last executing test programs: 1m28.119924332s ago: executing program 2 (id=350): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x1}}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x401, 0x0, 0x0, {0x1, 0x0, 0x8003}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}]}, @NFT_MSG_NEWRULE={0x8c, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x64, 0x4, 0x0, 0x1, [{0x2c, 0x1, 0x0, 0x1, @exthdr={{0xb}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_EXTHDR_DREG={0x8, 0x1, 0x1, 0x0, 0xc}, @NFTA_EXTHDR_OFFSET={0x8}, @NFTA_EXTHDR_TYPE={0x5, 0x2, 0x89}]}}}, {0x34, 0x1, 0x0, 0x1, @bitwise={{0xc}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_BITWISE_LEN={0x8, 0x3, 0x1, 0x0, 0x4}, @NFTA_BITWISE_SREG={0x8, 0x1, 0x1, 0x0, 0x14}, @NFTA_BITWISE_DREG={0x8, 0x2, 0x1, 0x0, 0x12}, @NFTA_BITWISE_XOR={0x4}, @NFTA_BITWISE_MASK={0x4}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x7}}}, 0x100}}, 0x0) 1m27.811897321s ago: executing program 2 (id=352): openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x800) getpid() r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$devlink(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_RELOAD(r0, 0x0, 0x30) socket$packet(0x11, 0x2, 0x300) r1 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace$cont(0x7, r1, 0x1000000fffdffff, 0xfffffffffffffff7) fcntl$lock(0xffffffffffffffff, 0x25, 0x0) r2 = socket$rxrpc(0x21, 0x2, 0xa) setsockopt$RXRPC_MIN_SECURITY_LEVEL(r2, 0x110, 0x4, 0x0, 0x0) r3 = socket$inet(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x10000000013, &(0x7f0000d06000)=0x1, 0x4) setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000740)='bridge0\x00', 0x10) connect$inet(r3, &(0x7f0000000140)={0x2, 0xc000, @local}, 0x10) r4 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$sock_inet_SIOCSIFADDR(r4, 0x8916, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r3, 0x6, 0x13, &(0x7f00000000c0), 0x4) 1m27.584538924s ago: executing program 2 (id=354): syz_clone3(&(0x7f000000dd80)={0xa00400, 0x0, 0x0, 0x0, {0x21}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000440)={@in6={{0xa, 0x4e20, 0x9, @empty, 0xffff5c67}}, 0x0, 0x0, 0x1a, 0x0, "080c9aadb74d66ca69698aa4e61e89a9a9bf24f97f622e69d81567b0c146978934ec105ab635c609beb79a79c833f4734ac34b246e6cbc9ce5d2fb8d8f9cb01a5200"}, 0xd8) setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, 0x0, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e62, 0x1ff, @loopback, 0x23}, 0x1c) mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0xd3283d0368e269b3, 0x8031, 0xffffffffffffffff, 0x0) 1m27.330672299s ago: executing program 2 (id=359): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = socket(0x400000000010, 0x3, 0x0) r2 = socket$unix(0x1, 0x5, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x42}}}]}, 0x38}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=@newtfilter={0x40, 0x2c, 0xd27, 0x70bd24, 0x25dfdbfc, {0x0, 0x0, 0x0, r3, {0x4}, {}, {0x6, 0xffff}}, [@filter_kind_options=@f_matchall={{0xd}, {0x4}}, @TCA_CHAIN={0x8, 0xb, 0x2}]}, 0x40}, 0x1, 0x0, 0x0, 0xc858}, 0x80) close(0x3) 1m27.096789643s ago: executing program 2 (id=362): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_FEATURES_SET(r0, &(0x7f0000002540)={0x0, 0x0, &(0x7f0000002500)={&(0x7f00000003c0)={0x48, r1, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_FEATURES_WANTED={0x1c, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x14, 0x3, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8}]}, {0x4}]}, @ETHTOOL_A_BITSET_NOMASK={0x4}]}, @ETHTOOL_A_FEATURES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_bond\x00'}]}]}, 0x48}, 0x1, 0x0, 0x0, 0xc800}, 0x0) 1m26.981714789s ago: executing program 2 (id=365): r0 = socket(0x2b, 0x80801, 0x1) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000001740)=@raw={'raw\x00', 0x8000000, 0x7fffffe, 0x2b0, 0x110, 0xffffffff, 0xffffffff, 0x110, 0xffffffff, 0x1e0, 0xffffffff, 0xffffffff, 0x1e0, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@initdev={0xfe, 0x88, '\x00', 0x3, 0x0}, @mcast1, [0x0, 0x0, 0x0, 0xffffff], [0xff000000, 0x0, 0x4c62d6309aaa1bde, 0xffffff00], 'batadv0\x00', 'nicvf0\x00', {}, {0xff}, 0x3a, 0x0, 0x3, 0x42}, 0x0, 0xa8, 0x110}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0xa, 0x100, 0x2, 0x8, 'pptp\x00', 'syz0\x00', {0xf}}}}, {{@ipv6={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', [0x0, 0x0, 0xffffffff, 0xffffff00], [0x0, 0x0, 0xffffff00, 0xff], 'syzkaller0\x00', 'vxcan1\x00', {}, {}, 0x3c}, 0x0, 0xa8, 0xd0}, @common=@inet=@SYNPROXY={0x28, 'SYNPROXY\x00', 0x0, {0x1a, 0x7, 0xc}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x310) setsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(r0, 0x84, 0xc, 0x0, 0x0) setsockopt$RXRPC_EXCLUSIVE_CONNECTION(r0, 0x110, 0x3) 1m11.848230045s ago: executing program 32 (id=365): r0 = socket(0x2b, 0x80801, 0x1) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000001740)=@raw={'raw\x00', 0x8000000, 0x7fffffe, 0x2b0, 0x110, 0xffffffff, 0xffffffff, 0x110, 0xffffffff, 0x1e0, 0xffffffff, 0xffffffff, 0x1e0, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@initdev={0xfe, 0x88, '\x00', 0x3, 0x0}, @mcast1, [0x0, 0x0, 0x0, 0xffffff], [0xff000000, 0x0, 0x4c62d6309aaa1bde, 0xffffff00], 'batadv0\x00', 'nicvf0\x00', {}, {0xff}, 0x3a, 0x0, 0x3, 0x42}, 0x0, 0xa8, 0x110}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0xa, 0x100, 0x2, 0x8, 'pptp\x00', 'syz0\x00', {0xf}}}}, {{@ipv6={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', [0x0, 0x0, 0xffffffff, 0xffffff00], [0x0, 0x0, 0xffffff00, 0xff], 'syzkaller0\x00', 'vxcan1\x00', {}, {}, 0x3c}, 0x0, 0xa8, 0xd0}, @common=@inet=@SYNPROXY={0x28, 'SYNPROXY\x00', 0x0, {0x1a, 0x7, 0xc}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x310) setsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(r0, 0x84, 0xc, 0x0, 0x0) setsockopt$RXRPC_EXCLUSIVE_CONNECTION(r0, 0x110, 0x3) 1m7.280173962s ago: executing program 3 (id=558): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000480)={{0x14}, [@NFT_MSG_DELRULE={0x14, 0x8, 0xa, 0x3, 0x0, 0x0, {0x3, 0x0, 0x8}}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x5}}}, 0x3c}, 0x1, 0x0, 0x0, 0x4000}, 0x8090) 1m7.132200111s ago: executing program 3 (id=561): mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000d40)=@filter={'filter\x00', 0x2, 0x4, 0x4a8, 0xffffffff, 0x0, 0xf0, 0xf0, 0xfeffffff, 0xffffffff, 0x3d8, 0x3d8, 0x3d8, 0xffffffff, 0x4, 0x0, {[{{@ipv6={@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @mcast1, [0xff, 0xff, 0x0, 0xffffff00], [], 'pimreg0\x00', 'bond_slave_0\x00', {}, {}, 0x6, 0x0, 0x3}, 0x2f2, 0xa8, 0xf0}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv4=@dev={0xac, 0x14, 0x14, 0x1d}, 'caif0\x00', {0x7}}}}, {{@ipv6={@mcast1, @loopback, [], [0x0, 0x0, 0xffffffff], 'netdevsim0\x00', 'geneve0\x00'}, 0x0, 0xa8, 0x118}, @common=@unspec=@NFLOG={0x70, 'NFLOG\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, "ddabf53d9b1435965491f6531877000001e770b689f173dfa40b58c10327e3121114449fd20ba2be6eb0cde72a972f25170163232ed996b4789b9d00"}}}, {{@uncond, 0x0, 0xa8, 0x1d0}, @common=@unspec=@SECMARK={0x128, 'SECMARK\x00', 0x0, {0x1, 0x602, 'system_u:object_r:boot_t:s0\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x508) 1m7.045110906s ago: executing program 3 (id=564): r0 = syz_open_dev$usbfs(&(0x7f0000000080), 0x74, 0x101301) ioctl$USBDEVFS_CLEAR_HALT(r0, 0x80045515, &(0x7f0000000580)={0xf}) 1m6.845118228s ago: executing program 3 (id=567): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file1\x00', 0x2a081c6, &(0x7f0000000b80)=ANY=[], 0x4, 0x2ae, &(0x7f0000000a00)="$eJzs3U9rI2UYAPBn8q9ZPaSIF0VwQA+eytarl0ZZQexJiaAeNLi7IElY2IWAFczuaT+BR7+HH8GLF7+B4FXw1h4qIzOT6aRpYkuNKWx/v9PTed/nfZ+ZtySnPPP1G5PR/UdJPDv+PbrdJBoHcRAnSexGIypPoxUAwIvjJMvir+w6mXcam68GANiG8vu/dNO1AADb8ennX3zcPzy890maduO13vPpIImIyfPpoBzvP4xvYxwP4m704jQiO1PG7XxSK83txtuT2XSQZ06++nW+fv/PiCJ/P3qxezH/w48O7+2npbP8l6rq0ug/bFd/9OLV1fnvLufHZBaDTrzz1kL9e9GL376JRzGO+5Hn1vk/7KfpB9mPx99/mW+T5yeNGOwU82pZczsnAgAAAAAAAAAAAAAAAAAAAADAbbCXpknZvqfo35NfKvrnTAfN02J8L60s9veZVf2Bkmqhsj9QFvMWPbMsfqr669xN0zSbT6zzW/F6y4sFAAAAAAAAAAAAAAAAAAAAIPfku6PRcDx+8HgjQdUNoPpZ/3XXOVi48mYcjYbN9QvuXH2v1tP6xvNa/3VytFqxocdyWXAnr2fjK+/Uh/tZlEF1MBvd65X3y0WPRsN0PlQ95NEwuWyvbnVwPy8OdeK/FpYV/xKn2fkz7Z6Vej6rs6Gn0Xl55dDfWZZdbZ33/ijPaH4lKVpsXG339jxYeYN50L14Fr+sX3DtR0ZzM588AAAAAAAAAAAAAAAAAADAsvpHvysGn61JKq83/tfCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGCL6vf/V0F34dX+S0NF0K6Tl4dWBJ14/OSm7g0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDb458AAAD//6wtSQs=") mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x80) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='devpts\x00', 0x0, 0x0) chroot(&(0x7f0000000100)='./file0\x00') mount$bind(&(0x7f0000000040)='.\x00', &(0x7f00000003c0)='./file0\x00', 0x0, 0x2a05004, 0x0) pivot_root(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)='./file0/../file0\x00') 1m6.46455345s ago: executing program 3 (id=569): socket(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x6, 0x3, &(0x7f0000000480)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x32, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000580)={'veth0_to_team\x00', 0x0}) unshare(0x8040480) syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000004c0)={r0, r2, 0x25, 0x0, @void}, 0x10) socket$nl_route(0x10, 0x3, 0x0) socket$inet_smc(0x2b, 0x1, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) socket$nl_netfilter(0x10, 0x3, 0xc) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000d00)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00'}, 0x90) socket(0x40000000015, 0x805, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) socket$nl_generic(0x10, 0x3, 0x10) socket$caif_stream(0x25, 0x1, 0x2) socket$packet(0x11, 0x3, 0x300) socket(0x10, 0x3, 0x0) openat$ppp(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) socket$kcm(0x29, 0x2, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x1f, 0x10, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000005000000000000008000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000003f80000850000008600000018010000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000050000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000200000085000000a600000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x11}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48) 1m5.828208837s ago: executing program 3 (id=572): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt(r0, 0x84, 0x82, &(0x7f0000000040)="1a00000000000000", 0x8) sendto$inet6(r0, &(0x7f0000000100)="b8", 0xffe0, 0x2000c851, &(0x7f0000000140)={0xa, 0x4e23, 0x0, @loopback, 0xffffffff}, 0x1c) 1m5.347766995s ago: executing program 33 (id=572): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt(r0, 0x84, 0x82, &(0x7f0000000040)="1a00000000000000", 0x8) sendto$inet6(r0, &(0x7f0000000100)="b8", 0xffe0, 0x2000c851, &(0x7f0000000140)={0xa, 0x4e23, 0x0, @loopback, 0xffffffff}, 0x1c) 37.199250103s ago: executing program 5 (id=802): pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = memfd_create(&(0x7f0000000440)='y\x105\xfb\xf7u\x83%\x1f\xe09@:r\xc2\xb9x0\x90P\x03\x00\x00\x00\x00\x00\x00\x00\xfe,\x1c\xf1\xdd\xcf]\xac\xbc\t\xbb\xfc\xa4j\x9f\xceX\x8f5=\xaa\xd5\xe9n\xab s\xa5\x00\x8d\tV\t\x91\x18\x06O\xb0=D\xda\xb6F\x1a\xc82\x8b\xc0l\xd0\x89d\xe6\xb7\xd8\x97\xb8\xde\xa3\x89\xc2%/u\x17\xdaM\x8d\x01Lh\x1e^\x9ej\x1c\xc5\xf0\xf6\x92\x05\x9aH\x00\'\xd4\x94d_\v\xfc\xad\x0f\xa8\xc5\xad\x00\xc2\x12\xff\xff\xff\xff\xff\xff\x00\x00\x00\x00\nj\x8c\xef\x90\xc0Z\xfa\x1a\xb3\xf0wVq\xe9d\xf8N\x80\xd1g\xd8e\xc8\x16\xad1\x02\xab\xce3\xb2\xb0\xd1\x11\xf0\xc2Gj+kV$\x80\x8aJ$\x81\xc0\x16\xf5\x9cz\x10\x97\xdb\x12H\xee/\xe3sY\x02D;L~\xd0\xb44\x01*\xfb\xa4 \xb2b\x90H$\xb2\xad\xbf\x8aM\xb6\x81\x81^\x02\xa0\xa7t\xfbHb\xa5=\xdd+$\xc06J\xb4\xf0\xab\x85Xz\x9f\xb2D$\xbe\xd9\x7f-\r\x9aj9r\n_\x11\xd4\x19\xb0\xa0G\xb7\x94\xf7\xfd~\xe9\xb6G\xbfE\xbb\x15\x15\xa6\xca2\xd0\xd3\x8c\xf7nO\xf9\xa8\xfd\x8a\xd2\xb2\xab\xff\xe4\xb0;\xd9\xa8\f\x03R\xbd%\x9fF\xee\x05\x11', 0x2) fcntl$addseals(r3, 0x409, 0x20) write$binfmt_misc(r1, &(0x7f0000000000), 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x4ffe6, 0x0) 36.016287022s ago: executing program 5 (id=807): r0 = socket$kcm(0x29, 0x2, 0x0) ioctl$sock_SIOCETHTOOL(r0, 0x8993, &(0x7f0000000080)={'bond0\x00', 0x0}) 35.924848708s ago: executing program 5 (id=810): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x30000c6, &(0x7f0000000200)={[{@nombcache}, {@journal_dev={'journal_dev', 0x3d, 0xff}}, {@nombcache}, {@nobarrier}, {@init_itable}, {@errors_remount}]}, 0x1, 0x569, &(0x7f00000002c0)="$eJzs3U1rXFUfAPD/nWT6/jxNoRQVkYALK7WTJvGlgou61mJB93VIbkPJpFMyk9LEgu3CrqW4EQviXly7LH4BF36GghaKlKALN5E7uTOdJDPJtJ0mU+f3g1vOuS8598y5/9NzcmYyAQyt8eyfQsTLEfF1EnE0IpL82GjkB8fXz1t9dGMm25JYW/v0z6RxXpZv/qzmdYfzzEsR8ctXEacKW8utLa/MlyuVdDHPT9QXrk7UlldOX14oz6Vz6ZWp6emz70xPvf/eu32r65sX/v72k3sjee7YnSTOxZE8116PZ3CzPTMe4/lrUoxzm06c7ENhgyTpuPenXb8PnsxIHufFyPqAozGSRz3w3/dlRKwBQyp54vj/rfh87gTYXc1xQHNu36d58Avj4YfrE6Ct9R9d/91IHGjMjQ6tJhtmRtl8d6wP5Wdl/PzH3TvZFv37PQTAjm7eiogzo6Nb+78k7/+e3pkeztlchv4Pds+9bPzzVqfxT6E1/okO45/DHWL3aewc/4UHfSimq2z890HH8W9r0WpsJM/9rzHmKyaXLlfSrG/7f0ScjOL+LL/des7Z1ftr3Y61j/+yLSu/ORbM7+PB6P6N18yW6+VnqXO7h7ciXuk4/k1a7Z90aP/s9bjQYxkn0ruvdTu2c/2fr7UfIt7o2P6PV7SS7dcnJxrPw0Tzqdjqr9snfu1W/l7XP2v/Q9vXfyxpX6+ttV890lMZ3x/4J43WevJGG+ofvT//+5LPGul9+b7r5Xp9cTJiX/Jxa3+huX/q8bXNfPP8rP4nX9++/+v0/B+MiM97qn3E7eM/vtrt2CC0/2zH9m/Nbje1/5Mn7n/0xXfdyu+t/3u7kTqZ7+ml/+v1Bp/ltQMAAAAAAIBBU4iII5EUSq10oVAqrb+/43gcKlSqtfqpS9WlK7PR+KzsWBQLzZXuo23vh5jMVwyb+alN+emIOBYR34wcbORLM9XK7F5XHgAAAAAAAAAAAAAAAAAAAAbE4S6f/8/8vvXPux/Y/TsEnitf+Q3Da8f478c3PQEDyf//MLzEPwwv8Q/DS/zD8BL/MLzEPwwv8Q/DS/wDAAAAAAAAAAAAAAAAAAAAAAAAAABAX104fz7b1lYf3ZjJ8rPXlpfmq9dOz6a1+dLC0kxpprp4tTRXrc5V0tJMdWGnn1epVq9OTsXS9Yl6WqtP1JZXLi5Ul67UL15eKM+lF9PirtQKAAAAAAAAAAAAAAAAAAAAXiy15ZX5cqWSLkpIPFVidDBuQ6LPib3umQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgsX8DAAD//welMww=") r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x182) fallocate(r0, 0x0, 0x4, 0x2000402) ioctl$EXT4_IOC_SWAP_BOOT(r0, 0x6611) 35.336240042s ago: executing program 5 (id=817): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0) mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0) mount$bind(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x189101a, 0x0) mount$bind(0x0, &(0x7f0000000140)='./file0/file0\x00', 0x0, 0x80000, 0x0) mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000280)='./file0/../file0\x00', 0x0, 0x1adc51, 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000440)='./file0/../file0\x00', 0x0, 0x2125099, 0x0) mount$bind(&(0x7f0000000540)='./file0/../file0\x00', &(0x7f0000000400)='./file0/../file0/file0\x00', 0x0, 0x38718db, 0x0) 35.019368s ago: executing program 5 (id=822): r0 = socket$kcm(0x10, 0x2, 0x0) r1 = socket(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000580)=@newqdisc={0x38, 0x24, 0xd0f, 0x4703d2d, 0xfffffffd, {0x60, 0x0, 0x0, r3, {0x0, 0xfff2}, {0xfff1, 0xffff}, {0x0, 0xfff3}}, [@qdisc_kind_options=@q_clsact={0xb}, @TCA_INGRESS_BLOCK={0x8, 0xd, 0x2}]}, 0x38}, 0x1, 0x0, 0x0, 0x24000040}, 0x44080) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1) sendmsg$kcm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000), 0x0, 0x0, 0x0, 0x2663}, 0x4000000) 34.548050798s ago: executing program 5 (id=828): syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000480)='./file1\x00', 0x0, &(0x7f0000000540), 0x1, 0x783, &(0x7f0000001000)="$eJzs3c9rHFUcAPDvbJKmSauJIGg9BQQNlG5Mja2Ch4oHESwU9Gy7bLahZpMt2U1pQg4tIngRVDwIeunZH/Xm1R9X/S88SEvVtFjxIJHZH+222U03bXY3kM8HXva9mdm89903P97sDDsB7FkT6Z9MxKGI+DiJGKtPTyJiqJobjDhRW+72+lo+TUlsbLz9Z1Jd5tb6Wj6a3pM6UC88HRE/fRBxOLO53vLK6nyuWCws1ctTlYXzU+WV1SPnFnJzhbnC4rHpmZmjx186fmznYv3719WD1z954/lvT/z7/lNXP/o5iRNxsD6vOY6dMhET9c9kKP0I7/H6TlfWZ0m/G8BDSTfNgdpWHodiLAaquTZGetkyAKBbNgCAPSgxBgCAPabxPcCt9bV8I/X3G4neuvFaROyvxd+4vlmbM1i/Zre/eh109FZyz5WRJCLGd6D+iYj48vt3v05T1PvBtTSgFy5djogz4xOb9//JpnsWtuuFrWZuDFdfJu6bvNeOP9BPP6Tjn5dbjf8yd8Y/0WL8M9xi230YD97+M9d2oJq20vHfq033tt1uir9ufKBeeqw65htKzp4rFtJ92+MRMRlDw2l5urpo65Hb5M3/brarv3n899en732V1p++3l0ic21w+N73zOYquUeNu+HG5YhnBlvFn9zp/6TN+PdUh3W8+cqHX7Sbl8afxttIm+Pvro0rEc+17P+7fZlseX/iVHV1mGqsFC1899vno+3qb+7/NKX1N84FeiHt/9Gt4x9Pmu/XLG+/jl+ujP3Ybt6D42+9/u9L3qnm99WnXcxVKkvTEfuStzZPP3r3vY1yY/k0/slnW2//tWpbr//pOeGZDuMfvP7HNw8ff3el8c9uq/+3n7l6e36gXf2d9f9MNTdZn9LJ/q/TBj7KZwcAAAAAAAAAAAAAAAAAAAAAAAAAncpExMFIMtk7+Uwmm609w/vJGM0US+XK4bOl5cXZqD4rezyGMo2fuhxr+j3U6frv4TfKR+8rvxgRT0TEZ8Mj1XI2XyrO9jt4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKg70Ob5/6nfh/vdOgCga/b3uwEAQM85/gPA3rO94/9I19oBAPSO838A2Hs6Pv6f6W47AIDecf4PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAl506eTJNG/+sr+XT8uyFleX50oUjs4XyfHZhOZ/Nl5bOZ+dKpbliIZsvLbT9R5dqL8VS6fxMLC5fnKoUypWp8srq6YXS8mLl9LmF3FzhdGGoZ5EBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQOfKK6vzuWKxsCSzZWZkdzRj12QGY1c0Q6Zrmea9xEj/dlAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAu9z/AQAA//+MoS4e") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x15) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x42) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cgroup.stat\x00', 0x275a, 0x0) write$UHID_CREATE2(r2, &(0x7f0000000240)=ANY=[], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1000001, 0x12, r2, 0x0) ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r1, 0x8004587d, &(0x7f0000000080)={@desc={0x1, 0x0, @desc2}}) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) bpf$BPF_PROG_DETACH(0x8, 0x0, 0x10) close(0xffffffffffffffff) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={0x0, 0x0, 0x44, 0x0, 0x0, 0x5, 0x10000}, 0x28) 34.18376887s ago: executing program 34 (id=828): syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000480)='./file1\x00', 0x0, &(0x7f0000000540), 0x1, 0x783, &(0x7f0000001000)="$eJzs3c9rHFUcAPDvbJKmSauJIGg9BQQNlG5Mja2Ch4oHESwU9Gy7bLahZpMt2U1pQg4tIngRVDwIeunZH/Xm1R9X/S88SEvVtFjxIJHZH+222U03bXY3kM8HXva9mdm89903P97sDDsB7FkT6Z9MxKGI+DiJGKtPTyJiqJobjDhRW+72+lo+TUlsbLz9Z1Jd5tb6Wj6a3pM6UC88HRE/fRBxOLO53vLK6nyuWCws1ctTlYXzU+WV1SPnFnJzhbnC4rHpmZmjx186fmznYv3719WD1z954/lvT/z7/lNXP/o5iRNxsD6vOY6dMhET9c9kKP0I7/H6TlfWZ0m/G8BDSTfNgdpWHodiLAaquTZGetkyAKBbNgCAPSgxBgCAPabxPcCt9bV8I/X3G4neuvFaROyvxd+4vlmbM1i/Zre/eh109FZyz5WRJCLGd6D+iYj48vt3v05T1PvBtTSgFy5djogz4xOb9//JpnsWtuuFrWZuDFdfJu6bvNeOP9BPP6Tjn5dbjf8yd8Y/0WL8M9xi230YD97+M9d2oJq20vHfq033tt1uir9ufKBeeqw65htKzp4rFtJ92+MRMRlDw2l5urpo65Hb5M3/brarv3n899en732V1p++3l0ic21w+N73zOYquUeNu+HG5YhnBlvFn9zp/6TN+PdUh3W8+cqHX7Sbl8afxttIm+Pvro0rEc+17P+7fZlseX/iVHV1mGqsFC1899vno+3qb+7/NKX1N84FeiHt/9Gt4x9Pmu/XLG+/jl+ujP3Ybt6D42+9/u9L3qnm99WnXcxVKkvTEfuStzZPP3r3vY1yY/k0/slnW2//tWpbr//pOeGZDuMfvP7HNw8ff3el8c9uq/+3n7l6e36gXf2d9f9MNTdZn9LJ/q/TBj7KZwcAAAAAAAAAAAAAAAAAAAAAAAAAncpExMFIMtk7+Uwmm609w/vJGM0US+XK4bOl5cXZqD4rezyGMo2fuhxr+j3U6frv4TfKR+8rvxgRT0TEZ8Mj1XI2XyrO9jt4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKg70Ob5/6nfh/vdOgCga/b3uwEAQM85/gPA3rO94/9I19oBAPSO838A2Hs6Pv6f6W47AIDecf4PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAl506eTJNG/+sr+XT8uyFleX50oUjs4XyfHZhOZ/Nl5bOZ+dKpbliIZsvLbT9R5dqL8VS6fxMLC5fnKoUypWp8srq6YXS8mLl9LmF3FzhdGGoZ5EBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQOfKK6vzuWKxsCSzZWZkdzRj12QGY1c0Q6Zrmea9xEj/dlAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAu9z/AQAA//+MoS4e") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x15) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x42) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cgroup.stat\x00', 0x275a, 0x0) write$UHID_CREATE2(r2, &(0x7f0000000240)=ANY=[], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1000001, 0x12, r2, 0x0) ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r1, 0x8004587d, &(0x7f0000000080)={@desc={0x1, 0x0, @desc2}}) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) bpf$BPF_PROG_DETACH(0x8, 0x0, 0x10) close(0xffffffffffffffff) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={0x0, 0x0, 0x44, 0x0, 0x0, 0x5, 0x10000}, 0x28) 4.734195373s ago: executing program 6 (id=1103): r0 = socket$kcm(0x21, 0x2, 0xa) sendmsg$kcm(r0, &(0x7f0000000080)={&(0x7f0000000100)=@rxrpc=@in6={0x21, 0x4, 0x2, 0x0, {0xa, 0x4ea4, 0xb, @private0={0xfc, 0x0, '\x00', 0x1}, 0x1f01}}, 0x80, 0x0, 0x0, &(0x7f0000000180)=ANY=[], 0x23, 0x68000000}, 0x4c0fe) 4.644024859s ago: executing program 4 (id=1105): socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000180)={0x0}, &(0x7f00000001c0)=0xc) r3 = socket(0x10, 0x3, 0x0) getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, 0x0}, &(0x7f0000cab000)=0xc) setresuid(0xee01, 0x0, 0x0) sendmmsg$unix(r1, &(0x7f0000000bc0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000ac0)=[@cred={{0x1c, 0x1, 0x2, {r2, 0x0, r4}}}], 0x20, 0x20088009}}], 0x1, 0x0) 4.61488484s ago: executing program 6 (id=1106): syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000640)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x9, 0x4, 0x7ffc0002}]}) bpf$MAP_CREATE(0x0, &(0x7f0000000940)=@base={0x9, 0x4, 0x2, 0x1, 0x0, 0x1}, 0x50) r0 = syz_open_dev$evdev(&(0x7f0000000040), 0xca, 0x280) ioctl$EVIOCGUNIQ(r0, 0x80404508, 0x0) 4.524186115s ago: executing program 4 (id=1108): sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000005c0)=@newlink={0x20, 0x10, 0x403, 0x70b528}, 0x20}, 0x1, 0xba01, 0x0, 0x4004}, 0x0) bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x41, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x6, 0x4, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000001f000000710004"], 0x0, 0x4, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xb}, 0x94) write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xff2e) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x0, 0xfe, "0062ba7d82000000160000000000f738096304"}) r1 = syz_open_pts(r0, 0x900) r2 = dup3(r1, r0, 0x80000) read(r2, &(0x7f00000000c0)=""/226, 0xe2) 4.464666069s ago: executing program 4 (id=1109): socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x3, 0x3a) socket$netlink(0x10, 0x3, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) socket$inet6_tcp(0xa, 0x1, 0x0) socket$vsock_stream(0x28, 0x1, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) socket(0x2, 0x80805, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) creat(&(0x7f0000000240)='./file1\x00', 0x0) r0 = open(&(0x7f0000000280)='.\x00', 0x20000, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) r2 = openat$cgroup_ro(r0, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r2, &(0x7f0000000180), 0xfea7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r1, 0x0) r3 = openat$cgroup_ro(r0, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$batadv(&(0x7f0000007580), 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000007640)={&(0x7f0000000000)=ANY=[@ANYBLOB="46040000", @ANYRES16=r5, @ANYBLOB="ff830500000700ffffff", @ANYRES8=r0], 0x4}, 0x1, 0x0, 0x0, 0x800}, 0x0) sendfile(r4, r3, 0x0, 0x100000002) 4.45295648s ago: executing program 6 (id=1110): r0 = socket$nl_generic(0x10, 0x3, 0x10) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r0, 0x10e, 0x1, &(0x7f0000000280)=0x2, 0x4) 4.307675109s ago: executing program 6 (id=1111): socket$nl_netfilter(0x10, 0x3, 0xc) ioperm(0x40, 0x9, 0x7f) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x9) timer_create(0x0, &(0x7f0000000200)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f00000002c0)=0x0) fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x3ed4, 0x5}) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) timer_settime(r0, 0x1, &(0x7f0000000040)={{0x77359400}, {0x0, 0x989680}}, 0x0) prctl$PR_GET_NAME(0x10, 0x0) creat(&(0x7f00000000c0)='./file0\x00', 0x10b) close(0xffffffffffffffff) r1 = socket$inet6_mptcp(0xa, 0x1, 0x106) listen(r1, 0x0) accept(0xffffffffffffffff, 0x0, 0x0) 4.253677581s ago: executing program 4 (id=1112): set_mempolicy(0x5, &(0x7f0000000000)=0x4000000ff9, 0xf) r0 = socket(0x10, 0x3, 0x0) sendmmsg(r0, &(0x7f00000007c0)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x2120}}], 0x1, 0x20000010) 3.980193497s ago: executing program 4 (id=1114): syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000380)='./file3\x00', 0x100c404, &(0x7f0000001080)={[{@fat=@umask={'umask', 0x3d, 0x7}}, {@fat=@check_normal}, {@fat=@uid}, {@nodots}, {@dots}, {@nodots}, {@fat=@debug}, {@nodots}, {@dots}, {@dots}, {@nodots}, {@nodots}, {@nodots}, {@fat=@debug}, {@dots}, {@nodots}, {@nodots}, {@fat=@quiet}, {@fat=@flush}, {@dots}, {@nodots}, {@fat=@errors_continue}, {@fat=@showexec}, {@dots}, {@fat=@allow_utime={'allow_utime', 0x3d, 0x7fffffff}}, {@fat=@discard}]}, 0x0, 0x1f8, &(0x7f00000011c0)="$eJzs3cFqE0EYAOA/MU024qE3QRBWPOipqE9QkQpiQKjkoDdBT+bUXlIv7WP4Cr6XDyA95SIjcTfdNE1jCHZX2++79N/9Zzrzz5BNLpmkKHy/+zWyrBXt3diNSSu2ox0zJwEAXCeTlOJHKjQ9FwCgHmu8//+seUoAwBV7++796+eDwd5+nmcRpyfj4XhY/C3yL18N9p7kv21XvU7H4+Gts/zTfPGzwzS/FbfL/LOif36W7kbEsBuPHxb5ae7Fm0F+vn8vPl5x7QAAAAAAAAAAAAAAAAAAAAAA0JT7kc8sPd9nZ2cx3y/zxdXc+UAL5/d04l6nvKyOB0rHdRQFAAAAAAAAAAAAAAAAAAAA/5nDoy+fP4xGnw6qoBcR83c6S9pcHrTKf7xW4+aDdmzWvV+WucGgrXKJ/nY5nXMr31++uesE0flXdmfTIK9hrP7K5U1pGix/Fcw26tLu3YhYPfqj/U0nP0kpjb49ODg8irSycfWM6NX2NAIAAAAAAAAAAAAAAAAAgJtt7lvfF2RNTAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGlD9/v80uHhnZXAcEXfij41nY21F1mitAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXF+/AgAA//8AHR7N") 3.800027428s ago: executing program 4 (id=1117): timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=0x0) fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5}) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) timer_settime(r0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0) mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000) sendmsg$NFT_MSG_GETRULE(0xffffffffffffffff, 0x0, 0x44000) r1 = open_tree(0xffffffffffffffff, 0x0, 0x101) ioctl$BLKTRACESETUP(r1, 0xc0481273, 0x0) syz_clone3(&(0x7f0000000680)={0x1000080, &(0x7f0000000480), 0x0, 0x0, {0x13}, 0x0, 0x0, 0x0, &(0x7f0000000640), 0x0, {r1}}, 0x58) syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff) r2 = socket$netlink(0x10, 0x3, 0x0) writev(r2, &(0x7f00000003c0)=[{0x0}], 0x1) set_mempolicy(0x8006, &(0x7f0000000040)=0xfff, 0x5) set_mempolicy(0x8006, &(0x7f0000000040)=0xfff, 0x5) 3.354188624s ago: executing program 1 (id=1121): unshare(0x6a040000) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0) socket$inet6(0xa, 0x1, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000040)={'raw\x00', 0x2, [{}, {}]}, 0x48) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, 0x0, 0x48) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) 2.018811682s ago: executing program 0 (id=1125): socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) poll(&(0x7f0000000000)=[{r0, 0x6028}], 0x1, 0x5e57) shutdown(r0, 0x0) 1.781217856s ago: executing program 0 (id=1126): r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) connect$x25(r0, &(0x7f0000000000)={0x9, @remote={'\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc', 0x3}}, 0x12) 1.584217208s ago: executing program 0 (id=1127): unshare(0x22020400) r0 = socket$packet(0x11, 0x3, 0x300) ppoll(&(0x7f0000000040)=[{r0, 0x4000}], 0x1, &(0x7f00000000c0), 0x0, 0x0) 1.418673908s ago: executing program 0 (id=1129): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x3, 0x8, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000004000000850000006100000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000bc02000000000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @sched_cls=0x2f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r1, 0x18000000000002a0, 0x28, 0x0, &(0x7f0000000100)="d2ff03076003008cb89e08f086ddeff9dc34b6dae4a93a276032b785807d48097df81b9233e26438", 0x0, 0xd5b1, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50) 1.37246023s ago: executing program 7 (id=1130): r0 = socket$inet_sctp(0x2, 0x1, 0x84) sendmmsg(r0, &(0x7f000000b280)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000046c0)=[{0x10, 0x84, 0x5}], 0x10}}], 0x1, 0x4000804) 1.20811404s ago: executing program 7 (id=1131): capset(&(0x7f0000000040)={0x19980330}, &(0x7f0000000080)={0x6, 0x6, 0x2, 0x87, 0xffffffff, 0x2}) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b700000081000000bfa30000000000000703000000feffff720a00fef8ffffff71a400fe0000000071101000000000001d300200000000004704000001ed030407030000020000001d440000000000006b0a20fe0000000072030000000a0000e500f9ff000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fe51bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616276fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a26048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00e10000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f6f096753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e9673560000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d490cba8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e16e1461173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdec86f9b1eb93d491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b583cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd84990453f806694d461b76a58d88cf0f520310a1e80dc18cde9ad662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6432399f87a7a14245bbd796a090f3b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff28861aac8302d268569dd42e194e330c7aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3be18a1a2b65079cc1c00000000000000f59dd19e8d525206c0a728cfd42193abe8130bc01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e38534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ed1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336d205c5913ef67cf0216e2d81e6127bd9d7fab28800eaab2355992f8ce4cd38add4b272c0bee4076ca4847ffa691cf78fb7ec212bad3bef29f577ea7159b7f3025b3d977ff7c91024cf71126233cb8791c3c"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffd00}, 0x48) 1.092914356s ago: executing program 7 (id=1132): pipe(&(0x7f0000000000)) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1) r0 = syz_open_procfs(0x0, &(0x7f0000000040)='oom_adj\x00') fchdir(r0) openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0) 947.815745ms ago: executing program 0 (id=1133): openat$cgroup_subtree(0xffffffffffffffff, 0x0, 0x2, 0x0) rmdir(&(0x7f0000000240)='./cgroup/../file0\x00') socket$nl_netfilter(0x10, 0x3, 0xc) syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000040)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}, {@usrjquota}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='blkio.bfq.io_queued\x00', 0x275a, 0x0) ioctl$EXT4_IOC_MOVE_EXT(r0, 0x8004587d, &(0x7f00000000c0)={0x0, r0, 0x19, 0xffffffffffffffff, 0x4, 0x1}) write$hidraw(r0, &(0x7f0000001200), 0x0) 887.974378ms ago: executing program 7 (id=1134): r0 = socket$igmp(0x2, 0x3, 0x2) setsockopt$MRT_INIT(r0, 0x0, 0xc8, &(0x7f0000003d40), 0x4) setsockopt$MRT_ADD_VIF(r0, 0x0, 0xca, &(0x7f00000000c0)={0x8, 0x0, 0x0, 0x0, @vifc_lcl_addr=@local, @dev={0xac, 0x14, 0x14, 0x40}}, 0x10) r1 = socket$igmp(0x2, 0x3, 0x2) setsockopt$MRT_ADD_VIF(r1, 0x0, 0xca, 0x0, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) socket$igmp(0x2, 0x3, 0x2) setsockopt$inet_mreq(r2, 0x0, 0x23, &(0x7f0000000000)={@multicast1=0xe0000300, @local}, 0x8) syz_emit_ethernet(0x36, &(0x7f0000002180)={@local, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x20, 0x20, 0x2, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}, @multicast1=0xe0000300}, @timestamp={0xd, 0x0, 0x0, 0xb386, 0x2, 0xd, 0x7, 0x5}}}}}, 0x0) 842.247921ms ago: executing program 1 (id=1135): bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_ext={0x1c, 0xa, 0x0, 0x0, 0x95, 0x0, 0x0, 0x40f00, 0x4a, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x1f979}, 0x94) r0 = socket$kcm(0x11, 0x2, 0x0) sendmsg$kcm(r0, &(0x7f0000001780)={&(0x7f00000003c0)=@caif, 0x80, 0x0}, 0x4008050) 741.071717ms ago: executing program 6 (id=1136): r0 = socket$inet_icmp(0x2, 0x2, 0x1) getsockopt$EBT_SO_GET_INIT_INFO(r0, 0x0, 0x82, &(0x7f0000000480)={'broute\x00', 0x0, 0x0, 0x0, [0x0, 0x7, 0x0, 0x9, 0x6, 0x4]}, &(0x7f0000000540)=0x78) 684.2474ms ago: executing program 7 (id=1137): syz_mount_image$msdos(&(0x7f0000000200), &(0x7f0000000000)='./file2\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='nodots,dmask=00000000000000000000003,usefree,nodots,flush,dots,dots,gid=', @ANYRESHEX=0x0, @ANYBLOB], 0x1, 0x214, &(0x7f0000000840)="$eJzs3D1rW1cYB/AjWa6tlhZPhXbpoV3a5bb10qVDS3GhVNCSRCEv0zWWEyFFAl8NksmgOVM+RwhkCWQL+QL+DFmymYDx5Ck3OJKs2NixE0dy4vx+ix6e/z1X5+jARVy9bP5+91ZjNUtW004ozRdC8Y/QDzuFsBCKYaQffnpwZfvOxavX/v2zUlm6MDvsx/jVd4+v377//ZPOF5cf7nYKIYStxWcbX298s/ni0s16FutZbLU7MY3L7XYnXW7W4ko9ayQx/t+spVkt1ltZbW1fvtpsj5861LIspq1ebNR6sdOOnbVeTG+k9VZMkiTOB06lem8nz8NWnuf5XD/kef62JyhMZl5Myyn3n4/c3kU97l5Nn/e71W518DjI//6nsvRLfGVhPGq7263O7OW/DvK4P58Nnw/zxUPzz8KPPwzy3eyv/yoH8nJYmfzyAQAAAADgXErinkPv7yfJUfmgeu3zgQP370vh29K4MzP5pQAAAABHyHrrjbS5Mrs2KJq1Myvmwv7Ob4+GUzxu+M9Pjz9mQsWXwyK843nKIYSjjymGM9+U6RSj75EPO6PfF5xseOl9TaP8gbwao2I+HBaVw3pjbjqbAgAAnC/jN/0nHlKc6IQAAAAAAAAAAAAAAAAAAADgEzSNPzM76zUCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALzJywAAAP//ixdW4w==") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.current\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f00000004c0), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) 654.001192ms ago: executing program 1 (id=1138): bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000380)={0xffffffffffffffff, 0xe0, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, &(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0], 0x0, 0x98, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c, 0x8, 0x0, 0x0}}, 0x10) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="fc0000001900674c0000000000000000e0000001000000000000000000000000e000000200000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000400000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000044000500000000000000000000000000000000000000000033"], 0xfc}}, 0x0) r1 = socket$kcm(0xa, 0x1, 0x106) sendmsg$kcm(r1, &(0x7f0000000780)={&(0x7f0000000000)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0xff}, 0x2}, 0x80, 0x0}, 0x20000000) 615.718634ms ago: executing program 6 (id=1139): bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0x3, 0x4, 0x0, &(0x7f0000000000)='GPL\x00'}, 0x94) r0 = gettid() timer_create(0x0, &(0x7f00000014c0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000000200)) fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x3ed4, 0x5}) mprotect(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x4) timer_settime(0x0, 0x1, &(0x7f0000000040)={{0x0, 0x3938700}, {0x77359400}}, 0x0) io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x1f, &(0x7f0000000000)=[0xffffffffffffffff], 0x1) 362.787649ms ago: executing program 1 (id=1140): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000a40)={&(0x7f0000000c00)=@allocspi={0x11c, 0x16, 0x339, 0x0, 0x0, {{{@in=@dev={0xac, 0x14, 0x14, 0x1e}, @in6=@ipv4={'\x00', '\xff\xff', @private}}, {@in, 0x0, 0x32}, @in6=@loopback, {}, {}, {0x10}}, 0x0, 0x4}, [@lifetime_val={0x24, 0x9, {0x101, 0x2f, 0xd886, 0x100000000}}]}, 0x11c}}, 0x0) 244.025206ms ago: executing program 1 (id=1141): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000540)={0x50, 0x2, 0x6, 0x3, 0x0, 0x0, {0x0, 0x0, 0x6}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x3}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_REVISION={0x5, 0x4, 0x1}, @IPSET_ATTR_TYPENAME={0x15, 0x3, 'hash:ip,port,net\x00'}]}, 0x50}, 0x1, 0x0, 0x0, 0x4004800}, 0x20004000) 177.97288ms ago: executing program 0 (id=1142): r0 = socket$inet_tcp(0x2, 0x1, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) r1 = getpid() sched_setscheduler(r1, 0x1, &(0x7f0000000200)=0x7) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0xc000) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000002300)=@raw={'raw\x00', 0xc01, 0x3, 0x2298, 0x1100, 0x5002004a, 0x0, 0x0, 0x0, 0x2200, 0x3c8, 0x3c8, 0x2200, 0x3c8, 0x3, 0x0, {[{{@uncond, 0x60, 0x10a0, 0x1100, 0x0, {}, [@common=@unspec=@cgroup1={{0x1030}, {0x1, 0x0, 0x0, 0x0, './cgroup.cpu/syz1\x00'}}]}, @common=@SET={0x60, 'SET\x00', 0x0, {{0x1, [0x2, 0x1, 0x7], 0x6, 0x2}, {0x2, [0x0, 0x6, 0x4, 0x9, 0x0, 0x89ce99baffcf6900], 0x1, 0x1}}}}, {{@uncond, 0x0, 0x10a0, 0x1100, 0x0, {}, [@common=@unspec=@cgroup1={{0x1030}, {0x0, 0x0, 0x1, 0x1, './cgroup.net/syz1\x00', 0x2, {0x5}}}]}, @common=@inet=@HMARK={0x60, 'HMARK\x00', 0x0, {@ipv4=@loopback, [0xffffff00, 0xff000000, 0xff, 0xff0000ff], 0x4e22, 0x4c20, 0x4e24, 0x4e23, 0xc9, 0x0, 0x3b, 0x83, 0x25}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x22f8) 254.841µs ago: executing program 1 (id=1143): unshare(0x20000400) r0 = socket$can_raw(0x1d, 0x3, 0x1) setsockopt$CAN_RAW_FILTER(r0, 0x65, 0x1, 0x0, 0x25) 0s ago: executing program 7 (id=1144): r0 = syz_open_dev$usbfs(&(0x7f0000000000), 0x1ff, 0x402) r1 = dup(r0) ioctl$USBDEVFS_CONTROL(r1, 0xc0185500, &(0x7f0000000040)={0x23, 0x3, 0x8, 0x21, 0x0, 0x108, 0x0}) kernel console output (not intermixed with test programs): 1365][ T4188] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 77.290035][ T4188] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 77.300286][ T4188] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 77.310814][ T4188] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 77.323734][ T4188] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 77.342995][ T4197] device veth0_macvtap entered promiscuous mode [ 77.361411][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 77.371511][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 77.387994][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 77.402353][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 77.411938][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 77.427651][ T4188] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.440512][ T4188] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.450307][ T4188] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.459962][ T4188] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.493890][ T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 77.500529][ T4197] device veth1_macvtap entered promiscuous mode [ 77.508613][ T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 77.571961][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 77.582225][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 77.592480][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 77.631498][ T4192] device veth0_macvtap entered promiscuous mode [ 77.671332][ T4192] device veth1_macvtap entered promiscuous mode [ 77.708366][ T4299] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 77.774225][ T4192] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 77.785185][ T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 77.792019][ T154] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 77.793339][ T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 77.821190][ T154] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 77.826125][ T4192] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 77.841547][ T4192] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 77.852594][ T4192] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 77.861543][ T4301] loop0: detected capacity change from 0 to 128 [ 77.862984][ T4192] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 77.880820][ T4192] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 77.906925][ T4192] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 77.916692][ T4197] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 77.933534][ T4197] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 77.944644][ T4197] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 77.955811][ T4197] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 77.966440][ T4197] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 77.977332][ T4197] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 77.992034][ T4197] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 78.007020][ T4197] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 78.018980][ T4197] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 78.038062][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 78.055120][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 78.063467][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 78.077751][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 78.086629][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 78.095679][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 78.105420][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 78.114266][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 78.127562][ T4192] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 78.139358][ T4192] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 78.150591][ T4192] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 78.163706][ T4192] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 78.173946][ T4192] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 78.184748][ T4192] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 78.198240][ T4192] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 78.225679][ T4271] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 78.236561][ T4271] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 78.253339][ T4197] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 78.289858][ T4197] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 78.302129][ T4197] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 78.313866][ T4197] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 78.330600][ T4197] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 78.341758][ T4197] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 78.352514][ T4197] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 78.363207][ T4197] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 78.377792][ T4197] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 78.386580][ T4192] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 78.396600][ T4192] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 78.406246][ T4192] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 78.415399][ T4192] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 78.446200][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 78.462514][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 78.476248][ T4197] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 78.514056][ T4197] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 78.544443][ T4197] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 78.559575][ T4197] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 78.576047][ T4271] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 78.584288][ T4271] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 78.645653][ T4307] loop1: detected capacity change from 0 to 2048 [ 78.684091][ T4271] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 78.766299][ T4307] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 78.837594][ T4311] loop0: detected capacity change from 0 to 1024 [ 78.871188][ T4307] ext4 filesystem being mounted at /0/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 78.895423][ T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 78.903598][ T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 78.957617][ T4307] fscrypt (loop1, inode 14): Error -61 getting encryption context [ 79.022523][ T1683] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 79.066546][ T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 79.066678][ T4271] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 79.091768][ T4271] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 79.099384][ T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 79.107713][ T1683] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 79.116930][ T4315] Bluetooth: hci0: command 0x0419 tx timeout [ 79.123681][ T4315] Bluetooth: hci1: command 0x0419 tx timeout [ 79.154604][ T4315] Bluetooth: hci2: command 0x0419 tx timeout [ 79.166702][ T4315] Bluetooth: hci3: command 0x0419 tx timeout [ 79.178323][ T4311] loop0: detected capacity change from 0 to 4096 [ 79.195413][ T13] Bluetooth: hci4: command 0x0419 tx timeout [ 79.201582][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 79.271337][ T4311] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 79.310726][ T4318] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3'. [ 79.329068][ T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 79.340401][ T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 79.352650][ T4311] EXT4-fs error (device loop0): ext4_do_update_inode:5222: inode #15: comm syz.0.11: corrupted inode contents [ 79.378802][ T4311] EXT4-fs error (device loop0): ext4_dirty_inode:6058: inode #15: comm syz.0.11: mark_inode_dirty error [ 79.378814][ T1683] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 79.400302][ T4311] EXT4-fs error (device loop0): ext4_do_update_inode:5222: inode #15: comm syz.0.11: corrupted inode contents [ 79.443198][ T4311] EXT4-fs error (device loop0): __ext4_ext_dirty:183: inode #15: comm syz.0.11: mark_inode_dirty error [ 79.475024][ T4311] EXT4-fs error (device loop0): ext4_do_update_inode:5222: inode #15: comm syz.0.11: corrupted inode contents [ 79.517040][ T4311] EXT4-fs error (device loop0): __ext4_ext_dirty:183: inode #15: comm syz.0.11: mark_inode_dirty error [ 79.573350][ T4311] EXT4-fs error (device loop0): ext4_do_update_inode:5222: inode #15: comm syz.0.11: corrupted inode contents [ 79.633165][ T4311] EXT4-fs error (device loop0): ext4_truncate:4279: inode #15: comm syz.0.11: mark_inode_dirty error [ 79.685975][ T4311] EXT4-fs error (device loop0) in ext4_setattr:5626: Corrupt filesystem [ 79.731348][ T4320] EXT4-fs error (device loop0): ext4_do_update_inode:5222: inode #15: comm syz.0.11: corrupted inode contents [ 79.902360][ T4337] netlink: 4 bytes leftover after parsing attributes in process `syz.2.16'. [ 79.991338][ T4340] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2 [ 80.062814][ T4344] loop2: detected capacity change from 0 to 512 [ 80.123125][ T4347] loop0: detected capacity change from 0 to 512 [ 80.136738][ T4334] loop4: detected capacity change from 0 to 8192 [ 80.193803][ T4347] EXT4-fs (loop0): Ignoring removed bh option [ 80.233511][ T4344] EXT4-fs error (device loop2): ext4_orphan_get:1400: inode #15: comm syz.2.20: inode has both inline data and extents flags [ 80.236902][ T4347] EXT4-fs (loop0): DAX enabled. Warning: EXPERIMENTAL, use at your own risk [ 80.267526][ T4347] EXT4-fs (loop0): Mount option "nouser_xattr" will be removed by 3.5 [ 80.267526][ T4347] Contact linux-ext4@vger.kernel.org if you think we should keep it. [ 80.267526][ T4347] [ 80.286836][ T4347] EXT4-fs (loop0): Cannot use DAX on a filesystem that may contain inline data [ 80.302347][ T4344] EXT4-fs error (device loop2): ext4_orphan_get:1405: comm syz.2.20: couldn't read orphan inode 15 (err -117) [ 80.361991][ T4344] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 80.450912][ T4353] netlink: 64 bytes leftover after parsing attributes in process `syz.3.23'. [ 80.752994][ T4360] loop2: detected capacity change from 0 to 512 [ 80.860246][ T4360] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 81.274907][ T4378] device syzkaller0 entered promiscuous mode [ 81.522398][ T4376] loop3: detected capacity change from 0 to 8192 [ 83.242975][ T26] audit: type=1400 audit(1769317961.949:2): apparmor="DENIED" operation="setprocattr" info="fscreate" error=-22 profile="unconfined" pid=4426 comm="syz.2.52" [ 83.268707][ T4428] loop2: detected capacity change from 0 to 512 [ 83.357204][ T4428] EXT4-fs error (device loop2): ext4_xattr_inode_iget:401: comm syz.2.52: inode #1: comm syz.2.52: iget: illegal inode # [ 83.364504][ T4428] EXT4-fs error (device loop2): ext4_xattr_inode_iget:406: comm syz.2.52: error while reading EA inode 1 err=-117 [ 83.394325][ T4428] EXT4-fs warning (device loop2): ext4_expand_extra_isize_ea:2806: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 83.394634][ T4428] EXT4-fs error (device loop2): ext4_xattr_inode_iget:401: comm syz.2.52: inode #1: comm syz.2.52: iget: illegal inode # [ 83.397402][ T4428] EXT4-fs error (device loop2): ext4_xattr_inode_iget:406: comm syz.2.52: error while reading EA inode 1 err=-117 [ 83.398345][ T4428] EXT4-fs (loop2): 1 orphan inode deleted [ 83.398368][ T4428] EXT4-fs (loop2): mounted filesystem without journal. Opts: grpjquota=,stripe=0x0000000000000003,norecovery,noinit_itable,init_itable=0x0000000000000001,minixdf,usrjquota=,debug_want_extra_isize=0x000000000000005c,errors=continue,dioread_lock,noblock_validity,noquota,,errors=continue. Quota mode: none. [ 83.724547][ T4427] loop4: detected capacity change from 0 to 8192 [ 84.400241][ T4444] loop4: detected capacity change from 0 to 128 [ 84.604425][ T4446] attempt to access beyond end of device [ 84.604425][ T4446] loop4: rw=2049, want=641, limit=128 [ 85.439956][ T26] audit: type=1326 audit(1769317964.149:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4453 comm="syz.3.62" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8652e12cb9 code=0x7ffc0000 [ 85.527788][ T26] audit: type=1326 audit(1769317964.149:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4453 comm="syz.3.62" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8652e12cb9 code=0x7ffc0000 [ 85.597774][ T4459] loop4: detected capacity change from 0 to 512 [ 85.623557][ T26] audit: type=1326 audit(1769317964.189:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4453 comm="syz.3.62" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f8652e12cb9 code=0x7ffc0000 [ 85.667555][ T4463] llcp: llcp_sock_recvmsg: Recv datagram failed state 5 -107 0 [ 85.686712][ T26] audit: type=1326 audit(1769317964.189:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4453 comm="syz.3.62" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8652e12cb9 code=0x7ffc0000 [ 85.733531][ T26] audit: type=1326 audit(1769317964.189:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4453 comm="syz.3.62" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8652e12cb9 code=0x7ffc0000 [ 85.785725][ T4459] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 85.826293][ T4459] EXT4-fs (loop4): orphan cleanup on readonly fs [ 85.854576][ T4459] Quota error (device loop4): v2_read_file_info: Free block number too big (0 >= 0). [ 85.894960][ T26] audit: type=1326 audit(1769317964.189:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4453 comm="syz.3.62" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f8652e12cb9 code=0x7ffc0000 [ 85.912537][ T4459] EXT4-fs warning (device loop4): ext4_enable_quotas:6486: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 86.004996][ T4459] EXT4-fs (loop4): Cannot turn on quotas: error -117 [ 86.043419][ T4459] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.64: bg 0: block 40: padding at end of block bitmap is not set [ 86.059960][ T26] audit: type=1326 audit(1769317964.189:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4453 comm="syz.3.62" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8652e12cb9 code=0x7ffc0000 [ 86.111873][ T4459] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6194: Corrupt filesystem [ 86.145012][ T26] audit: type=1326 audit(1769317964.189:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4453 comm="syz.3.62" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8652e12cb9 code=0x7ffc0000 [ 86.166224][ T4459] EXT4-fs (loop4): 1 truncate cleaned up [ 86.184943][ T4459] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 86.373258][ T4468] loop0: detected capacity change from 0 to 8192 [ 86.458884][ T4478] netlink: 'syz.3.73': attribute type 13 has an invalid length. [ 86.798234][ T23] cfg80211: failed to load regulatory.db [ 87.674631][ T4478] bridge0: port 2(bridge_slave_1) entered disabled state [ 87.690014][ T4478] bridge0: port 1(bridge_slave_0) entered disabled state [ 89.114504][ T4478] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 89.209725][ T4516] loop0: detected capacity change from 0 to 8192 [ 89.220544][ T4478] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 90.149928][ T4519] loop0: detected capacity change from 0 to 1024 [ 90.264094][ T4519] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 90.427717][ T4478] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 90.451863][ T4478] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 90.476092][ T4523] netlink: 104 bytes leftover after parsing attributes in process `syz.0.90'. [ 90.494923][ T4478] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 90.503864][ T4478] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 90.900226][ T4529] loop0: detected capacity change from 0 to 8192 [ 91.035101][ T4177] loop0: p1 p2 p4 < > [ 91.039535][ T4177] loop0: partition table partially beyond EOD, truncated [ 91.049561][ T4535] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 91.097491][ T4177] loop0: p1 start 16777216 is beyond EOD, truncated [ 91.109617][ T4177] loop0: p2 size 515840 extends beyond EOD, truncated [ 91.150562][ T4177] loop0: p4 start 16777216 is beyond EOD, truncated [ 91.159327][ T4535] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 91.208332][ T4529] loop0: p1 p2 p4 < > [ 91.212718][ T4529] loop0: partition table partially beyond EOD, truncated [ 91.237749][ T4529] loop0: p1 start 16777216 is beyond EOD, truncated [ 91.265124][ T4529] loop0: p2 size 515840 extends beyond EOD, truncated [ 91.287375][ T4529] loop0: p4 start 16777216 is beyond EOD, truncated [ 91.358441][ T4537] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 91.397456][ T4537] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 91.438610][ T4537] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 91.667286][ T4177] udevd[4177]: inotify_add_watch(7, /dev/loop0p2, 10) failed: No such file or directory [ 91.758675][ T4177] udevd[4177]: inotify_add_watch(7, /dev/loop0p2, 10) failed: No such file or directory [ 91.840715][ T4569] loop2: detected capacity change from 0 to 736 [ 91.887637][ T4557] loop0: detected capacity change from 0 to 8192 [ 92.595385][ T4596] netlink: 64 bytes leftover after parsing attributes in process `syz.3.119'. [ 92.953639][ T4616] netlink: 'syz.4.127': attribute type 1 has an invalid length. [ 93.322844][ T4611] loop2: detected capacity change from 0 to 8192 [ 93.349368][ T4633] loop0: detected capacity change from 0 to 1024 [ 93.451836][ T4633] EXT4-fs (loop0): Ignoring removed orlov option [ 93.514592][ T4644] Zero length message leads to an empty skb [ 93.521088][ T4633] EXT4-fs (loop0): mounted filesystem without journal. Opts: block_validity,bsddf,sysvgroups,norecovery,debug_want_extra_isize=0x0000000000000080,orlov,nogrpid,noauto_da_alloc,norecovery,,errors=continue. Quota mode: none. [ 93.883632][ T4652] atomic_op ffff88801bd0a998 conn xmit_atomic 0000000000000000 [ 94.063663][ T4661] loop0: detected capacity change from 0 to 128 [ 94.177773][ T4667] llcp: llcp_sock_recvmsg: Recv datagram failed state 5 -11 0 [ 94.179588][ T26] kauditd_printk_skb: 3 callbacks suppressed [ 94.179602][ T26] audit: type=1800 audit(1769317972.889:14): pid=4661 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.145" name="bus" dev="loop0" ino=1048605 res=0 errno=0 [ 94.384350][ T26] audit: type=1326 audit(1769317973.089:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4673 comm="syz.0.147" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f9c0a1fecb9 code=0x0 [ 94.554145][ T4687] netlink: 4 bytes leftover after parsing attributes in process `syz.4.153'. [ 94.709562][ T4693] loop2: detected capacity change from 0 to 164 [ 96.391304][ T4721] netlink: 4 bytes leftover after parsing attributes in process `syz.4.165'. [ 96.461685][ T4721] device bridge_slave_1 left promiscuous mode [ 96.476631][ T4730] loop3: detected capacity change from 0 to 512 [ 96.524165][ T4721] bridge0: port 2(bridge_slave_1) entered disabled state [ 96.581679][ T4721] device bridge_slave_0 left promiscuous mode [ 96.595912][ T4730] EXT4-fs (loop3): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 96.621796][ T4730] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 96.639944][ T4721] bridge0: port 1(bridge_slave_0) entered disabled state [ 96.692116][ T4730] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 96.759004][ T4730] EXT4-fs (loop3): 1 truncate cleaned up [ 96.775043][ T4730] EXT4-fs (loop3): mounted filesystem without journal. Opts: dioread_nolock,journal_ioprio=0x0000000000000002,noauto_da_alloc,lazytime,grpjquota=,noload,,errors=continue. Quota mode: none. [ 97.075295][ T4745] loop1: detected capacity change from 0 to 128 [ 97.220654][ T4745] EXT4-fs (loop1): mounted filesystem without journal. Opts: usrquota,nodelalloc,,errors=continue. Quota mode: writeback. [ 97.235179][ T4745] ext4 filesystem being mounted at /14/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 97.566897][ T26] audit: type=1326 audit(1769317976.279:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4766 comm="syz.3.183" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8652e12cb9 code=0x7ffc0000 [ 97.589232][ C1] vkms_vblank_simulate: vblank timer overrun [ 97.603404][ T4755] 9pnet: Insufficient options for proto=fd [ 97.645851][ T26] audit: type=1326 audit(1769317976.309:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4766 comm="syz.3.183" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8652e12cb9 code=0x7ffc0000 [ 97.685046][ T26] audit: type=1326 audit(1769317976.309:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4766 comm="syz.3.183" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8652e12cb9 code=0x7ffc0000 [ 97.715161][ C1] vkms_vblank_simulate: vblank timer overrun [ 97.725631][ T26] audit: type=1326 audit(1769317976.309:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4766 comm="syz.3.183" exe="/root/syz-executor" sig=0 arch=c000003e syscall=426 compat=0 ip=0x7f8652e12cb9 code=0x7ffc0000 [ 97.805442][ T26] audit: type=1326 audit(1769317976.309:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4766 comm="syz.3.183" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8652e12cb9 code=0x7ffc0000 [ 97.840772][ C1] vkms_vblank_simulate: vblank timer overrun [ 97.923078][ T26] audit: type=1326 audit(1769317976.309:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4766 comm="syz.3.183" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f8652e12cb9 code=0x7ffc0000 [ 98.004456][ T26] audit: type=1326 audit(1769317976.309:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4766 comm="syz.3.183" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f8652e12cb9 code=0x7ffc0000 [ 98.027032][ C1] vkms_vblank_simulate: vblank timer overrun [ 98.072643][ T4774] loop3: detected capacity change from 0 to 8192 [ 98.125660][ T4177] loop3: p4 < > [ 98.160088][ T4774] loop3: p4 < > [ 98.183816][ T4776] loop1: detected capacity change from 0 to 2048 [ 98.275566][ T4778] xt_hashlimit: size too large, truncated to 1048576 [ 98.289512][ T4776] EXT4-fs (loop1): Invalid want_extra_isize 9 [ 98.355567][ T4780] loop0: detected capacity change from 0 to 1024 [ 98.435631][ T4780] ======================================================= [ 98.435631][ T4780] WARNING: The mand mount option has been deprecated and [ 98.435631][ T4780] and is ignored by this kernel. Remove the mand [ 98.435631][ T4780] option from the mount to silence this warning. [ 98.435631][ T4780] ======================================================= [ 98.470739][ C1] vkms_vblank_simulate: vblank timer overrun [ 98.513841][ T4780] EXT4-fs (loop0): Ignoring removed bh option [ 98.624064][ T4780] EXT4-fs (loop0): mounted filesystem without journal. Opts: nodiscard,data_err=abort,barrier=0x0000000000000002,dioread_lock,data_err=ignore,max_dir_size_kb=0x00000000004007b1,nobarrier,max_dir_size_kb=0x00000000000000eb,abort,user_xattr,bh,errors=remount-ro,. Quota mode: none. [ 98.779753][ T4177] udevd[4177]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory [ 98.885232][ T4177] udevd[4177]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory [ 98.918618][ T4797] loop1: detected capacity change from 0 to 1024 [ 99.011619][ T4797] EXT4-fs (loop1): mounted filesystem without journal. Opts: norecovery,journal_dev=0x00000000000000ff,nombcache,nobarrier,init_itable,errors=remount-ro,. Quota mode: none. [ 99.310483][ T4797] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3887: comm syz.1.194: Allocating blocks 497-513 which overlap fs metadata [ 99.377422][ T4797] EXT4-fs (loop1): Remounting filesystem read-only [ 99.409756][ T4797] EXT4-fs (loop1): pa ffff8880740f4ee0: logic 256, phys. 385, len 8 [ 99.418318][ T4797] EXT4-fs error (device loop1): ext4_mb_release_inode_pa:4904: group 0, free 0, pa_free 1 [ 99.478220][ T4797] EXT4-fs (loop1): Remounting filesystem read-only [ 100.846815][ T4813] Illegal XDP return value 4294967294, expect packet loss! [ 100.870171][ T4815] loop0: detected capacity change from 0 to 512 [ 100.944484][ T4815] EXT4-fs error (device loop0): ext4_orphan_get:1400: inode #15: comm syz.0.195: inode has both inline data and extents flags [ 100.991830][ T4815] EXT4-fs error (device loop0): ext4_orphan_get:1405: comm syz.0.195: couldn't read orphan inode 15 (err -117) [ 101.054150][ T4815] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 101.120440][ T26] audit: type=1800 audit(1769317979.829:23): pid=4815 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.195" name="file1" dev="loop0" ino=18 res=0 errno=0 [ 101.273937][ T4825] loop1: detected capacity change from 0 to 8192 [ 101.754281][ T4835] netdevsim netdevsim2 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0 [ 101.815664][ T4835] netdevsim netdevsim2 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0 [ 101.841440][ T4835] netdevsim netdevsim2 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0 [ 101.896227][ T4835] netdevsim netdevsim2 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0 [ 101.915324][ T4835] device geneve2 entered promiscuous mode [ 101.965308][ T21] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 102.105961][ T26] audit: type=1107 audit(1769317980.809:24): pid=4843 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='OlJѴ [ 102.105961][ T26] 3NxH}>ʼeԭY"me-;e1m=Yup ՔJZ`2=x@nFI rO޸${$,3ĕh*Gէx̫#<碩$=Esy.GF\\ըFp"֬%aBmԢ=ihMʃ)1RŽ:pΩ$uQߛd+%( U2-Auzr+v֩6N&cf%q%p0@5Bw ŝBf\U`;F3moQpD!r𼖪)^2̖x+lVִ7:gѰQr~'_'1MA~R(-Fa&`Xְ-.qT?%E6鏜`G3񐱦!:Yk3eC^T"Q‰ViJע?=0rq~w}idYE[gm%iT,'W(tX/Fq)g8QQ6fhdo+"eCM…!?4߿lGyn ~ [ 102.105961][ T26] W4"(Ih+5y_O h^|,v+zGmSJ+Na9TH?3o`>*K  ^~Bٷx'f3]kRiVN')ʟ6:H%>$AWI [ 102.250071][ T4853] netlink: 68 bytes leftover after parsing attributes in process `syz.2.217'. [ 102.910753][ T4877] loop0: detected capacity change from 0 to 128 [ 102.928271][ T4878] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 103.051879][ T4877] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 103.065568][ T4874] loop2: detected capacity change from 0 to 8192 [ 103.205474][ T4877] ext4 filesystem being mounted at /56/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 103.609721][ T4899] netlink: 12 bytes leftover after parsing attributes in process `syz.4.233'. [ 103.624390][ T26] audit: type=1326 audit(1769317982.329:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4898 comm="syz.2.234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc469940cb9 code=0x7ffc0000 [ 103.746600][ T4899] 8021q: adding VLAN 0 to HW filter on device bond1 [ 103.826810][ T26] audit: type=1326 audit(1769317982.359:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4898 comm="syz.2.234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc469940cb9 code=0x7ffc0000 [ 103.875601][ T4905] loop0: detected capacity change from 0 to 1024 [ 103.903736][ T4905] EXT4-fs (loop0): Ignoring removed nobh option [ 103.945488][ T4903] bond1 (unregistering): Released all slaves [ 103.974871][ T4905] EXT4-fs (loop0): Ignoring removed bh option [ 103.981387][ T4905] EXT4-fs (loop0): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 104.031655][ T26] audit: type=1326 audit(1769317982.359:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4898 comm="syz.2.234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc469940cb9 code=0x7ffc0000 [ 104.099125][ T4905] EXT4-fs (loop0): can't mount with journal_async_commit, fs mounted w/o journal [ 104.138973][ T26] audit: type=1326 audit(1769317982.359:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4898 comm="syz.2.234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fc469940cb9 code=0x7ffc0000 [ 104.260341][ T26] audit: type=1326 audit(1769317982.359:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4898 comm="syz.2.234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc469940cb9 code=0x7ffc0000 [ 104.365013][ T4905] loop0: detected capacity change from 0 to 2048 [ 104.384948][ T26] audit: type=1326 audit(1769317982.359:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4898 comm="syz.2.234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc469940cb9 code=0x7ffc0000 [ 104.463429][ T4905] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 104.475211][ T26] audit: type=1326 audit(1769317982.359:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4898 comm="syz.2.234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc469940cb9 code=0x7ffc0000 [ 104.497163][ T4905] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1163: group 0, block bitmap and bg descriptor inconsistent: 25 vs 281 free clusters [ 104.512254][ T26] audit: type=1326 audit(1769317982.359:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4898 comm="syz.2.234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=206 compat=0 ip=0x7fc469940cb9 code=0x7ffc0000 [ 104.612427][ T4932] loop1: detected capacity change from 0 to 128 [ 104.809610][ T4932] EXT4-fs (loop1): mounted filesystem without journal. Opts: usrquota,nodelalloc,,errors=continue. Quota mode: writeback. [ 104.829186][ T4932] ext4 filesystem being mounted at /27/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 105.171146][ T4941] loop0: detected capacity change from 0 to 8192 [ 105.586762][ T4950] loop1: detected capacity change from 0 to 8192 [ 106.606922][ T4992] netlink: 24 bytes leftover after parsing attributes in process `syz.2.268'. [ 106.705841][ T4996] netlink: 20 bytes leftover after parsing attributes in process `syz.3.270'. [ 106.744581][ T4980] loop0: detected capacity change from 0 to 8192 [ 106.793419][ T4996] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 106.803289][ T4996] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 106.826745][ T4996] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 106.851387][ T4996] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 106.867499][ T4996] device geneve2 entered promiscuous mode [ 107.190318][ T5004] loop3: detected capacity change from 0 to 1024 [ 107.285471][ T5004] EXT4-fs (loop3): Ignoring removed bh option [ 107.291708][ T5004] EXT4-fs (loop3): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 107.447546][ T5011] loop2: detected capacity change from 0 to 128 [ 107.466084][ T5004] EXT4-fs (loop3): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000003,nodioread_nolock,bh,max_dir_size_kb=0x00000000004007b1,data_err=ignore,nouid32,quota,user_xattr,nouid32,dioread_nolock,,errors=continue. Quota mode: writeback. [ 107.549936][ T5011] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 323) [ 107.625115][ T5011] FAT-fs (loop2): Filesystem has been set read-only [ 107.639207][ T5011] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 323) [ 107.681605][ T5011] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 323) [ 107.736966][ T5011] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 323) [ 107.820456][ T5011] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 323) [ 107.862724][ T5011] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 323) [ 107.912537][ T5011] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 323) [ 107.968977][ T5011] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 323) [ 107.981458][ T26] kauditd_printk_skb: 11 callbacks suppressed [ 107.981472][ T26] audit: type=1800 audit(1769317986.689:44): pid=5011 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.276" name="file2" dev="loop2" ino=1048615 res=0 errno=0 [ 108.659742][ T5037] loop2: detected capacity change from 0 to 8192 [ 108.704766][ T5050] syz.3.291 uses obsolete (PF_INET,SOCK_PACKET) [ 108.783000][ T5049] netlink: 'syz.0.292': attribute type 4 has an invalid length. [ 109.106226][ T5059] loop3: detected capacity change from 0 to 1024 [ 109.163619][ T5059] EXT4-fs (loop3): Ignoring removed bh option [ 109.210947][ T5059] EXT4-fs (loop3): inline encryption not supported [ 109.284508][ T5059] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e80ce018, mo2=0000] [ 109.370566][ T5059] System zones: 0-1, 3-12 [ 109.482068][ T5059] EXT4-fs error (device loop3): ext4_map_blocks:739: inode #3: block 1: comm syz.3.296: lblock 1 mapped to illegal pblock 1 (length 1) [ 109.551209][ T5059] Quota error (device loop3): write_blk: dquota write failed [ 109.583288][ T5059] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota [ 109.625337][ T26] audit: type=1326 audit(1769317988.339:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5073 comm="syz.4.304" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdceab4ecb9 code=0x7ffc0000 [ 109.669473][ T5059] EXT4-fs error (device loop3): ext4_acquire_dquot:6234: comm syz.3.296: Failed to acquire dquot type 0 [ 109.704952][ T26] audit: type=1326 audit(1769317988.339:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5073 comm="syz.4.304" exe="/root/syz-executor" sig=0 arch=c000003e syscall=240 compat=0 ip=0x7fdceab4ecb9 code=0x7ffc0000 [ 109.738303][ T5059] EXT4-fs error (device loop3): ext4_free_blocks:6234: comm syz.3.296: Freeing blocks not in datazone - block = 0, count = 4096 [ 109.777053][ T5059] EXT4-fs error (device loop3): ext4_read_inode_bitmap:140: comm syz.3.296: Invalid inode bitmap blk 0 in block_group 0 [ 109.796453][ T144] EXT4-fs error (device loop3): ext4_map_blocks:629: inode #3: block 1: comm kworker/u4:1: lblock 1 mapped to illegal pblock 1 (length 1) [ 109.830585][ T26] audit: type=1326 audit(1769317988.359:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5073 comm="syz.4.304" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdceab4ecb9 code=0x7ffc0000 [ 109.862493][ T144] Quota error (device loop3): remove_tree: Can't read quota data block 1 [ 109.895440][ T5059] EXT4-fs error (device loop3) in ext4_free_inode:362: Corrupt filesystem [ 109.917220][ T144] EXT4-fs error (device loop3): ext4_release_dquot:6270: comm kworker/u4:1: Failed to release dquot type 0 [ 109.964956][ T26] audit: type=1326 audit(1769317988.359:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5073 comm="syz.4.304" exe="/root/syz-executor" sig=0 arch=c000003e syscall=243 compat=0 ip=0x7fdceab4ecb9 code=0x7ffc0000 [ 109.987666][ T5059] EXT4-fs (loop3): 1 orphan inode deleted [ 109.993806][ T5059] EXT4-fs (loop3): mounted filesystem without journal. Opts: ; usrquota,nouid32,bh,max_batch_time=0x00000000000008c9,debug,inlinecrypt,,errors=continue. Quota mode: writeback. [ 110.046693][ T5086] blk_update_request: I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 110.060682][ T26] audit: type=1326 audit(1769317988.359:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5073 comm="syz.4.304" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdceab4ecb9 code=0x7ffc0000 [ 110.092137][ T5059] EXT4-fs (loop3): re-mounted. Opts: . Quota mode: writeback. [ 110.115278][ T5086] FAT-fs (loop1): unable to read boot sector [ 110.202221][ T26] audit: type=1326 audit(1769317988.359:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5073 comm="syz.4.304" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fdceab4ecb9 code=0x7ffc0000 [ 110.322244][ T5097] netlink: 72 bytes leftover after parsing attributes in process `syz.0.312'. [ 110.399157][ T5097] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 110.447577][ T5100] netlink: 'syz.3.313': attribute type 10 has an invalid length. [ 110.487421][ T5100] 8021q: adding VLAN 0 to HW filter on device team0 [ 110.522510][ T5100] bond0: (slave team0): Enslaving as an active interface with an up link [ 110.544124][ T5097] syz.0.312 (5097) used greatest stack depth: 19664 bytes left [ 110.609359][ T5094] loop2: detected capacity change from 0 to 8192 [ 111.414638][ T5131] 9pnet: Insufficient options for proto=fd [ 111.487655][ T5130] netlink: 8 bytes leftover after parsing attributes in process `syz.0.323'. [ 111.512034][ T5130] netlink: 4 bytes leftover after parsing attributes in process `syz.0.323'. [ 111.541429][ T5130] netlink: 'syz.0.323': attribute type 11 has an invalid length. [ 111.574676][ T5130] netlink: 'syz.0.323': attribute type 13 has an invalid length. [ 111.866149][ T5142] netlink: 8 bytes leftover after parsing attributes in process `syz.2.329'. [ 111.991520][ T5148] No such timeout policy "syz1" [ 112.287722][ T5149] loop2: detected capacity change from 0 to 8192 [ 112.757651][ T5168] netlink: 104 bytes leftover after parsing attributes in process `syz.3.335'. [ 113.327329][ T5151] loop0: detected capacity change from 0 to 164 [ 113.395567][ T5151] Unable to read rock-ridge attributes [ 113.580724][ T5151] Unable to read rock-ridge attributes [ 114.199631][ T5208] netlink: 12 bytes leftover after parsing attributes in process `syz.0.346'. [ 114.256792][ T5208] netlink: 12 bytes leftover after parsing attributes in process `syz.0.346'. [ 114.333370][ T5212] netlink: 60 bytes leftover after parsing attributes in process `syz.2.348'. [ 114.472544][ T5215] loop0: detected capacity change from 0 to 512 [ 114.528873][ T5209] loop3: detected capacity change from 0 to 8192 [ 114.559128][ T5215] EXT4-fs error (device loop0): ext4_orphan_get:1426: comm syz.0.349: bad orphan inode 14 [ 114.589652][ T5215] ext4_test_bit(bit=13, block=18) = 1 [ 114.595437][ T5215] is_bad_inode(inode)=0 [ 114.605614][ T5215] NEXT_ORPHAN(inode)=0 [ 114.609748][ T5215] max_ino=32 [ 114.631403][ T5215] i_nlink=1 [ 114.634651][ T5215] EXT4-fs (loop0): mounted filesystem without journal. Opts: jqfmt=vfsv1,,errors=continue. Quota mode: none. [ 114.803594][ T5215] ext4 filesystem being mounted at /89/file2 supports timestamps until 2038-01-19 (0x7fffffff) [ 114.902152][ T5215] EXT4-fs error (device loop0): ext4_add_entry:2486: inode #2: comm syz.0.349: Directory hole found for htree leaf block 0 [ 115.370613][ T5244] netlink: 40 bytes leftover after parsing attributes in process `syz.3.360'. [ 115.384303][ T5244] netlink: 40 bytes leftover after parsing attributes in process `syz.3.360'. [ 115.553765][ T5251] loop3: detected capacity change from 0 to 512 [ 115.578538][ T5252] loop0: detected capacity change from 0 to 512 [ 115.662348][ T5251] EXT4-fs error (device loop3): ext4_orphan_get:1400: inode #15: comm syz.3.364: inode has both inline data and extents flags [ 115.685726][ T5252] EXT4-fs (loop0): mounted filesystem without journal. Opts: quota,nodioread_nolock,grpquota,abort,,errors=continue. Quota mode: writeback. [ 115.743417][ T5251] EXT4-fs error (device loop3): ext4_orphan_get:1405: comm syz.3.364: couldn't read orphan inode 15 (err -117) [ 115.768718][ T5252] ext4 filesystem being mounted at /92/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 115.792327][ T5251] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 115.888651][ T5252] EXT4-fs warning (device loop0): ext4_empty_dir:3156: inode #12: comm syz.0.363: directory missing '..' [ 116.152796][ T5263] loop0: detected capacity change from 0 to 128 [ 116.403739][ T5264] loop3: detected capacity change from 0 to 8192 [ 116.502746][ T5271] loop0: detected capacity change from 0 to 2048 [ 116.661152][ T5271] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 116.782668][ T26] kauditd_printk_skb: 25 callbacks suppressed [ 116.782683][ T26] audit: type=1800 audit(1769317995.489:76): pid=5271 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.370" name="bus" dev="loop0" ino=18 res=0 errno=0 [ 117.336309][ T5293] device netdevsim0 entered promiscuous mode [ 117.368253][ T5293] IPv6: ADDRCONF(NETDEV_CHANGE): netdevsim0: link becomes ready [ 117.398861][ T5293] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 117.744529][ T5312] netlink: 184 bytes leftover after parsing attributes in process `syz.3.387'. [ 117.976418][ T5319] loop3: detected capacity change from 0 to 128 [ 118.079994][ T5319] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 118.262698][ T5314] loop0: detected capacity change from 0 to 8192 [ 118.505314][ T5331] device veth0 entered promiscuous mode [ 118.547328][ T5331] device veth0 left promiscuous mode [ 118.704294][ T5333] loop3: detected capacity change from 0 to 512 [ 118.788158][ T5333] EXT4-fs (loop3): inline encryption not supported [ 118.854233][ T5333] EXT4-fs (loop3): 1 orphan inode deleted [ 118.924543][ T5333] EXT4-fs (loop3): mounted filesystem without journal. Opts: i_version,inlinecrypt,noauto_da_alloc,jqfmt=vfsv1,jqfmt=vfsv0,barrier,journal_dev=0x000000000000844d,sysvgroups,i_version,,errors=continue. Quota mode: none. [ 119.310722][ T5344] netlink: 8 bytes leftover after parsing attributes in process `syz.0.402'. [ 119.340348][ T5344] netlink: 12 bytes leftover after parsing attributes in process `syz.0.402'. [ 119.379880][ T5344] device geneve2 entered promiscuous mode [ 119.851851][ T5365] netlink: 32 bytes leftover after parsing attributes in process `syz.4.412'. [ 120.068757][ T5372] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 120.087379][ T5361] loop3: detected capacity change from 0 to 8192 [ 120.103477][ T5372] infiniband syb2: RDMA CMA: cma_listen_on_dev, error -98 [ 121.196415][ T5400] netlink: 24 bytes leftover after parsing attributes in process `syz.4.428'. [ 121.223856][ T5402] loop3: detected capacity change from 0 to 128 [ 121.282108][ T5402] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 121.327601][ T5405] loop0: detected capacity change from 0 to 512 [ 121.348237][ T5402] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 121.429274][ T5405] EXT4-fs (loop0): Ignoring removed nobh option [ 121.548959][ T155] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 121.567047][ T5405] EXT4-fs (loop0): mounted filesystem without journal. Opts: grpquota,nogrpid,quota,nobh,,errors=continue. Quota mode: writeback. [ 121.624116][ T5410] loop1: detected capacity change from 0 to 8192 [ 121.631247][ T5405] ext4 filesystem being mounted at /113/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 121.712847][ T5420] netlink: 8 bytes leftover after parsing attributes in process `syz.3.434'. [ 121.778804][ T26] audit: type=1326 audit(1769318000.489:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5421 comm="syz.4.437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdceab4ecb9 code=0x7ffc0000 [ 121.906789][ T26] audit: type=1326 audit(1769318000.519:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5421 comm="syz.4.437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=173 compat=0 ip=0x7fdceab4ecb9 code=0x7ffc0000 [ 122.101542][ T26] audit: type=1326 audit(1769318000.519:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5421 comm="syz.4.437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdceab4ecb9 code=0x7ffc0000 [ 122.147112][ T5428] loop3: detected capacity change from 0 to 512 [ 122.203817][ T26] audit: type=1326 audit(1769318000.519:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5421 comm="syz.4.437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=173 compat=0 ip=0x7fdceab4ecb9 code=0x7ffc0000 [ 122.233759][ T26] audit: type=1326 audit(1769318000.519:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5421 comm="syz.4.437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdceab4ecb9 code=0x7ffc0000 [ 122.310227][ T5428] EXT4-fs (loop3): mounted filesystem without journal. Opts: noauto_da_alloc,,errors=continue. Quota mode: writeback. [ 122.365275][ T5428] ext4 filesystem being mounted at /83/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 122.463298][ T5428] EXT4-fs (loop3): shut down requested (1) [ 122.493155][ T5435] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 122.712321][ T5435] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 122.938893][ T5435] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 123.130615][ T5435] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 123.373317][ T5472] loop1: detected capacity change from 0 to 8192 [ 123.382933][ T5435] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 123.458952][ T5435] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 123.555504][ T5435] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 123.677803][ T5435] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 123.783401][ T5480] netlink: 20 bytes leftover after parsing attributes in process `syz.4.459'. [ 123.889274][ T5480] 8021q: adding VLAN 0 to HW filter on device bond1 [ 123.901526][ T5481] netlink: 16 bytes leftover after parsing attributes in process `syz.4.459'. [ 123.924710][ T5480] netlink: 'syz.4.459': attribute type 10 has an invalid length. [ 123.996554][ T5485] netlink: 4 bytes leftover after parsing attributes in process `syz.0.460'. [ 125.516624][ T5516] loop1: detected capacity change from 0 to 8192 [ 125.605338][ T5521] mmap: syz.4.476 (5521): VmData 37584896 exceed data ulimit 0. Update limits or use boot option ignore_rlimit_data. [ 126.456131][ T5539] netlink: 36 bytes leftover after parsing attributes in process `syz.3.484'. [ 126.531184][ T26] audit: type=1326 audit(1769318005.239:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5542 comm="syz.4.486" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdceab4ecb9 code=0x7ffc0000 [ 126.612208][ T26] audit: type=1326 audit(1769318005.279:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5542 comm="syz.4.486" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdceab4ecb9 code=0x7ffc0000 [ 126.662372][ T5546] loop1: detected capacity change from 0 to 2048 [ 126.748324][ T5546] EXT4-fs (loop1): mounted filesystem without journal. Opts: bsdgroups,jqfmt=vfsv1,,errors=continue. Quota mode: none. [ 126.785555][ T26] audit: type=1326 audit(1769318005.279:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5542 comm="syz.4.486" exe="/root/syz-executor" sig=0 arch=c000003e syscall=253 compat=0 ip=0x7fdceab4ecb9 code=0x7ffc0000 [ 126.948513][ T26] audit: type=1326 audit(1769318005.279:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5542 comm="syz.4.486" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdceab4ecb9 code=0x7ffc0000 [ 127.053934][ T26] audit: type=1326 audit(1769318005.289:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5542 comm="syz.4.486" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdceab4ecb9 code=0x7ffc0000 [ 127.163082][ T26] audit: type=1326 audit(1769318005.289:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5542 comm="syz.4.486" exe="/root/syz-executor" sig=0 arch=c000003e syscall=254 compat=0 ip=0x7fdceab4ecb9 code=0x7ffc0000 [ 127.245086][ T26] audit: type=1326 audit(1769318005.289:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5542 comm="syz.4.486" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdceab4ecb9 code=0x7ffc0000 [ 127.325426][ T26] audit: type=1326 audit(1769318005.289:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5542 comm="syz.4.486" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdceab4ecb9 code=0x7ffc0000 [ 127.406107][ T26] audit: type=1326 audit(1769318005.289:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5542 comm="syz.4.486" exe="/root/syz-executor" sig=0 arch=c000003e syscall=189 compat=0 ip=0x7fdceab4ecb9 code=0x7ffc0000 [ 127.450462][ T5546] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1163: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 127.489043][ T26] audit: type=1326 audit(1769318005.289:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5542 comm="syz.4.486" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdceab4ecb9 code=0x7ffc0000 [ 127.626511][ T26] audit: type=1326 audit(1769318005.289:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5542 comm="syz.4.486" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdceab4ecb9 code=0x7ffc0000 [ 127.674346][ T5546] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1622 with error 28 [ 127.714165][ T26] audit: type=1326 audit(1769318005.289:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5542 comm="syz.4.486" exe="/root/syz-executor" sig=0 arch=c000003e syscall=197 compat=0 ip=0x7fdceab4ecb9 code=0x7ffc0000 [ 127.737833][ T26] audit: type=1326 audit(1769318005.289:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5542 comm="syz.4.486" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdceab4ecb9 code=0x7ffc0000 [ 127.774915][ T5546] EXT4-fs (loop1): This should not happen!! Data will be lost [ 127.774915][ T5546] [ 127.778792][ T5568] loop3: detected capacity change from 0 to 256 [ 127.825015][ T5546] EXT4-fs (loop1): Total free blocks count 0 [ 127.832927][ T5546] EXT4-fs (loop1): Free/Dirty block details [ 127.874899][ T5546] EXT4-fs (loop1): free_blocks=2415919104 [ 127.880930][ T5546] EXT4-fs (loop1): dirty_blocks=1632 [ 127.881563][ T5568] netlink: 134744 bytes leftover after parsing attributes in process `syz.3.495'. [ 127.904990][ T5546] EXT4-fs (loop1): Block reservation details [ 127.911047][ T5546] EXT4-fs (loop1): i_reserved_data_blocks=102 [ 128.104094][ T5570] netlink: 24 bytes leftover after parsing attributes in process `syz.4.496'. [ 128.192145][ T5570] netlink: 16 bytes leftover after parsing attributes in process `syz.4.496'. [ 128.557990][ T5589] IPv6: NLM_F_REPLACE set, but no existing node found! [ 128.769594][ T5595] loop3: detected capacity change from 0 to 8192 [ 129.528339][ T5610] device syz_tun entered promiscuous mode [ 129.537675][ T5610] netlink: 4 bytes leftover after parsing attributes in process `syz.1.514'. [ 130.070063][ T5630] device syzkaller1 entered promiscuous mode [ 130.636255][ T5638] loop0: detected capacity change from 0 to 8192 [ 130.811687][ T5628] netlink: 72 bytes leftover after parsing attributes in process `syz.1.521'. [ 130.991000][ T5634] netlink: 'syz.1.521': attribute type 13 has an invalid length. [ 131.225938][ T5650] loop3: detected capacity change from 0 to 8192 [ 131.304977][ T5650] loop3: p2 p3 p4 [ 131.309573][ T5650] loop3: p2 size 8388608 extends beyond EOD, truncated [ 131.323977][ T5650] loop3: p3 start 134217728 is beyond EOD, truncated [ 131.342386][ T5650] loop3: p4 size 262144 extends beyond EOD, truncated [ 131.548937][ T5662] loop0: detected capacity change from 0 to 1024 [ 131.576715][ T5662] EXT4-fs (loop0): Ignoring removed orlov option [ 131.633683][ T4177] udevd[4177]: inotify_add_watch(7, /dev/loop3p2, 10) failed: No such file or directory [ 131.648374][ T4179] udevd[4179]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory [ 131.669265][ T5662] EXT4-fs (loop0): mounted filesystem without journal. Opts: orlov,min_batch_time=0x0000000000000004,usrjquota=,,errors=continue. Quota mode: writeback. [ 131.737436][ T5662] EXT4-fs (loop0): shut down requested (0) [ 131.897387][ T5634] bridge0: port 2(bridge_slave_1) entered disabled state [ 131.905075][ T5634] bridge0: port 1(bridge_slave_0) entered disabled state [ 132.244551][ T5679] loop0: detected capacity change from 0 to 256 [ 132.305852][ T5679] FAT-fs (loop0): Directory bread(block 64) failed [ 132.316775][ T5679] FAT-fs (loop0): Directory bread(block 65) failed [ 132.323552][ T5679] FAT-fs (loop0): Directory bread(block 66) failed [ 132.330662][ T5679] FAT-fs (loop0): Directory bread(block 67) failed [ 132.338149][ T5679] FAT-fs (loop0): Directory bread(block 68) failed [ 132.344719][ T5679] FAT-fs (loop0): Directory bread(block 69) failed [ 132.351991][ T5679] FAT-fs (loop0): Directory bread(block 70) failed [ 132.358874][ T5679] FAT-fs (loop0): Directory bread(block 71) failed [ 132.367772][ T5679] FAT-fs (loop0): Directory bread(block 72) failed [ 132.377380][ T5679] FAT-fs (loop0): Directory bread(block 73) failed [ 132.584662][ T5681] capability: warning: `syz.0.540' uses deprecated v2 capabilities in a way that may be insecure [ 132.880338][ T1421] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.886991][ T1421] ieee802154 phy1 wpan1: encryption failed: -22 [ 132.930796][ T5634] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 132.996761][ T5634] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 133.435038][ T5666] Bluetooth: hci5: command 0x0409 tx timeout [ 133.667294][ T5634] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 133.676877][ T5634] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 133.687931][ T5634] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 133.697172][ T5634] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 134.064013][ T5688] loop3: detected capacity change from 0 to 128 [ 134.132612][ T5686] loop1: detected capacity change from 0 to 8192 [ 134.183805][ T26] kauditd_printk_skb: 19 callbacks suppressed [ 134.183820][ T26] audit: type=1800 audit(1769318012.889:114): pid=5688 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.543" name="bus" dev="loop3" ino=1048648 res=0 errno=0 [ 134.355888][ T5695] netlink: 16 bytes leftover after parsing attributes in process `syz.4.546'. [ 134.414599][ T5694] tipc: MTU too low for tipc bearer [ 134.524017][ T5699] loop3: detected capacity change from 0 to 4096 [ 134.580006][ T5653] chnl_net:caif_netlink_parms(): no params data found [ 134.621217][ T5699] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 135.026565][ T5653] bridge0: port 1(bridge_slave_0) entered blocking state [ 135.044105][ T5653] bridge0: port 1(bridge_slave_0) entered disabled state [ 135.059794][ T5653] device bridge_slave_0 entered promiscuous mode [ 135.076320][ T5653] bridge0: port 2(bridge_slave_1) entered blocking state [ 135.086830][ T5653] bridge0: port 2(bridge_slave_1) entered disabled state [ 135.097592][ T5653] device bridge_slave_1 entered promiscuous mode [ 135.204562][ T5653] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 135.278783][ T5653] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 135.446504][ T5653] team0: Port device team_slave_0 added [ 135.492599][ T5653] team0: Port device team_slave_1 added [ 135.525176][ T21] Bluetooth: hci5: command 0x041b tx timeout [ 135.594444][ T5653] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 135.635268][ T5653] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 135.729272][ T5653] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 135.742809][ T5736] loop1: detected capacity change from 0 to 8192 [ 135.777949][ T5744] loop3: detected capacity change from 0 to 256 [ 135.787066][ T5653] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 135.794052][ T5653] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 135.948347][ T5653] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 136.087711][ T4197] FAT-fs (loop3): error, corrupted directory (invalid entries) [ 136.119147][ T4197] FAT-fs (loop3): Filesystem has been set read-only [ 136.157391][ T4197] FAT-fs (loop3): error, corrupted directory (invalid entries) [ 136.205975][ T5653] device hsr_slave_0 entered promiscuous mode [ 136.235915][ T5653] device hsr_slave_1 entered promiscuous mode [ 136.294710][ T5653] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 136.325302][ T5653] Cannot create hsr debugfs directory [ 136.592639][ T5746] infiniband syz1: set active [ 136.605348][ T5746] infiniband syz1: added syz_tun [ 136.785965][ T5746] RDS/IB: syz1: added [ 136.791344][ T5746] smc: adding ib device syz1 with port count 1 [ 136.848722][ T5746] smc: ib device syz1 port 1 has pnetid [ 137.043590][ T5653] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 137.127743][ T5653] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 137.183645][ T5653] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 137.256026][ T5653] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 137.604870][ T4174] Bluetooth: hci5: command 0x040f tx timeout [ 137.700484][ T5653] 8021q: adding VLAN 0 to HW filter on device bond0 [ 137.776216][ T4271] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 137.795420][ T4271] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 137.850892][ T5653] 8021q: adding VLAN 0 to HW filter on device team0 [ 137.961046][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 137.980806][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 138.025128][ T154] bridge0: port 1(bridge_slave_0) entered blocking state [ 138.032269][ T154] bridge0: port 1(bridge_slave_0) entered forwarding state [ 138.089913][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 138.101590][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 138.120253][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 138.146885][ T154] bridge0: port 2(bridge_slave_1) entered blocking state [ 138.154028][ T154] bridge0: port 2(bridge_slave_1) entered forwarding state [ 138.181144][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 138.208097][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 138.217609][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 138.228896][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 138.259289][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 138.268004][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 138.288633][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 138.325897][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 138.339072][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 138.348318][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 138.360339][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 138.371756][ T5653] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 138.688823][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 138.710391][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 138.753865][ T5653] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 138.880085][ T5782] loop1: detected capacity change from 0 to 8192 [ 139.318801][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 139.341101][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 139.446642][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 139.482520][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 139.515822][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 139.544192][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 139.568506][ T5653] device veth0_vlan entered promiscuous mode [ 139.613399][ T5653] device veth1_vlan entered promiscuous mode [ 139.694905][ T4249] Bluetooth: hci5: command 0x0419 tx timeout [ 139.702472][ T4271] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 139.716985][ T4271] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 139.764046][ T4271] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 139.801461][ T4271] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 139.898123][ T5653] device veth0_macvtap entered promiscuous mode [ 139.915255][ T4249] Bluetooth: hci1: command 0x0409 tx timeout [ 139.923905][ T5791] netlink: 8 bytes leftover after parsing attributes in process `syz.1.581'. [ 139.951710][ T5653] device veth1_macvtap entered promiscuous mode [ 140.052410][ T5653] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 140.063918][ T5653] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 140.074188][ T5653] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 140.087481][ T5653] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 140.097470][ T5653] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 140.107966][ T5653] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 140.119496][ T5653] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 140.132936][ T5795] netlink: 'syz.1.582': attribute type 6 has an invalid length. [ 140.163410][ T4271] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 140.179228][ T4271] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 140.205760][ T4271] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 140.223555][ T4271] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 140.235171][ T5653] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 140.247222][ T5653] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 140.258470][ T5653] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 140.269211][ T5653] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 140.279359][ T5653] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 140.290128][ T5653] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 140.302074][ T5653] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 140.321141][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 140.337164][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 140.350284][ T5763] chnl_net:caif_netlink_parms(): no params data found [ 140.406282][ T5653] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 140.434959][ T5653] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 140.443721][ T5653] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 140.482105][ T5653] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 140.546125][ T4908] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 140.657631][ T4908] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 140.835216][ T4908] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 140.904129][ T5763] bridge0: port 1(bridge_slave_0) entered blocking state [ 140.912459][ T5763] bridge0: port 1(bridge_slave_0) entered disabled state [ 140.920893][ T5763] device bridge_slave_0 entered promiscuous mode [ 140.948264][ T4908] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 140.994994][ T5763] bridge0: port 2(bridge_slave_1) entered blocking state [ 141.002104][ T5763] bridge0: port 2(bridge_slave_1) entered disabled state [ 141.011199][ T5763] device bridge_slave_1 entered promiscuous mode [ 141.042889][ T155] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 141.053562][ T155] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 141.112057][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 141.165397][ T5763] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 141.192544][ T1683] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 141.228087][ T1683] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 141.244184][ T5763] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 141.302767][ T4271] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 141.371379][ T5763] team0: Port device team_slave_0 added [ 141.398930][ T5763] team0: Port device team_slave_1 added [ 141.467894][ T5763] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 141.492243][ T5763] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 141.575690][ T5816] loop0: detected capacity change from 0 to 8192 [ 141.590592][ T5763] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 141.735701][ T5763] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 141.779883][ T5763] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 141.995736][ T4174] Bluetooth: hci1: command 0x041b tx timeout [ 141.998999][ T5763] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 142.252346][ T5763] device hsr_slave_0 entered promiscuous mode [ 142.279391][ T5763] device hsr_slave_1 entered promiscuous mode [ 142.316884][ T5763] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 142.372352][ T5763] Cannot create hsr debugfs directory [ 142.510835][ T5839] loop0: detected capacity change from 0 to 256 [ 142.530257][ T5839] FAT-fs (loop0): bogus logical sector size 13 [ 142.554594][ T26] audit: type=1326 audit(1769318021.259:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5817 comm="syz.5.528" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc6e7f73cb9 code=0x0 [ 142.585978][ T5839] FAT-fs (loop0): Can't find a valid FAT filesystem [ 142.689700][ T5842] tmpfs: Unknown parameter 'contextuota' [ 142.777469][ T5844] loop0: detected capacity change from 0 to 128 [ 142.860038][ T5844] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 143.290046][ T5763] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 143.322242][ T5763] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 143.423497][ T5763] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 143.465196][ T5858] netlink: 24 bytes leftover after parsing attributes in process `syz.0.600'. [ 143.505400][ T5763] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 144.084955][ T21] Bluetooth: hci1: command 0x040f tx timeout [ 144.100909][ T5763] 8021q: adding VLAN 0 to HW filter on device bond0 [ 144.214918][ T4908] device hsr_slave_0 left promiscuous mode [ 144.221903][ T4908] device hsr_slave_1 left promiscuous mode [ 144.258979][ T4908] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 144.310481][ T4908] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 144.331320][ T4908] device bridge_slave_1 left promiscuous mode [ 144.373102][ T4908] bridge0: port 2(bridge_slave_1) entered disabled state [ 144.434546][ T4908] device bridge_slave_0 left promiscuous mode [ 144.472640][ T4908] bridge0: port 1(bridge_slave_0) entered disabled state [ 144.551522][ T5885] loop0: detected capacity change from 0 to 2048 [ 144.758612][ T5885] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 145.268876][ T4908] team0 (unregistering): Port device team_slave_1 removed [ 145.306902][ T4908] team0 (unregistering): Port device team_slave_0 removed [ 145.349996][ T4908] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 145.399102][ T4908] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 145.659080][ T4908] bond0 (unregistering): (slave team0): Releasing backup interface [ 145.724465][ T5916] loop0: detected capacity change from 0 to 8192 [ 145.736074][ T4908] bond0 (unregistering): Released all slaves [ 145.822761][ T4503] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 145.841043][ T4503] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 145.895829][ T5763] 8021q: adding VLAN 0 to HW filter on device team0 [ 145.961448][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 146.016436][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 146.050787][ T155] bridge0: port 1(bridge_slave_0) entered blocking state [ 146.058000][ T155] bridge0: port 1(bridge_slave_0) entered forwarding state [ 146.089972][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 146.111791][ T4271] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 146.147374][ T4271] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 146.165064][ T23] Bluetooth: hci1: command 0x0419 tx timeout [ 146.190263][ T4271] bridge0: port 2(bridge_slave_1) entered blocking state [ 146.197551][ T4271] bridge0: port 2(bridge_slave_1) entered forwarding state [ 146.262000][ T4271] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 146.348976][ T4271] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 146.409518][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 146.469965][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 146.495996][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 146.595859][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 146.633510][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 146.715676][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 146.736980][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 146.774630][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 146.799742][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 146.826907][ T5763] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 147.039480][ T5945] loop0: detected capacity change from 0 to 256 [ 147.379120][ T4503] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 147.389268][ T4503] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 147.465168][ T5763] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 147.728343][ T5967] loop1: detected capacity change from 0 to 512 [ 147.760701][ T5967] EXT4-fs (loop1): Ignoring removed nobh option [ 147.809712][ T5967] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -13 [ 147.858052][ T5967] EXT4-fs error (device loop1): ext4_clear_blocks:883: inode #13: comm syz.1.629: attempt to clear invalid blocks 1 len 1 [ 147.946322][ T5967] EXT4-fs (loop1): Remounting filesystem read-only [ 147.954648][ T5967] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1163: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters [ 148.014356][ T5967] EXT4-fs (loop1): Remounting filesystem read-only [ 148.025619][ T5967] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #13: comm syz.1.629: invalid indirect mapped block 1819239214 (level 0) [ 148.042262][ T5964] loop0: detected capacity change from 0 to 8192 [ 148.134185][ T5967] EXT4-fs (loop1): Remounting filesystem read-only [ 148.153698][ T5967] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #13: comm syz.1.629: invalid indirect mapped block 1819239214 (level 1) [ 148.225346][ T5967] EXT4-fs (loop1): Remounting filesystem read-only [ 148.287367][ T5967] EXT4-fs (loop1): 1 truncate cleaned up [ 148.293226][ T5967] EXT4-fs (loop1): mounted filesystem without journal. Opts: inode_readahead_blks=0x0000000000100000,resuid=0x0000000000000000,jqfmt=vfsv1,errors=remount-ro,nobh,usrjquota=... Quota mode: writeback. [ 148.323342][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 148.343766][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 148.440413][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 148.513382][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 148.566564][ T5763] device veth0_vlan entered promiscuous mode [ 148.585627][ T5967] EXT4-fs (loop1): Ignoring removed orlov option [ 148.592048][ T5967] EXT4-fs (loop1): Remounting file system with no journal so ignoring journalled data option [ 148.606921][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 148.655759][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 148.698490][ T5763] device veth1_vlan entered promiscuous mode [ 148.847937][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 148.871209][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 148.925755][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 148.965334][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 149.008375][ T5763] device veth0_macvtap entered promiscuous mode [ 149.046586][ T5763] device veth1_macvtap entered promiscuous mode [ 149.193458][ T5763] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 149.244945][ T5763] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 149.311061][ T5763] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 149.362665][ T5763] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 149.395027][ T26] audit: type=1326 audit(1769318028.099:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5998 comm="syz.1.635" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f22a3f08cb9 code=0x0 [ 149.414576][ T5763] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 149.471984][ T5763] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 149.534862][ T5763] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 149.584716][ T5763] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 149.622196][ T5763] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 149.658603][ T4503] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 149.685450][ T4503] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 149.756243][ T4503] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 149.858301][ T4503] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 149.964989][ T5763] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 149.976761][ T5763] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 149.987341][ T5763] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 149.998255][ T5763] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 150.008170][ T5763] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 150.024813][ T5763] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 150.042604][ T5763] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 150.152970][ T5763] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 150.280174][ T5763] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 150.740300][ T6014] loop0: detected capacity change from 0 to 8192 [ 150.869467][ T5763] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 150.933890][ T5763] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 150.979324][ T5763] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 151.015323][ T5763] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 151.051178][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 151.075674][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 151.433022][ T144] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 151.458464][ T6030] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 151.503157][ T144] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 151.612166][ T1683] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 151.652875][ T1683] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 151.702197][ T1683] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 151.786448][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 152.063039][ T6051] netlink: 'syz.1.653': attribute type 2 has an invalid length. [ 152.462812][ T6070] loop6: detected capacity change from 0 to 512 [ 152.616524][ T6075] loop0: detected capacity change from 0 to 256 [ 152.647314][ T6070] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 152.658935][ T6070] ext4 filesystem being mounted at /3/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 152.686808][ T6070] Quota error (device loop6): find_block_dqentry: Quota for id 0 referenced but not present [ 152.734961][ T6070] Quota error (device loop6): qtree_read_dquot: Can't read quota structure for id 0 [ 152.744650][ T6070] EXT4-fs error (device loop6): ext4_acquire_dquot:6234: comm syz.6.659: Failed to acquire dquot type 1 [ 152.997843][ T6084] usb usb7: usbfs: process 6084 (syz.0.662) did not claim interface 0 before use [ 153.272954][ T6092] loop0: detected capacity change from 0 to 2048 [ 153.475789][ T6092] EXT4-fs (loop0): Ignoring removed oldalloc option [ 153.524675][ T6092] [EXT4 FS bs=2048, gc=1, bpg=262144, ipg=32, mo=a802c028, mo2=0002] [ 153.563073][ T6092] System zones: 0-7 [ 153.616180][ T6092] EXT4-fs (loop0): mounted filesystem without journal. Opts: debug,nodioread_nolock,barrier=0x0000000000000007,oldalloc,nojournal_checksum,min_batch_time=0x000000000000c619,errors=remount-ro,. Quota mode: none. [ 153.670591][ T6092] EXT4-fs error (device loop0): ext4_find_extent:929: inode #2: comm syz.0.665: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4) [ 153.691412][ T6092] EXT4-fs (loop0): Remounting filesystem read-only [ 153.699760][ T6092] EXT4-fs error (device loop0): ext4_ext_precache:608: inode #2: comm syz.0.665: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 5(5) [ 153.720891][ T6092] EXT4-fs (loop0): Remounting filesystem read-only [ 154.210376][ T6125] loop0: detected capacity change from 0 to 8192 [ 155.239068][ T6164] loop0: detected capacity change from 0 to 512 [ 155.280614][ T6164] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 155.351913][ T6164] EXT4-fs (loop0): 1 truncate cleaned up [ 155.360717][ T6164] EXT4-fs (loop0): mounted filesystem without journal. Opts: resuid=0x0000000000000000,max_dir_size_kb=0x00000000000001ff,min_batch_time=0x0000000000000ef4,noblock_validity,,errors=continue. Quota mode: none. [ 155.397504][ T6164] EXT4-fs warning (device loop0): empty_inline_dir:1862: bad inline directory (dir #12) - no `..' [ 155.497625][ T6176] netlink: 12 bytes leftover after parsing attributes in process `syz.6.688'. [ 156.088386][ T6186] loop6: detected capacity change from 0 to 8192 [ 156.225515][ T6207] netlink: 8 bytes leftover after parsing attributes in process `syz.4.698'. [ 156.417094][ T6210] loop6: detected capacity change from 0 to 1024 [ 156.557717][ T6210] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 156.635849][ T6225] loop5: detected capacity change from 0 to 512 [ 156.658636][ T6225] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 156.701900][ T6225] EXT4-fs (loop5): 1 truncate cleaned up [ 156.707769][ T6225] EXT4-fs (loop5): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000001,auto_da_alloc=0x0000000000000eb0,debug_want_extra_isize=0x0000000000000068,lazytime,nombcache,noload,noquota,,errors=continue. Quota mode: none. [ 157.953575][ T6259] netlink: 12 bytes leftover after parsing attributes in process `syz.4.717'. [ 158.075688][ T6262] x_tables: ip_tables: dccp match: only valid for protocol 33 [ 158.444298][ T6277] netlink: 108 bytes leftover after parsing attributes in process `syz.1.722'. [ 158.510574][ T6280] geneve0 speed is unknown, defaulting to 1000 [ 158.557396][ T6280] geneve0 speed is unknown, defaulting to 1000 [ 158.616317][ T6280] geneve0 speed is unknown, defaulting to 1000 [ 158.695923][ T6280] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98 [ 158.722292][ T6285] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 158.801857][ T6285] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 158.869345][ T6285] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 158.919908][ T6285] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 158.963116][ T6285] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 159.002896][ T6285] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 159.048626][ T6285] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 159.064534][ T6285] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 159.082008][ T6285] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 159.103410][ T6285] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 159.126376][ T6280] geneve0 speed is unknown, defaulting to 1000 [ 159.182509][ T6280] geneve0 speed is unknown, defaulting to 1000 [ 159.230842][ T6280] geneve0 speed is unknown, defaulting to 1000 [ 159.272374][ T6280] geneve0 speed is unknown, defaulting to 1000 [ 159.311320][ T6280] geneve0 speed is unknown, defaulting to 1000 [ 159.377777][ T6280] geneve0 speed is unknown, defaulting to 1000 [ 159.569938][ T6306] netlink: 'syz.1.732': attribute type 10 has an invalid length. [ 159.624989][ T6306] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 159.654474][ T6289] loop0: detected capacity change from 0 to 8192 [ 159.675763][ T6306] bond0: (slave batadv0): Enslaving as an active interface with an up link [ 159.703180][ T6308] netlink: 'syz.1.732': attribute type 10 has an invalid length. [ 159.738293][ T6308] netlink: 40 bytes leftover after parsing attributes in process `syz.1.732'. [ 159.782320][ T6308] device batadv0 entered promiscuous mode [ 159.832592][ T6308] bond0: (slave batadv0): Releasing backup interface [ 159.929178][ T6308] bridge0: port 3(batadv0) entered blocking state [ 159.969975][ T6308] bridge0: port 3(batadv0) entered disabled state [ 160.004530][ T6318] loop5: detected capacity change from 0 to 512 [ 160.100681][ T4503] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled [ 160.110830][ T4503] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled [ 160.152120][ T6318] EXT4-fs error (device loop5): ext4_xattr_inode_iget:401: comm syz.5.738: inode #1: comm syz.5.738: iget: illegal inode # [ 160.209215][ T6327] device ip6gre1 entered promiscuous mode [ 160.230593][ T6318] EXT4-fs error (device loop5): ext4_xattr_inode_iget:406: comm syz.5.738: error while reading EA inode 1 err=-117 [ 160.282513][ T6318] EXT4-fs error (device loop5): ext4_xattr_inode_iget:401: comm syz.5.738: inode #1: comm syz.5.738: iget: illegal inode # [ 160.381820][ T6318] EXT4-fs error (device loop5): ext4_xattr_inode_iget:406: comm syz.5.738: error while reading EA inode 1 err=-117 [ 160.383777][ T6334] syz.0.740 (6334) used greatest stack depth: 18832 bytes left [ 160.472282][ T6318] EXT4-fs (loop5): 1 orphan inode deleted [ 160.491626][ T6342] netlink: 8 bytes leftover after parsing attributes in process `syz.6.746'. [ 160.522684][ T6318] EXT4-fs (loop5): mounted filesystem without journal. Opts: grpjquota=,stripe=0x0000000000000003,norecovery,noinit_itable,init_itable=0x0000000000000001,minixdf,usrjquota=,debug_want_extra_isize=0x000000000000005c,errors=continue,dioread_lock,noblock_validity,noquota,,errors=continue. Quota mode: none. [ 160.653726][ T6349] netlink: 44 bytes leftover after parsing attributes in process `syz.6.749'. [ 160.813500][ T6336] geneve0 speed is unknown, defaulting to 1000 [ 160.822010][ T6354] loop6: detected capacity change from 0 to 256 [ 161.140732][ T6373] netlink: 256 bytes leftover after parsing attributes in process `syz.6.757'. [ 161.243745][ T26] audit: type=1326 audit(1769318039.949:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6375 comm="syz.6.762" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73a7380cb9 code=0x7ffc0000 [ 161.269295][ T6377] loop6: detected capacity change from 0 to 512 [ 161.298307][ T6376] loop1: detected capacity change from 0 to 512 [ 161.320666][ T26] audit: type=1326 audit(1769318039.949:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6375 comm="syz.6.762" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73a7380cb9 code=0x7ffc0000 [ 161.373743][ T6376] EXT4-fs (loop1): Invalid default hash set in the superblock [ 161.410594][ T6377] EXT4-fs (loop6): mounted filesystem without journal. Opts: user_xattr,mb_optimize_scan=0x0000000000000001,stripe=0x0000000000000005,,errors=continue. Quota mode: writeback. [ 161.453819][ T26] audit: type=1326 audit(1769318039.949:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6375 comm="syz.6.762" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73a7380cb9 code=0x7ffc0000 [ 161.477976][ T26] audit: type=1326 audit(1769318039.949:120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6375 comm="syz.6.762" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f73a7380cb9 code=0x7ffc0000 [ 161.500799][ T6377] ext4 filesystem being mounted at /20/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 161.505544][ T26] audit: type=1326 audit(1769318039.949:121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6375 comm="syz.6.762" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73a7380cb9 code=0x7ffc0000 [ 161.586445][ T26] audit: type=1326 audit(1769318039.949:122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6375 comm="syz.6.762" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73a7380cb9 code=0x7ffc0000 [ 161.611980][ T26] audit: type=1326 audit(1769318039.949:123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6375 comm="syz.6.762" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73a7380cb9 code=0x7ffc0000 [ 161.660196][ T6389] loop1: detected capacity change from 0 to 128 [ 161.667089][ T26] audit: type=1326 audit(1769318039.949:124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6375 comm="syz.6.762" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73a7380cb9 code=0x7ffc0000 [ 161.691751][ T26] audit: type=1326 audit(1769318039.949:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6375 comm="syz.6.762" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f73a7380cb9 code=0x7ffc0000 [ 161.728516][ T26] audit: type=1326 audit(1769318039.949:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6375 comm="syz.6.762" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f73a7380a22 code=0x7ffc0000 [ 161.856288][ T6389] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 161.942029][ T6389] ext4 filesystem being mounted at /91/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 162.483786][ T6413] team0 (unregistering): Port device team_slave_0 removed [ 162.529903][ T6413] team0 (unregistering): Failed to send options change via netlink (err -105) [ 162.581628][ T6413] team0 (unregistering): Failed to send port change of device team_slave_1 via netlink (err -105) [ 162.626223][ T6413] team0 (unregistering): Port device team_slave_1 removed [ 162.658933][ T6410] loop6: detected capacity change from 0 to 8192 [ 163.343957][ T6430] capability: warning: `syz.4.783' uses 32-bit capabilities (legacy support in use) [ 163.738651][ T6448] loop0: detected capacity change from 0 to 512 [ 163.802263][ T6448] EXT4-fs error (device loop0): ext4_orphan_get:1426: comm syz.0.786: bad orphan inode 15 [ 163.861213][ T6448] ext4_test_bit(bit=14, block=5) = 0 [ 163.900613][ T6448] EXT4-fs (loop0): mounted filesystem without journal. Opts: noblock_validity,init_itable,journal_dev=0x0000000000000003,grpid,journal_ioprio=0x0000000000000002,journal_ioprio=0x0000000000000003,nolazytime,noload,,errors=continue. Quota mode: none. [ 164.454258][ T6469] loop5: detected capacity change from 0 to 2048 [ 164.538246][ T6472] netlink: 172 bytes leftover after parsing attributes in process `syz.6.794'. [ 164.596046][ T6469] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 164.704672][ T6481] netlink: 40 bytes leftover after parsing attributes in process `syz.6.796'. [ 164.778258][ T6481] netlink: 40 bytes leftover after parsing attributes in process `syz.6.796'. [ 164.946553][ T6461] geneve0 speed is unknown, defaulting to 1000 [ 165.066986][ T6488] device syzkaller0 entered promiscuous mode [ 165.095128][ T6491] netlink: 32 bytes leftover after parsing attributes in process `syz.5.799'. [ 165.123176][ T6488] tipc: Started in network mode [ 165.128738][ T6488] tipc: Node identity 868ef87bd3e6, cluster identity 4711 [ 165.171476][ T6488] tipc: Enabled bearer , priority 0 [ 165.225327][ T6487] tipc: Resetting bearer [ 165.302499][ T6487] tipc: Disabling bearer [ 166.691835][ T6523] loop5: detected capacity change from 0 to 1024 [ 166.730580][ T6525] loop0: detected capacity change from 0 to 512 [ 166.754110][ T6508] loop6: detected capacity change from 0 to 8192 [ 166.799726][ T6523] EXT4-fs (loop5): mounted filesystem without journal. Opts: nombcache,journal_dev=0x00000000000000ff,nombcache,nobarrier,init_itable,errors=remount-ro,. Quota mode: none. [ 166.894476][ T6523] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:3887: comm syz.5.810: Allocating blocks 497-513 which overlap fs metadata [ 166.952081][ T6525] EXT4-fs (loop0): mounted filesystem without journal. Opts: usrquota,nojournal_checksum,,errors=continue. Quota mode: writeback. [ 167.022899][ T6525] ext4 filesystem being mounted at /179/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 167.056493][ T6523] EXT4-fs (loop5): Remounting filesystem read-only [ 167.067735][ T6541] EXT4-fs (loop5): pa ffff8880742fe460: logic 256, phys. 369, len 9 [ 167.081722][ T6541] EXT4-fs error (device loop5): ext4_mb_release_inode_pa:4904: group 0, free 0, pa_free 1 [ 167.114369][ T6541] EXT4-fs (loop5): Remounting filesystem read-only [ 167.667970][ T6560] loop0: detected capacity change from 0 to 512 [ 167.719210][ T6560] EXT4-fs (loop0): Ignoring removed orlov option [ 167.788491][ T6560] EXT4-fs (loop0): Ignoring removed nomblk_io_submit option [ 167.860387][ T6560] EXT4-fs (loop0): revision level too high, forcing read-only mode [ 167.889607][ T6561] loop6: detected capacity change from 0 to 8192 [ 167.903030][ T6560] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=c040e118, mo2=0002] [ 167.912661][ T6560] EXT4-fs (loop0): orphan cleanup on readonly fs [ 167.919839][ T6560] __quota_error: 73 callbacks suppressed [ 167.919857][ T6560] Quota error (device loop0): v2_read_header: Failed header read: expected=8 got=0 [ 167.935493][ T6560] EXT4-fs warning (device loop0): ext4_enable_quotas:6486: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 167.950245][ T6560] EXT4-fs (loop0): Cannot turn on quotas: error -22 [ 167.965211][ T6560] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz.0.824: bg 0: block 40: padding at end of block bitmap is not set [ 168.070391][ T6560] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6194: Corrupt filesystem [ 168.115829][ T6560] EXT4-fs (loop0): 1 truncate cleaned up [ 168.154899][ T6560] EXT4-fs (loop0): mounted filesystem without journal. Opts: orlov,acl,noblock_validity,norecovery,i_version,nomblk_io_submit,,errors=continue. Quota mode: writeback. [ 168.187736][ T6573] device syzkaller0 entered promiscuous mode [ 168.235045][ T6560] EXT4-fs (loop0): shut down requested (1) [ 168.243202][ T6560] fscrypt (loop0, inode 16): Error -5 getting encryption context [ 168.266023][ T6560] fscrypt (loop0, inode 16): Error -5 getting encryption context [ 169.113773][ T6611] netlink: 28 bytes leftover after parsing attributes in process `syz.1.845'. [ 169.168065][ T6617] netlink: 4 bytes leftover after parsing attributes in process `syz.0.847'. [ 169.321390][ T6628] loop6: detected capacity change from 0 to 512 [ 169.392732][ T4503] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 169.440836][ T6633] netlink: 16 bytes leftover after parsing attributes in process `syz.0.852'. [ 169.519848][ T6604] geneve0 speed is unknown, defaulting to 1000 [ 169.575927][ T6628] EXT4-fs error (device loop6): ext4_iget_extra_inode:4566: inode #15: comm syz.6.850: corrupted in-inode xattr [ 169.615225][ T6628] EXT4-fs error (device loop6): ext4_orphan_get:1405: comm syz.6.850: couldn't read orphan inode 15 (err -117) [ 169.627987][ T6628] EXT4-fs (loop6): mounted filesystem without journal. Opts: jqfmt=vfsold,inode_readahead_blks=0x0000000004000000,abort,noload,delalloc,max_batch_time=0x0000000000000001,init_itable=0x0000000000000601,inode_readahead_blks=0x0000000000000800,bsdgroups,init_itable=0x0000000000000fff,,errors=continue. Quota mode: none. [ 169.634526][ T4503] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 169.814040][ T4503] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 169.962161][ T4503] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 169.998754][ T6653] loop6: detected capacity change from 0 to 128 [ 170.362549][ T6604] chnl_net:caif_netlink_parms(): no params data found [ 170.634079][ T6604] bridge0: port 1(bridge_slave_0) entered blocking state [ 170.641586][ T6604] bridge0: port 1(bridge_slave_0) entered disabled state [ 170.650891][ T6604] device bridge_slave_0 entered promiscuous mode [ 170.660565][ T6604] bridge0: port 2(bridge_slave_1) entered blocking state [ 170.668632][ T6604] bridge0: port 2(bridge_slave_1) entered disabled state [ 170.677976][ T6604] device bridge_slave_1 entered promiscuous mode [ 170.745197][ T6604] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 170.775112][ T6678] netlink: 36 bytes leftover after parsing attributes in process `syz.1.863'. [ 170.797527][ T6604] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 171.011248][ T6674] loop6: detected capacity change from 0 to 8192 [ 171.025874][ T6604] team0: Port device team_slave_0 added [ 171.035228][ T4315] Bluetooth: hci4: command 0x0409 tx timeout [ 171.056641][ T6604] team0: Port device team_slave_1 added [ 171.111659][ T6604] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 171.122912][ T6604] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 171.303683][ T6604] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 171.327701][ T6697] tipc: Can't bind to reserved service type 0 [ 171.409136][ T6604] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 171.436160][ T6604] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 171.572807][ T6604] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 171.866552][ T6604] device hsr_slave_0 entered promiscuous mode [ 171.913752][ T6604] device hsr_slave_1 entered promiscuous mode [ 171.944736][ T6604] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 171.978441][ T6604] Cannot create hsr debugfs directory [ 172.023731][ T6710] loop1: detected capacity change from 0 to 8192 [ 172.159700][ T26] audit: type=1800 audit(1769318050.869:200): pid=6710 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.873" name="file1" dev="loop1" ino=1048688 res=0 errno=0 [ 172.251107][ T6690] geneve0 speed is unknown, defaulting to 1000 [ 172.546921][ T26] audit: type=1326 audit(1769318051.259:201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6720 comm="syz.1.875" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22a3f08cb9 code=0x7ffc0000 [ 172.580168][ T6721] loop1: detected capacity change from 0 to 512 [ 172.651726][ T6721] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 172.684485][ T26] audit: type=1326 audit(1769318051.279:202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6720 comm="syz.1.875" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f22a3f08cb9 code=0x7ffc0000 [ 172.796270][ T26] audit: type=1326 audit(1769318051.279:203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6720 comm="syz.1.875" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f22a3f08a22 code=0x7ffc0000 [ 172.904166][ T26] audit: type=1326 audit(1769318051.289:204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6720 comm="syz.1.875" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f22a3ec958e code=0x7ffc0000 [ 172.932984][ T6725] netlink: 24 bytes leftover after parsing attributes in process `syz.6.877'. [ 172.998191][ T6729] loop1: detected capacity change from 0 to 512 [ 173.004957][ T26] audit: type=1326 audit(1769318051.289:205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6720 comm="syz.1.875" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f22a3f08ae7 code=0x7ffc0000 [ 173.029586][ T26] audit: type=1326 audit(1769318051.289:206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6720 comm="syz.1.875" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f22a3ec958e code=0x7ffc0000 [ 173.054977][ T26] audit: type=1326 audit(1769318051.289:207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6720 comm="syz.1.875" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f22a3f0894b code=0x7ffc0000 [ 173.090332][ T6729] EXT4-fs (loop1): Ignoring removed bh option [ 173.115677][ T4253] Bluetooth: hci4: command 0x041b tx timeout [ 173.165516][ T6729] EXT4-fs (loop1): mounted filesystem without journal. Opts: nouid32,nogrpid,bh,,errors=continue. Quota mode: writeback. [ 173.185018][ T6736] usb usb7: usbfs: process 6736 (syz.6.878) did not claim interface 0 before use [ 173.196728][ T6729] ext4 filesystem being mounted at /118/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 173.216145][ T26] audit: type=1326 audit(1769318051.359:208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6720 comm="syz.1.875" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f22a3ec958e code=0x7ffc0000 [ 173.240235][ T26] audit: type=1326 audit(1769318051.359:209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6720 comm="syz.1.875" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f22a3ec958e code=0x7ffc0000 [ 173.263392][ T26] audit: type=1326 audit(1769318051.359:210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6720 comm="syz.1.875" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f22a3f07b97 code=0x7ffc0000 [ 173.286107][ T26] audit: type=1326 audit(1769318051.359:211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6720 comm="syz.1.875" exe="/root/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7f22a3f09f4a code=0x7ffc0000 [ 173.315041][ T26] audit: type=1326 audit(1769318051.529:212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6720 comm="syz.1.875" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f22a3ec958e code=0x7ffc0000 [ 173.375707][ T6604] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 173.465058][ T26] audit: type=1326 audit(1769318051.529:213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6720 comm="syz.1.875" exe="/root/syz-executor" sig=0 arch=c000003e syscall=80 compat=0 ip=0x7f22a3f07167 code=0x7ffc0000 [ 173.662934][ T6604] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 173.675318][ T26] audit: type=1326 audit(1769318051.529:214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6720 comm="syz.1.875" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f22a3ec958e code=0x7ffc0000 [ 173.726163][ T6604] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 173.774066][ T6604] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 173.965355][ T6743] loop6: detected capacity change from 0 to 8192 [ 174.308582][ T6758] device syzkaller0 entered promiscuous mode [ 174.680844][ T6604] 8021q: adding VLAN 0 to HW filter on device bond0 [ 174.802545][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 174.851701][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 174.903389][ T6604] 8021q: adding VLAN 0 to HW filter on device team0 [ 174.955669][ T4503] device hsr_slave_0 left promiscuous mode [ 175.029339][ T4503] device hsr_slave_1 left promiscuous mode [ 175.037156][ T4503] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 175.044712][ T4503] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 175.138045][ T4503] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 175.165398][ T4503] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 175.195129][ T5667] Bluetooth: hci4: command 0x040f tx timeout [ 175.209514][ T4503] device bridge_slave_1 left promiscuous mode [ 175.244693][ T6806] loop1: detected capacity change from 0 to 512 [ 175.245397][ T4503] bridge0: port 2(bridge_slave_1) entered disabled state [ 175.296343][ T6806] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 175.337014][ T4503] device bridge_slave_0 left promiscuous mode [ 175.347575][ T6789] loop6: detected capacity change from 0 to 8192 [ 175.359649][ T6806] FAT-fs (loop1): FAT read failed (blocknr 1568) [ 175.362413][ T4503] bridge0: port 1(bridge_slave_0) entered disabled state [ 175.491029][ T4503] device veth1_macvtap left promiscuous mode [ 175.506043][ T4503] device veth0_macvtap left promiscuous mode [ 175.512195][ T4503] device veth1_vlan left promiscuous mode [ 175.540825][ T4503] device veth0_vlan left promiscuous mode [ 175.782526][ T6818] xt_hashlimit: max too large, truncated to 1048576 [ 176.598854][ T4503] team0 (unregistering): Port device team_slave_1 removed [ 176.652869][ T4503] team0 (unregistering): Port device team_slave_0 removed [ 176.688759][ T4503] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 176.744364][ T4503] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 177.009696][ T4503] bond0 (unregistering): Released all slaves [ 177.122269][ T6019] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 177.160712][ T6019] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 177.170529][ T6019] bridge0: port 1(bridge_slave_0) entered blocking state [ 177.177693][ T6019] bridge0: port 1(bridge_slave_0) entered forwarding state [ 177.186141][ T6019] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 177.195825][ T6019] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 177.204411][ T6019] bridge0: port 2(bridge_slave_1) entered blocking state [ 177.211569][ T6019] bridge0: port 2(bridge_slave_1) entered forwarding state [ 177.225520][ T6019] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 177.243184][ T6019] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 177.275204][ T5667] Bluetooth: hci4: command 0x0419 tx timeout [ 177.291735][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 177.337515][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 177.382734][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 177.410888][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 177.481435][ T6859] tipc: Started in network mode [ 177.496948][ T6859] tipc: Node identity aaaaaaaaaa1a, cluster identity 4711 [ 177.504275][ T6859] tipc: Enabled bearer , priority 0 [ 177.590455][ T6019] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 177.602789][ T6019] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 177.620671][ T6019] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 177.635182][ T6019] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 177.649611][ T6604] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 177.667823][ T6866] loop1: detected capacity change from 0 to 512 [ 177.706833][ T6604] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 177.727488][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 177.749396][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 177.921218][ T6866] EXT4-fs (loop1): mounted filesystem without journal. Opts: mb_optimize_scan=0x0000000000000000,mb_optimize_scan=0x0000000000000001,stripe=0x0000000000000e2d,,errors=continue. Quota mode: writeback. [ 177.989079][ T6866] ext4 filesystem being mounted at /131/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 178.117526][ T6019] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 178.143764][ T6870] loop6: detected capacity change from 0 to 8192 [ 178.155957][ T6019] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 178.178826][ T6604] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 178.263523][ T6891] netlink: 16 bytes leftover after parsing attributes in process `syz.4.925'. [ 178.283213][ T6891] netlink: 16 bytes leftover after parsing attributes in process `syz.4.925'. [ 178.617749][ T5667] tipc: Node number set to 11578026 [ 178.667628][ T6909] netlink: 40 bytes leftover after parsing attributes in process `syz.0.931'. [ 179.031455][ T6931] netlink: 'syz.6.938': attribute type 1 has an invalid length. [ 179.221382][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 179.237165][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 179.369059][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 179.381985][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 179.404513][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 179.436958][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 179.467710][ T6604] device veth0_vlan entered promiscuous mode [ 179.481635][ T6927] loop1: detected capacity change from 0 to 8192 [ 179.547950][ T6604] device veth1_vlan entered promiscuous mode [ 179.733489][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 179.752936][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 179.816139][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 179.858840][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 179.891146][ T6604] device veth0_macvtap entered promiscuous mode [ 179.936495][ T6604] device veth1_macvtap entered promiscuous mode [ 180.033106][ T6604] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 180.072945][ T6604] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 180.105322][ T6604] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 180.171789][ T6604] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 180.202241][ T6604] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 180.225698][ T6604] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 180.247259][ T6604] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 180.281045][ T6604] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 180.314418][ T6604] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 180.341829][ T6941] geneve0 speed is unknown, defaulting to 1000 [ 180.348855][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 180.368536][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 180.424324][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 180.455370][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 180.488412][ T6604] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 180.513151][ T6604] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 180.540102][ T6604] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 180.557493][ T6604] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 180.583832][ T6604] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 180.611746][ T6604] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 180.626357][ T6604] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 180.652765][ T6604] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 180.683061][ T6604] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 180.701105][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 180.732989][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 180.804467][ T6604] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 180.817186][ T6604] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 180.827147][ T6604] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 180.836416][ T6604] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 181.028054][ T6993] tipc: Cannot configure node identity twice [ 181.174172][ T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 181.207663][ T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 181.273469][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 181.298425][ T7002] mip6: mip6_rthdr_init_state: spi is not 0: 4278190079 [ 181.321987][ T155] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 181.348529][ T155] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 181.405321][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 181.516626][ T7008] netlink: 20 bytes leftover after parsing attributes in process `syz.1.962'. [ 181.553323][ T7010] loop6: detected capacity change from 0 to 128 [ 182.144659][ T7029] netlink: 8 bytes leftover after parsing attributes in process `syz.1.969'. [ 182.456598][ T7037] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 183.254454][ T7055] loop6: detected capacity change from 0 to 8192 [ 183.819149][ T7089] loop1: detected capacity change from 0 to 128 [ 183.962715][ T7089] EXT4-fs (loop1): mounted filesystem without journal. Opts: usrquota,nodelalloc,,errors=continue. Quota mode: writeback. [ 184.086615][ T7089] ext4 filesystem being mounted at /149/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 184.165289][ T7102] skbuff: bad partial csum: csum=65489/0 headroom=64 headlen=65491 [ 184.377223][ T7112] netlink: 24 bytes leftover after parsing attributes in process `syz.1.994'. [ 184.443094][ T7109] loop6: detected capacity change from 0 to 8192 [ 184.550083][ T7116] x_tables: duplicate entry at hook 2 [ 184.824146][ T7122] netlink: 8 bytes leftover after parsing attributes in process `syz.7.998'. [ 184.831510][ T7120] loop1: detected capacity change from 0 to 2048 [ 185.361624][ T7125] loop7: detected capacity change from 0 to 8192 [ 185.733648][ T7147] device dummy0 entered promiscuous mode [ 185.827891][ T7151] 9pnet: Insufficient options for proto=fd [ 186.065609][ T7159] 8021q: adding VLAN 0 to HW filter on device batadv1 [ 186.109244][ T7159] team0: Port device batadv1 added [ 186.128647][ T7163] device syzkaller0 entered promiscuous mode [ 186.132255][ T7165] loop1: detected capacity change from 0 to 256 [ 187.522133][ T7189] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1017'. [ 187.758560][ T7188] loop7: detected capacity change from 0 to 8192 [ 187.988041][ T7191] loop6: detected capacity change from 0 to 8192 [ 188.479502][ T7215] usb usb7: usbfs: process 7215 (syz.1.1023) did not claim interface 0 before use [ 188.871038][ T7205] geneve0 speed is unknown, defaulting to 1000 [ 189.899253][ T7260] device ip6gre1 entered promiscuous mode [ 190.091721][ T7253] loop0: detected capacity change from 0 to 8192 [ 190.898425][ T7284] usb usb7: usbfs: process 7284 (syz.6.1046) did not claim interface 0 before use [ 191.419917][ T7290] loop0: detected capacity change from 0 to 8192 [ 191.600097][ T7294] geneve0 speed is unknown, defaulting to 1000 [ 191.754601][ T7309] device ip6gre1 entered promiscuous mode [ 192.017714][ T7314] loop0: detected capacity change from 0 to 256 [ 193.353822][ T7327] netlink: 16 bytes leftover after parsing attributes in process `syz.6.1058'. [ 193.890841][ T7344] usb usb7: usbfs: process 7344 (syz.1.1061) did not claim interface 0 before use [ 194.055383][ T7353] device syzkaller0 entered promiscuous mode [ 194.323248][ T1421] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.332137][ T1421] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.841569][ T7383] loop7: detected capacity change from 0 to 1024 [ 194.917392][ T26] kauditd_printk_skb: 7 callbacks suppressed [ 194.917407][ T26] audit: type=1326 audit(1769318073.629:222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7384 comm="syz.4.1077" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdceab4ecb9 code=0x7ffc0000 [ 195.045554][ T7383] EXT4-fs (loop7): inline encryption not supported [ 195.055753][ T7383] EXT4-fs (loop7): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 195.073173][ T26] audit: type=1326 audit(1769318073.689:223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7384 comm="syz.4.1077" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdceab4ecb9 code=0x7ffc0000 [ 195.152855][ T26] audit: type=1326 audit(1769318073.689:224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7384 comm="syz.4.1077" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdceab4ecb9 code=0x7ffc0000 [ 195.234967][ T26] audit: type=1326 audit(1769318073.689:225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7384 comm="syz.4.1077" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdceab4ecb9 code=0x7ffc0000 [ 195.258511][ T7383] EXT4-fs (loop7): mounted filesystem without journal. Opts: dioread_nolock,noauto_da_alloc,inlinecrypt,sysvgroups,data_err=ignore,barrier=0x000000000000007b,data_err=ignore,grpquota,dioread_nolock,nobarrier,resuid=0x0000000000000000,quota,,errors=continue. Quota mode: writeback. [ 195.261789][ T26] audit: type=1326 audit(1769318073.689:226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7384 comm="syz.4.1077" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdceab4ecb9 code=0x7ffc0000 [ 195.349624][ T7395] usb usb7: usbfs: process 7395 (syz.0.1078) did not claim interface 0 before use [ 195.373131][ T26] audit: type=1326 audit(1769318074.079:227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7392 comm="syz.4.1079" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdceab4ecb9 code=0x7ffc0000 [ 195.461055][ T26] audit: type=1326 audit(1769318074.079:228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7392 comm="syz.4.1079" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdceab4ecb9 code=0x7ffc0000 [ 195.597328][ T26] audit: type=1326 audit(1769318074.079:229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7392 comm="syz.4.1079" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdceab4ecb9 code=0x7ffc0000 [ 195.785467][ T26] audit: type=1326 audit(1769318074.079:230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7392 comm="syz.4.1079" exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7fdceab4ecb9 code=0x7ffc0000 [ 195.867698][ T7414] loop7: detected capacity change from 0 to 164 [ 195.926590][ T26] audit: type=1326 audit(1769318074.079:231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7392 comm="syz.4.1079" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdceab4ecb9 code=0x7ffc0000 [ 196.055070][ T7417] loop0: detected capacity change from 0 to 2048 [ 196.181991][ T7417] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 196.395226][ T4253] Bluetooth: hci3: command 0x0406 tx timeout [ 196.401529][ T4253] Bluetooth: hci0: command 0x0406 tx timeout [ 196.440808][ T4253] Bluetooth: hci2: command 0x0406 tx timeout [ 196.489821][ T7404] geneve0 speed is unknown, defaulting to 1000 [ 196.973815][ T7435] loop7: detected capacity change from 0 to 512 [ 196.999283][ T7446] netlink: 'syz.4.1091': attribute type 10 has an invalid length. [ 197.044859][ T7446] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1091'. [ 197.104589][ T7446] device ipvlan3 entered promiscuous mode [ 197.124212][ T7435] EXT4-fs (loop7): mounted filesystem without journal. Opts: user_xattr,nodioread_nolock,nodelalloc,,errors=continue. Quota mode: writeback. [ 197.177084][ T7435] ext4 filesystem being mounted at /33/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 197.286311][ T7453] ODEBUG: Out of memory. ODEBUG disabled [ 197.570028][ T7462] process 'syz.4.1096' launched './file0' with NULL argv: empty string added [ 198.060408][ T7481] loop7: detected capacity change from 0 to 4096 [ 198.197434][ T7489] device syzkaller0 entered promiscuous mode [ 198.234596][ T7481] EXT4-fs (loop7): mounted filesystem without journal. Opts: grpquota,noblock_validity,,errors=continue. Quota mode: writeback. [ 198.690424][ T7512] loop1: detected capacity change from 0 to 128 [ 198.812258][ T7512] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 198.969314][ T7512] ext4 filesystem being mounted at /170/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 199.313624][ T7529] loop0: detected capacity change from 0 to 512 [ 199.533811][ T7529] EXT4-fs error (device loop0): ext4_orphan_get:1400: inode #15: comm syz.0.1122: inode has both inline data and extents flags [ 199.658989][ T7529] EXT4-fs error (device loop0): ext4_orphan_get:1405: comm syz.0.1122: couldn't read orphan inode 15 (err -117) [ 199.765631][ T7529] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 200.161427][ T7540] loop0: detected capacity change from 0 to 512 [ 200.197535][ T7527] geneve0 speed is unknown, defaulting to 1000 [ 201.779522][ T7577] loop0: detected capacity change from 0 to 1024 [ 201.877863][ T7581] loop7: detected capacity change from 0 to 128 [ 201.934230][ T7577] EXT4-fs (loop0): Ignoring removed orlov option [ 202.026653][ T7577] EXT4-fs (loop0): mounted filesystem without journal. Opts: orlov,min_batch_time=0x0000000000000004,usrjquota=,,errors=continue. Quota mode: writeback. [ 202.050509][ T7581] attempt to access beyond end of device [ 202.050509][ T7581] loop7: rw=2049, want=250, limit=128 [ 202.177521][ T7577] EXT4-fs (loop0): shut down requested (0) [ 202.358872][ T7581] attempt to access beyond end of device [ 202.358872][ T7581] loop7: rw=2049, want=146, limit=128 [ 202.887604][ T7609] BUG: sleeping function called from invalid context at kernel/locking/rwsem.c:1497 [ 202.897482][ T7609] in_atomic(): 1, irqs_disabled(): 1, non_block: 0, pid: 7609, name: syz.0.1142 [ 202.906654][ T7609] 1 lock held by syz.0.1142/7609: [ 202.911708][ T7609] #0: ffffffff8c3443b8 (css_set_lock){..-.}-{2:2}, at: cgroup_get_from_path+0x26/0x2f0 [ 202.921541][ T7609] irq event stamp: 250 [ 202.925632][ T7609] hardirqs last enabled at (249): [] asm_sysvec_reschedule_ipi+0x16/0x20 [ 202.936083][ T7609] hardirqs last disabled at (250): [] _raw_spin_lock_irq+0x86/0xf0 [ 202.945651][ T7609] softirqs last enabled at (128): [] ip_setsockopt+0x58a/0x3130 [ 202.954993][ T7609] softirqs last disabled at (126): [] release_sock+0x2b/0x1b0 [ 202.964066][ T7609] Preemption disabled at: [ 202.964080][ T7609] [<0000000000000000>] 0x0 [ 202.972995][ T7609] CPU: 1 PID: 7609 Comm: syz.0.1142 Not tainted syzkaller #0 [ 202.980394][ T7609] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 202.990491][ T7609] Call Trace: [ 202.993802][ T7609] [ 202.996757][ T7609] dump_stack_lvl+0x188/0x250 [ 203.001482][ T7609] ? ip_setsockopt+0x58a/0x3130 [ 203.006370][ T7609] ? show_regs_print_info+0x20/0x20 [ 203.011609][ T7609] ? load_image+0x400/0x400 [ 203.016169][ T7609] ___might_sleep+0x493/0x610 [ 203.020887][ T7609] ? __might_sleep+0xf0/0xf0 [ 203.025523][ T7609] down_read+0x20/0x2e0 [ 203.029721][ T7609] kernfs_walk_and_get_ns+0x7e/0x2c0 [ 203.035573][ T7609] ? kernfs_find_ns+0x510/0x510 [ 203.040556][ T7609] ? current_cgns_cgroup_from_root+0x2a9/0x2f0 [ 203.046789][ T7609] cgroup_get_from_path+0x5f/0x2f0 [ 203.051943][ T7609] cgroup_mt_check_v1+0x1ae/0x2c0 [ 203.057135][ T7609] xt_check_match+0x425/0xaf0 [ 203.061867][ T7609] ? xt_check_proc_name+0x240/0x240 [ 203.067125][ T7609] ? pcpu_alloc+0x1121/0x1770 [ 203.071868][ T7609] ? xt_find_match+0x1e1/0x210 [ 203.077045][ T7609] translate_table+0x1551/0x20e0 [ 203.082075][ T7609] ? ipt_register_table+0x800/0x800 [ 203.087421][ T7609] ? __might_fault+0xb7/0x110 [ 203.092222][ T7609] ? __lock_acquire+0x7d10/0x7d10 [ 203.097312][ T7609] ? _copy_from_user+0x111/0x170 [ 203.102294][ T7609] do_ipt_set_ctl+0x964/0xd80 [ 203.107034][ T7609] ? nf_setsockopt+0x36/0x280 [ 203.111746][ T7609] ? nf_setsockopt+0x218/0x280 [ 203.116633][ T7609] ? ipt_unregister_table_exit+0x220/0x220 [ 203.122479][ T7609] ? __lock_acquire+0x7d10/0x7d10 [ 203.127717][ T7609] ? __mutex_lock_common+0x47c/0x2400 [ 203.133229][ T7609] ? __mutex_unlock_slowpath+0x1b0/0x6c0 [ 203.138930][ T7609] ? mutex_unlock+0x10/0x10 [ 203.143474][ T7609] ? __local_bh_enable_ip+0x136/0x1c0 [ 203.148883][ T7609] ? lockdep_hardirqs_on+0x94/0x140 [ 203.154125][ T7609] ? __local_bh_enable_ip+0x136/0x1c0 [ 203.159529][ T7609] nf_setsockopt+0x25f/0x280 [ 203.164162][ T7609] ip_setsockopt+0x207d/0x3130 [ 203.168969][ T7609] ? ipv4_pktinfo_prepare+0x6f0/0x6f0 [ 203.174382][ T7609] ? lockdep_hardirqs_off+0x70/0x100 [ 203.179713][ T7609] ? __might_sleep+0xf0/0xf0 [ 203.184330][ T7609] ? lockdep_hardirqs_on_prepare+0x409/0x770 [ 203.190352][ T7609] ? lock_chain_count+0x20/0x20 [ 203.195343][ T7609] tcp_setsockopt+0x240/0x1e90 [ 203.200157][ T7609] ? aa_sk_perm+0x7dc/0x910 [ 203.204696][ T7609] ? tcp_set_window_clamp+0x1a0/0x1a0 [ 203.210113][ T7609] ? aa_af_perm+0x340/0x340 [ 203.214669][ T7609] ? aa_sock_opt_perm+0x21/0x100 [ 203.219643][ T7609] ? aa_sock_opt_perm+0x3c/0x100 [ 203.224608][ T7609] ? aa_sock_opt_perm+0x74/0x100 [ 203.229582][ T7609] ? sock_common_setsockopt+0x32/0xb0 [ 203.235170][ T7609] ? sock_common_recvmsg+0x1c0/0x1c0 [ 203.240493][ T7609] __sys_setsockopt+0x2bf/0x3d0 [ 203.246002][ T7609] __x64_sys_setsockopt+0xb1/0xc0 [ 203.251073][ T7609] do_syscall_64+0x4c/0xa0 [ 203.255523][ T7609] ? clear_bhb_loop+0x30/0x80 [ 203.260225][ T7609] ? clear_bhb_loop+0x30/0x80 [ 203.264931][ T7609] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 203.270872][ T7609] RIP: 0033:0x7f9c0a1fecb9 [ 203.275318][ T7609] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 203.295060][ T7609] RSP: 002b:00007f9c08418028 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 203.303522][ T7609] RAX: ffffffffffffffda RBX: 00007f9c0a47a180 RCX: 00007f9c0a1fecb9 [ 203.311630][ T7609] RDX: 0000000000000040 RSI: 0004000000000000 RDI: 0000000000000003 [ 203.319635][ T7609] RBP: 00007f9c0a26cbf7 R08: 00000000000022f8 R09: 0000000000000000 [ 203.327636][ T7609] R10: 0000200000002300 R11: 0000000000000246 R12: 0000000000000000 [ 203.335635][ T7609] R13: 00007f9c0a47a218 R14: 00007f9c0a47a180 R15: 00007fffbf453b28 [ 203.343657][ T7609] [ 203.346698][ T7609] [ 203.349041][ T7609] ============================= [ 203.353904][ T7609] [ BUG: Invalid wait context ] [ 203.358762][ T7609] syzkaller #0 Tainted: G W [ 203.364702][ T7609] ----------------------------- [ 203.369573][ T7609] syz.0.1142/7609 is trying to lock: [ 203.374966][ T7609] ffffffff8c44f910 (kernfs_rwsem){++++}-{3:3}, at: kernfs_walk_and_get_ns+0x7e/0x2c0 [ 203.384492][ T7609] other info that might help us debug this: [ 203.390483][ T7609] context-{4:4} [ 203.393955][ T7609] 1 lock held by syz.0.1142/7609: [ 203.399080][ T7609] #0: ffffffff8c3443b8 (css_set_lock){..-.}-{2:2}, at: cgroup_get_from_path+0x26/0x2f0 [ 203.408873][ T7609] stack backtrace: [ 203.412609][ T7609] CPU: 1 PID: 7609 Comm: syz.0.1142 Tainted: G W syzkaller #0 [ 203.421393][ T7609] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 203.431472][ T7609] Call Trace: [ 203.434773][ T7609] [ 203.437722][ T7609] dump_stack_lvl+0x188/0x250 [ 203.442525][ T7609] ? show_regs_print_info+0x20/0x20 [ 203.447754][ T7609] ? load_image+0x400/0x400 [ 203.452298][ T7609] __lock_acquire+0x1bf8/0x7d10 [ 203.457177][ T7609] ? 0xffffffffa002a000 [ 203.461368][ T7609] ? verify_lock_unused+0x140/0x140 [ 203.466604][ T7609] ? __printk_cpu_unlock+0x5f/0x70 [ 203.471743][ T7609] ? dump_stack_lvl+0x1fd/0x250 [ 203.476625][ T7609] ? ip_setsockopt+0x58a/0x3130 [ 203.481505][ T7609] ? show_regs_print_info+0x20/0x20 [ 203.486732][ T7609] ? load_image+0x400/0x400 [ 203.491264][ T7609] lock_acquire+0x19e/0x400 [ 203.495793][ T7609] ? kernfs_walk_and_get_ns+0x7e/0x2c0 [ 203.501284][ T7609] ? __might_sleep+0xf0/0xf0 [ 203.505893][ T7609] ? read_lock_is_recursive+0x10/0x10 [ 203.511299][ T7609] down_read+0x44/0x2e0 [ 203.515480][ T7609] ? kernfs_walk_and_get_ns+0x7e/0x2c0 [ 203.520968][ T7609] kernfs_walk_and_get_ns+0x7e/0x2c0 [ 203.526299][ T7609] ? kernfs_find_ns+0x510/0x510 [ 203.531296][ T7609] ? current_cgns_cgroup_from_root+0x2a9/0x2f0 [ 203.537592][ T7609] cgroup_get_from_path+0x5f/0x2f0 [ 203.542825][ T7609] cgroup_mt_check_v1+0x1ae/0x2c0 [ 203.547884][ T7609] xt_check_match+0x425/0xaf0 [ 203.552593][ T7609] ? xt_check_proc_name+0x240/0x240 [ 203.557957][ T7609] ? pcpu_alloc+0x1121/0x1770 [ 203.562854][ T7609] ? xt_find_match+0x1e1/0x210 [ 203.567739][ T7609] translate_table+0x1551/0x20e0 [ 203.572721][ T7609] ? ipt_register_table+0x800/0x800 [ 203.578126][ T7609] ? __might_fault+0xb7/0x110 [ 203.582836][ T7609] ? __lock_acquire+0x7d10/0x7d10 [ 203.587890][ T7609] ? _copy_from_user+0x111/0x170 [ 203.592858][ T7609] do_ipt_set_ctl+0x964/0xd80 [ 203.597566][ T7609] ? nf_setsockopt+0x36/0x280 [ 203.602289][ T7609] ? nf_setsockopt+0x218/0x280 [ 203.607087][ T7609] ? ipt_unregister_table_exit+0x220/0x220 [ 203.612938][ T7609] ? __lock_acquire+0x7d10/0x7d10 [ 203.618002][ T7609] ? __mutex_lock_common+0x47c/0x2400 [ 203.623520][ T7609] ? __mutex_unlock_slowpath+0x1b0/0x6c0 [ 203.629194][ T7609] ? mutex_unlock+0x10/0x10 [ 203.633748][ T7609] ? __local_bh_enable_ip+0x136/0x1c0 [ 203.639161][ T7609] ? lockdep_hardirqs_on+0x94/0x140 [ 203.644404][ T7609] ? __local_bh_enable_ip+0x136/0x1c0 [ 203.649823][ T7609] nf_setsockopt+0x25f/0x280 [ 203.654456][ T7609] ip_setsockopt+0x207d/0x3130 [ 203.659259][ T7609] ? ipv4_pktinfo_prepare+0x6f0/0x6f0 [ 203.664680][ T7609] ? lockdep_hardirqs_off+0x70/0x100 [ 203.670016][ T7609] ? __might_sleep+0xf0/0xf0 [ 203.674654][ T7609] ? lockdep_hardirqs_on_prepare+0x409/0x770 [ 203.680682][ T7609] ? lock_chain_count+0x20/0x20 [ 203.685578][ T7609] tcp_setsockopt+0x240/0x1e90 [ 203.690379][ T7609] ? aa_sk_perm+0x7dc/0x910 [ 203.694915][ T7609] ? tcp_set_window_clamp+0x1a0/0x1a0 [ 203.700383][ T7609] ? aa_af_perm+0x340/0x340 [ 203.704907][ T7609] ? aa_sock_opt_perm+0x21/0x100 [ 203.709842][ T7609] ? aa_sock_opt_perm+0x3c/0x100 [ 203.714795][ T7609] ? aa_sock_opt_perm+0x74/0x100 [ 203.719731][ T7609] ? sock_common_setsockopt+0x32/0xb0 [ 203.725108][ T7609] ? sock_common_recvmsg+0x1c0/0x1c0 [ 203.730392][ T7609] __sys_setsockopt+0x2bf/0x3d0 [ 203.735244][ T7609] __x64_sys_setsockopt+0xb1/0xc0 [ 203.740275][ T7609] do_syscall_64+0x4c/0xa0 [ 203.744719][ T7609] ? clear_bhb_loop+0x30/0x80 [ 203.749416][ T7609] ? clear_bhb_loop+0x30/0x80 [ 203.754097][ T7609] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 203.759990][ T7609] RIP: 0033:0x7f9c0a1fecb9 [ 203.764402][ T7609] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 203.784007][ T7609] RSP: 002b:00007f9c08418028 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 203.792442][ T7609] RAX: ffffffffffffffda RBX: 00007f9c0a47a180 RCX: 00007f9c0a1fecb9 [ 203.800415][ T7609] RDX: 0000000000000040 RSI: 0004000000000000 RDI: 0000000000000003 [ 203.808383][ T7609] RBP: 00007f9c0a26cbf7 R08: 00000000000022f8 R09: 0000000000000000 [ 203.816360][ T7609] R10: 0000200000002300 R11: 0000000000000246 R12: 0000000000000000 [ 203.824330][ T7609] R13: 00007f9c0a47a218 R14: 00007f9c0a47a180 R15: 00007fffbf453b28 [ 203.832393][ T7609] [ 203.836568][ T7609] xt_cgroup: invalid path, errno=-2 [ 203.841884][ T7609] sched: RT throttling activated