last executing test programs: 3.084304862s ago: executing program 3 (id=404): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000003940)=ANY=[@ANYBLOB="210000000000000000000000000010000004"], 0x48) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x18, 0xb, &(0x7f00000005c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000730000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000340)='kfree\x00', r1, 0x0, 0x200000000}, 0x18) mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x2000003, 0x13, r0, 0x0) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil) 2.803330802s ago: executing program 3 (id=412): r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) r1 = dup(r0) write$UHID_INPUT(r1, &(0x7f0000000180)={0x9, {"a2e3ad214fc752f91b2909094bf70e0dd038e7ff7fc6e5539b324c078b089b3b373b6d1a0890e0878f0e1ac6e7049b076d959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5d31300d106d0936cd3b78130daa61d8e809ea889b5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae19397d696d0d758f2dc7d1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56dc1b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc94681359bad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a69508671568ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df0784c8f4ceb360c7e658828563e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b4bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135e0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d618e462071115c8982b846af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6ea94f88a4facfd4c735a20307c737afae5136651b1b9bd522dcb399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d678d8a600004b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab83c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4000000000000007fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab811905352483b154cdc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af44863c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57fa9c0fe660a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47a08d3679507000000000000934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dd0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000510b00", 0x1000}}, 0x1021) 2.684439001s ago: executing program 3 (id=415): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10) r2 = openat$sysfs(0xffffff9c, &(0x7f0000000000)='/sys/kernel/notes', 0x0, 0x10) finit_module(r2, 0x0, 0x7) 2.654175947s ago: executing program 3 (id=417): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000010c0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{r0}, &(0x7f0000000200), &(0x7f0000000280)=r1}, 0x20) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000800)=ANY=[@ANYBLOB="140000001000040000000000000000000300000a20000000000a05000000000000000000070000000900010073797a300000000044000000090a010400000000000000000700ffff08000a40000000030900020073797a31000000000900010073797a3000000000080005400000002105000d"], 0xe8}, 0x1, 0x0, 0x0, 0x10}, 0x0) 2.455689038s ago: executing program 3 (id=426): syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./bus\x00', 0x2008042, &(0x7f00000000c0), 0x2, 0x571, &(0x7f0000000780)="$eJzs3c+PG1cdAPDvzP5yk7SbQA9QAQlQCCiKnXXaqOql5QJCVSVExQFxSJddZ7XEjkPsLd0lUrd/A0ggcYI/gQMSB6SeOHDjiMQBEOWAVCACJUgcBs3Yu+ts7MSNvXaz/nykybyZN+Pve/bOvOdnxy+AmXUuInYjYjEi3oyI5e7+pLvEq50lP+7undtr9+7cXksiy974Z1Lk5/ui55zcye5jliLim1+L+G7yYNzW9s711Xq9dqu7XWk3blZa2zsXNxurG7WN2o1q9crKlUsvXX6xOra6nm388oOvbr72rd/8+tPv/373yz/Mi3Wqm9dbj3HqVH1hP05uPiJeO4pgUzDXXS9OuRw8njQiPhYRnyuu/+WYK/46AYDjLMuWI1vu3QYAjru0GANL0nJEpGm3E1DujOE9GyfSerPVvnCtuXVjvTNWdjoW0mub9dqlM0t//H5x8EKSb68UeUV+sV09tH05Is5ExI+Xniq2y2vN+vp0ujwAMPNO9rb/EfGfpTQtl4c6tc+negDAE6M07QIAABOn/QeA2aP9B4DZM0T73/2wf/fIywIATIb3/wAwe7T/ADB7tP8AMFO+8frr+ZLd6/7+9fpb21vXm29dXK+1rpcbW2vlteatm+WNZnOj+M2exqMer95s3lx5IbberrRrrXaltb1ztdHcutG+Wvyu99XawkRqBQA8zJmz7/0hiYjdl58qluiZy0FbDcdbOsajgCfL3Cgn6yDAE81sXzC7hmrCi07C7468LMB09P0x71Lf5P1++iGC+J4RfKSc/+Tw4//meIbjxcg+zK7HG/9/ZezlACbvscf//zzecgCTl2XJ4Tn/F/ezAIBjaYSv8GXvjKsTAkzVoybzHsvn/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHDMnIqI70WSlou5wNP837Rcjng6Ik7HQnJts167FBHPxNmIWFjKt1emXWgAYETp35Pu/F/nl58/dTh3MfnvUrGOiB/87I2fvL3abt9ayff/a3//0t70YdWD80aYVxAAGN5fhzmoaL+r3XXPG/m7d26v7S1HWMYHfPCV/clH1+7duV0snZz5yLIsiygVfYkT/05ivntOKSKei4i5McTffTciPtGv/kkxNnK6O/Npb/zoxn56ovHT++KnRV5nnT99Hx9DWWDWvJfff149fP3NFVfWueKI/td/qbhDja64/5Ui9u59B/e/veu9VJTmcPz8mj83bIwXfvv1B3Zmy528dyOem+8XP9mPnwyI//yQ8f/0qc/86JUBednPI85H//i9sSrtxs1Ka3vn4mZjdaO2UbtRrV5ZuXLppcsvVivFGHVlb6T6Qf94+cIzg8qW1//EgPidV/7kofov7p/7hSHr/4v/vfmdzx5sLh2O/6XP93/9ny3W/Z//vE384pDxV0/8auD03Xn89QH1f9Trf2HI+O//bWd9yEMBgAlobe9cX63Xa7dGSuTvQj/8WVmWvZOX4SHH5NnDPeBed3G06vwlisTB05JEEqM/P/cn8s7YMAcvjFyd+xJ7wyXjrk6fxPx+X3G8j/zth/+1DEosjhI0HXstHicRp7uJu5MKOpXbETBBBxf9tEsCAAAAAAAAAAAAAAAMMon/wzTtOgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHB8/T8AAP//Z1e+LQ==") setxattr$system_posix_acl(&(0x7f0000002a00)='.\x00', &(0x7f0000002a40)='system.posix_acl_default\x00', &(0x7f0000000300)=ANY=[@ANYBLOB="02000000010004000000000004000500a9930000100000000000000020"], 0x24, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x511a01, 0x80) 2.321192891s ago: executing program 3 (id=432): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000001b00000000"], 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001240)={&(0x7f0000000200)='kfree\x00', r1, 0x0, 0xfffffffffffffffd}, 0x18) bpf$MAP_CREATE(0x0, &(0x7f0000000480)=@base={0x21, 0x0, 0x0, 0x100000, 0x400, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2000000, 0x0, 0x200000000000000}, 0x50) 2.04895467s ago: executing program 4 (id=440): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r1}, 0x4) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70500001000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r2}, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r0) sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)={0x28, r3, 0x9c3fa077fa966179, 0x70bd2c, 0x0, {{0x7e}, {@val={0x8}, @val={0xc, 0x99, {0x10, 0x6f}}}}}, 0x28}}, 0x0) 1.169209929s ago: executing program 4 (id=450): r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x800, 0x0) lseek(r0, 0x0, 0x4) 1.072508911s ago: executing program 4 (id=452): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000020000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000340)='kmem_cache_free\x00', r1}, 0x18) dup(0xffffffffffffffff) execveat(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x400) 1.054409447s ago: executing program 4 (id=453): r0 = socket$inet6_udp(0xa, 0x2, 0x0) sendmmsg$inet6(r0, &(0x7f0000000500)=[{{&(0x7f0000000040)={0xa, 0x4e20, 0x0, @mcast2}, 0x1c, 0x0, 0x0, &(0x7f0000000640)=[@dstopts={{0x18, 0x29, 0x37, {0x4}}}, @hoplimit={{0x14, 0x29, 0x34, 0x8}}], 0x30}}], 0x1, 0x4000001) 994.050773ms ago: executing program 4 (id=454): r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000200)=0x474c, 0x4) bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10) connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000080000000c"], 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x18) sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x0) setsockopt$inet_int(r0, 0x0, 0xc, &(0x7f0000000040)=0xfffffffc, 0x4) setsockopt$inet_int(r0, 0x0, 0xd, &(0x7f0000000180)=0x3ff, 0x4) recvmmsg(r0, &(0x7f00000024c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000900)=""/207, 0xcf}, 0x9}], 0x1, 0x45833af92e4a39fd, 0x0) 846.730981ms ago: executing program 4 (id=458): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={0x0}, 0x18) r1 = gettid() process_vm_writev(r1, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0x7ffff000}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000003c0)='sched_switch\x00', r0}, 0x18) socket$inet6(0xa, 0x3, 0x8000000003c) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x3, &(0x7f0000000240)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3}}, &(0x7f00000001c0)='syzkaller\x00'}, 0x80) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000440)={'virt_wifi0\x00'}) r2 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'syz_tun\x00', 0x0}) sendmsg$nl_route_sched(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=@getchain={0x24, 0x11, 0x1, 0x1fffffd, 0x0, {0x0, 0x0, 0x0, r3, {}, {0x7, 0xa}, {0xfff3}}}, 0x59}}, 0x0) 701.36115ms ago: executing program 1 (id=461): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) ioctl$PAGEMAP_SCAN(0xffffffffffffffff, 0xc0606610, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000140)={0x0, 0xffffffffffffff34, &(0x7f0000000080)={0x0, 0xb8}}, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) getsockname$packet(r1, &(0x7f0000000340)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000000)=0x14) sendmsg$nl_route(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="34000000100081eee80000040000000010000000", @ANYRES32=r3, @ANYBLOB="ddfffffdff000000140012000c000100627269646765"], 0x34}}, 0x0) sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)=@ipv4_newaddr={0x20, 0x14, 0x1, 0x0, 0x0, {0x2, 0x0, 0x0, 0xff, r3}, [@IFA_LOCAL={0x8, 0x2, @local}]}, 0x20}}, 0x0) r4 = socket$inet(0x2, 0x3, 0x2) setsockopt$inet_mreqsrc(r4, 0x0, 0x27, &(0x7f0000000040)={@multicast2, @local}, 0xc) r5 = socket(0x10, 0x803, 0x4) sendmsg$nl_route(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={0x0, 0x1c}, 0x1, 0x0, 0x0, 0x20088814}, 0x0) getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) bpf$MAP_CREATE(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="010000000400000008000000"], 0x48) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000f4751f2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb7030000080000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r7}, 0x10) sendmsg$nl_route_sched(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)=@delchain={0x24, 0x11, 0x1, 0x13, 0x0, {0x0, 0x0, 0x0, r6, {0x0, 0xb}}}, 0x24}}, 0x0) 596.56334ms ago: executing program 2 (id=463): socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$sock_attach_bpf(r0, 0x1, 0x42, 0x0, 0x0) 591.405744ms ago: executing program 2 (id=464): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x17, 0x2000000000000242, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r1}, 0x10) r2 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f0000000100), 0x1, 0x0) write$binfmt_register(r2, &(0x7f0000000440)={0x3a, 'syz1', 0x3a, 'M', 0x3a, 0x0, 0x3a, 'usrjquota=', 0x3a, '', 0x3a, './file2', 0x3a, [0x46]}, 0x32) 519.576587ms ago: executing program 2 (id=465): r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=@base={0x2, 0x4, 0x7fe2, 0x1, 0x0, 0xffffffffffffffff, 0xfffffffc}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x530, 0x348, 0x18c, 0x203, 0x348, 0x19030000, 0x460, 0x2e0, 0x2e0, 0x460, 0x2e0, 0x3, 0x0, {[{{@uncond, 0x300, 0x300, 0x348, 0x0, {}, [@common=@unspec=@bpf0={{0x230}, {0x13, [{0x0, 0x0, 0x0, 0x8400}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x16}]}}, @common=@hl={{0x28}}]}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz1\x00'}}}, {{@uncond, 0x0, 0xd0, 0x118, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz1\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x590) 477.38954ms ago: executing program 0 (id=466): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000dd0000000000003b810000850000006d000000a50000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x84, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x9}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='kfree\x00', r0}, 0x10) r1 = socket$inet_icmp(0x2, 0x2, 0x1) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000180)=@filter={'filter\x00', 0xe, 0x0, 0x90, [0x0, 0x2000000000c0, 0x2000000000f0, 0x200000000120], 0x0, 0x0, &(0x7f00000000c0)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffe}]}, 0x108) 420.495472ms ago: executing program 0 (id=467): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r1, 0x0, 0x3}, 0x18) sendmsg$nl_route(r0, &(0x7f0000000580)={0x0, 0xff7f, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="580000001000010400004000fedbdf2501f80000", @ANYRES32=0x0, @ANYBLOB="01020400000000002800128008000100736974001c00028008000200c6120001060008001900000005000a00fd000000080004000100010008000a00fa"], 0x58}}, 0x0) 420.16607ms ago: executing program 1 (id=468): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000010c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x10, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f00000007c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000000)='kfree\x00', r1}, 0x10) r2 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_TX_RING(r2, 0x11b, 0x6, &(0x7f0000000000)=0x40000000, 0x4) 396.118709ms ago: executing program 2 (id=469): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000080)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10) r2 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000200)=ANY=[@ANYBLOB="140100002800010004000000f8dbdf2503"], 0x114}], 0x1, 0x0, 0x0, 0x1}, 0x300) 315.09713ms ago: executing program 1 (id=470): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x39) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x800}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10) r2 = socket$netlink(0x10, 0x3, 0x0) getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000040)={0x0, 0x0}, &(0x7f00000000c0)=0xc) sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000100)={0x28, 0x18, 0x1, 0x0, 0x0, {0x2}, [@typed={0x8, 0x800, 0x0, 0x0, @ipv4=@multicast2}, @nested={0xc, 0x8, 0x0, 0x1, [@typed={0x8, 0xc, 0x0, 0x0, @uid=r3}]}]}, 0x28}}, 0x0) 256.426745ms ago: executing program 2 (id=471): socket$packet(0x11, 0x3, 0x300) r0 = socket$inet(0x2, 0x2, 0x0) setsockopt$inet_mreqn(r0, 0x0, 0x27, &(0x7f0000000740)={@multicast2, @loopback}, 0xc) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000016c0)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x94) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000003b00)={0x17, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_route(0x10, 0x3, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={0x0, &(0x7f00000004c0)=""/228, 0x0, 0xe4, 0x0, 0x3ff}, 0x28) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10) r3 = socket$netlink(0x10, 0x3, 0x0) writev(r3, &(0x7f00000003c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1) 219.231817ms ago: executing program 0 (id=472): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f000000850000002300000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000d00)='kfree\x00', r0}, 0x18) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="50000000020601080000000000000000000000080c00078008000640200000000500010006000000050005000a00000005000400000000000900020073797a31000000000c000300686173683a6970"], 0x50}, 0x1, 0x0, 0x0, 0x4010}, 0x20040000) socket$nl_netfilter(0x10, 0x3, 0xc) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_DESTROY(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)={0x1c, 0x3, 0x6, 0x201, 0x0, 0x0, {0x7, 0x0, 0xa}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000000}, 0x40814) 178.114487ms ago: executing program 1 (id=473): r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x17, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x7a, 0x0, 0x0, 0x41000, 0x44, '\x00', 0x0, @cgroup_sysctl=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x18) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1342, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) writev(r2, &(0x7f0000000040)=[{&(0x7f0000000540)="89e7ee0c7cdad9b4b47380c988cafbe863cac505", 0x14}, {&(0x7f0000000000)="448b7cff030000000000008a15df09", 0xf}, {0x0}], 0x3) 153.086232ms ago: executing program 0 (id=474): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x50) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10) sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000005c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSET={0x44, 0x9, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x2}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0xfffffffc}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x14}]}, @NFT_MSG_NEWSETELEM={0x40, 0xc, 0xa, 0x101, 0x0, 0x0, {0xa, 0x0, 0x6}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x14, 0x3, 0x0, 0x1, [{0x10, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0xc, 0x1, 0x0, 0x1, [@NFTA_DATA_VALUE={0x6, 0x1, "d103"}]}]}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0xac}, 0x1, 0x0, 0x0, 0x4000850}, 0x40) close(r0) 80.416489ms ago: executing program 2 (id=475): r0 = socket$netlink(0x10, 0x3, 0x10) bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000000), 0x4) setsockopt$netlink_NETLINK_BROADCAST_ERROR(r0, 0x10e, 0x4, &(0x7f0000000100)=0x1800, 0x4) r1 = getpid() r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$devlink(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_RELOAD(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x3c, r3, 0x1, 0x70bd27, 0x25dfdbfb, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_PID={0x8, 0x8b, r1}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4040010}, 0x30) bpf$MAP_CREATE(0x0, &(0x7f0000000880)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x20, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='kfree\x00'}, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r4}, 0x10) 80.013104ms ago: executing program 0 (id=476): r0 = socket$inet_tcp(0x2, 0x1, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000a8000000850000000500000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xd8}, 0x94) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1801000000000000000000004b84ffec850000006d"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='kmem_cache_free\x00', r1, 0x0, 0x10000}, 0x18) setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000000040)=0x1, 0xfff0) sendmmsg$inet(r0, &(0x7f0000006040)=[{{0x0, 0x0, &(0x7f0000000700)=[{&(0x7f00000003c0)="0f", 0x1}], 0x1}}], 0x1, 0x608d850) 59.598035ms ago: executing program 1 (id=477): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000004000000000000008100d00850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0xe, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r0}, 0x10) r1 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0) timer_create(0x0, 0x0, 0x0) timer_settime(0x0, 0x0, 0x0, 0x0) truncate(&(0x7f0000000040)='./file0\x00', 0x0) fcntl$setlease(r1, 0x400, 0x2) 4.747588ms ago: executing program 1 (id=478): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000002c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10) open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0) pipe2$9p(&(0x7f00000000c0), 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0x200000000000002f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x18) syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x1a08700, &(0x7f0000000700)={[{@nodioread_nolock}, {@nouid32}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5c}}, {@nouid32}, {@resgid}, {@usrquota}, {@journal_dev={'journal_dev', 0x3d, 0x1}}]}, 0x0, 0x470, &(0x7f0000001040)="$eJzs281rHGUYAPBnJh9t7UdirR+tVaNFCIpJk1btwYuiIFJR0EM9xiQtodtGmii2FpuKeBKkoGfxKPoXeBNB1JPg1ZMnKRTtpa2nyMzOpJvtJjHNphOzvx9s9n1n3t15nszXu++7G0DHGsj+JBE7IuL3iOirVxc3GKg/Xb96fvzG1fPjSczPv/FXkre7dvX8eNm0fN32ojKYRqQfJ8VGFps5e+7kWK02eaaoD8+eemd45uy5p947NXZi8sTk6dEjRw4fGnn2mdGn25Jnlte1fR9O79/78luXXh0/duntn7/N4t1RrG/Mo10GssT/ns81r3u83Rur2M6GctJdYSCsSldEZLurJz//+6Irbu68vnjpo0qDA9ZVdm/asvTquXlgE0ui6giAapQ3+uzzb/m4Q12PDeHK8/UPQFne14tHfU13pEWbnqbPt+00EBHH5v75MnvEOo1DAAA0+nT8i6O9EfHBjW9eyfoefQtr0rgvf/4j/7urmEPpj4i7I2J3RNwTEXsi4t6IvO39EfHAGuO5tf+TXl7jWy4r6/89V8xtLe7/lb2/6O8qajvz/HuS41O1yYPF/2QwerZk9ZFltvH9i799ttS6xv5f9si2X/YFizgudzcN0E2MzY7lndI2uHIxYl93q/yThZmAJCL2RsS+1b31rrIw9cTX+5dqtHL+rVxcXSTLmP8qS28uy38umvIvJY3zk1O3zE8Ob43a5MHh8qi41S+/fvL6Utu/vfzb58pk/blh/zc36U8a52tn2rv92zz+097kzXyeubdY9v7Y7OyZkYje5GheX7R89OZry3rZPjv+Bw+0Pv93F6/J8n8wIrKD+KGIeDgiHilifzQiHouIA8vk+NMLK+cfaUX7/2LERMvr38Lx37T/V1/oOvnjd0tt/7/t/8N5abBYkl//VtAqnOx61hzgWv53AAAA8H+R5t+BT9KhhXKaDg3Vv8O/J+5Ka9Mzs08en3739ET9u/L90ZOWI119xXhobao2OZLMFe9YHx8dLcaKy/HSQ8W48edd2/L60Ph0baLi3KHTbV/i/M/82VV1dMA629Zy6WjvHQ8EqEDz7zXTxdULr4WLAWxWfq8NnWuF87+pO6AzAJuJ+z90rlbn/4WmurkA2Jzc/6FzOf+hQ6U/VB0BUCH3f+hIa/ld/zoWtm6MMKopbNSdkhciykK6IeJRWKdC1VcmAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA9vg3AAD//5wI5wQ=") 0s ago: executing program 0 (id=479): r0 = syz_io_uring_setup(0x10f, &(0x7f0000000580)={0x0, 0xa6a, 0x0, 0x2, 0x2f8}, &(0x7f0000000000)=0x0, &(0x7f0000000340)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f00000002c0)=0x9, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000180)=@IORING_OP_STATX={0x15, 0xa, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x80, 0x6000}) io_uring_enter(r0, 0x1c3a, 0xe176, 0x22, 0x0, 0x0) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.127' (ED25519) to the list of known hosts. [ 32.952567][ T6533] cgroup: Unknown subsys name 'net' [ 33.068012][ T6533] cgroup: Unknown subsys name 'cpuset' [ 33.069951][ T6533] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 33.198160][ T6533] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k SS [ 35.328250][ T52] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 35.336508][ T6561] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 35.337652][ T6561] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 35.338169][ T6563] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 35.338467][ T6563] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 35.338661][ T6563] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 35.339007][ T6563] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 35.339281][ T6563] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 35.339726][ T6563] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 35.340196][ T6563] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 35.340433][ T6563] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 35.341138][ T6563] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 35.341402][ T6563] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 35.342273][ T6563] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 35.342720][ T6563] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 35.343564][ T6563] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 35.343811][ T6563] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 35.344136][ T6563] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 35.344800][ T6563] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 35.345994][ T6560] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 35.346238][ T6560] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 35.346484][ T6560] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 35.347081][ T6560] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 35.347348][ T6560] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 35.348846][ T6560] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 35.462884][ T6543] chnl_net:caif_netlink_parms(): no params data found [ 35.541321][ T6543] bridge0: port 1(bridge_slave_0) entered blocking state [ 35.542955][ T6543] bridge0: port 1(bridge_slave_0) entered disabled state [ 35.544326][ T6543] bridge_slave_0: entered allmulticast mode [ 35.545886][ T6543] bridge_slave_0: entered promiscuous mode [ 35.549368][ T6545] chnl_net:caif_netlink_parms(): no params data found [ 35.551347][ T6548] chnl_net:caif_netlink_parms(): no params data found [ 35.565816][ T6543] bridge0: port 2(bridge_slave_1) entered blocking state [ 35.565861][ T6543] bridge0: port 2(bridge_slave_1) entered disabled state [ 35.565919][ T6543] bridge_slave_1: entered allmulticast mode [ 35.566344][ T6543] bridge_slave_1: entered promiscuous mode [ 35.584562][ T6543] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 35.595404][ T6543] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 35.631408][ T6543] team0: Port device team_slave_0 added [ 35.632229][ T6543] team0: Port device team_slave_1 added [ 35.642090][ T6545] bridge0: port 1(bridge_slave_0) entered blocking state [ 35.642165][ T6545] bridge0: port 1(bridge_slave_0) entered disabled state [ 35.642219][ T6545] bridge_slave_0: entered allmulticast mode [ 35.642655][ T6545] bridge_slave_0: entered promiscuous mode [ 35.643447][ T6545] bridge0: port 2(bridge_slave_1) entered blocking state [ 35.643462][ T6545] bridge0: port 2(bridge_slave_1) entered disabled state [ 35.643513][ T6545] bridge_slave_1: entered allmulticast mode [ 35.643932][ T6545] bridge_slave_1: entered promiscuous mode [ 35.672253][ T6548] bridge0: port 1(bridge_slave_0) entered blocking state [ 35.672288][ T6548] bridge0: port 1(bridge_slave_0) entered disabled state [ 35.672341][ T6548] bridge_slave_0: entered allmulticast mode [ 35.673114][ T6548] bridge_slave_0: entered promiscuous mode [ 35.678928][ T6548] bridge0: port 2(bridge_slave_1) entered blocking state [ 35.680133][ T6548] bridge0: port 2(bridge_slave_1) entered disabled state [ 35.681391][ T6548] bridge_slave_1: entered allmulticast mode [ 35.682953][ T6548] bridge_slave_1: entered promiscuous mode [ 35.691845][ T6545] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 35.696031][ T6545] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 35.699675][ T6543] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 35.700107][ T6543] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 35.700125][ T6543] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 35.701050][ T6543] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 35.701058][ T6543] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 35.701069][ T6543] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 35.715460][ T6546] chnl_net:caif_netlink_parms(): no params data found [ 35.725065][ T6545] team0: Port device team_slave_0 added [ 35.729781][ T6548] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 35.730828][ T6548] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 35.734682][ T6545] team0: Port device team_slave_1 added [ 35.734910][ T6544] chnl_net:caif_netlink_parms(): no params data found [ 35.765255][ T6548] team0: Port device team_slave_0 added [ 35.769795][ T6543] hsr_slave_0: entered promiscuous mode [ 35.771246][ T6543] hsr_slave_1: entered promiscuous mode [ 35.772909][ T6545] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 35.772926][ T6545] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 35.772940][ T6545] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 35.773509][ T6545] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 35.773516][ T6545] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 35.773528][ T6545] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 35.786088][ T6548] team0: Port device team_slave_1 added [ 35.801058][ T6545] hsr_slave_0: entered promiscuous mode [ 35.801343][ T6545] hsr_slave_1: entered promiscuous mode [ 35.802036][ T6545] debugfs: 'hsr0' already exists in 'hsr' [ 35.802085][ T6545] Cannot create hsr debugfs directory [ 35.807542][ T6548] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 35.807565][ T6548] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 35.807577][ T6548] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 35.808085][ T6548] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 35.808092][ T6548] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 35.808104][ T6548] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 35.838981][ T6546] bridge0: port 1(bridge_slave_0) entered blocking state [ 35.839091][ T6546] bridge0: port 1(bridge_slave_0) entered disabled state [ 35.839154][ T6546] bridge_slave_0: entered allmulticast mode [ 35.839588][ T6546] bridge_slave_0: entered promiscuous mode [ 35.845306][ T6548] hsr_slave_0: entered promiscuous mode [ 35.847949][ T6548] hsr_slave_1: entered promiscuous mode [ 35.848166][ T6548] debugfs: 'hsr0' already exists in 'hsr' [ 35.848176][ T6548] Cannot create hsr debugfs directory [ 35.855766][ T6546] bridge0: port 2(bridge_slave_1) entered blocking state [ 35.856413][ T6546] bridge0: port 2(bridge_slave_1) entered disabled state [ 35.856483][ T6546] bridge_slave_1: entered allmulticast mode [ 35.857561][ T6546] bridge_slave_1: entered promiscuous mode [ 35.885841][ T6544] bridge0: port 1(bridge_slave_0) entered blocking state [ 35.886024][ T6544] bridge0: port 1(bridge_slave_0) entered disabled state [ 35.886076][ T6544] bridge_slave_0: entered allmulticast mode [ 35.886511][ T6544] bridge_slave_0: entered promiscuous mode [ 35.888013][ T6544] bridge0: port 2(bridge_slave_1) entered blocking state [ 35.888037][ T6544] bridge0: port 2(bridge_slave_1) entered disabled state [ 35.888084][ T6544] bridge_slave_1: entered allmulticast mode [ 35.888474][ T6544] bridge_slave_1: entered promiscuous mode [ 35.897731][ T6546] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 35.911602][ T6544] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 35.917784][ T6546] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 35.924811][ T6544] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 35.943810][ T6544] team0: Port device team_slave_0 added [ 35.954011][ T6546] team0: Port device team_slave_0 added [ 35.954680][ T6544] team0: Port device team_slave_1 added [ 35.969090][ T6546] team0: Port device team_slave_1 added [ 35.978848][ T6544] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 35.978878][ T6544] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 35.978896][ T6544] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 35.979455][ T6544] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 35.979461][ T6544] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 35.979474][ T6544] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 36.001320][ T6546] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 36.002532][ T6546] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 36.006637][ T6546] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 36.019027][ T6546] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 36.019057][ T6546] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 36.019071][ T6546] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 36.021077][ T6544] hsr_slave_0: entered promiscuous mode [ 36.021367][ T6544] hsr_slave_1: entered promiscuous mode [ 36.021547][ T6544] debugfs: 'hsr0' already exists in 'hsr' [ 36.021557][ T6544] Cannot create hsr debugfs directory [ 36.068446][ T6546] hsr_slave_0: entered promiscuous mode [ 36.068760][ T6546] hsr_slave_1: entered promiscuous mode [ 36.069250][ T6546] debugfs: 'hsr0' already exists in 'hsr' [ 36.069261][ T6546] Cannot create hsr debugfs directory [ 36.080447][ T6543] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 36.083776][ T6543] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 36.091854][ T6543] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 36.095342][ T6543] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 36.138263][ T6545] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 36.140989][ T6545] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 36.144203][ T6543] bridge0: port 2(bridge_slave_1) entered blocking state [ 36.144249][ T6543] bridge0: port 2(bridge_slave_1) entered forwarding state [ 36.144450][ T6543] bridge0: port 1(bridge_slave_0) entered blocking state [ 36.144474][ T6543] bridge0: port 1(bridge_slave_0) entered forwarding state [ 36.150019][ T6545] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 36.155882][ T6545] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 36.175578][ T6548] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 36.179759][ T6548] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 36.185685][ T6548] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 36.188357][ T6548] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 36.190402][ T6545] bridge0: port 2(bridge_slave_1) entered blocking state [ 36.190452][ T6545] bridge0: port 2(bridge_slave_1) entered forwarding state [ 36.190533][ T6545] bridge0: port 1(bridge_slave_0) entered blocking state [ 36.190564][ T6545] bridge0: port 1(bridge_slave_0) entered forwarding state [ 36.204707][ T6543] 8021q: adding VLAN 0 to HW filter on device bond0 [ 36.214959][ T336] bridge0: port 1(bridge_slave_0) entered disabled state [ 36.217753][ T336] bridge0: port 2(bridge_slave_1) entered disabled state [ 36.220664][ T336] bridge0: port 1(bridge_slave_0) entered disabled state [ 36.222600][ T336] bridge0: port 2(bridge_slave_1) entered disabled state [ 36.246266][ T6543] 8021q: adding VLAN 0 to HW filter on device team0 [ 36.246423][ T6544] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 36.249585][ T6544] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 36.250546][ T6544] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 36.251623][ T6544] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 36.261864][ T4747] bridge0: port 1(bridge_slave_0) entered blocking state [ 36.261911][ T4747] bridge0: port 1(bridge_slave_0) entered forwarding state [ 36.270484][ T4747] bridge0: port 2(bridge_slave_1) entered blocking state [ 36.270530][ T4747] bridge0: port 2(bridge_slave_1) entered forwarding state [ 36.326529][ T6544] 8021q: adding VLAN 0 to HW filter on device bond0 [ 36.331144][ T6545] 8021q: adding VLAN 0 to HW filter on device bond0 [ 36.337132][ T6546] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 36.339707][ T6546] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 36.346433][ T6546] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 36.350169][ T6546] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 36.358327][ T6545] 8021q: adding VLAN 0 to HW filter on device team0 [ 36.369120][ T6548] 8021q: adding VLAN 0 to HW filter on device bond0 [ 36.373184][ T6548] 8021q: adding VLAN 0 to HW filter on device team0 [ 36.380328][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 36.380365][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 36.380829][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 36.380845][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 36.388013][ T6543] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 36.395795][ T6544] 8021q: adding VLAN 0 to HW filter on device team0 [ 36.409947][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 36.409981][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 36.418508][ T41] bridge0: port 1(bridge_slave_0) entered blocking state [ 36.418546][ T41] bridge0: port 1(bridge_slave_0) entered forwarding state [ 36.418847][ T41] bridge0: port 2(bridge_slave_1) entered blocking state [ 36.418862][ T41] bridge0: port 2(bridge_slave_1) entered forwarding state [ 36.429363][ T6548] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 36.451206][ T336] bridge0: port 2(bridge_slave_1) entered blocking state [ 36.451245][ T336] bridge0: port 2(bridge_slave_1) entered forwarding state [ 36.474435][ T6546] 8021q: adding VLAN 0 to HW filter on device bond0 [ 36.479852][ T6543] veth0_vlan: entered promiscuous mode [ 36.498322][ T6546] 8021q: adding VLAN 0 to HW filter on device team0 [ 36.507310][ T14] bridge0: port 1(bridge_slave_0) entered blocking state [ 36.507743][ T14] bridge0: port 1(bridge_slave_0) entered forwarding state [ 36.513481][ T6548] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 36.523005][ T336] bridge0: port 2(bridge_slave_1) entered blocking state [ 36.523047][ T336] bridge0: port 2(bridge_slave_1) entered forwarding state [ 36.531714][ T6543] veth1_vlan: entered promiscuous mode [ 36.563750][ T6543] veth0_macvtap: entered promiscuous mode [ 36.568789][ T6543] veth1_macvtap: entered promiscuous mode [ 36.576270][ T6543] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 36.580179][ T6543] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 36.592570][ T6544] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 36.597699][ T14] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 36.597744][ T14] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 36.597772][ T14] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 36.597787][ T14] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 36.604841][ T6548] veth0_vlan: entered promiscuous mode [ 36.615707][ T6548] veth1_vlan: entered promiscuous mode [ 36.643949][ T6546] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 36.664787][ T6545] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 36.679599][ T6548] veth0_macvtap: entered promiscuous mode [ 36.680632][ T6548] veth1_macvtap: entered promiscuous mode [ 36.683899][ T6548] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 36.684781][ T6548] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 36.698115][ T12] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 36.698276][ T12] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 36.698292][ T12] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 36.698305][ T12] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 36.709367][ T6545] veth0_vlan: entered promiscuous mode [ 36.718802][ T336] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 36.718837][ T336] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 36.745366][ T6545] veth1_vlan: entered promiscuous mode [ 36.751613][ T6544] veth0_vlan: entered promiscuous mode [ 36.751958][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 36.751968][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 36.754627][ T6544] veth1_vlan: entered promiscuous mode [ 36.761659][ T6546] veth0_vlan: entered promiscuous mode [ 36.768066][ T41] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 36.768097][ T41] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 36.785352][ T6545] veth0_macvtap: entered promiscuous mode [ 36.793400][ T6546] veth1_vlan: entered promiscuous mode [ 36.795859][ T6545] veth1_macvtap: entered promiscuous mode [ 36.799525][ T14] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 36.800994][ T14] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 36.814149][ T6543] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 36.817708][ T6544] veth0_macvtap: entered promiscuous mode [ 36.821866][ T6544] veth1_macvtap: entered promiscuous mode [ 36.840239][ T6546] veth0_macvtap: entered promiscuous mode [ 36.848321][ T6545] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 36.849058][ T6546] veth1_macvtap: entered promiscuous mode [ 36.864190][ T6544] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 36.865148][ T6544] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 36.866645][ T41] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 36.866733][ T41] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 36.866756][ T41] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 36.866775][ T41] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 36.884629][ T6546] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 36.885656][ T6546] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 36.890267][ T41] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 36.890298][ T41] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 36.890313][ T41] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 36.890326][ T41] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 36.891006][ T6545] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 36.896662][ T41] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 36.897954][ T41] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 36.897980][ T41] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 36.898006][ T41] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 36.905724][ T6663] mmap: syz.2.6 (6663) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 37.030627][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 37.030675][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 37.030791][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 37.030797][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 37.053539][ T14] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 37.054945][ T14] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 37.062660][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 37.064203][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 37.075035][ T14] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 37.075070][ T14] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 37.329241][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 37.329277][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 37.367185][ T6138] Bluetooth: hci2: command tx timeout [ 37.367301][ T6138] Bluetooth: hci0: command tx timeout [ 37.367356][ T6138] Bluetooth: hci1: command tx timeout [ 37.367398][ T6138] Bluetooth: hci4: command tx timeout [ 37.420755][ T31] audit: type=1326 audit(37.400:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6680 comm="syz.4.5" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb675b3a8 code=0x7ffc0000 [ 37.420803][ T31] audit: type=1326 audit(37.400:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6680 comm="syz.4.5" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb675b3a8 code=0x7ffc0000 [ 37.438733][ T31] audit: type=1326 audit(37.410:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6680 comm="syz.4.5" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffb675b3a8 code=0x7ffc0000 [ 37.438769][ T31] audit: type=1326 audit(37.410:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6680 comm="syz.4.5" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb675b3a8 code=0x7ffc0000 [ 37.438798][ T31] audit: type=1326 audit(37.410:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6680 comm="syz.4.5" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffb675b3a8 code=0x7ffc0000 [ 37.438816][ T31] audit: type=1326 audit(37.410:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6680 comm="syz.4.5" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb675b3a8 code=0x7ffc0000 [ 37.438834][ T31] audit: type=1326 audit(37.410:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6680 comm="syz.4.5" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffb675b3a8 code=0x7ffc0000 [ 37.438849][ T31] audit: type=1326 audit(37.410:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6680 comm="syz.4.5" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb675b3a8 code=0x7ffc0000 [ 37.438864][ T31] audit: type=1326 audit(37.410:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6680 comm="syz.4.5" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffb675b3a8 code=0x7ffc0000 [ 37.438878][ T31] audit: type=1326 audit(37.410:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6680 comm="syz.4.5" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb675b3a8 code=0x7ffc0000 [ 37.457685][ T52] Bluetooth: hci3: command tx timeout [ 37.472547][ T6686] loop2: detected capacity change from 0 to 1024 [ 37.473112][ T6686] EXT4-fs: Ignoring removed bh option [ 37.473130][ T6686] EXT4-fs: inline encryption not supported [ 37.484173][ T6686] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 37.486234][ T6687] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2'. [ 37.494221][ T6687] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2'. [ 37.495860][ T6686] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce018, mo2=0000] [ 37.516136][ T6686] EXT4-fs error (device loop2): ext4_map_blocks:778: inode #3: block 2: comm syz.2.12: lblock 2 mapped to illegal pblock 2 (length 1) [ 37.519417][ T6686] EXT4-fs error (device loop2): ext4_map_blocks:778: inode #3: block 48: comm syz.2.12: lblock 0 mapped to illegal pblock 48 (length 1) [ 37.521977][ T6686] EXT4-fs error (device loop2): ext4_acquire_dquot:6937: comm syz.2.12: Failed to acquire dquot type 0 [ 37.524613][ T6686] EXT4-fs error (device loop2) in ext4_reserve_inode_write:6334: Corrupt filesystem [ 37.540904][ T6686] EXT4-fs error (device loop2): ext4_evict_inode:254: inode #11: comm syz.2.12: mark_inode_dirty error [ 37.542900][ T6686] EXT4-fs warning (device loop2): ext4_evict_inode:257: couldn't mark inode dirty (err -117) [ 37.543024][ T6686] EXT4-fs (loop2): 1 orphan inode deleted [ 37.543482][ T6686] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 37.555549][ T6698] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 37.577258][ T1608] EXT4-fs error (device loop2): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:5: lblock 1 mapped to illegal pblock 1 (length 1) [ 37.580064][ T1608] EXT4-fs error (device loop2): ext4_release_dquot:6973: comm kworker/u8:5: Failed to release dquot type 0 [ 37.673442][ T6543] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 37.675892][ T6543] EXT4-fs error (device loop2): __ext4_get_inode_loc:4861: comm syz-executor: Invalid inode table block 1 in block_group 0 [ 37.680847][ T6543] EXT4-fs error (device loop2) in ext4_reserve_inode_write:6334: Corrupt filesystem [ 37.682871][ T6543] EXT4-fs error (device loop2): ext4_quota_off:7221: inode #3: comm syz-executor: mark_inode_dirty error [ 37.685195][ T6705] pim6reg: entered allmulticast mode [ 37.690982][ T6705] pim6reg: left allmulticast mode [ 37.781775][ T6716] netlink: 12 bytes leftover after parsing attributes in process `syz.1.22'. [ 37.856537][ T6723] loop3: detected capacity change from 0 to 512 [ 37.921385][ T6725] loop2: detected capacity change from 0 to 512 [ 37.932126][ T6723] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 37.936390][ T6725] journal_path: Non-blockdev passed as './bus' [ 37.936433][ T6725] EXT4-fs: error: could not find journal device path [ 37.965601][ T6723] EXT4-fs (loop3): shut down requested (0) [ 38.039645][ T6736] netlink: 80 bytes leftover after parsing attributes in process `syz.2.31'. [ 38.062466][ T6548] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 38.170087][ T6753] loop1: detected capacity change from 0 to 512 [ 38.194726][ T6753] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 38.241613][ T6546] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 38.329839][ T6771] netlink: 20 bytes leftover after parsing attributes in process `syz.0.47'. [ 38.412331][ T6782] loop2: detected capacity change from 0 to 512 [ 38.417533][ T6782] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 38.432124][ T6782] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.54: couldn't read orphan inode 26 (err -116) [ 38.435076][ T6782] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 38.453042][ T6543] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 38.465579][ T6788] loop3: detected capacity change from 0 to 128 [ 38.482278][ T6788] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 38.580983][ T6803] loop2: detected capacity change from 0 to 1024 [ 38.581367][ T6803] EXT4-fs: Ignoring removed orlov option [ 38.594413][ T6803] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 38.682068][ T6548] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 39.109994][ T6827] syz.4.69 uses obsolete (PF_INET,SOCK_PACKET) [ 39.239924][ T6833] netlink: 'syz.4.71': attribute type 27 has an invalid length. [ 39.305219][ T6837] loop0: detected capacity change from 0 to 512 [ 39.307338][ T6837] EXT4-fs: Ignoring removed bh option [ 39.314910][ T6837] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem [ 39.325610][ T6833] bridge0: port 2(bridge_slave_1) entered disabled state [ 39.325996][ T6833] bridge0: port 1(bridge_slave_0) entered disabled state [ 39.327772][ T6837] EXT4-fs (loop0): 1 truncate cleaned up [ 39.328313][ T6837] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 39.377278][ T6545] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 39.446783][ T52] Bluetooth: hci4: command tx timeout [ 39.447154][ T52] Bluetooth: hci1: command tx timeout [ 39.447811][ T52] Bluetooth: hci0: command tx timeout [ 39.447842][ T52] Bluetooth: hci2: command tx timeout [ 39.460835][ T6543] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 39.575699][ T6138] Bluetooth: hci3: command tx timeout [ 39.899405][ T6833] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 39.901414][ T6833] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 39.941344][ T6853] loop3: detected capacity change from 0 to 512 [ 39.951347][ T6853] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 39.959893][ T6853] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 214 vs 220 free clusters [ 39.961189][ T6853] EXT4-fs warning (device loop3): ext4_expand_extra_isize_ea:2848: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 39.961365][ T6853] EXT4-fs (loop3): 1 truncate cleaned up [ 39.961897][ T6853] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 40.189430][ T6836] 8021q: adding VLAN 0 to HW filter on device bond0 [ 40.189878][ T6836] 8021q: adding VLAN 0 to HW filter on device team0 [ 40.226776][ T6836] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 40.231780][ T6852] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 40.231812][ T6852] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 40.259687][ T6852] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 40.265370][ T6852] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 40.291912][ T14] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 40.291998][ T14] netdevsim netdevsim4 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 40.292043][ T14] netdevsim netdevsim4 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 40.292072][ T14] netdevsim netdevsim4 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 40.315374][ T6860] netlink: 'syz.4.80': attribute type 10 has an invalid length. [ 40.353169][ T6865] loop2: detected capacity change from 0 to 128 [ 40.391710][ T6860] team0 (unregistering): Port device team_slave_0 removed [ 40.398855][ T6860] team0 (unregistering): Port device team_slave_1 removed [ 40.438535][ T6865] syz.2.83: attempt to access beyond end of device [ 40.438535][ T6865] loop2: rw=2049, sector=145, nr_sectors = 16 limit=128 [ 40.438629][ T6865] syz.2.83: attempt to access beyond end of device [ 40.438629][ T6865] loop2: rw=2049, sector=169, nr_sectors = 8 limit=128 [ 40.438667][ T6865] syz.2.83: attempt to access beyond end of device [ 40.438667][ T6865] loop2: rw=2049, sector=185, nr_sectors = 8 limit=128 [ 40.438703][ T6865] syz.2.83: attempt to access beyond end of device [ 40.438703][ T6865] loop2: rw=2049, sector=201, nr_sectors = 8 limit=128 [ 40.438737][ T6865] syz.2.83: attempt to access beyond end of device [ 40.438737][ T6865] loop2: rw=2049, sector=217, nr_sectors = 8 limit=128 [ 40.438780][ T6865] syz.2.83: attempt to access beyond end of device [ 40.438780][ T6865] loop2: rw=2049, sector=233, nr_sectors = 8 limit=128 [ 40.438816][ T6865] syz.2.83: attempt to access beyond end of device [ 40.438816][ T6865] loop2: rw=2049, sector=249, nr_sectors = 8 limit=128 [ 40.438850][ T6865] syz.2.83: attempt to access beyond end of device [ 40.438850][ T6865] loop2: rw=2049, sector=265, nr_sectors = 8 limit=128 [ 40.438883][ T6865] syz.2.83: attempt to access beyond end of device [ 40.438883][ T6865] loop2: rw=2049, sector=281, nr_sectors = 8 limit=128 [ 40.438916][ T6865] syz.2.83: attempt to access beyond end of device [ 40.438916][ T6865] loop2: rw=2049, sector=297, nr_sectors = 8 limit=128 [ 40.749587][ T6548] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 41.414151][ T6920] loop3: detected capacity change from 0 to 512 [ 41.443841][ T6920] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 41.447561][ T6920] EXT4-fs (loop3): shut down requested (1) [ 41.450825][ T6925] loop0: detected capacity change from 0 to 164 [ 41.455048][ T6925] process 'syz.0.105' launched '/dev/fd/4' with NULL argv: empty string added [ 41.472956][ T6548] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 41.537711][ T6138] Bluetooth: hci2: command tx timeout [ 41.539057][ T52] Bluetooth: hci0: command tx timeout [ 41.540097][ T52] Bluetooth: hci1: command tx timeout [ 41.541237][ T52] Bluetooth: hci4: command tx timeout [ 41.597716][ T6942] bridge0: port 3(gretap0) entered blocking state [ 41.597769][ T6942] bridge0: port 3(gretap0) entered disabled state [ 41.597873][ T6942] gretap0: entered allmulticast mode [ 41.617930][ T6550] Bluetooth: hci3: command tx timeout [ 41.620640][ T6945] netlink: 12 bytes leftover after parsing attributes in process `syz.2.115'. [ 41.631949][ T6942] gretap0: entered promiscuous mode [ 41.632715][ T6942] bridge0: port 3(gretap0) entered blocking state [ 41.632761][ T6942] bridge0: port 3(gretap0) entered forwarding state [ 41.634876][ T6942] gretap0: left allmulticast mode [ 41.634889][ T6942] gretap0: left promiscuous mode [ 41.634967][ T6942] bridge0: port 3(gretap0) entered disabled state [ 41.666543][ T6947] loop3: detected capacity change from 0 to 512 [ 41.680021][ T6950] : renamed from vlan1 (while UP) [ 41.695112][ T6947] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 41.733471][ T6548] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 41.852174][ T6967] bridge0: port 2(bridge_slave_1) entered disabled state [ 41.852330][ T6967] bridge0: port 1(bridge_slave_0) entered disabled state [ 41.938861][ T42] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 41.939205][ T42] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 41.939235][ T42] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 41.939248][ T42] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 41.980124][ T6973] netlink: 148 bytes leftover after parsing attributes in process `syz.3.127'. [ 42.240985][ T6987] netlink: 8 bytes leftover after parsing attributes in process `syz.3.132'. [ 42.449953][ T6940] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 42.450026][ T6940] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 42.456959][ T31] kauditd_printk_skb: 190 callbacks suppressed [ 42.456999][ T31] audit: type=1326 audit(42.440:199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6990 comm="syz.2.134" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff95f5b3a8 code=0x7ffc0000 [ 42.457119][ T31] audit: type=1326 audit(42.440:200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6990 comm="syz.2.134" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=222 compat=0 ip=0xffff95f5b3dc code=0x7ffc0000 [ 42.458867][ T6940] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 42.466170][ T6940] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 42.466211][ T6940] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 42.468634][ T6940] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 42.470391][ T6940] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 42.470589][ T6940] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 42.477809][ T6940] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 42.481061][ T6940] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 42.481155][ T6940] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 42.484394][ T6940] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 42.486373][ T6940] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 42.486430][ T6940] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 42.489930][ T6940] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 42.513650][ T31] audit: type=1326 audit(42.490:201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6990 comm="syz.2.134" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=226 compat=0 ip=0xffff95f5b48c code=0x7ffc0000 [ 42.513689][ T31] audit: type=1326 audit(42.490:202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6990 comm="syz.2.134" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=135 compat=0 ip=0xffff95f38498 code=0x7ffc0000 [ 42.513703][ T31] audit: type=1326 audit(42.490:203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6990 comm="syz.2.134" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=220 compat=0 ip=0xffff95f5c9b8 code=0x7ffc0000 [ 42.513716][ T31] audit: type=1326 audit(42.490:204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6990 comm="syz.2.134" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=135 compat=0 ip=0xffff95f384f0 code=0x7ffc0000 [ 42.513727][ T31] audit: type=1326 audit(42.490:205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6990 comm="syz.2.134" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff95f5b3a8 code=0x7ffc0000 [ 42.513739][ T31] audit: type=1326 audit(42.490:206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6990 comm="syz.2.134" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff95f5b3a8 code=0x7ffc0000 [ 42.513750][ T31] audit: type=1326 audit(42.490:207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6990 comm="syz.2.134" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=99 compat=0 ip=0xffff95f37d1c code=0x7ffc0000 [ 42.513762][ T31] audit: type=1326 audit(42.490:208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6990 comm="syz.2.134" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=135 compat=0 ip=0xffff95f37d70 code=0x7ffc0000 [ 42.557190][ T6994] netlink: 'syz.0.135': attribute type 10 has an invalid length. [ 42.560213][ T6994] team0: Port device dummy0 added [ 42.562706][ T6994] netlink: 'syz.0.135': attribute type 10 has an invalid length. [ 42.563126][ T6994] team0: Failed to send port change of device dummy0 via netlink (err -105) [ 42.580171][ T6994] team0: Failed to send options change via netlink (err -105) [ 42.580256][ T6994] team0: Failed to send port change of device dummy0 via netlink (err -105) [ 42.580455][ T6994] team0: Port device dummy0 removed [ 42.582134][ T6994] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 42.672170][ T7002] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 42.683384][ T7004] netlink: 'syz.1.140': attribute type 2 has an invalid length. [ 42.683410][ T7004] netlink: 'syz.1.140': attribute type 3 has an invalid length. [ 42.698077][ T7002] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 42.731935][ T7009] netlink: 'syz.0.142': attribute type 13 has an invalid length. [ 42.787804][ T7009] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 42.815739][ T7013] loop1: detected capacity change from 0 to 512 [ 42.819384][ T7013] EXT4-fs: Ignoring removed i_version option [ 42.819418][ T7013] EXT4-fs: Ignoring removed bh option [ 42.833977][ T7013] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 42.853808][ T7002] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 42.884987][ T6546] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 43.283698][ T7002] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 43.341892][ T7034] loop1: detected capacity change from 0 to 1024 [ 43.343675][ T7034] EXT4-fs: Ignoring removed orlov option [ 43.349307][ T7034] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 43.376431][ T6546] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 43.399598][ T1993] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 43.402152][ T1993] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 43.405076][ T1993] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 43.412645][ T1993] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 43.420961][ T7039] netlink: 'syz.1.152': attribute type 3 has an invalid length. [ 43.422526][ T7039] netlink: 132 bytes leftover after parsing attributes in process `syz.1.152'. [ 43.451976][ T7043] netlink: 8 bytes leftover after parsing attributes in process `syz.2.154'. [ 43.509244][ T7049] loop2: detected capacity change from 0 to 128 [ 43.513477][ T7049] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 43.545006][ T7049] : renamed from wg2 (while UP) [ 43.677226][ T6543] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 43.767152][ T6550] Bluetooth: hci2: command 0x0c1a tx timeout [ 43.970530][ T7079] netlink: 4 bytes leftover after parsing attributes in process `syz.4.170'. [ 43.972659][ T7079] netlink: 4 bytes leftover after parsing attributes in process `syz.4.170'. [ 44.010101][ T7080] loop2: detected capacity change from 0 to 512 [ 44.026353][ T7080] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #15: comm syz.2.168: corrupted inode contents [ 44.031140][ T7080] EXT4-fs error (device loop2) in ext4_orphan_del:305: Corrupt filesystem [ 44.032987][ T7080] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #15: comm syz.2.168: corrupted inode contents [ 44.037163][ T7080] EXT4-fs error (device loop2): ext4_evict_inode:302: inode #15: comm syz.2.168: mark_inode_dirty error [ 44.039038][ T7080] EXT4-fs (loop2): 1 orphan inode deleted [ 44.039485][ T7080] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 44.201866][ T6543] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 44.240651][ T7093] tipc: Started in network mode [ 44.240692][ T7093] tipc: Node identity 7a4565e7fc6a, cluster identity 4711 [ 44.240793][ T7093] tipc: Enabled bearer , priority 0 [ 44.245652][ T7093] tipc: Disabling bearer [ 44.378870][ T7108] netlink: 80 bytes leftover after parsing attributes in process `syz.2.182'. [ 44.398620][ T7111] syzkaller0: entered promiscuous mode [ 44.398653][ T7111] syzkaller0: entered allmulticast mode [ 44.439143][ T7117] loop1: detected capacity change from 0 to 512 [ 44.443307][ T7115] ieee802154 phy0 wpan0: encryption failed: -22 [ 44.451779][ T7117] EXT4-fs error (device loop1): ext4_xattr_inode_iget:442: comm syz.1.187: error while reading EA inode 32 err=-116 [ 44.454712][ T7117] EXT4-fs (loop1): Remounting filesystem read-only [ 44.454759][ T7117] EXT4-fs warning (device loop1): ext4_evict_inode:257: couldn't mark inode dirty (err -30) [ 44.454798][ T7117] EXT4-fs (loop1): 1 orphan inode deleted [ 44.463373][ T7117] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 44.486861][ T6550] Bluetooth: hci4: command 0x0c1a tx timeout [ 44.487232][ T6138] Bluetooth: hci1: command 0x0c1a tx timeout [ 44.487263][ T6138] Bluetooth: hci3: command 0x0c1a tx timeout [ 44.487283][ T6138] Bluetooth: hci0: command 0x0c1a tx timeout [ 44.521850][ T7122] netdevsim netdevsim4: Direct firmware load for failed with error -2 [ 44.521889][ T7122] netdevsim netdevsim4: Falling back to sysfs fallback for: [ 44.580470][ T7132] loop2: detected capacity change from 0 to 512 [ 44.583473][ T7132] journal_path: Lookup failure for './file0/../file0' [ 44.584839][ T7132] EXT4-fs: error: could not find journal device path [ 44.612725][ T6546] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 44.843554][ T7147] loop2: detected capacity change from 0 to 512 [ 44.881325][ T7147] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 45.055468][ T6543] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 45.271045][ T7137] Set syz1 is full, maxelem 65536 reached [ 45.328073][ T7167] serio: Serial port ptm0 [ 45.745781][ T7186] loop3: detected capacity change from 0 to 8192 [ 45.806347][ T7197] loop4: detected capacity change from 0 to 512 [ 45.822592][ T7199] netlink: 148 bytes leftover after parsing attributes in process `syz.2.221'. [ 45.830434][ T7197] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 45.847627][ T6550] Bluetooth: hci2: command 0x0c1a tx timeout [ 45.868121][ T7197] EXT4-fs error (device loop4): ext4_ext_check_inode:523: inode #2: comm syz.4.220: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0) [ 45.871426][ T7197] EXT4-fs (loop4): Remounting filesystem read-only [ 45.883943][ T6544] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 45.964154][ T7211] loop2: detected capacity change from 0 to 1024 [ 45.964516][ T7211] ======================================================= [ 45.964516][ T7211] WARNING: The mand mount option has been deprecated and [ 45.964516][ T7211] and is ignored by this kernel. Remove the mand [ 45.964516][ T7211] option from the mount to silence this warning. [ 45.964516][ T7211] ======================================================= [ 45.964582][ T7211] EXT4-fs: Ignoring removed bh option [ 45.964590][ T7211] EXT4-fs: Ignoring removed bh option [ 45.983533][ T7211] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 46.020965][ T7211] EXT4-fs: Ignoring removed orlov option [ 46.036379][ T7217] 9pnet: Could not find request transport: f [ 46.046840][ T7211] EXT4-fs (loop2): can't enable nombcache during remount [ 46.062930][ T7220] netlink: 12 bytes leftover after parsing attributes in process `syz.0.229'. [ 46.090983][ T6543] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 46.102507][ T7220] netlink: 12 bytes leftover after parsing attributes in process `syz.0.229'. [ 46.129698][ T7225] netlink: 12 bytes leftover after parsing attributes in process `syz.0.229'. [ 46.170246][ T7220] netlink: 12 bytes leftover after parsing attributes in process `syz.0.229'. [ 46.245805][ T7236] loop3: detected capacity change from 0 to 512 [ 46.262708][ T7236] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem [ 46.266058][ T7236] EXT4-fs (loop3): invalid journal inode [ 46.266537][ T7236] EXT4-fs (loop3): can't get journal size [ 46.276151][ T7236] EXT4-fs (loop3): 1 truncate cleaned up [ 46.283825][ T7236] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 46.321751][ T6548] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 46.381151][ T7244] loop3: detected capacity change from 0 to 512 [ 46.395415][ T7244] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 46.419200][ T7244] EXT4-fs (loop3): 1 truncate cleaned up [ 46.419679][ T7244] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 46.438466][ T6548] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 46.554971][ T7274] loop3: detected capacity change from 0 to 128 [ 46.563283][ T7274] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 46.566765][ T6550] Bluetooth: hci0: command 0x0c1a tx timeout [ 46.566774][ T52] Bluetooth: hci4: command 0x0c1a tx timeout [ 46.566794][ T52] Bluetooth: hci3: command 0x0c1a tx timeout [ 46.566816][ T6550] Bluetooth: hci1: command 0x0c1a tx timeout [ 46.616433][ T6548] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 46.787643][ T7293] macvlan2: entered promiscuous mode [ 46.787679][ T7293] macvlan2: entered allmulticast mode [ 46.791123][ T7293] bond1: entered promiscuous mode [ 46.793917][ T7293] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 46.827267][ T7293] bond1: left promiscuous mode [ 46.838045][ T7298] loop0: detected capacity change from 0 to 8192 [ 47.092187][ T7315] bond2: entered promiscuous mode [ 47.092220][ T7315] bond2: entered allmulticast mode [ 47.093145][ T7315] 8021q: adding VLAN 0 to HW filter on device bond2 [ 47.149190][ T7315] bond2 (unregistering): Released all slaves [ 47.344179][ T7345] loop4: detected capacity change from 0 to 764 [ 47.359046][ T7351] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 47.436326][ T7359] veth0: entered promiscuous mode [ 47.439377][ T7359] veth0: left promiscuous mode [ 47.557581][ T31] kauditd_printk_skb: 130 callbacks suppressed [ 47.557614][ T31] audit: type=1326 audit(47.540:339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7361 comm="syz.1.289" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa8f5b3a8 code=0x7ffc0000 [ 47.562482][ T31] audit: type=1326 audit(47.540:340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7361 comm="syz.1.289" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=223 compat=0 ip=0xffffa8f5b3a8 code=0x7ffc0000 [ 47.566455][ T31] audit: type=1326 audit(47.540:341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7361 comm="syz.1.289" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa8f5b3a8 code=0x7ffc0000 [ 47.744118][ T31] audit: type=1326 audit(47.720:342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7368 comm="syz.2.292" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff95f5b3a8 code=0x7ffc0000 [ 47.744152][ T31] audit: type=1326 audit(47.720:343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7368 comm="syz.2.292" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff95f5b3a8 code=0x7ffc0000 [ 47.761290][ T31] audit: type=1326 audit(47.730:344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7368 comm="syz.2.292" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=28 compat=0 ip=0xffff95f5b3a8 code=0x7ffc0000 [ 47.762001][ T31] audit: type=1326 audit(47.730:345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7368 comm="syz.2.292" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff95f5b3a8 code=0x7ffc0000 [ 47.762016][ T31] audit: type=1326 audit(47.730:346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7368 comm="syz.2.292" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff95f5b3a8 code=0x7ffc0000 [ 48.030922][ T6138] Bluetooth: hci2: command 0x0c1a tx timeout [ 48.037474][ T7373] loop0: detected capacity change from 0 to 512 [ 48.037838][ T7373] EXT4-fs: Ignoring removed orlov option [ 48.075450][ T7385] loop3: detected capacity change from 0 to 512 [ 48.078125][ T7373] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 48.101543][ T7373] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.291: bg 0: block 328: padding at end of block bitmap is not set [ 48.121409][ T7385] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 48.144732][ T6545] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 48.168489][ T6548] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 48.280144][ T31] audit: type=1326 audit(48.260:347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7411 comm="syz.2.307" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff95f5b3a8 code=0x7ffc0000 [ 48.280193][ T31] audit: type=1326 audit(48.260:348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7411 comm="syz.2.307" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff95f5b3a8 code=0x7ffc0000 [ 48.284818][ T7413] SET target dimension over the limit! [ 48.332817][ T7418] loop2: detected capacity change from 0 to 2048 [ 48.374399][ T6185] Alternate GPT is invalid, using primary GPT. [ 48.374457][ T6185] loop2: p1 p2 p3 [ 48.374464][ T6185] loop2: partition table partially beyond EOD, truncated [ 48.392420][ T7418] Alternate GPT is invalid, using primary GPT. [ 48.392485][ T7418] loop2: p1 p2 p3 [ 48.392499][ T7418] loop2: partition table partially beyond EOD, truncated [ 48.396318][ T7430] loop3: detected capacity change from 0 to 2048 [ 48.399019][ T7428] loop0: detected capacity change from 0 to 4096 [ 48.399331][ T7428] EXT4-fs: Ignoring removed nomblk_io_submit option [ 48.419546][ T6185] Alternate GPT is invalid, using primary GPT. [ 48.420696][ T7428] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 48.422958][ T6185] loop2: p1 p2 p3 [ 48.422976][ T6185] loop2: partition table partially beyond EOD, truncated [ 48.428089][ T7433] 9pnet_fd: Insufficient options for proto=fd [ 48.436415][ T7418] __nla_validate_parse: 7 callbacks suppressed [ 48.436460][ T7418] netlink: 4 bytes leftover after parsing attributes in process `syz.2.311'. [ 48.505815][ T7430] loop3: p1 p2 p3 [ 48.605085][ T6185] Alternate GPT is invalid, using primary GPT. [ 48.605135][ T6185] loop2: p1 p2 p3 [ 48.605142][ T6185] loop2: partition table partially beyond EOD, truncated [ 48.647058][ T6550] Bluetooth: hci3: command 0x0c1a tx timeout [ 48.657258][ T6550] Bluetooth: hci1: command 0x0c1a tx timeout [ 48.657477][ T6138] Bluetooth: hci0: command 0x0c1a tx timeout [ 48.657512][ T6138] Bluetooth: hci4: command 0x0c1a tx timeout [ 48.732629][ T7449] Zero length message leads to an empty skb [ 48.890760][ T7120] udevd[7120]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory [ 48.893212][ T6537] udevd[6537]: inotify_add_watch(7, /dev/loop2p2, 10) failed: No such file or directory [ 48.896536][ T6535] udevd[6535]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory [ 48.907708][ T7452] syz_tun: entered allmulticast mode [ 48.939066][ T7453] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 48.956388][ T6537] udevd[6537]: inotify_add_watch(7, /dev/loop2p2, 10) failed: No such file or directory [ 48.971326][ T7447] infiniband syz1: set active [ 48.973316][ T7447] infiniband syz1: added syz_tun [ 48.979161][ T7120] udevd[7120]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory [ 48.984432][ T7446] loop3: detected capacity change from 0 to 32768 [ 49.003839][ T7454] loop2: detected capacity change from 0 to 164 [ 49.008631][ T6535] udevd[6535]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory [ 49.034159][ T7447] RDS/IB: syz1: added [ 49.039855][ T7447] smc: adding ib device syz1 with port count 1 [ 49.039917][ T7447] smc: ib device syz1 port 1 has pnetid [ 49.042769][ T6537] loop3: p1 p2 p3 < > p4 < p5 p6 > [ 49.042790][ T6537] loop3: partition table partially beyond EOD, truncated [ 49.042887][ T6537] loop3: p1 start 196608 is beyond EOD, truncated [ 49.052219][ T6537] loop3: p3 start 50725632 is beyond EOD, truncated [ 49.054253][ T6537] loop3: p5 start 196608 is beyond EOD, truncated [ 49.063109][ T7453] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 49.091412][ T7446] loop3: p1 p2 p3 < > p4 < p5 p6 > [ 49.091445][ T7446] loop3: partition table partially beyond EOD, truncated [ 49.091544][ T7446] loop3: p1 start 196608 is beyond EOD, truncated [ 49.100635][ T7446] loop3: p3 start 50725632 is beyond EOD, truncated [ 49.103973][ T7446] loop3: p5 start 196608 is beyond EOD, truncated [ 49.112219][ T7445] syz_tun: left allmulticast mode [ 49.116262][ T7120] udevd[7120]: inotify_add_watch(7, /dev/loop3p3, 10) failed: No such file or directory [ 49.158500][ T7453] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 49.163057][ T6688] udevd[6688]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory [ 49.230698][ T6535] udevd[6535]: inotify_add_watch(7, /dev/loop2p2, 10) failed: No such file or directory [ 49.250310][ T6545] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 49.261363][ T6537] udevd[6537]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory [ 49.263926][ T7453] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 49.406768][ T7475] geneve2: entered promiscuous mode [ 49.407816][ T7475] geneve2: entered allmulticast mode [ 49.414887][ T12] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.472946][ T12] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.473094][ T12] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.473122][ T12] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.539109][ T7491] vhci_hcd: invalid port number 96 [ 49.540226][ T7491] vhci_hcd: default hub control req: 0300 vfffa i0060 l0 [ 49.655772][ T7501] netlink: 16 bytes leftover after parsing attributes in process `syz.3.340'. [ 49.725243][ T7506] usb usb1: check_ctrlrecip: process 7506 (syz.1.343) requesting ep 01 but needs 81 [ 49.725277][ T7506] usb usb1: usbfs: process 7506 (syz.1.343) did not claim interface 0 before use [ 50.193154][ T7530] loop9: detected capacity change from 0 to 7 [ 50.193484][ T7530] Buffer I/O error on dev loop9, logical block 0, async page read [ 50.193548][ T7530] Buffer I/O error on dev loop9, logical block 0, async page read [ 50.193586][ T7530] Buffer I/O error on dev loop9, logical block 0, async page read [ 50.193623][ T7530] Buffer I/O error on dev loop9, logical block 0, async page read [ 50.193661][ T7530] Buffer I/O error on dev loop9, logical block 0, async page read [ 50.193699][ T7530] Buffer I/O error on dev loop9, logical block 0, async page read [ 50.193734][ T7530] Buffer I/O error on dev loop9, logical block 0, async page read [ 50.193757][ T7530] ldm_validate_partition_table(): Disk read failed. [ 50.193775][ T7530] Buffer I/O error on dev loop9, logical block 0, async page read [ 50.193809][ T7530] Buffer I/O error on dev loop9, logical block 0, async page read [ 50.193841][ T7530] Buffer I/O error on dev loop9, logical block 0, async page read [ 50.193893][ T7530] Dev loop9: unable to read RDB block 0 [ 50.193975][ T7530] loop9: unable to read partition table [ 50.194036][ T7530] loop9: partition table beyond EOD, truncated [ 50.194050][ T7530] loop_reread_partitions: partition scan of loop9 (被xڬdGݡ [ 50.194050][ T7530] ) failed (rc=-5) [ 50.282606][ T7536] netlink: 12 bytes leftover after parsing attributes in process `syz.4.356'. [ 50.302462][ T7541] loop3: detected capacity change from 0 to 512 [ 50.303113][ T7541] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 50.309267][ T7541] EXT4-fs (loop3): 1 truncate cleaned up [ 50.309722][ T7541] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 50.425154][ T7554] loop1: detected capacity change from 0 to 512 [ 50.438912][ T6548] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 50.825948][ T7566] netlink: 44 bytes leftover after parsing attributes in process `syz.2.369'. [ 50.853363][ T7570] serio: Serial port ptm1 [ 50.976017][ T7580] loop2: detected capacity change from 0 to 1024 [ 51.496521][ T7601] loop4: detected capacity change from 0 to 128 [ 51.508577][ T7601] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 51.597138][ T6544] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 51.642681][ T7617] loop1: detected capacity change from 0 to 128 [ 51.650800][ T7617] FAT-fs (loop1): Directory bread(block 162) failed [ 51.650842][ T7617] FAT-fs (loop1): Directory bread(block 163) failed [ 51.650866][ T7617] FAT-fs (loop1): Directory bread(block 164) failed [ 51.650882][ T7617] FAT-fs (loop1): Directory bread(block 165) failed [ 51.650897][ T7617] FAT-fs (loop1): Directory bread(block 166) failed [ 51.650907][ T7617] FAT-fs (loop1): Directory bread(block 167) failed [ 51.650917][ T7617] FAT-fs (loop1): Directory bread(block 168) failed [ 51.650927][ T7617] FAT-fs (loop1): Directory bread(block 169) failed [ 51.654513][ T7617] FAT-fs (loop1): Directory bread(block 162) failed [ 51.654529][ T7617] FAT-fs (loop1): Directory bread(block 163) failed [ 51.661058][ T7617] bio_check_eod: 18328 callbacks suppressed [ 51.661070][ T7617] syz.1.393: attempt to access beyond end of device [ 51.661070][ T7617] loop1: rw=3, sector=226, nr_sectors = 6 limit=128 [ 51.661148][ T7617] syz.1.393: attempt to access beyond end of device [ 51.661148][ T7617] loop1: rw=2051, sector=232, nr_sectors = 2 limit=128 [ 51.789581][ T7629] netlink: 960 bytes leftover after parsing attributes in process `syz.2.398'. [ 51.840226][ T7635] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 51.840449][ T7635] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 51.861917][ T7635] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 51.862127][ T7635] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 51.952142][ T7649] geneve0: entered allmulticast mode [ 51.958966][ T7651] loop0: detected capacity change from 0 to 128 [ 52.034424][ T7651] syz.0.408: attempt to access beyond end of device [ 52.034424][ T7651] loop0: rw=2049, sector=145, nr_sectors = 16 limit=128 [ 52.034672][ T7651] syz.0.408: attempt to access beyond end of device [ 52.034672][ T7651] loop0: rw=2049, sector=169, nr_sectors = 8 limit=128 [ 52.034712][ T7651] syz.0.408: attempt to access beyond end of device [ 52.034712][ T7651] loop0: rw=2049, sector=185, nr_sectors = 8 limit=128 [ 52.034752][ T7651] syz.0.408: attempt to access beyond end of device [ 52.034752][ T7651] loop0: rw=2049, sector=201, nr_sectors = 8 limit=128 [ 52.034787][ T7651] syz.0.408: attempt to access beyond end of device [ 52.034787][ T7651] loop0: rw=2049, sector=217, nr_sectors = 8 limit=128 [ 52.034823][ T7651] syz.0.408: attempt to access beyond end of device [ 52.034823][ T7651] loop0: rw=2049, sector=233, nr_sectors = 8 limit=128 [ 52.034860][ T7651] syz.0.408: attempt to access beyond end of device [ 52.034860][ T7651] loop0: rw=2049, sector=249, nr_sectors = 8 limit=128 [ 52.034894][ T7651] syz.0.408: attempt to access beyond end of device [ 52.034894][ T7651] loop0: rw=2049, sector=265, nr_sectors = 8 limit=128 [ 52.216309][ T7665] loop0: detected capacity change from 0 to 128 [ 52.225941][ T7665] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 52.344452][ T6545] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 52.449839][ T7683] x_tables: duplicate underflow at hook 1 [ 52.532943][ T7691] loop3: detected capacity change from 0 to 512 [ 52.543182][ T7693] netlink: 1 bytes leftover after parsing attributes in process `syz.1.427'. [ 52.545043][ T7693] xt_policy: neither incoming nor outgoing policy selected [ 52.587378][ T7691] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 52.593684][ T7699] loop4: detected capacity change from 0 to 128 [ 52.603854][ T7691] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #2: comm syz.3.426: corrupted inode contents [ 52.605494][ T7691] EXT4-fs error (device loop3): ext4_dirty_inode:6538: inode #2: comm syz.3.426: mark_inode_dirty error [ 52.606377][ T7691] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #2: comm syz.3.426: corrupted inode contents [ 52.623064][ T7699] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 52.631642][ T31] kauditd_printk_skb: 196 callbacks suppressed [ 52.631681][ T31] audit: type=1326 audit(52.610:545): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7704 comm="syz.1.431" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa8f5b3a8 code=0x7ffc0000 [ 52.631712][ T31] audit: type=1326 audit(52.610:546): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7704 comm="syz.1.431" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa8f5b3a8 code=0x7ffc0000 [ 52.646769][ T31] audit: type=1326 audit(52.620:547): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7704 comm="syz.1.431" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=222 compat=0 ip=0xffffa8f5b3a8 code=0x7ffc0000 [ 52.658450][ T6548] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 52.681822][ T6544] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 52.748018][ T31] audit: type=1326 audit(52.730:548): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7704 comm="syz.1.431" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa8f5b3a8 code=0x7ffc0000 [ 52.748069][ T31] audit: type=1326 audit(52.730:549): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7704 comm="syz.1.431" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa8f5b3a8 code=0x7ffc0000 [ 52.773038][ T31] audit: type=1326 audit(52.750:550): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7704 comm="syz.1.431" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffa8f5b3a8 code=0x7ffc0000 [ 52.773084][ T31] audit: type=1326 audit(52.750:551): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7704 comm="syz.1.431" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa8f5b3a8 code=0x7ffc0000 [ 52.773120][ T31] audit: type=1326 audit(52.750:552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7704 comm="syz.1.431" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa8f5b3a8 code=0x7ffc0000 [ 52.773135][ T31] audit: type=1326 audit(52.750:553): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7704 comm="syz.1.431" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffa8f5b3a8 code=0x7ffc0000 [ 52.773148][ T31] audit: type=1326 audit(52.750:554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7704 comm="syz.1.431" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa8f5b3a8 code=0x7ffc0000 [ 52.831115][ T7717] loop0: detected capacity change from 0 to 256 [ 52.931329][ T7723] loop1: detected capacity change from 0 to 1024 [ 52.934855][ T7723] EXT4-fs: inline encryption not supported [ 52.965315][ T7723] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 53.071347][ T7734] loop0: detected capacity change from 0 to 128 [ 53.097609][ T7734] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 53.116307][ T6545] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 53.692269][ T6546] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 53.781541][ T2334] cfg80211: failed to load regulatory.db [ 54.218447][ T7774] netlink: 24 bytes leftover after parsing attributes in process `syz.0.459'. [ 54.279106][ T7781] netlink: 4 bytes leftover after parsing attributes in process `syz.1.461'. [ 54.322866][ T7782] netlink: 4 bytes leftover after parsing attributes in process `syz.4.458'. [ 54.357621][ T4747] smc: removing ib device syz1 [ 54.363487][ T2334] syz1: Port: 1 Link DOWN [ 54.364296][ T7781] netlink: 4 bytes leftover after parsing attributes in process `syz.1.461'. [ 54.425387][ T7788] binfmt_misc: register: failed to install interpreter file ./file2 [ 54.539328][ T7794] IPv6: sit1: Disabled Multicast RS [ 54.540858][ T7794] sit1: entered allmulticast mode [ 54.588164][ T7797] syz.1.468: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0 [ 54.588827][ T7797] CPU: 0 UID: 0 PID: 7797 Comm: syz.1.468 Not tainted syzkaller #0 PREEMPT [ 54.588838][ T7797] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 54.588843][ T7797] Call trace: [ 54.588845][ T7797] show_stack+0x2c/0x3c (C) [ 54.588861][ T7797] __dump_stack+0x30/0x40 [ 54.588870][ T7797] dump_stack_lvl+0xd8/0x12c [ 54.588877][ T7797] dump_stack+0x1c/0x28 [ 54.588884][ T7797] warn_alloc+0x1f8/0x30c [ 54.588890][ T7797] __vmalloc_node_range_noprof+0x114/0xf8c [ 54.588899][ T7797] vmalloc_user_noprof+0xf0/0x14c [ 54.588906][ T7797] xskq_create+0xbc/0x168 [ 54.588917][ T7797] xsk_init_queue+0xb0/0x118 [ 54.588925][ T7797] xsk_setsockopt+0x448/0x684 [ 54.588934][ T7797] do_sock_setsockopt+0x1ec/0x328 [ 54.588943][ T7797] __arm64_sys_setsockopt+0x170/0x1e0 [ 54.588950][ T7797] invoke_syscall+0x98/0x254 [ 54.588959][ T7797] el0_svc_common+0x130/0x23c [ 54.588966][ T7797] do_el0_svc+0x48/0x58 [ 54.588973][ T7797] el0_svc+0x5c/0x254 [ 54.588979][ T7797] el0t_64_sync_handler+0x84/0x12c [ 54.588985][ T7797] el0t_64_sync+0x198/0x19c [ 54.588997][ T7797] Mem-Info: [ 54.589005][ T7797] active_anon:24 inactive_anon:7322 isolated_anon:0 [ 54.589005][ T7797] active_file:2330 inactive_file:4501 isolated_file:0 [ 54.589005][ T7797] unevictable:768 dirty:93 writeback:0 [ 54.589005][ T7797] slab_reclaimable:10496 slab_unreclaimable:106347 [ 54.589005][ T7797] mapped:29119 shmem:949 pagetables:1589 [ 54.589005][ T7797] sec_pagetables:0 bounce:0 [ 54.589005][ T7797] kernel_misc_reclaimable:0 [ 54.589005][ T7797] free:1137021 free_pcp:38317 free_cma:7360 [ 54.589024][ T7797] Node 0 active_anon:96kB inactive_anon:29288kB active_file:9320kB inactive_file:18004kB unevictable:3072kB isolated(anon):0kB isolated(file):0kB mapped:116476kB dirty:372kB writeback:0kB shmem:3796kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:9740kB pagetables:6356kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 54.589041][ T7797] Node 0 DMA free:3076864kB boost:0kB min:20868kB low:26084kB high:31300kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145728kB managed:3080192kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:29440kB [ 54.589065][ T7797] lowmem_reserve[]: 0 0 3490 3490 3490 [ 54.589103][ T7797] Node 0 Normal free:1471220kB boost:0kB min:24184kB low:30228kB high:36272kB reserved_highatomic:0KB free_highatomic:0KB active_anon:96kB inactive_anon:29288kB active_file:9320kB inactive_file:18004kB unevictable:3072kB writepending:372kB present:5242880kB managed:3574656kB mlocked:0kB bounce:0kB free_pcp:153268kB local_pcp:113452kB free_cma:0kB [ 54.589127][ T7797] lowmem_reserve[]: 0 0 0 0 0 [ 54.589164][ T7797] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 1*256kB (C) 1*512kB (C) 0*1024kB 0*2048kB 751*4096kB (MC) = 3076864kB [ 54.589279][ T7797] Node 0 Normal: 1*4kB (M) 2*8kB (UE) 1*16kB (U) 0*32kB 9*64kB (UM) 7*128kB (UME) 3*256kB (UE) 5*512kB (UE) 4*1024kB (UME) 4*2048kB (UME) 355*4096kB (M) = 1471204kB [ 54.589415][ T7797] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 54.589424][ T7797] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=32768kB [ 54.589432][ T7797] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 54.589440][ T7797] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=64kB [ 54.589449][ T7797] 7775 total pagecache pages [ 54.589455][ T7797] 0 pages in swap cache [ 54.589461][ T7797] Free swap = 124996kB [ 54.589467][ T7797] Total swap = 124996kB [ 54.589473][ T7797] 2097152 pages RAM [ 54.589485][ T7797] 0 pages HighMem/MovableOnly [ 54.589491][ T7797] 433440 pages reserved [ 54.589497][ T7797] 8192 pages cma reserved [ 54.589504][ T7797] 0 pages hwpoisoned [ 54.634277][ T7798] netlink: 256 bytes leftover after parsing attributes in process `syz.2.469'. [ 54.634292][ T7798] ksmbd: Unknown IPC event: 3, ignore. [ 54.743008][ T7801] netlink: 'syz.2.471': attribute type 4 has an invalid length. [ 54.896390][ T7810] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 55.007074][ T7817] loop1: detected capacity change from 0 to 512 [ 55.023330][ T7810] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 55.043504][ T7817] [ 55.043964][ T7817] ====================================================== [ 55.045095][ T7817] WARNING: possible circular locking dependency detected [ 55.046297][ T7817] syzkaller #0 Not tainted [ 55.047073][ T7817] ------------------------------------------------------ [ 55.048287][ T7817] syz.1.478/7817 is trying to acquire lock: [ 55.049221][ T7817] ffff0000d951eb98 (&sbi->s_writepages_rwsem){++++}-{0:0}, at: ext4_writepages+0x150/0x2a0 [ 55.050969][ T7817] [ 55.050969][ T7817] but task is already holding lock: [ 55.052265][ T7817] ffff0000f319e9f8 (&ei->xattr_sem){++++}-{4:4}, at: __ext4_mark_inode_dirty+0x358/0x6fc [ 55.053961][ T7817] [ 55.053961][ T7817] which lock already depends on the new lock. [ 55.053961][ T7817] [ 55.055666][ T7817] [ 55.055666][ T7817] the existing dependency chain (in reverse order) is: [ 55.057125][ T7817] [ 55.057125][ T7817] -> #1 (&ei->xattr_sem){++++}-{4:4}: [ 55.058290][ T7817] down_write+0x50/0xc0 [ 55.059063][ T7817] ext4_xattr_set_handle+0x11c/0x1260 [ 55.060074][ T7817] ext4_initxattrs+0xa4/0x11c [ 55.060875][ T7817] security_inode_init_security+0x6dc/0x7f4 [ 55.061852][ T7817] ext4_init_security+0x44/0x58 [ 55.062733][ T7817] __ext4_new_inode+0x27f4/0x3190 [ 55.063605][ T7817] ext4_ext_migrate+0x4b8/0xd10 [ 55.064396][ T7817] ext4_ioctl+0x16d4/0x309c [ 55.065167][ T7817] __arm64_sys_ioctl+0x14c/0x1c4 [ 55.066067][ T7817] invoke_syscall+0x98/0x254 [ 55.066907][ T7817] el0_svc_common+0x130/0x23c [ 55.067684][ T7817] do_el0_svc+0x48/0x58 [ 55.068386][ T7817] el0_svc+0x5c/0x254 [ 55.069150][ T7817] el0t_64_sync_handler+0x84/0x12c [ 55.070136][ T7817] el0t_64_sync+0x198/0x19c [ 55.070910][ T7817] [ 55.070910][ T7817] -> #0 (&sbi->s_writepages_rwsem){++++}-{0:0}: [ 55.072297][ T7817] __lock_acquire+0x1774/0x30a4 [ 55.073192][ T7817] lock_acquire+0x14c/0x2e0 [ 55.074020][ T7817] percpu_down_read_internal+0x5c/0x298 [ 55.074969][ T7817] ext4_writepages+0x150/0x2a0 [ 55.075808][ T7817] do_writepages+0x270/0x468 [ 55.076637][ T7817] __writeback_single_inode+0x15c/0x13e8 [ 55.077711][ T7817] writeback_single_inode+0x18c/0x54c [ 55.078775][ T7817] write_inode_now+0x13c/0x1a4 [ 55.079611][ T7817] iput+0x570/0x83c [ 55.080307][ T7817] ext4_xattr_block_set+0x13dc/0x24bc [ 55.081297][ T7817] ext4_expand_extra_isize_ea+0xeb4/0x182c [ 55.082346][ T7817] __ext4_expand_extra_isize+0x2a0/0x37c [ 55.083354][ T7817] __ext4_mark_inode_dirty+0x3c0/0x6fc [ 55.084346][ T7817] ext4_evict_inode+0x930/0x1084 [ 55.085221][ T7817] evict+0x414/0x928 [ 55.085945][ T7817] iput+0x6e4/0x83c [ 55.086629][ T7817] ext4_process_orphan+0x240/0x2b4 [ 55.087537][ T7817] ext4_orphan_cleanup+0x930/0x107c [ 55.088436][ T7817] ext4_fill_super+0x4724/0x4ea4 [ 55.089220][ T7817] get_tree_bdev_flags+0x360/0x414 [ 55.090133][ T7817] get_tree_bdev+0x2c/0x3c [ 55.090922][ T7817] ext4_get_tree+0x28/0x38 [ 55.091688][ T7817] vfs_get_tree+0x90/0x28c [ 55.092423][ T7817] do_new_mount+0x278/0x7f4 [ 55.093313][ T7817] path_mount+0x5b4/0xde0 [ 55.094107][ T7817] __arm64_sys_mount+0x3e8/0x468 [ 55.095027][ T7817] invoke_syscall+0x98/0x254 [ 55.095835][ T7817] el0_svc_common+0x130/0x23c [ 55.096572][ T7817] do_el0_svc+0x48/0x58 [ 55.097237][ T7817] el0_svc+0x5c/0x254 [ 55.097950][ T7817] el0t_64_sync_handler+0x84/0x12c [ 55.098781][ T7817] el0t_64_sync+0x198/0x19c [ 55.099669][ T7817] [ 55.099669][ T7817] other info that might help us debug this: [ 55.099669][ T7817] [ 55.101343][ T7817] Possible unsafe locking scenario: [ 55.101343][ T7817] [ 55.102555][ T7817] CPU0 CPU1 [ 55.103437][ T7817] ---- ---- [ 55.104303][ T7817] lock(&ei->xattr_sem); [ 55.104957][ T7817] lock(&sbi->s_writepages_rwsem); [ 55.106232][ T7817] lock(&ei->xattr_sem); [ 55.107429][ T7817] rlock(&sbi->s_writepages_rwsem); [ 55.108289][ T7817] [ 55.108289][ T7817] *** DEADLOCK *** [ 55.108289][ T7817] [ 55.109664][ T7817] 3 locks held by syz.1.478/7817: [ 55.110517][ T7817] #0: ffff0000d951c0e0 (&type->s_umount_key#26/1){+.+.}-{4:4}, at: alloc_super+0x1a0/0x80c [ 55.112251][ T7817] #1: ffff0000d951c618 (sb_internal){++++}-{0:0}, at: ext4_evict_inode+0x2b0/0x1084 [ 55.113961][ T7817] #2: ffff0000f319e9f8 (&ei->xattr_sem){++++}-{4:4}, at: __ext4_mark_inode_dirty+0x358/0x6fc [ 55.115653][ T7817] [ 55.115653][ T7817] stack backtrace: [ 55.116617][ T7817] CPU: 1 UID: 0 PID: 7817 Comm: syz.1.478 Not tainted syzkaller #0 PREEMPT [ 55.118009][ T7817] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 55.119531][ T7817] Call trace: [ 55.120057][ T7817] show_stack+0x2c/0x3c (C) [ 55.120774][ T7817] __dump_stack+0x30/0x40 [ 55.121433][ T7817] dump_stack_lvl+0xd8/0x12c [ 55.122211][ T7817] dump_stack+0x1c/0x28 [ 55.122896][ T7817] print_circular_bug+0x324/0x32c [ 55.123685][ T7817] check_noncircular+0x154/0x174 [ 55.124531][ T7817] __lock_acquire+0x1774/0x30a4 [ 55.125284][ T7817] lock_acquire+0x14c/0x2e0 [ 55.126046][ T7817] percpu_down_read_internal+0x5c/0x298 [ 55.126952][ T7817] ext4_writepages+0x150/0x2a0 [ 55.127706][ T7817] do_writepages+0x270/0x468 [ 55.128370][ T7817] __writeback_single_inode+0x15c/0x13e8 [ 55.129251][ T7817] writeback_single_inode+0x18c/0x54c [ 55.130125][ T7817] write_inode_now+0x13c/0x1a4 [ 55.130857][ T7817] iput+0x570/0x83c [ 55.131442][ T7817] ext4_xattr_block_set+0x13dc/0x24bc [ 55.132226][ T7817] ext4_expand_extra_isize_ea+0xeb4/0x182c [ 55.133065][ T7817] __ext4_expand_extra_isize+0x2a0/0x37c [ 55.133936][ T7817] __ext4_mark_inode_dirty+0x3c0/0x6fc [ 55.134718][ T7817] ext4_evict_inode+0x930/0x1084 [ 55.135490][ T7817] evict+0x414/0x928 [ 55.136090][ T7817] iput+0x6e4/0x83c [ 55.136663][ T7817] ext4_process_orphan+0x240/0x2b4 [ 55.137446][ T7817] ext4_orphan_cleanup+0x930/0x107c [ 55.138222][ T7817] ext4_fill_super+0x4724/0x4ea4 [ 55.138957][ T7817] get_tree_bdev_flags+0x360/0x414 [ 55.139821][ T7817] get_tree_bdev+0x2c/0x3c [ 55.140542][ T7817] ext4_get_tree+0x28/0x38 [ 55.141283][ T7817] vfs_get_tree+0x90/0x28c [ 55.141981][ T7817] do_new_mount+0x278/0x7f4 [ 55.142727][ T7817] path_mount+0x5b4/0xde0 [ 55.143394][ T7817] __arm64_sys_mount+0x3e8/0x468 [ 55.144189][ T7817] invoke_syscall+0x98/0x254 [ 55.144839][ T7817] el0_svc_common+0x130/0x23c [ 55.145575][ T7817] do_el0_svc+0x48/0x58 [ 55.146194][ T7817] el0_svc+0x5c/0x254 [ 55.146857][ T7817] el0t_64_sync_handler+0x84/0x12c [ 55.147620][ T7817] el0t_64_sync+0x198/0x19c [ 55.171470][ T7817] ------------[ cut here ]------------ [ 55.171528][ T7817] EA inode 11 i_nlink=2 [ 55.171631][ T7817] WARNING: CPU: 0 PID: 7817 at fs/ext4/xattr.c:1053 ext4_xattr_inode_update_ref+0x444/0x488 [ 55.174971][ T7817] Modules linked in: [ 55.175626][ T7817] CPU: 0 UID: 0 PID: 7817 Comm: syz.1.478 Not tainted syzkaller #0 PREEMPT [ 55.177050][ T7817] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 55.178805][ T7817] pstate: 63400005 (nZCv daif +PAN -UAO +TCO +DIT -SSBS BTYPE=--) [ 55.180212][ T7817] pc : ext4_xattr_inode_update_ref+0x444/0x488 [ 55.181277][ T7817] lr : ext4_xattr_inode_update_ref+0x444/0x488 [ 55.182457][ T7817] sp : ffff80009c556dc0 [ 55.183142][ T7817] x29: ffff80009c556e50 x28: 0000000000000000 x27: 1fffe0001e636b53 [ 55.184362][ T7817] x26: dfff800000000000 x25: ffff80009c556dc0 x24: ffff7000138aadb8 [ 55.185573][ T7817] x23: ffff800092ef2000 x22: ffff0000f31b58e8 x21: 0000000000000002 [ 55.186783][ T7817] x20: 0000000000000001 x19: ffff0000f31b58a8 x18: 1fffe00033771c88 [ 55.188116][ T7817] x17: ffff80008f85e000 x16: ffff80008b065bd0 x15: 0000000000000001 [ 55.189454][ T7817] x14: 1ffff000138aad28 x13: 0000000000000000 x12: 0000000000000000 [ 55.190704][ T7817] x11: 0000000000080000 x10: 00000000000507a5 x9 : 57c953dad851e200 [ 55.192012][ T7817] x8 : 57c953dad851e200 x7 : 0000000000000000 x6 : ffff80008056636c [ 55.193323][ T7817] x5 : 0000000000000000 x4 : 0000000000000000 x3 : ffff8000807d446c [ 55.194585][ T7817] x2 : 0000000000000002 x1 : 0000000100000000 x0 : 0000000000000000 [ 55.195741][ T7817] Call trace: [ 55.196226][ T7817] ext4_xattr_inode_update_ref+0x444/0x488 (P) [ 55.197153][ T7817] ext4_xattr_set_entry+0x928/0x15c0 [ 55.198021][ T7817] ext4_xattr_ibody_set+0x204/0x5fc [ 55.198860][ T7817] ext4_expand_extra_isize_ea+0xefc/0x182c [ 55.199788][ T7817] __ext4_expand_extra_isize+0x2a0/0x37c [ 55.200638][ T7817] __ext4_mark_inode_dirty+0x3c0/0x6fc [ 55.201574][ T7817] ext4_evict_inode+0x930/0x1084 [ 55.202390][ T7817] evict+0x414/0x928 [ 55.203059][ T7817] iput+0x6e4/0x83c [ 55.203672][ T7817] ext4_process_orphan+0x240/0x2b4 [ 55.204572][ T7817] ext4_orphan_cleanup+0x930/0x107c [ 55.205432][ T7817] ext4_fill_super+0x4724/0x4ea4 [ 55.206234][ T7817] get_tree_bdev_flags+0x360/0x414 [ 55.207104][ T7817] get_tree_bdev+0x2c/0x3c [ 55.207935][ T7817] ext4_get_tree+0x28/0x38 [ 55.208679][ T7817] vfs_get_tree+0x90/0x28c [ 55.209377][ T7817] do_new_mount+0x278/0x7f4 [ 55.210114][ T7817] path_mount+0x5b4/0xde0 [ 55.210816][ T7817] __arm64_sys_mount+0x3e8/0x468 [ 55.211555][ T7817] invoke_syscall+0x98/0x254 [ 55.212269][ T7817] el0_svc_common+0x130/0x23c [ 55.213041][ T7817] do_el0_svc+0x48/0x58 [ 55.213747][ T7817] el0_svc+0x5c/0x254 [ 55.214444][ T7817] el0t_64_sync_handler+0x84/0x12c [ 55.215264][ T7817] el0t_64_sync+0x198/0x19c [ 55.216005][ T7817] irq event stamp: 2133 [ 55.216656][ T7817] hardirqs last enabled at (2133): [] _raw_spin_unlock_irqrestore+0x38/0x98 [ 55.218210][ T7817] hardirqs last disabled at (2132): [] _raw_spin_lock_irqsave+0x2c/0x7c [ 55.219726][ T7817] softirqs last enabled at (1450): [] local_bh_enable+0x10/0x34 [ 55.221105][ T7817] softirqs last disabled at (1448): [] local_bh_disable+0x10/0x34 [ 55.222537][ T7817] ---[ end trace 0000000000000000 ]--- [ 55.310606][ T7810] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 55.311158][ T7817] EXT4-fs (loop1): 1 orphan inode deleted [ 55.313984][ T7817] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 55.321170][ T6546] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 55.389112][ T7810] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 55.501624][ T1608] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.505942][ T1608] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.506266][ T1608] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.509159][ T42] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.487292][ T2427] ieee802154 phy0 wpan0: encryption failed: -22 [ 64.487333][ T2427] ieee802154 phy1 wpan1: encryption failed: -22