last executing test programs: 4.093863268s ago: executing program 3 (id=439): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000050000000000000000000024000a20000000000a1f000000000000000000010000000900010073797a300000000058000000030a0104000000000000000001000000090003803d2175fbe782c2eb2b00048008000240172af2e40800014000000003080002401c791e7108000240423930ce08000140000000030900010073797a300000000088000000060a010400000000000000000100000008000b400000000014000480100001800b0001006e756d67656e00000900010073797a30000000004c00048048000180080001"], 0x122}}, 0x8010) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=@framed={{}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r1}}]}, &(0x7f0000000200)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000480)='kfree\x00', r2}, 0x10) 3.511988332s ago: executing program 3 (id=445): timer_create(0x0, &(0x7f0000000200)={0x0, 0x21, 0x2, @tid=0xffffffffffffffff}, &(0x7f0000000300)=0x0) fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5}) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) timer_settime(r0, 0x1, &(0x7f0000000040)={{}, {0x77359400}}, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2, 0x5031, 0xffffffffffffffff, 0xc2dcc000) r1 = fsopen(&(0x7f0000000140)='sysfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0) r2 = fsmount(r1, 0x0, 0x5) fchdir(r2) r3 = open(&(0x7f00000000c0)='.\x00', 0x48800, 0x50) getdents(r3, &(0x7f0000001fc0)=""/184, 0xb8) 2.316572234s ago: executing program 0 (id=391): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000010000000800000008"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000400000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f00000005c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000540)={{r0}, &(0x7f00000004c0), &(0x7f0000000300)}, 0x20) open_tree(0xffffffffffffffff, 0x0, 0x80901) 2.275537898s ago: executing program 3 (id=449): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000f1ffff000000000000100000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0xc, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1000000e}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kfree\x00', r0, 0x0, 0x101}, 0x18) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_TID_CONFIG(r2, &(0x7f0000000680)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x28, r1, 0x10ada85e65c25359, 0xfffffffc, 0x25dfdbfd, {{0x6b}, {@val={0x8}, @val={0xc, 0x99, {0x7431, 0x4e}}}}}, 0x28}, 0x1, 0x0, 0x0, 0x8441}, 0x4000000) 2.204331614s ago: executing program 0 (id=450): r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TIOCL_GETMOUSEREPORTING(r0, 0x541c, &(0x7f0000000d00)) 2.071713257s ago: executing program 3 (id=452): bpf$BPF_BTF_LOAD(0x12, &(0x7f0000001ec0)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x38, 0x38, 0x6, [@func_proto={0x0, 0x1, 0x0, 0xd, 0x0, [{0x3, 0x3}]}, @func_proto, @array={0x0, 0x0, 0x0, 0x3, 0x0, {0x1, 0x3, 0xfffffffd}}]}, {0x0, [0x5f, 0x2e, 0x2e, 0x30]}}, &(0x7f0000001f00)=""/4096, 0x56, 0x1000, 0x3}, 0x28) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48) r0 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000180), 0x40402, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={0x0, r0, 0x0, 0xfffffffffffffffd}, 0x18) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10) syz_io_uring_setup(0x499, &(0x7f0000000f40)={0x0, 0xd144, 0x0, 0x40000000, 0x37f}, &(0x7f00000001c0), &(0x7f0000000000)) r3 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r3, 0x84, 0x64, 0x0, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x2040, 0x0) fcntl$setlease(r4, 0x400, 0x0) openat$random(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0) close(0xffffffffffffffff) prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0) r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r6}, 0x10) ioperm(0x0, 0xd, 0x4000000000000020) r7 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r7, 0x84, 0x75, &(0x7f0000000040)={0x0, 0xaf1}, 0x8) bind$inet6(r3, &(0x7f00000002c0)={0xa, 0x4e23, 0x0, @private0={0xfc, 0x0, '\x00', 0x1}, 0xfffffffc}, 0xfffffffffffffd8f) sendmmsg$inet6(r7, &(0x7f0000000200)=[{{&(0x7f00000000c0)={0xa, 0x4e23, 0x1, @loopback, 0x1}, 0x70, &(0x7f0000000580)=[{&(0x7f0000001680)='\t', 0x1}], 0x1}}], 0x1, 0x0) r8 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r8, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=@newlink={0x28, 0x10, 0x1, 0x70bd25, 0x25dfdbfa, {0x0, 0x0, 0x0, 0x0, 0x40810}, [@IFLA_GROUP={0x8}]}, 0x28}, 0x1, 0x0, 0x0, 0x4008011}, 0x4004) 2.071484137s ago: executing program 0 (id=453): bpf$MAP_CREATE(0x0, 0x0, 0x48) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x18, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000700000000000000000000850000002300000095"], &(0x7f00000001c0)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x100000}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) socket$nl_netfilter(0x10, 0x3, 0xc) bpf$MAP_CREATE(0x0, 0x0, 0x48) sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x4000c00) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000500)={0xffffffffffffffff}) setsockopt$sock_int(r1, 0x1, 0x20, &(0x7f0000001740)=0x7ffffffd, 0x4) write$binfmt_script(r1, 0x0, 0x6f4000) bpf$PROG_LOAD(0x5, 0x0, 0x0) 1.93320408s ago: executing program 0 (id=454): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x13, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020641700000000002020007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10) syz_emit_ethernet(0x42, &(0x7f0000000540)={@local, @remote, @val={@void, {0x8100, 0x0, 0x1, 0x1}}, {@ipv6={0x86dd, @generic={0xc, 0x6, '\x00', 0x8, 0x2b, 0x1, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @dev={0xfe, 0x80, '\x00', 0x3a}, {[@hopopts={0xff}]}}}}}, 0x0) 1.81667242s ago: executing program 0 (id=455): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) r1 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) writev(r0, &(0x7f0000003200)=[{&(0x7f0000000080)="2e9b5b1107e03dd65193dfb6c575963f86dd6067", 0x14}, {&(0x7f00000001c0)="b700061806005abeef4ba0d5984462732834d1", 0x13}, {&(0x7f0000000100)="37a8a6c51eeb11513a5554633d6ecf2512", 0x11}, {&(0x7f0000000500)="2383ed05a03bcd82d08ab0f0b511655f05b10533665cd136692a", 0x1a}, {&(0x7f0000002040)}, {&(0x7f0000002100)="af6f707fee3277f0db06a442", 0xc}, {&(0x7f0000002140)="ef43ac36af15701b8602306e2373dd2a2e1cac9e35b198da917017ef648a5b1782f9b7d0a4b0dd2e92a1f8514bdfa9effd3d518cf9aed780218ede3441c8f946b937387f8adb76f6ca56aea7b50b415a316b557f21d7a5d84c38fc6f14f2bd05368708e0accabaaf97c35c15c1f75ad1d7a17c8d823c4c16606aa7e94ea1918721439482f16aa61a05317882b66cbc2a", 0x90}, {&(0x7f0000002200)="8135594396a73f6893e460381311ca28efc1c658ee95c9c17af3ed67ea2d14b07b24da0af7bcc3b0b82cffd3feef52fbd33f8d3423836472a928860d53f7de2ae102b38e4f2cc17bf47e973e374f344f0e1aa7f1017232031e57c6f8cc22fc1e5cd7c7984c146e6e73c19c519bba8555ea96b7152172e26822761ddb79ca2eb6f7a754de964164a1051a583f985ad06ee23770e0431a8e130240109f565ae215b864a15a7cf9b04263083f03bdb67002845ba04355ad9554d35b42c403874bb6aea9fec67ced02a23136b83735c8cf563a274efe9b3ae003ef57abe9ada8f00fa55d4bc602abfb583828773e5658fa28fad12387a8e7c8ae5e38c9c421228a0a002a22f30794393a6a55cddcea8a8b9afafac2dbd17dcc3fed1b492d9f6a621e955ecc537bfa0e1c037f197bc62ef817a384cda7dffd228dc212bded4bfbbf6cf6ad4d6948d5ac7e95ac93ca2088058683a56377489ab08a659047ed1a77450d3261db38f699e014ad9c8a313a80f998ada03dd511e9bbd6e39eea0a6f0bb285fbc40701b8acdea068b055c6cded30161865f05fc6f6e3628262fdd4fa9fcd0d3c994c95241961997ccb8f6ad9a8ad7793a5d41bfe32d13d6fa9d7300f6d26e082728e183331b43a96e143d2b347348165c41a1a4d7f1d70c6a413e36652746e8bebc0288f0b52cf6779b3c26ba660c1b4553b7a58a3a34ca418d1673c93a98622a9a8a3a936c6fcf02631107d595a0a94dba119bd5e42e0f07596270e56e00bbcd29f9b270a793c54e0d94f63277343cb5f187cea3f5623ddfadaeb5367ab859ae0d1e30849a40cdb64a3450f8f90415e6054676e7a4d2f350269bee6afea86bcdde8f91f8703436fc6c85afee4a034cff9b9c9cdbf5b5a079a03745e4e3074bc88ab3592d4997302e272e8f9c20685c588f92a851d1f87c8efbea8bdab181218cbf33f8c8872d7e019a034232eeedb27e38a4d08561d7ff043c45b8cd6c60a4f5a3e202f6ca144ff0cfb72ea95c310773987af8a1699d7b0b3bcbd9de2fd2b29baa2b05cb120238a1fe4ab3d36c057a5fbcb03421d1e54107818091c4ebc192556afb77309e60754e31b8f1dac962de2c2edfe513f8a995832eb3597c90f09b493a21d07bf017416a9acccefdeac1a320ad03ad6080d6994ffc986f7533718a116251b27e5978f4c553930434e8fa656be6879cbd0f80344a528c5679a99906c80535bfca8b5b88402de5349724ae5807eb8ba77ecc7f05eb9f367c5610335939b4c34c3dcdc5eda2116c9a35766d4f8892f8a32b4615b85c0d0bde4b82efd3313f24100319bb5345cb9de31c2319cb77c433cda3c13d7682806bbac683c213c021b80e7e86bca1c7a75fedb866e74ab8d304f09ea4284e3e9166a7e9c1abed47e3b405c68b7028705798aabcdf81690191969a73f13a28588f3de4b0b43fcf0f191f01ca4b79b1f9fe3f2b2cac650bef971aeea454755b02b132bfc438d18a070db202f0679217a9b059f7dcb4b75cdceaef09d242fc7182a8d121e644c3805f233604628d875e247c1352d5814eb6edc907ebecb313ba71ebc75c4edd5b150ff6111b091cde82a75b5a61ec2a42e6c0d9a10ba3f88a52e1b2aedaa297d07b71f19e0c4f1281bd13808578e38a4ce95ac1736731affba59b40d69314fdd00b4c96d37d3d7c03cc02906e04d74f98d5d877b61bc4e61d1b79d1ba08e1b48ed79a07662c4de7f829e308305a04c9c0b1af6cbe9404243", 0x4d7}], 0x8) 1.186709309s ago: executing program 1 (id=458): bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x2, 0x16, &(0x7f0000000180)=ANY=[@ANYBLOB="611230000000000061134c0000000000bf2000000000000016000f003f1b48013d030100000000009500000000000000bc26000000000000bf67000000000000070600000fff07006702000003000000360600000ee600f0bf052000000000000f650000000000006507f4ff02000000070700004c0040001f75000000000000bf54000000000000070500000300f9ffad430100000000009500000000000000050000000000000095000000000000004d9bd591d568253e9988431ec068e3a83683d58719d72183f2cb7f43dd55788be820b236dcb695dbfd737cbf5fe7030586"], &(0x7f0000000100)='GPL\x00'}, 0x48) socket$nl_route(0x10, 0x3, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000010880)=@base={0x9, 0x4, 0x108, 0xc}, 0x50) r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x2, 0x7fff7ffc}]}) close_range(r1, 0xffffffffffffffff, 0x200000000000000) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)) bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r2 = syz_open_procfs(0x0, &(0x7f0000000280)='ns\x00') bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000600)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, r2}, 0x50) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="020000000400000008"], 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xd, &(0x7f0000000280)=@framed={{}, [@call={0x85, 0x0, 0x0, 0xae}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_BIND_MAP(0xa, &(0x7f0000000080)={r3, r0}, 0xc) 956.044801ms ago: executing program 1 (id=459): r0 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$IP_VS_SO_SET_ADDDEST(r0, 0x0, 0x487, &(0x7f0000000000)={{0x84, @private=0xa010102, 0x4e21, 0x3, 'sh\x00', 0x4, 0x6, 0x79}, {@broadcast, 0x4e20, 0x10001, 0xc, 0x2}}, 0x44) 906.880045ms ago: executing program 1 (id=461): r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x20000000000012, &(0x7f0000000140)={0xffffffffffffffff}, 0x106, 0xa}}, 0x20) write$RDMA_USER_CM_CMD_NOTIFY(r0, &(0x7f00000000c0)={0xf, 0x8, 0xfa00, {r2, 0xf}}, 0x10) 853.506371ms ago: executing program 2 (id=462): r0 = syz_open_procfs(0x0, &(0x7f0000001080)='fd\x00') getdents64(r0, 0xfffffffffffffffe, 0x64) 795.560496ms ago: executing program 1 (id=463): bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[], 0x48) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0}, 0x18) nanosleep(&(0x7f0000000080)={0x0, 0x3938700}, 0x0) socket$packet(0x11, 0x3, 0x300) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0}, 0x18) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000200)='kmem_cache_free\x00', r0}, 0x18) sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={0x0, 0x80}}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0), r3) getsockname$packet(r3, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000005c0)=0x56) sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000002c0)=@newlink={0x40, 0x10, 0x439, 0x0, 0x0, {0x0, 0x0, 0x0, r4, 0x49801}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @sit={{0x8}, {0x14, 0x2, 0x0, 0x1, [@IFLA_IPTUN_REMOTE={0x8, 0x3, @remote}, @IFLA_IPTUN_ENCAP_TYPE={0x6, 0xf, 0x3}]}}}]}, 0x40}}, 0x0) sendto$packet(r1, &(0x7f0000000400)="05d936277c6f5422007f83477ca1b278e3e4018a34e7bfd3de1a00ad6762646c95c716727eb53bcc", 0x28, 0x40880, &(0x7f0000000200)={0x11, 0x86dd, r4, 0x1, 0x4, 0x6, @local}, 0x14) 779.906367ms ago: executing program 2 (id=464): r0 = socket$can_j1939(0x1d, 0x2, 0x7) getsockopt$SO_J1939_ERRQUEUE(r0, 0x6b, 0x4, &(0x7f0000000200), &(0x7f0000000340)=0xfffffffffffffc23) 725.277363ms ago: executing program 2 (id=465): r0 = socket$inet6_udp(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f0000000500)={0xa, 0x4e20, 0xffffffff, @empty, 0x4}, 0x1c) connect$inet6(r0, &(0x7f00000002c0)={0xa, 0x4e24, 0x8, @remote, 0x8}, 0x1c) syz_emit_ethernet(0x2a, &(0x7f0000000080)={@multicast, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0xfffd, 0x0, 0x0, 0x11, 0x0, @multicast1, @empty=0xe0000001}, {0x0, 0x4e20, 0x8}}}}}, 0x0) 624.066652ms ago: executing program 2 (id=466): r0 = socket(0x1e, 0x4, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000140)=@req3={0x7813, 0x3, 0x1, 0x91, 0x1ff, 0x801, 0x1}, 0x1c) pipe2(&(0x7f0000000000)={0x0, 0x0}, 0x0) socket$netlink(0x10, 0x3, 0x0) r2 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'lo\x00', 0x0}) bind$packet(r2, &(0x7f00000001c0)={0x11, 0x0, r3, 0x1, 0xf, 0x6, @local}, 0x14) r4 = socket(0x1e, 0x4, 0x0) setsockopt$packet_tx_ring(r4, 0x10f, 0x87, &(0x7f0000000140)=@req3={0x7813, 0x3, 0x1, 0x81, 0x1ff, 0x801, 0x1}, 0x1c) bind$tipc(r4, 0x0, 0x0) close_range(r1, 0xffffffffffffffff, 0x0) 575.003296ms ago: executing program 2 (id=467): socketpair$tipc(0x1e, 0x5, 0x0, 0x0) r0 = socket$inet_smc(0x2b, 0x1, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) connect$inet(r0, &(0x7f0000000040)={0x2, 0x4e23, @loopback}, 0x10) 230.525019ms ago: executing program 3 (id=468): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10) setsockopt$inet6_opts(r0, 0x29, 0x39, &(0x7f0000000080)=ANY=[@ANYBLOB="3c1204"], 0x98) 112.03324ms ago: executing program 0 (id=469): mknod$loop(&(0x7f0000000180)='./file0\x00', 0x6000, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800700, &(0x7f00000007c0)={[{@dioread_nolock}, {@errors_remount}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5a}}, {@nouid32}, {@resgid}, {@acl}, {@init_itable_val={'init_itable', 0x3d, 0x3}}]}, 0x1, 0x46f, &(0x7f0000000bc0)="$eJzs281rHOUfAPDvTF7a/vqS/Gp9aa0aLUJQTJq0ag9eFAWRioIe6jEm2xK6baSJYmuxqYgnQQp6Fo+if4E3EUQ9CV49eZJC0V7aeorM7Ey62WYTazaZ2P18YLPPM/PszvebeXv2eXYD6FpD2Z8kYkdE/BoRA43q0gZDjafrV89P3rh6fjKJhYXX/kjydteunp8sm5av215UhtOI9MOk2MhSs2fPnZyo12tnivro3Km3RmfPnnvinVMTJ2onaqfHjxw5fGjs6afGn+xInlle1/a9P7N/74tvXHp58tilN3/8Oot3R7G+OY9OGcoS/3Mh17ru0U5vrGI7m8pJb4WBcFt6IiLbXX35+T8QPXFz5w3ECx9UGhywrrJ705b2q+cXgDtYElVHAFSjvNFnn3/LxwZ1PTaFK882PgBleV8vHo01vZEWbfpaPt920lBEHJv/6/PsEes0DgEA0Ozjyc+O9kfEeze+einrewwsrknjnvz5t/zvrmIOZTAi/h8RuyPirojYExF3R+Rt742I+9YYz639n/TyGt9yRVn/75libmtp/6/s/cVgT1HbmefflxyfrtcOFv+T4ejbktXHVtjGt8//8km7dc39v+yRbb/sCxZxXO5tGaCbmpibyDulHXDlYsS+3uXyTxZnApKI2BsR+27vrXeVhenHvtzfrtHq+a+gA/NMC19k6c1n+c9HS/6lpHl+cvqW+cnRrVGvHRwtj4pb/fTzR6+22/6a8u+AK7XGc9P+b20ymDTP1852dvv/8vhP+5PX83nm/mLZuxNzc2fGIvqTo3l9yfLxm68t62X77PgfPrD8+b+7eE2W//0RkR3ED0TEgxHxUBH7wxHxSEQcWCHHH55bPf9IK9r/FyOmlr3+LR7/Lfv/9gs9J7//pt32/9n+P5yXhosl+fVvFcuFk10uWgNcy/8OAAAA/ivS/DvwSTqyWE7TkZHGd/j3xP/S+szs3OPHZ94+PdX4rvxg9KXlSNdAMR5an67XxpL54h0b46PjxVhxOV56qBg3/rRnW14fmZypT1WcO3S77W3O/8zvPVVHB6yzbcsuHe/f8ECACrTOo6dLqxdeCRcDuFP5vTZ0r1XO/3Sj4gA2nvs/dK/lzv8LLXVzAXBncv+H7uX8hy6Vfld1BECF3P+hK63ld/3rWNi6OcKoprBZd0peiCgL6aaIR2GdClVfmQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADrj7wAAAP//KFzmgQ==") 111.76886ms ago: executing program 1 (id=470): r0 = syz_open_dev$usbfs(&(0x7f0000003f00), 0x1ff, 0xa401) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$USBDEVFS_SUBMITURB(r1, 0x8038550a, &(0x7f0000000140)=@urb_type_control={0x2, {0x0, 0x1}, 0x96, 0x21, &(0x7f0000000240)={0x0, 0x16, 0x0, 0xfff}, 0x8, 0x3, 0xfffffffd, 0x0, 0x2000, 0x200001, 0x0}) 111.55753ms ago: executing program 2 (id=471): r0 = socket$inet6_sctp(0xa, 0x801, 0x84) r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5, 0x0, 0x0, 0x9}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x100000}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r1}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0xffffffef, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r2}, 0x10) sendto$inet6(r0, &(0x7f0000000000)="aa", 0x1, 0x0, &(0x7f0000000100)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x6}, 0x3}, 0x1c) 108.05091ms ago: executing program 3 (id=472): r0 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000000c0)={0x0, 0xffffff7f, 0x8}, 0xc) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f00000006c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x14d, 0x14d, 0x8, [@enum={0xc, 0x2, 0x0, 0x6, 0x4, [{0x7, 0x29}, {0x2, 0xd}]}, @enum={0xa, 0x8, 0x0, 0x6, 0x4, [{0x6, 0x9}, {0x10, 0x2}, {0x5, 0x2}, {0xa, 0x8}, {0x7, 0x5}, {0x20008, 0x6}, {0x10, 0x177d}, {0x1, 0x3}]}, @func_proto={0x0, 0xa, 0x0, 0xd, 0x0, [{0x4}, {0x6, 0x2}, {0x10, 0x3}, {0xf, 0x4}, {0xe, 0x3}, {0x10, 0x2}, {0xf}, {0xb, 0x4}, {0xb, 0x3}, {0x4, 0x1}]}, @datasec={0xf, 0x3, 0x0, 0xf, 0x1, [{0x2, 0x1000, 0xd}, {0x1, 0x6, 0x8}, {0x2, 0x7, 0xfffffffc}], 'W'}, @var={0x4, 0x0, 0x0, 0xe, 0x1, 0x2}, @enum64={0x2, 0x5, 0x0, 0x13, 0x0, 0x4, [{0x9, 0x3, 0x88000000}, {0xb, 0x2, 0x401}, {0xd, 0x5424, 0x7}, {0x3, 0x7, 0xfffffffd}, {0x8, 0x8, 0xd}]}]}, {0x0, [0x5f, 0x2e, 0x61, 0x30, 0x2e, 0x2e]}}, &(0x7f0000000100)=""/207, 0x170, 0xcf, 0x0, 0x5, 0x10000, @value=r0}, 0x28) r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000002c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, r0, 0x2f6, '\x00', 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x50) r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000001040)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0}, 0x50) r3 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000480)=@o_path={&(0x7f0000000440)='./file0\x00', 0x0, 0x4008, r2}, 0x18) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'veth0_macvtap\x00'}) openat$null(0xffffffffffffff9c, &(0x7f0000000240), 0x24400, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1b, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1004}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r2}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) socket$netlink(0x10, 0x3, 0x4) ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f00000002c0)) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000280)={0xffffffffffffffff, 0x7, 0x104, 0x7ff}) sendmmsg(0xffffffffffffffff, &(0x7f00000002c0), 0x40000000000009f, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x9, 0xf, &(0x7f0000000340)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x1}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0xa, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000040)={0x2, 0x4, 0x4, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x50) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907009875f37538e486dd6317ce6203c23c00fe80000000000000875a65969ff57b00000000000000000000000000ac1414aa2c"], 0xfdef) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000b80)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x4, 0x0, 0x0, 0x40f00, 0x1e, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xc}, 0x94) r4 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r4, 0x5, 0xb68, 0x1300, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48) 0s ago: executing program 1 (id=473): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000001000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000fc0)=@raw={'raw\x00', 0x8, 0x3, 0x4e8, 0x0, 0x11, 0x148, 0x340, 0x0, 0x450, 0x2a8, 0x2a8, 0x450, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0x2f8, 0x340, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'ip_vti0\x00', {0x0, 0x0, 0x3f, 0x0, 0x88000000, 0x3, 0x7}}}, @common=@unspec=@bpf1={{0x230}, @pinned={0x1, 0x0, 0x0, './file0\x00'}}]}, @unspec=@CT0={0x48}}, {{@ip={@multicast2, @empty, 0x0, 0x0, 'vlan0\x00', 'netdevsim0\x00'}, 0x0, 0xd0, 0x110, 0x0, {}, [@inet=@rpfilter={{0x28}}, @common=@unspec=@quota={{0x38}, {0x0, 0x0, 0x81}}]}, @common=@inet=@LOG={0x40, 'LOG\x00', 0x0, {0x4f, 0x7, "72f6daeff0a9c6294e211d2d88fe6dcff5d0e552201da3b7a1fdb30dcb59"}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x548) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.65' (ED25519) to the list of known hosts. [ 63.955429][ T5756] cgroup: Unknown subsys name 'net' [ 64.093832][ T5756] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 65.466363][ T5756] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 67.812921][ T5777] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 67.821850][ T5781] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 67.839603][ T5781] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 67.847905][ T5781] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 67.855716][ T5781] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 67.864226][ T5781] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 67.866729][ T5778] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 67.879713][ T5778] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 67.884321][ T5777] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 67.888289][ T5778] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 67.896898][ T5777] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 67.908710][ T5777] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 67.909444][ T5778] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 67.915970][ T5781] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 67.923861][ T5778] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 67.944105][ T5778] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 67.944111][ T5777] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 67.944637][ T5777] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 67.951445][ T5778] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 67.972919][ T5777] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 67.981369][ T5778] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 67.988782][ T5777] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 67.996355][ T5781] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 68.006533][ T5778] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 68.306249][ T5772] chnl_net:caif_netlink_parms(): no params data found [ 68.485403][ T5768] chnl_net:caif_netlink_parms(): no params data found [ 68.523543][ T5767] chnl_net:caif_netlink_parms(): no params data found [ 68.554231][ T5772] bridge0: port 1(bridge_slave_0) entered blocking state [ 68.561770][ T5772] bridge0: port 1(bridge_slave_0) entered disabled state [ 68.569363][ T5772] bridge_slave_0: entered allmulticast mode [ 68.576210][ T5772] bridge_slave_0: entered promiscuous mode [ 68.600007][ T5772] bridge0: port 2(bridge_slave_1) entered blocking state [ 68.607127][ T5772] bridge0: port 2(bridge_slave_1) entered disabled state [ 68.614704][ T5772] bridge_slave_1: entered allmulticast mode [ 68.621605][ T5772] bridge_slave_1: entered promiscuous mode [ 68.653424][ T5766] chnl_net:caif_netlink_parms(): no params data found [ 68.703902][ T5772] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 68.721503][ T5772] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 68.789863][ T5768] bridge0: port 1(bridge_slave_0) entered blocking state [ 68.797043][ T5768] bridge0: port 1(bridge_slave_0) entered disabled state [ 68.805446][ T5768] bridge_slave_0: entered allmulticast mode [ 68.812773][ T5768] bridge_slave_0: entered promiscuous mode [ 68.834286][ T5772] team0: Port device team_slave_0 added [ 68.853796][ T5767] bridge0: port 1(bridge_slave_0) entered blocking state [ 68.861321][ T5767] bridge0: port 1(bridge_slave_0) entered disabled state [ 68.868831][ T5767] bridge_slave_0: entered allmulticast mode [ 68.875528][ T5767] bridge_slave_0: entered promiscuous mode [ 68.883352][ T5768] bridge0: port 2(bridge_slave_1) entered blocking state [ 68.890677][ T5768] bridge0: port 2(bridge_slave_1) entered disabled state [ 68.898802][ T5768] bridge_slave_1: entered allmulticast mode [ 68.905522][ T5768] bridge_slave_1: entered promiscuous mode [ 68.923494][ T5772] team0: Port device team_slave_1 added [ 68.945288][ T5767] bridge0: port 2(bridge_slave_1) entered blocking state [ 68.952523][ T5767] bridge0: port 2(bridge_slave_1) entered disabled state [ 68.959742][ T5767] bridge_slave_1: entered allmulticast mode [ 68.966404][ T5767] bridge_slave_1: entered promiscuous mode [ 69.016354][ T5768] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 69.028746][ T5768] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 69.039899][ T5772] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 69.046844][ T5772] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 69.075173][ T5772] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 69.099145][ T5767] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 69.111524][ T5767] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 69.132660][ T5772] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 69.139792][ T5772] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 69.166107][ T5772] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 69.214632][ T5768] team0: Port device team_slave_0 added [ 69.222485][ T5766] bridge0: port 1(bridge_slave_0) entered blocking state [ 69.229743][ T5766] bridge0: port 1(bridge_slave_0) entered disabled state [ 69.236895][ T5766] bridge_slave_0: entered allmulticast mode [ 69.244104][ T5766] bridge_slave_0: entered promiscuous mode [ 69.263487][ T5768] team0: Port device team_slave_1 added [ 69.288408][ T5766] bridge0: port 2(bridge_slave_1) entered blocking state [ 69.295555][ T5766] bridge0: port 2(bridge_slave_1) entered disabled state [ 69.303105][ T5766] bridge_slave_1: entered allmulticast mode [ 69.311497][ T5766] bridge_slave_1: entered promiscuous mode [ 69.320532][ T5767] team0: Port device team_slave_0 added [ 69.363113][ T5767] team0: Port device team_slave_1 added [ 69.392505][ T5768] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 69.399554][ T5768] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 69.426635][ T5768] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 69.441845][ T5772] hsr_slave_0: entered promiscuous mode [ 69.448814][ T5772] hsr_slave_1: entered promiscuous mode [ 69.465880][ T5766] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 69.476163][ T5768] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 69.483338][ T5768] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 69.510048][ T5768] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 69.527802][ T5767] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 69.534768][ T5767] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 69.561392][ T5767] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 69.574216][ T5767] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 69.581283][ T5767] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 69.607441][ T5767] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 69.620272][ T5766] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 69.694663][ T5768] hsr_slave_0: entered promiscuous mode [ 69.701346][ T5768] hsr_slave_1: entered promiscuous mode [ 69.707630][ T5768] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 69.715472][ T5768] Cannot create hsr debugfs directory [ 69.725260][ T5766] team0: Port device team_slave_0 added [ 69.774482][ T5766] team0: Port device team_slave_1 added [ 69.798913][ T5767] hsr_slave_0: entered promiscuous mode [ 69.805636][ T5767] hsr_slave_1: entered promiscuous mode [ 69.812173][ T5767] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 69.820566][ T5767] Cannot create hsr debugfs directory [ 69.879754][ T5766] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 69.886734][ T5766] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 69.913973][ T5766] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 69.954685][ T5766] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 69.961720][ T5766] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 69.988163][ T5766] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 69.998713][ T5777] Bluetooth: hci3: command tx timeout [ 70.051853][ T5778] Bluetooth: hci0: command tx timeout [ 70.052283][ T5775] Bluetooth: hci2: command tx timeout [ 70.063830][ T5777] Bluetooth: hci1: command tx timeout [ 70.124004][ T5766] hsr_slave_0: entered promiscuous mode [ 70.130555][ T5766] hsr_slave_1: entered promiscuous mode [ 70.136556][ T5766] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 70.146266][ T5766] Cannot create hsr debugfs directory [ 70.275169][ T5772] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 70.288453][ T5772] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 70.311566][ T5772] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 70.322193][ T5772] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 70.438023][ T5768] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 70.459934][ T5768] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 70.470683][ T5768] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 70.489199][ T5768] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 70.569154][ T5767] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 70.580317][ T5767] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 70.592423][ T5767] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 70.602324][ T5767] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 70.682862][ T5766] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 70.693856][ T5766] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 70.704226][ T5766] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 70.715441][ T5766] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 70.732575][ T5772] 8021q: adding VLAN 0 to HW filter on device bond0 [ 70.789846][ T5772] 8021q: adding VLAN 0 to HW filter on device team0 [ 70.821113][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 70.828471][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 70.851488][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 70.858665][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 70.954929][ T5767] 8021q: adding VLAN 0 to HW filter on device bond0 [ 70.990690][ T5767] 8021q: adding VLAN 0 to HW filter on device team0 [ 71.019546][ T5768] 8021q: adding VLAN 0 to HW filter on device bond0 [ 71.036850][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 71.044039][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 71.062069][ T5766] 8021q: adding VLAN 0 to HW filter on device bond0 [ 71.083297][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 71.090504][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 71.112489][ T5766] 8021q: adding VLAN 0 to HW filter on device team0 [ 71.122797][ T5768] 8021q: adding VLAN 0 to HW filter on device team0 [ 71.156835][ T145] bridge0: port 1(bridge_slave_0) entered blocking state [ 71.164041][ T145] bridge0: port 1(bridge_slave_0) entered forwarding state [ 71.188621][ T145] bridge0: port 1(bridge_slave_0) entered blocking state [ 71.195746][ T145] bridge0: port 1(bridge_slave_0) entered forwarding state [ 71.219385][ T59] bridge0: port 2(bridge_slave_1) entered blocking state [ 71.226512][ T59] bridge0: port 2(bridge_slave_1) entered forwarding state [ 71.283241][ T1084] bridge0: port 2(bridge_slave_1) entered blocking state [ 71.290452][ T1084] bridge0: port 2(bridge_slave_1) entered forwarding state [ 71.396946][ T5768] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 71.454404][ T5772] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 71.606437][ T5772] veth0_vlan: entered promiscuous mode [ 71.658625][ T1285] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.664511][ T5772] veth1_vlan: entered promiscuous mode [ 71.665190][ T1285] ieee802154 phy1 wpan1: encryption failed: -22 [ 71.764607][ T5772] veth0_macvtap: entered promiscuous mode [ 71.815720][ T5767] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 71.854126][ T5772] veth1_macvtap: entered promiscuous mode [ 71.889616][ T5768] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 71.908878][ T5766] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 71.938722][ T5772] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 71.958593][ T5772] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 71.984559][ T5772] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.993851][ T5772] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.004620][ T5772] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.013631][ T5772] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.043179][ T5767] veth0_vlan: entered promiscuous mode [ 72.049914][ T5777] Bluetooth: hci3: command tx timeout [ 72.102915][ T5767] veth1_vlan: entered promiscuous mode [ 72.129819][ T5777] Bluetooth: hci0: command tx timeout [ 72.136407][ T5775] Bluetooth: hci1: command tx timeout [ 72.136624][ T5778] Bluetooth: hci2: command tx timeout [ 72.156254][ T5766] veth0_vlan: entered promiscuous mode [ 72.186588][ T5768] veth0_vlan: entered promiscuous mode [ 72.230673][ T5766] veth1_vlan: entered promiscuous mode [ 72.253611][ T5768] veth1_vlan: entered promiscuous mode [ 72.278400][ T42] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 72.289508][ T42] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 72.331942][ T5767] veth0_macvtap: entered promiscuous mode [ 72.345801][ T5767] veth1_macvtap: entered promiscuous mode [ 72.356616][ T5766] veth0_macvtap: entered promiscuous mode [ 72.374817][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 72.378043][ T5768] veth0_macvtap: entered promiscuous mode [ 72.394502][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 72.401571][ T5766] veth1_macvtap: entered promiscuous mode [ 72.425428][ T5767] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 72.436726][ T5767] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 72.451661][ T5767] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 72.480783][ T5768] veth1_macvtap: entered promiscuous mode [ 72.496808][ T5767] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 72.510557][ T5767] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 72.522754][ T5767] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 72.533386][ T5766] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 72.544283][ T5766] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 72.555038][ T5766] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 72.565606][ T5766] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 72.576960][ T5766] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 72.588125][ T5766] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 72.599243][ T5766] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 72.609683][ T5766] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 72.620476][ T5766] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 72.632044][ T5766] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 72.664945][ T5767] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.674258][ T5767] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.697059][ T5767] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.706584][ T5767] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.722749][ T5766] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.734256][ T5766] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.743180][ T5766] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.752611][ T5766] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.781925][ T5859] IPv6: Can't replace route, no match found [ 72.830700][ T5768] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 72.854585][ T5768] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 72.866844][ T5768] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 72.872604][ T28] audit: type=1326 audit(1767171664.533:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5861 comm="kmem_cache_free" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f618638f749 code=0x7ffc0000 [ 72.882401][ T5768] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 72.912148][ T28] audit: type=1326 audit(1767171664.563:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5861 comm="kmem_cache_free" exe="/root/syz-executor" sig=0 arch=c000003e syscall=119 compat=0 ip=0x7f618638f749 code=0x7ffc0000 [ 72.912915][ T5768] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 72.937040][ T28] audit: type=1326 audit(1767171664.563:4): auid=4294967295 uid=0 gid=60929 ses=4294967295 subj=unconfined pid=5861 comm="kmem_cache_free" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f618638f749 code=0x7ffc0000 [ 72.971773][ T28] audit: type=1326 audit(1767171664.563:5): auid=4294967295 uid=0 gid=60929 ses=4294967295 subj=unconfined pid=5861 comm="kmem_cache_free" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7f618638f749 code=0x7ffc0000 [ 72.995554][ T5768] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 72.996231][ T28] audit: type=1326 audit(1767171664.563:6): auid=4294967295 uid=0 gid=60929 ses=4294967295 subj=unconfined pid=5861 comm="kmem_cache_free" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f618638f749 code=0x7ffc0000 [ 73.030327][ T5768] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 73.038363][ T28] audit: type=1326 audit(1767171664.563:7): auid=4294967295 uid=0 gid=60929 ses=4294967295 subj=unconfined pid=5861 comm="kmem_cache_free" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f618638f749 code=0x7ffc0000 [ 73.063489][ T28] audit: type=1326 audit(1767171664.563:8): auid=4294967295 uid=0 gid=60929 ses=4294967295 subj=unconfined pid=5861 comm="kmem_cache_free" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f618638f749 code=0x7ffc0000 [ 73.101089][ T28] audit: type=1326 audit(1767171664.563:9): auid=4294967295 uid=0 gid=60929 ses=4294967295 subj=unconfined pid=5861 comm="kmem_cache_free" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f618638f749 code=0x7ffc0000 [ 73.119811][ T5768] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 73.136936][ T5768] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 73.142682][ T28] audit: type=1326 audit(1767171664.763:10): auid=4294967295 uid=0 gid=60929 ses=4294967295 subj=unconfined pid=5861 comm="kmem_cache_free" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f618638f749 code=0x7ffc0000 [ 73.148096][ T5768] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 73.178567][ T28] audit: type=1326 audit(1767171664.763:11): auid=4294967295 uid=0 gid=60929 ses=4294967295 subj=unconfined pid=5861 comm="kmem_cache_free" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f618638f749 code=0x7ffc0000 [ 73.181794][ T5768] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 73.214893][ T5768] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 73.225936][ T5768] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 73.238421][ T5768] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 73.252149][ T5768] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.261622][ T5768] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.270474][ T5768] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.282026][ T5768] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.342583][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 73.351692][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 73.431096][ T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 73.461864][ T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 73.496147][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 73.523082][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 73.589728][ T1084] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 73.607793][ T5870] syz.3.7[5870]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set [ 73.628132][ T1084] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 73.673682][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 73.683230][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 73.709724][ T5870] loop3: detected capacity change from 0 to 2048 [ 73.801426][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 73.856540][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 73.910533][ T5870] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 73.968404][ T5870] ext4 filesystem being mounted at /3/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 74.024773][ T5772] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 74.136453][ T5778] Bluetooth: hci3: command tx timeout [ 74.172376][ T5882] syz.1.10 uses obsolete (PF_INET,SOCK_PACKET) [ 74.207726][ T5778] Bluetooth: hci0: command tx timeout [ 74.211870][ T5777] Bluetooth: hci2: command tx timeout [ 74.213260][ T5778] Bluetooth: hci1: command tx timeout [ 74.231214][ T5885] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING [ 74.260174][ T5883] loop2: detected capacity change from 0 to 512 [ 74.340975][ T5889] loop3: detected capacity change from 0 to 512 [ 74.352647][ T5889] EXT4-fs: Ignoring removed nomblk_io_submit option [ 74.383079][ T5883] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 74.428290][ T5889] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 74.441681][ T5883] ext4 filesystem being mounted at /0/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 74.483518][ T5889] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 74.548705][ T5889] EXT4-fs (loop3): 1 truncate cleaned up [ 74.571157][ T5889] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 74.726896][ T5902] Zero length message leads to an empty skb [ 74.919600][ T5905] loop0: detected capacity change from 0 to 1024 [ 74.947618][ T5905] EXT4-fs: Ignoring removed nomblk_io_submit option [ 74.989978][ T5905] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 75.082679][ T5768] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 75.095602][ T5772] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 75.133919][ T5766] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 75.187811][ T5909] loop3: detected capacity change from 0 to 128 [ 75.200188][ T5909] ======================================================= [ 75.200188][ T5909] WARNING: The mand mount option has been deprecated and [ 75.200188][ T5909] and is ignored by this kernel. Remove the mand [ 75.200188][ T5909] option from the mount to silence this warning. [ 75.200188][ T5909] ======================================================= [ 75.352605][ T5909] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 75.373456][ T5914] loop0: detected capacity change from 0 to 1024 [ 75.378130][ T5911] loop2: detected capacity change from 0 to 128 [ 75.392297][ T5914] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 75.415407][ T5914] EXT4-fs (loop0): stripe (3) is not aligned with cluster size (16), stripe is disabled [ 75.432784][ T5909] ext4 filesystem being mounted at /6/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 75.432888][ T5911] EXT4-fs: Ignoring removed nobh option [ 75.470447][ T5911] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 75.505349][ T5914] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 75.570430][ T5772] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 75.621900][ T5911] ext4 filesystem being mounted at /1/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 75.629400][ T5914] EXT4-fs error (device loop0): ext4_xattr_inode_iget:444: inode #11: comm syz.0.19: missing EA_INODE flag [ 75.809718][ T5914] EXT4-fs (loop0): Remounting filesystem read-only [ 75.816683][ T5914] EXT4-fs warning (device loop0): ext4_expand_extra_isize_ea:2872: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 75.822435][ T5768] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 75.978146][ T5930] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 76.207457][ T5778] Bluetooth: hci3: command tx timeout [ 76.287941][ T5778] Bluetooth: hci2: command tx timeout [ 76.293419][ T5778] Bluetooth: hci0: command tx timeout [ 76.300334][ T5775] Bluetooth: hci1: command tx timeout [ 76.455092][ T5766] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 76.634737][ T5944] capability: warning: `syz.3.30' uses 32-bit capabilities (legacy support in use) [ 77.477440][ T5961] mmap: syz.2.38 (5961) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 77.539186][ T5963] netlink: 'syz.3.39': attribute type 9 has an invalid length. [ 78.677153][ T5989] netlink: 4 bytes leftover after parsing attributes in process `syz.1.47'. [ 78.696336][ T5989] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 79.003394][ T5989] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 79.251801][ T5996] netlink: 272 bytes leftover after parsing attributes in process `syz.1.50'. [ 79.366034][ T6000] $Hÿß: renamed from bond0 (while UP) [ 79.400258][ T6000] $Hÿß: entered promiscuous mode [ 79.405546][ T6000] bond_slave_0: entered promiscuous mode [ 79.437530][ T6000] bond_slave_1: entered promiscuous mode [ 80.233910][ T6021] random: crng reseeded on system resumption [ 81.117229][ C0] sched: RT throttling activated [ 82.136377][ T9] cfg80211: failed to load regulatory.db [ 82.656948][ T28] kauditd_printk_skb: 17 callbacks suppressed [ 82.656962][ T28] audit: type=1326 audit(1767171674.313:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6093 comm="syz.2.62" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ac2b8f749 code=0x7ffc0000 [ 82.725825][ T6094] syz.2.62 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 82.772136][ T28] audit: type=1326 audit(1767171674.353:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6093 comm="syz.2.62" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ac2b8f749 code=0x7ffc0000 [ 82.823685][ T28] audit: type=1326 audit(1767171674.373:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6093 comm="syz.2.62" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1ac2b8f749 code=0x7ffc0000 [ 82.890223][ T6101] loop2: detected capacity change from 0 to 128 [ 82.891496][ T28] audit: type=1326 audit(1767171674.373:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6093 comm="syz.2.62" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ac2b8f749 code=0x7ffc0000 [ 82.998872][ T6101] FAT-fs (loop2): Directory bread(block 32) failed [ 83.005747][ T6101] FAT-fs (loop2): Directory bread(block 33) failed [ 83.007328][ T28] audit: type=1326 audit(1767171674.373:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6093 comm="syz.2.62" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1ac2b8f749 code=0x7ffc0000 [ 83.042667][ T6101] FAT-fs (loop2): Directory bread(block 34) failed [ 83.083997][ T28] audit: type=1326 audit(1767171674.373:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6093 comm="syz.2.62" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ac2b8f749 code=0x7ffc0000 [ 83.091243][ T6101] FAT-fs (loop2): Directory bread(block 35) failed [ 83.130505][ T28] audit: type=1326 audit(1767171674.373:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6093 comm="syz.2.62" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ac2b8f749 code=0x7ffc0000 [ 83.133804][ T6101] FAT-fs (loop2): Directory bread(block 36) failed [ 83.176475][ T28] audit: type=1326 audit(1767171674.373:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6093 comm="syz.2.62" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1ac2b8f749 code=0x7ffc0000 [ 83.200323][ T6101] FAT-fs (loop2): Directory bread(block 37) failed [ 83.208205][ T6101] FAT-fs (loop2): Directory bread(block 38) failed [ 83.214989][ T6101] FAT-fs (loop2): Directory bread(block 39) failed [ 83.222130][ T6101] FAT-fs (loop2): Directory bread(block 40) failed [ 83.226157][ T28] audit: type=1326 audit(1767171674.373:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6093 comm="syz.2.62" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ac2b8f749 code=0x7ffc0000 [ 83.238448][ T6101] FAT-fs (loop2): Directory bread(block 41) failed [ 83.258384][ T28] audit: type=1326 audit(1767171674.373:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6093 comm="syz.2.62" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ac2b8f749 code=0x7ffc0000 [ 83.505411][ T6113] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 83.642861][ T6113] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 83.768540][ T6113] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 83.777057][ T6124] loop3: detected capacity change from 0 to 512 [ 83.863480][ T6124] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 83.945050][ T6113] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 84.020537][ T6124] ext4 filesystem being mounted at /25/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 84.056935][ T6124] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1215: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters [ 84.178819][ T5772] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 84.217818][ T6113] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.292039][ T6113] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.336107][ T6113] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.429360][ T6113] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.479817][ T6143] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3) [ 84.486693][ T6143] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 84.506380][ T6143] vhci_hcd vhci_hcd.0: Device attached [ 84.550682][ T6146] vhci_hcd: connection closed [ 84.552195][ T3541] vhci_hcd: stop threads [ 84.566074][ T3541] vhci_hcd: release socket [ 84.578329][ T3541] vhci_hcd: disconnect device [ 84.624438][ T6152] netlink: 104 bytes leftover after parsing attributes in process `syz.1.84'. [ 84.849979][ T6160] syz.0.87[6160] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 84.850180][ T6160] syz.0.87[6160] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 85.000157][ T6163] pimreg: entered allmulticast mode [ 85.593489][ T6162] pimreg: left allmulticast mode [ 85.820981][ T6170] loop2: detected capacity change from 0 to 512 [ 85.850524][ T6176] netlink: 4 bytes leftover after parsing attributes in process `syz.0.92'. [ 85.894158][ T6170] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002] [ 85.929562][ T6170] EXT4-fs (loop2): orphan cleanup on readonly fs [ 85.972442][ T6170] EXT4-fs warning (device loop2): ext4_enable_quotas:7168: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix. [ 86.020173][ T6183] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported [ 86.078587][ T6170] EXT4-fs (loop2): Cannot turn on quotas: error -22 [ 86.104547][ T6170] EXT4-fs error (device loop2): ext4_ext_check_inode:520: inode #13: comm syz.2.90: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0) [ 86.140862][ T6170] EXT4-fs error (device loop2): ext4_orphan_get:1404: comm syz.2.90: couldn't read orphan inode 13 (err -117) [ 86.161454][ T6170] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 86.220431][ T6170] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 86.272562][ T6170] EXT4-fs (loop2): warning: mounting fs with errors, running e2fsck is recommended [ 86.303011][ T6170] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=2856c09c, mo2=0002] [ 86.333952][ T6170] System zones: 0-2, 18-18, 34-34 [ 86.342026][ T6170] EXT4-fs warning (device loop2): ext4_enable_quotas:7168: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix. [ 86.453725][ T5768] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 86.553392][ T6196] sg_write: data in/out 64380/1 bytes for SCSI command 0x1c-- guessing data in; [ 86.553392][ T6196] program {/}\ not setting count and/or reply_len properly [ 86.923786][ T6207] netlink: 4 bytes leftover after parsing attributes in process `+°ç@'. [ 86.951986][ T6207] netlink: 4 bytes leftover after parsing attributes in process `+°ç@'. [ 86.986826][ T6211] syz.2.107[6211] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 86.986955][ T6211] syz.2.107[6211] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 87.542533][ T6228] loop3: detected capacity change from 0 to 512 [ 87.620718][ T6228] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 87.634146][ T6228] ext4 filesystem being mounted at /35/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 87.661560][ T6228] EXT4-fs error (device loop3): ext4_do_update_inode:5244: inode #2: comm syz.3.114: corrupted inode contents [ 87.679507][ T6228] EXT4-fs error (device loop3): ext4_dirty_inode:6120: inode #2: comm syz.3.114: mark_inode_dirty error [ 87.713570][ T6228] EXT4-fs error (device loop3): ext4_do_update_inode:5244: inode #2: comm syz.3.114: corrupted inode contents [ 87.757126][ T6228] EXT4-fs error (device loop3): __ext4_ext_dirty:202: inode #2: comm syz.3.114: mark_inode_dirty error [ 87.892299][ T6234] process 'syz.0.115' launched '/dev/fd/-1/./file0' with NULL argv: empty string added [ 87.945636][ T5772] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 88.350906][ T28] kauditd_printk_skb: 72 callbacks suppressed [ 88.350917][ T28] audit: type=1326 audit(1767171680.013:111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6253 comm="syz.0.122" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff273b8f749 code=0x7ffc0000 [ 88.427486][ T28] audit: type=1326 audit(1767171680.043:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6253 comm="syz.0.122" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff273b8f749 code=0x7ffc0000 [ 88.480262][ T28] audit: type=1326 audit(1767171680.053:113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6253 comm="syz.0.122" exe="/root/syz-executor" sig=0 arch=c000003e syscall=59 compat=0 ip=0x7ff273b8f749 code=0x7ffc0000 [ 88.525001][ T6258] loop3: detected capacity change from 0 to 8192 [ 88.531767][ T28] audit: type=1326 audit(1767171680.053:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6253 comm="syz.0.122" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff273b8f749 code=0x7ffc0000 [ 88.571963][ T6258] netlink: 76 bytes leftover after parsing attributes in process `syz.3.124'. [ 88.629218][ T6262] capability: warning: `syz.0.126' uses deprecated v2 capabilities in a way that may be insecure [ 89.144550][ T6275] netlink: 56 bytes leftover after parsing attributes in process `syz.1.130'. [ 89.156034][ T6275] netlink: 24 bytes leftover after parsing attributes in process `syz.1.130'. [ 89.281737][ T6281] loop3: detected capacity change from 0 to 1024 [ 89.324473][ T6281] EXT4-fs (loop3): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 89.350793][ T6281] ext4 filesystem being mounted at /41/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 89.624599][ T28] audit: type=1326 audit(1767171681.283:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6287 comm="syz.0.137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff273b8f749 code=0x7ffc0000 [ 89.654390][ T5772] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 89.693315][ T28] audit: type=1326 audit(1767171681.283:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6287 comm="syz.0.137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff273b8f749 code=0x7ffc0000 [ 89.751319][ T28] audit: type=1326 audit(1767171681.313:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6287 comm="syz.0.137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff273b8f749 code=0x7ffc0000 [ 89.774681][ T28] audit: type=1326 audit(1767171681.313:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6287 comm="syz.0.137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff273b8f749 code=0x7ffc0000 [ 89.797043][ T28] audit: type=1326 audit(1767171681.313:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6287 comm="syz.0.137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=430 compat=0 ip=0x7ff273b8f749 code=0x7ffc0000 [ 89.820497][ T28] audit: type=1326 audit(1767171681.313:120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6287 comm="syz.0.137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff273b8f749 code=0x7ffc0000 [ 90.579287][ T6322] loop3: detected capacity change from 0 to 512 [ 90.634961][ T6322] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 90.682436][ T6322] ext4 filesystem being mounted at /47/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 90.849458][ T6332] bridge_slave_0: left allmulticast mode [ 90.855726][ T6332] bridge_slave_0: left promiscuous mode [ 90.861676][ T6332] bridge0: port 1(bridge_slave_0) entered disabled state [ 91.074973][ T5772] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 91.372652][ T6352] netlink: 16 bytes leftover after parsing attributes in process `syz.1.159'. [ 92.104886][ T6372] loop0: detected capacity change from 0 to 512 [ 92.130788][ T6372] EXT4-fs: Ignoring removed orlov option [ 92.212150][ T6372] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 92.239681][ T6379] netlink: 40 bytes leftover after parsing attributes in process `syz.3.171'. [ 92.318909][ T6372] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 92.370737][ T6372] ext4 filesystem being mounted at /31/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 92.573192][ T5766] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 92.923261][ T6401] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 93.053897][ T6408] netlink: 4 bytes leftover after parsing attributes in process `syz.1.183'. [ 93.065012][ T6408] netlink: 16 bytes leftover after parsing attributes in process `syz.1.183'. [ 93.975828][ T6434] loop0: detected capacity change from 0 to 512 [ 93.991805][ T6434] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 94.057763][ T6434] EXT4-fs (loop0): 1 truncate cleaned up [ 94.080099][ T6434] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 94.429275][ T5766] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 94.513277][ T6455] netlink: 8 bytes leftover after parsing attributes in process `syz.2.204'. [ 94.551956][ T6455] netlink: 4 bytes leftover after parsing attributes in process `syz.2.204'. [ 94.586311][ T6455] netlink: 4 bytes leftover after parsing attributes in process `syz.2.204'. [ 94.618253][ T6455] team_slave_0: entered promiscuous mode [ 94.624295][ T6455] team_slave_1: entered promiscuous mode [ 94.635000][ T6455] macvtap1: entered promiscuous mode [ 94.641473][ T6455] team0: entered promiscuous mode [ 94.647959][ T6455] macvtap1: entered allmulticast mode [ 94.654586][ T6455] team0: entered allmulticast mode [ 94.660385][ T6455] team_slave_0: entered allmulticast mode [ 94.666147][ T6455] team_slave_1: entered allmulticast mode [ 94.673818][ T6455] 8021q: adding VLAN 0 to HW filter on device macvtap1 [ 94.843390][ T28] kauditd_printk_skb: 354 callbacks suppressed [ 94.843403][ T28] audit: type=1326 audit(1767171686.503:475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6465 comm="syz.3.208" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f618638f749 code=0x7ffc0000 [ 94.904709][ T28] audit: type=1326 audit(1767171686.513:476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6465 comm="syz.3.208" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f618638f749 code=0x7ffc0000 [ 94.974599][ T28] audit: type=1326 audit(1767171686.543:477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6465 comm="syz.3.208" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f618638f749 code=0x7ffc0000 [ 95.013930][ T28] audit: type=1326 audit(1767171686.543:478): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6465 comm="syz.3.208" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f618638f749 code=0x7ffc0000 [ 95.082896][ T28] audit: type=1326 audit(1767171686.543:479): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6465 comm="syz.3.208" exe="/root/syz-executor" sig=0 arch=c000003e syscall=255 compat=0 ip=0x7f618638f749 code=0x7ffc0000 [ 95.121560][ T28] audit: type=1326 audit(1767171686.543:480): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6465 comm="syz.3.208" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f618638f749 code=0x7ffc0000 [ 95.206668][ T6481] loop3: detected capacity change from 0 to 1024 [ 95.226346][ T6481] EXT4-fs: inline encryption not supported [ 95.232733][ T28] audit: type=1326 audit(1767171686.543:481): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6465 comm="syz.3.208" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f618638f749 code=0x7ffc0000 [ 95.258914][ T6481] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 95.279809][ T28] audit: type=1326 audit(1767171686.543:482): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6465 comm="syz.3.208" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f618638f749 code=0x7ffc0000 [ 95.327026][ T28] audit: type=1326 audit(1767171686.543:483): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6465 comm="syz.3.208" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f618638f749 code=0x7ffc0000 [ 95.354022][ T28] audit: type=1326 audit(1767171686.553:484): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6465 comm="syz.3.208" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f618638f749 code=0x7ffc0000 [ 95.354957][ T6481] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 95.392016][ T6490] usb usb8: usbfs: interface 0 claimed by hub while 'syz.1.218' resets device [ 95.621935][ T6499] syz.1.222[6499] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 95.622058][ T6499] syz.1.222[6499] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 95.632897][ T6498] netlink: 8 bytes leftover after parsing attributes in process `syz.0.220'. [ 95.673123][ T5772] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 95.829431][ T6498] netlink: 4 bytes leftover after parsing attributes in process `syz.0.220'. [ 96.530845][ T6518] hub 8-0:1.0: USB hub found [ 96.540392][ T6518] hub 8-0:1.0: 1 port detected [ 97.084689][ T6515] ALSA: seq fatal error: cannot create timer (-19) [ 97.344247][ T6525] 9pnet_fd: Insufficient options for proto=fd [ 97.713712][ T6538] program syz.2.239 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 98.070698][ T6550] loop2: detected capacity change from 0 to 512 [ 98.100279][ T6550] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 98.488179][ T6569] ip6gre1: entered promiscuous mode [ 98.503725][ T6569] ip6gre1: entered allmulticast mode [ 98.584684][ T6569] syz.0.251 (6569) used greatest stack depth: 20304 bytes left [ 98.607937][ T6572] syz.2.254[6572] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 98.608059][ T6572] syz.2.254[6572] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 98.719913][ T6574] bridge0: entered promiscuous mode [ 98.740869][ T6574] bridge0: port 3(macsec1) entered blocking state [ 98.747831][ T6574] bridge0: port 3(macsec1) entered disabled state [ 98.754667][ T6574] macsec1: entered allmulticast mode [ 98.760580][ T6574] bridge0: entered allmulticast mode [ 98.768775][ T6574] macsec1: left allmulticast mode [ 98.774012][ T6574] bridge0: left allmulticast mode [ 98.782005][ T6574] bridge0: left promiscuous mode [ 99.339720][ T6589] netlink: '+}[@': attribute type 4 has an invalid length. [ 99.607972][ T6598] loop2: detected capacity change from 0 to 128 [ 99.626416][ T6598] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 99.647663][ T6598] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 99.983288][ T28] kauditd_printk_skb: 141 callbacks suppressed [ 99.983301][ T28] audit: type=1326 audit(1767171691.645:626): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6612 comm="syz.2.273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ac2b8f749 code=0x7ffc0000 [ 100.084274][ T28] audit: type=1326 audit(1767171691.675:627): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6612 comm="syz.2.273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ac2b8f749 code=0x7ffc0000 [ 100.134679][ T28] audit: type=1326 audit(1767171691.675:628): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6612 comm="syz.2.273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ac2b8f749 code=0x7ffc0000 [ 100.163944][ T28] audit: type=1326 audit(1767171691.675:629): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6612 comm="syz.2.273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ac2b8f749 code=0x7ffc0000 [ 100.196956][ T28] audit: type=1326 audit(1767171691.675:630): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6612 comm="syz.2.273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=208 compat=0 ip=0x7f1ac2b8f749 code=0x7ffc0000 [ 100.201118][ T6627] 9pnet_fd: Insufficient options for proto=fd [ 100.262511][ T28] audit: type=1326 audit(1767171691.675:631): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6612 comm="syz.2.273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ac2b8f749 code=0x7ffc0000 [ 100.298343][ T28] audit: type=1326 audit(1767171691.675:632): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6612 comm="syz.2.273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ac2b8f749 code=0x7ffc0000 [ 100.321057][ T28] audit: type=1326 audit(1767171691.675:633): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6612 comm="syz.2.273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f1ac2b8f749 code=0x7ffc0000 [ 100.363757][ T28] audit: type=1326 audit(1767171691.675:634): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6612 comm="syz.2.273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f1ac2b8f749 code=0x7ffc0000 [ 100.456973][ T28] audit: type=1326 audit(1767171692.115:635): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6638 comm="syz.3.283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f618638f749 code=0x7ffc0000 [ 100.582484][ T6644] sch_tbf: peakrate 7 is lower than or equals to rate 6829859379779001161 ! [ 100.708612][ T6650] loop2: detected capacity change from 0 to 128 [ 100.793123][ T6650] syz.2.289: attempt to access beyond end of device [ 100.793123][ T6650] loop2: rw=2049, sector=169, nr_sectors = 872 limit=128 [ 100.868024][ T6654] Falling back ldisc for ptm0. [ 101.028197][ T6660] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw' [ 101.123635][ T6664] loop3: detected capacity change from 0 to 512 [ 101.205924][ T6664] EXT4-fs error (device loop3): ext4_xattr_inode_iget:449: comm syz.3.295: error while reading EA inode 32 err=-116 [ 101.276886][ T6664] EXT4-fs (loop3): Remounting filesystem read-only [ 101.299727][ T6664] EXT4-fs warning (device loop3): ext4_evict_inode:255: couldn't mark inode dirty (err -5) [ 101.311150][ T6676] loop2: detected capacity change from 0 to 256 [ 101.312428][ T6664] EXT4-fs (loop3): 1 orphan inode deleted [ 101.324885][ T6664] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 101.405114][ T5772] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 101.452703][ T6676] syz.2.299: attempt to access beyond end of device [ 101.452703][ T6676] loop2: rw=2049, sector=256, nr_sectors = 32 limit=256 [ 101.487569][ T6676] syz.2.299: attempt to access beyond end of device [ 101.487569][ T6676] loop2: rw=2049, sector=352, nr_sectors = 8 limit=256 [ 101.595360][ T6682] 9pnet_fd: Insufficient options for proto=fd [ 101.811913][ T6701] program syz.3.305 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 101.839093][ T6701] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 101.881196][ T6701] lo speed is unknown, defaulting to 1000 [ 101.897457][ T6701] lo speed is unknown, defaulting to 1000 [ 101.921094][ T6701] lo speed is unknown, defaulting to 1000 [ 101.982786][ T6701] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 102.064250][ T6701] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98 [ 102.157653][ T6720] netlink: 36 bytes leftover after parsing attributes in process `syz.1.308'. [ 102.221206][ T6701] lo speed is unknown, defaulting to 1000 [ 102.269252][ T6701] lo speed is unknown, defaulting to 1000 [ 102.323142][ T6701] lo speed is unknown, defaulting to 1000 [ 102.333439][ T6701] lo speed is unknown, defaulting to 1000 [ 102.492952][ T6740] netlink: 4 bytes leftover after parsing attributes in process `syz.1.310'. [ 102.571018][ T6743] netlink: 48 bytes leftover after parsing attributes in process `syz.3.312'. [ 104.381149][ T6802] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING [ 104.528227][ T6802] loop2: detected capacity change from 0 to 4096 [ 104.586665][ T6802] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 104.975587][ T6824] IPv6: NLM_F_CREATE should be specified when creating new route [ 104.988035][ T28] kauditd_printk_skb: 270 callbacks suppressed [ 104.988048][ T28] audit: type=1326 audit(1767171696.655:906): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6821 comm="syz.0.345" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff273b8f749 code=0x7ffc0000 [ 104.999337][ T6824] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 105.023750][ T6824] IPv6: NLM_F_CREATE should be set when creating new route [ 105.066589][ T28] audit: type=1326 audit(1767171696.655:907): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6821 comm="syz.0.345" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff273b8f749 code=0x7ffc0000 [ 105.149358][ T5768] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 105.160513][ T28] audit: type=1326 audit(1767171696.685:908): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6821 comm="syz.0.345" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff273b8f749 code=0x7ffc0000 [ 105.250086][ T28] audit: type=1326 audit(1767171696.685:909): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6821 comm="syz.0.345" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff273b8f749 code=0x7ffc0000 [ 105.323124][ T28] audit: type=1326 audit(1767171696.685:910): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6821 comm="syz.0.345" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff273b8f749 code=0x7ffc0000 [ 105.404495][ T28] audit: type=1326 audit(1767171696.695:911): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6821 comm="syz.0.345" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff273b8f749 code=0x7ffc0000 [ 105.445867][ T6840] netlink: 'syz.3.353': attribute type 10 has an invalid length. [ 105.455140][ T28] audit: type=1326 audit(1767171696.695:912): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6821 comm="syz.0.345" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff273b8f749 code=0x7ffc0000 [ 105.491570][ T6840] syz_tun: entered promiscuous mode [ 105.530481][ T6840] bond0: (slave syz_tun): Enslaving as an active interface with an up link [ 105.557504][ T28] audit: type=1326 audit(1767171696.695:913): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6821 comm="syz.0.345" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff273b8f749 code=0x7ffc0000 [ 105.617934][ T28] audit: type=1326 audit(1767171696.695:914): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6821 comm="syz.0.345" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff273b8f749 code=0x7ffc0000 [ 105.680486][ T28] audit: type=1326 audit(1767171696.695:915): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6821 comm="syz.0.345" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff273b8f749 code=0x7ffc0000 [ 105.830937][ T6852] netlink: 4 bytes leftover after parsing attributes in process `syz.1.358'. [ 105.850198][ T6852] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 105.871564][ T6852] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 106.439620][ T6874] loop2: detected capacity change from 0 to 512 [ 106.458389][ T6875] netlink: 12 bytes leftover after parsing attributes in process `syz.3.366'. [ 106.473324][ T6874] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 106.503250][ T6874] EXT4-fs (loop2): 1 truncate cleaned up [ 106.522977][ T6874] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 106.623433][ T6849] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 106.642239][ T5768] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 106.644297][ T6849] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 106.665746][ T6849] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 106.688898][ T6849] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 106.697917][ T6849] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 106.721135][ T6849] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 106.732088][ T6849] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 106.747735][ T6849] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 106.761624][ T6849] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 106.774389][ T6849] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 106.780655][ T6849] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 106.795208][ T6849] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 107.005270][ T6895] netlink: 660 bytes leftover after parsing attributes in process `syz.1.377'. [ 107.752331][ T6912] Driver unsupported XDP return value 0 on prog (id 237) dev N/A, expect packet loss! [ 108.156402][ T6911] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 108.162826][ T6911] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 108.169159][ T6911] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 108.175275][ T6911] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 108.366288][ T6916] atomic_op ffff88807e0d0998 conn xmit_atomic 0000000000000000 [ 108.433934][ T6920] loop3: detected capacity change from 0 to 128 [ 108.441429][ T6920] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 108.461041][ T6920] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 108.635569][ T6727] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 108.647685][ T12] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 108.746630][ T6727] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 108.839640][ T6727] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 108.941140][ T6727] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 109.455139][ T6943] macvtap0: refused to change device tx_queue_len [ 109.466919][ T6949] loop3: detected capacity change from 0 to 128 [ 109.509184][ T6949] FAT-fs (loop3): Directory bread(block 414) failed [ 109.523583][ T6949] FAT-fs (loop3): Directory bread(block 415) failed [ 109.536957][ T6949] FAT-fs (loop3): Directory bread(block 416) failed [ 109.553016][ T6949] FAT-fs (loop3): Directory bread(block 417) failed [ 109.573988][ T6949] FAT-fs (loop3): Directory bread(block 418) failed [ 109.589028][ T5778] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 109.590681][ T6949] FAT-fs (loop3): Directory bread(block 419) failed [ 109.604387][ T5778] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 109.612855][ T5778] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 109.616901][ T6949] FAT-fs (loop3): Directory bread(block 420) failed [ 109.641849][ T5778] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 109.655895][ T6949] FAT-fs (loop3): Directory bread(block 421) failed [ 109.662991][ T5778] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 109.670683][ T5778] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 109.729987][ T6949] FAT-fs (loop3): Directory bread(block 414) failed [ 109.767304][ T6949] FAT-fs (loop3): Directory bread(block 415) failed [ 109.873003][ T6950] lo speed is unknown, defaulting to 1000 [ 109.887462][ T5778] Bluetooth: hci0: command 0x0c1a tx timeout [ 110.043332][ T6957] loop3: detected capacity change from 0 to 512 [ 110.072915][ T6957] EXT4-fs: Ignoring removed mblk_io_submit option [ 110.104141][ T6957] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 110.121922][ T6957] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042e018, mo2=0002] [ 110.137464][ T6957] System zones: 0-1, 15-15, 18-18, 34-34 [ 110.148225][ T6957] EXT4-fs (loop3): orphan cleanup on readonly fs [ 110.197264][ T6957] EXT4-fs error (device loop3): ext4_validate_block_bitmap:430: comm syz.3.403: bg 0: block 15: invalid block bitmap [ 110.218129][ T5778] Bluetooth: hci3: command 0x0c1a tx timeout [ 110.218274][ T5775] Bluetooth: hci2: command 0x0c1a tx timeout [ 110.254174][ T6957] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6637: Corrupt filesystem [ 110.289577][ T6957] EXT4-fs (loop3): 1 truncate cleaned up [ 110.314328][ T6957] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 110.336548][ T6970] netlink: 12 bytes leftover after parsing attributes in process `syz.2.408'. [ 110.372768][ T6972] sd 0:0:1:0: device reset [ 110.436837][ T28] kauditd_printk_skb: 110 callbacks suppressed [ 110.436852][ T28] audit: type=1326 audit(1767178923.099:1026): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6956 comm="wg1" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f618638f749 code=0x7ffc0000 [ 110.476258][ T28] audit: type=1326 audit(1767178923.099:1027): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6956 comm="wg1" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f618638f749 code=0x7ffc0000 [ 110.505623][ T6950] chnl_net:caif_netlink_parms(): no params data found [ 110.506342][ T28] audit: type=1326 audit(1767178923.099:1028): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6956 comm="wg1" exe="/root/syz-executor" sig=0 arch=c000003e syscall=284 compat=0 ip=0x7f618638f749 code=0x7ffc0000 [ 110.542335][ T5772] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 110.612951][ T28] audit: type=1326 audit(1767178923.099:1029): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6956 comm="wg1" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f618638f749 code=0x7ffc0000 [ 110.671546][ T28] audit: type=1326 audit(1767178923.099:1030): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6956 comm="wg1" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f618638f749 code=0x7ffc0000 [ 110.782829][ T28] audit: type=1326 audit(1767178923.099:1031): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6956 comm="wg1" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f618638f749 code=0x7ffc0000 [ 110.940033][ T28] audit: type=1326 audit(1767178923.099:1032): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6956 comm="wg1" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f618638f749 code=0x7ffc0000 [ 111.088282][ T28] audit: type=1326 audit(1767178923.099:1033): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6956 comm="wg1" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f618638f749 code=0x7ffc0000 [ 111.127308][ T28] audit: type=1326 audit(1767178923.099:1034): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6956 comm="wg1" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f618638f749 code=0x7ffc0000 [ 111.175983][ T28] audit: type=1326 audit(1767178923.099:1035): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6956 comm="wg1" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f618638f749 code=0x7ffc0000 [ 111.220138][ T6950] bridge0: port 1(bridge_slave_0) entered blocking state [ 111.241893][ T6950] bridge0: port 1(bridge_slave_0) entered disabled state [ 111.261528][ T6950] bridge_slave_0: entered allmulticast mode [ 111.282818][ T6950] bridge_slave_0: entered promiscuous mode [ 111.553419][ T6950] bridge0: port 2(bridge_slave_1) entered blocking state [ 111.563892][ T6950] bridge0: port 2(bridge_slave_1) entered disabled state [ 111.572787][ T6950] bridge_slave_1: entered allmulticast mode [ 111.580792][ T6950] bridge_slave_1: entered promiscuous mode [ 111.600712][ T7005] (null): rxe_set_mtu: Set mtu to 1024 [ 111.609171][ T7003] netlink: 8 bytes leftover after parsing attributes in process `'. [ 111.687897][ T6950] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 111.721865][ T6727] hsr_slave_0: left promiscuous mode [ 111.727369][ T5775] Bluetooth: hci1: command tx timeout [ 111.734265][ T6727] hsr_slave_1: left promiscuous mode [ 111.746251][ T6727] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 111.754657][ T6727] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 111.769104][ T6727] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 111.776728][ T6727] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 111.789719][ T6727] bridge_slave_1: left allmulticast mode [ 111.795472][ T6727] bridge_slave_1: left promiscuous mode [ 111.805363][ T6727] bridge0: port 2(bridge_slave_1) entered disabled state [ 111.822521][ T6727] bridge_slave_0: left allmulticast mode [ 111.829489][ T6727] bridge_slave_0: left promiscuous mode [ 111.835252][ T6727] bridge0: port 1(bridge_slave_0) entered disabled state [ 111.883574][ T6727] veth1_macvtap: left promiscuous mode [ 111.891716][ T6727] veth0_macvtap: left promiscuous mode [ 111.902220][ T6727] veth1_vlan: left promiscuous mode [ 111.908059][ T6727] veth0_vlan: left promiscuous mode [ 111.967606][ T5775] Bluetooth: hci0: command 0x0c1a tx timeout [ 112.287450][ T5775] Bluetooth: hci2: command 0x0c1a tx timeout [ 112.290341][ T5778] Bluetooth: hci3: command 0x0c1a tx timeout [ 112.424780][ T6727] team0 (unregistering): Port device team_slave_1 removed [ 112.465715][ T6727] team0 (unregistering): Port device team_slave_0 removed [ 112.510239][ T6727] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 112.554585][ T6727] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 112.929999][ T6727] bond0 (unregistering): Released all slaves [ 113.011923][ T6950] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 113.071503][ T6950] team0: Port device team_slave_0 added [ 113.100822][ T6950] team0: Port device team_slave_1 added [ 113.242676][ T6950] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 113.260176][ T6950] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 113.317452][ T6950] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 113.349172][ T6950] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 113.356255][ T6950] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 113.411156][ T6950] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 113.416791][ T7005] infiniband syz!: set active [ 113.438446][ T7005] infiniband syz!: added team_slave_0 [ 113.454221][ T7005] syz!: rxe_create_cq: returned err = -12 [ 113.460533][ T7005] infiniband syz!: Couldn't create ib_mad CQ [ 113.469451][ T7005] infiniband syz!: Couldn't open port 1 [ 113.533540][ T7005] RDS/IB: syz!: added [ 113.538525][ T7005] smc: adding ib device syz! with port count 1 [ 113.545699][ T7005] smc: ib device syz! port 1 has pnetid [ 113.578630][ T6950] hsr_slave_0: entered promiscuous mode [ 113.590894][ T6950] hsr_slave_1: entered promiscuous mode [ 113.611882][ T6950] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 113.632391][ T6950] Cannot create hsr debugfs directory [ 113.726300][ T7026] bridge0: entered promiscuous mode [ 113.808280][ T5778] Bluetooth: hci1: command tx timeout [ 114.051858][ T5778] Bluetooth: hci0: command 0x0c1a tx timeout [ 114.070024][ T7035] loop2: detected capacity change from 0 to 164 [ 114.356734][ T6950] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 114.367527][ T5778] Bluetooth: hci2: command 0x0c1a tx timeout [ 114.367552][ T5775] Bluetooth: hci3: command 0x0c1a tx timeout [ 114.380261][ T6950] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 114.395507][ T6950] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 114.406845][ T6950] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 114.520672][ T6950] 8021q: adding VLAN 0 to HW filter on device bond0 [ 114.544086][ T6950] 8021q: adding VLAN 0 to HW filter on device team0 [ 114.564606][ T6727] bridge0: port 1(bridge_slave_0) entered blocking state [ 114.571840][ T6727] bridge0: port 1(bridge_slave_0) entered forwarding state [ 114.605958][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 114.613186][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 115.690019][ T7068] random: crng reseeded on system resumption [ 115.793569][ T6950] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 115.840457][ T7073] netlink: 7 bytes leftover after parsing attributes in process `syz.3.439'. [ 115.867187][ T7073] netlink: 60 bytes leftover after parsing attributes in process `syz.3.439'. [ 115.888589][ T5775] Bluetooth: hci1: command tx timeout [ 115.934930][ T7073] netlink: 7 bytes leftover after parsing attributes in process `syz.3.439'. [ 115.957518][ T6950] veth0_vlan: entered promiscuous mode [ 115.964112][ T7073] netlink: 60 bytes leftover after parsing attributes in process `syz.3.439'. [ 115.979820][ T6950] veth1_vlan: entered promiscuous mode [ 116.063294][ T6950] veth0_macvtap: entered promiscuous mode [ 116.094714][ T6950] veth1_macvtap: entered promiscuous mode [ 116.121734][ T7079] netlink: 4 bytes leftover after parsing attributes in process `syz.1.442'. [ 116.137839][ T7073] netlink: 7 bytes leftover after parsing attributes in process `syz.3.439'. [ 116.168483][ T7073] netlink: 60 bytes leftover after parsing attributes in process `syz.3.439'. [ 116.180442][ T6950] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 116.192903][ T6950] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 116.204387][ T6950] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 116.215480][ T6950] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 116.227709][ T6950] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 116.236988][ T7079] netlink: 4 bytes leftover after parsing attributes in process `syz.1.442'. [ 116.343517][ T6950] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 116.377515][ T6950] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 116.405486][ T6950] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 116.424721][ T6950] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 116.446950][ T6950] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 116.488621][ T6950] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 116.535131][ T6950] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 116.557505][ T6950] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 116.579837][ T6950] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 116.651708][ T28] kauditd_printk_skb: 81 callbacks suppressed [ 116.651721][ T28] audit: type=1326 audit(1767178929.319:1117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7090 comm="syz.1.447" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb930b8f749 code=0x7ffc0000 [ 116.773419][ T28] audit: type=1326 audit(1767178929.349:1118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7090 comm="syz.1.447" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb930b8f749 code=0x7ffc0000 [ 116.841273][ T28] audit: type=1326 audit(1767178929.349:1119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7090 comm="syz.1.447" exe="/root/syz-executor" sig=0 arch=c000003e syscall=84 compat=0 ip=0x7fb930b8f749 code=0x7ffc0000 [ 116.866000][ T6064] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 116.899575][ T6064] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 116.940913][ T28] audit: type=1326 audit(1767178929.349:1120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7090 comm="syz.1.447" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb930b8f749 code=0x7ffc0000 [ 116.967705][ T6706] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 116.990543][ T6706] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 117.030363][ T28] audit: type=1326 audit(1767178929.349:1121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7090 comm="syz.1.447" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb930b8f749 code=0x7ffc0000 [ 117.113167][ T28] audit: type=1326 audit(1767178929.349:1122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7090 comm="syz.1.447" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb930b8f749 code=0x7ffc0000 [ 117.178463][ T28] audit: type=1326 audit(1767178929.349:1123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7090 comm="syz.1.447" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb930b8f749 code=0x7ffc0000 [ 117.234170][ T28] audit: type=1326 audit(1767178929.349:1124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7090 comm="syz.1.447" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb930b8f749 code=0x7ffc0000 [ 117.303575][ T28] audit: type=1326 audit(1767178929.349:1125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7090 comm="syz.1.447" exe="/root/syz-executor" sig=0 arch=c000003e syscall=26 compat=0 ip=0x7fb930b8f749 code=0x7ffc0000 [ 117.357045][ T28] audit: type=1326 audit(1767178929.349:1126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7090 comm="syz.1.447" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb930b8f749 code=0x7ffc0000 [ 117.468636][ T7090] delete_channel: no stack [ 117.974394][ T5775] Bluetooth: hci1: command tx timeout [ 118.192704][ T7103] syz_tun: left promiscuous mode [ 118.272166][ T7103] bridge0: port 2(bridge_slave_1) entered disabled state [ 118.279925][ T7103] bridge0: port 1(bridge_slave_0) entered disabled state [ 119.110246][ T7103] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 119.160408][ T7103] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 119.459856][ T7103] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 119.470025][ T7103] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 119.481109][ T7103] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 119.490270][ T7103] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 119.579391][ T789] lo speed is unknown, defaulting to 1000 [ 119.791967][ T7166] loop0: detected capacity change from 0 to 512 [ 119.799899][ T7170] usb usb1: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 119.800870][ T7166] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 119.877158][ T7166] ------------[ cut here ]------------ [ 119.883280][ T7166] EA inode 11 i_nlink=2 [ 119.908948][ T7166] WARNING: CPU: 0 PID: 7166 at fs/ext4/xattr.c:1075 ext4_xattr_inode_update_ref+0x4fb/0x550 [ 119.923695][ T7166] Modules linked in: [ 119.927855][ T7166] CPU: 0 PID: 7166 Comm: syz.0.469 Not tainted syzkaller #0 [ 119.935178][ T7166] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 119.945338][ T7166] RIP: 0010:ext4_xattr_inode_update_ref+0x4fb/0x550 [ 119.952155][ T7166] Code: 8d 7e 50 4c 89 f8 48 c1 e8 03 42 80 3c 20 00 74 08 4c 89 ff e8 06 2c 9a ff 49 8b 37 48 c7 c7 a0 c6 be 8a 89 da e8 35 3a 0d ff <0f> 0b 4c 8b 74 24 08 4c 8b 7c 24 10 e9 b9 fe ff ff e8 7f a3 24 08 [ 119.972544][ T7166] RSP: 0018:ffffc900040a71c0 EFLAGS: 00010246 [ 119.978804][ T7166] RAX: 9c8e44f3b801dd00 RBX: 0000000000000002 RCX: 0000000000080000 [ 119.986811][ T7166] RDX: ffffc9000bd21000 RSI: 0000000000063bcd RDI: 0000000000063bce [ 119.995134][ T7166] RBP: ffffc900040a72b8 R08: ffff8880b8e28c13 R09: 1ffff110171c5182 [ 120.003207][ T7166] R10: dffffc0000000000 R11: ffffed10171c5183 R12: dffffc0000000000 [ 120.011248][ T7166] R13: ffff88805e23c0a8 R14: ffff88805e23beb0 R15: ffff88805e23bf00 [ 120.019386][ T7166] FS: 00007f6f423f66c0(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 120.028644][ T7166] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 120.035340][ T7166] CR2: 0000001b2d323ffc CR3: 000000005f2b7000 CR4: 00000000003506f0 [ 120.043458][ T7166] Call Trace: [ 120.046755][ T7166] [ 120.049767][ T7166] ? ext4_xattr_list_entries+0x3d0/0x3d0 [ 120.056587][ T7166] ? ext4_xattr_inode_iget+0x3df/0x600 [ 120.062167][ T7166] ext4_xattr_set_entry+0xcda/0x1e90 [ 120.067835][ T7166] ext4_xattr_ibody_set+0x254/0x6a0 [ 120.073077][ T7166] ext4_expand_extra_isize_ea+0x113a/0x19e0 [ 120.079160][ T7166] __ext4_expand_extra_isize+0x306/0x400 [ 120.084834][ T7166] __ext4_mark_inode_dirty+0x45d/0x6e0 [ 120.090391][ T7166] ext4_evict_inode+0x7ed/0xea0 [ 120.095282][ T7166] ? _raw_spin_unlock+0x28/0x40 [ 120.100544][ T7166] ? ext4_inode_is_fast_symlink+0x390/0x390 [ 120.106480][ T7166] ? do_raw_spin_unlock+0x121/0x230 [ 120.111758][ T7166] ? ext4_inode_is_fast_symlink+0x390/0x390 [ 120.117717][ T7166] evict+0x486/0x870 [ 120.121645][ T7166] ? __lock_acquire+0x7c80/0x7c80 [ 120.126971][ T7166] ? proc_nr_inodes+0x230/0x230 [ 120.132390][ T7166] ? do_raw_spin_unlock+0x121/0x230 [ 120.138177][ T7166] ? _raw_spin_unlock+0x28/0x40 [ 120.143063][ T7166] ? iput+0x70a/0x920 [ 120.147089][ T7166] ext4_orphan_cleanup+0xbd4/0x1400 [ 120.152425][ T7166] ? ext4_orphan_del+0xba0/0xba0 [ 120.157443][ T7166] ? ext4_register_li_request+0x183/0x940 [ 120.163201][ T7166] ? errseq_check_and_advance+0x66/0x120 [ 120.169137][ T7166] ext4_fill_super+0x5de4/0x66c0 [ 120.174157][ T7166] ? ext4_parse_test_dummy_encryption+0xb0/0xb0 [ 120.180603][ T7166] ? __might_sleep+0xe0/0xe0 [ 120.185239][ T7166] ? read_lock_is_recursive+0x20/0x20 [ 120.191042][ T7166] ? snprintf+0xdb/0x120 [ 120.195338][ T7166] ? vscnprintf+0x80/0x80 [ 120.199770][ T7166] ? down_write+0x162/0x1f0 [ 120.204293][ T7166] ? down_read_killable+0x340/0x340 [ 120.209929][ T7166] ? setup_bdev_super+0x56b/0x660 [ 120.214988][ T7166] get_tree_bdev+0x3e4/0x510 [ 120.219912][ T7166] ? vfs_parse_fs_string+0x160/0x160 [ 120.225496][ T7166] ? ext4_parse_test_dummy_encryption+0xb0/0xb0 [ 120.231920][ T7166] ? setup_bdev_super+0x660/0x660 [ 120.236976][ T7166] ? apparmor_capable+0x137/0x1a0 [ 120.242090][ T7166] ? bpf_lsm_capable+0x9/0x10 [ 120.246790][ T7166] ? security_capable+0x89/0xb0 [ 120.251735][ T7166] vfs_get_tree+0x8c/0x280 [ 120.256174][ T7166] do_new_mount+0x24b/0xa40 [ 120.260783][ T7166] __se_sys_mount+0x2da/0x3c0 [ 120.265486][ T7166] ? __x64_sys_mount+0xc0/0xc0 [ 120.270558][ T7166] ? lockdep_hardirqs_on+0x98/0x150 [ 120.275785][ T7166] ? __x64_sys_mount+0x20/0xc0 [ 120.280713][ T7166] do_syscall_64+0x55/0xb0 [ 120.285157][ T7166] ? clear_bhb_loop+0x40/0x90 [ 120.290278][ T7166] ? clear_bhb_loop+0x40/0x90 [ 120.294991][ T7166] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 120.300990][ T7166] RIP: 0033:0x7f6f44190eea [ 120.305437][ T7166] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 120.325151][ T7166] RSP: 002b:00007f6f423f5e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 120.333881][ T7166] RAX: ffffffffffffffda RBX: 00007f6f423f5ef0 RCX: 00007f6f44190eea [ 120.342007][ T7166] RDX: 0000200000000180 RSI: 00002000000001c0 RDI: 00007f6f423f5eb0 [ 120.350072][ T7166] RBP: 0000200000000180 R08: 00007f6f423f5ef0 R09: 0000000000800700 [ 120.358101][ T7166] R10: 0000000000800700 R11: 0000000000000246 R12: 00002000000001c0 [ 120.366102][ T7166] R13: 00007f6f423f5eb0 R14: 000000000000046f R15: 000000000000002c [ 120.374419][ T7166] [ 120.377557][ T7166] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 120.384855][ T7166] CPU: 0 PID: 7166 Comm: syz.0.469 Not tainted syzkaller #0 [ 120.392155][ T7166] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 120.402229][ T7166] Call Trace: [ 120.405519][ T7166] [ 120.408459][ T7166] dump_stack_lvl+0x16c/0x230 [ 120.413166][ T7166] ? show_regs_print_info+0x20/0x20 [ 120.418398][ T7166] ? load_image+0x3b0/0x3b0 [ 120.422941][ T7166] panic+0x2c0/0x710 [ 120.426854][ T7166] ? bpf_jit_dump+0xd0/0xd0 [ 120.431389][ T7166] __warn+0x2e0/0x470 [ 120.435374][ T7166] ? ext4_xattr_inode_update_ref+0x4fb/0x550 [ 120.441361][ T7166] ? ext4_xattr_inode_update_ref+0x4fb/0x550 [ 120.447346][ T7166] report_bug+0x2be/0x4f0 [ 120.451691][ T7166] ? ext4_xattr_inode_update_ref+0x4fb/0x550 [ 120.457667][ T7166] ? ext4_xattr_inode_update_ref+0x4fb/0x550 [ 120.463649][ T7166] ? ext4_xattr_inode_update_ref+0x4fd/0x550 [ 120.469628][ T7166] handle_bug+0xcf/0x120 [ 120.473872][ T7166] exc_invalid_op+0x1a/0x50 [ 120.478374][ T7166] asm_exc_invalid_op+0x1a/0x20 [ 120.483222][ T7166] RIP: 0010:ext4_xattr_inode_update_ref+0x4fb/0x550 [ 120.489815][ T7166] Code: 8d 7e 50 4c 89 f8 48 c1 e8 03 42 80 3c 20 00 74 08 4c 89 ff e8 06 2c 9a ff 49 8b 37 48 c7 c7 a0 c6 be 8a 89 da e8 35 3a 0d ff <0f> 0b 4c 8b 74 24 08 4c 8b 7c 24 10 e9 b9 fe ff ff e8 7f a3 24 08 [ 120.509422][ T7166] RSP: 0018:ffffc900040a71c0 EFLAGS: 00010246 [ 120.515485][ T7166] RAX: 9c8e44f3b801dd00 RBX: 0000000000000002 RCX: 0000000000080000 [ 120.523453][ T7166] RDX: ffffc9000bd21000 RSI: 0000000000063bcd RDI: 0000000000063bce [ 120.531422][ T7166] RBP: ffffc900040a72b8 R08: ffff8880b8e28c13 R09: 1ffff110171c5182 [ 120.539394][ T7166] R10: dffffc0000000000 R11: ffffed10171c5183 R12: dffffc0000000000 [ 120.547367][ T7166] R13: ffff88805e23c0a8 R14: ffff88805e23beb0 R15: ffff88805e23bf00 [ 120.555366][ T7166] ? ext4_xattr_list_entries+0x3d0/0x3d0 [ 120.561011][ T7166] ? ext4_xattr_inode_iget+0x3df/0x600 [ 120.566477][ T7166] ext4_xattr_set_entry+0xcda/0x1e90 [ 120.571783][ T7166] ext4_xattr_ibody_set+0x254/0x6a0 [ 120.576992][ T7166] ext4_expand_extra_isize_ea+0x113a/0x19e0 [ 120.582909][ T7166] __ext4_expand_extra_isize+0x306/0x400 [ 120.588552][ T7166] __ext4_mark_inode_dirty+0x45d/0x6e0 [ 120.594016][ T7166] ext4_evict_inode+0x7ed/0xea0 [ 120.598864][ T7166] ? _raw_spin_unlock+0x28/0x40 [ 120.603714][ T7166] ? ext4_inode_is_fast_symlink+0x390/0x390 [ 120.609609][ T7166] ? do_raw_spin_unlock+0x121/0x230 [ 120.614806][ T7166] ? ext4_inode_is_fast_symlink+0x390/0x390 [ 120.620695][ T7166] evict+0x486/0x870 [ 120.624586][ T7166] ? __lock_acquire+0x7c80/0x7c80 [ 120.629612][ T7166] ? proc_nr_inodes+0x230/0x230 [ 120.634460][ T7166] ? do_raw_spin_unlock+0x121/0x230 [ 120.639662][ T7166] ? _raw_spin_unlock+0x28/0x40 [ 120.644544][ T7166] ? iput+0x70a/0x920 [ 120.648534][ T7166] ext4_orphan_cleanup+0xbd4/0x1400 [ 120.653747][ T7166] ? ext4_orphan_del+0xba0/0xba0 [ 120.658686][ T7166] ? ext4_register_li_request+0x183/0x940 [ 120.664408][ T7166] ? errseq_check_and_advance+0x66/0x120 [ 120.670039][ T7166] ext4_fill_super+0x5de4/0x66c0 [ 120.674991][ T7166] ? ext4_parse_test_dummy_encryption+0xb0/0xb0 [ 120.681228][ T7166] ? __might_sleep+0xe0/0xe0 [ 120.685817][ T7166] ? read_lock_is_recursive+0x20/0x20 [ 120.691185][ T7166] ? snprintf+0xdb/0x120 [ 120.695445][ T7166] ? vscnprintf+0x80/0x80 [ 120.699779][ T7166] ? down_write+0x162/0x1f0 [ 120.704278][ T7166] ? down_read_killable+0x340/0x340 [ 120.709475][ T7166] ? setup_bdev_super+0x56b/0x660 [ 120.714497][ T7166] get_tree_bdev+0x3e4/0x510 [ 120.719082][ T7166] ? vfs_parse_fs_string+0x160/0x160 [ 120.724375][ T7166] ? ext4_parse_test_dummy_encryption+0xb0/0xb0 [ 120.730614][ T7166] ? setup_bdev_super+0x660/0x660 [ 120.735635][ T7166] ? apparmor_capable+0x137/0x1a0 [ 120.740679][ T7166] ? bpf_lsm_capable+0x9/0x10 [ 120.745360][ T7166] ? security_capable+0x89/0xb0 [ 120.750209][ T7166] vfs_get_tree+0x8c/0x280 [ 120.754626][ T7166] do_new_mount+0x24b/0xa40 [ 120.759127][ T7166] __se_sys_mount+0x2da/0x3c0 [ 120.763812][ T7166] ? __x64_sys_mount+0xc0/0xc0 [ 120.768576][ T7166] ? lockdep_hardirqs_on+0x98/0x150 [ 120.773779][ T7166] ? __x64_sys_mount+0x20/0xc0 [ 120.778537][ T7166] do_syscall_64+0x55/0xb0 [ 120.782946][ T7166] ? clear_bhb_loop+0x40/0x90 [ 120.787624][ T7166] ? clear_bhb_loop+0x40/0x90 [ 120.792301][ T7166] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 120.798192][ T7166] RIP: 0033:0x7f6f44190eea [ 120.802613][ T7166] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 120.822218][ T7166] RSP: 002b:00007f6f423f5e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 120.830631][ T7166] RAX: ffffffffffffffda RBX: 00007f6f423f5ef0 RCX: 00007f6f44190eea [ 120.838597][ T7166] RDX: 0000200000000180 RSI: 00002000000001c0 RDI: 00007f6f423f5eb0 [ 120.846569][ T7166] RBP: 0000200000000180 R08: 00007f6f423f5ef0 R09: 0000000000800700 [ 120.854538][ T7166] R10: 0000000000800700 R11: 0000000000000246 R12: 00002000000001c0 [ 120.862505][ T7166] R13: 00007f6f423f5eb0 R14: 000000000000046f R15: 000000000000002c [ 120.870484][ T7166] [ 120.873815][ T7166] Kernel Offset: disabled [ 120.878292][ T7166] Rebooting in 86400 seconds..