last executing test programs: 24.272304928s ago: executing program 2 (id=2867): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) r1 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x50) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10) write$tun(r0, &(0x7f0000000240)=ANY=[@ANYBLOB="000386dd0a00100000004000000060ec970200140400fb8000000000000000000000000000aaff020000000000000000000000000001"], 0xffe) 24.271496228s ago: executing program 1 (id=2868): socket$inet_udp(0x2, 0x2, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000800)=ANY=[@ANYBLOB="0b00000008000000010001000900000001"], 0x50) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0xffffffffffffff96, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa000000, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x52) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_generate\x00', r1}, 0x10) syz_open_procfs$namespace(0x0, 0xfffffffffffffffe) 24.203507999s ago: executing program 1 (id=2871): r0 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'veth0_vlan\x00', 0x0}) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000480)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cf84ded40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c86e00f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec231fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895012f1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c3405000000000000003871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d37261774cc5a3bf6b466cb72812da518ff602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d50a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a31b16ac5fb73fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953f88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a5fe1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9d66ebbc8bab4ea81232fbef665f6212f875b2a00000000000000aceb111b66a500ca52fd8f848088c67ee65dfdcc4c580e9bc18c1699dca07d019bf1bf9dd3da480d6c155d7e60674ce88ab5ae07a9d16e22792d99986b531ab4e592ab5925da779e700cf20309a2137877690dc5c07956fc82d7b3bb46d3138041af18508938c9be4e5d0a98073463a5cff6c146d020743da474cb81677a6f389f0e00c33b70b7f8bab95435c27167f365a29fb09cbf35bf192f6a65616fa2ad9a6c7ca3a3ecd96aaecd993e8badb40e7eb8a22b0015e70c885cd519e28448168c6d914265998bff74ea1b0e651a6cae9419096248a0e41573827ad60fafce6e6540734c1f23f75337d836c31497e8112969a039d65aa297e2b046b5f4d11116a89f9f65693d4dc3e70fbfe0b2044fdb3f87e887d1daae8e38a0c19f668f776e19a02bb2449ee4384f6536879c85d7e41bc0276ee2b125d41ff358323311703ec01d64a573bdeb75bdcc87d01de38365ab9222713d2d1640a742d62fefb5403b2ed9969c32a0841e8c36b0107bb888eb14ac62e6d4bdfaeb9ee7436b97bf3825a19d6c8997ce285edf1d277ed703f560460417bfe702af833e83c5b987befb6d1fcf765ab7ea537d9dafb622a1ba8686cb9b1c63b84470364942e90d1cf856cead864f5e38c83b9ed86cc5725a20299ce512b165"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x2e) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x18) r3 = socket$nl_route(0x10, 0x3, 0x0) setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000040)={r1, 0x1, 0x6, @local}, 0x10) sendmsg$nl_route_sched(r3, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=@getchain={0x24, 0x11, 0x839, 0x70bd2a, 0x25dfdbff, {0x0, 0x0, 0x0, r1, {0xc}, {0xfffc, 0x8}, {0x10}}}, 0x24}, 0x1, 0x0, 0x0, 0x40040}, 0x20040000) 24.15385812s ago: executing program 2 (id=2875): perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x40, 0x1, 0x0, 0x0, 0x0, 0x3, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000, 0x2, @perf_config_ext={0x2000000000000000, 0x8}, 0x1000, 0x5dd8, 0x100000, 0x5, 0x0, 0xb, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xfffffbffffffffff, 0xffffffffffffffff, 0x2) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x40082404, &(0x7f0000000240)=0xfffffffffffffffe) syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f00000004c0)='./file0\x00', 0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="646f74732c646f74732c646f74732c636865636b3d72656c617865642c616c6c6f775f7574696d653d30303030303030303030303030303030303030303030302c6e6f646f74732c646f74732c6e6f646f74732c6e6f646f74732c636865636b3d7374726963742c616c6c6f775f7574696d653d30303030303030303030303030303030303030303030312c646f74732c646f74732c616c6c6f775f7574696d653d30303030303030303030303030303030303030303030312c6e6f646f74732c646f74732c666d61736b3d30303030303030303030303030303030303030303030322c6e6f646f74732c646f74732c666c7573682c6e6f646f74732c636865636b3d6e6f726d616c2c0079c7cebee7a0df8765ffc536c4e752679b645307d1bf097e07b8e261bb27d1bb80ee490fc501e4f230ddf1483b11ac5c39a93cfc3ba360037c79a9be063a3bf5015e3d6a8cad0e98ccb29619c51c44ec612fc7ff44fa8cf7759eada764c43ba9d602a958bd209ace3df01c3dae04baa94aedc5515da8160ae0"], 0xfd, 0x1bf, &(0x7f0000000300)="$eJzs3TGL02AYB/Cn9bzmnG4TRCHg4nSon+BEThADgtJBJ4XT5SqCt0SX9mP4Af0A0qmLRGrSxkaHWmxS6++39En/edvnHZp26ZNXN99dnL+/fPvl+udIkl70T+M0Zr04jn4sTAIA2CezooivRanrXgCAdqzx/f+t5ZYAgC17/uLlkwdZdvYsTZOI6SQf5sPyscwfPc7O7qY/HNerpnk+vLLM76XN3w7z/Gpcq/L75fp0NT+MO7fLfJ49fJo18kGcb3frAAAAAAAAAAAAAAAAAAAAAADQmVuRLvx2vs/JSTM/qvLy6Kf5QI35PQdx46A6rMcDFeM2NgUAAAAAAAAAAAAAAAAAAAD/mMuPny5ej0ZvPtTFICJWn/mTole98IbL2y76sRNtKP5qke5GG6MNPwWHEbGtxmZFUax1cn2NGHR1cQIAAAAAAAAAAAAAAAAAgP9M/affX7Oki4YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoAP1/f83KMYRscbJyzc76nSrAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7LHvAQAA///DgjXa") r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r1 = openat$selinux_policy(0xffffff9c, &(0x7f0000000300), 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r1, 0x0) write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0xffa8) 23.995868361s ago: executing program 2 (id=2878): r0 = socket$netlink(0x10, 0x3, 0x10) r1 = socket$netlink(0x10, 0x3, 0x10) bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000000)=0x80, 0x4) setsockopt$netlink_NETLINK_BROADCAST_ERROR(r1, 0x10e, 0x4, &(0x7f0000000180)=0x800, 0x4) r2 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_RATE_NEW(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)={0x34, r2, 0x1, 0xfeff, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0) sendmsg$IPCTNL_MSG_EXP_NEW(r0, &(0x7f0000000540)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000004c0)={&(0x7f0000000340)={0x14, 0x0, 0x2, 0x201}, 0x14}, 0x1, 0x0, 0x0, 0x20000080}, 0x44080) 23.989165382s ago: executing program 1 (id=2879): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0xfc, 0x0, 0x7ffc0002}]}) r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x0, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r1}, 0x10) openat(0xffffffffffffff9c, 0x0, 0x141042, 0x0) mknodat(0xffffffffffffff9c, &(0x7f0000000140)='./file4\x00', 0x0, 0x0) getitimer(0x2, &(0x7f0000000140)) 23.961895112s ago: executing program 1 (id=2880): mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) mount$bind(&(0x7f0000000440)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0) mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0) mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0\x00', 0x0, 0x18d811, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000440)='mountinfo\x00') sendfile(r0, r0, 0x0, 0x1000) 23.948054432s ago: executing program 1 (id=2881): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0xe, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="18020000801000000000000004000000850000002700000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r2, r3, 0x5, 0x0, 0x0, @void, @value}, 0x10) perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x41, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000740)={{r2}, &(0x7f00000006c0), &(0x7f0000000700)=r1}, 0x20) sendmsg$inet(r0, &(0x7f0000000980)={0x0, 0x6000, &(0x7f0000000900)=[{&(0x7f0000000640)='U', 0xa00120}], 0x1}, 0x3) 23.673604615s ago: executing program 1 (id=2890): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1803000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000080008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000400000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r2}, 0x10) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="5c0000000206030000000000008000000000000005000100070000000900020073797a30000000001400078008001240000000000500150004000000050005000000000005000400000000000d000300686173683a6d6163"], 0x5c}}, 0x0) sendmsg$IPSET_CMD_ADD(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000740)=ANY=[@ANYBLOB="44000000090605000000000000000000010000050900020073797a30000006000500010007000000080009400000000114000880100007800a001100b4"], 0x44}, 0x1, 0x0, 0x0, 0x8000}, 0x44000) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_DESTROY(r3, &(0x7f0000000240)={0x0, 0xffac, &(0x7f0000000380)={&(0x7f0000000280)=ANY=[@ANYBLOB="28000000030605000000000000000000000000000500010007"], 0x28}}, 0x0) 23.672764766s ago: executing program 32 (id=2890): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1803000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000080008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000400000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r2}, 0x10) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="5c0000000206030000000000008000000000000005000100070000000900020073797a30000000001400078008001240000000000500150004000000050005000000000005000400000000000d000300686173683a6d6163"], 0x5c}}, 0x0) sendmsg$IPSET_CMD_ADD(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000740)=ANY=[@ANYBLOB="44000000090605000000000000000000010000050900020073797a30000006000500010007000000080009400000000114000880100007800a001100b4"], 0x44}, 0x1, 0x0, 0x0, 0x8000}, 0x44000) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_DESTROY(r3, &(0x7f0000000240)={0x0, 0xffac, &(0x7f0000000380)={&(0x7f0000000280)=ANY=[@ANYBLOB="28000000030605000000000000000000000000000500010007"], 0x28}}, 0x0) 23.578353147s ago: executing program 2 (id=2894): mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) mount$bind(&(0x7f0000000440)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0) mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0) mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0\x00', 0x0, 0x18d811, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000440)='mountinfo\x00') sendfile(r0, r0, 0x0, 0x1000) 23.546114577s ago: executing program 2 (id=2896): socket$packet(0x11, 0xa, 0x300) socket$packet(0x11, 0x3, 0x300) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) socket$packet(0x11, 0xa, 0x300) r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xb68, 0x560b0000, &(0x7f0000000000)="219a53f271a76d2608004c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48) syz_genetlink_get_family_id$tipc2(&(0x7f00000003c0), 0xffffffffffffffff) 22.812626907s ago: executing program 3 (id=2901): syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2000000, 0x0, 0x0, 0x0, &(0x7f0000000000)) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000005"], 0x50) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='9p_protocol_dump\x00', r1}, 0x10) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000500)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000000a40)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}}) 22.676005378s ago: executing program 3 (id=2903): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000080008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1, 0x0, 0xfffffffffffffffe}, 0x18) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r2, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4) connect$inet6(r2, &(0x7f0000000100)={0xa, 0x0, 0xfffffffe, @loopback}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r2, 0x6, 0x1f, &(0x7f00000000c0), 0x4) setsockopt$inet6_tcp_TLS_TX(r2, 0x11a, 0x1, &(0x7f0000003100)=@gcm_128={{0x304}, "040000000048bd00", "0dd12f0d004fcf0000e8bfff1a8600", "cf0f00", "8657e2b7e63b34e4"}, 0x28) 22.675017808s ago: executing program 3 (id=2905): r0 = socket$tipc(0x1e, 0x5, 0x0) bind$tipc(r0, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x3, 0x4}}, 0x10) bind$tipc(r0, &(0x7f0000000140)=@name={0x1e, 0x2, 0x0, {{0x42, 0x2}}}, 0x10) setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000040)={0x42, 0x1}, 0x10) r1 = socket$tipc(0x1e, 0x5, 0x0) bind$tipc(r1, &(0x7f0000000040)=@name={0x1e, 0x2, 0x0, {{0x42, 0x3}}}, 0x10) r2 = socket$tipc(0x1e, 0x5, 0x0) sendmsg$tipc(r2, &(0x7f0000000380)={&(0x7f0000000140)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x3, 0x4}}, 0x10, 0x0}, 0x0) 22.674685698s ago: executing program 3 (id=2906): mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) mount$bind(&(0x7f0000000440)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0) mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0) mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0\x00', 0x0, 0x18d811, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000440)='mountinfo\x00') sendfile(r0, r0, 0x0, 0x1000) 22.656362989s ago: executing program 3 (id=2907): timer_settime(0x0, 0x0, 0x0, 0x0) syz_open_dev$sg(0x0, 0x0, 0x127081) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x12141, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000700)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='kfree\x00', r0, 0x0, 0xfffffffffffffffd}, 0x18) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r1 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TCFLSH(r1, 0x5608, 0x0) 22.254686304s ago: executing program 3 (id=2909): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0500000004000000032000000c"], 0x50) close(0x3) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000005000000010001000900000001"], 0x48) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r1, &(0x7f0000000080), &(0x7f0000001540)=""/155}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x39, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='tlb_flush\x00', r2}, 0x10) 22.254297264s ago: executing program 33 (id=2909): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0500000004000000032000000c"], 0x50) close(0x3) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000005000000010001000900000001"], 0x48) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r1, &(0x7f0000000080), &(0x7f0000001540)=""/155}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x39, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='tlb_flush\x00', r2}, 0x10) 18.704047029s ago: executing program 2 (id=2978): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0x6, 0x4, 0x4, 0xc, 0x0, 0xffffffffffffffff, 0xe3, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10) ioctl$int_in(0xffffffffffffffff, 0x5452, 0x0) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000001000/0x4000)=nil) munmap(&(0x7f0000002000/0x2000)=nil, 0x2000) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000580)=@deltaction={0x4c, 0x18, 0x1, 0x0, 0x25dfdbfe, {0xa}, [@TCA_ACT_TAB={0x38, 0x1, [{0xc, 0x80, 0x0, 0x0, @TCA_ACT_INDEX={0x8}}, {0x14, 0x8, 0x0, 0x0, @TCA_ACT_KIND={0x6, 0x1, 'tunnel_key\x00'}}, {0x14, 0x9, 0x0, 0x0, @TCA_ACT_KIND={0xf, 0x1, 'tunnel_key\x00'}}]}]}, 0x4c}}, 0x0) 18.703595409s ago: executing program 34 (id=2978): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0x6, 0x4, 0x4, 0xc, 0x0, 0xffffffffffffffff, 0xe3, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10) ioctl$int_in(0xffffffffffffffff, 0x5452, 0x0) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000001000/0x4000)=nil) munmap(&(0x7f0000002000/0x2000)=nil, 0x2000) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000580)=@deltaction={0x4c, 0x18, 0x1, 0x0, 0x25dfdbfe, {0xa}, [@TCA_ACT_TAB={0x38, 0x1, [{0xc, 0x80, 0x0, 0x0, @TCA_ACT_INDEX={0x8}}, {0x14, 0x8, 0x0, 0x0, @TCA_ACT_KIND={0x6, 0x1, 'tunnel_key\x00'}}, {0x14, 0x9, 0x0, 0x0, @TCA_ACT_KIND={0xf, 0x1, 'tunnel_key\x00'}}]}]}, 0x4c}}, 0x0) 2.667838876s ago: executing program 4 (id=3382): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001440)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x800, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) r2 = socket$pppl2tp(0x18, 0x1, 0x1) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$pppl2tp(r2, &(0x7f00000002c0)=@pppol2tpin6={0x18, 0x1, {0x0, r3, 0x8, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @rand_addr=' \x01\x00'}}}, 0x32) writev(r2, &(0x7f0000000180)=[{&(0x7f0000000500)='\x00', 0x1}], 0x1) 2.667581616s ago: executing program 4 (id=3383): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0) fcntl$lock(r0, 0x25, &(0x7f0000000000)={0x1}) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x275a, 0x0) fcntl$lock(r1, 0x26, &(0x7f0000000040)={0x1, 0x0, 0x7, 0x1}) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x275a, 0x0) fcntl$lock(r2, 0x26, &(0x7f0000000380)={0x1, 0x0, 0x103ff}) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0) fcntl$lock(r3, 0x7, &(0x7f0000000180)={0x1, 0x0, 0x78, 0x10}) 1.786724238s ago: executing program 5 (id=3395): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000100)='mm_lru_insertion\x00', r1}, 0x10) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0) write$cgroup_type(r2, &(0x7f0000000180), 0x40010) 1.762720158s ago: executing program 4 (id=3396): mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r0}, 0x38) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2d, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1, 0x0, 0x2}, 0x18) mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8003, &(0x7f0000000000)=0x9, 0x8, 0x1) mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x0) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x0, 0x31, 0xffffffffffffffff, 0x0) 1.718359868s ago: executing program 5 (id=3397): r0 = socket$tipc(0x1e, 0x5, 0x0) bind$tipc(r0, &(0x7f00000001c0)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x0, 0xfffffffd}}, 0x10) r1 = socket$tipc(0x1e, 0x5, 0x0) bind$tipc(r1, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x3, 0x4}}, 0x10) bind$tipc(r1, &(0x7f0000000140)=@name={0x1e, 0x2, 0x0, {{0x42, 0x2}}}, 0x10) setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000040)={0x42, 0x1}, 0x10) r2 = socket$tipc(0x1e, 0x5, 0x0) sendmsg$tipc(r2, &(0x7f0000000380)={&(0x7f0000000140)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x4, 0x4}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x4000884}, 0x4) 1.689787949s ago: executing program 5 (id=3399): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x10) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000700)=ANY=[@ANYBLOB="4c00000002060108000034e40000000000000000050001000600000005000400000000000900020073797a3100000000050005000a000000120003"], 0x4c}}, 0x2) 1.61852656s ago: executing program 4 (id=3401): r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6) r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r2}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x1, &(0x7f00000002c0)=[{0x6}]}, 0x10) write$binfmt_misc(r0, &(0x7f0000001280), 0x6) 1.516461441s ago: executing program 4 (id=3406): syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000080)='./file0\x00', 0x808080, &(0x7f0000000000), 0x2c, 0x52c, &(0x7f0000000640)="$eJzs3d9rY1kdAPBvMv2Rdjrbru7DKuqO6+oowyRtZrcs+6DriyDLssK6TyKzpc2U0qQpTbpua8EO+Oar4IBP+if4IPggzJPvvumbLyMojDo4TAWRyE1uOm2adMq0aWaazwcuOefc2/s9J3DP6T1J7glgaF2NiN2IGIuIjyNiOi3PpFu829qS4x4/3Fnce7izmIlG48N/jqRH7iy2j2+7nJ4zF/FBkh/vEre2tb26UC6XNtJ8oV5ZL9S2tm+sVBaWS8ultWJxfm5+9u2bbxXPrK2vVX7z4Dsr7330+9998f4fd7/x46TO32rtGkvadmaBDmi9L6MxdaAseefe60ewAbiUtmds0BXhmWQj4jMR8Xqa3pcbXJ0AgP5qNKajMX0w31vmBMcAAM+/5J5/KjLZfHr/PxXZbD7fnMPLvRKT2XK1Vr9+u7q5thTNOayZGM3eXimXZtO5wpkYzST5uWb6Sb7Ykb8ZES9HxM/HJ5r5/GK1vDSof3oAYMhd7hj/H423xv8T8AkBALzIjOQAMHyOjv+jA6kHAHB+3P8DwPA5MP53+60uAHAB5Tp++w8AXHwH7v9Huh7wavzkh+dXHQDgHPj8HwCGyvfefz/ZGnvp86+XPtnaXK1+cmOpVFvNVzYX84vVjfX8crW63HxmT+Vp5ytXq+tzb8bmp4V6qVYv1La2b1Wqm2v1W83net8q+WEBAAzey6/d+3MmInbfmWhu0V7LwRcC4MJzmcPwujToCgAD0/37PsAwMB8PZJ6yv+dXhO72/puJU9QH6L9rn+sx/9/tf4M7+6n/Nc6vikCfmP+H4XW6+X+zB/AiM/8Pw6vRyFjPHwCGzAnu4H1FEC64Z/78HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIbYVHPLZPPpWuBTkc3m8xFXImJmYjRze6Vcmo2IlyLiT+Oj40l+btCVBgBOKfv3TLr+17XpN6Y6945l/jPefI2IH/3yw198ulCvb8wl5f/aL6/fTcuLXQOM978NAMABI50F7XG6PY631/d9/HBnsb2dZwUffLu1uGgSdy/d2lVvVT4XoxEx+e/MocZkzmhh4t07EfFqZ/uz+/tn0pVPO+Mnsa/0LX40Wzh1KH72UPxsc1/rNXkvPnsGdYFhcy/pf97tdv1l42rzNb3+Moc701z87Gjn+gza/d9eo7P/a13vH1zJNfuabv3f1ZPGePMP3+25786lxudHIvaO9L/tFaFzzdSR+CMRb3Q74U+/+Wizo+gvX/jS673iN34VcS2Oi99KFeqV9UJta/vGSmVhubRcWisW5+fmZ9+++Vax0JyjLrRnqo/6xzvXX+rd/ojJHvFzx7U/Ir7a66Qdfv3fj3/w5WPif/0r3eJn45Vj4idj4tdOGH9h8rc9l+9O4i/1aP/Iofhjh/4uKbt+wvj3/7q9dMJDAYBzUNvaXl0ol0sbEqdN5Pp15svPSQMleiT+9tGha2rg9TmTxMC6JOCcPLnoB10TAAAAAAAAAAAAAACgl9r300f+9fHHcINuIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABfX/wMAAP//OkHLZw==") r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0xb, &(0x7f0000000300)=ANY=[@ANYBLOB="180000000000000000000000a9000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000500)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, 0x0, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a3200000000140000001100"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000002680)=ANY=[@ANYBLOB="140000001000010000000000000007000000000a60000000060a0b0400000000000000000200000034000480200001800e000100636f6e6e6c696d69740000000c000280080001400000000010000180090001006c617374000000000900010073797a30000000000900020073797a320000000014000000110001"], 0x88}, 0x1, 0x0, 0x0, 0x10}, 0x0) close(r0) 1.347801393s ago: executing program 4 (id=3411): syz_open_dev$usbmon(&(0x7f0000000280), 0x80000000000000, 0x800) r0 = syz_io_uring_setup(0x4fd7, &(0x7f0000000340)={0x0, 0x400000, 0x10100, 0x400001, 0x38a}, &(0x7f0000000080), &(0x7f0000000000)=0x0) syz_io_uring_setup(0x1868, &(0x7f00000003c0)={0x0, 0x0, 0x100, 0x0, 0x134}, &(0x7f00000002c0)=0x0, &(0x7f0000000180)) mkdirat(0xffffffffffffff9c, 0x0, 0x0) syz_io_uring_submit(r2, r1, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xfffffffffffffe54}) io_uring_enter(r0, 0x8184c, 0x0, 0x9, 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0) syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301) 1.162705906s ago: executing program 7 (id=3413): bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000000)={0xffffffffffffffff, 0xe0, &(0x7f0000000980)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x49, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0, 0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000740)={r0, &(0x7f0000000000), &(0x7f00000000c0)=""/109}, 0x20) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000700)=@generic={0x0, r1}, 0x18) 1.155584106s ago: executing program 5 (id=3414): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000010000000a00000008"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000002000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) r2 = getpid() r3 = syz_pidfd_open(r2, 0x0) setns(r3, 0x24020000) fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0) 1.129073866s ago: executing program 5 (id=3415): r0 = socket(0x1e, 0x4, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req={0x3fc, 0x0, 0x0, 0x5}, 0x10) r1 = socket(0x1e, 0x4, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10) sendmmsg(r1, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x101d0}], 0x1}}], 0x400000000000181, 0x9200000000000000) r2 = socket(0x1e, 0x4, 0x0) setsockopt$packet_tx_ring(r2, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10) close(0x3) 1.125588656s ago: executing program 7 (id=3416): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x3000490, &(0x7f0000000e80)={[{@dioread_lock}, {@usrjquota}, {@quota}, {@norecovery}, {@auto_da_alloc}, {@block_validity}, {@grpquota}, {@barrier_val}, {@grpjquota}, {@jqfmt_vfsold}]}, 0x45, 0x7b1, &(0x7f00000004c0)="$eJzs3c9rHNcdAPDvrFY/7VYqFFr3JCi0BuNV5ap2C4Wq9FAKNRjaUw+1xWotHK20RrsylhCJTQjkEkhCbsnF5/y8hFzz45BL8n8EGyeRTRxyCAqzP6SVtCvvOtKuHX8+MNZ7M2/2ve+82TfPmtFuAE+tyfSfTMSJiHg5iRivr08iYrCaykbM1so92NzIp0sSW1v/+Sqplrm/uZGPpn1Sx+qZX0fExy9EnMrsr7e8tr44VywWVur5qcrS1any2vrpK0tzC4WFwvLZ6ZmZM+f+dO7s4cX6zefrx++88s/fvzP73fO/evelT5KYjeP1bc1xHJbJmKwfk8H0EO7yj8OurG/ef7aDQk1nQPYoG0OX0o4ZqPfKiRiPgYP6Z7SXLQMAjspzEbHVzkDbLQDAEy2pXf//1u92AAC90vg9wP3NjXxj6e9vJHrr7t8jYqQWf+P+Zm1Ltn7PbqR6H3TsfrLrzkgSEROHUP9kRLzxwf/fSpc4ovuQAK3cuBkRlyYm94//yb5nFrr1h9arF5ozk3s2Gv+gdz5M5z9/bjX/y2zPf6LF/Ge4xXv3UTz8/Z+5fQjVtJXO//7a9Gzbg6b46yYG6rmfVed8g8nlK8VCOrb9PCJOxuBwmp8+oI6T976/125b8/zv61efeTOtP/25UyJzOzu8e5/5ucrcj4m52d2bEb/Jtoo/Hf+Hq/2ftJn/Xuiwjn/95cXX221L40/jbSz74z9aW7ciftey/5PtMsmBzydOVU+HqcZJ0cJ7szHWrv7J7E7/p0taf+P/Ar2Q9v/YwfFPJM3Pa5Y7funtp8U+uzX+UbtCzed/6/hbn/9DyX+r6aH6uutzlcrKdMRQ8u/968/s7NvIN8qn8Z/8bev3f2P8a3H+/y99/UsdHojsnS/ffvT4j1Ya/3xX/d91IkYeLA60q7+z/p/ZtU8n41+nDXzU4wYAAAAAAAAAAAAAAAAAAAAAAAAA3chExPFIMrntdCaTy9W+w/uXMZYplsqVU5dLq8vzUf2u7IkYzDQ+6nK86fNQp+ufh9/In9mT/2NE/CIiXhsereZz+VJxvt/BAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDdsTbf/5/6YnhP4YF+tBAAOBIjLuwA8LRJstl+NwEA6LWRrkqPHlk7AIDe6e76DwD8FLj+A8DT5yHX/71/BgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADdunD+fLpsfbu5kU/z89fWVhdL107PF8qLuaXVfC5fWrmaWyiVFoqFXL601PaFbtR+FEulqzOxvHp9qlIoV6bKa+sXl0qry5WLV5bmFgoXC4M9iwwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOldeW1+cKxYLKxJ9SSx+WuuHx6U9Et0l4kat/x6X9hxeIoZ2RonR/gxOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAE+AHwIAAP//4VQjgA==") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000240), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r0, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)) 874.553539ms ago: executing program 0 (id=3421): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='block_plug\x00', r1}, 0x10) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='block_plug\x00', r2}, 0x10) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) 857.861049ms ago: executing program 0 (id=3422): bpf$PROG_LOAD(0x5, 0x0, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x41, 0x1, 0x0, 0x0, 0x0, 0x5, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3, 0x800000000001}, 0x1100, 0x5dd8, 0x0, 0x8, 0x0, 0x8, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000180)=0x400000001, 0xc2) setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000022, &(0x7f0000000040)=0x1, 0x4) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) sendto$inet6(r0, 0x0, 0x2, 0xc4ffffff, 0x0, 0x0) 837.610899ms ago: executing program 7 (id=3423): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) recvmmsg$unix(0xffffffffffffffff, &(0x7f0000002380)=[{{0x0, 0x0, &(0x7f0000001340)=[{0x0}], 0x1}}], 0x1, 0x40000000, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000280)={'syzkaller0\x00', 0xca02}) close(r0) socket$netlink(0x10, 0x3, 0x0) preadv(r1, &(0x7f0000001300)=[{&(0x7f00000000c0)=""/124, 0x3}], 0x3e8, 0x0, 0x0) ioctl$SIOCSIFHWADDR(r0, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local}) 212.409118ms ago: executing program 5 (id=3424): openat$rdma_cm(0xffffffffffffff9c, 0x0, 0x2, 0x0) r0 = creat(&(0x7f00000000c0)='./file1\x00', 0x29d9d106d4d639cf) fallocate(r0, 0x0, 0x0, 0x2000402) ioctl$TIOCL_SETSEL(0xffffffffffffffff, 0x541c, 0xfffffffffffffffd) pipe(0x0) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="58000000020605000000000000000000000000000900020073797a3100000000050005000a000000050001000600000013000300686173683a6e65742c696661636500000c0007800800124005000000050004"], 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x800) 212.089468ms ago: executing program 7 (id=3425): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000005"], 0x50) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000540)='inet_sock_set_state\x00', r1}, 0x10) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000540)='inet_sock_set_state\x00', r2}, 0x10) r3 = socket$inet_sctp(0x2, 0x5, 0x84) close(r3) 211.310168ms ago: executing program 0 (id=3434): perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x3f, 0x1, 0x0, 0x0, 0x0, 0x74, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000, 0x0, @perf_config_ext={0x400000000000000, 0x1}, 0x115428, 0x1, 0x0, 0x0, 0x5f4d, 0x10000001}, 0x0, 0xfffffeffffffffff, 0xffffffffffffffff, 0x2) r0 = syz_io_uring_setup(0x3380, &(0x7f0000000180)={0x0, 0x0, 0x10100}, &(0x7f0000000380)=0x0, &(0x7f00000000c0)=0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) write$UHID_CREATE2(r3, &(0x7f0000000040)=ANY=[@ANYBLOB='5'], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}) io_uring_enter(r0, 0x2d3e, 0x0, 0x0, 0x0, 0x0) 185.480028ms ago: executing program 7 (id=3426): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000280)='sched_switch\x00', r1}, 0x18) unshare(0xa000200) semget$private(0x0, 0x4000, 0x0) semtimedop(0x0, &(0x7f0000000000)=[{0x2, 0x40, 0x1800}], 0x1, 0x0) unshare(0x20060400) 160.978358ms ago: executing program 7 (id=3427): r0 = socket$tipc(0x1e, 0x5, 0x0) bind$tipc(r0, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10) r1 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r2 = socket$tipc(0x1e, 0x2, 0x0) setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000180)={0x42, 0x0, 0x2}, 0x10) sendmsg$tipc(r2, &(0x7f0000000540)={&(0x7f00000001c0)=@name={0x1e, 0x2, 0x0, {{0x42}, 0x2}}, 0x10, 0x0}, 0x10) 160.370989ms ago: executing program 0 (id=3428): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x6d3a2e17dee28253, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000080)='kfree\x00', r1, 0x0, 0x6}, 0x18) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="14000000100001000000000000b890c1a000000a80000000160a01030000000000000000020000000900020073797a30000000000900010073797a30000000005400038008000240000000000800014000000000400003801400010076657468315f746f5f6272696467650014000100776732000000000000000000000000001400010076657468305f746f5f7465616d00000014000000110001"], 0xa8}}, 0x0) sendmsg$NFT_BATCH(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000002c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_DELFLOWTABLE={0x48, 0x18, 0xa, 0x201, 0x0, 0x0, {0x2, 0x0, 0x3}, [@NFTA_FLOWTABLE_HOOK={0x1c, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_DEVS={0x18, 0x3, 0x0, 0x1, [{0x14, 0x1, 'wg2\x00'}]}]}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x3}}}, 0x70}, 0x1, 0x0, 0x0, 0x40000}, 0x20008000) 104.169959ms ago: executing program 6 (id=3429): socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)) r0 = syz_io_uring_setup(0x2402, &(0x7f0000000240)={0x0, 0x0, 0x10100, 0x2, 0xe1}, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cpuset.memory_pressure_enabled\x00', 0x275a, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_TEE={0x21, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0x1, 0x7}) write$UHID_CREATE2(r3, &(0x7f00000001c0)=ANY=[@ANYBLOB="06"], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_CONNECT={0x10, 0x12, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}) io_uring_enter(r0, 0x2d3e, 0x0, 0x0, 0x0, 0x0) 103.553759ms ago: executing program 0 (id=3430): mmap(&(0x7f0000000000/0x95c000)=nil, 0x95c000, 0x3000003, 0x8c4b815a5465c2b1, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000000800000008"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000009f910000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x42) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18) r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) setsockopt$sock_int(r2, 0x1, 0x10, &(0x7f0000000080)=0x9, 0x4) bind$bt_hci(r2, &(0x7f0000000040)={0x1f, 0xffffffffffffffff, 0x2}, 0x6) recvmmsg(r2, &(0x7f0000005e40)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000780)=""/66, 0x42}, 0xd58}], 0x1, 0x0, 0x0) 103.133359ms ago: executing program 6 (id=3431): r0 = io_uring_setup(0xf08, &(0x7f0000000780)={0x0, 0x8fb5, 0x10000, 0x3, 0x5}) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48) r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0xfffffffffffffdd0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback, r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f0000000640)=[{0x0}], 0x1) syz_clone3(&(0x7f0000000000)={0x285002400, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x46) io_uring_register$IORING_REGISTER_FILES(r0, 0x1e, &(0x7f0000000000)=[r0], 0x1) 91.953099ms ago: executing program 0 (id=3432): perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0xf1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) close(0x3) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000001200000000000000000095"], &(0x7f0000000c00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) close(0x3) bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000002c0)={r1, 0x4, 0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r0, 0x0, 0x0}, 0x10) 90.767149ms ago: executing program 6 (id=3433): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000002000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000f00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1a"], 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r0}, 0x10) r1 = creat(&(0x7f0000000180)='./bus\x00', 0x11) fsetxattr$system_posix_acl(r1, &(0x7f0000000000)='system.posix_acl_default\x00', &(0x7f0000000200)=ANY=[@ANYBLOB="02"], 0xfe44, 0x0) 55.17472ms ago: executing program 6 (id=3435): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r0, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x10, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="1802000000c400000000000000000000850000003e00000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000023c0)=ANY=[@ANYBLOB="1200000004000000080000000b"], 0x48) bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000540)=ANY=[@ANYRES32=r2, @ANYRES32=r1, @ANYBLOB='\a'], 0x10) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000100)={r2, &(0x7f0000000240), &(0x7f0000000140)=@tcp6=r0}, 0x20) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) sendmmsg$inet6(r0, &(0x7f0000002440)=[{{0x0, 0x0, &(0x7f0000000980)=[{&(0x7f0000000600)="e2", 0x1}], 0x1}}, {{0x0, 0x1, &(0x7f0000000480), 0x14}}], 0x400, 0x10) 32.23593ms ago: executing program 6 (id=3436): bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0xffffffffffffffbd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='scsi_dispatch_cmd_start\x00', r1}, 0x10) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='scsi_dispatch_cmd_start\x00', r2}, 0x10) madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15) 0s ago: executing program 6 (id=3437): bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000009000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000020000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{r0}, &(0x7f0000000000), &(0x7f00000005c0)=r1}, 0x20) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000006c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r2}, 0x10) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r3, 0x29, 0x40, &(0x7f0000000680)=@mangle={'mangle\x00', 0x64, 0x6, 0x600, 0x0, 0x0, 0x1d0, 0x0, 0x1d0, 0x530, 0x530, 0x530, 0x530, 0x530, 0x6, 0x0, {[{{@ipv6={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @ipv4={'\x00', '\xff\xff', @multicast2}, [], [], 'vcan0\x00', 'veth1_virt_wifi\x00'}, 0x0, 0xa8, 0xe8, 0x0, {0x7a00000000000000}}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz0\x00', 0x0, 0x9}}}, {{@ipv6={@mcast1, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, [], [], 'syzkaller1\x00', 'ip6tnl0\x00'}, 0x0, 0xa8, 0xe8}, @inet=@TPROXY1={0x40, 'TPROXY\x00', 0x1, {0x0, 0x0, @ipv6=@private0}}}, {{@ipv6={@rand_addr=' \x01\x00', @mcast2, [], [], 'veth1_to_batadv\x00', 'vlan1\x00'}, 0x0, 0xf8, 0x140, 0x0, {}, [@common=@inet=@ecn={{0x28}}, @common=@ipv6header={{0x28}}]}, @DNPT={0x48, 'DNPT\x00', 0x0, {@ipv6=@empty}}}, {{@ipv6={@private0, @mcast2, [], [], 'veth1_to_team\x00', 'veth0_macvtap\x00'}, 0x0, 0xf0, 0x130, 0x0, {}, [@common=@hbh={{0x48}}]}, @inet=@TPROXY1={0x40, 'TPROXY\x00', 0x1, {0x0, 0x0, @ipv6=@remote}}}, {{@uncond, 0x0, 0xa8, 0xf0}, @DNPT={0x48, 'DNPT\x00', 0x0, {@ipv6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @ipv4=@local}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x660) kernel console output (not intermixed with test programs): 4832][ T9025] pim6reg1: entered allmulticast mode [ 104.280682][ T3539] usb 7-1: new full-speed USB device number 3 using vhci_hcd [ 104.294846][ T9008] vhci_hcd vhci_hcd.0: pdev(3) rhport(2) sockfd(5) [ 104.301410][ T9008] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 104.308841][ T9008] vhci_hcd vhci_hcd.0: Device attached [ 104.342871][ T29] audit: type=1326 audit(1746354486.697:2346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9028 comm="syz.1.2117" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f58c5e2e969 code=0x7ffc0000 [ 104.342887][ T9013] vhci_hcd vhci_hcd.0: pdev(3) rhport(5) sockfd(15) [ 104.342913][ T9013] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 104.366307][ T29] audit: type=1326 audit(1746354486.697:2347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9028 comm="syz.1.2117" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7f58c5e2e969 code=0x7ffc0000 [ 104.372933][ T9013] vhci_hcd vhci_hcd.0: Device attached [ 104.380444][ T29] audit: type=1326 audit(1746354486.697:2348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9028 comm="syz.1.2117" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f58c5e2e969 code=0x7ffc0000 [ 104.432944][ T29] audit: type=1326 audit(1746354486.697:2349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9028 comm="syz.1.2117" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f58c5e2e969 code=0x7ffc0000 [ 104.456185][ T29] audit: type=1326 audit(1746354486.697:2350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9028 comm="syz.1.2117" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f58c5e2e969 code=0x7ffc0000 [ 104.479615][ T29] audit: type=1326 audit(1746354486.697:2351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9028 comm="syz.1.2117" exe="/root/syz-executor" sig=0 arch=c000003e syscall=318 compat=0 ip=0x7f58c5e2e969 code=0x7ffc0000 [ 104.504550][ T9023] vhci_hcd vhci_hcd.0: pdev(3) rhport(6) sockfd(14) [ 104.511191][ T9023] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 104.518841][ T9023] vhci_hcd vhci_hcd.0: Device attached [ 104.528689][ T9035] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2118'. [ 104.581871][ T9008] vhci_hcd vhci_hcd.0: pdev(3) rhport(7) sockfd(9) [ 104.588466][ T9008] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus) [ 104.596623][ T9008] vhci_hcd vhci_hcd.0: Device attached [ 104.668326][ T9033] vhci_hcd: connection closed [ 104.668813][ T4155] vhci_hcd: stop threads [ 104.669057][ T9030] vhci_hcd: connection closed [ 104.673575][ T4155] vhci_hcd: release socket [ 104.682710][ T9009] vhci_hcd: connection reset by peer [ 104.686986][ T4155] vhci_hcd: disconnect device [ 104.692416][ T9019] vhci_hcd: connection closed [ 104.698099][ T9038] vhci_hcd: connection closed [ 104.702925][ T9016] vhci_hcd: connection closed [ 104.707645][ T9024] vhci_hcd: connection closed [ 104.749306][ T4155] vhci_hcd: stop threads [ 104.758317][ T4155] vhci_hcd: release socket [ 104.762766][ T4155] vhci_hcd: disconnect device [ 104.780837][ T4155] vhci_hcd: stop threads [ 104.785156][ T4155] vhci_hcd: release socket [ 104.789635][ T4155] vhci_hcd: disconnect device [ 104.809471][ T4155] vhci_hcd: stop threads [ 104.813759][ T4155] vhci_hcd: release socket [ 104.818364][ T4155] vhci_hcd: disconnect device [ 104.834297][ T4155] vhci_hcd: stop threads [ 104.838602][ T4155] vhci_hcd: release socket [ 104.843048][ T4155] vhci_hcd: disconnect device [ 104.868125][ T4155] vhci_hcd: stop threads [ 104.872423][ T4155] vhci_hcd: release socket [ 104.876855][ T4155] vhci_hcd: disconnect device [ 104.898978][ T4155] vhci_hcd: stop threads [ 104.903267][ T4155] vhci_hcd: release socket [ 104.907705][ T4155] vhci_hcd: disconnect device [ 105.075479][ T9065] ------------[ cut here ]------------ [ 105.081102][ T9065] WARNING: CPU: 0 PID: 9065 at mm/page_alloc.c:4946 __alloc_frozen_pages_noprof+0x218/0x360 [ 105.091290][ T9065] Modules linked in: [ 105.095300][ T9065] CPU: 0 UID: 0 PID: 9065 Comm: syz.1.2133 Not tainted 6.15.0-rc4-syzkaller-00296-ge8ab83e34bdc #0 PREEMPT(voluntary) [ 105.107791][ T9065] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 105.117926][ T9065] RIP: 0010:__alloc_frozen_pages_noprof+0x218/0x360 [ 105.124557][ T9065] Code: 83 3d 63 b5 50 05 02 72 0e 48 83 b8 a0 fb ff ff 00 0f 84 48 ff ff ff 81 ca 00 01 00 00 e9 3d ff ff ff c6 05 52 b2 4c 05 01 90 <0f> 0b 90 31 c0 eb 84 a9 00 00 08 00 75 52 44 89 f1 81 e1 7f ff ff [ 105.144298][ T9065] RSP: 0018:ffffc90003377a40 EFLAGS: 00010246 [ 105.150473][ T9065] RAX: c6e821c929469500 RBX: 0000000000000016 RCX: 0000000000000000 [ 105.158495][ T9065] RDX: 0000000000000000 RSI: 0000000000000016 RDI: 0000000000040dc0 [ 105.166562][ T9065] RBP: 0000000000000dc0 R08: ffff88814328ed98 R09: 0000000000000000 [ 105.174770][ T9065] R10: ffff888118661de8 R11: 0001888118661de8 R12: ffffc90003377d38 [ 105.182797][ T9065] R13: 0000000000004210 R14: 0000000000040dc0 R15: 0000000000000000 [ 105.190815][ T9065] FS: 00007f58c44976c0(0000) GS:ffff8882aee50000(0000) knlGS:0000000000000000 [ 105.199801][ T9065] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 105.206407][ T9065] CR2: 0000200000004000 CR3: 0000000130848000 CR4: 00000000003506f0 [ 105.214431][ T9065] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 105.222450][ T9065] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 105.230467][ T9065] Call Trace: [ 105.233872][ T9065] [ 105.236846][ T9065] __alloc_pages_noprof+0x9/0x20 [ 105.241899][ T9065] ___kmalloc_large_node+0x73/0x130 [ 105.247160][ T9065] __kmalloc_large_node_noprof+0x16/0xa0 [ 105.252922][ T9065] __kmalloc_noprof+0x2ab/0x3e0 [ 105.257890][ T9065] ? hashtab_init+0x9b/0xe0 [ 105.262441][ T9065] ? common_read+0x3f/0x300 [ 105.267064][ T9065] hashtab_init+0x9b/0xe0 [ 105.271502][ T9065] symtab_init+0x2c/0x40 [ 105.275782][ T9065] common_read+0x10b/0x300 [ 105.280296][ T9065] ? __pfx_common_read+0x10/0x10 [ 105.285287][ T9065] policydb_read+0x64f/0x1330 [ 105.290068][ T9065] ? security_load_policy+0x90/0x890 [ 105.295421][ T9065] security_load_policy+0xba/0x890 [ 105.300627][ T9065] ? rep_movs_alternative+0x4a/0x90 [ 105.305940][ T9065] sel_write_load+0x1d4/0x380 [ 105.310719][ T9065] ? __pfx_sel_write_load+0x10/0x10 [ 105.316043][ T9065] vfs_write+0x266/0x8d0 [ 105.320422][ T9065] ? __rcu_read_unlock+0x4f/0x70 [ 105.325386][ T9065] ? __fget_files+0x184/0x1c0 [ 105.330157][ T9065] ksys_write+0xda/0x1a0 [ 105.334434][ T9065] __x64_sys_write+0x40/0x50 [ 105.339118][ T9065] x64_sys_call+0x2cdd/0x2fb0 [ 105.343829][ T9065] do_syscall_64+0xd0/0x1a0 [ 105.348416][ T9065] ? clear_bhb_loop+0x25/0x80 [ 105.353212][ T9065] ? clear_bhb_loop+0x25/0x80 [ 105.357973][ T9065] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 105.363941][ T9065] RIP: 0033:0x7f58c5e2e969 [ 105.368420][ T9065] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 105.388111][ T9065] RSP: 002b:00007f58c4497038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 105.396679][ T9065] RAX: ffffffffffffffda RBX: 00007f58c6055fa0 RCX: 00007f58c5e2e969 [ 105.404701][ T9065] RDX: 00000000000044f0 RSI: 0000200000000000 RDI: 0000000000000003 [ 105.412768][ T9065] RBP: 00007f58c5eb0ab1 R08: 0000000000000000 R09: 0000000000000000 [ 105.420856][ T9065] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 105.426159][ T9069] Invalid ELF header len 6 [ 105.428854][ T9065] R13: 0000000000000000 R14: 00007f58c6055fa0 R15: 00007ffe9f8156f8 [ 105.428879][ T9065] [ 105.428885][ T9065] ---[ end trace 0000000000000000 ]--- [ 105.430646][ T9065] SELinux: failed to load policy [ 105.458217][ T3382] page_pool_release_retry() stalled pool shutdown: id 30, 1 inflight 60 sec [ 105.540821][ T9075] bridge: RTM_NEWNEIGH with invalid ether address [ 105.611468][ T9079] hub 2-0:1.0: USB hub found [ 105.616137][ T9079] hub 2-0:1.0: 8 ports detected [ 105.653693][ T3373] kernel write not supported for file /976/attr/exec (pid: 3373 comm: kworker/0:3) [ 105.907167][ T9111] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2149'. [ 105.916326][ T9111] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2149'. [ 105.930510][ T9110] sd 0:0:1:0: device reset [ 106.055691][ T9121] hub 2-0:1.0: USB hub found [ 106.060762][ T9123] loop0: detected capacity change from 0 to 1024 [ 106.076010][ T9121] hub 2-0:1.0: 8 ports detected [ 106.092282][ T9123] EXT4-fs: Ignoring removed mblk_io_submit option [ 106.120498][ T9123] EXT4-fs: Ignoring removed nobh option [ 106.126173][ T9123] EXT4-fs: Ignoring removed bh option [ 106.143759][ T9130] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2160'. [ 106.168118][ T9123] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 106.168970][ T9130] 8021q: adding VLAN 0 to HW filter on device team1 [ 106.212003][ T9123] EXT4-fs error (device loop0): ext4_xattr_inode_iget:437: comm syz.0.2158: inode #327696: comm syz.0.2158: iget: illegal inode # [ 106.269740][ T9123] EXT4-fs (loop0): Remounting filesystem read-only [ 106.276387][ T9123] EXT4-fs warning (device loop0): ext4_xattr_inode_inc_ref_all:1129: inode #18: comm syz.0.2158: cleanup dec ref error -30 [ 106.300313][ T9123] EXT4-fs warning (device loop0): ext4_xattr_block_set:2190: inode #18: comm syz.0.2158: dec ref error=-30 [ 106.327628][ T9141] pim6reg1: entered promiscuous mode [ 106.333019][ T9141] pim6reg1: entered allmulticast mode [ 106.340776][ T3309] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 106.470050][ T9155] loop0: detected capacity change from 0 to 1024 [ 106.486928][ T9155] EXT4-fs: Ignoring removed nobh option [ 106.495837][ T9155] ext2: Unknown parameter 'dont_hash' [ 106.528004][ T9155] SELinux: security_context_str_to_sid (Ð-šXܘ7.H\¹ÿ %ºu@) failed with errno=-22 [ 106.602916][ T9166] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2178'. [ 106.679647][ T9173] syz_tun: entered promiscuous mode [ 106.708116][ T9173] syz_tun: left promiscuous mode [ 106.820334][ T9188] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 106.965400][ T9188] vhci_hcd vhci_hcd.0: pdev(2) rhport(1) sockfd(5) [ 106.972005][ T9188] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 106.979554][ T9188] vhci_hcd vhci_hcd.0: Device attached [ 106.996199][ T9180] vhci_hcd vhci_hcd.0: pdev(2) rhport(2) sockfd(8) [ 107.002742][ T9180] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 107.010278][ T9180] vhci_hcd vhci_hcd.0: Device attached [ 107.012576][ T9197] vhci_hcd vhci_hcd.0: pdev(2) rhport(3) sockfd(11) [ 107.022343][ T9197] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 107.029924][ T9188] vhci_hcd vhci_hcd.0: pdev(2) rhport(4) sockfd(7) [ 107.036460][ T9188] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 107.044026][ T9197] vhci_hcd vhci_hcd.0: Device attached [ 107.044079][ T9188] vhci_hcd vhci_hcd.0: Device attached [ 107.066219][ T9205] netlink: 104 bytes leftover after parsing attributes in process `syz.3.2190'. [ 107.076332][ T9180] vhci_hcd vhci_hcd.0: pdev(2) rhport(5) sockfd(14) [ 107.083065][ T9180] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 107.090725][ T9180] vhci_hcd vhci_hcd.0: Device attached [ 107.127706][ T9180] vhci_hcd vhci_hcd.0: pdev(2) rhport(6) sockfd(13) [ 107.134352][ T9180] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 107.141819][ T9180] vhci_hcd vhci_hcd.0: Device attached [ 107.157981][ T9] vhci_hcd: vhci_device speed not set [ 107.167242][ T9180] vhci_hcd vhci_hcd.0: pdev(2) rhport(7) sockfd(17) [ 107.173880][ T9180] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus) [ 107.182160][ T9180] vhci_hcd vhci_hcd.0: Device attached [ 107.218403][ T9] usb 5-2: new full-speed USB device number 2 using vhci_hcd [ 107.226962][ T9215] vhci_hcd: connection closed [ 107.227563][ T4155] vhci_hcd: stop threads [ 107.229941][ T9212] vhci_hcd: connection closed [ 107.232376][ T4155] vhci_hcd: release socket [ 107.236637][ T9198] vhci_hcd: connection closed [ 107.241231][ T4155] vhci_hcd: disconnect device [ 107.247972][ T9208] vhci_hcd: connection closed [ 107.255801][ T9195] vhci_hcd: connection closed [ 107.257465][ T9199] vhci_hcd: sendmsg failed!, ret=-32 for 48 [ 107.260613][ T9206] vhci_hcd: connection closed [ 107.271458][ T9196] vhci_hcd: connection closed [ 107.323156][ T4155] vhci_hcd: stop threads [ 107.332284][ T4155] vhci_hcd: release socket [ 107.336734][ T4155] vhci_hcd: disconnect device [ 107.359394][ T4155] vhci_hcd: stop threads [ 107.363850][ T4155] vhci_hcd: release socket [ 107.368372][ T4155] vhci_hcd: disconnect device [ 107.375235][ T9229] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2198'. [ 107.386644][ T4155] vhci_hcd: stop threads [ 107.391019][ T4155] vhci_hcd: release socket [ 107.395638][ T4155] vhci_hcd: disconnect device [ 107.420799][ T4155] vhci_hcd: stop threads [ 107.425093][ T4155] vhci_hcd: release socket [ 107.429565][ T4155] vhci_hcd: disconnect device [ 107.444514][ T4155] vhci_hcd: stop threads [ 107.448988][ T4155] vhci_hcd: release socket [ 107.453464][ T4155] vhci_hcd: disconnect device [ 107.468718][ T4155] vhci_hcd: stop threads [ 107.473061][ T4155] vhci_hcd: release socket [ 107.477534][ T4155] vhci_hcd: disconnect device [ 107.579719][ T9249] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2207'. [ 107.633357][ T36] kernel write not supported for file /1024/attr/exec (pid: 36 comm: kworker/1:1) [ 108.471948][ T9327] xt_CT: No such helper "pptp" [ 108.697926][ T29] kauditd_printk_skb: 15 callbacks suppressed [ 108.697964][ T29] audit: type=1400 audit(1746354491.037:2367): avc: denied { ioctl } for pid=9342 comm="syz.4.2229" path="socket:[24724]" dev="sockfs" ino=24724 ioctlcmd=0x7436 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 108.893184][ T9360] vhci_hcd: invalid port number 96 [ 108.898444][ T9360] vhci_hcd: default hub control req: 0000 vfffc i0060 l0 [ 109.045893][ T29] audit: type=1326 audit(1746354491.417:2368): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9400 comm="syz.0.2238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f34852ae969 code=0x7ffc0000 [ 109.069433][ T29] audit: type=1326 audit(1746354491.417:2369): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9400 comm="syz.0.2238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f34852ae969 code=0x7ffc0000 [ 109.138396][ T29] audit: type=1326 audit(1746354491.477:2370): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9400 comm="syz.0.2238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=83 compat=0 ip=0x7f34852ae969 code=0x7ffc0000 [ 109.161847][ T29] audit: type=1326 audit(1746354491.477:2371): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9400 comm="syz.0.2238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f34852ae969 code=0x7ffc0000 [ 109.185292][ T29] audit: type=1326 audit(1746354491.477:2372): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9400 comm="syz.0.2238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f34852ae969 code=0x7ffc0000 [ 109.208720][ T29] audit: type=1326 audit(1746354491.487:2373): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9400 comm="syz.0.2238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7f34852ae969 code=0x7ffc0000 [ 109.231987][ T29] audit: type=1326 audit(1746354491.487:2374): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9400 comm="syz.0.2238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f34852ae969 code=0x7ffc0000 [ 109.255502][ T29] audit: type=1326 audit(1746354491.487:2375): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9400 comm="syz.0.2238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f34852ae969 code=0x7ffc0000 [ 109.278996][ T29] audit: type=1326 audit(1746354491.497:2376): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9400 comm="syz.0.2238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f34852ae969 code=0x7ffc0000 [ 109.403358][ T3539] usb 7-1: enqueue for inactive port 0 [ 109.409037][ T3539] usb 7-1: enqueue for inactive port 0 [ 109.478133][ T3539] vhci_hcd: vhci_device speed not set [ 109.501074][ T9413] loop4: detected capacity change from 0 to 512 [ 109.507685][ T9413] EXT4-fs: Ignoring removed nobh option [ 109.530698][ T3373] kernel write not supported for file /971/attr/exec (pid: 3373 comm: kworker/0:3) [ 109.548520][ T9413] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.2244: invalid indirect mapped block 256 (level 2) [ 109.590842][ T9413] EXT4-fs (loop4): 2 truncates cleaned up [ 109.596954][ T9413] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 109.755701][ T9422] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2247'. [ 109.967137][ T4163] EXT4-fs error (device loop4): ext4_validate_block_bitmap:432: comm kworker/u8:19: bg 0: block 5: invalid block bitmap [ 109.995792][ T4163] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28 [ 110.008304][ T4163] EXT4-fs (loop4): This should not happen!! Data will be lost [ 110.008304][ T4163] [ 110.018150][ T4163] EXT4-fs (loop4): Total free blocks count 0 [ 110.024151][ T4163] EXT4-fs (loop4): Free/Dirty block details [ 110.030090][ T4163] EXT4-fs (loop4): free_blocks=0 [ 110.035051][ T4163] EXT4-fs (loop4): dirty_blocks=16000 [ 110.040462][ T4163] EXT4-fs (loop4): Block reservation details [ 110.046593][ T4163] EXT4-fs (loop4): i_reserved_data_blocks=16000 [ 110.061017][ T4163] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 2052 with max blocks 2048 with error 28 [ 110.240556][ T10] hid-generic 0000:0000:20000000.0003: unknown main item tag 0x0 [ 110.248384][ T10] hid-generic 0000:0000:20000000.0003: unknown main item tag 0x0 [ 110.256153][ T10] hid-generic 0000:0000:20000000.0003: unknown main item tag 0x0 [ 110.264273][ T10] hid-generic 0000:0000:20000000.0003: unknown main item tag 0x0 [ 110.272045][ T10] hid-generic 0000:0000:20000000.0003: unknown main item tag 0x0 [ 110.279987][ T10] hid-generic 0000:0000:20000000.0003: unknown main item tag 0x0 [ 110.287801][ T10] hid-generic 0000:0000:20000000.0003: unknown main item tag 0x0 [ 110.295571][ T10] hid-generic 0000:0000:20000000.0003: unknown main item tag 0x0 [ 110.303319][ T10] hid-generic 0000:0000:20000000.0003: unknown main item tag 0x0 [ 110.311065][ T10] hid-generic 0000:0000:20000000.0003: unknown main item tag 0x0 [ 110.318917][ T10] hid-generic 0000:0000:20000000.0003: unknown main item tag 0x0 [ 110.326625][ T10] hid-generic 0000:0000:20000000.0003: unknown main item tag 0x0 [ 110.334487][ T10] hid-generic 0000:0000:20000000.0003: unknown main item tag 0x0 [ 110.342235][ T10] hid-generic 0000:0000:20000000.0003: unknown main item tag 0x0 [ 110.350011][ T10] hid-generic 0000:0000:20000000.0003: unknown main item tag 0x0 [ 110.357739][ T10] hid-generic 0000:0000:20000000.0003: unknown main item tag 0x0 [ 110.365499][ T10] hid-generic 0000:0000:20000000.0003: unknown main item tag 0x0 [ 110.373288][ T10] hid-generic 0000:0000:20000000.0003: unknown main item tag 0x0 [ 110.381053][ T10] hid-generic 0000:0000:20000000.0003: unknown main item tag 0x0 [ 110.388813][ T10] hid-generic 0000:0000:20000000.0003: unknown main item tag 0x0 [ 110.396581][ T10] hid-generic 0000:0000:20000000.0003: unknown main item tag 0x0 [ 110.404354][ T10] hid-generic 0000:0000:20000000.0003: unknown main item tag 0x0 [ 110.412159][ T10] hid-generic 0000:0000:20000000.0003: unknown main item tag 0x0 [ 110.419993][ T10] hid-generic 0000:0000:20000000.0003: unknown main item tag 0x0 [ 110.427723][ T10] hid-generic 0000:0000:20000000.0003: unknown main item tag 0x0 [ 110.435485][ T10] hid-generic 0000:0000:20000000.0003: unknown main item tag 0x0 [ 110.443412][ T10] hid-generic 0000:0000:20000000.0003: unknown main item tag 0x0 [ 110.451181][ T10] hid-generic 0000:0000:20000000.0003: unknown main item tag 0x0 [ 110.459048][ T10] hid-generic 0000:0000:20000000.0003: unknown main item tag 0x0 [ 110.482410][ T10] hid-generic 0000:0000:20000000.0003: hidraw0: HID v0.01 Device [syz0] on syz0 [ 110.493990][ T9471] netlink: 96 bytes leftover after parsing attributes in process `syz.0.2269'. [ 110.528876][ T9479] loop8: detected capacity change from 0 to 7 [ 110.566724][ T9484] block device autoloading is deprecated and will be removed. [ 110.574879][ T9489] pimreg: entered allmulticast mode [ 110.584670][ T9489] pimreg: left allmulticast mode [ 110.899796][ T9517] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(3) [ 110.906409][ T9517] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 110.913885][ T9517] vhci_hcd vhci_hcd.0: Device attached [ 110.938948][ T9517] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 110.967503][ T9509] xt_CT: No such helper "pptp" [ 110.979376][ T9517] vhci_hcd vhci_hcd.0: pdev(4) rhport(2) sockfd(7) [ 110.985919][ T9517] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 110.993411][ T9517] vhci_hcd vhci_hcd.0: Device attached [ 111.038623][ T9517] vhci_hcd vhci_hcd.0: pdev(4) rhport(3) sockfd(9) [ 111.045199][ T9517] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 111.052987][ T9517] vhci_hcd vhci_hcd.0: Device attached [ 111.075408][ T9517] vhci_hcd vhci_hcd.0: pdev(4) rhport(4) sockfd(11) [ 111.082092][ T9517] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 111.089821][ T9517] vhci_hcd vhci_hcd.0: Device attached [ 111.097963][ T3382] vhci_hcd: vhci_device speed not set [ 111.103580][ T9531] netlink: 'syz.3.2292': attribute type 4 has an invalid length. [ 111.113029][ T9517] vhci_hcd vhci_hcd.0: pdev(4) rhport(5) sockfd(13) [ 111.119691][ T9517] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 111.127432][ T9517] vhci_hcd vhci_hcd.0: Device attached [ 111.129749][ T9531] netlink: 'syz.3.2292': attribute type 4 has an invalid length. [ 111.157997][ T3382] usb 9-1: new full-speed USB device number 2 using vhci_hcd [ 111.165534][ T9517] vhci_hcd vhci_hcd.0: pdev(4) rhport(6) sockfd(15) [ 111.172206][ T9517] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 111.179718][ T9517] vhci_hcd vhci_hcd.0: Device attached [ 111.199803][ T9517] vhci_hcd vhci_hcd.0: pdev(4) rhport(7) sockfd(17) [ 111.206433][ T9517] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus) [ 111.214652][ T9517] vhci_hcd vhci_hcd.0: Device attached [ 111.271236][ T9546] vhci_hcd: connection closed [ 111.274615][ T4193] vhci_hcd: stop threads [ 111.278223][ T9530] vhci_hcd: connection closed [ 111.279359][ T4193] vhci_hcd: release socket [ 111.283619][ T9542] vhci_hcd: connection closed [ 111.288247][ T4193] vhci_hcd: disconnect device [ 111.297939][ T9518] vhci_hcd: connection reset by peer [ 111.303044][ T9537] vhci_hcd: connection closed [ 111.307562][ T9523] vhci_hcd: connection closed [ 111.312774][ T9521] vhci_hcd: connection closed [ 111.330402][ T4193] vhci_hcd: stop threads [ 111.339424][ T4193] vhci_hcd: release socket [ 111.343848][ T4193] vhci_hcd: disconnect device [ 111.350706][ T4193] vhci_hcd: stop threads [ 111.355078][ T4193] vhci_hcd: release socket [ 111.359570][ T4193] vhci_hcd: disconnect device [ 111.368674][ T4193] vhci_hcd: stop threads [ 111.372958][ T4193] vhci_hcd: release socket [ 111.377415][ T4193] vhci_hcd: disconnect device [ 111.422442][ T4193] vhci_hcd: stop threads [ 111.426796][ T4193] vhci_hcd: release socket [ 111.431318][ T4193] vhci_hcd: disconnect device [ 111.443499][ T4193] vhci_hcd: stop threads [ 111.447779][ T4193] vhci_hcd: release socket [ 111.452292][ T4193] vhci_hcd: disconnect device [ 111.483070][ T4193] vhci_hcd: stop threads [ 111.487478][ T4193] vhci_hcd: release socket [ 111.491963][ T4193] vhci_hcd: disconnect device [ 111.649037][ T9592] netlink: 248 bytes leftover after parsing attributes in process `syz.0.2316'. [ 111.776595][ T9610] wg2: left promiscuous mode [ 111.781319][ T9610] wg2: left allmulticast mode [ 111.796161][ T9610] wg2: entered promiscuous mode [ 111.801385][ T9610] wg2: entered allmulticast mode [ 111.876776][ T9627] loop4: detected capacity change from 0 to 512 [ 111.878520][ T9628] ipvlan2: entered promiscuous mode [ 111.884050][ T9627] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 111.898694][ T9628] bridge0: port 1(ipvlan2) entered blocking state [ 111.905222][ T9628] bridge0: port 1(ipvlan2) entered disabled state [ 111.912328][ T9628] ipvlan2: entered allmulticast mode [ 111.913062][ T9627] EXT4-fs (loop4): 1 truncate cleaned up [ 111.917713][ T9628] bridge0: entered allmulticast mode [ 111.929583][ T9628] ipvlan2: left allmulticast mode [ 111.934664][ T9628] bridge0: left allmulticast mode [ 111.946410][ T9627] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 111.993627][ T9627] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.2331: bg 0: block 256: padding at end of block bitmap is not set [ 112.012517][ T1048] usb usb8-port8: attempt power cycle [ 112.054557][ T9627] EXT4-fs (loop4): Remounting filesystem read-only [ 112.067602][ T9636] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 112.088107][ T9642] netlink: 'syz.1.2338': attribute type 3 has an invalid length. [ 112.099952][ T9645] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(3) [ 112.106535][ T9645] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 112.114183][ T9645] vhci_hcd vhci_hcd.0: Device attached [ 112.126008][ T3307] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 112.127081][ T9645] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 112.146420][ T9636] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 112.173149][ T9645] vhci_hcd vhci_hcd.0: pdev(0) rhport(2) sockfd(7) [ 112.179750][ T9645] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 112.187190][ T9645] vhci_hcd vhci_hcd.0: Device attached [ 112.195087][ T9645] vhci_hcd vhci_hcd.0: pdev(0) rhport(3) sockfd(9) [ 112.201604][ T9645] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 112.209292][ T9645] vhci_hcd vhci_hcd.0: Device attached [ 112.217220][ T9645] vhci_hcd vhci_hcd.0: pdev(0) rhport(4) sockfd(11) [ 112.223895][ T9645] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 112.231596][ T9645] vhci_hcd vhci_hcd.0: Device attached [ 112.238869][ T9645] vhci_hcd vhci_hcd.0: pdev(0) rhport(5) sockfd(13) [ 112.245541][ T9645] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 112.253228][ T9645] vhci_hcd vhci_hcd.0: Device attached [ 112.259097][ T9] usb 5-2: enqueue for inactive port 1 [ 112.264735][ T9] usb 5-2: enqueue for inactive port 1 [ 112.265756][ T9636] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 112.286345][ T9664] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.2343'. [ 112.295866][ T9645] vhci_hcd vhci_hcd.0: pdev(0) rhport(6) sockfd(15) [ 112.302537][ T9645] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 112.310006][ T9645] vhci_hcd vhci_hcd.0: Device attached [ 112.315772][ T3368] vhci_hcd: vhci_device speed not set [ 112.321812][ T9664] netlink: zone id is out of range [ 112.323177][ T9667] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2344'. [ 112.327713][ T9664] netlink: zone id is out of range [ 112.341042][ T9] vhci_hcd: vhci_device speed not set [ 112.347032][ T9664] netlink: del zone limit has 8 unknown bytes [ 112.353437][ T9645] vhci_hcd vhci_hcd.0: pdev(0) rhport(7) sockfd(17) [ 112.360093][ T9645] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus) [ 112.368255][ T9645] vhci_hcd vhci_hcd.0: Device attached [ 112.375178][ T9668] vhci_hcd: connection closed [ 112.375211][ T9660] vhci_hcd: connection closed [ 112.375218][ T9662] vhci_hcd: connection closed [ 112.384912][ T4163] vhci_hcd: stop threads [ 112.384972][ T3368] usb 1-1: new full-speed USB device number 3 using vhci_hcd [ 112.389711][ T4163] vhci_hcd: release socket [ 112.405874][ T4163] vhci_hcd: disconnect device [ 112.417969][ T9657] vhci_hcd: connection closed [ 112.418153][ T9653] vhci_hcd: connection closed [ 112.419242][ T9636] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 112.438461][ T9646] vhci_hcd: connection reset by peer [ 112.443884][ T9655] vhci_hcd: connection closed [ 112.447221][ T4163] vhci_hcd: stop threads [ 112.447408][ T9667] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2344'. [ 112.452018][ T4163] vhci_hcd: release socket [ 112.452032][ T4163] vhci_hcd: disconnect device [ 112.483661][ T4163] vhci_hcd: stop threads [ 112.488001][ T4163] vhci_hcd: release socket [ 112.492475][ T4163] vhci_hcd: disconnect device [ 112.503020][ T4163] vhci_hcd: stop threads [ 112.507467][ T4163] vhci_hcd: release socket [ 112.512013][ T4163] vhci_hcd: disconnect device [ 112.522941][ T9681] ipvlan2: entered promiscuous mode [ 112.529397][ T9681] bridge0: port 1(ipvlan2) entered blocking state [ 112.535854][ T9681] bridge0: port 1(ipvlan2) entered disabled state [ 112.543400][ T4163] vhci_hcd: stop threads [ 112.547678][ T4163] vhci_hcd: release socket [ 112.552183][ T4163] vhci_hcd: disconnect device [ 112.557724][ T4163] vhci_hcd: stop threads [ 112.562093][ T4163] vhci_hcd: release socket [ 112.566525][ T4163] vhci_hcd: disconnect device [ 112.572568][ T9681] ipvlan2: entered allmulticast mode [ 112.577932][ T9681] bridge0: entered allmulticast mode [ 112.583836][ T9681] ipvlan2: left allmulticast mode [ 112.588983][ T9681] bridge0: left allmulticast mode [ 112.595478][ T4163] vhci_hcd: stop threads [ 112.599761][ T4163] vhci_hcd: release socket [ 112.604194][ T4163] vhci_hcd: disconnect device [ 112.616845][ T9636] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 112.630267][ T9636] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 112.642188][ T9636] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 112.660357][ T9636] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 112.902934][ T36] Process accounting resumed [ 113.194940][ T9721] netlink: 92 bytes leftover after parsing attributes in process `syz.3.2363'. [ 113.213725][ T9725] loop4: detected capacity change from 0 to 1024 [ 113.240067][ T9725] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 113.266892][ T9725] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4113: comm syz.4.2365: Allocating blocks 385-513 which overlap fs metadata [ 113.291850][ T36] Process accounting resumed [ 113.309518][ T9725] EXT4-fs (loop4): pa ffff88810057b230: logic 16, phys. 129, len 24 [ 113.317617][ T9725] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 1 [ 113.382215][ T3307] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 113.438890][ T9750] usb usb2: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 113.446572][ T9750] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 113.469595][ T9750] vhci_hcd: default hub control req: 6314 v0008 i0002 l0 [ 113.485203][ T9757] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2379'. [ 113.532224][ T9761] netem: change failed [ 113.562211][ T9765] sch_tbf: burst 0 is lower than device lo mtu (18) ! [ 113.848112][ T1048] usb usb8-port8: unable to enumerate USB device [ 113.901670][ T9791] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2393'. [ 113.962834][ T9795] loop0: detected capacity change from 0 to 2048 [ 113.973872][ T9795] ext4: Unknown parameter 'noacl' [ 114.417461][ T29] kauditd_printk_skb: 73 callbacks suppressed [ 114.417478][ T29] audit: type=1326 audit(1746354496.787:2450): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9826 comm="syz.2.2409" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcce0fee969 code=0x7ffc0000 [ 114.469685][ T9823] loop0: detected capacity change from 0 to 128 [ 114.513925][ T29] audit: type=1326 audit(1746354496.787:2451): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9826 comm="syz.2.2409" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcce0fee969 code=0x7ffc0000 [ 114.537389][ T29] audit: type=1326 audit(1746354496.787:2452): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9826 comm="syz.2.2409" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fcce0fee969 code=0x7ffc0000 [ 114.560774][ T29] audit: type=1326 audit(1746354496.797:2453): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9826 comm="syz.2.2409" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcce0fee969 code=0x7ffc0000 [ 114.584810][ T29] audit: type=1326 audit(1746354496.797:2454): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9826 comm="syz.2.2409" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcce0fee969 code=0x7ffc0000 [ 114.608323][ T29] audit: type=1326 audit(1746354496.797:2455): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9826 comm="syz.2.2409" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fcce0fee969 code=0x7ffc0000 [ 114.632442][ T29] audit: type=1326 audit(1746354496.797:2456): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9826 comm="syz.2.2409" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcce0fee969 code=0x7ffc0000 [ 114.655960][ T29] audit: type=1326 audit(1746354496.797:2457): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9826 comm="syz.2.2409" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcce0fee969 code=0x7ffc0000 [ 114.707741][ T4193] kworker/u8:43: attempt to access beyond end of device [ 114.707741][ T4193] loop0: rw=1, sector=145, nr_sectors = 896 limit=128 [ 114.761022][ T9836] kernel profiling enabled (shift: 6) [ 114.826781][ T29] audit: type=1326 audit(1746354497.177:2458): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9840 comm="syz.1.2415" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f58c5e2e969 code=0x7ffc0000 [ 114.850239][ T29] audit: type=1326 audit(1746354497.177:2459): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9840 comm="syz.1.2415" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f58c5e2e969 code=0x7ffc0000 [ 114.898988][ T9847] sg_write: data in/out 122/14 bytes for SCSI command 0x0-- guessing data in; [ 114.898988][ T9847] program syz.3.2417 not setting count and/or reply_len properly [ 115.193137][ T9873] dvmrp0: entered allmulticast mode [ 115.204974][ T9873] dvmrp0: left allmulticast mode [ 115.268268][ T9889] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2423'. [ 115.838843][ T9934] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2444'. [ 115.918782][ T9945] loop4: detected capacity change from 0 to 128 [ 115.946089][ T9945] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 115.974654][ T9945] ext4 filesystem being mounted at /500/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 116.015091][ T3307] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 116.257926][ T3382] usb 9-1: enqueue for inactive port 0 [ 116.277608][ T3382] usb 9-1: enqueue for inactive port 0 [ 116.357904][ T3382] vhci_hcd: vhci_device speed not set [ 116.391758][ T9967] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2455'. [ 116.998796][ T9986] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2463'. [ 117.046498][ T9988] loop0: detected capacity change from 0 to 512 [ 117.054732][ T9988] EXT4-fs (loop0): mounted filesystem 00800000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 117.089316][ T9988] EXT4-fs warning (device loop0): ext4_enable_quotas:7170: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 117.133799][ T3309] EXT4-fs (loop0): unmounting filesystem 00800000-0000-0000-0000-000000000000. [ 117.162882][ T9994] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2466'. [ 117.457985][ T3368] usb 1-1: enqueue for inactive port 0 [ 117.463606][ T3368] usb 1-1: enqueue for inactive port 0 [ 117.548948][ T3368] vhci_hcd: vhci_device speed not set [ 117.694469][T10026] SELinux: syz.2.2478 (10026) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace. [ 117.809718][T10034] hub 2-0:1.0: USB hub found [ 117.824620][T10034] hub 2-0:1.0: 8 ports detected [ 118.022726][T10059] loop4: detected capacity change from 0 to 128 [ 118.039532][T10059] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 118.058966][T10059] ext4 filesystem being mounted at /508/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 118.164541][ T3307] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 118.179857][T10069] syzkaller0: entered promiscuous mode [ 118.185411][T10069] syzkaller0: entered allmulticast mode [ 118.230590][T10075] loop4: detected capacity change from 0 to 512 [ 118.238649][T10074] usb usb9: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 118.246089][T10074] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 118.256195][T10075] EXT4-fs (loop4): orphan cleanup on readonly fs [ 118.266031][T10075] EXT4-fs error (device loop4): ext4_orphan_get:1417: comm syz.4.2499: bad orphan inode 13 [ 118.281420][T10075] ext4_test_bit(bit=12, block=18) = 1 [ 118.286886][T10075] is_bad_inode(inode)=0 [ 118.291075][T10075] NEXT_ORPHAN(inode)=2130706432 [ 118.295970][T10075] max_ino=32 [ 118.299240][T10075] i_nlink=1 [ 118.304979][T10075] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 118.356443][T10075] EXT4-fs (loop4): warning: mounting fs with errors, running e2fsck is recommended [ 118.369482][T10075] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.2499: bg 0: block 248: padding at end of block bitmap is not set [ 118.388996][T10075] EXT4-fs error (device loop4): ext4_acquire_dquot:6935: comm syz.4.2499: Failed to acquire dquot type 1 [ 118.417231][T10093] netlink: 96 bytes leftover after parsing attributes in process `syz.2.2509'. [ 118.436553][T10075] EXT4-fs warning (device loop4): ext4_enable_quotas:7170: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 118.448320][T10098] ALSA: seq fatal error: cannot create timer (-19) [ 118.479072][ T3307] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 118.494421][T10105] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2515'. [ 118.567200][T10111] loop4: detected capacity change from 0 to 4096 [ 118.575867][T10111] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 118.615247][ T3307] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 118.646804][T10118] hub 4-0:1.0: USB hub found [ 118.659711][T10118] hub 4-0:1.0: 8 ports detected [ 118.667532][T10125] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2522'. [ 118.744357][T10134] netlink: 'syz.0.2527': attribute type 12 has an invalid length. [ 118.804959][T10140] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2530'. [ 118.851714][T10147] loop4: detected capacity change from 0 to 1024 [ 118.858916][T10147] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 118.870033][T10147] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 118.882634][T10147] JBD2: no valid journal superblock found [ 118.888429][T10147] EXT4-fs (loop4): Could not load journal inode [ 118.909216][T10147] SELinux: security_context_str_to_sid (Ð-šXܘ7.H\¹ÿ %ºu@) failed with errno=-22 [ 118.986418][T10152] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2535'. [ 119.002436][T10152] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2535'. [ 119.172318][T10177] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2546'. [ 119.244705][T10182] tipc: New replicast peer: 10.1.1.2 [ 119.250119][T10182] tipc: Enabled bearer , priority 10 [ 119.312576][T10184] ALSA: seq fatal error: cannot create timer (-19) [ 119.540911][T10207] usb usb9: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 119.548547][T10207] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 119.731989][T10228] usb usb2: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 119.739523][T10228] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 119.748351][T10235] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2566'. [ 119.763886][T10228] vhci_hcd: default hub control req: 6314 v0008 i0002 l0 [ 119.781497][T10237] usb usb9: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 119.789083][T10237] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 119.789178][T10224] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2566'. [ 119.796551][ T29] kauditd_printk_skb: 89 callbacks suppressed [ 119.796563][ T29] audit: type=1326 audit(1746354502.167:2546): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10227 comm="syz.0.2570" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f34852ae969 code=0x0 [ 119.869007][ T3382] usb usb8-port8: attempt power cycle [ 119.884891][T10241] binfmt_misc: register: failed to install interpreter file ./file2 [ 119.926347][T10249] macvlan1: entered promiscuous mode [ 119.935343][T10249] ipvlan0: entered promiscuous mode [ 119.941948][T10249] ipvlan0: left promiscuous mode [ 119.947152][T10249] macvlan1: left promiscuous mode [ 120.069631][T10261] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2585'. [ 120.239663][ T29] audit: type=1326 audit(1746354502.617:2547): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10265 comm="syz.4.2587" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f537fd4e969 code=0x7ffc0000 [ 120.265748][ T29] audit: type=1326 audit(1746354502.617:2548): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10265 comm="syz.4.2587" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f537fd4e969 code=0x7ffc0000 [ 120.289347][ T29] audit: type=1326 audit(1746354502.617:2549): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10265 comm="syz.4.2587" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f537fd4e969 code=0x7ffc0000 [ 120.312978][ T29] audit: type=1326 audit(1746354502.617:2550): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10265 comm="syz.4.2587" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f537fd4e969 code=0x7ffc0000 [ 120.336631][ T29] audit: type=1326 audit(1746354502.617:2551): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10265 comm="syz.4.2587" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f537fd4e969 code=0x7ffc0000 [ 120.360226][ T29] audit: type=1326 audit(1746354502.637:2552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10265 comm="syz.4.2587" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f537fd4e969 code=0x7ffc0000 [ 120.383714][ T29] audit: type=1326 audit(1746354502.637:2553): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10265 comm="syz.4.2587" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f537fd4e969 code=0x7ffc0000 [ 120.384277][ T3539] tipc: Node number set to 2343773648 [ 120.413746][ T29] audit: type=1326 audit(1746354502.667:2554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10265 comm="syz.4.2587" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f537fd4e969 code=0x7ffc0000 [ 120.437436][ T29] audit: type=1326 audit(1746354502.667:2555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10265 comm="syz.4.2587" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f537fd4e969 code=0x7ffc0000 [ 120.574803][T10278] macvlan1: entered promiscuous mode [ 120.581210][T10278] ipvlan0: entered promiscuous mode [ 120.586933][T10278] ipvlan0: left promiscuous mode [ 120.592210][T10278] macvlan1: left promiscuous mode [ 120.782852][T10291] vlan2: entered allmulticast mode [ 120.788158][T10291] bond0: entered allmulticast mode [ 120.835021][T10299] loop0: detected capacity change from 0 to 512 [ 120.865592][T10299] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 120.878594][T10299] ext4 filesystem being mounted at /583/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 120.910046][ T3309] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 120.954546][T10317] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 120.962559][T10316] macsec0: entered promiscuous mode [ 120.968211][T10316] team0: entered promiscuous mode [ 120.970488][T10317] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 120.983165][T10316] team0: left promiscuous mode [ 121.205950][T10353] can0: slcan on ttyS3. [ 121.258057][T10353] can0 (unregistered): slcan off ttyS3. [ 121.580498][T10391] SELinux: security_context_str_to_sid (ÿÿÿÿ) failed with errno=-22 [ 121.738123][ T3382] usb usb8-port8: unable to enumerate USB device [ 121.780862][T10415] netlink: 'syz.1.2657': attribute type 10 has an invalid length. [ 121.791409][T10417] netlink: 'syz.3.2658': attribute type 13 has an invalid length. [ 121.802127][T10415] dummy0: entered promiscuous mode [ 121.807815][T10415] bridge0: port 1(dummy0) entered blocking state [ 121.814409][T10415] bridge0: port 1(dummy0) entered disabled state [ 121.821068][T10415] dummy0: entered allmulticast mode [ 121.827303][T10415] bridge0: port 1(dummy0) entered blocking state [ 121.833740][T10415] bridge0: port 1(dummy0) entered forwarding state [ 122.074066][T10447] vlan2: entered allmulticast mode [ 122.079279][T10447] bridge_slave_0: entered allmulticast mode [ 122.140929][T10459] batadv0: entered promiscuous mode [ 122.158129][T10459] hsr1: Slave A (bond0) is not up; please bring it up to get a fully working HSR network [ 122.178179][T10459] 8021q: adding VLAN 0 to HW filter on device hsr1 [ 122.200257][T10459] batadv0: left promiscuous mode [ 122.216707][ T9677] kernel write not supported for file /1101/attr/exec (pid: 9677 comm: kworker/0:5) [ 122.231107][T10464] sch_fq: defrate 0 ignored. [ 122.481754][T10508] loop0: detected capacity change from 0 to 512 [ 122.520555][T10508] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 122.533584][T10508] ext4 filesystem being mounted at /601/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 122.811410][ T3309] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 122.912225][T10533] loop4: detected capacity change from 0 to 256 [ 122.956841][T10535] tipc: Started in network mode [ 122.961851][T10535] tipc: Node identity 2eefbfb5274f, cluster identity 4711 [ 122.969097][T10535] tipc: Enabled bearer , priority 0 [ 122.992254][T10535] tipc: Disabling bearer [ 123.199192][T10552] loop4: detected capacity change from 0 to 1024 [ 123.281609][T10552] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 123.332727][T10552] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4113: comm syz.4.2716: Allocating blocks 385-513 which overlap fs metadata [ 123.356578][T10552] EXT4-fs (loop4): pa ffff88810057b230: logic 16, phys. 129, len 24 [ 123.364684][T10552] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 8 [ 123.447374][T10575] __nla_validate_parse: 7 callbacks suppressed [ 123.447391][T10575] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2726'. [ 123.464402][ T3307] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 123.575936][T10593] tipc: Started in network mode [ 123.580901][T10593] tipc: Node identity b67e0c35e859, cluster identity 4711 [ 123.588117][T10593] tipc: Enabled bearer , priority 0 [ 123.600186][T10592] ref_ctr increment failed for inode: 0xa92 offset: 0x9 ref_ctr_offset: 0x82 of mm: 0xffff88811a404d00 [ 123.614201][T10590] uprobe: syz.2.2733:10590 failed to unregister, leaking uprobe [ 123.622487][T10593] tipc: Disabling bearer [ 123.782486][T10612] xt_CT: You must specify a L4 protocol and not use inversions on it [ 123.926590][T10629] loop0: detected capacity change from 0 to 128 [ 124.071877][T10642] loop4: detected capacity change from 0 to 512 [ 124.078674][T10642] EXT4-fs: Ignoring removed nobh option [ 124.102257][T10642] EXT4-fs error (device loop4): ext4_do_update_inode:5211: inode #3: comm syz.4.2754: corrupted inode contents [ 124.114285][T10642] EXT4-fs error (device loop4): ext4_dirty_inode:6103: inode #3: comm syz.4.2754: mark_inode_dirty error [ 124.126975][T10642] EXT4-fs error (device loop4): ext4_do_update_inode:5211: inode #3: comm syz.4.2754: corrupted inode contents [ 124.139704][T10642] EXT4-fs error (device loop4): __ext4_ext_dirty:207: inode #3: comm syz.4.2754: mark_inode_dirty error [ 124.153815][T10642] EXT4-fs error (device loop4): ext4_acquire_dquot:6935: comm syz.4.2754: Failed to acquire dquot type 0 [ 124.166339][T10642] EXT4-fs error (device loop4): ext4_do_update_inode:5211: inode #16: comm syz.4.2754: corrupted inode contents [ 124.179469][T10642] EXT4-fs error (device loop4): ext4_dirty_inode:6103: inode #16: comm syz.4.2754: mark_inode_dirty error [ 124.208540][T10642] EXT4-fs error (device loop4): ext4_do_update_inode:5211: inode #16: comm syz.4.2754: corrupted inode contents [ 124.220863][T10642] EXT4-fs error (device loop4): __ext4_ext_dirty:207: inode #16: comm syz.4.2754: mark_inode_dirty error [ 124.233338][T10642] EXT4-fs error (device loop4): ext4_do_update_inode:5211: inode #16: comm syz.4.2754: corrupted inode contents [ 124.245394][T10642] EXT4-fs error (device loop4) in ext4_orphan_del:305: Corrupt filesystem [ 124.254945][T10642] EXT4-fs error (device loop4): ext4_do_update_inode:5211: inode #16: comm syz.4.2754: corrupted inode contents [ 124.267454][T10642] EXT4-fs error (device loop4): ext4_truncate:4255: inode #16: comm syz.4.2754: mark_inode_dirty error [ 124.280114][T10642] EXT4-fs error (device loop4) in ext4_process_orphan:347: Corrupt filesystem [ 124.289720][T10642] EXT4-fs (loop4): 1 truncate cleaned up [ 124.295770][T10642] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 124.309132][T10642] ext4 filesystem being mounted at /563/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 124.336798][ T3307] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 124.351444][T10652] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0 [ 124.363250][T10651] IPVS: stopping master sync thread 10652 ... [ 124.397092][T10654] loop0: detected capacity change from 0 to 2048 [ 124.410150][T10654] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 124.439942][ T3309] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 124.612224][T10673] loop4: detected capacity change from 0 to 512 [ 124.619080][T10673] EXT4-fs: Ignoring removed mblk_io_submit option [ 124.625804][T10673] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 124.650592][T10673] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 124.663444][T10673] ext4 filesystem being mounted at /568/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 124.694681][ T3307] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 124.718796][T10679] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 124.829529][T10693] loop2: detected capacity change from 0 to 1024 [ 124.836365][T10693] EXT4-fs: Ignoring removed nobh option [ 124.849426][T10693] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 124.889611][ T3302] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 124.993211][ T29] kauditd_printk_skb: 107 callbacks suppressed [ 124.993230][ T29] audit: type=1400 audit(1746354507.367:2661): avc: denied { write } for pid=10718 comm="syz.3.2783" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 125.034037][ T29] audit: type=1400 audit(1746354507.367:2662): avc: denied { nlmsg_write } for pid=10718 comm="syz.3.2783" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 125.223601][ T29] audit: type=1326 audit(1746354507.597:2663): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10745 comm="syz.4.2797" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f537fd4e969 code=0x7ffc0000 [ 125.248443][ T29] audit: type=1326 audit(1746354507.597:2664): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10745 comm="syz.4.2797" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f537fd4e969 code=0x7ffc0000 [ 125.272145][ T29] audit: type=1326 audit(1746354507.597:2665): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10745 comm="syz.4.2797" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f537fd4e969 code=0x7ffc0000 [ 125.295589][ T29] audit: type=1326 audit(1746354507.597:2666): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10745 comm="syz.4.2797" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f537fd4e969 code=0x7ffc0000 [ 125.319144][ T29] audit: type=1326 audit(1746354507.597:2667): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10745 comm="syz.4.2797" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f537fd4e969 code=0x7ffc0000 [ 125.342761][ T29] audit: type=1326 audit(1746354507.597:2668): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10745 comm="syz.4.2797" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f537fd4e969 code=0x7ffc0000 [ 125.366357][ T29] audit: type=1326 audit(1746354507.597:2669): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10745 comm="syz.4.2797" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f537fd4e969 code=0x7ffc0000 [ 125.389952][ T29] audit: type=1326 audit(1746354507.597:2670): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10745 comm="syz.4.2797" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f537fd4e969 code=0x7ffc0000 [ 125.628568][T10757] loop0: detected capacity change from 0 to 1024 [ 125.665247][T10757] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 125.723592][T10757] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4113: comm syz.0.2801: Allocating blocks 385-513 which overlap fs metadata [ 125.723862][T10773] netlink: 52 bytes leftover after parsing attributes in process `syz.3.2807'. [ 125.763239][T10773] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 125.780589][T10776] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 125.792148][T10777] EXT4-fs (loop0): pa ffff88810057b310: logic 16, phys. 129, len 24 [ 125.800183][T10777] EXT4-fs error (device loop0): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 8 [ 125.839667][T10786] macvlan1: entered allmulticast mode [ 125.857382][T10786] veth1_vlan: entered allmulticast mode [ 125.865588][T10786] bond0: (slave macvlan1): Enslaving as an active interface with an up link [ 125.885644][ T3309] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 125.922522][T10796] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2813'. [ 125.986595][T10789] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2813'. [ 126.396438][T10830] xt_hashlimit: size too large, truncated to 1048576 [ 126.962937][T10844] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2837'. [ 127.078321][T10855] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2842'. [ 127.119530][T10860] usb usb2: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 127.126966][T10860] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 127.178608][T10860] vhci_hcd: default hub control req: 6314 v0008 i0002 l0 [ 127.262690][T10873] all: renamed from lo [ 127.697098][T10883] Cannot find add_set index 0 as target [ 127.770464][T10891] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2856'. [ 127.797443][T10897] atomic_op ffff8881187e4128 conn xmit_atomic 0000000000000000 [ 127.824553][T10899] loop0: detected capacity change from 0 to 1024 [ 127.831706][T10899] EXT4-fs: Ignoring removed oldalloc option [ 127.837820][T10899] EXT4-fs: Ignoring removed orlov option [ 127.844395][T10899] EXT4-fs (loop0): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 127.846428][T10901] loop4: detected capacity change from 0 to 164 [ 127.869721][T10899] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 127.885355][T10899] netlink: 64 bytes leftover after parsing attributes in process `syz.0.2861'. [ 127.901355][ T3309] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 128.036869][T10923] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2871'. [ 128.116230][T10934] loop2: detected capacity change from 0 to 256 [ 128.161548][T10934] SELinux: ebitmap: truncated map [ 128.185457][T10934] SELinux: failed to load policy [ 128.253181][T10944] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 128.273644][T10946] loop0: detected capacity change from 0 to 512 [ 128.281363][T10946] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 128.311822][T10946] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 128.325557][T10946] ext4 filesystem being mounted at /638/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 128.339668][T10944] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 128.342907][T10946] SELinux: Context system_u:object_r:fsadm_exec_t:s0 is not valid (left unmapped). [ 128.398044][ T3309] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 128.418183][T10960] vlan0: entered allmulticast mode [ 128.423330][T10960] bridge_slave_0: entered allmulticast mode [ 128.449262][T10944] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 128.509580][T10944] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 128.532619][ T4155] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 128.550060][T10970] netlink: 96 bytes leftover after parsing attributes in process `syz.3.2891'. [ 128.571967][T10944] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 128.585973][T10944] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 128.599564][ T4155] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 128.613843][T10944] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 128.625689][T10944] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 128.659356][ T4155] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 128.715233][ T4155] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 128.715332][T10987] loop4: detected capacity change from 0 to 512 [ 128.753512][T10987] EXT4-fs (loop4): 1 orphan inode deleted [ 128.760566][T10987] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 128.771683][T10974] chnl_net:caif_netlink_parms(): no params data found [ 128.773292][ T4193] EXT4-fs error (device loop4): ext4_release_dquot:6971: comm kworker/u8:43: Failed to release dquot type 1 [ 128.792588][T10987] ext4 filesystem being mounted at /602/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 128.819574][ T3307] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 128.850045][T10974] bridge0: port 1(bridge_slave_0) entered blocking state [ 128.857145][T10974] bridge0: port 1(bridge_slave_0) entered disabled state [ 128.864565][T10974] bridge_slave_0: entered allmulticast mode [ 128.871116][T10974] bridge_slave_0: entered promiscuous mode [ 128.878135][ T4155] dummy0: left allmulticast mode [ 128.883161][ T4155] bridge0: port 1(dummy0) entered disabled state [ 129.109387][ T4155] $Hÿ (unregistering): Released all slaves [ 129.117540][ T4155] bond1 (unregistering): Released all slaves [ 129.125073][T10974] bridge0: port 2(bridge_slave_1) entered blocking state [ 129.132139][T10974] bridge0: port 2(bridge_slave_1) entered disabled state [ 129.139415][T10974] bridge_slave_1: entered allmulticast mode [ 129.145914][T10974] bridge_slave_1: entered promiscuous mode [ 129.152425][ T4155] tipc: Left network mode [ 129.166164][ T4155] hsr_slave_0: left promiscuous mode [ 129.171718][ T4155] hsr_slave_1: left promiscuous mode [ 129.227639][T10974] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 129.239702][T10974] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 129.260769][T10974] team0: Port device team_slave_0 added [ 129.267826][T10974] team0: Port device team_slave_1 added [ 129.284704][T10974] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 129.291820][T10974] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 129.317912][T10974] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 129.331378][T10974] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 129.338589][T10974] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 129.364603][T10974] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 129.398661][T10974] hsr_slave_0: entered promiscuous mode [ 129.404595][T10974] hsr_slave_1: entered promiscuous mode [ 129.473085][T10974] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 129.483344][T10974] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 129.492301][T10974] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 129.501203][T10974] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 129.562321][T10974] 8021q: adding VLAN 0 to HW filter on device bond0 [ 129.578631][T10974] 8021q: adding VLAN 0 to HW filter on device team0 [ 129.588719][ T4173] bridge0: port 1(bridge_slave_0) entered blocking state [ 129.595945][ T4173] bridge0: port 1(bridge_slave_0) entered forwarding state [ 129.606876][ T4173] bridge0: port 2(bridge_slave_1) entered blocking state [ 129.614038][ T4173] bridge0: port 2(bridge_slave_1) entered forwarding state [ 129.678735][T10974] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 129.810339][T10974] veth0_vlan: entered promiscuous mode [ 129.818515][T10974] veth1_vlan: entered promiscuous mode [ 129.835703][T10974] veth0_macvtap: entered promiscuous mode [ 129.843394][T10974] veth1_macvtap: entered promiscuous mode [ 129.855195][ T6642] bond0: (slave syz_tun): Releasing backup interface [ 129.862643][ T6642] syz_tun (unregistering): left allmulticast mode [ 129.871404][T10974] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 129.881621][T10974] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 129.890607][T10974] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 129.899453][T10974] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 129.908187][T10974] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 129.916866][T10974] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 130.151259][T11046] chnl_net:caif_netlink_parms(): no params data found [ 130.236019][T11068] netlink: 596 bytes leftover after parsing attributes in process `syz.0.2914'. [ 130.246170][T11046] bridge0: port 1(bridge_slave_0) entered blocking state [ 130.253350][T11046] bridge0: port 1(bridge_slave_0) entered disabled state [ 130.265437][T11046] bridge_slave_0: entered allmulticast mode [ 130.277591][T11046] bridge_slave_0: entered promiscuous mode [ 130.289800][T11046] bridge0: port 2(bridge_slave_1) entered blocking state [ 130.296983][T11046] bridge0: port 2(bridge_slave_1) entered disabled state [ 130.306044][T11046] bridge_slave_1: entered allmulticast mode [ 130.315840][T11046] bridge_slave_1: entered promiscuous mode [ 130.357480][T11046] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 130.459326][ T4177] bond0 (unregistering): Released all slaves [ 130.471410][ T4177] bond1 (unregistering): Released all slaves [ 130.481861][T11046] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 130.491282][T11074] netlink: 44 bytes leftover after parsing attributes in process `syz.0.2917'. [ 130.525751][T11046] team0: Port device team_slave_0 added [ 130.533374][ T4177] tipc: Left network mode [ 130.599590][T11046] team0: Port device team_slave_1 added [ 130.611975][T11085] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2921'. [ 130.623530][T11046] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 130.630608][T11046] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 130.656624][T11046] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 130.683486][T11046] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 130.690637][T11046] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 130.716782][T11046] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 130.752433][T11046] hsr_slave_0: entered promiscuous mode [ 130.758749][T11046] hsr_slave_1: entered promiscuous mode [ 130.764698][T11046] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 130.777984][T11046] Cannot create hsr debugfs directory [ 130.783521][T11090] smc: net device bond0 applied user defined pnetid SYZ2 [ 130.790987][T11090] smc: net device bond0 erased user defined pnetid SYZ2 [ 130.894777][T11046] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 130.914254][T11046] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 130.925481][T11046] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 130.947113][T11046] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 130.962913][T11046] bridge0: port 2(bridge_slave_1) entered blocking state [ 130.970055][T11046] bridge0: port 2(bridge_slave_1) entered forwarding state [ 130.977321][T11046] bridge0: port 1(bridge_slave_0) entered blocking state [ 130.977492][T11104] loop0: detected capacity change from 0 to 128 [ 130.984440][T11046] bridge0: port 1(bridge_slave_0) entered forwarding state [ 131.002860][T11104] syz.0.2929: attempt to access beyond end of device [ 131.002860][T11104] loop0: rw=0, sector=2065, nr_sectors = 1 limit=128 [ 131.016247][T11104] Buffer I/O error on dev loop0, logical block 2065, async page read [ 131.025049][T11104] syz.0.2929: attempt to access beyond end of device [ 131.025049][T11104] loop0: rw=0, sector=2066, nr_sectors = 1 limit=128 [ 131.038486][T11104] Buffer I/O error on dev loop0, logical block 2066, async page read [ 131.046788][T11104] syz.0.2929: attempt to access beyond end of device [ 131.046788][T11104] loop0: rw=0, sector=2067, nr_sectors = 1 limit=128 [ 131.048107][ T29] kauditd_printk_skb: 153 callbacks suppressed [ 131.048121][ T29] audit: type=1326 audit(1746354513.407:2823): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11102 comm="syz.5.2930" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffa599be969 code=0x7fc00000 [ 131.060116][T11104] Buffer I/O error on dev loop0, logical block 2067, async page read [ 131.066218][ T29] audit: type=1326 audit(1746354513.407:2824): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11102 comm="syz.5.2930" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7ffa599be969 code=0x7fc00000 [ 131.091084][T11104] syz.0.2929: attempt to access beyond end of device [ 131.091084][T11104] loop0: rw=0, sector=2068, nr_sectors = 1 limit=128 [ 131.097785][ T29] audit: type=1326 audit(1746354513.407:2825): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11102 comm="syz.5.2930" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffa599be969 code=0x7fc00000 [ 131.121190][T11104] Buffer I/O error on dev loop0, logical block 2068, async page read [ 131.164531][T11046] 8021q: adding VLAN 0 to HW filter on device bond0 [ 131.179033][T11107] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 131.179193][T11104] syz.0.2929: attempt to access beyond end of device [ 131.179193][T11104] loop0: rw=0, sector=2069, nr_sectors = 1 limit=128 [ 131.188645][T11107] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 131.200646][T11104] Buffer I/O error on dev loop0, logical block 2069, async page read [ 131.220529][ T4173] bridge0: port 1(bridge_slave_0) entered disabled state [ 131.229033][ T4173] bridge0: port 2(bridge_slave_1) entered disabled state [ 131.238187][T11104] syz.0.2929: attempt to access beyond end of device [ 131.238187][T11104] loop0: rw=0, sector=2070, nr_sectors = 1 limit=128 [ 131.251538][T11104] Buffer I/O error on dev loop0, logical block 2070, async page read [ 131.260121][T11104] syz.0.2929: attempt to access beyond end of device [ 131.260121][T11104] loop0: rw=0, sector=2071, nr_sectors = 1 limit=128 [ 131.273440][T11104] Buffer I/O error on dev loop0, logical block 2071, async page read [ 131.282145][T11104] syz.0.2929: attempt to access beyond end of device [ 131.282145][T11104] loop0: rw=0, sector=2072, nr_sectors = 1 limit=128 [ 131.295485][T11104] Buffer I/O error on dev loop0, logical block 2072, async page read [ 131.319524][T11104] syz.0.2929: attempt to access beyond end of device [ 131.319524][T11104] loop0: rw=0, sector=2065, nr_sectors = 1 limit=128 [ 131.320058][T11046] 8021q: adding VLAN 0 to HW filter on device team0 [ 131.332790][T11104] Buffer I/O error on dev loop0, logical block 2065, async page read [ 131.349065][ T4155] bridge0: port 1(bridge_slave_0) entered blocking state [ 131.356191][ T4155] bridge0: port 1(bridge_slave_0) entered forwarding state [ 131.357965][T11104] syz.0.2929: attempt to access beyond end of device [ 131.357965][T11104] loop0: rw=0, sector=2066, nr_sectors = 1 limit=128 [ 131.376708][T11104] Buffer I/O error on dev loop0, logical block 2066, async page read [ 131.379776][ T4155] bridge0: port 2(bridge_slave_1) entered blocking state [ 131.391908][ T4155] bridge0: port 2(bridge_slave_1) entered forwarding state [ 131.452706][T11109] netlink: 191080 bytes leftover after parsing attributes in process `wg1'. [ 131.468444][T11109] netlink: zone id is out of range [ 131.473659][T11109] netlink: zone id is out of range [ 131.483692][T11109] netlink: zone id is out of range [ 131.489006][T11109] netlink: zone id is out of range [ 131.494142][T11109] netlink: zone id is out of range [ 131.499305][T11109] netlink: zone id is out of range [ 131.504425][T11109] netlink: zone id is out of range [ 131.509650][T11109] netlink: zone id is out of range [ 131.514822][T11109] netlink: zone id is out of range [ 131.519993][T11109] netlink: zone id is out of range [ 131.612009][T11046] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 131.666213][T11116] netlink: 'syz.0.2933': attribute type 3 has an invalid length. [ 131.997091][T11046] veth0_vlan: entered promiscuous mode [ 132.004768][T11046] veth1_vlan: entered promiscuous mode [ 132.020520][T11133] SELinux: ebitmap: truncated map [ 132.021483][T11046] veth0_macvtap: entered promiscuous mode [ 132.030267][T11133] SELinux: failed to load policy [ 132.033401][T11046] veth1_macvtap: entered promiscuous mode [ 132.046556][T11046] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 132.057043][T11046] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 132.068925][T11046] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 132.079533][T11046] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 132.090023][T11046] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 132.101129][T11046] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 132.111345][T11046] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 132.120242][T11046] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 132.128988][T11046] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 132.137815][T11046] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 132.185681][T11144] sd 0:0:1:0: device reset [ 132.204459][T11146] vlan2: entered allmulticast mode [ 132.209635][T11146] bond0: entered allmulticast mode [ 132.240661][T11149] netlink: 'syz.4.2942': attribute type 3 has an invalid length. [ 132.375036][T11165] pim6reg1: entered promiscuous mode [ 132.380537][T11165] pim6reg1: entered allmulticast mode [ 132.410786][ T29] audit: type=1400 audit(1746354514.787:2826): avc: denied { write } for pid=11168 comm="syz.4.2952" name="vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1 [ 132.436337][ T29] audit: type=1400 audit(1746354514.787:2827): avc: denied { open } for pid=11168 comm="syz.4.2952" path="/dev/vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1 [ 132.468643][T11171] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2953'. [ 132.479856][ T29] audit: type=1400 audit(1746354514.857:2828): avc: denied { read write } for pid=3309 comm="syz-executor" name="loop0" dev="devtmpfs" ino=555 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 132.480227][T11171] ip6gre1: entered allmulticast mode [ 132.503163][ T29] audit: type=1400 audit(1746354514.857:2829): avc: denied { open } for pid=3309 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=555 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 132.531622][ T29] audit: type=1400 audit(1746354514.857:2830): avc: denied { ioctl } for pid=3309 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=555 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 132.600164][T11182] 9pnet_fd: Insufficient options for proto=fd [ 132.623269][ T29] audit: type=1326 audit(1746354514.997:2831): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11183 comm="syz.0.2959" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f34852ae969 code=0x7ffc0000 [ 132.646830][ T29] audit: type=1326 audit(1746354514.997:2832): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11183 comm="syz.0.2959" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f34852ae969 code=0x7ffc0000 [ 132.647167][T11186] netlink: 24 bytes leftover after parsing attributes in process `syz.5.2960'. [ 132.839725][T11208] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 132.848400][T11208] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 132.860596][T11210] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 132.869083][T11210] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 133.424004][T11225] netlink: 96 bytes leftover after parsing attributes in process `syz.5.2976'. [ 133.620437][T11239] netlink: 96 bytes leftover after parsing attributes in process `syz.6.2981'. [ 133.700851][T11253] vlan2: entered allmulticast mode [ 133.768868][T11230] chnl_net:caif_netlink_parms(): no params data found [ 133.857267][T11230] bridge0: port 1(bridge_slave_0) entered blocking state [ 133.864548][T11230] bridge0: port 1(bridge_slave_0) entered disabled state [ 133.874067][T11230] bridge_slave_0: entered allmulticast mode [ 133.884466][T11230] bridge_slave_0: entered promiscuous mode [ 133.891811][T11230] bridge0: port 2(bridge_slave_1) entered blocking state [ 133.899008][T11230] bridge0: port 2(bridge_slave_1) entered disabled state [ 133.906214][T11230] bridge_slave_1: entered allmulticast mode [ 133.912980][T11230] bridge_slave_1: entered promiscuous mode [ 133.920823][T11280] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2994'. [ 133.945742][T11230] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 133.958272][T11230] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 133.995821][T11230] team0: Port device team_slave_0 added [ 134.003365][T11230] team0: Port device team_slave_1 added [ 134.057307][T11230] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 134.064366][T11230] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 134.090462][T11230] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 134.103766][T11230] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 134.110815][T11230] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 134.136792][T11230] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 134.179983][T11230] hsr_slave_0: entered promiscuous mode [ 134.186073][T11230] hsr_slave_1: entered promiscuous mode [ 134.195250][T11230] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 134.202977][T11230] Cannot create hsr debugfs directory [ 134.320571][T11230] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 134.332714][T11230] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 134.351651][T11230] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 134.364727][T11230] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 134.452037][T11230] 8021q: adding VLAN 0 to HW filter on device bond0 [ 134.473713][T11230] 8021q: adding VLAN 0 to HW filter on device team0 [ 134.494206][ T4211] bridge0: port 1(bridge_slave_0) entered blocking state [ 134.501391][ T4211] bridge0: port 1(bridge_slave_0) entered forwarding state [ 134.567182][ T4211] bridge0: port 2(bridge_slave_1) entered blocking state [ 134.574314][ T4211] bridge0: port 2(bridge_slave_1) entered forwarding state [ 134.681463][T11230] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 134.691980][T11230] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 134.757614][T11301] loop6: detected capacity change from 0 to 8192 [ 134.784193][T11230] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 135.045490][T11230] veth0_vlan: entered promiscuous mode [ 135.072138][T11230] veth1_vlan: entered promiscuous mode [ 135.102547][T11230] veth0_macvtap: entered promiscuous mode [ 135.123079][T11230] veth1_macvtap: entered promiscuous mode [ 135.149903][T11230] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 135.160444][T11230] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 135.170339][T11230] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 135.180912][T11230] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 135.198350][T11230] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 135.206728][T11230] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 135.217214][T11230] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 135.227319][T11230] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 135.238000][T11230] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 135.249129][T11230] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 135.274975][T11230] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 135.283727][T11230] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 135.292524][T11230] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 135.301493][T11230] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 135.396514][T11334] loop4: detected capacity change from 0 to 512 [ 135.478623][T11338] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3011'. [ 135.504308][T11334] EXT4-fs error (device loop4): ext4_iget_extra_inode:4693: inode #15: comm syz.4.3010: corrupted in-inode xattr: invalid ea_ino [ 135.567533][T11334] EXT4-fs error (device loop4): ext4_orphan_get:1396: comm syz.4.3010: couldn't read orphan inode 15 (err -117) [ 135.591297][T11344] vhci_hcd vhci_hcd.0: pdev(6) rhport(0) sockfd(3) [ 135.597836][T11344] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 135.605276][T11344] vhci_hcd vhci_hcd.0: Device attached [ 135.607291][T11347] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 135.650279][T11334] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 135.683779][T11344] vhci_hcd vhci_hcd.0: pdev(6) rhport(2) sockfd(5) [ 135.690341][T11344] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 135.697914][T11344] vhci_hcd vhci_hcd.0: Device attached [ 135.737329][T11344] vhci_hcd vhci_hcd.0: pdev(6) rhport(3) sockfd(9) [ 135.743925][T11344] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 135.751696][T11344] vhci_hcd vhci_hcd.0: Device attached [ 135.784894][T11344] vhci_hcd vhci_hcd.0: pdev(6) rhport(4) sockfd(11) [ 135.791574][T11344] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 135.799134][ T3539] vhci_hcd: vhci_device speed not set [ 135.804606][T11344] vhci_hcd vhci_hcd.0: Device attached [ 135.837916][T11344] vhci_hcd vhci_hcd.0: pdev(6) rhport(5) sockfd(13) [ 135.844624][T11344] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 135.852288][T11344] vhci_hcd vhci_hcd.0: Device attached [ 135.868880][ T3539] usb 13-1: new full-speed USB device number 2 using vhci_hcd [ 135.890289][T11344] vhci_hcd vhci_hcd.0: pdev(6) rhport(6) sockfd(15) [ 135.896963][T11344] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 135.904459][T11344] vhci_hcd vhci_hcd.0: Device attached [ 135.912021][ T3307] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 135.936579][T11344] vhci_hcd vhci_hcd.0: pdev(6) rhport(7) sockfd(17) [ 135.943295][T11344] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus) [ 135.951615][T11344] vhci_hcd vhci_hcd.0: Device attached [ 135.962171][T11354] vhci_hcd: connection closed [ 135.962208][T11358] vhci_hcd: connection closed [ 135.962329][T11356] vhci_hcd: connection closed [ 135.967049][ T4199] vhci_hcd: stop threads [ 135.973509][T11373] vhci_hcd: connection closed [ 135.976349][ T4199] vhci_hcd: release socket [ 135.976364][ T4199] vhci_hcd: disconnect device [ 135.981570][T11367] vhci_hcd: connection closed [ 135.990137][T11362] vhci_hcd: connection closed [ 135.999563][T11345] vhci_hcd: connection reset by peer [ 136.012106][ T4199] vhci_hcd: stop threads [ 136.016383][ T4199] vhci_hcd: release socket [ 136.021057][ T4199] vhci_hcd: disconnect device [ 136.053144][ T4199] vhci_hcd: stop threads [ 136.057439][ T4199] vhci_hcd: release socket [ 136.061975][ T4199] vhci_hcd: disconnect device [ 136.077485][ T4199] vhci_hcd: stop threads [ 136.081801][ T4199] vhci_hcd: release socket [ 136.086235][ T4199] vhci_hcd: disconnect device [ 136.100322][ T4199] vhci_hcd: stop threads [ 136.104725][ T4199] vhci_hcd: release socket [ 136.109225][ T4199] vhci_hcd: disconnect device [ 136.124496][ T4199] vhci_hcd: stop threads [ 136.128819][ T4199] vhci_hcd: release socket [ 136.133247][ T4199] vhci_hcd: disconnect device [ 136.146676][ T4199] vhci_hcd: stop threads [ 136.151015][ T4199] vhci_hcd: release socket [ 136.155448][ T4199] vhci_hcd: disconnect device [ 136.406364][ T29] kauditd_printk_skb: 66 callbacks suppressed [ 136.406381][ T29] audit: type=1326 audit(1746354518.777:2899): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11399 comm="syz.0.3031" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f34852ae969 code=0x7ffc0000 [ 136.438575][ T29] audit: type=1326 audit(1746354518.777:2900): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11399 comm="syz.0.3031" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f34852ae969 code=0x7ffc0000 [ 136.462184][ T29] audit: type=1326 audit(1746354518.777:2901): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11399 comm="syz.0.3031" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f34852ae969 code=0x7ffc0000 [ 136.485916][ T29] audit: type=1326 audit(1746354518.777:2902): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11399 comm="syz.0.3031" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f34852ae969 code=0x7ffc0000 [ 136.509508][ T29] audit: type=1326 audit(1746354518.777:2903): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11399 comm="syz.0.3031" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f34852ae969 code=0x7ffc0000 [ 136.533023][ T29] audit: type=1326 audit(1746354518.777:2904): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11399 comm="syz.0.3031" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f34852ae969 code=0x7ffc0000 [ 136.556604][ T29] audit: type=1326 audit(1746354518.777:2905): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11399 comm="syz.0.3031" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f34852ae969 code=0x7ffc0000 [ 136.580147][ T29] audit: type=1326 audit(1746354518.777:2906): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11399 comm="syz.0.3031" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f34852ae969 code=0x7ffc0000 [ 136.604196][ T29] audit: type=1326 audit(1746354518.817:2907): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11399 comm="syz.0.3031" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f34852ae969 code=0x7ffc0000 [ 136.627876][ T29] audit: type=1326 audit(1746354518.817:2908): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11399 comm="syz.0.3031" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f34852ae969 code=0x7ffc0000 [ 136.703183][T11415] loop6: detected capacity change from 0 to 128 [ 136.793299][T11419] bio_check_eod: 6 callbacks suppressed [ 136.793317][T11419] syz.6.3037: attempt to access beyond end of device [ 136.793317][T11419] loop6: rw=2049, sector=153, nr_sectors = 8 limit=128 [ 136.852160][T11419] syz.6.3037: attempt to access beyond end of device [ 136.852160][T11419] loop6: rw=2049, sector=169, nr_sectors = 8 limit=128 [ 136.876140][T11419] syz.6.3037: attempt to access beyond end of device [ 136.876140][T11419] loop6: rw=2049, sector=185, nr_sectors = 8 limit=128 [ 136.927978][T11419] syz.6.3037: attempt to access beyond end of device [ 136.927978][T11419] loop6: rw=2049, sector=201, nr_sectors = 8 limit=128 [ 136.963117][T11419] syz.6.3037: attempt to access beyond end of device [ 136.963117][T11419] loop6: rw=2049, sector=217, nr_sectors = 8 limit=128 [ 137.008820][T11430] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(3) [ 137.015376][T11430] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 137.022892][T11430] vhci_hcd vhci_hcd.0: Device attached [ 137.026395][T11419] syz.6.3037: attempt to access beyond end of device [ 137.026395][T11419] loop6: rw=2049, sector=233, nr_sectors = 8 limit=128 [ 137.032517][T11430] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 137.095389][T11419] syz.6.3037: attempt to access beyond end of device [ 137.095389][T11419] loop6: rw=2049, sector=249, nr_sectors = 8 limit=128 [ 137.109696][T11430] vhci_hcd vhci_hcd.0: pdev(5) rhport(2) sockfd(7) [ 137.116253][T11430] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 137.123864][T11430] vhci_hcd vhci_hcd.0: Device attached [ 137.131845][T11419] syz.6.3037: attempt to access beyond end of device [ 137.131845][T11419] loop6: rw=2049, sector=265, nr_sectors = 8 limit=128 [ 137.167031][T11419] syz.6.3037: attempt to access beyond end of device [ 137.167031][T11419] loop6: rw=2049, sector=281, nr_sectors = 8 limit=128 [ 137.180725][T11430] vhci_hcd vhci_hcd.0: pdev(5) rhport(3) sockfd(9) [ 137.187259][T11430] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 137.194905][T11430] vhci_hcd vhci_hcd.0: Device attached [ 137.201306][T11419] syz.6.3037: attempt to access beyond end of device [ 137.201306][T11419] loop6: rw=2049, sector=297, nr_sectors = 8 limit=128 [ 137.234778][ T10] vhci_hcd: vhci_device speed not set [ 137.246081][T11449] vhci_hcd vhci_hcd.0: pdev(5) rhport(4) sockfd(11) [ 137.252745][T11449] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 137.260435][T11449] vhci_hcd vhci_hcd.0: Device attached [ 137.266418][T11430] vhci_hcd vhci_hcd.0: pdev(5) rhport(5) sockfd(14) [ 137.273122][T11430] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 137.280799][T11430] vhci_hcd vhci_hcd.0: Device attached [ 137.308273][ T10] usb 11-1: new full-speed USB device number 2 using vhci_hcd [ 137.324392][T11459] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 137.333121][T11459] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 137.342303][T11449] vhci_hcd vhci_hcd.0: pdev(5) rhport(6) sockfd(13) [ 137.348921][T11449] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 137.356378][T11449] vhci_hcd vhci_hcd.0: Device attached [ 137.384222][T11430] vhci_hcd vhci_hcd.0: pdev(5) rhport(7) sockfd(16) [ 137.390898][T11430] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus) [ 137.399117][T11430] vhci_hcd vhci_hcd.0: Device attached [ 137.407551][T11441] vhci_hcd: connection closed [ 137.407833][T11431] vhci_hcd: connection reset by peer [ 137.412209][T11460] vhci_hcd: connection closed [ 137.417959][T11450] vhci_hcd: connection closed [ 137.422755][T11448] SELinux: failed to load policy [ 137.422763][T11456] vhci_hcd: connection closed [ 137.422886][T11443] vhci_hcd: connection closed [ 137.432575][T11462] vhci_hcd: connection closed [ 137.437410][ T4199] vhci_hcd: stop threads [ 137.450861][ T4199] vhci_hcd: release socket [ 137.455313][ T4199] vhci_hcd: disconnect device [ 137.460621][ T4199] vhci_hcd: stop threads [ 137.464898][ T4199] vhci_hcd: release socket [ 137.469406][ T4199] vhci_hcd: disconnect device [ 137.475314][ T4199] vhci_hcd: stop threads [ 137.479611][ T4199] vhci_hcd: release socket [ 137.484055][ T4199] vhci_hcd: disconnect device [ 137.491984][ T4199] vhci_hcd: stop threads [ 137.496264][ T4199] vhci_hcd: release socket [ 137.500734][ T4199] vhci_hcd: disconnect device [ 137.505739][ T4199] vhci_hcd: stop threads [ 137.510045][ T4199] vhci_hcd: release socket [ 137.514492][ T4199] vhci_hcd: disconnect device [ 137.523091][ T4199] vhci_hcd: stop threads [ 137.527364][ T4199] vhci_hcd: release socket [ 137.531926][ T4199] vhci_hcd: disconnect device [ 137.616421][ T4199] vhci_hcd: stop threads [ 137.620898][ T4199] vhci_hcd: release socket [ 137.625330][ T4199] vhci_hcd: disconnect device [ 138.086080][T11488] loop4: detected capacity change from 0 to 128 [ 138.135522][T11459] net_ratelimit: 28 callbacks suppressed [ 138.135539][T11459] Set syz1 is full, maxelem 65536 reached [ 138.194010][T11492] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=11492 comm=syz.0.3066 [ 138.271789][T11501] netlink: 'syz.6.3070': attribute type 21 has an invalid length. [ 138.872781][T11517] sg_write: data in/out 512/1 bytes for SCSI command 0xb7-- guessing data in; [ 138.872781][T11517] program syz.0.3076 not setting count and/or reply_len properly [ 139.116982][ T3373] Process accounting resumed [ 139.194622][T11559] loop0: detected capacity change from 0 to 128 [ 139.257784][T11561] support for cryptoloop has been removed. Use dm-crypt instead. [ 139.545213][ T4186] buffer_io_error: 6 callbacks suppressed [ 139.545230][ T4186] Buffer I/O error on dev loop0, logical block 512, lost async page write [ 139.599994][T11586] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3105'. [ 139.930832][T11602] bridge0: port 2(bridge_slave_1) entered disabled state [ 139.938097][T11602] bridge0: port 1(bridge_slave_0) entered disabled state [ 139.976263][T11602] bridge0: entered allmulticast mode [ 140.028289][T11608] bridge0: port 2(bridge_slave_1) entered blocking state [ 140.035399][T11608] bridge0: port 2(bridge_slave_1) entered forwarding state [ 140.042797][T11608] bridge0: port 1(bridge_slave_0) entered blocking state [ 140.049938][T11608] bridge0: port 1(bridge_slave_0) entered forwarding state [ 140.081208][T11608] bridge0: entered promiscuous mode [ 140.447900][T11626] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3123'. [ 140.473295][T11626] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3123'. [ 140.525283][T11629] netlink: 'syz.4.3124': attribute type 4 has an invalid length. [ 140.548962][T11632] loop6: detected capacity change from 0 to 512 [ 140.578137][T11632] EXT4-fs: Ignoring removed nobh option [ 140.604208][T11635] loop4: detected capacity change from 0 to 512 [ 140.622905][T11632] EXT4-fs error (device loop6): ext4_do_update_inode:5211: inode #16: comm syz.6.3126: corrupted inode contents [ 140.639855][T11635] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended [ 140.648939][T11635] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem [ 140.658620][T11632] EXT4-fs error (device loop6): ext4_dirty_inode:6103: inode #16: comm syz.6.3126: mark_inode_dirty error [ 140.670697][T11632] EXT4-fs error (device loop6): ext4_do_update_inode:5211: inode #16: comm syz.6.3126: corrupted inode contents [ 140.682936][T11632] EXT4-fs error (device loop6): __ext4_ext_dirty:207: inode #16: comm syz.6.3126: mark_inode_dirty error [ 140.697052][T11632] EXT4-fs error (device loop6): ext4_do_update_inode:5211: inode #16: comm syz.6.3126: corrupted inode contents [ 140.772839][T11635] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended [ 140.794654][T11632] EXT4-fs error (device loop6) in ext4_orphan_del:305: Corrupt filesystem [ 140.840051][T11632] EXT4-fs error (device loop6): ext4_do_update_inode:5211: inode #16: comm syz.6.3126: corrupted inode contents [ 140.868965][T11635] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006] [ 140.898415][ T3539] usb 13-1: enqueue for inactive port 0 [ 140.904055][ T3539] usb 13-1: enqueue for inactive port 0 [ 140.907425][T11632] EXT4-fs error (device loop6): ext4_truncate:4255: inode #16: comm syz.6.3126: mark_inode_dirty error [ 140.931919][T11635] System zones: 0-2, 18-18, 34-35 [ 140.937724][T11635] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 140.969475][T11632] EXT4-fs error (device loop6) in ext4_process_orphan:347: Corrupt filesystem [ 140.978557][ T3539] vhci_hcd: vhci_device speed not set [ 141.014207][T11632] EXT4-fs (loop6): 1 truncate cleaned up [ 141.028077][ T4155] EXT4-fs error (device loop6): ext4_release_dquot:6971: comm kworker/u8:11: Failed to release dquot type 1 [ 141.042234][T11632] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 141.074905][ T3307] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 141.085183][T11632] ext4 filesystem being mounted at /24/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 141.207539][T11046] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 141.232988][T11657] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3136'. [ 141.383373][T11666] tipc: Started in network mode [ 141.388324][T11666] tipc: Node identity ac14140f, cluster identity 4711 [ 141.411840][T11666] tipc: New replicast peer: 255.255.255.255 [ 141.418051][T11666] tipc: Enabled bearer , priority 10 [ 141.453193][T11668] SELinux: failed to load policy [ 141.470103][T11676] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3144'. [ 141.565688][T11681] loop7: detected capacity change from 0 to 1024 [ 141.583752][T11681] EXT4-fs (loop7): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 141.594848][T11681] EXT4-fs (loop7): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 141.628581][T11681] JBD2: no valid journal superblock found [ 141.634373][T11681] EXT4-fs (loop7): Could not load journal inode [ 141.654172][T11692] netlink: 'syz.6.3150': attribute type 1 has an invalid length. [ 141.678028][T11692] 8021q: adding VLAN 0 to HW filter on device bond1 [ 141.757476][ T29] kauditd_printk_skb: 88 callbacks suppressed [ 141.757510][ T29] audit: type=1400 audit(1746616924.123:2996): avc: denied { lock } for pid=11695 comm="syz.7.3153" path="socket:[34438]" dev="sockfs" ino=34438 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_stream_socket permissive=1 [ 142.012923][T11721] loop6: detected capacity change from 0 to 512 [ 142.040435][T11723] loop5: detected capacity change from 0 to 512 [ 142.050973][T11721] EXT4-fs (loop6): feature flags set on rev 0 fs, running e2fsck is recommended [ 142.060126][T11721] EXT4-fs (loop6): mounting ext2 file system using the ext4 subsystem [ 142.061211][T11723] EXT4-fs: Ignoring removed nobh option [ 142.099315][T11721] EXT4-fs (loop6): warning: mounting unchecked fs, running e2fsck is recommended [ 142.118526][T11721] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006] [ 142.120583][T11723] EXT4-fs error (device loop5): ext4_do_update_inode:5211: inode #16: comm syz.5.3164: corrupted inode contents [ 142.127750][T11721] System zones: 0-2, 18-18, 34-35 [ 142.149433][T11730] loop0: detected capacity change from 0 to 512 [ 142.150277][T11721] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 142.180283][T11723] EXT4-fs error (device loop5): ext4_dirty_inode:6103: inode #16: comm syz.5.3164: mark_inode_dirty error [ 142.198472][T11723] EXT4-fs error (device loop5): ext4_do_update_inode:5211: inode #16: comm syz.5.3164: corrupted inode contents [ 142.211856][T11723] EXT4-fs error (device loop5): __ext4_ext_dirty:207: inode #16: comm syz.5.3164: mark_inode_dirty error [ 142.223500][T11723] EXT4-fs error (device loop5): ext4_do_update_inode:5211: inode #16: comm syz.5.3164: corrupted inode contents [ 142.235757][T11723] EXT4-fs error (device loop5) in ext4_orphan_del:305: Corrupt filesystem [ 142.236080][T11046] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 142.244786][T11730] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 142.266313][T11730] ext4 filesystem being mounted at /711/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 142.276769][T11723] EXT4-fs error (device loop5): ext4_do_update_inode:5211: inode #16: comm syz.5.3164: corrupted inode contents [ 142.288914][T11723] EXT4-fs error (device loop5): ext4_truncate:4255: inode #16: comm syz.5.3164: mark_inode_dirty error [ 142.300500][T11723] EXT4-fs error (device loop5) in ext4_process_orphan:347: Corrupt filesystem [ 142.315606][T11730] EXT4-fs error (device loop0): ext4_do_update_inode:5211: inode #18: comm +}[@: corrupted inode contents [ 142.332659][T11723] EXT4-fs (loop5): 1 truncate cleaned up [ 142.340449][T11730] EXT4-fs (loop0): Remounting filesystem read-only [ 142.347031][T11730] EXT4-fs warning (device loop0): ext4_evict_inode:279: xattr delete (err -30) [ 142.356279][ T10] usb 11-1: enqueue for inactive port 0 [ 142.362354][T11723] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 142.375049][ T10] usb 11-1: enqueue for inactive port 0 [ 142.380917][ T4155] Quota error (device loop5): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 142.381166][T11733] pim6reg: entered allmulticast mode [ 142.390714][ T4155] EXT4-fs error (device loop5): ext4_release_dquot:6971: comm kworker/u8:11: Failed to release dquot type 1 [ 142.402204][T11733] pim6reg: left allmulticast mode [ 142.407827][T11723] ext4 filesystem being mounted at /63/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 142.434413][ T3309] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 142.478019][ T10] vhci_hcd: vhci_device speed not set [ 142.537888][ T3373] tipc: Node number set to 2886997007 [ 142.544895][T10974] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 142.599725][ T29] audit: type=1326 audit(1746616924.973:2997): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11746 comm="syz.7.3175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0f518ae969 code=0x7ffc0000 [ 142.623278][ T29] audit: type=1326 audit(1746616924.973:2998): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11746 comm="syz.7.3175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0f518ae969 code=0x7ffc0000 [ 142.652478][ T29] audit: type=1326 audit(1746616925.023:2999): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11746 comm="syz.7.3175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f0f518ae969 code=0x7ffc0000 [ 142.675879][ T29] audit: type=1326 audit(1746616925.023:3000): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11746 comm="syz.7.3175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0f518ae969 code=0x7ffc0000 [ 142.699523][ T29] audit: type=1326 audit(1746616925.023:3001): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11746 comm="syz.7.3175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0f518ae969 code=0x7ffc0000 [ 142.723038][ T29] audit: type=1326 audit(1746616925.023:3002): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11746 comm="syz.7.3175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=216 compat=0 ip=0x7f0f518ae969 code=0x7ffc0000 [ 142.746543][ T29] audit: type=1326 audit(1746616925.023:3003): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11746 comm="syz.7.3175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0f518ae969 code=0x7ffc0000 [ 142.770114][ T29] audit: type=1326 audit(1746616925.023:3004): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11746 comm="syz.7.3175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0f518ae969 code=0x7ffc0000 [ 142.883953][T11770] No such timeout policy "syz1" [ 142.916635][T11777] loop4: detected capacity change from 0 to 512 [ 142.933446][T11777] EXT4-fs: Ignoring removed nobh option [ 142.951398][T11783] loop5: detected capacity change from 0 to 512 [ 142.959939][T11783] EXT4-fs: Ignoring removed nobh option [ 142.971672][T11777] EXT4-fs error (device loop4): ext4_do_update_inode:5211: inode #16: comm syz.4.3185: corrupted inode contents [ 143.006791][T11783] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 143.036254][T11777] EXT4-fs error (device loop4): ext4_dirty_inode:6103: inode #16: comm syz.4.3185: mark_inode_dirty error [ 143.083793][T11777] EXT4-fs error (device loop4): ext4_do_update_inode:5211: inode #16: comm syz.4.3185: corrupted inode contents [ 143.104856][T11777] EXT4-fs error (device loop4): __ext4_ext_dirty:207: inode #16: comm syz.4.3185: mark_inode_dirty error [ 143.117653][T11777] EXT4-fs error (device loop4): ext4_do_update_inode:5211: inode #16: comm syz.4.3185: corrupted inode contents [ 143.132329][T11777] EXT4-fs error (device loop4) in ext4_orphan_del:305: Corrupt filesystem [ 143.168233][T10974] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 143.179606][T11777] EXT4-fs error (device loop4): ext4_do_update_inode:5211: inode #16: comm syz.4.3185: corrupted inode contents [ 143.200626][T11777] EXT4-fs error (device loop4): ext4_truncate:4255: inode #16: comm syz.4.3185: mark_inode_dirty error [ 143.223833][T11777] EXT4-fs error (device loop4) in ext4_process_orphan:347: Corrupt filesystem [ 143.229080][T11818] netlink: 52 bytes leftover after parsing attributes in process `syz.6.3194'. [ 143.242117][T11818] unsupported nlmsg_type 40 [ 143.248825][T11777] EXT4-fs (loop4): 1 truncate cleaned up [ 143.254905][T11777] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 143.270608][ T4175] EXT4-fs error (device loop4): ext4_release_dquot:6971: comm kworker/u8:27: Failed to release dquot type 1 [ 143.276015][T11777] ext4 filesystem being mounted at /675/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 143.301477][T11823] loop6: detected capacity change from 0 to 1024 [ 143.308572][T11823] EXT4-fs: Ignoring removed nobh option [ 143.320016][T11823] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 143.360684][ T3307] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 143.371507][T11829] wireguard0: entered promiscuous mode [ 143.377036][T11829] wireguard0: entered allmulticast mode [ 143.424033][T11836] loop0: detected capacity change from 0 to 1024 [ 143.433417][T11046] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 143.451548][T11836] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 143.528047][ T3309] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 143.949192][T11863] netlink: 'syz.5.3221': attribute type 178 has an invalid length. [ 143.960384][T11864] loop7: detected capacity change from 0 to 512 [ 143.966936][T11864] EXT4-fs: Ignoring removed nobh option [ 144.002698][T11864] EXT4-fs error (device loop7): ext4_do_update_inode:5211: inode #16: comm syz.7.3211: corrupted inode contents [ 144.015702][T11864] EXT4-fs error (device loop7): ext4_dirty_inode:6103: inode #16: comm syz.7.3211: mark_inode_dirty error [ 144.028726][T11864] EXT4-fs error (device loop7): ext4_do_update_inode:5211: inode #16: comm syz.7.3211: corrupted inode contents [ 144.042117][T11864] EXT4-fs error (device loop7): __ext4_ext_dirty:207: inode #16: comm syz.7.3211: mark_inode_dirty error [ 144.054114][T11864] EXT4-fs error (device loop7): ext4_do_update_inode:5211: inode #16: comm syz.7.3211: corrupted inode contents [ 144.067278][T11864] EXT4-fs error (device loop7) in ext4_orphan_del:305: Corrupt filesystem [ 144.078847][T11864] EXT4-fs error (device loop7): ext4_do_update_inode:5211: inode #16: comm syz.7.3211: corrupted inode contents [ 144.090968][T11864] EXT4-fs error (device loop7): ext4_truncate:4255: inode #16: comm syz.7.3211: mark_inode_dirty error [ 144.103255][T11864] EXT4-fs error (device loop7) in ext4_process_orphan:347: Corrupt filesystem [ 144.112667][T11864] EXT4-fs (loop7): 1 truncate cleaned up [ 144.120013][T11864] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 144.132886][ T4175] EXT4-fs error (device loop7): ext4_release_dquot:6971: comm kworker/u8:27: Failed to release dquot type 1 [ 144.147155][T11864] ext4 filesystem being mounted at /29/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 144.217847][T11230] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 144.469664][T11903] loop6: detected capacity change from 0 to 512 [ 144.478896][T11903] EXT4-fs: Ignoring removed nomblk_io_submit option [ 144.489767][T11903] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode [ 144.551757][T11903] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters [ 144.594591][T11903] EXT4-fs (loop6): 1 truncate cleaned up [ 144.609245][T11903] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 144.702224][T11046] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 144.893802][T11915] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3233'. [ 144.995633][T11919] SELinux: failed to load policy [ 145.001315][T11923] serio: Serial port ptm0 [ 145.024470][T11925] loop0: detected capacity change from 0 to 512 [ 145.033295][T11925] EXT4-fs: Ignoring removed nobh option [ 145.043268][T11927] loop4: detected capacity change from 0 to 164 [ 145.051489][T11927] bio_check_eod: 327 callbacks suppressed [ 145.051496][T11927] syz.4.3239: attempt to access beyond end of device [ 145.051496][T11927] loop4: rw=524288, sector=263328, nr_sectors = 4 limit=164 [ 145.083122][T11927] syz.4.3239: attempt to access beyond end of device [ 145.083122][T11927] loop4: rw=0, sector=263328, nr_sectors = 4 limit=164 [ 145.100376][T11925] EXT4-fs error (device loop0): ext4_do_update_inode:5211: inode #16: comm syz.0.3231: corrupted inode contents [ 145.127547][T11925] EXT4-fs error (device loop0): ext4_dirty_inode:6103: inode #16: comm syz.0.3231: mark_inode_dirty error [ 145.140343][T11925] EXT4-fs error (device loop0): ext4_do_update_inode:5211: inode #16: comm syz.0.3231: corrupted inode contents [ 145.152668][T11925] EXT4-fs error (device loop0): __ext4_ext_dirty:207: inode #16: comm syz.0.3231: mark_inode_dirty error [ 145.165418][T11925] EXT4-fs error (device loop0): ext4_do_update_inode:5211: inode #16: comm syz.0.3231: corrupted inode contents [ 145.169652][ T9677] usb usb12-port8: attempt power cycle [ 145.177557][T11925] EXT4-fs error (device loop0) in ext4_orphan_del:305: Corrupt filesystem [ 145.191741][T11925] EXT4-fs error (device loop0): ext4_do_update_inode:5211: inode #16: comm syz.0.3231: corrupted inode contents [ 145.204159][T11925] EXT4-fs error (device loop0): ext4_truncate:4255: inode #16: comm syz.0.3231: mark_inode_dirty error [ 145.218205][T11925] EXT4-fs error (device loop0) in ext4_process_orphan:347: Corrupt filesystem [ 145.228095][T11925] EXT4-fs (loop0): 1 truncate cleaned up [ 145.234410][T11925] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 145.247528][T11925] ext4 filesystem being mounted at /726/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 145.258314][ T4175] EXT4-fs error (device loop0): ext4_release_dquot:6971: comm kworker/u8:27: Failed to release dquot type 1 [ 145.326493][ T3309] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 145.377146][T11948] loop0: detected capacity change from 0 to 1024 [ 145.384326][T11948] EXT4-fs: Ignoring removed oldalloc option [ 145.390356][T11948] EXT4-fs: Ignoring removed orlov option [ 145.396031][T11948] EXT4-fs: Ignoring removed oldalloc option [ 145.402066][T11948] EXT4-fs: Ignoring removed nomblk_io_submit option [ 145.414435][T11948] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 145.464155][ T3309] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 145.475522][T11961] netem: change failed [ 145.506104][T11965] block device autoloading is deprecated and will be removed. [ 145.520820][T11967] loop4: detected capacity change from 0 to 2048 [ 145.533737][T11967] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 145.545895][T11967] ext4 filesystem being mounted at /693/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 145.571042][T11971] wireguard0: entered promiscuous mode [ 145.576767][T11971] wireguard0: entered allmulticast mode [ 145.583275][ T3307] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 145.642750][T11976] SELinux: ebitmap: truncated map [ 145.659073][T11976] SELinux: failed to load policy [ 145.969636][T12013] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in; [ 145.969636][T12013] program syz.0.3275 not setting count and/or reply_len properly [ 146.007684][T12016] netlink: 96 bytes leftover after parsing attributes in process `syz.0.3276'. [ 146.196912][T12020] af_packet: tpacket_rcv: packet too big, clamped from 42 to 4294967286. macoff=82 [ 146.328276][T12031] loop5: detected capacity change from 0 to 1024 [ 146.335304][T12031] EXT4-fs: Ignoring removed nobh option [ 146.355016][T12035] loop7: detected capacity change from 0 to 512 [ 146.366227][T12031] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 146.376939][T12035] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=802c198, mo2=0002] [ 146.386830][T12035] EXT4-fs error (device loop7): ext4_iget_extra_inode:4693: inode #15: comm syz.7.3285: corrupted in-inode xattr: invalid ea_ino [ 146.400462][T12035] EXT4-fs error (device loop7): ext4_orphan_get:1396: comm syz.7.3285: couldn't read orphan inode 15 (err -117) [ 146.413753][T12035] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 146.428491][T10974] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 146.453305][T11230] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 146.838172][T12071] netlink: 64 bytes leftover after parsing attributes in process `syz.4.3300'. [ 146.857870][T12073] ref_ctr_offset mismatch. inode: 0x155 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x6 [ 146.920202][T12077] bridge0: port 1(vlan2) entered blocking state [ 146.926514][T12077] bridge0: port 1(vlan2) entered disabled state [ 146.943916][T12077] vlan2: entered allmulticast mode [ 146.949115][T12077] bridge0: entered allmulticast mode [ 146.966815][T12077] vlan2: left allmulticast mode [ 146.971841][T12077] bridge0: left allmulticast mode [ 147.020046][T12084] netlink: 100 bytes leftover after parsing attributes in process `syz.7.3306'. [ 147.252480][ T9677] usb usb12-port8: unable to enumerate USB device [ 147.365581][T12091] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 147.374239][T12091] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 147.600652][ T29] kauditd_printk_skb: 54 callbacks suppressed [ 147.600669][ T29] audit: type=1400 audit(1746616929.713:3056): avc: denied { ioctl } for pid=12099 comm="syz.0.3320" path="socket:[35132]" dev="sockfs" ino=35132 ioctlcmd=0x8912 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 147.671269][T12104] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in; [ 147.671269][T12104] program syz.7.3312 not setting count and/or reply_len properly [ 147.730881][ T29] audit: type=1326 audit(1746616929.833:3057): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12110 comm="syz.0.3315" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f34852ae969 code=0x7ffc0000 [ 147.782449][T12113] loop0: detected capacity change from 0 to 164 [ 147.843702][ T29] audit: type=1326 audit(1746616929.833:3058): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12110 comm="syz.0.3315" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f34852ae969 code=0x7ffc0000 [ 147.867307][ T29] audit: type=1326 audit(1746616929.833:3059): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12110 comm="syz.0.3315" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f34852ae969 code=0x7ffc0000 [ 147.890839][ T29] audit: type=1326 audit(1746616929.833:3060): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12110 comm="syz.0.3315" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f34852ae969 code=0x7ffc0000 [ 147.914405][ T29] audit: type=1326 audit(1746616929.833:3061): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12110 comm="syz.0.3315" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f34852ae969 code=0x7ffc0000 [ 147.938005][ T29] audit: type=1326 audit(1746616929.833:3062): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12110 comm="syz.0.3315" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f34852ae969 code=0x7ffc0000 [ 147.961505][ T29] audit: type=1326 audit(1746616929.833:3063): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12110 comm="syz.0.3315" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f34852ae969 code=0x7ffc0000 [ 147.985039][ T29] audit: type=1326 audit(1746616929.833:3064): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12110 comm="syz.0.3315" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f34852ae969 code=0x7ffc0000 [ 148.008861][ T29] audit: type=1326 audit(1746616929.833:3065): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12110 comm="syz.0.3315" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f34852ae969 code=0x7ffc0000 [ 148.346467][T12142] SELinux: failed to load policy [ 148.564624][T12152] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=12152 comm=syz.0.3334 [ 148.652832][T12158] loop7: detected capacity change from 0 to 128 [ 148.673383][T12158] syz.7.3337: attempt to access beyond end of device [ 148.673383][T12158] loop7: rw=0, sector=2065, nr_sectors = 1 limit=128 [ 148.686681][T12158] Buffer I/O error on dev loop7, logical block 2065, async page read [ 148.704696][T12158] syz.7.3337: attempt to access beyond end of device [ 148.704696][T12158] loop7: rw=0, sector=2066, nr_sectors = 1 limit=128 [ 148.718100][T12158] Buffer I/O error on dev loop7, logical block 2066, async page read [ 148.748278][T12158] syz.7.3337: attempt to access beyond end of device [ 148.748278][T12158] loop7: rw=0, sector=2067, nr_sectors = 1 limit=128 [ 148.761547][T12158] Buffer I/O error on dev loop7, logical block 2067, async page read [ 148.775172][T12158] syz.7.3337: attempt to access beyond end of device [ 148.775172][T12158] loop7: rw=0, sector=2068, nr_sectors = 1 limit=128 [ 148.788626][T12158] Buffer I/O error on dev loop7, logical block 2068, async page read [ 148.797106][T12158] syz.7.3337: attempt to access beyond end of device [ 148.797106][T12158] loop7: rw=0, sector=2069, nr_sectors = 1 limit=128 [ 148.810431][T12158] Buffer I/O error on dev loop7, logical block 2069, async page read [ 148.821646][T12158] syz.7.3337: attempt to access beyond end of device [ 148.821646][T12158] loop7: rw=0, sector=2070, nr_sectors = 1 limit=128 [ 148.834952][T12158] Buffer I/O error on dev loop7, logical block 2070, async page read [ 148.844288][T12158] syz.7.3337: attempt to access beyond end of device [ 148.844288][T12158] loop7: rw=0, sector=2071, nr_sectors = 1 limit=128 [ 148.857641][T12158] Buffer I/O error on dev loop7, logical block 2071, async page read [ 148.871338][T12158] syz.7.3337: attempt to access beyond end of device [ 148.871338][T12158] loop7: rw=0, sector=2072, nr_sectors = 1 limit=128 [ 148.884623][T12158] Buffer I/O error on dev loop7, logical block 2072, async page read [ 148.895140][T12155] Buffer I/O error on dev loop7, logical block 2065, async page read [ 148.903673][T12155] Buffer I/O error on dev loop7, logical block 2066, async page read [ 148.927366][T12170] -1: renamed from syzkaller0 [ 149.037155][T12186] syzkaller1: entered promiscuous mode [ 149.042703][T12186] syzkaller1: entered allmulticast mode [ 149.142709][T12203] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3358'. [ 149.154353][T12203] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3358'. [ 149.165777][T12203] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3358'. [ 149.175922][T12203] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3358'. [ 149.248103][T12222] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 149.258290][T12222] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 149.281471][T12224] ip6gretap0: entered promiscuous mode [ 149.287175][T12224] ip6gretap0: entered allmulticast mode [ 149.364277][T12233] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3369'. [ 149.459115][T12237] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3374'. [ 149.514971][T12250] loop4: detected capacity change from 0 to 128 [ 149.930678][T12266] loop5: detected capacity change from 0 to 2048 [ 149.943640][T12266] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 150.053027][T12266] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.3385: bg 0: block 234: padding at end of block bitmap is not set [ 150.105329][T12266] EXT4-fs (loop5): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 806 with error 117 [ 150.117861][T12266] EXT4-fs (loop5): This should not happen!! Data will be lost [ 150.117861][T12266] [ 150.332361][T10974] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 150.371910][T12279] __nla_validate_parse: 1 callbacks suppressed [ 150.371925][T12279] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3390'. [ 150.739324][T12313] loop4: detected capacity change from 0 to 512 [ 150.749218][T12313] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended [ 150.758409][T12313] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem [ 150.799776][T12313] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended [ 150.809615][T12313] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006] [ 150.823157][T12313] System zones: 0-2, 18-18, 34-35 [ 150.835507][T12313] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 150.908937][ T3307] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 151.138492][T12336] loop7: detected capacity change from 0 to 2048 [ 151.153891][T12336] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 151.233383][T12336] EXT4-fs error (device loop7): ext4_validate_block_bitmap:441: comm syz.7.3416: bg 0: block 234: padding at end of block bitmap is not set [ 151.248282][T12336] EXT4-fs (loop7): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1822 with error 117 [ 151.260917][T12336] EXT4-fs (loop7): This should not happen!! Data will be lost [ 151.260917][T12336] [ 151.417155][T11230] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 152.266723][T12386] xt_TPROXY: Can be used only with -p tcp or -p udp [ 152.313016][T12370] ================================================================== [ 152.321139][T12370] BUG: KCSAN: data-race in __filemap_remove_folio / folio_mapping [ 152.328969][T12370] [ 152.331303][T12370] write to 0xffffea0005533358 of 8 bytes by task 12361 on cpu 1: [ 152.339030][T12370] __filemap_remove_folio+0x1a5/0x2a0 [ 152.344419][T12370] filemap_remove_folio+0x6d/0x1d0 [ 152.349544][T12370] truncate_inode_folio+0x42/0x50 [ 152.354588][T12370] shmem_undo_range+0x244/0xa80 [ 152.359459][T12370] shmem_fallocate+0x799/0x840 [ 152.364253][T12370] vfs_fallocate+0x410/0x450 [ 152.368866][T12370] __x64_sys_fallocate+0x7a/0xd0 [ 152.373833][T12370] x64_sys_call+0x2b88/0x2fb0 [ 152.378519][T12370] do_syscall_64+0xd0/0x1a0 [ 152.383027][T12370] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 152.388924][T12370] [ 152.391255][T12370] read to 0xffffea0005533358 of 8 bytes by task 12370 on cpu 0: [ 152.398887][T12370] folio_mapping+0xa1/0x120 [ 152.403399][T12370] evict_folios+0x2986/0x33d0 [ 152.408080][T12370] try_to_shrink_lruvec+0x45a/0x7e0 [ 152.413288][T12370] shrink_lruvec+0x22e/0x1a40 [ 152.417975][T12370] shrink_node+0x686/0x2110 [ 152.422481][T12370] do_try_to_free_pages+0x3f6/0xcd0 [ 152.427690][T12370] try_to_free_mem_cgroup_pages+0x1ab/0x410 [ 152.433593][T12370] try_charge_memcg+0x3ab/0x870 [ 152.438449][T12370] obj_cgroup_charge_pages+0xb7/0x1a0 [ 152.443833][T12370] __memcg_kmem_charge_page+0x9f/0x170 [ 152.449470][T12370] __alloc_frozen_pages_noprof+0x188/0x360 [ 152.455287][T12370] alloc_pages_mpol+0xb3/0x250 [ 152.460054][T12370] alloc_pages_noprof+0x90/0x130 [ 152.464998][T12370] __vmalloc_node_range_noprof+0x6a4/0xdf0 [ 152.470809][T12370] __kvmalloc_node_noprof+0x2f3/0x4d0 [ 152.476189][T12370] ip_set_alloc+0x1f/0x30 [ 152.480537][T12370] hash_netiface_create+0x282/0x740 [ 152.485745][T12370] ip_set_create+0x3c9/0x960 [ 152.490346][T12370] nfnetlink_rcv_msg+0x4c3/0x590 [ 152.495287][T12370] netlink_rcv_skb+0x120/0x220 [ 152.500058][T12370] nfnetlink_rcv+0x16b/0x1690 [ 152.504741][T12370] netlink_unicast+0x59e/0x670 [ 152.509514][T12370] netlink_sendmsg+0x58b/0x6b0 [ 152.514288][T12370] __sock_sendmsg+0x142/0x180 [ 152.518977][T12370] ____sys_sendmsg+0x31e/0x4e0 [ 152.523745][T12370] ___sys_sendmsg+0x17b/0x1d0 [ 152.528426][T12370] __x64_sys_sendmsg+0xd4/0x160 [ 152.533279][T12370] x64_sys_call+0x2999/0x2fb0 [ 152.537958][T12370] do_syscall_64+0xd0/0x1a0 [ 152.542471][T12370] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 152.548375][T12370] [ 152.550704][T12370] value changed: 0xffff8881189dcaa8 -> 0x0000000000000000 [ 152.557895][T12370] [ 152.560217][T12370] Reported by Kernel Concurrency Sanitizer on: [ 152.566385][T12370] CPU: 0 UID: 0 PID: 12370 Comm: syz.5.3424 Tainted: G W 6.15.0-rc4-syzkaller-00296-ge8ab83e34bdc #0 PREEMPT(voluntary) [ 152.580470][T12370] Tainted: [W]=WARN [ 152.584286][T12370] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 152.594349][T12370] ================================================================== [ 152.629020][T12388] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3438'. [ 153.004826][T12370] syz.5.3424 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=1000 [ 153.019136][T12370] CPU: 1 UID: 0 PID: 12370 Comm: syz.5.3424 Tainted: G W 6.15.0-rc4-syzkaller-00296-ge8ab83e34bdc #0 PREEMPT(voluntary) [ 153.019185][T12370] Tainted: [W]=WARN [ 153.019191][T12370] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 153.019219][T12370] Call Trace: [ 153.019281][T12370] [ 153.019291][T12370] __dump_stack+0x1d/0x30 [ 153.019315][T12370] dump_stack_lvl+0xe8/0x140 [ 153.019333][T12370] dump_stack+0x15/0x1b [ 153.019381][T12370] dump_header+0x81/0x220 [ 153.019412][T12370] oom_kill_process+0x334/0x3f0 [ 153.019505][T12370] out_of_memory+0x979/0xb80 [ 153.019557][T12370] ? css_next_descendant_pre+0x138/0x160 [ 153.019587][T12370] mem_cgroup_out_of_memory+0x13d/0x190 [ 153.019698][T12370] try_charge_memcg+0x5e2/0x870 [ 153.019729][T12370] obj_cgroup_charge_pages+0xb7/0x1a0 [ 153.019776][T12370] __memcg_kmem_charge_page+0x9f/0x170 [ 153.019858][T12370] __alloc_frozen_pages_noprof+0x188/0x360 [ 153.019886][T12370] alloc_pages_mpol+0xb3/0x250 [ 153.019911][T12370] alloc_pages_noprof+0x90/0x130 [ 153.019937][T12370] __vmalloc_node_range_noprof+0x6a4/0xdf0 [ 153.020005][T12370] __kvmalloc_node_noprof+0x2f3/0x4d0 [ 153.020023][T12370] ? ip_set_alloc+0x1f/0x30 [ 153.020044][T12370] ? ip_set_alloc+0x1f/0x30 [ 153.020104][T12370] ? __kmalloc_cache_noprof+0x189/0x320 [ 153.020122][T12370] ip_set_alloc+0x1f/0x30 [ 153.020142][T12370] hash_netiface_create+0x282/0x740 [ 153.020166][T12370] ? __pfx_hash_netiface_create+0x10/0x10 [ 153.020240][T12370] ip_set_create+0x3c9/0x960 [ 153.020345][T12370] ? __nla_parse+0x40/0x60 [ 153.020366][T12370] nfnetlink_rcv_msg+0x4c3/0x590 [ 153.020428][T12370] netlink_rcv_skb+0x120/0x220 [ 153.020460][T12370] ? __pfx_nfnetlink_rcv_msg+0x10/0x10 [ 153.020498][T12370] nfnetlink_rcv+0x16b/0x1690 [ 153.020538][T12370] ? __kfree_skb+0x109/0x150 [ 153.020572][T12370] ? nlmon_xmit+0x4f/0x60 [ 153.020591][T12370] ? consume_skb+0x49/0x150 [ 153.020619][T12370] ? nlmon_xmit+0x4f/0x60 [ 153.020696][T12370] ? dev_hard_start_xmit+0x39e/0x3d0 [ 153.020728][T12370] ? __dev_queue_xmit+0x11c0/0x1fb0 [ 153.020748][T12370] ? __dev_queue_xmit+0x182/0x1fb0 [ 153.020768][T12370] ? ref_tracker_free+0x37d/0x3e0 [ 153.020818][T12370] ? __netlink_deliver_tap+0x4dc/0x500 [ 153.020852][T12370] netlink_unicast+0x59e/0x670 [ 153.020882][T12370] netlink_sendmsg+0x58b/0x6b0 [ 153.020988][T12370] ? __pfx_netlink_sendmsg+0x10/0x10 [ 153.021052][T12370] __sock_sendmsg+0x142/0x180 [ 153.021081][T12370] ____sys_sendmsg+0x31e/0x4e0 [ 153.021102][T12370] ___sys_sendmsg+0x17b/0x1d0 [ 153.021134][T12370] __x64_sys_sendmsg+0xd4/0x160 [ 153.021158][T12370] x64_sys_call+0x2999/0x2fb0 [ 153.021181][T12370] do_syscall_64+0xd0/0x1a0 [ 153.021277][T12370] ? clear_bhb_loop+0x25/0x80 [ 153.021301][T12370] ? clear_bhb_loop+0x25/0x80 [ 153.021323][T12370] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 153.021345][T12370] RIP: 0033:0x7ffa599be969 [ 153.021360][T12370] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 153.021378][T12370] RSP: 002b:00007ffa58006038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 153.021488][T12370] RAX: ffffffffffffffda RBX: 00007ffa59be6080 RCX: 00007ffa599be969 [ 153.021502][T12370] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000004 [ 153.021515][T12370] RBP: 00007ffa59a40ab1 R08: 0000000000000000 R09: 0000000000000000 [ 153.021549][T12370] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 153.021561][T12370] R13: 0000000000000000 R14: 00007ffa59be6080 R15: 00007ffd45576738 [ 153.021654][T12370] [ 153.021661][T12370] memory: usage 307200kB, limit 307200kB, failcnt 228 [ 153.378710][T12370] memory+swap: usage 307404kB, limit 9007199254740988kB, failcnt 0 [ 153.386611][T12370] kmem: usage 307200kB, limit 9007199254740988kB, failcnt 0 [ 153.393899][T12370] Memory cgroup stats for /syz5: [ 153.394276][T12370] cache 0 [ 153.394397][ T3539] usb usb8-port8: attempt power cycle [ 153.399276][T12370] rss 0 [ 153.410376][T12370] shmem 0 [ 153.413293][T12370] mapped_file 0 [ 153.416783][T12370] dirty 0 [ 153.419754][T12370] writeback 0 [ 153.423014][T12370] workingset_refault_anon 1187 [ 153.427792][T12370] workingset_refault_file 0 [ 153.432310][T12370] swap 208896 [ 153.435569][T12370] swapcached 0 [ 153.438995][T12370] pgpgin 58988 [ 153.442357][T12370] pgpgout 58988 [ 153.445925][T12370] pgfault 26442 [ 153.449383][T12370] pgmajfault 213 [ 153.452909][T12370] inactive_anon 0 [ 153.456517][T12370] active_anon 0 [ 153.460107][T12370] inactive_file 0 [ 153.463825][T12370] active_file 0 [ 153.467267][T12370] unevictable 0 [ 153.470713][T12370] hierarchical_memory_limit 314572800 [ 153.476181][T12370] hierarchical_memsw_limit 9223372036854771712 [ 153.482382][T12370] total_cache 0 [ 153.485906][T12370] total_rss 0 [ 153.489247][T12370] total_shmem 0 [ 153.492767][T12370] total_mapped_file 0 [ 153.496762][T12370] total_dirty 0 [ 153.500208][T12370] total_writeback 0 [ 153.504028][T12370] total_workingset_refault_anon 1187 [ 153.509330][T12370] total_workingset_refault_file 0 [ 153.514358][T12370] total_swap 208896 [ 153.518150][T12370] total_swapcached 0 [ 153.522020][T12370] total_pgpgin 58988 [ 153.525927][T12370] total_pgpgout 58988 [ 153.529907][T12370] total_pgfault 26443 [ 153.533907][T12370] total_pgmajfault 213 [ 153.538037][T12370] total_inactive_anon 0 [ 153.542185][T12370] total_active_anon 0 [ 153.546194][T12370] total_inactive_file 0 [ 153.550353][T12370] total_active_file 0 [ 153.554324][T12370] total_unevictable 0 [ 153.558307][T12370] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz5,mems_allowed=0,oom_memcg=/syz5,task_memcg=/syz5,task=syz.5.3424,pid=12359,uid=0 [ 153.573355][T12370] Memory cgroup out of memory: Killed process 12359 (syz.5.3424) total-vm:95796kB, anon-rss:936kB, file-rss:22196kB, shmem-rss:0kB, UID:0 pgtables:120kB oom_score_adj:1000 [ 155.367104][ T3539] usb usb8-port8: unable to enumerate USB device