last executing test programs: 35.099460563s ago: executing program 3 (id=539): r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6, 0xe7fd}, 0x100002, 0x3, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000012c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x51, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10) syz_read_part_table(0x5d6, &(0x7f0000000880)="$eJzs0r1rW1cYB+D33lZROgSJEEihSyEmk5oULSlUohSjCi9OCGnJ0H8gGQoJdPBgpCqZU3vqZuOPgvFiOrSToYuxDMYFeTLy6rF0MF00lFtkXbe07sdg7NbmeQade373vHrP5ZzgQkvjpyzLkojIisfZF/mbiGfv/nP1x6uNjybefvDhw0cRSTyNiMl3nn43fJPkK47/9Zt8fj+fTxSrvYXt8cPV8s6t3e7YUhpRGOZXIqI9rG8vl072S+L9038yl8hafbP04uXz5qup+pO95vRBIc9n7y3WWj/erD1OR3dqPf2t5PenyP7ijp2u/9U8n7t2p9DtDapb+bySnLYT/0drv2RDb2bD8/9g+mD+RqffGUzeXincrVzvb7Rmjs79+78rL5zrZgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgEttrb5ZevHyeRoR2WujqPHWl43PZu8t1lqf3Kw9Tkfhenqm/ZuvpupP9prTB2O9977+Ibsac9fuFLpXBtWtfF0l+UNZ62x2w3n78/nP3+j0O4PJ2yuf361c72+0ZpKvng3Xvf5fbxQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuDAaP+9HxMNHEUl8GhHjaXl5mGfFiPL+yfX3i6NxoljtLWyPH66Wd27tdseWHuT5ehrRjjeOnr89+p06Li2NhsJoaEdEerbfxr/7NQAA//+laYDO") 34.999271071s ago: executing program 3 (id=545): ioctl$F2FS_IOC_GET_COMPRESS_OPTION(0xffffffffffffffff, 0x8002f515, &(0x7f0000000200)) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x38, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000380)='sched_switch\x00', r1, 0x0, 0xfffffffffffffffe}, 0x18) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r2) sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r2, &(0x7f0000000480)={0x0, 0x4000, &(0x7f0000000580)={&(0x7f0000000540)={0x1c, r3, 0x9c3fa077fa966179, 0x0, 0x0, {{0x7e}, {@val={0x33}, @void}}}, 0x1c}}, 0x4000054) 34.853685113s ago: executing program 3 (id=548): r0 = socket$inet(0xa, 0x801, 0x84) connect$inet(r0, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10) listen(r0, 0x8) r1 = accept4(r0, 0x0, 0x0, 0x80000) sendto$inet6(r1, &(0x7f0000000200)='x', 0x1, 0x0, 0x0, 0x0) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000140)={0x0, 0x1}, 0x8) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r1, 0x84, 0x7c, &(0x7f0000001400)={0x0, 0x0, 0x77}, 0x8) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r1, 0x84, 0x7c, &(0x7f0000000180)={0x0, 0x6, 0x77}, 0x8) 34.853413003s ago: executing program 3 (id=549): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="180100000100a7d9000000000020b200850000007b00000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001340)={&(0x7f0000000340)='kfree\x00', r0, 0x0, 0x6}, 0x18) syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000740)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xc000, &(0x7f00000006c0), 0x2, 0x246, &(0x7f0000000e40)="$eJzs3T9oM2UcB/DvXRJf+75BXnURxD8gIloor5vg8rooFKQUEUGFioiL0gq1xa1xcnHQWaWTSxE3q6N0KS6K4FS1Q10ELQ4WBx0iybVS24ja1Jz0Ph+43l3vee73HLnvkyyXBGisq0muJ2klmU7SSVIcb3B3tVw93F2f2l5I+v0nfiqG7ar9ylG/K0l6SR5KslUWeamdrG4+s/fLzmP3vbnSuff9zaenJnqRh/b3dh8/eG/ujY9mH1z94qsf5opcT/dP13X+ihH/axfJLf9Fsf+Jol33CPgn5l/78OtB7m9Ncs8w/52UqV68t5Zv2OrkgXf/qu/bP355+yTHCpy/fr8zeA/s9YHGKZN0U5QzSartspyZqT7Df9O6XL68tPzq9ItLK4sv1D1TAeelm+w++smlj6+cyP/3rSr/wMU1yP+T8xvfDrYPWnWPBpiIO6rVIP/Tz63dH/mHxpF/aC75h+aSf2gu+Yfmkn9oLvmHC6xztNEbeVj+obnkH5pL/qG5jucfAGiW/qW6n0AG6lL3/AMAAAAAAAAAAAAAAAAAAJy2PrW9cLRMquZn7yT7jyRpj6rfGv4ecXLj8O/ln4tBsz8UVbexPHvXmCcY0wc1P31903f11v/8znrrry0mvdeTXGu3T99/xeH9d3Y3/83xzvNjFviXihP7Dz812fon/bZRb/3ZneTTwfxzbdT8U+a24Xr0/NM9/hXLZ/TKr2OeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIn5PQAA//8PK23M") open(&(0x7f0000000180)='./bus\x00', 0x14937e, 0x111) mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x8005, 0x0, 0x0, 0x15, 0x1c, "ef359f41e236ffc6234b02e86dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x204]}) openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file2\x00', 0x42, 0x0) 34.310245947s ago: executing program 3 (id=555): r0 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x89a0, &(0x7f0000000040)={'syzkaller0\x00'}) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'syzkaller0\x00', 0x0}) sendmsg$NFNL_MSG_COMPAT_GET(r0, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x58, 0x0, 0xb, 0x401, 0x0, 0x0, {0x0, 0x0, 0x3}, [@NFTA_COMPAT_NAME={0x9, 0x1, '\xaa\xaa\xaa\xaa\xaa'}, @NFTA_COMPAT_NAME={0x6, 0x1, '[\x00'}, @NFTA_COMPAT_NAME={0xa, 0x1, 'kfree\x00'}, @NFTA_COMPAT_TYPE={0x8}, @NFTA_COMPAT_NAME={0x8, 0x1, 'wg0\x00'}, @NFTA_COMPAT_NAME={0xc, 0x1, 'ethtool\x00'}, @NFTA_COMPAT_TYPE={0x8, 0x3, 0x1, 0x0, 0x1}]}, 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x8000) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x80, 0x4, 0x28}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r2}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r3 = socket$packet(0x11, 0x3, 0x300) bind$packet(r3, &(0x7f00000001c0)={0x11, 0xc, r1, 0x1, 0x1, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x2c}}, 0x14) 34.132734882s ago: executing program 3 (id=558): r0 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c) recvmmsg(r0, &(0x7f0000000940)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x0, 0x0) r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb702000008000000182300", @ANYRES32=r1, @ANYBLOB="0000000000000000b704000001000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r2}, 0x18) sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c) 34.066767067s ago: executing program 32 (id=558): r0 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c) recvmmsg(r0, &(0x7f0000000940)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x0, 0x0) r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb702000008000000182300", @ANYRES32=r1, @ANYBLOB="0000000000000000b704000001000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r2}, 0x18) sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c) 26.091582006s ago: executing program 1 (id=761): r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009c0000000b"], 0x50) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000280)='kmem_cache_free\x00', r2, 0x0, 0x200000000000006}, 0x18) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) bind$bt_hci(r0, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6) write$binfmt_misc(r0, &(0x7f0000001280), 0x6) 25.972545596s ago: executing program 1 (id=765): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) shutdown(r1, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x1c, &(0x7f00000000c0)=[@in6={0xa, 0x4e20, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}]}, &(0x7f0000000180)=0x10) r2 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000040)=0x8) getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x85, &(0x7f00000000c0)={r3, @in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x0, 0x0, 0x833, 0x0, 0x4}, &(0x7f00000001c0)=0x9c) 25.932389189s ago: executing program 1 (id=766): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x82000, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x3, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000910095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls=0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94) r3 = bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000000)={r2, r2, 0x2f, 0x0, @void}, 0x10) bpf$LINK_DETACH(0x22, &(0x7f0000000140)=r3, 0x4) 25.911437191s ago: executing program 1 (id=768): syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x8, &(0x7f0000000080)={[{@sb={'sb', 0x3d, 0x1}}, {@quota}]}, 0x2, 0x53a, &(0x7f0000000c80)="$eJzs3c9vI1cdAPDvOPHmR7NNCj0AArqUwoJW6yTeNqp6YXsBoaoSouLEYRsSN4pir6PYK5qwh+yReyVW4gT8B9w4IPXEgRs3kDj0Ug5IC6xADRIHoxlPEjexE7dJ7ST+fKTJzHszO9/34n3veV5kvwBG1o2I2I2IaxHxdkTM5vlJvsXd9pZe99HThyt7Tx+uJNFqvfXPJDuf5kXHv0k9k99zMiJ++L2InyTH4za2dzaWq9XKVp6eb9Y25xvbO7fXC3lOeWlxaeHVO6+Uz62uL9R+++S762/86Pe/+8qHf9r99s/SYs38/Hp2rrMeh4pnjpnk95npyBuPiDfOfOeLYzz//8Plk7a2z0XEi1n7n42x7NUEAK6yVms2WrOdaQDgqkuf/2ciKZTyuYCZKBRKpfYc3vMxXajWG81bs/UH91cjm8Oai2LhnfVqZSGfK5yLYpKmF7Pjw3T5Y+n3Knci4rmIeG9iKjtfWqlXV4f5xgcARtgzR8b//0y0x/9OZ/8rGABw4UwOuwAAwMB1jP9zwywHADA4nv8BYPR8gvHfpwMB4Irw/A8Ao8f4DwCj59Tx/9FgygEADMQP3nwz3Vp77e+/3v+m7turlcZGqfZgpbRS39osrdXra9VKaaXVOu1+1Xp9c/Hlg2Rje+derf7gfvPeem15rXKv4rsEAGD4nnvh/b+kg/7ua1PZFh1rORir4WorDLsAwNCMDbsAwND4PA+Mrj6e8U0DwBXXZYnetnyCIOl1wWOLv8JldfOL5v9hVJ1l/t/cAVxun27+/zvnXg5g8IzhMLparcSa/wAwYszxAz3//p/r+RUhj/u4+d1PXh4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4DGayLSmUsrXAd9OfhVIp4npEzEUxeWe9WlmIiGcj4s8TxYk0vTjsQgMAZ1T4e5Kv/3Vz9qWZo2evJf+dyPYR8dNfvvWLd5ebza3FNP9fB/nNx2n+VHOrfG0YFQAAOu2vu/nBYVY2fpfzfceD/EdPH67sb4Ms4pPXI2JyKou/l2/tM+Mxnu0noxgR0/9O8nRb+n5l7Bzi7z6KiC/s138y3u2IMJPNgbRXPj0aP419/dzjd/7+j8YvfKy+hexcui9mv4vPx5HCAad6//V2P5m3vbSJ5+2vEDeyfff2P5n1UGeX9n9pc9071v8VDvq/sWPxk6zN3zhIn1ySJy//4fvHMluz7XOPIr403i1+chA/6d7/Fl/qs44ffPmrL/Y61/pVxM2u9d9fkbqWdbPzzdrmfGN75/Z6bXmtsla5Xy4vLS4tvHrnlfJ8Nkfd/vnHbjH+8dqtZ3vFT+s/3SP+5Mn1j2/0Wf9f/+/tH3/thPjf+nr31//5E+KnY+I3+4y/PH235/LdafzVHvU/5fWPW33G//BvO6t9XgoADEBje2djuVqtbJ1ykL7XPO0aB/0fpM/2F6AY2UHsRpzXDbNJiYjoek36jvpiVPmzOkiGFv03533DYfdMwGftsNH3vuavgywQAAAAAAAAAAAAAABwTGN7Z2Oi+6e1zu1g2HUEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg6vp/AAAA//9W1cZQ") bpf$MAP_CREATE(0x0, &(0x7f0000000b40)=ANY=[], 0x48) r0 = open(&(0x7f0000000180)='./bus\x00', 0x14937e, 0x111) mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x4800000, 0x8005, 0x0, 0x0, 0x9, 0x0, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d10a00966d61fdcf335263bd9bffbcc2542ded71038259ca0400e1a311efec32d71e14ef3dc177b5b48b00", "f2fdffffffffffffff810000000000d300e6d602000000000000000000000001", [0xca4e]}) write$binfmt_misc(r0, &(0x7f00000003c0)='(', 0x1) 25.659964961s ago: executing program 1 (id=773): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500001000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r1}, 0x10) r2 = io_uring_setup(0x2754, &(0x7f0000000080)={0x0, 0xfffffffc, 0x100, 0xfffffffe, 0x800001b4}) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000110000000000000000850000007b00000095"], 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a) 24.914763742s ago: executing program 1 (id=779): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000380), 0x1, r0}, 0x38) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='kfree\x00', r1, 0x0, 0x2}, 0x18) r2 = fsopen(&(0x7f0000000040)='cgroup2\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0) fsmount(r2, 0x0, 0x0) 24.907127763s ago: executing program 33 (id=779): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000380), 0x1, r0}, 0x38) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='kfree\x00', r1, 0x0, 0x2}, 0x18) r2 = fsopen(&(0x7f0000000040)='cgroup2\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0) fsmount(r2, 0x0, 0x0) 17.784764253s ago: executing program 0 (id=946): r0 = socket$inet_smc(0x2b, 0x1, 0x0) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='cdg\x00', 0x4) setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4) connect$inet(r0, &(0x7f0000000280)={0x2, 0x0, @dev}, 0x10) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000020000000c0000000014"], 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001700000000000000ff000000850000006d00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008002010b704000000000000850000000100000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r2}, 0x10) close(r0) 17.744492546s ago: executing program 0 (id=936): bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000140)=ANY=[], 0x50) write$binfmt_aout(r0, &(0x7f0000000340)=ANY=[], 0xff2e) r1 = gettid() timer_create(0x1, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) ioctl$TCXONC(r0, 0x540a, 0x3) 16.856266028s ago: executing program 0 (id=978): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r2, &(0x7f0000000300)="8b", 0x34000, 0x0, &(0x7f0000000000)={0xa, 0x0, 0x0, @private1}, 0x1c) shutdown(r2, 0x1) 15.992055189s ago: executing program 0 (id=991): mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0) openat$sysfs(0xffffffffffffff9c, &(0x7f0000000640)='/sys/power/pm_test', 0x42, 0x0) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) r0 = getpid() r1 = syz_pidfd_open(r0, 0x0) mount$bind(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x81105a, 0x0) setns(r1, 0x24020000) mount_setattr(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x8000, &(0x7f0000000200)={0x7, 0x0, 0x80000}, 0x20) 15.97258385s ago: executing program 0 (id=993): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x5, 0x0, 0x0, 0x0, 0x25}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000200)='fdb_delete\x00', r2}, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000200)='fdb_delete\x00', r1}, 0x18) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r3, 0x8924, &(0x7f0000000000)={'bridge_slave_0\x00', @random="010000201000"}) 15.73427275s ago: executing program 0 (id=1001): r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x1) r1 = socket(0x2c, 0x3, 0x0) close(r0) r2 = socket(0x10, 0x3, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb0100180000000000000024"], &(0x7f0000000080)=""/242, 0x40, 0xf2, 0x1}, 0x28) sendmsg$TCPDIAG_GETSOCK(r2, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f00000000c0)=ANY=[@ANYBLOB="200000001200"], 0x54}, 0x1, 0x0, 0x0, 0x4000}, 0x40000) recvmmsg(r2, &(0x7f0000000380)=[{{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000140)=""/232, 0xe8}, {&(0x7f0000000240)=""/196, 0xc4}, {&(0x7f00000013c0)=""/4096, 0x1000}, {&(0x7f0000000ec0)=""/133, 0x85}, {&(0x7f0000000400)=""/186, 0xba}, {&(0x7f0000000580)=""/170, 0xaa}, {&(0x7f00000004c0)=""/40, 0x28}], 0x7}, 0x9}, {{0x0, 0x0, 0x0}, 0x6}], 0x400000000000216, 0x40012000, 0x0) mount$9p_fd(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000080), 0x84, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 15.73398709s ago: executing program 34 (id=1001): r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x1) r1 = socket(0x2c, 0x3, 0x0) close(r0) r2 = socket(0x10, 0x3, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb0100180000000000000024"], &(0x7f0000000080)=""/242, 0x40, 0xf2, 0x1}, 0x28) sendmsg$TCPDIAG_GETSOCK(r2, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f00000000c0)=ANY=[@ANYBLOB="200000001200"], 0x54}, 0x1, 0x0, 0x0, 0x4000}, 0x40000) recvmmsg(r2, &(0x7f0000000380)=[{{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000140)=""/232, 0xe8}, {&(0x7f0000000240)=""/196, 0xc4}, {&(0x7f00000013c0)=""/4096, 0x1000}, {&(0x7f0000000ec0)=""/133, 0x85}, {&(0x7f0000000400)=""/186, 0xba}, {&(0x7f0000000580)=""/170, 0xaa}, {&(0x7f00000004c0)=""/40, 0x28}], 0x7}, 0x9}, {{0x0, 0x0, 0x0}, 0x6}], 0x400000000000216, 0x40012000, 0x0) mount$9p_fd(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000080), 0x84, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 10.705868239s ago: executing program 5 (id=1129): syz_open_procfs(0x0, &(0x7f0000000240)='mountinfo\x00') r0 = getpid() r1 = syz_pidfd_open(r0, 0x0) io_setup(0x8, &(0x7f0000004200)=0x0) r3 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') io_submit(r2, 0x1, &(0x7f0000000380)=[&(0x7f0000004280)={0x0, 0x0, 0x0, 0x5, 0x0, r3, 0x0}]) setns(r1, 0x8020000) mount_setattr(0xffffffffffffff9c, &(0x7f0000000180)='.\x00', 0x0, &(0x7f00000005c0)={0x8, 0x70, 0x80000}, 0x20) 10.626115815s ago: executing program 5 (id=1134): r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6, 0xe7fd}, 0x100002, 0x3, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000012c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x51, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10) syz_read_part_table(0x5d6, &(0x7f0000000880)="$eJzs0r1rW1cYB+D33lZROgSJEEihSyEmk5oULSlUohSjCi9OCGnJ0H8gGQoJdPBgpCqZU3vqZuOPgvFiOrSToYuxDMYFeTLy6rF0MF00lFtkXbe07sdg7NbmeQade373vHrP5ZzgQkvjpyzLkojIisfZF/mbiGfv/nP1x6uNjybefvDhw0cRSTyNiMl3nn43fJPkK47/9Zt8fj+fTxSrvYXt8cPV8s6t3e7YUhpRGOZXIqI9rG8vl072S+L9038yl8hafbP04uXz5qup+pO95vRBIc9n7y3WWj/erD1OR3dqPf2t5PenyP7ijp2u/9U8n7t2p9DtDapb+bySnLYT/0drv2RDb2bD8/9g+mD+RqffGUzeXincrVzvb7Rmjs79+78rL5zrZgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgEttrb5ZevHyeRoR2WujqPHWl43PZu8t1lqf3Kw9Tkfhenqm/ZuvpupP9prTB2O9977+Ibsac9fuFLpXBtWtfF0l+UNZ62x2w3n78/nP3+j0O4PJ2yuf361c72+0ZpKvng3Xvf5fbxQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuDAaP+9HxMNHEUl8GhHjaXl5mGfFiPL+yfX3i6NxoljtLWyPH66Wd27tdseWHuT5ehrRjjeOnr89+p06Li2NhsJoaEdEerbfxr/7NQAA//+laYDO") 10.028549184s ago: executing program 5 (id=1145): r0 = socket$inet6(0xa, 0x1, 0x0) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f00000004c0)={'ip6tnl0\x00', &(0x7f0000000740)={'syztnl1\x00', 0x0, 0x29, 0x0, 0x2, 0x0, 0x9, @local, @rand_addr=' \x01\x00', 0x7, 0x7, 0x202, 0x8}}) r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r1}, 0x4) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0x18, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000180)='GPL\x00', 0x1, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r2, 0x0, 0x4}, 0x18) ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000600)={'syztnl1\x00', 0x0}) 9.902174284s ago: executing program 5 (id=1149): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="180100000100a7d9000000000020b200850000007b00000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001340)={&(0x7f0000000340)='kfree\x00', r0, 0x0, 0x6}, 0x18) syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000740)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xc000, &(0x7f00000006c0), 0x2, 0x246, &(0x7f0000000e40)="$eJzs3T9oM2UcB/DvXRJf+75BXnURxD8gIloor5vg8rooFKQUEUGFioiL0gq1xa1xcnHQWaWTSxE3q6N0KS6K4FS1Q10ELQ4WBx0iybVS24ja1Jz0Ph+43l3vee73HLnvkyyXBGisq0muJ2klmU7SSVIcb3B3tVw93F2f2l5I+v0nfiqG7ar9ylG/K0l6SR5KslUWeamdrG4+s/fLzmP3vbnSuff9zaenJnqRh/b3dh8/eG/ujY9mH1z94qsf5opcT/dP13X+ihH/axfJLf9Fsf+Jol33CPgn5l/78OtB7m9Ncs8w/52UqV68t5Zv2OrkgXf/qu/bP355+yTHCpy/fr8zeA/s9YHGKZN0U5QzSartspyZqT7Df9O6XL68tPzq9ItLK4sv1D1TAeelm+w++smlj6+cyP/3rSr/wMU1yP+T8xvfDrYPWnWPBpiIO6rVIP/Tz63dH/mHxpF/aC75h+aSf2gu+Yfmkn9oLvmHC6xztNEbeVj+obnkH5pL/qG5jucfAGiW/qW6n0AG6lL3/AMAAAAAAAAAAAAAAAAAAJy2PrW9cLRMquZn7yT7jyRpj6rfGv4ecXLj8O/ln4tBsz8UVbexPHvXmCcY0wc1P31903f11v/8znrrry0mvdeTXGu3T99/xeH9d3Y3/83xzvNjFviXihP7Dz812fon/bZRb/3ZneTTwfxzbdT8U+a24Xr0/NM9/hXLZ/TKr2OeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIn5PQAA//8PK23M") open(&(0x7f0000000180)='./bus\x00', 0x14937e, 0x111) mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x8005, 0x0, 0x0, 0x15, 0x1c, "ef359f41e236ffc6234b02e86dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x204]}) openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file2\x00', 0x42, 0x0) 9.486351218s ago: executing program 5 (id=1157): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000002c0)={'rose0\x00', 0x112}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000180)={'rose0\x00', 0x112}) ioctl$TUNSETQUEUE(r1, 0x400454d9, &(0x7f0000000100)={'vlan0\x00', 0x400}) r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x8, 0x0, 0x7fff0003}]}) close_range(r2, 0xffffffffffffffff, 0x0) 9.350798179s ago: executing program 5 (id=1160): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x20, 0x4, 0x2, 0x0, 0x201, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0xfffffffc}, 0x50) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) 9.350465059s ago: executing program 35 (id=1160): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x20, 0x4, 0x2, 0x0, 0x201, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0xfffffffc}, 0x50) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) 1.580664782s ago: executing program 2 (id=1381): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r0 = socket$netlink(0x10, 0x3, 0x10) bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) r1 = socket$netlink(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_RATE_NEW(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)={0x34, r2, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0) socket(0x2b, 0x6, 0xfffffff2) 1.206287302s ago: executing program 2 (id=1395): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=@base={0x7, 0x4, 0x100, 0x1, 0x28}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x20, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) sendmmsg$inet(0xffffffffffffffff, 0x0, 0x0, 0x0) memfd_secret(0x0) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00') lseek(r2, 0x10001, 0x0) 880.493839ms ago: executing program 2 (id=1399): r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) sendmsg$IPVS_CMD_SET_INFO(r1, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0) getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r2, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010006"], 0x3c}}, 0x0) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newlink={0x3c, 0x10, 0xffffff1f, 0x0, 0x1, {}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @veth={{0x9}, {0x4, 0x2, 0x0, 0x1, @void}}}, @IFLA_MASTER={0x8, 0xa, r2}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40000}, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000240)=@newlink={0x48, 0x10, 0xff05, 0x0, 0x0, {0x0, 0x0, 0x4a00}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @batadv={{0xb}, {0x4}}}, @IFLA_MASTER={0x8, 0xa, r2}, @IFLA_ADDRESS={0xa, 0x1, @multicast}]}, 0x48}}, 0x0) 805.320395ms ago: executing program 8 (id=1407): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70300001d000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18) r2 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_int(r2, 0x107, 0x14, &(0x7f0000000000)=0x930d, 0x4) r3 = socket$can_raw(0x1d, 0x3, 0x1) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'erspan0\x00', 0x0}) sendto$packet(r2, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x11, 0x0, r4, 0x1, 0x0, 0x6, @multicast}, 0x14) 728.717431ms ago: executing program 6 (id=1408): r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000480), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f00000003c0)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000380)={0xffffffffffffffff}, 0x13f, 0x9}}, 0x20) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x10) write$RDMA_USER_CM_CMD_RESOLVE_IP(r0, &(0x7f0000000200)={0x3, 0x40, 0xfa00, {{0xa, 0xfffe, 0x0, @empty, 0x4}, {0xa, 0x0, 0x0, @loopback, 0xfffffffc}, r1, 0x400}}, 0x48) write$RDMA_USER_CM_CMD_JOIN_MCAST(r0, &(0x7f0000000d40)={0x16, 0x98, 0xfa00, {0x0, 0x2, r1, 0x30, 0x1, @ib={0x1b, 0x8000, 0xfff, {"3f8c0d6cf777eaa6ace6d3ec00ed4771"}, 0x500e, 0x0, 0x5}}}, 0xa0) 686.448874ms ago: executing program 8 (id=1409): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0xffffffffffffffc1) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000181100"/20, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000100)='mm_lru_insertion\x00', r0}, 0x10) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0) write$cgroup_type(r1, &(0x7f0000000180), 0x40010) 686.207514ms ago: executing program 6 (id=1410): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="180100000100a7d9000000000020b200850000007b00000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0, 0x0, 0x2}, 0x18) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r2, &(0x7f0000000180)={0x0, 0x18, &(0x7f0000000000)={&(0x7f0000000440)=@newqdisc={0x54, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0xffe0}, {0xf}, {0xe, 0xd}}, [@TCA_RATE={0x6, 0x5, {0x9, 0x1}}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1a, {0x0, 0x0, 0x491, 0x0, 0x0, 0x0, 0x8, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x80}, 0x0) 682.397125ms ago: executing program 2 (id=1411): r0 = socket$inet(0xa, 0x801, 0x84) connect$inet(r0, &(0x7f0000000280)={0x2, 0x3, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10) listen(r0, 0x8) r1 = accept4(r0, 0x0, 0x0, 0x80800) setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r1, 0x84, 0x22, &(0x7f0000000200)={0x9, 0x200, 0x1, 0x6}, 0x10) sendto$inet(r1, &(0x7f00000002c0)="cc", 0x1, 0x0, 0x0, 0x0) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f00000004c0)={0x0, 0x4}, 0x8) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000240)={0x0, 0x2}, 0x8) 678.035295ms ago: executing program 7 (id=1412): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001440)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0) r2 = io_uring_setup(0x1694, &(0x7f0000000080)) io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a) io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r2, 0x10, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000002700)=""/4096, 0x1a00}], 0x0, 0x11a}, 0x20) 606.813381ms ago: executing program 8 (id=1413): sendmsg$IPVS_CMD_SET_INFO(0xffffffffffffffff, &(0x7f0000000b00)={0x0, 0x0, 0x0}, 0x0) r0 = socket$qrtr(0x2a, 0x2, 0x0) connect$qrtr(r0, &(0x7f0000000040)={0x2a, 0x1}, 0xc) r1 = socket$qrtr(0x2a, 0x2, 0x0) recvmmsg(r0, &(0x7f0000000ac0)=[{{0x0, 0xff2c, 0x0}, 0x1}], 0x40, 0x2, 0x0) connect$qrtr(r1, &(0x7f0000000040)={0x2a, 0x1, 0x4000}, 0xc) writev(r1, &(0x7f0000000340)=[{&(0x7f0000000080)='~', 0x1}], 0x1) writev(r0, &(0x7f0000000540)=[{&(0x7f0000000140)='Q', 0x1}], 0x1) 584.642723ms ago: executing program 7 (id=1414): r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x121602, 0x0) r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r1}, 0x4) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0x18, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000180)='GPL\x00', 0x1, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r2, 0x0, 0x4}, 0x18) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000003c0)=0x1) ioctl$TIOCVHANGUP(r0, 0x5437, 0x2) 584.372613ms ago: executing program 2 (id=1415): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x1, 0x0, 0x7ffc1ffb}]}) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_mount_image$ext4(&(0x7f00000001c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x2000042, &(0x7f0000002240)={[{@nombcache}, {@oldalloc}, {@inlinecrypt}, {@delalloc}, {@mblk_io_submit}, {@delalloc}, {@noload}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@lazytime}]}, 0x3, 0x4ea, &(0x7f00000006c0)="$eJzs3UtvG1sdAPD/OPa9yW3AuYVFqURb+lCKoE7S9BGxKK3EY1UJUfZpSJwoihNXidM2UQXuJwChCpBYsWKDxAdAQv0ICKkS7FiwAlWQ0gUbZDR+tI1jh+TWjdvk95NO58w59fz/x4/xnJlRHMCRdSYibkbEQERciIh8sz3TLFFtlPT/vdh6NJuWJGq1O/9MImm2tW/zWPNhqe9/N+KHyc64axubSzOlUnF1e/PmpcXlmYXiQnFlcnLi2tT1qatT43scSZLdrXc4Im586+XPf/Kb79z4w9cf/G36Hxd/lKZ1t9nfaRy90Bh6LgZbDdV3EaV/0vdNtj5CAAA+BOcj4nhEnI2Ir0Y+BmLXw2gAAADgA1T75vDHrSoAAABwOGXq98YmmULzft/hyGQKhcY9vF+MTzKl8lrla/Pl9ZW5xj20I5HLzC+WiuPNe4VHIpek6xP1+uv1y23rkxHxaUQ8yQ+l6/U+AAAA4GAca5v/v8w35v8AAADAIeNiPAAAABx+5v8AAABw+Jn/AwAAwKH2vdu301J7sfWo/jsAc/c31pfK9y/NFdeWCsvrs4XZ8uq9wkK5vFAqFgb+//ZK5fK9K7Gy/nCskl2rjK1tbE4vl9dXKtP13/WeLh4/gDEBAAAA2316+ulfkoiofmOoXlIfNftyfc0MeI8k2baGu1/pUyZAT+zhlP52Z9bfTSLAgWv/TgeODnN8IGlvaDswGOx2qPDH/cdyzAEAAP0x+iXX/+GoyvQ7AaBvftrvBIC+cS4ejq7c/u8ABA6ZHdf/2wx269jz9f9abV8JAQAAPTfcWFSjeS1wODKZQuHVZcFkfrFUHI+Iz0fEn/O5j9P1iT7mCwAAAAAAAAAAAAAAAAAAAAAAAAAfolotiRoAAABwqEVk/p40f/9rNH9+uP38wEfJf/L1ZUQ8+NWdXzycqVRWJ9L2f71qr/yy2X65H2cwAAAA4CjK7drbmqe35vEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0Esvth7NtspBxn1+K4ZipFP8bAzWl4ORi4hP/p1E9o3HJREx0IP41ccRcaJT/CRNK0aaWbTHz0TEUJ/jH+tBfDjKnt6KiJudPn+ZOFNfdv78ZZvlbT2/Vf+Qd4zf2v8NdNn/fW6PMU4++91Y1/iPI05mO+9/WvGTLvHP7TH+3R9sbnbrq/06YrTj90+yLdZYZfne2NrG5qXF5ZmF4kJxZXJy4trU9amrU+Nj84ulYvPfjjF+9uXfV590HX+mvnwzfmucI40Mf9xt/Of3OP7/Pnu49YVGNbczfsTFc51f/xP1ZefnP31PXGh+D6T9o616tVF/06nf/ulUt9zS+HNdnv/G65+vdRv/xb0Nf8eYAYD+WtvYXJoplYqrB1A5e6V3G0wOKGeVLpXB9yONg658+6230zocfpvt/LVn40rnDJ27+rxjAgAAeu71QX+/MwEAAAAAAAAAAAAAAAAAAICj6zP98bDT+3tUe8xqf4YKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALCr/wUAAP//GpnIcw==") mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x1808400, 0x0) umount2(&(0x7f00000002c0)='./file0\x00', 0x0) 482.824321ms ago: executing program 8 (id=1417): setsockopt$EBT_SO_SET_ENTRIES(0xffffffffffffffff, 0x0, 0x80, &(0x7f0000000040)=@nat={'nat\x00', 0x19, 0x4, 0x90, [0x20000640, 0x0, 0x0, 0x200007ee, 0x20000a2a], 0x0, 0x0, &(0x7f0000000640)=[{0x0, '\x00', 0x0, 0x3}, {0x0, '\x00', 0x1, 0xfffffffffffffffe}, {0x0, '\x00', 0x3, 0xffffffffffffffff}]}, 0x108) setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x18, &(0x7f0000000040)=0x22, 0x4) r0 = syz_io_uring_setup(0x24fa, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=0x0, &(0x7f0000000180)=0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) write$UHID_CREATE2(r3, &(0x7f0000000040)=ANY=[], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r3, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_SEND={0x1a, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}) io_uring_enter(r0, 0x2d3e, 0x0, 0x0, 0x0, 0x0) 474.508622ms ago: executing program 8 (id=1419): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000380), 0x1c3341, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) r1 = socket(0x400000000010, 0x3, 0x0) r2 = socket$unix(0x1, 0x5, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x3, 0xf}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_FSC={0x10, 0x2, {0xa30e, 0x1, 0xfffffffa}}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x40000}, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r4, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000480)=@newqdisc={0x24, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xfffffdfc, {0x0, 0x0, 0x0, r3, {0xffff}, {0xa}, {0x2, 0xb}}}, 0x24}, 0x1, 0x0, 0x0, 0x4040000}, 0x24000880) 351.716892ms ago: executing program 4 (id=1423): r0 = socket$inet6_udp(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f0000000000)={0xa, 0xe22, 0x0, @empty, 0x2}, 0x1c) r1 = socket$pppl2tp(0x18, 0x1, 0x1) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000fbff000000000000001d8500000007000000850000002300000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f00000001c0)='kmem_cache_free\x00', r2}, 0x10) connect$pppl2tp(r1, &(0x7f0000000100)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4, 0x0, 0x3}}, 0x2e) ioctl$PPPIOCGCHAN(r1, 0x80047437, &(0x7f0000000080)) syz_emit_ethernet(0x4c, &(0x7f0000000140)={@random="99177fa54f29", @random="ece65fbcee55", @void, {@ipv6={0x86dd, @udp={0x0, 0x6, '\x00', 0x16, 0x11, 0xff, @remote, @local, {[], {0x0, 0xe22, 0x16, 0x0, @gue={{0x2, 0x0, 0x0, 0x3}, "30b00afe4e70"}}}}}}}, 0x0) 336.847583ms ago: executing program 2 (id=1424): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0700000004000000000100000100000028"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='kfree\x00', r1, 0x0, 0x7}, 0x18) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.events\x00', 0x26e1, 0x0) pipe(&(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) splice(r2, 0x0, r4, 0x0, 0x88000cc, 0x0) write$eventfd(r3, &(0x7f0000000240), 0xffffff14) 297.133906ms ago: executing program 4 (id=1425): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1, 0x0, 0x3}, 0x18) r2 = creat(&(0x7f0000000600)='./file0\x00', 0xe5) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f}, 0x94) write$qrtrtun(r2, &(0x7f0000001880)="9d8d645e53b6183d874f9e93a18dd009a09560ff682bd07dc3d28385a8f3f9e18418950d4dfe49f13a19e24320444a7d6c121741ba3dc510dba4f980bbd9a315544fa0a1622d949faba79788908354e467989e84b928ecb96e0e4e781bfca4c928c956321dd51400000000000020011584a8bd051f13bad882bea021ffb5ce918a1f87f1d439ec93772d6ecaaf8891f7678f2037ccced78ea5c1aa805f1b9f5a2c3974c5124cac5e163d9b6f5b998c1c7263fa2331d1241523986dccbd4e1f32b2f521380a2ea4732132264de6d26cfbb2eb91e40177a780df98cbf94b96d900a2dfc5c877db675ebb1d7cbc398ca422ddbadc24ee6f3bf036f62cdb056502a63d070000930ea668649ad0003afe9a912179ce61631b3dab94642d2768f1f22299dea6c08073dd0c47b9eddb917fc0076b74406149024514d07417c6007e8cd4dc4e2295be71f412044b52b1ce32aac048cad9c413a8c19528dc1b432fe7f9fda7182a47243af427a76ede78aa5c6ef75ea1f48e2e9e9d203d4760a1ff6a0119b39a2458a050f9519d4bbd821684ef8303985e8f5b8d86346f428788fc374e7eaa0c2a2ef8478a13b4a56d0821201c37a0066fb9f5cc583005b9f71b67daa300311066bacbf43630a8388aff734a568a123a48ba1344a5500e5c6f8cef539617cd3970ffb873579a3b76bd529f1626d1f90543b2a0190df38bb1e8b6fc9bfc5c42693814665679e78ed8adce4d23b8725436101ae4113fee000cb92b32c6a74851a6c4af4625f28810ec16834a1589063af1bf0b29aa57e06dddc0fddf408fab63c536d5afd9ba5a71f9e534f99e5ea9c1eaaaad710ef30a37df0f87978894333850f4feac3740a3b010da7c250d060c8046cab40d0527234d4b4b28366bc7d5899948ddbfac66c848ef0f842eab95248e9d064c0ec4247483f0aa0cad7ca970365e474fe73cf79cf8c70fc7a015caa273ce41723453632cf5b809584d227f7e98e8ec41494518b0b8a8adbaf5ead6529451b116fab06529b653bffdd6d98f8322265305bdc0ff69f4a70dea414fcc63d149c564c834f24b8f7495cd9ccafa1e3f652cd3270935800ee0d5598afcaa41c150dac263408d77a61b5c77e2c3644dda1b8c333a36c30ce893140ce133827dde34d896d35cfe7d498bf6dda965a27cc77e2872fcedaf9dcb89614c758cf62ad769ac05a4fb9e27b421b82c17d15f7d2ffb6ed63c639cee97d9eea8f3934045e60b15eca5c13ebe002467c09815712165cee2af784f9e5db9f7227701ca9a3de588503c84c490f4986aa26e7b63d4c5a30157cdf82e433a1b64496392a1990b2a46b910d9a16429736308f71d8e78824a26f25f21829546b973c0905b20c2ef751eb0064eaf831874f0b58ef8779cafd02bcf075a212e79e07c73c49fc240d6845877fda649d1ab59ea06b907ec5031299a0e1fa2f8cbc241a8531ad241302b569d4581dcc944f27799f25593b97ea7681ba74d6cde9c8f58840ac4c4be3aa90e6273a64e549c47c7232f423406604c9c210eabe3d6a2343bd6c2ae72ab013ce2af32467bcfa8cbf0769f91", 0x45c) r4 = bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000012c0)={r3, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000003c0)=[0x45c], 0x0, 0x0, 0x1, 0x1}}, 0x40) bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000005c0)={r4, 0x0, 0x0}, 0x10) 214.560463ms ago: executing program 4 (id=1426): r0 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xaee2, 0x80, 0x2, 0x8f6}, &(0x7f0000000000)=0x0, &(0x7f0000000300)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) prctl$PR_SET_NAME(0xf, &(0x7f00000001c0)='w\xde\xa3\x05\xff\a\x00\x00\x00\x00\x00\x00\x8f\xc0\x9b\x86\xef\\\xc0\x89\av\x9f\xd6\xd1\x98<\xc8\x18E/\x8c\x1a\xe3\xbd') r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000300)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48284b70043dc6124d877142a48448b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d4023f210fa34b63a715a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f01000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb796ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab04000000ffe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890decace0200f404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef29cd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf0100483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6c354463d7d0917fc80e5009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab4000000000000000028df75cf43f8ecc8d37b126602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89fa516dab183ee65744fb8fc4f9ce2242e0f00000000010000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f49198e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bde54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85eff010000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1099e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677ec97c5c568a89d6e36b165c391339878b699644c96bd6ea589765ed2a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac4741201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef365303f0e9b4fc969c9dab6d00000000000000000000008f6555f3b7d5021dfc8eb504f1e4fef716d60f0d50b03fc014fd3dff46f56750f0ba4f1b9f7de5c17e7d1f18522897edab8e9e76b667ec6b01908400f55e16f0cfbf026be5f5acc681053f697d62b3545aec4606e190216c22c1d8807b6c43f0f0a4b53619fe5c9412821c3816194a5e29cf12cc7a197b5bdafb096d2d7f6be483814c92ef29c3a21c169794c7de3b4c706f4de5f4b93c831944c7b66fa49f317aa22dbc211e19f031c4f8bee14ecd5eb061a052044adc4dd1b63a1500a9c0e09dbba23f2726a55975efb4519d864d984dcb3a1dcafa1124a6b004029a706478df3be2438d2e35e6ca674dc190143a0b6f7db3408c0c08011e5d8f54711a0bd410ab53a15b1596cb77d2b58df2d8d8"], &(0x7f0000000100)='GPL\x00'}, 0x41) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f00000015c0)='kmem_cache_free\x00', r3}, 0x10) syz_io_uring_submit(r1, r2, &(0x7f0000000380)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, r0, 0x0, 0x0, 0x120, 0x183000, 0x23456}) io_uring_enter(r0, 0x47f6, 0x0, 0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) 213.746393ms ago: executing program 7 (id=1427): syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x39) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x800}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r1}, 0x10) r2 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$smc(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$SMC_PNETID_DEL(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="0100000000000000000004"], 0x40}, 0x1, 0x40030000000000}, 0x0) 127.847589ms ago: executing program 8 (id=1428): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000d00)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="180100000100a7d9000000000020b200850000007b00000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0, 0x0, 0x2}, 0x18) syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=") r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x4040, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1202, 0x0) write(r2, &(0x7f0000004200)='t', 0x1) sendfile(r2, r1, 0x0, 0x3ffff) sendfile(r2, r1, 0x0, 0x7ffff000) 127.617019ms ago: executing program 7 (id=1429): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x7, 0x2a, 0x5}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000400)='virtio_transport_alloc_pkt\x00', r2}, 0x18) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000400)='virtio_transport_alloc_pkt\x00', r1}, 0x18) r3 = socket$vsock_stream(0x28, 0x1, 0x0) connect$vsock_stream(r3, &(0x7f0000000140)={0x28, 0x0, 0x0, @my=0x1}, 0x10) 127.39737ms ago: executing program 6 (id=1430): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000500)='percpu_free_percpu\x00', r1}, 0x10) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000500)='percpu_free_percpu\x00', r2}, 0x10) bpf$MAP_CREATE(0x2000000000000000, &(0x7f0000000140)=@base={0x6, 0x4, 0x1ff, 0x5c, 0x0, 0xffffffffffffffff, 0x6, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xfffffffe}, 0x50) 115.497301ms ago: executing program 7 (id=1431): socket(0x10, 0x803, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x18) syz_open_procfs(0x0, &(0x7f00000006c0)='net/udp6\x00') r0 = socket$inet_smc(0x2b, 0x1, 0x0) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00000001c0)='cdg\x00', 0x4) bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, 0x0, &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4) connect$inet(r0, &(0x7f0000000280)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x1}}, 0x10) 111.753741ms ago: executing program 4 (id=1432): mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) pipe2$9p(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x800) write$P9_RVERSION(r1, &(0x7f0000000180)=ANY=[@ANYBLOB="1500000065ffff097b00000800395032303030"], 0x15) r2 = dup(r1) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0700000004000000000100000100000028"], 0x50) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x18) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000780)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}}) 101.855342ms ago: executing program 6 (id=1433): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0xa, 0x4, 0xdd, 0xa}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa10000000000000701"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x54, '\x00', 0x0, @fallback=0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="180200009b1aecb60000000000000000850000007500000095"], 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x2f, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000940)='percpu_alloc_percpu\x00', r2}, 0x10) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000780)={{r0}, &(0x7f0000000700), &(0x7f0000000740)=r1}, 0x20) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x3, 0x3, &(0x7f0000000040)=@framed={{0x7a, 0xa, 0x0, 0xff00, 0x0, 0x71, 0x10, 0x43}}, &(0x7f0000000000)='syzkaller\x00'}, 0x94) 14.798719ms ago: executing program 6 (id=1434): r0 = socket(0x10, 0x3, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000005"], 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000740)={{r1}, &(0x7f00000006c0), &(0x7f0000000700)='%pS \x00'}, 0x20) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000004c0)=@newqdisc={0x38, 0x24, 0xf0b, 0x0, 0x0, {0x60, 0x0, 0x0, r4, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq={{0x7}, {0xc, 0x2, [@TCA_FQ_FLOW_PLIMIT={0x8, 0x800e}]}}]}, 0x38}}, 0x0) 14.552159ms ago: executing program 7 (id=1435): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kfree\x00', r0, 0x0, 0x7}, 0x18) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454da, &(0x7f0000000080)={'batadv0\x00'}) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'dvmrp1\x00', 0x1}) r2 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x103442, 0x0) ioctl$TUNSETIFF(r2, 0x400454da, &(0x7f0000000140)={'batadv0\x00'}) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000100)={'pimreg0\x00', 0x411}) 14.377759ms ago: executing program 4 (id=1436): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000003c0)='kmem_cache_free\x00', r0}, 0x18) bpf$PROG_LOAD(0x5, 0x0, 0x0) socket$key(0xf, 0x3, 0x2) r2 = socket$nl_xfrm(0x10, 0x3, 0x6) bpf$MAP_CREATE(0x0, &(0x7f0000000440)=ANY=[@ANYRES64=r1], 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) sendmsg$nl_xfrm(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000000c0)=@newsa={0x104, 0x10, 0x7, 0x0, 0x0, {{@in6=@mcast2, @in=@multicast2, 0x4e20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xee00}, {@in6=@mcast1, 0x0, 0x2b}, @in6=@private0, {0x0, 0x0, 0x2, 0x0, 0x10000000}, {0x0, 0x200000, 0x7}, {0x40000, 0x0, 0xae8}, 0x0, 0x0, 0xa, 0x2, 0x0, 0x70}, [@coaddr={0x14, 0xe, @in6=@remote}]}, 0x104}}, 0x0) 14.191569ms ago: executing program 6 (id=1437): r0 = socket(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r2) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000005840)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c}}]}, 0x78}, 0x1, 0x0, 0x0, 0x4040004}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000012c0)=@newtfilter={0x44, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {}, {0xd}}, [@filter_kind_options=@f_flower={{0xb}, {0x14, 0x2, [@TCA_FLOWER_KEY_IPV4_SRC_MASK={0x8, 0xb, 0xffffff00}, @TCA_FLOWER_KEY_IPV4_SRC={0x8, 0xa, @local}]}}]}, 0x44}}, 0x0) 0s ago: executing program 4 (id=1438): r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x121602, 0x0) r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r1}, 0x4) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0x18, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000180)='GPL\x00', 0x1, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r2, 0x0, 0x4}, 0x18) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000003c0)=0x1) ioctl$TIOCVHANGUP(r0, 0x5437, 0x2) kernel console output (not intermixed with test programs): 51] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 35.106346][ T3548] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 35.122646][ T3551] ext4 filesystem being mounted at /2/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 35.133064][ T3548] ext4 filesystem being mounted at /7/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 35.169467][ T3548] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters [ 35.219683][ T3548] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 21 with max blocks 11 with error 28 [ 35.232222][ T3548] EXT4-fs (loop3): This should not happen!! Data will be lost [ 35.232222][ T3548] [ 35.241907][ T3548] EXT4-fs (loop3): Total free blocks count 0 [ 35.248009][ T3548] EXT4-fs (loop3): Free/Dirty block details [ 35.253922][ T3548] EXT4-fs (loop3): free_blocks=4293918720 [ 35.259693][ T3548] EXT4-fs (loop3): dirty_blocks=48 [ 35.264871][ T3548] EXT4-fs (loop3): Block reservation details [ 35.270927][ T3548] EXT4-fs (loop3): i_reserved_data_blocks=3 [ 35.278108][ T3299] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 35.333851][ T3548] syz.3.35 (3548) used greatest stack depth: 9768 bytes left [ 35.363642][ T378] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 48 with max blocks 17 with error 28 [ 35.407175][ T3582] bridge0: entered promiscuous mode [ 35.424762][ T3582] bridge0: port 3(macsec1) entered blocking state [ 35.431337][ T3582] bridge0: port 3(macsec1) entered disabled state [ 35.461210][ T3582] macsec1: entered allmulticast mode [ 35.466557][ T3582] bridge0: entered allmulticast mode [ 35.496436][ T3582] macsec1: left allmulticast mode [ 35.501610][ T3582] bridge0: left allmulticast mode [ 35.512751][ T3582] bridge0: left promiscuous mode [ 35.576840][ T3394] tipc: Node number set to 2886997007 [ 35.646016][ T3596] netlink: 12 bytes leftover after parsing attributes in process `syz.2.50'. [ 35.695190][ T3598] netlink: 4 bytes leftover after parsing attributes in process `gtp'. [ 35.778022][ T3610] loop4: detected capacity change from 0 to 2048 [ 35.789774][ T3612] batadv_slave_1: entered promiscuous mode [ 35.796264][ T3612] batadv_slave_1: left promiscuous mode [ 35.803735][ T3610] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 35.825652][ T3610] ext4 filesystem being mounted at /19/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 36.038938][ T3308] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 36.096569][ T3632] loop4: detected capacity change from 0 to 512 [ 36.124040][ T3632] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 36.137241][ T3632] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 36.172732][ T3632] EXT4-fs (loop4): 1 truncate cleaned up [ 36.191637][ T3632] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 36.236406][ T3308] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 36.399462][ T3653] loop4: detected capacity change from 0 to 512 [ 36.406447][ T3653] journal_path: Lookup failure for './file0/../file0' [ 36.413313][ T3653] EXT4-fs: error: could not find journal device path [ 36.742834][ T3677] macvlan1: entered promiscuous mode [ 36.750442][ T3677] ipvlan0: entered promiscuous mode [ 36.756180][ T3677] ipvlan0: left promiscuous mode [ 36.761378][ T3677] macvlan1: left promiscuous mode [ 36.869102][ C0] hrtimer: interrupt took 46064 ns [ 36.935793][ T3683] netlink: 'syz.4.89': attribute type 10 has an invalid length. [ 36.950402][ T3683] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 37.024366][ T3692] sch_tbf: burst 127 is lower than device syzkaller0 mtu (1514) ! [ 37.079259][ T3702] loop0: detected capacity change from 0 to 128 [ 37.088817][ T3702] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 37.101295][ T3702] ext4 filesystem being mounted at /6/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 37.185413][ T3299] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 37.186247][ T3709] sch_fq: defrate 0 ignored. [ 37.342290][ T3733] pim6reg: entered allmulticast mode [ 37.344051][ T3735] vcan0: tx drop: invalid da for name 0x0000000000000003 [ 37.348826][ T3733] pim6reg: left allmulticast mode [ 37.492751][ T3755] hub 6-0:1.0: USB hub found [ 37.497998][ T3755] hub 6-0:1.0: 8 ports detected [ 37.528999][ T3760] loop1: detected capacity change from 0 to 1024 [ 37.535989][ T3760] EXT4-fs: Ignoring removed nobh option [ 37.541780][ T3760] EXT4-fs: inline encryption not supported [ 37.547971][ T3763] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 37.568983][ T3760] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 37.584157][ T3760] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4183: comm syz.1.125: Allocating blocks 385-513 which overlap fs metadata [ 37.615116][ T3760] EXT4-fs (loop1): pa ffff888106b330e0: logic 16, phys. 129, len 24 [ 37.623290][ T3760] EXT4-fs error (device loop1): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 8 [ 37.653852][ T3760] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 1 with error 28 [ 37.666177][ T3760] EXT4-fs (loop1): This should not happen!! Data will be lost [ 37.666177][ T3760] [ 37.675860][ T3760] EXT4-fs (loop1): Total free blocks count 0 [ 37.681889][ T3760] EXT4-fs (loop1): Free/Dirty block details [ 37.687808][ T3760] EXT4-fs (loop1): free_blocks=128 [ 37.692974][ T3760] EXT4-fs (loop1): dirty_blocks=0 [ 37.698069][ T3760] EXT4-fs (loop1): Block reservation details [ 37.704047][ T3760] EXT4-fs (loop1): i_reserved_data_blocks=0 [ 37.726027][ T3760] syz.1.125 (3760) used greatest stack depth: 9576 bytes left [ 37.740268][ T3777] usb usb1: usbfs: interface 0 claimed by hub while 'syz.0.133' sets config #0 [ 37.764045][ T3779] SELinux: failed to load policy [ 37.805718][ T3788] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 37.816478][ T3788] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 37.828183][ T3788] 9pnet: p9_errstr2errno: server reported unknown error @00000000000000000000010 [ 37.867316][ T3793] loop2: detected capacity change from 0 to 2048 [ 37.874205][ T3793] EXT4-fs: Ignoring removed nobh option [ 37.899618][ T3793] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 37.925903][ T3306] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 37.958880][ T3806] loop2: detected capacity change from 0 to 512 [ 37.965929][ T3806] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 37.979330][ T3806] EXT4-fs (loop2): 1 truncate cleaned up [ 37.985594][ T3806] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 38.015146][ T3306] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 38.024523][ T3814] capability: warning: `syz.1.147' uses 32-bit capabilities (legacy support in use) [ 38.156745][ T3829] loop1: detected capacity change from 0 to 128 [ 38.225686][ T3829] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 38.238185][ T3829] ext4 filesystem being mounted at /44/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 38.311721][ T3302] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 38.557427][ T3853] sch_tbf: burst 88 is lower than device hsr0 mtu (1508) ! [ 39.061891][ T3869] syz.3.173 uses obsolete (PF_INET,SOCK_PACKET) [ 39.160658][ T29] kauditd_printk_skb: 207 callbacks suppressed [ 39.160676][ T29] audit: type=1400 audit(1754028668.157:348): avc: denied { execmem } for pid=3871 comm="syz.3.174" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 39.206525][ T3874] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 39.240260][ T3874] loop4: detected capacity change from 0 to 256 [ 39.256584][ T3874] FAT-fs (loop4): bogus number of FAT sectors [ 39.262804][ T3874] FAT-fs (loop4): Can't find a valid FAT filesystem [ 39.373431][ T29] audit: type=1400 audit(1754028668.367:349): avc: denied { setopt } for pid=3894 comm="syz.4.182" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 39.403335][ T3895] __nla_validate_parse: 8 callbacks suppressed [ 39.403350][ T3895] netlink: 4 bytes leftover after parsing attributes in process `syz.4.182'. [ 39.440022][ T3897] team0 (unregistering): Port device team_slave_0 removed [ 39.454584][ T3897] team0 (unregistering): Port device team_slave_1 removed [ 39.497730][ T29] audit: type=1400 audit(1754028668.497:350): avc: denied { create } for pid=3902 comm="syz.1.187" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 39.534973][ T29] audit: type=1400 audit(1754028668.517:351): avc: denied { ioctl } for pid=3902 comm="syz.1.187" path="socket:[5638]" dev="sockfs" ino=5638 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 39.566476][ T29] audit: type=1326 audit(1754028668.527:352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3907 comm="syz.1.189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f5901565b27 code=0x7ffc0000 [ 39.590093][ T29] audit: type=1326 audit(1754028668.527:353): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3907 comm="syz.1.189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f590150ad69 code=0x7ffc0000 [ 39.597008][ T3911] netlink: 96 bytes leftover after parsing attributes in process `syz.0.190'. [ 39.613608][ T29] audit: type=1326 audit(1754028668.527:354): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3907 comm="syz.1.189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f590156eb69 code=0x7ffc0000 [ 39.646166][ T29] audit: type=1326 audit(1754028668.527:355): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3907 comm="syz.1.189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f5901565b27 code=0x7ffc0000 [ 39.669641][ T29] audit: type=1326 audit(1754028668.527:356): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3907 comm="syz.1.189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f590150ad69 code=0x7ffc0000 [ 39.692849][ T29] audit: type=1326 audit(1754028668.527:357): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3907 comm="syz.1.189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f5901565b27 code=0x7ffc0000 [ 39.720237][ T3914] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 39.793918][ T3926] capability: warning: `syz.1.197' uses deprecated v2 capabilities in a way that may be insecure [ 39.805663][ T3922] wg2: entered promiscuous mode [ 39.810675][ T3922] wg2: entered allmulticast mode [ 39.842977][ T3932] Invalid ELF header magic: != ELF [ 39.911468][ T3941] macvlan2: entered promiscuous mode [ 39.919055][ T3941] bond0: (slave macvlan2): Enslaving as an active interface with an up link [ 39.938836][ T3941] macvlan3: entered promiscuous mode [ 39.944372][ T3941] bond0: (slave macvlan3): Error -98 calling set_mac_address [ 40.113627][ T3960] loop2: detected capacity change from 0 to 128 [ 40.123108][ T3960] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100) [ 40.131068][ T3960] FAT-fs (loop2): Filesystem has been set read-only [ 40.137833][ T3960] syz.2.213: attempt to access beyond end of device [ 40.137833][ T3960] loop2: rw=524288, sector=2065, nr_sectors = 8 limit=128 [ 40.151936][ T3960] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100) [ 40.159891][ T3960] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100) [ 40.168366][ T3960] syz.2.213: attempt to access beyond end of device [ 40.168366][ T3960] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 40.181677][ T3960] syz.2.213: attempt to access beyond end of device [ 40.181677][ T3960] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 40.196042][ T3960] syz.2.213: attempt to access beyond end of device [ 40.196042][ T3960] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 40.209654][ T3960] syz.2.213: attempt to access beyond end of device [ 40.209654][ T3960] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 40.223117][ T3960] syz.2.213: attempt to access beyond end of device [ 40.223117][ T3960] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 40.236654][ T3960] syz.2.213: attempt to access beyond end of device [ 40.236654][ T3960] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 40.249989][ T3960] syz.2.213: attempt to access beyond end of device [ 40.249989][ T3960] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 40.264464][ T3960] syz.2.213: attempt to access beyond end of device [ 40.264464][ T3960] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 40.278022][ T3960] syz.2.213: attempt to access beyond end of device [ 40.278022][ T3960] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 40.484150][ T3387] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 40.499879][ T3387] hid-generic 0000:0000:0000.0001: hidraw0: HID v0.00 Device [syz1] on syz0 [ 40.965449][ T3989] netlink: 24 bytes leftover after parsing attributes in process `syz.3.225'. [ 40.994363][ T3989] netlink: 5448 bytes leftover after parsing attributes in process `syz.3.225'. [ 41.045643][ T3992] serio: Serial port ptm0 [ 41.074387][ T4002] loop2: detected capacity change from 0 to 1024 [ 41.091467][ T4002] EXT4-fs: Ignoring removed orlov option [ 41.125462][ T4010] IPv4: Oversized IP packet from 127.202.26.0 [ 41.133623][ T4002] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 41.144933][ T4007] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 41.188000][ T4002] 9pnet_fd: Insufficient options for proto=fd [ 41.246722][ T3306] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 41.277487][ T4020] loop3: detected capacity change from 0 to 512 [ 41.298075][ T4020] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 41.331897][ T4020] EXT4-fs warning (device loop3): ext4_expand_extra_isize_ea:2848: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 41.385901][ T4031] netlink: 2036 bytes leftover after parsing attributes in process `syz.2.239'. [ 41.395065][ T4031] netlink: 24 bytes leftover after parsing attributes in process `syz.2.239'. [ 41.402284][ T4020] EXT4-fs (loop3): 1 truncate cleaned up [ 41.415691][ T4020] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 41.424405][ T4033] loop0: detected capacity change from 0 to 2048 [ 41.439297][ T4033] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 41.459807][ T3301] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 41.483721][ T4037] netlink: 12 bytes leftover after parsing attributes in process `syz.3.244'. [ 41.546009][ T4046] loop3: detected capacity change from 0 to 512 [ 41.552771][ T4046] EXT4-fs: Ignoring removed mblk_io_submit option [ 41.560718][ T4046] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 41.572881][ T4046] EXT4-fs (loop3): 1 truncate cleaned up [ 41.580426][ T4046] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 41.728277][ T3301] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 41.765213][ T4040] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 41.782089][ T4040] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28 [ 41.794658][ T4040] EXT4-fs (loop0): This should not happen!! Data will be lost [ 41.794658][ T4040] [ 41.804367][ T4040] EXT4-fs (loop0): Total free blocks count 0 [ 41.810507][ T4040] EXT4-fs (loop0): Free/Dirty block details [ 41.816407][ T4040] EXT4-fs (loop0): free_blocks=2415919104 [ 41.822169][ T4040] EXT4-fs (loop0): dirty_blocks=8208 [ 41.827521][ T4040] EXT4-fs (loop0): Block reservation details [ 41.833533][ T4040] EXT4-fs (loop0): i_reserved_data_blocks=513 [ 41.841328][ T4063] Illegal XDP return value 4291143224 on prog (id 191) dev N/A, expect packet loss! [ 41.880990][ T1725] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 2050 with max blocks 2048 with error 28 [ 41.923445][ T4070] loop3: detected capacity change from 0 to 764 [ 41.932106][ T4070] rock: directory entry would overflow storage [ 41.938318][ T4070] rock: sig=0x4654, size=5, remaining=4 [ 42.042833][ T4084] loop4: detected capacity change from 0 to 128 [ 42.145988][ T4100] bond0: entered promiscuous mode [ 42.151141][ T4100] bond_slave_0: entered promiscuous mode [ 42.156963][ T4100] bond_slave_1: entered promiscuous mode [ 42.170836][ T4100] batadv0: entered promiscuous mode [ 42.178088][ T4100] hsr1: entered allmulticast mode [ 42.183165][ T4100] bond0: entered allmulticast mode [ 42.188352][ T4100] bond_slave_0: entered allmulticast mode [ 42.194116][ T4100] bond_slave_1: entered allmulticast mode [ 42.200086][ T4100] batadv0: entered allmulticast mode [ 42.225415][ T4100] 8021q: adding VLAN 0 to HW filter on device hsr1 [ 42.249109][ T4100] bond0: left promiscuous mode [ 42.253911][ T4100] bond_slave_0: left promiscuous mode [ 42.259500][ T4100] bond_slave_1: left promiscuous mode [ 42.266621][ T4100] batadv0: left promiscuous mode [ 42.460724][ T4132] syzkaller1: entered promiscuous mode [ 42.466286][ T4132] syzkaller1: entered allmulticast mode [ 42.494828][ T4140] loop4: detected capacity change from 0 to 1024 [ 42.506253][ T4140] EXT4-fs: Ignoring removed orlov option [ 42.514740][ T4142] loop2: detected capacity change from 0 to 128 [ 42.521897][ T4142] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 42.524108][ T4140] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 42.538344][ T4142] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 42.578652][ T272] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 42.622867][ T3308] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 42.770567][ T4173] SELinux: Context system_u:object_r:fsadm_exec_t:s0 is not valid (left unmapped). [ 42.808113][ T4175] netlink: 8 bytes leftover after parsing attributes in process `syz.2.303'. [ 42.877404][ T4187] netlink: 268 bytes leftover after parsing attributes in process `syz.4.309'. [ 42.886562][ T4187] unsupported nla_type 65024 [ 42.973207][ T378] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 43.206346][ T4226] can0: slcan on ttyS3. [ 43.275151][ T4237] loop4: detected capacity change from 0 to 512 [ 43.276985][ T4226] can0 (unregistered): slcan off ttyS3. [ 43.288796][ T4237] EXT4-fs: Ignoring removed nobh option [ 43.301054][ T4237] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #3: comm syz.4.331: corrupted inode contents [ 43.317231][ T4237] EXT4-fs error (device loop4): ext4_dirty_inode:6538: inode #3: comm syz.4.331: mark_inode_dirty error [ 43.329867][ T4237] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #3: comm syz.4.331: corrupted inode contents [ 43.342442][ T4237] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #3: comm syz.4.331: mark_inode_dirty error [ 43.356222][ T4237] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.331: Failed to acquire dquot type 0 [ 43.369518][ T4237] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #16: comm syz.4.331: corrupted inode contents [ 43.381530][ T4237] EXT4-fs error (device loop4): ext4_dirty_inode:6538: inode #16: comm syz.4.331: mark_inode_dirty error [ 43.396810][ T4237] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #16: comm syz.4.331: corrupted inode contents [ 43.409085][ T4237] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #16: comm syz.4.331: mark_inode_dirty error [ 43.420625][ T4237] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #16: comm syz.4.331: corrupted inode contents [ 43.425800][ T4245] bridge_slave_0: left allmulticast mode [ 43.438117][ T4245] bridge_slave_0: left promiscuous mode [ 43.439610][ T4237] EXT4-fs error (device loop4) in ext4_orphan_del:305: Corrupt filesystem [ 43.443847][ T4245] bridge0: port 1(bridge_slave_0) entered disabled state [ 43.453148][ T4237] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #16: comm syz.4.331: corrupted inode contents [ 43.471265][ T4237] EXT4-fs error (device loop4): ext4_truncate:4666: inode #16: comm syz.4.331: mark_inode_dirty error [ 43.482500][ T4237] EXT4-fs error (device loop4) in ext4_process_orphan:347: Corrupt filesystem [ 43.492498][ T4237] EXT4-fs (loop4): 1 truncate cleaned up [ 43.500045][ T4245] bridge_slave_1: left allmulticast mode [ 43.505800][ T4245] bridge_slave_1: left promiscuous mode [ 43.508573][ T4237] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 43.511660][ T4245] bridge0: port 2(bridge_slave_1) entered disabled state [ 43.532558][ T4237] ext4 filesystem being mounted at /81/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 43.546980][ T4245] bond0: (slave bond_slave_0): Releasing backup interface [ 43.558131][ T4245] bond_slave_0: left allmulticast mode [ 43.577681][ T3308] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 43.586914][ T4245] bond0: (slave bond_slave_1): Releasing backup interface [ 43.596029][ T4245] bond_slave_1: left allmulticast mode [ 43.617143][ T4245] team0: Port device team_slave_0 removed [ 43.650169][ T4245] team0: Port device team_slave_1 removed [ 43.670330][ T4245] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 43.677953][ T4245] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 43.688152][ T4245] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 43.695638][ T4245] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 43.810649][ T4266] loop0: detected capacity change from 0 to 128 [ 44.026144][ T4266] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100) [ 44.034155][ T4266] FAT-fs (loop0): Filesystem has been set read-only [ 44.046857][ T4266] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100) [ 44.054743][ T4266] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100) [ 44.118817][ T4291] netlink: 24 bytes leftover after parsing attributes in process `syz.1.353'. [ 44.491645][ T29] kauditd_printk_skb: 239 callbacks suppressed [ 44.491663][ T29] audit: type=1400 audit(1754028673.487:595): avc: denied { write } for pid=4312 comm="syz.1.363" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1 [ 44.609390][ T4326] netlink: 4 bytes leftover after parsing attributes in process `syz.1.369'. [ 44.609890][ T4326] netlink: 12 bytes leftover after parsing attributes in process `syz.1.369'. [ 44.657564][ T4324] netlink: 12 bytes leftover after parsing attributes in process `syz.3.367'. [ 44.697237][ T4332] netlink: 24 bytes leftover after parsing attributes in process `syz.3.372'. [ 44.706980][ T29] audit: type=1400 audit(1754028673.697:596): avc: denied { ioctl } for pid=4333 comm="syz.4.373" path="socket:[8427]" dev="sockfs" ino=8427 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 44.745805][ T4334] netlink: 'syz.4.373': attribute type 27 has an invalid length. [ 44.757297][ T29] audit: type=1400 audit(1754028673.737:597): avc: denied { connect } for pid=4333 comm="syz.4.373" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 44.805087][ T29] audit: type=1400 audit(1754028673.797:598): avc: denied { create } for pid=4341 comm="syz.0.376" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 44.807772][ T29] audit: type=1400 audit(1754028673.807:599): avc: denied { setopt } for pid=4341 comm="syz.0.376" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 44.808442][ T29] audit: type=1400 audit(1754028673.807:600): avc: denied { bind } for pid=4341 comm="syz.0.376" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 44.808514][ T29] audit: type=1400 audit(1754028673.807:601): avc: denied { name_bind } for pid=4341 comm="syz.0.376" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=icmp_socket permissive=1 [ 44.808536][ T29] audit: type=1400 audit(1754028673.807:602): avc: denied { node_bind } for pid=4341 comm="syz.0.376" saddr=fe80::aa src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=icmp_socket permissive=1 [ 44.810947][ T29] audit: type=1400 audit(1754028673.807:603): avc: denied { write } for pid=4341 comm="syz.0.376" name="icmp6" dev="proc" ino=4026532459 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1 [ 44.830564][ T4334] bridge0: port 2(bridge_slave_1) entered disabled state [ 44.830681][ T4334] bridge0: port 1(bridge_slave_0) entered disabled state [ 44.836942][ T29] audit: type=1400 audit(1754028673.827:604): avc: denied { mount } for pid=4343 comm="syz.1.377" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 44.988570][ T4334] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 44.993732][ T4334] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 45.156255][ T378] netdevsim netdevsim4 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 45.165296][ T378] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 45.177956][ T4367] netdevsim netdevsim4 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 45.188382][ T4367] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 45.207023][ T378] netdevsim netdevsim4 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 45.216109][ T378] netdevsim netdevsim4 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 45.243292][ T378] netdevsim netdevsim4 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 45.252406][ T378] netdevsim netdevsim4 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 45.257134][ T2954] hid-generic 0000:0004:0000.0002: unknown main item tag 0x0 [ 45.268823][ T2954] hid-generic 0000:0004:0000.0002: unknown main item tag 0x0 [ 45.276294][ T2954] hid-generic 0000:0004:0000.0002: unknown main item tag 0x0 [ 45.293910][ T4376] loop3: detected capacity change from 0 to 512 [ 45.302071][ T2954] hid-generic 0000:0004:0000.0002: hidraw0: HID v0.00 Device [syz0] on syz0 [ 45.339026][ T4376] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 45.381010][ T4376] ext4 filesystem being mounted at /71/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 45.463143][ T4409] loop0: detected capacity change from 0 to 512 [ 45.486009][ T4409] EXT4-fs: Ignoring removed nomblk_io_submit option [ 45.494349][ T4409] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 45.508850][ T4409] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters [ 45.535003][ T4412] loop2: detected capacity change from 0 to 1024 [ 45.542085][ T4412] EXT4-fs: Ignoring removed orlov option [ 45.544323][ T3301] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 45.548219][ T4409] EXT4-fs (loop0): 1 truncate cleaned up [ 45.562850][ T4409] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 45.577133][ T4412] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 45.638354][ T3299] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 45.729863][ T3306] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 45.835913][ T4501] loop2: detected capacity change from 0 to 512 [ 45.847048][ T4501] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 45.888491][ T4501] ext4 filesystem being mounted at /75/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 45.905948][ T4501] netlink: 96 bytes leftover after parsing attributes in process `syz.2.419'. [ 45.943214][ T3306] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 46.168500][ T4515] vhci_hcd: default hub control req: 0000 v0000 i0000 l31125 [ 46.443564][ T4541] loop2: detected capacity change from 0 to 512 [ 46.472927][ T4541] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 46.485938][ T4541] ext4 filesystem being mounted at /84/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 46.519126][ T4547] random: crng reseeded on system resumption [ 46.547475][ T3306] EXT4-fs error (device loop2): ext4_empty_dir:3081: inode #12: comm syz-executor: invalid size [ 46.574427][ T3306] EXT4-fs (loop2): Remounting filesystem read-only [ 46.600353][ T4549] netlink: 8 bytes leftover after parsing attributes in process `syz.1.439'. [ 46.609347][ T4549] IPVS: Error joining to the multicast group [ 46.627924][ T3306] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 46.643802][ T3441] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 46.684630][ T3441] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 46.800603][ T4567] netlink: 'syz.0.446': attribute type 10 has an invalid length. [ 46.808556][ T4567] netlink: 40 bytes leftover after parsing attributes in process `syz.0.446'. [ 46.836778][ T4567] dummy0: entered promiscuous mode [ 46.925388][ T4576] netlink: 28 bytes leftover after parsing attributes in process `syz.2.451'. [ 46.934460][ T4576] netlink: 'syz.2.451': attribute type 7 has an invalid length. [ 46.942138][ T4576] netlink: 'syz.2.451': attribute type 8 has an invalid length. [ 46.949899][ T4576] netlink: 4 bytes leftover after parsing attributes in process `syz.2.451'. [ 47.316880][ T4613] atomic_op ffff88811eb20928 conn xmit_atomic 0000000000000000 [ 47.341195][ T4615] netlink: 24 bytes leftover after parsing attributes in process `syz.4.465'. [ 47.523740][ T4631] loop3: detected capacity change from 0 to 2048 [ 47.577520][ T4631] loop3: p1 < > p4 [ 47.585051][ T4636] loop4: detected capacity change from 0 to 1024 [ 47.593608][ T4631] loop3: p4 size 8388608 extends beyond EOD, truncated [ 47.604212][ T4636] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 47.616649][ T4636] ext4 filesystem being mounted at /97/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 47.624722][ T4637] loop2: detected capacity change from 0 to 1024 [ 47.634171][ T4641] loop1: detected capacity change from 0 to 512 [ 47.641692][ T4637] EXT4-fs: Ignoring removed nobh option [ 47.642829][ T4641] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 47.647314][ T4637] EXT4-fs: inline encryption not supported [ 47.673136][ T4641] EXT4-fs (loop1): 1 truncate cleaned up [ 47.704941][ T4637] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 47.736480][ T4646] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters [ 47.762066][ T4641] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 47.779613][ T4637] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4183: comm syz.2.474: Allocating blocks 385-513 which overlap fs metadata [ 47.804148][ T4635] EXT4-fs (loop2): pa ffff888106b332a0: logic 16, phys. 129, len 24 [ 47.812268][ T4635] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 8 [ 47.833381][ T4646] EXT4-fs (loop4): Remounting filesystem read-only [ 47.848810][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 47.887300][ T3306] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 47.947568][ T4658] loop2: detected capacity change from 0 to 1024 [ 47.979294][ T4658] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 48.032271][ T4658] ext4 filesystem being mounted at /97/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 48.108381][ T3308] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 48.280856][ T4688] mmap: syz.0.491 (4688) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 48.447301][ T4702] bond_slave_0: entered promiscuous mode [ 48.453044][ T4702] bond_slave_1: entered promiscuous mode [ 48.484034][ T4702] 8021q: adding VLAN 0 to HW filter on device macvtap1 [ 48.517595][ T4702] bond_slave_0: left promiscuous mode [ 48.523033][ T4702] bond_slave_1: left promiscuous mode [ 48.554694][ T4707] -1: renamed from syzkaller0 [ 48.636291][ T4715] loop3: detected capacity change from 0 to 128 [ 48.824325][ T4480] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters [ 48.863366][ T4480] EXT4-fs (loop2): Remounting filesystem read-only [ 48.892181][ T4733] dvmrp1: entered allmulticast mode [ 48.917647][ T4733] dvmrp1: left allmulticast mode [ 48.940901][ T4746] loop4: detected capacity change from 0 to 512 [ 48.969618][ T4746] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 48.975278][ T3306] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 48.988579][ T4746] EXT4-fs (loop4): 1 orphan inode deleted [ 48.988600][ T4746] EXT4-fs (loop4): 1 truncate cleaned up [ 48.989065][ T4746] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 49.035852][ T4746] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters [ 49.050544][ T4746] EXT4-fs (loop4): Remounting filesystem read-only [ 49.057227][ T4746] EXT4-fs (loop4): error restoring inline_data for inode -- potential data loss! (inode 12, error -30) [ 49.081240][ T3308] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 49.146251][ T4759] loop4: detected capacity change from 0 to 512 [ 49.153670][ T4759] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 49.179253][ T4759] EXT4-fs (loop4): 1 truncate cleaned up [ 49.200656][ T4759] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 49.230756][ T3308] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 49.311733][ T4785] dvmrp1: entered allmulticast mode [ 49.323605][ T4788] syz.2.535 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 49.343036][ T4780] dvmrp1: left allmulticast mode [ 49.452327][ T4797] loop3: detected capacity change from 0 to 2048 [ 49.465331][ T4802] loop1: detected capacity change from 0 to 128 [ 49.478385][ T4802] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 49.491696][ T4802] ext4 filesystem being mounted at /122/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 49.543140][ T3302] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 49.554242][ T29] kauditd_printk_skb: 162 callbacks suppressed [ 49.554282][ T29] audit: type=1400 audit(1754028678.557:763): avc: denied { firmware_load } for pid=4805 comm="syz.3.545" path="/lib/firmware/regulatory.db" dev="sda1" ino=448 scontext=system_u:system_r:kernel_t tcontext=system_u:object_r:lib_t tclass=system permissive=1 [ 49.682476][ T4817] loop3: detected capacity change from 0 to 128 [ 49.711142][ T4817] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 49.745905][ T4817] ext4 filesystem being mounted at /115/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 49.858998][ T29] audit: type=1400 audit(1754028678.857:764): avc: denied { mounton } for pid=4816 comm="syz.3.549" path="/115/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/bus" dev="loop3" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 49.956814][ T4817] loop3: detected capacity change from 128 to 64 [ 49.964364][ T4826] EXT4-fs error (device loop3) in ext4_reserve_inode_write:6334: Out of memory [ 50.017818][ T4826] EXT4-fs error (device loop3) in ext4_reserve_inode_write:6334: Out of memory [ 50.058659][ T4826] EXT4-fs error (device loop3): ext4_evict_inode:254: inode #13: comm syz.3.549: mark_inode_dirty error [ 50.107777][ T4826] EXT4-fs warning (device loop3): ext4_evict_inode:257: couldn't mark inode dirty (err -12) [ 50.189703][ T3301] EXT4-fs error (device loop3) in ext4_reserve_inode_write:6334: Out of memory [ 50.216984][ T3301] EXT4-fs error (device loop3): ext4_dirty_inode:6538: inode #2: comm syz-executor: mark_inode_dirty error [ 50.378668][ T3301] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 50.423784][ T4839] __nla_validate_parse: 3 callbacks suppressed [ 50.423801][ T4839] netlink: 24 bytes leftover after parsing attributes in process `syz.2.559'. [ 50.471763][ T29] audit: type=1400 audit(1754028679.467:765): avc: denied { read write } for pid=4841 comm="syz.1.561" name="vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1 [ 50.496352][ T29] audit: type=1400 audit(1754028679.467:766): avc: denied { open } for pid=4841 comm="syz.1.561" path="/dev/vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1 [ 50.526992][ T4843] netlink: 4 bytes leftover after parsing attributes in process `syz.2.559'. [ 50.531329][ T1036] kernel read not supported for file /vga_arbiter (pid: 1036 comm: kworker/0:2) [ 50.700608][ T29] audit: type=1400 audit(1754028679.697:767): avc: denied { mounton } for pid=4862 comm="syz.1.565" path="/127/file0" dev="tmpfs" ino=674 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 50.739876][ T4846] chnl_net:caif_netlink_parms(): no params data found [ 50.810175][ T4846] bridge0: port 1(bridge_slave_0) entered blocking state [ 50.817467][ T4846] bridge0: port 1(bridge_slave_0) entered disabled state [ 50.825972][ T4846] bridge_slave_0: entered allmulticast mode [ 50.842949][ T4846] bridge_slave_0: entered promiscuous mode [ 50.872700][ T4846] bridge0: port 2(bridge_slave_1) entered blocking state [ 50.879873][ T4846] bridge0: port 2(bridge_slave_1) entered disabled state [ 50.903093][ T4846] bridge_slave_1: entered allmulticast mode [ 50.909643][ T4846] bridge_slave_1: entered promiscuous mode [ 50.936796][ T4846] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 50.957504][ T4846] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 51.022493][ T4846] team0: Port device team_slave_0 added [ 51.033854][ T4846] team0: Port device team_slave_1 added [ 51.039527][ T29] audit: type=1400 audit(1754028680.027:768): avc: denied { create } for pid=4879 comm="syz.0.571" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=mctp_socket permissive=1 [ 51.071354][ T29] audit: type=1400 audit(1754028680.057:769): avc: denied { ioctl } for pid=4879 comm="syz.0.571" path="socket:[9342]" dev="sockfs" ino=9342 ioctlcmd=0x89e0 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=mctp_socket permissive=1 [ 51.095823][ T29] audit: type=1400 audit(1754028680.067:770): avc: denied { connect } for pid=4877 comm="syz.2.570" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 51.125116][ T29] audit: type=1400 audit(1754028680.117:771): avc: denied { bind } for pid=4886 comm="syz.0.573" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 51.151426][ T4846] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 51.157085][ T29] audit: type=1400 audit(1754028680.147:772): avc: denied { connect } for pid=4886 comm="syz.0.573" lport=47 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 51.158457][ T4846] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 51.204690][ T4846] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 51.205527][ T2954] kernel read not supported for file /vga_arbiter (pid: 2954 comm: kworker/1:2) [ 51.225617][ T4846] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 51.232707][ T4846] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 51.258753][ T4846] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 51.338356][ T4846] hsr_slave_0: entered promiscuous mode [ 51.519460][ T4846] hsr_slave_1: entered promiscuous mode [ 51.525507][ T4846] debugfs: 'hsr0' already exists in 'hsr' [ 51.531264][ T4846] Cannot create hsr debugfs directory [ 51.755736][ T4906] netlink: 24 bytes leftover after parsing attributes in process `syz.0.579'. [ 51.769572][ T4846] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 51.786289][ T4846] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 51.813790][ T4846] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 51.827367][ T4846] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 51.900019][ T4846] 8021q: adding VLAN 0 to HW filter on device bond0 [ 51.912899][ T4846] 8021q: adding VLAN 0 to HW filter on device team0 [ 51.931978][ T4480] bridge0: port 1(bridge_slave_0) entered blocking state [ 51.939087][ T4480] bridge0: port 1(bridge_slave_0) entered forwarding state [ 51.952715][ T4922] netlink: 'syz.1.583': attribute type 5 has an invalid length. [ 51.961754][ T4480] bridge0: port 2(bridge_slave_1) entered blocking state [ 51.968911][ T4480] bridge0: port 2(bridge_slave_1) entered forwarding state [ 52.051651][ T4936] loop0: detected capacity change from 0 to 128 [ 52.067914][ T4936] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 52.101037][ T4846] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 52.118057][ T4936] ext4 filesystem being mounted at /106/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 52.199341][ T3299] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 52.584777][ T4846] veth0_vlan: entered promiscuous mode [ 52.603320][ T4846] veth1_vlan: entered promiscuous mode [ 52.634486][ T4987] loop2: detected capacity change from 0 to 128 [ 52.644837][ T4846] veth0_macvtap: entered promiscuous mode [ 52.652432][ T4846] veth1_macvtap: entered promiscuous mode [ 52.663674][ T4846] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 52.698170][ T36] kernel write not supported for file bpf-prog (pid: 36 comm: kworker/1:1) [ 52.700743][ T4846] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 52.719320][ T4987] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 52.731615][ T4480] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 52.760674][ T4480] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 52.776132][ T4480] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 52.787541][ T4999] Freezing with imperfect legacy cgroup freezer. See cgroup.freeze of cgroup v2 [ 52.800149][ T4987] ext4 filesystem being mounted at /117/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 52.818395][ T4480] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 52.883907][ T3306] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 53.219819][ T3387] kernel write not supported for file bpf-prog (pid: 3387 comm: kworker/0:4) [ 53.240687][ T5038] netlink: 16 bytes leftover after parsing attributes in process `wޣ'. [ 53.332590][ T5050] loop5: detected capacity change from 0 to 1024 [ 53.349034][ T5050] EXT4-fs: Ignoring removed bh option [ 53.364655][ T5050] EXT4-fs: Ignoring removed nobh option [ 53.370351][ T5050] EXT4-fs: inline encryption not supported [ 53.418963][ T5050] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 53.438981][ T5050] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:4183: comm +}[@: Allocating blocks 385-513 which overlap fs metadata [ 53.455285][ T5050] EXT4-fs (loop5): pa ffff888106b332a0: logic 16, phys. 129, len 24 [ 53.463423][ T5050] EXT4-fs error (device loop5): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 8 [ 53.482091][ T5050] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 1 with error 28 [ 53.494439][ T5050] EXT4-fs (loop5): This should not happen!! Data will be lost [ 53.494439][ T5050] [ 53.504126][ T5050] EXT4-fs (loop5): Total free blocks count 0 [ 53.510325][ T5050] EXT4-fs (loop5): Free/Dirty block details [ 53.516370][ T5050] EXT4-fs (loop5): free_blocks=128 [ 53.521563][ T5050] EXT4-fs (loop5): dirty_blocks=0 [ 53.526602][ T5050] EXT4-fs (loop5): Block reservation details [ 53.532617][ T5050] EXT4-fs (loop5): i_reserved_data_blocks=0 [ 53.567099][ T5064] netlink: 3 bytes leftover after parsing attributes in process `syz.5.628'. [ 53.581120][ T5064] batadv1: entered promiscuous mode [ 53.586364][ T5064] batadv1: entered allmulticast mode [ 53.640483][ T5066] loop4: detected capacity change from 0 to 8192 [ 53.726812][ T5077] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5077 comm=syz.5.635 [ 54.296538][ T5129] loop1: detected capacity change from 0 to 1764 [ 54.326289][ T5133] SELinux: ebitmap: truncated map [ 54.333070][ T5133] SELinux: failed to load policy [ 54.361119][ T5136] loop1: detected capacity change from 0 to 512 [ 54.372579][ T5138] sctp: [Deprecated]: syz.4.661 (pid 5138) Use of int in max_burst socket option. [ 54.372579][ T5138] Use struct sctp_assoc_value instead [ 54.381489][ T5127] syzkaller0: entered promiscuous mode [ 54.392533][ T5127] syzkaller0: entered allmulticast mode [ 54.400478][ T5136] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 54.425020][ T5136] EXT4-fs (loop1): 1 truncate cleaned up [ 54.433336][ T5136] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 54.481872][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 54.586369][ T29] kauditd_printk_skb: 15 callbacks suppressed [ 54.586384][ T29] audit: type=1326 audit(1754028683.577:788): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5152 comm="syz.1.667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f590156eb69 code=0x7ffc0000 [ 54.625874][ T5153] loop1: detected capacity change from 0 to 128 [ 54.633800][ T5153] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 54.648761][ T29] audit: type=1326 audit(1754028683.617:789): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5152 comm="syz.1.667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f590156eb69 code=0x7ffc0000 [ 54.658222][ T5153] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 54.672184][ T29] audit: type=1326 audit(1754028683.617:790): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5152 comm="syz.1.667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f590156eba3 code=0x7ffc0000 [ 54.704145][ T29] audit: type=1326 audit(1754028683.617:791): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5152 comm="syz.1.667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f590156d61f code=0x7ffc0000 [ 54.727313][ T29] audit: type=1326 audit(1754028683.617:792): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5152 comm="syz.1.667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f590156ebf7 code=0x7ffc0000 [ 54.750558][ T29] audit: type=1326 audit(1754028683.617:793): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5152 comm="syz.1.667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f590156d4d0 code=0x7ffc0000 [ 54.773815][ T29] audit: type=1326 audit(1754028683.617:794): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5152 comm="syz.1.667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f590156e76b code=0x7ffc0000 [ 54.796984][ T29] audit: type=1326 audit(1754028683.627:795): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5152 comm="syz.1.667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f590156d7ca code=0x7ffc0000 [ 54.820110][ T29] audit: type=1326 audit(1754028683.627:796): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5152 comm="syz.1.667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f590156d7ca code=0x7ffc0000 [ 54.843236][ T29] audit: type=1326 audit(1754028683.627:797): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5152 comm="syz.1.667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f590156d3d7 code=0x7ffc0000 [ 54.866710][ T4441] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 54.951047][ T5164] bridge: RTM_NEWNEIGH with invalid ether address [ 55.036630][ T5168] loop4: detected capacity change from 0 to 512 [ 55.056391][ T5168] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 55.088070][ T5168] EXT4-fs (loop4): 1 truncate cleaned up [ 55.094319][ T5168] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 55.131965][ T3308] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 55.148873][ T5179] loop5: detected capacity change from 0 to 1024 [ 55.169013][ T5179] EXT4-fs: inline encryption not supported [ 55.175114][ T5179] EXT4-fs: Ignoring removed i_version option [ 55.217800][ T5186] vlan2: entered allmulticast mode [ 55.228640][ T5179] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 55.250892][ T5179] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 55.291810][ T4846] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 55.398488][ T5199] loop1: detected capacity change from 0 to 1024 [ 55.406415][ T5199] EXT4-fs: inline encryption not supported [ 55.412470][ T5199] EXT4-fs: Ignoring removed i_version option [ 55.440592][ T5199] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 55.472948][ T5199] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 55.514273][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 55.668455][ T5214] netlink: 8 bytes leftover after parsing attributes in process `syz.1.691'. [ 55.716627][ T5219] loop1: detected capacity change from 0 to 512 [ 55.723280][ T5219] EXT4-fs: Ignoring removed nomblk_io_submit option [ 55.731531][ T5219] EXT4-fs: Ignoring removed mblk_io_submit option [ 55.739533][ T5219] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -2 [ 55.747624][ T5219] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -2 [ 55.756250][ T5219] EXT4-fs (loop1): 1 truncate cleaned up [ 55.762571][ T5219] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 55.792767][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 55.821619][ T5222] veth1_to_bond: entered promiscuous mode [ 55.834214][ T5222] macsec1: entered promiscuous mode [ 55.840033][ T5222] macsec1: entered allmulticast mode [ 55.845531][ T5222] veth1_to_bond: entered allmulticast mode [ 55.855276][ T5222] veth1_to_bond: left allmulticast mode [ 55.861000][ T5222] veth1_to_bond: left promiscuous mode [ 55.968029][ T5226] loop1: detected capacity change from 0 to 2048 [ 55.979307][ T5226] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 56.003365][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 56.044678][ T5232] netlink: '+}[@': attribute type 1 has an invalid length. [ 56.051993][ T5232] netlink: 198116 bytes leftover after parsing attributes in process `+}[@'. [ 56.134576][ T5244] loop0: detected capacity change from 0 to 512 [ 56.142203][ T5244] journal_path: Non-blockdev passed as './bus' [ 56.148536][ T5244] EXT4-fs: error: could not find journal device path [ 56.209160][ T5256] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 56.350603][ T5269] loop2: detected capacity change from 0 to 8192 [ 56.367835][ T5269] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 57.045056][ T5289] ipip0: entered promiscuous mode [ 57.067911][ T5294] loop1: detected capacity change from 0 to 512 [ 57.100326][ T5294] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 57.130485][ T5294] ext4 filesystem being mounted at /180/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 57.158708][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 57.244282][ T5323] loop1: detected capacity change from 0 to 128 [ 57.252557][ T5323] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 57.347702][ T5323] ext4 filesystem being mounted at /183/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 57.407633][ T3302] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 57.710062][ T5337] netlink: 16 bytes leftover after parsing attributes in process `syz.1.745'. [ 58.023701][ T5348] vlan2: entered allmulticast mode [ 58.029085][ T5348] bridge_slave_0: entered allmulticast mode [ 58.111162][ T5352] SELinux: ebitmap: truncated map [ 58.131957][ T5352] SELinux: failed to load policy [ 58.159597][ T5360] bridge0: entered promiscuous mode [ 58.176054][ T5360] macvtap1: entered allmulticast mode [ 58.181577][ T5360] bridge0: entered allmulticast mode [ 58.198215][ T5360] bridge0: port 3(macvtap1) entered blocking state [ 58.204827][ T5360] bridge0: port 3(macvtap1) entered disabled state [ 58.226371][ T5360] bridge0: left allmulticast mode [ 58.231501][ T5360] bridge0: left promiscuous mode [ 58.363914][ T5369] 9pnet: Could not find request transport: fd0xffffffffffffffff [ 58.413864][ T5372] netem: change failed [ 58.481454][ T5379] loop5: detected capacity change from 0 to 764 [ 58.625007][ T5387] loop1: detected capacity change from 0 to 512 [ 58.677908][ T5387] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 58.694411][ T5387] ext4 filesystem being mounted at /197/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 58.830742][ T5400] netlink: 24 bytes leftover after parsing attributes in process `syz.4.772'. [ 58.898037][ T3302] EXT4-fs error (device loop1): ext4_empty_dir:3081: inode #12: comm syz-executor: invalid size [ 58.957610][ T3302] EXT4-fs error (device loop1): ext4_empty_dir:3081: inode #12: comm syz-executor: invalid size [ 59.030063][ T3302] EXT4-fs error (device loop1): ext4_empty_dir:3081: inode #12: comm syz-executor: invalid size [ 59.049810][ T3302] EXT4-fs error (device loop1): ext4_empty_dir:3081: inode #12: comm syz-executor: invalid size [ 59.062916][ T3302] EXT4-fs error (device loop1): ext4_empty_dir:3081: inode #12: comm syz-executor: invalid size [ 59.123169][ T3302] EXT4-fs error (device loop1): ext4_empty_dir:3081: inode #12: comm syz-executor: invalid size [ 59.154181][ T3302] EXT4-fs error (device loop1): ext4_empty_dir:3081: inode #12: comm syz-executor: invalid size [ 59.197409][ T3302] EXT4-fs error (device loop1): ext4_empty_dir:3081: inode #12: comm syz-executor: invalid size [ 59.231648][ T3302] EXT4-fs error (device loop1): ext4_empty_dir:3081: inode #12: comm syz-executor: invalid size [ 59.250765][ T5414] bond_slave_1: mtu less than device minimum [ 59.266624][ T3302] EXT4-fs error (device loop1): ext4_empty_dir:3081: inode #12: comm syz-executor: invalid size [ 59.378676][ T5412] netlink: 4 bytes leftover after parsing attributes in process `syz.5.787'. [ 59.418276][ T5412] netlink: 4 bytes leftover after parsing attributes in process `syz.5.787'. [ 59.531969][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 60.126836][ T5424] chnl_net:caif_netlink_parms(): no params data found [ 60.337900][ T5424] bridge0: port 1(bridge_slave_0) entered blocking state [ 60.345021][ T5424] bridge0: port 1(bridge_slave_0) entered disabled state [ 60.352441][ T5424] bridge_slave_0: entered allmulticast mode [ 60.359248][ T29] kauditd_printk_skb: 112 callbacks suppressed [ 60.359262][ T29] audit: type=1400 audit(1754028689.357:910): avc: denied { connect } for pid=5464 comm="syz.2.795" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1 [ 60.386069][ T5424] bridge_slave_0: entered promiscuous mode [ 60.393132][ T5424] bridge0: port 2(bridge_slave_1) entered blocking state [ 60.400270][ T5424] bridge0: port 2(bridge_slave_1) entered disabled state [ 60.407684][ T5424] bridge_slave_1: entered allmulticast mode [ 60.414383][ T5424] bridge_slave_1: entered promiscuous mode [ 60.442471][ T5424] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 60.453210][ T5424] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 60.514810][ T5424] team0: Port device team_slave_0 added [ 60.522036][ T5424] team0: Port device team_slave_1 added [ 60.529174][ T29] audit: type=1326 audit(1754028689.527:911): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5473 comm="syz.0.797" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f886e88eb69 code=0x7ffc0000 [ 60.552567][ T29] audit: type=1326 audit(1754028689.527:912): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5473 comm="syz.0.797" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f886e88eb69 code=0x7ffc0000 [ 60.608871][ T29] audit: type=1326 audit(1754028689.527:913): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5473 comm="syz.0.797" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f886e88eb69 code=0x7ffc0000 [ 60.632285][ T29] audit: type=1326 audit(1754028689.527:914): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5473 comm="syz.0.797" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f886e88eb69 code=0x7ffc0000 [ 60.655645][ T29] audit: type=1326 audit(1754028689.527:915): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5473 comm="syz.0.797" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f886e88eb69 code=0x7ffc0000 [ 60.679122][ T29] audit: type=1326 audit(1754028689.527:916): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5473 comm="syz.0.797" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f886e88eb69 code=0x7ffc0000 [ 60.702589][ T29] audit: type=1326 audit(1754028689.527:917): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5473 comm="syz.0.797" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f886e88eb69 code=0x7ffc0000 [ 60.725920][ T29] audit: type=1326 audit(1754028689.527:918): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5473 comm="syz.0.797" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f886e88eb69 code=0x7ffc0000 [ 60.749245][ T29] audit: type=1326 audit(1754028689.527:919): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5473 comm="syz.0.797" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f886e88eb69 code=0x7ffc0000 [ 60.777742][ T5424] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 60.784734][ T5424] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 60.810756][ T5424] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 60.834811][ T5424] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 60.841879][ T5424] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 60.867977][ T5424] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 60.953233][ T5424] hsr_slave_0: entered promiscuous mode [ 60.967462][ T5424] hsr_slave_1: entered promiscuous mode [ 60.974566][ T5424] debugfs: 'hsr0' already exists in 'hsr' [ 60.980414][ T5424] Cannot create hsr debugfs directory [ 60.985986][ T5483] netlink: 12 bytes leftover after parsing attributes in process `syz.4.798'. [ 61.050677][ T5489] netlink: 'syz.4.805': attribute type 13 has an invalid length. [ 61.254542][ T5424] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 61.264269][ T5424] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 61.277706][ T5424] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 61.289179][ T5424] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 61.410810][ T5424] 8021q: adding VLAN 0 to HW filter on device bond0 [ 61.459132][ T5518] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 61.476048][ T5424] 8021q: adding VLAN 0 to HW filter on device team0 [ 61.490077][ T4480] bridge0: port 1(bridge_slave_0) entered blocking state [ 61.497209][ T4480] bridge0: port 1(bridge_slave_0) entered forwarding state [ 61.516146][ T4480] bridge0: port 2(bridge_slave_1) entered blocking state [ 61.523339][ T4480] bridge0: port 2(bridge_slave_1) entered forwarding state [ 61.560537][ T5518] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 61.633347][ T5518] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 61.689480][ T5424] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 61.722214][ T5518] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 61.776484][ T4454] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 61.840532][ T4469] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 61.895320][ T4469] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 61.911219][ T4454] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 61.958276][ T4469] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 61.984574][ T4469] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 61.995121][ T5544] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 62.005127][ T5544] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 62.026207][ T4454] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 62.105361][ T4454] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 62.209819][ T4454] bridge_slave_1: left allmulticast mode [ 62.215528][ T4454] bridge_slave_1: left promiscuous mode [ 62.221264][ T4454] bridge0: port 2(bridge_slave_1) entered disabled state [ 62.231560][ T4454] bridge_slave_0: left allmulticast mode [ 62.237419][ T4454] bridge_slave_0: left promiscuous mode [ 62.243122][ T4454] bridge0: port 1(bridge_slave_0) entered disabled state [ 62.253183][ T5557] IPv4: Oversized IP packet from 127.202.26.0 [ 62.293359][ T5559] netlink: 24 bytes leftover after parsing attributes in process `syz.4.826'. [ 62.459520][ T4454] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 62.471284][ T4454] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 62.481197][ T4454] bond0 (unregistering): Released all slaves [ 62.501945][ T5565] netlink: 5448 bytes leftover after parsing attributes in process `syz.4.826'. [ 62.539905][ T5424] veth0_vlan: entered promiscuous mode [ 62.568541][ T4454] hsr_slave_0: left promiscuous mode [ 62.580816][ T4454] hsr_slave_1: left promiscuous mode [ 62.586541][ T4454] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 62.586560][ T4454] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 62.588157][ T4454] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 62.588173][ T4454] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 62.591505][ T4454] veth1_macvtap: left promiscuous mode [ 62.591532][ T4454] veth0_macvtap: left promiscuous mode [ 62.591572][ T4454] veth1_vlan: left promiscuous mode [ 62.591634][ T4454] veth0_vlan: left promiscuous mode [ 62.647020][ T5582] Invalid ELF header magic: != ELF [ 62.730974][ T4454] team0 (unregistering): Port device team_slave_1 removed [ 62.748684][ T4454] team0 (unregistering): Port device team_slave_0 removed [ 62.792635][ T5424] veth1_vlan: entered promiscuous mode [ 62.805171][ T5590] wg2: entered promiscuous mode [ 62.810188][ T5590] wg2: entered allmulticast mode [ 62.829218][ T5595] team0 (unregistering): Port device team_slave_0 removed [ 62.840264][ T5595] team0 (unregistering): Port device team_slave_1 removed [ 62.860934][ T5424] veth0_macvtap: entered promiscuous mode [ 62.873569][ T5599] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 62.881818][ T5424] veth1_macvtap: entered promiscuous mode [ 62.896350][ T5424] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 62.925732][ T5424] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 62.968623][ T4456] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.999481][ T4456] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 63.020011][ T4456] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 63.045393][ T4456] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 63.679206][ T5643] netlink: 8 bytes leftover after parsing attributes in process `syz.2.860'. [ 64.021888][ T5662] SELinux: failed to load policy [ 64.026654][ T5664] loop2: detected capacity change from 0 to 1024 [ 64.057408][ T5664] EXT4-fs: Ignoring removed nobh option [ 64.063070][ T5664] EXT4-fs: inline encryption not supported [ 64.097268][ T5664] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 64.130050][ T5664] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4183: comm syz.2.868: Allocating blocks 385-513 which overlap fs metadata [ 64.146102][ T5664] EXT4-fs (loop2): pa ffff888106b332a0: logic 16, phys. 129, len 24 [ 64.154191][ T5664] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 8 [ 64.166462][ T5664] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 1 with error 28 [ 64.178830][ T5664] EXT4-fs (loop2): This should not happen!! Data will be lost [ 64.178830][ T5664] [ 64.188675][ T5664] EXT4-fs (loop2): Total free blocks count 0 [ 64.194754][ T5664] EXT4-fs (loop2): Free/Dirty block details [ 64.200679][ T5664] EXT4-fs (loop2): free_blocks=128 [ 64.205824][ T5664] EXT4-fs (loop2): dirty_blocks=0 [ 64.210887][ T5664] EXT4-fs (loop2): Block reservation details [ 64.216912][ T5664] EXT4-fs (loop2): i_reserved_data_blocks=0 [ 64.406428][ T5693] sch_tbf: burst 127 is lower than device syzkaller0 mtu (1514) ! [ 64.684680][ T5711] netlink: 28 bytes leftover after parsing attributes in process `syz.0.886'. [ 64.770954][ T5717] loop6: detected capacity change from 0 to 512 [ 64.792152][ T5717] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode [ 64.815867][ T5717] EXT4-fs (loop6): 1 truncate cleaned up [ 65.444857][ T5744] netlink: 12 bytes leftover after parsing attributes in process `syz.6.902'. [ 65.454000][ T5744] netlink: 'syz.6.902': attribute type 19 has an invalid length. [ 65.508488][ T4456] netdevsim netdevsim6 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 65.521576][ T5744] netlink: 12 bytes leftover after parsing attributes in process `syz.6.902'. [ 65.530516][ T5744] netlink: 'syz.6.902': attribute type 19 has an invalid length. [ 65.553476][ T5746] tipc: Started in network mode [ 65.558430][ T5746] tipc: Node identity ac14140f, cluster identity 4711 [ 65.568416][ T5746] tipc: New replicast peer: 255.255.255.255 [ 65.574438][ T5746] tipc: Enabled bearer , priority 10 [ 65.583679][ T4456] netdevsim netdevsim6 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 65.593857][ T4456] netdevsim netdevsim6 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 65.608399][ T4456] netdevsim netdevsim6 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 65.679204][ T29] kauditd_printk_skb: 263 callbacks suppressed [ 65.679220][ T29] audit: type=1400 audit(1754028694.677:1183): avc: denied { create } for pid=5747 comm="syz.6.904" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=user_namespace permissive=1 [ 65.801357][ T29] audit: type=1326 audit(1754028694.797:1184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5753 comm="syz.6.906" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb888d2eb69 code=0x7ffc0000 [ 65.824859][ T29] audit: type=1326 audit(1754028694.797:1185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5753 comm="syz.6.906" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb888d2eb69 code=0x7ffc0000 [ 65.883296][ T29] audit: type=1326 audit(1754028694.857:1186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5753 comm="syz.6.906" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb888d2eb69 code=0x7ffc0000 [ 65.906743][ T29] audit: type=1326 audit(1754028694.857:1187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5753 comm="syz.6.906" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb888d2eb69 code=0x7ffc0000 [ 65.930095][ T29] audit: type=1326 audit(1754028694.857:1188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5753 comm="syz.6.906" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb888d2eb69 code=0x7ffc0000 [ 65.953456][ T29] audit: type=1326 audit(1754028694.857:1189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5753 comm="syz.6.906" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb888d2eb69 code=0x7ffc0000 [ 65.976933][ T29] audit: type=1326 audit(1754028694.857:1190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5753 comm="syz.6.906" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb888d2eb69 code=0x7ffc0000 [ 66.000429][ T29] audit: type=1326 audit(1754028694.857:1191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5753 comm="syz.6.906" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb888d2eb69 code=0x7ffc0000 [ 66.023853][ T29] audit: type=1326 audit(1754028694.857:1192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5753 comm="syz.6.906" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb888d2eb69 code=0x7ffc0000 [ 66.307382][ T5785] option changes via remount are deprecated (pid=5784 comm=syz.4.922) [ 66.408882][ T5791] netlink: 'syz.2.925': attribute type 6 has an invalid length. [ 66.491119][ T5798] netlink: 96 bytes leftover after parsing attributes in process `syz.0.928'. [ 66.561513][ T5806] syzkaller1: entered promiscuous mode [ 66.567262][ T5806] syzkaller1: entered allmulticast mode [ 66.616214][ T5808] wireguard0: entered promiscuous mode [ 66.621935][ T5808] wireguard0: entered allmulticast mode [ 66.696826][ T2954] tipc: Node number set to 2886997007 [ 66.830245][ T5823] netlink: 24 bytes leftover after parsing attributes in process `syz.2.937'. [ 67.154925][ T5847] netlink: 96 bytes leftover after parsing attributes in process `syz.4.948'. [ 67.220181][ T5854] macvlan1: entered promiscuous mode [ 67.227492][ T5854] ipvlan0: entered promiscuous mode [ 67.234959][ T5854] ipvlan0: left promiscuous mode [ 67.240950][ T5854] macvlan1: left promiscuous mode [ 67.424461][ T5870] hub 6-0:1.0: USB hub found [ 67.435744][ T5870] hub 6-0:1.0: 8 ports detected [ 67.484185][ T5884] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5884 comm=syz.6.966 [ 67.524554][ T5888] netlink: 56 bytes leftover after parsing attributes in process `syz.6.968'. [ 67.610336][ T5900] netlink: 24 bytes leftover after parsing attributes in process `syz.4.974'. [ 67.612290][ T5896] IPv4: Oversized IP packet from 127.202.26.0 [ 67.655915][ T5903] loop2: detected capacity change from 0 to 1024 [ 67.676356][ T5903] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 67.687352][ T5903] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 67.708641][ T5908] netlink: 4 bytes leftover after parsing attributes in process `syz.5.977'. [ 67.721048][ T5903] JBD2: no valid journal superblock found [ 67.726920][ T5903] EXT4-fs (loop2): Could not load journal inode [ 67.746507][ C0] vcan0: j1939_xtp_rx_dat: no tx connection found [ 67.753018][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 67.760887][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 67.768727][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 67.776547][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 67.784383][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 67.792206][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 67.800022][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 67.807867][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 67.815696][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 67.823514][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 67.831419][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 67.839254][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 67.847072][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 67.854937][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 67.862799][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 67.870652][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 67.878482][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 67.886292][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 67.894104][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 67.902031][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 67.909867][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 67.917701][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 67.925513][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 67.933337][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 67.941149][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 67.949013][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 67.956832][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 67.964644][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 67.972461][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 67.980308][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 67.988141][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 67.995963][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 68.003776][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 68.011630][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 68.019457][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 68.027287][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 68.035113][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 68.042950][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 68.050761][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 68.058595][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 68.066399][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 68.074253][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 68.082065][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 68.089886][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 68.097702][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 68.105515][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 68.113338][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 68.121177][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 68.129029][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 68.136897][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 68.144726][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 68.152557][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 68.160371][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 68.168218][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 68.176039][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 68.183890][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 68.191734][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 68.199579][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 68.207391][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 68.215219][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 68.223054][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 68.230903][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 68.238735][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 68.246559][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 68.254367][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 68.376392][ T5933] serio: Serial port ttyS3 [ 68.393636][ T5936] loop6: detected capacity change from 0 to 1024 [ 68.400545][ T5936] EXT4-fs: Ignoring removed bh option [ 68.405992][ T5936] EXT4-fs: Ignoring removed nobh option [ 68.411606][ T5936] EXT4-fs: inline encryption not supported [ 68.431963][ T5936] EXT4-fs error (device loop6): ext4_mb_mark_diskspace_used:4183: comm syz.6.990: Allocating blocks 385-513 which overlap fs metadata [ 68.447366][ T5936] EXT4-fs (loop6): pa ffff888106b337e0: logic 16, phys. 129, len 24 [ 68.455424][ T5936] EXT4-fs error (device loop6): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 8 [ 68.466398][ T5936] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 1 with error 28 [ 68.478715][ T5936] EXT4-fs (loop6): This should not happen!! Data will be lost [ 68.478715][ T5936] [ 68.488453][ T5936] EXT4-fs (loop6): Total free blocks count 0 [ 68.494559][ T5936] EXT4-fs (loop6): Free/Dirty block details [ 68.500477][ T5936] EXT4-fs (loop6): free_blocks=128 [ 68.505651][ T5936] EXT4-fs (loop6): dirty_blocks=0 [ 68.510702][ T5936] EXT4-fs (loop6): Block reservation details [ 68.516695][ T5936] EXT4-fs (loop6): i_reserved_data_blocks=0 [ 68.647781][ T5953] loop4: detected capacity change from 0 to 512 [ 68.752065][ T4480] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 68.799704][ T4480] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 68.859370][ T4480] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 68.878953][ T4480] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 68.889748][ T5976] loop4: detected capacity change from 0 to 512 [ 68.898672][ T5976] EXT4-fs error (device loop4): ext4_orphan_get:1392: inode #15: comm +}[@: iget: bad i_size value: 38620345925642 [ 68.911434][ T5976] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm +}[@: couldn't read orphan inode 15 (err -117) [ 69.079338][ T4480] bond0 (unregistering): Released all slaves [ 69.123189][ T5968] chnl_net:caif_netlink_parms(): no params data found [ 69.133515][ T4480] tipc: Disabling bearer [ 69.138887][ T4480] tipc: Left network mode [ 69.154840][ T4480] hsr_slave_0: left promiscuous mode [ 69.160697][ T4480] hsr_slave_1: left promiscuous mode [ 69.169926][ T4480] veth1_macvtap: left promiscuous mode [ 69.175651][ T4480] veth0_macvtap: left promiscuous mode [ 69.181318][ T4480] veth1_vlan: left promiscuous mode [ 69.187358][ T4480] veth0_vlan: left promiscuous mode [ 69.230800][ T5996] loop4: detected capacity change from 0 to 164 [ 69.242215][ T5996] bio_check_eod: 23030 callbacks suppressed [ 69.242232][ T5996] syz.4.1011: attempt to access beyond end of device [ 69.242232][ T5996] loop4: rw=524288, sector=263328, nr_sectors = 4 limit=164 [ 69.264842][ T5996] syz.4.1011: attempt to access beyond end of device [ 69.264842][ T5996] loop4: rw=0, sector=263328, nr_sectors = 4 limit=164 [ 69.371845][ T6004] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1014'. [ 69.413580][ T5968] bridge0: port 1(bridge_slave_0) entered blocking state [ 69.420877][ T5968] bridge0: port 1(bridge_slave_0) entered disabled state [ 69.428222][ T5968] bridge_slave_0: entered allmulticast mode [ 69.434713][ T5968] bridge_slave_0: entered promiscuous mode [ 69.441816][ T5968] bridge0: port 2(bridge_slave_1) entered blocking state [ 69.448999][ T5968] bridge0: port 2(bridge_slave_1) entered disabled state [ 69.466064][ T5968] bridge_slave_1: entered allmulticast mode [ 69.472936][ T5968] bridge_slave_1: entered promiscuous mode [ 69.505218][ T5968] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 69.526495][ T5968] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 69.567646][ T5968] team0: Port device team_slave_0 added [ 69.574537][ T5968] team0: Port device team_slave_1 added [ 69.607372][ T6019] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1021'. [ 69.641242][ T5968] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 69.648281][ T5968] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 69.674464][ T5968] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 69.692081][ T5968] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 69.699107][ T5968] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 69.725045][ T5968] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 69.780226][ T5968] hsr_slave_0: entered promiscuous mode [ 69.786505][ T5968] hsr_slave_1: entered promiscuous mode [ 69.803318][ T5968] debugfs: 'hsr0' already exists in 'hsr' [ 69.809159][ T5968] Cannot create hsr debugfs directory [ 69.929016][ T5968] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 69.948122][ T5968] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 69.961004][ T5968] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 69.975116][ T5968] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 69.994132][ T6044] netlink: 2036 bytes leftover after parsing attributes in process `syz.5.1027'. [ 70.003401][ T6044] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1027'. [ 70.069501][ T6046] bond0: entered promiscuous mode [ 70.074604][ T6046] bond_slave_0: entered promiscuous mode [ 70.080415][ T6046] bond_slave_1: entered promiscuous mode [ 70.088069][ T6046] batadv0: entered promiscuous mode [ 70.093780][ T6046] hsr1: entered allmulticast mode [ 70.098892][ T6046] bond0: entered allmulticast mode [ 70.104020][ T6046] bond_slave_0: entered allmulticast mode [ 70.109771][ T6046] bond_slave_1: entered allmulticast mode [ 70.115556][ T6046] macvlan2: entered allmulticast mode [ 70.121023][ T6046] veth1_vlan: entered allmulticast mode [ 70.126600][ T6046] batadv0: entered allmulticast mode [ 70.132426][ T6046] 8021q: adding VLAN 0 to HW filter on device hsr1 [ 70.141776][ T6046] bond0: left promiscuous mode [ 70.146654][ T6046] bond_slave_0: left promiscuous mode [ 70.152150][ T6046] bond_slave_1: left promiscuous mode [ 70.158650][ T6046] batadv0: left promiscuous mode [ 70.170132][ T5968] 8021q: adding VLAN 0 to HW filter on device bond0 [ 70.185077][ T5968] 8021q: adding VLAN 0 to HW filter on device team0 [ 70.220641][ T4456] bridge0: port 1(bridge_slave_0) entered blocking state [ 70.227828][ T4456] bridge0: port 1(bridge_slave_0) entered forwarding state [ 70.308676][ T4456] bridge0: port 2(bridge_slave_1) entered blocking state [ 70.315810][ T4456] bridge0: port 2(bridge_slave_1) entered forwarding state [ 70.407614][ T5968] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 70.541355][ T6068] loop6: detected capacity change from 0 to 128 [ 70.547902][ T6067] loop2: detected capacity change from 0 to 1024 [ 70.550622][ T6068] FAT-fs (loop6): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 70.574878][ T6067] EXT4-fs: Ignoring removed orlov option [ 70.583823][ T6068] FAT-fs (loop6): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 70.613885][ T4469] FAT-fs (loop6): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 70.637858][ T5968] veth0_vlan: entered promiscuous mode [ 70.645914][ T5968] veth1_vlan: entered promiscuous mode [ 70.661616][ T5968] veth0_macvtap: entered promiscuous mode [ 70.687565][ T5968] veth1_macvtap: entered promiscuous mode [ 70.722467][ T5968] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 70.738371][ T5968] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 70.751063][ T4456] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 70.782884][ T4456] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 70.802168][ T4456] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 70.848308][ T4456] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 70.872301][ T6089] can0: slcan on ttyS3. [ 70.956972][ T6089] can0 (unregistered): slcan off ttyS3. [ 71.364832][ T6127] netlink: 'syz.5.1055': attribute type 27 has an invalid length. [ 71.391535][ T6139] loop6: detected capacity change from 0 to 512 [ 71.420472][ T6139] EXT4-fs mount: 8 callbacks suppressed [ 71.420489][ T6139] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 71.438735][ T6139] ext4 filesystem being mounted at /55/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 71.450774][ T6127] bridge0: port 2(bridge_slave_1) entered disabled state [ 71.457971][ T6127] bridge0: port 1(bridge_slave_0) entered disabled state [ 71.467845][ T6146] loop4: detected capacity change from 0 to 512 [ 71.494659][ T6153] vhci_hcd: default hub control req: 0000 v0000 i0000 l31125 [ 71.514641][ T6146] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 71.533641][ T6127] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 71.547901][ T6127] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 71.563258][ T6146] ext4 filesystem being mounted at /213/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 71.608683][ T5424] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 71.617842][ T4469] netdevsim netdevsim5 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 71.640111][ T6146] __nla_validate_parse: 1 callbacks suppressed [ 71.640128][ T6146] netlink: 96 bytes leftover after parsing attributes in process `syz.4.1064'. [ 71.657111][ T4469] netdevsim netdevsim5 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 71.667845][ T4469] netdevsim netdevsim5 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 71.677943][ T4469] netdevsim netdevsim5 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 71.712921][ T3308] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 71.881969][ T6183] random: crng reseeded on system resumption [ 71.896479][ T6187] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1079'. [ 71.906250][ T6187] IPVS: Unknown mcast interface: vcan0 [ 72.174114][ T6215] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1091'. [ 72.473879][ T6226] netlink: 28 bytes leftover after parsing attributes in process `syz.6.1097'. [ 72.483090][ T6226] netlink: 'syz.6.1097': attribute type 7 has an invalid length. [ 72.490885][ T6226] netlink: 'syz.6.1097': attribute type 8 has an invalid length. [ 72.498653][ T6226] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1097'. [ 72.543918][ T6229] netlink: 'syz.7.1099': attribute type 10 has an invalid length. [ 72.551840][ T6229] netlink: 40 bytes leftover after parsing attributes in process `syz.7.1099'. [ 72.557758][ T6231] loop6: detected capacity change from 0 to 512 [ 72.562753][ T6229] dummy0: entered promiscuous mode [ 72.589812][ T6231] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 72.631649][ T6231] ext4 filesystem being mounted at /58/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 72.718708][ T5424] EXT4-fs error (device loop6): ext4_empty_dir:3081: inode #12: comm syz-executor: invalid size [ 72.746520][ T5424] EXT4-fs (loop6): Remounting filesystem read-only [ 72.775336][ T5424] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 72.795142][ T4469] EXT4-fs (loop6): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 72.805748][ T4469] __quota_error: 109 callbacks suppressed [ 72.805766][ T4469] Quota error (device loop6): write_blk: dquota write failed [ 72.819122][ T4469] Quota error (device loop6): free_dqentry: Can't write quota data block 5 [ 72.833740][ T4469] EXT4-fs (loop6): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 72.846715][ T4469] Quota error (device loop6): write_blk: dquota write failed [ 72.854119][ T4469] Quota error (device loop6): free_dqentry: Can't write quota data block 5 [ 72.897434][ T29] audit: type=1326 audit(1754028701.897:1302): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6247 comm="syz.6.1105" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb888d2eb69 code=0x7ffc0000 [ 72.938710][ T29] audit: type=1326 audit(1754028701.897:1303): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6247 comm="syz.6.1105" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb888d2eb69 code=0x7ffc0000 [ 72.962329][ T29] audit: type=1326 audit(1754028701.927:1304): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6247 comm="syz.6.1105" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb888d2eb69 code=0x7ffc0000 [ 72.986222][ T29] audit: type=1326 audit(1754028701.927:1305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6247 comm="syz.6.1105" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb888d2eb69 code=0x7ffc0000 [ 73.009697][ T29] audit: type=1326 audit(1754028701.927:1306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6247 comm="syz.6.1105" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb888d2eb69 code=0x7ffc0000 [ 73.033194][ T29] audit: type=1326 audit(1754028701.927:1307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6247 comm="syz.6.1105" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb888d2eb69 code=0x7ffc0000 [ 73.188381][ T6257] loop6: detected capacity change from 0 to 128 [ 73.341455][ T6270] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 73.420871][ T6270] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 73.449874][ T6279] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1119'. [ 73.511085][ T6270] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 73.619503][ T6270] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 73.648450][ T6290] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1123'. [ 73.709819][ T4480] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.731067][ T6294] loop7: detected capacity change from 0 to 128 [ 73.757998][ T4480] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.766330][ T4480] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.790301][ T6294] EXT4-fs (loop7): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 73.823800][ T4480] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.832435][ T6294] ext4 filesystem being mounted at /36/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 73.907929][ T5968] EXT4-fs (loop7): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 73.920530][ T6311] loop6: detected capacity change from 0 to 1024 [ 73.953037][ T6315] loop5: detected capacity change from 0 to 2048 [ 73.975563][ T6311] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 74.008281][ T6311] ext4 filesystem being mounted at /67/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 74.024971][ T6327] loop7: detected capacity change from 0 to 1024 [ 74.035108][ T6331] loop4: detected capacity change from 0 to 512 [ 74.043334][ T6331] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 74.044749][ T6327] EXT4-fs: Ignoring removed nobh option [ 74.058885][ T6327] EXT4-fs: inline encryption not supported [ 74.073063][ T6329] loop2: detected capacity change from 0 to 2048 [ 74.081833][ T6331] EXT4-fs (loop4): 1 truncate cleaned up [ 74.089539][ T6331] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 74.104615][ T6327] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 74.119450][ T3308] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 74.133822][ T6327] EXT4-fs error (device loop7): ext4_mb_mark_diskspace_used:4183: comm syz.7.1139: Allocating blocks 385-513 which overlap fs metadata [ 74.151771][ T6326] EXT4-fs (loop7): pa ffff8881006213f0: logic 16, phys. 129, len 24 [ 74.159833][ T6326] EXT4-fs error (device loop7): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 8 [ 74.171885][ T6329] loop2: p1 < > p4 [ 74.176463][ T6329] loop2: p4 size 8388608 extends beyond EOD, truncated [ 74.202002][ T5968] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 74.503469][ T3441] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters [ 74.535888][ T3441] EXT4-fs (loop6): Remounting filesystem read-only [ 74.638509][ T6348] loop5: detected capacity change from 0 to 128 [ 74.675130][ T6348] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 74.690176][ T5424] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 74.700962][ T6348] ext4 filesystem being mounted at /79/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 74.888667][ T6348] loop5: detected capacity change from 128 to 64 [ 74.896794][ T6348] EXT4-fs error (device loop5) in ext4_reserve_inode_write:6334: Out of memory [ 74.918892][ T6348] EXT4-fs error (device loop5) in ext4_reserve_inode_write:6334: Out of memory [ 74.940970][ T6348] EXT4-fs error (device loop5): ext4_evict_inode:254: inode #13: comm syz.5.1149: mark_inode_dirty error [ 74.956299][ T6365] tipc: Started in network mode [ 74.961388][ T6365] tipc: Node identity ac141413, cluster identity 4711 [ 74.969874][ T6348] EXT4-fs warning (device loop5): ext4_evict_inode:257: couldn't mark inode dirty (err -12) [ 74.997417][ T6365] tipc: New replicast peer: 10.1.1.2 [ 75.002827][ T6365] tipc: Enabled bearer , priority 10 [ 75.028853][ T4846] EXT4-fs error (device loop5) in ext4_reserve_inode_write:6334: Out of memory [ 75.039990][ T4846] EXT4-fs error (device loop5): ext4_dirty_inode:6538: inode #2: comm syz-executor: mark_inode_dirty error [ 75.121573][ T4846] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 75.204926][ T6379] vlan2: entered allmulticast mode [ 75.334709][ T6393] SELinux: ebitmap: truncated map [ 75.351903][ T6393] SELinux: failed to load policy [ 75.420422][ T4480] bridge_slave_1: left allmulticast mode [ 75.426100][ T4480] bridge_slave_1: left promiscuous mode [ 75.432018][ T4480] bridge0: port 2(bridge_slave_1) entered disabled state [ 75.441819][ T4480] bridge_slave_0: left allmulticast mode [ 75.447561][ T4480] bridge_slave_0: left promiscuous mode [ 75.453328][ T4480] bridge0: port 1(bridge_slave_0) entered disabled state [ 75.509535][ T4480] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 75.519336][ T4480] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 75.528728][ T4480] bond0 (unregistering): Released all slaves [ 75.557960][ T6380] chnl_net:caif_netlink_parms(): no params data found [ 75.583096][ T4480] hsr_slave_0: left promiscuous mode [ 75.588716][ T4480] hsr_slave_1: left promiscuous mode [ 75.594322][ T4480] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 75.602604][ T4480] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 75.679214][ T4480] team0 (unregistering): Port device team_slave_1 removed [ 75.689837][ T4480] team0 (unregistering): Port device team_slave_0 removed [ 75.733664][ T6409] tipc: Started in network mode [ 75.738721][ T6409] tipc: Node identity ac141413, cluster identity 4711 [ 75.754045][ T6409] tipc: New replicast peer: 10.1.1.2 [ 75.759664][ T6409] tipc: Enabled bearer , priority 10 [ 75.804051][ T6380] bridge0: port 1(bridge_slave_0) entered blocking state [ 75.811265][ T6380] bridge0: port 1(bridge_slave_0) entered disabled state [ 75.818947][ T6380] bridge_slave_0: entered allmulticast mode [ 75.825563][ T6380] bridge_slave_0: entered promiscuous mode [ 75.832713][ T6380] bridge0: port 2(bridge_slave_1) entered blocking state [ 75.839986][ T6380] bridge0: port 2(bridge_slave_1) entered disabled state [ 75.847374][ T6380] bridge_slave_1: entered allmulticast mode [ 75.854014][ T6380] bridge_slave_1: entered promiscuous mode [ 75.903000][ T6380] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 75.918232][ T6380] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 75.927878][ T6424] SELinux: ebitmap: truncated map [ 75.943012][ T6424] SELinux: failed to load policy [ 75.956137][ T6380] team0: Port device team_slave_0 added [ 75.963034][ T6380] team0: Port device team_slave_1 added [ 75.980827][ T6380] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 75.987904][ T6380] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 76.013904][ T6380] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 76.028213][ T6380] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 76.035188][ T6380] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 76.061191][ T6380] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 76.116750][ T23] tipc: Node number set to 2886997011 [ 76.149820][ T6380] hsr_slave_0: entered promiscuous mode [ 76.156145][ T6380] hsr_slave_1: entered promiscuous mode [ 76.162275][ T6380] debugfs: 'hsr0' already exists in 'hsr' [ 76.168130][ T6380] Cannot create hsr debugfs directory [ 76.233809][ T6380] netdevsim netdevsim8 netdevsim0: renamed from eth0 [ 76.243088][ T6380] netdevsim netdevsim8 netdevsim1: renamed from eth1 [ 76.252035][ T6380] netdevsim netdevsim8 netdevsim2: renamed from eth2 [ 76.260685][ T6380] netdevsim netdevsim8 netdevsim3: renamed from eth3 [ 76.298069][ T6380] 8021q: adding VLAN 0 to HW filter on device bond0 [ 76.311370][ T6380] 8021q: adding VLAN 0 to HW filter on device team0 [ 76.321028][ T4480] bridge0: port 1(bridge_slave_0) entered blocking state [ 76.328200][ T4480] bridge0: port 1(bridge_slave_0) entered forwarding state [ 76.339573][ T4469] bridge0: port 2(bridge_slave_1) entered blocking state [ 76.346656][ T4469] bridge0: port 2(bridge_slave_1) entered forwarding state [ 76.412116][ T6380] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 76.516415][ T6380] veth0_vlan: entered promiscuous mode [ 76.525370][ T6380] veth1_vlan: entered promiscuous mode [ 76.541481][ T6380] veth0_macvtap: entered promiscuous mode [ 76.549434][ T6380] veth1_macvtap: entered promiscuous mode [ 76.561100][ T6380] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 76.572451][ T6380] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 76.583487][ T4480] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.592995][ T4480] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.602683][ T4480] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.612189][ T4480] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.749314][ T6466] SELinux: ebitmap: truncated map [ 76.757696][ T2954] tipc: Node number set to 2886997011 [ 76.766860][ T6466] SELinux: failed to load policy [ 76.829175][ T6480] tipc: Started in network mode [ 76.834126][ T6480] tipc: Node identity ac141413, cluster identity 4711 [ 76.855171][ T6480] tipc: New replicast peer: 10.1.1.2 [ 76.860674][ T6480] tipc: Enabled bearer , priority 10 [ 77.053973][ T6504] SELinux: ebitmap: truncated map [ 77.065920][ T6504] SELinux: failed to load policy [ 77.585455][ T6514] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1209'. [ 77.663579][ T6519] SELinux: ebitmap: truncated map [ 77.668858][ T6520] netlink: 'syz.6.1210': attribute type 5 has an invalid length. [ 77.691096][ T6519] SELinux: failed to load policy [ 77.810284][ T29] kauditd_printk_skb: 170 callbacks suppressed [ 77.810301][ T29] audit: type=1400 audit(1754028706.807:1478): avc: denied { create } for pid=6550 comm="syz.8.1227" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1 [ 77.838621][ T29] audit: type=1400 audit(1754028706.807:1479): avc: denied { write } for pid=6550 comm="syz.8.1227" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1 [ 77.863075][ T29] audit: type=1326 audit(1754028706.847:1480): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6552 comm="syz.4.1228" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa1e352eb69 code=0x7ffc0000 [ 77.886563][ T29] audit: type=1326 audit(1754028706.847:1481): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6552 comm="syz.4.1228" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fa1e352d4d0 code=0x7ffc0000 [ 77.909976][ T29] audit: type=1326 audit(1754028706.847:1482): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6552 comm="syz.4.1228" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7fa1e3530397 code=0x7ffc0000 [ 77.925552][ T6557] loop8: detected capacity change from 0 to 2048 [ 77.933391][ T29] audit: type=1326 audit(1754028706.847:1483): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6552 comm="syz.4.1228" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fa1e352eb69 code=0x7ffc0000 [ 77.963172][ T29] audit: type=1326 audit(1754028706.847:1484): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6552 comm="syz.4.1228" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7fa1e3530397 code=0x7ffc0000 [ 77.976807][ T36] tipc: Node number set to 2886997011 [ 77.986978][ T29] audit: type=1326 audit(1754028706.847:1485): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6552 comm="syz.4.1228" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fa1e352d7ca code=0x7ffc0000 [ 78.015269][ T29] audit: type=1326 audit(1754028706.847:1486): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6552 comm="syz.4.1228" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa1e352eb69 code=0x7ffc0000 [ 78.038918][ T29] audit: type=1326 audit(1754028706.847:1487): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6552 comm="syz.4.1228" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa1e352eb69 code=0x7ffc0000 [ 78.089195][ T6557] loop8: p1 < > p4 [ 78.093681][ T6557] loop8: p4 size 8388608 extends beyond EOD, truncated [ 78.385583][ T6582] loop8: detected capacity change from 0 to 1024 [ 78.393686][ T6582] EXT4-fs: Ignoring removed nobh option [ 78.399448][ T6582] EXT4-fs: inline encryption not supported [ 78.410340][ T6582] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 78.427396][ T6582] EXT4-fs error (device loop8): ext4_mb_mark_diskspace_used:4183: comm syz.8.1240: Allocating blocks 385-513 which overlap fs metadata [ 78.443978][ T6582] EXT4-fs (loop8): pa ffff8881006213f0: logic 16, phys. 129, len 24 [ 78.452133][ T6582] EXT4-fs error (device loop8): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 8 [ 78.494011][ T6380] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 78.685278][ T6597] bond1: entered promiscuous mode [ 78.690498][ T6597] bond1: entered allmulticast mode [ 78.699599][ T6597] 8021q: adding VLAN 0 to HW filter on device bond1 [ 78.712354][ T6597] bond1 (unregistering): Released all slaves [ 78.998343][ T6613] syzkaller0: entered promiscuous mode [ 79.003955][ T6613] syzkaller0: entered allmulticast mode [ 79.428600][ T6645] netlink: 'syz.8.1262': attribute type 7 has an invalid length. [ 79.436411][ T6645] netlink: 8 bytes leftover after parsing attributes in process `syz.8.1262'. [ 79.491211][ T6647] netlink: 16 bytes leftover after parsing attributes in process `wޣ'. [ 79.634185][ T6657] bond_slave_0: entered promiscuous mode [ 79.639910][ T6657] bond_slave_1: entered promiscuous mode [ 79.666911][ T6657] 8021q: adding VLAN 0 to HW filter on device macvtap1 [ 79.678173][ T6657] bond_slave_0: left promiscuous mode [ 79.683681][ T6657] bond_slave_1: left promiscuous mode [ 79.782985][ T6670] netlink: 3 bytes leftover after parsing attributes in process `syz.7.1273'. [ 79.808338][ T6670] batadv1: entered promiscuous mode [ 79.813588][ T6670] batadv1: entered allmulticast mode [ 79.831754][ T6676] netlink: 'syz.6.1275': attribute type 7 has an invalid length. [ 79.832084][ T6675] -1: renamed from syzkaller0 [ 79.839617][ T6676] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1275'. [ 79.882337][ T6680] sctp: [Deprecated]: syz.2.1278 (pid 6680) Use of int in max_burst socket option. [ 79.882337][ T6680] Use struct sctp_assoc_value instead [ 79.917229][ T6682] loop2: detected capacity change from 0 to 1024 [ 79.924126][ T6682] EXT4-fs: Ignoring removed bh option [ 79.931290][ T6682] EXT4-fs: Ignoring removed nobh option [ 79.936969][ T6682] EXT4-fs: inline encryption not supported [ 79.971100][ T6682] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 79.994973][ T6682] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4183: comm +}[@: Allocating blocks 385-513 which overlap fs metadata [ 80.012781][ T6682] EXT4-fs (loop2): pa ffff888106b338c0: logic 16, phys. 129, len 24 [ 80.020884][ T6682] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 8 [ 80.049840][ T6682] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 1 with error 28 [ 80.062207][ T6682] EXT4-fs (loop2): This should not happen!! Data will be lost [ 80.062207][ T6682] [ 80.071904][ T6682] EXT4-fs (loop2): Total free blocks count 0 [ 80.078465][ T6682] EXT4-fs (loop2): Free/Dirty block details [ 80.084380][ T6682] EXT4-fs (loop2): free_blocks=128 [ 80.089599][ T6682] EXT4-fs (loop2): dirty_blocks=0 [ 80.094654][ T6682] EXT4-fs (loop2): Block reservation details [ 80.100715][ T6682] EXT4-fs (loop2): i_reserved_data_blocks=0 [ 80.128532][ T6696] loop8: detected capacity change from 0 to 1764 [ 80.154347][ T6700] loop4: detected capacity change from 0 to 512 [ 80.166317][ T6700] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 80.188099][ T6700] EXT4-fs (loop4): 1 truncate cleaned up [ 80.201081][ T6700] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 80.221124][ T6701] loop7: detected capacity change from 0 to 8192 [ 80.236030][ T3308] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 80.311759][ T6709] loop8: detected capacity change from 0 to 8192 [ 80.328018][ T6714] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1293'. [ 80.403297][ T6716] loop4: detected capacity change from 0 to 128 [ 80.410619][ T6716] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 80.423134][ T6716] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 80.490290][ T4447] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 80.855031][ T6753] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1310'. [ 80.885373][ T6761] loop6: detected capacity change from 0 to 512 [ 80.886385][ T6759] vlan2: entered allmulticast mode [ 80.903378][ T6761] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode [ 80.947247][ T6761] EXT4-fs (loop6): 1 truncate cleaned up [ 80.967263][ T6761] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 81.073387][ T5424] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 81.136646][ T6778] syzkaller1: entered promiscuous mode [ 81.142225][ T6778] syzkaller1: entered allmulticast mode [ 81.178388][ T6784] vhci_hcd: invalid port number 255 [ 81.183675][ T6784] vhci_hcd: invalid port number 255 [ 81.250007][ T6792] loop4: detected capacity change from 0 to 1024 [ 81.298496][ T6792] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 81.380449][ T6792] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4183: comm syz.4.1329: Allocating blocks 449-513 which overlap fs metadata [ 81.425301][ T6791] EXT4-fs (loop4): pa ffff888100621460: logic 48, phys. 177, len 21 [ 81.433477][ T6791] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 4 [ 81.454902][ T6809] netlink: 'syz.2.1333': attribute type 13 has an invalid length. [ 81.462856][ T6809] netlink: 152 bytes leftover after parsing attributes in process `syz.2.1333'. [ 81.490780][ T3308] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 81.490844][ T6809] erspan0: refused to change device tx_queue_len [ 81.528455][ T6809] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check. [ 81.653779][ T6821] netlink: 64 bytes leftover after parsing attributes in process `syz.4.1338'. [ 81.706029][ T6827] loop4: detected capacity change from 0 to 128 [ 81.789974][ T6835] loop4: detected capacity change from 0 to 512 [ 81.792789][ T6835] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 81.817504][ T6835] EXT4-fs (loop4): 1 orphan inode deleted [ 81.817522][ T6835] EXT4-fs (loop4): 1 truncate cleaned up [ 81.817903][ T6835] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 81.859775][ T3308] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 81.912883][ T6844] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1348'. [ 81.988305][ T6851] syzkaller1: entered promiscuous mode [ 81.988324][ T6851] syzkaller1: entered allmulticast mode [ 82.575733][ T6881] sch_tbf: burst 32855 is lower than device lo mtu (65550) ! [ 82.608508][ T6883] __nla_validate_parse: 4 callbacks suppressed [ 82.608527][ T6883] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1364'. [ 82.651470][ T6887] netlink: 24 bytes leftover after parsing attributes in process `syz.6.1366'. [ 82.890627][ T6915] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1379'. [ 82.899616][ T6915] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1379'. [ 82.909142][ T6911] SELinux: failed to load policy [ 82.990579][ T6924] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 83.023787][ T6928] loop6: detected capacity change from 0 to 512 [ 83.049008][ T6924] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 83.061692][ T6928] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 83.074773][ T6928] ext4 filesystem being mounted at /113/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 83.088813][ T6924] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 83.136015][ T5424] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 83.149513][ T6924] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 83.205882][ T4447] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.218089][ T29] kauditd_printk_skb: 181 callbacks suppressed [ 83.218106][ T29] audit: type=1400 audit(1754028712.217:1669): avc: denied { create } for pid=6944 comm="syz.7.1391" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1 [ 83.248995][ T4447] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.279552][ T4447] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.280023][ T6942] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1389'. [ 83.312585][ T4447] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.328983][ T6942] IPVS: Error joining to the multicast group [ 83.338247][ T6950] syzkaller1: entered promiscuous mode [ 83.343770][ T6950] syzkaller1: entered allmulticast mode [ 83.347223][ T29] audit: type=1326 audit(1754028712.337:1670): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6952 comm="syz.2.1395" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3da11eb69 code=0x7ffc0000 [ 83.375481][ T29] audit: type=1326 audit(1754028712.367:1671): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6952 comm="syz.2.1395" exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7fd3da11eb69 code=0x7ffc0000 [ 83.399063][ T29] audit: type=1326 audit(1754028712.367:1672): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6952 comm="syz.2.1395" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3da11eb69 code=0x7ffc0000 [ 83.422501][ T29] audit: type=1326 audit(1754028712.367:1673): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6952 comm="syz.2.1395" exe="/root/syz-executor" sig=0 arch=c000003e syscall=447 compat=0 ip=0x7fd3da11eb69 code=0x7ffc0000 [ 83.446066][ T29] audit: type=1326 audit(1754028712.367:1674): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6952 comm="syz.2.1395" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3da11eb69 code=0x7ffc0000 [ 83.469640][ T29] audit: type=1326 audit(1754028712.367:1675): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6952 comm="syz.2.1395" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fd3da11d4d0 code=0x7ffc0000 [ 83.493106][ T29] audit: type=1326 audit(1754028712.367:1676): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6952 comm="syz.2.1395" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3da11eb69 code=0x7ffc0000 [ 83.516591][ T29] audit: type=1326 audit(1754028712.367:1677): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6952 comm="syz.2.1395" exe="/root/syz-executor" sig=0 arch=c000003e syscall=8 compat=0 ip=0x7fd3da11eb69 code=0x7ffc0000 [ 83.539824][ T29] audit: type=1326 audit(1754028712.367:1678): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6952 comm="syz.2.1395" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3da11eb69 code=0x7ffc0000 [ 83.654219][ T6965] netlink: 'syz.2.1399': attribute type 1 has an invalid length. [ 83.669037][ T6965] 8021q: adding VLAN 0 to HW filter on device bond1 [ 83.710409][ T6965] bond1: (slave veth7): Enslaving as an active interface with a down link [ 83.724593][ T6965] 8021q: adding VLAN 0 to HW filter on device batadv1 [ 83.733757][ T6965] bond1: (slave batadv1): dev_set_mac_address on slave failed! ALB mode requires that the base driver support setting the hw address also when the network device's interface is open [ 83.825420][ T6987] netlink: 'syz.6.1410': attribute type 13 has an invalid length. [ 83.924759][ T6987] bridge0: port 2(bridge_slave_1) entered disabled state [ 83.932074][ T6987] bridge0: port 1(bridge_slave_0) entered disabled state [ 83.968068][ T6997] loop2: detected capacity change from 0 to 512 [ 83.980353][ T6997] EXT4-fs: Ignoring removed oldalloc option [ 83.986333][ T6997] EXT4-fs: inline encryption not supported [ 83.992222][ T6997] EXT4-fs: Ignoring removed mblk_io_submit option [ 84.017196][ T6997] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended [ 84.034906][ T6987] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 84.046721][ T6987] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 84.076268][ T6997] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.1415: bg 0: block 64: padding at end of block bitmap is not set [ 84.093749][ T6997] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.1415: Failed to acquire dquot type 0 [ 84.105346][ T6997] EXT4-fs (loop2): 1 truncate cleaned up [ 84.121069][ T6997] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 84.174666][ T6997] syz.2.1415 (6997) used greatest stack depth: 9264 bytes left [ 84.190192][ T3306] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 84.208962][ T37] netdevsim netdevsim6 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 84.218254][ T37] netdevsim netdevsim6 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 84.238922][ T37] netdevsim netdevsim6 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 84.247904][ T37] netdevsim netdevsim6 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 84.257145][ T37] netdevsim netdevsim6 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 84.266155][ T37] netdevsim netdevsim6 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 84.278992][ T37] netdevsim netdevsim6 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 84.288302][ T37] netdevsim netdevsim6 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 84.322391][ T7031] netlink: 44 bytes leftover after parsing attributes in process `syz.7.1427'. [ 84.374963][ T7037] loop8: detected capacity change from 0 to 1024 [ 84.390837][ T7037] EXT4-fs: Ignoring removed orlov option [ 84.429319][ T7037] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 84.515066][ T7054] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1437'. [ 84.537659][ T7054] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1437'. [ 84.549591][ T7051] ================================================================== [ 84.557808][ T7051] BUG: KCSAN: data-race in generic_buffers_fsync_noflush / writeback_single_inode [ 84.567052][ T7051] [ 84.569392][ T7051] write to 0xffff888106b6b168 of 4 bytes by task 7037 on cpu 0: [ 84.577044][ T7051] writeback_single_inode+0x14a/0x3e0 [ 84.582456][ T7051] sync_inode_metadata+0x5b/0x90 [ 84.587423][ T7051] generic_buffers_fsync_noflush+0xd9/0x120 [ 84.593350][ T7051] ext4_sync_file+0x1ab/0x690 [ 84.598064][ T7051] vfs_fsync_range+0x10d/0x130 [ 84.602855][ T7051] ext4_buffered_write_iter+0x34f/0x3c0 [ 84.608441][ T7051] ext4_file_write_iter+0x383/0xf00 [ 84.613677][ T7051] iter_file_splice_write+0x5ef/0x970 [ 84.619074][ T7051] direct_splice_actor+0x153/0x2a0 [ 84.624213][ T7051] splice_direct_to_actor+0x30f/0x680 [ 84.629611][ T7051] do_splice_direct+0xda/0x150 [ 84.634485][ T7051] do_sendfile+0x380/0x650 [ 84.638936][ T7051] __x64_sys_sendfile64+0x105/0x150 [ 84.644165][ T7051] x64_sys_call+0x2bb0/0x2ff0 [ 84.648873][ T7051] do_syscall_64+0xd2/0x200 [ 84.653408][ T7051] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 84.659327][ T7051] [ 84.661663][ T7051] read to 0xffff888106b6b168 of 4 bytes by task 7051 on cpu 1: [ 84.669221][ T7051] generic_buffers_fsync_noflush+0x80/0x120 [ 84.675160][ T7051] ext4_sync_file+0x1ab/0x690 [ 84.679865][ T7051] vfs_fsync_range+0x10d/0x130 [ 84.684655][ T7051] ext4_buffered_write_iter+0x34f/0x3c0 [ 84.690242][ T7051] ext4_file_write_iter+0x383/0xf00 [ 84.695480][ T7051] iter_file_splice_write+0x5ef/0x970 [ 84.700878][ T7051] direct_splice_actor+0x153/0x2a0 [ 84.706008][ T7051] splice_direct_to_actor+0x30f/0x680 [ 84.711402][ T7051] do_splice_direct+0xda/0x150 [ 84.716207][ T7051] do_sendfile+0x380/0x650 [ 84.720646][ T7051] __x64_sys_sendfile64+0x105/0x150 [ 84.725880][ T7051] x64_sys_call+0x2bb0/0x2ff0 [ 84.730579][ T7051] do_syscall_64+0xd2/0x200 [ 84.735100][ T7051] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 84.740999][ T7051] [ 84.743320][ T7051] value changed: 0x00000038 -> 0x00000002 [ 84.749035][ T7051] [ 84.751355][ T7051] Reported by Kernel Concurrency Sanitizer on: [ 84.757524][ T7051] CPU: 1 UID: 0 PID: 7051 Comm: syz.8.1428 Not tainted 6.16.0-syzkaller-10355-gf2d282e1dfb3 #0 PREEMPT(voluntary) [ 84.769594][ T7051] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 84.779662][ T7051] ================================================================== [ 84.806053][ T6380] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.