last executing test programs: 2m13.520175437s ago: executing program 0 (id=117): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="2400000038000900000000000021000004000000040000800c0003800743"], 0x24}}, 0x0) 2m13.324113473s ago: executing program 0 (id=120): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x1, 0x5}, 0x50) close(0x3) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5, 0x1000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x3a66505}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000001600)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='percpu_create_chunk\x00', r1}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xa, 0x101, 0x7fff, 0xcc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x4}, 0x50) 2m12.556171312s ago: executing program 0 (id=127): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0x18, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000400)='GPL\x00', 0x1, 0x0, 0x0, 0x40f00, 0x8, '\x00', 0x0, @fallback=0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000180)='neigh_create\x00', r1}, 0x18) io_uring_setup(0x3c92, &(0x7f0000000100)={0x0, 0x3, 0x0, 0xffffffff, 0x2}) r2 = socket$unix(0x1, 0x5, 0x0) bind$unix(r2, &(0x7f0000000300)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bf"], 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8d}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x4, 0x0, 0x0, 0x7ff, 0x0, 0x0, 0x41100}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) accept4$unix(r2, 0x0, 0x0, 0x80800) setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x13, 0x0, 0x0) connect$inet6(0xffffffffffffffff, 0x0, 0x0) setsockopt$inet6_tcp_TCP_ULP(0xffffffffffffffff, 0x6, 0x1f, &(0x7f00000002c0), 0x4) r3 = socket$inet6(0xa, 0x3, 0x7) setsockopt$inet6_buf(r3, 0x29, 0x39, &(0x7f0000000040)="ff02040000ffffffffffffffff1f2be82db1af0000000000", 0x18) connect$inet6(r3, &(0x7f0000001940)={0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x9}, 0x1c) sendmmsg$inet6(r3, &(0x7f0000002200)=[{{0x0, 0x0, 0x0}}], 0x40000000000027f, 0x0) 2m12.131345047s ago: executing program 0 (id=131): mkdirat(0xffffffffffffff9c, &(0x7f0000002000)='./file0\x00', 0x0) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x1) 2m11.71503405s ago: executing program 0 (id=135): mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0x0, 0xffffffffffffffff, 0x0, 0x1c, &(0x7f0000000000)='//sys\x00\x00\x00\x00\x00\x00\x80\x004\x00\x00s/\x92ync_\x93\x96\xff\x92\xaf\x00Se\xf44.\x00'/49}, 0xfffffffffffffeec) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000e80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10) mount$bpf(0x200000000000, &(0x7f0000000200)='./file0\x00', 0x0, 0x206002, 0x0) 2m11.48820387s ago: executing program 0 (id=138): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x0, &(0x7f0000000100)}) futimesat(0xffffffffffffffff, 0x0, 0x0) 1m56.074318242s ago: executing program 32 (id=138): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x0, &(0x7f0000000100)}) futimesat(0xffffffffffffffff, 0x0, 0x0) 11.749311522s ago: executing program 4 (id=934): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0x8, 0x5}, 0x48) close(0x3) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000200)='rxrpc_call\x00', r1, 0x0, 0x3fc}, 0x18) r2 = socket$kcm(0x21, 0x2, 0x2) sendmsg$kcm(r2, &(0x7f0000000080)={&(0x7f0000000000)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @broadcast}}, 0x80, 0x0, 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000100100000100000014e200000000000010"], 0x28}, 0x0) r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) close_range(r3, 0xffffffffffffffff, 0x0) 11.577150234s ago: executing program 4 (id=936): mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000) r0 = socket$can_bcm(0x1d, 0x2, 0x2) connect$can_bcm(r0, 0x0, 0x0) recvmmsg(r0, 0x0, 0x0, 0x10002, 0x0) unlinkat(0xffffffffffffff9c, 0x0, 0x0) socket$nl_xfrm(0x10, 0x3, 0x6) prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e24}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r5}, 0x10) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=ANY=[@ANYBLOB="3800000020000100ecc2000000000000020020000000000100000000140003006c6f0000000000000000000000000000080002"], 0x38}, 0x1, 0x0, 0x0, 0x40008c4}, 0x8000) sendmmsg(0xffffffffffffffff, &(0x7f00000002c0), 0x40000000000009f, 0x0) 9.019633554s ago: executing program 4 (id=945): bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000640), &(0x7f0000000080), 0x8000}, 0x38) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000cc0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc0200000000000000ae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fc40848228567ffb400000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df2624f56da648d28ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71400fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada10eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff00000000000f000000ef0000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18aba6b16455a66c3b84b138efc20a546d3d5227e23b03f2a834391ade2ff3e93ee296c4082ee73e7c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0847a1ff2f7fc3c2b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f05c7f0be31491eb8c9ff68236c8600040000000000000000000066e034c81c3cab64e4fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f224baf1221c15fa12313ffbfa7c2730309f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca205081173bd03c4754fc4674812daab482fd390a1c903b5d28a1eb247b5837d7603b92495d5c569f6433c3fca5206cb0000003fdbbd3892c52c2e7612e05de32322e980a3d69931e2c9312dd517c96f2ee90362476ed853c4c9b7d4ebf13cbaa795860e92a3d7d004f2c491db38eb769f094d5d48b262cc35c40682138cf13a49aa9f27abec00002f01ba1251aaf2385416ca719300"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x70) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) clock_nanosleep(0x2, 0x0, &(0x7f0000000180)={0x0, 0x3938700}, 0x0) 8.734155321s ago: executing program 2 (id=949): sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0xa, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000180)='./file1\x00', 0x2000c16, &(0x7f0000000280)={[{@usrquota}, {@nodelalloc}]}, 0xff, 0x25e, &(0x7f0000000e80)="$eJzs3U1IHGcYB/BnZndr1aXY9lIo/YBSSiuIvRV6sZcWhCJSSqEtWErppUULVulNe8olh+QYkuApFwm5xeQYvEguCYGcTOLBXAKJ5BDJIQnZsDsr+JVo3HUnZH4/WOfDd97nHWb+74g4GEBh9UXEUESUIqI/IioRkWxu8HH26WtuznUvjUXUaj/cTxrtsu3MxnG9ETEbEV9FxGKaxF/liOmFX1YfLn/32dGpyqdnFn7u7uhJNq2trny/fnrkyPnhL6evXr87ksRQVLecV/slu+wrJxHvHEaxV0RSznsE7Mfof+du1HP/bkR80sh/JdLILt6xyTcWK/HFqecde/zetfc7OVag/Wq1Sv0ZOFsDCieNiGok6UBEZOtpOjCQ/Qx/s9ST/j0x+W//nxNT43/kPVMB7VKNWPn2YteF3m35v1PK8g+8prJfSq38ODp/q76yXsp7QEBHfJAt6s///t9mPg/5h8KRfygu+Yfikn8oLvmH4pJ/KC75h4J42vxjv0275B+KS/6huA6c/xNPDm9QQEdszj8AUCy1rgO9Ndzel5CBXOQ9/wAAAAAAAAAAAAAAAAAAADvNdS+NbXza02N5zxaXT0asfZM13Vm/1Ph/xBFvNr72PEi29Jjsq8KL/fpRix206GzOb1+/dTvf+lc+zLf+zHjE7P8RMVgu77z/kub9d3Bv7/H9yu8tFnhJybbtr3/qbP3tHs/nW394OeJSff4Z3G3+SeO9xnL3+adav34t1v/nUYsdAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0DHPAgAA///B2nXP") r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xffffff2d, &(0x7f0000000080)=[{&(0x7f0000000040)="c00e02003c000b05d25a806f8c6394f90124fc600c05000f90c60100053582c137153e370a48018004f01700d1bd", 0x33fe0}], 0x1, 0x0, 0x0, 0x5}, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2141, 0x59) pwrite64(r1, &(0x7f0000000140)="f6", 0xffffff07, 0x8000c61) symlink(&(0x7f00000006c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', &(0x7f00000005c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') 8.347153601s ago: executing program 2 (id=952): ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kfree\x00', r0}, 0x10) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000500)={'syzkaller0\x00', 0x7101}) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0xa802, 0x0) close(r2) socket$netlink(0x10, 0x3, 0x0) ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f00000000c0)={'syzkaller0\x00', @broadcast}) r3 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) r5 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@gettclass={0x24, 0x2a, 0x129, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {0xb, 0xd}, {}, {0x8, 0xfff1}}}, 0x24}}, 0x40004) recvmmsg(r5, &(0x7f0000005140)=[{{0x0, 0x0, &(0x7f0000001a80)=[{&(0x7f0000000640)=""/216, 0xd8}, {&(0x7f00000052c0)=""/235, 0xeb}, {&(0x7f0000003080)=""/4096, 0x1000}], 0x3}, 0x3}], 0x1b00, 0x0, 0x0) 7.951864182s ago: executing program 4 (id=954): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="1b0000000000000000000000008000"], 0x48) socket$key(0xf, 0x3, 0x2) syz_usb_connect(0x3, 0x0, 0x0, 0x0) r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000400)={0x2, 0x7, 0x0, 0x0, 0x2, 0x0, 0x70bd29}, 0x10}}, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000010000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r2, 0x0, 0x1}, 0x18) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) getpid() creat(&(0x7f00000002c0)='./file0\x00', 0x0) r3 = socket(0x10, 0x3, 0x0) r4 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000001c0)=@newqdisc={0x48, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r5, {0x0, 0x2}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_prio={{0x9}, {0x18, 0x2, {0x8}}}]}, 0x48}}, 0x20004000) sendmsg$nl_route_sched(r3, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)=@newtfilter={0x24, 0x2a, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {0x8, 0xfff1}, {0xfff1, 0x2}, {0xb, 0xffe0}}}, 0x24}, 0x1, 0x0, 0x0, 0x24044801}, 0x20000000) bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000020"], 0x50) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41101, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r6}, 0x10) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000180)='./file0\x00', 0x2010008, &(0x7f00000001c0), 0xff, 0x53b, &(0x7f0000000b80)="$eJzs3cFvHFcZAPBvNl7HSZzaBQ5QqaWiRUkF2Y1r2locSpEQnCohyj0Ye2NZWXste93GVgXrvwAJIUDiBBcuSPwBSCgSF44IKRKcQSoCIUhBggN00OzO2mY9a2/SjTde/37SZN6b2Znvexu/2Zmdp9kAzq3nI+KNiPggTdOXImImX17Kp2h1pux17z94dymbkkjTt/6WRJIv6+4ryedX8s2mIuJrX4n4ZnI07tbO7p3Fer22mderzbWN6tbO7o3VtcWV2kptfX5+7tWF1xZeWbg5lHZejYjXv/Sn73/np19+/ZeffeePt/5y/VtZWtP5+sPteEgTx63sNL18capng81HDPYkytpT7lYuDbbN3mPMBwCA/rJz/I9ExKci4qWYiQvHn84CAAAAZ1D6hen4TxKRFpvssxwAAAA4Q0rtMbBJqZKPBZiOUqlS6Yzh/VhcLtUbW83P3G5sry93xsrORrl0e7Veu5mPFZ6NcpLV59rlg/rLPfX5iHg6Ir43c6ldryw16suj/vIDAAAAzokrPdf//5zpXP8DAAAAY2Z21AkAAAAAj53rfwAAABh/rv8BAABgrH31zTezKe3+/vXy2zvbdxpv31iubd2prG0vVZYamxuVlUZjpf3MvrWT9ldvNDY+F+vbd6vN2lazenVn99ZaY3u9eWs1pk6lQQAAAMART3/y3u+TiGh9/lJ7ykyOOingVEzsl5J8XtD7//BUZ/7eKSUFnIoLA7zmvYvFy50nwNk20bugT18Hxk951AkAI5ecsL7v4J3fdGalIecDAAAM37VPFN//P/l8vuWUH844nRjOr577/+nMqBIBTl37/v+gA3mcLMBYKQ80AhAYZx/2/v/J0vShEgIAAIZuuj0lpUr+9d50lEqVSsTV9s8ClJPbq/XazYh4KiJ+N1O+mNXn2lsmJ14zAAAAAAAAAAAAAAAAAAAAAAAAAAAdaZpECgAAAIy1iNKfk191nuV/bebF6d7vByaTf7d/EngyIt750Vs/uLvYbG7OZcv/vr+8+cN8+cuj+AYDAAAA6NW9Tm/P/zXqbAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYN+8/eHepOw3w8kvDivvXL0bEbFH8iZhqz6eiHBGX/5HExKHtkoi4MIT4rb2I+HhR/CRLaz9kUfxhvAmtvaSVthXGj9n8XSiKf2UI8eE8u5cdf94o6v+leL49L+5/ExH/V39U/Y9/sX/8u9Cn/18dMMYz939e7Rt/L+KZieLjXzd+0if+CwPG/8bXd3f7rUt/HHGt+/nTPuIdjnBQqjbXNqpbO7s3VtcWV2ortfX5+blXF15beGXhZvX2ar2W/1sY47vP/uKD49p/ufDzL8mz6d/+Fwv2V/SZ9N/7dx98tFtpHY1//YWC+L/+Sf6Ko/FLeZxP5+Vs/bVuudUpH/bcz3773HHtXz5of/lh/v+v99tpryMd5dlB/3QAgMdga2f3zmK9Xtsc20J2lf4EpPEohcl4ItIY38K3s8L9Ye0wTdM061MFq+5FxCD7SWLILS0V53NQ6HsEGPWRCQAAGLaDk/5RZwIAAAAAAAAAAAAAAAAAAADn12k8Za035sEjkJNhPEIbAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAo/hcAAP//Yw3Xfw==") connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e) unshare(0x62040200) stat(&(0x7f0000003440)='./file0\x00', &(0x7f0000003480)) newfstatat(0xffffffffffffff9c, 0x0, &(0x7f0000000100), 0x1000) 4.086821282s ago: executing program 1 (id=962): bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000640), &(0x7f0000000080), 0x8000}, 0x38) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000cc0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc0200000000000000ae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fc40848228567ffb400000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df2624f56da648d28ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71400fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada10eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff00000000000f000000ef0000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18aba6b16455a66c3b84b138efc20a546d3d5227e23b03f2a834391ade2ff3e93ee296c4082ee73e7c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0847a1ff2f7fc3c2b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f05c7f0be31491eb8c9ff68236c8600040000000000000000000066e034c81c3cab64e4fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f224baf1221c15fa12313ffbfa7c2730309f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca205081173bd03c4754fc4674812daab482fd390a1c903b5d28a1eb247b5837d7603b92495d5c569f6433c3fca5206cb0000003fdbbd3892c52c2e7612e05de32322e980a3d69931e2c9312dd517c96f2ee90362476ed853c4c9b7d4ebf13cbaa795860e92a3d7d004f2c491db38eb769f094d5d48b262cc35c40682138cf13a49aa9f27abec00002f01ba1251aaf2385416ca719300"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x70) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) clock_nanosleep(0x2, 0x0, &(0x7f0000000180)={0x0, 0x3938700}, 0x0) 4.085329642s ago: executing program 3 (id=963): r0 = socket(0x10, 0x3, 0x6) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x80000001, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000340)='kfree\x00', r1}, 0x18) r2 = socket(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000040)={'team0\x00', 0x0}) sendmsg$nl_route_sched(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=@newqdisc={0x90, 0x24, 0xf0b, 0x70bd26, 0x25dfdbfb, {0x0, 0x0, 0x0, r3, {0x0, 0xffff}, {0xffff, 0xffff}, {0x0, 0xb}}, [@qdisc_kind_options=@q_mqprio={{0xb}, {0x58, 0x2, {{0x2, [], 0x0, [0x4, 0x2, 0xfffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c4, 0x0, 0x0, 0x2, 0x2], [0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x1000]}}}}, @TCA_RATE={0x6, 0x5, {0x0, 0x1}}]}, 0x90}, 0x1, 0x0, 0x0, 0x10000001}, 0x20008010) 3.103523949s ago: executing program 1 (id=964): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0xd06d000) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xb, 0x0, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) add_key$user(&(0x7f00000001c0), &(0x7f0000000080)={'syz', 0x3}, &(0x7f0000000100)="d8", 0x1, 0x0) shutdown(0xffffffffffffffff, 0x0) read(0xffffffffffffffff, &(0x7f0000000100)=""/135, 0x87) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000080)={@dev, 0x400, 0x0, 0xff, 0x1}, 0x20) setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x4000000000000, 0x40, &(0x7f00000006c0)=@raw={'raw\x00', 0x4001, 0x3, 0x3e8, 0x0, 0x0, 0x148, 0x158, 0x148, 0x350, 0x240, 0x240, 0x350, 0x240, 0x7fffffe, 0x0, {[{{@ip={@private=0xa010102, @local, 0x0, 0x0, 'ip6gretap0\x00', 'dummy0\x00', {}, {}, 0x88, 0x3, 0x10}, 0x0, 0xf8, 0x158, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'wg1\x00', {0x0, 0x0, 0x1ff, 0x100000, 0x0, 0xea, 0x7}}}, @common=@unspec=@connmark={{0x30}, {0xfffffff9, 0x8}}]}, @common=@CLUSTERIP={0x60, 'CLUSTERIP\x00', 0x0, {0x0, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, 0x85d, 0xf, [0x10, 0x32, 0x1e, 0x32, 0x2b, 0x25, 0x3f, 0x17, 0x19, 0x22, 0x29, 0x3d, 0x7, 0x3f, 0x1e, 0x31], 0x0, 0x2, 0x2}}}, {{@ip={@rand_addr=0x64010101, @local, 0xff, 0x0, 'wg0\x00', 'lo\x00', {0xff}, {}, 0x2e, 0x3, 0x4}, 0x0, 0x190, 0x1f8, 0x0, {}, [@common=@inet=@recent0={{0xf8}, {0x8, 0x9, 0x1, 0x1, 'syz1\x00', 0x2}}, @inet=@rpfilter={{0x28}, {0x8}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0xfff, 0x7e, 0x1c, 'netbios-ns\x00', 'syz0\x00', {0x3}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x448) setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000480)=@raw={'raw\x00', 0x8, 0x3, 0x3f0, 0xc8, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x320, 0xffffffff, 0xffffffff, 0x320, 0xffffffff, 0x3, 0x0, {[{{@uncond, 0x0, 0xa8, 0xc8}, @unspec=@TRACE={0x20}}, {{@ipv6={@empty, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00', {}, {}, 0x33}, 0x0, 0x238, 0x258, 0x0, {}, [@common=@unspec=@quota={{0x38}, {0x1, 0x0, 0x7, {0x4}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x7, 0x69, 0x4, 0x0, 0x1000, 0x6, 0x3}}}]}, @unspec=@NOTRACK={0x20}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x450) unshare(0x28000600) sendmsg$inet(0xffffffffffffffff, 0x0, 0x48844) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000340)=ANY=[@ANYRES8], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10) move_pages(0x0, 0x20a0, &(0x7f0000000040), &(0x7f0000001180), &(0x7f0000000000), 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x50) 2.538691132s ago: executing program 1 (id=965): getxattr(0x0, &(0x7f0000000100)=@known='security.selinux\x00', &(0x7f0000000340)=""/4096, 0x1000) r0 = syz_io_uring_setup(0x33e5, &(0x7f0000000140)={0x0, 0xaee2, 0x0, 0x4, 0x1f9}, &(0x7f0000000000)=0x0, &(0x7f00000001c0)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) bpf$MAP_CREATE(0x0, 0x0, 0x50) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, r0, 0x0, &(0x7f0000000040)='./file0\x00', 0x64, 0x183000, 0x12345}) r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/tty/drivers\x00', 0x0, 0x0) read$rfkill(r3, &(0x7f0000000040), 0x8) io_uring_enter(r0, 0x47f6, 0x0, 0x0, 0x0, 0x0) 2.418106497s ago: executing program 2 (id=966): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000340)='kmem_cache_free\x00', r0, 0x0, 0xffffffffffffffff}, 0x18) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0) fcntl$lock(r1, 0x26, &(0x7f0000000000)={0x1}) fcntl$lock(r1, 0x25, &(0x7f0000000140)={0x2, 0x2, 0x5, 0x80000000}) 2.292115834s ago: executing program 2 (id=967): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001440)={0x18, 0xb, &(0x7f0000000880)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0xc, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x10000}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='kfree\x00', r0}, 0x18) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)=@newtaction={0x64, 0x30, 0xb, 0x0, 0x25dfdbfb, {}, [{0x50, 0x1, [@m_ct={0x4c, 0x1, 0x0, 0x0, {{0x7}, {0x24, 0x2, 0x0, 0x1, [@TCA_CT_MARK={0x8, 0x10, 0x8}, @TCA_CT_PARMS={0x18, 0x1, {0x0, 0x20, 0x3}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x64}}, 0x0) 2.156932221s ago: executing program 3 (id=968): r0 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'syz_tun\x00', 0x0}) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x6, 0x4, &(0x7f0000000240)=ANY=[@ANYBLOB="18020000200000000000000000000000850000004100000095000000000000004be98911ed5a3cf4451d51e400827eef4df9eb3fd52b8f0a456c3a6cfd127868ad3fe3f9a9b946c97f9fc091e4c3f4b0a0d7ed298717a480c48868562f04005972b6a5265519fee4cb1b8b93f0b164770fd40c7a8060ce72beff7cda177e28a1a97b2c8c56a3f15b2f7a9b7ae2cf52d08555d3c3315e95095217bff8c9441a45fd00000000000000979ed4e35d21d13d428af521c553b9420385390207dc1634aee0244045e5c380e6090329d37b29a56c16d5c7bee160b91246bd2c205047bd92581165c774b1fd46072c161f1d33e6d5c1a5db7a714e3ed5468408f279bd9f98ec3c5ffd79cd37810f03000000b65d147fa05253a600adfb03775847b220369339529d434f3190c81c3dd501a780cfaaaa916c8a33ee4b52d18e160428893f33d206d3a7195e7f69c831099bdc940000aa2c2e61509bf6c58b100000000000000000000000005e3210346531c1eb14fbec6eb35d6f3e3853512c6bf186bd8b75d17aeeaa07"], &(0x7f00000000c0)='GPL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, '\x00', 0x0, @xdp}, 0x70) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000040)={r2, r1, 0x25, 0x0, @void}, 0x10) syz_emit_ethernet(0x7a, &(0x7f0000000c40)=ANY=[], 0x0) 2.046312626s ago: executing program 2 (id=969): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000001cc0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10) set_robust_list(&(0x7f00000003c0), 0x18) 1.984137983s ago: executing program 3 (id=970): bind$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x2, 0x4e20, @broadcast}, 0x10) r0 = syz_open_dev$sg(&(0x7f0000000740), 0x0, 0x18b203) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$SG_IO(r1, 0x2285, &(0x7f0000000040)={0x53, 0xfffffffe, 0x0, 0x0, @buffer={0x2, 0x51, &(0x7f00000000c0)=""/81}, 0x0, 0x0, 0x300, 0x0, 0x0, 0x0}) 1.966889636s ago: executing program 4 (id=971): pipe2$9p(0x0, 0x0) io_setup(0x9, &(0x7f0000000240)=0x0) r1 = eventfd2(0x4000007, 0x0) io_submit(r0, 0x1, &(0x7f0000000380)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0xff45, 0xffffffffffffffff, &(0x7f0000000080)="d1", 0x1, 0x7, 0x0, 0x5, r1}]) r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) close_range(r2, 0xffffffffffffffff, 0x0) 1.888062616s ago: executing program 3 (id=972): bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000640), &(0x7f0000000080), 0x8000}, 0x38) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000cc0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc0200000000000000ae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fc40848228567ffb400000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df2624f56da648d28ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71400fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada10eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff00000000000f000000ef0000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18aba6b16455a66c3b84b138efc20a546d3d5227e23b03f2a834391ade2ff3e93ee296c4082ee73e7c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0847a1ff2f7fc3c2b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f05c7f0be31491eb8c9ff68236c8600040000000000000000000066e034c81c3cab64e4fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f224baf1221c15fa12313ffbfa7c2730309f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca205081173bd03c4754fc4674812daab482fd390a1c903b5d28a1eb247b5837d7603b92495d5c569f6433c3fca5206cb0000003fdbbd3892c52c2e7612e05de32322e980a3d69931e2c9312dd517c96f2ee90362476ed853c4c9b7d4ebf13cbaa795860e92a3d7d004f2c491db38eb769f094d5d48b262cc35c40682138cf13a49aa9f27abec00002f01ba1251aaf2385416ca719300"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x70) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) clock_nanosleep(0x2, 0x0, &(0x7f0000000180)={0x0, 0x3938700}, 0x0) 1.767860701s ago: executing program 2 (id=973): r0 = socket$nl_generic(0x10, 0x3, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xf, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000300000085"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x8, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r1, 0x0, 0x1}, 0x18) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) syz_genetlink_get_family_id$ethtool(&(0x7f0000000240), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_LINKMODES_SET(0xffffffffffffffff, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000000)='kmem_cache_free\x00'}, 0x10) syz_mount_image$vfat(&(0x7f0000001200), &(0x7f0000001240)='./file0\x00', 0x0, &(0x7f0000002480)=ANY=[@ANYBLOB="00e789da34e04a1ffb124b2c2fb684c70b90bbb45efd97899a16f2df4fa2e8f06ac2c5352509e3c51d882eb3ec0dd3b1c96e980163890d2d0d1b8d3d62f6d77b0209e166e2ca4c35483d49316daf522556a16cab12d75a852bc680da7ea837480feb2060a1e20a59b7745235030000004ed0351cb5b416ba1c57217be5a338392f831617ee8c35bb61f0a9eeed3b1226b18c4b455ab222d7ae1b5258d5643d70000000000000000000ae468a387d9e63008000000000000063a454d1ab8760076a893752105f030c49caf2fdfe6bc9743a68593b576e2f2f6ab69e1b974ac90855ac250f8f73e16bc593730b88d7a3346b945e276875915040ce4901262cd8ce8191ee84e3ce5526a0a43b707cc711a3311f840cad641a013c6dd783aa895227b3d50a86e15a57e26666aaa296b7ddc4c8f421cf9d76d344bf6522f5d1138659d3de84ce13b085a2ed9d66c93767378423521cc4ea440e0ac3b953e1ca1675a716a97a5c3106aba648f119eeab4747b9b53000475e0a34514ccf397ea6f170e018122a98f135beac48d2ed195e20fdd226c7f5a20000ad1fcfbee59924e161280a8b78fe34b2fa3efa7c1d4268bf090000ecb4ece3234c232659fee3ff9e6d21e008a570bb490a65b84ea8b6d6507355cb1112fae6e3456bf8da53e1df20458e59456822dbb8dbd7ce0f928d5fbd6414fe8ab5277f3fd5ce6be044993f93e697a69484cc0e65ec742443c84e21a440998c8d69c12c2db7aee2872c6e0671d639e8f6bece219dcd0f69b9867dfc3187c882c035809c81832d7416f90c734be30c2faf0c22bfc8d95dfc7b9bac96b838c98ae5a75b9dc9e967ef5edf311bbebd7ca803cea8f5b9ec5b3edd6c44d633b71bde97a3c10a468432ff3d4e63ce3ecfa640d44b70b68744d26e72389e6c61767725d2c692443bc949c28b1a374e541bd352ca2f3bf64d883862dc24d8e27d86b6e38bc269f110c3d563f8e4ec9a98016b6b58157deeefa8fa022514bdc75f794094700cb8fa2b61310cbf9058bce5f2399055929e0fc732e0d5db926fe1b09a2993ff038d8099c229bda0801f8b81719d73b4abac97f704a0942051bae38b00b69d7fa69d738f99f73b19082ec0c99442d97ddbf68a4822aa2a2673478f81f14f67beee619b9d9882f7eabfb5000000000000000000003ff8795b5ec2de11479e781396117c84449647684239c9b9475b389a6a76d36c31f39539d928d2c58f188b4bf713d0915df4cc7de48a930935dbb01c9422d604467d209fd1421c7fc503cabde4bb193ff3654377c6e4fb72dcfc835f760bae7447068c2e43433e3d77c6805b559a04f3ebb741a9bbf57274b1da7800000000000000000000000000000000000000001c4f225672f3465b2638e921d80d58dca4ee4592d8cc0c06b2e390b7b1c713a46bc8ece9be25f055a59032576bc00a844c32b46040a607eaeb886ec0cb8e90c5a4075caa8a358ab81e78ad794a20f772b73466a43cd696401521793e54b1c4aa58d506b661f393e7233337473f36c2dbb15ae673afe82ebe45cc6f776162e43b74d9b9ca6f68d6bc8261600b27431e0f6f4f1e0947f69d2d812ebc9d2a8869b14a84dbdcdc5055b97a241e2f707740bb966b6c58408aceb9f6a943f614d2a6093c60c0dfb511b02f191ef6fa6e5a1a86687a44ec6098439a2ef55a4ba07e2b0f62ae86e1458f63f6b8b2d2b9990495f17b6d1052b19472a97d41204a8be48e380be2e6885c7de0807f2c154ad4f25b16027bc4aeb85dc798e7eef25631bfd79c8e0aff725dcd4b91c61bf8d72f74e4dbae"], 0x1, 0x11f4, &(0x7f0000001280)="$eJzs3M+LG2UYB/DHbWvr1v2h1moL0he96GXo7sGLgiyyBWlAaRuhFYSpO9GQMQmZsBARV09e/TvEozdBvOllL/4N3vbisQdxxMTapsRDqXTa8Plc8pD3/cLzkjDwDvPO0ZvffNrrVFknH8fKE2/FyjAi3UqRYiVu+zJee+PnX166ev3G5Z1Wa/dKSpd2rm29nlJav/DjB59/9/JP49Pvf7/+w8k43Pzw6Pft3w7PHp47+vPaJ90qdavUH4xTnm4OBuP8ZlmkvW7Vy1J6ryzyqkjdflWM5sY75WA4nKS8v7e2OhwVVZXy/iT1ikkaD9J4NEn5x3m3n7IsS2urwYNof3urruuIuj4RT0Zd1/VTsRqn4+lYi/XYiM14Jp6N5+JMPB9n44V4Mc5NZzXdNwAAAAAAAAAAAAAAAAAAACyXBzr/f6Hh5gEAAAAAAAAAAAAAAAAAAGBJXL1+4/JOq7V7JaVTEeXX++399uxzNr7TiW6UUcTF2Ig/Ynr6f2ZWX3qntXsxTW3GV+XBP/mD/fax+fzW9HUCC/Nbs3yaz5+M1bvz27ERZxbntxfmT8Wrr9yVz2Ijfv0oBlHGXvydvZP/Yiult99t3ZM/P50HAAAAyyBL/1q4f8+y/xqf5e/j/sA9++vjcf54s2snopp81svLshg1XtzuaPbNQUQ8Io0tcXHi0Wjj/y2Ozf2Rmu/nMS2auybx8Nz50ZvuBAAAAAAAAAAAgPvxMB4nbHqNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/MUOHAsAAAAACPO3TqNjAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4KgAA//86R81g") open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x389b0d52417bb201) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00'}, 0x10) r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), r0) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="0100000000000000000003000000400001802c0004001400010002000000ac14140f00000000000000001400020002000000ffffff53a2513743897e44000d0001007564703aa3"], 0x54}}, 0x0) 1.740560415s ago: executing program 4 (id=974): ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kfree\x00', r0}, 0x10) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000500)={'syzkaller0\x00', 0x7101}) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0xa802, 0x0) close(r2) socket$netlink(0x10, 0x3, 0x0) ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f00000000c0)={'syzkaller0\x00', @broadcast}) r3 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) r5 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@gettclass={0x24, 0x2a, 0x129, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {0xb, 0xd}, {}, {0x8, 0xfff1}}}, 0x24}}, 0x40004) recvmmsg(r5, &(0x7f0000005140)=[{{0x0, 0x0, &(0x7f0000001a80)=[{&(0x7f0000000640)=""/216, 0xd8}, {&(0x7f00000052c0)=""/235, 0xeb}, {&(0x7f0000003080)=""/4096, 0x1000}], 0x3}, 0x3}], 0x1b00, 0x0, 0x0) 976.624673ms ago: executing program 3 (id=975): r0 = socket$inet_sctp(0x2, 0x5, 0x84) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000140)=ANY=[@ANYBLOB="1700000055"], 0x58}, 0x1, 0x0, 0x0, 0x4000000}, 0x80) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) close(r0) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000300)={0x0, 0x10, &(0x7f0000000280)=[@in={0x2, 0x4e24, @private=0xa010101}]}, &(0x7f0000000080)=0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x1d, &(0x7f0000000140)={0x1, [0x0]}, &(0x7f0000000240)=0x8) getsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(r0, 0x84, 0xa, &(0x7f0000000000)={0x6, 0x3, 0x201, 0xc58, 0x3, 0x4, 0x0, 0x9, r2}, &(0x7f0000000040)=0x20) 608.034252ms ago: executing program 1 (id=976): r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x121202, 0x0) r1 = syz_io_uring_setup(0xa8f, &(0x7f0000000500)={0x0, 0x7daf, 0x10, 0x8000, 0xb9}, &(0x7f0000000340)=0x0, &(0x7f0000000040)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cpuset.memory_pressure_enabled\x00', 0x275a, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_TEE={0x21, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0x1, 0x7}) write$UHID_CREATE2(r4, &(0x7f00000001c0)=ANY=[@ANYBLOB="06"], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r4, 0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x9, 0x6000, @fd=r4, 0x100, 0x0, 0x0, 0x1c}) io_uring_enter(r1, 0x627, 0xc1040000, 0x43, 0x0, 0x0) ioctl$TIOCVHANGUP(r0, 0x5437, 0x2) 554.349828ms ago: executing program 1 (id=977): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="0700000004000000080200000e"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7030000ec000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x5, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x28, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r1}, 0x18) setrlimit(0x9, &(0x7f0000000080)={0x8606, 0xffff}) io_setup(0x8f0, &(0x7f0000002400)) 433.158834ms ago: executing program 1 (id=978): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001440)={0x18, 0xb, &(0x7f0000000880)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0xc, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x10000}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='kfree\x00', r0}, 0x18) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)=@newtaction={0x64, 0x30, 0xb, 0x0, 0x25dfdbfb, {}, [{0x50, 0x1, [@m_ct={0x4c, 0x1, 0x0, 0x0, {{0x7}, {0x24, 0x2, 0x0, 0x1, [@TCA_CT_MARK={0x8, 0x10, 0x8}, @TCA_CT_PARMS={0x18, 0x1, {0x0, 0x20, 0x3}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x64}}, 0x0) 0s ago: executing program 3 (id=979): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x30000c6, &(0x7f0000000080), 0x1, 0x561, &(0x7f0000000f80)="$eJzs3U1rG0cfAPD/ylbenycOhNCWUgw9NCWNHNt9SaGH9NyGBtp7KuyNCZajYMkhdgNNDs25hF5KA6X30nOPoV+gh36GQBsIJZj20IvLyivFL5ItJ7KtVL8frJnZXWl2NPsfz2gkFMDAGs3+FCJejoivk4jjEZHkx4YjPzi6et7yk1tT2ZbEysqnfyaN87J887majzuaZ16KiF++ijhT2FxubXFptlyppPN5fqw+d32strh09upceSadSa9NTE6ef2dy4v333u1ZXd+89Pe3nzwYynMn7iVxIY7lubX1eA6312ZGYzR/TYpxYcOJ4z0orJ8kbff+tOfXwc4M5XFejKwPOB5DedQD/31fRsQKMKCSHcf/b8XduRJgbzXHAc25fY/mwS+Mxx+uToA213949b2RONSYGx1ZTtbNjLL57kgPys/K+PmP+/eyLXr3PgTAtm7fiYhzw8Ob+78k7/+e3bkuztlYhv4P9s6DbPzzVrvxT6E1/ok245+jbWL3WWwf/4VHPSimo2z890Hb8W9r0WpkKM/9rzHmKyZXrlbSrG/7f0ScjuLBLL/Ves755YcrnY6tHf9lW1Z+cyyYX8ej4YPrHzNdrpefp85rPb4T8Urb8W/Sav+kTftnr8elLss4ld5/rdOx7eu/u1Z+iHijbfs/XdFKtl6fHGvcD2PNu2Kzv+6e+rVT+ftd/6z9j2xd/5Fk7XptbedlfH/onzRa68nrrat/dH//H0g+a6QP5Ptuluv1+fGIA8nHrf2F5v6Jp49t5pvnZ/U//frW/V+7+/9wRHzeZf3vnvzx1U7H+qH9p9u2f2t2u6H9d554+NEX33Uqv7v+7+1G6nS+p5v+r9sLfJ7XDgAAAAAAAPpNISKORVIotdKFQqm0+vmOk3GkUKnW6meuVBeuTUfju7IjUSw0V7qPr/k8xHi+YtjMT2zIT0bEiYj4ZuhwI1+aqlam97vyAAAAAAAAAAAAAAAAAAAA0CeOdvj+f+b3of2+OmDX+clvGFzbxn8vfukJ6Ev+/8PgEv8wuMQ/DC7xD4NL/MPgEv8wuMQ/DC7xDwAAAAAAAAAAAAAAAAAAAAAAAAAAAD116eLFbFtZfnJrKstP31hcmK3eODud1mZLcwtTpanq/PXSTLU6U0lLU9W57Z6vUq1eH5+IhZtj9bRWH6stLl2eqy5cq1++OleeSS+nxT2pFQAAAAAAAAAAAAAAAAAAALxYaotLs+VKJZ2XkHimxHB/XIZEjxP73TMBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwFP/BgAA//9q6zMB") r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{r0}, &(0x7f0000000800), &(0x7f0000000840)=r1}, 0x20) setreuid(0xee01, 0x0) setxattr$incfs_metadata(&(0x7f0000000240)='./file1\x00', &(0x7f0000000280), &(0x7f00000002c0)="30573472b621739991c336124406e8a5c812ca847e3bf9b837c91d46ab", 0x1d, 0x1) lsetxattr$trusted_overlay_upper(&(0x7f00000001c0)='./file1\x00', &(0x7f0000000180), &(0x7f0000000000)=ANY=[], 0x361, 0x0) kernel console output (not intermixed with test programs): adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 88.175949][ T5771] hsr_slave_0: entered promiscuous mode [ 88.182503][ T5771] hsr_slave_1: entered promiscuous mode [ 88.190077][ T5771] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 88.199717][ T5771] Cannot create hsr debugfs directory [ 88.229916][ T5767] hsr_slave_0: entered promiscuous mode [ 88.236779][ T5767] hsr_slave_1: entered promiscuous mode [ 88.242998][ T5767] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 88.251205][ T5767] Cannot create hsr debugfs directory [ 88.618312][ T5773] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 88.633017][ T5773] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 88.643105][ T5773] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 88.664750][ T5773] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 88.740863][ T5772] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 88.763476][ T5772] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 88.777852][ T5772] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 88.788579][ T5772] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 88.896291][ T5767] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 88.912186][ T5767] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 88.926389][ T5767] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 88.945914][ T5767] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 89.071911][ T5771] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 89.082345][ T5771] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 89.099977][ T5771] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 89.114838][ T5771] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 89.139347][ T5773] 8021q: adding VLAN 0 to HW filter on device bond0 [ 89.219226][ T5773] 8021q: adding VLAN 0 to HW filter on device team0 [ 89.260408][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 89.267893][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 89.282141][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 89.289299][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 89.396775][ T5772] 8021q: adding VLAN 0 to HW filter on device bond0 [ 89.452872][ T5772] 8021q: adding VLAN 0 to HW filter on device team0 [ 89.476078][ T5767] 8021q: adding VLAN 0 to HW filter on device bond0 [ 89.520609][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 89.527874][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 89.548969][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 89.556217][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 89.594709][ T5767] 8021q: adding VLAN 0 to HW filter on device team0 [ 89.618512][ T5771] 8021q: adding VLAN 0 to HW filter on device bond0 [ 89.668319][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 89.675654][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 89.685541][ T5780] Bluetooth: hci2: command tx timeout [ 89.691013][ T5780] Bluetooth: hci1: command tx timeout [ 89.722721][ T5772] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 89.733321][ T5772] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 89.762064][ T5771] 8021q: adding VLAN 0 to HW filter on device team0 [ 89.774273][ T5780] Bluetooth: hci3: command tx timeout [ 89.774293][ T5084] Bluetooth: hci0: command tx timeout [ 89.803805][ T60] bridge0: port 2(bridge_slave_1) entered blocking state [ 89.811089][ T60] bridge0: port 2(bridge_slave_1) entered forwarding state [ 89.860378][ T60] bridge0: port 1(bridge_slave_0) entered blocking state [ 89.867648][ T60] bridge0: port 1(bridge_slave_0) entered forwarding state [ 89.914361][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 89.921614][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 89.964667][ T5773] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 90.193921][ T5772] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 90.236377][ T5773] veth0_vlan: entered promiscuous mode [ 90.274835][ T5773] veth1_vlan: entered promiscuous mode [ 90.372339][ T5772] veth0_vlan: entered promiscuous mode [ 90.393352][ T5773] veth0_macvtap: entered promiscuous mode [ 90.414722][ T5772] veth1_vlan: entered promiscuous mode [ 90.449014][ T5773] veth1_macvtap: entered promiscuous mode [ 90.489956][ T5773] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 90.530895][ T5773] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 90.564261][ T5773] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.574499][ T5773] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.583878][ T5773] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.594089][ T5773] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.630738][ T5772] veth0_macvtap: entered promiscuous mode [ 90.658303][ T5771] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 90.670613][ T5772] veth1_macvtap: entered promiscuous mode [ 90.709004][ T5767] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 90.749638][ T5772] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 90.762537][ T5772] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 90.777756][ T5772] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 90.831698][ T5772] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 90.843782][ T5772] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 90.856425][ T5772] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 90.900087][ T5772] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.910015][ T1090] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 90.918623][ T1090] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 90.933500][ T5772] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.943423][ T5772] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.952495][ T5772] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 91.028996][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 91.043498][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 91.059703][ T5767] veth0_vlan: entered promiscuous mode [ 91.073719][ T5767] veth1_vlan: entered promiscuous mode [ 91.096362][ T5771] veth0_vlan: entered promiscuous mode [ 91.149825][ T5771] veth1_vlan: entered promiscuous mode [ 91.219683][ T5767] veth0_macvtap: entered promiscuous mode [ 91.238977][ T5767] veth1_macvtap: entered promiscuous mode [ 91.306534][ T4541] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 91.314600][ T4541] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 91.360272][ T5767] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 91.385114][ T5767] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 91.395078][ T5767] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 91.406841][ T5767] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 91.418725][ T5767] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 91.462210][ T5767] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 91.472920][ T5767] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 91.487126][ T5767] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 91.498534][ T5767] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 91.511455][ T5767] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 91.543039][ T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 91.552637][ T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 91.558930][ T5771] veth0_macvtap: entered promiscuous mode [ 91.577788][ T5767] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 91.590332][ T5767] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 91.599291][ T5767] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 91.609595][ T5767] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 91.672535][ T5771] veth1_macvtap: entered promiscuous mode [ 91.766215][ T5780] Bluetooth: hci2: command tx timeout [ 91.777430][ T5780] Bluetooth: hci1: command tx timeout [ 91.785096][ T5771] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 91.831959][ T5771] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 91.842845][ T5771] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 91.854413][ T5780] Bluetooth: hci0: command tx timeout [ 91.860041][ T5780] Bluetooth: hci3: command tx timeout [ 91.877070][ T5771] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 91.887114][ T5771] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 91.898301][ T5771] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 91.917306][ T5771] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 91.982514][ T5864] syzkaller0: entered promiscuous mode [ 91.988597][ T5864] syzkaller0: entered allmulticast mode [ 92.025795][ T5771] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 92.046034][ T5771] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 92.070159][ T5771] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 92.082749][ T5771] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 92.109457][ T5771] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 92.121492][ T5771] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 92.138400][ T5771] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 92.174597][ T5868] netlink: 'syz.2.3': attribute type 13 has an invalid length. [ 92.251301][ T1190] cfg80211: failed to load regulatory.db [ 92.477625][ T5868] bridge0: port 2(bridge_slave_1) entered disabled state [ 92.486288][ T5868] bridge0: port 1(bridge_slave_0) entered disabled state [ 92.798521][ T5868] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 92.846972][ T5868] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 93.368414][ T5868] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 93.377419][ T5868] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 93.387800][ T5868] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 93.397174][ T5868] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 93.569365][ T5868] syz.2.3 (5868) used greatest stack depth: 19760 bytes left [ 93.713148][ T28] audit: type=1326 audit(1768281654.321:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5885 comm="syz.2.6" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa21558f749 code=0x7ffc0000 [ 93.766336][ T28] audit: type=1326 audit(1768281654.351:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5885 comm="syz.2.6" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa21558f749 code=0x7ffc0000 [ 93.851944][ T28] audit: type=1326 audit(1768281654.461:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5885 comm="syz.2.6" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fa21558f749 code=0x7ffc0000 [ 93.858660][ T5084] Bluetooth: hci1: command tx timeout [ 93.878243][ T5780] Bluetooth: hci2: command tx timeout [ 93.891574][ T28] audit: type=1326 audit(1768281654.461:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5885 comm="syz.2.6" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa21558f749 code=0x7ffc0000 [ 93.913744][ T28] audit: type=1326 audit(1768281654.491:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5885 comm="syz.2.6" exe="/root/syz-executor" sig=0 arch=c000003e syscall=296 compat=0 ip=0x7fa21558f749 code=0x7ffc0000 [ 93.936186][ T5084] Bluetooth: hci3: command tx timeout [ 93.941919][ T28] audit: type=1326 audit(1768281654.491:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5885 comm="syz.2.6" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa21558f749 code=0x7ffc0000 [ 93.946553][ T5084] Bluetooth: hci0: command tx timeout [ 93.964581][ T28] audit: type=1326 audit(1768281654.491:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5885 comm="syz.2.6" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa21558f749 code=0x7ffc0000 [ 94.591083][ T5890] syz.2.7[5890]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set [ 94.637320][ T5890] loop2: detected capacity change from 0 to 512 [ 94.694988][ T5890] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 94.707929][ T5890] ext4 filesystem being mounted at /2/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 94.823409][ T28] audit: type=1800 audit(1768281655.431:9): pid=5890 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.7" name="bus" dev="loop2" ino=18 res=0 errno=0 [ 95.334094][ T5771] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.355441][ T5771] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.364188][ T5771] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.381424][ T5771] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.419064][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 95.436927][ T5772] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 95.464516][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 95.647393][ T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 95.653651][ T28] audit: type=1326 audit(1768281656.261:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5898 comm="syz.2.8" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa21558f749 code=0x7ffc0000 [ 95.682489][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 95.692129][ T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 95.714534][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 95.755139][ T28] audit: type=1326 audit(1768281656.291:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5898 comm="syz.2.8" exe="/root/syz-executor" sig=0 arch=c000003e syscall=65 compat=0 ip=0x7fa21558f749 code=0x7ffc0000 [ 95.852028][ T1316] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 95.889528][ T1316] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 96.058301][ T5904] netlink: 'syz.1.2': attribute type 10 has an invalid length. [ 96.069005][ T5897] syz.0.9 uses obsolete (PF_INET,SOCK_PACKET) [ 96.167035][ T5904] team0: Port device dummy0 added [ 96.406209][ T1090] Bluetooth: hci4: Frame reassembly failed (-84) [ 96.442369][ T1090] Bluetooth: hci4: Frame reassembly failed (-84) [ 96.833456][ T5917] netlink: 12 bytes leftover after parsing attributes in process `syz.2.11'. [ 97.687676][ T5917] syz.2.11 (5917) used greatest stack depth: 16200 bytes left [ 97.836814][ T5923] loop0: detected capacity change from 0 to 1024 [ 97.850714][ T5923] ======================================================= [ 97.850714][ T5923] WARNING: The mand mount option has been deprecated and [ 97.850714][ T5923] and is ignored by this kernel. Remove the mand [ 97.850714][ T5923] option from the mount to silence this warning. [ 97.850714][ T5923] ======================================================= [ 97.894594][ T5925] Illegal XDP return value 4294967274 on prog (id 19) dev syz_tun, expect packet loss! [ 97.912832][ T5923] EXT4-fs (loop0): stripe (4) is not aligned with cluster size (4096), stripe is disabled [ 97.962128][ T5923] EXT4-fs error (device loop0): ext4_map_blocks:608: inode #3: block 2: comm syz.0.14: lblock 2 mapped to illegal pblock 2 (length 1) [ 97.985742][ T5923] EXT4-fs error (device loop0): ext4_map_blocks:608: inode #3: block 48: comm syz.0.14: lblock 0 mapped to illegal pblock 48 (length 1) [ 98.005935][ T5923] EXT4-fs error (device loop0): ext4_acquire_dquot:6949: comm syz.0.14: Failed to acquire dquot type 0 [ 98.037041][ T5923] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5920: Corrupt filesystem [ 98.049517][ T5923] EXT4-fs error (device loop0): ext4_evict_inode:252: inode #11: comm syz.0.14: mark_inode_dirty error [ 98.078244][ T5923] EXT4-fs warning (device loop0): ext4_evict_inode:255: couldn't mark inode dirty (err -117) [ 98.088810][ T5930] loop3: detected capacity change from 0 to 512 [ 98.089578][ T5923] EXT4-fs (loop0): 1 orphan inode deleted [ 98.103010][ T5923] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 98.123088][ T49] EXT4-fs error (device loop0): ext4_map_blocks:608: inode #3: block 1: comm kworker/u4:3: lblock 1 mapped to illegal pblock 1 (length 1) [ 98.138853][ T5930] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 98.175708][ T5930] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 98.197984][ T49] EXT4-fs error (device loop0): ext4_release_dquot:6985: comm kworker/u4:3: Failed to release dquot type 0 [ 98.223816][ T5930] EXT4-fs (loop3): 1 truncate cleaned up [ 98.232024][ T5930] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 98.336578][ T5773] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 98.347506][ T49] EXT4-fs error (device loop0): ext4_map_blocks:608: inode #3: block 1: comm kworker/u4:3: lblock 1 mapped to illegal pblock 1 (length 1) [ 98.371634][ T49] EXT4-fs error (device loop0): ext4_release_dquot:6985: comm kworker/u4:3: Failed to release dquot type 0 [ 98.391579][ T5773] EXT4-fs error (device loop0): __ext4_get_inode_loc:4489: comm syz-executor: Invalid inode table block 1 in block_group 0 [ 98.406104][ T5780] Bluetooth: hci4: command 0x1003 tx timeout [ 98.412711][ T5084] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 98.445277][ T5773] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5920: Corrupt filesystem [ 98.457466][ T5773] EXT4-fs error (device loop0): ext4_quota_off:7233: inode #3: comm syz-executor: mark_inode_dirty error [ 98.745340][ T5937] netlink: 'syz.0.21': attribute type 10 has an invalid length. [ 98.826323][ T5937] team0: Port device dummy0 added [ 98.857408][ T5938] netlink: 'syz.0.21': attribute type 10 has an invalid length. [ 98.889041][ T5938] team0: Failed to send port change of device dummy0 via netlink (err -105) [ 98.998540][ T5938] team0: Failed to send options change via netlink (err -105) [ 99.029193][ T5771] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 99.031757][ T5938] team0: Failed to send port change of device dummy0 via netlink (err -105) [ 99.074797][ T5938] team0: Port device dummy0 removed [ 99.146325][ T5938] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 99.410810][ T5947] netlink: 4 bytes leftover after parsing attributes in process `syz.2.24'. [ 99.793676][ T5953] netlink: 28 bytes leftover after parsing attributes in process `syz.3.27'. [ 100.029949][ T5957] loop3: detected capacity change from 0 to 1024 [ 100.069982][ T5958] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 100.090516][ T5957] EXT4-fs (loop3): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 100.169580][ T5957] ext4 filesystem being mounted at /5/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 100.215149][ T5964] xt_hashlimit: max too large, truncated to 1048576 [ 100.226544][ T5964] xt_CT: You must specify a L4 protocol and not use inversions on it [ 100.482772][ T5969] loop1: detected capacity change from 0 to 128 [ 100.628193][ T5776] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 100.667551][ T5969] loop1: detected capacity change from 0 to 128 [ 100.675889][ T5776] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 100.847821][ T5969] syz.1.33: attempt to access beyond end of device [ 100.847821][ T5969] loop1: rw=2049, sector=138, nr_sectors = 112 limit=128 [ 100.970340][ T5969] syz.1.33: attempt to access beyond end of device [ 100.970340][ T5969] loop1: rw=524288, sector=138, nr_sectors = 112 limit=128 [ 101.010157][ T5969] syz.1.33: attempt to access beyond end of device [ 101.010157][ T5969] loop1: rw=0, sector=138, nr_sectors = 8 limit=128 [ 101.044340][ T5969] syz.1.33: attempt to access beyond end of device [ 101.044340][ T5969] loop1: rw=0, sector=138, nr_sectors = 8 limit=128 [ 101.077794][ T5969] syz.1.33: attempt to access beyond end of device [ 101.077794][ T5969] loop1: rw=0, sector=138, nr_sectors = 8 limit=128 [ 101.095172][ T5957] EXT4-fs error (device loop3): ext4_validate_block_bitmap:439: comm syz.3.29: bg 0: block 112: padding at end of block bitmap is not set [ 101.097235][ T5972] Zero length message leads to an empty skb [ 101.115917][ T5969] syz.1.33: attempt to access beyond end of device [ 101.115917][ T5969] loop1: rw=0, sector=138, nr_sectors = 8 limit=128 [ 101.116233][ T5969] syz.1.33: attempt to access beyond end of device [ 101.116233][ T5969] loop1: rw=0, sector=138, nr_sectors = 8 limit=128 [ 101.164339][ T5957] EXT4-fs (loop3): Remounting filesystem read-only [ 101.176300][ T5969] syz.1.33: attempt to access beyond end of device [ 101.176300][ T5969] loop1: rw=0, sector=138, nr_sectors = 8 limit=128 [ 101.191185][ T28] kauditd_printk_skb: 10 callbacks suppressed [ 101.191199][ T28] audit: type=1326 audit(1768281661.801:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5956 comm="syz.3.29" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f844cf8f749 code=0x7ffc0000 [ 101.223422][ T5969] syz.1.33: attempt to access beyond end of device [ 101.223422][ T5969] loop1: rw=0, sector=138, nr_sectors = 8 limit=128 [ 101.288340][ T5969] syz.1.33: attempt to access beyond end of device [ 101.288340][ T5969] loop1: rw=0, sector=138, nr_sectors = 8 limit=128 [ 101.325784][ T28] audit: type=1326 audit(1768281661.851:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5956 comm="syz.3.29" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f844cf8f749 code=0x7ffc0000 [ 101.413603][ T28] audit: type=1326 audit(1768281661.851:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5956 comm="syz.3.29" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f844cf8f749 code=0x7ffc0000 [ 101.437197][ T28] audit: type=1326 audit(1768281661.851:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5956 comm="syz.3.29" exe="/root/syz-executor" sig=0 arch=c000003e syscall=289 compat=0 ip=0x7f844cf8f749 code=0x7ffc0000 [ 101.460384][ T28] audit: type=1326 audit(1768281661.851:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5956 comm="syz.3.29" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f844cf8f749 code=0x7ffc0000 [ 101.483740][ T28] audit: type=1326 audit(1768281661.851:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5956 comm="syz.3.29" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f844cf8f749 code=0x7ffc0000 [ 101.527660][ T28] audit: type=1326 audit(1768281661.851:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5956 comm="syz.3.29" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f844cf8f749 code=0x7ffc0000 [ 101.575968][ T28] audit: type=1326 audit(1768281661.861:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5956 comm="syz.3.29" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f844cf8f749 code=0x7ffc0000 [ 101.637297][ T28] audit: type=1326 audit(1768281661.861:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5956 comm="syz.3.29" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f844cf8f749 code=0x7ffc0000 [ 101.725381][ T28] audit: type=1326 audit(1768281661.861:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5956 comm="syz.3.29" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f844cf8f749 code=0x7ffc0000 [ 101.796097][ T5771] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 102.073487][ T5984] geneve2: entered promiscuous mode [ 102.098811][ T5984] team0: Device geneve2 is up. Set it down before adding it as a team port [ 102.108207][ T5986] loop1: detected capacity change from 0 to 512 [ 102.145736][ T5986] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 102.174443][ T5986] EXT4-fs (loop1): 1 truncate cleaned up [ 102.182705][ T5986] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 103.259600][ T6003] netlink: 12 bytes leftover after parsing attributes in process `syz.3.44'. [ 104.031253][ T5767] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 104.052506][ T6003] platform regulatory.0: loading /lib/firmware/regulatory.db failed with error -12 [ 104.065236][ T6003] platform regulatory.0: Direct firmware load for regulatory.db failed with error -12 [ 104.075610][ T6003] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 104.344885][ T6013] random: crng reseeded on system resumption [ 106.261816][ T6034] loop1: detected capacity change from 0 to 512 [ 106.314536][ T6034] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 106.386949][ T6034] EXT4-fs error (device loop1): ext4_orphan_get:1398: inode #15: comm syz.1.53: inode has both inline data and extents flags [ 106.486923][ T6034] EXT4-fs error (device loop1): ext4_orphan_get:1403: comm syz.1.53: couldn't read orphan inode 15 (err -117) [ 106.534083][ T6043] loop3: detected capacity change from 0 to 512 [ 106.548434][ T6034] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 106.593149][ T6043] __quota_error: 20 callbacks suppressed [ 106.593167][ T6043] Quota error (device loop3): v2_read_file_info: Free block number 1 out of range (1, 6). [ 106.662291][ T6043] EXT4-fs warning (device loop3): ext4_enable_quotas:7184: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 106.712711][ T6043] EXT4-fs (loop3): mount failed [ 106.836645][ T5767] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 106.902268][ T28] audit: type=1326 audit(1768281667.501:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6049 comm="syz.2.59" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa21558f749 code=0x7ffc0000 [ 106.975391][ T28] audit: type=1326 audit(1768281667.501:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6049 comm="syz.2.59" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa21558f749 code=0x7ffc0000 [ 107.012287][ T28] audit: type=1326 audit(1768281667.541:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6049 comm="syz.2.59" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa21558f749 code=0x7ffc0000 [ 107.039578][ T28] audit: type=1326 audit(1768281667.541:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6049 comm="syz.2.59" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa21558f749 code=0x7ffc0000 [ 107.071179][ T28] audit: type=1326 audit(1768281667.541:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6049 comm="syz.2.59" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa21558f749 code=0x7ffc0000 [ 107.097558][ T28] audit: type=1326 audit(1768281667.541:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6049 comm="syz.2.59" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa21558f749 code=0x7ffc0000 [ 107.134046][ T28] audit: type=1326 audit(1768281667.541:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6049 comm="syz.2.59" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa21558f749 code=0x7ffc0000 [ 107.160274][ T28] audit: type=1326 audit(1768281667.541:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6049 comm="syz.2.59" exe="/root/syz-executor" sig=0 arch=c000003e syscall=88 compat=0 ip=0x7fa21558f749 code=0x7ffc0000 [ 107.194672][ T28] audit: type=1326 audit(1768281667.541:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6049 comm="syz.2.59" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa21558f749 code=0x7ffc0000 [ 107.668327][ T6067] loop2: detected capacity change from 0 to 128 [ 107.761018][ T6067] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback. [ 107.862605][ T6067] ext4 filesystem being mounted at /19/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 108.411430][ T5772] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 109.027031][ T6085] serio: Serial port ptm0 [ 109.190783][ T6095] syz.1.77[6095] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 109.190964][ T6095] syz.1.77[6095] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 109.235234][ T6095] netlink: 4 bytes leftover after parsing attributes in process `syz.1.77'. [ 109.566642][ T6100] syz.0.79[6100] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 109.566949][ T6100] syz.0.79[6100] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 110.185117][ T6120] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 110.226015][ T6119] netlink: 'syz.2.86': attribute type 21 has an invalid length. [ 110.256330][ T6119] netlink: 'syz.2.86': attribute type 1 has an invalid length. [ 110.273257][ T6119] netlink: 144 bytes leftover after parsing attributes in process `syz.2.86'. [ 110.478457][ T6128] loop2: detected capacity change from 0 to 128 [ 110.515882][ T6128] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 111.100942][ T6150] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) ! [ 111.130537][ T6150] netlink: 8 bytes leftover after parsing attributes in process `syz.0.100'. [ 111.156543][ T6150] syz_tun: entered promiscuous mode [ 111.174498][ T6138] serio: Serial port ptm0 [ 111.200888][ T6146] loop2: detected capacity change from 0 to 8192 [ 111.333493][ T6146] $Hÿ: renamed from bond0 [ 111.357678][ T6146] $Hÿ: entered promiscuous mode [ 111.375483][ T6146] bond_slave_0: entered promiscuous mode [ 111.392369][ T6146] bond_slave_1: entered promiscuous mode [ 112.239505][ T6180] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 112.519624][ T6186] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(3) [ 112.526502][ T6186] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 112.557729][ T6186] vhci_hcd vhci_hcd.0: Device attached [ 112.586755][ T6188] vhci_hcd: connection closed [ 112.588655][ T49] vhci_hcd: stop threads [ 112.608027][ T49] vhci_hcd: release socket [ 112.621530][ T49] vhci_hcd: disconnect device [ 112.923883][ T6197] loop1: detected capacity change from 0 to 512 [ 112.939518][ T6197] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 112.987903][ T6197] EXT4-fs warning (device loop1): ext4_expand_extra_isize_ea:2852: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 113.062108][ T6197] EXT4-fs (loop1): 1 truncate cleaned up [ 113.071387][ T6197] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 113.488216][ T6208] netlink: 16 bytes leftover after parsing attributes in process `syz.1.115'. [ 113.660135][ T5767] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 113.708082][ T6213] (unnamed net_device) (uninitialized): Unable to set peer notification delay as MII monitoring is disabled [ 113.937999][ T6221] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 114.730579][ T6218] Bluetooth: hci0: Opcode 0x0c03 failed: -4 [ 115.193551][ T6249] netlink: 4 bytes leftover after parsing attributes in process `syz.3.136'. [ 115.437938][ T28] kauditd_printk_skb: 30 callbacks suppressed [ 115.437953][ T28] audit: type=1326 audit(1768281676.051:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6253 comm="syz.1.139" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca5778f749 code=0x7ffc0000 [ 115.534626][ T28] audit: type=1326 audit(1768281676.091:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6253 comm="syz.1.139" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca5778f749 code=0x7ffc0000 [ 115.595560][ T28] audit: type=1326 audit(1768281676.091:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6253 comm="syz.1.139" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca5778f749 code=0x7ffc0000 [ 115.715559][ T28] audit: type=1326 audit(1768281676.091:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6253 comm="syz.1.139" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fca5778f749 code=0x7ffc0000 [ 115.801363][ T28] audit: type=1326 audit(1768281676.101:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6253 comm="syz.1.139" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca5778f749 code=0x7ffc0000 [ 115.831960][ T28] audit: type=1326 audit(1768281676.101:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6253 comm="syz.1.139" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca5778f749 code=0x7ffc0000 [ 115.861792][ T28] audit: type=1326 audit(1768281676.101:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6253 comm="syz.1.139" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca5778f749 code=0x7ffc0000 [ 115.917277][ T28] audit: type=1326 audit(1768281676.101:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6253 comm="syz.1.139" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fca5778f749 code=0x7ffc0000 [ 115.947177][ T28] audit: type=1326 audit(1768281676.101:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6253 comm="syz.1.139" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca5778f749 code=0x7ffc0000 [ 116.024873][ T28] audit: type=1326 audit(1768281676.101:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6253 comm="syz.1.139" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca5778f749 code=0x7ffc0000 [ 116.381012][ T6267] Falling back ldisc for ptm0. [ 116.541201][ T6269] loop1: detected capacity change from 0 to 2048 [ 116.597168][ T6269] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 116.671199][ T6269] EXT4-fs (loop1): failed to initialize system zone (-117) [ 116.696711][ T6269] EXT4-fs (loop1): mount failed [ 116.718493][ T6275] netlink: 'syz.3.148': attribute type 10 has an invalid length. [ 116.841408][ T6275] team0: Port device dummy0 added [ 116.856608][ T6279] netlink: 'syz.3.148': attribute type 10 has an invalid length. [ 117.009107][ T6279] team0: Port device dummy0 removed [ 117.029553][ T6279] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 117.039194][ T11] tipc: Subscription rejected, illegal request [ 117.630364][ T6301] loop2: detected capacity change from 0 to 1024 [ 117.718194][ T6301] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 118.104922][ T5772] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 118.131344][ T6311] loop3: detected capacity change from 0 to 512 [ 118.155251][ T6311] EXT4-fs: Ignoring removed bh option [ 118.196745][ T6311] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem [ 118.307342][ T6311] EXT4-fs (loop3): 1 truncate cleaned up [ 118.347092][ T6311] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 118.680624][ T6324] netlink: 'syz.2.158': attribute type 1 has an invalid length. [ 118.847950][ T6324] 8021q: adding VLAN 0 to HW filter on device bond0 [ 118.856176][ T6326] netlink: 32 bytes leftover after parsing attributes in process `syz.2.158'. [ 118.884597][ T6328] bond0: (slave gretap1): making interface the new active one [ 118.898594][ T6328] bond0: (slave gretap1): Enslaving as an active interface with an up link [ 119.151533][ T5771] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 121.319758][ T6366] Bluetooth: hci0: Opcode 0x0c03 failed: -4 [ 121.642050][ T28] kauditd_printk_skb: 55 callbacks suppressed [ 121.642065][ T28] audit: type=1326 audit(1768281682.251:152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6381 comm="syz.2.168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa21558f749 code=0x7ffc0000 [ 121.695145][ T28] audit: type=1326 audit(1768281682.251:153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6381 comm="syz.2.168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa21558f749 code=0x7ffc0000 [ 121.748585][ T28] audit: type=1326 audit(1768281682.361:154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6381 comm="syz.2.168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=233 compat=0 ip=0x7fa21558f749 code=0x7ffc0000 [ 121.845546][ T28] audit: type=1326 audit(1768281682.361:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6381 comm="syz.2.168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa21558f749 code=0x7ffc0000 [ 121.945094][ T28] audit: type=1326 audit(1768281682.361:156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6381 comm="syz.2.168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa21558f749 code=0x7ffc0000 [ 122.422156][ T6391] syz.2.172[6391] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 122.422302][ T6391] syz.2.172[6391] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 122.471764][ T6391] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 122.885605][ T28] audit: type=1326 audit(1768281683.491:157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6395 comm="syz.2.174" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa21558f749 code=0x7ffc0000 [ 122.975505][ T28] audit: type=1326 audit(1768281683.491:158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6395 comm="syz.2.174" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa21558f749 code=0x7ffc0000 [ 123.042823][ T28] audit: type=1326 audit(1768281683.491:159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6395 comm="syz.2.174" exe="/root/syz-executor" sig=0 arch=c000003e syscall=282 compat=0 ip=0x7fa21558f749 code=0x7ffc0000 [ 123.097837][ T28] audit: type=1326 audit(1768281683.491:160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6395 comm="syz.2.174" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa21558f749 code=0x7ffc0000 [ 123.182912][ T28] audit: type=1326 audit(1768281683.491:161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6395 comm="syz.2.174" exe="/root/syz-executor" sig=0 arch=c000003e syscall=439 compat=0 ip=0x7fa21558f749 code=0x7ffc0000 [ 123.215830][ T6400] tipc: Can't bind to reserved service type 0 [ 123.527747][ T6408] netlink: 4 bytes leftover after parsing attributes in process `syz.1.180'. [ 123.800771][ T6415] loop2: detected capacity change from 0 to 512 [ 123.850439][ T6415] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 123.906869][ T6415] EXT4-fs (loop2): 1 truncate cleaned up [ 123.913978][ T6415] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 124.032091][ T6421] netlink: 4 bytes leftover after parsing attributes in process `syz.1.185'. [ 124.073457][ T6415] netlink: 8 bytes leftover after parsing attributes in process `syz.2.183'. [ 124.076078][ T6421] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 124.101616][ T6421] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 124.105025][ T6415] netlink: 312 bytes leftover after parsing attributes in process `syz.2.183'. [ 124.123172][ T6421] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 124.132013][ T6421] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 124.147434][ T6415] netlink: 8 bytes leftover after parsing attributes in process `syz.2.183'. [ 124.169101][ T6425] netlink: 64 bytes leftover after parsing attributes in process `syz.2.183'. [ 124.250636][ T6423] netlink: 'syz.3.186': attribute type 10 has an invalid length. [ 124.274806][ T5772] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 124.287180][ T6423] bond0: (slave dummy0): Releasing backup interface [ 124.309772][ T6423] team0: Port device dummy0 added [ 124.326299][ T6424] netlink: 'syz.3.186': attribute type 10 has an invalid length. [ 124.412258][ T6424] team0: Port device dummy0 removed [ 124.427818][ T6424] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 124.938965][ T6439] netlink: 4 bytes leftover after parsing attributes in process `syz.3.193'. [ 125.168616][ T6444] loop1: detected capacity change from 0 to 128 [ 125.370725][ T6449] netlink: 4 bytes leftover after parsing attributes in process `syz.2.198'. [ 125.405576][ T6449] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 125.426750][ T6449] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 127.178996][ T6485] loop3: detected capacity change from 0 to 736 [ 127.649234][ T6491] netlink: 4 bytes leftover after parsing attributes in process `syz.3.216'. [ 128.173600][ T6506] netlink: 'syz.1.223': attribute type 10 has an invalid length. [ 128.337411][ T6509] netlink: 'syz.1.223': attribute type 10 has an invalid length. [ 128.378343][ T6509] team0: Port device dummy0 removed [ 128.394586][ T6509] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 128.609696][ T6512] netlink: 24 bytes leftover after parsing attributes in process `syz.1.224'. [ 129.377113][ T6518] loop1: detected capacity change from 0 to 8192 [ 129.616173][ T6520] mmap: syz.2.228 (6520) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 130.691059][ T28] kauditd_printk_skb: 183 callbacks suppressed [ 130.691075][ T28] audit: type=1326 audit(1768281691.301:345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6525 comm="syz.1.231" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca5778f749 code=0x7ffc0000 [ 130.779015][ T28] audit: type=1326 audit(1768281691.341:346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6525 comm="syz.1.231" exe="/root/syz-executor" sig=0 arch=c000003e syscall=163 compat=0 ip=0x7fca5778f749 code=0x7ffc0000 [ 130.889071][ T28] audit: type=1326 audit(1768281691.341:347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6525 comm="syz.1.231" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca5778f749 code=0x7ffc0000 [ 130.993974][ T28] audit: type=1326 audit(1768281691.341:348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6525 comm="syz.1.231" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca5778f749 code=0x7ffc0000 [ 131.886639][ T5780] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 131.896076][ T5780] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 131.905230][ T5780] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 131.915403][ T5780] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 131.939271][ T5780] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 131.949076][ T5780] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 132.174973][ T28] audit: type=1326 audit(1768281692.781:349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6559 comm="syz.3.236" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f844cf8f749 code=0x7ffc0000 [ 132.229589][ T28] audit: type=1326 audit(1768281692.811:350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6559 comm="syz.3.236" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f844cf8f749 code=0x7ffc0000 [ 132.285489][ T28] audit: type=1326 audit(1768281692.821:351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6559 comm="syz.3.236" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f844cf8f749 code=0x7ffc0000 [ 132.354054][ T28] audit: type=1326 audit(1768281692.821:352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6559 comm="syz.3.236" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f844cf8f749 code=0x7ffc0000 [ 132.390664][ T6563] netlink: 'syz.3.237': attribute type 3 has an invalid length. [ 132.413256][ T28] audit: type=1326 audit(1768281692.821:353): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6559 comm="syz.3.236" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f844cf8f749 code=0x7ffc0000 [ 132.475531][ T28] audit: type=1326 audit(1768281692.821:354): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6559 comm="syz.3.236" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f844cf8f749 code=0x7ffc0000 [ 132.824334][ T6556] chnl_net:caif_netlink_parms(): no params data found [ 133.052189][ T6579] netlink: 19 bytes leftover after parsing attributes in process `syz.2.243'. [ 133.107465][ T6556] bridge0: port 1(bridge_slave_0) entered blocking state [ 133.145630][ T6556] bridge0: port 1(bridge_slave_0) entered disabled state [ 133.157412][ T6556] bridge_slave_0: entered allmulticast mode [ 133.177452][ T6556] bridge_slave_0: entered promiscuous mode [ 133.211196][ T1281] ieee802154 phy0 wpan0: encryption failed: -22 [ 133.218810][ T1281] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.228892][ T6556] bridge0: port 2(bridge_slave_1) entered blocking state [ 133.245479][ T6556] bridge0: port 2(bridge_slave_1) entered disabled state [ 133.252808][ T6556] bridge_slave_1: entered allmulticast mode [ 133.280362][ T6556] bridge_slave_1: entered promiscuous mode [ 133.404808][ T6556] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 133.452956][ T6556] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 133.539091][ T6589] netlink: 'syz.2.247': attribute type 3 has an invalid length. [ 133.562086][ T6556] team0: Port device team_slave_0 added [ 133.572181][ T6556] team0: Port device team_slave_1 added [ 133.702507][ T6556] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 133.714343][ T6556] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 133.752905][ T6556] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 133.796726][ T6556] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 133.803762][ T6556] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 133.830841][ T6556] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 133.859573][ T6593] netlink: 'syz.3.251': attribute type 1 has an invalid length. [ 133.891556][ T6593] 8021q: adding VLAN 0 to HW filter on device bond1 [ 133.962878][ T6597] loop2: detected capacity change from 0 to 2048 [ 133.982312][ T6593] macvlan2: entered promiscuous mode [ 133.992130][ T6593] macvlan2: entered allmulticast mode [ 134.005645][ T5084] Bluetooth: hci4: command tx timeout [ 134.061591][ T6601] bond1: (slave ip6gretap1): making interface the new active one [ 134.071941][ T6601] bond1: (slave ip6gretap1): Enslaving as an active interface with an up link [ 134.102212][ T6597] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 134.163073][ T6597] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1231: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 134.182543][ T6556] hsr_slave_0: entered promiscuous mode [ 134.207455][ T6556] hsr_slave_1: entered promiscuous mode [ 134.220181][ T6597] EXT4-fs (loop2): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 18 with error 28 [ 134.231198][ T6556] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 134.243500][ T6597] EXT4-fs (loop2): This should not happen!! Data will be lost [ 134.243500][ T6597] [ 134.248132][ T6556] Cannot create hsr debugfs directory [ 134.263658][ T6597] EXT4-fs (loop2): Total free blocks count 0 [ 134.273917][ T6597] EXT4-fs (loop2): Free/Dirty block details [ 134.290579][ T6597] EXT4-fs (loop2): free_blocks=2415919104 [ 134.296426][ T6607] syz.3.253[6607] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 134.296552][ T6607] syz.3.253[6607] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 134.317561][ T6597] EXT4-fs (loop2): dirty_blocks=32 [ 134.334859][ T6597] EXT4-fs (loop2): Block reservation details [ 134.341391][ T6597] EXT4-fs (loop2): i_reserved_data_blocks=2 [ 134.364904][ T6607] loop3: detected capacity change from 0 to 512 [ 134.387042][ T5772] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 134.421638][ T6607] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 134.476777][ T6607] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=200ec018, mo2=0002] [ 134.526171][ T6607] System zones: 1-12 [ 134.548044][ T6607] EXT4-fs (loop3): 1 truncate cleaned up [ 134.582955][ T6607] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 134.831221][ T6556] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 134.849348][ T6556] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 134.862538][ T6556] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 134.892067][ T6556] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 135.040004][ T5771] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 135.154151][ T6556] 8021q: adding VLAN 0 to HW filter on device bond0 [ 135.194026][ T6556] 8021q: adding VLAN 0 to HW filter on device team0 [ 135.241965][ T4541] bridge0: port 1(bridge_slave_0) entered blocking state [ 135.249264][ T4541] bridge0: port 1(bridge_slave_0) entered forwarding state [ 135.273481][ T4541] bridge0: port 2(bridge_slave_1) entered blocking state [ 135.280739][ T4541] bridge0: port 2(bridge_slave_1) entered forwarding state [ 135.563938][ T6634] netlink: 43 bytes leftover after parsing attributes in process `syz.3.261'. [ 135.583271][ T6634] tipc: Started in network mode [ 135.590525][ T6634] tipc: Node identity aaaaaaaaaa32, cluster identity 4711 [ 135.598357][ T6634] tipc: Enabled bearer , priority 10 [ 135.926319][ T6556] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 136.086010][ T5084] Bluetooth: hci4: command tx timeout [ 136.212933][ T6647] wg2: entered promiscuous mode [ 136.218732][ T6647] wg2: entered allmulticast mode [ 136.604397][ T6556] veth0_vlan: entered promiscuous mode [ 136.613712][ T5875] tipc: Node number set to 10005162 [ 136.644604][ T6556] veth1_vlan: entered promiscuous mode [ 136.760105][ T6556] veth0_macvtap: entered promiscuous mode [ 136.781633][ T6556] veth1_macvtap: entered promiscuous mode [ 136.843931][ T6556] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 136.867085][ T6556] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 136.877538][ T6556] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 136.901196][ T6556] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 136.951451][ T6556] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 136.980971][ T6556] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 137.003635][ T6556] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 137.031321][ T6556] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 137.048413][ T6556] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 137.073900][ T6556] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 137.100433][ T6556] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 137.115551][ T6556] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 137.133245][ T6556] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 137.146010][ T6556] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 137.375135][ T33] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 137.405091][ T33] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 137.484685][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 137.504668][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 138.167568][ T5084] Bluetooth: hci4: command tx timeout [ 138.249937][ T6687] loop1: detected capacity change from 0 to 1024 [ 138.268489][ T6683] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 138.288178][ T6687] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 138.388163][ T6687] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 138.627409][ T5767] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 138.834424][ T6706] netlink: 12 bytes leftover after parsing attributes in process `syz.1.283'. [ 138.901288][ T28] kauditd_printk_skb: 30 callbacks suppressed [ 138.901304][ T28] audit: type=1326 audit(1768281699.511:385): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6704 comm="syz.1.283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca5778f749 code=0x7ffc0000 [ 138.961834][ T28] audit: type=1326 audit(1768281699.511:386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6704 comm="syz.1.283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca5778f749 code=0x7ffc0000 [ 139.050509][ T28] audit: type=1326 audit(1768281699.541:387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6704 comm="syz.1.283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fca5778f749 code=0x7ffc0000 [ 139.082640][ T6709] loop1: detected capacity change from 0 to 764 [ 139.118345][ T28] audit: type=1326 audit(1768281699.541:388): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6704 comm="syz.1.283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca5778f749 code=0x7ffc0000 [ 139.223869][ T28] audit: type=1326 audit(1768281699.541:389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6704 comm="syz.1.283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca5778f749 code=0x7ffc0000 [ 139.331429][ T28] audit: type=1326 audit(1768281699.541:390): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6704 comm="syz.1.283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fca5778f749 code=0x7ffc0000 [ 139.422332][ T28] audit: type=1326 audit(1768281699.541:391): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6704 comm="syz.1.283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca5778f749 code=0x7ffc0000 [ 139.483500][ T28] audit: type=1326 audit(1768281699.541:392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6704 comm="syz.1.283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fca5778f749 code=0x7ffc0000 [ 139.569467][ T28] audit: type=1326 audit(1768281699.551:393): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6704 comm="syz.1.283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca5778f749 code=0x7ffc0000 [ 139.638844][ T28] audit: type=1326 audit(1768281699.551:394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6704 comm="syz.1.283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fca5778f749 code=0x7ffc0000 [ 139.640253][ T6716] netlink: 12 bytes leftover after parsing attributes in process `syz.4.290'. [ 139.770419][ T6716] $Hÿ: renamed from bond0 (while UP) [ 139.799897][ T6716] $Hÿ: entered promiscuous mode [ 139.831790][ T6716] bond_slave_0: entered promiscuous mode [ 139.855689][ T6716] bond_slave_1: entered promiscuous mode [ 140.003737][ T6728] loop2: detected capacity change from 0 to 128 [ 140.103656][ T6728] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback. [ 140.117013][ T6728] ext4 filesystem being mounted at /99/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 140.245531][ T5084] Bluetooth: hci4: command tx timeout [ 140.466746][ T5772] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 141.016764][ T6758] netlink: 'syz.1.303': attribute type 10 has an invalid length. [ 141.044834][ T6758] bond0: (slave dummy0): Releasing backup interface [ 141.074140][ T6758] team0: Port device dummy0 added [ 141.108951][ T6760] netlink: 'syz.1.303': attribute type 10 has an invalid length. [ 141.191649][ T6760] team0: Port device dummy0 removed [ 141.215574][ T6760] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 141.295174][ T6766] netlink: 'syz.3.304': attribute type 13 has an invalid length. [ 142.061877][ T6766] bridge0: port 2(bridge_slave_1) entered disabled state [ 142.070684][ T6766] bridge0: port 1(bridge_slave_0) entered disabled state [ 142.889819][ T6766] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 142.941120][ T6766] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 143.217185][ T6766] tipc: Resetting bearer [ 143.425193][ T6766] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 143.434870][ T6766] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 143.456770][ T6766] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 143.467206][ T6766] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 143.821225][ T6784] loop3: detected capacity change from 0 to 128 [ 144.013956][ T6788] netlink: 8 bytes leftover after parsing attributes in process `syz.4.313'. [ 144.123604][ T6793] loop1: detected capacity change from 0 to 1024 [ 144.149238][ T6794] netlink: 'syz.3.315': attribute type 10 has an invalid length. [ 144.158307][ T6793] EXT4-fs: inline encryption not supported [ 144.185933][ T6793] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 144.224259][ T6794] bond0: (slave dummy0): Releasing backup interface [ 144.253612][ T6793] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 144.281315][ T6794] team0: Port device dummy0 added [ 144.308711][ T6795] netlink: 'syz.3.315': attribute type 10 has an invalid length. [ 144.487845][ T6795] team0: Port device dummy0 removed [ 144.503995][ T6795] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 144.664302][ T6809] netlink: 'syz.4.320': attribute type 13 has an invalid length. [ 144.721634][ T28] kauditd_printk_skb: 78 callbacks suppressed [ 144.721648][ T28] audit: type=1326 audit(1768281705.331:473): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6811 comm="syz.2.323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa21558f749 code=0x7ffc0000 [ 144.816556][ T28] audit: type=1326 audit(1768281705.371:474): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6811 comm="syz.2.323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=285 compat=0 ip=0x7fa21558f749 code=0x7ffc0000 [ 144.901232][ T28] audit: type=1326 audit(1768281705.371:475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6811 comm="syz.2.323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa21558f749 code=0x7ffc0000 [ 145.523729][ T6809] bridge0: port 2(bridge_slave_1) entered disabled state [ 145.531577][ T6809] bridge0: port 1(bridge_slave_0) entered disabled state [ 145.682999][ T5767] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 146.120396][ T6809] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 146.178200][ T6809] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 146.779632][ T6809] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 146.790848][ T6809] netdevsim netdevsim4 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 146.801285][ T6809] netdevsim netdevsim4 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 146.810574][ T6809] netdevsim netdevsim4 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 147.093862][ T6834] netlink: 'syz.1.330': attribute type 10 has an invalid length. [ 147.171320][ T6834] bond0: (slave dummy0): Releasing backup interface [ 147.221024][ T6834] team0: Port device dummy0 added [ 147.254442][ T6835] netlink: 'syz.1.330': attribute type 10 has an invalid length. [ 147.295149][ T28] audit: type=1326 audit(1768281707.901:476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6840 comm="syz.3.333" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f844cf8f749 code=0x7ffc0000 [ 147.333845][ T28] audit: type=1326 audit(1768281707.901:477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6840 comm="syz.3.333" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f844cf8f749 code=0x7ffc0000 [ 147.363555][ T28] audit: type=1326 audit(1768281707.951:478): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6840 comm="syz.3.333" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f844cf8f749 code=0x7ffc0000 [ 147.392579][ T28] audit: type=1326 audit(1768281707.951:479): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6840 comm="syz.3.333" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f844cf8f749 code=0x7ffc0000 [ 147.418030][ T6835] team0: Port device dummy0 removed [ 147.428814][ T6835] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 147.443448][ T28] audit: type=1326 audit(1768281707.961:480): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6840 comm="syz.3.333" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7f844cf8f749 code=0x7ffc0000 [ 147.505520][ T28] audit: type=1326 audit(1768281707.961:481): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6840 comm="syz.3.333" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f844cf8f749 code=0x7ffc0000 [ 147.536419][ T28] audit: type=1326 audit(1768281707.971:482): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6840 comm="syz.3.333" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f844cf8f749 code=0x7ffc0000 [ 148.063702][ T6864] netlink: 'syz.3.344': attribute type 10 has an invalid length. [ 148.170064][ T6864] bond0: (slave dummy0): Releasing backup interface [ 148.191350][ T6864] team0: Port device dummy0 added [ 148.224082][ T6865] netlink: 'syz.3.344': attribute type 10 has an invalid length. [ 148.279637][ T6865] team0: Port device dummy0 removed [ 148.289915][ T6865] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 148.478873][ T6877] usb usb6: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 148.515258][ T6879] loop4: detected capacity change from 0 to 128 [ 148.711677][ T6881] pim6reg1: entered promiscuous mode [ 148.729280][ T6881] pim6reg1: entered allmulticast mode [ 148.962868][ T6887] loop2: detected capacity change from 0 to 2048 [ 149.026698][ T6887] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none. [ 149.069211][ T6887] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1231: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 149.329103][ T5772] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000900. [ 149.928546][ T6897] lo speed is unknown, defaulting to 1000 [ 149.935871][ T6897] lo speed is unknown, defaulting to 1000 [ 149.959927][ T6897] lo speed is unknown, defaulting to 1000 [ 150.002858][ T6897] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 150.055810][ T6897] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98 [ 150.094322][ T6897] lo speed is unknown, defaulting to 1000 [ 150.103651][ T6897] lo speed is unknown, defaulting to 1000 [ 150.111979][ T6897] lo speed is unknown, defaulting to 1000 [ 150.119448][ T6897] lo speed is unknown, defaulting to 1000 [ 150.128379][ T6897] lo speed is unknown, defaulting to 1000 [ 150.136085][ T6897] lo speed is unknown, defaulting to 1000 [ 150.236912][ T6900] netlink: 'syz.1.358': attribute type 10 has an invalid length. [ 150.384738][ T6900] bond0: (slave dummy0): Releasing backup interface [ 150.492077][ T6900] team0: Port device dummy0 added [ 150.512116][ T6901] netlink: 'syz.1.358': attribute type 10 has an invalid length. [ 150.957492][ T6912] loop2: detected capacity change from 0 to 256 [ 151.000788][ T6912] FAT-fs (loop2): bogus number of FAT sectors [ 151.007081][ T6912] FAT-fs (loop2): Can't find a valid FAT filesystem [ 151.152425][ T6901] team0: Port device dummy0 removed [ 151.400055][ T6901] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 152.065304][ C1] sched: RT throttling activated [ 152.209475][ T28] audit: type=1326 audit(1768281712.821:483): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6923 comm="syz.3.367" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f844cf8f749 code=0x7ffc0000 [ 152.341842][ T28] audit: type=1326 audit(1768281712.851:484): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6923 comm="syz.3.367" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f844cf8f749 code=0x7ffc0000 [ 152.444758][ T28] audit: type=1326 audit(1768281712.871:485): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6923 comm="syz.3.367" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f844cf8f749 code=0x7ffc0000 [ 152.531288][ T28] audit: type=1326 audit(1768281712.871:486): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6923 comm="syz.3.367" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f844cf8f749 code=0x7ffc0000 [ 152.572571][ T6933] netlink: 36 bytes leftover after parsing attributes in process `syz.3.370'. [ 152.604193][ T28] audit: type=1326 audit(1768281712.871:487): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6923 comm="syz.3.367" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f844cf8f749 code=0x7ffc0000 [ 152.664910][ T28] audit: type=1326 audit(1768281712.871:488): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6923 comm="syz.3.367" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f844cf8f749 code=0x7ffc0000 [ 152.702331][ T28] audit: type=1326 audit(1768281712.881:489): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6923 comm="syz.3.367" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f844cf8f749 code=0x7ffc0000 [ 152.730368][ T28] audit: type=1326 audit(1768281712.881:490): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6923 comm="syz.3.367" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f844cf8f749 code=0x7ffc0000 [ 152.762164][ T28] audit: type=1326 audit(1768281712.881:491): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6923 comm="syz.3.367" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f844cf8f749 code=0x7ffc0000 [ 152.789857][ T28] audit: type=1326 audit(1768281712.881:492): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6923 comm="syz.3.367" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f844cf8f749 code=0x7ffc0000 [ 153.593074][ T6957] netlink: 44 bytes leftover after parsing attributes in process `syz.4.378'. [ 153.610896][ T6958] netlink: 4 bytes leftover after parsing attributes in process `syz.3.379'. [ 154.032590][ T6958] team0 (unregistering): Port device team_slave_0 removed [ 154.065514][ T6958] team0 (unregistering): Port device team_slave_1 removed [ 154.237167][ T6952] lo speed is unknown, defaulting to 1000 [ 154.765674][ T6990] netlink: 'syz.4.391': attribute type 10 has an invalid length. [ 154.774631][ T6989] loop2: detected capacity change from 0 to 512 [ 154.823655][ T6990] team0: Port device dummy0 added [ 154.833206][ T6989] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 154.892863][ T6991] netlink: 'syz.4.391': attribute type 10 has an invalid length. [ 154.903993][ T6989] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 154.956189][ T6989] ext4 filesystem being mounted at /130/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 155.050473][ T6991] team0: Port device dummy0 removed [ 155.084127][ T6991] dummy0: entered promiscuous mode [ 155.101388][ T6991] $Hÿ: (slave dummy0): Enslaving as an active interface with an up link [ 155.144944][ T5772] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 155.573501][ T7002] netlink: 4 bytes leftover after parsing attributes in process `syz.2.396'. [ 155.680123][ T7006] loop4: detected capacity change from 0 to 1024 [ 155.697887][ T7006] EXT4-fs: Ignoring removed orlov option [ 155.751192][ T7006] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 155.952866][ T7006] EXT4-fs (loop4): Online resizing not supported with bigalloc [ 156.044359][ T7013] capability: warning: `syz.3.401' uses deprecated v2 capabilities in a way that may be insecure [ 156.116124][ T6556] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 156.345567][ T7021] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 156.471361][ T7023] netlink: 'syz.4.406': attribute type 6 has an invalid length. [ 156.501476][ T7025] syz.3.407[7025] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 156.501622][ T7025] syz.3.407[7025] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 156.815936][ T7037] process 'syz.4.413' launched '/dev/fd/3' with NULL argv: empty string added [ 157.019449][ T4464] tipc: Subscription rejected, illegal request [ 157.035842][ T7042] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 157.096496][ T7045] netlink: 'syz.4.417': attribute type 10 has an invalid length. [ 157.616366][ T7057] lo speed is unknown, defaulting to 1000 [ 157.671528][ T4464] tipc: Subscription rejected, illegal request [ 157.875799][ T7070] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 158.158837][ T7081] netlink: 'syz.4.431': attribute type 13 has an invalid length. [ 158.401425][ T7078] lo speed is unknown, defaulting to 1000 [ 158.484716][ T7089] loop1: detected capacity change from 0 to 256 [ 158.503412][ T7089] FAT-fs (loop1): Unrecognized mount option "0x00000000000000060000000000000000000018446744073709551615" or missing value [ 158.592966][ T5776] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 158.623647][ T28] kauditd_printk_skb: 28 callbacks suppressed [ 158.623662][ T28] audit: type=1326 audit(1768281719.231:521): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7088 comm="syz.1.435" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fca5778f749 code=0x0 [ 158.883838][ T7098] netlink: 'syz.3.438': attribute type 10 has an invalid length. [ 158.993838][ T7103] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 159.403494][ T7113] lo speed is unknown, defaulting to 1000 [ 159.737611][ T7126] sctp: [Deprecated]: syz.1.450 (pid 7126) Use of struct sctp_assoc_value in delayed_ack socket option. [ 159.737611][ T7126] Use struct sctp_sack_info instead [ 159.813361][ T7128] netlink: 'syz.3.451': attribute type 10 has an invalid length. [ 160.203599][ T7137] loop3: detected capacity change from 0 to 512 [ 160.238987][ T7137] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 160.280824][ T7139] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING [ 160.347952][ T7137] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 160.364143][ T7137] ext4 filesystem being mounted at /133/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 160.417892][ T28] audit: type=1800 audit(1768281721.031:522): pid=7137 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.455" name="file2" dev="loop3" ino=16 res=0 errno=0 [ 160.500794][ T5771] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 160.712079][ T7150] netlink: 'syz.4.461': attribute type 10 has an invalid length. [ 160.751789][ T28] audit: type=1326 audit(1768281721.361:523): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7148 comm="syz.3.459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f844cf8f749 code=0x7ffc0000 [ 160.791750][ T7154] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 160.813568][ T28] audit: type=1326 audit(1768281721.361:524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7148 comm="syz.3.459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f844cf8f749 code=0x7ffc0000 [ 160.819643][ T7155] netlink: 12 bytes leftover after parsing attributes in process `syz.2.462'. [ 160.849642][ T28] audit: type=1326 audit(1768281721.361:525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7148 comm="syz.3.459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=269 compat=0 ip=0x7f844cf8f749 code=0x7ffc0000 [ 160.905548][ T7149] loop3: detected capacity change from 0 to 512 [ 160.920038][ T28] audit: type=1326 audit(1768281721.361:526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7148 comm="syz.3.459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f844cf8f749 code=0x7ffc0000 [ 160.954732][ T28] audit: type=1326 audit(1768281721.361:527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7148 comm="syz.3.459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f844cf8f749 code=0x7ffc0000 [ 160.959545][ T7149] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 160.989486][ T28] audit: type=1326 audit(1768281721.361:528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7148 comm="syz.3.459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f844cf8f749 code=0x7ffc0000 [ 161.039133][ T28] audit: type=1326 audit(1768281721.371:529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7148 comm="syz.3.459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7f844cf8f749 code=0x7ffc0000 [ 161.059437][ T7149] EXT4-fs (loop3): 1 truncate cleaned up [ 161.068295][ T7149] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 161.124759][ T7149] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 161.155224][ T28] audit: type=1326 audit(1768281721.371:530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7148 comm="syz.3.459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f844cf8f749 code=0x7ffc0000 [ 161.491703][ T7168] lo speed is unknown, defaulting to 1000 [ 162.090359][ T7171] lo speed is unknown, defaulting to 1000 [ 163.284598][ T7182] netlink: 'syz.3.471': attribute type 10 has an invalid length. [ 163.624462][ T7186] loop3: detected capacity change from 0 to 256 [ 163.748040][ T7188] netlink: 12 bytes leftover after parsing attributes in process `syz.1.473'. [ 164.172966][ T7196] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 164.508961][ T7206] netlink: 'syz.4.480': attribute type 10 has an invalid length. [ 164.839110][ T7212] netlink: 12 bytes leftover after parsing attributes in process `syz.2.483'. [ 164.975196][ T1316] tipc: Subscription rejected, illegal request [ 165.036877][ T28] kauditd_printk_skb: 71 callbacks suppressed [ 165.036891][ T28] audit: type=1326 audit(1768281725.651:602): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7217 comm="syz.2.486" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa21558f749 code=0x7ffc0000 [ 165.145460][ T28] audit: type=1326 audit(1768281725.681:603): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7217 comm="syz.2.486" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa21558f749 code=0x7ffc0000 [ 165.262061][ T28] audit: type=1326 audit(1768281725.681:604): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7217 comm="syz.2.486" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa21558f749 code=0x7ffc0000 [ 165.305373][ T28] audit: type=1326 audit(1768281725.691:605): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7217 comm="syz.2.486" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa21558f749 code=0x7ffc0000 [ 165.384816][ T28] audit: type=1326 audit(1768281725.691:606): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7217 comm="syz.2.486" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa21558f749 code=0x7ffc0000 [ 165.408798][ T7228] netlink: 'syz.3.490': attribute type 10 has an invalid length. [ 165.430956][ T28] audit: type=1326 audit(1768281725.691:607): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7217 comm="syz.2.486" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa21558f749 code=0x7ffc0000 [ 165.474500][ T28] audit: type=1326 audit(1768281725.691:608): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7217 comm="syz.2.486" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa21558f749 code=0x7ffc0000 [ 165.520518][ T28] audit: type=1326 audit(1768281725.691:609): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7217 comm="syz.2.486" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa21558f749 code=0x7ffc0000 [ 165.604556][ T28] audit: type=1326 audit(1768281725.691:610): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7217 comm="syz.2.486" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa21558f749 code=0x7ffc0000 [ 165.656012][ T28] audit: type=1326 audit(1768281725.691:611): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7217 comm="syz.2.486" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7fa21558f749 code=0x7ffc0000 [ 165.806450][ T7242] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 166.051003][ T7251] netlink: 27 bytes leftover after parsing attributes in process `syz.4.501'. [ 166.148512][ T7253] syz.1.502[7253] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 166.148665][ T7253] syz.1.502[7253] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 166.353906][ T7256] netlink: 'syz.4.503': attribute type 10 has an invalid length. [ 166.613885][ T7261] pim6reg: entered allmulticast mode [ 166.834987][ T7268] loop4: detected capacity change from 0 to 764 [ 166.882916][ T7268] Symlink component flag not implemented [ 166.915273][ T7268] Symlink component flag not implemented [ 166.932743][ T7268] Symlink component flag not implemented (129) [ 166.959474][ T7268] Symlink component flag not implemented (6) [ 166.982040][ T7268] rock: directory entry would overflow storage [ 167.004592][ T7268] rock: sig=0x4f50, size=4, remaining=3 [ 167.023348][ T7268] iso9660: Corrupted directory entry in block 6 of inode 1792 [ 167.279756][ T7278] netlink: 'syz.1.513': attribute type 10 has an invalid length. [ 167.304243][ T7281] --map-set only usable from mangle table [ 167.326784][ T7282] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 167.343897][ T7281] loop4: detected capacity change from 0 to 1024 [ 167.357947][ T7281] ext4: Bad value for 'resgid' [ 167.714576][ T7293] netlink: 4 bytes leftover after parsing attributes in process `syz.1.520'. [ 168.008191][ T7305] (null): rxe_set_mtu: Set mtu to 1024 [ 168.248224][ T7312] netlink: 8 bytes leftover after parsing attributes in process `syz.2.525'. [ 168.555439][ T7314] loop1: detected capacity change from 0 to 256 [ 168.725545][ T7314] FAT-fs (loop1): bogus number of FAT sectors [ 168.731842][ T7314] FAT-fs (loop1): Can't find a valid FAT filesystem [ 169.479231][ T7316] netlink: 68 bytes leftover after parsing attributes in process `syz.2.526'. [ 169.718992][ T7305] infiniband syz!: set down [ 169.746790][ T7305] infiniband syz!: added team_slave_0 [ 169.764525][ T7305] syz!: rxe_create_cq: returned err = -12 [ 169.806009][ T7305] infiniband syz!: Couldn't create ib_mad CQ [ 169.812317][ T7305] infiniband syz!: Couldn't open port 1 [ 169.972318][ T7305] RDS/IB: syz!: added [ 170.016512][ T7305] smc: adding ib device syz! with port count 1 [ 170.055685][ T7305] smc: ib device syz! port 1 has pnetid [ 170.182367][ T7297] syz.4.522: vmalloc error: size 536870912, failed to allocated page array size 1048576, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=syz4,mems_allowed=0-1 [ 170.221599][ T7297] CPU: 1 PID: 7297 Comm: syz.4.522 Not tainted syzkaller #0 [ 170.228969][ T7297] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 170.239078][ T7297] Call Trace: [ 170.242428][ T7297] [ 170.245402][ T7297] dump_stack_lvl+0x16c/0x230 [ 170.250149][ T7297] ? show_regs_print_info+0x20/0x20 [ 170.255392][ T7297] ? load_image+0x3b0/0x3b0 [ 170.259954][ T7297] ? cpuset_print_current_mems_allowed+0x1f/0x360 [ 170.266417][ T7297] ? cpuset_print_current_mems_allowed+0x2e3/0x360 [ 170.272970][ T7297] warn_alloc+0x210/0x300 [ 170.277362][ T7297] ? zone_watermark_ok_safe+0x230/0x230 [ 170.282975][ T7297] ? _raw_spin_unlock+0x28/0x40 [ 170.287882][ T7297] __vmalloc_node_range+0x662/0x1320 [ 170.293217][ T7297] ? __asan_memset+0x22/0x40 [ 170.297969][ T7297] ? free_vm_area+0x50/0x50 [ 170.302521][ T7297] ? kvmalloc_node+0x70/0x180 [ 170.307248][ T7297] ? rcu_is_watching+0x15/0xb0 [ 170.312061][ T7297] ? kvmalloc_node+0x70/0x180 [ 170.316779][ T7297] ? trace_kmalloc+0x1f/0xa0 [ 170.321432][ T7297] kvmalloc_node+0x13f/0x180 [ 170.326069][ T7297] ? translate_table+0x19c/0x2020 [ 170.331149][ T7297] translate_table+0x19c/0x2020 [ 170.336114][ T7297] ? ip6t_register_table+0x7b0/0x7b0 [ 170.341453][ T7297] ? __might_fault+0xaa/0x120 [ 170.346174][ T7297] ? __lock_acquire+0x7c80/0x7c80 [ 170.351248][ T7297] ? __virt_addr_valid+0x18c/0x540 [ 170.356410][ T7297] ? __might_fault+0xaa/0x120 [ 170.361136][ T7297] ? __might_fault+0xc6/0x120 [ 170.365852][ T7297] ? __might_fault+0xaa/0x120 [ 170.370592][ T7297] do_ip6t_set_ctl+0x969/0xcd0 [ 170.375411][ T7297] ? ip6t_unregister_table_exit+0x230/0x230 [ 170.381362][ T7297] ? __lock_acquire+0x7c80/0x7c80 [ 170.386444][ T7297] ? rcu_is_watching+0x15/0xb0 [ 170.391263][ T7297] ? trace_contention_end+0x39/0xe0 [ 170.396544][ T7297] ? __mutex_unlock_slowpath+0x1a2/0x6a0 [ 170.402245][ T7297] ? mutex_unlock+0x10/0x10 [ 170.406806][ T7297] ? __might_sleep+0xe0/0xe0 [ 170.411448][ T7297] ? mutex_lock_nested+0x20/0x20 [ 170.416445][ T7297] nf_setsockopt+0x263/0x280 [ 170.421094][ T7297] ? sock_common_recvmsg+0x1b0/0x1b0 [ 170.426428][ T7297] smc_setsockopt+0x229/0xab0 [ 170.431155][ T7297] ? smc_shutdown+0x9b0/0x9b0 [ 170.435873][ T7297] ? __fget_files+0x28/0x4d0 [ 170.440537][ T7297] ? bpf_lsm_socket_setsockopt+0x9/0x10 [ 170.446139][ T7297] ? security_socket_setsockopt+0x7e/0xa0 [ 170.451901][ T7297] ? smc_shutdown+0x9b0/0x9b0 [ 170.456628][ T7297] do_sock_setsockopt+0x175/0x1a0 [ 170.461789][ T7297] ? __fdget+0x180/0x210 [ 170.466084][ T7297] __x64_sys_setsockopt+0x184/0x200 [ 170.471329][ T7297] do_syscall_64+0x55/0xb0 [ 170.475781][ T7297] ? clear_bhb_loop+0x40/0x90 [ 170.480498][ T7297] ? clear_bhb_loop+0x40/0x90 [ 170.485224][ T7297] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 170.491164][ T7297] RIP: 0033:0x7ff790b8f749 [ 170.495633][ T7297] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 170.515373][ T7297] RSP: 002b:00007ff791ada038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 170.523847][ T7297] RAX: ffffffffffffffda RBX: 00007ff790de5fa0 RCX: 00007ff790b8f749 [ 170.531871][ T7297] RDX: 0000000000000040 RSI: 0000000000000029 RDI: 0000000000000003 [ 170.539931][ T7297] RBP: 00007ff790c13f91 R08: 0000000000000330 R09: 0000000000000000 [ 170.547944][ T7297] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000 [ 170.555957][ T7297] R13: 00007ff790de6038 R14: 00007ff790de5fa0 R15: 00007ffdaf3ee518 [ 170.564001][ T7297] [ 171.029222][ T7297] Mem-Info: [ 171.032428][ T7297] active_anon:5075 inactive_anon:0 isolated_anon:0 [ 171.032428][ T7297] active_file:662 inactive_file:43101 isolated_file:0 [ 171.032428][ T7297] unevictable:768 dirty:106 writeback:0 [ 171.032428][ T7297] slab_reclaimable:10247 slab_unreclaimable:148721 [ 171.032428][ T7297] mapped:24336 shmem:1378 pagetables:542 [ 171.032428][ T7297] sec_pagetables:0 bounce:0 [ 171.032428][ T7297] kernel_misc_reclaimable:0 [ 171.032428][ T7297] free:1281643 free_pcp:12482 free_cma:0 [ 171.079998][ T7297] Node 0 active_anon:20300kB inactive_anon:0kB active_file:2648kB inactive_file:172196kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:97344kB dirty:424kB writeback:0kB shmem:3976kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:12044kB pagetables:2168kB sec_pagetables:0kB all_unreclaimable? no [ 171.112256][ T7297] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:208kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no [ 171.166317][ T7297] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 171.225675][ T7297] lowmem_reserve[]: 0 2525 2526 2526 2526 [ 171.252496][ T7297] Node 0 DMA32 free:1218476kB boost:0kB min:34676kB low:43344kB high:52012kB reserved_highatomic:0KB active_anon:20352kB inactive_anon:0kB active_file:2648kB inactive_file:170864kB unevictable:1536kB writepending:424kB present:3129332kB managed:2589632kB mlocked:0kB bounce:0kB free_pcp:22544kB local_pcp:20628kB free_cma:0kB [ 171.297279][ T7297] lowmem_reserve[]: 0 0 1 1 1 [ 171.302107][ T7297] Node 0 Normal free:4kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB active_anon:48kB inactive_anon:0kB active_file:0kB inactive_file:1332kB unevictable:0kB writepending:0kB present:1048576kB managed:1384kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 171.333261][ T7326] netlink: 16 bytes leftover after parsing attributes in process `syz.2.532'. [ 171.344441][ T7297] lowmem_reserve[]: 0 0 0 0 0 [ 171.349789][ T7297] Node 1 Normal free:3892224kB boost:0kB min:55208kB low:69008kB high:82808kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:208kB unevictable:1536kB writepending:0kB present:4194304kB managed:4117312kB mlocked:0kB bounce:0kB free_pcp:27128kB local_pcp:9904kB free_cma:0kB [ 171.381584][ T7297] lowmem_reserve[]: 0 0 0 0 0 [ 171.386515][ T7297] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 171.401096][ T7297] Node 0 DMA32: 126*4kB (UME) 55*8kB (ME) 25*16kB (UME) 18*32kB (UME) 84*64kB (ME) 23*128kB (ME) 9*256kB (ME) 9*512kB (UM) 3*1024kB (UE) 3*2048kB (UME) 291*4096kB (UM) = 1218304kB [ 171.419435][ T7297] Node 0 Normal: 1*4kB (M) 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 4kB [ 171.474151][ T7297] Node 1 Normal: 264*4kB (UME) 62*8kB (UME) 37*16kB (UME) 53*32kB (UME) 28*64kB (UME) 6*128kB (UE) 1*256kB (U) 3*512kB (UME) 1*1024kB (U) 2*2048kB (UE) 947*4096kB (M) = 3892224kB [ 171.518481][ T7297] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 171.533355][ T7297] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB [ 171.587641][ T7297] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 171.611153][ T28] kauditd_printk_skb: 58 callbacks suppressed [ 171.611169][ T28] audit: type=1326 audit(1768281732.221:670): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7327 comm="syz.1.531" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca5778f749 code=0x7ffc0000 [ 171.646502][ T7297] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 171.660561][ T7297] 45120 total pagecache pages [ 171.666569][ T7297] 0 pages in swap cache [ 171.670959][ T7297] Free swap = 124464kB [ 171.679803][ T7297] Total swap = 124996kB [ 171.686130][ T28] audit: type=1326 audit(1768281732.231:671): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7327 comm="syz.1.531" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fca5778f749 code=0x7ffc0000 [ 171.716315][ T7297] 2097051 pages RAM [ 171.721406][ T7335] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 171.733368][ T7297] 0 pages HighMem/MovableOnly [ 171.739832][ T7297] 416129 pages reserved [ 171.744699][ T7297] 0 pages cma reserved [ 171.752995][ T28] audit: type=1326 audit(1768281732.231:672): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7327 comm="syz.1.531" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca5778f749 code=0x7ffc0000 [ 171.800631][ T28] audit: type=1326 audit(1768281732.231:673): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7327 comm="syz.1.531" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca5778f749 code=0x7ffc0000 [ 171.944768][ T7337] netlink: 8 bytes leftover after parsing attributes in process `syz.1.534'. [ 173.400613][ T7358] netlink: 8 bytes leftover after parsing attributes in process `syz.2.543'. [ 173.526845][ T7360] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 174.193781][ T28] audit: type=1326 audit(1768281734.801:674): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7373 comm="syz.1.551" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca5778f749 code=0x7ffc0000 [ 174.228705][ T7379] netlink: 8 bytes leftover after parsing attributes in process `syz.2.553'. [ 174.273090][ T28] audit: type=1326 audit(1768281734.831:675): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7373 comm="syz.1.551" exe="/root/syz-executor" sig=0 arch=c000003e syscall=68 compat=0 ip=0x7fca5778f749 code=0x7ffc0000 [ 174.325614][ T28] audit: type=1326 audit(1768281734.831:676): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7373 comm="syz.1.551" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca5778f749 code=0x7ffc0000 [ 174.382548][ T28] audit: type=1326 audit(1768281734.941:677): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7380 comm="syz.4.554" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff790b8f749 code=0x7ffc0000 [ 174.411232][ T28] audit: type=1326 audit(1768281734.941:678): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7380 comm="syz.4.554" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff790b8f749 code=0x7ffc0000 [ 174.453317][ T28] audit: type=1326 audit(1768281734.981:679): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7380 comm="syz.4.554" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff790b8f749 code=0x7ffc0000 [ 174.508726][ T7385] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 174.862434][ T7393] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 174.964351][ T7402] netlink: 8 bytes leftover after parsing attributes in process `syz.2.564'. [ 175.042095][ T7393] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 175.205150][ T7393] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 175.338947][ T7393] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 175.510087][ T7415] netlink: 'syz.2.570': attribute type 3 has an invalid length. [ 175.545024][ T7393] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 175.635844][ T7393] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 175.687739][ T7393] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 175.721177][ T7421] netlink: 8 bytes leftover after parsing attributes in process `syz.2.573'. [ 175.770422][ T7393] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 179.719161][ T7452] netlink: 8 bytes leftover after parsing attributes in process `syz.3.583'. [ 179.996497][ T7458] loop3: detected capacity change from 0 to 1024 [ 180.111418][ T7458] EXT4-fs (loop3): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 180.133486][ T7458] ext4 filesystem being mounted at /163/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 180.252563][ T5771] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 181.565977][ T7480] netlink: 8 bytes leftover after parsing attributes in process `syz.2.593'. [ 182.095569][ T28] kauditd_printk_skb: 29 callbacks suppressed [ 182.095584][ T28] audit: type=1326 audit(1768281742.691:709): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7488 comm="syz.1.598" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fca5778f749 code=0x0 [ 182.158945][ T28] audit: type=1326 audit(1768281742.741:710): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7490 comm="syz.2.599" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa21558f749 code=0x7ffc0000 [ 182.198212][ T28] audit: type=1326 audit(1768281742.751:711): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7490 comm="syz.2.599" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fa21558e3aa code=0x7ffc0000 [ 182.244866][ T28] audit: type=1326 audit(1768281742.751:712): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7490 comm="syz.2.599" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fa2155c2005 code=0x7ffc0000 [ 182.340792][ T28] audit: type=1326 audit(1768281742.951:713): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7490 comm="syz.2.599" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa21558f749 code=0x7ffc0000 [ 182.395098][ T28] audit: type=1326 audit(1768281742.951:714): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7490 comm="syz.2.599" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa21558f749 code=0x7ffc0000 [ 183.015793][ T7505] netlink: 8 bytes leftover after parsing attributes in process `syz.2.605'. [ 183.109433][ T7507] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 183.889717][ T7527] netlink: 8 bytes leftover after parsing attributes in process `syz.4.614'. [ 184.259868][ T7532] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 185.307841][ T7537] DRBG: could not allocate digest TFM handle: hmac(sha512) [ 186.880953][ T7574] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 188.131571][ T7598] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 188.655859][ T7608] netlink: 'syz.1.643': attribute type 13 has an invalid length. [ 189.804486][ T7608] bridge0: port 2(bridge_slave_1) entered disabled state [ 189.813172][ T7608] bridge0: port 1(bridge_slave_0) entered disabled state [ 190.686036][ T7608] netdevsim netdevsim1 eth0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 190.700157][ T7608] netdevsim netdevsim1 eth1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 190.708879][ T7608] netdevsim netdevsim1 eth2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 190.720465][ T7608] netdevsim netdevsim1 eth3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 192.621170][ T28] audit: type=1326 audit(1768281753.231:715): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7669 comm="syz.1.665" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca5778f749 code=0x7ffc0000 [ 192.621228][ T28] audit: type=1326 audit(1768281753.231:716): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7669 comm="syz.1.665" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7fca5778f749 code=0x7ffc0000 [ 192.621273][ T28] audit: type=1326 audit(1768281753.231:717): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7669 comm="syz.1.665" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7fca5778f749 code=0x7ffc0000 [ 194.165316][ T7688] DRBG: could not allocate digest TFM handle: hmac(sha512) [ 194.650560][ T1281] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.657130][ T1281] ieee802154 phy1 wpan1: encryption failed: -22 [ 195.347113][ T7716] netlink: 'syz.3.681': attribute type 10 has an invalid length. [ 195.359266][ T7716] bond0: (slave dummy0): Releasing backup interface [ 197.070863][ T28] audit: type=1326 audit(1768281757.681:718): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7738 comm="syz.2.690" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa21558f749 code=0x7ffc0000 [ 197.160425][ T28] audit: type=1326 audit(1768281757.711:719): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7738 comm="syz.2.690" exe="/root/syz-executor" sig=0 arch=c000003e syscall=115 compat=0 ip=0x7fa21558f749 code=0x7ffc0000 [ 197.244121][ T28] audit: type=1326 audit(1768281757.711:720): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7738 comm="syz.2.690" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa21558f749 code=0x7ffc0000 [ 197.320289][ T28] audit: type=1326 audit(1768281757.711:721): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7738 comm="syz.2.690" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa21558f749 code=0x7ffc0000 [ 198.104232][ T7748] netlink: 4 bytes leftover after parsing attributes in process `syz.3.693'. [ 198.153784][ T7748] team0: entered promiscuous mode [ 198.172281][ T7748] team0: entered allmulticast mode [ 198.186175][ T7748] 8021q: adding VLAN 0 to HW filter on device team0 [ 198.447978][ T7759] loop4: detected capacity change from 0 to 128 [ 198.491967][ T7759] tipc: Started in network mode [ 198.504731][ T7759] tipc: Node identity 4, cluster identity 4711 [ 198.514924][ T7759] tipc: Node number set to 4 [ 199.799118][ T7797] netlink: 'syz.4.715': attribute type 13 has an invalid length. [ 200.642509][ T28] audit: type=1326 audit(1768281761.251:722): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7817 comm="syz.2.723" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa21558f749 code=0x7fc00000 [ 200.735447][ T28] audit: type=1326 audit(1768281761.261:723): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7817 comm="syz.2.723" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa21558f749 code=0x7fc00000 [ 200.773969][ T28] audit: type=1326 audit(1768281761.271:724): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7817 comm="syz.2.723" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa21558f749 code=0x7fc00000 [ 200.824119][ T28] audit: type=1326 audit(1768281761.281:725): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7817 comm="syz.2.723" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa21558f749 code=0x7fc00000 [ 200.866768][ T28] audit: type=1326 audit(1768281761.291:726): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7817 comm="syz.2.723" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa21558f749 code=0x7fc00000 [ 200.912437][ T28] audit: type=1326 audit(1768281761.321:727): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7817 comm="syz.2.723" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa21558f749 code=0x7fc00000 [ 200.961332][ T28] audit: type=1326 audit(1768281761.331:728): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7817 comm="syz.2.723" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa21558f749 code=0x7fc00000 [ 201.055927][ T28] audit: type=1326 audit(1768281761.341:729): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7817 comm="syz.2.723" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa21558f749 code=0x7fc00000 [ 201.098668][ T28] audit: type=1326 audit(1768281761.351:730): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7817 comm="syz.2.723" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa21558f749 code=0x7fc00000 [ 201.156519][ T28] audit: type=1326 audit(1768281761.361:731): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7817 comm="syz.2.723" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa21558f749 code=0x7fc00000 [ 201.545539][ T7832] netlink: 'syz.4.729': attribute type 13 has an invalid length. [ 202.668136][ T7854] netlink: 8 bytes leftover after parsing attributes in process `syz.3.738'. [ 202.754614][ T7856] netlink: 'syz.4.739': attribute type 13 has an invalid length. [ 203.834883][ T7882] netlink: 'syz.4.751': attribute type 13 has an invalid length. [ 204.849308][ T7908] netlink: 'syz.4.762': attribute type 13 has an invalid length. [ 204.894998][ T7909] netlink: 12 bytes leftover after parsing attributes in process `syz.2.758'. [ 205.317984][ T7924] netlink: 4 bytes leftover after parsing attributes in process `syz.4.766'. [ 205.347669][ T7924] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 205.385527][ T7924] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 205.954801][ T28] kauditd_printk_skb: 87 callbacks suppressed [ 205.954816][ T28] audit: type=1326 audit(1768281766.561:819): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7939 comm="syz.2.770" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa21558f749 code=0x7ffc0000 [ 206.006432][ T28] audit: type=1326 audit(1768281766.561:820): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7939 comm="syz.2.770" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa21558f749 code=0x7ffc0000 [ 206.066793][ T28] audit: type=1326 audit(1768281766.601:821): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7939 comm="syz.2.770" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa21558f749 code=0x7ffc0000 [ 206.089024][ C1] vkms_vblank_simulate: vblank timer overrun [ 206.172465][ T28] audit: type=1326 audit(1768281766.601:822): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7939 comm="syz.2.770" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa21558f749 code=0x7ffc0000 [ 206.235188][ T28] audit: type=1326 audit(1768281766.601:823): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7939 comm="syz.2.770" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa21558f749 code=0x7ffc0000 [ 206.282059][ T28] audit: type=1326 audit(1768281766.621:824): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7939 comm="syz.2.770" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa21558f749 code=0x7ffc0000 [ 206.304389][ C1] vkms_vblank_simulate: vblank timer overrun [ 206.311999][ T28] audit: type=1326 audit(1768281766.621:825): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7939 comm="syz.2.770" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa21558f749 code=0x7ffc0000 [ 206.343793][ T28] audit: type=1326 audit(1768281766.621:826): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7939 comm="syz.2.770" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa21558f749 code=0x7ffc0000 [ 206.366926][ T28] audit: type=1326 audit(1768281766.641:827): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7939 comm="syz.2.770" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa21558f749 code=0x7ffc0000 [ 206.389119][ C1] vkms_vblank_simulate: vblank timer overrun [ 206.406431][ T28] audit: type=1326 audit(1768281766.641:828): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7939 comm="syz.2.770" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa21558f749 code=0x7ffc0000 [ 206.750241][ T7960] bridge0: port 3(gretap0) entered blocking state [ 206.757893][ T7960] bridge0: port 3(gretap0) entered disabled state [ 206.764676][ T7960] gretap0: entered allmulticast mode [ 206.785913][ T7960] gretap0: entered promiscuous mode [ 206.805195][ T7962] netlink: 'syz.2.776': attribute type 13 has an invalid length. [ 207.008202][ T7969] bridge1: entered promiscuous mode [ 207.014268][ T7969] bridge1: entered allmulticast mode [ 207.039474][ T7969] team0: Port device bridge1 added [ 207.045601][ T7970] tipc: Enabled bearer , priority 0 [ 207.052696][ T7971] bridge0: port 3(team0) entered blocking state [ 207.059709][ T7971] bridge0: port 3(team0) entered disabled state [ 207.066454][ T7971] team0: entered allmulticast mode [ 207.071738][ T7971] team_slave_0: entered allmulticast mode [ 207.080530][ T7971] team_slave_1: entered allmulticast mode [ 207.105153][ T7971] team0: entered promiscuous mode [ 207.120678][ T7971] team_slave_0: entered promiscuous mode [ 207.133284][ T7971] team_slave_1: entered promiscuous mode [ 207.192946][ T7963] tipc: Disabling bearer [ 208.381650][ T7998] loop4: detected capacity change from 0 to 8192 [ 208.925115][ T8008] netlink: 596 bytes leftover after parsing attributes in process `syz.2.793'. [ 209.338973][ T8015] loop4: detected capacity change from 0 to 8192 [ 209.633817][ T8024] netlink: 4 bytes leftover after parsing attributes in process `syz.4.799'. [ 209.656592][ T8024] netlink: 4 bytes leftover after parsing attributes in process `syz.4.799'. [ 211.112806][ T8052] netlink: 'syz.3.807': attribute type 13 has an invalid length. [ 211.730013][ T8070] atomic_op ffff88807bf46198 conn xmit_atomic 0000000000000000 [ 211.917846][ T5874] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 211.946150][ T5874] hid-generic 0000:0000:0000.0001: hidraw0: HID v0.00 Device [syz1] on syz0 [ 212.002137][ T8081] netlink: 'syz.4.817': attribute type 13 has an invalid length. [ 212.100152][ T5777] Bluetooth: hci2: command 0x0406 tx timeout [ 212.106879][ T5777] Bluetooth: hci3: command 0x0406 tx timeout [ 212.222478][ T8084] netlink: 28 bytes leftover after parsing attributes in process `syz.1.818'. [ 212.248146][ T8084] netlink: 28 bytes leftover after parsing attributes in process `syz.1.818'. [ 214.123368][ T8082] fido_id[8082]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 214.651703][ T28] kauditd_printk_skb: 9 callbacks suppressed [ 214.651719][ T28] audit: type=1326 audit(1768281775.261:838): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8102 comm="syz.3.823" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f844cf8f749 code=0x7ffc0000 [ 214.771499][ T8103] loop3: detected capacity change from 0 to 512 [ 214.781350][ T28] audit: type=1326 audit(1768281775.301:839): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8102 comm="syz.3.823" exe="/root/syz-executor" sig=0 arch=c000003e syscall=269 compat=0 ip=0x7f844cf8f749 code=0x7ffc0000 [ 214.901680][ T8103] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 214.929838][ T28] audit: type=1326 audit(1768281775.301:840): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8102 comm="syz.3.823" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f844cf8f749 code=0x7ffc0000 [ 215.003921][ T8103] EXT4-fs (loop3): 1 truncate cleaned up [ 215.040942][ T8103] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 215.050425][ T28] audit: type=1326 audit(1768281775.301:841): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8102 comm="syz.3.823" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f844cf8f749 code=0x7ffc0000 [ 215.076212][ T28] audit: type=1326 audit(1768281775.311:842): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8102 comm="syz.3.823" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f844cf8f749 code=0x7ffc0000 [ 215.100585][ T28] audit: type=1326 audit(1768281775.311:843): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8102 comm="syz.3.823" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f844cf8f749 code=0x7ffc0000 [ 215.123085][ T28] audit: type=1326 audit(1768281775.311:844): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8102 comm="syz.3.823" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f844cf8f749 code=0x7ffc0000 [ 215.149654][ T28] audit: type=1326 audit(1768281775.311:845): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8102 comm="syz.3.823" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7f844cf8f749 code=0x7ffc0000 [ 215.172128][ T28] audit: type=1326 audit(1768281775.311:846): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8102 comm="syz.3.823" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f844cf8f749 code=0x7ffc0000 [ 215.194677][ T28] audit: type=1326 audit(1768281775.321:847): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8102 comm="syz.3.823" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7f844cf8f749 code=0x7ffc0000 [ 215.222672][ T8103] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 215.836330][ T8106] Bluetooth: hci0: Opcode 0x0c03 failed: -4 [ 216.144006][ T8121] netlink: 'syz.1.827': attribute type 13 has an invalid length. [ 217.176578][ T8148] netlink: 4 bytes leftover after parsing attributes in process `syz.3.835'. [ 217.240710][ T8153] netlink: 12 bytes leftover after parsing attributes in process `syz.3.835'. [ 217.408949][ T8148] netlink: 3 bytes leftover after parsing attributes in process `syz.3.835'. [ 217.766842][ T8143] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 217.778563][ T8143] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 217.790470][ T8143] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 217.807194][ T8143] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 217.813404][ T8143] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 217.833544][ T8143] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 217.849846][ T8143] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 217.880154][ T8143] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 217.981301][ T8174] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 217.991053][ T8174] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 218.000218][ T8174] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 218.009487][ T8174] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 218.048032][ T8174] netdevsim netdevsim2 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 218.057304][ T8174] netdevsim netdevsim2 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 218.066515][ T8174] netdevsim netdevsim2 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 218.075987][ T8174] netdevsim netdevsim2 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 218.331454][ T8186] atomic_op ffff888058406998 conn xmit_atomic 0000000000000000 [ 218.466837][ T8191] syz.1.850[8191] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 218.466983][ T8191] syz.1.850[8191] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 219.845600][ T51] Bluetooth: hci3: command 0x0406 tx timeout [ 219.863093][ T5777] Bluetooth: hci2: command 0x0406 tx timeout [ 219.865965][ T5780] Bluetooth: hci4: command 0x0c1a tx timeout [ 219.889928][ T28] kauditd_printk_skb: 71 callbacks suppressed [ 219.889942][ T28] audit: type=1326 audit(1768281780.501:919): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8220 comm="syz.1.861" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca5778f749 code=0x7ffc0000 [ 219.929078][ T28] audit: type=1326 audit(1768281780.501:920): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8220 comm="syz.1.861" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca5778f749 code=0x7ffc0000 [ 219.953821][ T28] audit: type=1326 audit(1768281780.531:921): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8220 comm="syz.1.861" exe="/root/syz-executor" sig=0 arch=c000003e syscall=269 compat=0 ip=0x7fca5778f749 code=0x7ffc0000 [ 219.976631][ T28] audit: type=1326 audit(1768281780.531:922): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8220 comm="syz.1.861" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca5778f749 code=0x7ffc0000 [ 219.999513][ T28] audit: type=1326 audit(1768281780.541:923): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8220 comm="syz.1.861" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca5778f749 code=0x7ffc0000 [ 220.022730][ T28] audit: type=1326 audit(1768281780.581:924): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8220 comm="syz.1.861" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fca5778f749 code=0x7ffc0000 [ 220.064620][ T28] audit: type=1326 audit(1768281780.581:925): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8220 comm="syz.1.861" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca5778f749 code=0x7ffc0000 [ 220.113285][ T28] audit: type=1326 audit(1768281780.581:926): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8220 comm="syz.1.861" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca5778f749 code=0x7ffc0000 [ 220.188494][ T28] audit: type=1326 audit(1768281780.601:927): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8220 comm="syz.1.861" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7fca5778f749 code=0x7ffc0000 [ 220.235907][ T28] audit: type=1326 audit(1768281780.601:928): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8220 comm="syz.1.861" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca5778f749 code=0x7ffc0000 [ 221.766938][ T5780] Bluetooth: hci1: command 0x1003 tx timeout [ 221.785465][ T5084] Bluetooth: hci1: Opcode 0x1003 failed: -110 [ 221.927170][ T5084] Bluetooth: hci2: command 0x0406 tx timeout [ 221.935830][ T5084] Bluetooth: hci4: command 0x0c1a tx timeout [ 221.941992][ T5084] Bluetooth: hci3: command 0x0406 tx timeout [ 222.523625][ T8253] loop4: detected capacity change from 0 to 512 [ 222.694995][ T8253] EXT4-fs warning (device loop4): ext4_enable_quotas:7184: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 222.783819][ T8253] EXT4-fs (loop4): mount failed [ 224.005422][ T5084] Bluetooth: hci4: command 0x0c1a tx timeout [ 225.054895][ T5879] hid-generic 0003:0002:0004.0002: unknown main item tag 0x0 [ 225.083321][ T5879] hid-generic 0003:0002:0004.0002: unknown main item tag 0x0 [ 225.103934][ T5879] hid-generic 0003:0002:0004.0002: unknown main item tag 0x0 [ 225.123339][ T5879] hid-generic 0003:0002:0004.0002: unknown main item tag 0x0 [ 225.145480][ T5879] hid-generic 0003:0002:0004.0002: unknown main item tag 0x0 [ 225.156845][ T5879] hid-generic 0003:0002:0004.0002: unknown main item tag 0x0 [ 225.175417][ T5879] hid-generic 0003:0002:0004.0002: unknown main item tag 0x0 [ 225.182892][ T5879] hid-generic 0003:0002:0004.0002: unknown main item tag 0x0 [ 225.212420][ T5879] hid-generic 0003:0002:0004.0002: unknown main item tag 0x0 [ 225.235439][ T5879] hid-generic 0003:0002:0004.0002: unknown main item tag 0x0 [ 225.242924][ T5879] hid-generic 0003:0002:0004.0002: unknown main item tag 0x0 [ 225.265422][ T5879] hid-generic 0003:0002:0004.0002: unknown main item tag 0x0 [ 225.272898][ T5879] hid-generic 0003:0002:0004.0002: unknown main item tag 0x0 [ 225.299352][ T5879] hid-generic 0003:0002:0004.0002: hidraw0: USB HID v0.01 Device [syz0] on syz1 [ 225.467540][ T8313] fido_id[8313]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 227.451209][ T8345] netlink: 8 bytes leftover after parsing attributes in process `syz.1.904'. [ 227.673816][ T28] kauditd_printk_skb: 59 callbacks suppressed [ 227.673832][ T28] audit: type=1326 audit(1768281788.281:987): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8356 comm="syz.1.909" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca5778f749 code=0x7ffc0000 [ 227.712698][ T28] audit: type=1326 audit(1768281788.321:988): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8356 comm="syz.1.909" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7fca5778f749 code=0x7ffc0000 [ 227.742220][ T28] audit: type=1326 audit(1768281788.321:989): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8356 comm="syz.1.909" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca5778f749 code=0x7ffc0000 [ 227.777141][ T28] audit: type=1326 audit(1768281788.321:990): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8356 comm="syz.1.909" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca5778f749 code=0x7ffc0000 [ 227.801027][ T28] audit: type=1326 audit(1768281788.321:991): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8356 comm="syz.1.909" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7fca5778f749 code=0x7ffc0000 [ 227.823526][ T28] audit: type=1326 audit(1768281788.321:992): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8356 comm="syz.1.909" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca5778f749 code=0x7ffc0000 [ 227.846116][ T28] audit: type=1326 audit(1768281788.321:993): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8356 comm="syz.1.909" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca5778f749 code=0x7ffc0000 [ 227.869788][ T28] audit: type=1326 audit(1768281788.321:994): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8356 comm="syz.1.909" exe="/root/syz-executor" sig=0 arch=c000003e syscall=223 compat=0 ip=0x7fca5778f749 code=0x7ffc0000 [ 227.898851][ T28] audit: type=1326 audit(1768281788.321:995): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8356 comm="syz.1.909" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fca577865e7 code=0x7ffc0000 [ 227.943036][ T28] audit: type=1326 audit(1768281788.321:996): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8356 comm="syz.1.909" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fca5772b829 code=0x7ffc0000 [ 228.035497][ T8367] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 229.368840][ T8370] random: crng reseeded on system resumption [ 231.897667][ T8383] sd 0:0:1:0: device reset [ 233.152997][ T8397] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 234.203681][ T8403] loop4: detected capacity change from 0 to 1024 [ 234.221894][ T8403] EXT4-fs: Ignoring removed orlov option [ 234.399100][ T8403] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 234.550649][ T28] kauditd_printk_skb: 183 callbacks suppressed [ 234.550664][ T28] audit: type=1804 audit(1768281795.161:1180): pid=8403 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.4.926" name="/newroot/166/bus/bus" dev="loop4" ino=18 res=1 errno=0 [ 234.988327][ T6556] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 235.249445][ T8431] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 236.662137][ T8439] loop3: detected capacity change from 0 to 1024 [ 236.690871][ T8439] EXT4-fs error (device loop3): ext4_orphan_get:1424: comm syz.3.939: bad orphan inode 134217728 [ 236.743585][ T8439] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 236.814897][ T28] audit: type=1800 audit(1768281797.421:1181): pid=8439 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.939" name="bus" dev="loop3" ino=18 res=0 errno=0 [ 236.927592][ T28] audit: type=1804 audit(1768281797.451:1182): pid=8439 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.939" name="/newroot/248/bus/bus" dev="loop3" ino=18 res=1 errno=0 [ 236.981224][ T8443] netlink: 8 bytes leftover after parsing attributes in process `syz.3.939'. [ 237.610271][ T5771] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 237.641046][ T8452] smc: net device hsr0 applied user defined pnetid SYZ2 [ 237.662621][ T8452] smc: net device hsr0 erased user defined pnetid SYZ2 [ 237.975548][ T28] audit: type=1326 audit(1768281798.581:1183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8463 comm="syz.3.948" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f844cf8f749 code=0x7ffc0000 [ 238.045052][ T28] audit: type=1326 audit(1768281798.611:1184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8463 comm="syz.3.948" exe="/root/syz-executor" sig=0 arch=c000003e syscall=73 compat=0 ip=0x7f844cf8f749 code=0x7ffc0000 [ 238.112981][ T28] audit: type=1326 audit(1768281798.611:1185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8463 comm="syz.3.948" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f844cf8f749 code=0x7ffc0000 [ 239.567424][ T8476] syzkaller0: entered promiscuous mode [ 239.625631][ T8476] syzkaller0: entered allmulticast mode [ 239.713671][ T8487] loop4: detected capacity change from 0 to 512 [ 239.953186][ T8487] EXT4-fs error (device loop4): ext4_validate_block_bitmap:439: comm syz.4.954: bg 0: block 248: padding at end of block bitmap is not set [ 240.063598][ T8487] Quota error (device loop4): write_blk: dquota write failed [ 240.084540][ T8487] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota [ 240.142539][ T8487] EXT4-fs error (device loop4): ext4_acquire_dquot:6949: comm syz.4.954: Failed to acquire dquot type 1 [ 240.205443][ T8487] EXT4-fs (loop4): 1 truncate cleaned up [ 240.233325][ T8487] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 240.309230][ T8487] ext4 filesystem being mounted at /170/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 241.022153][ T8487] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 241.729502][ T28] audit: type=1326 audit(1768281802.341:1186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8514 comm="syz.1.958" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fca5778f749 code=0x0 [ 245.137735][ T8558] syzkaller0: entered promiscuous mode [ 245.144703][ T8558] syzkaller0: entered allmulticast mode [ 246.774514][ T8570] loop3: detected capacity change from 0 to 1024 [ 246.856014][ T8570] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 246.979856][ T8570] ================================================================== [ 246.987972][ T8570] BUG: KASAN: out-of-bounds in ext4_xattr_set_entry+0x94b/0x1e90 [ 246.995741][ T8570] Read of size 18446744073709551588 at addr ffff888057baf040 by task syz.3.979/8570 [ 247.005120][ T8570] [ 247.007481][ T8570] CPU: 1 PID: 8570 Comm: syz.3.979 Not tainted syzkaller #0 [ 247.014858][ T8570] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 247.024959][ T8570] Call Trace: [ 247.028252][ T8570] [ 247.031196][ T8570] dump_stack_lvl+0x16c/0x230 [ 247.035887][ T8570] ? read_lock_is_recursive+0x20/0x20 [ 247.041290][ T8570] ? show_regs_print_info+0x20/0x20 [ 247.046535][ T8570] ? load_image+0x3b0/0x3b0 [ 247.051073][ T8570] ? _raw_spin_lock_irqsave+0xb4/0xf0 [ 247.056485][ T8570] ? __virt_addr_valid+0x18c/0x540 [ 247.061639][ T8570] ? __virt_addr_valid+0x469/0x540 [ 247.066783][ T8570] print_report+0xac/0x220 [ 247.071238][ T8570] ? ext4_xattr_set_entry+0x94b/0x1e90 [ 247.076726][ T8570] kasan_report+0x117/0x150 [ 247.081293][ T8570] ? ext4_xattr_set_entry+0x94b/0x1e90 [ 247.086808][ T8570] ? ext4_xattr_set_entry+0x94b/0x1e90 [ 247.092330][ T8570] kasan_check_range+0x288/0x290 [ 247.097322][ T8570] ? ext4_xattr_set_entry+0x94b/0x1e90 [ 247.102846][ T8570] __asan_memmove+0x29/0x70 [ 247.107411][ T8570] ext4_xattr_set_entry+0x94b/0x1e90 [ 247.112752][ T8570] ext4_xattr_block_set+0xae3/0x32a0 [ 247.118185][ T8570] ? ext4_destroy_inode+0x200/0x200 [ 247.123411][ T8570] ? proc_nr_inodes+0x230/0x230 [ 247.128279][ T8570] ? do_raw_spin_unlock+0x121/0x230 [ 247.133494][ T8570] ? _raw_spin_unlock+0x28/0x40 [ 247.138378][ T8570] ? ext4_xattr_block_find+0x350/0x350 [ 247.143879][ T8570] ? ext4_xattr_ibody_set+0x50d/0x6a0 [ 247.149309][ T8570] ext4_xattr_set_handle+0x1346/0x1580 [ 247.154845][ T8570] ? ext4_xattr_inode_free_quota+0x1b0/0x1b0 [ 247.161117][ T8570] ? __ext4_journal_start_sb+0x259/0x570 [ 247.166873][ T8570] ext4_xattr_set+0x22d/0x320 [ 247.171620][ T8570] ? end_current_label_crit_section+0x170/0x170 [ 247.177889][ T8570] ? ext4_xattr_set_credits+0x2f0/0x2f0 [ 247.183464][ T8570] ? posix_xattr_acl+0x93/0xb0 [ 247.188272][ T8570] ? evm_protect_xattr+0x36d/0x7a0 [ 247.193463][ T8570] ? ext4_xattr_trusted_get+0x40/0x40 [ 247.198872][ T8570] __vfs_setxattr+0x431/0x470 [ 247.203672][ T8570] __vfs_setxattr_noperm+0x12d/0x5e0 [ 247.208991][ T8570] vfs_setxattr+0x16c/0x2f0 [ 247.213528][ T8570] ? xattr_permission+0x470/0x470 [ 247.218579][ T8570] ? __mnt_want_write+0x223/0x2a0 [ 247.223638][ T8570] ? path_setxattr+0x314/0x550 [ 247.228462][ T8570] path_setxattr+0x362/0x550 [ 247.233105][ T8570] ? simple_xattrs_free+0x150/0x150 [ 247.238783][ T8570] ? lockdep_hardirqs_on_prepare+0x400/0x760 [ 247.244793][ T8570] ? lock_chain_count+0x20/0x20 [ 247.249671][ T8570] __x64_sys_lsetxattr+0xb8/0xd0 [ 247.254641][ T8570] do_syscall_64+0x55/0xb0 [ 247.259090][ T8570] ? clear_bhb_loop+0x40/0x90 [ 247.263824][ T8570] ? clear_bhb_loop+0x40/0x90 [ 247.268527][ T8570] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 247.274440][ T8570] RIP: 0033:0x7f844cf8f749 [ 247.278878][ T8570] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 247.298512][ T8570] RSP: 002b:00007f844de66038 EFLAGS: 00000246 ORIG_RAX: 00000000000000bd [ 247.306949][ T8570] RAX: ffffffffffffffda RBX: 00007f844d1e5fa0 RCX: 00007f844cf8f749 [ 247.315036][ T8570] RDX: 0000200000000000 RSI: 0000200000000180 RDI: 00002000000001c0 [ 247.323030][ T8570] RBP: 00007f844d013f91 R08: 0000000000000000 R09: 0000000000000000 [ 247.331022][ T8570] R10: 0000000000000361 R11: 0000000000000246 R12: 0000000000000000 [ 247.339019][ T8570] R13: 00007f844d1e6038 R14: 00007f844d1e5fa0 R15: 00007fff425db618 [ 247.347020][ T8570] [ 247.350066][ T8570] [ 247.352415][ T8570] Allocated by task 8570: [ 247.356761][ T8570] kasan_set_track+0x4e/0x70 [ 247.361379][ T8570] __kasan_kmalloc+0x8f/0xa0 [ 247.365991][ T8570] __kmalloc_node_track_caller+0xb2/0x230 [ 247.371742][ T8570] kmemdup+0x2b/0x70 [ 247.375747][ T8570] ext4_xattr_block_set+0x9e5/0x32a0 [ 247.381054][ T8570] ext4_xattr_set_handle+0x1346/0x1580 [ 247.386537][ T8570] ext4_xattr_set+0x22d/0x320 [ 247.391240][ T8570] __vfs_setxattr+0x431/0x470 [ 247.395976][ T8570] __vfs_setxattr_noperm+0x12d/0x5e0 [ 247.401284][ T8570] vfs_setxattr+0x16c/0x2f0 [ 247.405813][ T8570] path_setxattr+0x362/0x550 [ 247.410425][ T8570] __x64_sys_lsetxattr+0xb8/0xd0 [ 247.415391][ T8570] do_syscall_64+0x55/0xb0 [ 247.419864][ T8570] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 247.425778][ T8570] [ 247.428152][ T8570] Last potentially related work creation: [ 247.433891][ T8570] kasan_save_stack+0x3e/0x60 [ 247.438593][ T8570] __kasan_record_aux_stack+0xaf/0xc0 [ 247.444030][ T8570] kvfree_call_rcu+0xee/0x780 [ 247.448738][ T8570] neigh_flush_dev+0x177/0xa80 [ 247.453533][ T8570] __neigh_ifdown+0x3d/0x460 [ 247.458152][ T8570] neigh_ifdown+0x1f/0x30 [ 247.462507][ T8570] rt6_disable_ip+0x730/0x7a0 [ 247.467213][ T8570] addrconf_ifdown+0x15e/0x1880 [ 247.472099][ T8570] addrconf_notify+0x6c6/0x1010 [ 247.477062][ T8570] notifier_call_chain+0x197/0x390 [ 247.482199][ T8570] __dev_notify_flags+0x18e/0x2e0 [ 247.487245][ T8570] dev_change_flags+0xe8/0x1a0 [ 247.492028][ T8570] do_setlink+0xc74/0x3fb0 [ 247.496467][ T8570] rtnl_newlink+0x10af/0x2020 [ 247.501174][ T8570] rtnetlink_rcv_msg+0x7c7/0xf10 [ 247.506145][ T8570] netlink_rcv_skb+0x216/0x480 [ 247.510931][ T8570] netlink_unicast+0x751/0x8d0 [ 247.515732][ T8570] netlink_sendmsg+0x8c1/0xbe0 [ 247.520516][ T8570] ____sys_sendmsg+0x5bf/0x950 [ 247.525306][ T8570] ___sys_sendmsg+0x220/0x290 [ 247.530008][ T8570] __se_sys_sendmsg+0x1a5/0x270 [ 247.534880][ T8570] do_syscall_64+0x55/0xb0 [ 247.539321][ T8570] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 247.545240][ T8570] [ 247.547585][ T8570] The buggy address belongs to the object at ffff888057baf000 [ 247.547585][ T8570] which belongs to the cache kmalloc-1k of size 1024 [ 247.561831][ T8570] The buggy address is located 64 bytes inside of [ 247.561831][ T8570] 1024-byte region [ffff888057baf000, ffff888057baf400) [ 247.575168][ T8570] [ 247.577519][ T8570] The buggy address belongs to the physical page: [ 247.583966][ T8570] page:ffffea00015eea00 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x57ba8 [ 247.594148][ T8570] head:ffffea00015eea00 order:3 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 247.603101][ T8570] flags: 0xfff00000000840(slab|head|node=0|zone=1|lastcpupid=0x7ff) [ 247.611189][ T8570] page_type: 0xffffffff() [ 247.615542][ T8570] raw: 00fff00000000840 ffff888017841dc0 dead000000000100 dead000000000122 [ 247.624234][ T8570] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 247.632840][ T8570] page dumped because: kasan: bad access detected [ 247.639274][ T8570] page_owner tracks the page as allocated [ 247.645027][ T8570] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x152820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 6556, tgid 6556 (syz-executor), ts 134631051839, free_ts 134608158110 [ 247.665890][ T8570] post_alloc_hook+0x1cd/0x210 [ 247.670730][ T8570] get_page_from_freelist+0x195c/0x19f0 [ 247.676335][ T8570] __alloc_pages+0x1e3/0x460 [ 247.680968][ T8570] alloc_slab_page+0x5d/0x170 [ 247.685946][ T8570] new_slab+0x87/0x2e0 [ 247.690060][ T8570] ___slab_alloc+0xc6d/0x1300 [ 247.694764][ T8570] __kmem_cache_alloc_node+0x1a2/0x260 [ 247.700263][ T8570] kmalloc_trace+0x2a/0xe0 [ 247.704708][ T8570] batadv_hard_if_event+0xde9/0x15b0 [ 247.710025][ T8570] notifier_call_chain+0x197/0x390 [ 247.715246][ T8570] register_netdevice+0x160c/0x1ae0 [ 247.720490][ T8570] veth_newlink+0x7bb/0xc30 [ 247.725017][ T8570] rtnl_newlink+0x14d0/0x2020 [ 247.729713][ T8570] rtnetlink_rcv_msg+0x7c7/0xf10 [ 247.734675][ T8570] netlink_rcv_skb+0x216/0x480 [ 247.739453][ T8570] netlink_unicast+0x751/0x8d0 [ 247.744415][ T8570] page last free stack trace: [ 247.749106][ T8570] free_unref_page_prepare+0x7ce/0x8e0 [ 247.754591][ T8570] free_unref_page+0x32/0x2e0 [ 247.759298][ T8570] __unfreeze_partials+0x1cf/0x210 [ 247.764529][ T8570] put_cpu_partial+0x17c/0x250 [ 247.769323][ T8570] __slab_free+0x31d/0x410 [ 247.773764][ T8570] qlist_free_all+0x75/0xe0 [ 247.778314][ T8570] kasan_quarantine_reduce+0x143/0x160 [ 247.783815][ T8570] __kasan_slab_alloc+0x22/0x80 [ 247.788694][ T8570] slab_post_alloc_hook+0x6e/0x4d0 [ 247.793832][ T8570] kmem_cache_alloc+0x11e/0x2e0 [ 247.798719][ T8570] getname_flags+0xbb/0x500 [ 247.803246][ T8570] __x64_sys_unlink+0x3c/0x50 [ 247.807958][ T8570] do_syscall_64+0x55/0xb0 [ 247.812396][ T8570] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 247.818318][ T8570] [ 247.820665][ T8570] Memory state around the buggy address: [ 247.826311][ T8570] ffff888057baef00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 247.834388][ T8570] ffff888057baef80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 247.842464][ T8570] >ffff888057baf000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 247.850543][ T8570] ^ [ 247.856764][ T8570] ffff888057baf080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 247.864843][ T8570] ffff888057baf100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 247.872945][ T8570] ================================================================== [ 247.914343][ T8570] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 247.921619][ T8570] CPU: 0 PID: 8570 Comm: syz.3.979 Not tainted syzkaller #0 [ 247.929057][ T8570] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 247.939219][ T8570] Call Trace: [ 247.942612][ T8570] [ 247.945652][ T8570] dump_stack_lvl+0x16c/0x230 [ 247.950393][ T8570] ? show_regs_print_info+0x20/0x20 [ 247.955797][ T8570] ? load_image+0x3b0/0x3b0 [ 247.960343][ T8570] panic+0x2c0/0x710 [ 247.964263][ T8570] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 247.970472][ T8570] ? bpf_jit_dump+0xd0/0xd0 [ 247.975121][ T8570] ? _raw_spin_unlock_irqrestore+0xfa/0x110 [ 247.981047][ T8570] ? _raw_spin_unlock+0x40/0x40 [ 247.985954][ T8570] ? ext4_xattr_set_entry+0x94b/0x1e90 [ 247.991525][ T8570] check_panic_on_warn+0x84/0xa0 [ 247.996577][ T8570] ? ext4_xattr_set_entry+0x94b/0x1e90 [ 248.002064][ T8570] end_report+0x6f/0x140 [ 248.006336][ T8570] kasan_report+0x128/0x150 [ 248.010871][ T8570] ? ext4_xattr_set_entry+0x94b/0x1e90 [ 248.016453][ T8570] ? ext4_xattr_set_entry+0x94b/0x1e90 [ 248.021939][ T8570] kasan_check_range+0x288/0x290 [ 248.026897][ T8570] ? ext4_xattr_set_entry+0x94b/0x1e90 [ 248.032382][ T8570] __asan_memmove+0x29/0x70 [ 248.036912][ T8570] ext4_xattr_set_entry+0x94b/0x1e90 [ 248.042255][ T8570] ext4_xattr_block_set+0xae3/0x32a0 [ 248.047590][ T8570] ? ext4_destroy_inode+0x200/0x200 [ 248.052815][ T8570] ? proc_nr_inodes+0x230/0x230 [ 248.057691][ T8570] ? do_raw_spin_unlock+0x121/0x230 [ 248.063005][ T8570] ? _raw_spin_unlock+0x28/0x40 [ 248.067885][ T8570] ? ext4_xattr_block_find+0x350/0x350 [ 248.073384][ T8570] ? ext4_xattr_ibody_set+0x50d/0x6a0 [ 248.078831][ T8570] ext4_xattr_set_handle+0x1346/0x1580 [ 248.084359][ T8570] ? ext4_xattr_inode_free_quota+0x1b0/0x1b0 [ 248.090381][ T8570] ? __ext4_journal_start_sb+0x259/0x570 [ 248.096057][ T8570] ext4_xattr_set+0x22d/0x320 [ 248.100770][ T8570] ? end_current_label_crit_section+0x170/0x170 [ 248.107044][ T8570] ? ext4_xattr_set_credits+0x2f0/0x2f0 [ 248.112627][ T8570] ? posix_xattr_acl+0x93/0xb0 [ 248.117450][ T8570] ? evm_protect_xattr+0x36d/0x7a0 [ 248.122593][ T8570] ? ext4_xattr_trusted_get+0x40/0x40 [ 248.127999][ T8570] __vfs_setxattr+0x431/0x470 [ 248.132711][ T8570] __vfs_setxattr_noperm+0x12d/0x5e0 [ 248.138026][ T8570] vfs_setxattr+0x16c/0x2f0 [ 248.142552][ T8570] ? xattr_permission+0x470/0x470 [ 248.147594][ T8570] ? __mnt_want_write+0x223/0x2a0 [ 248.152652][ T8570] ? path_setxattr+0x314/0x550 [ 248.157434][ T8570] path_setxattr+0x362/0x550 [ 248.162084][ T8570] ? simple_xattrs_free+0x150/0x150 [ 248.167329][ T8570] ? lockdep_hardirqs_on_prepare+0x400/0x760 [ 248.173505][ T8570] ? lock_chain_count+0x20/0x20 [ 248.178382][ T8570] __x64_sys_lsetxattr+0xb8/0xd0 [ 248.183378][ T8570] do_syscall_64+0x55/0xb0 [ 248.187825][ T8570] ? clear_bhb_loop+0x40/0x90 [ 248.192522][ T8570] ? clear_bhb_loop+0x40/0x90 [ 248.197338][ T8570] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 248.203267][ T8570] RIP: 0033:0x7f844cf8f749 [ 248.207700][ T8570] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 248.227434][ T8570] RSP: 002b:00007f844de66038 EFLAGS: 00000246 ORIG_RAX: 00000000000000bd [ 248.235970][ T8570] RAX: ffffffffffffffda RBX: 00007f844d1e5fa0 RCX: 00007f844cf8f749 [ 248.244068][ T8570] RDX: 0000200000000000 RSI: 0000200000000180 RDI: 00002000000001c0 [ 248.252262][ T8570] RBP: 00007f844d013f91 R08: 0000000000000000 R09: 0000000000000000 [ 248.260269][ T8570] R10: 0000000000000361 R11: 0000000000000246 R12: 0000000000000000 [ 248.268259][ T8570] R13: 00007f844d1e6038 R14: 00007f844d1e5fa0 R15: 00007fff425db618 [ 248.276262][ T8570] [ 248.279860][ T8570] Kernel Offset: disabled [ 248.284196][ T8570] Rebooting in 86400 seconds..