0, 0x0) 2.832906278s ago: executing program 4 (id=407): socket$inet6_sctp(0xa, 0x5, 0x84) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000008002b000000000000000018040000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x11, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000003c0)='sched_switch\x00', r0}, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0xb, 0x59032, 0xffffffffffffffff, 0x0) getpid() truncate(&(0x7f0000000140)='./file1\x00', 0x7ff) r1 = socket$phonet_pipe(0x23, 0x5, 0x2) connect$phonet_pipe(r1, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000100), &(0x7f0000000640)='./bus\x00', 0x0, &(0x7f0000000440)=ANY=[], 0x1, 0x1268, &(0x7f0000002500)="$eJzs3U9rI2UcB/Bf2vTv2qbquroL4oNeFCFue/DkpcguiAWl2gUVhFmbamialCYUIuLWkyfBlyHq0ZsgvoFevHgWBJFePO5BHGmT1aZJu7ptU5HP5zIPzzzfeWYyzMCE+TF7L32+sb7WLK9lrRgpFKK4ORbFuylSjMRodOzEc7d+/OnJN956+9XFpaUbyyndXHxz/sWU0uxT373z0ddPf9+6dOub2W8nYnfu3b3fFn7evbJ7de+Pr6LaTNVmqjdaKUu3G41WdrtWSavV5no5pddrlaxZSdV6s7LVs36t1tjcbKesvjozvblVaTZTVm+n9Uo7tQqptdVO2ftZtZ7K5XKamQ5OY+XLu3meR+T5WIxHnuf5VEzHpXgoZmI2SjEXD8cj8WhcjsfiSjweT8TVg1EXvd8AAAAAAAAAAAAAAAAAAADw/3Kf+v+C+n8AAAAAAAAAAAAAAAAAAAA4f0fr/4sRvv8PAAAAAAAAAAAAAAAAAAAAQ3af7/8fqf9/Xv0/AAAAAAAAAAAAAAAAAAAAnIfJzmI5pcmIjU+3V7ZXOstO/+JaVKMWlbgepfg9Dqr/Ozrtm68s3bieDszFCxt3uvk72yujvfn5sVLMFQbm5zv51JufiOnD+YUoxeXB8y8MzE/Gs8/s5z/p5MtRih/ei0bUYjWi0D36g/zH8ym9/NrSVG/+2v64Y42e82kBAACAs1ROf+l/ft/pDhq4vrOq+3yeuiMLJ/w/cOT5vBjXihd11NzTbH+4ntVqla0HbIwfv53x0225r1GIiCwO98xO/7K8P/mZTfGgjdGhTjp28phTnNMo/gd+zDNo/PrFoZ7JGO7sI91LIqvt3z//WSp28vxcd2zgxThxUur4e0ZhCPclhuPvk37RewIAAAAAAAAAAMC/MfDtv6mI6Hsf8IO+nnuvh/fG+7d8/OyfDeEIAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/mQHjgUAAAAAhPlbp9GxAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwFcBAAD///ME0UM=") r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x10000, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000002c0)='./file0\x00', 0x8, &(0x7f0000000240)={[{@errors_remount}, {@nouser_xattr}, {@user_xattr}]}, 0x1, 0x429, &(0x7f0000000740)="$eJzs3M1rXFUbAPDn3nzxNu2bWOtXW3XaIAbUpElUCLipqCgILnTnQkKTlGLalCZiW1y0IrgqblzpypX9A9y4EMS9K8GV7qUQpLiWK3fmXjNN5qaZJOMknd8Ppj3n3hPOee6ZM3PuOTMTQM+q5f8kEYcj4reIGGlk7y1Qa/z3191PzuWPJLLs3T+Terk8XxYt/264yIynEelnSZxoUe/Ktesfzi0tLVwp8pOrFy9Prly7/sKFi3PnF84vXJqZfenM9Mzsy7Mzexbrrbsnf13++p2/vzj9+/Crtz54LW/v4eJccxx7pRa1e69lk2f2urIuO9KUTvq72BDa0hcReXcN1Mf/SPTFeueNxOufdrVxQEdlWZYNVZ++kbUyEC0PAwdNYjBDjyrf6Mt7+07cB+9na2cbN0Cb4++PtCgztOH+di/VIuLq+5//kD+iQ+sQAADNfsznP8+3mv+k8WhTuf8Xe0OjEfFQRByNiIcj4lhEPBJRL/tYRDxeVdGN2y0P1zbkN89/0js7j+7+8vnfKy3nv+XsL0b7ityRevwDyeKFpYUzxTVJYmAoz09tUccvb93+tupc8/wvf+T1l3PBoh13+jcs0M3Prc7tJuZmazcjjrec/yblTsDNJCKeiIjjO6zj+7PZV1Xn7h9/Z2XfRDzbsv/Xd+6S9f3JPLtxf3Ky/nyYLJ8Vm538+PJ8Vf1txJ/uPtrN8v4/tHX8o0nzfu1K+3V8N3pqrercTp//g8l79fRgcezq3OrqlamIweTtzcen1/+2zJfl8/jHx1qP/6OxfiVO5P0YEU9GxFMR8XTR9lMRcToixraI/42xNxd2Hn9n5fHPt9X/7Sey7Kefq+rfXv+/WE+NF0e28/q33Qbu5toBAADAQZHWPwOfpBP/ptN0YqLxGf5jcShdWl5ZfW5x+aNL843Pyo/GQFqudI00rYdOFWvDZX56Q36mWDf+su9/9fzEueWlykUx4D8xXDH+c3/0dbt1QMdVf1+rI3tOwD7i+5rQu4x/6F2N8b/Y7WYAXeD9H3rX1uO/6iesgAeB93/oXcY/9C7jH3qX8Q89aTff63+gE4Nt/IiAxIFMlD8rsl/as78SXX5hAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2CP/BAAA//9TS9nx") mkdirat(r2, &(0x7f0000000180)='./bus\x00', 0x0) 2.831116518s ago: executing program 3 (id=408): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_COALESCE_SET(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000003300)={0x24, r1, 0x1, 0x70bd2e, 0x0, {}, [@ETHTOOL_A_COALESCE_USE_ADAPTIVE_RX={0x5, 0xb, 0x1}, @ETHTOOL_A_COALESCE_USE_ADAPTIVE_TX={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x104}, 0x20000050) 2.753892469s ago: executing program 1 (id=409): socket$nl_route(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000003c0)=0x2) readv(r0, &(0x7f00000008c0)=[{&(0x7f00000002c0)=""/156, 0x9c}], 0x1) munmap(&(0x7f0000002000/0x1000)=nil, 0x1000) ioctl$USBDEVFS_SUBMITURB(0xffffffffffffffff, 0x8038550a, &(0x7f0000000000)=@urb_type_control={0x2, {}, 0x0, 0x0, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x7995}, 0xfcb5, 0x0, 0x0, 0x48000000, 0x0, 0x0, 0x0}) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00'}, 0x10) syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{}, &(0x7f0000000000), &(0x7f0000000180)}, 0x20) r1 = socket$inet_smc(0x2b, 0x1, 0x0) setsockopt$ARPT_SO_SET_REPLACE(r1, 0x0, 0x60, &(0x7f0000000f40)={'filter\x00', 0x10, 0x4, 0x3f0, 0x110, 0x0, 0x0, 0x308, 0x308, 0x308, 0x4, 0x0, {[{{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @mac=@random="e5fce0c960bc", @private=0xa010102, @dev={0xac, 0x14, 0x14, 0x1e}, 0xf, 0xffffffff}}}, {{@uncond, 0xc0, 0xe8}, @unspec=@CLASSIFY={0x28, 'CLASSIFY\x00', 0x0, {0x2}}}, {{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @mac=@remote, @broadcast, @loopback, 0x1, 0x1}}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x440) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000480)='kfree\x00', 0xffffffffffffffff, 0x0, 0x7fffffffffffffff}, 0x18) socket$netlink(0x10, 0x3, 0x0) 2.64299362s ago: executing program 3 (id=411): mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0) remap_file_pages(&(0x7f00002ec000/0x200000)=nil, 0x200000, 0x0, 0x0, 0x0) remap_file_pages(&(0x7f000075d000/0x3000)=nil, 0x3000, 0x0, 0x7, 0x0) mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) 2.362985225s ago: executing program 4 (id=415): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0500000004000000990000000b"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000001740)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000640)={&(0x7f0000000080)='kfree\x00', r1, 0x0, 0x200000000003}, 0x18) r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x0, &(0x7f00000000c0)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_SET_OPTION(r2, &(0x7f0000000180)={0xe, 0x18, 0xfa00, @ib_path={0x0, r3, 0x1, 0x2}}, 0x20) 2.229128007s ago: executing program 4 (id=416): r0 = socket$l2tp6(0xa, 0x2, 0x73) connect$inet6(r0, &(0x7f0000000280)={0xa, 0x4e21, 0x1000, @local, 0x7}, 0x1c) 2.094472068s ago: executing program 4 (id=417): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000600000027"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000500)={'syzkaller0\x00', 0x7101}) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0xa802, 0x0) ioctl$KDSIGACCEPT(0xffffffffffffffff, 0x541b, 0x100000001ffffffd) close(r3) socketpair(0x1, 0x1, 0x0, &(0x7f0000000200)) ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f00000000c0)={'syzkaller0\x00', @broadcast}) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) r5 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@gettclass={0x24, 0x2a, 0x129, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {0xb, 0xd}, {0x9}, {0x8, 0xfff1}}}, 0x24}}, 0x40004) recvmmsg(r5, &(0x7f0000005140)=[{{0x0, 0x0, &(0x7f0000000b80)=[{&(0x7f0000000640)=""/216, 0xd8}, {&(0x7f0000003080)=""/4085, 0xff5}], 0x2}, 0x3}], 0x1, 0x0, 0x0) 1.990400321s ago: executing program 2 (id=419): fchdir(0xffffffffffffffff) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x11, 0x5, &(0x7f00000027c0)=ANY=[@ANYBLOB="180000000000000000000000ff000000850000000f000000970000005000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x6, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='sys_enter\x00', r0}, 0x10) nanosleep(&(0x7f0000000540), 0x0) 1.97843115s ago: executing program 3 (id=420): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x8, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x18) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x10000000000000) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x41, &(0x7f0000000080)={[{@errors_remount}, {@noload}, {@nogrpid}, {@noquota}, {@noblock_validity}, {}, {@mblk_io_submit}, {@acl}, {@resgid}], [], 0x3d}, 0x1, 0x51f, &(0x7f00000007c0)="$eJzs3UFsI1cZAOB/HDvd7KZNChygEqXQouwK1k4a2kY9lCIhOFUCyn0JiRNFceIodtpNVEFWHDgiIQRInMqFCxInTkioEheOCKkSnEGAQAi2cEACdirb4+xuMk6yG8fOJt8nTea955n3v+doxn7jp5kALqxnIuLViLiTpum1iJjIygvZErudpbXde7ffWmgtSaTp6/9IIsnKunWlbY/FlWy3SxHxlS9GfD05GLexvbM6X6tVN7N8pbm2UWls71xfWZtfri5X12dnZ16ce2nuhbnpvvRzPCJe+fxfvv+dn3zhlV9++s0/3vjb1W8kWXns68cDKh72YqfrpfZ7ce8Omw8Z7CwqtnuYGcvbYuRAya1TbhMAAL19ICI+ERHXYiJGDv86CwAAADyC0s+Ox/+S7m93B4z2KAcAAAAeIYX2HNikUM7m+45HoVAuR3sO74ficqFWbzQ/tVTfWl/szJWdjFJhaaVWnc7mCk9GKWnlZ9rpu/nn9+VnI+LJiPjexFg7X16o1xaHffEDAAAALogr+8b//57ojP8BAACAc2Zy2A0AAAAATp3xPwAAAJx/xv8AAABwrn3ptddaS9p9/vXiG9tbq/U3ri9WG6vlta2F8kJ9c6O8XK8vt+/Zt3ZUfbV6feMzsb51s9KsNpqVxvbOjbX61nrzxsp9j8AGAAAABujJj73z+yQidl8eay8to8fb9ZibAWdVcS+VZOucw/oPT3TWfx5Qo4CBGBl2A4ChKQ67AcDQlIbdAGDokiNe7zl55zfZ+uP9bQ8AANB/Ux/J//3/6OuCu4UBNA84RQ5iALh42t/zjzuT15cFOFdKZgDChXfi3/+PlKYP1CAAAKDvxttLUihnl/fGo1AolyMebz8WoJQsrdSq0xHxRET8bqL0WCs/094zOXLMAAAAAAAAAAAAAAAAAAAAAAAAAAB0pGkSKQAAAHCuRRT+mvyqcy//qYnnxvdfHxhN/jMR2SNC3/zR6z+4Od9sbs60yv+5V978YVb+/DCuYAAAAMCFUHyQjbvj9O44HgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD66b3bby10l0HG/fvnImIyL34xLrXXl6IUEZf/lUTxnv2SiBjpQ/yx1p8P58VPWs3aC5kXf+ztk8ffvXVo/JjM3oW8+FdOHh4utHda559X846/QjzTXucff8WI+/IPq/f5L/bOfyM9jv/HjxnjqXd/VukZ/1bEU8X88083ftIj/rN5Ff782weKvvbVnZ1e8dO3I6ZyP3+S+2JVmmsblcb2zvWVtfnl6nJ1fXZ25sW5l+ZemJuuLK3Uqtnf3Bjf/egv7hzW/8s94k8e0f/ncuobzSn7/7s3b3+wkyzlxb/6bE78X/842+Jg/EL22ffJLN16faqb3u2k7/X0T3/79GH9X+zR/6P+/1d7VbrPtS9/60/H3BQAGIDG9s7qfK1W3TwbiZej7zW3RvhD79ejl/hveiaacbqJb/a1wjRN09YxdYJ6khjcm5Ac3tRhn5kAAIB+u/ulf9gtAQAAAAAAAAAAAAAAAAAAgItrEHca2x9zdy+V9OMW2gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAffF+AAAA///0iOAC") 1.866398452s ago: executing program 2 (id=421): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_COALESCE_SET(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000003300)={0x24, r1, 0x1, 0x70bd2e, 0x0, {}, [@ETHTOOL_A_COALESCE_USE_ADAPTIVE_RX={0x5, 0xb, 0x1}, @ETHTOOL_A_COALESCE_USE_ADAPTIVE_TX={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x104}, 0x20000050) 1.825293103s ago: executing program 2 (id=422): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x3ff, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sys_enter\x00', r1}, 0x10) ioprio_set$uid(0x3, 0x0, 0x0) 1.672044765s ago: executing program 1 (id=423): syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f00000008c0)='./file0\x00', 0x1008490, &(0x7f0000000a40)={[{@grpid}, {@grpquota}]}, 0x4, 0x4eb, &(0x7f0000000a80)="$eJzs3c9vVFsdAPDvnXZoKQMFZaFGBRFFQ5j+ABqCC2GjMYTESFy5gNoOTdMZpum0SCuLsnRvIokr/RPcuTBh5cKdO925wYUJKnkv9CVvMS/3zqUd2g7te7Qd6Hw+ye2955xhvufMcM6Ze2B6AuhZZyNiNSKORMS9iBjO85P8iButI33cq5ePp9ZePp5Kotm8878kK0/zou3PpI7lzzkYET/7ccQvk61xG8src5PVamUhT48s1uZHGssrl2YLec74xNjE6LXLV8f3rK1nan968aPZWz//y5+/8fzvq9//dVqt0m+OZ2Xt7dhLraYXo9SW1x8Rt/YjWJf0539/+PCkve1LEXEu6//D0Ze9mwDAYdZsDkdzuD0NABx26f1/KZJCOV8LKEWhUC631vBOx1ChWm8sXhyuLz2YjmwN62QUC/dnq5XRfK3wZBSTND2WXW+kxzelL0fEqYj47cDRLF2eqlenu/nBBwB62LFN8//HA635HwA45Aa7XQEA4MCZ/wGg95j/AaD3fI7537cDAeCQcP8PAL3H/A8AvWfH+f/JwdQDADgQP719Oz2aa/nvv55+uLz0g9LDS9OVxly5tjRVnqovzJdn6vWZaqU81Wzu9HzVen1+7Mp6srG8crdWX3qweHe2NjlTuVsp7nN7AICdnTrz7J9JRKxeP5od0baXg7kaDrdCtysAdE1ftysAdI3v80Dv2sU9vmUAOOS22aL3DR3/i9BTm7/Ch+rCV63/Q6+y/g+964ut//9wz+sBHDzr/9C7ms3Env8A0GOs8QPv9O//AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0KNK2ZEUytle4Kvpz0K5HHE8Ik5GMbk/W62MRsSJiPjHQHEgTY91u9IAwDsq/CfJ9/+6MHy+tLn0SPLJQHaOiF/9/s7vHk0uLi6Mpfn/X89ffJrnjx/pRgMAgHY3tma15un83HYj/+rl46nXx0FW8cXN1uaiady1/GiV9Ed/dh6MYkQMfZTk6Zb080rfHsRffRIRX9lo/6O2CKVsDaS18+nm+Gns4/sQf+P13xy/8Eb8QlaWnovZa/HlPagL9JpnN1vjZN730i6W979CnM3O2/f/wWyEenevx7+1LeNfYX3869sSP8n6/Nn19Ntr8uLKX3+yJbM53Cp7EvG1/u3iJ+vxkw7j7/ldtvFfX//muU5lzT9EXIjt47fUsmF2ZLE2P9JYXrk0W5ucqcxUHoyPT4xNjF67fHV8JFujbv3823Yx/nv94olO8dP2D3WIP7hD+7+zy/b/8dN7v/jWW+J/79vbv/+n3xI/nRO/u8v4k0M3Om7fncaf7tD+nd7/i7uM//zfK9O7fCgAcAAayytzk9VqZWGHi/Sz5k6PcfFhXsRqxHtQDRfv1UW3RyZgv210+m7XBAAAAAAAAAAAAAAA6KSxvDI3EPv7daJutxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDD67MAAAD//w/PzvM=") prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18) quotactl$Q_SETQUOTA(0xffffffff80000801, &(0x7f0000000000)=@loop={'/dev/loop', 0x0}, 0x0, &(0x7f0000000300)={0x4701, 0x13, 0x8, 0x0, 0x1, 0x42, 0x0, 0xfffffffffffffffd, 0x1}) 1.557239227s ago: executing program 2 (id=424): socket$kcm(0x21, 0x2, 0x2) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x39) bpf$PROG_LOAD(0x5, &(0x7f0000000e00)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x800, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x18) socket(0x10, 0x3, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000480)='./file0\x00', 0x18000, &(0x7f0000000180)=ANY=[], 0x8, 0x2eb, &(0x7f00000004c0)="$eJzs3E1PE10UwPHTF0pbAmXx5DGaGG50o5sJVNdKYyAxNpEgNb4kJgNMtenYkpkGU2NEV26NH8IFYcmORPkCbNzpxo07NiYuZGEc0+kMhTKAlNIi/H8JmcPce6b3zgzk3AnD+r23T4t5W8vrFQnHlYRERDZEBiUsvpC3DbtxTLZ6JZf7fnw+f+f+g1uZbHZsUqnxzNSVtFJqYOjDsxcJr9tKr6wNPlr/nv629v/a2fXfU08KtirYqlSuKF1Nl79W9GnTULMFu6gpNWEaum2oQsk2rHp7ud6eN8tzc1Wll2b7k3OWYdtKL1VV0aiqSllVrKqKPNYLJaVpmupPCvaTW5yc1DMtJs+0eTA4IpaV0SMiktjRklvsyoAAAEBXNdf/YVHtrP+XLqxW+u4uD3j1/0osqP6/+qV+rG31f1xEAut///MD63/9YPX/zorodDlU/Y/jYSi2Y1eoEdYarYye9H5+Xa8fLg27AfU/AAAAAAAAAAAAAAAAAAAAAAD/gg3HSTmOk/K3/leviMRFxP8+IDUiIte7MGS00SGuP06Axot70QER8818bj5X33odVkXEFEOGJSW/3PvBU4v9N49UzaB8NBe8/IX5XMRtyeSl4OaPSKpHmvMdZ/xmdmxE1W3P75Hk1vy0pOS/4Px0YH5MLl3ckq9JSj7NSFlMmXXH0ch/OaLUjdvZpvyE2w8AAAAAgJNAU5sC1++atlt7PX9zfd38fCDSWF8PB67Po3Iu2t25AwAAAABwWtjV50XdNA1rjyAh+/dpPYge0ZH9Gf5tlv+3DEc30z0C/8O3NcW9nW0/LaEDnJZdgrC0kjVUm4067Cz8x0a79ZGJ0c5fQTc48+79z/Yd8NpyfJ+Zth5E9r4Bejr2CwgAAABAxzSKfn/PaHcHBAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAKdSJ/47W7TkCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAx8WfAAAA//+SWQVN") r2 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0) sendfile(r2, r2, 0x0, 0x800000009) 1.34475746s ago: executing program 2 (id=426): socket$nl_route(0x10, 0x3, 0x0) socket(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'lo\x00'}) bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0300000004000000040000000a00000000000000", @ANYRES32=0x0, @ANYBLOB='\x00'/18, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00@\x00\x00\x00'], 0x50) memfd_secret(0x0) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[], 0x48) r1 = gettid() r2 = eventfd2(0x0, 0x0) write$eventfd(r2, &(0x7f0000000140)=0xfffffffffffffff8, 0x8) write$eventfd(r2, &(0x7f0000000040)=0x8, 0x8) timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc)) r3 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r3, 0x84, 0x6e, &(0x7f0000000400)=[@in6={0xa, 0x4e24, 0x1, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x2}, @in={0x2, 0x4e23, @broadcast}, @in={0x2, 0x4e22, @remote}, @in6={0xa, 0x4e21, 0x926, @ipv4={'\x00', '\xff\xff', @broadcast}, 0x9}, @in6={0xa, 0x4e24, 0x2, @loopback, 0x3ff}], 0x74) setsockopt$inet_sctp6_SCTP_DELAYED_SACK(r3, 0x84, 0x10, &(0x7f00000002c0)=@assoc_value={0x0, 0x4}, 0x8) fsync(0xffffffffffffffff) bpf$PROG_LOAD(0x5, 0x0, 0x0) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) 1.074545524s ago: executing program 0 (id=427): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000003380)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000006cfa000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1, 0x0, 0xfffffffffffffffe}, 0x18) syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000180)='./file1\x00', 0x1000c16, &(0x7f0000000500), 0xff, 0x260, &(0x7f0000000980)="$eJzs3U9IHFccB/DfzO7Wqkux7aVQ+gdKKa0g9lboxV5aEIpIKYW2YCmllxYtWKU37SmXHJJjSIKnXCTkFpNj8CK5JARyMokHcwkkkkMkhySwYXcU/LOJxl13gvP5wDoz+ub93jDzfSPiMAEUVl9EDEVEKSL6I6ISEcnWBh9nn76NzbnupbGIWu2Hh0mjXbad2dyvNyJmI+KriFhMk/irHDG98Mvq4+XvPjs+Vfn03MLP3R09yA1rqyvfr58dOXZx+Mvp6zfvjyQxFNVtx9V+SZPvlZOIdw6j2GsiKec9AvZj9L8Lt+q5fzciPmnkvxJpZCfvxOQbi5X44syL9j354Mb7nRwr0H61WqV+D5ytAYWTRkQ1knQgIrL1NB0YyH6Hv13qSf+emPy3/8+JqfE/8p6pgHapRqx8e7nrUu+O/N8rZfkHjqjsj1IrP47O36mvrJfyHhDQER9ki/r9v/+3mc9D/qFw5B+KS/6huOQfikv+4ehp9v+mzcg/FJf8Q3HJPxSX/ENxHTj/p54d3qCAjtiafwCgWGpdB3pquP0PIgMdl/f8AwAAAAAAAAAAAAAAAAAA7DbXvTS2+WlPj+U9W1w9HbH2TdZ0d/1S433EEW82vvY8Srb1mOyrwsv9+lGLHbTofM5PX791N9/61z7Mt/7MeMTs/xExWC43rr1tF1Sycf0d3Nt7/Lzye4sFXtHOdwN8/VNn6+/0dD7f+sPLEVfq889gs/knjfcay+bzT7V+/lqs/8+TFjsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgY54HAAD//7UiauA=") 1.043370805s ago: executing program 1 (id=428): bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000008da4b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000024"], &(0x7f00000005c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=@base={0xa, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000020b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r0, 0x0, 0xffffffffffffffff}, 0x18) sendmsg$key(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)={0x2, 0x9, 0xfd, 0x2, 0x2, 0x0, 0x70bd28, 0x27dfdbfb}, 0x10}}, 0x44804) syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1018e58, &(0x7f0000000440)={[{@bsdgroups}, {@noblock_validity}, {@grpjquota}, {@init_itable_val={'init_itable', 0x3d, 0x6}}, {@debug}, {@errors_remount}]}, 0x1, 0x5fc, &(0x7f0000000600)="$eJzs3c9rHGUfAPDvzCZ5kzavaUXEFsWAhxakaVKLVS+29WAPBQv2IOKhoUlq6PYHTQq2FkzBg4KCiFeRXvwHvEvv3kRQb56FKlJRUOnK7M62m2Q3XdPsTpr5fGCy8zwzu8/z3cmTeZ6dPDsBlNZ49iON2BVx51QSMdaybTQaG8fz/W7/du10tiRRq73+axJJntfcP8kft+eJ4Yj49mjEo5XV5S5cuXp2ulpreC9i/+K5i/sXrlzdN39u+szsmdnzUwdeOHho8sWpg1MbEuf2/PHY8dee/Pj9t5+f+666L4nDcXLw3ZlYEcdGGY/xuJOH2Jo/EBGHspU278vDZguEUGqV/PdxMCIej7Go1FMNYzH/UaGVA3qqVomoASWVaP9QUs1+QHNs3904+GSPeyX9c+tIYwC0Ov6BxmcjMVwfG227nbSMjBqfbezYgPKzMv65tvvzbIlln0P8effoDGxAOZ0sXY+IJ9rFn9TrtqMeaRZ/uqwe2bhxMiKG8vq98gB1SFrWe/E5zFrWG38aEYfzxyz/6DrLH1+R7nf8AJTTzSP5iXwpS907/2V9j2b/J9r0f0bbnLvWo+jzX+f+X/N8P1zv66Qr+mFZn+VE+5ccXJnx04fHPu1Ufmv/L1uy8pt9wX64dT1i94r4P8iCzfs/WfxJm+Of7XLqcHdlvPr9L8c6bSs6/tqNiD1txz/3eqXZ2hrXJ/fPzVdnJxs/25bx9Tdvfdmp/KLjz47/tg7xtxz/dOXzsvfkYpdlfHXixrlO20bvG3/681DSGG8O5TnvTC8uXpqKGEqO57u05B9Yuy7NfZqvkcW/95n27X/Z7//15a8z0vyT2YWLb5y93Wnbeo5/y8XkO7Uu69BJFv/M/Y//qvaf5X3SZRl/vHn5qU7b1op/5EECAwAAAAAAgBJK69dgk3Ti7nqaTkw05ss+FtvS6oWFxWfnLlw+PxOxt/7/kINp80r3WCOdZOmp/P9hm+kDK9LPRcTOiPisMlJPT5y+UJ0pOngAAAAAAAAAAAAAAAAAAADYJLbn8/+b96n+vdKY/w+URC9vMAdsbto/lFe9/a+6xRNQBs7/UF7aP5SX9g/lpf1DeWn/UF7aP5SX9g/lpf0DAAAAwJa08+mbPyYRsfTSSH3JDOXbzAiCrW2w6AoAhakUXQGgMHcv/evsQ+l01f//K/9ywN5XByhA0i6z3jmord34b7Z9JgAAAAAAAAAAAADQA3t2dZ7/b24wbG2m/UF5PcD8f18dAA85X/0P5WWMD9xvFv9wpw3m/wMAAAAAAAAAAABA34zWlySdyOcCj0aaTkxE/D8idsRgMjdfnZ2MiEci4ofK4P+y9FTRlQYAAAAAAAAAAAAAAAAAAIAtZuHK1bPT1erspdaVv1flbO2V5l1Q+1DWy/EfnxVJ/9+WkYgo/KD0bGWgJSeJWMqO/Kao2KWF2BzVqK8U/IcJAAAAAAAAAAAAAAAAAABKqGXucXu7v+hzjQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg/+7d/793K0XHCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8nP4NAAD//4n5QC4=") socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f0000000280)=@file={0x1, './file0\x00'}, 0x6e) 918.516497ms ago: executing program 0 (id=429): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000080)={0x18, 0x6, &(0x7f0000000040)=ANY=[@ANYBLOB="1808000000000000000000000000000018000000000600000000000000000000d31800004100000095"], 0x0, 0x6, 0x0, 0x0, 0x0, 0x44, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x10000000, @void, @value}, 0x94) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94) socket$kcm(0x10, 0x2, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x5, 0x0, 0x0, 0x40f00, 0x8, '\x00', 0x0, @fallback=0x2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000000c0)='kmem_cache_free\x00', r1, 0x0, 0xfffffffffffffffe}, 0x18) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x0, 0x8) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) waitid(0x2, 0x0, 0x0, 0x4, 0x0) pidfd_send_signal(0xffffffffffffffff, 0x3, 0x0, 0x0) 854.414648ms ago: executing program 3 (id=430): flock(0xffffffffffffffff, 0x5) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r0}, 0x10) io_uring_register$IORING_REGISTER_BUFFERS(0xffffffffffffffff, 0x0, 0x0, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000046c0)=@newqdisc={0x45c, 0x24, 0x4ee4e6a52ff56541, 0x8000000, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x2, 0x0, 0x0, 0x0, 0x10000000, 0x0, 0x40000000, 0x1, 0x2, 0x0, 0x0, 0x8000002, 0x1, 0x7e150a0b, 0x0, 0x5, 0x0, 0x0, 0x0, 0x4, 0x0, 0x100000, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x0, 0x10000, 0x5d2, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x1007, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000, 0x0, 0x3, 0x0, 0x1, 0x8, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x2, 0x9, 0x0, 0x0, 0x7, 0xfbfffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x3, 0x0, 0x0, 0x4fd, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x7e98263b, 0x9, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x4, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x5, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd2d1, 0x0, 0x0, 0xb2e, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0xff, 0x1000, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x6, 0xc3f3, 0x1, 0x0, 0x5, 0x724ad6c, 0x800, 0x0, 0x0, 0x0, 0x0, 0xffff91a7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000001, 0x0, 0xfffffffe, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0xfffffffd, 0x0, 0x401, 0xd819ac9, 0x1, 0x0, 0x0, 0x0, 0x4, 0x0, 0xffffffff, 0x0, 0x0, 0x80000001, 0x0, 0x10, 0x1d, 0x4, 0x400000b2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x1000, 0x100, 0x0, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, 0x1, 0x4, 0xfffffffe, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x4, 0x0, 0x0, 0x20000040, 0xffffffff, 0x400, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0xaaf0]}, @TCA_TBF_PARMS={0x28, 0x1, {{0x0, 0x3, 0x0, 0x0, 0x0, 0xc0000001}, {0x3, 0x0, 0xb, 0x0, 0x0, 0xffffffff}, 0x7, 0x10, 0x2000000}}]}}]}, 0x45c}}, 0x0) 464.399124ms ago: executing program 1 (id=431): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000400000005"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{r0}, &(0x7f0000000800), &(0x7f0000000840)=r1}, 0x20) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10) r3 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000840)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffd) add_key(&(0x7f0000000040)='ceph\x00', 0x0, &(0x7f0000000bc0)="0100000200373a4541062101a59ea940d2cb0b36b8f5020000a00000050000000000eb000000a5e5be21c44e328e68f3922af831e4e51bfb30f7788fd57e51bc464355bd646d037ccc16ddb08a7b3a697aedb66ddd793acf37119e61f502d8bbb016f701890700000068d945af468c1c9090c76906b94e0f27761c75e58c82da54d010078660684a4106855beaf5e813ed18aa4acabb5bee7f082d24a16b01fc91471eba59152e716af8776ab90ac48bcbee6570df22513808ecab7a9680aa613a56aa11bfa73af4c4e94b5cfc855f0e910186d7e68ac24f8b125140ac5f7f4819168ce1c25550c6773b41011999d8d9827757d96c5e8aa4617cc54c5e67060a92661f84e698d1fe3cee10a85882cbecb29f2a22535ac50e64d95ecbab66f54373b94475e05b79a0a61bc2ae1e", 0x12d, r3) 458.805033ms ago: executing program 0 (id=432): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_COALESCE_SET(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000003300)={0x28, r1, 0x1, 0x70bd2e, 0x0, {}, [@ETHTOOL_A_COALESCE_HEADER={0x4}, @ETHTOOL_A_COALESCE_USE_ADAPTIVE_RX={0x5, 0xb, 0x1}, @ETHTOOL_A_COALESCE_USE_ADAPTIVE_TX={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x104}, 0x20000050) 394.574855ms ago: executing program 2 (id=433): prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) accept$inet(0xffffffffffffffff, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f00000001c0)={[{@grpquota}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x800}}, {@minixdf}]}, 0x1, 0x503, &(0x7f0000000fc0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSG0EmKPILUhcaModhzFTmlCD+mZKxKVOMGRP4BzT9y5IHrjUg5I/IhADRIHoxlPUje1m6hJ7Gz8+UijeW/e1N/vazrvxS+NXwBD62pE7EbEWETcjojp7HouO+KT9pHc93Tv/tL+3v2lXLRan/0zl7Yn16LjzySuZK9ZjIgffS/ip7kX4za2d9YWq9XKZlafbdY2ZhvbOzdWa4srlZXKerm8ML8w99HND8tn1td3amNZ6atP/rj7rZ8naU1lVzr7cZbaXS8cxkmMRsQPziPYAIxk/RkbdCK8knxEvBkR76bP/3SMpF9NAOAya7WmozXdWQcALrt8ugaWy5eytYCpyOdLpfYa3lsxma/WG83rd+pb68vttbKZKOTvrFYrc9la4UwUckl9Pi0/q5eP1G9GxBsR8cvxibReWqpXlwf5jQ8ADLErR+b//4y3538A4JIrDjoBAKDvzP8AMHzM/wAwfMz/ADB82vP/xKDTAAD6yPt/ABg+5n8AGCo//PTT5GjtZ59/vXx3e2utfvfGcqWxVqptLZWW6psbpZV6fSX9zJ7aca9Xrdc35j+IrXsz395oNGcb2zu3avWt9eat9HO9b1UK6V27fegZANDLG+88epxLZuSPJ9IjOvZyKAw0M+C85QedADAwI4NOABgYu33B8DrFe3zLA3BJdNmi9znFbr8g1Gq1WueXEnDOrn3J+j8Mq471f/8LGIaM9X8YXtb/YXi1WrmT7vkfJ70RALjYrPEDPX7+/2Z2/l32w4GfLB+94+F5ZgUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAX28H+v6VsL/CpyOdLpYjXImImCrk7q9XKXES8HhF/Hi+MJ/X5AecMAJxW/m+5bP+va9PvTz3X9PaVw+JYRPzs15/96t5is7n5p4ix3L/GD643H2bXy/3PHgA43sE8nZ473sg/3bu/dHD0M5+/fzciiu34+3tjsX8YfzRG03MxChEx+e9cVm/LdaxdnMbug4j4Yrf+52IqXQNp73x6NH4S+7W+xs8/Fz+ftrXPyd/FF84gFxg2j5Lx55Nuz18+rqbn7s9/MR2hTi8b/5KXWtpPx8Bn8Q/Gv5Ee49/Vk8b44A/fb5cmXmx7EPHl0YiD2Psd489B/FyP+O+fMP5fvvL2u73aWr+JuBbd43fGmm3WNmYb2zs3VmuLK5WVynq5vDC/MPfRzQ/Ls+ka9Wzv2eAfH19/vVdb0v/JHvGLx/T/6yfs/2//d/vHX3tJ/G++1y1+Pt56SfxkTvzGCeMvTv6+2Kstib/co//Hff2vnzD+k7/uvLBtOAAwOI3tnbXFarWy+TkqPE6+pxl8Ggr9LyT/ZC9AGl0L3+lXrLHo3vSL99rP9JGmVuuVYvUaMc5i1Q24CA4f+oj476CTAQAAAAAAAAAAAAAAuurHbywNuo8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABcXv8PAAD//+a4zis=") r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x101042, 0x174) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x48041, 0x0) pwrite64(r1, &(0x7f0000000140)="f6", 0xffffff07, 0x8000c61) ioctl$EXT4_IOC_MIGRATE(r0, 0x6609) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000880)={0x3, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) 324.856726ms ago: executing program 0 (id=434): mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1) r0 = socket$phonet(0x23, 0x2, 0x1) getsockopt$sock_buf(r0, 0x1, 0x1c, 0x0, &(0x7f0000000100)) 230.019257ms ago: executing program 1 (id=435): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x18, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="18090000002300810000000000000000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x9, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8001, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10) mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065fffff53000000800395032303030"], 0x15) bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x3, 0x13, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000900000000000000000000001811", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b70300000000000085000000000000bf090000000000005509010000000000852000000300000095"], 0x0, 0x8, 0x0, 0x0, 0x41100, 0x62, '\x00', 0x0, @sched_cls=0x37, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x5, @void, @value}, 0x94) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r2, &(0x7f0000000300)=ANY=[], 0x15) r3 = dup(r2) write$P9_RLERRORu(r3, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53) write$RDMA_USER_CM_CMD_SET_OPTION(r3, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20) write$binfmt_elf64(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) stat(&(0x7f0000000380)='./file0\x00', &(0x7f00000004c0)) 126.694269ms ago: executing program 1 (id=436): syz_mount_image$vfat(&(0x7f0000000ec0), &(0x7f0000000180)='./file2\x00', 0x420c, &(0x7f0000003240)=ANY=[], 0x6, 0x360, &(0x7f0000000b00)="$eJzs3c1rO0UYwPEnaZImKW1yEEVBOtiLXpY2ehaDtCAELG0jtoKwbTcasiYlG6oRse3Jq3j3JHgovVnwUND+A71404sI3noRPFhBXdm3ZPPWl5g0/trvB0omM/PszmQn5dm0m718+/MPKiVLK+kNiSaVRERErkSyEpVAxH+MuuWEhB3KSzO///j8+mYx6VWolfzGyzml1Nz8dx9+kvK7nU3LRfbdy99yv148ffHs5T8b75ctVbZUtdZQutqu/dzQt01D7ZatiqbUqmnolqHKVcuoe+3f+Nsxa3t7TaVXd2fTe3XDspRebaqK0VSNmmrUm0p/Ty9XlaZpajYtuEnxeG1Nzw8ZvDPiwWBM6vW8PiUiqZ6W4vFEBgQAACaqO/+POin9MPn/lswVCstryunczv9PXjhvzLx1Oufn/2eJfvn/Kz952+rI/53TiXb+X/POD0o35/9fyh3y/96M6HEZOv/PjmEwGM58oqcq0vHMyf/T/vvXdfTOyaJbIP8HAAAAAAAAAAAAAAAAAAAAAOBJcGXbGdu2M8Fj8NO+hMB/jgdp0PGfFpGkc/Rtjv9Dtr65JUn3wj3nGJuf7Rf3i96j3+FcREwx/ra7OWsjuPJIObLyvXngxx/sF6fclnxJyk68LElGsu56CsXb9sobheUl5fHjW5cppcPxOcnIU+H4b93V6cTnOuP9/SfkxYVQvCYZ+WFHamLKrhvZ3v+nS0q9/mahKz7l9hORX+79oAAAAAAAMGKaaul7/q5pg9q9bxnJl9yPiQxZlIz81f/8frHv+Xks81xs0rMHAAAAAOBxsJofV3SJGnW3YJr9CikZ2DSCQqyjJi4ifTsnumri1215KjTD244nId4dTP7rvL4KXtW7RAX/SOEMvNXk31FFhhtPMH+3JhJrNf1513lFDsVdAIfhpqjcIjzWPfh5p0L17bwwcDtH/kRaNcHHRokBr7Os9m4nes1KiPfU2JHhFsAzX3z9x+jeIK+e+ivgo5s7H5mGfSC3OShdBWcXvU3xsf/iAQAAAHDv2kl/UPNauDl8I5HwzXL4yz0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAACM0lq/06ypMeo4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA/8W/AQAA//9/d/Qh") r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file2\x00', 0x105042, 0x40) mmap$IORING_OFF_SQ_RING(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x100000b, 0x2013, r0, 0x0) write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[], 0x32600) mknodat$null(0xffffffffffffff9c, 0x0, 0xb0a54e68b1cd2fdb, 0x103) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000030000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x18) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000400)=ANY=[]) bpf$MAP_CREATE(0x0, 0x0, 0x48) 58.97961ms ago: executing program 0 (id=437): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001fc0)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000f1ffff000000000000100000850000007b00000095"], &(0x7f0000000100)='GPL\x00', 0x2, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1000000e, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kfree\x00', r0, 0x0, 0x101}, 0x18) unshare(0x2040400) r1 = fsopen(&(0x7f0000000440)='cgroup2\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0) unshare(0x2000400) fsmount(r1, 0x4000000000000000, 0x0) 0s ago: executing program 0 (id=438): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@loopback={0xff00000000000000, 0x777fe6a4b23f}, 0x1000000, 0x0, 0x2, 0x9, 0x0, 0x4, 0x5}, 0x20) r1 = syz_open_procfs(0x0, &(0x7f0000000040)='net/ip6_flowlabel\x00') pread64(r1, &(0x7f0000000580)=""/150, 0x8f, 0x10) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.1.113' (ED25519) to the list of known hosts. [ 51.566607][ T4240] cgroup: Unknown subsys name 'net' [ 51.706892][ T4240] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 52.964764][ T4240] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k FS [ 54.337981][ T4257] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 54.349286][ T4258] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 54.351379][ T4266] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 54.357419][ T4258] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 54.364306][ T4266] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 54.371971][ T4258] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 54.378510][ T4266] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 54.385889][ T4258] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 54.391810][ T4266] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 54.399184][ T4258] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 54.406382][ T4267] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 54.413934][ T4258] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 54.421275][ T4267] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 54.426988][ T4258] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 54.433984][ T4267] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 54.441150][ T4258] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 54.455427][ T4258] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 54.456117][ T4267] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 54.463231][ T4258] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 54.470439][ T4267] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 54.476961][ T4258] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 54.483792][ T4267] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 54.491032][ T4258] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 54.497855][ T4267] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 54.504528][ T4258] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 54.519772][ T4266] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 54.556343][ T4268] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 54.565344][ T4268] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 54.576322][ T47] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 54.584631][ T4258] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 54.939986][ T4252] chnl_net:caif_netlink_parms(): no params data found [ 55.058433][ T4251] chnl_net:caif_netlink_parms(): no params data found [ 55.073824][ T4260] chnl_net:caif_netlink_parms(): no params data found [ 55.117501][ T4256] chnl_net:caif_netlink_parms(): no params data found [ 55.128324][ T4252] bridge0: port 1(bridge_slave_0) entered blocking state [ 55.138080][ T4252] bridge0: port 1(bridge_slave_0) entered disabled state [ 55.147374][ T4252] device bridge_slave_0 entered promiscuous mode [ 55.167518][ T4252] bridge0: port 2(bridge_slave_1) entered blocking state [ 55.175049][ T4252] bridge0: port 2(bridge_slave_1) entered disabled state [ 55.183252][ T4252] device bridge_slave_1 entered promiscuous mode [ 55.243715][ T4262] chnl_net:caif_netlink_parms(): no params data found [ 55.253421][ T4251] bridge0: port 1(bridge_slave_0) entered blocking state [ 55.260862][ T4251] bridge0: port 1(bridge_slave_0) entered disabled state [ 55.268443][ T4251] device bridge_slave_0 entered promiscuous mode [ 55.277599][ T4252] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 55.302240][ T4251] bridge0: port 2(bridge_slave_1) entered blocking state [ 55.309306][ T4251] bridge0: port 2(bridge_slave_1) entered disabled state [ 55.317495][ T4251] device bridge_slave_1 entered promiscuous mode [ 55.328407][ T4252] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 55.380814][ T4260] bridge0: port 1(bridge_slave_0) entered blocking state [ 55.387901][ T4260] bridge0: port 1(bridge_slave_0) entered disabled state [ 55.396174][ T4260] device bridge_slave_0 entered promiscuous mode [ 55.425070][ T4260] bridge0: port 2(bridge_slave_1) entered blocking state [ 55.432330][ T4260] bridge0: port 2(bridge_slave_1) entered disabled state [ 55.439982][ T4260] device bridge_slave_1 entered promiscuous mode [ 55.448636][ T4251] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 55.467928][ T4252] team0: Port device team_slave_0 added [ 55.484952][ T4251] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 55.500671][ T4252] team0: Port device team_slave_1 added [ 55.526774][ T4256] bridge0: port 1(bridge_slave_0) entered blocking state [ 55.533942][ T4256] bridge0: port 1(bridge_slave_0) entered disabled state [ 55.541946][ T4256] device bridge_slave_0 entered promiscuous mode [ 55.563196][ T4260] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 55.579274][ T4256] bridge0: port 2(bridge_slave_1) entered blocking state [ 55.586521][ T4256] bridge0: port 2(bridge_slave_1) entered disabled state [ 55.594469][ T4256] device bridge_slave_1 entered promiscuous mode [ 55.608478][ T4262] bridge0: port 1(bridge_slave_0) entered blocking state [ 55.615849][ T4262] bridge0: port 1(bridge_slave_0) entered disabled state [ 55.624032][ T4262] device bridge_slave_0 entered promiscuous mode [ 55.632670][ T4260] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 55.644059][ T4251] team0: Port device team_slave_0 added [ 55.661541][ T4252] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 55.668497][ T4252] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 55.694474][ T4252] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 55.705974][ T4262] bridge0: port 2(bridge_slave_1) entered blocking state [ 55.713303][ T4262] bridge0: port 2(bridge_slave_1) entered disabled state [ 55.721776][ T4262] device bridge_slave_1 entered promiscuous mode [ 55.729615][ T4251] team0: Port device team_slave_1 added [ 55.750118][ T4252] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 55.757141][ T4252] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 55.783082][ T4252] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 55.808473][ T4260] team0: Port device team_slave_0 added [ 55.816051][ T4256] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 55.845167][ T4260] team0: Port device team_slave_1 added [ 55.853266][ T4256] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 55.871779][ T4262] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 55.882031][ T4251] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 55.889254][ T4251] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 55.915217][ T4251] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 55.956108][ T4262] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 55.965793][ T4251] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 55.972972][ T4251] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 55.999176][ T4251] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 56.018974][ T4256] team0: Port device team_slave_0 added [ 56.051241][ T4260] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 56.058187][ T4260] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 56.084566][ T4260] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 56.096926][ T4256] team0: Port device team_slave_1 added [ 56.105067][ T4252] device hsr_slave_0 entered promiscuous mode [ 56.116897][ T4252] device hsr_slave_1 entered promiscuous mode [ 56.136949][ T4260] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 56.143981][ T4260] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 56.170035][ T4260] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 56.198912][ T4262] team0: Port device team_slave_0 added [ 56.207785][ T4251] device hsr_slave_0 entered promiscuous mode [ 56.214696][ T4251] device hsr_slave_1 entered promiscuous mode [ 56.221833][ T4251] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 56.229514][ T4251] Cannot create hsr debugfs directory [ 56.239275][ T4256] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 56.246879][ T4256] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 56.273457][ T4256] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 56.286238][ T4262] team0: Port device team_slave_1 added [ 56.317620][ T4256] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 56.324856][ T4256] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 56.351071][ T4256] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 56.369232][ T4262] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 56.376475][ T4262] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 56.402752][ T4262] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 56.418475][ T4262] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 56.425794][ T4262] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 56.452094][ T4262] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 56.543715][ T4260] device hsr_slave_0 entered promiscuous mode [ 56.551131][ T4260] device hsr_slave_1 entered promiscuous mode [ 56.557553][ T4260] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 56.565138][ T4260] Cannot create hsr debugfs directory [ 56.589775][ T4256] device hsr_slave_0 entered promiscuous mode [ 56.596200][ T4269] Bluetooth: hci4: command 0x0409 tx timeout [ 56.596590][ T4258] Bluetooth: hci1: command 0x0409 tx timeout [ 56.609221][ T4256] device hsr_slave_1 entered promiscuous mode [ 56.616046][ T4256] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 56.624535][ T4256] Cannot create hsr debugfs directory [ 56.648859][ T4262] device hsr_slave_0 entered promiscuous mode [ 56.655861][ T4262] device hsr_slave_1 entered promiscuous mode [ 56.662745][ T4262] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 56.670300][ T4262] Cannot create hsr debugfs directory [ 56.676193][ T4268] Bluetooth: hci2: command 0x0409 tx timeout [ 56.680592][ T4258] Bluetooth: hci0: command 0x0409 tx timeout [ 56.688449][ T4258] Bluetooth: hci3: command 0x0409 tx timeout [ 56.913922][ T4252] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 56.925569][ T4252] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 56.934235][ T4252] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 56.946184][ T4252] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 57.000134][ T4260] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 57.013082][ T4260] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 57.023041][ T4260] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 57.040964][ T4260] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 57.109566][ T4251] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 57.118814][ T4251] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 57.136690][ T4252] 8021q: adding VLAN 0 to HW filter on device bond0 [ 57.143913][ T4251] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 57.155816][ T4251] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 57.193433][ T62] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 57.203146][ T62] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 57.214039][ T4252] 8021q: adding VLAN 0 to HW filter on device team0 [ 57.249484][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 57.258753][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 57.268407][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 57.275628][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 57.284799][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 57.293669][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 57.302501][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 57.309562][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 57.318072][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 57.328871][ T4256] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 57.345178][ T62] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 57.364995][ T4256] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 57.375616][ T4256] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 57.389306][ T4260] 8021q: adding VLAN 0 to HW filter on device bond0 [ 57.403832][ T4256] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 57.425751][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 57.441759][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 57.449460][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 57.480198][ T4260] 8021q: adding VLAN 0 to HW filter on device team0 [ 57.515169][ T62] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 57.524107][ T62] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 57.533432][ T62] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 57.543042][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 57.552889][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 57.561682][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 57.568742][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 57.578182][ T4262] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 57.588488][ T4262] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 57.598937][ T4262] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 57.609828][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 57.618233][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 57.628086][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 57.644464][ T4262] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 57.666787][ T4252] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 57.677390][ T4252] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 57.691499][ T51] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 57.699698][ T51] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 57.708367][ T51] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 57.717427][ T51] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 57.726119][ T51] bridge0: port 2(bridge_slave_1) entered blocking state [ 57.733223][ T51] bridge0: port 2(bridge_slave_1) entered forwarding state [ 57.741474][ T51] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 57.750001][ T51] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 57.758572][ T51] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 57.767176][ T51] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 57.775696][ T51] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 57.808876][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 57.818680][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 57.843389][ T4251] 8021q: adding VLAN 0 to HW filter on device bond0 [ 57.858972][ T4260] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 57.871199][ T4260] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 57.893179][ T4256] 8021q: adding VLAN 0 to HW filter on device bond0 [ 57.900878][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 57.915517][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 57.926411][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 57.939380][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 57.947897][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 57.957043][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 57.965556][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 57.985997][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 57.995945][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 58.007281][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 58.035458][ T4251] 8021q: adding VLAN 0 to HW filter on device team0 [ 58.066021][ T62] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 58.076279][ T62] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 58.094388][ T4256] 8021q: adding VLAN 0 to HW filter on device team0 [ 58.148193][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 58.158229][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 58.173697][ T9] bridge0: port 1(bridge_slave_0) entered blocking state [ 58.180829][ T9] bridge0: port 1(bridge_slave_0) entered forwarding state [ 58.195116][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 58.209162][ T62] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 58.219905][ T62] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 58.228396][ T62] bridge0: port 1(bridge_slave_0) entered blocking state [ 58.235459][ T62] bridge0: port 1(bridge_slave_0) entered forwarding state [ 58.243917][ T62] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 58.254610][ T62] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 58.263736][ T62] bridge0: port 2(bridge_slave_1) entered blocking state [ 58.270861][ T62] bridge0: port 2(bridge_slave_1) entered forwarding state [ 58.278926][ T62] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 58.298200][ T4262] 8021q: adding VLAN 0 to HW filter on device bond0 [ 58.322714][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 58.336547][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 58.346766][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 58.357531][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 58.366104][ T9] bridge0: port 2(bridge_slave_1) entered blocking state [ 58.373246][ T9] bridge0: port 2(bridge_slave_1) entered forwarding state [ 58.399708][ T4252] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 58.418300][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 58.428647][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 58.444269][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 58.454847][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 58.468269][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 58.476986][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 58.489343][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 58.523370][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 58.531532][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 58.540006][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 58.549421][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 58.557822][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 58.567186][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 58.576222][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 58.584833][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 58.605146][ T4251] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 58.615951][ T4262] 8021q: adding VLAN 0 to HW filter on device team0 [ 58.622991][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 58.635548][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 58.644644][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 58.660127][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 58.670815][ T4258] Bluetooth: hci1: command 0x041b tx timeout [ 58.675263][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 58.676822][ T4258] Bluetooth: hci4: command 0x041b tx timeout [ 58.691521][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 58.705816][ T4260] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 58.735322][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 58.745487][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 58.758726][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 58.760999][ T4258] Bluetooth: hci3: command 0x041b tx timeout [ 58.766153][ T4268] Bluetooth: hci0: command 0x041b tx timeout [ 58.772006][ T4258] Bluetooth: hci2: command 0x041b tx timeout [ 58.781841][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 58.793127][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 58.802553][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 58.812296][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 58.820942][ T9] bridge0: port 1(bridge_slave_0) entered blocking state [ 58.828012][ T9] bridge0: port 1(bridge_slave_0) entered forwarding state [ 58.838306][ T4256] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 58.882082][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 58.900837][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 58.916944][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 58.936374][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 58.948633][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 58.957587][ T9] bridge0: port 2(bridge_slave_1) entered blocking state [ 58.964736][ T9] bridge0: port 2(bridge_slave_1) entered forwarding state [ 58.973326][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 58.983135][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 58.992240][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 59.005881][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 59.025595][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 59.033819][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 59.053063][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 59.077325][ T4260] device veth0_vlan entered promiscuous mode [ 59.105813][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 59.115716][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 59.132698][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 59.146167][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 59.156087][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 59.181785][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 59.190202][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 59.198726][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 59.211973][ T4262] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 59.236412][ T4260] device veth1_vlan entered promiscuous mode [ 59.267082][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 59.281706][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 59.343142][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 59.361244][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 59.369919][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 59.383179][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 59.406496][ T4260] device veth0_macvtap entered promiscuous mode [ 59.429977][ T4252] device veth0_vlan entered promiscuous mode [ 59.442534][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 59.461580][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 59.470185][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 59.491832][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 59.503491][ T4251] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 59.515268][ T4260] device veth1_macvtap entered promiscuous mode [ 59.532162][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 59.546194][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 59.569246][ T4252] device veth1_vlan entered promiscuous mode [ 59.589452][ T4260] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 59.614679][ T4302] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 59.623886][ T4302] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 59.633764][ T4302] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 59.642802][ T4302] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 59.652014][ T4302] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 59.667929][ T4260] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 59.688030][ T4251] device veth0_vlan entered promiscuous mode [ 59.702250][ T4260] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.717517][ T4260] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.726461][ T4260] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.735477][ T4260] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.758139][ T4256] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 59.766015][ T4302] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 59.774337][ T4302] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 59.783300][ T4302] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 59.791845][ T4302] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 59.800317][ T4302] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 59.809229][ T4302] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 59.817959][ T4302] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 59.827447][ T4302] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 59.836192][ T4302] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 59.857566][ T4252] device veth0_macvtap entered promiscuous mode [ 59.872467][ T4252] device veth1_macvtap entered promiscuous mode [ 59.884466][ T4302] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 59.893411][ T4302] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 59.903430][ T4302] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 59.912403][ T4302] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 59.929848][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 59.937695][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 59.956475][ T4262] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 59.974361][ T4251] device veth1_vlan entered promiscuous mode [ 59.998770][ T4252] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 60.010718][ T4252] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.022641][ T4252] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 60.040649][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 60.048930][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 60.059563][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 60.068808][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 60.077662][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 60.087243][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 60.096600][ T4252] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 60.107158][ T4252] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.119269][ T4252] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 60.153203][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 60.162426][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 60.171493][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 60.179975][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 60.192132][ T4252] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.202219][ T4252] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.210984][ T4252] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.219661][ T4252] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.251269][ T51] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 60.259324][ T51] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 60.267843][ T51] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 60.283669][ T51] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 60.292450][ T51] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 60.300143][ T51] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 60.313379][ T4256] device veth0_vlan entered promiscuous mode [ 60.343944][ T51] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 60.352952][ T51] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 60.364088][ T4256] device veth1_vlan entered promiscuous mode [ 60.375139][ T4262] device veth0_vlan entered promiscuous mode [ 60.386457][ T4251] device veth0_macvtap entered promiscuous mode [ 60.396453][ T51] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 60.407051][ T51] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 60.415609][ T51] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 60.423515][ T51] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 60.433496][ T51] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 60.442637][ T51] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 60.451071][ T51] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 60.462755][ T4262] device veth1_vlan entered promiscuous mode [ 60.492018][ T4251] device veth1_macvtap entered promiscuous mode [ 60.531868][ T4302] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 60.539900][ T4302] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 60.543911][ T4251] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 60.560275][ T4251] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.570938][ T4251] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 60.582559][ T4251] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.594663][ T4251] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 60.606788][ T4251] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 60.617655][ T4251] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.628125][ T4251] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 60.638815][ T4251] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.649621][ T4251] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 60.660676][ T4322] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 60.669865][ T4322] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 60.671486][ T4302] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 60.688760][ T4302] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 60.697513][ T4302] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 60.705773][ T4302] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 60.713944][ T4302] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 60.723473][ T4302] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 60.731465][ T4302] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 60.740178][ T4302] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 60.748847][ T4302] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 60.757053][ T4268] Bluetooth: hci1: command 0x040f tx timeout [ 60.761252][ T4269] Bluetooth: hci4: command 0x040f tx timeout [ 60.764876][ T4302] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 60.780003][ T4302] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 60.789147][ T4302] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 60.801502][ T4251] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.810201][ T4251] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.819322][ T4251] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.829145][ T4251] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.838040][ T4269] Bluetooth: hci0: command 0x040f tx timeout [ 60.844792][ T4268] Bluetooth: hci2: command 0x040f tx timeout [ 60.851122][ T4269] Bluetooth: hci3: command 0x040f tx timeout [ 60.870805][ T4256] device veth0_macvtap entered promiscuous mode [ 60.886361][ T4262] device veth0_macvtap entered promiscuous mode [ 60.916686][ T4262] device veth1_macvtap entered promiscuous mode [ 60.925011][ T51] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 60.940076][ T51] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 60.949233][ T51] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 60.959500][ T51] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 61.008706][ T4256] device veth1_macvtap entered promiscuous mode [ 61.017445][ T4302] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 61.026902][ T4302] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 61.032322][ T51] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 61.044157][ T51] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 61.054224][ T51] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 61.083433][ T4262] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 61.099277][ T4262] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 61.114839][ T4262] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 61.126995][ T4262] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 61.137182][ T4262] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 61.149048][ T4262] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 61.172213][ T4262] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 61.190620][ T4256] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 61.201954][ T4256] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 61.213437][ T4256] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 61.224587][ T4256] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 61.235221][ T4256] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 61.246462][ T4256] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 61.256578][ T4256] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 61.267069][ T4256] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 61.303705][ T4256] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 61.316030][ T51] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 61.335204][ T51] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 61.348632][ T51] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 61.357474][ T51] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 61.366754][ T4262] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 61.377412][ T4262] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 61.387502][ T4262] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 61.398711][ T4262] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 61.409360][ T4262] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 61.420049][ T4262] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 61.432282][ T4262] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 61.452787][ T4256] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 61.465714][ T4256] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 61.487521][ T4256] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 61.511047][ T4256] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 61.517128][ T27] audit: type=1326 audit(1750679546.727:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4345 comm="syz.4.5" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff80bd8e929 code=0x7ffc0000 [ 61.541893][ T4256] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 61.570706][ T4256] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 61.583043][ T4256] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 61.600987][ T27] audit: type=1326 audit(1750679546.777:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4345 comm="syz.4.5" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff80bd8e929 code=0x7ffc0000 [ 61.624369][ T4256] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 61.636343][ T4256] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 61.644616][ T27] audit: type=1326 audit(1750679546.777:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4345 comm="syz.4.5" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff80bd8e929 code=0x7ffc0000 [ 61.683571][ T62] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 61.715262][ T27] audit: type=1326 audit(1750679546.777:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4345 comm="syz.4.5" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7ff80bd90847 code=0x7ffc0000 [ 61.720263][ T4302] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 61.766229][ T62] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 61.773406][ T4302] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 61.788228][ T27] audit: type=1326 audit(1750679546.777:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4345 comm="syz.4.5" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff80bd8e929 code=0x7ffc0000 [ 61.792140][ T4302] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 61.844480][ T4302] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 61.860428][ T4302] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 61.862400][ T27] audit: type=1326 audit(1750679546.787:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4345 comm="syz.4.5" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff80bd8e929 code=0x7ffc0000 [ 61.892296][ T4262] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 61.903855][ T4262] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 61.912722][ T4262] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 61.926463][ T4262] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 61.937095][ T27] audit: type=1326 audit(1750679546.787:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4345 comm="syz.4.5" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff80bd8e929 code=0x7ffc0000 [ 61.976572][ T4256] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 61.978456][ T27] audit: type=1326 audit(1750679546.787:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4345 comm="syz.4.5" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff80bd8e929 code=0x7ffc0000 [ 61.991837][ T4256] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.015651][ T27] audit: type=1326 audit(1750679546.817:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4345 comm="syz.4.5" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff80bd8e929 code=0x7ffc0000 [ 62.039239][ T4256] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.046901][ T27] audit: type=1326 audit(1750679546.817:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4345 comm="syz.4.5" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff80bd8e929 code=0x7ffc0000 [ 62.070537][ T4256] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.116205][ T4343] device syzkaller0 entered promiscuous mode [ 62.200279][ T4360] Invalid ELF header magic: != ELF [ 62.303459][ T4362] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(3) [ 62.310468][ T4362] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 62.325555][ T4362] vhci_hcd vhci_hcd.0: Device attached [ 62.347095][ T4363] vhci_hcd: connection closed [ 62.348482][ T39] vhci_hcd: stop threads [ 62.361716][ T39] vhci_hcd: release socket [ 62.366190][ T39] vhci_hcd: disconnect device [ 62.841673][ T4269] Bluetooth: hci4: command 0x0419 tx timeout [ 62.845504][ T4268] Bluetooth: hci1: command 0x0419 tx timeout [ 62.911377][ T4269] Bluetooth: hci2: command 0x0419 tx timeout [ 62.912071][ T4268] Bluetooth: hci3: command 0x0419 tx timeout [ 62.917401][ T4269] Bluetooth: hci0: command 0x0419 tx timeout [ 63.245851][ T4369] loop4: detected capacity change from 0 to 1024 [ 63.312280][ T4369] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 63.382411][ T4302] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 63.431265][ T4302] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 63.451428][ T4302] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 63.517111][ T4302] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 63.551232][ T4302] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 63.571804][ T4369] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters [ 63.593613][ T4302] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 63.624418][ T4369] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28 [ 63.655215][ T4369] EXT4-fs (loop4): This should not happen!! Data will be lost [ 63.655215][ T4369] [ 63.675804][ T4369] EXT4-fs (loop4): Total free blocks count 0 [ 63.700258][ T51] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 63.709833][ T51] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 63.713867][ T4369] EXT4-fs (loop4): Free/Dirty block details [ 63.744368][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 63.753423][ T4369] EXT4-fs (loop4): free_blocks=68451041280 [ 63.759284][ T4369] EXT4-fs (loop4): dirty_blocks=16 [ 63.765445][ T4369] EXT4-fs (loop4): Block reservation details [ 63.774304][ T51] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 63.815939][ T51] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 63.837533][ T4369] EXT4-fs (loop4): i_reserved_data_blocks=1 [ 63.864624][ T62] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 63.881567][ T39] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 63.921596][ T39] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 63.957865][ T62] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 64.136194][ T4252] EXT4-fs (loop4): unmounting filesystem. [ 64.354089][ T4386] syz.4.14 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 65.487966][ T4406] loop4: detected capacity change from 0 to 128 [ 66.538884][ T4396] sched: RT throttling activated [ 67.670763][ T4406] EXT4-fs: failed to create workqueue [ 67.676188][ T4406] EXT4-fs (loop4): mount failed [ 68.703671][ T4415] netlink: 8 bytes leftover after parsing attributes in process `syz.1.20'. [ 68.714049][ T27] kauditd_printk_skb: 15 callbacks suppressed [ 68.714086][ T27] audit: type=1326 audit(1750679553.777:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4400 comm="syz.1.20" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7353b8e929 code=0x7ffc0000 [ 68.840973][ T27] audit: type=1326 audit(1750679553.777:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4400 comm="syz.1.20" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7353b8e929 code=0x7ffc0000 [ 68.936445][ T4420] loop4: detected capacity change from 0 to 512 [ 68.963636][ T27] audit: type=1326 audit(1750679553.787:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4400 comm="syz.1.20" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7353b8e929 code=0x7ffc0000 [ 68.967811][ T4418] loop3: detected capacity change from 0 to 1024 [ 69.027183][ T4421] netlink: 12 bytes leftover after parsing attributes in process `syz.0.23'. [ 69.038310][ T1169] cfg80211: failed to load regulatory.db [ 69.062326][ T4418] ======================================================= [ 69.062326][ T4418] WARNING: The mand mount option has been deprecated and [ 69.062326][ T4418] and is ignored by this kernel. Remove the mand [ 69.062326][ T4418] option from the mount to silence this warning. [ 69.062326][ T4418] ======================================================= [ 69.142180][ T4420] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 69.179357][ T27] audit: type=1326 audit(1750679553.797:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4400 comm="syz.1.20" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7353b8e929 code=0x7ffc0000 [ 69.193313][ T4420] ext4 filesystem being mounted at /9/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 69.211774][ T27] audit: type=1326 audit(1750679553.797:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4400 comm="syz.1.20" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7353b8e929 code=0x7ffc0000 [ 69.211808][ T27] audit: type=1326 audit(1750679553.797:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4400 comm="syz.1.20" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7353b8e929 code=0x7ffc0000 [ 69.211834][ T27] audit: type=1326 audit(1750679553.817:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4400 comm="syz.1.20" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7353b8e929 code=0x7ffc0000 [ 69.211863][ T27] audit: type=1326 audit(1750679553.817:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4400 comm="syz.1.20" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7353b8e929 code=0x7ffc0000 [ 69.211890][ T27] audit: type=1326 audit(1750679553.817:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4400 comm="syz.1.20" exe="/root/syz-executor" sig=0 arch=c000003e syscall=246 compat=0 ip=0x7f7353b8e929 code=0x7ffc0000 [ 69.363933][ T27] audit: type=1326 audit(1750679553.817:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4400 comm="syz.1.20" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7353b8e929 code=0x7ffc0000 [ 69.426360][ T4418] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 69.465763][ T4418] ext4 filesystem being mounted at /3/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 69.564507][ T4418] netlink: 'syz.3.21': attribute type 10 has an invalid length. [ 69.618035][ T4418] team0: Device veth1_vlan failed to register rx_handler [ 69.843763][ T4441] netlink: 100 bytes leftover after parsing attributes in process `syz.2.29'. [ 69.857976][ T4252] EXT4-fs (loop4): unmounting filesystem. [ 69.875543][ T4251] EXT4-fs (loop3): unmounting filesystem. [ 70.089097][ T4453] loop0: detected capacity change from 0 to 128 [ 71.182145][ T4458] loop3: detected capacity change from 0 to 128 [ 71.767943][ T4461] skbuff: bad partial csum: csum=65489/0 headroom=64 headlen=65491 [ 71.953884][ T1277] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.974207][ T4461] netlink: 8 bytes leftover after parsing attributes in process `syz.2.35'. [ 72.017514][ T1277] ieee802154 phy1 wpan1: encryption failed: -22 [ 72.097680][ T4458] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 72.111390][ T4458] ext4 filesystem being mounted at /4/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 72.290311][ T4469] syz.0.34: attempt to access beyond end of device [ 72.290311][ T4469] loop0: rw=0, sector=97, nr_sectors = 120 limit=128 [ 72.510614][ T39] kworker/u4:2: attempt to access beyond end of device [ 72.510614][ T39] loop0: rw=1, sector=217, nr_sectors = 208 limit=128 [ 72.517305][ T4251] EXT4-fs (loop3): unmounting filesystem. [ 72.532711][ T4461] syz.2.35 (4461) used greatest stack depth: 18176 bytes left [ 72.577833][ T4477] loop4: detected capacity change from 0 to 128 [ 72.648256][ T4477] FAT-fs (loop4): bogus number of reserved sectors [ 72.679639][ T4477] FAT-fs (loop4): This doesn't look like a DOS 1.x volume; DOS 2.x BPB is non-zero [ 72.710294][ T4477] FAT-fs (loop4): Can't find a valid FAT filesystem [ 72.847600][ T4477] loop4: detected capacity change from 0 to 1024 [ 72.917796][ T4477] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 72.963584][ T4477] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 73.008464][ T4477] JBD2: no valid journal superblock found [ 73.042318][ T4477] EXT4-fs (loop4): error loading journal [ 73.245615][ T4497] loop3: detected capacity change from 0 to 164 [ 73.277500][ T4498] netlink: 'syz.0.46': attribute type 6 has an invalid length. [ 73.977564][ T4514] process 'syz.1.48' launched '/dev/fd/3' with NULL argv: empty string added [ 74.343917][ T4528] syz.4.54[4528] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 74.344017][ T4528] syz.4.54[4528] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 74.385642][ T4530] rdma_op ffff88802ed781f0 conn xmit_rdma 0000000000000000 [ 74.488388][ T4534] loop3: detected capacity change from 0 to 128 [ 74.536692][ T4535] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(6) [ 74.543258][ T4535] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 74.555607][ T4534] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 74.577631][ T4534] ext4 filesystem being mounted at /9/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 74.590745][ T4535] vhci_hcd vhci_hcd.0: Device attached [ 74.603461][ T4536] vhci_hcd: connection closed [ 74.604699][ T4322] vhci_hcd: stop threads [ 74.657710][ T4322] vhci_hcd: release socket [ 74.679699][ T4322] vhci_hcd: disconnect device [ 74.807484][ T4251] EXT4-fs (loop3): unmounting filesystem. [ 75.166201][ T4553] netlink: 48 bytes leftover after parsing attributes in process `syz.2.63'. [ 75.304999][ T4556] tipc: Started in network mode [ 75.324023][ T4558] loop4: detected capacity change from 0 to 1024 [ 75.350723][ T4556] tipc: Node identity ac14140f, cluster identity 4711 [ 75.355544][ T4558] EXT4-fs: Ignoring removed i_version option [ 75.369382][ T4558] ext4: Unknown parameter 'nouser_xattr' [ 75.389531][ T27] kauditd_printk_skb: 55 callbacks suppressed [ 75.389544][ T27] audit: type=1326 audit(1750679560.597:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4555 comm="syz.4.65" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff80bd8e929 code=0x7ffc0000 [ 75.429382][ T4556] tipc: New replicast peer: 10.1.1.2 [ 75.459322][ T4556] tipc: Enabled bearer , priority 10 [ 75.516397][ T27] audit: type=1326 audit(1750679560.597:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4555 comm="syz.4.65" exe="/root/syz-executor" sig=0 arch=c000003e syscall=326 compat=0 ip=0x7ff80bd8e929 code=0x7ffc0000 [ 75.595933][ T27] audit: type=1326 audit(1750679560.597:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4555 comm="syz.4.65" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff80bd8e929 code=0x7ffc0000 [ 75.715108][ T4564] loop1: detected capacity change from 0 to 1024 [ 75.795853][ T4564] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 75.809526][ T27] audit: type=1326 audit(1750679561.027:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4574 comm="syz.0.74" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa62fd8e929 code=0x7ffc0000 [ 75.845685][ T27] audit: type=1326 audit(1750679561.047:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4574 comm="syz.0.74" exe="/root/syz-executor" sig=0 arch=c000003e syscall=126 compat=0 ip=0x7fa62fd8e929 code=0x7ffc0000 [ 75.936630][ T27] audit: type=1326 audit(1750679561.047:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4574 comm="syz.0.74" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa62fd8e929 code=0x7ffc0000 [ 76.049451][ T27] audit: type=1326 audit(1750679561.047:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4574 comm="syz.0.74" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa62fd8e929 code=0x7ffc0000 [ 76.118620][ T4260] EXT4-fs (loop1): unmounting filesystem. [ 76.139842][ T27] audit: type=1326 audit(1750679561.087:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4570 comm="syz.3.72" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f62a618e929 code=0x7ffc0000 [ 76.284529][ T27] audit: type=1326 audit(1750679561.087:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4570 comm="syz.3.72" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f62a618e929 code=0x7ffc0000 [ 76.361770][ T27] audit: type=1326 audit(1750679561.087:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4570 comm="syz.3.72" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f62a618e929 code=0x7ffc0000 [ 76.427338][ T4584] device syzkaller0 entered promiscuous mode [ 76.581622][ T4298] tipc: Node number set to 2886997007 [ 76.660028][ T4591] lo speed is unknown, defaulting to 1000 [ 76.700704][ T4591] lo speed is unknown, defaulting to 1000 [ 76.735712][ T4591] lo speed is unknown, defaulting to 1000 [ 76.794310][ T4591] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 76.864791][ T4591] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98 [ 76.999543][ T4591] lo speed is unknown, defaulting to 1000 [ 77.051381][ T4605] netlink: 16 bytes leftover after parsing attributes in process `syz.1.85'. [ 77.624261][ T4662] netlink: 4 bytes leftover after parsing attributes in process `syz.0.90'. [ 79.755934][ T4700] loop1: detected capacity change from 0 to 512 [ 79.791785][ T4700] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 79.826183][ T4700] EXT4-fs (loop1): orphan cleanup on readonly fs [ 79.841207][ T4700] EXT4-fs error (device loop1): ext4_acquire_dquot:6814: comm syz.1.97: Failed to acquire dquot type 1 [ 79.876100][ T4700] EXT4-fs (loop1): 1 truncate cleaned up [ 79.896901][ T4700] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 79.934044][ T4260] EXT4-fs (loop1): unmounting filesystem. [ 80.237492][ T4707] loop1: detected capacity change from 0 to 128 [ 80.275828][ T4707] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 80.303793][ T4707] ext4 filesystem being mounted at /22/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 80.358558][ T4707] EXT4-fs error (device loop1): htree_dirblock_to_tree:1112: inode #2: block 4: comm syz.1.100: bad entry in directory: rec_len is smaller than minimal - offset=1012, inode=128, rec_len=9, size=1024 fake=0 [ 80.399085][ T4707] EXT4-fs (loop1): Remounting filesystem read-only [ 80.455993][ T4260] EXT4-fs (loop1): unmounting filesystem. [ 81.144353][ T4591] lo speed is unknown, defaulting to 1000 [ 81.154098][ T4591] lo speed is unknown, defaulting to 1000 [ 81.166644][ T4591] lo speed is unknown, defaulting to 1000 [ 81.173519][ T4591] lo speed is unknown, defaulting to 1000 [ 81.206516][ T4721] netlink: 24 bytes leftover after parsing attributes in process `syz.0.105'. [ 81.563261][ T4735] netlink: 60 bytes leftover after parsing attributes in process `syz.0.111'. [ 81.620722][ T4739] netlink: 'syz.1.113': attribute type 10 has an invalid length. [ 81.629215][ T4739] netlink: 40 bytes leftover after parsing attributes in process `syz.1.113'. [ 81.659667][ T4739] device dummy0 entered promiscuous mode [ 81.679817][ T4739] bridge0: port 3(dummy0) entered blocking state [ 81.705680][ T4739] bridge0: port 3(dummy0) entered disabled state [ 81.752306][ T4739] bridge0: port 3(dummy0) entered blocking state [ 81.759892][ T4739] bridge0: port 3(dummy0) entered forwarding state [ 81.827114][ T27] kauditd_printk_skb: 19 callbacks suppressed [ 81.827127][ T27] audit: type=1326 audit(1750679567.037:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4747 comm="syz.3.117" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f62a618e929 code=0x7ffc0000 [ 81.957290][ T27] audit: type=1326 audit(1750679567.067:120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4747 comm="syz.3.117" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f62a618e929 code=0x7ffc0000 [ 82.024548][ T27] audit: type=1326 audit(1750679567.067:121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4747 comm="syz.3.117" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7f62a618e929 code=0x7ffc0000 [ 82.105792][ T27] audit: type=1326 audit(1750679567.067:122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4747 comm="syz.3.117" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f62a618e929 code=0x7ffc0000 [ 82.121504][ T4750] device syzkaller0 entered promiscuous mode [ 82.160788][ T4756] sch_tbf: burst 3298 is lower than device lo mtu (65550) ! [ 82.212710][ T27] audit: type=1326 audit(1750679567.067:123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4747 comm="syz.3.117" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f62a618e929 code=0x7ffc0000 [ 82.294778][ T27] audit: type=1326 audit(1750679567.067:124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4747 comm="syz.3.117" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f62a618e929 code=0x7ffc0000 [ 82.343098][ T27] audit: type=1326 audit(1750679567.077:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4747 comm="syz.3.117" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f62a618e929 code=0x7ffc0000 [ 82.384616][ T27] audit: type=1326 audit(1750679567.077:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4747 comm="syz.3.117" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f62a618e929 code=0x7ffc0000 [ 82.410854][ T27] audit: type=1326 audit(1750679567.087:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4747 comm="syz.3.117" exe="/root/syz-executor" sig=0 arch=c000003e syscall=133 compat=0 ip=0x7f62a618e929 code=0x7ffc0000 [ 82.446736][ T4768] syz.4.125[4768] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 82.446831][ T4768] syz.4.125[4768] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 82.471403][ T27] audit: type=1326 audit(1750679567.087:128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4747 comm="syz.3.117" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f62a618e929 code=0x7ffc0000 [ 82.520042][ T4768] netlink: 96 bytes leftover after parsing attributes in process `syz.4.125'. [ 82.721877][ T4777] syz.4.130 uses obsolete (PF_INET,SOCK_PACKET) [ 82.746726][ T4777] device syzkaller1 entered promiscuous mode [ 82.859930][ T4780] loop1: detected capacity change from 0 to 4096 [ 82.970621][ T4780] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 82.994622][ T4787] loop3: detected capacity change from 0 to 512 [ 83.076609][ T4260] EXT4-fs (loop1): unmounting filesystem. [ 83.137549][ T4787] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 83.207029][ T4787] ext4 filesystem being mounted at /23/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 83.226171][ T4796] capability: warning: `syz.4.136' uses 32-bit capabilities (legacy support in use) [ 83.941382][ T4251] EXT4-fs (loop3): unmounting filesystem. [ 84.073607][ T4809] loop3: detected capacity change from 0 to 512 [ 84.120487][ T4809] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 84.219377][ T4812] EXT4-fs warning (device loop3): ext4_enable_quotas:7066: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 84.446435][ T4251] EXT4-fs (loop3): unmounting filesystem. [ 85.202228][ T4798] tipc: Started in network mode [ 85.208149][ T4798] tipc: Node identity ac14140f, cluster identity 4711 [ 85.216009][ T4798] tipc: New replicast peer: 10.1.1.2 [ 85.221742][ T4798] tipc: Enabled bearer , priority 10 [ 85.394628][ T4825] syz.2.146[4825] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 85.394711][ T4825] syz.2.146[4825] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 86.057203][ T4846] device syzkaller0 entered promiscuous mode [ 86.109418][ T4855] loop0: detected capacity change from 0 to 512 [ 86.143024][ T4855] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 86.296179][ T4855] EXT4-fs (loop0): 1 orphan inode deleted [ 86.307783][ T4855] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 86.331591][ T4855] ext4 filesystem being mounted at /39/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 86.350591][ T4298] tipc: Node number set to 2886997007 [ 86.361061][ T4302] EXT4-fs error (device loop0): ext4_release_dquot:6850: comm kworker/u4:5: Failed to release dquot type 1 [ 86.497170][ T4256] EXT4-fs (loop0): unmounting filesystem. [ 86.549483][ T4873] loop2: detected capacity change from 0 to 512 [ 86.623298][ T4873] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 86.674046][ T4873] ext4 filesystem being mounted at /25/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 86.817714][ T4891] mmap: syz.2.164 (4891) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 87.302244][ T27] kauditd_printk_skb: 16 callbacks suppressed [ 87.302258][ T27] audit: type=1326 audit(1750679828.525:143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4883 comm="syz.0.166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa62fd8e929 code=0x7ffc0000 [ 87.361631][ T27] audit: type=1326 audit(1750679828.525:144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4883 comm="syz.0.166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa62fd8e929 code=0x7ffc0000 [ 87.392501][ T27] audit: type=1326 audit(1750679828.525:145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4883 comm="syz.0.166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7fa62fd8e929 code=0x7ffc0000 [ 87.429754][ T27] audit: type=1326 audit(1750679828.525:146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4883 comm="syz.0.166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa62fd8e929 code=0x7ffc0000 [ 87.459015][ T27] audit: type=1326 audit(1750679828.525:147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4883 comm="syz.0.166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa62fd8e929 code=0x7ffc0000 [ 87.524904][ T27] audit: type=1326 audit(1750679828.525:148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4883 comm="syz.0.166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=50 compat=0 ip=0x7fa62fd8e929 code=0x7ffc0000 [ 87.547236][ T27] audit: type=1326 audit(1750679828.525:149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4883 comm="syz.0.166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa62fd8e929 code=0x7ffc0000 [ 87.711121][ T27] audit: type=1326 audit(1750679828.525:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4883 comm="syz.0.166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa62fd8e929 code=0x7ffc0000 [ 87.758471][ T4262] EXT4-fs (loop2): unmounting filesystem. [ 87.830517][ T27] audit: type=1326 audit(1750679828.525:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4883 comm="syz.0.166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=288 compat=0 ip=0x7fa62fd8e929 code=0x7ffc0000 [ 87.950660][ T27] audit: type=1326 audit(1750679828.525:152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4883 comm="syz.0.166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa62fd8e929 code=0x7ffc0000 [ 89.162951][ T4949] loop4: detected capacity change from 0 to 128 [ 89.172306][ T4949] EXT4-fs: Ignoring removed nobh option [ 89.198708][ T4949] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 89.228393][ T4949] ext4 filesystem being mounted at /43/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 89.339065][ T4955] EXT4-fs (loop4): shut down requested (2) [ 89.447815][ T4252] EXT4-fs (loop4): unmounting filesystem. [ 89.534569][ T4960] loop4: detected capacity change from 0 to 164 [ 89.558494][ T4960] syz.4.189: attempt to access beyond end of device [ 89.558494][ T4960] loop4: rw=524288, sector=263328, nr_sectors = 4 limit=164 [ 89.574798][ T4960] syz.4.189: attempt to access beyond end of device [ 89.574798][ T4960] loop4: rw=0, sector=263328, nr_sectors = 4 limit=164 [ 90.363332][ T4971] loop2: detected capacity change from 0 to 512 [ 90.387297][ T4971] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 90.406664][ T4922] netlink: 'syz.0.176': attribute type 4 has an invalid length. [ 90.423320][ T4971] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 90.435356][ T4971] ext4 filesystem being mounted at /32/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 90.435442][ T4928] netlink: 16 bytes leftover after parsing attributes in process `syz.3.177'. [ 90.500600][ T4967] netlink: 16402 bytes leftover after parsing attributes in process `syz.4.192'. [ 90.520262][ T4966] netlink: 16402 bytes leftover after parsing attributes in process `syz.4.192'. [ 90.600326][ T4262] EXT4-fs (loop2): unmounting filesystem. [ 90.646499][ T4978] netlink: 'syz.3.196': attribute type 13 has an invalid length. [ 90.813427][ T4978] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 90.921927][ T4978] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 91.386441][ T5008] device syzkaller0 entered promiscuous mode [ 91.772310][ T5024] Zero length message leads to an empty skb [ 92.144368][ T4298] usb 2-1: new full-speed USB device number 2 using dummy_hcd [ 92.325690][ T4298] usb 2-1: device descriptor read/64, error -71 [ 92.623459][ T4298] usb 2-1: new full-speed USB device number 3 using dummy_hcd [ 92.790446][ T4298] usb 2-1: device descriptor read/64, error -71 [ 92.923552][ T4298] usb usb2-port1: attempt power cycle [ 93.273501][ T5022] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 93.289236][ T5026] IPv6: NLM_F_CREATE should be specified when creating new route [ 93.336250][ T5030] lo speed is unknown, defaulting to 1000 [ 93.350550][ T4298] usb 2-1: new full-speed USB device number 4 using dummy_hcd [ 93.401086][ T4298] usb 2-1: device descriptor read/8, error -71 [ 93.477409][ T5022] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 93.512126][ T5041] netlink: 4 bytes leftover after parsing attributes in process `syz.0.220'. [ 93.534610][ T27] kauditd_printk_skb: 296 callbacks suppressed [ 93.534623][ T27] audit: type=1326 audit(1750679834.755:449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5042 comm="syz.2.219" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f719af8e929 code=0x0 [ 93.582742][ T5045] loop4: detected capacity change from 0 to 512 [ 93.627244][ T5022] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 93.670669][ T4298] usb 2-1: new full-speed USB device number 5 using dummy_hcd [ 93.680606][ T5047] tipc: New replicast peer: 255.255.255.255 [ 93.687357][ T5047] tipc: Enabled bearer , priority 10 [ 93.714436][ T5045] EXT4-fs (loop4): 1 orphan inode deleted [ 93.724733][ T4298] usb 2-1: device descriptor read/8, error -71 [ 93.739219][ T5045] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 93.751146][ T4678] Quota error (device loop4): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 93.769874][ T5041] netlink: 4 bytes leftover after parsing attributes in process `syz.0.220'. [ 93.773712][ T4678] EXT4-fs error (device loop4): ext4_release_dquot:6850: comm kworker/u4:27: Failed to release dquot type 1 [ 93.807217][ T5045] ext4 filesystem being mounted at /51/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 93.824053][ T5022] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 93.865933][ T5047] netlink: 12 bytes leftover after parsing attributes in process `syz.2.219'. [ 93.875421][ T4298] usb usb2-port1: unable to enumerate USB device [ 93.892456][ T5047] tipc: Disabling bearer [ 93.995035][ T5041] netlink: 4 bytes leftover after parsing attributes in process `syz.0.220'. [ 94.019524][ T5056] serio: Serial port ptm0 [ 94.036476][ T5022] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.089246][ T5022] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.130282][ T5022] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.184215][ T27] audit: type=1326 audit(1750679835.405:450): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5059 comm="syz.0.224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa62fd8e929 code=0x7ffc0000 [ 94.213252][ T5022] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.238818][ T27] audit: type=1326 audit(1750679835.405:451): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5059 comm="syz.0.224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa62fd8e929 code=0x7ffc0000 [ 94.273958][ T27] audit: type=1326 audit(1750679835.425:452): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5059 comm="syz.0.224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa62fd8e929 code=0x7ffc0000 [ 94.278742][ T4252] EXT4-fs (loop4): unmounting filesystem. [ 94.377504][ T27] audit: type=1326 audit(1750679835.425:453): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5059 comm="syz.0.224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa62fd8e929 code=0x7ffc0000 [ 94.454185][ T27] audit: type=1326 audit(1750679835.425:454): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5059 comm="syz.0.224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa62fd8e929 code=0x7ffc0000 [ 94.530757][ T27] audit: type=1326 audit(1750679835.425:455): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5059 comm="syz.0.224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa62fd8e929 code=0x7ffc0000 [ 94.565892][ T27] audit: type=1326 audit(1750679835.425:456): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5059 comm="syz.0.224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa62fd8e929 code=0x7ffc0000 [ 94.626042][ T27] audit: type=1326 audit(1750679835.425:457): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5059 comm="syz.0.224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa62fd8e929 code=0x7ffc0000 [ 94.904816][ T5078] loop2: detected capacity change from 0 to 1024 [ 95.050158][ T5078] lo speed is unknown, defaulting to 1000 [ 95.205932][ T5094] loop3: detected capacity change from 0 to 512 [ 95.252882][ T5094] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 95.280638][ T5094] ext4 filesystem being mounted at /44/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 95.313932][ T5097] hub 6-0:1.0: USB hub found [ 95.344287][ T5094] EXT4-fs error (device loop3): ext4_do_update_inode:5253: inode #2: comm syz.3.238: corrupted inode contents [ 95.360886][ T5097] hub 6-0:1.0: 1 port detected [ 95.456565][ T5094] EXT4-fs error (device loop3): ext4_dirty_inode:6118: inode #2: comm syz.3.238: mark_inode_dirty error [ 95.475626][ T5094] EXT4-fs error (device loop3): ext4_do_update_inode:5253: inode #2: comm syz.3.238: corrupted inode contents [ 95.646660][ T4251] EXT4-fs (loop3): unmounting filesystem. [ 95.667585][ T5108] loop1: detected capacity change from 0 to 512 [ 95.697740][ T5107] loop4: detected capacity change from 0 to 1024 [ 95.780887][ T5107] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 95.837366][ T5107] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:3841: comm syz.4.241: Allocating blocks 449-513 which overlap fs metadata [ 95.847498][ T5105] EXT4-fs (loop4): pa ffff8880743cdd20: logic 48, phys. 177, len 21 [ 95.847604][ T5105] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:4881: group 0, free 0, pa_free 4 [ 95.854169][ T5108] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 95.854273][ T5108] ext4 filesystem being mounted at /44/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 95.955841][ T4252] EXT4-fs (loop4): unmounting filesystem. [ 95.960722][ T5123] capability: warning: `syz.0.244' uses deprecated v2 capabilities in a way that may be insecure [ 96.005715][ T5125] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.242: bg 0: block 217: padding at end of block bitmap is not set [ 96.294325][ T4300] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 96.470556][ T4300] usb 1-1: Using ep0 maxpacket: 32 [ 96.519667][ T4300] usb 1-1: config 4 has an invalid interface number: 128 but max is 0 [ 96.549319][ T4300] usb 1-1: config 4 has no interface number 0 [ 96.564639][ T4300] usb 1-1: config 4 interface 128 altsetting 0 endpoint 0x81 has an invalid bInterval 134, changing to 11 [ 96.571069][ T4260] EXT4-fs (loop1): unmounting filesystem. [ 96.587735][ T4300] usb 1-1: config 4 interface 128 altsetting 0 endpoint 0x81 has invalid maxpacket 59360, setting to 1024 [ 96.622290][ T4300] usb 1-1: New USB device found, idVendor=016d, idProduct=c314, bcdDevice= 0.00 [ 96.644998][ T4300] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 96.680992][ T5126] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 96.742783][ T4300] hub 1-1:4.128: USB hub found [ 97.065159][ T4300] hub 1-1:4.128: 2 ports detected [ 97.072961][ T4300] hub 1-1:4.128: Using single TT (err -22) [ 97.153367][ T5157] device syzkaller0 entered promiscuous mode [ 97.164105][ T5155] netlink: 4 bytes leftover after parsing attributes in process `syz.3.257'. [ 97.274207][ T5112] loop0: detected capacity change from 0 to 512 [ 97.338640][ T5112] EXT4-fs error (device loop0): ext4_do_update_inode:5253: inode #16: comm syz.0.244: corrupted inode contents [ 97.362901][ T5112] EXT4-fs error (device loop0): ext4_dirty_inode:6118: inode #16: comm syz.0.244: mark_inode_dirty error [ 97.399906][ T5112] EXT4-fs error (device loop0): ext4_do_update_inode:5253: inode #16: comm syz.0.244: corrupted inode contents [ 97.430413][ T5112] EXT4-fs error (device loop0): __ext4_ext_dirty:202: inode #16: comm syz.0.244: mark_inode_dirty error [ 97.445311][ T5112] EXT4-fs error (device loop0): ext4_do_update_inode:5253: inode #16: comm syz.0.244: corrupted inode contents [ 97.464946][ T5112] EXT4-fs error (device loop0) in ext4_orphan_del:305: Corrupt filesystem [ 97.484505][ T5112] EXT4-fs error (device loop0): ext4_do_update_inode:5253: inode #16: comm syz.0.244: corrupted inode contents [ 97.500294][ T5112] EXT4-fs error (device loop0): ext4_truncate:4312: inode #16: comm syz.0.244: mark_inode_dirty error [ 97.516800][ T5112] EXT4-fs error (device loop0) in ext4_process_orphan:347: Corrupt filesystem [ 97.536513][ T5112] EXT4-fs (loop0): 1 truncate cleaned up [ 97.542378][ T5112] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 97.552215][ T5112] ext4 filesystem being mounted at /file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 97.566310][ T4649] EXT4-fs error (device loop0): ext4_release_dquot:6850: comm kworker/u4:15: Failed to release dquot type 1 [ 97.604984][ T5112] EXT4-fs (loop0): unmounting filesystem. [ 97.779412][ T4300] hub 1-1:4.128: hub_hub_status failed (err = -71) [ 97.789040][ T4300] hub 1-1:4.128: config failed, can't get hub status (err -71) [ 97.896325][ T4300] usb 1-1: USB disconnect, device number 2 [ 99.614985][ T5193] loop4: detected capacity change from 0 to 512 [ 99.636494][ T5195] netlink: 132 bytes leftover after parsing attributes in process `syz.0.271'. [ 99.725637][ T5193] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 99.740491][ T5193] ext4 filesystem being mounted at /62/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 99.882924][ T27] kauditd_printk_skb: 39 callbacks suppressed [ 99.882936][ T27] audit: type=1800 audit(1750679841.105:496): pid=5210 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.270" name="bus" dev="loop4" ino=18 res=0 errno=0 [ 100.399932][ T5225] device syzkaller0 entered promiscuous mode [ 100.516640][ T4252] EXT4-fs (loop4): unmounting filesystem. [ 100.629573][ T5237] syz.4.287[5237] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 100.629673][ T5237] syz.4.287[5237] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 100.862674][ T5244] loop4: detected capacity change from 0 to 1024 [ 100.914898][ T5248] netlink: 8 bytes leftover after parsing attributes in process `syz.2.292'. [ 100.927688][ T5244] EXT4-fs (loop4): orphan cleanup on readonly fs [ 100.944221][ T5244] Quota error (device loop4): do_check_range: Getting block 64 out of range 1-5 [ 100.954512][ T5244] Quota error (device loop4): qtree_read_dquot: Can't read quota structure for id 0 [ 100.964074][ T5244] EXT4-fs error (device loop4): ext4_acquire_dquot:6814: comm syz.4.291: Failed to acquire dquot type 0 [ 100.986751][ T5244] EXT4-fs error (device loop4): mb_free_blocks:1815: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt. [ 101.003140][ T5244] EXT4-fs error (device loop4): ext4_do_update_inode:5253: inode #13: comm syz.4.291: corrupted inode contents [ 101.019232][ T5244] EXT4-fs error (device loop4): ext4_dirty_inode:6118: inode #13: comm syz.4.291: mark_inode_dirty error [ 101.047016][ T5244] EXT4-fs error (device loop4): ext4_do_update_inode:5253: inode #13: comm syz.4.291: corrupted inode contents [ 101.091016][ T5244] EXT4-fs error (device loop4): __ext4_ext_dirty:202: inode #13: comm syz.4.291: mark_inode_dirty error [ 101.129752][ T5244] EXT4-fs error (device loop4): ext4_do_update_inode:5253: inode #13: comm syz.4.291: corrupted inode contents [ 101.155370][ T5244] EXT4-fs error (device loop4) in ext4_orphan_del:305: Corrupt filesystem [ 101.191085][ T5244] EXT4-fs error (device loop4): ext4_do_update_inode:5253: inode #13: comm syz.4.291: corrupted inode contents [ 101.210149][ T5244] EXT4-fs error (device loop4): ext4_truncate:4312: inode #13: comm syz.4.291: mark_inode_dirty error [ 101.227479][ T5244] EXT4-fs error (device loop4) in ext4_process_orphan:347: Corrupt filesystem [ 101.247097][ T5244] EXT4-fs (loop4): 1 truncate cleaned up [ 101.253137][ T5244] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 101.318882][ T4252] EXT4-fs (loop4): unmounting filesystem. [ 101.429414][ T5262] loop4: detected capacity change from 0 to 128 [ 101.441229][ T5234] DRBG: could not allocate digest TFM handle: hmac(sha512) [ 101.517639][ T5262] netlink: 4 bytes leftover after parsing attributes in process `syz.4.293'. [ 101.554577][ T5262] netlink: 4 bytes leftover after parsing attributes in process `syz.4.293'. [ 101.618498][ T5262] syz.4.293: attempt to access beyond end of device [ 101.618498][ T5262] loop4: rw=2049, sector=145, nr_sectors = 89 limit=128 [ 101.846976][ T5268] hub 6-0:1.0: USB hub found [ 101.854580][ T5268] hub 6-0:1.0: 1 port detected [ 102.745572][ T5288] netlink: 8 bytes leftover after parsing attributes in process `syz.4.299'. [ 103.326697][ T5292] loop1: detected capacity change from 0 to 512 [ 103.902646][ T5288] platform regulatory.0: loading /lib/firmware/regulatory.db failed with error -12 [ 103.912159][ T5288] platform regulatory.0: Direct firmware load for regulatory.db failed with error -12 [ 103.921876][ T5288] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 103.935191][ T5294] lo speed is unknown, defaulting to 1000 [ 104.131726][ T5298] program syz.3.302 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 104.142241][ T5301] netlink: 'syz.2.303': attribute type 29 has an invalid length. [ 104.150084][ T5301] netlink: 'syz.2.303': attribute type 3 has an invalid length. [ 104.161634][ T5298] netlink: 'syz.3.302': attribute type 10 has an invalid length. [ 104.165416][ T5301] netlink: 132 bytes leftover after parsing attributes in process `syz.2.303'. [ 104.188816][ T5302] netlink: 300 bytes leftover after parsing attributes in process `syz.4.304'. [ 104.226564][ T5298] team0: Port device dummy0 added [ 104.246504][ T5307] netlink: 'syz.3.302': attribute type 10 has an invalid length. [ 104.262698][ T5307] team0: Failed to send port change of device dummy0 via netlink (err -105) [ 104.322858][ T5307] team0: Failed to send options change via netlink (err -105) [ 104.343412][ T5307] team0: Failed to send port change of device dummy0 via netlink (err -105) [ 104.366344][ T5307] team0: Port device dummy0 removed [ 104.383959][ T5307] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 104.437760][ T5315] netlink: 20 bytes leftover after parsing attributes in process `syz.4.309'. [ 104.705024][ T5327] device syzkaller0 entered promiscuous mode [ 104.805790][ T5336] syz.2.318[5336] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 104.805889][ T5336] syz.2.318[5336] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 105.276999][ T27] audit: type=1326 audit(1750679846.495:497): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5348 comm="syz.0.324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa62fd8e929 code=0x7ffc0000 [ 105.327734][ T27] audit: type=1326 audit(1750679846.545:498): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5348 comm="syz.0.324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa62fd8e929 code=0x7ffc0000 [ 105.351245][ T27] audit: type=1326 audit(1750679846.545:499): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5348 comm="syz.0.324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa62fd8e929 code=0x7ffc0000 [ 105.373808][ T27] audit: type=1326 audit(1750679846.545:500): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5348 comm="syz.0.324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa62fd8e929 code=0x7ffc0000 [ 105.405645][ T27] audit: type=1326 audit(1750679846.545:501): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5348 comm="syz.0.324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa62fd8e929 code=0x7ffc0000 [ 105.446611][ T27] audit: type=1326 audit(1750679846.545:502): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5348 comm="syz.0.324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa62fd8e929 code=0x7ffc0000 [ 105.501264][ T27] audit: type=1326 audit(1750679846.545:503): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5348 comm="syz.0.324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa62fd8e929 code=0x7ffc0000 [ 105.548471][ T27] audit: type=1326 audit(1750679846.545:504): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5348 comm="syz.0.324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa62fd8e929 code=0x7ffc0000 [ 105.597585][ T27] audit: type=1326 audit(1750679846.545:505): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5348 comm="syz.0.324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa62fd8e929 code=0x7ffc0000 [ 105.661116][ T27] audit: type=1326 audit(1750679846.545:506): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5348 comm="syz.0.324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa62fd8e929 code=0x7ffc0000 [ 105.877617][ T5362] loop1: detected capacity change from 0 to 1024 [ 105.888083][ T5362] ext4: Unknown parameter 'smackfsroot' [ 106.156433][ T5370] loop1: detected capacity change from 0 to 164 [ 106.184130][ T5370] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 107.194313][ T5342] netlink: 20 bytes leftover after parsing attributes in process `syz.2.321'. [ 107.207296][ T5351] lo speed is unknown, defaulting to 1000 [ 107.239593][ T5368] netlink: 8 bytes leftover after parsing attributes in process `syz.4.332'. [ 107.247966][ T5381] syz.2.337[5381] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 107.248616][ T5381] syz.2.337[5381] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 107.692706][ T5393] loop0: detected capacity change from 0 to 1024 [ 107.727282][ T5393] ext4: Unknown parameter 'smackfsroot' [ 108.039347][ T5416] device syzkaller0 entered promiscuous mode [ 110.034886][ T5430] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 110.077586][ T5451] netlink: 4 bytes leftover after parsing attributes in process `syz.2.360'. [ 110.323097][ T5464] netlink: 'syz.2.365': attribute type 10 has an invalid length. [ 110.355693][ T5464] netlink: 'syz.2.365': attribute type 19 has an invalid length. [ 110.363705][ T5464] netlink: 156 bytes leftover after parsing attributes in process `syz.2.365'. [ 110.384746][ T5467] netlink: 16 bytes leftover after parsing attributes in process `syz.3.366'. [ 110.454001][ T5468] IPVS: sync thread started: state = BACKUP, mcast_ifn = wg0, syncid = 4, id = 0 [ 110.520306][ T27] kauditd_printk_skb: 67 callbacks suppressed [ 110.520320][ T27] audit: type=1326 audit(1750679851.735:574): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5471 comm="syz.1.367" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7353b8e929 code=0x7ffc0000 [ 110.630594][ T27] audit: type=1326 audit(1750679851.775:575): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5471 comm="syz.1.367" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7353b8e929 code=0x7ffc0000 [ 110.673178][ T27] audit: type=1326 audit(1750679851.775:576): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5471 comm="syz.1.367" exe="/root/syz-executor" sig=0 arch=c000003e syscall=281 compat=0 ip=0x7f7353b8e929 code=0x7ffc0000 [ 110.720614][ T27] audit: type=1326 audit(1750679851.775:577): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5471 comm="syz.1.367" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7353b8e929 code=0x7ffc0000 [ 110.743166][ T27] audit: type=1326 audit(1750679851.775:578): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5471 comm="syz.1.367" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7353b8e929 code=0x7ffc0000 [ 110.800586][ T27] audit: type=1326 audit(1750679851.935:579): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5481 comm="syz.2.373" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f719af8e929 code=0x0 [ 110.879345][ T5480] 9pnet: Could not find request transport: 0xffffffffffffffff [ 110.946546][ T5483] device syzkaller0 entered promiscuous mode [ 110.992159][ T27] audit: type=1326 audit(1750679852.215:580): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5497 comm="syz.0.379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa62fd8e929 code=0x7ffc0000 [ 111.071768][ T27] audit: type=1326 audit(1750679852.245:581): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5497 comm="syz.0.379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa62fd8e929 code=0x7ffc0000 [ 111.146994][ T27] audit: type=1326 audit(1750679852.245:582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5497 comm="syz.0.379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa62fd8e929 code=0x7ffc0000 [ 111.203904][ T27] audit: type=1326 audit(1750679852.245:583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5497 comm="syz.0.379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa62fd8e929 code=0x7ffc0000 [ 111.359452][ T5509] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported [ 111.792807][ T5523] loop3: detected capacity change from 0 to 1024 [ 111.816051][ T5523] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 111.848504][ T5523] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c80ce018, mo2=0000] [ 111.926359][ T5523] EXT4-fs error (device loop3): ext4_map_blocks:635: inode #3: block 2: comm syz.3.389: lblock 2 mapped to illegal pblock 2 (length 1) [ 112.014575][ T5523] EXT4-fs error (device loop3): ext4_map_blocks:635: inode #3: block 48: comm syz.3.389: lblock 0 mapped to illegal pblock 48 (length 1) [ 112.056398][ T5523] EXT4-fs error (device loop3): ext4_acquire_dquot:6814: comm syz.3.389: Failed to acquire dquot type 0 [ 112.087438][ T5523] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5914: Corrupt filesystem [ 112.145337][ T5523] EXT4-fs error (device loop3): ext4_evict_inode:279: inode #11: comm syz.3.389: mark_inode_dirty error [ 112.177879][ T5523] EXT4-fs warning (device loop3): ext4_evict_inode:282: couldn't mark inode dirty (err -117) [ 112.204430][ T5523] EXT4-fs (loop3): 1 orphan inode deleted [ 112.225354][ T5523] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 112.229968][ T4666] EXT4-fs error (device loop3): ext4_map_blocks:635: inode #3: block 1: comm kworker/u4:22: lblock 1 mapped to illegal pblock 1 (length 1) [ 112.304516][ T4666] EXT4-fs error (device loop3): ext4_release_dquot:6850: comm kworker/u4:22: Failed to release dquot type 0 [ 112.351037][ T5523] EXT4-fs (loop3): unmounting filesystem. [ 112.357114][ T5523] EXT4-fs error (device loop3): __ext4_get_inode_loc:4507: comm syz.3.389: Invalid inode table block 1 in block_group 0 [ 112.393113][ T5523] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5914: Corrupt filesystem [ 112.420864][ T5523] EXT4-fs error (device loop3): ext4_quota_off:7120: inode #3: comm syz.3.389: mark_inode_dirty error [ 112.686116][ T5537] loop1: detected capacity change from 0 to 2048 [ 112.742254][ T5537] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 112.960988][ T4260] EXT4-fs (loop1): unmounting filesystem. [ 113.303924][ T5554] loop3: detected capacity change from 0 to 1024 [ 113.313387][ T5554] EXT4-fs: Ignoring removed nomblk_io_submit option [ 113.339789][ T5554] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 113.592871][ T4251] EXT4-fs (loop3): unmounting filesystem. [ 114.942631][ T5570] lo speed is unknown, defaulting to 1000 [ 115.036015][ T5575] loop2: detected capacity change from 0 to 128 [ 115.139965][ T5575] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 115.181495][ T5575] ext4 filesystem being mounted at /73/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 115.198760][ T5575] EXT4-fs (loop2): unmounting filesystem. [ 115.351502][ T5585] serio: Serial port ttyS3 [ 115.379735][ T5581] loop4: detected capacity change from 0 to 8192 [ 115.750457][ T4414] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 115.899963][ T5603] device syzkaller0 entered promiscuous mode [ 115.955899][ T4414] usb 1-1: unable to get BOS descriptor or descriptor too short [ 115.986254][ T4414] usb 1-1: unable to read config index 0 descriptor/start: -71 [ 116.000273][ T4414] usb 1-1: can't read configurations, error -71 [ 116.022915][ T5610] loop3: detected capacity change from 0 to 512 [ 116.050947][ T5610] EXT4-fs: Ignoring removed mblk_io_submit option [ 116.079660][ T5610] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 116.108978][ T5610] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 116.168824][ T5610] EXT4-fs (loop3): orphan cleanup on readonly fs [ 116.346356][ T5610] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:477: comm syz.3.420: Invalid block bitmap block 0 in block_group 0 [ 116.346572][ T5617] loop1: detected capacity change from 0 to 512 [ 116.415087][ T5619] loop2: detected capacity change from 0 to 128 [ 116.421630][ T5610] EXT4-fs (loop3): Remounting filesystem read-only [ 116.438080][ T5610] __quota_error: 52 callbacks suppressed [ 116.438096][ T5610] Quota error (device loop3): write_blk: dquota write failed [ 116.442240][ T27] audit: type=1800 audit(1750679857.655:633): pid=5619 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.424" name="file1" dev="loop2" ino=1048598 res=0 errno=0 [ 116.451220][ T5610] Quota error (device loop3): write_blk: dquota write failed [ 116.500571][ T5610] Quota error (device loop3): qtree_write_dquot: Error -28 occurred while creating quota [ 116.533006][ T5617] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 116.543204][ T5610] EXT4-fs error (device loop3): ext4_acquire_dquot:6814: comm syz.3.420: Failed to acquire dquot type 1 [ 116.585674][ T5617] ext4 filesystem being mounted at /92/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 116.597440][ T5610] EXT4-fs (loop3): Remounting filesystem read-only [ 116.619498][ T5610] Quota error (device loop3): write_blk: dquota write failed [ 116.665254][ T27] audit: type=1326 audit(1750679857.885:634): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5616 comm="syz.1.423" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7353b8e929 code=0x7ffc0000 [ 116.667563][ T5610] Quota error (device loop3): qtree_write_dquot: Error -28 occurred while creating quota [ 116.693661][ T5626] sctp: [Deprecated]: syz.2.426 (pid 5626) Use of struct sctp_assoc_value in delayed_ack socket option. [ 116.693661][ T5626] Use struct sctp_sack_info instead [ 116.714803][ T27] audit: type=1326 audit(1750679857.885:635): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5616 comm="syz.1.423" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7353b8e929 code=0x7ffc0000 [ 116.765391][ T27] audit: type=1326 audit(1750679857.885:636): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5616 comm="syz.1.423" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7353b8e929 code=0x7ffc0000 [ 116.789201][ T5610] EXT4-fs error (device loop3): ext4_acquire_dquot:6814: comm syz.3.420: Failed to acquire dquot type 1 [ 116.814385][ T5610] EXT4-fs (loop3): Remounting filesystem read-only [ 116.828745][ T27] audit: type=1326 audit(1750679857.885:637): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5616 comm="syz.1.423" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7353b8e929 code=0x7ffc0000 [ 116.861633][ T5610] EXT4-fs error (device loop3): ext4_acquire_dquot:6814: comm syz.3.420: Failed to acquire dquot type 1 [ 116.884696][ T5610] EXT4-fs (loop3): Remounting filesystem read-only [ 116.909666][ T4260] EXT4-fs (loop1): unmounting filesystem. [ 116.916225][ T5610] EXT4-fs (loop3): 1 orphan inode deleted [ 116.925734][ T5629] loop0: detected capacity change from 0 to 128 [ 116.934151][ T5610] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 116.952141][ T5629] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 116.968151][ T5629] ext4 filesystem being mounted at /77/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 117.017086][ T4256] EXT4-fs (loop0): unmounting filesystem. [ 117.025667][ T4251] EXT4-fs (loop3): unmounting filesystem. [ 117.138052][ T5632] loop1: detected capacity change from 0 to 1024 [ 117.153868][ T5632] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 117.177563][ T5632] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c800e02c, mo2=0000] [ 117.198701][ T5632] EXT4-fs error (device loop1): ext4_free_blocks:6210: comm syz.1.428: Freeing blocks not in datazone - block = 0, count = 4096 [ 117.243052][ T5632] EXT4-fs (loop1): Remounting filesystem read-only [ 117.249763][ T5632] EXT4-fs (loop1): 1 orphan inode deleted [ 117.255735][ T5632] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 117.342158][ T5632] EXT4-fs error (device loop1): ext4_search_dir:1549: inode #2: block 16: comm syz.1.428: bad entry in directory: inode out of bounds - offset=44, inode=40, rec_len=16, size=1024 fake=0 [ 117.375064][ T5632] EXT4-fs (loop1): Remounting filesystem read-only [ 117.470067][ T4260] EXT4-fs (loop1): unmounting filesystem. [ 117.571160][ T5643] loop2: detected capacity change from 0 to 512 [ 117.664553][ T5643] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 117.706335][ T5643] ext4 filesystem being mounted at /82/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 117.785433][ T5653] loop1: detected capacity change from 0 to 128 [ 117.852479][ T5653] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 117.876719][ T5653] FAT-fs (loop1): Filesystem has been set read-only [ 117.899265][ T5653] syz.1.436: attempt to access beyond end of device [ 117.899265][ T5653] loop1: rw=524288, sector=2065, nr_sectors = 8 limit=128 [ 117.926699][ T5654] [ 117.929082][ T5654] ====================================================== [ 117.936113][ T5654] WARNING: possible circular locking dependency detected [ 117.943160][ T5654] 6.1.141-syzkaller #0 Not tainted [ 117.948280][ T5654] ------------------------------------------------------ [ 117.955299][ T5654] syz.2.433/5654 is trying to acquire lock: [ 117.961445][ T5654] ffff88805445c968 (&dquot->dq_lock){+.+.}-{3:3}, at: dquot_commit+0x5a/0x410 [ 117.970336][ T5654] [ 117.970336][ T5654] but task is already holding lock: [ 117.977700][ T5654] ffff888070ac8288 (&ei->i_data_sem/2){++++}-{3:3}, at: ext4_map_blocks+0x903/0x1b60 [ 117.987204][ T5654] [ 117.987204][ T5654] which lock already depends on the new lock. [ 117.987204][ T5654] [ 117.997602][ T5654] [ 117.997602][ T5654] the existing dependency chain (in reverse order) is: [ 118.006604][ T5654] [ 118.006604][ T5654] -> #2 (&ei->i_data_sem/2){++++}-{3:3}: [ 118.014421][ T5654] down_write+0x36/0x60 [ 118.019105][ T5654] ext4_map_blocks+0x903/0x1b60 [ 118.024557][ T5654] ext4_getblk+0x1ab/0x6d0 [ 118.029485][ T5654] ext4_bread+0x26/0x170 [ 118.034329][ T5654] ext4_quota_write+0x230/0x570 [ 118.039697][ T5654] find_free_dqentry+0x673/0xc20 [ 118.045156][ T5654] do_insert_tree+0x70d/0x1040 [ 118.050453][ T5654] do_insert_tree+0x9eb/0x1040 [ 118.055832][ T5654] do_insert_tree+0x9eb/0x1040 [ 118.061124][ T5654] do_insert_tree+0x9eb/0x1040 [ 118.066404][ T5654] qtree_write_dquot+0x48d/0x5b0 [ 118.071876][ T5654] v2_write_dquot+0x108/0x190 [ 118.077087][ T5654] dquot_acquire+0x2d5/0x520 [ 118.082219][ T5654] ext4_acquire_dquot+0x2d9/0x4a0 [ 118.087782][ T5654] dqget+0x778/0xeb0 [ 118.092199][ T5654] __dquot_initialize+0x3b6/0xcb0 [ 118.097737][ T5654] ext4_process_orphan+0x54/0x300 [ 118.103274][ T5654] ext4_orphan_cleanup+0xbd3/0x1400 [ 118.108983][ T5654] ext4_fill_super+0x7b78/0x8110 [ 118.114453][ T5654] get_tree_bdev+0x3f1/0x610 [ 118.119605][ T5654] vfs_get_tree+0x88/0x270 [ 118.124639][ T5654] do_new_mount+0x24a/0xa40 [ 118.129661][ T5654] __se_sys_mount+0x2d6/0x3c0 [ 118.134851][ T5654] do_syscall_64+0x4c/0xa0 [ 118.140138][ T5654] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 118.146550][ T5654] [ 118.146550][ T5654] -> #1 (&s->s_dquot.dqio_sem){++++}-{3:3}: [ 118.154624][ T5654] down_read+0x42/0x2d0 [ 118.159297][ T5654] v2_read_dquot+0x4a/0x110 [ 118.164317][ T5654] dquot_acquire+0x152/0x520 [ 118.169422][ T5654] ext4_acquire_dquot+0x2d9/0x4a0 [ 118.174965][ T5654] dqget+0x778/0xeb0 [ 118.179376][ T5654] __dquot_initialize+0x3b6/0xcb0 [ 118.184914][ T5654] ext4_file_open+0x2cb/0x6a0 [ 118.190109][ T5654] do_dentry_open+0x7e9/0x10d0 [ 118.195394][ T5654] path_openat+0x25c6/0x2e70 [ 118.200498][ T5654] do_filp_open+0x1c1/0x3c0 [ 118.205515][ T5654] do_sys_openat2+0x142/0x490 [ 118.210714][ T5654] __x64_sys_openat+0x135/0x160 [ 118.216083][ T5654] do_syscall_64+0x4c/0xa0 [ 118.221021][ T5654] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 118.227436][ T5654] [ 118.227436][ T5654] -> #0 (&dquot->dq_lock){+.+.}-{3:3}: [ 118.235138][ T5654] __lock_acquire+0x2cf8/0x7c50 [ 118.240519][ T5654] lock_acquire+0x1b4/0x490 [ 118.245556][ T5654] __mutex_lock+0x120/0xaf0 [ 118.250593][ T5654] dquot_commit+0x5a/0x410 [ 118.255538][ T5654] ext4_write_dquot+0x1f0/0x360 [ 118.260913][ T5654] mark_all_dquot_dirty+0xf9/0x400 [ 118.266558][ T5654] __dquot_alloc_space+0x5fc/0xe60 [ 118.272195][ T5654] ext4_mb_new_blocks+0xf74/0x4720 [ 118.277821][ T5654] ext4_ext_map_blocks+0x143c/0x66d0 [ 118.283626][ T5654] ext4_map_blocks+0x9d1/0x1b60 [ 118.289010][ T5654] _ext4_get_block+0x1d7/0x4e0 [ 118.294328][ T5654] ext4_block_write_begin+0x637/0x12f0 [ 118.300315][ T5654] ext4_write_begin+0x624/0xf50 [ 118.305798][ T5654] ext4_da_write_begin+0x304/0x950 [ 118.311533][ T5654] generic_perform_write+0x2db/0x560 [ 118.317425][ T5654] ext4_buffered_write_iter+0x11a/0x3e0 [ 118.323485][ T5654] ext4_file_write_iter+0x1d6/0x16e0 [ 118.329287][ T5654] vfs_write+0x44c/0x960 [ 118.334038][ T5654] __x64_sys_pwrite64+0x191/0x220 [ 118.339602][ T5654] do_syscall_64+0x4c/0xa0 [ 118.344534][ T5654] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 118.350948][ T5654] [ 118.350948][ T5654] other info that might help us debug this: [ 118.350948][ T5654] [ 118.361170][ T5654] Chain exists of: [ 118.361170][ T5654] &dquot->dq_lock --> &s->s_dquot.dqio_sem --> &ei->i_data_sem/2 [ 118.361170][ T5654] [ 118.374810][ T5654] Possible unsafe locking scenario: [ 118.374810][ T5654] [ 118.382247][ T5654] CPU0 CPU1 [ 118.387602][ T5654] ---- ---- [ 118.392953][ T5654] lock(&ei->i_data_sem/2); [ 118.397539][ T5654] lock(&s->s_dquot.dqio_sem); [ 118.404902][ T5654] lock(&ei->i_data_sem/2); [ 118.412004][ T5654] lock(&dquot->dq_lock); [ 118.416408][ T5654] [ 118.416408][ T5654] *** DEADLOCK *** [ 118.416408][ T5654] [ 118.424543][ T5654] 4 locks held by syz.2.433/5654: [ 118.429554][ T5654] #0: ffff888054a68460 (sb_writers#4){.+.+}-{0:0}, at: vfs_write+0x256/0x960 [ 118.438427][ T5654] #1: ffff888070ac8400 (&sb->s_type->i_mutex_key#8){++++}-{3:3}, at: ext4_buffered_write_iter+0xa1/0x3e0 [ 118.449736][ T5654] #2: ffff888070ac8288 (&ei->i_data_sem/2){++++}-{3:3}, at: ext4_map_blocks+0x903/0x1b60 [ 118.459650][ T5654] #3: ffffffff8ca74d08 (dquot_srcu){....}-{0:0}, at: __dquot_alloc_space+0x173/0xe60 [ 118.469219][ T5654] [ 118.469219][ T5654] stack backtrace: [ 118.475106][ T5654] CPU: 1 PID: 5654 Comm: syz.2.433 Not tainted 6.1.141-syzkaller #0 [ 118.483089][ T5654] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 118.493165][ T5654] Call Trace: [ 118.496553][ T5654] [ 118.499477][ T5654] dump_stack_lvl+0x168/0x22e [ 118.504154][ T5654] ? load_image+0x3b0/0x3b0 [ 118.508680][ T5654] ? show_regs_print_info+0x12/0x12 [ 118.513890][ T5654] ? print_circular_bug+0x12b/0x1a0 [ 118.519093][ T5654] check_noncircular+0x274/0x310 [ 118.524036][ T5654] ? add_chain_block+0x940/0x940 [ 118.528965][ T5654] ? lockdep_lock+0xdc/0x1e0 [ 118.533548][ T5654] ? mark_lock+0x94/0x320 [ 118.537873][ T5654] ? _find_first_zero_bit+0xcf/0x100 [ 118.543163][ T5654] __lock_acquire+0x2cf8/0x7c50 [ 118.548013][ T5654] ? add_chain_block+0x940/0x940 [ 118.552951][ T5654] ? lockdep_unlock+0x133/0x2d0 [ 118.557794][ T5654] ? lockdep_lock+0x1e0/0x1e0 [ 118.562460][ T5654] ? check_noncircular+0x16f/0x310 [ 118.567566][ T5654] ? verify_lock_unused+0x140/0x140 [ 118.572755][ T5654] ? mark_lock+0x94/0x320 [ 118.577080][ T5654] ? __lock_acquire+0x13c0/0x7c50 [ 118.582105][ T5654] lock_acquire+0x1b4/0x490 [ 118.586607][ T5654] ? dquot_commit+0x5a/0x410 [ 118.591192][ T5654] ? __might_sleep+0xd0/0xd0 [ 118.595787][ T5654] ? read_lock_is_recursive+0x10/0x10 [ 118.601155][ T5654] __mutex_lock+0x120/0xaf0 [ 118.605649][ T5654] ? dquot_commit+0x5a/0x410 [ 118.610235][ T5654] ? __might_sleep+0xd0/0xd0 [ 118.614826][ T5654] ? dquot_commit+0x5a/0x410 [ 118.619510][ T5654] ? mutex_lock_nested+0x10/0x10 [ 118.624443][ T5654] ? ext4_journal_check_start+0x17e/0x240 [ 118.630162][ T5654] dquot_commit+0x5a/0x410 [ 118.634837][ T5654] ext4_write_dquot+0x1f0/0x360 [ 118.639688][ T5654] mark_all_dquot_dirty+0xf9/0x400 [ 118.644793][ T5654] __dquot_alloc_space+0x5fc/0xe60 [ 118.649902][ T5654] ? __dquot_alloc_space+0x173/0xe60 [ 118.655187][ T5654] ext4_mb_new_blocks+0xf74/0x4720 [ 118.660299][ T5654] ? _raw_write_unlock+0x24/0x40 [ 118.665238][ T5654] ? __es_insert_extent+0x1790/0x1790 [ 118.670605][ T5654] ? ext4_find_extent+0x367/0xe00 [ 118.675622][ T5654] ? rcu_is_watching+0x11/0xa0 [ 118.680386][ T5654] ? ext4_find_extent+0x367/0xe00 [ 118.685405][ T5654] ? __kmalloc+0xe1/0x240 [ 118.689754][ T5654] ? ext4_mb_pa_callback+0xd0/0xd0 [ 118.694864][ T5654] ? ext4_ext_check_overlap+0x31c/0x560 [ 118.700403][ T5654] ? ext4_ext_find_goal+0xed/0x1d0 [ 118.705767][ T5654] ext4_ext_map_blocks+0x143c/0x66d0 [ 118.711060][ T5654] ? lockdep_hardirqs_on+0x94/0x140 [ 118.716246][ T5654] ? asm_sysvec_apic_timer_interrupt+0x16/0x20 [ 118.722394][ T5654] ? lock_acquire+0x20f/0x490 [ 118.727063][ T5654] ? ext4_ext_release+0x10/0x10 [ 118.731907][ T5654] ? rwsem_write_trylock+0x12f/0x1b0 [ 118.737189][ T5654] ext4_map_blocks+0x9d1/0x1b60 [ 118.742040][ T5654] ? ext4_issue_zeroout+0x250/0x250 [ 118.747233][ T5654] _ext4_get_block+0x1d7/0x4e0 [ 118.751995][ T5654] ? ext4_get_block+0x40/0x40 [ 118.756663][ T5654] ext4_block_write_begin+0x637/0x12f0 [ 118.762121][ T5654] ? ext4_write_begin+0x40b/0xf50 [ 118.767138][ T5654] ? ext4_es_is_delayed+0x40/0x40 [ 118.772162][ T5654] ? ext4_print_free_blocks+0x390/0x390 [ 118.777700][ T5654] ? folio_wait_stable+0xb/0x80 [ 118.782547][ T5654] ext4_write_begin+0x624/0xf50 [ 118.787398][ T5654] ? ext4_readahead+0x110/0x110 [ 118.792240][ T5654] ext4_da_write_begin+0x304/0x950 [ 118.797347][ T5654] ? ext4_dirty_folio+0x310/0x310 [ 118.802363][ T5654] ? fault_in_readable+0x18a/0x1f0 [ 118.807561][ T5654] ? fault_in_iov_iter_readable+0xbb/0x2e0 [ 118.813362][ T5654] generic_perform_write+0x2db/0x560 [ 118.818661][ T5654] ? generic_file_direct_write+0x660/0x660 [ 118.824466][ T5654] ? ext4_write_checks+0x24b/0x2c0 [ 118.829573][ T5654] ext4_buffered_write_iter+0x11a/0x3e0 [ 118.835120][ T5654] ? aa_file_perm+0x3ef/0xec0 [ 118.839793][ T5654] ext4_file_write_iter+0x1d6/0x16e0 [ 118.845089][ T5654] ? ext4_file_read_iter+0x650/0x650 [ 118.850378][ T5654] ? end_current_label_crit_section+0x14b/0x170 [ 118.856635][ T5654] ? common_file_perm+0x171/0x1c0 [ 118.861654][ T5654] vfs_write+0x44c/0x960 [ 118.865891][ T5654] ? file_end_write+0x250/0x250 [ 118.870781][ T5654] ? __fget_files+0x44a/0x4d0 [ 118.875469][ T5654] ? __fdget+0x17c/0x200 [ 118.880147][ T5654] ? __x64_sys_pwrite64+0xec/0x220 [ 118.885262][ T5654] __x64_sys_pwrite64+0x191/0x220 [ 118.890277][ T5654] ? ksys_pwrite64+0x1b0/0x1b0 [ 118.895032][ T5654] ? lockdep_hardirqs_on+0x94/0x140 [ 118.900224][ T5654] do_syscall_64+0x4c/0xa0 [ 118.904635][ T5654] ? clear_bhb_loop+0x60/0xb0 [ 118.909307][ T5654] ? clear_bhb_loop+0x60/0xb0 [ 118.913977][ T5654] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 118.919869][ T5654] RIP: 0033:0x7f719af8e929 [ 118.924282][ T5654] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 118.943887][ T5654] RSP: 002b:00007f719beb9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000012 [ 118.952301][ T5654] RAX: ffffffffffffffda RBX: 00007f719b1b6080 RCX: 00007f719af8e929 [ 118.960271][ T5654] RDX: 00000000ffffff07 RSI: 0000200000000140 RDI: 0000000000000005 [ 118.968231][ T5654] RBP: 00007f719b010b39 R08: 0000000000000000 R09: 0000000000000000 [ 118.976198][ T5654] R10: 0000000008000c61 R11: 0000000000000246 R12: 0000000000000000 [ 118.984164][ T5654] R13: 0000000000000000 R14: 00007f719b1b6080 R15: 00007ffc70d2bf18 [ 118.992134][ T5654] [ 119.021782][ T5653] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 119.039235][ T5653] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 119.059376][ T5660] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 119.083694][ T5660] syz.1.436: attempt to access beyond end of device [ 119.083694][ T5660] loop1: rw=524288, sector=2065, nr_sectors = 8 limit=128 [ 119.108840][ T5653] syz.1.436: attempt to access beyond end of device [ 119.108840][ T5653] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 119.120509][ T5660] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 119.124095][ T5657] syz.1.436: attempt to access beyond end of device [ 119.124095][ T5657] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 119.129928][ T5660] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 119.155696][ T4262] EXT4-fs (loop2): unmounting filesystem. [ 119.184588][ T5657] syz.1.436: attempt to access beyond end of device [ 119.184588][ T5657] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 119.207905][ T5660] syz.1.436: attempt to access beyond end of device [ 119.207905][ T5660] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 119.224753][ T5660] syz.1.436: attempt to access beyond end of device [ 119.224753][ T5660] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 119.242163][ T5653] syz.1.436: attempt to access beyond end of device [ 119.242163][ T5653] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 119.255887][ T5653] syz.1.436: attempt to access beyond end of device [ 119.255887][ T5653] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 119.269229][ T5660] syz.1.436: attempt to access beyond end of device [ 119.269229][ T5660] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 119.830483][ T5636] sch_tbf: burst 3298 is lower than device lo mtu (65550) !