last executing test programs: 7.374016593s ago: executing program 2 (id=2891): bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x29}, 0x94) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000002c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0xffffffffffffffb4}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r2, &(0x7f0000000280)={0x1f, 0xffff, 0x3}, 0x6) io_setup(0x8f0, &(0x7f0000002400)=0x0) setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6}]}, 0x10) io_submit(r3, 0x1, &(0x7f0000000340)=[&(0x7f0000000100)={0x2000000000, 0x4, 0x0, 0x1, 0x0, r2, &(0x7f0000000040)="0200ffff0000", 0x6, 0x0, 0x0, 0x2}]) fsmount(0xffffffffffffffff, 0x0, 0x8) 6.740967208s ago: executing program 2 (id=2893): sched_setscheduler(0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(0x0, 0x2, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) connect$unix(0xffffffffffffffff, 0x0, 0x0) sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000002c0), 0x80, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000080)=0xf) ioctl$TCFLSH(r1, 0x400455c8, 0x0) ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000000)=0xdf) 4.656475638s ago: executing program 1 (id=2906): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYRES32=0x0, @ANYBLOB="0100"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000000000000000000000000000000000000000000000000001561edef3944a07313944581095325bef98c275f617e3d018263f5f364058daa813704d529466fdf72f28b49be2077efd43bb86d8c08502504b43e0c4456c3478c30ea715ceedbaaeb21d0afc8a7f5b7454a0bca9479cd0814e307073d0dc6581d9a45cf9503af123084242f70b52f01bd6952825fec7ca2a49bd7ae49efd3a4fd88d36f20"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xf, &(0x7f0000000440)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x1}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000280)='GPL\x00', 0x2, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000180)='kmem_cache_free\x00', r1}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) socket$inet_mptcp(0x2, 0x1, 0x106) r2 = syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x21c91c, &(0x7f0000000900)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x2000000}}, {@noblock_validity}, {@mblk_io_submit}, {@jqfmt_vfsold}, {@nodelalloc}, {@nomblk_io_submit}, {@usrjquota}, {@minixdf}, {@resgid, 0x32}]}, 0x1e, 0x4ea, &(0x7f00000009c0)="$eJzs3VFrW9cdAPD/la3MSZzZYXvIAsvCkmGHLZIdL4nZQ7bB2J4C27L3zLNlYyxbxpKT2ITNYR9gMMY22NOe9jLoByiUfIRSCLTvpS0tpU3ah0LbqOhKShxHip1GllLr94MjnXt0r/7nXKGje+49XAXQt05HxJmIeFitVs9FxEijPNNIsVVPtfUe3L89W0tJVKvXPkoiknpZbbXxbe95tLHZUET8/jcRf0qejlve2FyaKRYLa43lfGV5NV/e2Dy/uDyzUFgorExNTV6avjx9cXqiI+0cjogrv3rvn3/736+vvPaTm29f/2D8z0mjPOJxOzqt3vRsui+aBiNibT+C9chg2kIAAL4Jmsf5P4yIczESA+nRHAAAAHCQVH8+HF8kEVUAAADgwMqkc2CTTK4xD2A4Mplcrj6H97txJFMslSs/ni+tr8zV58qORjYzv1gsTDTmCo9GNqktT6b5x8sXdixPRcTxiPjHyOF0OTdbKs71+uQHAAAA9ImjO8b/n47Ux//bfN6zygEAAACdM9rrCgAAAAD7zvgfAAAADj7jfwAAADjQfnv1ai1Vm/9/PXdjY32pdOP8XKG8lFten83NltZWcwul0kJ6z77l3d6vWCqt/jRW1m/lK4VyJV/e2Ly+XFpfqVxffOIvsAEAAIAuOv6Du28lEbH1s8NpqjnU60oBXTH4PCu/u3/1ALpvoNcVAHrmuX7/gQMl2+sKAD2X7PJ628k7r3e+LgAAwP4Y+17r6/8Du54b2Mp0qYrAPnH+D/qX6//Qv1z/h/6VjYEwkIf+ttstQIfajRX2fP2/Wn3uSgEAAB01nKYkk4tIzwMMRyaTy0UcS8cE2WR+sViYiIhvR8SbI9lv1ZYn0y2TXecMAwAAAAAAAAAAAAAAAAAAAAAAAAB11WoSVQAAAOBAi8i8n6R3848YGzk7vPP8wKHks5H0OSJu/ufav27NVCprk7Xyjx+VV/7dKL/QizMYAAAAwE7NcXpzHA8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnfTg/u3ZZupm3A9/GRGjreIPxlD6PBTZiDjySRKD27ZLImKgA/G37kTEiVbxk1q1YrRRi1bxD/c4/tEOxId+drfW//yi1fcvE6fT59bfv0tpD/Xi2vd/mUf930CL+LWyY3uMcfLeK/m28e9EnBxs3f804ydt+p8ze4z/xz9sbrZ7rfrfiLGWvz/JE7HyleXVfHlj8/zi8sxCYaGwMjU1eWn68vTF6Yn8/GKx0HhsGePv33/14bPaf6RN/NFd2n92j+3/8t6t+9+pZ7OPNk8exx8/0/rzP9Emfqbx+f+oka+9PtbMb9Xz2536/xunntX+uTbt3+3zH99j+8/97q/v7HFVAKALyhubSzPFYmGtrzMvtDdqh0UvRStezkxtv379zYf2tYZ/2V6SdObrUDsyfzn2/ItletotAQAA++DpMTAAAAAAAAAAAAAAAAAAAADQbd24nVh2R8yt9LETd88HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOicrwIAAP///B/QPg==") fsetxattr(r2, &(0x7f0000000140)=ANY=[], 0x0, 0x0, 0x3) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYBLOB="0000000004000000b705000008000000850000"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x36, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f0000000080)='kmem_cache_free\x00', r3, 0x0, 0x100000001}, 0x18) bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=ANY=[@ANYRESHEX], 0x50) r4 = socket$packet(0x11, 0x3, 0x300) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r4, 0x8933, 0x0) sendto$packet(r4, &(0x7f0000000040)="f2435f01000880000000", 0xa, 0x0, 0x0, 0x0) r5 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000080)=ANY=[@ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00', @ANYRES32], 0x3c}}, 0x0) ioctl$SIOCSIFMTU(0xffffffffffffffff, 0x8922, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000020500000a3c000000090a010400000000000000000a0000040900010073797a3100000000080005400000002b0900020073797a310000000008000a40fffffffc1400000011000100000000000000000001"], 0x64}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000000) set_mempolicy_home_node(&(0x7f0000146000/0x1000)=nil, 0x1000, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="4800000010000d0428bd7000fcdbff2500008000", @ANYRES32=0x0, @ANYBLOB="1000000000000000280012800b00010062726964676500001800028005001900840000000c001e"], 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x4000000) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0300000000000000280012800a00010076786c616e00"], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=@newqdisc={0x24, 0x24, 0x1, 0x70bd26, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}, {0x5}}}, 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x0) r6 = socket$netlink(0x10, 0x3, 0x0) sendmmsg(r6, &(0x7f00000002c0), 0x40000000000009f, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x7a, 0x0, 0x0, 0x41000, 0x44, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8923, &(0x7f0000000000)={'vlan1\x00', @broadcast}) 4.250297108s ago: executing program 2 (id=2909): r0 = socket$netlink(0x10, 0x3, 0xf) bind$netlink(r0, &(0x7f0000000a40)={0x10, 0x0, 0x25dfdbfb, 0x2ffffffff}, 0xc) symlink(&(0x7f0000000000)='.\x00', &(0x7f0000000100)='./file0\x00') r1 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="19000000040000000400000008"], 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0, r2}, 0x18) r3 = bpf$MAP_CREATE(0x0, 0x0, 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x1018e58, &(0x7f00000001c0), 0x6, 0x642, &(0x7f00000011c0)="$eJzs3U1oG1ceAPD/SLZjO951sizLJrCsIYcEljh2Nmx299I0PTSHHgLNoZRSYmI7NVE+iB1o3EBt6KGFFkrptZRQKPTce8m9t1Joe+u5kJaS0kJbojKjUSLLkr9iSbbn94OR3rwZ6b2/Rk/zZsbPE0BhjaUPpYhDEQ8vJhGjDctGorZwLF/vwY93LqVTEtXq8z8kkeR59fWT/Hl/PjMYEV+cjfhLeXW587cXr0xVqjWvR5xYuHrjxPztxeNzV6cuz1yeuTZ58r+nTk/8b/LU5LbEuT9/3hcR77zxyn9mv6wcT+JMXOh/bTqa4tguYzEWD/MQG/P7IuJ0mmjxuew2eyCEQivn38f+iPhbjEY5m6sZjbm3e1o5oKOq5YgqUFDJZtt/2kGopz9Z9PMBu1a9H1A/tt/YcfCFDvdKuuf+07UDoNXx99XOjcRgdmw0/CBpODKqnds4sA3lp2X8fufwB+kUK85D/PJo6/RtQzntLC1HxN9bxZ9kdTuQRZrGX1pRjyQiJiJiIK/fM09Qh6Qh3YnzMGvZavyliDiTP6f5Z7dY/ljTfLfjB6CYsn1vuiNfShOP939p36Pe/4kW/Z+RFvuurej1/q99/6++vx/MzpGXmvph6ed2vvVb9jdnfPvWuffald/Y/0untPx6X7Ab7i9HHG6K/8002Lz/k8aftNj+6SoXz2ysjGe/+v5cu2W9jr96N+Joy+Ofx73SNLXG9ckTs3OVmYnaY8syPvv8pY/bld/r+NPtP9wm/obtX2p+XfqZ3NhgGZ+ev3u13bKReHmd+EvfDSS1482B7PGj4VenFhZuTkYMJM/lq9SesvyTa9elvk79PdL4jx1p3f5XfP+XV77PUP0ncwNuvHDlQbtljds/SWr1WG/7N1xMfljdYB3aSeOfXn/7r2r/ad67Gyzj5xdv/aPdsrW+/0NPEhgAAAAAAAAUUCm7BpuUxh+lS6Xx8dp42b/GcKlyfX7hX7PXb12bjjiW/T1kf6l+pXu0Np+k85P538PW5082zf87Ig5GxPvloWx+/NL1ynSvgwcAAAAAAAAAAAAAAAAAAIAdYn8+/r9+n+qfyrXx/0BBdPIGc8DOpv1DcWXtf9UtnoAiaLf/n+9yPYDu0/+H4tL+obi0fygu7R+KS/uH4tL+obi0fwAAAADYkw7+8943SUQs/X8om1ID+TIjgmBv619vhYHu1APovnKvKwD0zKNL/zr7UDjr9v9Tv+b/HLDz1QF6IGmVmXUOqms3/nsrXulwAgAAAAAAAAAAAAA66OihhvH/wyvH/29obACwa21i2N9yJ+sBdN8TDNgx1gd2Of/6H4pry8f4g9tbD6B3Wo7/b9C2ud9b75WbLQkAAAAAAAAAAAAAaGckm5LSeD4WeCRKpfHxiD9FxIHoT2bnKjMTEfHniPi63L8vnZ/sdaUBAAAAAAAAAAAAAAAAAABgj5m/vXhlqlKZudmY+G1Vzt5O1O+C2oWynopNviqS7n8sQxHR843SsURfQ04SsZRu+R1RsZvzsTOqkSV6/MMEAAAAAAAAAAAAAAAAAAAF1DD2uLXDH3a5RgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQfY/v/78ykazKaU4cab+oKdHrGAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA3emPAAAA//+y+jZu") ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="200000001400030500008000ffdbdf25021856ff", @ANYRES32=r4, @ANYBLOB="080002007f"], 0x20}, 0x1, 0x0, 0x0, 0xc090}, 0x48006) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000380)={r3, 0x58, &(0x7f0000000580)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0}}, 0x10) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000400)={'vxcan1\x00'}) sendmsg$ETHTOOL_MSG_DEBUG_GET(r0, &(0x7f0000000740)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000680)={&(0x7f0000000600)={0x38, 0x0, 0x1, 0x70bd2d, 0x25dfdbfd, {}, [@HEADER={0x24, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}]}, 0x38}, 0x1, 0x0, 0x0, 0x28800}, 0x80) umount2(&(0x7f00000002c0)='./file0\x00', 0x2) pipe2$9p(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80400) socket$nl_netfilter(0x10, 0x3, 0xc) write$P9_RSETATTR(r6, &(0x7f00000001c0)={0x7, 0x1b, 0x2}, 0x7) r7 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="00040002b96f0000"], 0x48) syz_mount_image$vfat(&(0x7f0000000240), &(0x7f0000000000)='./file0\x00', 0x101c08a, &(0x7f0000000440)=ANY=[@ANYBLOB="757466383d302c757466383d302c6572726f72733d636f6e74696e75652c756e695f786c6174653d312c6e6f6e756d7461696c3d302c726f6469722c696f636861727365743d63703433372c756e695f786c6174653d302c726f6469722c747a3d5554433a7566383d312c6e6f6e756d7461696c3d302c6e66733d6e6f737400010000726f2c73686f72746e616d653d77696e6e742c646f733178666c6f7070792c73306f72746e616d653d77696e39352c636865636b3d72656c617865642c0000"], 0x6, 0x2d9, &(0x7f0000000cc0)="$eJzs3U9rXFUUAPDzksnMVMHJwpUIXrALV6Xp1s0UaUHMyjILdaHBplAyQUkg4B98ZuXWjQsXfgJB8IO48RsIbgV3Vig8uW/e65s0w6RTOhHt77dIbu6cM/e8P+TdLHLmo1cPD+6muHf65W8xHBaxMY5xPChiOzai9XWcMf42AID/sgdVFX9WvSpbJa+IiOH6ygIA1mj2/K8ueP73uuHPl1IWALBGd957/52bu7u33k1pGLcPvzmZ5L/s8/crbcj9mMZ+XI9RPIyoNwpbUe8W8vB23jVczWFpO64elieTk0nE4Ye/NMk3/4io83diFNv11KPdRp3/9u6tnVT79KUuv8x1vJDz78X9cc6/EaN4+VHymfwbKaVBpDS3fhmTfrzx+iy/Xv9ajOLXj+OTmMbduogu/6udlN6qvvvriw9yeTm/KE8mgzquU21e5nUBAAAAAAAAAAAAAAAAAAAAAOD/7dqs904azPr35Kmm/87mw/zDVqTWfH+fMn+Npg9wbb4/UFVVZRU/tP11rqeUqiawy+/FK735xoIAAAAAAAAAAAAAAAAAAADw/Dr+7PODvel0/+iZDNpuAL2I+PtOxNO+z3hu5rVYHjxo1tybTjea4dmY3vxMbLYxRcTSMvJBPO3Z6MVKx37lXM3N4MefVl19eHHMVl6rWFTh6bO6E9q762CvWHwOB9HODJsyvu9HdDH9eMK1+o/PVKPZ+1QrXYL+wpdGKx97/8V6UC6JiWJZYW/+Pjtzzcy5y9Svz+rC9K1mMJf+2L3xRPdzDGfp539XFLp1AAAAAAAAAAAAAAAAAADAWnX//bvgxdOlqRvVYG1lAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCl6j7/f4VB2STvHx33Lgjux9Hxv3yIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPAf+CQAA///hdlOU") r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r7, @ANYBLOB="0000000000000000b702000013000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r8}, 0x10) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000000)=0x101, 0x4) setsockopt$netlink_NETLINK_BROADCAST_ERROR(r0, 0x10e, 0x4, &(0x7f00000003c0)=0x6, 0xdc) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000006c0)=@newlink={0x48, 0x10, 0xffffff1f, 0x0, 0x1, {}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @veth={{0x9}, {0x18, 0x2, 0x0, 0x1, @val=@VETH_INFO_PEER={0x14, 0x1, {{0x0, 0x0, 0x0, 0x0, 0x20300}}}}}}]}, 0x48}}, 0x4040004) 4.064912543s ago: executing program 3 (id=2912): prlimit64(0x0, 0x4, &(0x7f0000000300)={0x8, 0x248}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) getpid() bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0) r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r0, 0x0, 0x6}, 0x18) bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000a40)=ANY=[], 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x94) setsockopt$TIPC_GROUP_JOIN(0xffffffffffffffff, 0x10f, 0x87, 0x0, 0x0) socket$key(0xf, 0x3, 0x2) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x2000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000074"], 0x50) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b703000000040000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x18) openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0), 0x400, 0x0) 3.828943578s ago: executing program 2 (id=2913): r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, 0x0, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000042c0)={0x24, 0x12, 0xa01, 0x0, 0x0, {0xa}, [@nested={0x10, 0x119, 0x0, 0x1, [@typed={0x8, 0x148, 0x0, 0x0, @ipv4=@initdev={0xac, 0x1e, 0x0, 0x0}}, @generic="f88b9032"]}]}, 0x24}}, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000002080)=ANY=[@ANYBLOB="020000000400000006000000050000000010"], 0x48) mkdirat(0xffffffffffffff9c, &(0x7f0000000540)='./file7\x00', 0x1c0) renameat2(0xffffffffffffff9c, &(0x7f0000000780)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file7/file0\x00', 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000001900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffd98, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10) close(0xffffffffffffffff) bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={0xffffffffffffffff, 0x8, 0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) quotactl$Q_SETQUOTA(0xffffffff80000800, &(0x7f0000000180)=@filename='./file7/file0\x00', 0xee01, &(0x7f00000002c0)={0x8, 0x7, 0x2, 0x2, 0x40, 0x5, 0x4, 0x8000000000000000, 0xb95c}) bpf$BPF_LINK_UPDATE(0x1d, &(0x7f00000005c0)={0xffffffffffffffff, 0xffffffffffffffff, 0x4}, 0x10) socket$nl_generic(0x10, 0x3, 0x10) sync() socket$inet_tcp(0x2, 0x1, 0x0) syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000081dd22104c052e000005010203010902120001000000000904000000f7"], 0x0) 3.394794318s ago: executing program 1 (id=2914): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r0) sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)={0x14, r1, 0x9c3fa077fa966179, 0x0, 0x0, {{0x7e}, {@void, @void}}}, 0x14}}, 0x4000054) 3.285504291s ago: executing program 0 (id=2915): prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000fd0f000007"], 0x48) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) socket$nl_generic(0x10, 0x3, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r4}, 0x10) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r3}, &(0x7f0000000040), &(0x7f0000000080)=r4}, 0x20) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r5) sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r5, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)={0x14, r6, 0x9c3fa077fa966179, 0x0, 0x0, {{0x7e}, {@void, @void}}}, 0x14}}, 0x4000054) 3.192684094s ago: executing program 1 (id=2916): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeee, 0x8031, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000210018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000016c0)=ANY=[@ANYBLOB="0b00000005000000000400000d00000001"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x4, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000400)='locks_get_lock_context\x00', r1}, 0x10) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000600)='blkio.bfq.avg_queue_size\x00', 0x275a, 0x0) fcntl$lock(r2, 0x26, &(0x7f0000000000)={0x2}) 3.109975786s ago: executing program 2 (id=2918): socket(0x10, 0x3, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x200}, 0x6e) sendmmsg$unix(r1, 0x0, 0x0, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0xa) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x216, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000005000000050000000900000001"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b708000008"], 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r2, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x1f, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) setsockopt$WPAN_SECURITY_LEVEL(0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000000)=0x5, 0x4) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10) mremap(&(0x7f000020e000/0x2000)=nil, 0x2000, 0x400000, 0x3, &(0x7f000082a000/0x400000)=nil) 2.91012578s ago: executing program 3 (id=2919): prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) r0 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)={0x54, r0, 0x1, 0x0, 0x0, {0x3}, [@TIPC_NLA_BEARER={0x40, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x4, 0x4, {{0x14, 0x1, @in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0xf}}}, {0x14, 0x2, @in={0x2, 0x0, @broadcast}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}]}]}, 0x54}}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000300)=0x8) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r4}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x2d) bpf$MAP_CREATE(0x0, 0x0, 0x50) sendmsg$inet(0xffffffffffffffff, 0x0, 0x24008004) bpf$MAP_CREATE(0x0, 0x0, 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0) r6 = socket$inet6(0xa, 0x800000000000002, 0x0) setsockopt$SO_TIMESTAMPING(r6, 0x1, 0x41, &(0x7f0000000200)=0x632a, 0x4) capset(&(0x7f0000000040)={0x20080522}, &(0x7f0000000140)={0x6, 0x7f, 0x6, 0x0, 0x1, 0x8}) r7 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$GIO_UNIMAP(r7, 0x4b66, &(0x7f0000000040)={0xfffffffffffffdca, 0x0}) 2.559692249s ago: executing program 1 (id=2920): socket(0x10, 0x3, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x200}, 0x6e) sendmmsg$unix(r1, 0x0, 0x0, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0xa) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x216, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000005000000050000000900000001"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b708000008"], 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r2, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x1f, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) setsockopt$WPAN_SECURITY_LEVEL(0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000000)=0x5, 0x4) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10) mremap(&(0x7f000020e000/0x2000)=nil, 0x2000, 0x400000, 0x3, &(0x7f000082a000/0x400000)=nil) 2.194602648s ago: executing program 0 (id=2921): bpf$PROG_LOAD(0x5, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, 0x0) connect$unix(0xffffffffffffffff, &(0x7f0000000180)=@abs={0x0, 0x0, 0x40}, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f00000003c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x3a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10) r2 = socket$inet6(0xa, 0x2, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f0000000a40)=@raw={'raw\x00', 0x3c1, 0x3, 0x380, 0x1a8, 0x111, 0x4b4, 0x0, 0x700, 0x2b0, 0x278, 0x278, 0x2b0, 0x278, 0x3, 0x0, {[{{@ipv6={@private1={0xfc, 0x1, '\x00', 0x1}, @empty, [0x0, 0x0, 0x0, 0xff0000ff], [0x1fffffffe, 0x0, 0xffffff00, 0xff], 'vlan0\x00', 'veth0_vlan\x00', {}, {0xff}, 0x6}, 0x0, 0x140, 0x1a8, 0x0, {}, [@common=@inet=@multiport={{0x50}, {0x0, 0x0, [], [0x0, 0x0, 0x0, 0x0, 0x0, 0x20]}}, @common=@unspec=@helper={{0x48}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x3, 0x0, 0x0, 0x0, 'netbios-ns\x00', 'syz0\x00'}}}, {{@ipv6={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @private2, [], [], 'geneve1\x00', 'erspan0\x00'}, 0x0, 0xe0, 0x108, 0x0, {}, [@common=@unspec=@statistic={{0x38}}]}, @common=@unspec=@NFQUEUE1={0x28, 'NFQUEUE\x00', 0x1, {0x67, 0x40}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x3e0) 2.042157901s ago: executing program 2 (id=2922): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(0x0, 0x2, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r1, 0x0, 0x0, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000002c0), 0x80, 0x0) ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000080)=0xf) ioctl$TCFLSH(r3, 0x400455c8, 0x0) 1.909413954s ago: executing program 0 (id=2923): creat(0x0, 0xecf86c37d53049cc) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) socket$inet6(0x10, 0x3, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000086"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x90) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x4, 0x0, 0x0, 0x41100}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000001f80)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000640)='console\x00', r1}, 0x10) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000040)=@newlink={0x40, 0x10, 0x437, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x4048b}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @sit={{0x8}, {0x14, 0x2, 0x0, 0x1, [@IFLA_IPTUN_FLAGS={0x6, 0x8, 0x3f}, @IFLA_IPTUN_LOCAL={0x8, 0x2, @loopback}]}}}]}, 0x40}}, 0x4048084) 1.908915814s ago: executing program 3 (id=2924): sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(0x0, 0x2, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeee, 0x8031, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000210018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000016c0)=ANY=[@ANYBLOB="0b00000005000000000400000d00000001"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x4b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r0, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x4, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000400)='locks_get_lock_context\x00', r1}, 0x10) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000600)='blkio.bfq.avg_queue_size\x00', 0x275a, 0x0) fcntl$lock(r2, 0x26, &(0x7f0000000000)={0x2}) 1.863335346s ago: executing program 0 (id=2925): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYRES32=0x0, @ANYBLOB="0100"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000000000000000000000000000000000000000000000000001561edef3944a07313944581095325bef98c275f617e3d018263f5f364058daa813704d529466fdf72f28b49be2077efd43bb86d8c08502504b43e0c4456c3478c30ea715ceedbaaeb21d0afc8a7f5b7454a0bca9479cd0814e307073d0dc6581d9a45cf9503af123084242f70b52f01bd6952825fec7ca2a49bd7ae49efd3a4fd88d36f20"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xf, &(0x7f0000000440)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x1}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000280)='GPL\x00', 0x2, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000180)='kmem_cache_free\x00', r1}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) r2 = syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x21c91c, &(0x7f0000000900)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x2000000}}, {@noblock_validity}, {@mblk_io_submit}, {@jqfmt_vfsold}, {@nodelalloc}, {@nomblk_io_submit}, {@usrjquota}, {@minixdf}, {@resgid, 0x32}]}, 0x1e, 0x4ea, &(0x7f00000009c0)="$eJzs3VFrW9cdAPD/la3MSZzZYXvIAsvCkmGHLZIdL4nZQ7bB2J4C27L3zLNlYyxbxpKT2ITNYR9gMMY22NOe9jLoByiUfIRSCLTvpS0tpU3ah0LbqOhKShxHip1GllLr94MjnXt0r/7nXKGje+49XAXQt05HxJmIeFitVs9FxEijPNNIsVVPtfUe3L89W0tJVKvXPkoiknpZbbXxbe95tLHZUET8/jcRf0qejlve2FyaKRYLa43lfGV5NV/e2Dy/uDyzUFgorExNTV6avjx9cXqiI+0cjogrv3rvn3/736+vvPaTm29f/2D8z0mjPOJxOzqt3vRsui+aBiNibT+C9chg2kIAAL4Jmsf5P4yIczESA+nRHAAAAHCQVH8+HF8kEVUAAADgwMqkc2CTTK4xD2A4Mplcrj6H97txJFMslSs/ni+tr8zV58qORjYzv1gsTDTmCo9GNqktT6b5x8sXdixPRcTxiPjHyOF0OTdbKs71+uQHAAAA9ImjO8b/n47Ux//bfN6zygEAAACdM9rrCgAAAAD7zvgfAAAADj7jfwAAADjQfnv1ai1Vm/9/PXdjY32pdOP8XKG8lFten83NltZWcwul0kJ6z77l3d6vWCqt/jRW1m/lK4VyJV/e2Ly+XFpfqVxffOIvsAEAAIAuOv6Du28lEbH1s8NpqjnU60oBXTH4PCu/u3/1ALpvoNcVAHrmuX7/gQMl2+sKAD2X7PJ628k7r3e+LgAAwP4Y+17r6/8Du54b2Mp0qYrAPnH+D/qX6//Qv1z/h/6VjYEwkIf+ttstQIfajRX2fP2/Wn3uSgEAAB01nKYkk4tIzwMMRyaTy0UcS8cE2WR+sViYiIhvR8SbI9lv1ZYn0y2TXecMAwAAAAAAAAAAAAAAAAAAAAAAAAB11WoSVQAAAOBAi8i8n6R3848YGzk7vPP8wKHks5H0OSJu/ufav27NVCprk7Xyjx+VV/7dKL/QizMYAAAAwE7NcXpzHA8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnfTg/u3ZZupm3A9/GRGjreIPxlD6PBTZiDjySRKD27ZLImKgA/G37kTEiVbxk1q1YrRRi1bxD/c4/tEOxId+drfW//yi1fcvE6fT59bfv0tpD/Xi2vd/mUf930CL+LWyY3uMcfLeK/m28e9EnBxs3f804ydt+p8ze4z/xz9sbrZ7rfrfiLGWvz/JE7HyleXVfHlj8/zi8sxCYaGwMjU1eWn68vTF6Yn8/GKx0HhsGePv33/14bPaf6RN/NFd2n92j+3/8t6t+9+pZ7OPNk8exx8/0/rzP9Emfqbx+f+oka+9PtbMb9Xz2536/xunntX+uTbt3+3zH99j+8/97q/v7HFVAKALyhubSzPFYmGtrzMvtDdqh0UvRStezkxtv379zYf2tYZ/2V6SdObrUDsyfzn2/ItletotAQAA++DpMTAAAAAAAAAAAAAAAAAAAADQbd24nVh2R8yt9LETd88HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOicrwIAAP///B/QPg==") fsetxattr(r2, &(0x7f0000000140)=ANY=[], 0x0, 0x0, 0x3) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f0000000080)='kmem_cache_free\x00', 0xffffffffffffffff, 0x0, 0x100000001}, 0x18) bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=ANY=[@ANYRESHEX], 0x50) r3 = socket(0x2a, 0x2, 0x0) r4 = socket$packet(0x11, 0x3, 0x300) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r4, 0x8933, 0x0) sendto$packet(r4, &(0x7f0000000040)="f2435f01000880000000", 0xa, 0x0, 0x0, 0x0) r5 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000080)=ANY=[@ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00', @ANYRES32], 0x3c}}, 0x0) ioctl$SIOCSIFMTU(r3, 0x8922, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000020500000a3c000000090a010400000000000000000a0000040900010073797a3100000000080005400000002b0900020073797a310000000008000a40fffffffc1400000011000100000000000000000001"], 0x64}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000000) set_mempolicy_home_node(&(0x7f0000146000/0x1000)=nil, 0x1000, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x4000000) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0300000000000000280012800a00010076786c616e00"], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=@newqdisc={0x24, 0x24, 0x1, 0x70bd26, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}, {0x5}}}, 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x0) r6 = socket$netlink(0x10, 0x3, 0x0) sendmmsg(r6, &(0x7f00000002c0), 0x40000000000009f, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x7a, 0x0, 0x0, 0x41000, 0x44, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8923, &(0x7f0000000000)={'vlan1\x00', @broadcast}) 1.512247844s ago: executing program 4 (id=2927): prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0) io_getevents(0x0, 0x3, 0x0, 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000fd0f0000070000"], 0x48) capset(&(0x7f0000000080)={0x20071026}, 0x0) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r4}, 0x10) r5 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r5, 0x29, 0x40, &(0x7f0000000880)=@raw={'raw\x00', 0x3c1, 0x3, 0x3f8, 0x0, 0x4c, 0x1a, 0x180, 0x73, 0x328, 0x258, 0x258, 0x328, 0x258, 0x3, 0x0, {[{{@ipv6={@private0, @local, [], [], 'wg2\x00', 'macvlan1\x00', {}, {}, 0x73}, 0x0, 0x118, 0x180, 0x0, {}, [@common=@inet=@l2tp={{0x30}, {0x0, 0x0, 0x3, 0x0, 0x3}}, @common=@unspec=@connlimit={{0x40}, {[], 0x0, 0x2}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x23, 0x3, 0x2, 0x3, 'syz1\x00', 'syz0\x00', {0x2}}}}, {{@uncond, 0x0, 0x160, 0x1a8, 0x0, {}, [@inet=@rpfilter={{0x28}}, @common=@srh1={{0x90}, {0x2e, 0x8, 0xfb, 0x87, 0x3, @remote, @mcast1, @private2={0xfc, 0x2, '\x00', 0x1}, [0xff000000, 0xff, 0x0, 0xffffff00], [0x8982e4c132e3b466, 0xffffffff, 0xffffff00, 0xff000000], [0xffffff00, 0x0, 0xff000000, 0xffffff00], 0x3420, 0x108}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv4=@initdev={0xac, 0x1e, 0x1, 0x0}, 'vlan0\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0, 0x0, {0x0, 0x5400}}, {0x28}}}}, 0x458) 1.381995197s ago: executing program 1 (id=2928): socket(0x10, 0x3, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x40000002) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x200}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0xa) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x275a, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x216, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000005000000050000000900000001"], 0x48) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r3, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10) mremap(&(0x7f000020e000/0x2000)=nil, 0x2000, 0x400000, 0x3, &(0x7f000082a000/0x400000)=nil) 1.381594027s ago: executing program 3 (id=2929): bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x4, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000005000000000400000d0000"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='br_fdb_add\x00', r1}, 0x10) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'bridge0\x00', 0x0}) sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="280000001c000100000000000000000007000000", @ANYRES32=r4, @ANYBLOB="4000aa000a0002"], 0x28}}, 0x40) 1.346804608s ago: executing program 3 (id=2930): connect$unix(0xffffffffffffffff, &(0x7f0000000180)=@abs, 0x6e) prctl$PR_SET_MM_MAP(0x23, 0xe, 0x0, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000df0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000009007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_LINKMODES_SET(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000680)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="0700000000000000000005000000180001801400020073797a5f74756e0000000000000000000800038004000380080005"], 0x3c}}, 0x0) 1.326132499s ago: executing program 3 (id=2931): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000240)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10) r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000002c0), 0x80, 0x0) ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000080)=0xf) ioctl$TCFLSH(r4, 0x400455c8, 0x0) ioctl$TCSETS2(r4, 0x402c542b, &(0x7f0000000040)={0x3, 0x3, 0x3, 0xfffffffe, 0x9, "bf9caa849a0c1086a72670958cd13589436be5", 0xab64, 0x3}) ioctl$TIOCSTI(r4, 0x5412, &(0x7f0000000000)=0xdf) 894.794619ms ago: executing program 0 (id=2932): prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000fd0f000007"], 0x48) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f00000004c0)={'syztnl0\x00', 0x0}) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r4}, 0x10) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r3}, &(0x7f0000000040), &(0x7f0000000080)=r4}, 0x20) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r5, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)={0x14, 0x0, 0x9c3fa077fa966179, 0x0, 0x0, {{0x7e}, {@void, @void}}}, 0x14}}, 0x4000054) 424.50214ms ago: executing program 4 (id=2933): r0 = openat(0xffffffffffffff9c, &(0x7f0000000440)='./file1\x00', 0x42, 0x120) write$P9_RREADLINK(r0, 0x0, 0x0) lseek(r0, 0xb964, 0xad23dbce7a62eb82) 321.920473ms ago: executing program 4 (id=2934): bpf$PROG_LOAD(0x5, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, 0x0) connect$unix(0xffffffffffffffff, &(0x7f0000000180)=@abs={0x0, 0x0, 0x40}, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f00000003c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x3a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10) r2 = socket$inet6(0xa, 0x2, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f0000000a40)=@raw={'raw\x00', 0x3c1, 0x3, 0x380, 0x1a8, 0x111, 0x4b4, 0x0, 0x700, 0x2b0, 0x278, 0x278, 0x2b0, 0x278, 0x3, 0x0, {[{{@ipv6={@private1={0xfc, 0x1, '\x00', 0x1}, @empty, [0x0, 0x0, 0x0, 0xff0000ff], [0x1fffffffe, 0x0, 0xffffff00, 0xff], 'vlan0\x00', 'veth0_vlan\x00', {}, {0xff}, 0x6}, 0x0, 0x140, 0x1a8, 0x0, {}, [@common=@inet=@multiport={{0x50}, {0x0, 0x0, [], [0x0, 0x0, 0x0, 0x0, 0x0, 0x20]}}, @common=@unspec=@helper={{0x48}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x3, 0x0, 0x0, 0x0, 'netbios-ns\x00', 'syz0\x00'}}}, {{@ipv6={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @private2, [], [], 'geneve1\x00', 'erspan0\x00'}, 0x0, 0xe0, 0x108, 0x0, {}, [@common=@unspec=@statistic={{0x38}}]}, @common=@unspec=@NFQUEUE1={0x28, 'NFQUEUE\x00', 0x1, {0x67, 0x40}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x3e0) 177.974366ms ago: executing program 4 (id=2935): creat(0x0, 0xecf86c37d53049cc) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) socket$inet6(0x10, 0x3, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000086"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x90) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x4, 0x0, 0x0, 0x41100}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000001f80)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000640)='console\x00', r1}, 0x10) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000040)=@newlink={0x40, 0x10, 0x437, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x4048b}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @sit={{0x8}, {0x14, 0x2, 0x0, 0x1, [@IFLA_IPTUN_FLAGS={0x6, 0x8, 0x3f}, @IFLA_IPTUN_LOCAL={0x8, 0x2, @loopback}]}}}]}, 0x40}}, 0x4048084) 159.686337ms ago: executing program 4 (id=2936): r0 = syz_open_dev$usbfs(&(0x7f0000000480), 0x76, 0x160341) ioctl$USBDEVFS_IOCTL(r0, 0xc0105512, &(0x7f0000000200)) ioctl$USBDEVFS_IOCTL(r0, 0xc0105512, &(0x7f0000000000)=@usbdevfs_connect) 149.862667ms ago: executing program 1 (id=2937): r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, 0x0, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000002080)=ANY=[@ANYBLOB="020000000400000006000000050000000010"], 0x48) mkdirat(0xffffffffffffff9c, &(0x7f0000000540)='./file7\x00', 0x1c0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000001900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffd98, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10) close(0xffffffffffffffff) bpf$BPF_LINK_UPDATE(0x1d, &(0x7f00000005c0)={0xffffffffffffffff, 0xffffffffffffffff, 0x4}, 0x10) sync() sync() r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$inet6_int(r3, 0x29, 0x19, &(0x7f0000000040)=0x3, 0x4) syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000081dd22104c052e000005010203010902120001000000000904000000f7"], 0x0) 80.317988ms ago: executing program 4 (id=2938): bpf$MAP_CREATE(0x0, 0x0, 0x0) openat$selinux_validatetrans(0xffffffffffffff9c, 0x0, 0x1, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00'}, 0x10) syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=") r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./bus\x00', 0x1c1002, 0x0) write(r1, &(0x7f0000004200)='t', 0x1) sendfile(r1, r0, 0x0, 0x3ffff) sendfile(r1, r0, 0x0, 0x7ffff000) 0s ago: executing program 0 (id=2939): syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000840)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2, &(0x7f0000000340)={[{@jqfmt_vfsold}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x4000000}}, {@abort}, {@noload}, {@delalloc}, {@max_batch_time={'max_batch_time', 0x3d, 0x1}}, {@init_itable_val={'init_itable', 0x3d, 0x601}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x800}}, {@bsdgroups}, {@init_itable_val={'init_itable', 0x3d, 0xfff}}]}, 0xfa, 0x477, &(0x7f0000001380)="$eJzs3M9vFFUcAPDvTH/w21bEHyBIFY3EHy0tP+TgRaMJB01M9IDxVNtCKgs1tCZCiFYPeDQk3o3/hfGkF6NeNPGqd0NCDBdQL2tmZwaWZbfd0m0X2M8nme57M6/73ndm3u6bebsbQM8ayf4kEVsj4o+IGMqztxYYyR+uX70w9c/VC1NJVKtv/53Uyl27emGqLFr+35Y8U60W+Q1N6r34XsRkpTJztsiPLZz+cGz+3PkXZ09Pnpw5OXNm4ujRQwf3DB6ZONyROLO4ru36ZG73zmPvXnpz6vil939O0sjjjoY4OmUk37tNPdPpyrpsW1066a/fsvfXm+lmZwLd1BcR2eEaqPX/oeiLTTe2DcXrn3e1ccCaqlar1SVelRerwH0siW63AOiO8o0+u/4tl3UaetwVrrySXwBlcV8vlnxLf6R5Yu9Aw/Xt1g7WPxIRxxf//TpbYo3uQwAA1Ps+G/+80Gz8l8YjeWIw+/NAMYcyHBEPRsT2iHgoInZExMMRtbKPRsRjK6y/cYbk9vFPevmOg2tDNv57uZjbunX8l5ZFhvuK3LZa/APJidnKzIFin+yPgQ0nZpOZ8SXq+OG1379sta1+/JctWf3lWLBox+X+hht005MLk6uJud6VzyJ29TeLP4lyGieJiJ0RsesO65h9rr/ltuXjX0Lrp21b9ZuIZ/PjvxgN8ZeSlvOT4y8dmTg8tjEqMwfGyrPidr/8dvGtVvWvKv4OyI7/5qbn/434h5ONEfPnzp+qzdfOr+jps64TF//8ouU1TRF/1r3aOf+PbSvO/8HkndqKwWLDx5MLC2fHIwaTN25fP3Hz2cp8WT6Lf/++5v1/e9zcE49HxO6I2BMRT2QXhUXbn4yIpyJi3xI74adXn/5gmfibHP/1mSvN4p9e7vhH/fFfeaLv1I/fLR//xohodfwP1VL7izXtvP6128DV7DsAAAC4V+SfgU/S0RvpNB0dzT/DvyM2p5W5+YXnT8x9dGY6n/cejoG0vNM1VHc/dLy4N1zmJxryB4v7xl/1barlR6fmKtPdDh563JYW/T/zV1+3WwesuQ7MowH3KP0fepf+D70p0f+hp+n/0Lua9f9PW5Ye/XZNGwOsK+//0Lva6P+L+UPrUQFwb/L+D71L/4ee1PK78emqvvK/7on/it8zvFvac/8nIr0rmnH/J/rb/jGLFSSqQ3n/z9ZsaFqm269MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnfF/AAAA//8Qi+Nc") creat(&(0x7f0000000e00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x9) symlink(&(0x7f0000000440)='./cgroup.cpu/cgroup.procs\x00', &(0x7f0000000980)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') creat(&(0x7f0000000100)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xa1) prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="19000000040000000400000008"], 0x48) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000150000001811", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10) rename(&(0x7f0000000140)='./file0\x00', &(0x7f0000001900)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') kernel console output (not intermixed with test programs): 1435] EXT4-fs error (device loop3): mb_free_blocks:2017: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt. [ 511.518694][T11435] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #12: comm syz.3.2399: corrupted inode contents [ 511.531625][ T3326] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 511.535137][T11435] EXT4-fs error (device loop3): ext4_dirty_inode:6517: inode #12: comm syz.3.2399: mark_inode_dirty error [ 511.552954][T11435] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #12: comm syz.3.2399: corrupted inode contents [ 511.565648][T11435] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #12: comm syz.3.2399: mark_inode_dirty error [ 511.587942][T11435] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #12: comm syz.3.2399: corrupted inode contents [ 511.600350][T11435] EXT4-fs error (device loop3) in ext4_orphan_del:301: Corrupt filesystem [ 511.609180][T11435] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #12: comm syz.3.2399: corrupted inode contents [ 511.621338][T11435] EXT4-fs error (device loop3): ext4_truncate:4637: inode #12: comm syz.3.2399: mark_inode_dirty error [ 511.633879][T11435] EXT4-fs error (device loop3) in ext4_process_orphan:343: Corrupt filesystem [ 511.642969][T11435] EXT4-fs (loop3): 1 truncate cleaned up [ 511.649227][T11435] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 511.672275][T11435] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2399'. [ 511.681392][T11435] netlink: 'syz.3.2399': attribute type 30 has an invalid length. [ 511.681517][T11449] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 511.698176][T11449] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 511.707559][ T1911] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 511.716410][ T1911] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 511.733558][ T1911] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 511.743780][ T1911] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 511.764669][ T3321] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 511.974711][T11463] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2405'. [ 512.331061][T11466] loop1: detected capacity change from 0 to 512 [ 512.369501][T11466] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 512.501038][T11470] bridge: RTM_NEWNEIGH with invalid ether address [ 512.721448][T11474] loop3: detected capacity change from 0 to 512 [ 512.749644][T11474] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 512.861524][T11482] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2410'. [ 512.977162][ T3321] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 513.272706][T11487] loop3: detected capacity change from 0 to 512 [ 513.279650][T11487] EXT4-fs: Ignoring removed mblk_io_submit option [ 513.293206][T11487] EXT4-fs: Ignoring removed nomblk_io_submit option [ 513.304667][T11487] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 513.313529][T11487] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 513.380535][T11487] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4193: comm syz.3.2414: Allocating blocks 41-42 which overlap fs metadata [ 513.406877][T11487] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4193: comm syz.3.2414: Allocating blocks 41-42 which overlap fs metadata [ 513.421056][T11487] EXT4-fs error (device loop3): ext4_acquire_dquot:6945: comm syz.3.2414: Failed to acquire dquot type 1 [ 513.432703][T11487] EXT4-fs error (device loop3): mb_free_blocks:2017: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt. [ 513.447431][T11487] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #12: comm syz.3.2414: corrupted inode contents [ 513.460082][T11487] EXT4-fs error (device loop3): ext4_dirty_inode:6517: inode #12: comm syz.3.2414: mark_inode_dirty error [ 513.471696][T11487] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #12: comm syz.3.2414: corrupted inode contents [ 513.483909][T11487] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #12: comm syz.3.2414: mark_inode_dirty error [ 513.495886][T11487] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #12: comm syz.3.2414: corrupted inode contents [ 513.508095][T11487] EXT4-fs error (device loop3) in ext4_orphan_del:301: Corrupt filesystem [ 513.523186][T11487] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #12: comm syz.3.2414: corrupted inode contents [ 513.544473][T11487] EXT4-fs error (device loop3): ext4_truncate:4637: inode #12: comm syz.3.2414: mark_inode_dirty error [ 513.556876][T11487] EXT4-fs error (device loop3) in ext4_process_orphan:343: Corrupt filesystem [ 513.573468][T11487] EXT4-fs (loop3): 1 truncate cleaned up [ 513.579496][T11487] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 513.596244][T11493] loop2: detected capacity change from 0 to 512 [ 513.613509][T11493] EXT4-fs: Ignoring removed mblk_io_submit option [ 513.622916][T11493] EXT4-fs: Ignoring removed nomblk_io_submit option [ 513.636929][T11487] netlink: 'syz.3.2414': attribute type 30 has an invalid length. [ 513.653826][T11493] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 513.662297][T11493] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended [ 513.694307][T11493] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4193: comm syz.2.2416: Allocating blocks 41-42 which overlap fs metadata [ 513.713772][T11493] EXT4-fs error (device loop2): ext4_acquire_dquot:6945: comm syz.2.2416: Failed to acquire dquot type 1 [ 513.754441][T11493] EXT4-fs error (device loop2): mb_free_blocks:2017: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt. [ 513.779670][ T3321] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 513.813352][T11493] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #12: comm syz.2.2416: corrupted inode contents [ 513.836050][T11493] EXT4-fs error (device loop2): ext4_dirty_inode:6517: inode #12: comm syz.2.2416: mark_inode_dirty error [ 513.880973][T11493] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #12: comm syz.2.2416: corrupted inode contents [ 513.913616][T11493] EXT4-fs error (device loop2): __ext4_ext_dirty:206: inode #12: comm syz.2.2416: mark_inode_dirty error [ 513.943668][T11493] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #12: comm syz.2.2416: corrupted inode contents [ 513.973303][T11493] EXT4-fs error (device loop2) in ext4_orphan_del:301: Corrupt filesystem [ 513.992224][T11493] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #12: comm syz.2.2416: corrupted inode contents [ 514.024232][T11493] EXT4-fs error (device loop2): ext4_truncate:4637: inode #12: comm syz.2.2416: mark_inode_dirty error [ 514.043393][T11493] EXT4-fs error (device loop2) in ext4_process_orphan:343: Corrupt filesystem [ 514.062716][T11493] EXT4-fs (loop2): 1 truncate cleaned up [ 514.072932][T11493] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 514.110789][T11493] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2416'. [ 514.119757][T11493] netlink: 'syz.2.2416': attribute type 30 has an invalid length. [ 514.131102][ T1911] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 514.146501][ T1911] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 514.155875][ T1911] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 514.166376][ T3323] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 514.178489][T11511] bridge: RTM_NEWNEIGH with invalid ether address [ 514.185010][ T1911] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 514.349321][T11521] loop4: detected capacity change from 0 to 512 [ 514.371985][T11521] EXT4-fs: Ignoring removed mblk_io_submit option [ 514.388534][T11521] EXT4-fs: Ignoring removed nomblk_io_submit option [ 514.413626][T11521] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 514.422110][T11521] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended [ 514.503069][T11521] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4193: comm syz.4.2428: Allocating blocks 41-42 which overlap fs metadata [ 514.585133][T11521] EXT4-fs error (device loop4): ext4_acquire_dquot:6945: comm syz.4.2428: Failed to acquire dquot type 1 [ 514.597570][T11530] loop3: detected capacity change from 0 to 512 [ 514.604863][T11521] EXT4-fs error (device loop4): mb_free_blocks:2017: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt. [ 514.620258][T11530] EXT4-fs error (device loop3): ext4_orphan_get:1392: inode #15: comm syz.3.2430: inode has both inline data and extents flags [ 514.635817][T11521] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #12: comm syz.4.2428: corrupted inode contents [ 514.661180][T11530] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.2430: couldn't read orphan inode 15 (err -117) [ 514.680098][T11521] EXT4-fs error (device loop4): ext4_dirty_inode:6517: inode #12: comm syz.4.2428: mark_inode_dirty error [ 514.721494][T11530] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 514.745976][T11521] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #12: comm syz.4.2428: corrupted inode contents [ 514.780516][T11521] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #12: comm syz.4.2428: mark_inode_dirty error [ 514.808642][T11521] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #12: comm syz.4.2428: corrupted inode contents [ 514.893197][T11521] EXT4-fs error (device loop4) in ext4_orphan_del:301: Corrupt filesystem [ 514.913185][T11521] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #12: comm syz.4.2428: corrupted inode contents [ 514.925314][T11521] EXT4-fs error (device loop4): ext4_truncate:4637: inode #12: comm syz.4.2428: mark_inode_dirty error [ 514.953473][T11521] EXT4-fs error (device loop4) in ext4_process_orphan:343: Corrupt filesystem [ 515.003227][T11521] EXT4-fs (loop4): 1 truncate cleaned up [ 515.026710][T11521] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 515.080680][ T29] kauditd_printk_skb: 302 callbacks suppressed [ 515.080698][ T29] audit: type=1326 audit(1762443206.622:6222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11520 comm="syz.4.2428" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fb103d8df10 code=0x7ffc0000 [ 515.101378][T11521] netlink: 'syz.4.2428': attribute type 30 has an invalid length. [ 515.135371][ T29] audit: type=1326 audit(1762443206.622:6223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11520 comm="syz.4.2428" exe="/root/syz-executor" sig=0 arch=c000003e syscall=80 compat=0 ip=0x7fb103d8e417 code=0x7ffc0000 [ 515.158880][ T29] audit: type=1326 audit(1762443206.622:6224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11520 comm="syz.4.2428" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fb103d8df10 code=0x7ffc0000 [ 515.182371][ T29] audit: type=1326 audit(1762443206.622:6225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11520 comm="syz.4.2428" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb103d8f6c9 code=0x7ffc0000 [ 515.205927][ T29] audit: type=1326 audit(1762443206.622:6226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11520 comm="syz.4.2428" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb103d8f6c9 code=0x7ffc0000 [ 515.229549][ T29] audit: type=1326 audit(1762443206.632:6227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11520 comm="syz.4.2428" exe="/root/syz-executor" sig=0 arch=c000003e syscall=190 compat=0 ip=0x7fb103d8f6c9 code=0x7ffc0000 [ 515.253140][ T29] audit: type=1326 audit(1762443206.632:6228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11520 comm="syz.4.2428" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb103d8f6c9 code=0x7ffc0000 [ 515.276735][ T29] audit: type=1326 audit(1762443206.632:6229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11520 comm="syz.4.2428" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb103d8f6c9 code=0x7ffc0000 [ 515.300253][ T29] audit: type=1326 audit(1762443206.632:6230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11520 comm="syz.4.2428" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb103d8f6c9 code=0x7ffc0000 [ 515.323748][ T29] audit: type=1326 audit(1762443206.632:6231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11520 comm="syz.4.2428" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb103d8f6c9 code=0x7ffc0000 [ 515.385430][T11542] loop2: detected capacity change from 0 to 1024 [ 515.392240][T11542] EXT4-fs: Ignoring removed orlov option [ 515.418066][T11542] EXT4-fs (loop2): couldn't mount as ext2 due to feature incompatibilities [ 515.625056][ T3316] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 515.644479][ T3317] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 516.174479][T11550] loop1: detected capacity change from 0 to 512 [ 516.200756][T11548] loop4: detected capacity change from 0 to 512 [ 516.209021][T11548] EXT4-fs: Ignoring removed mblk_io_submit option [ 516.215732][T11548] EXT4-fs: Ignoring removed nomblk_io_submit option [ 516.222924][T11548] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 516.231510][T11548] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended [ 516.281921][T11548] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4193: comm syz.4.2435: Allocating blocks 41-42 which overlap fs metadata [ 516.308173][T11557] loop2: detected capacity change from 0 to 1024 [ 516.315449][T11548] EXT4-fs error (device loop4): ext4_acquire_dquot:6945: comm syz.4.2435: Failed to acquire dquot type 1 [ 516.333586][T11548] EXT4-fs error (device loop4): mb_free_blocks:2017: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt. [ 516.334946][T11550] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 516.360827][T11557] EXT4-fs: Ignoring removed orlov option [ 516.361401][T11548] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #12: comm syz.4.2435: corrupted inode contents [ 516.373700][T11557] EXT4-fs (loop2): couldn't mount as ext2 due to feature incompatibilities [ 516.378631][T11548] EXT4-fs error (device loop4): ext4_dirty_inode:6517: inode #12: comm syz.4.2435: mark_inode_dirty error [ 516.398718][T11548] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #12: comm syz.4.2435: corrupted inode contents [ 516.424629][T11548] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #12: comm syz.4.2435: mark_inode_dirty error [ 516.436328][T11548] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #12: comm syz.4.2435: corrupted inode contents [ 516.448468][T11548] EXT4-fs error (device loop4) in ext4_orphan_del:301: Corrupt filesystem [ 516.457248][T11548] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #12: comm syz.4.2435: corrupted inode contents [ 516.469583][T11548] EXT4-fs error (device loop4): ext4_truncate:4637: inode #12: comm syz.4.2435: mark_inode_dirty error [ 516.480962][T11548] EXT4-fs error (device loop4) in ext4_process_orphan:343: Corrupt filesystem [ 516.490225][T11548] EXT4-fs (loop4): 1 truncate cleaned up [ 516.496523][T11548] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 516.680192][T11548] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2435'. [ 516.689150][T11548] netlink: 'syz.4.2435': attribute type 30 has an invalid length. [ 516.703294][ T2062] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 516.712408][ T2062] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 516.721574][ T2062] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 517.053462][ T2062] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 517.101183][ T3321] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 517.111740][ T3316] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 517.254168][T11570] netlink: 'syz.0.2440': attribute type 13 has an invalid length. [ 517.294012][ T3317] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 518.287160][T11590] bridge2: the hash_elasticity option has been deprecated and is always 16 [ 518.295871][T11590] bridge2: trying to set multicast startup query interval below minimum, setting to 100 (1000ms) [ 518.552460][T11600] loop1: detected capacity change from 0 to 128 [ 518.563187][T11600] EXT4-fs (loop1): VFS: Can't find ext4 filesystem [ 518.640246][T11605] loop2: detected capacity change from 0 to 512 [ 518.690182][T11603] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2450'. [ 518.699925][T11605] EXT4-fs: Ignoring removed mblk_io_submit option [ 518.713439][T11605] EXT4-fs: Ignoring removed nomblk_io_submit option [ 518.724376][T11605] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 518.732859][T11605] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended [ 518.887641][T11605] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4193: comm syz.2.2453: Allocating blocks 41-42 which overlap fs metadata [ 518.911945][T11605] EXT4-fs error (device loop2): ext4_acquire_dquot:6945: comm syz.2.2453: Failed to acquire dquot type 1 [ 518.933553][T11605] EXT4-fs error (device loop2): mb_free_blocks:2017: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt. [ 518.956736][T11605] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #12: comm syz.2.2453: corrupted inode contents [ 518.969474][T11605] EXT4-fs error (device loop2): ext4_dirty_inode:6517: inode #12: comm syz.2.2453: mark_inode_dirty error [ 518.981918][T11605] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #12: comm syz.2.2453: corrupted inode contents [ 519.061299][T11605] EXT4-fs error (device loop2): __ext4_ext_dirty:206: inode #12: comm syz.2.2453: mark_inode_dirty error [ 519.104571][T11605] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #12: comm syz.2.2453: corrupted inode contents [ 519.146821][T11605] EXT4-fs error (device loop2) in ext4_orphan_del:301: Corrupt filesystem [ 519.179670][T11605] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #12: comm syz.2.2453: corrupted inode contents [ 519.281052][T11605] EXT4-fs error (device loop2): ext4_truncate:4637: inode #12: comm syz.2.2453: mark_inode_dirty error [ 519.343190][T11605] EXT4-fs error (device loop2) in ext4_process_orphan:343: Corrupt filesystem [ 519.370061][T11605] EXT4-fs (loop2): 1 truncate cleaned up [ 519.383817][T11605] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 519.457696][T11605] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2453'. [ 519.466657][T11605] netlink: 'syz.2.2453': attribute type 30 has an invalid length. [ 519.531893][ T3323] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 519.663546][T11621] bridge3: the hash_elasticity option has been deprecated and is always 16 [ 519.672217][T11621] bridge3: trying to set multicast startup query interval below minimum, setting to 100 (1000ms) [ 520.028404][T11622] bridge3: the hash_elasticity option has been deprecated and is always 16 [ 520.037081][T11622] bridge3: trying to set multicast startup query interval below minimum, setting to 100 (1000ms) [ 520.666897][T11634] netlink: 'syz.1.2461': attribute type 13 has an invalid length. [ 520.676963][T11637] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 520.685894][T11637] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 521.036291][T11642] bridge2: the hash_elasticity option has been deprecated and is always 16 [ 521.045015][T11642] bridge2: trying to set multicast startup query interval below minimum, setting to 100 (1000ms) [ 521.617082][ T29] kauditd_printk_skb: 178 callbacks suppressed [ 521.617099][ T29] audit: type=1326 audit(1762443213.162:6404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11649 comm="syz.4.2467" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb103d8f6c9 code=0x7ffc0000 [ 521.650614][T11650] loop4: detected capacity change from 0 to 512 [ 521.673189][ T29] audit: type=1326 audit(1762443213.192:6405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11649 comm="syz.4.2467" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fb103d8f6c9 code=0x7ffc0000 [ 521.696821][ T29] audit: type=1326 audit(1762443213.192:6406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11649 comm="syz.4.2467" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fb103d8f703 code=0x7ffc0000 [ 521.703960][T11650] EXT4-fs: Ignoring removed mblk_io_submit option [ 521.720260][ T29] audit: type=1326 audit(1762443213.192:6407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11649 comm="syz.4.2467" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fb103d8e17f code=0x7ffc0000 [ 521.720296][ T29] audit: type=1326 audit(1762443213.192:6408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11649 comm="syz.4.2467" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7fb103d8f757 code=0x7ffc0000 [ 521.773682][ T29] audit: type=1326 audit(1762443213.192:6409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11649 comm="syz.4.2467" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fb103d8df10 code=0x7ffc0000 [ 521.797240][ T29] audit: type=1326 audit(1762443213.192:6410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11649 comm="syz.4.2467" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fb103d8f2cb code=0x7ffc0000 [ 521.987390][ T29] audit: type=1326 audit(1762443213.252:6411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11649 comm="syz.4.2467" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fb103d8e32a code=0x7ffc0000 [ 522.010792][ T29] audit: type=1326 audit(1762443213.252:6412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11649 comm="syz.4.2467" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fb103d8e32a code=0x7ffc0000 [ 522.034225][ T29] audit: type=1326 audit(1762443213.252:6413): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11649 comm="syz.4.2467" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7fb103d8de17 code=0x7ffc0000 [ 522.100668][T11650] EXT4-fs: Ignoring removed nomblk_io_submit option [ 522.122812][T11650] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 522.131456][T11650] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended [ 522.142887][T11656] netlink: 'syz.3.2469': attribute type 30 has an invalid length. [ 522.159231][T11650] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4193: comm syz.4.2467: Allocating blocks 41-42 which overlap fs metadata [ 522.183817][T11650] EXT4-fs error (device loop4): ext4_acquire_dquot:6945: comm syz.4.2467: Failed to acquire dquot type 1 [ 522.215553][T11650] EXT4-fs error (device loop4): mb_free_blocks:2017: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt. [ 522.230241][T11650] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #12: comm syz.4.2467: corrupted inode contents [ 522.252324][T11650] EXT4-fs error (device loop4): ext4_dirty_inode:6517: inode #12: comm syz.4.2467: mark_inode_dirty error [ 522.263920][T11650] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #12: comm syz.4.2467: corrupted inode contents [ 522.293364][T11650] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #12: comm syz.4.2467: mark_inode_dirty error [ 522.311081][T11650] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #12: comm syz.4.2467: corrupted inode contents [ 522.325092][T11650] EXT4-fs error (device loop4) in ext4_orphan_del:301: Corrupt filesystem [ 522.343770][T11650] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #12: comm syz.4.2467: corrupted inode contents [ 522.363368][T11650] EXT4-fs error (device loop4): ext4_truncate:4637: inode #12: comm syz.4.2467: mark_inode_dirty error [ 522.383328][T11650] EXT4-fs error (device loop4) in ext4_process_orphan:343: Corrupt filesystem [ 522.402707][T11650] EXT4-fs (loop4): 1 truncate cleaned up [ 522.408893][T11650] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 522.450078][T11650] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2467'. [ 522.459038][T11650] netlink: 'syz.4.2467': attribute type 30 has an invalid length. [ 522.596132][ T3316] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 522.818389][T11681] netlink: 'syz.3.2477': attribute type 13 has an invalid length. [ 522.991803][ T2062] netdevsim netdevsim3 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 523.023353][ T2062] netdevsim netdevsim3 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 523.052150][ T2062] netdevsim netdevsim3 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 523.061180][ T2062] netdevsim netdevsim3 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 523.409530][T11691] loop0: detected capacity change from 0 to 512 [ 523.513419][T11691] EXT4-fs error (device loop0): ext4_orphan_get:1392: inode #15: comm syz.0.2481: inode has both inline data and extents flags [ 523.533468][T11691] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.2481: couldn't read orphan inode 15 (err -117) [ 523.546156][T11691] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 523.800862][T11697] loop3: detected capacity change from 0 to 1024 [ 523.813965][T11697] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 523.844155][T11697] EXT4-fs error (device loop3): ext4_orphan_get:1392: inode #11: comm syz.3.2483: iget: bogus i_mode (1) [ 523.863362][T11697] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.2483: couldn't read orphan inode 11 (err -117) [ 523.876504][T11697] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 523.907211][T11697] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 524.023031][T11704] loop2: detected capacity change from 0 to 128 [ 524.093390][T11704] EXT4-fs (loop2): VFS: Can't find ext4 filesystem [ 524.299987][T11718] loop4: detected capacity change from 0 to 512 [ 524.338247][T11718] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 524.968718][T11733] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 524.993387][T11733] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 525.139653][ T3326] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 525.184836][ T3316] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 525.228194][T11736] tipc: Enabled bearer , priority 10 [ 525.428083][T11736] tipc: Enabling of bearer rejected, failed to enable media [ 525.517994][T11743] loop0: detected capacity change from 0 to 1024 [ 525.541121][T11743] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 525.581765][T11743] EXT4-fs error (device loop0): ext4_orphan_get:1392: inode #11: comm syz.0.2498: iget: bogus i_mode (1) [ 525.593380][T11743] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.2498: couldn't read orphan inode 11 (err -117) [ 525.606113][T11743] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 525.620608][T11743] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 525.803932][T11753] loop0: detected capacity change from 0 to 256 [ 525.915980][T11753] FAT-fs (loop0): IO charset cp932 not found [ 526.039957][T11757] loop0: detected capacity change from 0 to 128 [ 526.389591][T11764] bridge4: the hash_elasticity option has been deprecated and is always 16 [ 526.398337][T11764] bridge4: trying to set multicast startup query interval below minimum, setting to 100 (1000ms) [ 526.578566][T11768] loop4: detected capacity change from 0 to 512 [ 526.628764][T11768] ext4: Unknown parameter 'smackfsroot' [ 527.184167][T11776] loop1: detected capacity change from 0 to 512 [ 527.215266][T11776] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 528.101521][T11793] loop4: detected capacity change from 0 to 256 [ 528.121413][ T3317] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 528.138862][T11793] FAT-fs (loop4): IO charset cp932 not found [ 528.208761][T11793] loop4: detected capacity change from 0 to 128 [ 528.428722][T11808] loop1: detected capacity change from 0 to 128 [ 528.447841][T11808] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 528.460455][T11808] ext4 filesystem being mounted at /525/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 529.939403][ T3317] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 530.516023][T11829] loop1: detected capacity change from 0 to 1024 [ 530.522981][T11829] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 530.531614][T11829] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 530.542191][T11829] JBD2: no valid journal superblock found [ 530.548049][T11829] EXT4-fs (loop1): Could not load journal inode [ 530.656127][ T29] kauditd_printk_skb: 80 callbacks suppressed [ 530.656145][ T29] audit: type=1326 audit(1762443222.202:6491): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11830 comm="syz.4.2525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb103d8f6c9 code=0x7ffc0000 [ 530.690287][T11831] loop4: detected capacity change from 0 to 512 [ 530.697576][T11831] EXT4-fs: Ignoring removed mblk_io_submit option [ 530.704114][T11831] EXT4-fs: Ignoring removed nomblk_io_submit option [ 530.710867][ T29] audit: type=1326 audit(1762443222.242:6492): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11830 comm="syz.4.2525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fb103d8f6c9 code=0x7ffc0000 [ 530.734415][ T29] audit: type=1326 audit(1762443222.242:6493): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11830 comm="syz.4.2525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb103d8f6c9 code=0x7ffc0000 [ 530.758188][ T29] audit: type=1326 audit(1762443222.242:6494): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11830 comm="syz.4.2525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fb103d8f6c9 code=0x7ffc0000 [ 530.781988][ T29] audit: type=1326 audit(1762443222.242:6495): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11830 comm="syz.4.2525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fb103d8f703 code=0x7ffc0000 [ 530.805395][ T29] audit: type=1326 audit(1762443222.242:6496): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11830 comm="syz.4.2525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fb103d8e17f code=0x7ffc0000 [ 530.817684][T11831] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 530.828810][ T29] audit: type=1326 audit(1762443222.242:6497): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11830 comm="syz.4.2525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7fb103d8f757 code=0x7ffc0000 [ 530.828849][ T29] audit: type=1326 audit(1762443222.242:6498): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11830 comm="syz.4.2525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fb103d8df10 code=0x7ffc0000 [ 530.837318][T11831] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended [ 530.860738][ T29] audit: type=1326 audit(1762443222.242:6499): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11830 comm="syz.4.2525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fb103d8f2cb code=0x7ffc0000 [ 530.916636][ T29] audit: type=1326 audit(1762443222.252:6500): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11830 comm="syz.4.2525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fb103d8e32a code=0x7ffc0000 [ 531.000049][T11836] loop0: detected capacity change from 0 to 512 [ 531.004030][T11831] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4193: comm syz.4.2525: Allocating blocks 41-42 which overlap fs metadata [ 531.023868][T11831] EXT4-fs error (device loop4): ext4_acquire_dquot:6945: comm syz.4.2525: Failed to acquire dquot type 1 [ 531.035490][T11831] EXT4-fs error (device loop4): mb_free_blocks:2017: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt. [ 531.050990][T11831] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #12: comm syz.4.2525: corrupted inode contents [ 531.054427][T11836] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 531.075646][T11831] EXT4-fs error (device loop4): ext4_dirty_inode:6517: inode #12: comm syz.4.2525: mark_inode_dirty error [ 531.089653][T11831] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #12: comm syz.4.2525: corrupted inode contents [ 531.151791][T11842] loop1: detected capacity change from 0 to 512 [ 531.194661][T11842] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 531.207229][T11831] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #12: comm syz.4.2525: mark_inode_dirty error [ 531.233552][T11831] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #12: comm syz.4.2525: corrupted inode contents [ 531.262337][T11831] EXT4-fs error (device loop4) in ext4_orphan_del:301: Corrupt filesystem [ 531.271067][T11847] loop2: detected capacity change from 0 to 512 [ 531.271227][T11831] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #12: comm syz.4.2525: corrupted inode contents [ 531.424231][T11831] EXT4-fs error (device loop4): ext4_truncate:4637: inode #12: comm syz.4.2525: mark_inode_dirty error [ 531.436312][ T3317] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 531.447032][T11847] EXT4-fs error (device loop2): ext4_iget_extra_inode:5075: inode #15: comm syz.2.2529: corrupted in-inode xattr: e_value size too large [ 531.461978][T11831] EXT4-fs error (device loop4) in ext4_process_orphan:343: Corrupt filesystem [ 531.471569][T11831] EXT4-fs (loop4): 1 truncate cleaned up [ 531.483368][T11847] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.2529: couldn't read orphan inode 15 (err -117) [ 531.502027][T11831] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 531.544869][T11847] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 531.614558][T11831] netlink: 'syz.4.2525': attribute type 30 has an invalid length. [ 531.701339][ T3316] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 531.731159][T11858] loop4: detected capacity change from 0 to 256 [ 531.744009][T11856] tipc: Enabling of bearer rejected, failed to enable media [ 531.753925][T11860] loop3: detected capacity change from 0 to 128 [ 531.761344][T11860] EXT4-fs (loop3): VFS: Can't find ext4 filesystem [ 531.783816][T11858] FAT-fs (loop4): IO charset cp932 not found [ 531.865508][T11868] loop4: detected capacity change from 0 to 128 [ 531.904104][ T3326] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 532.012976][T11871] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 532.021705][T11871] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 532.751447][T11887] loop1: detected capacity change from 0 to 512 [ 532.768107][T11887] EXT4-fs: Ignoring removed mblk_io_submit option [ 532.784878][T11887] EXT4-fs: Ignoring removed nomblk_io_submit option [ 532.799413][T11887] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 532.807925][T11887] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended [ 532.835269][T11887] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4193: comm syz.1.2543: Allocating blocks 41-42 which overlap fs metadata [ 532.863801][T11887] EXT4-fs error (device loop1): ext4_acquire_dquot:6945: comm syz.1.2543: Failed to acquire dquot type 1 [ 532.945663][T11887] EXT4-fs error (device loop1): mb_free_blocks:2017: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt. [ 533.072035][T11887] EXT4-fs error (device loop1): ext4_do_update_inode:5632: inode #12: comm syz.1.2543: corrupted inode contents [ 533.084708][T11887] EXT4-fs error (device loop1): ext4_dirty_inode:6517: inode #12: comm syz.1.2543: mark_inode_dirty error [ 533.085279][ T3323] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 533.096586][T11887] EXT4-fs error (device loop1): ext4_do_update_inode:5632: inode #12: comm syz.1.2543: corrupted inode contents [ 533.117525][T11887] EXT4-fs error (device loop1): __ext4_ext_dirty:206: inode #12: comm syz.1.2543: mark_inode_dirty error [ 533.129113][T11887] EXT4-fs error (device loop1): ext4_do_update_inode:5632: inode #12: comm syz.1.2543: corrupted inode contents [ 533.141304][T11887] EXT4-fs error (device loop1) in ext4_orphan_del:301: Corrupt filesystem [ 533.151083][T11887] EXT4-fs error (device loop1): ext4_do_update_inode:5632: inode #12: comm syz.1.2543: corrupted inode contents [ 533.163320][T11887] EXT4-fs error (device loop1): ext4_truncate:4637: inode #12: comm syz.1.2543: mark_inode_dirty error [ 533.175090][T11887] EXT4-fs error (device loop1) in ext4_process_orphan:343: Corrupt filesystem [ 533.192500][T11896] bridge2: the hash_elasticity option has been deprecated and is always 16 [ 533.201199][T11896] bridge2: trying to set multicast startup query interval below minimum, setting to 100 (1000ms) [ 533.213507][T11887] EXT4-fs (loop1): 1 truncate cleaned up [ 533.220087][T11887] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 533.310341][T11887] netlink: 'syz.1.2543': attribute type 30 has an invalid length. [ 533.413567][ T37] Bluetooth: hci0: Frame reassembly failed (-84) [ 533.422101][T11892] Bluetooth: hci0: Frame reassembly failed (-84) [ 533.490207][ T3317] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 533.624839][T11902] loop4: detected capacity change from 0 to 512 [ 533.636358][T11902] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 533.861834][T11909] loop2: detected capacity change from 0 to 512 [ 533.872628][T11911] loop1: detected capacity change from 0 to 128 [ 533.879531][T11911] EXT4-fs (loop1): VFS: Can't find ext4 filesystem [ 533.898702][T11909] ext4: Unknown parameter 'smackfsroot' [ 534.504861][ T3316] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 534.759861][T11922] loop3: detected capacity change from 0 to 512 [ 534.766792][T11922] EXT4-fs: Ignoring removed i_version option [ 534.772880][T11922] EXT4-fs: Ignoring removed mblk_io_submit option [ 534.803504][T11922] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 534.814019][T11922] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8842e02c, mo2=0002] [ 534.822367][T11922] EXT4-fs (loop3): orphan cleanup on readonly fs [ 534.829736][T11922] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.2553: bg 0: block 361: padding at end of block bitmap is not set [ 534.844307][T11922] EXT4-fs (loop3): Remounting filesystem read-only [ 534.851177][T11922] EXT4-fs (loop3): 1 truncate cleaned up [ 534.857650][T11922] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: none. [ 535.014881][T11927] loop2: detected capacity change from 0 to 512 [ 535.045141][T11927] ext4: Unknown parameter 'smackfsroot' [ 535.567733][ T3541] Bluetooth: hci0: command 0x1003 tx timeout [ 535.583218][ T8298] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 535.667179][ T29] kauditd_printk_skb: 150 callbacks suppressed [ 535.667198][ T29] audit: type=1326 audit(1762443227.212:6645): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11934 comm="syz.4.2558" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7fb103d8f757 code=0x7ffc0000 [ 535.699954][T11935] loop4: detected capacity change from 0 to 512 [ 535.724209][T11935] EXT4-fs: Ignoring removed mblk_io_submit option [ 535.751235][T11935] EXT4-fs: Ignoring removed nomblk_io_submit option [ 535.764555][T11935] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 535.773057][T11935] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended [ 535.789586][ T29] audit: type=1326 audit(1762443227.252:6646): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11934 comm="syz.4.2558" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fb103d8df10 code=0x7ffc0000 [ 535.813199][ T29] audit: type=1326 audit(1762443227.252:6647): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11934 comm="syz.4.2558" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fb103d8f2cb code=0x7ffc0000 [ 535.836741][ T29] audit: type=1326 audit(1762443227.272:6648): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11934 comm="syz.4.2558" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fb103d8e32a code=0x7ffc0000 [ 535.860078][ T29] audit: type=1326 audit(1762443227.272:6649): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11934 comm="syz.4.2558" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fb103d8e32a code=0x7ffc0000 [ 535.883449][ T29] audit: type=1326 audit(1762443227.272:6650): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11934 comm="syz.4.2558" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7fb103d8de17 code=0x7ffc0000 [ 535.907013][ T29] audit: type=1326 audit(1762443227.272:6651): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11934 comm="syz.4.2558" exe="/root/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7fb103d90e6a code=0x7ffc0000 [ 535.950283][T11935] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4193: comm syz.4.2558: Allocating blocks 41-42 which overlap fs metadata [ 535.981738][T11942] tipc: Enabling of bearer rejected, failed to enable media [ 536.012196][T11946] loop0: detected capacity change from 0 to 128 [ 536.018693][T11935] Quota error (device loop4): write_blk: dquota write failed [ 536.026313][T11935] Quota error (device loop4): find_free_dqentry: Can't write quota data block 5 [ 536.052831][T11946] EXT4-fs (loop0): VFS: Can't find ext4 filesystem [ 536.067016][T11935] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4193: comm syz.4.2558: Allocating blocks 41-42 which overlap fs metadata [ 536.103696][T11935] Quota error (device loop4): write_blk: dquota write failed [ 536.128281][T11935] EXT4-fs error (device loop4): ext4_acquire_dquot:6945: comm syz.4.2558: Failed to acquire dquot type 1 [ 536.147120][T11950] loop1: detected capacity change from 0 to 512 [ 536.160759][T11935] EXT4-fs error (device loop4): mb_free_blocks:2017: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt. [ 536.177373][T11935] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #12: comm syz.4.2558: corrupted inode contents [ 536.208697][T11950] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 536.224136][T11935] EXT4-fs error (device loop4): ext4_dirty_inode:6517: inode #12: comm syz.4.2558: mark_inode_dirty error [ 536.235762][T11935] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #12: comm syz.4.2558: corrupted inode contents [ 536.248091][T11935] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #12: comm syz.4.2558: mark_inode_dirty error [ 536.259700][T11935] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #12: comm syz.4.2558: corrupted inode contents [ 536.294680][T11935] EXT4-fs error (device loop4) in ext4_orphan_del:301: Corrupt filesystem [ 536.303443][T11935] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #12: comm syz.4.2558: corrupted inode contents [ 536.315541][T11935] EXT4-fs error (device loop4): ext4_truncate:4637: inode #12: comm syz.4.2558: mark_inode_dirty error [ 536.326824][T11935] EXT4-fs error (device loop4) in ext4_process_orphan:343: Corrupt filesystem [ 536.336077][T11935] EXT4-fs (loop4): 1 truncate cleaned up [ 536.342265][T11935] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 536.370670][T11935] netlink: 'syz.4.2558': attribute type 30 has an invalid length. [ 536.379499][ T3321] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000007. [ 536.452323][T11966] netlink: 'syz.3.2568': attribute type 30 has an invalid length. [ 536.468749][T11965] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 536.477732][T11965] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 536.654151][ T3316] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 537.512224][ T3317] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 537.583012][T11976] loop2: detected capacity change from 0 to 512 [ 537.607861][T11976] ext4: Unknown parameter 'smackfsroot' [ 537.778963][T11987] loop4: detected capacity change from 0 to 128 [ 537.798372][T11987] EXT4-fs (loop4): VFS: Can't find ext4 filesystem [ 537.823381][T11980] loop3: detected capacity change from 0 to 1024 [ 537.830636][T11980] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 537.839591][T11980] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 537.850764][T11980] JBD2: no valid journal superblock found [ 537.856590][T11980] EXT4-fs (loop3): Could not load journal inode [ 538.315100][T11991] netlink: 'syz.4.2577': attribute type 13 has an invalid length. [ 538.325529][ T31] netdevsim netdevsim4 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 538.335598][ T31] netdevsim netdevsim4 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 538.344834][ T31] netdevsim netdevsim4 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 538.356254][ T31] netdevsim netdevsim4 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 538.729697][T12008] netlink: 'syz.3.2584': attribute type 30 has an invalid length. [ 538.798429][T12011] loop1: detected capacity change from 0 to 512 [ 538.805530][T12011] EXT4-fs: Ignoring removed oldalloc option [ 538.888992][T12011] EXT4-fs error (device loop1): ext4_xattr_inode_iget:437: comm syz.1.2582: Parent and EA inode have the same ino 15 [ 538.905598][T12011] EXT4-fs error (device loop1): ext4_xattr_inode_iget:437: comm syz.1.2582: Parent and EA inode have the same ino 15 [ 538.918516][T12011] EXT4-fs (loop1): 1 orphan inode deleted [ 538.925467][T12011] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 538.949667][T12010] loop2: detected capacity change from 0 to 512 [ 539.004592][T12010] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 539.607751][ T3323] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 539.730470][T12026] loop4: detected capacity change from 0 to 1024 [ 539.761713][T12026] EXT4-fs: Ignoring removed orlov option [ 539.791322][T12032] loop2: detected capacity change from 0 to 1024 [ 539.802012][T12026] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 539.827883][T12032] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 539.862489][T12032] EXT4-fs error (device loop2): ext4_orphan_get:1392: inode #11: comm syz.2.2588: iget: bogus i_mode (1) [ 539.919316][T12032] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.2588: couldn't read orphan inode 11 (err -117) [ 539.978368][T12032] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 540.036646][T12032] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 540.265892][ T3317] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 540.297403][T12046] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 540.306325][T12046] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 540.331356][T12050] loop3: detected capacity change from 0 to 512 [ 540.367521][T12050] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 540.777978][T12058] netlink: 'syz.1.2600': attribute type 13 has an invalid length. [ 540.944462][ T3316] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 541.207294][ T3321] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 542.095829][T12085] loop1: detected capacity change from 0 to 512 [ 542.124899][T12085] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 542.341619][T12100] loop4: detected capacity change from 0 to 512 [ 542.357429][T12100] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 543.141080][T12109] loop3: detected capacity change from 0 to 512 [ 543.168084][T12109] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 543.280572][ T3316] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 543.385768][T12115] loop4: detected capacity change from 0 to 256 [ 543.579002][T12115] FAT-fs (loop4): IO charset cp932 not found [ 543.705537][T12119] loop4: detected capacity change from 0 to 128 [ 543.870615][T12125] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2619'. [ 543.879648][T12125] tipc: Disabling bearer [ 544.054223][ T3321] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 545.579582][T12153] tipc: Enabling of bearer rejected, failed to enable media [ 545.758728][ T31] Bluetooth: hci0: Frame reassembly failed (-84) [ 545.765754][T12151] Bluetooth: hci0: Frame reassembly failed (-84) [ 546.101368][ T3317] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 546.228002][T12169] loop0: detected capacity change from 0 to 1024 [ 546.246853][T12169] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 546.259196][T12169] ext4 filesystem being mounted at /541/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 546.284713][ T3326] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 546.525369][T12181] loop0: detected capacity change from 0 to 256 [ 546.571497][T12181] FAT-fs (loop0): IO charset cp932 not found [ 546.667683][T12185] loop0: detected capacity change from 0 to 128 [ 547.271004][T12197] capability: warning: `syz.2.2641' uses deprecated v2 capabilities in a way that may be insecure [ 547.654952][T12195] Bluetooth: hci1: Frame reassembly failed (-84) [ 547.662416][ T31] Bluetooth: hci1: Frame reassembly failed (-84) [ 547.719059][T12203] loop4: detected capacity change from 0 to 512 [ 547.766432][T12203] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 547.783188][T12201] Bluetooth: hci0: command 0x1003 tx timeout [ 547.783195][ T8298] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 547.956413][T12208] loop2: detected capacity change from 0 to 512 [ 548.067175][T12208] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 548.872548][ T3323] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 549.137517][T12228] tipc: New replicast peer: 255.255.255.32 [ 549.143610][T12228] tipc: Enabled bearer , priority 10 [ 549.215315][T12232] loop3: detected capacity change from 0 to 256 [ 549.232971][T12232] FAT-fs (loop3): IO charset cp932 not found [ 549.262705][T12232] loop3: detected capacity change from 0 to 128 [ 549.659586][T12242] loop3: detected capacity change from 0 to 512 [ 549.667024][T12242] ext4: Unknown parameter 'smackfsroot' [ 549.703296][ T3541] Bluetooth: hci1: Opcode 0x1003 failed: -110 [ 549.775730][T12245] loop1: detected capacity change from 0 to 1024 [ 549.782853][T12245] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 549.803467][T12245] EXT4-fs error (device loop1): ext4_orphan_get:1392: inode #11: comm syz.1.2657: iget: bogus i_mode (1) [ 549.867933][T12245] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.2657: couldn't read orphan inode 11 (err -117) [ 549.981565][T12245] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 549.997050][T12245] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 550.091395][T12254] bridge4: the hash_elasticity option has been deprecated and is always 16 [ 550.100131][T12254] bridge4: trying to set multicast startup query interval below minimum, setting to 100 (1000ms) [ 552.078797][T12266] bridge4: the hash_elasticity option has been deprecated and is always 16 [ 552.087506][T12266] bridge4: trying to set multicast startup query interval below minimum, setting to 100 (1000ms) [ 552.528693][T12270] netlink: 'syz.2.2665': attribute type 30 has an invalid length. [ 552.847575][ T3316] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 552.944302][T12282] tipc: Enabling of bearer rejected, already enabled [ 552.959387][T12284] bridge: RTM_NEWNEIGH with invalid ether address [ 553.537117][T12293] bridge3: the hash_elasticity option has been deprecated and is always 16 [ 553.545826][T12293] bridge3: trying to set multicast startup query interval below minimum, setting to 100 (1000ms) [ 555.083365][T12321] bridge: RTM_NEWNEIGH with invalid ether address [ 555.095353][T12322] loop0: detected capacity change from 0 to 512 [ 555.136447][T12322] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 555.178159][T12330] tipc: Enabling of bearer rejected, already enabled [ 555.374391][ T29] kauditd_printk_skb: 55 callbacks suppressed [ 555.374409][ T29] audit: type=1326 audit(1762443246.922:6706): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12332 comm="syz.2.2686" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f979ce3f6c9 code=0x7ffc0000 [ 555.379237][T12333] loop2: detected capacity change from 0 to 512 [ 555.396544][ T29] audit: type=1326 audit(1762443246.922:6707): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12332 comm="syz.2.2686" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f979ce3f6c9 code=0x7ffc0000 [ 555.404870][T12333] EXT4-fs: Ignoring removed mblk_io_submit option [ 555.410410][ T29] audit: type=1326 audit(1762443246.922:6708): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12332 comm="syz.2.2686" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f979ce3f6c9 code=0x7ffc0000 [ 555.452083][T12333] EXT4-fs: Ignoring removed nomblk_io_submit option [ 555.463961][ T29] audit: type=1326 audit(1762443246.922:6709): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12332 comm="syz.2.2686" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f979ce3f6c9 code=0x7ffc0000 [ 555.463997][ T29] audit: type=1326 audit(1762443246.922:6710): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12332 comm="syz.2.2686" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f979ce3f703 code=0x7ffc0000 [ 555.517528][ T29] audit: type=1326 audit(1762443246.922:6711): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12332 comm="syz.2.2686" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f979ce3e17f code=0x7ffc0000 [ 555.521074][T12333] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 555.540864][ T29] audit: type=1326 audit(1762443246.922:6712): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12332 comm="syz.2.2686" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f979ce3f757 code=0x7ffc0000 [ 555.540980][ T29] audit: type=1326 audit(1762443246.922:6713): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12332 comm="syz.2.2686" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f979ce3df10 code=0x7ffc0000 [ 555.549343][T12333] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended [ 555.572816][ T29] audit: type=1326 audit(1762443246.922:6714): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12332 comm="syz.2.2686" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f979ce3f2cb code=0x7ffc0000 [ 555.665184][ T29] audit: type=1326 audit(1762443246.962:6715): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12332 comm="syz.2.2686" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f979ce3e32a code=0x7ffc0000 [ 555.824031][T12333] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4193: comm syz.2.2686: Allocating blocks 41-42 which overlap fs metadata [ 555.846558][T12333] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4193: comm syz.2.2686: Allocating blocks 41-42 which overlap fs metadata [ 555.873695][T12341] loop1: detected capacity change from 0 to 512 [ 555.897725][T12333] EXT4-fs error (device loop2): ext4_acquire_dquot:6945: comm syz.2.2686: Failed to acquire dquot type 1 [ 555.912441][T12341] EXT4-fs error (device loop1): ext4_iget_extra_inode:5075: inode #15: comm syz.1.2688: corrupted in-inode xattr: e_value size too large [ 555.913219][T12333] EXT4-fs error (device loop2): mb_free_blocks:2017: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt. [ 555.941122][T12333] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #12: comm syz.2.2686: corrupted inode contents [ 555.973578][T12341] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.2688: couldn't read orphan inode 15 (err -117) [ 555.985701][T12333] EXT4-fs error (device loop2): ext4_dirty_inode:6517: inode #12: comm syz.2.2686: mark_inode_dirty error [ 556.003384][T12333] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #12: comm syz.2.2686: corrupted inode contents [ 556.003553][T12341] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 556.113197][T12333] EXT4-fs error (device loop2): __ext4_ext_dirty:206: inode #12: comm syz.2.2686: mark_inode_dirty error [ 556.130992][T12333] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #12: comm syz.2.2686: corrupted inode contents [ 556.160772][T12333] EXT4-fs error (device loop2) in ext4_orphan_del:301: Corrupt filesystem [ 556.193449][T12333] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #12: comm syz.2.2686: corrupted inode contents [ 556.260557][T12351] loop4: detected capacity change from 0 to 512 [ 556.267819][T12351] EXT4-fs: Ignoring removed oldalloc option [ 556.294070][T12333] EXT4-fs error (device loop2): ext4_truncate:4637: inode #12: comm syz.2.2686: mark_inode_dirty error [ 556.328813][T12351] EXT4-fs error (device loop4): ext4_xattr_inode_iget:437: comm syz.4.2690: Parent and EA inode have the same ino 15 [ 556.345030][T12351] EXT4-fs error (device loop4): ext4_xattr_inode_iget:437: comm syz.4.2690: Parent and EA inode have the same ino 15 [ 556.357988][T12351] EXT4-fs (loop4): 1 orphan inode deleted [ 556.364445][T12351] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 556.397161][T12333] EXT4-fs error (device loop2) in ext4_process_orphan:343: Corrupt filesystem [ 556.531655][T12333] EXT4-fs (loop2): 1 truncate cleaned up [ 556.585595][T12333] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 556.839314][T12333] netlink: 'syz.2.2686': attribute type 30 has an invalid length. [ 557.024419][ T31] Bluetooth: hci0: Frame reassembly failed (-84) [ 557.032390][ T3323] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 557.275868][T12358] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 557.284523][T12358] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 557.648905][ T3316] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 557.805018][ T3317] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 557.914183][T12365] bridge3: the hash_elasticity option has been deprecated and is always 16 [ 557.922864][T12365] bridge3: trying to set multicast startup query interval below minimum, setting to 100 (1000ms) [ 559.063274][ T8298] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 559.434755][ T3326] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 560.081947][T12388] loop2: detected capacity change from 0 to 1024 [ 560.088817][T12388] EXT4-fs: Ignoring removed orlov option [ 560.113908][T12389] bridge4: the hash_elasticity option has been deprecated and is always 16 [ 560.122560][T12389] bridge4: trying to set multicast startup query interval below minimum, setting to 100 (1000ms) [ 560.198760][T12388] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 560.532512][T12399] loop0: detected capacity change from 0 to 512 [ 560.547910][ T3323] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 560.588807][T12399] EXT4-fs error (device loop0): ext4_iget_extra_inode:5075: inode #15: comm syz.0.2704: corrupted in-inode xattr: e_value size too large [ 560.603998][T12399] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.2704: couldn't read orphan inode 15 (err -117) [ 560.619061][T12399] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 561.129499][T12401] loop1: detected capacity change from 0 to 1024 [ 561.150213][T12409] loop3: detected capacity change from 0 to 512 [ 561.153891][T12401] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 561.173793][T12409] EXT4-fs error (device loop3): ext4_iget_extra_inode:5075: inode #15: comm syz.3.2707: corrupted in-inode xattr: e_value size too large [ 561.188104][T12401] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 561.202829][T12401] JBD2: no valid journal superblock found [ 561.208703][T12401] EXT4-fs (loop1): Could not load journal inode [ 561.215278][T12409] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.2707: couldn't read orphan inode 15 (err -117) [ 561.233148][T12409] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 561.596207][T12417] loop1: detected capacity change from 0 to 512 [ 561.625210][T12417] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 561.720846][ T29] kauditd_printk_skb: 68 callbacks suppressed [ 561.720865][ T29] audit: type=1326 audit(1762443253.262:6780): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12421 comm="syz.2.2710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f979ce3f6c9 code=0x7ffc0000 [ 561.750761][ T29] audit: type=1326 audit(1762443253.262:6781): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12421 comm="syz.2.2710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f979ce3f6c9 code=0x7ffc0000 [ 561.777171][ T29] audit: type=1326 audit(1762443253.262:6782): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12421 comm="syz.2.2710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f979ce3f6c9 code=0x7ffc0000 [ 561.805988][T12422] loop2: detected capacity change from 0 to 512 [ 561.825425][T12422] EXT4-fs: Ignoring removed mblk_io_submit option [ 561.834205][T12422] EXT4-fs: Ignoring removed nomblk_io_submit option [ 561.851143][T12422] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 561.859825][T12422] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended [ 561.901449][ T29] audit: type=1326 audit(1762443253.342:6783): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12421 comm="syz.2.2710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f979ce3f6c9 code=0x7ffc0000 [ 561.925079][ T29] audit: type=1326 audit(1762443253.342:6784): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12421 comm="syz.2.2710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f979ce3f703 code=0x7ffc0000 [ 561.948624][ T29] audit: type=1326 audit(1762443253.352:6785): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12421 comm="syz.2.2710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f979ce3e17f code=0x7ffc0000 [ 561.971953][ T29] audit: type=1326 audit(1762443253.352:6786): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12421 comm="syz.2.2710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f979ce3f757 code=0x7ffc0000 [ 561.985359][T12422] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4193: comm syz.2.2710: Allocating blocks 41-42 which overlap fs metadata [ 561.995489][ T29] audit: type=1326 audit(1762443253.352:6787): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12421 comm="syz.2.2710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f979ce3df10 code=0x7ffc0000 [ 561.995522][ T29] audit: type=1326 audit(1762443253.352:6788): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12421 comm="syz.2.2710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f979ce3f2cb code=0x7ffc0000 [ 562.009635][T12422] Quota error (device loop2): write_blk: dquota write failed [ 562.067965][T12422] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4193: comm syz.2.2710: Allocating blocks 41-42 which overlap fs metadata [ 562.084311][ T3326] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 562.093272][T12422] EXT4-fs error (device loop2): ext4_acquire_dquot:6945: comm syz.2.2710: Failed to acquire dquot type 1 [ 562.104940][T12422] EXT4-fs error (device loop2): mb_free_blocks:2017: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt. [ 562.152528][T12422] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #12: comm syz.2.2710: corrupted inode contents [ 562.174659][T12422] EXT4-fs error (device loop2): ext4_dirty_inode:6517: inode #12: comm syz.2.2710: mark_inode_dirty error [ 562.195518][T12422] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #12: comm syz.2.2710: corrupted inode contents [ 562.246233][T12422] EXT4-fs error (device loop2): __ext4_ext_dirty:206: inode #12: comm syz.2.2710: mark_inode_dirty error [ 562.259544][T12436] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 562.282222][T12436] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 562.290408][T12422] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #12: comm syz.2.2710: corrupted inode contents [ 562.321141][ T3321] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 562.334758][T12422] EXT4-fs error (device loop2) in ext4_orphan_del:301: Corrupt filesystem [ 562.363824][T12422] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #12: comm syz.2.2710: corrupted inode contents [ 562.385931][T12422] EXT4-fs error (device loop2): ext4_truncate:4637: inode #12: comm syz.2.2710: mark_inode_dirty error [ 562.406043][T12438] loop3: detected capacity change from 0 to 1024 [ 562.412718][T12422] EXT4-fs error (device loop2) in ext4_process_orphan:343: Corrupt filesystem [ 562.432911][T12422] EXT4-fs (loop2): 1 truncate cleaned up [ 562.444614][T12438] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 562.445742][T12422] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 562.465694][T12438] ext4 filesystem being mounted at /545/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 562.519058][ T3321] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 562.521890][T12422] netlink: 'syz.2.2710': attribute type 30 has an invalid length. [ 562.638088][ T3323] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 562.870463][T12450] loop3: detected capacity change from 0 to 512 [ 562.926945][T12450] EXT4-fs error (device loop3): ext4_iget_extra_inode:5075: inode #15: comm syz.3.2718: corrupted in-inode xattr: e_value size too large [ 562.953287][T12450] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.2718: couldn't read orphan inode 15 (err -117) [ 562.976713][T12450] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 563.429810][T12459] loop0: detected capacity change from 0 to 128 [ 563.443708][T12459] EXT4-fs (loop0): VFS: Can't find ext4 filesystem [ 563.695908][T12465] loop2: detected capacity change from 0 to 512 [ 563.724133][T12465] EXT4-fs error (device loop2): ext4_orphan_get:1392: inode #15: comm syz.2.2722: inode has both inline data and extents flags [ 563.903218][T12465] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.2722: couldn't read orphan inode 15 (err -117) [ 563.928737][T12465] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 564.758825][ T3323] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 564.806955][T12474] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 564.815449][T12474] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 564.974322][ T3321] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 565.019231][T12481] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 565.035086][T12481] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 565.108638][T12486] loop2: detected capacity change from 0 to 512 [ 565.115381][T12486] ext4: Unknown parameter 'smackfsroot' [ 565.144004][ T3317] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 565.311166][T12495] loop1: detected capacity change from 0 to 512 [ 565.322331][T12495] EXT4-fs error (device loop1): ext4_orphan_get:1392: inode #15: comm syz.1.2732: inode has both inline data and extents flags [ 565.351317][T12495] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.2732: couldn't read orphan inode 15 (err -117) [ 565.373773][T12499] loop4: detected capacity change from 0 to 1024 [ 565.380747][T12495] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 565.404869][T12499] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 565.473523][T12499] ext4 filesystem being mounted at /511/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 565.524435][ T3316] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 565.700719][T12509] loop0: detected capacity change from 0 to 512 [ 565.708210][T12509] ext4: Unknown parameter 'smackfsroot' [ 566.057466][T12514] loop2: detected capacity change from 0 to 128 [ 566.064647][T12514] EXT4-fs (loop2): VFS: Can't find ext4 filesystem [ 566.240249][ T3317] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 567.047554][T12530] loop0: detected capacity change from 0 to 512 [ 567.317369][T12534] bridge: RTM_NEWNEIGH with invalid ether address [ 567.334652][T12530] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 567.461829][T12541] loop4: detected capacity change from 0 to 512 [ 567.778664][T12541] ext4: Unknown parameter 'smackfsroot' [ 567.789201][T12546] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2748'. [ 567.812749][T12549] loop2: detected capacity change from 0 to 512 [ 567.826170][T12549] EXT4-fs error (device loop2): ext4_iget_extra_inode:5075: inode #15: comm syz.2.2750: corrupted in-inode xattr: e_value size too large [ 567.843679][T12549] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.2750: couldn't read orphan inode 15 (err -117) [ 567.861438][T12549] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 568.018280][T12557] loop3: detected capacity change from 0 to 1024 [ 568.032545][T12557] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 568.056121][T12557] EXT4-fs error (device loop3): ext4_orphan_get:1392: inode #11: comm syz.3.2751: iget: bogus i_mode (1) [ 568.083374][T12557] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.2751: couldn't read orphan inode 11 (err -117) [ 568.223788][T12557] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 568.293846][T12557] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 568.361849][T12564] netlink: 'syz.4.2752': attribute type 30 has an invalid length. [ 568.645488][T12572] bridge: RTM_NEWNEIGH with invalid ether address [ 568.654211][T12573] loop3: detected capacity change from 0 to 128 [ 568.672553][T12573] EXT4-fs (loop3): VFS: Can't find ext4 filesystem [ 568.755464][ T3323] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 568.914755][T12584] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2758'. [ 569.362793][ T31] Bluetooth: hci0: Frame reassembly failed (-84) [ 569.647935][T12588] loop1: detected capacity change from 0 to 1024 [ 569.689473][T12588] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 569.713213][T12588] ext4 filesystem being mounted at /567/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 569.784039][ T3317] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 569.816121][ T29] kauditd_printk_skb: 57 callbacks suppressed [ 569.816140][ T29] audit: type=1326 audit(1762443261.362:6843): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12591 comm="syz.1.2762" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6922caf6c9 code=0x7ffc0000 [ 569.850373][T12592] loop1: detected capacity change from 0 to 512 [ 569.862516][T12592] EXT4-fs: Ignoring removed mblk_io_submit option [ 569.869255][T12592] EXT4-fs: Ignoring removed nomblk_io_submit option [ 569.876443][ T29] audit: type=1326 audit(1762443261.392:6844): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12591 comm="syz.1.2762" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f6922caf6c9 code=0x7ffc0000 [ 569.899908][ T29] audit: type=1326 audit(1762443261.392:6845): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12591 comm="syz.1.2762" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6922caf6c9 code=0x7ffc0000 [ 569.903577][T12596] loop2: detected capacity change from 0 to 512 [ 569.923704][ T29] audit: type=1326 audit(1762443261.392:6846): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12591 comm="syz.1.2762" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f6922caf6c9 code=0x7ffc0000 [ 569.953223][ T29] audit: type=1326 audit(1762443261.392:6847): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12591 comm="syz.1.2762" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f6922caf703 code=0x7ffc0000 [ 569.976562][ T29] audit: type=1326 audit(1762443261.392:6848): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12591 comm="syz.1.2762" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f6922cae17f code=0x7ffc0000 [ 570.000118][ T29] audit: type=1326 audit(1762443261.392:6849): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12591 comm="syz.1.2762" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f6922caf757 code=0x7ffc0000 [ 570.023768][ T29] audit: type=1326 audit(1762443261.392:6850): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12591 comm="syz.1.2762" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f6922cadf10 code=0x7ffc0000 [ 570.043491][T12592] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 570.047402][ T29] audit: type=1326 audit(1762443261.392:6851): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12591 comm="syz.1.2762" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f6922caf2cb code=0x7ffc0000 [ 570.055914][T12592] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended [ 570.088333][ T29] audit: type=1326 audit(1762443261.402:6852): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12591 comm="syz.1.2762" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f6922cae32a code=0x7ffc0000 [ 570.113236][T12592] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4193: comm syz.1.2762: Allocating blocks 41-42 which overlap fs metadata [ 570.127422][T12592] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4193: comm syz.1.2762: Allocating blocks 41-42 which overlap fs metadata [ 570.141419][T12596] EXT4-fs error (device loop2): ext4_iget_extra_inode:5075: inode #15: comm syz.2.2764: corrupted in-inode xattr: e_value size too large [ 570.141552][T12592] EXT4-fs error (device loop1): ext4_acquire_dquot:6945: comm syz.1.2762: Failed to acquire dquot type 1 [ 570.167192][T12596] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.2764: couldn't read orphan inode 15 (err -117) [ 570.167382][T12592] EXT4-fs error (device loop1): mb_free_blocks:2017: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt. [ 570.194044][T12592] EXT4-fs error (device loop1): ext4_do_update_inode:5632: inode #12: comm syz.1.2762: corrupted inode contents [ 570.194397][T12596] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 570.232867][T12592] EXT4-fs error (device loop1): ext4_dirty_inode:6517: inode #12: comm syz.1.2762: mark_inode_dirty error [ 570.245153][T12592] EXT4-fs error (device loop1): ext4_do_update_inode:5632: inode #12: comm syz.1.2762: corrupted inode contents [ 570.277857][T12592] EXT4-fs error (device loop1): __ext4_ext_dirty:206: inode #12: comm syz.1.2762: mark_inode_dirty error [ 570.305937][T12603] 8021q: adding VLAN 0 to HW filter on device bond0 [ 570.319131][T12592] EXT4-fs error (device loop1): ext4_do_update_inode:5632: inode #12: comm syz.1.2762: corrupted inode contents [ 570.334710][T12603] 8021q: adding VLAN 0 to HW filter on device team0 [ 570.341500][T12592] EXT4-fs error (device loop1) in ext4_orphan_del:301: Corrupt filesystem [ 570.352922][T12603] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 570.361294][T12592] EXT4-fs error (device loop1): ext4_do_update_inode:5632: inode #12: comm syz.1.2762: corrupted inode contents [ 570.402256][T12592] EXT4-fs error (device loop1): ext4_truncate:4637: inode #12: comm syz.1.2762: mark_inode_dirty error [ 570.423465][T12592] EXT4-fs error (device loop1) in ext4_process_orphan:343: Corrupt filesystem [ 570.432721][T12592] EXT4-fs (loop1): 1 truncate cleaned up [ 570.443005][T12592] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 570.484321][T12606] bridge: RTM_NEWNEIGH with invalid ether address [ 570.492093][T12592] netlink: 'syz.1.2762': attribute type 30 has an invalid length. [ 570.583403][ T3326] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 570.618646][ T3317] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 570.932334][T12620] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 570.941362][T12620] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 571.384267][ T8298] Bluetooth: hci0: command 0x1003 tx timeout [ 571.390451][ T3541] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 571.540734][T12626] loop4: detected capacity change from 0 to 1024 [ 571.982621][T12626] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 572.023584][T12626] ext4 filesystem being mounted at /519/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 572.058625][ T3323] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 572.094148][ T3316] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 572.473190][T12643] bridge: RTM_NEWNEIGH with invalid ether address [ 572.533041][T12648] loop4: detected capacity change from 0 to 512 [ 572.540194][T12648] EXT4-fs: Ignoring removed mblk_io_submit option [ 572.547285][T12648] EXT4-fs: Ignoring removed nomblk_io_submit option [ 572.554652][T12648] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 572.563258][T12648] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended [ 572.593548][T12648] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4193: comm syz.4.2781: Allocating blocks 41-42 which overlap fs metadata [ 572.626365][T12654] loop1: detected capacity change from 0 to 512 [ 572.643069][T12657] loop0: detected capacity change from 0 to 1024 [ 572.666582][T12657] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 572.677486][T12648] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4193: comm syz.4.2781: Allocating blocks 41-42 which overlap fs metadata [ 572.691760][T12648] EXT4-fs error (device loop4): ext4_acquire_dquot:6945: comm syz.4.2781: Failed to acquire dquot type 1 [ 572.704727][T12654] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 572.717585][T12657] EXT4-fs error (device loop0): ext4_orphan_get:1392: inode #11: comm syz.0.2782: iget: bogus i_mode (1) [ 572.732576][T12655] loop3: detected capacity change from 0 to 512 [ 572.739267][T12655] EXT4-fs: Ignoring removed i_version option [ 572.745345][T12655] EXT4-fs: Ignoring removed mblk_io_submit option [ 572.752816][T12655] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 572.763075][T12648] EXT4-fs error (device loop4): mb_free_blocks:2017: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt. [ 572.777949][T12657] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.2782: couldn't read orphan inode 11 (err -117) [ 572.778277][T12655] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8842e02c, mo2=0002] [ 572.797957][T12655] EXT4-fs (loop3): orphan cleanup on readonly fs [ 572.803324][T12648] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #12: comm syz.4.2781: corrupted inode contents [ 572.816765][T12655] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.2779: bg 0: block 361: padding at end of block bitmap is not set [ 572.816849][T12657] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 572.832871][T12655] EXT4-fs (loop3): Remounting filesystem read-only [ 572.849438][T12648] EXT4-fs error (device loop4): ext4_dirty_inode:6517: inode #12: comm syz.4.2781: mark_inode_dirty error [ 572.862311][T12655] EXT4-fs (loop3): 1 truncate cleaned up [ 572.862426][T12648] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #12: comm syz.4.2781: corrupted inode contents [ 572.868566][T12655] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: none. [ 572.880581][T12648] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #12: comm syz.4.2781: mark_inode_dirty error [ 572.923350][T12657] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 572.932706][T12648] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #12: comm syz.4.2781: corrupted inode contents [ 572.953486][T12648] EXT4-fs error (device loop4) in ext4_orphan_del:301: Corrupt filesystem [ 572.962390][T12648] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #12: comm syz.4.2781: corrupted inode contents [ 572.980793][T12648] EXT4-fs error (device loop4): ext4_truncate:4637: inode #12: comm syz.4.2781: mark_inode_dirty error [ 573.008200][T12663] loop0: detected capacity change from 0 to 1024 [ 573.014902][T12648] EXT4-fs error (device loop4) in ext4_process_orphan:343: Corrupt filesystem [ 573.028345][T12663] EXT4-fs: Ignoring removed orlov option [ 573.029457][ T3321] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000007. [ 573.035181][T12648] EXT4-fs (loop4): 1 truncate cleaned up [ 573.050150][T12648] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 573.067362][T12663] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 573.074491][T12648] netlink: 'syz.4.2781': attribute type 30 has an invalid length. [ 573.198774][ T3316] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 573.276434][T12672] loop4: detected capacity change from 0 to 1024 [ 573.283231][T12672] EXT4-fs: Ignoring removed orlov option [ 573.290124][T12672] EXT4-fs (loop4): couldn't mount as ext2 due to feature incompatibilities [ 573.315870][T12674] loop2: detected capacity change from 0 to 512 [ 573.347671][T12674] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 574.127267][ T3326] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 574.204838][T12688] loop0: detected capacity change from 0 to 512 [ 574.211614][T12688] ext4: Unknown parameter 'smackfsroot' [ 574.253928][ T3323] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 574.279581][T12692] bridge: RTM_NEWNEIGH with invalid ether address [ 575.055683][T12701] bridge3: the hash_elasticity option has been deprecated and is always 16 [ 575.064466][T12701] bridge3: trying to set multicast startup query interval below minimum, setting to 100 (1000ms) [ 575.232409][T12710] loop2: detected capacity change from 0 to 512 [ 575.240345][T12710] EXT4-fs error (device loop2): ext4_orphan_get:1392: inode #15: comm syz.2.2797: inode has both inline data and extents flags [ 575.254812][T12710] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.2797: couldn't read orphan inode 15 (err -117) [ 575.279931][T12710] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 575.682773][ T3317] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 575.709095][T12715] tipc: Enabling of bearer rejected, already enabled [ 575.841527][T12724] loop1: detected capacity change from 0 to 512 [ 575.875523][T12724] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 575.927523][T12727] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 575.936191][T12727] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 576.159545][T12733] netlink: 'syz.0.2803': attribute type 13 has an invalid length. [ 576.446306][ T3323] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 576.490993][T12740] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 576.499926][T12740] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 576.824718][ T3317] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 577.212059][T12752] loop0: detected capacity change from 0 to 1024 [ 577.292532][T12752] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 577.305208][T12752] ext4 filesystem being mounted at /572/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 577.579907][ T3326] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 577.948461][T12760] bridge4: the hash_elasticity option has been deprecated and is always 16 [ 577.957139][T12760] bridge4: trying to set multicast startup query interval below minimum, setting to 100 (1000ms) [ 578.054283][T12764] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 578.062911][T12764] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 578.309348][T12771] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2813'. [ 578.757522][T12776] loop0: detected capacity change from 0 to 512 [ 578.764703][T12776] ext4: Unknown parameter 'smackfsroot' [ 579.427174][T12787] loop4: detected capacity change from 0 to 512 [ 579.434857][T12787] ext4: Unknown parameter 'smackfsroot' [ 579.453745][T12783] loop2: detected capacity change from 0 to 1024 [ 579.462436][T12783] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 579.471420][T12783] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 579.482377][T12783] JBD2: no valid journal superblock found [ 579.488204][T12783] EXT4-fs (loop2): Could not load journal inode [ 580.540930][T12811] tipc: Enabling of bearer rejected, already enabled [ 582.333304][T12834] loop0: detected capacity change from 0 to 512 [ 582.353929][T12829] loop3: detected capacity change from 0 to 1024 [ 582.362201][T12834] EXT4-fs: Ignoring removed i_version option [ 582.373288][T12834] EXT4-fs: Ignoring removed mblk_io_submit option [ 582.381676][T12829] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 582.401063][T12834] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 582.412969][T12829] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 582.433856][T12834] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8842e02c, mo2=0002] [ 582.442440][T12829] JBD2: no valid journal superblock found [ 582.448267][T12829] EXT4-fs (loop3): Could not load journal inode [ 582.463388][T12834] EXT4-fs (loop0): orphan cleanup on readonly fs [ 582.480022][T12834] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.2832: bg 0: block 361: padding at end of block bitmap is not set [ 582.522477][T12834] EXT4-fs (loop0): Remounting filesystem read-only [ 582.546362][T12834] EXT4-fs (loop0): 1 truncate cleaned up [ 582.567712][T12834] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: none. [ 582.752259][T12843] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 582.771056][T12846] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 582.785088][T12843] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 582.795879][T12846] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 582.824863][ T3326] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000007. [ 582.906793][T12851] loop0: detected capacity change from 0 to 1024 [ 582.955107][T12851] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 582.967307][T12851] ext4 filesystem being mounted at /579/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 582.989723][ T3326] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 583.644890][T12867] 8021q: adding VLAN 0 to HW filter on device bond0 [ 583.806240][T12867] 8021q: adding VLAN 0 to HW filter on device team0 [ 583.896854][T12867] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 584.126740][T12871] loop4: detected capacity change from 0 to 1024 [ 584.140858][T12871] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 584.163368][T12871] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 584.182697][T12871] JBD2: no valid journal superblock found [ 584.188524][T12871] EXT4-fs (loop4): Could not load journal inode [ 584.476780][ T29] kauditd_printk_skb: 137 callbacks suppressed [ 584.476796][ T29] audit: type=1326 audit(1762443276.022:6982): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12889 comm="syz.4.2854" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb103d8f6c9 code=0x7ffc0000 [ 584.514531][T12893] loop4: detected capacity change from 0 to 512 [ 584.521374][T12893] EXT4-fs: Ignoring removed mblk_io_submit option [ 584.570621][T12893] EXT4-fs: Ignoring removed nomblk_io_submit option [ 584.591537][ T29] audit: type=1326 audit(1762443276.052:6983): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12889 comm="syz.4.2854" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fb103d8f6c9 code=0x7ffc0000 [ 584.615288][ T29] audit: type=1326 audit(1762443276.052:6984): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12889 comm="syz.4.2854" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fb103d8f703 code=0x7ffc0000 [ 584.638707][ T29] audit: type=1326 audit(1762443276.052:6985): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12889 comm="syz.4.2854" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fb103d8e17f code=0x7ffc0000 [ 584.662069][ T29] audit: type=1326 audit(1762443276.062:6986): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12889 comm="syz.4.2854" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7fb103d8f757 code=0x7ffc0000 [ 584.685539][ T29] audit: type=1326 audit(1762443276.062:6987): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12889 comm="syz.4.2854" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fb103d8df10 code=0x7ffc0000 [ 584.709276][ T29] audit: type=1326 audit(1762443276.062:6988): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12889 comm="syz.4.2854" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fb103d8f2cb code=0x7ffc0000 [ 584.709903][T12893] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 584.732706][ T29] audit: type=1326 audit(1762443276.062:6989): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12889 comm="syz.4.2854" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fb103d8e32a code=0x7ffc0000 [ 584.741191][T12893] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended [ 584.773965][ T29] audit: type=1326 audit(1762443276.062:6990): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12889 comm="syz.4.2854" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fb103d8e32a code=0x7ffc0000 [ 584.797288][ T29] audit: type=1326 audit(1762443276.062:6991): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12889 comm="syz.4.2854" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7fb103d8de17 code=0x7ffc0000 [ 584.844246][T12893] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4193: comm syz.4.2854: Allocating blocks 41-42 which overlap fs metadata [ 584.894544][T12893] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4193: comm syz.4.2854: Allocating blocks 41-42 which overlap fs metadata [ 584.944516][T12893] EXT4-fs error (device loop4): ext4_acquire_dquot:6945: comm syz.4.2854: Failed to acquire dquot type 1 [ 584.988043][T12893] EXT4-fs error (device loop4): mb_free_blocks:2017: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt. [ 585.048480][T12893] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #12: comm syz.4.2854: corrupted inode contents [ 585.117947][T12893] EXT4-fs error (device loop4): ext4_dirty_inode:6517: inode #12: comm syz.4.2854: mark_inode_dirty error [ 585.156934][T12893] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #12: comm syz.4.2854: corrupted inode contents [ 585.193323][T12893] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #12: comm syz.4.2854: mark_inode_dirty error [ 585.229043][T12893] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #12: comm syz.4.2854: corrupted inode contents [ 585.267173][T12893] EXT4-fs error (device loop4) in ext4_orphan_del:301: Corrupt filesystem [ 585.282938][T12893] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #12: comm syz.4.2854: corrupted inode contents [ 585.314173][T12893] EXT4-fs error (device loop4): ext4_truncate:4637: inode #12: comm syz.4.2854: mark_inode_dirty error [ 585.334100][T12893] EXT4-fs error (device loop4) in ext4_process_orphan:343: Corrupt filesystem [ 585.343648][T12893] EXT4-fs (loop4): 1 truncate cleaned up [ 585.349641][T12893] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 585.389363][T12902] loop3: detected capacity change from 0 to 1024 [ 585.403019][T12902] EXT4-fs: Ignoring removed orlov option [ 585.423475][T12902] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 585.466127][ T3316] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 585.962780][T12911] loop2: detected capacity change from 0 to 512 [ 585.973811][T12911] EXT4-fs error (device loop2): ext4_orphan_get:1392: inode #15: comm syz.2.2859: inode has both inline data and extents flags [ 586.040575][T12911] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.2859: couldn't read orphan inode 15 (err -117) [ 586.055387][T12911] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 586.394510][ T3321] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 587.446886][T12937] loop3: detected capacity change from 0 to 512 [ 587.462484][T12937] EXT4-fs: Ignoring removed mblk_io_submit option [ 587.479565][T12937] EXT4-fs: Ignoring removed nomblk_io_submit option [ 587.497346][T12937] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 587.505866][T12937] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 587.548957][T12943] loop1: detected capacity change from 0 to 1024 [ 587.566575][T12937] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4193: comm syz.3.2867: Allocating blocks 41-42 which overlap fs metadata [ 587.589313][T12937] EXT4-fs error (device loop3): ext4_acquire_dquot:6945: comm syz.3.2867: Failed to acquire dquot type 1 [ 587.601245][T12943] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 587.615724][T12937] EXT4-fs error (device loop3): mb_free_blocks:2017: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt. [ 587.630956][T12943] EXT4-fs error (device loop1): ext4_orphan_get:1392: inode #11: comm syz.1.2869: iget: bogus i_mode (1) [ 587.642434][T12937] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #12: comm syz.3.2867: corrupted inode contents [ 587.654705][T12937] EXT4-fs error (device loop3): ext4_dirty_inode:6517: inode #12: comm syz.3.2867: mark_inode_dirty error [ 587.666350][T12943] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.2869: couldn't read orphan inode 11 (err -117) [ 587.673178][T12948] 8021q: adding VLAN 0 to HW filter on device bond0 [ 587.678939][T12943] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 587.697851][T12937] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #12: comm syz.3.2867: corrupted inode contents [ 587.699542][T12948] 8021q: adding VLAN 0 to HW filter on device team0 [ 587.721493][T12948] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 587.743755][T12937] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #12: comm syz.3.2867: mark_inode_dirty error [ 587.763171][T12937] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #12: comm syz.3.2867: corrupted inode contents [ 587.779570][T12943] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 587.793666][T12937] EXT4-fs error (device loop3) in ext4_orphan_del:301: Corrupt filesystem [ 587.805403][T12937] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #12: comm syz.3.2867: corrupted inode contents [ 587.827861][T12937] EXT4-fs error (device loop3): ext4_truncate:4637: inode #12: comm syz.3.2867: mark_inode_dirty error [ 587.842023][T12937] EXT4-fs error (device loop3) in ext4_process_orphan:343: Corrupt filesystem [ 587.851194][T12937] EXT4-fs (loop3): 1 truncate cleaned up [ 587.858728][T12937] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 587.886593][T12955] loop4: detected capacity change from 0 to 512 [ 587.904229][T12955] EXT4-fs error (device loop4): ext4_iget_extra_inode:5075: inode #15: comm syz.4.2872: corrupted in-inode xattr: e_value size too large [ 587.934582][T12955] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.2872: couldn't read orphan inode 15 (err -117) [ 587.973891][T12955] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 587.998755][ T3321] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 588.010551][ T3323] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 588.125395][T12958] 8021q: adding VLAN 0 to HW filter on device bond0 [ 588.164856][T12958] 8021q: adding VLAN 0 to HW filter on device team0 [ 588.197210][T12958] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 588.420395][T12953] loop1: detected capacity change from 0 to 512 [ 588.478705][T12961] loop3: detected capacity change from 0 to 512 [ 588.485413][T12961] EXT4-fs: Ignoring removed oldalloc option [ 588.488729][T12971] loop0: detected capacity change from 0 to 1024 [ 588.492340][T12953] EXT4-fs: Ignoring removed i_version option [ 588.510192][T12953] EXT4-fs: Ignoring removed mblk_io_submit option [ 588.524531][T12971] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 588.527877][T12961] EXT4-fs error (device loop3): ext4_xattr_inode_iget:437: comm syz.3.2874: Parent and EA inode have the same ino 15 [ 588.543371][T12971] ext4 filesystem being mounted at /587/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 588.563641][T12953] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 588.590359][T12953] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8842e02c, mo2=0002] [ 588.602245][T12961] EXT4-fs error (device loop3): ext4_xattr_inode_iget:437: comm syz.3.2874: Parent and EA inode have the same ino 15 [ 588.623050][T12953] EXT4-fs (loop1): orphan cleanup on readonly fs [ 588.623150][ T3326] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 588.638953][T12961] EXT4-fs (loop3): 1 orphan inode deleted [ 588.645729][T12961] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 588.658659][T12953] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.2873: bg 0: block 361: padding at end of block bitmap is not set [ 588.680720][T12953] EXT4-fs (loop1): Remounting filesystem read-only [ 588.703743][T12953] EXT4-fs (loop1): 1 truncate cleaned up [ 588.709793][T12953] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: none. [ 588.897896][ T3321] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 588.960521][ T3317] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000007. [ 589.187662][T12991] loop1: detected capacity change from 0 to 512 [ 589.215050][T12991] EXT4-fs error (device loop1): ext4_orphan_get:1392: inode #15: comm syz.1.2883: inode has both inline data and extents flags [ 589.229680][T12991] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.2883: couldn't read orphan inode 15 (err -117) [ 589.254538][T12991] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 589.267192][T12986] loop3: detected capacity change from 0 to 1024 [ 589.274383][T12986] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 589.283216][T12986] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 589.293853][T12986] JBD2: no valid journal superblock found [ 589.299594][T12986] EXT4-fs (loop3): Could not load journal inode [ 589.409061][T12995] loop2: detected capacity change from 0 to 512 [ 589.416197][T12995] EXT4-fs: Ignoring removed mblk_io_submit option [ 589.422674][T12995] EXT4-fs: Ignoring removed nomblk_io_submit option [ 589.429975][T12995] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 589.438571][T12995] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended [ 589.489556][T12995] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4193: comm syz.2.2884: Allocating blocks 41-42 which overlap fs metadata [ 589.513703][T12995] __quota_error: 163 callbacks suppressed [ 589.513723][T12995] Quota error (device loop2): write_blk: dquota write failed [ 589.526962][T12995] Quota error (device loop2): find_free_dqentry: Can't write quota data block 5 [ 589.536286][T12995] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4193: comm syz.2.2884: Allocating blocks 41-42 which overlap fs metadata [ 589.552628][ T3316] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 589.553467][T12995] Quota error (device loop2): write_blk: dquota write failed [ 589.569208][T12995] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota [ 589.579783][T12995] EXT4-fs error (device loop2): ext4_acquire_dquot:6945: comm syz.2.2884: Failed to acquire dquot type 1 [ 589.665623][T12995] EXT4-fs error (device loop2): mb_free_blocks:2017: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt. [ 589.690316][T12995] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #12: comm syz.2.2884: corrupted inode contents [ 589.719310][T12995] EXT4-fs error (device loop2): ext4_dirty_inode:6517: inode #12: comm syz.2.2884: mark_inode_dirty error [ 589.731247][T12995] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #12: comm syz.2.2884: corrupted inode contents [ 589.744065][T12995] EXT4-fs error (device loop2): __ext4_ext_dirty:206: inode #12: comm syz.2.2884: mark_inode_dirty error [ 589.755900][T12995] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #12: comm syz.2.2884: corrupted inode contents [ 589.783934][T12995] EXT4-fs error (device loop2) in ext4_orphan_del:301: Corrupt filesystem [ 589.799228][T13008] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 589.808249][T12995] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #12: comm syz.2.2884: corrupted inode contents [ 589.827948][T13008] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 589.835955][T12995] EXT4-fs error (device loop2): ext4_truncate:4637: inode #12: comm syz.2.2884: mark_inode_dirty error [ 589.847640][T12995] EXT4-fs error (device loop2) in ext4_process_orphan:343: Corrupt filesystem [ 589.856953][T12995] EXT4-fs (loop2): 1 truncate cleaned up [ 589.863204][T12995] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 589.876415][ T29] audit: type=1326 audit(1762443281.422:7148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12994 comm="syz.2.2884" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f979ce3df10 code=0x7ffc0000 [ 589.945960][ T29] audit: type=1326 audit(1762443281.452:7149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12994 comm="syz.2.2884" exe="/root/syz-executor" sig=0 arch=c000003e syscall=80 compat=0 ip=0x7f979ce3e417 code=0x7ffc0000 [ 589.969709][ T29] audit: type=1326 audit(1762443281.452:7150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12994 comm="syz.2.2884" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f979ce3df10 code=0x7ffc0000 [ 589.984794][ T3323] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 589.993290][ T29] audit: type=1326 audit(1762443281.452:7151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12994 comm="syz.2.2884" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f979ce3f6c9 code=0x7ffc0000 [ 589.993326][ T29] audit: type=1326 audit(1762443281.462:7152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12994 comm="syz.2.2884" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f979ce3f6c9 code=0x7ffc0000 [ 590.049530][ T29] audit: type=1326 audit(1762443281.462:7153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12994 comm="syz.2.2884" exe="/root/syz-executor" sig=0 arch=c000003e syscall=190 compat=0 ip=0x7f979ce3f6c9 code=0x7ffc0000 [ 590.076554][T13014] loop3: detected capacity change from 0 to 512 [ 590.138761][T13016] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2889'. [ 590.193268][T13014] EXT4-fs: Ignoring removed mblk_io_submit option [ 590.200119][T13014] EXT4-fs: Ignoring removed nomblk_io_submit option [ 590.209001][T13014] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 590.217526][T13014] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 590.255665][T13014] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4193: comm syz.3.2890: Allocating blocks 41-42 which overlap fs metadata [ 590.278525][T13014] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4193: comm syz.3.2890: Allocating blocks 41-42 which overlap fs metadata [ 590.331493][T13014] EXT4-fs error (device loop3): ext4_acquire_dquot:6945: comm syz.3.2890: Failed to acquire dquot type 1 [ 590.368375][T13014] EXT4-fs error (device loop3): mb_free_blocks:2017: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt. [ 590.413826][T13014] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #12: comm syz.3.2890: corrupted inode contents [ 590.452362][T13014] EXT4-fs error (device loop3): ext4_dirty_inode:6517: inode #12: comm syz.3.2890: mark_inode_dirty error [ 590.513892][T13014] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #12: comm syz.3.2890: corrupted inode contents [ 590.526506][T13014] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #12: comm syz.3.2890: mark_inode_dirty error [ 590.540110][ T3317] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 590.555769][T13014] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #12: comm syz.3.2890: corrupted inode contents [ 590.578261][T13014] EXT4-fs error (device loop3) in ext4_orphan_del:301: Corrupt filesystem [ 590.587405][T13014] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #12: comm syz.3.2890: corrupted inode contents [ 590.600029][T13014] EXT4-fs error (device loop3): ext4_truncate:4637: inode #12: comm syz.3.2890: mark_inode_dirty error [ 590.616246][T13022] tipc: Enabling of bearer rejected, already enabled [ 590.631813][T13014] EXT4-fs error (device loop3) in ext4_process_orphan:343: Corrupt filesystem [ 590.650083][T13014] EXT4-fs (loop3): 1 truncate cleaned up [ 590.656322][T13014] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 590.676107][T13011] netlink: 'syz.3.2890': attribute type 30 has an invalid length. [ 590.748055][ T3321] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 590.779039][T13031] hub 9-0:1.0: USB hub found [ 590.786902][T13031] hub 9-0:1.0: 8 ports detected [ 590.804511][ T2062] Bluetooth: hci0: Frame reassembly failed (-84) [ 590.822406][T13024] Bluetooth: hci0: Frame reassembly failed (-84) [ 590.840672][T13033] loop3: detected capacity change from 0 to 1024 [ 590.847913][T13033] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 590.867348][T13033] EXT4-fs error (device loop3): ext4_orphan_get:1392: inode #11: comm syz.3.2896: iget: bogus i_mode (1) [ 590.878821][T13033] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.2896: couldn't read orphan inode 11 (err -117) [ 590.891503][T13033] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 590.906046][T13033] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 591.943686][T13055] loop3: detected capacity change from 0 to 1024 [ 591.950348][T13055] EXT4-fs: Ignoring removed orlov option [ 591.958746][T13055] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 592.057718][T13057] loop0: detected capacity change from 0 to 1024 [ 592.064892][T13057] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 592.073497][T13057] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 592.084068][T13057] JBD2: no valid journal superblock found [ 592.089893][T13057] EXT4-fs (loop0): Could not load journal inode [ 592.406570][T13060] netlink: 2 bytes leftover after parsing attributes in process `syz.1.2904'. [ 592.678235][T13065] loop1: detected capacity change from 0 to 512 [ 592.685425][T13065] EXT4-fs: Ignoring removed mblk_io_submit option [ 592.692066][T13065] EXT4-fs: Ignoring removed nomblk_io_submit option [ 592.703583][T13065] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 592.712128][T13065] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended [ 592.754479][T13065] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4193: comm syz.1.2906: Allocating blocks 41-42 which overlap fs metadata [ 592.768740][T13065] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4193: comm syz.1.2906: Allocating blocks 41-42 which overlap fs metadata [ 592.782951][T13065] EXT4-fs error (device loop1): ext4_acquire_dquot:6945: comm syz.1.2906: Failed to acquire dquot type 1 [ 592.794798][T13065] EXT4-fs error (device loop1): mb_free_blocks:2017: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt. [ 592.823168][ T8298] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 592.913236][T13065] EXT4-fs error (device loop1): ext4_do_update_inode:5632: inode #12: comm syz.1.2906: corrupted inode contents [ 592.960096][T13065] EXT4-fs error (device loop1): ext4_dirty_inode:6517: inode #12: comm syz.1.2906: mark_inode_dirty error [ 593.013372][T13065] EXT4-fs error (device loop1): ext4_do_update_inode:5632: inode #12: comm syz.1.2906: corrupted inode contents [ 593.043176][T13065] EXT4-fs error (device loop1): __ext4_ext_dirty:206: inode #12: comm syz.1.2906: mark_inode_dirty error [ 593.070414][ T3321] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 593.081296][T13065] EXT4-fs error (device loop1): ext4_do_update_inode:5632: inode #12: comm syz.1.2906: corrupted inode contents [ 593.101697][T13065] EXT4-fs error (device loop1) in ext4_orphan_del:301: Corrupt filesystem [ 593.101924][T13076] loop0: detected capacity change from 0 to 512 [ 593.111862][T13065] EXT4-fs error (device loop1): ext4_do_update_inode:5632: inode #12: comm syz.1.2906: corrupted inode contents [ 593.128994][T13076] ext4: Unknown parameter 'smackfsroot' [ 593.135708][T13077] loop2: detected capacity change from 0 to 1024 [ 593.137574][T13065] EXT4-fs error (device loop1): ext4_truncate:4637: inode #12: comm syz.1.2906: mark_inode_dirty error [ 593.143007][T13077] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 593.184428][T13065] EXT4-fs error (device loop1) in ext4_process_orphan:343: Corrupt filesystem [ 593.194204][T13077] EXT4-fs error (device loop2): ext4_orphan_get:1392: inode #11: comm syz.2.2909: iget: bogus i_mode (1) [ 593.205940][T13077] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.2909: couldn't read orphan inode 11 (err -117) [ 593.220573][T13077] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 593.358870][T13065] EXT4-fs (loop1): 1 truncate cleaned up [ 593.365269][T13065] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 593.396208][T13065] netlink: 'syz.1.2906': attribute type 30 has an invalid length. [ 593.408676][T13077] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 593.620917][T13091] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 593.643239][T13091] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 593.927099][ T3317] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 594.140200][T13097] loop4: detected capacity change from 0 to 1024 [ 594.153381][T13097] EXT4-fs: Ignoring removed orlov option [ 594.644765][T13097] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 595.470729][ T29] kauditd_printk_skb: 181 callbacks suppressed [ 595.470748][ T29] audit: type=1326 audit(1762443287.012:7327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13124 comm="syz.0.2925" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7f325ef6c9 code=0x7ffc0000 [ 595.514489][T13125] loop0: detected capacity change from 0 to 512 [ 595.521303][T13125] EXT4-fs: Ignoring removed mblk_io_submit option [ 595.535029][T13125] EXT4-fs: Ignoring removed nomblk_io_submit option [ 595.538750][ T29] audit: type=1326 audit(1762443287.052:7328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13124 comm="syz.0.2925" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f7f325ef6c9 code=0x7ffc0000 [ 595.565364][ T29] audit: type=1326 audit(1762443287.052:7329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13124 comm="syz.0.2925" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f7f325ef703 code=0x7ffc0000 [ 595.574172][T13125] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 595.588730][ T29] audit: type=1326 audit(1762443287.052:7330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13124 comm="syz.0.2925" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f7f325ee17f code=0x7ffc0000 [ 595.597139][T13125] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended [ 595.620442][ T29] audit: type=1326 audit(1762443287.062:7331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13124 comm="syz.0.2925" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f7f325ef757 code=0x7ffc0000 [ 595.652969][ T29] audit: type=1326 audit(1762443287.062:7332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13124 comm="syz.0.2925" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f7f325edf10 code=0x7ffc0000 [ 595.676521][ T29] audit: type=1326 audit(1762443287.062:7333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13124 comm="syz.0.2925" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f7f325ef2cb code=0x7ffc0000 [ 595.700029][ T29] audit: type=1326 audit(1762443287.062:7334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13124 comm="syz.0.2925" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f7f325ee32a code=0x7ffc0000 [ 595.723496][ T29] audit: type=1326 audit(1762443287.062:7335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13124 comm="syz.0.2925" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f7f325ee32a code=0x7ffc0000 [ 595.746878][ T29] audit: type=1326 audit(1762443287.062:7336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13124 comm="syz.0.2925" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f7f325ede17 code=0x7ffc0000 [ 595.755033][T13125] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4193: comm syz.0.2925: Allocating blocks 41-42 which overlap fs metadata [ 595.826163][T13125] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4193: comm syz.0.2925: Allocating blocks 41-42 which overlap fs metadata [ 595.849082][ T2062] Bluetooth: hci0: Frame reassembly failed (-84) [ 595.864549][T13125] EXT4-fs error (device loop0): ext4_acquire_dquot:6945: comm syz.0.2925: Failed to acquire dquot type 1 [ 595.888832][T13125] EXT4-fs error (device loop0): mb_free_blocks:2017: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt. [ 595.919568][T13125] EXT4-fs error (device loop0): ext4_do_update_inode:5632: inode #12: comm syz.0.2925: corrupted inode contents [ 595.941020][T13125] EXT4-fs error (device loop0): ext4_dirty_inode:6517: inode #12: comm syz.0.2925: mark_inode_dirty error [ 595.946470][T13138] bridge: RTM_NEWNEIGH with invalid ether address [ 595.960230][T13125] EXT4-fs error (device loop0): ext4_do_update_inode:5632: inode #12: comm syz.0.2925: corrupted inode contents [ 595.983869][T13125] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #12: comm syz.0.2925: mark_inode_dirty error [ 596.103533][T13125] EXT4-fs error (device loop0): ext4_do_update_inode:5632: inode #12: comm syz.0.2925: corrupted inode contents [ 596.115947][T13125] EXT4-fs error (device loop0) in ext4_orphan_del:301: Corrupt filesystem [ 596.177522][T13125] EXT4-fs error (device loop0): ext4_do_update_inode:5632: inode #12: comm syz.0.2925: corrupted inode contents [ 596.236652][T13125] EXT4-fs error (device loop0): ext4_truncate:4637: inode #12: comm syz.0.2925: mark_inode_dirty error [ 596.304215][T13125] EXT4-fs error (device loop0) in ext4_process_orphan:343: Corrupt filesystem [ 596.360016][T13125] EXT4-fs (loop0): 1 truncate cleaned up [ 596.400843][T13125] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2925'. [ 596.808909][T13149] Bluetooth: hci1: Frame reassembly failed (-84) [ 597.207333][T13160] hub 8-0:1.0: USB hub found [ 597.212094][T13160] hub 8-0:1.0: 8 ports detected [ 597.229031][T13162] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 597.238099][T13162] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 597.246932][T13164] loop4: detected capacity change from 0 to 1024 [ 597.253815][T13164] EXT4-fs: Ignoring removed orlov option [ 597.327034][T13168] loop0: detected capacity change from 0 to 512 [ 597.335607][T13168] EXT4-fs error (device loop0): ext4_iget_extra_inode:5075: inode #15: comm syz.0.2939: corrupted in-inode xattr: e_value size too large [ 597.350081][T13168] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.2939: couldn't read orphan inode 15 (err -117) [ 597.718386][T13169] ================================================================== [ 597.726522][T13169] BUG: KCSAN: data-race in xas_find_marked / xas_set_mark [ 597.733655][T13169] [ 597.736011][T13169] write to 0xffff888108b3028c of 4 bytes by task 13164 on cpu 0: [ 597.743749][T13169] xas_set_mark+0x12b/0x140 [ 597.748279][T13169] __folio_start_writeback+0x155/0x390 [ 597.753775][T13169] ext4_bio_write_folio+0x5ad/0x9f0 [ 597.759013][T13169] mpage_process_page_bufs+0x4a1/0x620 [ 597.764514][T13169] mpage_prepare_extent_to_map+0x786/0xc00 [ 597.770362][T13169] ext4_do_writepages+0xa05/0x2750 [ 597.775497][T13169] ext4_writepages+0x176/0x300 [ 597.780312][T13169] do_writepages+0x1c6/0x310 [ 597.784924][T13169] file_write_and_wait_range+0x156/0x2c0 [ 597.790601][T13169] generic_buffers_fsync_noflush+0x45/0x120 [ 597.796532][T13169] ext4_sync_file+0x1ab/0x690 [ 597.801854][T13169] vfs_fsync_range+0x10d/0x130 [ 597.806661][T13169] ext4_buffered_write_iter+0x34f/0x3c0 [ 597.812243][T13169] ext4_file_write_iter+0x387/0xf60 [ 597.817497][T13169] iter_file_splice_write+0x666/0xa60 [ 597.822909][T13169] direct_splice_actor+0x156/0x2a0 [ 597.828042][T13169] splice_direct_to_actor+0x312/0x680 [ 597.833452][T13169] do_splice_direct+0xda/0x150 [ 597.838258][T13169] do_sendfile+0x380/0x650 [ 597.842706][T13169] __x64_sys_sendfile64+0x105/0x150 [ 597.847929][T13169] x64_sys_call+0x2bb4/0x3000 [ 597.852644][T13169] do_syscall_64+0xd2/0x200 [ 597.857166][T13169] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 597.863083][T13169] [ 597.865423][T13169] read to 0xffff888108b3028c of 4 bytes by task 13169 on cpu 1: [ 597.873082][T13169] xas_find_marked+0x5dc/0x620 [ 597.873253][T12201] Bluetooth: hci0: command 0x1003 tx timeout [ 597.877871][T13169] find_get_entry+0x5d/0x380 [ 597.877915][T13169] filemap_get_folios_tag+0x92/0x210 [ 597.883978][ T3541] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 597.888472][T13169] mpage_prepare_extent_to_map+0x320/0xc00 [ 597.905617][T13169] ext4_do_writepages+0x708/0x2750 [ 597.910742][T13169] ext4_writepages+0x176/0x300 [ 597.915519][T13169] do_writepages+0x1c6/0x310 [ 597.920121][T13169] file_write_and_wait_range+0x156/0x2c0 [ 597.925795][T13169] generic_buffers_fsync_noflush+0x45/0x120 [ 597.931720][T13169] ext4_sync_file+0x1ab/0x690 [ 597.936572][T13169] vfs_fsync_range+0x10d/0x130 [ 597.941370][T13169] ext4_buffered_write_iter+0x34f/0x3c0 [ 597.946952][T13169] ext4_file_write_iter+0x387/0xf60 [ 597.952175][T13169] iter_file_splice_write+0x666/0xa60 [ 597.957580][T13169] direct_splice_actor+0x156/0x2a0 [ 597.962710][T13169] splice_direct_to_actor+0x312/0x680 [ 597.968097][T13169] do_splice_direct+0xda/0x150 [ 597.972873][T13169] do_sendfile+0x380/0x650 [ 597.977314][T13169] __x64_sys_sendfile64+0x105/0x150 [ 597.982537][T13169] x64_sys_call+0x2bb4/0x3000 [ 597.987230][T13169] do_syscall_64+0xd2/0x200 [ 597.991738][T13169] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 597.997642][T13169] [ 597.999964][T13169] value changed: 0x0a000021 -> 0x04000021 [ 598.005687][T13169] [ 598.008026][T13169] Reported by Kernel Concurrency Sanitizer on: [ 598.014190][T13169] CPU: 1 UID: 0 PID: 13169 Comm: syz.4.2938 Not tainted syzkaller #0 PREEMPT(voluntary) [ 598.024010][T13169] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 598.034078][T13169] ================================================================== [ 598.903170][ T8298] Bluetooth: hci1: Opcode 0x1003 failed: -110 [ 598.903243][ T3541] Bluetooth: hci1: command 0x1003 tx timeout