last executing test programs: 3.686099088s ago: executing program 1 (id=620): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1, 0x1, 0x7fe2, 0x1}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xc, &(0x7f0000000280)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000000c0)='percpu_alloc_percpu\x00', r1, 0x0, 0x1}, 0x18) bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="0600000004000000990000000d"], 0x50) 3.576324483s ago: executing program 1 (id=623): syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f00000001c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f00000012c0), 0x1, 0x244, &(0x7f0000000400)="$eJzs3T9oJFUcB/DvzO565m6RUxtB/AMiooFwdoJNbBQCEoKIoEJExEZJhJhgl1jZWGitksomiJ3RUtIEG0WwipoiNoIGC4OFFiu7k0hMVqNu3Dkynw9MZibz3vzesPN9u83sBmisq0mmk7SSTCbpJCmON7i7Wq4e7q5PbM8nvd4TPxWDdtV+5ajflSRrSR5KslUWeamdrGw+s/fLzmP3vbncuff9zacnxnqRh/b3dh8/eG/2jY9mHlz54qsfZotMp/un6zp/xZD/tYvklv+j2HWiaNc9Av6Judc+/Lqf+1uT3DPIfydlqhfvraUbtjp54N2/6vv2j1/ePs6xAuev1+v03wPXekDjlEm6KcqpJNV2WU5NVZ/hv2ldLl9eXHp18sXF5YUX6p6pgPPSTXYf/eTSx1dO5P/7VpV/4OLq5//JuY1v+9sHrbpHA4zFHdWqn//J51bvj/xD48g/NJf8Q3PJPzSX/ENzyT80l/zDBdb5+8PyD80l/9Bc8g/NdTz/AECz9C7V/QQyUJe65x8AAAAAAAAAAAAAAAAAAOC09Ynt+aNlXDU/eyfZfyRJe1j91uD3iJMbB38v/1z0m/2hqLqN5Nm7RjzBiD6o+enrm76rt/7nd9Zbf3UhWXs9ybV2+/T9Vxzef//dzWcc7zw/YoF/qTix//BT461/0m8b9daf2Uk+7c8/14bNP2VuG6yHzz/ds79i+Uyv/DriCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABib3wMAAP//+kBtTA==") r0 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./bus\x00', 0x1c5042, 0x12) writev(r0, &(0x7f0000001000)=[{&(0x7f0000000080)="dfd2d837a8f524ee7b8e2a0f4c537c5d67060bcb6647b66d049eeb3fd679cad8cb49cb484de25cbbfbb68a4e71c8f5e9c1", 0x31}, {&(0x7f0000000880)="76b0d8e7b4fbe83b9a3a82e0bbf91c1680d1f0b00633f12efc58b563dbdcfe39385fa5f25b4f44f77855053cd2c70c4b2f93a03ac5065ae95772c490638e6f2609cd625dcb26a8342315a054d59e843d7acd6cf3c414d1cee5b36208364ca1fd503e7f9f9e7c8b9ab7985616d5283e56db010e1021e45a2452e8ddd7966b3c4232e6015e47ed174b11e6c81d085fc43b5c85fb84ae756ad048a44c6c84414d1e046467447a237ff927f9ef158987745861cf8b330f7c234aff1499be56651be1c7a1221477ae394445e5014caad4442312bca4e1a985351d4d02c64c53f617a08a415575046ffd74bf9f6af6653a442b4728c46a084d2e7cb4395afe46c77ed4ec78d92d2f23cafc1289", 0x10a}, {&(0x7f0000000740)="fb4ce835c410f08e12d4490a0bffb614927bfd1e7b341d442cafecdfb5eda4a9964b615a7ae29f1fc815bb920c3a1bc960cd8624addb86f71211552eabc6fe1578677d3794d091edccf86a099a4f896f90b3a82d69879b619876c22f3172672ff1f6c3b5638e7833cd65c39f563b277086bcc172bf233a8918dd2038d33dfe251cf65cbcdb69e866f42789cd82dbe77498069277c0430d195ac0f986e26989978afd7dba9bf087f48b55a522782cf359beaf015a334429884ac4b858d5fe00909b45e0967783a368d9ef3ab6a954e59de28d", 0xd2}, {0x0}, {&(0x7f0000000300)="f720545dd3b03efebdc5e0fccd4ebd5a12deb78fb2c5b13465656b6d7bbd6359c662bc2d12228e8af99d9f1012e0d43912798e5d1291ed84aeef6e66484e3ea487546c", 0x43}, {&(0x7f00000009c0)="2d7c05b661ed61dbb0ff95a0f7db1d70a1e8cbe5d67df0ffe7d7234e5c2579ff67a6588289a685d19db6d2e3b65b96e2bf4119a62a932b6770b873c79f6a9117acd583f0365093cd871d5c369eaff34d0513b222e38fcdce7b1f2b0d86e04b3eaea9966d878e96502cc03f40ae98e68f030c88e146e7747eeba91c67349f0dcbf6fd725760b2ec1a7b4c9fcbcea37f6c34a94105e43dac4871cde933f9fad5c9410ca97fe8726ed54b6ab6d9135623c3665e4cecfbf24d3921df819808ea845530ce7a9ec53ed7c09278de85a2a240fba90e366e860ad2645c317dba94345eb7e24274b21a58b7870ebaab92d8d5f52637b3d8ff40f30ad4a26a7fa562350711e70d011c16e3569b5d732a83cf2753de6f57d1591cd3dbe3b0782d02bf3a510902653e5abf26a08a51cfc9bf1947b68ad772cd56de456fcdfdea6cd15b275ada41ea95e8679d885dca32cc8bbc749a71ea850c2be65a3e0f5cb22ca88a1b0c5a54115a6890e82db80e5299f6e652291787fb8bf2298344219e9d893429707258f679bc60c9fae25cb986e39e47ef9929e177ce63fd520d3b", 0x198}], 0x6) 3.215871068s ago: executing program 3 (id=629): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$usbfs(&(0x7f0000000180), 0x205, 0x2581) r1 = fcntl$dupfd(r0, 0x0, r0) mremap(&(0x7f0000000000/0x9000)=nil, 0x600002, 0x600002, 0x7, &(0x7f0000a00000/0x600000)=nil) ioctl$USBDEVFS_REAPURB(r1, 0x4004550c, &(0x7f0000000380)) 3.168586703s ago: executing program 1 (id=631): syz_genetlink_get_family_id$team(0x0, 0xffffffffffffffff) socket$igmp(0x2, 0x3, 0x2) close(0x4) syz_open_procfs$namespace(0x0, 0x0) openat$tun(0xffffffffffffff9c, 0x0, 0x40241, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socketpair(0x1, 0x1, 0x0, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) close(r0) r1 = socket$inet6_mptcp(0xa, 0x1, 0x106) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @empty}, 0xf}, 0x1c) listen(r1, 0x0) r2 = socket$inet_mptcp(0x2, 0x1, 0x106) accept(r0, 0x0, 0x0) connect$inet(r2, &(0x7f0000000140)={0x2, 0x4e22, @loopback}, 0x10) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$MPTCP_PM_CMD_ADD_ADDR(r3, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000004c0)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="0100000000020000000001000000280001801400040000000000000000000000ffffac1414aa060001000a0080000800060003"], 0x3c}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) 3.022244359s ago: executing program 0 (id=632): unshare(0x26040600) r0 = fsopen(&(0x7f0000000140)='cgroup2\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) fsmount(r0, 0x0, 0x8) bpf$BPF_LINK_CREATE(0x1c, 0x0, 0x0) 2.818144988s ago: executing program 0 (id=635): sendmsg$NBD_CMD_RECONFIGURE(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="98000000", @ANYBLOB="2da52abd7000fbdbdf250300000008000100000000000800010000000000340007800c"], 0x98}, 0x1, 0x0, 0x0, 0x4008040}, 0x4000) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)=ANY=[@ANYBLOB="340000001100050000000000feffffff07000000", @ANYRES32=r2, @ANYBLOB="003000000000000014001a80100005"], 0x34}, 0x1, 0x0, 0x0, 0x800c000}, 0x0) 2.817799058s ago: executing program 1 (id=636): r0 = socket$unix(0x1, 0x1, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r2 = socket(0x400000000010, 0x3, 0x0) r3 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r2, &(0x7f0000000bc0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0x2}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x0, 0x3}}}]}, 0x38}}, 0x0) r5 = socket$kcm(0x11, 0x3, 0x0) r6 = socket(0x400000000010, 0x3, 0x0) r7 = socket$unix(0x1, 0x5, 0x0) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000140)=@newtfilter={0x44, 0x2c, 0xd3f, 0x70bd24, 0x25dfdbfc, {0x0, 0x0, 0x0, r8, {0xfff3, 0xffe0}, {}, {0x7, 0x2}}, [@filter_kind_options=@f_bpf={{0x8}, {0x18, 0x2, [@TCA_BPF_OPS={{0x6, 0x4, 0x1}, {0xc, 0x5, [{0x6, 0xd, 0x5, 0x4}]}}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x8848}, 0x20004804) r9 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) ioctl$SIOCSIFHWADDR(r9, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast}) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$kcm(r5, &(0x7f00000000c0)={&(0x7f0000000380)=@xdp={0x2c, 0x7, r10, 0x3e}, 0x80, &(0x7f0000000080)=[{&(0x7f0000000180)='\'', 0x1}], 0x1}, 0x4) 2.702780189s ago: executing program 0 (id=638): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000005000000020000000010"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000140)={'batadv0\x00', 0x0}) r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r4, &(0x7f0000000280)={0x0, 0xfffffffffffffdca, &(0x7f0000000240)={&(0x7f0000000300)=@newtfilter={0x24, 0x11, 0x1, 0x691522eb, 0x0, {0x0, 0x0, 0x74, r3, {0x10, 0x4}, {}, {0xb}}}, 0x24}, 0x1, 0xf0ffffffffffff, 0x0, 0x24060050}, 0x8000) 2.577931873s ago: executing program 1 (id=640): r0 = socket$key(0xf, 0x3, 0x2) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000080)='kfree\x00', r2}, 0x18) sendmsg$key(r0, &(0x7f0000000000)={0x500, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="020200090f000000000000000000000005000600000000000a0000000000000000000000000000000000000000000000000000000000000002000100000004d20000020300000020050005002f8000000a00000000000000ff0100000000000000000000000000010000000000000000010018"], 0x78}}, 0x0) 2.350027041s ago: executing program 4 (id=641): r0 = socket$rds(0x15, 0x5, 0x0) bind$rds(r0, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10) r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x2000000, 0x0, 0x0, 0x0, 0x4}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r2 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace(0x10, r2) ptrace$getregs(0xc, r2, 0xfbffffffffffdcaf, &(0x7f0000000040)=""/45) 2.309143991s ago: executing program 0 (id=642): r0 = io_uring_setup(0x8005593, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f00000009c0)=ANY=[], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r0, 0x10, 0x0, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, 0x0, &(0x7f0000000100)='GPL\x00'}, 0x94) r1 = mq_open(&(0x7f0000000080)='!selin\xdb\xa1\x02\xbf\xd9l\xd7\xcd\xc0uxse\xee\x0e\xcd\xce6\xbf\xfa;\xb9-a\xb8\xef\x8de\x14\xbc\x9ej\xa1q\xa2\xa5\t\x98\x8a\x8f>\xba', 0x6e93ebbbcc088cf2, 0x0, &(0x7f0000000300)={0x0, 0x1, 0xec}) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0a000000040000000c0000000b"], 0x50) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000006020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b70300000000ecff850000000400000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r4}, 0x18) sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[], 0x7c}, 0x1, 0x0, 0x0, 0x20000000}, 0x0) mq_timedsend(r1, 0x0, 0x0, 0x0, 0x0) mq_timedsend(r1, 0x0, 0x0, 0x9, 0x0) 2.267041355s ago: executing program 1 (id=643): r0 = getpgid(0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r1}, &(0x7f0000000000), &(0x7f00000005c0)=r2}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x49, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000008c0)=ANY=[@ANYBLOB="54000000000801010000ffffe00000000a000000050003002f0000000600024000000000240004800800024000000000080001400000fcff07000140800000010800014080000001090001"], 0x54}, 0x1, 0x0, 0x0, 0x4004}, 0x28040000) r4 = syz_pidfd_open(r0, 0x0) r5 = pidfd_getfd(r4, r4, 0x0) setns(r5, 0x66020000) mount$9p_fd(0x0, &(0x7f0000000980)='.\x00', 0x0, 0x104000, 0x0) syz_clone(0x498144ee5f62e149, 0x0, 0x17, 0x0, 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) r6 = open_tree(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x80001) move_mount(r6, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) r7 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r7, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x262) umount2(&(0x7f0000000040)='.\x00', 0x2) 2.162146371s ago: executing program 4 (id=644): r0 = socket$inet6(0x2d, 0x2, 0x0) bind$inet6(r0, 0x0, 0x0) 2.128815907s ago: executing program 0 (id=645): unshare(0x26040600) r0 = fsopen(&(0x7f0000000140)='cgroup2\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) fsmount(r0, 0x0, 0x8) bpf$BPF_LINK_CREATE(0x1c, 0x0, 0x0) 2.126584352s ago: executing program 3 (id=646): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000008000000060000000010"], 0x48) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000a00)=@newqdisc={0x24, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xfffffdfc, {0x0, 0x0, 0x0, 0x0, {0xffff}, {0xffff, 0xffff}, {0x2, 0x1}}}, 0x24}, 0x1, 0x0, 0x0, 0x400dc}, 0x0) r1 = socket(0x10, 0x3, 0x0) sendmmsg(r1, &(0x7f0000000000), 0x4000000000001f2, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='kmem_cache_free\x00', r2}, 0x10) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907001175f37538e486dd630080fc00082c00db5b6861589bcfe8875a060300000023000000000000000000000000ac1414aa"], 0xfdef) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x28, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x94) r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r3, 0x5, 0xb68, 0xf5ffffff, &(0x7f0000000000)='%', 0x0, 0xd01, 0xbe02, 0x0, 0x0, 0x0, 0x0, 0x2, 0x31}, 0x48) 2.057452718s ago: executing program 4 (id=647): writev(0xffffffffffffffff, &(0x7f0000003500)=[{&(0x7f0000000300)="aaf9cbbebec1c21b2b97fe8378b1a6f9b362b0ce28d64dcae763a477474cd92e109fff8cbeb8da", 0x27}], 0x1) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x40241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) r1 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) write$tun(r0, &(0x7f0000000300)=ANY=[@ANYBLOB="000086dd03000a000000140000006c07010033d43a"], 0x340a) 1.991620621s ago: executing program 0 (id=648): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000004f4b000000000000000000180100002020702000000000002020207b1af8ff"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = openat$uhid(0xffffffffffffff9c, 0x0, 0x802, 0x0) write$UHID_CREATE2(r0, &(0x7f0000000240)={0xb, {'syz1\x00', 'syz0\x00', 'syz0\x00', 0xd6, 0xfff9, 0xfffffffe, 0x8, 0xb, 0xb, "8f11735a84e7e4e356b962e1411b7a56733cb4fec08764b54ab230699f4c92f94b6722f38d49482baeab8d14d4b785878ec9349cfa96fb3fddc081eef792475db6c677f015459f0c2330fd2a382bf3a841bb9e46d05c01986b0878c009689eb558579a7fd5a5b37442339436e96ab8863de64bc1bcb087e7ba0c55f379fb6424799f2464242ea4c0bddfd900d133af62357d1361f213ff552f09fb35ff39768ad8029800ac29afb4c69d3211eec136d3396ffda424734167a9f10a10791cc4caf569b75a392d76c3130f02eba2f217f77cfd07f65ccb"}}, 0x1ee) renameat2(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000480)='./file7\x00', 0x0) fsetxattr$trusted_overlay_opaque(0xffffffffffffffff, 0x0, &(0x7f0000000080), 0x2, 0x2) socket$nl_netfilter(0x10, 0x3, 0xc) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000100)={0x50, 0x2, 0x6, 0x801, 0x0, 0x0, {}, [@IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x15, 0x3, 'hash:ip,port,net\x00'}]}, 0x50}}, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) read(r2, &(0x7f0000000380)=""/171, 0xab) sendmsg$IPSET_CMD_ADD(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000780)=ANY=[@ANYBLOB="74000000090601020000000000000000030000000900020073797a310000000005000100070000004c0007801800018014000240fe8000000000000000000000000000aa1800148014000240fc000000000000000000000000000000060004404e1f0000050007008400000006000540"], 0x74}, 0x1, 0x0, 0x0, 0x10040003}, 0x0) sendmsg$IPSET_CMD_LIST(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, 0x7, 0x6, 0x801, 0x0, 0x0, {0x1, 0x0, 0x7}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4}, 0x94) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_ADD(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000780)=ANY=[@ANYBLOB='t\x00\x00\x00\n'], 0x74}, 0x1, 0x0, 0x0, 0x10040003}, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x3, 0x0, 0x7ffc1ffb}]}) flistxattr(r2, &(0x7f0000000580)=""/205, 0xcd) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) 1.907456409s ago: executing program 2 (id=649): socket$packet(0x11, 0x2, 0x300) r0 = syz_io_uring_setup(0x74d, &(0x7f0000000100)={0x0, 0x59c4, 0x8, 0xffd, 0x5cc}, &(0x7f0000000300)=0x0, &(0x7f0000000080)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f0000000740), 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_ACCEPT={0xd, 0xc, 0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x81800, 0x1}) io_uring_enter(r0, 0x749f, 0x4, 0x0, 0x0, 0xfffffffffffffef5) 1.21968141s ago: executing program 2 (id=650): r0 = socket$unix(0x1, 0x1, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r2 = socket(0x400000000010, 0x3, 0x0) r3 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r2, &(0x7f0000000bc0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0x2}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x0, 0x3}}}]}, 0x38}}, 0x0) r5 = socket$kcm(0x11, 0x3, 0x0) r6 = socket(0x400000000010, 0x3, 0x0) r7 = socket$unix(0x1, 0x5, 0x0) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000140)=@newtfilter={0x44, 0x2c, 0xd3f, 0x70bd24, 0x25dfdbfc, {0x0, 0x0, 0x0, r8, {0xfff3, 0xffe0}, {}, {0x7, 0x2}}, [@filter_kind_options=@f_bpf={{0x8}, {0x18, 0x2, [@TCA_BPF_OPS={{0x6, 0x4, 0x1}, {0xc, 0x5, [{0x6, 0xd, 0x5, 0x4}]}}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x8848}, 0x20004804) r9 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) ioctl$SIOCSIFHWADDR(r9, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast}) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$kcm(r5, &(0x7f00000000c0)={&(0x7f0000000380)=@xdp={0x2c, 0x7, r10, 0x3e}, 0x80, &(0x7f0000000080)=[{&(0x7f0000000180)='\'', 0x1}], 0x1}, 0x4) 1.107145514s ago: executing program 4 (id=651): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000340)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x1, 0x25dfdbfd, {0x0, 0x0, 0x0, r1, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x3, 0x3, 0x6361, 0x7, 0xffffffff, 0x3}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40088c1}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000002c0)=@newqdisc={0x40, 0x24, 0x4ee4e6a52ff56541, 0x70b926, 0x25dfdc01, {0x0, 0x0, 0x0, r1, {0x0, 0xd}, {0xffff, 0xb}, {0xd, 0xb}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0xc, 0x2, [@TCA_FQ_CODEL_CE_THRESHOLD={0x8, 0x7, 0xfffffff9}]}}]}, 0x40}, 0x1, 0x0, 0x0, 0x240040e0}, 0x4008000) r2 = socket$packet(0x11, 0x3, 0x300) sendto$packet(r2, &(0x7f00000005c0)="bad330fbc9b55400040000ea0756a85d88a8", 0x5ea, 0x40, &(0x7f00000001c0)={0x11, 0x8100, r1, 0x1, 0xd8, 0x6, @multicast}, 0x14) 968.689006ms ago: executing program 3 (id=652): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014fa0000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x47, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10) r2 = socket$nl_route(0x10, 0x3, 0x0) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000000)=0x14) sendmsg$nl_route_sched(r2, &(0x7f0000006280)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000280)=@newtaction={0xc4, 0x30, 0x1, 0x4000000, 0x0, {0x0, 0x0, 0x6a00}, [{0xb0, 0x1, [@m_mirred={0x50, 0x1, 0x0, 0x0, {{0xb}, {0x24, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0x0, 0x0, 0x10000000, 0x0, 0x4}, 0x3, r4}}]}, {0x4, 0xa}, {0xc}, {0xffac, 0x8, {0x0, 0x2}}}}, @m_mpls={0x5c, 0x2, 0x0, 0x0, {{0x9}, {0x30}, {0x4}, {0xc}, {0xc}}}]}]}, 0xc4}}, 0x0) 698.921794ms ago: executing program 3 (id=653): r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace(0x10, r0) ptrace$setregset(0x4205, r0, 0x1, &(0x7f0000000100)={0x0}) sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000140)=[{{&(0x7f0000000100)={0xa, 0x4e20, 0x4, @empty, 0xfffffffe}, 0x1c, 0x0}}], 0x1, 0x20080058) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) ptrace$setregset(0x4205, r0, 0x1, &(0x7f0000000140)={0x0, 0xfd2a}) 650.363838ms ago: executing program 2 (id=654): bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = socket(0x1, 0x2, 0x0) r1 = socket(0x10, 0x3, 0x0) getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route_sched(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x24, 0x24, 0x5820a61ca228659, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {0x0, 0x9}, {0xffff, 0xffff}, {0x9, 0x7}}}, 0x24}}, 0x4080) 601.818308ms ago: executing program 4 (id=655): r0 = io_uring_setup(0x8005593, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f00000009c0)=ANY=[], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r0, 0x10, 0x0, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, 0x0, &(0x7f0000000100)='GPL\x00'}, 0x94) r1 = mq_open(&(0x7f0000000080)='!selin\xdb\xa1\x02\xbf\xd9l\xd7\xcd\xc0uxse\xee\x0e\xcd\xce6\xbf\xfa;\xb9-a\xb8\xef\x8de\x14\xbc\x9ej\xa1q\xa2\xa5\t\x98\x8a\x8f>\xba', 0x6e93ebbbcc088cf2, 0x0, &(0x7f0000000300)={0x0, 0x1, 0xec}) socket$nl_netfilter(0x10, 0x3, 0xc) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0a000000040000000c0000000b"], 0x50) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000006020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b70300000000ecff850000000400000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x18) mq_timedsend(r1, 0x0, 0x0, 0x0, 0x0) mq_timedsend(r1, 0x0, 0x0, 0x0, 0x0) mq_timedsend(r1, 0x0, 0x0, 0x9, 0x0) 482.469495ms ago: executing program 4 (id=656): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$usbfs(&(0x7f0000000180), 0x205, 0x2581) r1 = fcntl$dupfd(r0, 0x0, r0) mremap(&(0x7f0000000000/0x9000)=nil, 0x600002, 0x600002, 0x7, &(0x7f0000a00000/0x600000)=nil) ioctl$USBDEVFS_REAPURB(r1, 0x4004550c, &(0x7f0000000380)) 436.747307ms ago: executing program 2 (id=657): r0 = socket$inet6(0x2d, 0x2, 0x0) bind$inet6(r0, 0x0, 0x0) 362.123097ms ago: executing program 3 (id=658): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000005c0)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r0, 0x0, 0x36}, 0x18) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000004c0), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_VENDOR(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000001b40)={&(0x7f0000000080)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="a1aba3bd7000fdffffff3200"], 0x24}, 0x1, 0x0, 0x0, 0x50}, 0x0) 309.823793ms ago: executing program 2 (id=659): bpf$MAP_CREATE(0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x401c2, 0x0) ftruncate(r0, 0x8800000) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f0000000000)=[{0x6, 0x85, 0x7, 0x7ffc0001}]}) r1 = epoll_create1(0x0) r2 = eventfd2(0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000b80)={0x60000012}) epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, r2, &(0x7f0000000180)={0x80002014, 0x2000000}) 118.777894ms ago: executing program 3 (id=660): socket$packet(0x11, 0x2, 0x300) r0 = syz_io_uring_setup(0x74d, &(0x7f0000000100)={0x0, 0x59c4, 0x8, 0xffd, 0x5cc}, &(0x7f0000000300)=0x0, &(0x7f0000000080)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f0000000740), 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_ACCEPT={0xd, 0xc, 0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x81800, 0x1}) io_uring_enter(r0, 0x749f, 0x4, 0x0, 0x0, 0xfffffffffffffef5) 0s ago: executing program 2 (id=661): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x1, 0xc, 0x9}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94) r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='rxrpc_recvmsg\x00', r2}, 0x18) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='rxrpc_recvmsg\x00', r1}, 0x18) r3 = socket$kcm(0x21, 0x2, 0x2) recvmsg$kcm(r3, &(0x7f0000001a80)={0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.1.19' (ED25519) to the list of known hosts. [ 89.047030][ T5811] cgroup: Unknown subsys name 'net' [ 89.187212][ T5811] cgroup: Unknown subsys name 'cpuset' [ 89.197333][ T5811] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 90.926366][ T5811] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 94.904138][ T5825] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 94.916573][ T5832] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 94.925449][ T5832] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 94.934074][ T5832] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 94.944082][ T5832] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 94.951762][ T5832] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 94.957519][ T5834] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 94.964059][ T5832] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 94.966835][ T5834] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 94.973994][ T5832] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 94.989243][ T5836] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 94.997316][ T5836] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 95.005104][ T5838] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 95.006031][ T5832] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 95.014082][ T5838] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 95.023159][ T5832] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 95.042905][ T5838] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 95.053312][ T5832] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 95.063303][ T5832] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 95.083390][ T5832] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 95.091756][ T5832] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 95.102761][ T5829] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 95.115897][ T5829] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 95.124785][ T5829] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 95.133870][ T5829] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 95.675244][ T5826] chnl_net:caif_netlink_parms(): no params data found [ 95.939750][ T5824] chnl_net:caif_netlink_parms(): no params data found [ 95.981057][ T5831] chnl_net:caif_netlink_parms(): no params data found [ 96.027154][ T5821] chnl_net:caif_netlink_parms(): no params data found [ 96.128404][ T5826] bridge0: port 1(bridge_slave_0) entered blocking state [ 96.135800][ T5826] bridge0: port 1(bridge_slave_0) entered disabled state [ 96.144550][ T5826] bridge_slave_0: entered allmulticast mode [ 96.152214][ T5826] bridge_slave_0: entered promiscuous mode [ 96.197317][ T5835] chnl_net:caif_netlink_parms(): no params data found [ 96.216334][ T5826] bridge0: port 2(bridge_slave_1) entered blocking state [ 96.224338][ T5826] bridge0: port 2(bridge_slave_1) entered disabled state [ 96.231949][ T5826] bridge_slave_1: entered allmulticast mode [ 96.240115][ T5826] bridge_slave_1: entered promiscuous mode [ 96.393359][ T5826] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 96.436986][ T5831] bridge0: port 1(bridge_slave_0) entered blocking state [ 96.444925][ T5831] bridge0: port 1(bridge_slave_0) entered disabled state [ 96.453239][ T5831] bridge_slave_0: entered allmulticast mode [ 96.460806][ T5831] bridge_slave_0: entered promiscuous mode [ 96.471263][ T5826] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 96.493951][ T5824] bridge0: port 1(bridge_slave_0) entered blocking state [ 96.501355][ T5824] bridge0: port 1(bridge_slave_0) entered disabled state [ 96.509190][ T5824] bridge_slave_0: entered allmulticast mode [ 96.517168][ T5824] bridge_slave_0: entered promiscuous mode [ 96.537765][ T5831] bridge0: port 2(bridge_slave_1) entered blocking state [ 96.545153][ T5831] bridge0: port 2(bridge_slave_1) entered disabled state [ 96.552558][ T5831] bridge_slave_1: entered allmulticast mode [ 96.560391][ T5831] bridge_slave_1: entered promiscuous mode [ 96.581474][ T5821] bridge0: port 1(bridge_slave_0) entered blocking state [ 96.589651][ T5821] bridge0: port 1(bridge_slave_0) entered disabled state [ 96.597141][ T5821] bridge_slave_0: entered allmulticast mode [ 96.605213][ T5821] bridge_slave_0: entered promiscuous mode [ 96.613740][ T5824] bridge0: port 2(bridge_slave_1) entered blocking state [ 96.621159][ T5824] bridge0: port 2(bridge_slave_1) entered disabled state [ 96.629368][ T5824] bridge_slave_1: entered allmulticast mode [ 96.637294][ T5824] bridge_slave_1: entered promiscuous mode [ 96.704498][ T5821] bridge0: port 2(bridge_slave_1) entered blocking state [ 96.711994][ T5821] bridge0: port 2(bridge_slave_1) entered disabled state [ 96.720000][ T5821] bridge_slave_1: entered allmulticast mode [ 96.727654][ T5821] bridge_slave_1: entered promiscuous mode [ 96.780787][ T5826] team0: Port device team_slave_0 added [ 96.804372][ T5824] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 96.814351][ T5835] bridge0: port 1(bridge_slave_0) entered blocking state [ 96.821915][ T5835] bridge0: port 1(bridge_slave_0) entered disabled state [ 96.830720][ T5835] bridge_slave_0: entered allmulticast mode [ 96.838314][ T5835] bridge_slave_0: entered promiscuous mode [ 96.849459][ T5831] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 96.860871][ T5826] team0: Port device team_slave_1 added [ 96.896660][ T5824] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 96.922286][ T5835] bridge0: port 2(bridge_slave_1) entered blocking state [ 96.929826][ T5835] bridge0: port 2(bridge_slave_1) entered disabled state [ 96.937457][ T5835] bridge_slave_1: entered allmulticast mode [ 96.945143][ T5835] bridge_slave_1: entered promiscuous mode [ 96.954789][ T5831] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 96.980491][ T5821] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 97.034939][ T5826] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 97.042981][ T5826] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 97.071568][ T5829] Bluetooth: hci2: command tx timeout [ 97.073101][ T5829] Bluetooth: hci1: command tx timeout [ 97.078175][ T5826] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 97.098122][ T5821] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 97.110471][ T5824] team0: Port device team_slave_0 added [ 97.143037][ T5829] Bluetooth: hci0: command tx timeout [ 97.152695][ T5829] Bluetooth: hci3: command tx timeout [ 97.153529][ T5826] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 97.165639][ T5826] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 97.193063][ T5826] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 97.222959][ T5824] team0: Port device team_slave_1 added [ 97.223242][ T5829] Bluetooth: hci4: command tx timeout [ 97.236805][ T5835] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 97.249711][ T5831] team0: Port device team_slave_0 added [ 97.297088][ T5835] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 97.319099][ T10] cfg80211: failed to load regulatory.db [ 97.331572][ T5831] team0: Port device team_slave_1 added [ 97.371223][ T5821] team0: Port device team_slave_0 added [ 97.395877][ T5835] team0: Port device team_slave_0 added [ 97.430011][ T5824] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 97.437162][ T5824] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 97.464851][ T5824] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 97.478373][ T5821] team0: Port device team_slave_1 added [ 97.501383][ T5835] team0: Port device team_slave_1 added [ 97.522706][ T5831] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 97.529733][ T5831] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 97.557128][ T5831] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 97.569482][ T5824] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 97.576913][ T5824] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 97.603180][ T5824] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 97.647071][ T5826] hsr_slave_0: entered promiscuous mode [ 97.654055][ T5826] hsr_slave_1: entered promiscuous mode [ 97.661479][ T5831] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 97.668850][ T5831] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 97.695316][ T5831] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 97.722037][ T5821] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 97.729332][ T5821] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 97.756509][ T5821] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 97.784133][ T5835] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 97.791248][ T5835] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 97.818146][ T5835] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 97.845827][ T5821] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 97.852903][ T5821] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 97.887557][ T5821] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 97.916536][ T5835] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 97.928335][ T5835] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 97.958526][ T5835] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 98.107303][ T5824] hsr_slave_0: entered promiscuous mode [ 98.116100][ T5824] hsr_slave_1: entered promiscuous mode [ 98.124092][ T5824] debugfs: 'hsr0' already exists in 'hsr' [ 98.130809][ T5824] Cannot create hsr debugfs directory [ 98.142924][ T5831] hsr_slave_0: entered promiscuous mode [ 98.150518][ T5831] hsr_slave_1: entered promiscuous mode [ 98.158096][ T5831] debugfs: 'hsr0' already exists in 'hsr' [ 98.163988][ T5831] Cannot create hsr debugfs directory [ 98.304953][ T5835] hsr_slave_0: entered promiscuous mode [ 98.312136][ T5835] hsr_slave_1: entered promiscuous mode [ 98.330321][ T5835] debugfs: 'hsr0' already exists in 'hsr' [ 98.336724][ T5835] Cannot create hsr debugfs directory [ 98.349475][ T5821] hsr_slave_0: entered promiscuous mode [ 98.359541][ T5821] hsr_slave_1: entered promiscuous mode [ 98.366728][ T5821] debugfs: 'hsr0' already exists in 'hsr' [ 98.373700][ T5821] Cannot create hsr debugfs directory [ 98.922675][ T5826] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 98.936170][ T5826] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 98.968894][ T5826] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 98.996181][ T5826] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 99.056580][ T5831] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 99.071847][ T5831] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 99.084889][ T5831] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 99.098382][ T5831] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 99.154437][ T5829] Bluetooth: hci1: command tx timeout [ 99.160105][ T5829] Bluetooth: hci2: command tx timeout [ 99.201565][ T5824] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 99.213118][ T5824] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 99.223516][ T5838] Bluetooth: hci0: command tx timeout [ 99.229225][ T5829] Bluetooth: hci3: command tx timeout [ 99.242361][ T5824] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 99.275854][ T5824] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 99.302638][ T5829] Bluetooth: hci4: command tx timeout [ 99.397836][ T5821] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 99.409442][ T5821] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 99.430948][ T5821] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 99.467963][ T5821] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 99.568037][ T5831] 8021q: adding VLAN 0 to HW filter on device bond0 [ 99.579886][ T5826] 8021q: adding VLAN 0 to HW filter on device bond0 [ 99.605293][ T5835] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 99.619935][ T5835] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 99.631034][ T5835] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 99.654341][ T5826] 8021q: adding VLAN 0 to HW filter on device team0 [ 99.663512][ T5835] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 99.700615][ T60] bridge0: port 1(bridge_slave_0) entered blocking state [ 99.708224][ T60] bridge0: port 1(bridge_slave_0) entered forwarding state [ 99.722253][ T5831] 8021q: adding VLAN 0 to HW filter on device team0 [ 99.774656][ T60] bridge0: port 1(bridge_slave_0) entered blocking state [ 99.783159][ T60] bridge0: port 1(bridge_slave_0) entered forwarding state [ 99.794702][ T60] bridge0: port 2(bridge_slave_1) entered blocking state [ 99.802008][ T60] bridge0: port 2(bridge_slave_1) entered forwarding state [ 99.818895][ T141] bridge0: port 2(bridge_slave_1) entered blocking state [ 99.826463][ T141] bridge0: port 2(bridge_slave_1) entered forwarding state [ 99.894078][ T5824] 8021q: adding VLAN 0 to HW filter on device bond0 [ 99.986924][ T5824] 8021q: adding VLAN 0 to HW filter on device team0 [ 100.014386][ T50] bridge0: port 1(bridge_slave_0) entered blocking state [ 100.021889][ T50] bridge0: port 1(bridge_slave_0) entered forwarding state [ 100.057378][ T50] bridge0: port 2(bridge_slave_1) entered blocking state [ 100.064591][ T50] bridge0: port 2(bridge_slave_1) entered forwarding state [ 100.190817][ T5821] 8021q: adding VLAN 0 to HW filter on device bond0 [ 100.250085][ T5835] 8021q: adding VLAN 0 to HW filter on device bond0 [ 100.411411][ T5821] 8021q: adding VLAN 0 to HW filter on device team0 [ 100.440755][ T5835] 8021q: adding VLAN 0 to HW filter on device team0 [ 100.475354][ T141] bridge0: port 1(bridge_slave_0) entered blocking state [ 100.482963][ T141] bridge0: port 1(bridge_slave_0) entered forwarding state [ 100.538754][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 100.546195][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 100.577374][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 100.584659][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 100.629885][ T1153] bridge0: port 2(bridge_slave_1) entered blocking state [ 100.637170][ T1153] bridge0: port 2(bridge_slave_1) entered forwarding state [ 100.679823][ T5831] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 100.715595][ T5826] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 100.833718][ T5824] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 100.852966][ T5835] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 101.028236][ T5831] veth0_vlan: entered promiscuous mode [ 101.045284][ T5826] veth0_vlan: entered promiscuous mode [ 101.110980][ T5831] veth1_vlan: entered promiscuous mode [ 101.149670][ T5826] veth1_vlan: entered promiscuous mode [ 101.179635][ T5824] veth0_vlan: entered promiscuous mode [ 101.219111][ T5824] veth1_vlan: entered promiscuous mode [ 101.226340][ T5829] Bluetooth: hci2: command tx timeout [ 101.232122][ T5829] Bluetooth: hci1: command tx timeout [ 101.313651][ T5829] Bluetooth: hci3: command tx timeout [ 101.319402][ T5838] Bluetooth: hci0: command tx timeout [ 101.330121][ T5831] veth0_macvtap: entered promiscuous mode [ 101.359168][ T5831] veth1_macvtap: entered promiscuous mode [ 101.377274][ T5826] veth0_macvtap: entered promiscuous mode [ 101.383454][ T5838] Bluetooth: hci4: command tx timeout [ 101.407444][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 101.419203][ T5835] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 101.437092][ T5826] veth1_macvtap: entered promiscuous mode [ 101.467063][ T5821] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 101.481908][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 101.492476][ T5824] veth0_macvtap: entered promiscuous mode [ 101.519190][ T5824] veth1_macvtap: entered promiscuous mode [ 101.551902][ T141] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.584924][ T5826] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 101.615826][ T141] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.626764][ T141] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.686021][ T141] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.708532][ T5826] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 101.777636][ T1153] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.790565][ T1153] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.815792][ T1153] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.825242][ T1153] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.840186][ T5821] veth0_vlan: entered promiscuous mode [ 101.851690][ T5824] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 101.902094][ T5824] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 101.911660][ T5920] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 101.923464][ T5920] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 101.941381][ T5821] veth1_vlan: entered promiscuous mode [ 101.991320][ T13] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 102.001288][ T13] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 102.033831][ T50] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 102.041948][ T50] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 102.056726][ T13] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 102.067148][ T13] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 102.130674][ T1153] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 102.148319][ T1153] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 102.185564][ T5831] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 102.258880][ T5821] veth0_macvtap: entered promiscuous mode [ 102.285987][ T1153] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 102.310174][ T1153] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 102.331180][ T5835] veth0_vlan: entered promiscuous mode [ 102.351282][ T5821] veth1_macvtap: entered promiscuous mode [ 102.398012][ T5835] veth1_vlan: entered promiscuous mode [ 102.434565][ T141] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 102.443890][ T5941] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2'. [ 102.465303][ T141] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 102.478218][ T5821] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 102.569124][ T5821] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 102.622076][ T141] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 102.630859][ T1153] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 102.660486][ T141] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 102.666033][ T1153] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 102.695470][ T1153] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 102.745664][ T1153] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 102.852457][ T5835] veth0_macvtap: entered promiscuous mode [ 102.903219][ T5835] veth1_macvtap: entered promiscuous mode [ 103.049718][ T5835] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 103.079427][ T5949] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3'. [ 103.082899][ T50] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 103.098056][ T5835] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 103.124596][ T50] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 103.204429][ T5949] bridge0: entered promiscuous mode [ 103.210075][ T5949] macsec1: entered allmulticast mode [ 103.224276][ T5949] bridge0: entered allmulticast mode [ 103.242376][ T5949] bridge0: port 3(macsec1) entered blocking state [ 103.249653][ T5949] bridge0: port 3(macsec1) entered disabled state [ 103.294081][ T5949] bridge0: left allmulticast mode [ 103.299742][ T5949] bridge0: left promiscuous mode [ 103.316918][ T5838] Bluetooth: hci1: command tx timeout [ 103.322902][ T5838] Bluetooth: hci2: command tx timeout [ 103.389314][ T1153] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 103.402999][ T5829] Bluetooth: hci0: command tx timeout [ 103.408480][ T5829] Bluetooth: hci3: command tx timeout [ 103.422571][ T1153] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 103.463466][ T5829] Bluetooth: hci4: command tx timeout [ 103.475468][ T1153] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 103.514931][ T1153] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 103.641311][ T5920] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 103.672373][ T5920] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 103.720851][ T5955] loop3: detected capacity change from 0 to 164 [ 103.732665][ T30] audit: type=1326 audit(1762605652.121:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5954 comm="syz.3.9" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f512f78f6c9 code=0x7ffc0000 [ 103.767176][ T30] audit: type=1326 audit(1762605652.121:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5954 comm="syz.3.9" exe="/root/syz-executor" sig=0 arch=c000003e syscall=303 compat=0 ip=0x7f512f78f6c9 code=0x7ffc0000 [ 103.807034][ T5955] ISOFS: unable to read i-node block [ 103.823896][ T5955] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet. [ 103.847130][ T30] audit: type=1326 audit(1762605652.121:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5954 comm="syz.3.9" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f512f78f6c9 code=0x7ffc0000 [ 103.951438][ T30] audit: type=1326 audit(1762605652.121:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5954 comm="syz.3.9" exe="/root/syz-executor" sig=0 arch=c000003e syscall=304 compat=0 ip=0x7f512f78f6c9 code=0x7ffc0000 [ 104.029901][ T30] audit: type=1326 audit(1762605652.121:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5954 comm="syz.3.9" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f512f78f6c9 code=0x7ffc0000 [ 104.057443][ T30] audit: type=1326 audit(1762605652.121:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5954 comm="syz.3.9" exe="/root/syz-executor" sig=0 arch=c000003e syscall=81 compat=0 ip=0x7f512f78f6c9 code=0x7ffc0000 [ 104.113200][ T5955] can0: slcan on ptm0. [ 104.146918][ T30] audit: type=1326 audit(1762605652.121:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5954 comm="syz.3.9" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f512f78f6c9 code=0x7ffc0000 [ 104.176846][ T30] audit: type=1326 audit(1762605652.121:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5954 comm="syz.3.9" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f512f78f6c9 code=0x7ffc0000 [ 104.206157][ T30] audit: type=1326 audit(1762605652.121:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5954 comm="syz.3.9" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7f512f78f6c9 code=0x7ffc0000 [ 104.251571][ T141] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 104.267365][ T30] audit: type=1326 audit(1762605652.121:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5954 comm="syz.3.9" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f512f78f6c9 code=0x7ffc0000 [ 104.299295][ T141] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 104.321812][ T5954] can0 (unregistered): slcan off ptm0. [ 104.460545][ T50] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 104.471034][ T50] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 104.801691][ T5964] loop3: detected capacity change from 0 to 1024 [ 104.854898][ T5964] ======================================================= [ 104.854898][ T5964] WARNING: The mand mount option has been deprecated and [ 104.854898][ T5964] and is ignored by this kernel. Remove the mand [ 104.854898][ T5964] option from the mount to silence this warning. [ 104.854898][ T5964] ======================================================= [ 104.897956][ T5964] EXT4-fs: inline encryption not supported [ 104.898137][ T5965] loop0: detected capacity change from 0 to 512 [ 105.058276][ T5968] loop2: detected capacity change from 0 to 512 [ 105.127427][ T5964] EXT4-fs: Ignoring removed i_version option [ 105.261423][ T5968] EXT4-fs error (device loop2): ext4_expand_extra_isize_ea:2803: inode #11: comm syz.2.11: corrupted xattr block 95: invalid header [ 105.279831][ T5968] EXT4-fs (loop2): Remounting filesystem read-only [ 105.286699][ T5968] EXT4-fs warning (device loop2): ext4_expand_extra_isize_ea:2853: Unable to expand inode 11. Delete some EAs or run e2fsck. [ 105.301207][ T5968] EXT4-fs warning (device loop2): ext4_evict_inode:256: couldn't mark inode dirty (err -30) [ 105.315805][ T5968] EXT4-fs (loop2): 1 orphan inode deleted [ 105.343571][ T5968] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 105.476285][ T5968] netlink: 996 bytes leftover after parsing attributes in process `syz.2.11'. [ 105.618819][ T5965] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c018, mo2=0002] [ 106.227635][ T5965] EXT4-fs (loop0): orphan cleanup on readonly fs [ 106.345806][ T5965] EXT4-fs warning (device loop0): ext4_enable_quotas:7181: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix. [ 106.437690][ T5964] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 106.525671][ T5965] EXT4-fs (loop0): Cannot turn on quotas: error -22 [ 106.573804][ T5965] EXT4-fs error (device loop0): ext4_ext_check_inode:523: inode #13: comm syz.0.1: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0) [ 106.765708][ T5965] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.1: couldn't read orphan inode 13 (err -117) [ 106.845381][ T5826] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 106.860676][ T5965] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 107.056766][ T5977] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 107.072133][ T5965] EXT4-fs (loop0): warning: mounting fs with errors, running e2fsck is recommended [ 107.088256][ T5824] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 107.172889][ T5965] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c018, mo2=0002] [ 107.225774][ T5965] EXT4-fs warning (device loop0): read_mmp_block:111: Error -117 while reading MMP block 8 [ 107.242572][ T5979] Illegal XDP return value 68 on prog (id 7) dev N/A, expect packet loss! [ 107.538577][ T5821] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 107.629970][ T5985] netlink: 8 bytes leftover after parsing attributes in process `syz.4.16'. [ 107.682747][ T5985] netlink: 8 bytes leftover after parsing attributes in process `syz.4.16'. [ 107.884349][ T5987] loop2: detected capacity change from 0 to 2048 [ 107.911515][ T5990] netlink: 4 bytes leftover after parsing attributes in process `syz.0.17'. [ 107.915643][ T5987] EXT4-fs: Ignoring removed mblk_io_submit option [ 107.924461][ T5989] netlink: 28 bytes leftover after parsing attributes in process `syz.3.13'. [ 107.985542][ T5987] EXT4-fs: Ignoring removed i_version option [ 108.046266][ T5987] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 108.079588][ T5998] syz.4.19 uses obsolete (PF_INET,SOCK_PACKET) [ 108.210939][ T5998] wg1 speed is unknown, defaulting to 1000 [ 108.263205][ T5998] wg1 speed is unknown, defaulting to 1000 [ 108.274195][ T5998] wg1 speed is unknown, defaulting to 1000 [ 108.324914][ T5998] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 108.429848][ T5998] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98 [ 108.654118][ T5998] wg1 speed is unknown, defaulting to 1000 [ 108.665974][ T5998] wg1 speed is unknown, defaulting to 1000 [ 108.695032][ T5998] wg1 speed is unknown, defaulting to 1000 [ 108.746780][ T5998] wg1 speed is unknown, defaulting to 1000 [ 108.768154][ T5998] wg1 speed is unknown, defaulting to 1000 [ 108.798279][ T5824] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 109.166666][ T6007] loop4: detected capacity change from 0 to 2048 [ 109.248329][ T6009] netlink: 20 bytes leftover after parsing attributes in process `syz.1.24'. [ 109.265535][ T6007] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 109.419635][ T6015] loop0: detected capacity change from 0 to 128 [ 109.454534][ T6015] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 109.561948][ T6015] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 109.666029][ T6018] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 109.685267][ T6018] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 109.701994][ T50] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters [ 109.718092][ T6020] netlink: 4 bytes leftover after parsing attributes in process `syz.1.27'. [ 109.729882][ T6018] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 109.758634][ T50] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 32 with error 28 [ 109.775392][ T6018] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 109.805670][ T50] EXT4-fs (loop4): This should not happen!! Data will be lost [ 109.805670][ T50] [ 109.819738][ T12] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 109.827749][ T50] EXT4-fs (loop4): Total free blocks count 0 [ 109.839583][ T50] EXT4-fs (loop4): Free/Dirty block details [ 109.846465][ T50] EXT4-fs (loop4): free_blocks=2415919504 [ 109.877228][ T50] EXT4-fs (loop4): dirty_blocks=32 [ 109.913869][ T50] EXT4-fs (loop4): Block reservation details [ 109.937062][ T50] EXT4-fs (loop4): i_reserved_data_blocks=2 [ 110.046928][ T6020] team0: Port device team_slave_1 removed [ 110.143014][ T5835] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 110.533527][ T6026] syzkaller0: entered promiscuous mode [ 110.561684][ T6026] syzkaller0: entered allmulticast mode [ 110.663650][ T6035] netlink: 20 bytes leftover after parsing attributes in process `syz.2.30'. [ 111.524000][ T6052] loop4: detected capacity change from 0 to 512 [ 111.558084][ T6052] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 111.760519][ T6052] EXT4-fs (loop4): 1 orphan inode deleted [ 111.768056][ T6057] loop1: detected capacity change from 0 to 512 [ 111.774961][ T6040] __quota_error: 49 callbacks suppressed [ 111.774981][ T6040] Quota error (device loop4): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 111.810812][ T6052] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 111.832086][ T6040] EXT4-fs error (device loop4): ext4_release_dquot:6982: comm kworker/u8:10: Failed to release dquot type 1 [ 111.923232][ T6052] ext4 filesystem being mounted at /6/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 111.976438][ T30] audit: type=1800 audit(1762605660.381:61): pid=6052 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.34" name="bus" dev="loop4" ino=16 res=0 errno=0 [ 112.151719][ T5835] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 112.249921][ T30] audit: type=1326 audit(1762605660.661:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6069 comm="syz.1.42" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6880b8f6c9 code=0x7ffc0000 [ 112.300826][ T30] audit: type=1326 audit(1762605660.661:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6069 comm="syz.1.42" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6880b8f6c9 code=0x7ffc0000 [ 112.327867][ T30] audit: type=1326 audit(1762605660.661:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6069 comm="syz.1.42" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6880b8f6c9 code=0x7ffc0000 [ 112.387429][ T30] audit: type=1326 audit(1762605660.661:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6069 comm="syz.1.42" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6880b8f6c9 code=0x7ffc0000 [ 112.438364][ T30] audit: type=1326 audit(1762605660.691:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6069 comm="syz.1.42" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6880b8f6c9 code=0x7ffc0000 [ 112.509483][ T30] audit: type=1326 audit(1762605660.691:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6069 comm="syz.1.42" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6880b8f6c9 code=0x7ffc0000 [ 112.581851][ T6089] loop4: detected capacity change from 0 to 256 [ 112.586196][ T30] audit: type=1326 audit(1762605660.691:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6069 comm="syz.1.42" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6880b8f6c9 code=0x7ffc0000 [ 112.619448][ T6089] vfat: Unknown parameter '00000000000000000000000' [ 112.643785][ T30] audit: type=1326 audit(1762605660.691:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6069 comm="syz.1.42" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6880b8f6c9 code=0x7ffc0000 [ 114.011862][ T6113] netlink: 4 bytes leftover after parsing attributes in process `syz.4.55'. [ 114.078551][ T6113] team0: Port device team_slave_1 removed [ 117.398309][ T6158] netlink: 4 bytes leftover after parsing attributes in process `syz.2.74'. [ 117.495256][ T6158] team0: Port device team_slave_1 removed [ 117.778078][ T6171] loop0: detected capacity change from 0 to 512 [ 117.865122][ T6171] EXT4-fs (loop0): 1 orphan inode deleted [ 117.876364][ T6171] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 117.914211][ T36] __quota_error: 200 callbacks suppressed [ 117.914256][ T36] Quota error (device loop0): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 118.146939][ T6171] ext4 filesystem being mounted at /15/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 118.245188][ T36] EXT4-fs error (device loop0): ext4_release_dquot:6982: comm kworker/u8:2: Failed to release dquot type 1 [ 118.810971][ T5821] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 119.176611][ T6194] loop3: detected capacity change from 0 to 128 [ 119.223843][ T6194] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 119.255607][ T6194] ext4 filesystem being mounted at /16/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 119.303066][ T30] audit: type=1800 audit(1762605667.721:270): pid=6194 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.88" name="bus" dev="loop3" ino=12 res=0 errno=0 [ 119.452136][ T5826] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 119.748109][ T6210] Zero length message leads to an empty skb [ 121.228734][ T6259] netlink: 24 bytes leftover after parsing attributes in process `syz.2.119'. [ 121.256243][ T6259] netlink: 'syz.2.119': attribute type 1 has an invalid length. [ 121.288348][ T6259] netlink: 'syz.2.119': attribute type 2 has an invalid length. [ 121.299046][ T6259] netlink: 16 bytes leftover after parsing attributes in process `syz.2.119'. [ 121.378525][ T30] audit: type=1326 audit(1762605669.791:271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6262 comm="syz.4.118" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6b378f6c9 code=0x7ffc0000 [ 121.462880][ T30] audit: type=1326 audit(1762605669.791:272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6262 comm="syz.4.118" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6b378f6c9 code=0x7ffc0000 [ 121.503850][ T30] audit: type=1326 audit(1762605669.791:273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6262 comm="syz.4.118" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6b378f6c9 code=0x7ffc0000 [ 121.533518][ T30] audit: type=1326 audit(1762605669.791:274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6262 comm="syz.4.118" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd6b378f6c9 code=0x7ffc0000 [ 121.565414][ T30] audit: type=1326 audit(1762605669.791:275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6262 comm="syz.4.118" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6b378f6c9 code=0x7ffc0000 [ 121.593945][ T30] audit: type=1326 audit(1762605669.831:276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6262 comm="syz.4.118" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6b378f6c9 code=0x7ffc0000 [ 121.623524][ T30] audit: type=1326 audit(1762605669.831:277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6262 comm="syz.4.118" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6b378f6c9 code=0x7ffc0000 [ 121.646361][ T30] audit: type=1326 audit(1762605669.831:278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6262 comm="syz.4.118" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6b378f6c9 code=0x7ffc0000 [ 122.095789][ T6285] loop2: detected capacity change from 0 to 256 [ 122.123991][ T6285] vfat: Unknown parameter '00000000000000000000000' [ 122.340151][ T6295] netlink: 64 bytes leftover after parsing attributes in process `syz.4.134'. [ 122.509276][ T6301] netlink: 28 bytes leftover after parsing attributes in process `syz.0.137'. [ 122.529687][ T6301] netlink: 28 bytes leftover after parsing attributes in process `syz.0.137'. [ 122.545565][ T6301] netlink: 48 bytes leftover after parsing attributes in process `syz.0.137'. [ 122.613938][ T6303] netlink: 8 bytes leftover after parsing attributes in process `syz.3.136'. [ 122.638827][ T6304] pimreg: entered allmulticast mode [ 122.650486][ T6303] netlink: 8 bytes leftover after parsing attributes in process `syz.3.136'. [ 122.679381][ T6309] pimreg: left allmulticast mode [ 122.759631][ T6301] loop0: detected capacity change from 0 to 2048 [ 123.265363][ T30] kauditd_printk_skb: 497 callbacks suppressed [ 123.265384][ T30] audit: type=1326 audit(1762605671.681:776): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6321 comm="syz.2.144" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f495a18f6c9 code=0x7ffc0000 [ 123.344356][ T30] audit: type=1326 audit(1762605671.721:777): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6321 comm="syz.2.144" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f495a18f6c9 code=0x7ffc0000 [ 123.377956][ T30] audit: type=1326 audit(1762605671.721:778): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6321 comm="syz.2.144" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f495a18f6c9 code=0x7ffc0000 [ 123.431134][ T30] audit: type=1326 audit(1762605671.721:779): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6321 comm="syz.2.144" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f495a18f6c9 code=0x7ffc0000 [ 123.460358][ T30] audit: type=1326 audit(1762605671.731:780): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6321 comm="syz.2.144" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f495a18f6c9 code=0x7ffc0000 [ 123.510262][ T30] audit: type=1326 audit(1762605671.731:781): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6321 comm="syz.2.144" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f495a18f6c9 code=0x7ffc0000 [ 123.626612][ T30] audit: type=1326 audit(1762605671.731:782): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6321 comm="syz.2.144" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f495a18f6c9 code=0x7ffc0000 [ 123.733464][ T30] audit: type=1326 audit(1762605671.731:783): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6321 comm="syz.2.144" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f495a18f6c9 code=0x7ffc0000 [ 123.794406][ T30] audit: type=1326 audit(1762605671.731:784): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6321 comm="syz.2.144" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f495a18f6c9 code=0x7ffc0000 [ 123.859208][ T30] audit: type=1326 audit(1762605671.731:785): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6321 comm="syz.2.144" exe="/root/syz-executor" sig=0 arch=c000003e syscall=248 compat=0 ip=0x7f495a18f6c9 code=0x7ffc0000 [ 124.053761][ T6343] loop0: detected capacity change from 0 to 512 [ 124.123008][ T6343] EXT4-fs (loop0): 1 orphan inode deleted [ 124.142004][ T6347] loop3: detected capacity change from 0 to 4096 [ 124.151874][ T6040] EXT4-fs error (device loop0): ext4_release_dquot:6982: comm kworker/u8:10: Failed to release dquot type 1 [ 124.158674][ T6343] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 124.178408][ T6343] ext4 filesystem being mounted at /31/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 124.190809][ T6347] EXT4-fs (loop3): Test dummy encryption mode enabled [ 124.198231][ T6347] EXT4-fs (loop3): unsupported descriptor size 255 [ 125.070540][ T5821] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 125.590602][ T6368] loop1: detected capacity change from 0 to 8192 [ 125.784515][ T6387] loop4: detected capacity change from 0 to 128 [ 125.851980][ T6387] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 125.872572][ T6387] ext4 filesystem being mounted at /38/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 126.008952][ T5835] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 126.160040][ T6397] loop0: detected capacity change from 0 to 128 [ 126.338328][ T6397] FAT-fs (loop0): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1) [ 127.165295][ T6410] loop0: detected capacity change from 0 to 256 [ 127.201050][ T6410] vfat: Unknown parameter '00000000000000000000000' [ 127.378888][ T6418] loop2: detected capacity change from 0 to 512 [ 127.458438][ T6418] EXT4-fs (loop2): too many log groups per flexible block group [ 127.662897][ T6418] EXT4-fs (loop2): failed to initialize mballoc (-12) [ 127.717078][ T6418] EXT4-fs (loop2): mount failed [ 127.883847][ T6430] netlink: 28 bytes leftover after parsing attributes in process `syz.3.187'. [ 128.163375][ T6435] loop0: detected capacity change from 0 to 128 [ 128.171167][ T6435] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 128.190084][ T6435] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 128.821014][ T6441] mmap: syz.4.189 (6441) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 129.034893][ T6436] wg1 speed is unknown, defaulting to 1000 [ 129.348845][ T6454] loop2: detected capacity change from 0 to 128 [ 129.398953][ T6453] loop4: detected capacity change from 0 to 256 [ 129.400794][ T6454] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 129.418621][ T6454] ext4 filesystem being mounted at /47/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 129.498451][ T6453] vfat: Unknown parameter '00000000000000000000000' [ 129.616762][ T30] kauditd_printk_skb: 356 callbacks suppressed [ 129.616781][ T30] audit: type=1800 audit(1762605678.031:1141): pid=6454 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.194" name="bus" dev="loop2" ino=12 res=0 errno=0 [ 129.672629][ T6459] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 129.760179][ T5824] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 129.800027][ T6461] syzkaller0: entered promiscuous mode [ 129.805777][ T6461] syzkaller0: entered allmulticast mode [ 130.206856][ T6472] netlink: 28 bytes leftover after parsing attributes in process `syz.4.203'. [ 130.752201][ T6491] ip6t_srh: unknown srh match flags 4000 [ 130.761408][ T6490] netlink: 'syz.1.210': attribute type 10 has an invalid length. [ 131.049730][ T6490] team0 (unregistering): Port device team_slave_0 removed [ 131.091719][ T6498] tap0: tun_chr_ioctl cmd 1074025675 [ 131.105298][ T6498] tap0: persist disabled [ 131.211393][ T6505] netlink: 28 bytes leftover after parsing attributes in process `syz.4.215'. [ 131.457575][ T6513] loop1: detected capacity change from 0 to 512 [ 131.509927][ T6513] EXT4-fs (loop1): mounted filesystem 00800000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 131.520395][ T6518] syz.4.221 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 131.536254][ T6513] EXT4-fs (loop1): unmounting filesystem 00800000-0000-0000-0000-000000000000. [ 131.735144][ T6524] loop1: detected capacity change from 0 to 128 [ 131.757190][ T6525] debugfs: 'ttyS3' already exists in 'caif_serial' [ 131.797329][ T6524] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 131.891506][ T6524] ext4 filesystem being mounted at /33/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 132.069796][ T6538] netlink: 28 bytes leftover after parsing attributes in process `syz.3.229'. [ 132.114855][ T5831] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 132.521067][ T6551] netlink: 48 bytes leftover after parsing attributes in process `syz.1.234'. [ 132.534833][ T6551] netlink: 8 bytes leftover after parsing attributes in process `syz.1.234'. [ 132.628190][ T6552] netlink: 8 bytes leftover after parsing attributes in process `syz.4.232'. [ 133.235056][ T6552] syz.4.232 (6552) used greatest stack depth: 16264 bytes left [ 133.686642][ T6570] loop2: detected capacity change from 0 to 128 [ 133.724143][ T6570] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 133.773892][ T6570] ext4 filesystem being mounted at /58/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 133.916870][ T30] audit: type=1326 audit(1762605682.331:1142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6581 comm="syz.4.247" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6b378f6c9 code=0x7ffc0000 [ 134.002540][ T30] audit: type=1326 audit(1762605682.331:1143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6581 comm="syz.4.247" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6b378f6c9 code=0x7ffc0000 [ 134.002674][ T5824] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 134.039122][ T30] audit: type=1326 audit(1762605682.351:1144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6581 comm="syz.4.247" exe="/root/syz-executor" sig=0 arch=c000003e syscall=292 compat=0 ip=0x7fd6b378f6c9 code=0x7ffc0000 [ 134.067888][ T30] audit: type=1326 audit(1762605682.351:1145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6581 comm="syz.4.247" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6b378f6c9 code=0x7ffc0000 [ 134.134303][ T30] audit: type=1326 audit(1762605682.351:1146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6581 comm="syz.4.247" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6b378f6c9 code=0x7ffc0000 [ 134.158449][ T30] audit: type=1326 audit(1762605682.351:1147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6581 comm="syz.4.247" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7fd6b378f6c9 code=0x7ffc0000 [ 134.184973][ T30] audit: type=1326 audit(1762605682.351:1148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6581 comm="syz.4.247" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6b378f6c9 code=0x7ffc0000 [ 134.225610][ T6590] syzkaller0: entered promiscuous mode [ 134.231258][ T6590] syzkaller0: entered allmulticast mode [ 134.293566][ T30] audit: type=1326 audit(1762605682.351:1149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6581 comm="syz.4.247" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7fd6b378f6c9 code=0x7ffc0000 [ 134.316370][ T30] audit: type=1326 audit(1762605682.351:1150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6581 comm="syz.4.247" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6b378f6c9 code=0x7ffc0000 [ 134.509557][ T6601] netlink: 8 bytes leftover after parsing attributes in process `syz.1.254'. [ 134.624147][ T30] kauditd_printk_skb: 151 callbacks suppressed [ 134.624166][ T30] audit: type=1326 audit(1762605683.041:1302): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6581 comm="syz.4.247" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fd6b3786567 code=0x7ffc0000 [ 134.658495][ T30] audit: type=1326 audit(1762605683.071:1303): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6581 comm="syz.4.247" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fd6b372b779 code=0x7ffc0000 [ 134.712882][ T30] audit: type=1326 audit(1762605683.071:1304): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6581 comm="syz.4.247" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fd6b3786567 code=0x7ffc0000 [ 134.736943][ T30] audit: type=1326 audit(1762605683.071:1305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6581 comm="syz.4.247" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fd6b372b779 code=0x7ffc0000 [ 134.793336][ T30] audit: type=1326 audit(1762605683.071:1306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6581 comm="syz.4.247" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7fd6b378f6c9 code=0x7ffc0000 [ 134.837641][ T30] audit: type=1326 audit(1762605683.111:1307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6581 comm="syz.4.247" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fd6b3786567 code=0x7ffc0000 [ 134.870251][ T30] audit: type=1326 audit(1762605683.111:1308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6581 comm="syz.4.247" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fd6b372b779 code=0x7ffc0000 [ 134.895195][ T30] audit: type=1326 audit(1762605683.111:1309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6581 comm="syz.4.247" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7fd6b378f6c9 code=0x7ffc0000 [ 134.918889][ T30] audit: type=1326 audit(1762605683.121:1310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6581 comm="syz.4.247" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fd6b3786567 code=0x7ffc0000 [ 134.943469][ T30] audit: type=1326 audit(1762605683.121:1311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6581 comm="syz.4.247" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fd6b372b779 code=0x7ffc0000 [ 135.190874][ T6614] loop4: detected capacity change from 0 to 128 [ 135.221859][ T6618] loop0: detected capacity change from 0 to 512 [ 135.234694][ T6619] loop2: detected capacity change from 0 to 256 [ 135.237638][ T6614] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 135.254107][ T6614] ext4 filesystem being mounted at /65/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 135.341136][ T6618] EXT4-fs (loop0): 1 orphan inode deleted [ 135.349619][ T6624] loop1: detected capacity change from 0 to 128 [ 135.358155][ T13] EXT4-fs error (device loop0): ext4_release_dquot:6982: comm kworker/u8:1: Failed to release dquot type 1 [ 135.361349][ T6618] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 135.384205][ T6618] ext4 filesystem being mounted at /42/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 135.401331][ T6624] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 135.414563][ T6624] ext4 filesystem being mounted at /44/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 135.465471][ T5835] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 135.524374][ T5831] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 135.531836][ T5821] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 135.661913][ T6634] netlink: 8 bytes leftover after parsing attributes in process `syz.1.266'. [ 136.018192][ T6652] loop2: detected capacity change from 0 to 512 [ 136.079784][ T6652] EXT4-fs (loop2): 1 orphan inode deleted [ 136.116804][ T6652] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 136.123392][ T13] EXT4-fs error (device loop2): ext4_release_dquot:6982: comm kworker/u8:1: Failed to release dquot type 1 [ 136.158314][ T6652] ext4 filesystem being mounted at /63/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 136.267507][ T6665] syzkaller1: entered promiscuous mode [ 136.282543][ T6665] syzkaller1: entered allmulticast mode [ 136.318804][ T6665] tmpfs: Bad value for 'mpol' [ 136.327691][ T5824] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 136.741966][ T6689] netlink: 8 bytes leftover after parsing attributes in process `syz.0.290'. [ 136.769157][ T6689] netlink: 8 bytes leftover after parsing attributes in process `syz.0.290'. [ 136.808715][ T6691] netlink: 20 bytes leftover after parsing attributes in process `syz.3.294'. [ 136.906742][ T6693] lo speed is unknown, defaulting to 1000 [ 136.916711][ T6693] lo speed is unknown, defaulting to 1000 [ 136.923830][ T6693] lo speed is unknown, defaulting to 1000 [ 136.991334][ T6697] netlink: 28 bytes leftover after parsing attributes in process `syz.3.296'. [ 137.019304][ T6697] netlink: 28 bytes leftover after parsing attributes in process `syz.3.296'. [ 137.051091][ T6697] netlink: 48 bytes leftover after parsing attributes in process `syz.3.296'. [ 137.198517][ T6701] wireguard0: entered promiscuous mode [ 137.228043][ T6701] wireguard0: entered allmulticast mode [ 137.416310][ T6693] infiniband sz1: set active [ 137.421345][ T6693] infiniband sz1: added lo [ 137.432480][ T5889] lo speed is unknown, defaulting to 1000 [ 137.515036][ T6693] RDS/IB: sz1: added [ 137.521036][ T6693] smc: adding ib device sz1 with port count 1 [ 137.528723][ T6693] smc: ib device sz1 port 1 has no pnetid [ 137.538934][ T795] lo speed is unknown, defaulting to 1000 [ 137.550188][ T6693] lo speed is unknown, defaulting to 1000 [ 137.695704][ T6713] loop1: detected capacity change from 0 to 128 [ 137.757480][ T6713] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 137.796829][ T6712] wg1 speed is unknown, defaulting to 1000 [ 137.815416][ T6713] ext4 filesystem being mounted at /53/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 137.875299][ T6715] netlink: 4 bytes leftover after parsing attributes in process `syz.0.299'. [ 137.935117][ T6715] bridge0: entered promiscuous mode [ 137.943765][ T6715] macsec1: entered allmulticast mode [ 137.962497][ T6715] bridge0: entered allmulticast mode [ 137.990924][ T6715] bridge0: port 3(macsec1) entered blocking state [ 138.012264][ T6719] loop3: detected capacity change from 0 to 128 [ 138.022066][ T6715] bridge0: port 3(macsec1) entered disabled state [ 138.041232][ T5831] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 138.088076][ T6715] bridge0: left allmulticast mode [ 138.099203][ T6719] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 138.102861][ T6715] bridge0: left promiscuous mode [ 138.133017][ T6719] ext4 filesystem being mounted at /56/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 138.257695][ T6723] loop1: detected capacity change from 0 to 128 [ 138.258901][ T5826] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 138.285056][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 138.291920][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 138.327150][ T6723] FAT-fs (loop1): error, clusters badly computed (2 != 0) [ 138.352785][ T6723] FAT-fs (loop1): Filesystem has been set read-only [ 138.384368][ T6712] lo speed is unknown, defaulting to 1000 [ 138.438940][ T6725] syzkaller0: entered promiscuous mode [ 138.451052][ T6725] syzkaller0: entered allmulticast mode [ 138.577821][ T6717] smc: net device bond0 applied user defined pnetid SYZ0 [ 138.594538][ T6722] smc: net device bond0 erased user defined pnetid SYZ0 [ 138.805861][ T6693] lo speed is unknown, defaulting to 1000 [ 138.811183][ T6735] netlink: 4 bytes leftover after parsing attributes in process `syz.2.307'. [ 139.206763][ T6750] netlink: 'syz.2.313': attribute type 21 has an invalid length. [ 139.237878][ T6693] lo speed is unknown, defaulting to 1000 [ 139.341934][ T6754] loop2: detected capacity change from 0 to 128 [ 139.437248][ T6752] bridge0: entered promiscuous mode [ 139.449470][ T6752] macsec1: entered allmulticast mode [ 139.463920][ T6752] bridge0: entered allmulticast mode [ 139.480705][ T6757] netlink: 'syz.2.315': attribute type 10 has an invalid length. [ 139.489805][ T6752] bridge0: port 3(macsec1) entered blocking state [ 139.510747][ T6752] bridge0: port 3(macsec1) entered disabled state [ 139.538250][ T6752] bridge0: left allmulticast mode [ 139.544740][ T6752] bridge0: left promiscuous mode [ 139.730707][ T6693] lo speed is unknown, defaulting to 1000 [ 139.740626][ T30] kauditd_printk_skb: 90 callbacks suppressed [ 139.740645][ T30] audit: type=1326 audit(1762605688.151:1400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6762 comm="syz.0.319" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f232758f6c9 code=0x7ffc0000 [ 139.813009][ T30] audit: type=1326 audit(1762605688.181:1401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6762 comm="syz.0.319" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f232758f6c9 code=0x7ffc0000 [ 139.856038][ T30] audit: type=1326 audit(1762605688.191:1402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6762 comm="syz.0.319" exe="/root/syz-executor" sig=0 arch=c000003e syscall=292 compat=0 ip=0x7f232758f6c9 code=0x7ffc0000 [ 139.886696][ T30] audit: type=1326 audit(1762605688.191:1403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6762 comm="syz.0.319" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f232758f6c9 code=0x7ffc0000 [ 139.932642][ T30] audit: type=1326 audit(1762605688.191:1404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6762 comm="syz.0.319" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f232758f6c9 code=0x7ffc0000 [ 139.958134][ T30] audit: type=1326 audit(1762605688.191:1405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6762 comm="syz.0.319" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f232758f6c9 code=0x7ffc0000 [ 139.981357][ T30] audit: type=1326 audit(1762605688.191:1406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6762 comm="syz.0.319" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f232758f6c9 code=0x7ffc0000 [ 140.010467][ T30] audit: type=1326 audit(1762605688.191:1407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6762 comm="syz.0.319" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f232758f6c9 code=0x7ffc0000 [ 140.038302][ T30] audit: type=1326 audit(1762605688.191:1408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6762 comm="syz.0.319" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f232758f6c9 code=0x7ffc0000 [ 140.071240][ T30] audit: type=1326 audit(1762605688.191:1409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6762 comm="syz.0.319" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f232758f6c9 code=0x7ffc0000 [ 140.507306][ T6693] lo speed is unknown, defaulting to 1000 [ 140.906270][ T6807] __nla_validate_parse: 7 callbacks suppressed [ 140.906295][ T6807] netlink: 8 bytes leftover after parsing attributes in process `syz.0.337'. [ 140.962502][ T6807] netlink: 8 bytes leftover after parsing attributes in process `syz.0.337'. [ 141.603664][ T6834] syzkaller0: entered promiscuous mode [ 141.609291][ T6834] syzkaller0: entered allmulticast mode [ 141.961235][ T6858] loop0: detected capacity change from 0 to 128 [ 141.969365][ T6858] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 141.987833][ T6858] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 142.091043][ T6041] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 142.453512][ T6871] netlink: 8 bytes leftover after parsing attributes in process `syz.3.367'. [ 142.464947][ T6871] netlink: 8 bytes leftover after parsing attributes in process `syz.3.367'. [ 142.761358][ T6884] netlink: 4 bytes leftover after parsing attributes in process `syz.4.374'. [ 142.877175][ T6883] ALSA: seq fatal error: cannot create timer (-19) [ 143.126382][ T6895] loop4: detected capacity change from 0 to 128 [ 143.170525][ T6895] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 143.229510][ T6895] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 143.411493][ T13] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 143.556785][ T6907] geneve2: entered promiscuous mode [ 143.562524][ T6907] geneve2: entered allmulticast mode [ 143.696002][ T6914] netlink: 4 bytes leftover after parsing attributes in process `syz.1.386'. [ 143.718853][ T6913] pim6reg1: entered promiscuous mode [ 143.727239][ T6913] pim6reg1: entered allmulticast mode [ 143.847190][ T6919] netlink: 12 bytes leftover after parsing attributes in process `syz.1.390'. [ 144.100699][ T6930] loop1: detected capacity change from 0 to 128 [ 144.126096][ T6930] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 144.153038][ T6930] ext4 filesystem being mounted at /72/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 144.290238][ T6940] syzkaller0: entered promiscuous mode [ 144.308508][ T5831] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 144.318201][ T6940] syzkaller0: entered allmulticast mode [ 144.751461][ T30] kauditd_printk_skb: 46 callbacks suppressed [ 144.751480][ T30] audit: type=1326 audit(1762605693.161:1456): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6966 comm="syz.0.411" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f232758f6c9 code=0x7ffc0000 [ 144.827554][ T30] audit: type=1326 audit(1762605693.201:1457): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6966 comm="syz.0.411" exe="/root/syz-executor" sig=0 arch=c000003e syscall=71 compat=0 ip=0x7f232758f6c9 code=0x7ffc0000 [ 144.925076][ T30] audit: type=1326 audit(1762605693.201:1458): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6966 comm="syz.0.411" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f232758f6c9 code=0x7ffc0000 [ 145.018425][ T30] audit: type=1326 audit(1762605693.201:1459): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6966 comm="syz.0.411" exe="/root/syz-executor" sig=0 arch=c000003e syscall=312 compat=0 ip=0x7f232758f6c9 code=0x7ffc0000 [ 145.129023][ T30] audit: type=1326 audit(1762605693.201:1460): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6966 comm="syz.0.411" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f232758f6c9 code=0x7ffc0000 [ 145.184594][ T30] audit: type=1326 audit(1762605693.411:1461): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6970 comm="syz.0.412" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f232758f6c9 code=0x7ffc0000 [ 145.207733][ T30] audit: type=1326 audit(1762605693.411:1462): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6970 comm="syz.0.412" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f232758f6c9 code=0x7ffc0000 [ 145.232086][ T30] audit: type=1326 audit(1762605693.411:1463): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6970 comm="syz.0.412" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f232758f6c9 code=0x7ffc0000 [ 145.255196][ T30] audit: type=1326 audit(1762605693.411:1464): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6970 comm="syz.0.412" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f23275915e7 code=0x7ffc0000 [ 145.284471][ T30] audit: type=1326 audit(1762605693.411:1465): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6970 comm="syz.0.412" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f232758f6c9 code=0x7ffc0000 [ 145.360827][ T6977] syzkaller0: entered promiscuous mode [ 145.367044][ T6977] syzkaller0: entered allmulticast mode [ 145.590815][ T6989] loop4: detected capacity change from 0 to 128 [ 145.618711][ T6989] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 145.639094][ T6989] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 145.730644][ T6995] loop2: detected capacity change from 0 to 512 [ 145.774520][ T6995] EXT4-fs (loop2): 1 orphan inode deleted [ 145.785116][ T13] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 145.798840][ T6999] netlink: 4 bytes leftover after parsing attributes in process `syz.1.425'. [ 145.809294][ T6043] EXT4-fs error (device loop2): ext4_release_dquot:6982: comm kworker/u8:13: Failed to release dquot type 1 [ 145.823294][ T6995] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 145.883483][ T6995] ext4 filesystem being mounted at /85/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 145.897518][ T7004] loop1: detected capacity change from 0 to 128 [ 145.933455][ T7004] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 145.966432][ T7004] ext4 filesystem being mounted at /81/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 146.025737][ T5824] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 146.156023][ T5831] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 146.273840][ T7019] netlink: 'syz.2.431': attribute type 4 has an invalid length. [ 146.719970][ T7033] loop2: detected capacity change from 0 to 128 [ 146.729671][ T7033] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 146.751479][ T7033] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 146.846996][ T6043] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 147.018191][ T7037] loop5: detected capacity change from 0 to 7 [ 147.043849][ T7039] loop0: detected capacity change from 0 to 512 [ 147.083160][ T25] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 147.092896][ T25] Buffer I/O error on dev loop5, logical block 0, async page read [ 147.104317][ T7037] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 147.116491][ T7037] Buffer I/O error on dev loop5, logical block 0, async page read [ 147.124680][ T7039] EXT4-fs (loop0): 1 orphan inode deleted [ 147.125096][ T7037] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 147.140189][ T7037] Buffer I/O error on dev loop5, logical block 0, async page read [ 147.153600][ T7037] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 147.153737][ T7039] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 147.164043][ T7037] Buffer I/O error on dev loop5, logical block 0, async page read [ 147.176806][ T6040] EXT4-fs error (device loop0): ext4_release_dquot:6982: comm kworker/u8:10: Failed to release dquot type 1 [ 147.196964][ T7037] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 147.207439][ T7043] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512 [ 147.219100][ T7039] ext4 filesystem being mounted at /86/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 147.378414][ T7037] Buffer I/O error on dev loop5, logical block 0, async page read [ 147.448099][ T7037] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 147.457645][ T7037] Buffer I/O error on dev loop5, logical block 0, async page read [ 147.465926][ T7037] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 147.475266][ T7037] Buffer I/O error on dev loop5, logical block 0, async page read [ 147.485003][ T7037] ldm_validate_partition_table(): Disk read failed. [ 147.492073][ T7037] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 147.501412][ T7037] Buffer I/O error on dev loop5, logical block 0, async page read [ 147.507291][ T5821] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 147.509658][ T7037] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 147.539812][ T7037] Buffer I/O error on dev loop5, logical block 0, async page read [ 147.548622][ T7037] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 147.559740][ T7037] Buffer I/O error on dev loop5, logical block 0, async page read [ 147.603043][ T7037] Dev loop5: unable to read RDB block 0 [ 147.609388][ T7037] loop5: unable to read partition table [ 147.622895][ T7037] loop5: partition table beyond EOD, truncated [ 147.638646][ T7037] loop_reread_partitions: partition scan of loop5 (Cj̖P=ý?}X %`ր{֐ȵ4FLQk݊) failed (rc=-5) [ 148.101170][ T7075] syzkaller0: entered promiscuous mode [ 148.120892][ T7075] syzkaller0: entered allmulticast mode [ 148.252627][ T7081] netlink: 4 bytes leftover after parsing attributes in process `syz.0.455'. [ 148.445229][ T7084] loop2: detected capacity change from 0 to 512 [ 148.493529][ T7088] loop0: detected capacity change from 0 to 1024 [ 148.508358][ T7088] ext4: Unknown parameter 'seclabel' [ 148.521869][ T7084] EXT4-fs (loop2): 1 orphan inode deleted [ 148.531130][ T7092] netlink: 'syz.1.459': attribute type 10 has an invalid length. [ 148.539571][ T7092] netlink: 40 bytes leftover after parsing attributes in process `syz.1.459'. [ 148.539664][ T6040] EXT4-fs error (device loop2): ext4_release_dquot:6982: comm kworker/u8:10: Failed to release dquot type 1 [ 148.551382][ T7084] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 148.588174][ T7084] ext4 filesystem being mounted at /92/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 148.720996][ T5824] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 149.422433][ T7126] loop1: detected capacity change from 0 to 512 [ 149.455415][ T7126] EXT4-fs: Ignoring removed nomblk_io_submit option [ 149.487855][ T7126] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 149.512209][ T7126] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended [ 149.617523][ T7126] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4193: comm syz.1.473: Allocating blocks 41-42 which overlap fs metadata [ 149.690009][ T7126] EXT4-fs (loop1): Remounting filesystem read-only [ 149.717556][ T7126] EXT4-fs (loop1): 1 truncate cleaned up [ 149.751887][ T7126] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 149.838140][ T5831] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 150.103492][ T7143] netlink: 8 bytes leftover after parsing attributes in process `syz.1.479'. [ 150.116907][ T7147] loop2: detected capacity change from 0 to 128 [ 150.166982][ T7147] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 150.196857][ T30] kauditd_printk_skb: 636 callbacks suppressed [ 150.196877][ T30] audit: type=1326 audit(1762605698.611:2095): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7151 comm="syz.3.484" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f512f78f6c9 code=0x0 [ 150.228555][ T7147] ext4 filesystem being mounted at /96/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 150.284667][ T30] audit: type=1800 audit(1762605698.701:2096): pid=7147 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.483" name="bus" dev="loop2" ino=12 res=0 errno=0 [ 150.344491][ T7156] netlink: 16 bytes leftover after parsing attributes in process `syz.3.484'. [ 150.361313][ T30] audit: type=1326 audit(1762605698.771:2097): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7153 comm="syz.4.485" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6b378f6c9 code=0x7ffc0000 [ 150.388919][ T7156] netlink: 16 bytes leftover after parsing attributes in process `syz.3.484'. [ 150.407983][ T5824] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 150.411731][ T30] audit: type=1326 audit(1762605698.771:2098): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7153 comm="syz.4.485" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6b378f6c9 code=0x7ffc0000 [ 150.440423][ T7156] netlink: 8 bytes leftover after parsing attributes in process `syz.3.484'. [ 150.470968][ T7156] netlink: 8 bytes leftover after parsing attributes in process `syz.3.484'. [ 150.488415][ T7161] netlink: 4 bytes leftover after parsing attributes in process `syz.0.489'. [ 150.499817][ T30] audit: type=1326 audit(1762605698.771:2099): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7153 comm="syz.4.485" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6b378f6c9 code=0x7ffc0000 [ 150.535164][ T30] audit: type=1326 audit(1762605698.771:2100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7153 comm="syz.4.485" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd6b378f6c9 code=0x7ffc0000 [ 150.584137][ T30] audit: type=1326 audit(1762605698.771:2101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7153 comm="syz.4.485" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6b378f6c9 code=0x7ffc0000 [ 150.607815][ T30] audit: type=1326 audit(1762605698.771:2102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7153 comm="syz.4.485" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6b378f6c9 code=0x7ffc0000 [ 150.631634][ T30] audit: type=1326 audit(1762605698.771:2103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7153 comm="syz.4.485" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6b378f6c9 code=0x7ffc0000 [ 150.659890][ T30] audit: type=1326 audit(1762605698.771:2104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7153 comm="syz.4.485" exe="/root/syz-executor" sig=0 arch=c000003e syscall=291 compat=0 ip=0x7fd6b378f6c9 code=0x7ffc0000 [ 150.971326][ T7180] tipc: Started in network mode [ 150.977132][ T7180] tipc: Node identity ac1414aa, cluster identity 4711 [ 150.987332][ T7180] tipc: Enabled bearer , priority 10 [ 151.192019][ T7188] netlink: 96 bytes leftover after parsing attributes in process `syz.0.502'. [ 151.311608][ T7190] loop3: detected capacity change from 0 to 4096 [ 151.350562][ T7190] EXT4-fs: Ignoring removed nomblk_io_submit option [ 151.381138][ T7190] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 151.420834][ T7196] loop2: detected capacity change from 0 to 8192 [ 151.486518][ T5826] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 151.573169][ T5889] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 151.612519][ T5925] usb 5-1: new low-speed USB device number 2 using dummy_hcd [ 151.635346][ T7203] syzkaller1: entered promiscuous mode [ 151.640912][ T7203] syzkaller1: entered allmulticast mode [ 151.737576][ T5889] usb 2-1: device descriptor read/64, error -71 [ 151.772530][ T5925] usb 5-1: device descriptor read/64, error -71 [ 151.818568][ T7211] netlink: 8 bytes leftover after parsing attributes in process `syz.2.513'. [ 151.845930][ T7211] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 151.995102][ T5889] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 152.029114][ T7219] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 152.036974][ T5925] usb 5-1: new low-speed USB device number 3 using dummy_hcd [ 152.114517][ T10] tipc: Node number set to 2886997162 [ 152.133213][ T5889] usb 2-1: device descriptor read/64, error -71 [ 152.192852][ T5925] usb 5-1: device descriptor read/64, error -71 [ 152.265004][ T5889] usb usb2-port1: attempt power cycle [ 152.304702][ T5925] usb usb5-port1: attempt power cycle [ 152.405557][ T7233] tmpfs: Unknown parameter 'mpo' [ 152.541999][ T7239] ksmbd: Unknown IPC event: 4, ignore. [ 152.622668][ T5889] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 152.673951][ T5889] usb 2-1: device descriptor read/8, error -71 [ 152.772915][ T5925] usb 5-1: new low-speed USB device number 4 using dummy_hcd [ 152.806431][ T5925] usb 5-1: device descriptor read/8, error -71 [ 153.082623][ T5925] usb 5-1: new low-speed USB device number 5 using dummy_hcd [ 153.164454][ T5925] usb 5-1: device descriptor read/8, error -71 [ 153.307701][ T5925] usb usb5-port1: unable to enumerate USB device [ 154.783754][ T5889] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 155.503363][ T5889] usb 2-1: device descriptor read/8, error -71 [ 155.577038][ T30] kauditd_printk_skb: 278 callbacks suppressed [ 155.577058][ T30] audit: type=1326 audit(1762605703.991:2383): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7266 comm="syz.2.537" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f495a18f6c9 code=0x7ffc0000 [ 155.584377][ T7268] __nla_validate_parse: 1 callbacks suppressed [ 155.584403][ T7268] netlink: 224 bytes leftover after parsing attributes in process `syz.4.536'. [ 155.592522][ T30] audit: type=1326 audit(1762605704.001:2384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7266 comm="syz.2.537" exe="/root/syz-executor" sig=0 arch=c000003e syscall=292 compat=0 ip=0x7f495a18f6c9 code=0x7ffc0000 [ 155.686025][ T5889] usb usb2-port1: unable to enumerate USB device [ 155.716668][ T30] audit: type=1326 audit(1762605704.001:2385): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7266 comm="syz.2.537" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f495a18f6c9 code=0x7ffc0000 [ 155.769885][ T30] audit: type=1326 audit(1762605704.001:2386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7266 comm="syz.2.537" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f495a18f6c9 code=0x7ffc0000 [ 155.834808][ T30] audit: type=1326 audit(1762605704.001:2387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7266 comm="syz.2.537" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f495a18f6c9 code=0x7ffc0000 [ 155.948747][ T30] audit: type=1326 audit(1762605704.001:2388): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7266 comm="syz.2.537" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f495a18f6c9 code=0x7ffc0000 [ 156.011900][ T30] audit: type=1326 audit(1762605704.001:2389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7266 comm="syz.2.537" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f495a18f6c9 code=0x7ffc0000 [ 156.054423][ T30] audit: type=1326 audit(1762605704.001:2390): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7266 comm="syz.2.537" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f495a18f6c9 code=0x7ffc0000 [ 156.114005][ T30] audit: type=1326 audit(1762605704.001:2391): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7266 comm="syz.2.537" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f495a18f6c9 code=0x7ffc0000 [ 156.294394][ T30] audit: type=1326 audit(1762605704.001:2392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7266 comm="syz.2.537" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f495a18f6c9 code=0x7ffc0000 [ 157.474528][ T7317] loop0: detected capacity change from 0 to 164 [ 157.485820][ T7317] ISOFS: unable to read i-node block [ 157.493767][ T7317] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet. [ 157.689744][ T7336] netlink: 8 bytes leftover after parsing attributes in process `syz.1.562'. [ 157.698893][ T7336] netlink: 8 bytes leftover after parsing attributes in process `syz.1.562'. [ 157.711034][ T7336] netlink: 8 bytes leftover after parsing attributes in process `syz.1.562'. [ 157.725951][ T7336] netlink: 8 bytes leftover after parsing attributes in process `syz.1.562'. [ 157.735430][ T7336] netlink: 8 bytes leftover after parsing attributes in process `syz.1.562'. [ 158.176313][ T7350] netlink: 4 bytes leftover after parsing attributes in process `syz.4.572'. [ 158.195068][ T7350] netlink: 4 bytes leftover after parsing attributes in process `syz.4.572'. [ 158.292302][ T7354] process 'syz.3.574' launched '/dev/fd/3' with NULL argv: empty string added [ 158.370996][ T7356] loop4: detected capacity change from 0 to 164 [ 158.400232][ T7356] ISOFS: unable to read i-node block [ 158.417042][ T7356] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet. [ 158.641123][ T7369] syz.1.581: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 158.704798][ T7371] netlink: 12 bytes leftover after parsing attributes in process `syz.2.582'. [ 158.792164][ T7374] loop3: detected capacity change from 0 to 1024 [ 158.802610][ T7369] CPU: 0 UID: 0 PID: 7369 Comm: syz.1.581 Not tainted syzkaller #0 PREEMPT(full) [ 158.802641][ T7369] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 158.802663][ T7369] Call Trace: [ 158.802672][ T7369] [ 158.802682][ T7369] dump_stack_lvl+0x189/0x250 [ 158.802734][ T7369] ? __pfx_dump_stack_lvl+0x10/0x10 [ 158.802768][ T7369] ? __pfx__printk+0x10/0x10 [ 158.802794][ T7369] ? cpuset_print_current_mems_allowed+0x1f/0x360 [ 158.802820][ T7369] ? cpuset_print_current_mems_allowed+0x1f/0x360 [ 158.802850][ T7369] ? cpuset_print_current_mems_allowed+0x2ee/0x360 [ 158.802880][ T7369] warn_alloc+0x214/0x310 [ 158.802904][ T7369] ? stack_trace_save+0x9c/0xe0 [ 158.802931][ T7369] ? __pfx_warn_alloc+0x10/0x10 [ 158.802962][ T7369] ? kasan_save_track+0x4f/0x80 [ 158.802980][ T7369] ? kasan_save_track+0x3e/0x80 [ 158.802999][ T7369] ? __kasan_kmalloc+0x93/0xb0 [ 158.803019][ T7369] ? __kmalloc_cache_noprof+0x3e2/0x700 [ 158.803038][ T7369] ? xskq_create+0x56/0x170 [ 158.803068][ T7369] ? xsk_setsockopt+0x4dc/0x8d0 [ 158.803090][ T7369] ? do_sock_setsockopt+0x17c/0x1b0 [ 158.803115][ T7369] ? __x64_sys_setsockopt+0x13f/0x1b0 [ 158.803142][ T7369] ? do_syscall_64+0xfa/0xfa0 [ 158.803176][ T7369] __vmalloc_node_range_noprof+0x134/0x1640 [ 158.803236][ T7369] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 158.803275][ T7369] ? __kasan_kmalloc+0x93/0xb0 [ 158.803305][ T7369] vmalloc_user_noprof+0xad/0xf0 [ 158.803327][ T7369] ? xskq_create+0xbf/0x170 [ 158.803355][ T7369] xskq_create+0xbf/0x170 [ 158.803386][ T7369] xsk_init_queue+0xb0/0x110 [ 158.803416][ T7369] xsk_setsockopt+0x4dc/0x8d0 [ 158.803445][ T7369] ? __pfx_xsk_setsockopt+0x10/0x10 [ 158.803473][ T7369] ? __pfx_aa_sk_perm+0x10/0x10 [ 158.803507][ T7369] ? aa_sock_opt_perm+0xff/0x1b0 [ 158.803544][ T7369] ? bpf_lsm_socket_setsockopt+0x9/0x20 [ 158.803566][ T7369] ? __pfx_xsk_setsockopt+0x10/0x10 [ 158.803593][ T7369] do_sock_setsockopt+0x17c/0x1b0 [ 158.803627][ T7369] __x64_sys_setsockopt+0x13f/0x1b0 [ 158.803662][ T7369] do_syscall_64+0xfa/0xfa0 [ 158.803693][ T7369] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 158.803715][ T7369] ? clear_bhb_loop+0x60/0xb0 [ 158.803741][ T7369] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 158.803762][ T7369] RIP: 0033:0x7f6880b8f6c9 [ 158.803787][ T7369] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 158.803805][ T7369] RSP: 002b:00007f6881a9f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 158.803829][ T7369] RAX: ffffffffffffffda RBX: 00007f6880de5fa0 RCX: 00007f6880b8f6c9 [ 158.803845][ T7369] RDX: 0000000000000006 RSI: 000000000000011b RDI: 0000000000000003 [ 158.803858][ T7369] RBP: 00007f6880c11f91 R08: 0000000000000004 R09: 0000000000000000 [ 158.803877][ T7369] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000 [ 158.803890][ T7369] R13: 00007f6880de6038 R14: 00007f6880de5fa0 R15: 00007ffe4fc0e1d8 [ 158.803933][ T7369] [ 158.811017][ T7369] Mem-Info: [ 159.069951][ T7374] EXT4-fs: inline encryption not supported [ 159.193034][ T7369] active_anon:10665 inactive_anon:0 isolated_anon:0 [ 159.193034][ T7369] active_file:3208 inactive_file:39901 isolated_file:0 [ 159.193034][ T7369] unevictable:768 dirty:134 writeback:0 [ 159.193034][ T7369] slab_reclaimable:10749 slab_unreclaimable:96527 [ 159.193034][ T7369] mapped:35051 shmem:7221 pagetables:1245 [ 159.193034][ T7369] sec_pagetables:0 bounce:0 [ 159.193034][ T7369] kernel_misc_reclaimable:0 [ 159.193034][ T7369] free:1315903 free_pcp:20567 free_cma:0 [ 159.278962][ T7379] netlink: 'syz.4.580': attribute type 4 has an invalid length. [ 159.286895][ T7379] netlink: 17 bytes leftover after parsing attributes in process `syz.4.580'. [ 159.803104][ T7374] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 159.882607][ T7369] Node 0 active_anon:42760kB inactive_anon:0kB active_file:12832kB inactive_file:159400kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:140204kB dirty:532kB writeback:0kB shmem:27348kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:12068kB pagetables:4856kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 159.976017][ T7374] EXT4-fs error (device loop3): mb_free_blocks:2017: group 0, inode 15: block 369:freeing already freed block (bit 23); block bitmap corrupt. [ 160.057024][ T7374] EXT4-fs (loop3): Remounting filesystem read-only [ 160.075539][ T7369] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:64kB pagetables:124kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 160.209735][ T7369] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 160.364619][ T7369] lowmem_reserve[]: 0 2495 2496 2496 2496 [ 160.372784][ T7369] Node 0 DMA32 free:1359508kB boost:0kB min:34232kB low:42788kB high:51344kB reserved_highatomic:0KB free_highatomic:0KB active_anon:43840kB inactive_anon:0kB active_file:12832kB inactive_file:159508kB unevictable:1536kB writepending:684kB zspages:0kB present:3129332kB managed:2555368kB mlocked:0kB bounce:0kB free_pcp:55404kB local_pcp:35876kB free_cma:0kB [ 160.541528][ T7369] lowmem_reserve[]: 0 0 1 1 1 [ 160.552678][ T7369] Node 0 Normal free:0kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:1388kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 160.723258][ T7369] lowmem_reserve[]: 0 0 0 0 0 [ 160.728075][ T7369] Node 1 Normal free:3888520kB boost:0kB min:55652kB low:69564kB high:83476kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB writepending:4kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:20808kB local_pcp:10888kB free_cma:0kB [ 160.882771][ T7369] lowmem_reserve[]: 0 0 0 0 0 [ 160.910423][ T7369] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 160.970134][ T7369] Node 0 DMA32: 933*4kB (UME) 683*8kB (UE) 572*16kB (UME) 35*32kB (UM) 63*64kB (UME) 22*128kB (UE) 23*256kB (UM) 19*512kB (UE) 11*1024kB (UM) 2*2048kB (M) 314*4096kB (M) = 1343436kB [ 161.061424][ T7369] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 161.108062][ T7369] Node 1 Normal: 172*4kB (UME) 43*8kB (UME) 40*16kB (UME) 92*32kB (UME) 22*64kB (UME) 10*128kB (UME) 5*256kB (UME) 4*512kB (UM) 3*1024kB (UME) 2*2048kB (UE) 945*4096kB (M) = 3888520kB [ 161.202839][ T7369] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 161.217410][ T7369] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 161.288447][ T7369] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 161.322458][ T7369] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 161.344469][ T7395] netlink: 12 bytes leftover after parsing attributes in process `syz.0.589'. [ 161.354023][ T7369] 47479 total pagecache pages [ 161.358751][ T7369] 0 pages in swap cache [ 161.382839][ T7369] Free swap = 124996kB [ 161.387163][ T7369] Total swap = 124996kB [ 161.391359][ T7369] 2097051 pages RAM [ 161.417078][ T7369] 0 pages HighMem/MovableOnly [ 161.421909][ T7369] 426247 pages reserved [ 161.454541][ T7369] 0 pages cma reserved [ 161.471180][ T7397] loop4: detected capacity change from 0 to 128 [ 161.518994][ T7397] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 161.552705][ T7397] ext4 filesystem being mounted at /119/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 161.622203][ T5826] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 161.752501][ T30] kauditd_printk_skb: 134 callbacks suppressed [ 161.752530][ T30] audit: type=1326 audit(1762605710.161:2527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7407 comm="syz.0.595" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f232758f6c9 code=0x7ffc0000 [ 161.831938][ T5835] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 161.849109][ T30] audit: type=1326 audit(1762605710.161:2528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7407 comm="syz.0.595" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f232758f6c9 code=0x7ffc0000 [ 161.898329][ T30] audit: type=1326 audit(1762605710.161:2529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7407 comm="syz.0.595" exe="/root/syz-executor" sig=0 arch=c000003e syscall=292 compat=0 ip=0x7f232758f6c9 code=0x7ffc0000 [ 161.968424][ T30] audit: type=1326 audit(1762605710.161:2530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7407 comm="syz.0.595" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f232758f6c9 code=0x7ffc0000 [ 161.992522][ T7416] loop2: detected capacity change from 0 to 512 [ 162.020917][ T7420] netlink: 28 bytes leftover after parsing attributes in process `syz.4.599'. [ 162.026653][ T7416] EXT4-fs (loop2): 1 orphan inode deleted [ 162.030644][ T30] audit: type=1326 audit(1762605710.161:2531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7407 comm="syz.0.595" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f232758f6c9 code=0x7ffc0000 [ 162.060618][ T6043] Quota error (device loop2): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 162.084298][ T7416] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 162.090306][ T30] audit: type=1326 audit(1762605710.161:2532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7407 comm="syz.0.595" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f232758f6c9 code=0x7ffc0000 [ 162.123553][ T30] audit: type=1326 audit(1762605710.161:2533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7407 comm="syz.0.595" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f232758f6c9 code=0x7ffc0000 [ 162.132686][ T6043] EXT4-fs error (device loop2): ext4_release_dquot:6982: comm kworker/u8:13: Failed to release dquot type 1 [ 162.146719][ T30] audit: type=1326 audit(1762605710.161:2534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7407 comm="syz.0.595" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f232758f6c9 code=0x7ffc0000 [ 162.175918][ T7416] ext4 filesystem being mounted at /125/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 162.180362][ T30] audit: type=1326 audit(1762605710.161:2535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7407 comm="syz.0.595" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f232758f6c9 code=0x7ffc0000 [ 162.226872][ T7422] netlink: 14 bytes leftover after parsing attributes in process `syz.3.601'. [ 162.358965][ T5824] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 162.568644][ T7435] netlink: 8 bytes leftover after parsing attributes in process `syz.0.607'. [ 162.595450][ T7422] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 162.600284][ T7434] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+ [ 162.621784][ T7422] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 162.626668][ T7437] loop1: detected capacity change from 0 to 512 [ 162.642861][ T7422] bond0 (unregistering): Released all slaves [ 162.699274][ T7437] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 162.794281][ T7437] EXT4-fs (loop1): 1 truncate cleaned up [ 162.806171][ T7437] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 162.864298][ T7445] loop3: detected capacity change from 0 to 128 [ 162.897868][ T7445] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 162.924006][ T7445] ext4 filesystem being mounted at /121/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 163.008630][ T5826] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 163.189876][ T7461] netlink: 8 bytes leftover after parsing attributes in process `syz.3.613'. [ 163.207304][ T7462] syzkaller0: entered promiscuous mode [ 163.216060][ T7462] syzkaller0: entered allmulticast mode [ 163.219835][ T7461] netlink: 8 bytes leftover after parsing attributes in process `syz.3.613'. [ 163.494239][ T5831] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 163.760803][ T7478] loop1: detected capacity change from 0 to 128 [ 163.788400][ T7478] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 163.836089][ T7478] ext4 filesystem being mounted at /110/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 164.065994][ T5831] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 164.594921][ T7514] netlink: 4 bytes leftover after parsing attributes in process `syz.0.638'. [ 164.618004][ T7514] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 164.638316][ T7515] loop4: detected capacity change from 0 to 512 [ 164.638361][ T7514] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 164.676108][ T7514] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 164.691456][ T7514] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 164.706389][ T7515] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 164.727748][ T7515] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 164.740795][ T7515] EXT4-fs (loop4): failed to initialize system zone (-117) [ 164.748469][ T7515] EXT4-fs (loop4): mount failed [ 165.065791][ T7527] netlink: 'syz.1.643': attribute type 1 has an invalid length. [ 165.189587][ T7527] wg1 speed is unknown, defaulting to 1000 [ 165.226524][ T7527] lo speed is unknown, defaulting to 1000 [ 166.399387][ T7552] netlink: 12 bytes leftover after parsing attributes in process `syz.3.652'. [ 166.411832][ T7552] netlink: 28 bytes leftover after parsing attributes in process `syz.3.652'. [ 166.431227][ T7552] netlink: 12 bytes leftover after parsing attributes in process `syz.3.652'. [ 166.442047][ T7552] netlink: 28 bytes leftover after parsing attributes in process `syz.3.652'. [ 166.451267][ T7552] netlink: 'syz.3.652': attribute type 6 has an invalid length. [ 166.951486][ T7568] netlink: 16 bytes leftover after parsing attributes in process `syz.3.658'. [ 167.017852][ T30] kauditd_printk_skb: 100 callbacks suppressed [ 167.017872][ T30] audit: type=1326 audit(1762605715.431:2636): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7569 comm="syz.2.659" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f495a18f6c9 code=0x7ffc0000 [ 167.094495][ T30] audit: type=1326 audit(1762605715.431:2637): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7569 comm="syz.2.659" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f495a18f6c9 code=0x7ffc0000 [ 167.117765][ T30] audit: type=1326 audit(1762605715.431:2638): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7569 comm="syz.2.659" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f495a18f6c9 code=0x7ffc0000 [ 167.184579][ T30] audit: type=1326 audit(1762605715.431:2639): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7569 comm="syz.2.659" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f495a18f6c9 code=0x7ffc0000 [ 167.236386][ T10] ------------[ cut here ]------------ [ 167.243504][ T10] WARNING: ./include/linux/ns_common.h:255 at destroy_super_work+0x15c/0x1a0, CPU#0: kworker/0:1/10 [ 167.255378][ T10] Modules linked in: [ 167.259581][ T10] CPU: 0 UID: 0 PID: 10 Comm: kworker/0:1 Not tainted syzkaller #0 PREEMPT(full) [ 167.268901][ T10] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 167.279117][ T10] Workqueue: events destroy_super_work [ 167.284726][ T10] RIP: 0010:destroy_super_work+0x15c/0x1a0 [ 167.290489][ T30] audit: type=1326 audit(1762605715.431:2640): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7569 comm="syz.2.659" exe="/root/syz-executor" sig=0 arch=c000003e syscall=291 compat=0 ip=0x7f495a18f6c9 code=0x7ffc0000 [ 167.290899][ T10] Code: d7 62 ff 48 81 c3 a8 fc ff ff 48 89 df e8 2c d7 62 ff 4c 89 f7 5b 41 5c 41 5d 41 5e 41 5f 5d e9 3a 6b e1 ff e8 f5 56 86 ff 90 <0f> 0b 90 e9 6d ff ff ff e8 e7 56 86 ff 4c 89 e7 be 03 00 00 00 e8 [ 167.333797][ T10] RSP: 0018:ffffc900000f7a48 EFLAGS: 00010293 [ 167.340033][ T10] RAX: ffffffff823b293b RBX: ffff8880317f2898 RCX: ffff88801cad1e80 [ 167.349185][ T10] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000000 [ 167.358253][ T10] RBP: 0000000000000004 R08: ffff88807e288193 R09: 1ffff1100fc51032 [ 167.366411][ T10] R10: dffffc0000000000 R11: ffffed100fc51033 R12: ffff88807e288190 [ 167.374515][ T10] R13: dffffc0000000000 R14: ffff8880317f2000 R15: ffff88807e288000 [ 167.382783][ T10] FS: 0000000000000000(0000) GS:ffff888125ec2000(0000) knlGS:0000000000000000 [ 167.391848][ T10] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 167.398565][ T10] CR2: 00007f512f9b12f8 CR3: 000000001d7c6000 CR4: 00000000003526f0 [ 167.406742][ T10] Call Trace: [ 167.410066][ T10] [ 167.413082][ T10] ? process_one_work+0x868/0x15d0 [ 167.418242][ T10] process_one_work+0x94a/0x15d0 [ 167.418337][ T30] audit: type=1326 audit(1762605715.431:2641): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7569 comm="syz.2.659" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f495a18f6c9 code=0x7ffc0000 [ 167.423255][ T10] ? __lock_acquire+0xab9/0xd20 [ 167.423310][ T10] ? __pfx_process_one_work+0x10/0x10 [ 167.423349][ T10] ? assign_work+0x3a1/0x410 [ 167.423383][ T10] worker_thread+0x9b0/0xee0 [ 167.423439][ T10] kthread+0x711/0x8a0 [ 167.471349][ T10] ? __pfx_worker_thread+0x10/0x10 [ 167.476577][ T10] ? __pfx_kthread+0x10/0x10 [ 167.481223][ T10] ? _raw_spin_unlock_irq+0x23/0x50 [ 167.486539][ T10] ? lockdep_hardirqs_on+0x9c/0x150 [ 167.491798][ T10] ? __pfx_kthread+0x10/0x10 [ 167.496481][ T10] ret_from_fork+0x599/0xb30 [ 167.501152][ T10] ? __pfx_ret_from_fork+0x10/0x10 [ 167.506394][ T10] ? __switch_to_asm+0x39/0x70 [ 167.511280][ T10] ? __switch_to_asm+0x33/0x70 [ 167.517878][ T10] ? __pfx_kthread+0x10/0x10 [ 167.523089][ T10] ret_from_fork_asm+0x1a/0x30 [ 167.527236][ T30] audit: type=1326 audit(1762605715.431:2642): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7569 comm="syz.2.659" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f495a18f6c9 code=0x7ffc0000 [ 167.527911][ T10] [ 167.555511][ T10] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 167.563006][ T10] CPU: 0 UID: 0 PID: 10 Comm: kworker/0:1 Not tainted syzkaller #0 PREEMPT(full) [ 167.572337][ T10] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 167.582694][ T10] Workqueue: events destroy_super_work [ 167.588262][ T10] Call Trace: [ 167.591575][ T10] [ 167.594620][ T10] dump_stack_lvl+0x99/0x250 [ 167.599268][ T10] ? __asan_memcpy+0x40/0x70 [ 167.603913][ T10] ? __pfx_dump_stack_lvl+0x10/0x10 [ 167.609689][ T10] ? __pfx__printk+0x10/0x10 [ 167.614352][ T10] vpanic+0x237/0x6d0 [ 167.618376][ T10] ? __pfx_vpanic+0x10/0x10 [ 167.623003][ T10] ? is_bpf_text_address+0x292/0x2b0 [ 167.628438][ T10] ? is_bpf_text_address+0x26/0x2b0 [ 167.633665][ T10] panic+0xb9/0xc0 [ 167.637400][ T10] ? __pfx_panic+0x10/0x10 [ 167.641923][ T10] ? ret_from_fork_asm+0x1a/0x30 [ 167.646922][ T10] __warn+0x334/0x4c0 [ 167.650923][ T10] ? destroy_super_work+0x15c/0x1a0 [ 167.656178][ T10] ? destroy_super_work+0x15c/0x1a0 [ 167.661417][ T10] report_bug+0x2be/0x4f0 [ 167.665798][ T10] ? destroy_super_work+0x15c/0x1a0 [ 167.671026][ T10] ? destroy_super_work+0x15c/0x1a0 [ 167.676333][ T10] ? destroy_super_work+0x15e/0x1a0 [ 167.681557][ T10] handle_bug+0x84/0x160 [ 167.685822][ T10] exc_invalid_op+0x1a/0x50 [ 167.690453][ T10] asm_exc_invalid_op+0x1a/0x20 [ 167.695316][ T10] RIP: 0010:destroy_super_work+0x15c/0x1a0 [ 167.701231][ T10] Code: d7 62 ff 48 81 c3 a8 fc ff ff 48 89 df e8 2c d7 62 ff 4c 89 f7 5b 41 5c 41 5d 41 5e 41 5f 5d e9 3a 6b e1 ff e8 f5 56 86 ff 90 <0f> 0b 90 e9 6d ff ff ff e8 e7 56 86 ff 4c 89 e7 be 03 00 00 00 e8 [ 167.722598][ T10] RSP: 0018:ffffc900000f7a48 EFLAGS: 00010293 [ 167.728730][ T10] RAX: ffffffff823b293b RBX: ffff8880317f2898 RCX: ffff88801cad1e80 [ 167.737170][ T10] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000000 [ 167.745161][ T10] RBP: 0000000000000004 R08: ffff88807e288193 R09: 1ffff1100fc51032 [ 167.753157][ T10] R10: dffffc0000000000 R11: ffffed100fc51033 R12: ffff88807e288190 [ 167.761281][ T10] R13: dffffc0000000000 R14: ffff8880317f2000 R15: ffff88807e288000 [ 167.769291][ T10] ? destroy_super_work+0x15b/0x1a0 [ 167.774527][ T10] ? destroy_super_work+0x15b/0x1a0 [ 167.779763][ T10] ? process_one_work+0x868/0x15d0 [ 167.784902][ T10] process_one_work+0x94a/0x15d0 [ 167.789864][ T10] ? __lock_acquire+0xab9/0xd20 [ 167.794853][ T10] ? __pfx_process_one_work+0x10/0x10 [ 167.800247][ T10] ? assign_work+0x3a1/0x410 [ 167.804859][ T10] worker_thread+0x9b0/0xee0 [ 167.809844][ T10] kthread+0x711/0x8a0 [ 167.814016][ T10] ? __pfx_worker_thread+0x10/0x10 [ 167.819443][ T10] ? __pfx_kthread+0x10/0x10 [ 167.824325][ T10] ? _raw_spin_unlock_irq+0x23/0x50 [ 167.829658][ T10] ? lockdep_hardirqs_on+0x9c/0x150 [ 167.834971][ T10] ? __pfx_kthread+0x10/0x10 [ 167.839779][ T10] ret_from_fork+0x599/0xb30 [ 167.844496][ T10] ? __pfx_ret_from_fork+0x10/0x10 [ 167.849733][ T10] ? __switch_to_asm+0x39/0x70 [ 167.854612][ T10] ? __switch_to_asm+0x33/0x70 [ 167.859566][ T10] ? __pfx_kthread+0x10/0x10 [ 167.864360][ T10] ret_from_fork_asm+0x1a/0x30 [ 167.869453][ T10] [ 167.872865][ T10] Kernel Offset: disabled [ 167.877301][ T10] Rebooting in 86400 seconds..