last executing test programs: 13.438247587s ago: executing program 1 (id=615): r0 = memfd_secret(0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0xa, 0x11, r0, 0x0) lsm_get_self_attr(0x65, 0x0, &(0x7f00000001c0), 0x0) 13.026180898s ago: executing program 1 (id=619): prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1) r0 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x0) fchdir(r1) r2 = open(&(0x7f0000000040)='./bus\x00', 0x103a42, 0x80) ftruncate(r2, 0x2007ffb) sendfile(r2, r2, 0x0, 0x1000000201005) ftruncate(r2, 0x30) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x40080) 12.378045536s ago: executing program 1 (id=623): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180000000000000000000000ff000000850000000e000000850000005000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r0}, 0x18) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="300000003e000701fcfffffffddbdf25047c0000100036800c00020007009300000000000c0001"], 0x30}, 0x1, 0x0, 0x0, 0x488c0}, 0x60044004) 11.925077539s ago: executing program 1 (id=627): sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r2}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x2d) r4 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$ARPT_SO_SET_REPLACE(r4, 0x0, 0x60, &(0x7f0000000480)={'filter\x00', 0x104, 0x4, 0x3c0, 0x0, 0xe8, 0x1f0, 0x2d8, 0x2d8, 0x1f0, 0x4, 0x0, {[{{@arp={@remote, @broadcast, 0x0, 0x0, 0x0, 0x0, {@mac=@local}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'dvmrp0\x00', 'macvlan0\x00'}, 0xc0, 0xe8}, @unspec=@NFQUEUE1={0x28}}, {{@arp={@loopback, @multicast2, 0x0, 0x0, 0x0, 0x0, {@mac=@local}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'pim6reg0\x00', 'veth0\x00'}, 0xc0, 0x108}, @unspec=@LED={0x48, 'LED\x00', 0x0, {'syz1\x00'}}}, {{@uncond, 0xc0, 0xe8}, @unspec=@STANDARD={0x28, '\x00', 0x0, 0xe8}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x410) 6.26916436s ago: executing program 3 (id=656): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000"], 0x0}, 0x94) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000680)={0x3, 0xc, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) close(r2) socket$netlink(0x10, 0x3, 0x0) ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}}) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_CMD_ENABLE_BEARER(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b"], 0x38}, 0x1, 0x0, 0x0, 0x1}, 0x0) writev(r1, &(0x7f0000000040)=[{&(0x7f0000000100)="89e7ee2c78dad9b4b473fec988cafb", 0x240}], 0x1) 5.643677068s ago: executing program 2 (id=658): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000ff0f000007"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='kfree\x00', r1, 0x0, 0x8000000000000}, 0x18) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x50) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) dup(r2) socket$packet(0x11, 0x3, 0x300) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_xfrm(0x10, 0x3, 0x6) socket$inet6(0xa, 0x80002, 0x88) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cgroup.stat\x00', 0x275a, 0x0) write$UHID_CREATE2(r4, &(0x7f0000000040)=ANY=[@ANYRES32=r3], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1000001, 0x12, r4, 0x0) r5 = syz_open_dev$tty1(0xc, 0x4, 0x4) ioctl$TIOCL_GETKMSGREDIRECT(r5, 0x541c, &(0x7f0000000000)) 5.480572002s ago: executing program 4 (id=659): bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x48) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000140)={'pim6reg1\x00', 0x1}) r1 = socket(0x840000000002, 0x3, 0x100) connect$inet(r1, &(0x7f0000000000)={0x2, 0x0, @dev}, 0x10) sendmmsg$inet(r1, &(0x7f0000005240), 0x4000095, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000100)={'pim6reg1\x00', @broadcast}) 5.430034861s ago: executing program 3 (id=660): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f00000004c0)=ANY=[@ANYBLOB="1800000000000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000480)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15) r4 = dup(r3) write$P9_RLERRORu(r4, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_SET_OPTION(r4, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000800)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085"], 0x0, 0x101, 0x0, 0x0, 0x41100, 0x59}, 0x94) write$binfmt_elf64(r4, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r4]) stat(&(0x7f0000001c40)='./file0\x00', &(0x7f0000001c80)) 5.226409949s ago: executing program 2 (id=661): getrandom(&(0x7f0000000240)=""/286, 0xffffff9a, 0x0) r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_BLANKSCREEN(r0, 0x560e, &(0x7f0000000000)) ioctl$TIOCSWINSZ(r0, 0x5414, &(0x7f0000000040)={0x9, 0x2, 0x48, 0x5}) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) ustat(0x5, &(0x7f0000000000)) r1 = creat(0x0, 0x0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x0) bind$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x4e21, @multicast1}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000ff0f000007"], 0x50) r2 = fsopen(&(0x7f0000000140)='cgroup2\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x18, 0xb, &(0x7f0000000780)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x30, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x100003}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000680)='kfree\x00', r3, 0x0, 0x10000000000000}, 0x18) sendmsg$can_bcm(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000480)=ANY=[], 0x48}}, 0x0) 4.993824313s ago: executing program 0 (id=662): r0 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)) mknodat$loop(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x1000, 0x1) name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)=ANY=[@ANYBLOB="14"], &(0x7f0000000180), 0x0) open_by_handle_at(0xffffffffffffff9c, &(0x7f00000000c0)=ANY=[], 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8c}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x6) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x81) close(r1) connect$tipc(0xffffffffffffffff, &(0x7f0000000040)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10) sendmmsg$inet(0xffffffffffffffff, &(0x7f0000008b80)=[{{0x0, 0x0, &(0x7f0000002fc0)=[{&(0x7f0000002d40)='\\', 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f00000031c0)=[{&(0x7f0000003140)='F', 0x1}], 0x1}}], 0x2, 0x4048884) 4.964391272s ago: executing program 3 (id=663): syz_emit_ethernet(0x7a, &(0x7f0000001180)={@link_local, @dev, @void, {@ipv6={0x86dd, @gre_packet={0x4, 0x6, "0de71a", 0x44, 0x2f, 0x1, @mcast2, @local, {[], {{0x0, 0x0, 0x1, 0x1, 0x0, 0x1}, {0x0, 0x0, 0x0, 0x1}, {0x1, 0x0, 0x0, 0x1}, {0x8, 0x88be, 0x1, {{0x8, 0x1, 0x6, 0x3, 0x1, 0x2, 0x6, 0xb}, 0x1, {0x4}}}, {0x8, 0x22eb, 0x1, {{0x0, 0x2, 0x10, 0x1, 0x0, 0x0, 0x7, 0xd}, 0x2, {0x4, 0x81, 0x0, 0x4, 0x0, 0x1, 0x3, 0x1}}}}}}}}}, 0x0) unlink(&(0x7f0000000180)='./file1\x00') socket$kcm(0x10, 0x2, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) syz_open_dev$usbfs(&(0x7f0000000480), 0x77, 0x41341) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) cachestat(r0, &(0x7f00000001c0)={0xb0, 0xf5}, 0xffffffffffffffff, 0x0) sched_rr_get_interval(0x0, 0x0) kexec_load(0x3e00, 0x1, &(0x7f00000002c0)=[{0x0, 0x0, 0xff600000, 0x1000000}], 0x0) syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800700, &(0x7f0000000200)={[{@journal_ioprio={'journal_ioprio', 0x3d, 0x2}}, {@bsdgroups}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5c}}, {@noauto_da_alloc}, {@bsdgroups}, {@oldalloc}, {@errors_continue}]}, 0x2, 0x44b, &(0x7f0000000400)="$eJzs281vFOUfAPDvzLbl9+OtFfEFRK0SY+NLSwsqBy8aTTxgNNEDHuu2EMJCDa2JECLVGLyYGBI9G48m/gXevBj1ZOJV74aEKBfQU83MzsB22S0t3e5W9vNJBp5n5+k+z3efeWaemWc3gL41mv2TRGyPiN8iYrieXV5gtP7f9avnq39fPV9NYmnprT+TvNy1q+erZdHy77YVmbE0Iv0kKSpZbv7suZPTtdrsmSI/sXDqvYn5s+eePXFq+vjs8dnTU4cPHzo4+cLzU891JM4srmt7P5zbt+e1dy69Xj166d2fvs3au73Y3xhHp4xmgf+1lGve90SnK+uxHQ3pZKCHDWFNKhGRdddgPv6HoxI3O284Xv24p40DNlR2bdrSfvfiEnAXS6LXLQB6o7zQZ/e/5dalqcemcOWl+g1QFvf1YqvvGYi0KDPYdH/bSaMRcXTxn6+yLTboOQQAQKPPql8eiWdazf/SuL+h3M5iDWUkIu6JiF0RcW9E7I6I+yLysg9ExINrrL95aejW+U96+Y4CW6Vs/vdisba1fP5Xzv5ipFLkduTxDybHTtRmDxSfyVgMbsnykyvU8f0rv37ebl/j/C/bsvrLuWDRjssDTQ/oZqYXpvNJaQdc+Shi70Cr+JMbKwFJROyJiL1re+udZeLEU9/sa1fo9vGvoAPrTEtfRzxZ7//FaIq/lKy8Pjnxv6jNHpgoj4pb/fzLxTfb1b+u+Dsg6/+ty4//5iIjSeN67fza67j4+6dt72nu9PgfSt7Oz0dlR30wvbBwZjJiKDmSvzhUlM1fn7r5t2W+LJ/FP7a/9fjfFTcreCgisoP44Yh4JCIeLdr+WEQ8HhH7V4j/x5fb79sM/T/T8vx34/hv6v+1Jyonf/iuXf2r6/9DeWqseCU//93Gahu4ns8OAAAA/ivS/DvwSTp+I52m4+P17/Dvjq1pbW5+4eljc++fnql/V34kBtPySddww/PQyWSxeMd6fqp4VlzuP1g8N/6i8v88P16dq830OHbod9vajP/MH5Vetw7YcK3W0aaGetAQoOuax3+6PHvhjW42Bugqv9eG/nWb8Z92qx1A97n+Q/9qNf4vNOWtBcDdyfUf+pfxD/3L+If+ZfxDX1rP7/ol+jkR6aZohsQGJXp9ZgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOiMfwMAAP//d5Lu1w==") 4.664356581s ago: executing program 0 (id=664): getrandom(&(0x7f0000000240)=""/286, 0xffffff9a, 0x0) r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_BLANKSCREEN(r0, 0x560e, &(0x7f0000000000)) ioctl$TIOCSWINSZ(r0, 0x5414, &(0x7f0000000040)={0x9, 0x2, 0x48, 0x5}) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) ustat(0x5, &(0x7f0000000000)) r1 = creat(0x0, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r2, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000ff0f000007"], 0x50) r3 = fsopen(&(0x7f0000000140)='cgroup2\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x18, 0xb, &(0x7f0000000780)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x30, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x100003}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000680)='kfree\x00', r4, 0x0, 0x10000000000000}, 0x18) sendmsg$can_bcm(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000480)=ANY=[], 0x48}}, 0x0) 3.734983879s ago: executing program 2 (id=665): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000580)=@updpolicy={0x13c, 0x19, 0x1, 0x0, 0x0, {{@in6=@empty, @in=@dev={0xac, 0x14, 0x14, 0x42}, 0x0, 0x0, 0x0, 0x8000, 0x2, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0xff}, {0x0, 0x5}}, [@tmpl={0x84, 0x5, [{{@in6=@mcast1, 0x4d2, 0x33}, 0xa, @in6=@empty, 0x3501, 0x1, 0x0, 0x3b, 0x83, 0x5, 0x5}, {{@in=@multicast1, 0x4d5, 0x6c}, 0x2, @in6=@empty, 0x0, 0x1, 0x3, 0x3, 0x4, 0x2, 0x3}]}]}, 0x13c}}, 0x4894) 3.505504293s ago: executing program 4 (id=666): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000700)=ANY=[], 0x7c}}, 0x0) 3.320654855s ago: executing program 2 (id=667): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000300)='kmem_cache_free\x00', r0}, 0x18) r1 = socket(0x10, 0x803, 0x0) sendmsg$nl_route_sched(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={0x0, 0x24}}, 0x0) getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x2ba) sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[@ANYBLOB="3c0000001000850619fbb7c75150926b00000000", @ANYRES32=r2, @ANYBLOB="fe000400000000001c0012000c000100626f6e64000000000c0002000800010004"], 0x3c}}, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) getsockname$packet(r1, &(0x7f0000000180)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14) sendmsg$nl_route(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000480)=ANY=[@ANYBLOB="440000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800b00010062617461647600000400028008000a00", @ANYRES32=r4], 0x44}}, 0x0) r5 = socket$nl_route(0x10, 0x3, 0x0) getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r5, &(0x7f0000000640)={0x0, 0x7, &(0x7f0000000280)={&(0x7f0000000080)=ANY=[@ANYBLOB="2000000011005704000000000000000010000000", @ANYRES32=r6], 0x20}}, 0x0) 3.105191207s ago: executing program 4 (id=668): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000680)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000040)='sys_enter\x00', r1}, 0x10) eventfd(0x0) 2.448415212s ago: executing program 4 (id=669): r0 = bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b705000008000000850000006900"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x76}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000280)='sched_switch\x00', r1}, 0x18) pause() r2 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x14) fcntl$setsig(r2, 0xa, 0x13) fcntl$setlease(r2, 0x400, 0x0) timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000280)) timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) truncate(&(0x7f0000000200)='./file0\x00', 0x1000000) 2.361501675s ago: executing program 2 (id=670): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000"], 0x0}, 0x94) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000680)={0x3, 0xc, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) close(r2) socket$netlink(0x10, 0x3, 0x0) ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}}) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_CMD_ENABLE_BEARER(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b"], 0x38}, 0x1, 0x0, 0x0, 0x1}, 0x0) writev(r1, &(0x7f0000000040)=[{&(0x7f0000000100)="89e7ee2c78dad9b4b473fec988cafb", 0x240}], 0x1) 1.721841412s ago: executing program 1 (id=671): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000ff0f000007"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='kfree\x00', r1, 0x0, 0x8000000000000}, 0x18) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x50) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) dup(r2) socket$packet(0x11, 0x3, 0x300) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_xfrm(0x10, 0x3, 0x6) socket$inet6(0xa, 0x80002, 0x88) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cgroup.stat\x00', 0x275a, 0x0) write$UHID_CREATE2(r4, &(0x7f0000000040)=ANY=[@ANYRES32=r3], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1000001, 0x12, r4, 0x0) r5 = syz_open_dev$tty1(0xc, 0x4, 0x4) ioctl$TIOCL_GETKMSGREDIRECT(r5, 0x541c, &(0x7f0000000000)) 1.58235927s ago: executing program 3 (id=672): connect$inet6(0xffffffffffffffff, 0x0, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000008000000060000000010"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000480)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x64, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r1, 0x0, 0x3}, 0x18) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000500)={'syzkaller0\x00', 0x7101}) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0xa802, 0x0) close(r3) socket$netlink(0x10, 0x3, 0x0) r4 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) r6 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@gettclass={0x24, 0x2a, 0x129, 0x0, 0x25dfdbfd, {0x0, 0x0, 0x0, r5, {0xb, 0xd}, {}, {0x8, 0xfff1}}}, 0x24}, 0x1, 0x0, 0x0, 0x48050}, 0x40004) 1.565723405s ago: executing program 0 (id=673): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f00000004c0)=ANY=[@ANYBLOB="1800000000000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000480)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15) r4 = dup(r3) write$P9_RLERRORu(r4, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_SET_OPTION(r4, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000800)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085"], 0x0, 0x101, 0x0, 0x0, 0x41100, 0x59}, 0x94) write$binfmt_elf64(r4, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r4]) stat(&(0x7f0000001c40)='./file0\x00', &(0x7f0000001c80)) 1.458809245s ago: executing program 2 (id=674): r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x808000, 0x4, 0x20300, 0xfc}, 0x1c) setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000100)=@req3={0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x861}, 0x1c) 1.297025694s ago: executing program 1 (id=675): getrandom(&(0x7f0000000240)=""/286, 0xffffff9a, 0x0) r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_BLANKSCREEN(r0, 0x560e, &(0x7f0000000000)) ioctl$TIOCSWINSZ(r0, 0x5414, &(0x7f0000000040)={0x9, 0x2, 0x48, 0x5}) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) ustat(0x5, &(0x7f0000000000)) r1 = creat(0x0, 0x0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x0) bind$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x4e21, @multicast1}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000ff0f000007"], 0x50) r2 = fsopen(&(0x7f0000000140)='cgroup2\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x18, 0xb, &(0x7f0000000780)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x30, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x100003}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000680)='kfree\x00', r3, 0x0, 0x10000000000000}, 0x18) sendmsg$can_bcm(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000480)=ANY=[], 0x48}}, 0x0) 1.201576816s ago: executing program 4 (id=676): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000000000000000000ff000000850000000e000000c500000001f0ffff95"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x18) sendmsg$key(0xffffffffffffffff, 0x0, 0x0) syz_emit_ethernet(0x66, &(0x7f00000000c0)=ANY=[], 0x0) 994.158147ms ago: executing program 0 (id=677): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000580)=@updpolicy={0x13c, 0x19, 0x1, 0x0, 0x0, {{@in6=@empty, @in=@dev={0xac, 0x14, 0x14, 0x42}, 0x0, 0x0, 0x0, 0x8000, 0x2, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0xff}, {0x0, 0x5}}, [@tmpl={0x84, 0x5, [{{@in6=@mcast1, 0x4d2, 0x33}, 0xa, @in6=@empty, 0x3501, 0x1, 0x0, 0x3b, 0x83, 0x5, 0x5}, {{@in=@multicast1, 0x4d5, 0x6c}, 0x2, @in6=@empty, 0x0, 0x1, 0x3, 0x3, 0x4, 0x2, 0x3}]}]}, 0x13c}}, 0x4894) 744.537975ms ago: executing program 3 (id=678): socket(0x1d, 0x2, 0x6) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000fd0f000007"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r0}, &(0x7f0000000040), &(0x7f0000000080)=r1}, 0x20) socket(0x10, 0x3, 0x0) r2 = socket$kcm(0x21, 0x2, 0x2) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r3}, 0x10) sendmsg$kcm(r2, &(0x7f0000000000)={&(0x7f0000000080)=@rxrpc=@in4={0x21, 0x3, 0x2, 0x10, {0x2, 0x4e22, @empty}}, 0x80, &(0x7f0000000140)=[{&(0x7f0000000ac0)="ee", 0xfffffe5e}], 0x1, &(0x7f0000001a00)=ANY=[@ANYBLOB="180000000000000010010000010000007d95df16a39b1a6c900000000000000001000000040500002b24ec10064b6f2f000000fb718aef932f3889d1fdda5b57000000860f5878c37ffe36e1165814d435be5b317c6c8189587d2f97879f07a515bb7c169f46933d9338f4ab04834e6f618988ab013f40afe403041323110f62055394412158e7a3adb148d641aa40d4ab077fe34232aa8b31851466d0998a61d7da0c86d70000001010"], 0x10b8}, 0x8000) 693.806954ms ago: executing program 4 (id=679): r0 = socket(0x10, 0x803, 0x0) r1 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2b, 0xffffffff, {0x0, 0x0, 0x0, r2, {0x0, 0x7}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x2}}}]}, 0x38}}, 0x0) 502.942881ms ago: executing program 0 (id=680): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x45, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000800)=ANY=[@ANYBLOB="1c0000003e000701fcfffffffedbdf25017c00000600048036"], 0x1c}, 0x1, 0x0, 0x0, 0x488c0}, 0xc000) 326.036524ms ago: executing program 0 (id=681): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, 0x2}, 0x94) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="5c0000001400010027bd7000ffdbdf25000000000000000000000000000000007f0000010000000000000000000000004e2400084e2400060a00a0", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000000000c000800e7"], 0x5c}, 0x1, 0x0, 0x0, 0x810}, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000200)='kmem_cache_free\x00', r0}, 0x10) io_uring_setup(0x6ecd, &(0x7f0000000140)={0x0, 0x49fd, 0x10003, 0x20002, 0x185}) getsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(0xffffffffffffffff, 0x84, 0x13, 0x0, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000020000000000000000085000000ae00000095"], &(0x7f0000001b80)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x41, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000140)='mm_page_free\x00', r2, 0x0, 0x1000}, 0x18) kexec_load(0x0, 0x1, &(0x7f0000000140)=[{0x0, 0x3e00, 0x116094000, 0x41000000}], 0x0) close(0xffffffffffffffff) r3 = socket$inet6_mptcp(0xa, 0x1, 0x106) bind$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x1}, 0x1c) listen(r3, 0x0) socket$inet_mptcp(0x2, 0x1, 0x106) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000500)='percpu_free_percpu\x00', r4}, 0x10) bpf$MAP_CREATE(0x2000000000000000, &(0x7f0000000b00)=@base={0x6, 0x4, 0x70be, 0x5c, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2}, 0x48) 0s ago: executing program 3 (id=682): r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r1) ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=0x0) sendmsg$NFC_CMD_DEV_UP(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000740)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="010026bd70003c0200000200000008000100", @ANYRES32=r3], 0x1c}}, 0x0) write$nci(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="61030604900b42db486c6d"], 0xb) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.254' (ED25519) to the list of known hosts. [ 193.274588][ T5792] cgroup: Unknown subsys name 'net' [ 193.424468][ T5792] cgroup: Unknown subsys name 'cpuset' [ 193.441302][ T5792] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 229.577199][ T1288] ieee802154 phy0 wpan0: encryption failed: -22 [ 229.584227][ T1288] ieee802154 phy1 wpan1: encryption failed: -22 [ 244.853492][ T5792] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 248.969693][ T5819] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 248.978294][ T5819] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 248.986350][ T5822] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 248.995511][ T5819] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 249.003962][ T5822] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 249.013794][ T5819] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 249.026228][ T5819] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 249.036803][ T5819] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 249.050880][ T5824] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 249.076661][ T5825] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 249.094206][ T5825] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 249.108333][ T5825] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 249.114201][ T5108] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 249.122252][ T5825] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 249.132675][ T5825] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 249.143686][ T5825] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 249.173318][ T5825] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 249.183725][ T5108] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 249.201303][ T5818] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 249.213739][ T5818] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 249.347075][ T5824] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 249.359770][ T5824] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 249.369777][ T5824] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 249.399893][ T5824] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 249.448840][ T5824] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 250.391468][ T5814] chnl_net:caif_netlink_parms(): no params data found [ 250.823558][ T5816] chnl_net:caif_netlink_parms(): no params data found [ 251.163236][ T5824] Bluetooth: hci0: command tx timeout [ 251.234344][ T5827] chnl_net:caif_netlink_parms(): no params data found [ 251.235718][ T5824] Bluetooth: hci1: command tx timeout [ 251.247188][ T5818] Bluetooth: hci2: command tx timeout [ 251.315098][ T5824] Bluetooth: hci3: command tx timeout [ 251.447381][ T5815] chnl_net:caif_netlink_parms(): no params data found [ 251.560071][ T5824] Bluetooth: hci4: command tx timeout [ 251.763922][ T5814] bridge0: port 1(bridge_slave_0) entered blocking state [ 251.771574][ T5814] bridge0: port 1(bridge_slave_0) entered disabled state [ 251.781627][ T5814] bridge_slave_0: entered allmulticast mode [ 251.792016][ T5814] bridge_slave_0: entered promiscuous mode [ 251.823342][ T5814] bridge0: port 2(bridge_slave_1) entered blocking state [ 251.830918][ T5814] bridge0: port 2(bridge_slave_1) entered disabled state [ 251.838753][ T5814] bridge_slave_1: entered allmulticast mode [ 251.848367][ T5814] bridge_slave_1: entered promiscuous mode [ 251.865471][ T5829] chnl_net:caif_netlink_parms(): no params data found [ 252.268365][ T5814] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 252.329245][ T5816] bridge0: port 1(bridge_slave_0) entered blocking state [ 252.337145][ T5816] bridge0: port 1(bridge_slave_0) entered disabled state [ 252.344896][ T5816] bridge_slave_0: entered allmulticast mode [ 252.354450][ T5816] bridge_slave_0: entered promiscuous mode [ 252.380660][ T5814] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 252.477802][ T5816] bridge0: port 2(bridge_slave_1) entered blocking state [ 252.485722][ T5816] bridge0: port 2(bridge_slave_1) entered disabled state [ 252.494372][ T5816] bridge_slave_1: entered allmulticast mode [ 252.504195][ T5816] bridge_slave_1: entered promiscuous mode [ 252.517659][ T5827] bridge0: port 1(bridge_slave_0) entered blocking state [ 252.525487][ T5827] bridge0: port 1(bridge_slave_0) entered disabled state [ 252.533362][ T5827] bridge_slave_0: entered allmulticast mode [ 252.542722][ T5827] bridge_slave_0: entered promiscuous mode [ 252.672437][ T5827] bridge0: port 2(bridge_slave_1) entered blocking state [ 252.682119][ T5827] bridge0: port 2(bridge_slave_1) entered disabled state [ 252.691365][ T5827] bridge_slave_1: entered allmulticast mode [ 252.700470][ T5827] bridge_slave_1: entered promiscuous mode [ 252.813700][ T5816] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 252.838935][ T5814] team0: Port device team_slave_0 added [ 252.951746][ T5816] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 252.969815][ T5814] team0: Port device team_slave_1 added [ 253.187690][ T5827] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 253.198637][ T5815] bridge0: port 1(bridge_slave_0) entered blocking state [ 253.208791][ T5815] bridge0: port 1(bridge_slave_0) entered disabled state [ 253.216530][ T5815] bridge_slave_0: entered allmulticast mode [ 253.225952][ T5815] bridge_slave_0: entered promiscuous mode [ 253.234558][ T5824] Bluetooth: hci0: command tx timeout [ 253.283118][ T5816] team0: Port device team_slave_0 added [ 253.318945][ T5824] Bluetooth: hci1: command tx timeout [ 253.324856][ T5818] Bluetooth: hci2: command tx timeout [ 253.341194][ T5827] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 253.351061][ T5815] bridge0: port 2(bridge_slave_1) entered blocking state [ 253.358863][ T5815] bridge0: port 2(bridge_slave_1) entered disabled state [ 253.366586][ T5815] bridge_slave_1: entered allmulticast mode [ 253.376045][ T5815] bridge_slave_1: entered promiscuous mode [ 253.388159][ T5814] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 253.395684][ T5814] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 253.422117][ T5814] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 253.431742][ T5818] Bluetooth: hci3: command tx timeout [ 253.443686][ T5816] team0: Port device team_slave_1 added [ 253.468821][ T5829] bridge0: port 1(bridge_slave_0) entered blocking state [ 253.476394][ T5829] bridge0: port 1(bridge_slave_0) entered disabled state [ 253.486691][ T5829] bridge_slave_0: entered allmulticast mode [ 253.495935][ T5829] bridge_slave_0: entered promiscuous mode [ 253.578969][ T5814] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 253.586543][ T5814] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 253.613105][ T5814] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 253.649849][ T5818] Bluetooth: hci4: command tx timeout [ 253.660332][ T5829] bridge0: port 2(bridge_slave_1) entered blocking state [ 253.669108][ T5829] bridge0: port 2(bridge_slave_1) entered disabled state [ 253.676911][ T5829] bridge_slave_1: entered allmulticast mode [ 253.686538][ T5829] bridge_slave_1: entered promiscuous mode [ 253.872244][ T5827] team0: Port device team_slave_0 added [ 253.892834][ T5815] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 253.981375][ T5816] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 253.988723][ T5816] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 254.015340][ T5816] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 254.068746][ T5827] team0: Port device team_slave_1 added [ 254.086650][ T5815] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 254.113640][ T5814] hsr_slave_0: entered promiscuous mode [ 254.123817][ T5814] hsr_slave_1: entered promiscuous mode [ 254.134863][ T5816] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 254.142065][ T5816] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 254.168741][ T5816] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 254.189776][ T5829] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 254.211124][ T5829] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 254.425566][ T5815] team0: Port device team_slave_0 added [ 254.514257][ T5827] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 254.521470][ T5827] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 254.548069][ T5827] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 254.568958][ T5815] team0: Port device team_slave_1 added [ 254.636696][ T5829] team0: Port device team_slave_0 added [ 254.656791][ T5829] team0: Port device team_slave_1 added [ 254.691612][ T5827] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 254.698854][ T5827] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 254.725413][ T5827] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 254.969654][ T5815] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 254.977232][ T5815] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 255.003853][ T5815] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 255.029548][ T5816] hsr_slave_0: entered promiscuous mode [ 255.039388][ T5816] hsr_slave_1: entered promiscuous mode [ 255.047531][ T5816] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 255.055579][ T5816] Cannot create hsr debugfs directory [ 255.064049][ T5829] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 255.071217][ T5829] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 255.097858][ T5829] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 255.131318][ T5815] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 255.138703][ T5815] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 255.165516][ T5815] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 255.198554][ T5829] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 255.206061][ T5829] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 255.232683][ T5829] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 255.321272][ T5818] Bluetooth: hci0: command tx timeout [ 255.393694][ T5818] Bluetooth: hci2: command tx timeout [ 255.403791][ T5818] Bluetooth: hci1: command tx timeout [ 255.483798][ T5818] Bluetooth: hci3: command tx timeout [ 255.669282][ T5827] hsr_slave_0: entered promiscuous mode [ 255.678788][ T5827] hsr_slave_1: entered promiscuous mode [ 255.687136][ T5827] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 255.695053][ T5827] Cannot create hsr debugfs directory [ 255.713110][ T5818] Bluetooth: hci4: command tx timeout [ 255.751483][ T5829] hsr_slave_0: entered promiscuous mode [ 255.761209][ T5829] hsr_slave_1: entered promiscuous mode [ 255.769486][ T5829] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 255.777327][ T5829] Cannot create hsr debugfs directory [ 255.885211][ T5815] hsr_slave_0: entered promiscuous mode [ 255.895139][ T5815] hsr_slave_1: entered promiscuous mode [ 255.902804][ T5815] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 255.910818][ T5815] Cannot create hsr debugfs directory [ 256.822718][ T5814] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 256.926347][ T5814] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 257.031108][ T5814] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 257.101829][ T5814] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 257.238658][ T5816] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 257.262549][ T5816] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 257.374520][ T5816] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 257.395387][ T5818] Bluetooth: hci0: command tx timeout [ 257.395541][ T5816] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 257.465219][ T5829] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 257.481511][ T5818] Bluetooth: hci1: command tx timeout [ 257.487402][ T5818] Bluetooth: hci2: command tx timeout [ 257.553610][ T5824] Bluetooth: hci3: command tx timeout [ 257.640164][ T5829] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 257.702207][ T5829] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 257.730236][ T5829] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 257.807611][ T5824] Bluetooth: hci4: command tx timeout [ 257.918437][ T5827] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 258.019543][ T5827] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 258.050542][ T5827] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 258.082310][ T5827] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 258.126835][ T5815] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 258.159792][ T5815] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 258.249614][ T5815] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 258.306739][ T5815] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 258.390424][ T5814] 8021q: adding VLAN 0 to HW filter on device bond0 [ 258.647599][ T5814] 8021q: adding VLAN 0 to HW filter on device team0 [ 258.713419][ T3611] bridge0: port 1(bridge_slave_0) entered blocking state [ 258.721162][ T3611] bridge0: port 1(bridge_slave_0) entered forwarding state [ 258.823906][ T3611] bridge0: port 2(bridge_slave_1) entered blocking state [ 258.831512][ T3611] bridge0: port 2(bridge_slave_1) entered forwarding state [ 259.049963][ T5816] 8021q: adding VLAN 0 to HW filter on device bond0 [ 259.225667][ T5829] 8021q: adding VLAN 0 to HW filter on device bond0 [ 259.326362][ T5816] 8021q: adding VLAN 0 to HW filter on device team0 [ 259.374727][ T3958] bridge0: port 1(bridge_slave_0) entered blocking state [ 259.382324][ T3958] bridge0: port 1(bridge_slave_0) entered forwarding state [ 259.523325][ T5829] 8021q: adding VLAN 0 to HW filter on device team0 [ 259.543030][ T5827] 8021q: adding VLAN 0 to HW filter on device bond0 [ 259.577937][ T4293] bridge0: port 2(bridge_slave_1) entered blocking state [ 259.585652][ T4293] bridge0: port 2(bridge_slave_1) entered forwarding state [ 259.627491][ T4293] bridge0: port 1(bridge_slave_0) entered blocking state [ 259.635226][ T4293] bridge0: port 1(bridge_slave_0) entered forwarding state [ 259.800381][ T5827] 8021q: adding VLAN 0 to HW filter on device team0 [ 259.849739][ T4293] bridge0: port 2(bridge_slave_1) entered blocking state [ 259.857473][ T4293] bridge0: port 2(bridge_slave_1) entered forwarding state [ 260.041064][ T5815] 8021q: adding VLAN 0 to HW filter on device bond0 [ 260.052023][ T5816] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 260.064810][ T5816] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 260.120236][ T4293] bridge0: port 1(bridge_slave_0) entered blocking state [ 260.127981][ T4293] bridge0: port 1(bridge_slave_0) entered forwarding state [ 260.340987][ T5815] 8021q: adding VLAN 0 to HW filter on device team0 [ 260.350791][ T5829] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 260.362829][ T5829] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 260.403315][ T4293] bridge0: port 2(bridge_slave_1) entered blocking state [ 260.410834][ T4293] bridge0: port 2(bridge_slave_1) entered forwarding state [ 260.619432][ T4293] bridge0: port 1(bridge_slave_0) entered blocking state [ 260.627132][ T4293] bridge0: port 1(bridge_slave_0) entered forwarding state [ 260.654626][ T4293] bridge0: port 2(bridge_slave_1) entered blocking state [ 260.662216][ T4293] bridge0: port 2(bridge_slave_1) entered forwarding state [ 261.526097][ T5814] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 262.011468][ T5814] veth0_vlan: entered promiscuous mode [ 262.156776][ T5814] veth1_vlan: entered promiscuous mode [ 262.266943][ T5816] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 262.527716][ T5814] veth0_macvtap: entered promiscuous mode [ 262.586870][ T5829] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 262.659650][ T5814] veth1_macvtap: entered promiscuous mode [ 262.773048][ T5827] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 262.930003][ T5816] veth0_vlan: entered promiscuous mode [ 262.959731][ T5814] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 263.032099][ T5814] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 263.100003][ T5814] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 263.110669][ T5814] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 263.120256][ T5814] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 263.129417][ T5814] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 263.204003][ T5816] veth1_vlan: entered promiscuous mode [ 263.260877][ T5829] veth0_vlan: entered promiscuous mode [ 263.278630][ T5815] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 263.349710][ T5829] veth1_vlan: entered promiscuous mode [ 263.659649][ T5816] veth0_macvtap: entered promiscuous mode [ 263.710118][ T5816] veth1_macvtap: entered promiscuous mode [ 263.840658][ T5829] veth0_macvtap: entered promiscuous mode [ 263.892472][ T5815] veth0_vlan: entered promiscuous mode [ 263.952684][ T5829] veth1_macvtap: entered promiscuous mode [ 263.969999][ T5816] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 264.090139][ T5816] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 264.118045][ T5815] veth1_vlan: entered promiscuous mode [ 264.187097][ T5829] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 264.247669][ T5816] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 264.258082][ T5816] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 264.268122][ T5816] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 264.277482][ T5816] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 264.363854][ T5829] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 264.488939][ T5829] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 264.498302][ T5829] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 264.509989][ T5829] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 264.519917][ T5829] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 264.627057][ T5815] veth0_macvtap: entered promiscuous mode [ 264.655384][ T5815] veth1_macvtap: entered promiscuous mode [ 264.871301][ T5815] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 265.006607][ T5815] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 265.137711][ T5815] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 265.147240][ T5815] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 265.156573][ T5815] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 265.165872][ T5815] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 265.825900][ T5827] veth0_vlan: entered promiscuous mode [ 265.942696][ T5827] veth1_vlan: entered promiscuous mode [ 266.278924][ T5827] veth0_macvtap: entered promiscuous mode [ 266.381087][ T5827] veth1_macvtap: entered promiscuous mode [ 266.581089][ T5827] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 266.699058][ T5827] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 266.811616][ T5827] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 266.820931][ T5827] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 266.830158][ T5827] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 266.839464][ T5827] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 270.115540][ T1126] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 270.124033][ T1126] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 270.346805][ T3858] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 270.355933][ T3858] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 270.857071][ T5814] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 271.617862][ T4293] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 271.626138][ T4293] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 271.783428][ T3958] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 271.791625][ T3958] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 271.852128][ T3858] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 271.860475][ T3858] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 272.156349][ T3858] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 272.165625][ T3858] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 272.243475][ T4293] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 272.251716][ T4293] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 272.393271][ T48] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 272.401485][ T48] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 273.195813][ T6004] loop3: detected capacity change from 0 to 1024 [ 273.237729][ T6004] ======================================================= [ 273.237729][ T6004] WARNING: The mand mount option has been deprecated and [ 273.237729][ T6004] and is ignored by this kernel. Remove the mand [ 273.237729][ T6004] option from the mount to silence this warning. [ 273.237729][ T6004] ======================================================= [ 273.274281][ T6004] EXT4-fs: Ignoring removed oldalloc option [ 273.280546][ T6004] EXT4-fs: Ignoring removed bh option [ 273.466209][ T6004] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 273.644001][ T30] audit: type=1804 audit(1753256617.464:2): pid=6004 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.4" name="/newroot/0/file1/bus" dev="loop3" ino=18 res=1 errno=0 [ 274.084277][ T48] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 274.092581][ T48] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 274.311508][ T4090] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 274.323976][ T4090] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 274.350446][ T5815] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 274.866165][ T6022] netlink: 28 bytes leftover after parsing attributes in process `syz.3.10'. [ 276.684939][ T6046] loop0: detected capacity change from 0 to 2048 [ 276.875946][ T6046] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 277.004018][ T6046] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.19: bg 0: block 234: padding at end of block bitmap is not set [ 277.137778][ T6056] loop4: detected capacity change from 0 to 512 [ 277.323944][ T5814] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 277.345672][ T6056] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 277.359073][ T6056] ext4 filesystem being mounted at /2/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 278.269255][ T5827] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 278.366978][ T6071] netlink: 'syz.2.28': attribute type 10 has an invalid length. [ 278.375218][ T6071] veth1_macvtap: entered allmulticast mode [ 278.382320][ T6071] team0: Device veth1_macvtap is up. Set it down before adding it as a team port [ 278.988779][ T6080] process 'syz.0.32' launched './file0' with NULL argv: empty string added [ 280.731900][ T6097] netlink: 24 bytes leftover after parsing attributes in process `syz.4.38'. [ 281.356765][ T6105] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 281.473129][ T30] audit: type=1326 audit(1753256625.314:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6106 comm="syz.4.42" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f70a4d8e9a9 code=0x7ffc0000 [ 281.474451][ T30] audit: type=1326 audit(1753256625.334:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6106 comm="syz.4.42" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f70a4d8e9a9 code=0x7ffc0000 [ 281.521092][ T30] audit: type=1326 audit(1753256625.374:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6106 comm="syz.4.42" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f70a4d8e9a9 code=0x7ffc0000 [ 281.521338][ T30] audit: type=1326 audit(1753256625.374:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6106 comm="syz.4.42" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f70a4d8e9a9 code=0x7ffc0000 [ 281.550523][ T30] audit: type=1326 audit(1753256625.404:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6106 comm="syz.4.42" exe="/root/syz-executor" sig=0 arch=c000003e syscall=228 compat=0 ip=0x7f70a4d8e9a9 code=0x7ffc0000 [ 281.555515][ T30] audit: type=1326 audit(1753256625.414:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6106 comm="syz.4.42" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f70a4d8e9a9 code=0x7ffc0000 [ 281.555727][ T30] audit: type=1326 audit(1753256625.414:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6106 comm="syz.4.42" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f70a4d8e9a9 code=0x7ffc0000 [ 281.593141][ T30] audit: type=1326 audit(1753256625.434:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6106 comm="syz.4.42" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f70a4d8e9a9 code=0x7ffc0000 [ 281.743320][ T30] audit: type=1326 audit(1753256625.434:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6106 comm="syz.4.42" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f70a4d8e9a9 code=0x7ffc0000 [ 281.765979][ T30] audit: type=1326 audit(1753256625.554:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6106 comm="syz.4.42" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f70a4d8e9a9 code=0x7ffc0000 [ 283.329226][ T6126] loop2: detected capacity change from 0 to 512 [ 283.432528][ T6130] netlink: 'syz.0.51': attribute type 10 has an invalid length. [ 283.546404][ T6134] netlink: 'syz.0.51': attribute type 10 has an invalid length. [ 283.555025][ T6130] team0: Port device dummy0 added [ 283.606954][ T6126] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 283.620271][ T6126] ext4 filesystem being mounted at /11/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 283.651830][ T6134] team0: Port device dummy0 removed [ 283.676608][ T6134] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 284.015806][ T5816] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 285.676486][ T6158] mmap: syz.3.59 (6158) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 285.888798][ T6152] netlink: 12 bytes leftover after parsing attributes in process `syz.3.59'. [ 285.904388][ T6152] netlink: 12 bytes leftover after parsing attributes in process `syz.3.59'. [ 287.625326][ T6170] netlink: 'syz.4.65': attribute type 13 has an invalid length. [ 287.839878][ T6172] loop2: detected capacity change from 0 to 128 [ 288.426788][ T6170] bridge0: port 2(bridge_slave_1) entered disabled state [ 288.436799][ T6170] bridge0: port 1(bridge_slave_0) entered disabled state [ 288.695036][ T6170] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 288.730377][ T6170] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 288.910461][ T30] kauditd_printk_skb: 62 callbacks suppressed [ 288.910539][ T30] audit: type=1326 audit(1753256632.754:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6182 comm="syz.0.70" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f66db78e9a9 code=0x7ffc0000 [ 288.941199][ T30] audit: type=1326 audit(1753256632.754:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6182 comm="syz.0.70" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f66db78e9a9 code=0x7ffc0000 [ 288.963880][ T30] audit: type=1326 audit(1753256632.784:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6182 comm="syz.0.70" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f66db78e9a9 code=0x7ffc0000 [ 288.991307][ T30] audit: type=1326 audit(1753256632.784:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6182 comm="syz.0.70" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f66db78e9a9 code=0x7ffc0000 [ 289.015479][ T30] audit: type=1326 audit(1753256632.814:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6182 comm="syz.0.70" exe="/root/syz-executor" sig=0 arch=c000003e syscall=275 compat=0 ip=0x7f66db78e9a9 code=0x7ffc0000 [ 289.038237][ T30] audit: type=1326 audit(1753256632.814:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6182 comm="syz.0.70" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f66db78e9a9 code=0x7ffc0000 [ 289.060955][ T30] audit: type=1326 audit(1753256632.834:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6182 comm="syz.0.70" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f66db78e9a9 code=0x7ffc0000 [ 289.093431][ T30] audit: type=1326 audit(1753256632.844:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6182 comm="syz.0.70" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f66db78e9a9 code=0x7ffc0000 [ 289.121573][ T30] audit: type=1326 audit(1753256632.874:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6182 comm="syz.0.70" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f66db78e9a9 code=0x7ffc0000 [ 289.144416][ T30] audit: type=1326 audit(1753256632.874:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6182 comm="syz.0.70" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f66db78e9a9 code=0x7ffc0000 [ 289.589022][ T6170] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 289.599709][ T6170] netdevsim netdevsim4 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 289.609194][ T6170] netdevsim netdevsim4 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 289.618650][ T6170] netdevsim netdevsim4 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 291.066734][ T1288] ieee802154 phy0 wpan0: encryption failed: -22 [ 291.073679][ T1288] ieee802154 phy1 wpan1: encryption failed: -22 [ 291.366766][ T6208] netlink: 8 bytes leftover after parsing attributes in process `syz.2.81'. [ 291.376137][ T6208] netlink: 8 bytes leftover after parsing attributes in process `syz.2.81'. [ 291.420535][ T6211] loop0: detected capacity change from 0 to 128 [ 293.796967][ T6232] loop1: detected capacity change from 0 to 1024 [ 293.906722][ T6232] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 294.030509][ T6242] netlink: 8 bytes leftover after parsing attributes in process `syz.2.95'. [ 294.041445][ T6242] netlink: 8 bytes leftover after parsing attributes in process `syz.2.95'. [ 294.109545][ T30] kauditd_printk_skb: 51 callbacks suppressed [ 294.109620][ T30] audit: type=1800 audit(1753256637.964:136): pid=6232 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.92" name="file1" dev="loop1" ino=15 res=0 errno=0 [ 294.354283][ T6247] syz.4.97 uses obsolete (PF_INET,SOCK_PACKET) [ 294.700620][ T5829] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 295.141163][ T6252] loop2: detected capacity change from 0 to 2048 [ 295.313580][ T6252] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 295.471365][ T30] audit: type=1326 audit(1753256639.324:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6257 comm="syz.1.100" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f869a38e9a9 code=0x7ffc0000 [ 295.673928][ T30] audit: type=1326 audit(1753256639.354:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6257 comm="syz.1.100" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f869a38e9a9 code=0x7ffc0000 [ 295.697036][ T30] audit: type=1326 audit(1753256639.364:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6257 comm="syz.1.100" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f869a38e9a9 code=0x7ffc0000 [ 295.719982][ T30] audit: type=1326 audit(1753256639.364:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6257 comm="syz.1.100" exe="/root/syz-executor" sig=0 arch=c000003e syscall=228 compat=0 ip=0x7f869a38e9a9 code=0x7ffc0000 [ 295.745949][ T30] audit: type=1326 audit(1753256639.364:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6257 comm="syz.1.100" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f869a38e9a9 code=0x7ffc0000 [ 295.770096][ T30] audit: type=1326 audit(1753256639.364:142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6257 comm="syz.1.100" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f869a38e9a9 code=0x7ffc0000 [ 295.793014][ T30] audit: type=1326 audit(1753256639.374:143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6257 comm="syz.1.100" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f869a38e9a9 code=0x7ffc0000 [ 295.815791][ T30] audit: type=1326 audit(1753256639.374:144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6257 comm="syz.1.100" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f869a38e9a9 code=0x7ffc0000 [ 295.842122][ T30] audit: type=1326 audit(1753256639.374:145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6257 comm="syz.1.100" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f869a38e9a9 code=0x7ffc0000 [ 296.125327][ T6262] random: crng reseeded on system resumption [ 296.565278][ T6266] capability: warning: `syz.1.103' uses deprecated v2 capabilities in a way that may be insecure [ 296.969561][ T6260] infiniband syz!: set active [ 296.974769][ T6260] infiniband syz!: added team_slave_0 [ 297.037396][ T6260] workqueue: Failed to create a rescuer kthread for wq "ib_mad1": -EINTR [ 297.097519][ T6260] infiniband syz!: Couldn't open port 1 [ 297.223236][ T11] hid-generic 0008:0006:0007.0001: unknown main item tag 0x0 [ 297.231255][ T11] hid-generic 0008:0006:0007.0001: unknown main item tag 0x0 [ 297.239297][ T11] hid-generic 0008:0006:0007.0001: unknown main item tag 0x0 [ 297.247157][ T11] hid-generic 0008:0006:0007.0001: unknown main item tag 0x0 [ 297.254991][ T11] hid-generic 0008:0006:0007.0001: unknown main item tag 0x0 [ 297.267287][ T11] hid-generic 0008:0006:0007.0001: unknown main item tag 0x0 [ 297.276276][ T11] hid-generic 0008:0006:0007.0001: unknown main item tag 0x0 [ 297.284088][ T11] hid-generic 0008:0006:0007.0001: unknown main item tag 0x0 [ 297.289004][ T6260] RDS/IB: syz!: added [ 297.291702][ T11] hid-generic 0008:0006:0007.0001: unknown main item tag 0x0 [ 297.295982][ T6260] smc: adding ib device syz! with port count 1 [ 297.303546][ T11] hid-generic 0008:0006:0007.0001: unknown main item tag 0x0 [ 297.303720][ T11] hid-generic 0008:0006:0007.0001: unknown main item tag 0x0 [ 297.303885][ T11] hid-generic 0008:0006:0007.0001: unknown main item tag 0x0 [ 297.304055][ T11] hid-generic 0008:0006:0007.0001: unknown main item tag 0x0 [ 297.310182][ T6260] smc: ib device syz! port 1 has pnetid [ 297.317867][ T11] hid-generic 0008:0006:0007.0001: unknown main item tag 0x0 [ 297.354548][ T11] hid-generic 0008:0006:0007.0001: unknown main item tag 0x0 [ 297.362251][ T11] hid-generic 0008:0006:0007.0001: unknown main item tag 0x0 [ 297.374486][ T11] hid-generic 0008:0006:0007.0001: unknown main item tag 0x0 [ 297.382246][ T11] hid-generic 0008:0006:0007.0001: unknown main item tag 0x0 [ 297.391248][ T11] hid-generic 0008:0006:0007.0001: unknown main item tag 0x0 [ 297.403133][ T11] hid-generic 0008:0006:0007.0001: unknown main item tag 0x0 [ 297.410835][ T11] hid-generic 0008:0006:0007.0001: unknown main item tag 0x0 [ 297.421499][ T11] hid-generic 0008:0006:0007.0001: unknown main item tag 0x0 [ 297.429313][ T11] hid-generic 0008:0006:0007.0001: unknown main item tag 0x0 [ 297.437364][ T11] hid-generic 0008:0006:0007.0001: unknown main item tag 0x0 [ 297.445160][ T11] hid-generic 0008:0006:0007.0001: unknown main item tag 0x0 [ 297.452946][ T11] hid-generic 0008:0006:0007.0001: unknown main item tag 0x0 [ 297.460738][ T11] hid-generic 0008:0006:0007.0001: unknown main item tag 0x0 [ 297.473243][ T11] hid-generic 0008:0006:0007.0001: unknown main item tag 0x0 [ 297.480982][ T11] hid-generic 0008:0006:0007.0001: unknown main item tag 0x0 [ 297.490655][ T11] hid-generic 0008:0006:0007.0001: unknown main item tag 0x0 [ 297.498639][ T11] hid-generic 0008:0006:0007.0001: unknown main item tag 0x0 [ 297.506455][ T11] hid-generic 0008:0006:0007.0001: unknown main item tag 0x0 [ 297.514333][ T11] hid-generic 0008:0006:0007.0001: unknown main item tag 0x0 [ 297.522041][ T11] hid-generic 0008:0006:0007.0001: unknown main item tag 0x0 [ 297.529795][ T11] hid-generic 0008:0006:0007.0001: unknown main item tag 0x0 [ 297.537600][ T11] hid-generic 0008:0006:0007.0001: unknown main item tag 0x0 [ 297.545692][ T11] hid-generic 0008:0006:0007.0001: unknown main item tag 0x0 [ 297.553605][ T11] hid-generic 0008:0006:0007.0001: unknown main item tag 0x0 [ 297.561246][ T11] hid-generic 0008:0006:0007.0001: unknown main item tag 0x0 [ 297.574224][ T11] hid-generic 0008:0006:0007.0001: unknown main item tag 0x0 [ 297.581962][ T11] hid-generic 0008:0006:0007.0001: unknown main item tag 0x0 [ 297.589922][ T11] hid-generic 0008:0006:0007.0001: unknown main item tag 0x0 [ 297.597736][ T11] hid-generic 0008:0006:0007.0001: unknown main item tag 0x0 [ 297.605562][ T11] hid-generic 0008:0006:0007.0001: unknown main item tag 0x0 [ 297.613506][ T11] hid-generic 0008:0006:0007.0001: unknown main item tag 0x0 [ 297.621217][ T11] hid-generic 0008:0006:0007.0001: unknown main item tag 0x0 [ 297.629026][ T11] hid-generic 0008:0006:0007.0001: unknown main item tag 0x0 [ 297.636848][ T11] hid-generic 0008:0006:0007.0001: unknown main item tag 0x0 [ 297.644673][ T11] hid-generic 0008:0006:0007.0001: unknown main item tag 0x0 [ 297.652406][ T11] hid-generic 0008:0006:0007.0001: unknown main item tag 0x0 [ 297.660146][ T11] hid-generic 0008:0006:0007.0001: unknown main item tag 0x0 [ 297.667961][ T11] hid-generic 0008:0006:0007.0001: unknown main item tag 0x0 [ 297.680294][ T11] hid-generic 0008:0006:0007.0001: unknown main item tag 0x0 [ 298.187365][ T11] hid-generic 0008:0006:0007.0001: hidraw0: HID v0.0b Device [syz1] on syz1 [ 298.741257][ T6282] netlink: 8 bytes leftover after parsing attributes in process `syz.1.109'. [ 298.750769][ T6282] netlink: 8 bytes leftover after parsing attributes in process `syz.1.109'. [ 298.834147][ T6241] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm ext4lazyinit: bg 0: block 234: padding at end of block bitmap is not set [ 299.648485][ T6283] fido_id[6283]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 299.702522][ T30] kauditd_printk_skb: 29 callbacks suppressed [ 299.702610][ T30] audit: type=1326 audit(1753256643.554:175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6290 comm="syz.3.113" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa86c98e9a9 code=0x7ffc0000 [ 299.959351][ T30] audit: type=1326 audit(1753256643.614:176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6290 comm="syz.3.113" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7fa86c98e9a9 code=0x7ffc0000 [ 299.985579][ T30] audit: type=1326 audit(1753256643.644:177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6290 comm="syz.3.113" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa86c98e9a9 code=0x7ffc0000 [ 300.008752][ T30] audit: type=1326 audit(1753256643.644:178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6290 comm="syz.3.113" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa86c98e9a9 code=0x7ffc0000 [ 300.034713][ T30] audit: type=1326 audit(1753256643.704:179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6290 comm="syz.3.113" exe="/root/syz-executor" sig=0 arch=c000003e syscall=228 compat=0 ip=0x7fa86c98e9a9 code=0x7ffc0000 [ 300.059273][ T30] audit: type=1326 audit(1753256643.704:180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6290 comm="syz.3.113" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa86c98e9a9 code=0x7ffc0000 [ 300.084221][ T30] audit: type=1326 audit(1753256643.704:181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6290 comm="syz.3.113" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fa86c98e9a9 code=0x7ffc0000 [ 300.107257][ T30] audit: type=1326 audit(1753256643.714:182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6290 comm="syz.3.113" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa86c98e9a9 code=0x7ffc0000 [ 300.133268][ T30] audit: type=1326 audit(1753256643.714:183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6290 comm="syz.3.113" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fa86c98e9a9 code=0x7ffc0000 [ 300.157839][ T30] audit: type=1326 audit(1753256643.714:184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6290 comm="syz.3.113" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa86c98e9a9 code=0x7ffc0000 [ 302.209374][ T6306] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING [ 303.083658][ T6314] loop0: detected capacity change from 0 to 512 [ 303.098111][ T6314] EXT4-fs (loop0): unable to read superblock [ 303.499417][ T6316] netlink: 8 bytes leftover after parsing attributes in process `syz.1.124'. [ 303.513726][ T6316] netlink: 8 bytes leftover after parsing attributes in process `syz.1.124'. [ 304.733959][ T5816] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 306.553774][ T6329] loop3: detected capacity change from 0 to 1024 [ 306.832786][ T6329] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 309.295912][ T5815] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 309.519512][ T6354] loop1: detected capacity change from 0 to 128 [ 309.761579][ T6354] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 309.954111][ T6354] ext4 filesystem being mounted at /30/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 311.335811][ T5829] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 311.988761][ T30] kauditd_printk_skb: 37 callbacks suppressed [ 311.988834][ T30] audit: type=1326 audit(1753256655.844:222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6367 comm="syz.3.141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa86c98e9a9 code=0x7ffc0000 [ 312.141356][ T30] audit: type=1326 audit(1753256655.934:223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6367 comm="syz.3.141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=93 compat=0 ip=0x7fa86c98e9a9 code=0x7ffc0000 [ 312.164198][ T30] audit: type=1326 audit(1753256655.944:224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6367 comm="syz.3.141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa86c98e9a9 code=0x7ffc0000 [ 312.187041][ T30] audit: type=1326 audit(1753256655.944:225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6367 comm="syz.3.141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=238 compat=0 ip=0x7fa86c98e9a9 code=0x7ffc0000 [ 312.209920][ T30] audit: type=1326 audit(1753256655.944:226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6367 comm="syz.3.141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa86c98e9a9 code=0x7ffc0000 [ 312.587515][ T11] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 312.677331][ T11] hid-generic 0000:0000:0000.0002: hidraw0: HID v0.00 Device [syz1] on syz0 [ 312.733887][ T6374] loop0: detected capacity change from 0 to 1024 [ 313.387039][ T6388] loop4: detected capacity change from 0 to 128 [ 313.717349][ T6388] syz.4.147: attempt to access beyond end of device [ 313.717349][ T6388] loop4: rw=2049, sector=145, nr_sectors = 16 limit=128 [ 313.765408][ T6388] syz.4.147: attempt to access beyond end of device [ 313.765408][ T6388] loop4: rw=2049, sector=169, nr_sectors = 8 limit=128 [ 313.872346][ T6386] fido_id[6386]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 313.892183][ T6391] syz.4.147: attempt to access beyond end of device [ 313.892183][ T6391] loop4: rw=524288, sector=145, nr_sectors = 16 limit=128 [ 313.906517][ T6391] syz.4.147: attempt to access beyond end of device [ 313.906517][ T6391] loop4: rw=524288, sector=169, nr_sectors = 8 limit=128 [ 313.921014][ T6391] syz.4.147: attempt to access beyond end of device [ 313.921014][ T6391] loop4: rw=0, sector=145, nr_sectors = 8 limit=128 [ 313.964809][ T6388] syz.4.147: attempt to access beyond end of device [ 313.964809][ T6388] loop4: rw=2049, sector=185, nr_sectors = 8 limit=128 [ 314.021949][ T6391] syz.4.147: attempt to access beyond end of device [ 314.021949][ T6391] loop4: rw=0, sector=145, nr_sectors = 8 limit=128 [ 314.174083][ T6391] syz.4.147: attempt to access beyond end of device [ 314.174083][ T6391] loop4: rw=0, sector=145, nr_sectors = 8 limit=128 [ 314.189734][ T6398] loop0: detected capacity change from 0 to 764 [ 314.247773][ T6391] syz.4.147: attempt to access beyond end of device [ 314.247773][ T6391] loop4: rw=0, sector=145, nr_sectors = 8 limit=128 [ 314.336675][ T6391] syz.4.147: attempt to access beyond end of device [ 314.336675][ T6391] loop4: rw=0, sector=145, nr_sectors = 8 limit=128 [ 314.545479][ T6401] netlink: 'syz.2.151': attribute type 13 has an invalid length. [ 314.769771][ T6402] loop3: detected capacity change from 0 to 1756 [ 315.180242][ T6401] bridge0: port 2(bridge_slave_1) entered disabled state [ 315.190297][ T6401] bridge0: port 1(bridge_slave_0) entered disabled state [ 315.464214][ T6401] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 315.500842][ T6401] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 316.150673][ T6401] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 316.160415][ T6401] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 316.170019][ T6401] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 316.179421][ T6401] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 316.297799][ T6419] kernel profiling enabled (shift: 7) [ 317.202152][ T5869] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 317.224031][ T5869] hid-generic 0000:0000:0000.0003: hidraw0: HID v0.00 Device [syz1] on syz0 [ 317.277600][ T6424] loop0: detected capacity change from 0 to 1024 [ 318.878540][ T6440] fido_id[6440]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 319.315505][ T6447] netlink: 'syz.3.166': attribute type 4 has an invalid length. [ 319.462561][ T6451] macsec1: entered promiscuous mode [ 319.468571][ T6451] bridge0: entered promiscuous mode [ 319.477411][ T6451] bridge0: port 3(macsec1) entered blocking state [ 319.488877][ T6451] bridge0: port 3(macsec1) entered disabled state [ 319.496542][ T6451] macsec1: entered allmulticast mode [ 319.502181][ T6451] bridge0: entered allmulticast mode [ 319.649416][ T6451] macsec1: left allmulticast mode [ 319.656314][ T6451] bridge0: left allmulticast mode [ 319.703310][ T6451] bridge0: left promiscuous mode [ 320.385829][ T6458] netlink: 'syz.4.171': attribute type 13 has an invalid length. [ 320.771042][ T6462] loop1: detected capacity change from 0 to 1024 [ 320.913411][ T6462] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 321.079427][ T6468] netlink: 12 bytes leftover after parsing attributes in process `syz.4.174'. [ 321.088982][ T6468] netlink: 'syz.4.174': attribute type 6 has an invalid length. [ 321.113543][ T6468] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 321.125862][ T6468] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 321.136909][ T6468] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 321.146065][ T6468] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 321.211362][ T5829] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 321.297555][ T2231] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 321.367245][ T2231] hid-generic 0000:0000:0000.0004: hidraw0: HID v0.00 Device [syz1] on syz0 [ 321.437808][ T6470] loop0: detected capacity change from 0 to 1024 [ 321.444904][ T6468] vxlan0: entered promiscuous mode [ 322.057211][ T6473] fido_id[6473]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 323.163861][ T6491] netlink: 'syz.4.184': attribute type 13 has an invalid length. [ 323.251369][ T6491] netdevsim netdevsim4 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 323.262019][ T6491] netdevsim netdevsim4 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 323.263743][ T30] audit: type=1326 audit(1753256667.094:227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6492 comm="syz.0.185" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f66db78e9a9 code=0x7ffc0000 [ 323.276175][ T6491] netdevsim netdevsim4 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 323.307501][ T6491] netdevsim netdevsim4 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 323.414647][ T30] audit: type=1326 audit(1753256667.174:228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6492 comm="syz.0.185" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f66db78e9a9 code=0x7ffc0000 [ 323.437973][ T30] audit: type=1326 audit(1753256667.184:229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6492 comm="syz.0.185" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f66db78e9a9 code=0x7ffc0000 [ 323.462580][ T30] audit: type=1326 audit(1753256667.204:230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6492 comm="syz.0.185" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f66db78e9a9 code=0x7ffc0000 [ 323.487860][ T30] audit: type=1326 audit(1753256667.204:231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6492 comm="syz.0.185" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f66db78e9a9 code=0x7ffc0000 [ 323.511555][ T30] audit: type=1326 audit(1753256667.204:232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6492 comm="syz.0.185" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f66db78e9a9 code=0x7ffc0000 [ 323.534394][ T30] audit: type=1326 audit(1753256667.224:233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6492 comm="syz.0.185" exe="/root/syz-executor" sig=0 arch=c000003e syscall=98 compat=0 ip=0x7f66db78e9a9 code=0x7ffc0000 [ 323.557217][ T30] audit: type=1326 audit(1753256667.224:234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6492 comm="syz.0.185" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f66db78e9a9 code=0x7ffc0000 [ 323.836794][ T6496] loop2: detected capacity change from 0 to 1024 [ 324.389427][ T6496] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 324.999088][ T5816] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 325.042801][ T6509] netdevsim netdevsim4: Direct firmware load for ./file0 failed with error -2 [ 325.052349][ T6509] netdevsim netdevsim4: Falling back to sysfs fallback for: ./file0 [ 327.007094][ T6529] netlink: 'syz.3.199': attribute type 13 has an invalid length. [ 327.391334][ T6533] loop2: detected capacity change from 0 to 1024 [ 327.566874][ T6529] bridge0: port 2(bridge_slave_1) entered disabled state [ 327.576917][ T6529] bridge0: port 1(bridge_slave_0) entered disabled state [ 327.736127][ T6533] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 327.876853][ T6529] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 327.911863][ T6529] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 328.288461][ T6529] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 328.303836][ T6529] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 328.314280][ T6529] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 328.323755][ T6529] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 328.430726][ T5816] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 329.117077][ T6551] netlink: 'syz.2.205': attribute type 4 has an invalid length. [ 330.465859][ T6561] loop2: detected capacity change from 0 to 8192 [ 331.261727][ T30] audit: type=1800 audit(1753256675.114:235): pid=6567 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.212" name="file1" dev="loop2" ino=1048603 res=0 errno=0 [ 331.716843][ T6575] netlink: 'syz.4.215': attribute type 10 has an invalid length. [ 331.740040][ T6575] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 332.137107][ T6583] netlink: 'syz.3.219': attribute type 13 has an invalid length. [ 332.985028][ T6592] tmpfs: Unknown parameter 'rootcontext½' [ 333.467989][ T6594] loop0: detected capacity change from 0 to 128 [ 333.548656][ T6594] FAT-fs (loop0): Directory bread(block 162) failed [ 333.556083][ T6594] FAT-fs (loop0): Directory bread(block 163) failed [ 333.563268][ T6594] FAT-fs (loop0): Directory bread(block 164) failed [ 333.570164][ T6594] FAT-fs (loop0): Directory bread(block 165) failed [ 333.577272][ T6594] FAT-fs (loop0): Directory bread(block 166) failed [ 333.584311][ T6594] FAT-fs (loop0): Directory bread(block 167) failed [ 333.591164][ T6594] FAT-fs (loop0): Directory bread(block 168) failed [ 333.598320][ T6594] FAT-fs (loop0): Directory bread(block 169) failed [ 333.702789][ T6594] FAT-fs (loop0): Directory bread(block 162) failed [ 333.710196][ T6594] FAT-fs (loop0): Directory bread(block 163) failed [ 333.823831][ T6594] syz.0.226: attempt to access beyond end of device [ 333.823831][ T6594] loop0: rw=3, sector=226, nr_sectors = 6 limit=128 [ 333.837672][ T6594] syz.0.226: attempt to access beyond end of device [ 333.837672][ T6594] loop0: rw=2051, sector=232, nr_sectors = 2 limit=128 [ 334.759321][ T6615] loop2: detected capacity change from 0 to 128 [ 335.104482][ T30] audit: type=1800 audit(1753256678.884:236): pid=6615 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.234" name="bus" dev="loop2" ino=1048604 res=0 errno=0 [ 336.556830][ T6632] loop1: detected capacity change from 0 to 1024 [ 336.610987][ T6632] EXT4-fs: Ignoring removed nomblk_io_submit option [ 336.731885][ T6632] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 336.937907][ T6638] loop8: detected capacity change from 0 to 16384 [ 337.275071][ T6638] loop8: detected capacity change from 16384 to 16383 [ 337.761235][ T5829] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 339.587164][ T6660] loop2: detected capacity change from 0 to 128 [ 339.661588][ T5869] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 341.544683][ T30] audit: type=1800 audit(1753256685.264:237): pid=6660 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.249" name="bus" dev="loop2" ino=1048605 res=0 errno=0 [ 342.696033][ T5168] udevd[5168]: worker [5972] terminated by signal 33 (Unknown signal 33) [ 342.751850][ T5168] udevd[5168]: worker [5972] failed while handling '/devices/virtual/block/loop8' [ 343.575119][ T6688] loop1: detected capacity change from 0 to 2048 [ 343.846913][ T6688] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 344.606272][ T6711] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0 [ 344.651116][ T6710] IPVS: stopping master sync thread 6711 ... [ 344.932486][ T5829] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 345.442467][ T6716] loop4: detected capacity change from 0 to 128 [ 345.534586][ T30] audit: type=1800 audit(1753256689.344:238): pid=6716 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.265" name="bus" dev="loop4" ino=1048606 res=0 errno=0 [ 345.679633][ T5869] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 345.689755][ T6717] tipc: Started in network mode [ 345.695214][ T6717] tipc: Node identity 3a40f9772986, cluster identity 4711 [ 345.707696][ T6717] tipc: Enabled bearer , priority 0 [ 345.730720][ T6719] loop1: detected capacity change from 0 to 1024 [ 345.743354][ T6721] syzkaller0: entered promiscuous mode [ 345.749224][ T6721] syzkaller0: entered allmulticast mode [ 345.762231][ T5869] hid-generic 0000:0000:0000.0005: hidraw0: HID v0.00 Device [syz1] on syz0 [ 345.826549][ T6717] tipc: Resetting bearer [ 345.859440][ T6714] tipc: Resetting bearer [ 345.887212][ T6714] tipc: Disabling bearer [ 346.813968][ T6741] netlink: 'syz.4.273': attribute type 13 has an invalid length. [ 346.921719][ T6742] loop0: detected capacity change from 0 to 2048 [ 346.990428][ T6742] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 347.170730][ T5814] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 347.470440][ T6751] loop3: detected capacity change from 0 to 128 [ 347.614011][ T30] audit: type=1800 audit(1753256691.404:239): pid=6751 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.279" name="bus" dev="loop3" ino=1048607 res=0 errno=0 [ 348.566719][ T6762] tipc: Enabling of bearer rejected, failed to enable media [ 349.164822][ T30] audit: type=1326 audit(1753256692.954:240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6767 comm="syz.4.284" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f70a4d8e9a9 code=0x7ffc0000 [ 349.191186][ T30] audit: type=1326 audit(1753256692.954:241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6767 comm="syz.4.284" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f70a4d8e9a9 code=0x7ffc0000 [ 349.710566][ T6784] netlink: 'syz.3.286': attribute type 13 has an invalid length. [ 349.772303][ T30] audit: type=1326 audit(1753256693.624:242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6785 comm="syz.1.287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f869a38e9a9 code=0x7ffc0000 [ 349.798292][ T30] audit: type=1326 audit(1753256693.624:243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6785 comm="syz.1.287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f869a38e9a9 code=0x7ffc0000 [ 349.823850][ T30] audit: type=1326 audit(1753256693.624:244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6785 comm="syz.1.287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=160 compat=0 ip=0x7f869a38e9a9 code=0x7ffc0000 [ 349.846586][ T30] audit: type=1326 audit(1753256693.624:245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6785 comm="syz.1.287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f869a38e9a9 code=0x7ffc0000 [ 349.869468][ T30] audit: type=1326 audit(1753256693.654:246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6785 comm="syz.1.287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f869a38e9a9 code=0x7ffc0000 [ 349.953199][ T6789] netlink: 3 bytes leftover after parsing attributes in process `syz.4.288'. [ 349.962784][ T6789] 0ªX¹¦À: renamed from caif0 [ 349.989952][ T6789] 0ªX¹¦À: entered allmulticast mode [ 349.995801][ T6789] A link change request failed with some changes committed already. Interface 60ªX¹¦À may have been left with an inconsistent configuration, please check. [ 350.683071][ C1] hrtimer: interrupt took 285769 ns [ 352.201257][ T6826] tipc: Started in network mode [ 352.207154][ T6826] tipc: Node identity 2afaa021b449, cluster identity 4711 [ 352.215503][ T6826] tipc: Enabled bearer , priority 0 [ 352.254531][ T6828] netlink: 'syz.3.300': attribute type 13 has an invalid length. [ 352.373636][ T6821] syzkaller0: entered promiscuous mode [ 352.379394][ T6821] syzkaller0: entered allmulticast mode [ 352.415478][ T6826] tipc: Resetting bearer [ 352.452699][ T1288] ieee802154 phy0 wpan0: encryption failed: -22 [ 352.461783][ T1288] ieee802154 phy1 wpan1: encryption failed: -22 [ 352.479753][ T6820] tipc: Resetting bearer [ 352.568156][ T6820] tipc: Disabling bearer [ 353.686617][ T6836] loop1: detected capacity change from 0 to 1024 [ 353.754421][ T6836] EXT4-fs: Ignoring removed orlov option [ 353.760841][ T6836] EXT4-fs: Ignoring removed mblk_io_submit option [ 353.850283][ T6836] EXT4-fs (loop1): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 354.005843][ T6836] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 354.652416][ T5829] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 355.379620][ T6855] loop2: detected capacity change from 0 to 2048 [ 355.458876][ T6855] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 355.477422][ T6862] tipc: Started in network mode [ 355.483165][ T6862] tipc: Node identity a676bf5097a7, cluster identity 4711 [ 355.491346][ T6862] tipc: Enabled bearer , priority 0 [ 355.502110][ T6862] syzkaller0: entered promiscuous mode [ 355.508038][ T6862] syzkaller0: entered allmulticast mode [ 355.584789][ T6862] tipc: Resetting bearer [ 355.653784][ T6860] tipc: Resetting bearer [ 355.659186][ T6855] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 355.686982][ T6860] tipc: Disabling bearer [ 355.689808][ T6855] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 54 with error 28 [ 355.705951][ T6855] EXT4-fs (loop2): This should not happen!! Data will be lost [ 355.705951][ T6855] [ 355.716328][ T6855] EXT4-fs (loop2): Total free blocks count 0 [ 355.722718][ T6855] EXT4-fs (loop2): Free/Dirty block details [ 355.729101][ T6855] EXT4-fs (loop2): free_blocks=2415919104 [ 355.738111][ T6855] EXT4-fs (loop2): dirty_blocks=64 [ 355.744597][ T6855] EXT4-fs (loop2): Block reservation details [ 355.750815][ T6855] EXT4-fs (loop2): i_reserved_data_blocks=4 [ 355.997448][ T6867] netlink: 'syz.1.313': attribute type 13 has an invalid length. [ 356.148501][ T5816] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 356.379122][ T6867] bridge0: port 2(bridge_slave_1) entered disabled state [ 356.389091][ T6867] bridge0: port 1(bridge_slave_0) entered disabled state [ 356.644312][ T6867] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 356.679635][ T6867] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 357.046522][ T6867] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 357.057781][ T6867] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 357.070674][ T6867] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 357.081288][ T6867] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 358.307932][ T5869] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 358.354360][ T5869] hid-generic 0000:0000:0000.0006: hidraw0: HID v0.00 Device [syz1] on syz0 [ 358.401064][ T6894] loop4: detected capacity change from 0 to 1024 [ 359.103824][ T6903] loop3: detected capacity change from 0 to 1024 [ 359.116039][ T6903] EXT4-fs: inline encryption not supported [ 359.122396][ T6903] EXT4-fs: Ignoring removed i_version option [ 359.171851][ T6903] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 359.256912][ T6903] EXT4-fs error (device loop3): ext4_map_blocks:816: inode #3: block 1: comm syz.3.327: lblock 1 mapped to illegal pblock 1 (length 1) [ 359.308502][ T6903] Quota error (device loop3): write_blk: dquota write failed [ 359.319136][ T6903] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota [ 359.330428][ T6903] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.327: Failed to acquire dquot type 0 [ 359.480529][ T6903] EXT4-fs error (device loop3): ext4_free_blocks:6587: comm syz.3.327: Freeing blocks not in datazone - block = 0, count = 4096 [ 359.534738][ T6903] EXT4-fs error (device loop3): ext4_read_inode_bitmap:139: comm syz.3.327: Invalid inode bitmap blk 0 in block_group 0 [ 359.602010][ T6903] EXT4-fs error (device loop3) in ext4_free_inode:361: Corrupt filesystem [ 359.650831][ T6903] EXT4-fs (loop3): 1 orphan inode deleted [ 359.659615][ T6903] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 359.822305][ T48] EXT4-fs error (device loop3): ext4_map_blocks:780: inode #3: block 1: comm kworker/u8:3: lblock 1 mapped to illegal pblock 1 (length 1) [ 359.934058][ T48] Quota error (device loop3): remove_tree: Can't read quota data block 1 [ 359.943326][ T48] EXT4-fs error (device loop3): ext4_release_dquot:6969: comm kworker/u8:3: Failed to release dquot type 0 [ 360.102752][ T6914] loop2: detected capacity change from 0 to 128 [ 360.112024][ T5815] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 360.303724][ T6916] netlink: 'syz.4.330': attribute type 13 has an invalid length. [ 361.356502][ T5869] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 361.420983][ T5869] hid-generic 0000:0000:0000.0007: hidraw0: HID v0.00 Device [syz1] on syz0 [ 361.439640][ T6932] loop0: detected capacity change from 0 to 1024 [ 361.752301][ T6939] netlink: 'syz.3.341': attribute type 4 has an invalid length. [ 362.191639][ T6941] netlink: 224 bytes leftover after parsing attributes in process `syz.2.340'. [ 362.201508][ T6941] ksmbd: Unknown IPC event: 3, ignore. [ 363.998817][ T6964] loop2: detected capacity change from 0 to 512 [ 364.131146][ T6964] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 364.145094][ T6964] ext4 filesystem being mounted at /file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 364.225574][ T6964] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 364.370297][ T6978] loop1: detected capacity change from 0 to 128 [ 364.582593][ T30] audit: type=1800 audit(1753256708.434:247): pid=6978 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.352" name="bus" dev="loop1" ino=1048608 res=0 errno=0 [ 364.705386][ T6983] capability: warning: `syz.2.355' uses 32-bit capabilities (legacy support in use) [ 365.012002][ T6988] loop3: detected capacity change from 0 to 2048 [ 365.134876][ T6990] tipc: Enabled bearer , priority 0 [ 365.191367][ T6995] syzkaller0: entered promiscuous mode [ 365.197602][ T6995] syzkaller0: entered allmulticast mode [ 365.291663][ T6990] tipc: Resetting bearer [ 365.314155][ T6988] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 365.349904][ T6989] tipc: Resetting bearer [ 365.406224][ T6989] tipc: Disabling bearer [ 365.887836][ T5815] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 367.126682][ T7014] loop2: detected capacity change from 0 to 512 [ 367.191150][ T7014] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 367.205398][ T7014] ext4 filesystem being mounted at /file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 367.232001][ T7014] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 367.780187][ T7027] loop3: detected capacity change from 0 to 128 [ 367.883495][ T7030] netlink: 8 bytes leftover after parsing attributes in process `syz.2.371'. [ 367.982024][ T30] audit: type=1800 audit(1753256711.834:248): pid=7027 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.370" name="bus" dev="loop3" ino=1048609 res=0 errno=0 [ 368.068300][ T7031] tipc: Enabled bearer , priority 0 [ 368.094667][ T7031] syzkaller0: entered promiscuous mode [ 368.100619][ T7031] syzkaller0: entered allmulticast mode [ 368.218667][ T7031] tipc: Resetting bearer [ 368.329846][ T7029] tipc: Resetting bearer [ 368.369212][ T7029] tipc: Disabling bearer [ 368.830104][ T2231] Process accounting resumed [ 368.876743][ T30] audit: type=1326 audit(1753256712.714:249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7037 comm="syz.1.376" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f869a38e9a9 code=0x7ffc0000 [ 368.900177][ T30] audit: type=1326 audit(1753256712.714:250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7037 comm="syz.1.376" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f869a38e9a9 code=0x7ffc0000 [ 368.923439][ T30] audit: type=1326 audit(1753256712.714:251): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7037 comm="syz.1.376" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f869a38e9a9 code=0x7ffc0000 [ 368.946267][ T30] audit: type=1326 audit(1753256712.724:252): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7037 comm="syz.1.376" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f869a38e9a9 code=0x7ffc0000 [ 368.968876][ T30] audit: type=1326 audit(1753256712.724:253): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7037 comm="syz.1.376" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f869a38e9a9 code=0x7ffc0000 [ 368.991846][ T30] audit: type=1326 audit(1753256712.724:254): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7037 comm="syz.1.376" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f869a38e9a9 code=0x7ffc0000 [ 369.014649][ T30] audit: type=1326 audit(1753256712.724:255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7037 comm="syz.1.376" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f869a38e9a9 code=0x7ffc0000 [ 369.593682][ T30] audit: type=1326 audit(1753256712.894:256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7037 comm="syz.1.376" exe="/root/syz-executor" sig=0 arch=c000003e syscall=85 compat=0 ip=0x7f869a38e9a9 code=0x7ffc0000 [ 369.616331][ T30] audit: type=1326 audit(1753256712.894:257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7037 comm="syz.1.376" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f869a38e9a9 code=0x7ffc0000 [ 369.639969][ T30] audit: type=1326 audit(1753256712.904:258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7037 comm="syz.1.376" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f869a38e9a9 code=0x7ffc0000 [ 369.662740][ T30] audit: type=1326 audit(1753256712.904:259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7037 comm="syz.1.376" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f869a38e9a9 code=0x7ffc0000 [ 369.686379][ T30] audit: type=1326 audit(1753256712.914:260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7037 comm="syz.1.376" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f869a38e9a9 code=0x7ffc0000 [ 369.709488][ T30] audit: type=1326 audit(1753256712.914:261): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7037 comm="syz.1.376" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f869a38e9a9 code=0x7ffc0000 [ 369.732183][ T30] audit: type=1326 audit(1753256712.914:262): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7037 comm="syz.1.376" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f869a38e9a9 code=0x7ffc0000 [ 369.754900][ T30] audit: type=1326 audit(1753256712.984:263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7037 comm="syz.1.376" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f869a385967 code=0x7ffc0000 [ 369.777566][ T30] audit: type=1326 audit(1753256712.984:264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7037 comm="syz.1.376" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f869a32ab89 code=0x7ffc0000 [ 369.800217][ T30] audit: type=1326 audit(1753256712.984:265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7037 comm="syz.1.376" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f869a38e9a9 code=0x7ffc0000 [ 370.367852][ T7055] macvtap0: refused to change device tx_queue_len [ 370.473371][ T7058] netlink: 12 bytes leftover after parsing attributes in process `syz.4.381'. [ 370.509260][ T7059] loop0: detected capacity change from 0 to 512 [ 370.624992][ T7065] netlink: 8 bytes leftover after parsing attributes in process `syz.3.384'. [ 370.626603][ T7059] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 370.647417][ T7059] ext4 filesystem being mounted at /file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 370.702592][ T7059] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 370.848591][ T7068] loop1: detected capacity change from 0 to 128 [ 371.234937][ T7077] tipc: Started in network mode [ 371.240166][ T7077] tipc: Node identity 5e0e47d9f62a, cluster identity 4711 [ 371.248718][ T7077] tipc: Enabled bearer , priority 0 [ 371.742729][ T7075] syzkaller0: entered promiscuous mode [ 371.748789][ T7075] syzkaller0: entered allmulticast mode [ 371.775666][ T7077] tipc: Resetting bearer [ 371.936242][ T7073] tipc: Resetting bearer [ 371.975847][ T7073] tipc: Disabling bearer [ 373.875974][ T7101] netlink: 12 bytes leftover after parsing attributes in process `syz.2.397'. [ 374.337814][ T7105] loop2: detected capacity change from 0 to 512 [ 374.494698][ T7105] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 374.508107][ T7105] ext4 filesystem being mounted at /file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 374.650132][ T7105] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 374.709740][ T7112] loop4: detected capacity change from 0 to 1024 [ 374.765753][ T7112] EXT4-fs: inline encryption not supported [ 374.772043][ T7112] EXT4-fs: Ignoring removed i_version option [ 374.849490][ T7112] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 374.959495][ T7112] EXT4-fs error (device loop4): ext4_map_blocks:780: inode #3: block 2: comm syz.4.402: lblock 2 mapped to illegal pblock 2 (length 1) [ 375.031797][ T7112] __quota_error: 57 callbacks suppressed [ 375.031878][ T7112] Quota error (device loop4): qtree_write_dquot: dquota write failed [ 375.047113][ T7112] EXT4-fs error (device loop4): ext4_map_blocks:780: inode #3: block 48: comm syz.4.402: lblock 0 mapped to illegal pblock 48 (length 1) [ 375.072223][ T7112] Quota error (device loop4): v2_write_file_info: Can't write info structure [ 375.081883][ T7112] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.402: Failed to acquire dquot type 0 [ 375.106750][ T7112] EXT4-fs error (device loop4) in ext4_reserve_inode_write:6255: Corrupt filesystem [ 375.165870][ T5818] Bluetooth: hci4: command 0x0406 tx timeout [ 375.173173][ T5818] Bluetooth: hci0: command 0x0406 tx timeout [ 375.179622][ T5818] Bluetooth: hci1: command 0x0406 tx timeout [ 375.193355][ T5818] Bluetooth: hci2: command 0x0406 tx timeout [ 375.199801][ T5818] Bluetooth: hci3: command 0x0406 tx timeout [ 375.240968][ T7120] loop3: detected capacity change from 0 to 512 [ 375.298367][ T7112] EXT4-fs error (device loop4): ext4_evict_inode:254: inode #11: comm syz.4.402: mark_inode_dirty error [ 375.331625][ T7120] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 375.345040][ T7120] ext4 filesystem being mounted at /88/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 375.409846][ T7115] loop1: detected capacity change from 0 to 128 [ 375.501794][ T7120] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #2: comm syz.3.401: corrupted inode contents [ 375.517802][ T7120] EXT4-fs error (device loop3): ext4_dirty_inode:6459: inode #2: comm syz.3.401: mark_inode_dirty error [ 375.552414][ T7120] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.401: bg 0: block 328: padding at end of block bitmap is not set [ 375.614323][ T7112] EXT4-fs warning (device loop4): ext4_evict_inode:257: couldn't mark inode dirty (err -117) [ 375.625441][ T7112] EXT4-fs (loop4): 1 orphan inode deleted [ 375.633891][ T7112] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 375.800019][ T7115] FAT-fs (loop1): Directory bread(block 162) failed [ 375.809481][ T7115] FAT-fs (loop1): Directory bread(block 163) failed [ 375.817469][ T7115] FAT-fs (loop1): Directory bread(block 164) failed [ 375.824581][ T7115] FAT-fs (loop1): Directory bread(block 165) failed [ 375.831473][ T7115] FAT-fs (loop1): Directory bread(block 166) failed [ 375.838547][ T7115] FAT-fs (loop1): Directory bread(block 167) failed [ 375.845578][ T7115] FAT-fs (loop1): Directory bread(block 168) failed [ 375.852461][ T7115] FAT-fs (loop1): Directory bread(block 169) failed [ 376.088965][ T3731] EXT4-fs error (device loop4): ext4_map_blocks:780: inode #3: block 1: comm kworker/u8:16: lblock 1 mapped to illegal pblock 1 (length 1) [ 376.138365][ T7115] FAT-fs (loop1): Directory bread(block 162) failed [ 376.145568][ T7115] FAT-fs (loop1): Directory bread(block 163) failed [ 376.188177][ T3731] Quota error (device loop4): remove_tree: Can't read quota data block 1 [ 376.197195][ T3731] EXT4-fs error (device loop4): ext4_release_dquot:6969: comm kworker/u8:16: Failed to release dquot type 0 [ 376.262700][ T7115] syz.1.403: attempt to access beyond end of device [ 376.262700][ T7115] loop1: rw=3, sector=226, nr_sectors = 6 limit=128 [ 376.276961][ T7115] syz.1.403: attempt to access beyond end of device [ 376.276961][ T7115] loop1: rw=2051, sector=232, nr_sectors = 2 limit=128 [ 376.321043][ T30] audit: type=1326 audit(1753256720.174:323): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7124 comm="syz.2.405" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f608f58e9a9 code=0x7ffc0000 [ 376.343838][ T30] audit: type=1326 audit(1753256720.174:324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7124 comm="syz.2.405" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f608f58e9a9 code=0x7ffc0000 [ 376.373244][ T5827] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 376.417291][ T5827] EXT4-fs error (device loop4): __ext4_get_inode_loc:4792: comm syz-executor: Invalid inode table block 1 in block_group 0 [ 376.505399][ T5827] EXT4-fs error (device loop4) in ext4_reserve_inode_write:6255: Corrupt filesystem [ 376.562254][ T5827] EXT4-fs error (device loop4): ext4_quota_off:7217: inode #3: comm syz-executor: mark_inode_dirty error [ 377.319060][ T30] audit: type=1326 audit(1753256720.334:325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7124 comm="syz.2.405" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f608f58e9a9 code=0x7ffc0000 [ 377.336465][ T7132] netlink: 12 bytes leftover after parsing attributes in process `syz.2.409'. [ 377.341738][ T30] audit: type=1326 audit(1753256720.334:326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7124 comm="syz.2.405" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f608f58e9a9 code=0x7ffc0000 [ 377.341955][ T30] audit: type=1326 audit(1753256720.334:327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7124 comm="syz.2.405" exe="/root/syz-executor" sig=0 arch=c000003e syscall=275 compat=0 ip=0x7f608f58e9a9 code=0x7ffc0000 [ 377.342211][ T30] audit: type=1326 audit(1753256720.334:328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7124 comm="syz.2.405" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f608f58e9a9 code=0x7ffc0000 [ 377.342433][ T30] audit: type=1326 audit(1753256720.334:329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7124 comm="syz.2.405" exe="/root/syz-executor" sig=0 arch=c000003e syscall=228 compat=0 ip=0x7f608f58e9a9 code=0x7ffc0000 [ 378.131417][ T7135] Zero length message leads to an empty skb [ 379.244697][ T7145] loop4: detected capacity change from 0 to 128 [ 379.305679][ T7145] vfat: Unknown parameter '·' [ 379.765906][ T7145] loop4: detected capacity change from 0 to 2048 [ 379.954541][ T7154] netlink: 24 bytes leftover after parsing attributes in process `syz.2.416'. [ 380.075488][ T7145] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 380.257973][ T30] kauditd_printk_skb: 57 callbacks suppressed [ 380.258057][ T30] audit: type=1326 audit(1753256724.014:387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7144 comm="syz.4.413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f70a4d8d310 code=0x7ffc0000 [ 380.288332][ T30] audit: type=1326 audit(1753256724.014:388): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7144 comm="syz.4.413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=80 compat=0 ip=0x7f70a4d8d6f7 code=0x7ffc0000 [ 380.312786][ T30] audit: type=1326 audit(1753256724.014:389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7144 comm="syz.4.413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f70a4d8d310 code=0x7ffc0000 [ 380.336414][ T30] audit: type=1326 audit(1753256724.014:390): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7144 comm="syz.4.413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f70a4d8e9a9 code=0x7ffc0000 [ 380.358767][ C1] vkms_vblank_simulate: vblank timer overrun [ 380.365883][ T30] audit: type=1326 audit(1753256724.034:391): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7144 comm="syz.4.413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=285 compat=0 ip=0x7f70a4d8e9a9 code=0x7ffc0000 [ 380.388244][ C1] vkms_vblank_simulate: vblank timer overrun [ 380.394941][ T30] audit: type=1326 audit(1753256724.034:392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7144 comm="syz.4.413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f70a4d8e9a9 code=0x7ffc0000 [ 380.419418][ T30] audit: type=1326 audit(1753256724.064:393): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7144 comm="syz.4.413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f70a4d8e9a9 code=0x7ffc0000 [ 380.441714][ C1] vkms_vblank_simulate: vblank timer overrun [ 380.449066][ T30] audit: type=1326 audit(1753256724.064:394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7144 comm="syz.4.413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f70a4d8e9a9 code=0x7ffc0000 [ 380.471571][ C1] vkms_vblank_simulate: vblank timer overrun [ 380.925812][ T5827] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 381.109970][ T30] audit: type=1326 audit(1753256724.944:395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7162 comm="syz.0.419" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f66db78e9a9 code=0x7ffc0000 [ 381.134869][ T30] audit: type=1326 audit(1753256724.944:396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7162 comm="syz.0.419" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f66db78e9a9 code=0x7ffc0000 [ 381.157279][ C1] vkms_vblank_simulate: vblank timer overrun [ 381.795063][ T7166] netlink: 12 bytes leftover after parsing attributes in process `syz.2.421'. [ 382.848489][ T7175] Cannot find add_set index 0 as target [ 383.164055][ T5815] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 383.420882][ T7181] netlink: 24 bytes leftover after parsing attributes in process `syz.2.428'. [ 383.782488][ T7191] loop1: detected capacity change from 0 to 512 [ 383.883579][ T7191] EXT4-fs error (device loop1): ext4_orphan_get:1393: inode #15: comm syz.1.429: casefold flag without casefold feature [ 383.957162][ T7191] EXT4-fs error (device loop1): ext4_orphan_get:1398: comm syz.1.429: couldn't read orphan inode 15 (err -117) [ 383.976091][ T7191] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 383.991395][ T7190] loop0: detected capacity change from 0 to 128 [ 384.055340][ T7190] vfat: Unknown parameter '·' [ 384.440381][ T7190] loop0: detected capacity change from 0 to 2048 [ 384.615397][ T7190] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 384.910417][ T7214] netlink: 12 bytes leftover after parsing attributes in process `syz.3.434'. [ 384.925723][ T5814] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 385.331954][ T5829] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 385.356718][ T30] kauditd_printk_skb: 105 callbacks suppressed [ 385.356797][ T30] audit: type=1326 audit(1753256729.214:502): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7222 comm="syz.3.438" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa86c98e9a9 code=0x7ffc0000 [ 385.386578][ T30] audit: type=1326 audit(1753256729.224:503): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7222 comm="syz.3.438" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa86c98e9a9 code=0x7ffc0000 [ 385.409372][ T30] audit: type=1326 audit(1753256729.244:504): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7222 comm="syz.3.438" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa86c98e9a9 code=0x7ffc0000 [ 385.433795][ T30] audit: type=1326 audit(1753256729.244:505): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7222 comm="syz.3.438" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa86c98e9a9 code=0x7ffc0000 [ 385.457179][ T30] audit: type=1326 audit(1753256729.244:506): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7222 comm="syz.3.438" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa86c98e9a9 code=0x7ffc0000 [ 385.480115][ T30] audit: type=1326 audit(1753256729.244:507): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7222 comm="syz.3.438" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa86c98e9a9 code=0x7ffc0000 [ 385.503006][ T30] audit: type=1326 audit(1753256729.244:508): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7222 comm="syz.3.438" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa86c98e9a9 code=0x7ffc0000 [ 385.525735][ T30] audit: type=1326 audit(1753256729.244:509): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7222 comm="syz.3.438" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa86c98e9a9 code=0x7ffc0000 [ 385.550452][ T30] audit: type=1326 audit(1753256729.244:510): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7222 comm="syz.3.438" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa86c98e9a9 code=0x7ffc0000 [ 385.576319][ T30] audit: type=1326 audit(1753256729.244:511): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7222 comm="syz.3.438" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa86c98e9a9 code=0x7ffc0000 [ 387.311531][ T7249] netlink: 12 bytes leftover after parsing attributes in process `syz.0.448'. [ 387.594776][ T7253] loop4: detected capacity change from 0 to 1024 [ 387.621653][ T7253] EXT4-fs: Ignoring removed nobh option [ 387.627835][ T7253] EXT4-fs: Ignoring removed bh option [ 387.697608][ T7253] EXT4-fs (loop4): can't mount with data=, fs mounted w/o journal [ 392.990840][ T7345] loop3: detected capacity change from 0 to 128 [ 393.012502][ T7331] loop2: detected capacity change from 0 to 8192 [ 393.152505][ T7344] syzkaller0: entered promiscuous mode [ 393.158502][ T7344] syzkaller0: entered allmulticast mode [ 393.187807][ T7345] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 393.275253][ T7345] ext4 filesystem being mounted at /99/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 393.747104][ T5815] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 395.270532][ T7380] syzkaller0: entered promiscuous mode [ 395.276440][ T7380] syzkaller0: entered allmulticast mode [ 396.938334][ T7407] loop4: detected capacity change from 0 to 4096 [ 397.139837][ T7407] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 397.589474][ T30] kauditd_printk_skb: 41 callbacks suppressed [ 397.589563][ T30] audit: type=1326 audit(1753256741.444:553): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7406 comm="syz.4.518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f70a4d8e9a9 code=0x7ffc0000 [ 397.687160][ T7429] loop2: detected capacity change from 0 to 764 [ 397.701348][ T30] audit: type=1326 audit(1753256741.484:554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7406 comm="syz.4.518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=310 compat=0 ip=0x7f70a4d8e9a9 code=0x7ffc0000 [ 397.724764][ T30] audit: type=1326 audit(1753256741.484:555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7406 comm="syz.4.518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f70a4d8e9a9 code=0x7ffc0000 [ 397.747130][ C0] vkms_vblank_simulate: vblank timer overrun [ 397.753929][ T30] audit: type=1326 audit(1753256741.484:556): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7406 comm="syz.4.518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=82 compat=0 ip=0x7f70a4d8e9a9 code=0x7ffc0000 [ 397.776213][ C0] vkms_vblank_simulate: vblank timer overrun [ 397.782888][ T30] audit: type=1326 audit(1753256741.504:557): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7406 comm="syz.4.518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f70a4d8e9a9 code=0x7ffc0000 [ 397.846210][ T7429] Symlink component flag not implemented [ 397.852609][ T7429] Symlink component flag not implemented (101) [ 397.889753][ T5827] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 398.799128][ T11] hid-generic 0008:0006:0007.0008: unknown main item tag 0x0 [ 398.807012][ T11] hid-generic 0008:0006:0007.0008: unknown main item tag 0x0 [ 398.814905][ T11] hid-generic 0008:0006:0007.0008: unknown main item tag 0x0 [ 398.822618][ T11] hid-generic 0008:0006:0007.0008: unknown main item tag 0x0 [ 398.830432][ T11] hid-generic 0008:0006:0007.0008: unknown main item tag 0x0 [ 398.838424][ T11] hid-generic 0008:0006:0007.0008: unknown main item tag 0x0 [ 398.846944][ T11] hid-generic 0008:0006:0007.0008: unknown main item tag 0x0 [ 398.854770][ T11] hid-generic 0008:0006:0007.0008: unknown main item tag 0x0 [ 398.862514][ T11] hid-generic 0008:0006:0007.0008: unknown main item tag 0x0 [ 398.870351][ T11] hid-generic 0008:0006:0007.0008: unknown main item tag 0x0 [ 398.878308][ T11] hid-generic 0008:0006:0007.0008: unknown main item tag 0x0 [ 398.886094][ T11] hid-generic 0008:0006:0007.0008: unknown main item tag 0x0 [ 398.893936][ T11] hid-generic 0008:0006:0007.0008: unknown main item tag 0x0 [ 398.901639][ T11] hid-generic 0008:0006:0007.0008: unknown main item tag 0x0 [ 398.909463][ T11] hid-generic 0008:0006:0007.0008: unknown main item tag 0x0 [ 398.917281][ T11] hid-generic 0008:0006:0007.0008: unknown main item tag 0x0 [ 398.925109][ T11] hid-generic 0008:0006:0007.0008: unknown main item tag 0x0 [ 398.933096][ T11] hid-generic 0008:0006:0007.0008: unknown main item tag 0x0 [ 398.940805][ T11] hid-generic 0008:0006:0007.0008: unknown main item tag 0x0 [ 398.948692][ T11] hid-generic 0008:0006:0007.0008: unknown main item tag 0x0 [ 398.956543][ T11] hid-generic 0008:0006:0007.0008: unknown main item tag 0x0 [ 398.964396][ T11] hid-generic 0008:0006:0007.0008: unknown main item tag 0x0 [ 398.972085][ T11] hid-generic 0008:0006:0007.0008: unknown main item tag 0x0 [ 398.979913][ T11] hid-generic 0008:0006:0007.0008: unknown main item tag 0x0 [ 398.987793][ T11] hid-generic 0008:0006:0007.0008: unknown main item tag 0x0 [ 398.987963][ T11] hid-generic 0008:0006:0007.0008: unknown main item tag 0x0 [ 398.988131][ T11] hid-generic 0008:0006:0007.0008: unknown main item tag 0x0 [ 398.988299][ T11] hid-generic 0008:0006:0007.0008: unknown main item tag 0x0 [ 398.988477][ T11] hid-generic 0008:0006:0007.0008: unknown main item tag 0x0 [ 398.988654][ T11] hid-generic 0008:0006:0007.0008: unknown main item tag 0x0 [ 398.988812][ T11] hid-generic 0008:0006:0007.0008: unknown main item tag 0x0 [ 398.988964][ T11] hid-generic 0008:0006:0007.0008: unknown main item tag 0x0 [ 398.989116][ T11] hid-generic 0008:0006:0007.0008: unknown main item tag 0x0 [ 398.989263][ T11] hid-generic 0008:0006:0007.0008: unknown main item tag 0x0 [ 398.989420][ T11] hid-generic 0008:0006:0007.0008: unknown main item tag 0x0 [ 398.989578][ T11] hid-generic 0008:0006:0007.0008: unknown main item tag 0x0 [ 398.989717][ T11] hid-generic 0008:0006:0007.0008: unknown main item tag 0x0 [ 398.989860][ T11] hid-generic 0008:0006:0007.0008: unknown main item tag 0x0 [ 398.990001][ T11] hid-generic 0008:0006:0007.0008: unknown main item tag 0x0 [ 398.990140][ T11] hid-generic 0008:0006:0007.0008: unknown main item tag 0x0 [ 398.990282][ T11] hid-generic 0008:0006:0007.0008: unknown main item tag 0x0 [ 398.990433][ T11] hid-generic 0008:0006:0007.0008: unknown main item tag 0x0 [ 398.990576][ T11] hid-generic 0008:0006:0007.0008: unknown main item tag 0x0 [ 398.990742][ T11] hid-generic 0008:0006:0007.0008: unknown main item tag 0x0 [ 398.990904][ T11] hid-generic 0008:0006:0007.0008: unknown main item tag 0x0 [ 398.991064][ T11] hid-generic 0008:0006:0007.0008: unknown main item tag 0x0 [ 398.991217][ T11] hid-generic 0008:0006:0007.0008: unknown main item tag 0x0 [ 398.991369][ T11] hid-generic 0008:0006:0007.0008: unknown main item tag 0x0 [ 398.991529][ T11] hid-generic 0008:0006:0007.0008: unknown main item tag 0x0 [ 398.991682][ T11] hid-generic 0008:0006:0007.0008: unknown main item tag 0x0 [ 398.991833][ T11] hid-generic 0008:0006:0007.0008: unknown main item tag 0x0 [ 398.991980][ T11] hid-generic 0008:0006:0007.0008: unknown main item tag 0x0 [ 398.992184][ T11] hid-generic 0008:0006:0007.0008: unknown main item tag 0x0 [ 399.072670][ T30] audit: type=1326 audit(1753256742.894:558): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7442 comm="syz.0.530" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f66db78e9a9 code=0x7ffc0000 [ 399.073298][ T30] audit: type=1326 audit(1753256742.894:559): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7442 comm="syz.0.530" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f66db78e9a9 code=0x7ffc0000 [ 399.073610][ T30] audit: type=1326 audit(1753256742.894:560): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7442 comm="syz.0.530" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f66db78e9a9 code=0x7ffc0000 [ 399.073949][ T30] audit: type=1326 audit(1753256742.894:561): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7442 comm="syz.0.530" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f66db78e9a9 code=0x7ffc0000 [ 399.074254][ T30] audit: type=1326 audit(1753256742.894:562): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7442 comm="syz.0.530" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f66db78e9a9 code=0x7ffc0000 [ 399.169269][ T11] hid-generic 0008:0006:0007.0008: hidraw0: HID v0.0b Device [syz1] on syz1 [ 399.794991][ T7458] loop1: detected capacity change from 0 to 1024 [ 399.797988][ T7458] EXT4-fs: inline encryption not supported [ 400.053978][ T7458] EXT4-fs: Ignoring removed i_version option [ 400.085370][ T7458] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 400.185998][ T7458] EXT4-fs error (device loop1): ext4_map_blocks:816: inode #3: block 1: comm syz.1.535: lblock 1 mapped to illegal pblock 1 (length 1) [ 400.243132][ T7458] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.535: Failed to acquire dquot type 0 [ 400.311648][ T7458] EXT4-fs error (device loop1): ext4_free_blocks:6587: comm syz.1.535: Freeing blocks not in datazone - block = 0, count = 4096 [ 400.351734][ T7458] EXT4-fs error (device loop1): ext4_read_inode_bitmap:139: comm syz.1.535: Invalid inode bitmap blk 0 in block_group 0 [ 400.383289][ T48] EXT4-fs error (device loop1): ext4_map_blocks:780: inode #3: block 1: comm kworker/u8:3: lblock 1 mapped to illegal pblock 1 (length 1) [ 400.437467][ T7458] EXT4-fs error (device loop1) in ext4_free_inode:361: Corrupt filesystem [ 400.453029][ T48] EXT4-fs error (device loop1): ext4_release_dquot:6969: comm kworker/u8:3: Failed to release dquot type 0 [ 400.481671][ T7458] EXT4-fs (loop1): 1 orphan inode deleted [ 400.490239][ T7458] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 400.730511][ T5829] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 402.142266][ T7492] loop4: detected capacity change from 0 to 1024 [ 402.186280][ T7492] EXT4-fs: inline encryption not supported [ 402.192566][ T7492] EXT4-fs: Ignoring removed i_version option [ 402.240987][ T7492] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 402.350381][ T7492] EXT4-fs error (device loop4): ext4_map_blocks:816: inode #3: block 1: comm syz.4.550: lblock 1 mapped to illegal pblock 1 (length 1) [ 402.403900][ T7492] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.550: Failed to acquire dquot type 0 [ 402.434688][ T7492] EXT4-fs error (device loop4): ext4_free_blocks:6587: comm syz.4.550: Freeing blocks not in datazone - block = 0, count = 4096 [ 402.485602][ T7492] EXT4-fs error (device loop4): ext4_read_inode_bitmap:139: comm syz.4.550: Invalid inode bitmap blk 0 in block_group 0 [ 402.506384][ T3958] EXT4-fs error (device loop4): ext4_map_blocks:780: inode #3: block 1: comm kworker/u8:21: lblock 1 mapped to illegal pblock 1 (length 1) [ 402.513595][ T7492] EXT4-fs error (device loop4) in ext4_free_inode:361: Corrupt filesystem [ 402.559899][ T3958] EXT4-fs error (device loop4): ext4_release_dquot:6969: comm kworker/u8:21: Failed to release dquot type 0 [ 402.579523][ T7492] EXT4-fs (loop4): 1 orphan inode deleted [ 402.588346][ T7492] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 402.670158][ T7505] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 402.699656][ T7505] netlink: 12 bytes leftover after parsing attributes in process `syz.1.553'. [ 402.725637][ T7505] vlan2: entered promiscuous mode [ 402.731020][ T7505] syz_tun: entered promiscuous mode [ 402.911817][ T5827] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 403.594673][ T7520] loop2: detected capacity change from 0 to 512 [ 403.665392][ T7520] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 403.679490][ T7520] ext4 filesystem being mounted at /106/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 403.951116][ T7525] hub 9-0:1.0: USB hub found [ 403.997321][ T7525] hub 9-0:1.0: 1 port detected [ 404.498766][ T5816] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 405.197012][ T7546] netlink: 36 bytes leftover after parsing attributes in process `syz.0.568'. [ 405.599505][ T7548] bond0: entered promiscuous mode [ 405.607375][ T7548] bond_slave_0: entered promiscuous mode [ 405.615110][ T7548] bond_slave_1: entered promiscuous mode [ 405.627796][ T7548] batadv0: entered promiscuous mode [ 405.637009][ T7548] hsr1: Slave A (bond0) is not up; please bring it up to get a fully working HSR network [ 405.647569][ T7548] hsr1: Slave B (batadv0) is not up; please bring it up to get a fully working HSR network [ 405.659954][ T7548] 8021q: adding VLAN 0 to HW filter on device hsr1 [ 405.760871][ T7548] bond0: left promiscuous mode [ 405.766353][ T7548] bond_slave_0: left promiscuous mode [ 405.773180][ T7548] bond_slave_1: left promiscuous mode [ 405.798024][ T7548] batadv0: left promiscuous mode [ 405.947497][ T7555] loop3: detected capacity change from 0 to 512 [ 406.015532][ T7555] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 406.440374][ T7561] loop4: detected capacity change from 0 to 512 [ 406.476402][ T5815] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 406.523500][ T7561] EXT4-fs error (device loop4): ext4_orphan_get:1393: inode #15: comm syz.4.573: casefold flag without casefold feature [ 406.637185][ T7561] EXT4-fs error (device loop4): ext4_orphan_get:1398: comm syz.4.573: couldn't read orphan inode 15 (err -117) [ 406.654039][ T7561] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 407.314121][ T5827] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 407.930389][ T7583] netlink: 36 bytes leftover after parsing attributes in process `syz.2.581'. [ 408.935721][ T7590] loop1: detected capacity change from 0 to 1024 [ 408.977883][ T7590] EXT4-fs: Ignoring removed nobh option [ 409.046285][ T7590] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 409.057846][ T7590] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 409.219540][ T7590] JBD2: no valid journal superblock found [ 409.225976][ T7590] EXT4-fs (loop1): Could not load journal inode [ 409.805864][ T7601] loop0: detected capacity change from 0 to 512 [ 409.853927][ T7601] EXT4-fs error (device loop0): ext4_orphan_get:1393: inode #15: comm syz.0.588: casefold flag without casefold feature [ 409.940056][ T7601] EXT4-fs error (device loop0): ext4_orphan_get:1398: comm syz.0.588: couldn't read orphan inode 15 (err -117) [ 410.010775][ T7601] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 410.278643][ T7613] netlink: 36 bytes leftover after parsing attributes in process `syz.1.593'. [ 410.525898][ T5814] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 412.444350][ T30] kauditd_printk_skb: 11 callbacks suppressed [ 412.444420][ T30] audit: type=1326 audit(1753256756.294:568): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7642 comm="syz.0.606" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f66db78e9a9 code=0x7ffc0000 [ 412.476729][ T30] audit: type=1326 audit(1753256756.304:569): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7642 comm="syz.0.606" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f66db78e9a9 code=0x7ffc0000 [ 412.501123][ T30] audit: type=1326 audit(1753256756.304:570): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7642 comm="syz.0.606" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f66db78e9a9 code=0x7ffc0000 [ 412.524030][ T30] audit: type=1326 audit(1753256756.304:571): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7642 comm="syz.0.606" exe="/root/syz-executor" sig=0 arch=c000003e syscall=140 compat=0 ip=0x7f66db78e9a9 code=0x7ffc0000 [ 412.546927][ T30] audit: type=1326 audit(1753256756.304:572): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7642 comm="syz.0.606" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f66db78e9a9 code=0x7ffc0000 [ 412.569276][ C1] vkms_vblank_simulate: vblank timer overrun [ 412.727147][ T7648] netlink: 36 bytes leftover after parsing attributes in process `syz.3.607'. [ 413.749187][ T7654] loop4: detected capacity change from 0 to 1024 [ 413.868700][ T7654] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 413.914677][ T1288] ieee802154 phy0 wpan0: encryption failed: -22 [ 413.921433][ T1288] ieee802154 phy1 wpan1: encryption failed: -22 [ 413.952601][ T30] audit: type=1800 audit(1753256757.804:573): pid=7654 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.611" name="file1" dev="loop4" ino=15 res=0 errno=0 [ 414.229987][ T7654] EXT4-fs error (device loop4): mb_free_blocks:1948: group 0, inode 15: block 241:freeing already freed block (bit 15); block bitmap corrupt. [ 414.672352][ T5827] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 415.023768][ T7679] usb usb1: usbfs: process 7679 (syz.4.617) did not claim interface 0 before use [ 415.508751][ T7687] netlink: 36 bytes leftover after parsing attributes in process `syz.0.622'. [ 419.352711][ T30] audit: type=1326 audit(1753256763.204:574): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7742 comm="syz.4.641" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f70a4d8e9a9 code=0x7ffc0000 [ 419.377310][ T30] audit: type=1326 audit(1753256763.204:575): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7742 comm="syz.4.641" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f70a4d8d310 code=0x7ffc0000 [ 419.400272][ T30] audit: type=1326 audit(1753256763.204:576): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7742 comm="syz.4.641" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7f70a4d901d7 code=0x7ffc0000 [ 419.423204][ T30] audit: type=1326 audit(1753256763.204:577): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7742 comm="syz.4.641" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f70a4d8e9a9 code=0x7ffc0000 [ 419.446008][ T30] audit: type=1326 audit(1753256763.204:578): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7742 comm="syz.4.641" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7f70a4d901d7 code=0x7ffc0000 [ 419.553268][ T30] audit: type=1326 audit(1753256763.334:579): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7742 comm="syz.4.641" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f70a4d8d60a code=0x7ffc0000 [ 419.575865][ T30] audit: type=1326 audit(1753256763.334:580): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7742 comm="syz.4.641" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7f70a4d8e9a9 code=0x7ffc0000 [ 419.599610][ T30] audit: type=1326 audit(1753256763.344:581): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7742 comm="syz.4.641" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f70a4d8d60a code=0x7ffc0000 [ 419.622223][ T30] audit: type=1326 audit(1753256763.344:582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7742 comm="syz.4.641" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f70a4d8e9a9 code=0x7ffc0000 [ 420.725890][ T7764] loop2: detected capacity change from 0 to 1024 [ 421.031642][ T7768] loop3: detected capacity change from 0 to 128 [ 421.084511][ T7768] FAT-fs (loop3): Directory bread(block 162) failed [ 421.091598][ T7768] FAT-fs (loop3): Directory bread(block 163) failed [ 421.099567][ T7768] FAT-fs (loop3): Directory bread(block 164) failed [ 421.106561][ T7768] FAT-fs (loop3): Directory bread(block 165) failed [ 421.113575][ T7768] FAT-fs (loop3): Directory bread(block 166) failed [ 421.120459][ T7768] FAT-fs (loop3): Directory bread(block 167) failed [ 421.127654][ T7768] FAT-fs (loop3): Directory bread(block 168) failed [ 421.134695][ T7768] FAT-fs (loop3): Directory bread(block 169) failed [ 421.272718][ T7768] FAT-fs (loop3): Directory bread(block 162) failed [ 421.279964][ T7768] FAT-fs (loop3): Directory bread(block 163) failed [ 421.303641][ T7768] syz.3.651: attempt to access beyond end of device [ 421.303641][ T7768] loop3: rw=3, sector=226, nr_sectors = 6 limit=128 [ 421.317736][ T7768] syz.3.651: attempt to access beyond end of device [ 421.317736][ T7768] loop3: rw=2051, sector=232, nr_sectors = 2 limit=128 [ 421.727155][ T7775] loop0: detected capacity change from 0 to 2048 [ 421.795358][ T7775] loop0: p2 < > p3 < p5 > p4 [ 421.800619][ T7775] loop0: partition table partially beyond EOD, truncated [ 421.808544][ T7775] loop0: p2 start 4278190080 is beyond EOD, truncated [ 421.819328][ T7775] loop0: p4 size 8192 extends beyond EOD, truncated [ 421.830693][ T7775] loop0: p5 size 8192 extends beyond EOD, truncated [ 421.973525][ T7782] tipc: Enabling of bearer rejected, failed to enable media [ 422.734373][ T7793] pim6reg1: entered promiscuous mode [ 422.739998][ T7793] pim6reg1: entered allmulticast mode [ 423.186514][ T30] audit: type=1326 audit(1753256767.034:583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7799 comm="syz.3.663" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa86c98e9a9 code=0x7ffc0000 [ 423.464408][ T7802] loop3: detected capacity change from 0 to 512 [ 423.476170][ T5825] Bluetooth: hci4: command 0x0406 tx timeout [ 423.516632][ T7802] EXT4-fs: Ignoring removed oldalloc option [ 423.718917][ T7802] EXT4-fs error (device loop3): ext4_xattr_inode_iget:433: comm syz.3.663: Parent and EA inode have the same ino 15 [ 424.718999][ T7815] netlink: 'syz.2.667': attribute type 1 has an invalid length. [ 424.813386][ T7817] netlink: 8 bytes leftover after parsing attributes in process `syz.2.667'. [ 424.846339][ T7817] 8021q: adding VLAN 0 to HW filter on device batadv1 [ 424.864741][ T7817] bond1: (slave batadv1): Enslaving as a backup interface with an up link [ 424.920345][ T30] kauditd_printk_skb: 11 callbacks suppressed [ 424.920430][ T30] audit: type=1326 audit(1753256768.774:595): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7799 comm="syz.3.663" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa86c98e9a9 code=0x7ffc0000 [ 424.944579][ T7815] bond1 (unregistering): (slave batadv1): Releasing backup interface [ 424.950550][ T30] audit: type=1326 audit(1753256768.804:596): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7799 comm="syz.3.663" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa86c98e9a9 code=0x7ffc0000 [ 425.006544][ T7815] bond1 (unregistering): Released all slaves [ 425.678063][ T7802] EXT4-fs warning (device loop3): ext4_expand_extra_isize_ea:2848: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 425.692062][ T7802] EXT4-fs error (device loop3): ext4_xattr_inode_iget:433: comm syz.3.663: Parent and EA inode have the same ino 15 [ 425.799676][ T7802] EXT4-fs (loop3): 1 orphan inode deleted [ 425.808255][ T7802] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 425.837875][ T7828] tipc: Enabling of bearer rejected, failed to enable media [ 426.279476][ T5815] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 427.568994][ T7856] netlink: 12 bytes leftover after parsing attributes in process `syz.0.681'. [ 428.159496][ T4293] nci: nci_rf_discover_ntf_packet: unsupported rf_tech_and_mode 0xb [ 428.168330][ T4293] ===================================================== [ 428.175805][ T4293] BUG: KMSAN: uninit-value in nci_ntf_packet+0x2b0b/0x42b0 [ 428.183435][ T4293] nci_ntf_packet+0x2b0b/0x42b0 [ 428.188554][ T4293] nci_rx_work+0x403/0x750 [ 428.193461][ T4293] process_scheduled_works+0xb91/0x1d80 [ 428.201961][ T4293] worker_thread+0xedf/0x1590 [ 428.207284][ T4293] kthread+0xd59/0xf00 [ 428.211582][ T4293] ret_from_fork+0x1e0/0x310 [ 428.217287][ T4293] ret_from_fork_asm+0x1a/0x30 [ 428.222316][ T4293] [ 428.224934][ T4293] Uninit was created at: [ 428.229459][ T4293] kmem_cache_alloc_node_noprof+0x818/0xf00 [ 428.237432][ T4293] kmalloc_reserve+0x13c/0x4b0 [ 428.243563][ T4293] __alloc_skb+0x347/0x7d0 [ 428.248213][ T4293] virtual_ncidev_write+0x6b/0x430 [ 428.255122][ T4293] vfs_write+0x460/0x1580 [ 428.259680][ T4293] __x64_sys_write+0x1fb/0x4d0 [ 428.265318][ T4293] x64_sys_call+0x38c3/0x3db0 [ 428.270255][ T4293] do_syscall_64+0xd9/0x210 [ 428.275183][ T4293] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 428.282714][ T4293] [ 428.285406][ T4293] CPU: 1 UID: 0 PID: 4293 Comm: kworker/u8:26 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(none) [ 428.296606][ T4293] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 428.307059][ T4293] Workqueue: nfc2_nci_rx_wq nci_rx_work [ 428.313150][ T4293] ===================================================== [ 428.320235][ T4293] Disabling lock debugging due to kernel taint [ 428.326900][ T4293] Kernel panic - not syncing: kmsan.panic set ... [ 428.333524][ T4293] CPU: 1 UID: 0 PID: 4293 Comm: kworker/u8:26 Tainted: G B 6.16.0-rc7-syzkaller #0 PREEMPT(none) [ 428.345819][ T4293] Tainted: [B]=BAD_PAGE [ 428.350127][ T4293] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 428.360360][ T4293] Workqueue: nfc2_nci_rx_wq nci_rx_work [ 428.366164][ T4293] Call Trace: [ 428.369585][ T4293] [ 428.372642][ T4293] __dump_stack+0x26/0x30 [ 428.377218][ T4293] dump_stack_lvl+0x53/0x270 [ 428.382048][ T4293] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 428.388084][ T4293] dump_stack+0x1e/0x25 [ 428.392470][ T4293] panic+0x4bd/0xd50 [ 428.396636][ T4293] kmsan_report+0x31c/0x320 [ 428.401359][ T4293] ? __msan_warning+0x1b/0x30 [ 428.406191][ T4293] ? nci_ntf_packet+0x2b0b/0x42b0 [ 428.411407][ T4293] ? nci_rx_work+0x403/0x750 [ 428.416177][ T4293] ? process_scheduled_works+0xb91/0x1d80 [ 428.422142][ T4293] ? worker_thread+0xedf/0x1590 [ 428.427231][ T4293] ? kthread+0xd59/0xf00 [ 428.431656][ T4293] ? ret_from_fork+0x1e0/0x310 [ 428.436650][ T4293] ? ret_from_fork_asm+0x1a/0x30 [ 428.441817][ T4293] ? ret_from_fork_asm+0x1a/0x30 [ 428.446970][ T4293] ? vprintk_emit+0xab3/0xcd0 [ 428.451867][ T4293] ? vprintk_default+0x3f/0x50 [ 428.456843][ T4293] ? vprintk+0x36/0x50 [ 428.461136][ T4293] ? _printk+0x17e/0x1b0 [ 428.465605][ T4293] ? kmsan_get_metadata+0xfb/0x160 [ 428.470928][ T4293] __msan_warning+0x1b/0x30 [ 428.475619][ T4293] nci_ntf_packet+0x2b0b/0x42b0 [ 428.480712][ T4293] ? kmsan_internal_unpoison_memory+0x14/0x20 [ 428.487061][ T4293] ? sk_skb_reason_drop+0x13f/0x440 [ 428.492513][ T4293] nci_rx_work+0x403/0x750 [ 428.497171][ T4293] ? __pfx_nci_rx_work+0x10/0x10 [ 428.502347][ T4293] process_scheduled_works+0xb91/0x1d80 [ 428.508205][ T4293] worker_thread+0xedf/0x1590 [ 428.513164][ T4293] kthread+0xd59/0xf00 [ 428.517445][ T4293] ? __pfx_worker_thread+0x10/0x10 [ 428.522830][ T4293] ? __pfx_kthread+0x10/0x10 [ 428.527628][ T4293] ret_from_fork+0x1e0/0x310 [ 428.532426][ T4293] ? __pfx_kthread+0x10/0x10 [ 428.537213][ T4293] ret_from_fork_asm+0x1a/0x30 [ 428.542232][ T4293] [ 428.545754][ T4293] Kernel Offset: disabled [ 428.550181][ T4293] Rebooting in 86400 seconds..