last executing test programs: 7.337164079s ago: executing program 3 (id=891): r0 = syz_open_dev$loop(0x0, 0x7da1ca1000000, 0x0) r1 = syz_open_dev$loop(&(0x7f00000003c0), 0x4, 0x200000) r2 = syz_open_procfs(0x0, &(0x7f0000000480)='net/ip_tables_targets\x00') readv(r2, &(0x7f0000001440)=[{&(0x7f0000000040)=""/20, 0x14}], 0x1) ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f00000007c0)={r1, 0x7, {0x0, 0x0, 0x0, 0x7, 0x3, 0x0, 0x0, 0x10, 0x1, "7b78459c7ed357f0fec22cd2eac6d31623f87c6654160934cf1d41329b5cc43cf1b57d30dd45923d2d8579920332530abd7a6e9c02c053ef8a727e28bbb8fced", "510bcd3dffc5bc8f8361da43e523ea1d357f54d69969a116c4f640fcd1b2971238ab10ee6f7c23fe305c124de510dabda6992cb940cd0a03f5d026b6283cace8", "230eef1fe7f0236c905d6cd95c374de997ba90027bc7d2b13bfcebdeddcac7c6", [0x6, 0x38d]}}) futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0) futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0) futex(&(0x7f000000cffc)=0x1, 0x1, 0x800001, 0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000b80)={0xa, 0x1fffffffffffffcd, 0x0, 0x0, 0x2000000, 0x0, 0x0, 0x41100, 0x1b, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r5 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000cc0)='mmap_lock_acquire_returned\x00', r4}, 0x10) r6 = syz_io_uring_setup(0x18b, &(0x7f00000001c0)={0x0, 0x1257, 0x800, 0x0, 0x801}, &(0x7f00000003c0)=0x0, &(0x7f0000000300)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000540)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r7, r8, &(0x7f0000000000)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffff9c, 0x0, &(0x7f0000000040)='./file0/file0\x00', 0x60, 0x185500, 0x12345}) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) io_uring_enter(r6, 0x7277, 0x0, 0x0, 0x0, 0x0) mlock2(&(0x7f0000ff5000/0x9000)=nil, 0x9000, 0x0) mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil) mlock2(&(0x7f0000ff3000/0xa000)=nil, 0xa000, 0x0) r9 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$PIO_UNIMAP(r9, 0x4b67, &(0x7f0000000040)={0x3ffffffffffffe96, &(0x7f0000000000)=[{0x2000, 0x5}]}) bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYRES32=r3, @ANYRES64=r5], 0x48) 6.070435422s ago: executing program 2 (id=897): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) close(r0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) close(r1) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x24048814) sendmsg$NFT_BATCH(r2, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={0x0, 0xb4}, 0x1, 0x0, 0x0, 0x4000850}, 0x40) mbind(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0xa002, &(0x7f0000000140)=0x20000, 0x61, 0x5) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) sendmsg$NFT_BATCH(r1, &(0x7f0000009b40)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000850}, 0x40) sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000850}, 0x40) 5.484083927s ago: executing program 2 (id=900): remap_file_pages(&(0x7f00005fd000/0x4000)=nil, 0x4000, 0x2000003, 0x5, 0x10000) syz_genetlink_get_family_id$nl802154(&(0x7f0000000600), 0xffffffffffffffff) r0 = socket$pppoe(0x18, 0x1, 0x0) connect$pppoe(r0, &(0x7f0000000000)={0x18, 0x0, {0x1, @empty, 'lo\x00'}}, 0x1e) close(r0) r1 = syz_open_dev$tty20(0xc, 0x4, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x2a, 0x2, 0x13) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000040)=ANY=[@ANYBLOB="6800000010001fff00"/20, @ANYRES32=0x0, @ANYBLOB="0000000088520300480012800b000100697036746e6c00003800028014000300fc0000000000000000000000000000000400130008000100", @ANYRES32=r4, @ANYBLOB="6a6e00bb"], 0x68}, 0x1, 0x0, 0x0, 0x4000054}, 0x4000080) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000c40)={0x11, 0xc, &(0x7f0000000480)=ANY=[@ANYBLOB], &(0x7f0000001480)='GPL\x00', 0x8, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000380)='kfree\x00', r5, 0x0, 0x4804}, 0x18) r6 = socket$inet6(0xa, 0x2, 0x1) setsockopt$inet6_mreq(r6, 0x29, 0x1b, &(0x7f0000000100)={@remote}, 0x14) ioctl$KDSKBENT(r1, 0x4b47, &(0x7f0000000200)={0x8, 0x6, 0x8734}) 5.124929083s ago: executing program 1 (id=903): newfstatat(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0}, 0x4000) setresuid(r0, r0, 0x0) r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) process_vm_writev(r1, &(0x7f0000001c80)=[{&(0x7f0000001bc0)=""/156, 0x9c}], 0x1, &(0x7f0000001d80)=[{&(0x7f0000001cc0)=""/116, 0x20001c34}], 0x1, 0x0) 4.896689332s ago: executing program 2 (id=904): r0 = socket$inet_sctp(0x2, 0x5, 0x84) setsockopt$IP_VS_SO_SET_ADD(r0, 0x0, 0x482, &(0x7f00000000c0)={0x84, @dev={0xac, 0x14, 0x14, 0xb}, 0x15, 0x3, 'lblc\x00', 0x20, 0x400000, 0x4}, 0x2c) r1 = socket$kcm(0xa, 0x2, 0x0) mknod$loop(&(0x7f0000000080)='./file0\x00', 0x100000000000600d, 0x1) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xc, 0xffffffff, 0x1, 0x1}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180), &(0x7f0000000840), 0x5, r2}, 0x38) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r3}, 0x10) socket$nl_route(0x10, 0x3, 0x0) r4 = socket$inet_sctp(0x2, 0x1, 0x84) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48) setsockopt$IP_VS_SO_SET_ADDDEST(r0, 0x0, 0x487, &(0x7f0000000000)={{0x84, @remote, 0x4e21, 0x3, 'wrr\x00', 0x23, 0x81, 0x5}, {@dev={0xac, 0x14, 0x14, 0x3c}, 0x4e23, 0x10000, 0x1cb, 0x12d61, 0x12d58}}, 0x44) setsockopt$IP_VS_SO_SET_ADDDEST(r4, 0x0, 0x487, &(0x7f0000000000)={{0x84, @rand_addr=0x64010100, 0x4e24, 0x3, 'lc\x00', 0x8, 0x323b, 0x55}, {@rand_addr=0x64010100, 0x4e23, 0x2, 0x44, 0x12d5c, 0x12d5c}}, 0x44) sendmsg$sock(r1, &(0x7f0000000400)={&(0x7f0000000580)=@in6={0x2, 0x4e22, 0x0, @dev}, 0x80, 0x0, 0x0, &(0x7f0000000000)=[@mark={{0x14, 0x1, 0x24, 0x3}}], 0x18}, 0x0) 4.841928645s ago: executing program 1 (id=905): r0 = socket$nl_route(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$lock(r1, 0x6, &(0x7f0000002000)={0x1}) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0}, 0x94) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r3}, 0x10) fcntl$lock(r1, 0x26, &(0x7f00000031c0)={0x1}) close_range(r0, 0xffffffffffffffff, 0x0) 4.627694984s ago: executing program 1 (id=906): prlimit64(0x0, 0xe, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r0}, 0x10) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000500)={'syzkaller0\x00', 0x7101}) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0xa802, 0x0) close(r2) socket$netlink(0x10, 0x3, 0x0) ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f00000000c0)={'syzkaller0\x00', @broadcast}) r3 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) r5 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@gettclass={0x24, 0x2a, 0x129, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {0xb, 0x4}, {}, {0x8, 0xffe0}}}, 0x24}}, 0x40004) recvmmsg(r5, &(0x7f0000005140)=[{{0x0, 0x0, &(0x7f0000001a80)=[{&(0x7f0000000640)=""/216, 0xd8}, {&(0x7f00000052c0)=""/235, 0xeb}, {&(0x7f0000003080)=""/4096, 0x1000}], 0x3}, 0x3}], 0x1b00, 0x0, 0x0) 4.588142005s ago: executing program 2 (id=907): bind$tipc(0xffffffffffffffff, &(0x7f0000000200)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x0, 0xfffffffd}}, 0x10) r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000001400)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7020000111e6ca5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000020000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x18) unshare(0x22020400) syz_clone(0x2c9a4080, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc) 4.297706687s ago: executing program 2 (id=908): bpf$MAP_CREATE(0x0, 0x0, 0x48) r0 = bpf$MAP_CREATE(0x0, 0x0, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='kfree\x00', r1}, 0x18) sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=ANY=[@ANYBLOB="640000000206010200000000000000000000000015000300686173683a69702c706f72742c6e6574000000000900020073797a32000000000500040000000000140007800800124000000000050015002200000005000500020000000500010006"], 0x64}}, 0x0) sendmsg$IPSET_CMD_DESTROY(0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x800}, 0x10) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x244}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r4 = getpid() sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000540)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r5, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0) r7 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7020000140000e5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='sched_switch\x00', r8}, 0x10) r9 = socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$IPT_SO_GET_INFO(r9, 0x0, 0x40, &(0x7f0000000000)={'security\x00', 0x7003, [0x80002, 0x40007, 0x1, 0x2, 0xa]}, &(0x7f0000000100)=0x54) r10 = socket$nl_generic(0x10, 0x3, 0x10) r11 = syz_genetlink_get_family_id$devlink(0x0, 0xffffffffffffffff) sendmsg$DEVLINK_CMD_SB_TC_POOL_BIND_SET(r10, &(0x7f0000000ac0)={0x0, 0x0, &(0x7f0000000a80)={&(0x7f0000000240)={0x100, r11, 0x1, 0x70bd2d, 0x65dfdbff, {}, [{{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x3}}, {0x8, 0xb, 0x4}, {0x6, 0x16, 0xb}, {0x5, 0x12, 0x1}, {0x6, 0x11, 0x80}, {0x8, 0xb, 0x6}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x1}}, {0x8, 0xb, 0x4}, {0x6, 0x16, 0x15}, {0x5, 0x12, 0x1}, {0x6, 0x11, 0x8}, {0x8, 0xb, 0x4}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}}, {0x8, 0xb, 0x6}, {0x6, 0x16, 0x8}, {0x5}, {0x6, 0x11, 0x3}, {0x8, 0xb, 0x7}}]}, 0x100}, 0x1, 0x0, 0x0, 0x40000}, 0x0) ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000300)={'pim6reg1\x00', 0x1}) 2.974453554s ago: executing program 0 (id=910): bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000440)={0x6, 0xf, &(0x7f0000000200)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x47b, 0x0, 0x0, 0x0, 0xe}, {}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000040)='GPL\x00', 0x7, 0x33, &(0x7f0000000080)=""/51, 0x41100, 0xa, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x6}, 0x94) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$TIPC_CMD_ENABLE_BEARER(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="1e0000", @ANYRES16=r1, @ANYBLOB="010025bd7000fcdbdf2501"], 0x34}, 0x1, 0x0, 0x0, 0x4000}, 0x800) 2.735229004s ago: executing program 0 (id=911): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x6, 0xb, 0x40, 0x7fff0000}]}) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x8ff20c2c10f0093d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r0}, 0x10) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0xff, 0x0, 0x7fff0026}]}) 2.462016845s ago: executing program 0 (id=912): socket(0x10, 0x3, 0x8001) r0 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10) connect$inet(r0, &(0x7f0000000480)={0x2, 0x4e22, @multicast1}, 0x10) sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r1, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10) connect$inet(r1, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10) sendmmsg(r1, &(0x7f0000007fc0), 0x800001d, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) sendmsg$IEEE802154_LLSEC_SETPARAMS(r2, 0x0, 0x4000000) 2.410136028s ago: executing program 3 (id=913): mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file1/file3\x00', 0x11e) renameat2(0xffffffffffffff9c, &(0x7f0000000400)='./file1/file3\x00', 0xffffffffffffff9c, &(0x7f0000000600)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='devpts\x00', 0x5, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a00)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008"], 0x0, 0x6, 0x0, 0x0, 0x40f00, 0xc94284a3061bb7fe, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xf}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0, 0x0, 0xffffffffffffffff}, 0x18) mount$bind(0x0, &(0x7f00000000c0)='./file0/../file0\x00', 0x0, 0x100000, 0x0) mount$bind(&(0x7f0000000800)='./file0\x00', &(0x7f0000000080)='./file0/../file0\x00', 0x0, 0x1a9851, 0x0) mount$tmpfs(0x0, &(0x7f0000000400)='./file0/../file0\x00', &(0x7f00000003c0), 0x200044, 0x0) umount2(&(0x7f00000002c0)='./file0/../file0\x00', 0x0) 2.230162595s ago: executing program 3 (id=914): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) r2 = syz_open_dev$sg(&(0x7f0000000740), 0x0, 0x18b203) r3 = fcntl$dupfd(r2, 0x0, r2) ioctl$SG_IO(r3, 0x2285, &(0x7f0000000040)={0x53, 0xfffffffe, 0x6, 0x0, @buffer={0x2, 0x41001, &(0x7f00000000c0)=""/81}, &(0x7f0000000380)="259374c96ee3", 0x0, 0x300, 0x0, 0x0, 0x0}) 2.046054243s ago: executing program 3 (id=915): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000480)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cf84ded40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c86e00f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec231fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895012f1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c3405000000000000003871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d37261774cc5a3bf6b466cb72812da518ff602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d50a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a31b16ac5fb73fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953f88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a5fe1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9d66ebbc8bab4ea81232fbef665f6212f875b2a00000000000000aceb111b66a500ca52fd8f848088c67ee65dfdcc4c580e9bc18c1699dca07d019bf1bf9dd3da480d6c155d7e60674ce88ab5ae07a9d16e22792d99986b531ab4e592ab5925da779e700cf20309a2137877690dc5c07956fc82d7b3bb46d3138041af18508938c9be4e5d0a98073463a5cff6c146d020743da474cb81677a6f389f0e00c33b70b7f8bab95435c27167f365a29fb09cbf35bf192f6a65616fa2ad9a6c7ca3a3ecd96aaecd993e8badb40e7eb8a22b0015e70c885cd519e28448168c6d914265998bff74ea1b0e651a6cae9419096248a0e41573827ad60fafce6e6540734c1f23f75337d836c31497e8112969a039d65aa297e2b046b5f4d11116a89f9f65693d4dc3e70fbfe0b2044fdb3f87e887d1daae8e38a0c19f668f776e19a02bb2449ee4384f6536879c85d7e41bc0276ee2b125d41ff358323311703ec01d64a573bdeb75bdcc87d01de38365ab9222713d2d1640a742d62fefb5403b2ed9969c32a0841e8c36b0107bb888eb14ac62e6d4bdfaeb9ee7436b97bf3825a19d6c8997ce285edf1d277ed703f560460417bfe702af833e83c5b987befb6d1fcf765ab7ea537d9dafb622a1ba8686cb9b1c63b84470364942e90d1cf856cead864f5e38"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) getpgid(0xffffffffffffffff) 1.947295067s ago: executing program 3 (id=916): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000100)='kfree\x00', r0}, 0x18) r1 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) r2 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$KDSKBLED(r2, 0x4b65, 0x3) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) socket$inet_tcp(0x2, 0x1, 0x0) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000"], 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYBLOB="0000000000000000b705000008000000850000"], &(0x7f0000000500)='syzkaller\x00', 0x1, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000040)='kmem_cache_free\x00', r3, 0x0, 0x800000000006}, 0x18) r4 = socket$tipc(0x1e, 0x2, 0x0) bind$tipc(r4, 0x0, 0x0) r5 = socket$tipc(0x1e, 0x5, 0x0) setsockopt$TIPC_GROUP_JOIN(r5, 0x10f, 0x87, &(0x7f0000000300)={0x43, 0x3, 0x3, 0x3}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f0000001e40)=ANY=[], 0x48) r6 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r6, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000001900)="2e00000011008188040900000000000000a1810031000000000f000000048002002d1f00000000000000e2000000", 0x2e}], 0x1}, 0x20000000) 1.471973507s ago: executing program 0 (id=917): r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0xda01}) ioctl$TUNDETACHFILTER(r0, 0x401054d6, 0x0) 289.382457ms ago: executing program 1 (id=918): openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/pm_wakeup_irq', 0x288280, 0xa0) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000002500)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x50) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff14"], &(0x7f0000000100)='GPL\x00'}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10) r1 = socket(0x10, 0x3, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=@base={0xf, 0x4, 0x4, 0x12, 0x10, 0xffffffffffffffff, 0x22b}, 0x50) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000100)={r2, 0xffffffffffffffff}, 0x4) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001340)={&(0x7f00000000c0)=ANY=[@ANYBLOB="4c0000001800010d00000000000000850a000300000000000500000014000500200100000000000000000100000000001c00090008000000", @ANYRES32=r1, @ANYRES16=r3], 0x4c}}, 0x40000) sendmmsg(r1, &(0x7f0000000000), 0x4000000000001f2, 0xfc) 250.536678ms ago: executing program 2 (id=919): gettid() timer_create(0x0, 0x0, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) readv(r0, &(0x7f0000000140)=[{&(0x7f0000000080)=""/144, 0x90}], 0x1) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) 195.601291ms ago: executing program 1 (id=920): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000005"], 0x50) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x94) r1 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x2) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10) ioctl$USBDEVFS_SUBMITURB(r1, 0x8038550a, &(0x7f0000000140)=@urb_type_control={0x2, {}, 0x2000000b, 0xe0, &(0x7f0000000240)={0x3, 0x0, 0xfffa, 0x4360}, 0x8, 0x6, 0x7d, 0x0, 0x1, 0x101, 0x0}) 89.746716ms ago: executing program 1 (id=921): bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[], 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000840), 0x81, r0}, 0x38) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], &(0x7f0000000000)='syzkaller\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x4) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl802154(0x0, r2) r3 = socket$kcm(0x21, 0x2, 0x2) sendmsg$kcm(r3, &(0x7f0000000080)={&(0x7f0000000000)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @broadcast}}, 0x80, 0x0, 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000100100000100000014e200000000"], 0x28}, 0x0) r4 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000600), 0xffffffffffffffff) r5 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x48) r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7020000140000e5b7030000000700008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='sched_switch\x00', r6}, 0x10) r7 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r7}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r8 = eventfd2(0x0, 0x0) read$eventfd(r8, &(0x7f0000000040), 0x8) r9 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r10 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r10, 0x8933, &(0x7f0000000100)={'wpan0\x00', 0x0}) r12 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/net\x00') sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r9, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010c25bd7000ffdbdf251400000008001d00", @ANYRES32=r12, @ANYBLOB="08000300", @ANYRES32=r11], 0x24}, 0x1, 0x0, 0x0, 0x20040801}, 0x20000004) sendmsg$NL802154_CMD_SET_MAX_FRAME_RETRIES(r2, 0x0, 0x40) ioctl$sock_SIOCGIFINDEX_802154(r2, 0x8933, &(0x7f00000001c0)={'wpan0\x00'}) sendmsg$NL802154_CMD_NEW_SEC_KEY(r2, 0x0, 0x0) syz_genetlink_get_family_id$ipvs(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_FIOSETOWN(0xffffffffffffffff, 0x8901, 0x0) sendmsg$IPVS_CMD_DEL_SERVICE(0xffffffffffffffff, &(0x7f0000000a80)={&(0x7f0000000780)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000800)={0x0}, 0x1, 0x0, 0x0, 0x800}, 0x40) 89.310656ms ago: executing program 3 (id=922): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94) syz_mount_image$vfat(&(0x7f0000000180), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="757466383d312c6e6f6e756d7461696c3d302c6e6f6e756d7461696c3d302c756e695f786c6174653d302c73686f72746e616d653d77696e39352c000f3556feecb6412e00c80bdee16891f8bf67c9f2380e4ccafc9da9def41b05c1dfb2cfa24e43aedf5536d3bce06ddda97c586bc37fab5366b1ab6fbde3785fdd0fc4e7df753a0e2658aa5e88e1d38366c7908a7b2b678ee4b4bfc7aafa2101c157745926241af5ac30189eced78c1611b972d03bfef046f4adcada230ef0ac02ede79fb7d92a8354670c01cb80361c1fde2cef3204a182323c318e10ef11cb24c435d589b17a396377800f00af7fcb5394000000000000000000000000000000b77852afdd71c74bb5b7c5711237cc59195e4aeb5878987cefd666ef6b56a81553b8c7ffdcf6658d8a70ad52a23a68b6d0e5ea"], 0x1, 0x21b, &(0x7f0000000300)="$eJzs2j+LHGUcB/DfnJHEC5dd8R8JiA9aqM2Q3doihyQgLiiaFaIgmXizuuy4e+wsBytirtLWl2AtlnaCpLS5xldgYXfNlSnEkWRjcnesxSHein4+zXzhmS88D8/w8BSz/9rXn44GdT4oZrGWZbF2JXbjbhbtWIs/7carL9/46fl3b7z/5mavd/WdlK5tXu90U0oXXvjxg8+/e/HO7Px731/44WzstT/cP+j+uvfs3sX9369/MqzTsE7jySwV6dZkMituVWXaGtajPKW3q7KoyzQc1+X0yPigmmxvz1Mx3tpY356WdZ2K8TyNynmaTdJsOk/Fx8VwnPI8Txvrwd/R//Zu08RB8/jNaJrmiW/i/J3Y+CVakT2ZsqeuZM/czJ7bzS4eNE1r1VPlH2H//98OHernIqqvdvo7/cVzMb45iGFUUcblaMVvce8zeWCRr73Ru3o53deOL6vbD/q3d/qPHe13ohXt5f3Oop+O9s/G+uF+N1rx9PJ+d2n/XLzy0qF+Hq34+aOYRBVbca/7qP9FJ6XX3+od61+6/x4AwH9Nnh5aen/L878aX/RPcD88dr86E5fOrHbtRNTzz0ZFVZVTQRCEh2HVJxOn4dGmr3omAAAAAAAAAAAAnMRp/E646jUCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/bn8EAAD//xrx1cI=") bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00'}, 0x18) statx(0xffffffffffffffff, 0x0, 0x6000, 0x4, 0x0) r0 = msgget$private(0x0, 0x100) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) mremap(&(0x7f00007ff000/0x4000)=nil, 0x4000, 0x4000, 0x3, &(0x7f0000580000/0x4000)=nil) setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000200)={@private0, 0x800, 0x0, 0x1, 0x1}, 0x20) connect$inet6(0xffffffffffffffff, 0x0, 0x0) msgctl$IPC_SET(r0, 0x1, &(0x7f0000002880)={{0x2, 0x0, 0x0, 0x0, 0x0, 0x1a, 0x7}, 0x0, 0x0, 0x1, 0x1414, 0x10001, 0x4e, 0xffffffffffffffca, 0x8, 0x8580, 0x3}) msgsnd(r0, &(0x7f0000000500)=ANY=[@ANYBLOB="0100000000"], 0xcc, 0x0) msgctl$IPC_RMID(r0, 0x0) mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff) socket$can_raw(0x1d, 0x3, 0x1) 65.674836ms ago: executing program 0 (id=923): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000900850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r1}, 0x18) mbind(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2, &(0x7f0000000000)=0x3, 0xf, 0x0) 0s ago: executing program 0 (id=924): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000"], 0x7c}}, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800700, &(0x7f00000007c0)={[{@nodioread_nolock}, {@errors_remount}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5a}}, {@nouid32}, {@resgid}, {@acl}, {@init_itable_val={'init_itable', 0x3d, 0x3}}]}, 0x1, 0x46f, &(0x7f0000000bc0)="$eJzs281rHOUfAPDvTF7a/vqS/Gp9aa0aLUJQTJq0ag9eFAWRioIe6jEm2xK6baSJYmuxqYgnQQp6Fo+if4E3EUQ9CV49eZJC0V7aeorM7Ey62WYTazaZ2P18YLPPM/PszvebeXv2eXYD6FpD2Z8kYkdE/BoRA43q0gZDjafrV89P3rh6fjKJhYXX/kjydteunp8sm5av215UhtOI9MOk2MhSs2fPnZyo12tnivro3Km3RmfPnnvinVMTJ2onaqfHjxw5fGjs6afGn+xInlle1/a9P7N/74tvXHp58tilN3/8Oot3R7G+OY9OGcoS/3Mh17ru0U5vrGI7m8pJb4WBcFt6IiLbXX35+T8QPXFz5w3ECx9UGhywrrJ705b2q+cXgDtYElVHAFSjvNFnn3/LxwZ1PTaFK882PgBleV8vHo01vZEWbfpaPt920lBEHJv/6/PsEes0DgEA0Ozjyc+O9kfEeze+einrewwsrknjnvz5t/zvrmIOZTAi/h8RuyPirojYExF3R+Rt742I+9YYz639n/TyGt9yRVn/75libmtp/6/s/cVgT1HbmefflxyfrtcOFv+T4ejbktXHVtjGt8//8km7dc39v+yRbb/sCxZxXO5tGaCbmpibyDulHXDlYsS+3uXyTxZnApKI2BsR+27vrXeVhenHvtzfrtHq+a+gA/NMC19k6c1n+c9HS/6lpHl+cvqW+cnRrVGvHRwtj4pb/fTzR6+22/6a8u+AK7XGc9P+b20ymDTP1852dvv/8vhP+5PX83nm/mLZuxNzc2fGIvqTo3l9yfLxm68t62X77PgfPrD8+b+7eE2W//0RkR3ED0TEgxHxUBH7wxHxSEQcWCHHH55bPf9IK9r/FyOmlr3+LR7/Lfv/9gs9J7//pt32/9n+P5yXhosl+fVvFcuFk10uWgNcy/8OAAAA/ivS/DvwSTqyWE7TkZHGd/j3xP/S+szs3OPHZ94+PdX4rvxg9KXlSNdAMR5an67XxpL54h0b46PjxVhxOV56qBg3/rRnW14fmZypT1WcO3S77W3O/8zvPVVHB6yzbcsuHe/f8ECACrTOo6dLqxdeCRcDuFP5vTZ0r1XO/3Sj4gA2nvs/dK/lzv8LLXVzAXBncv+H7uX8hy6Vfld1BECF3P+hK63ld/3rWNi6OcKoprBZd0peiCgL6aaIR2GdClVfmQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADrj7wAAAP//KFzmgQ==") kernel console output (not intermixed with test programs): no interfaces have a carrier [ 39.875868][ T5455] 8021q: adding VLAN 0 to HW filter on device bond0 [ 39.895479][ T5455] eql: remember to turn off Van-Jacobson compression on your slave devices Starting crond: OK Starting sshd: OK syzkaller Warning: Permanently added '10.128.1.178' (ED25519) to the list of known hosts. syzkaller login: [ 57.861503][ T5773] cgroup: Unknown subsys name 'net' [ 58.022807][ T5773] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 59.370162][ T5773] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 61.148581][ T5784] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 61.156977][ T5784] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 61.165626][ T5795] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 61.187438][ T5796] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 61.197612][ T5793] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 61.206699][ T5796] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 61.217284][ T5796] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 61.217842][ T5793] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 61.238043][ T5796] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 61.239744][ T5784] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 61.252673][ T5796] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 61.254338][ T5784] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 61.267971][ T5784] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 61.272103][ T5797] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 61.276171][ T5784] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 61.283098][ T5797] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 61.289764][ T5784] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 61.296291][ T5796] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 61.311485][ T5784] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 61.318757][ T5797] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 61.328057][ T5797] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 61.343331][ T5784] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 61.356689][ T5784] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 61.365672][ T5784] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 61.744964][ T5787] chnl_net:caif_netlink_parms(): no params data found [ 61.773402][ T5782] chnl_net:caif_netlink_parms(): no params data found [ 61.935243][ T5786] chnl_net:caif_netlink_parms(): no params data found [ 61.944909][ T5787] bridge0: port 1(bridge_slave_0) entered blocking state [ 61.952216][ T5787] bridge0: port 1(bridge_slave_0) entered disabled state [ 61.959929][ T5787] bridge_slave_0: entered allmulticast mode [ 61.966834][ T5787] bridge_slave_0: entered promiscuous mode [ 61.975505][ T5787] bridge0: port 2(bridge_slave_1) entered blocking state [ 61.984765][ T5787] bridge0: port 2(bridge_slave_1) entered disabled state [ 61.992303][ T5787] bridge_slave_1: entered allmulticast mode [ 61.999667][ T5787] bridge_slave_1: entered promiscuous mode [ 62.025926][ T5782] bridge0: port 1(bridge_slave_0) entered blocking state [ 62.033234][ T5782] bridge0: port 1(bridge_slave_0) entered disabled state [ 62.041517][ T5782] bridge_slave_0: entered allmulticast mode [ 62.048230][ T5782] bridge_slave_0: entered promiscuous mode [ 62.089658][ T5782] bridge0: port 2(bridge_slave_1) entered blocking state [ 62.098371][ T5782] bridge0: port 2(bridge_slave_1) entered disabled state [ 62.105550][ T5782] bridge_slave_1: entered allmulticast mode [ 62.112844][ T5782] bridge_slave_1: entered promiscuous mode [ 62.135569][ T5787] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 62.154535][ T5788] chnl_net:caif_netlink_parms(): no params data found [ 62.178929][ T5787] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 62.222675][ T5782] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 62.235152][ T5782] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 62.253284][ T5787] team0: Port device team_slave_0 added [ 62.262544][ T5787] team0: Port device team_slave_1 added [ 62.318951][ T5786] bridge0: port 1(bridge_slave_0) entered blocking state [ 62.326130][ T5786] bridge0: port 1(bridge_slave_0) entered disabled state [ 62.334202][ T5786] bridge_slave_0: entered allmulticast mode [ 62.341776][ T5786] bridge_slave_0: entered promiscuous mode [ 62.362348][ T5782] team0: Port device team_slave_0 added [ 62.372944][ T5787] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 62.380100][ T5787] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 62.406243][ T5787] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 62.419084][ T5787] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 62.426042][ T5787] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 62.452252][ T5787] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 62.463881][ T5786] bridge0: port 2(bridge_slave_1) entered blocking state [ 62.471188][ T5786] bridge0: port 2(bridge_slave_1) entered disabled state [ 62.478545][ T5786] bridge_slave_1: entered allmulticast mode [ 62.485172][ T5786] bridge_slave_1: entered promiscuous mode [ 62.493162][ T5782] team0: Port device team_slave_1 added [ 62.553315][ T5782] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 62.560704][ T5782] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 62.587112][ T5782] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 62.622408][ T5782] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 62.629645][ T5782] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 62.655880][ T5782] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 62.680171][ T5788] bridge0: port 1(bridge_slave_0) entered blocking state [ 62.688151][ T5788] bridge0: port 1(bridge_slave_0) entered disabled state [ 62.695321][ T5788] bridge_slave_0: entered allmulticast mode [ 62.702277][ T5788] bridge_slave_0: entered promiscuous mode [ 62.711905][ T5786] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 62.724797][ T5786] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 62.752198][ T5788] bridge0: port 2(bridge_slave_1) entered blocking state [ 62.759806][ T5788] bridge0: port 2(bridge_slave_1) entered disabled state [ 62.767434][ T5788] bridge_slave_1: entered allmulticast mode [ 62.774075][ T5788] bridge_slave_1: entered promiscuous mode [ 62.807519][ T5787] hsr_slave_0: entered promiscuous mode [ 62.813793][ T5787] hsr_slave_1: entered promiscuous mode [ 62.843139][ T5786] team0: Port device team_slave_0 added [ 62.868875][ T5782] hsr_slave_0: entered promiscuous mode [ 62.875409][ T5782] hsr_slave_1: entered promiscuous mode [ 62.882023][ T5782] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 62.890448][ T5782] Cannot create hsr debugfs directory [ 62.910048][ T5788] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 62.921266][ T5786] team0: Port device team_slave_1 added [ 62.951139][ T5786] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 62.958523][ T5786] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 62.984865][ T5786] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 62.998262][ T5788] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 63.034751][ T5786] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 63.042220][ T5786] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 63.068581][ T5786] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 63.132041][ T5788] team0: Port device team_slave_0 added [ 63.170870][ T5788] team0: Port device team_slave_1 added [ 63.195438][ T5786] hsr_slave_0: entered promiscuous mode [ 63.202224][ T5786] hsr_slave_1: entered promiscuous mode [ 63.209571][ T5786] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 63.218535][ T5786] Cannot create hsr debugfs directory [ 63.273625][ T5788] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 63.280804][ T5788] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 63.306851][ T5788] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 63.321252][ T5788] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 63.328826][ T5788] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 63.329283][ T5784] Bluetooth: hci0: command tx timeout [ 63.355105][ T5788] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 63.406513][ T5784] Bluetooth: hci2: command tx timeout [ 63.406541][ T5789] Bluetooth: hci1: command tx timeout [ 63.417713][ T5789] Bluetooth: hci3: command tx timeout [ 63.482384][ T5788] hsr_slave_0: entered promiscuous mode [ 63.489416][ T5788] hsr_slave_1: entered promiscuous mode [ 63.495509][ T5788] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 63.503597][ T5788] Cannot create hsr debugfs directory [ 63.668214][ T5787] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 63.686426][ T5787] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 63.711153][ T5787] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 63.723287][ T5787] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 63.794287][ T5782] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 63.809419][ T5782] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 63.820503][ T5782] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 63.829872][ T5782] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 63.926208][ T5786] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 63.968051][ T5786] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 63.981232][ T5786] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 63.991897][ T5786] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 64.048830][ T5788] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 64.063362][ T5788] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 64.074836][ T5788] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 64.094317][ T5787] 8021q: adding VLAN 0 to HW filter on device bond0 [ 64.108024][ T5788] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 64.151959][ T5787] 8021q: adding VLAN 0 to HW filter on device team0 [ 64.198448][ T3525] bridge0: port 1(bridge_slave_0) entered blocking state [ 64.205756][ T3525] bridge0: port 1(bridge_slave_0) entered forwarding state [ 64.238963][ T3525] bridge0: port 2(bridge_slave_1) entered blocking state [ 64.246081][ T3525] bridge0: port 2(bridge_slave_1) entered forwarding state [ 64.302397][ T5782] 8021q: adding VLAN 0 to HW filter on device bond0 [ 64.332107][ T5786] 8021q: adding VLAN 0 to HW filter on device bond0 [ 64.375029][ T5788] 8021q: adding VLAN 0 to HW filter on device bond0 [ 64.395782][ T5786] 8021q: adding VLAN 0 to HW filter on device team0 [ 64.405159][ T5782] 8021q: adding VLAN 0 to HW filter on device team0 [ 64.429785][ T3475] bridge0: port 1(bridge_slave_0) entered blocking state [ 64.436965][ T3475] bridge0: port 1(bridge_slave_0) entered forwarding state [ 64.460328][ T3475] bridge0: port 1(bridge_slave_0) entered blocking state [ 64.467460][ T3475] bridge0: port 1(bridge_slave_0) entered forwarding state [ 64.480259][ T3475] bridge0: port 2(bridge_slave_1) entered blocking state [ 64.487422][ T3475] bridge0: port 2(bridge_slave_1) entered forwarding state [ 64.504027][ T3525] bridge0: port 2(bridge_slave_1) entered blocking state [ 64.511243][ T3525] bridge0: port 2(bridge_slave_1) entered forwarding state [ 64.521152][ T5788] 8021q: adding VLAN 0 to HW filter on device team0 [ 64.563505][ T42] bridge0: port 1(bridge_slave_0) entered blocking state [ 64.571023][ T42] bridge0: port 1(bridge_slave_0) entered forwarding state [ 64.612893][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 64.620092][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 64.761445][ T5788] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 64.901692][ T5787] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 65.030494][ T5787] veth0_vlan: entered promiscuous mode [ 65.064494][ T5787] veth1_vlan: entered promiscuous mode [ 65.112154][ T5786] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 65.169868][ T5782] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 65.196140][ T5787] veth0_macvtap: entered promiscuous mode [ 65.218862][ T5788] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 65.228912][ T5787] veth1_macvtap: entered promiscuous mode [ 65.258240][ T5786] veth0_vlan: entered promiscuous mode [ 65.282460][ T5786] veth1_vlan: entered promiscuous mode [ 65.300363][ T5787] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 65.325656][ T5787] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 65.344250][ T5787] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.353287][ T5787] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.362493][ T5787] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.372501][ T5787] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.411343][ T5789] Bluetooth: hci0: command tx timeout [ 65.436011][ T5788] veth0_vlan: entered promiscuous mode [ 65.455499][ T5788] veth1_vlan: entered promiscuous mode [ 65.465944][ T5782] veth0_vlan: entered promiscuous mode [ 65.486986][ T5789] Bluetooth: hci2: command tx timeout [ 65.487377][ T5792] Bluetooth: hci1: command tx timeout [ 65.498817][ T5784] Bluetooth: hci3: command tx timeout [ 65.511934][ T5786] veth0_macvtap: entered promiscuous mode [ 65.526070][ T5782] veth1_vlan: entered promiscuous mode [ 65.543679][ T5786] veth1_macvtap: entered promiscuous mode [ 65.596910][ T3475] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 65.604911][ T3475] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 65.609360][ T5782] veth0_macvtap: entered promiscuous mode [ 65.646430][ T5782] veth1_macvtap: entered promiscuous mode [ 65.672261][ T5786] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 65.683403][ T5786] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 65.695042][ T5786] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 65.705271][ T5788] veth0_macvtap: entered promiscuous mode [ 65.719794][ T3475] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 65.723685][ T5788] veth1_macvtap: entered promiscuous mode [ 65.734160][ T3475] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 65.747282][ T5786] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 65.759726][ T5786] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 65.771607][ T5786] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 65.783360][ T5786] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.792719][ T5786] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.801694][ T5786] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.811301][ T5786] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.836194][ T5788] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 65.849762][ T5788] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 65.860488][ T5788] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 65.871191][ T5788] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 65.883358][ T5788] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 65.903756][ T5788] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 65.914666][ T5788] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 65.924703][ T5788] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 65.935373][ T5788] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 65.948703][ T5788] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 65.998680][ T5782] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 66.015033][ T5782] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 66.025892][ T5782] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 66.037713][ T5782] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 66.048302][ T5782] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 66.066650][ T5782] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 66.082482][ T5782] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 66.092265][ T5788] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.101958][ T5788] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.111402][ T5788] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.121262][ T5788] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.146723][ T5868] netlink: 'syz.0.1': attribute type 10 has an invalid length. [ 66.154765][ T5868] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1'. [ 66.167524][ T5868] team0: Device lo is loopback device. Loopback devices can't be added as a team port [ 66.177832][ T5868] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 66.205069][ T5782] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 66.216104][ T5782] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 66.228307][ T5782] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 66.239037][ T5782] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 66.255434][ T5782] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 66.270565][ T5782] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 66.282122][ T5782] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 66.305123][ T5869] IPVS: starting estimator thread 0... [ 66.333111][ T5782] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.345977][ T5782] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.356104][ T5782] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.365253][ T5782] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.406561][ T5873] IPVS: using max 23 ests per chain, 55200 per kthread [ 66.442192][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 66.482877][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 66.542859][ T42] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 66.551133][ T42] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 66.600546][ T1128] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 66.614354][ T1128] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 66.732446][ T1128] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 66.751818][ T1128] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 66.795052][ T3475] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 66.856832][ T3475] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 66.971369][ T167] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 66.986790][ T5880] syz.2.3[5880]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set [ 66.996966][ T167] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 67.089114][ T5880] loop2: detected capacity change from 0 to 1024 [ 67.189753][ T5880] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 67.388362][ T5889] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported [ 67.461211][ T5891] loop1: detected capacity change from 0 to 256 [ 67.490494][ T5792] Bluetooth: hci0: command tx timeout [ 67.499759][ T5891] ======================================================= [ 67.499759][ T5891] WARNING: The mand mount option has been deprecated and [ 67.499759][ T5891] and is ignored by this kernel. Remove the mand [ 67.499759][ T5891] option from the mount to silence this warning. [ 67.499759][ T5891] ======================================================= [ 67.566932][ T5792] Bluetooth: hci2: command tx timeout [ 67.572471][ T5792] Bluetooth: hci1: command tx timeout [ 67.578464][ T5792] Bluetooth: hci3: command tx timeout [ 67.691319][ T5891] FAT-fs (loop1): Directory bread(block 64) failed [ 67.746523][ T5891] FAT-fs (loop1): Directory bread(block 65) failed [ 67.755673][ T5891] FAT-fs (loop1): Directory bread(block 66) failed [ 67.762855][ T5891] FAT-fs (loop1): Directory bread(block 67) failed [ 67.788543][ T5891] FAT-fs (loop1): Directory bread(block 68) failed [ 67.820329][ T5891] FAT-fs (loop1): Directory bread(block 69) failed [ 67.829137][ T5891] FAT-fs (loop1): Directory bread(block 70) failed [ 67.835803][ T5891] FAT-fs (loop1): Directory bread(block 71) failed [ 67.849200][ T5891] FAT-fs (loop1): Directory bread(block 72) failed [ 67.858475][ T5891] FAT-fs (loop1): Directory bread(block 73) failed [ 68.170682][ T5786] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 68.430135][ T5906] loop2: detected capacity change from 0 to 1024 [ 68.458743][ T5906] EXT4-fs: Ignoring removed orlov option [ 68.530423][ T5906] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 68.623670][ T5910] Zero length message leads to an empty skb [ 68.687692][ T5913] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 68.795890][ T5911] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2249: inode #15: comm syz.2.12: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled [ 68.834975][ T5911] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2249: inode #15: comm syz.2.12: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled [ 69.037867][ T5916] loop1: detected capacity change from 0 to 128 [ 69.075893][ T5918] loop3: detected capacity change from 0 to 256 [ 69.233598][ T5918] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 69.290380][ T5918] FAT-fs (loop3): Filesystem has been set read-only [ 69.325862][ T5918] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 69.350801][ T5918] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 69.610832][ T5786] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 69.621608][ T5792] Bluetooth: hci0: command tx timeout [ 69.656586][ T5792] Bluetooth: hci3: command tx timeout [ 69.662320][ T5792] Bluetooth: hci1: command tx timeout [ 69.668557][ T5792] Bluetooth: hci2: command tx timeout [ 70.225115][ T5930] loop0: detected capacity change from 0 to 1024 [ 70.290118][ T5933] tipc: Started in network mode [ 70.319512][ T5933] tipc: Node identity 00000000000000000000000000000001, cluster identity 4711 [ 70.322500][ T5930] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 70.344342][ T5933] tipc: New replicast peer: fe80:0000:0000:0000:0000:0000:0000:00bb [ 70.426040][ T5933] tipc: Enabled bearer , priority 10 [ 71.099798][ T5948] loop3: detected capacity change from 0 to 1024 [ 71.135009][ T5948] EXT4-fs: Ignoring removed orlov option [ 71.147990][ T5787] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 71.170235][ T5948] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 71.496995][ T5955] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2249: inode #15: comm syz.3.26: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled [ 71.544005][ T5955] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2249: inode #15: comm syz.3.26: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled [ 71.573356][ T5850] tipc: Node number set to 1 [ 71.667378][ T1279] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.674093][ T1279] ieee802154 phy1 wpan1: encryption failed: -22 [ 72.075690][ T5788] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 72.122261][ T5965] loop2: detected capacity change from 0 to 128 [ 73.135279][ T5975] netlink: 24 bytes leftover after parsing attributes in process `syz.0.42'. [ 73.151787][ T5975] loop0: detected capacity change from 0 to 128 [ 73.318934][ T5981] syz.0.42: attempt to access beyond end of device [ 73.318934][ T5981] loop0: rw=2049, sector=145, nr_sectors = 800 limit=128 [ 73.388965][ T5983] loop1: detected capacity change from 0 to 512 [ 73.448714][ T5983] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 73.584855][ T5983] ext4 filesystem being mounted at /8/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 73.603104][ T5983] EXT4-fs error (device loop1): ext4_do_update_inode:5244: inode #2: comm syz.1.36: corrupted inode contents [ 73.624991][ T5983] EXT4-fs error (device loop1): ext4_dirty_inode:6120: inode #2: comm syz.1.36: mark_inode_dirty error [ 73.643829][ T5983] EXT4-fs error (device loop1): ext4_do_update_inode:5244: inode #2: comm syz.1.36: corrupted inode contents [ 73.661003][ T5983] EXT4-fs error (device loop1): __ext4_ext_dirty:202: inode #2: comm syz.1.36: mark_inode_dirty error [ 73.720716][ T5782] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 73.984153][ T28] audit: type=1326 audit(1764736275.636:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6000 comm="syz.0.40" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a5db8f749 code=0x7ffc0000 [ 74.032337][ T28] audit: type=1326 audit(1764736275.666:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6000 comm="syz.0.40" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a5db8f749 code=0x7ffc0000 [ 74.085152][ T28] audit: type=1326 audit(1764736275.666:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6000 comm="syz.0.40" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9a5db8f749 code=0x7ffc0000 [ 74.115338][ T28] audit: type=1326 audit(1764736275.666:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6000 comm="syz.0.40" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a5db8f749 code=0x7ffc0000 [ 74.179563][ T28] audit: type=1326 audit(1764736275.666:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6000 comm="syz.0.40" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a5db8f749 code=0x7ffc0000 [ 74.263459][ T28] audit: type=1326 audit(1764736275.666:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6000 comm="syz.0.40" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9a5db8f749 code=0x7ffc0000 [ 74.293328][ T6006] netlink: 16 bytes leftover after parsing attributes in process `syz.0.41'. [ 74.311652][ T28] audit: type=1326 audit(1764736275.666:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6000 comm="syz.0.40" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a5db8f749 code=0x7ffc0000 [ 74.386544][ T28] audit: type=1326 audit(1764736275.666:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6000 comm="syz.0.40" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7f9a5db8f749 code=0x7ffc0000 [ 74.449172][ T28] audit: type=1326 audit(1764736275.686:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6000 comm="syz.0.40" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a5db8f749 code=0x7ffc0000 [ 74.506506][ T5878] IPVS: starting estimator thread 0... [ 74.543807][ T28] audit: type=1326 audit(1764736275.686:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6000 comm="syz.0.40" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a5db8f749 code=0x7ffc0000 [ 74.612224][ T6011] IPVS: using max 29 ests per chain, 69600 per kthread [ 74.989028][ T6023] syz.2.52[6023] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 74.989169][ T6023] syz.2.52[6023] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 75.013112][ T6028] 9pnet_fd: p9_fd_create_tcp (6028): problem connecting socket to 127.0.0.1 [ 75.130761][ T6031] syz.2.52 uses obsolete (PF_INET,SOCK_PACKET) [ 75.650881][ T6036] bridge0: entered promiscuous mode [ 75.656724][ T6036] macsec1: entered promiscuous mode [ 75.667908][ T6036] bridge0: port 3(macsec1) entered blocking state [ 75.674570][ T6036] bridge0: port 3(macsec1) entered disabled state [ 75.693442][ T6036] macsec1: entered allmulticast mode [ 75.701299][ T6036] bridge0: entered allmulticast mode [ 75.710809][ T6036] macsec1: left allmulticast mode [ 75.715892][ T6036] bridge0: left allmulticast mode [ 75.732897][ T6036] bridge0: left promiscuous mode [ 76.030621][ T6050] loop1: detected capacity change from 0 to 256 [ 76.235819][ T6055] loop3: detected capacity change from 0 to 512 [ 76.272588][ T6057] loop1: detected capacity change from 0 to 128 [ 76.419177][ T6055] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 76.496689][ T6055] ext4 filesystem being mounted at /13/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 77.127458][ T6055] syz.3.62[6055] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 77.127590][ T6055] syz.3.62[6055] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 77.259355][ T6055] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1215: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters [ 77.434096][ T6055] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 10 with max blocks 23 with error 28 [ 77.495619][ T6055] EXT4-fs (loop3): This should not happen!! Data will be lost [ 77.495619][ T6055] [ 77.546732][ T6055] EXT4-fs (loop3): Total free blocks count 0 [ 77.573213][ T6055] EXT4-fs (loop3): Free/Dirty block details [ 77.613911][ T6055] EXT4-fs (loop3): free_blocks=65280 [ 77.626433][ T6055] EXT4-fs (loop3): dirty_blocks=23 [ 77.656445][ T6055] EXT4-fs (loop3): Block reservation details [ 77.680092][ T6055] EXT4-fs (loop3): i_reserved_data_blocks=23 [ 77.805850][ T5788] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 78.079860][ T6082] loop1: detected capacity change from 0 to 256 [ 78.445874][ T6090] loop1: detected capacity change from 0 to 128 [ 79.291034][ T28] kauditd_printk_skb: 45 callbacks suppressed [ 79.291047][ T28] audit: type=1326 audit(1764736280.946:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6095 comm="syz.3.77" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9167b8f749 code=0x7ffc0000 [ 79.419249][ T28] audit: type=1326 audit(1764736280.986:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6095 comm="syz.3.77" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9167b8f749 code=0x7ffc0000 [ 79.444155][ T28] audit: type=1326 audit(1764736281.016:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6095 comm="syz.3.77" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f9167b8f34b code=0x7ffc0000 [ 79.526891][ T28] audit: type=1326 audit(1764736281.016:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6095 comm="syz.3.77" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f9167b8df90 code=0x7ffc0000 [ 79.601730][ T28] audit: type=1326 audit(1764736281.016:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6095 comm="syz.3.77" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9167b8f749 code=0x7ffc0000 [ 79.694166][ T28] audit: type=1326 audit(1764736281.016:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6095 comm="syz.3.77" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9167b8f749 code=0x7ffc0000 [ 79.721608][ T28] audit: type=1326 audit(1764736281.026:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6095 comm="syz.3.77" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f9167b8f749 code=0x7ffc0000 [ 79.743863][ T6109] capability: warning: `syz.2.81' uses deprecated v2 capabilities in a way that may be insecure [ 79.769670][ T28] audit: type=1326 audit(1764736281.026:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6095 comm="syz.3.77" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9167b8f749 code=0x7ffc0000 [ 79.853539][ T6112] loop2: detected capacity change from 0 to 256 [ 79.860859][ T28] audit: type=1326 audit(1764736281.026:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6095 comm="syz.3.77" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9167b8f749 code=0x7ffc0000 [ 79.957841][ T28] audit: type=1326 audit(1764736281.026:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6095 comm="syz.3.77" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f9167b8f749 code=0x7ffc0000 [ 80.317592][ T6120] netlink: 'syz.3.88': attribute type 8 has an invalid length. [ 81.057615][ T6125] loop2: detected capacity change from 0 to 128 [ 81.904678][ T27] cfg80211: failed to load regulatory.db [ 82.807927][ T6153] netlink: 'syz.1.97': attribute type 4 has an invalid length. [ 83.137764][ T6162] netlink: 4 bytes leftover after parsing attributes in process `syz.1.101'. [ 83.412058][ T6170] loop0: detected capacity change from 0 to 128 [ 83.508028][ T6172] loop2: detected capacity change from 0 to 164 [ 83.573108][ T6172] Unable to read rock-ridge attributes [ 83.793951][ T6170] syz.0.104: attempt to access beyond end of device [ 83.793951][ T6170] loop0: rw=2049, sector=169, nr_sectors = 872 limit=128 [ 83.850691][ T6162] team0 (unregistering): Port device team_slave_0 removed [ 83.884564][ T6162] team0 (unregistering): Port device team_slave_1 removed [ 84.011580][ T5823] IPVS: starting estimator thread 0... [ 84.120291][ T6184] IPVS: using max 20 ests per chain, 48000 per kthread [ 84.254837][ T6188] loop0: detected capacity change from 0 to 128 [ 84.365067][ T6193] syz.0.112: attempt to access beyond end of device [ 84.365067][ T6193] loop0: rw=2049, sector=145, nr_sectors = 544 limit=128 [ 84.494135][ T3498] kworker/u4:10: attempt to access beyond end of device [ 84.494135][ T3498] loop0: rw=1, sector=689, nr_sectors = 352 limit=128 [ 84.701392][ T28] kauditd_printk_skb: 21 callbacks suppressed [ 84.701405][ T28] audit: type=1326 audit(1764736286.356:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6204 comm="syz.1.120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb64d8f749 code=0x7ffc0000 [ 84.755058][ T28] audit: type=1326 audit(1764736286.356:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6204 comm="syz.1.120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb64d8f749 code=0x7ffc0000 [ 84.778723][ T28] audit: type=1326 audit(1764736286.366:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6204 comm="syz.1.120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7fdb64d8f749 code=0x7ffc0000 [ 84.867863][ T28] audit: type=1326 audit(1764736286.366:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6204 comm="syz.1.120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb64d8f749 code=0x7ffc0000 [ 84.933623][ T6209] loop3: detected capacity change from 0 to 1024 [ 84.947177][ T28] audit: type=1326 audit(1764736286.366:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6204 comm="syz.1.120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb64d8f749 code=0x7ffc0000 [ 85.037307][ T6209] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 85.039829][ T28] audit: type=1326 audit(1764736286.366:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6204 comm="syz.1.120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7fdb64d8f749 code=0x7ffc0000 [ 85.072910][ T28] audit: type=1326 audit(1764736286.366:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6204 comm="syz.1.120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb64d8f749 code=0x7ffc0000 [ 85.095602][ T28] audit: type=1326 audit(1764736286.366:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6204 comm="syz.1.120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=161 compat=0 ip=0x7fdb64d8f749 code=0x7ffc0000 [ 85.117973][ T28] audit: type=1326 audit(1764736286.366:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6204 comm="syz.1.120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb64d8f749 code=0x7ffc0000 [ 85.140793][ T28] audit: type=1326 audit(1764736286.366:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6204 comm="syz.1.120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7fdb64d8f749 code=0x7ffc0000 [ 85.233439][ T6208] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 86.144084][ T6268] loop1: detected capacity change from 0 to 128 [ 86.187837][ T6269] loop2: detected capacity change from 0 to 128 [ 86.372540][ T6268] syz.1.148: attempt to access beyond end of device [ 86.372540][ T6268] loop1: rw=2049, sector=169, nr_sectors = 872 limit=128 [ 86.651877][ T6275] netlink: 12 bytes leftover after parsing attributes in process `syz.3.149'. [ 87.056738][ T6275] : entered promiscuous mode [ 87.166051][ T6281] xt_hashlimit: max too large, truncated to 1048576 [ 87.703357][ T6306] loop2: detected capacity change from 0 to 764 [ 87.717566][ T6304] loop0: detected capacity change from 0 to 164 [ 87.739973][ T6306] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 87.759030][ T6304] Unable to read rock-ridge attributes [ 88.615161][ T6316] loop2: detected capacity change from 0 to 128 [ 88.882890][ T6316] syz.2.162: attempt to access beyond end of device [ 88.882890][ T6316] loop2: rw=2049, sector=169, nr_sectors = 872 limit=128 [ 88.979039][ T6324] loop1: detected capacity change from 0 to 128 [ 88.995969][ T6326] loop0: detected capacity change from 0 to 128 [ 89.191619][ T6326] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 89.239687][ T6326] ext4 filesystem being mounted at /45/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 89.909390][ T5787] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 90.106662][ T6344] netlink: 8 bytes leftover after parsing attributes in process `syz.0.171'. [ 90.250296][ T6348] loop1: detected capacity change from 0 to 164 [ 90.283781][ T6348] Unable to read rock-ridge attributes [ 90.445040][ T6356] netlink: 4 bytes leftover after parsing attributes in process `syz.2.179'. [ 91.804487][ T6375] loop0: detected capacity change from 0 to 256 [ 92.182651][ T6390] loop1: detected capacity change from 0 to 128 [ 92.308743][ T6398] loop0: detected capacity change from 0 to 512 [ 92.351400][ T6398] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem [ 92.423275][ T6398] EXT4-fs (loop0): invalid journal inode [ 92.462760][ T6398] EXT4-fs (loop0): can't get journal size [ 92.702239][ T6398] EXT4-fs (loop0): 1 truncate cleaned up [ 92.892595][ T6398] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 93.121558][ T6395] ip6t_srh: unknown srh match flags 4000 [ 93.206458][ T6395] EXT4-fs warning (device loop0): verify_group_input:151: Cannot add at group 1073741833 (only 1 groups) [ 93.378995][ T5787] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 93.386889][ T6415] program syz.2.200 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 93.701816][ T6426] loop1: detected capacity change from 0 to 128 [ 95.039376][ T6443] loop1: detected capacity change from 0 to 8192 [ 95.039467][ T6450] loop0: detected capacity change from 0 to 2048 [ 95.066942][ T6443] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 95.115000][ T28] kauditd_printk_skb: 56 callbacks suppressed [ 95.115013][ T28] audit: type=1800 audit(1764736296.766:154): pid=6443 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.210" name="file1" dev="loop1" ino=1048599 res=0 errno=0 [ 95.168207][ T5928] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 95.337688][ T6458] loop2: detected capacity change from 0 to 128 [ 95.585933][ T6464] loop0: detected capacity change from 0 to 2048 [ 96.035488][ T6464] loop0: p2 < > p4 [ 96.235487][ T6464] loop0: p4 size 262144 extends beyond EOD, truncated [ 97.016270][ T6497] loop1: detected capacity change from 0 to 128 [ 97.164105][ T6499] loop2: detected capacity change from 0 to 1024 [ 97.275946][ T6499] EXT4-fs (loop2): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 97.666254][ T6499] ext4 filesystem being mounted at /45/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 97.872854][ T6499] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 97.984621][ T6508] mmap: syz.0.235 (6508) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 98.542079][ T6527] loop0: detected capacity change from 0 to 128 [ 98.600408][ T6529] loop1: detected capacity change from 0 to 128 [ 99.227347][ T28] audit: type=1326 audit(1764736300.876:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6531 comm="syz.0.246" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a5db8f749 code=0x7ffc0000 [ 99.435908][ T6538] atomic_op ffff88807afca198 conn xmit_atomic 0000000000000000 [ 99.480582][ T28] audit: type=1326 audit(1764736300.916:156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6531 comm="syz.0.246" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a5db8f749 code=0x7ffc0000 [ 99.534956][ T28] audit: type=1326 audit(1764736300.916:157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6531 comm="syz.0.246" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a5db8f749 code=0x7ffc0000 [ 99.557974][ T28] audit: type=1326 audit(1764736300.936:158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6531 comm="syz.0.246" exe="/root/syz-executor" sig=0 arch=c000003e syscall=268 compat=0 ip=0x7f9a5db8f749 code=0x7ffc0000 [ 99.581830][ T28] audit: type=1326 audit(1764736300.936:159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6531 comm="syz.0.246" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a5db8f749 code=0x7ffc0000 [ 99.605060][ T28] audit: type=1326 audit(1764736300.976:160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6531 comm="syz.0.246" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a5db8f749 code=0x7ffc0000 [ 99.666428][ T28] audit: type=1326 audit(1764736300.976:161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6531 comm="syz.0.246" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a5db8f749 code=0x7ffc0000 [ 99.733027][ T28] audit: type=1326 audit(1764736300.976:162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6531 comm="syz.0.246" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a5db8f749 code=0x7ffc0000 [ 99.818596][ T28] audit: type=1326 audit(1764736301.006:163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6531 comm="syz.0.246" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a5db8f749 code=0x7ffc0000 [ 99.899390][ T6551] loop1: detected capacity change from 0 to 128 [ 100.175895][ T28] kauditd_printk_skb: 15 callbacks suppressed [ 100.175909][ T28] audit: type=1326 audit(1764736301.826:179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6561 comm="syz.3.261" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9167b8f749 code=0x7ffc0000 [ 100.246166][ T6562] loop1: detected capacity change from 0 to 128 [ 100.257803][ T28] audit: type=1326 audit(1764736301.826:180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6561 comm="syz.3.261" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9167b8f749 code=0x7ffc0000 [ 100.336198][ T28] audit: type=1326 audit(1764736301.836:181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6561 comm="syz.3.261" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9167b8f749 code=0x7ffc0000 [ 100.396017][ T28] audit: type=1326 audit(1764736301.856:182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6561 comm="syz.3.261" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9167b8f749 code=0x7ffc0000 [ 100.493606][ T28] audit: type=1326 audit(1764736301.856:183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6561 comm="syz.3.261" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9167b8f749 code=0x7ffc0000 [ 100.517024][ T28] audit: type=1326 audit(1764736301.856:184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6561 comm="syz.3.261" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9167b8f749 code=0x7ffc0000 [ 100.540312][ T28] audit: type=1326 audit(1764736301.856:185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6561 comm="syz.3.261" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9167b8f749 code=0x7ffc0000 [ 100.563395][ T28] audit: type=1326 audit(1764736301.876:186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6561 comm="syz.3.261" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9167b8f749 code=0x7ffc0000 [ 100.585751][ T28] audit: type=1326 audit(1764736301.876:187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6561 comm="syz.3.261" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9167b8f749 code=0x7ffc0000 [ 100.869303][ T28] audit: type=1326 audit(1764736301.876:188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6561 comm="syz.3.261" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9167b8f749 code=0x7ffc0000 [ 101.287850][ T6579] loop0: detected capacity change from 0 to 128 [ 101.397047][ T6585] netlink: 'syz.2.269': attribute type 13 has an invalid length. [ 102.102647][ T6614] loop1: detected capacity change from 0 to 128 [ 102.111108][ T6585] bridge0: port 2(bridge_slave_1) entered disabled state [ 102.120080][ T6585] bridge0: port 1(bridge_slave_0) entered disabled state [ 102.522559][ T6585] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 102.565426][ T6585] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 102.791945][ T6585] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 102.805628][ T6585] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 102.814889][ T6585] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 102.823826][ T6585] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 102.934747][ T6615] netlink: 'syz.0.280': attribute type 1 has an invalid length. [ 102.979913][ T6615] 8021q: adding VLAN 0 to HW filter on device bond1 [ 102.992656][ T6616] bond1: entered allmulticast mode [ 103.427522][ T6636] netlink: 8 bytes leftover after parsing attributes in process `syz.0.283'. [ 105.009694][ T6646] loop1: detected capacity change from 0 to 128 [ 105.406122][ T6666] loop2: detected capacity change from 0 to 128 [ 105.633405][ T5869] IPVS: starting estimator thread 0... [ 105.743603][ T6672] IPVS: using max 19 ests per chain, 45600 per kthread [ 106.396031][ T6678] loop1: detected capacity change from 0 to 128 [ 106.445592][ T6662] syz.0.296: vmalloc error: size 268439552, failed to allocated page array size 524296, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=syz0,mems_allowed=0-1 [ 106.464989][ T6662] CPU: 1 PID: 6662 Comm: syz.0.296 Not tainted syzkaller #0 [ 106.472573][ T6662] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 106.482654][ T6662] Call Trace: [ 106.485953][ T6662] [ 106.488921][ T6662] dump_stack_lvl+0x16c/0x230 [ 106.493644][ T6662] ? show_regs_print_info+0x20/0x20 [ 106.498959][ T6662] ? load_image+0x3b0/0x3b0 [ 106.503556][ T6662] ? cpuset_print_current_mems_allowed+0x1f/0x360 [ 106.509970][ T6662] ? cpuset_print_current_mems_allowed+0x2e3/0x360 [ 106.516477][ T6662] warn_alloc+0x210/0x300 [ 106.520824][ T6662] ? zone_watermark_ok_safe+0x230/0x230 [ 106.526379][ T6662] ? _raw_spin_unlock+0x28/0x40 [ 106.531266][ T6662] ? xsk_init_queue+0xb0/0x110 [ 106.536053][ T6662] __vmalloc_node_range+0x662/0x1320 [ 106.541368][ T6662] ? free_vm_area+0x50/0x50 [ 106.545881][ T6662] vmalloc_user+0x74/0x80 [ 106.550207][ T6662] ? xskq_create+0xbf/0x170 [ 106.554732][ T6662] xskq_create+0xbf/0x170 [ 106.559066][ T6662] xsk_init_queue+0xb0/0x110 [ 106.563659][ T6662] xsk_setsockopt+0x4db/0x6f0 [ 106.568335][ T6662] ? xsk_poll+0x670/0x670 [ 106.572664][ T6662] ? __fget_files+0x28/0x4d0 [ 106.577258][ T6662] ? aa_sock_opt_perm+0x74/0x100 [ 106.582199][ T6662] ? bpf_lsm_socket_setsockopt+0x9/0x10 [ 106.587756][ T6662] ? security_socket_setsockopt+0x7e/0xa0 [ 106.593468][ T6662] ? xsk_poll+0x670/0x670 [ 106.597798][ T6662] do_sock_setsockopt+0x175/0x1a0 [ 106.602830][ T6662] ? __fdget+0x180/0x210 [ 106.607074][ T6662] __x64_sys_setsockopt+0x184/0x200 [ 106.612359][ T6662] do_syscall_64+0x55/0xb0 [ 106.616776][ T6662] ? clear_bhb_loop+0x40/0x90 [ 106.621451][ T6662] ? clear_bhb_loop+0x40/0x90 [ 106.626125][ T6662] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 106.632022][ T6662] RIP: 0033:0x7f9a5db8f749 [ 106.636448][ T6662] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 106.656062][ T6662] RSP: 002b:00007f9a5eb04038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 106.664494][ T6662] RAX: ffffffffffffffda RBX: 00007f9a5dde5fa0 RCX: 00007f9a5db8f749 [ 106.672475][ T6662] RDX: 0000000000000002 RSI: 000000000000011b RDI: 0000000000000005 [ 106.680444][ T6662] RBP: 00007f9a5dc13f91 R08: 0000000000000004 R09: 0000000000000000 [ 106.688417][ T6662] R10: 00002000000004c0 R11: 0000000000000246 R12: 0000000000000000 [ 106.696402][ T6662] R13: 00007f9a5dde6038 R14: 00007f9a5dde5fa0 R15: 00007fff96013548 [ 106.704411][ T6662] [ 106.733747][ T6662] Mem-Info: [ 106.737201][ T6662] active_anon:5512 inactive_anon:0 isolated_anon:0 [ 106.737201][ T6662] active_file:10807 inactive_file:39892 isolated_file:0 [ 106.737201][ T6662] unevictable:768 dirty:81 writeback:0 [ 106.737201][ T6662] slab_reclaimable:10035 slab_unreclaimable:107858 [ 106.737201][ T6662] mapped:24271 shmem:1376 pagetables:553 [ 106.737201][ T6662] sec_pagetables:0 bounce:0 [ 106.737201][ T6662] kernel_misc_reclaimable:0 [ 106.737201][ T6662] free:1328611 free_pcp:10600 free_cma:0 [ 106.793178][ T6662] Node 0 active_anon:22048kB inactive_anon:0kB active_file:43228kB inactive_file:159368kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:97084kB dirty:324kB writeback:0kB shmem:3968kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11544kB pagetables:2312kB sec_pagetables:0kB all_unreclaimable? no [ 106.933064][ T6662] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no [ 106.984514][ T6662] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 107.019882][ T6662] lowmem_reserve[]: 0 2525 2526 2526 2526 [ 107.025840][ T6662] Node 0 DMA32 free:1407720kB boost:0kB min:34676kB low:43344kB high:52012kB reserved_highatomic:0KB active_anon:21804kB inactive_anon:0kB active_file:43228kB inactive_file:158036kB unevictable:1536kB writepending:324kB present:3129332kB managed:2589596kB mlocked:0kB bounce:0kB free_pcp:16324kB local_pcp:13236kB free_cma:0kB [ 107.089398][ T6662] lowmem_reserve[]: 0 0 1 1 1 [ 107.094192][ T6662] Node 0 Normal free:4kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB active_anon:44kB inactive_anon:0kB active_file:0kB inactive_file:1332kB unevictable:0kB writepending:0kB present:1048576kB managed:1384kB mlocked:0kB bounce:0kB free_pcp:4kB local_pcp:4kB free_cma:0kB [ 107.143151][ T6662] lowmem_reserve[]: 0 0 0 0 0 [ 107.152902][ T6662] Node 1 Normal free:3890688kB boost:0kB min:55208kB low:69008kB high:82808kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB writepending:0kB present:4194304kB managed:4117312kB mlocked:0kB bounce:0kB free_pcp:26776kB local_pcp:10528kB free_cma:0kB [ 107.193908][ T6662] lowmem_reserve[]: 0 0 0 0 0 [ 107.216485][ T6662] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 107.236479][ T6662] Node 0 DMA32: 664*4kB (ME) 693*8kB (UME) 202*16kB (ME) 178*32kB (ME) 282*64kB (UME) 57*128kB (UME) 29*256kB (UM) 14*512kB (UM) 11*1024kB (ME) 8*2048kB (ME) 323*4096kB (M) = 1407720kB [ 107.305949][ T6662] Node 0 Normal: 1*4kB (M) 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 4kB [ 107.348815][ T6701] loop1: detected capacity change from 0 to 128 [ 107.365660][ T6662] Node 1 Normal: 182*4kB (UME) 51*8kB (UME) 47*16kB (UME) 59*32kB (UME) 21*64kB (UME) 6*128kB (UME) 3*256kB (UME) 2*512kB (UE) 0*1024kB 2*2048kB (UE) 947*4096kB (M) = 3890688kB [ 107.419405][ T6662] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 107.448131][ T6662] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB [ 107.457878][ T6662] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 107.467797][ T6662] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 107.535489][ T6662] 52098 total pagecache pages [ 107.549812][ T6662] 0 pages in swap cache [ 107.554028][ T6662] Free swap = 124996kB [ 107.570891][ T6662] Total swap = 124996kB [ 107.575110][ T6662] 2097051 pages RAM [ 107.584004][ T6662] 0 pages HighMem/MovableOnly [ 107.591293][ T6662] 416138 pages reserved [ 107.606584][ T6662] 0 pages cma reserved [ 108.088167][ T6725] loop0: detected capacity change from 0 to 1024 [ 108.100906][ T6728] loop1: detected capacity change from 0 to 128 [ 108.141058][ T6725] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 108.170440][ T6725] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 108.900331][ T6762] loop0: detected capacity change from 0 to 1024 [ 108.924275][ T6762] EXT4-fs: Ignoring removed orlov option [ 108.968402][ T6762] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 109.023510][ T6762] EXT4-fs (loop0): Online resizing not supported with bigalloc [ 109.093191][ T5787] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 109.235134][ T28] kauditd_printk_skb: 376 callbacks suppressed [ 109.235147][ T28] audit: type=1326 audit(1764736310.886:565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6773 comm="syz.3.348" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9167b8f749 code=0x7ffc0000 [ 109.310695][ T28] audit: type=1326 audit(1764736310.886:566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6773 comm="syz.3.348" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f9167b8f749 code=0x7ffc0000 [ 109.390895][ T28] audit: type=1326 audit(1764736310.886:567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6773 comm="syz.3.348" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9167b8f749 code=0x7ffc0000 [ 109.434691][ T28] audit: type=1326 audit(1764736310.886:568): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6773 comm="syz.3.348" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9167b8f749 code=0x7ffc0000 [ 109.476628][ T28] audit: type=1326 audit(1764736310.926:569): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6773 comm="syz.3.348" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7f9167b8f749 code=0x7ffc0000 [ 109.515111][ T28] audit: type=1326 audit(1764736310.926:570): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6773 comm="syz.3.348" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9167b8f749 code=0x7ffc0000 [ 109.576503][ T28] audit: type=1326 audit(1764736310.926:571): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6773 comm="syz.3.348" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9167b8f749 code=0x7ffc0000 [ 109.636182][ T28] audit: type=1326 audit(1764736310.926:572): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6773 comm="syz.3.348" exe="/root/syz-executor" sig=0 arch=c000003e syscall=241 compat=0 ip=0x7f9167b8f749 code=0x7ffc0000 [ 109.683993][ T28] audit: type=1326 audit(1764736310.926:573): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6773 comm="syz.3.348" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9167b8f749 code=0x7ffc0000 [ 109.710289][ T28] audit: type=1326 audit(1764736310.926:574): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6773 comm="syz.3.348" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f9167b8f749 code=0x7ffc0000 [ 109.995451][ T167] Bluetooth: hci4: Frame reassembly failed (-84) [ 110.050752][ T167] Bluetooth: hci4: Frame reassembly failed (-84) [ 110.343272][ T6817] loop1: detected capacity change from 0 to 2048 [ 110.414774][ T5775] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 110.655092][ T6827] loop1: detected capacity change from 0 to 2048 [ 110.734577][ T6831] netlink: 164 bytes leftover after parsing attributes in process `syz.0.372'. [ 110.734780][ T6827] loop1: p2 < > p4 [ 110.782278][ T6827] loop1: p4 size 262144 extends beyond EOD, truncated [ 111.366896][ T6852] loop1: detected capacity change from 0 to 128 [ 112.046500][ T5784] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 112.053993][ T5792] Bluetooth: hci4: command 0x1003 tx timeout [ 113.402304][ T6878] netlink: 4 bytes leftover after parsing attributes in process `syz.2.392'. [ 113.598647][ T6888] loop1: detected capacity change from 0 to 128 [ 113.671004][ T6892] loop0: detected capacity change from 0 to 512 [ 113.679607][ T6892] ext4: Unknown parameter 'seclabel' [ 113.806925][ T5777] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 114.581600][ T6902] bridge: RTM_NEWNEIGH with invalid ether address [ 114.714102][ T6907] netlink: 7 bytes leftover after parsing attributes in process `syz.1.404'. [ 114.742549][ T6907] netlink: 76 bytes leftover after parsing attributes in process `syz.1.404'. [ 114.909933][ T28] kauditd_printk_skb: 38 callbacks suppressed [ 114.909947][ T28] audit: type=1326 audit(1764736316.566:613): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6914 comm="syz.1.411" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb64d8f749 code=0x7ffc0000 [ 114.965322][ T28] audit: type=1326 audit(1764736316.566:614): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6914 comm="syz.1.411" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb64d8f749 code=0x7ffc0000 [ 114.995390][ T28] audit: type=1326 audit(1764736316.576:615): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6914 comm="syz.1.411" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdb64d8f749 code=0x7ffc0000 [ 115.023175][ T28] audit: type=1326 audit(1764736316.576:616): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6914 comm="syz.1.411" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb64d8f749 code=0x7ffc0000 [ 115.055283][ T6921] loop0: detected capacity change from 0 to 128 [ 115.119889][ T28] audit: type=1326 audit(1764736316.576:617): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6914 comm="syz.1.411" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb64d8f749 code=0x7ffc0000 [ 115.178745][ T28] audit: type=1326 audit(1764736316.576:618): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6914 comm="syz.1.411" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdb64d8f749 code=0x7ffc0000 [ 115.319068][ T28] audit: type=1326 audit(1764736316.616:619): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6914 comm="syz.1.411" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb64d8f749 code=0x7ffc0000 [ 115.367508][ T28] audit: type=1326 audit(1764736316.646:620): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6914 comm="syz.1.411" exe="/root/syz-executor" sig=0 arch=c000003e syscall=76 compat=0 ip=0x7fdb64d8f749 code=0x7ffc0000 [ 115.390636][ T28] audit: type=1326 audit(1764736316.646:621): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6914 comm="syz.1.411" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb64d8f749 code=0x7ffc0000 [ 116.748773][ T6958] syz.0.428[6958] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 116.748919][ T6958] syz.0.428[6958] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 117.434136][ T6967] syz.2.429[6967] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 117.463025][ T6967] syz.2.429[6967] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 117.592590][ T6958] usb usb6: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 117.715142][ T6973] loop0: detected capacity change from 0 to 512 [ 117.729988][ T6973] EXT4-fs: inline encryption not supported [ 117.746185][ T6973] EXT4-fs (loop0): failed to initialize system zone (-117) [ 117.773599][ T6973] EXT4-fs (loop0): mount failed [ 118.059295][ T6986] loop1: detected capacity change from 0 to 128 [ 118.065705][ T28] audit: type=1326 audit(1764736319.696:622): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6982 comm="syz.3.438" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9167b8f749 code=0x7ffc0000 [ 118.949064][ T6995] netlink: 'syz.2.442': attribute type 12 has an invalid length. [ 119.150436][ T7001] syz.3.445[7001] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 119.150562][ T7001] syz.3.445[7001] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 119.538597][ T7017] loop0: detected capacity change from 0 to 128 [ 120.446884][ T7019] syz.3.453: vmalloc error: size 268439552, failed to allocated page array size 524296, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=syz3,mems_allowed=0-1 [ 120.465492][ T7019] CPU: 0 PID: 7019 Comm: syz.3.453 Not tainted syzkaller #0 [ 120.472810][ T7019] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 120.482902][ T7019] Call Trace: [ 120.486202][ T7019] [ 120.489163][ T7019] dump_stack_lvl+0x16c/0x230 [ 120.493898][ T7019] ? show_regs_print_info+0x20/0x20 [ 120.499147][ T7019] ? load_image+0x3b0/0x3b0 [ 120.503686][ T7019] ? cpuset_print_current_mems_allowed+0x1f/0x360 [ 120.510133][ T7019] ? cpuset_print_current_mems_allowed+0x2e3/0x360 [ 120.516708][ T7019] warn_alloc+0x210/0x300 [ 120.521198][ T7019] ? zone_watermark_ok_safe+0x230/0x230 [ 120.526786][ T7019] ? _raw_spin_unlock+0x28/0x40 [ 120.531681][ T7019] ? xsk_init_queue+0xb0/0x110 [ 120.536444][ T7019] __vmalloc_node_range+0x662/0x1320 [ 120.541779][ T7019] ? free_vm_area+0x50/0x50 [ 120.546288][ T7019] vmalloc_user+0x74/0x80 [ 120.550730][ T7019] ? xskq_create+0xbf/0x170 [ 120.555232][ T7019] xskq_create+0xbf/0x170 [ 120.559562][ T7019] xsk_init_queue+0xb0/0x110 [ 120.564166][ T7019] xsk_setsockopt+0x4db/0x6f0 [ 120.568843][ T7019] ? xsk_poll+0x670/0x670 [ 120.573173][ T7019] ? __fget_files+0x28/0x4d0 [ 120.577761][ T7019] ? aa_sock_opt_perm+0x74/0x100 [ 120.582704][ T7019] ? bpf_lsm_socket_setsockopt+0x9/0x10 [ 120.588255][ T7019] ? security_socket_setsockopt+0x7e/0xa0 [ 120.593983][ T7019] ? xsk_poll+0x670/0x670 [ 120.598327][ T7019] do_sock_setsockopt+0x175/0x1a0 [ 120.603360][ T7019] ? __fdget+0x180/0x210 [ 120.607609][ T7019] __x64_sys_setsockopt+0x184/0x200 [ 120.612818][ T7019] do_syscall_64+0x55/0xb0 [ 120.617331][ T7019] ? clear_bhb_loop+0x40/0x90 [ 120.622014][ T7019] ? clear_bhb_loop+0x40/0x90 [ 120.626699][ T7019] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 120.632602][ T7019] RIP: 0033:0x7f9167b8f749 [ 120.637029][ T7019] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 120.656640][ T7019] RSP: 002b:00007f9168985038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 120.665066][ T7019] RAX: ffffffffffffffda RBX: 00007f9167de5fa0 RCX: 00007f9167b8f749 [ 120.673084][ T7019] RDX: 0000000000000002 RSI: 000000000000011b RDI: 0000000000000004 [ 120.681065][ T7019] RBP: 00007f9167c13f91 R08: 0000000000000004 R09: 0000000000000000 [ 120.689050][ T7019] R10: 0000200000000200 R11: 0000000000000246 R12: 0000000000000000 [ 120.697058][ T7019] R13: 00007f9167de6038 R14: 00007f9167de5fa0 R15: 00007ffc28bcd9e8 [ 120.705044][ T7019] [ 120.726471][ T7019] Mem-Info: [ 120.729743][ T7019] active_anon:5492 inactive_anon:0 isolated_anon:0 [ 120.729743][ T7019] active_file:10824 inactive_file:39898 isolated_file:0 [ 120.729743][ T7019] unevictable:768 dirty:139 writeback:0 [ 120.729743][ T7019] slab_reclaimable:10142 slab_unreclaimable:108757 [ 120.729743][ T7019] mapped:24310 shmem:1371 pagetables:571 [ 120.729743][ T7019] sec_pagetables:0 bounce:0 [ 120.729743][ T7019] kernel_misc_reclaimable:0 [ 120.729743][ T7019] free:1327643 free_pcp:10266 free_cma:0 [ 120.804780][ T7019] Node 0 active_anon:21968kB inactive_anon:0kB active_file:43296kB inactive_file:159392kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:97240kB dirty:556kB writeback:0kB shmem:3948kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11420kB pagetables:2284kB sec_pagetables:0kB all_unreclaimable? no [ 120.884856][ T7019] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no [ 120.988115][ T7019] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 121.077528][ T7019] lowmem_reserve[]: 0 2525 2526 2526 2526 [ 121.098846][ T7019] Node 0 DMA32 free:1403764kB boost:0kB min:34676kB low:43344kB high:52012kB reserved_highatomic:0KB active_anon:21884kB inactive_anon:0kB active_file:43296kB inactive_file:158040kB unevictable:1536kB writepending:548kB present:3129332kB managed:2589596kB mlocked:0kB bounce:0kB free_pcp:15760kB local_pcp:1864kB free_cma:0kB [ 121.149302][ T7019] lowmem_reserve[]: 0 0 1 1 1 [ 121.154189][ T7019] Node 0 Normal free:4kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB active_anon:44kB inactive_anon:0kB active_file:0kB inactive_file:1332kB unevictable:0kB writepending:0kB present:1048576kB managed:1384kB mlocked:0kB bounce:0kB free_pcp:4kB local_pcp:4kB free_cma:0kB [ 121.197814][ T7019] lowmem_reserve[]: 0 0 0 0 0 [ 121.202609][ T7019] Node 1 Normal free:3890688kB boost:0kB min:55208kB low:69008kB high:82808kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB writepending:0kB present:4194304kB managed:4117312kB mlocked:0kB bounce:0kB free_pcp:26808kB local_pcp:10528kB free_cma:0kB [ 121.271193][ T7019] lowmem_reserve[]: 0 0 0 0 0 [ 121.282242][ T7019] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 121.300534][ T7019] Node 0 DMA32: 875*4kB (UME) 679*8kB (UME) 523*16kB (UME) 195*32kB (ME) 124*64kB (ME) 43*128kB (ME) 25*256kB (UM) 11*512kB (UM) 9*1024kB (ME) 9*2048kB (ME) 324*4096kB (UM) = 1403764kB [ 121.371156][ T7019] Node 0 Normal: 1*4kB (M) 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 4kB [ 121.398901][ T7019] Node 1 Normal: 182*4kB (UME) 51*8kB (UME) 47*16kB (UME) 59*32kB (UME) 21*64kB (UME) 6*128kB (UME) 3*256kB (UME) 2*512kB (UE) 0*1024kB 2*2048kB (UE) 947*4096kB (M) = 3890688kB [ 121.428301][ T7019] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 121.436202][ T7050] loop1: detected capacity change from 0 to 128 [ 121.438062][ T7019] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB [ 121.438122][ T7019] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 121.438137][ T7019] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 121.438151][ T7019] 54927 total pagecache pages [ 121.438172][ T7019] 0 pages in swap cache [ 121.438180][ T7019] Free swap = 124996kB [ 121.438187][ T7019] Total swap = 124996kB [ 121.438196][ T7019] 2097051 pages RAM [ 121.438203][ T7019] 0 pages HighMem/MovableOnly [ 121.438209][ T7019] 416138 pages reserved [ 121.438216][ T7019] 0 pages cma reserved [ 122.831357][ T7086] loop0: detected capacity change from 0 to 128 [ 123.860827][ T7102] netlink: 36 bytes leftover after parsing attributes in process `syz.1.480'. [ 123.997720][ T7106] loop0: detected capacity change from 0 to 2048 [ 124.057408][ T7106] Alternate GPT is invalid, using primary GPT. [ 124.064636][ T7106] loop0: p2 p3 p7 [ 124.215400][ T5928] udevd[5928]: inotify_add_watch(7, /dev/loop0p7, 10) failed: No such file or directory [ 124.229978][ T5775] udevd[5775]: inotify_add_watch(7, /dev/loop0p2, 10) failed: No such file or directory [ 124.240144][ T5777] udevd[5777]: inotify_add_watch(7, /dev/loop0p3, 10) failed: No such file or directory [ 124.633130][ T7124] loop2: detected capacity change from 0 to 128 [ 126.095606][ T7146] loop1: detected capacity change from 0 to 128 [ 127.269272][ T7146] syz.1.495: attempt to access beyond end of device [ 127.269272][ T7146] loop1: rw=2049, sector=145, nr_sectors = 3 limit=128 [ 127.366354][ C0] sched: RT throttling activated [ 128.159565][ T7172] process 'syz.3.503' launched './file1' with NULL argv: empty string added [ 128.290601][ T7175] loop2: detected capacity change from 0 to 164 [ 128.332610][ T7175] Unable to read rock-ridge attributes [ 128.656279][ T28] kauditd_printk_skb: 55 callbacks suppressed [ 128.656293][ T28] audit: type=1326 audit(1764736330.306:678): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7186 comm="syz.3.510" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9167b8f749 code=0x7ffc0000 [ 128.719087][ T28] audit: type=1326 audit(1764736330.306:679): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7186 comm="syz.3.510" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9167b8f749 code=0x7ffc0000 [ 128.771042][ T28] audit: type=1326 audit(1764736330.316:680): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7186 comm="syz.3.510" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f9167b8f749 code=0x7ffc0000 [ 128.987017][ T28] audit: type=1326 audit(1764736330.316:681): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7186 comm="syz.3.510" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9167b8f749 code=0x7ffc0000 [ 129.012812][ T28] audit: type=1326 audit(1764736330.316:682): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7186 comm="syz.3.510" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9167b8f749 code=0x7ffc0000 [ 132.020365][ T7232] loop0: detected capacity change from 0 to 164 [ 132.319510][ T7232] Unable to read rock-ridge attributes [ 133.012384][ T7245] loop0: detected capacity change from 0 to 512 [ 133.052383][ T7245] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 133.065809][ T28] audit: type=1326 audit(1764736334.706:683): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7248 comm="syz.2.528" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0bbb98f749 code=0x7ffc0000 [ 133.074055][ T7249] x_tables: unsorted underflow at hook 3 [ 133.101663][ T1279] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.120684][ T7245] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 133.141932][ T28] audit: type=1326 audit(1764736334.706:684): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7248 comm="syz.2.528" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0bbb98f749 code=0x7ffc0000 [ 133.168974][ T28] audit: type=1326 audit(1764736334.706:685): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7248 comm="syz.2.528" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0bbb98f749 code=0x7ffc0000 [ 133.200016][ T28] audit: type=1326 audit(1764736334.706:686): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7248 comm="syz.2.528" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0bbb98f749 code=0x7ffc0000 [ 133.284334][ T28] audit: type=1326 audit(1764736334.706:687): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7248 comm="syz.2.528" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0bbb98f749 code=0x7ffc0000 [ 133.292448][ T7245] EXT4-fs warning (device loop0): ext4_expand_extra_isize_ea:2872: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 133.338645][ T7245] EXT4-fs (loop0): 1 truncate cleaned up [ 133.345499][ T7245] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 134.402582][ T5787] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 134.430384][ T7261] loop2: detected capacity change from 0 to 128 [ 136.952537][ T7288] loop2: detected capacity change from 0 to 128 [ 141.105097][ T7345] netlink: 12 bytes leftover after parsing attributes in process `syz.2.552'. [ 141.150936][ T7345] : entered promiscuous mode [ 141.945247][ T7375] syz.1.562[7375] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 141.945376][ T7375] syz.1.562[7375] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 142.355714][ T7385] loop1: detected capacity change from 0 to 1024 [ 142.375443][ T28] kauditd_printk_skb: 33 callbacks suppressed [ 142.375455][ T28] audit: type=1326 audit(1764736344.026:721): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7388 comm="syz.3.566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9167b8f749 code=0x7ffc0000 [ 142.392260][ T7385] EXT4-fs: inline encryption not supported [ 142.405488][ T28] audit: type=1326 audit(1764736344.026:722): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7388 comm="syz.3.566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9167b8f749 code=0x7ffc0000 [ 142.440036][ T7385] EXT4-fs: Ignoring removed i_version option [ 142.448493][ T28] audit: type=1326 audit(1764736344.026:723): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7388 comm="syz.3.566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9167b8f749 code=0x7ffc0000 [ 142.472618][ T28] audit: type=1326 audit(1764736344.026:724): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7388 comm="syz.3.566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9167b8f749 code=0x7ffc0000 [ 142.495484][ T28] audit: type=1326 audit(1764736344.026:725): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7388 comm="syz.3.566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9167b8f749 code=0x7ffc0000 [ 142.519958][ T28] audit: type=1326 audit(1764736344.026:726): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7388 comm="syz.3.566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9167b8f749 code=0x7ffc0000 [ 142.548311][ T28] audit: type=1326 audit(1764736344.026:727): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7388 comm="syz.3.566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9167b8f749 code=0x7ffc0000 [ 142.557262][ T7385] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 142.571230][ T28] audit: type=1326 audit(1764736344.026:728): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7388 comm="syz.3.566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9167b8f749 code=0x7ffc0000 [ 142.642523][ T28] audit: type=1326 audit(1764736344.026:730): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7388 comm="syz.3.566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9167b8f749 code=0x7ffc0000 [ 142.668664][ T7385] EXT4-fs error (device loop1): ext4_map_blocks:608: inode #3: block 2: comm syz.1.565: lblock 2 mapped to illegal pblock 2 (length 1) [ 142.697160][ T28] audit: type=1326 audit(1764736344.026:729): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7388 comm="syz.3.566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9167b8f749 code=0x7ffc0000 [ 142.774534][ T7385] EXT4-fs error (device loop1): ext4_map_blocks:608: inode #3: block 48: comm syz.1.565: lblock 0 mapped to illegal pblock 48 (length 1) [ 142.809450][ T7385] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.565: Failed to acquire dquot type 0 [ 142.866983][ T7385] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5916: Corrupt filesystem [ 142.894874][ T7385] EXT4-fs error (device loop1): ext4_evict_inode:252: inode #11: comm syz.1.565: mark_inode_dirty error [ 143.130861][ T7385] EXT4-fs warning (device loop1): ext4_evict_inode:255: couldn't mark inode dirty (err -117) [ 143.241891][ T7385] EXT4-fs (loop1): 1 orphan inode deleted [ 143.420423][ T7385] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 144.165789][ T7410] loop0: detected capacity change from 0 to 164 [ 144.222100][ T7410] Unable to read rock-ridge attributes [ 144.370866][ T12] EXT4-fs error (device loop1): ext4_map_blocks:608: inode #3: block 1: comm kworker/u4:1: lblock 1 mapped to illegal pblock 1 (length 1) [ 144.441219][ T12] EXT4-fs error (device loop1): ext4_release_dquot:6969: comm kworker/u4:1: Failed to release dquot type 0 [ 145.157739][ T7385] netlink: 32 bytes leftover after parsing attributes in process `syz.1.565'. [ 145.188845][ T7385] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check. [ 145.201790][ T7404] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 145.318735][ T7385] EXT4-fs (loop1): warning: mounting fs with errors, running e2fsck is recommended [ 145.337755][ T7385] EXT4-fs error (device loop1): ext4_map_blocks:608: inode #3: block 48: comm syz.1.565: lblock 0 mapped to illegal pblock 48 (length 1) [ 145.367025][ T7385] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 r/w. [ 145.580311][ T5782] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 145.819068][ T7445] loop0: detected capacity change from 0 to 164 [ 146.007260][ T7445] Unable to read rock-ridge attributes [ 146.984002][ T7456] loop2: detected capacity change from 0 to 512 [ 147.104537][ T7456] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended [ 147.290375][ T7456] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 147.570483][ T5786] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 147.785923][ T28] kauditd_printk_skb: 136 callbacks suppressed [ 147.785943][ T28] audit: type=1326 audit(1764736349.436:863): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7471 comm="syz.1.591" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb64d8f749 code=0x7ffc0000 [ 147.883972][ T28] audit: type=1326 audit(1764736349.466:864): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7471 comm="syz.1.591" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb64d8f749 code=0x7ffc0000 [ 147.936454][ T28] audit: type=1326 audit(1764736349.486:865): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7471 comm="syz.1.591" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdb64d8f749 code=0x7ffc0000 [ 147.979148][ T7478] loop2: detected capacity change from 0 to 128 [ 148.036814][ T7484] loop1: detected capacity change from 0 to 164 [ 148.063420][ T28] audit: type=1326 audit(1764736349.486:866): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7471 comm="syz.1.591" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb64d8f749 code=0x7ffc0000 [ 148.094784][ T7484] Unable to read rock-ridge attributes [ 148.198899][ T28] audit: type=1326 audit(1764736349.486:867): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7471 comm="syz.1.591" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdb64d8f749 code=0x7ffc0000 [ 148.266127][ T28] audit: type=1326 audit(1764736349.486:868): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7471 comm="syz.1.591" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb64d8f749 code=0x7ffc0000 [ 148.289087][ T28] audit: type=1326 audit(1764736349.486:869): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7471 comm="syz.1.591" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdb64d8f749 code=0x7ffc0000 [ 148.326431][ T28] audit: type=1326 audit(1764736349.486:870): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7471 comm="syz.1.591" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb64d8f749 code=0x7ffc0000 [ 148.527288][ T28] audit: type=1326 audit(1764736349.486:871): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7471 comm="syz.1.591" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb64d8f749 code=0x7ffc0000 [ 148.807339][ T7492] syz.3.599[7492] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 148.807480][ T7492] syz.3.599[7492] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 148.833268][ T28] audit: type=1326 audit(1764736349.486:872): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7471 comm="syz.1.591" exe="/root/syz-executor" sig=0 arch=c000003e syscall=234 compat=0 ip=0x7fdb64d8f749 code=0x7ffc0000 [ 148.991203][ T7495] loop0: detected capacity change from 0 to 128 [ 149.361278][ T7506] loop0: detected capacity change from 0 to 2048 [ 149.803014][ T7506] Alternate GPT is invalid, using primary GPT. [ 150.015562][ T7506] loop0: p2 p3 p7 [ 150.460718][ T5777] udevd[5777]: inotify_add_watch(7, /dev/loop0p3, 10) failed: No such file or directory [ 150.474418][ T5928] udevd[5928]: inotify_add_watch(7, /dev/loop0p7, 10) failed: No such file or directory [ 150.516255][ T5775] udevd[5775]: inotify_add_watch(7, /dev/loop0p2, 10) failed: No such file or directory [ 150.536246][ T7518] loop1: detected capacity change from 0 to 128 [ 150.581612][ T7520] loop0: detected capacity change from 0 to 164 [ 150.828076][ T7520] Unable to read rock-ridge attributes [ 151.700866][ T7525] tipc: Enabling of bearer rejected, failed to enable media [ 152.096786][ T7536] netlink: 8 bytes leftover after parsing attributes in process `syz.1.611'. [ 154.862938][ T7569] syzkaller1: entered promiscuous mode [ 154.899431][ T7569] syzkaller1: entered allmulticast mode [ 156.773693][ T7609] loop2: detected capacity change from 0 to 164 [ 156.824463][ T28] kauditd_printk_skb: 32 callbacks suppressed [ 156.824476][ T28] audit: type=1326 audit(1764736358.476:905): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7581 comm="syz.0.630" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9a5db8f749 code=0x0 [ 156.895620][ T7609] Unable to read rock-ridge attributes [ 157.446966][ T28] audit: type=1326 audit(1764736359.066:907): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7619 comm="syz.0.639" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a5db8f749 code=0x7ffc0000 [ 157.812129][ T28] audit: type=1326 audit(1764736359.076:908): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7619 comm="syz.0.639" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a5db8f749 code=0x7ffc0000 [ 158.322551][ T28] audit: type=1326 audit(1764736359.086:909): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7619 comm="syz.0.639" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a5db8f749 code=0x7ffc0000 [ 158.367362][ T28] audit: type=1326 audit(1764736358.986:906): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7619 comm="syz.0.639" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a5db8f749 code=0x7ffc0000 [ 158.440461][ T28] audit: type=1326 audit(1764736359.166:910): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7619 comm="syz.0.639" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a5db8f749 code=0x7ffc0000 [ 158.563660][ T28] audit: type=1326 audit(1764736359.166:911): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7619 comm="syz.0.639" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9a5db8f749 code=0x7ffc0000 [ 158.696575][ T28] audit: type=1326 audit(1764736359.166:912): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7619 comm="syz.0.639" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f9a5db8f783 code=0x7ffc0000 [ 158.868820][ T28] audit: type=1326 audit(1764736359.196:913): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7619 comm="syz.0.639" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a5db8f749 code=0x7ffc0000 [ 158.923342][ T7628] loop0: detected capacity change from 0 to 128 [ 160.517759][ T28] audit: type=1326 audit(1764736359.196:914): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7619 comm="syz.0.639" exe="/root/syz-executor" sig=0 arch=c000003e syscall=10 compat=0 ip=0x7f9a5db8f807 code=0x7ffc0000 [ 161.188121][ T7649] netlink: 40 bytes leftover after parsing attributes in process `syz.1.651'. [ 161.522196][ T7666] loop1: detected capacity change from 0 to 4096 [ 161.542406][ T7666] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 161.575403][ T7666] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 161.882287][ T5782] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 162.782277][ T7678] loop0: detected capacity change from 0 to 128 [ 164.335754][ T7718] loop2: detected capacity change from 0 to 1024 [ 164.343184][ T7718] EXT4-fs: Ignoring removed bh option [ 164.348666][ T7718] EXT4-fs: Ignoring removed nomblk_io_submit option [ 164.355378][ T7718] ext4: Unknown parameter 'smackfsroot' [ 164.420378][ T7722] netlink: 24 bytes leftover after parsing attributes in process `syz.0.672'. [ 164.431433][ T7722] IPVS: Error connecting to the multicast addr [ 164.436646][ T5777] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 164.523528][ T7722] netlink: 'syz.0.672': attribute type 4 has an invalid length. [ 165.513143][ T7737] loop2: detected capacity change from 0 to 164 [ 165.564417][ T7737] Unable to read rock-ridge attributes [ 165.733510][ T7744] netdevsim netdevsim1: Direct firmware load for ./file0 failed with error -2 [ 165.754638][ T7744] netdevsim netdevsim1: Falling back to sysfs fallback for: ./file0 [ 166.428010][ T7762] loop9: detected capacity change from 0 to 7 [ 166.439996][ C0] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 166.449513][ C0] Buffer I/O error on dev loop9, logical block 0, async page read [ 166.458876][ C0] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 166.468212][ C0] Buffer I/O error on dev loop9, logical block 0, async page read [ 166.479583][ C1] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 166.489038][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 166.498059][ C1] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 166.507216][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 166.515340][ C1] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 166.524544][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 166.533534][ C0] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 166.542826][ C0] Buffer I/O error on dev loop9, logical block 0, async page read [ 166.551765][ C0] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 166.560975][ C0] Buffer I/O error on dev loop9, logical block 0, async page read [ 166.568996][ T7762] ldm_validate_partition_table(): Disk read failed. [ 166.584629][ C0] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 166.593883][ C0] Buffer I/O error on dev loop9, logical block 0, async page read [ 166.602282][ C0] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 166.611492][ C0] Buffer I/O error on dev loop9, logical block 0, async page read [ 166.625320][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 166.633987][ T7762] Dev loop9: unable to read RDB block 0 [ 166.641334][ T7762] loop9: unable to read partition table [ 166.650496][ T7762] loop9: partition table beyond EOD, truncated [ 166.653186][ T7764] loop1: detected capacity change from 0 to 128 [ 166.659210][ T7762] loop_reread_partitions: partition scan of loop9 (被xڬdGݡ [ 166.659210][ T7762] ) failed (rc=-5) [ 167.751365][ T7779] loop2: detected capacity change from 0 to 164 [ 167.825661][ T7779] Unable to read rock-ridge attributes [ 167.915897][ T7787] loop1: detected capacity change from 0 to 1024 [ 167.938269][ T7787] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 167.948718][ T7784] loop0: detected capacity change from 0 to 1024 [ 168.024469][ T7787] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 168.061799][ T7784] __quota_error: 33 callbacks suppressed [ 168.061815][ T7784] Quota error (device loop0): do_check_range: Getting block 64 out of range 1-5 [ 168.137009][ T7784] Quota error (device loop0): qtree_read_dquot: Can't read quota structure for id 0 [ 168.152497][ T7784] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.697: Failed to acquire dquot type 0 [ 168.171929][ T7784] EXT4-fs error (device loop0): mb_free_blocks:1938: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt. [ 168.191184][ T7784] EXT4-fs error (device loop0): ext4_do_update_inode:5244: inode #13: comm syz.0.697: corrupted inode contents [ 168.214247][ T7784] EXT4-fs error (device loop0): ext4_dirty_inode:6120: inode #13: comm syz.0.697: mark_inode_dirty error [ 168.227644][ T7784] EXT4-fs error (device loop0): ext4_do_update_inode:5244: inode #13: comm syz.0.697: corrupted inode contents [ 168.246494][ T7784] EXT4-fs error (device loop0): __ext4_ext_dirty:202: inode #13: comm syz.0.697: mark_inode_dirty error [ 168.260715][ T7784] EXT4-fs error (device loop0): ext4_do_update_inode:5244: inode #13: comm syz.0.697: corrupted inode contents [ 168.278502][ T7784] EXT4-fs error (device loop0) in ext4_orphan_del:301: Corrupt filesystem [ 168.302491][ T5782] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 168.316245][ T7784] EXT4-fs error (device loop0): ext4_do_update_inode:5244: inode #13: comm syz.0.697: corrupted inode contents [ 168.353355][ T7784] EXT4-fs error (device loop0): ext4_truncate:4294: inode #13: comm syz.0.697: mark_inode_dirty error [ 168.383498][ T7784] EXT4-fs error (device loop0) in ext4_process_orphan:343: Corrupt filesystem [ 168.419338][ T7784] EXT4-fs (loop0): 1 truncate cleaned up [ 168.433832][ T7784] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 168.451916][ T7801] loop1: detected capacity change from 0 to 128 [ 168.695458][ T5787] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 169.424590][ T7808] loop0: detected capacity change from 0 to 512 [ 169.433243][ T7808] EXT4-fs: Ignoring removed i_version option [ 169.440314][ T7808] EXT4-fs: Ignoring removed bh option [ 169.529186][ T7808] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 169.592418][ T7808] ext4 filesystem being mounted at /179/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 169.737356][ T28] audit: type=1326 audit(1764736371.386:948): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7821 comm="syz.3.709" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9167b8f749 code=0x7ffc0000 [ 169.784367][ T28] audit: type=1326 audit(1764736371.386:949): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7821 comm="syz.3.709" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9167b8f749 code=0x7ffc0000 [ 169.826444][ T28] audit: type=1326 audit(1764736371.396:950): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7821 comm="syz.3.709" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9167b8f749 code=0x7ffc0000 [ 169.869591][ T28] audit: type=1326 audit(1764736371.396:951): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7821 comm="syz.3.709" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9167b8f749 code=0x7ffc0000 [ 169.902776][ T28] audit: type=1326 audit(1764736371.396:952): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7821 comm="syz.3.709" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f9167b8f749 code=0x7ffc0000 [ 169.925269][ T28] audit: type=1326 audit(1764736371.396:953): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7821 comm="syz.3.709" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9167b8f749 code=0x7ffc0000 [ 169.949234][ T28] audit: type=1326 audit(1764736371.396:954): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7821 comm="syz.3.709" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9167b8f749 code=0x7ffc0000 [ 169.971829][ T28] audit: type=1326 audit(1764736371.396:955): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7821 comm="syz.3.709" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9167b8f749 code=0x7ffc0000 [ 170.072932][ T5787] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 170.223254][ T7828] loop1: detected capacity change from 0 to 128 [ 170.257191][ T7830] loop2: detected capacity change from 0 to 512 [ 170.276908][ T7830] ext4: Unknown parameter 'defcontext' [ 171.339403][ T7852] netlink: 'syz.3.719': attribute type 13 has an invalid length. [ 171.792986][ T7861] syz.1.723[7861] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 171.793117][ T7861] syz.1.723[7861] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 172.221839][ T7863] loop0: detected capacity change from 0 to 512 [ 172.224130][ T7852] bridge0: port 2(bridge_slave_1) entered disabled state [ 172.249334][ T7852] bridge0: port 1(bridge_slave_0) entered disabled state [ 172.284023][ T7863] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 172.349723][ T7863] EXT4-fs (loop0): 1 orphan inode deleted [ 172.409710][ T7863] EXT4-fs (loop0): 1 truncate cleaned up [ 172.431158][ T7863] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 172.499249][ T7863] EXT4-fs error (device loop0): ext4_inlinedir_to_tree:1412: inode #12: block 7: comm syz.0.724: path /184/file0/file0: bad entry in directory: directory entry overrun - offset=788, inode=13, rec_len=784, size=60 fake=0 [ 172.548085][ T7863] EXT4-fs (loop0): Remounting filesystem read-only [ 172.683468][ T5787] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 172.824156][ T7870] loop0: detected capacity change from 0 to 128 [ 173.269974][ T7852] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 173.313123][ T7852] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 173.751743][ T7852] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 173.763793][ T7852] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 173.775617][ T7852] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 173.790379][ T7852] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 174.314811][ T7875] loop1: detected capacity change from 0 to 164 [ 174.355550][ T7875] Unable to read rock-ridge attributes [ 175.021912][ T7830] Set syz1 is full, maxelem 65536 reached [ 175.118024][ T7894] netlink: 52 bytes leftover after parsing attributes in process `syz.1.733'. [ 175.166587][ T7894] netlink: 4 bytes leftover after parsing attributes in process `syz.1.733'. [ 175.223696][ T7894] bridge0: port 1(bridge_slave_0) entered disabled state [ 175.281423][ T28] kauditd_printk_skb: 66 callbacks suppressed [ 175.281435][ T28] audit: type=1326 audit(1764736376.936:1022): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7901 comm="syz.3.737" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9167b8f749 code=0x7ffc0000 [ 175.281588][ T7900] loop2: detected capacity change from 0 to 128 [ 175.310147][ T28] audit: type=1326 audit(1764736376.946:1023): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7901 comm="syz.3.737" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9167b8f749 code=0x7ffc0000 [ 175.310190][ T28] audit: type=1326 audit(1764736376.946:1024): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7901 comm="syz.3.737" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9167b8f749 code=0x7ffc0000 [ 175.310227][ T28] audit: type=1326 audit(1764736376.946:1025): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7901 comm="syz.3.737" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9167b8f749 code=0x7ffc0000 [ 175.310260][ T28] audit: type=1326 audit(1764736376.956:1026): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7901 comm="syz.3.737" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9167b8f749 code=0x7ffc0000 [ 175.460793][ T28] audit: type=1326 audit(1764736377.116:1027): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7901 comm="syz.3.737" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9167b8f749 code=0x7ffc0000 [ 175.564431][ T28] audit: type=1326 audit(1764736377.116:1028): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7901 comm="syz.3.737" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9167b8f749 code=0x7ffc0000 [ 175.598662][ T28] audit: type=1326 audit(1764736377.166:1029): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7901 comm="syz.3.737" exe="/root/syz-executor" sig=0 arch=c000003e syscall=89 compat=0 ip=0x7f9167b8f749 code=0x7ffc0000 [ 175.624672][ T7894] bridge_slave_0 (unregistering): left allmulticast mode [ 175.632192][ T7894] bridge_slave_0 (unregistering): left promiscuous mode [ 175.640978][ T28] audit: type=1326 audit(1764736377.166:1030): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7901 comm="syz.3.737" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9167b8f749 code=0x7ffc0000 [ 175.663619][ T7894] bridge0: port 1(bridge_slave_0) entered disabled state [ 175.664345][ T28] audit: type=1326 audit(1764736377.166:1031): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7901 comm="syz.3.737" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9167b8f749 code=0x7ffc0000 [ 176.324847][ T7923] usb usb5: usbfs: process 7923 (syz.1.747) did not claim interface 0 before use [ 176.657930][ T7945] loop1: detected capacity change from 0 to 512 [ 176.734565][ T7945] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 176.894791][ T5782] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 177.317192][ C1] hrtimer: interrupt took 23296 ns [ 177.425368][ T7972] loop0: detected capacity change from 0 to 164 [ 177.456601][ T7972] Unable to read rock-ridge attributes [ 177.535782][ T7974] loop2: detected capacity change from 0 to 1024 [ 177.700263][ T7974] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 177.863893][ T5786] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 178.109659][ T7988] loop2: detected capacity change from 0 to 512 [ 178.182420][ T7988] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 178.195616][ T7988] ext4 filesystem being mounted at /153/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 178.234109][ T7988] EXT4-fs: Ignoring removed nomblk_io_submit option [ 178.241337][ T7988] EXT4-fs: Cannot change journaled quota options when quota turned on [ 178.319341][ T5786] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 178.439983][ T8000] loop0: detected capacity change from 0 to 128 [ 179.037778][ T8021] loop2: detected capacity change from 0 to 512 [ 180.185699][ T8062] loop2: detected capacity change from 0 to 128 [ 180.409084][ T28] kauditd_printk_skb: 9 callbacks suppressed [ 180.409098][ T28] audit: type=1326 audit(1764736382.066:1041): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8065 comm="syz.0.800" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a5db8f749 code=0x7ffc0000 [ 180.479835][ T28] audit: type=1326 audit(1764736382.066:1042): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8065 comm="syz.0.800" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a5db8f749 code=0x7ffc0000 [ 180.526694][ T28] audit: type=1326 audit(1764736382.066:1043): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8065 comm="syz.0.800" exe="/root/syz-executor" sig=0 arch=c000003e syscall=25 compat=0 ip=0x7f9a5db8f749 code=0x7ffc0000 [ 180.557615][ T28] audit: type=1326 audit(1764736382.066:1044): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8065 comm="syz.0.800" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a5db8f749 code=0x7ffc0000 [ 180.596940][ T28] audit: type=1326 audit(1764736382.066:1045): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8065 comm="syz.0.800" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a5db8f749 code=0x7ffc0000 [ 181.224343][ T8085] loop0: detected capacity change from 0 to 512 [ 181.295197][ T8088] loop2: detected capacity change from 0 to 512 [ 181.316636][ T5928] blk_print_req_error: 10 callbacks suppressed [ 181.316653][ T5928] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 181.454563][ T8088] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 181.516638][ T8088] ext4 filesystem being mounted at /160/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 181.582411][ T8088] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1215: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters [ 181.600277][ T28] audit: type=1800 audit(1764736383.236:1046): pid=8088 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.809" name="file1" dev="loop2" ino=15 res=0 errno=0 [ 181.705030][ T5786] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 181.952073][ T8107] loop2: detected capacity change from 0 to 128 [ 182.416407][ T28] audit: type=1326 audit(1764736384.056:1047): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8114 comm="syz.1.821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb64d8f749 code=0x7ffc0000 [ 182.470918][ T28] audit: type=1326 audit(1764736384.056:1048): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8114 comm="syz.1.821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb64d8f749 code=0x7ffc0000 [ 182.526581][ T28] audit: type=1326 audit(1764736384.056:1049): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8114 comm="syz.1.821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=274 compat=0 ip=0x7fdb64d8f749 code=0x7ffc0000 [ 182.576586][ T28] audit: type=1326 audit(1764736384.056:1050): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8114 comm="syz.1.821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb64d8f749 code=0x7ffc0000 [ 182.837854][ T8117] team0 (unregistering): Port device team_slave_0 removed [ 182.884267][ T8117] team0 (unregistering): Port device team_slave_1 removed [ 183.479079][ T8145] netlink: 12 bytes leftover after parsing attributes in process `syz.2.833'. [ 184.161849][ T8159] loop1: detected capacity change from 0 to 128 [ 185.954937][ T28] kauditd_printk_skb: 18 callbacks suppressed [ 185.954951][ T28] audit: type=1326 audit(1764736387.606:1069): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8171 comm="syz.1.845" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb64d8f749 code=0x7ffc0000 [ 186.004994][ T28] audit: type=1326 audit(1764736387.606:1070): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8171 comm="syz.1.845" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb64d8f749 code=0x7ffc0000 [ 186.035708][ T28] audit: type=1326 audit(1764736387.616:1071): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8171 comm="syz.1.845" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb64d8f749 code=0x7ffc0000 [ 186.196561][ T28] audit: type=1326 audit(1764736387.616:1072): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8171 comm="syz.1.845" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb64d8f749 code=0x7ffc0000 [ 186.245290][ T28] audit: type=1326 audit(1764736387.616:1073): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8171 comm="syz.1.845" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdb64d8f749 code=0x7ffc0000 [ 186.290700][ T28] audit: type=1326 audit(1764736387.616:1074): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8171 comm="syz.1.845" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb64d8f749 code=0x7ffc0000 [ 186.328478][ T28] audit: type=1326 audit(1764736387.616:1075): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8171 comm="syz.1.845" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb64d8f749 code=0x7ffc0000 [ 186.359040][ T28] audit: type=1326 audit(1764736387.616:1076): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8171 comm="syz.1.845" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb64d8f749 code=0x7ffc0000 [ 186.372293][ T8189] loop2: detected capacity change from 0 to 128 [ 186.394230][ T5797] Bluetooth: hci1: command 0x0406 tx timeout [ 186.400542][ T5797] Bluetooth: hci0: command 0x0406 tx timeout [ 186.408383][ T51] Bluetooth: hci3: command 0x0406 tx timeout [ 186.414588][ T51] Bluetooth: hci2: command 0x0406 tx timeout [ 186.468585][ T28] audit: type=1326 audit(1764736387.616:1077): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8171 comm="syz.1.845" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb64d8f749 code=0x7ffc0000 [ 186.491401][ T28] audit: type=1326 audit(1764736387.616:1078): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8171 comm="syz.1.845" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdb64d8f749 code=0x7ffc0000 [ 186.501225][ T8185] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 186.730359][ T8185] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 187.061063][ T8185] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 187.196200][ T8185] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 187.351895][ T8185] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 187.384390][ T8185] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 187.415114][ T8185] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 187.491247][ T8185] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 187.987580][ T8220] netlink: 8 bytes leftover after parsing attributes in process `syz.3.867'. [ 188.503864][ T8241] loop2: detected capacity change from 0 to 512 [ 188.512042][ T8241] EXT4-fs (loop2): external journal device major/minor numbers have changed [ 188.521703][ T8241] EXT4-fs (loop2): failed to open journal device unknown-block(8,3) -6 [ 188.886794][ T8249] loop0: detected capacity change from 0 to 512 [ 191.207911][ T28] kauditd_printk_skb: 55 callbacks suppressed [ 191.207925][ T28] audit: type=1326 audit(1764736392.866:1134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8290 comm="syz.1.896" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb64d8f749 code=0x7ffc0000 [ 191.353635][ T28] audit: type=1326 audit(1764736392.906:1135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8290 comm="syz.1.896" exe="/root/syz-executor" sig=0 arch=c000003e syscall=447 compat=0 ip=0x7fdb64d8f749 code=0x7ffc0000 [ 191.461682][ T28] audit: type=1326 audit(1764736392.906:1136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8290 comm="syz.1.896" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb64d8f749 code=0x7ffc0000 [ 191.484560][ T28] audit: type=1326 audit(1764736392.906:1137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8290 comm="syz.1.896" exe="/root/syz-executor" sig=0 arch=c000003e syscall=260 compat=0 ip=0x7fdb64d8f749 code=0x7ffc0000 [ 191.507049][ T28] audit: type=1326 audit(1764736392.906:1138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8290 comm="syz.1.896" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb64d8f749 code=0x7ffc0000 [ 191.631400][ T8297] loop0: detected capacity change from 0 to 128 [ 191.891792][ T8301] netlink: 20 bytes leftover after parsing attributes in process `syz.2.900'. [ 192.754382][ T8319] syzkaller0: entered promiscuous mode [ 192.768965][ T8319] syzkaller0: entered allmulticast mode [ 194.536022][ T1279] ieee802154 phy1 wpan1: encryption failed: -22 [ 195.153638][ T28] audit: type=1326 audit(1764736396.806:1139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8341 comm="syz.3.915" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9167b8f749 code=0x7ffc0000 [ 195.259465][ T28] audit: type=1326 audit(1764736396.836:1140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8341 comm="syz.3.915" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9167b8f749 code=0x7ffc0000 [ 195.289508][ T28] audit: type=1326 audit(1764736396.846:1141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8341 comm="syz.3.915" exe="/root/syz-executor" sig=0 arch=c000003e syscall=121 compat=0 ip=0x7f9167b8f749 code=0x7ffc0000 [ 195.312192][ T28] audit: type=1326 audit(1764736396.846:1142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8341 comm="syz.3.915" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9167b8f749 code=0x7ffc0000 [ 195.335020][ T28] audit: type=1326 audit(1764736396.846:1143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8341 comm="syz.3.915" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9167b8f749 code=0x7ffc0000 [ 196.794444][ T8344] netlink: 14 bytes leftover after parsing attributes in process `syz.3.916'. [ 196.803837][ T8344] hsr_slave_0: left promiscuous mode [ 196.816281][ T8344] hsr_slave_1: left promiscuous mode [ 196.994661][ T8354] usb usb6: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 197.259278][ T8367] loop0: detected capacity change from 0 to 512 [ 197.410922][ T8367] ------------[ cut here ]------------ [ 197.417214][ T8367] EA inode 11 i_nlink=2 [ 197.456656][ T8367] WARNING: CPU: 0 PID: 8367 at fs/ext4/xattr.c:1075 ext4_xattr_inode_update_ref+0x4fb/0x550 [ 197.471228][ T8367] Modules linked in: [ 197.475178][ T8367] CPU: 0 PID: 8367 Comm: syz.0.924 Not tainted syzkaller #0 [ 197.482538][ T8367] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 197.492913][ T8367] RIP: 0010:ext4_xattr_inode_update_ref+0x4fb/0x550 [ 197.500270][ T8367] Code: 8d 7e 50 4c 89 f8 48 c1 e8 03 42 80 3c 20 00 74 08 4c 89 ff e8 06 2c 9a ff 49 8b 37 48 c7 c7 a0 c6 be 8a 89 da e8 35 3a 0d ff <0f> 0b 4c 8b 74 24 08 4c 8b 7c 24 10 e9 b9 fe ff ff e8 ff 49 2c 08 [ 197.520413][ T8367] RSP: 0018:ffffc90004adf1c0 EFLAGS: 00010246 [ 197.526689][ T8367] RAX: b17483486e81ad00 RBX: 0000000000000002 RCX: 0000000000080000 [ 197.534698][ T8367] RDX: ffffc9000e82f000 RSI: 0000000000035aa2 RDI: 0000000000035aa3 [ 197.542745][ T8367] RBP: ffffc90004adf2b8 R08: ffff8880b8f28c13 R09: 1ffff110171e5182 [ 197.550841][ T8367] R10: dffffc0000000000 R11: ffffed10171e5183 R12: dffffc0000000000 [ 197.559149][ T8367] R13: ffff8880781e4aa8 R14: ffff8880781e48b0 R15: ffff8880781e4900 [ 197.567183][ T8367] FS: 00007f9a5eae36c0(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000 [ 197.576235][ T8367] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 197.583185][ T8367] CR2: 00007f147610fe9c CR3: 0000000023146000 CR4: 00000000003506f0 [ 197.591481][ T8367] Call Trace: [ 197.594782][ T8367] [ 197.598480][ T8367] ? ext4_xattr_list_entries+0x3d0/0x3d0 [ 197.604157][ T8367] ? ext4_xattr_inode_iget+0x3df/0x600 [ 197.609806][ T8367] ext4_xattr_set_entry+0xcda/0x1e90 [ 197.615163][ T8367] ext4_xattr_ibody_set+0x254/0x6a0 [ 197.620446][ T8367] ext4_expand_extra_isize_ea+0x113a/0x19e0 [ 197.626439][ T8367] __ext4_expand_extra_isize+0x306/0x400 [ 197.632109][ T8367] __ext4_mark_inode_dirty+0x45d/0x6e0 [ 197.637673][ T8367] ext4_evict_inode+0x7ed/0xea0 [ 197.642560][ T8367] ? _raw_spin_unlock+0x28/0x40 [ 197.647551][ T8367] ? ext4_inode_is_fast_symlink+0x390/0x390 [ 197.653502][ T8367] ? do_raw_spin_unlock+0x121/0x230 [ 197.658807][ T8367] ? ext4_inode_is_fast_symlink+0x390/0x390 [ 197.664734][ T8367] evict+0x486/0x870 [ 197.668820][ T8367] ? __lock_acquire+0x7c80/0x7c80 [ 197.673885][ T8367] ? proc_nr_inodes+0x230/0x230 [ 197.678800][ T8367] ? do_raw_spin_unlock+0x121/0x230 [ 197.684033][ T8367] ? _raw_spin_unlock+0x28/0x40 [ 197.688944][ T8367] ? iput+0x70a/0x920 [ 197.692966][ T8367] ext4_orphan_cleanup+0xbd4/0x1400 [ 197.698836][ T8367] ? ext4_orphan_del+0xba0/0xba0 [ 197.703816][ T8367] ? ext4_register_li_request+0x183/0x940 [ 197.709695][ T8367] ? errseq_check_and_advance+0x66/0x120 [ 197.715357][ T8367] ext4_fill_super+0x5de4/0x66c0 [ 197.720389][ T8367] ? ext4_parse_test_dummy_encryption+0xb0/0xb0 [ 197.727123][ T8367] ? __might_sleep+0xe0/0xe0 [ 197.731752][ T8367] ? read_lock_is_recursive+0x20/0x20 [ 197.737195][ T8367] ? snprintf+0xdb/0x120 [ 197.741474][ T8367] ? vscnprintf+0x80/0x80 [ 197.745841][ T8367] ? down_write+0x162/0x1f0 [ 197.750416][ T8367] ? down_read_killable+0x340/0x340 [ 197.755649][ T8367] ? setup_bdev_super+0x56b/0x660 [ 197.760750][ T8367] get_tree_bdev+0x3e4/0x510 [ 197.765370][ T8367] ? vfs_parse_fs_string+0x160/0x160 [ 197.770765][ T8367] ? ext4_parse_test_dummy_encryption+0xb0/0xb0 [ 197.777080][ T8367] ? setup_bdev_super+0x660/0x660 [ 197.782134][ T8367] ? apparmor_capable+0x137/0x1a0 [ 197.787515][ T8367] ? bpf_lsm_capable+0x9/0x10 [ 197.792225][ T8367] ? security_capable+0x89/0xb0 [ 197.797520][ T8367] vfs_get_tree+0x8c/0x280 [ 197.802760][ T8367] do_new_mount+0x24b/0xa40 [ 197.807516][ T8367] __se_sys_mount+0x2da/0x3c0 [ 197.812237][ T8367] ? __x64_sys_mount+0xc0/0xc0 [ 197.817103][ T8367] ? lockdep_hardirqs_on+0x98/0x150 [ 197.822325][ T8367] ? __x64_sys_mount+0x20/0xc0 [ 197.827178][ T8367] do_syscall_64+0x55/0xb0 [ 197.831637][ T8367] ? clear_bhb_loop+0x40/0x90 [ 197.836397][ T8367] ? clear_bhb_loop+0x40/0x90 [ 197.841107][ T8367] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 197.847106][ T8367] RIP: 0033:0x7f9a5db90eea [ 197.851550][ T8367] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 197.871403][ T8367] RSP: 002b:00007f9a5eae2e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 197.879910][ T8367] RAX: ffffffffffffffda RBX: 00007f9a5eae2ef0 RCX: 00007f9a5db90eea [ 197.888132][ T8367] RDX: 0000200000000180 RSI: 00002000000001c0 RDI: 00007f9a5eae2eb0 [ 197.896139][ T8367] RBP: 0000200000000180 R08: 00007f9a5eae2ef0 R09: 0000000000800700 [ 197.905310][ T8367] R10: 0000000000800700 R11: 0000000000000246 R12: 00002000000001c0 [ 197.913519][ T8367] R13: 00007f9a5eae2eb0 R14: 000000000000046f R15: 000000000000002c [ 197.921583][ T8367] [ 197.924643][ T8367] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 197.931939][ T8367] CPU: 0 PID: 8367 Comm: syz.0.924 Not tainted syzkaller #0 [ 197.939244][ T8367] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 197.949327][ T8367] Call Trace: [ 197.952622][ T8367] [ 197.955569][ T8367] dump_stack_lvl+0x16c/0x230 [ 197.960279][ T8367] ? show_regs_print_info+0x20/0x20 [ 197.965516][ T8367] ? load_image+0x3b0/0x3b0 [ 197.970055][ T8367] panic+0x2c0/0x710 [ 197.973979][ T8367] ? bpf_jit_dump+0xd0/0xd0 [ 197.978525][ T8367] __warn+0x2e0/0x470 [ 197.982525][ T8367] ? ext4_xattr_inode_update_ref+0x4fb/0x550 [ 197.988527][ T8367] ? ext4_xattr_inode_update_ref+0x4fb/0x550 [ 197.994615][ T8367] report_bug+0x2be/0x4f0 [ 197.998971][ T8367] ? ext4_xattr_inode_update_ref+0x4fb/0x550 [ 198.004963][ T8367] ? ext4_xattr_inode_update_ref+0x4fb/0x550 [ 198.010968][ T8367] ? ext4_xattr_inode_update_ref+0x4fd/0x550 [ 198.016957][ T8367] handle_bug+0xcf/0x120 [ 198.021214][ T8367] exc_invalid_op+0x1a/0x50 [ 198.025748][ T8367] asm_exc_invalid_op+0x1a/0x20 [ 198.030607][ T8367] RIP: 0010:ext4_xattr_inode_update_ref+0x4fb/0x550 [ 198.037209][ T8367] Code: 8d 7e 50 4c 89 f8 48 c1 e8 03 42 80 3c 20 00 74 08 4c 89 ff e8 06 2c 9a ff 49 8b 37 48 c7 c7 a0 c6 be 8a 89 da e8 35 3a 0d ff <0f> 0b 4c 8b 74 24 08 4c 8b 7c 24 10 e9 b9 fe ff ff e8 ff 49 2c 08 [ 198.057268][ T8367] RSP: 0018:ffffc90004adf1c0 EFLAGS: 00010246 [ 198.063339][ T8367] RAX: b17483486e81ad00 RBX: 0000000000000002 RCX: 0000000000080000 [ 198.071324][ T8367] RDX: ffffc9000e82f000 RSI: 0000000000035aa2 RDI: 0000000000035aa3 [ 198.079318][ T8367] RBP: ffffc90004adf2b8 R08: ffff8880b8f28c13 R09: 1ffff110171e5182 [ 198.087388][ T8367] R10: dffffc0000000000 R11: ffffed10171e5183 R12: dffffc0000000000 [ 198.095369][ T8367] R13: ffff8880781e4aa8 R14: ffff8880781e48b0 R15: ffff8880781e4900 [ 198.103366][ T8367] ? ext4_xattr_list_entries+0x3d0/0x3d0 [ 198.109016][ T8367] ? ext4_xattr_inode_iget+0x3df/0x600 [ 198.114488][ T8367] ext4_xattr_set_entry+0xcda/0x1e90 [ 198.119811][ T8367] ext4_xattr_ibody_set+0x254/0x6a0 [ 198.125026][ T8367] ext4_expand_extra_isize_ea+0x113a/0x19e0 [ 198.130949][ T8367] __ext4_expand_extra_isize+0x306/0x400 [ 198.136588][ T8367] __ext4_mark_inode_dirty+0x45d/0x6e0 [ 198.142057][ T8367] ext4_evict_inode+0x7ed/0xea0 [ 198.146920][ T8367] ? _raw_spin_unlock+0x28/0x40 [ 198.151783][ T8367] ? ext4_inode_is_fast_symlink+0x390/0x390 [ 198.157687][ T8367] ? do_raw_spin_unlock+0x121/0x230 [ 198.162886][ T8367] ? ext4_inode_is_fast_symlink+0x390/0x390 [ 198.168919][ T8367] evict+0x486/0x870 [ 198.172823][ T8367] ? __lock_acquire+0x7c80/0x7c80 [ 198.177865][ T8367] ? proc_nr_inodes+0x230/0x230 [ 198.182721][ T8367] ? do_raw_spin_unlock+0x121/0x230 [ 198.187925][ T8367] ? _raw_spin_unlock+0x28/0x40 [ 198.192783][ T8367] ? iput+0x70a/0x920 [ 198.196766][ T8367] ext4_orphan_cleanup+0xbd4/0x1400 [ 198.201975][ T8367] ? ext4_orphan_del+0xba0/0xba0 [ 198.206919][ T8367] ? ext4_register_li_request+0x183/0x940 [ 198.212646][ T8367] ? errseq_check_and_advance+0x66/0x120 [ 198.218288][ T8367] ext4_fill_super+0x5de4/0x66c0 [ 198.223250][ T8367] ? ext4_parse_test_dummy_encryption+0xb0/0xb0 [ 198.229496][ T8367] ? __might_sleep+0xe0/0xe0 [ 198.234087][ T8367] ? read_lock_is_recursive+0x20/0x20 [ 198.239459][ T8367] ? snprintf+0xdb/0x120 [ 198.243711][ T8367] ? vscnprintf+0x80/0x80 [ 198.248045][ T8367] ? down_write+0x162/0x1f0 [ 198.252545][ T8367] ? down_read_killable+0x340/0x340 [ 198.257749][ T8367] ? setup_bdev_super+0x56b/0x660 [ 198.262945][ T8367] get_tree_bdev+0x3e4/0x510 [ 198.267527][ T8367] ? vfs_parse_fs_string+0x160/0x160 [ 198.272813][ T8367] ? ext4_parse_test_dummy_encryption+0xb0/0xb0 [ 198.279055][ T8367] ? setup_bdev_super+0x660/0x660 [ 198.284084][ T8367] ? apparmor_capable+0x137/0x1a0 [ 198.289110][ T8367] ? bpf_lsm_capable+0x9/0x10 [ 198.293789][ T8367] ? security_capable+0x89/0xb0 [ 198.298640][ T8367] vfs_get_tree+0x8c/0x280 [ 198.303058][ T8367] do_new_mount+0x24b/0xa40 [ 198.307567][ T8367] __se_sys_mount+0x2da/0x3c0 [ 198.312350][ T8367] ? __x64_sys_mount+0xc0/0xc0 [ 198.317214][ T8367] ? lockdep_hardirqs_on+0x98/0x150 [ 198.322412][ T8367] ? __x64_sys_mount+0x20/0xc0 [ 198.327280][ T8367] do_syscall_64+0x55/0xb0 [ 198.331705][ T8367] ? clear_bhb_loop+0x40/0x90 [ 198.336385][ T8367] ? clear_bhb_loop+0x40/0x90 [ 198.341073][ T8367] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 198.346971][ T8367] RIP: 0033:0x7f9a5db90eea [ 198.351385][ T8367] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 198.371136][ T8367] RSP: 002b:00007f9a5eae2e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 198.379555][ T8367] RAX: ffffffffffffffda RBX: 00007f9a5eae2ef0 RCX: 00007f9a5db90eea [ 198.387533][ T8367] RDX: 0000200000000180 RSI: 00002000000001c0 RDI: 00007f9a5eae2eb0 [ 198.395505][ T8367] RBP: 0000200000000180 R08: 00007f9a5eae2ef0 R09: 0000000000800700 [ 198.403481][ T8367] R10: 0000000000800700 R11: 0000000000000246 R12: 00002000000001c0 [ 198.411453][ T8367] R13: 00007f9a5eae2eb0 R14: 000000000000046f R15: 000000000000002c [ 198.419531][ T8367] [ 198.422815][ T8367] Kernel Offset: disabled [ 198.427273][ T8367] Rebooting in 86400 seconds..