last executing test programs: 46.223208225s ago: executing program 2 (id=69): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000c00), 0x5, r0}, 0x38) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='kfree\x00', r1, 0x0, 0x2}, 0x18) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, 0x0, &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) r2 = syz_io_uring_setup(0xd2, &(0x7f0000000480)={0x0, 0xfffffffb, 0x80, 0x1, 0x357}, &(0x7f0000000080)=0x0, &(0x7f0000000340)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000400)={0x1, &(0x7f0000000200)=[{0x2c, 0x0, 0x0, 0x4}]}, 0x10) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) syz_io_uring_submit(r3, r4, &(0x7f0000000200)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x42, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x1, {0x2}}) io_uring_enter(r2, 0x47bc, 0x2, 0x0, 0x0, 0x0) 46.186771906s ago: executing program 2 (id=70): r0 = socket(0x1e, 0x4, 0x0) r1 = socket(0x1e, 0x2, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc, 0xfffffffc}, 0x10) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc, 0x0, 0x2, 0x4}, 0x10) sendmmsg(r0, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x3514}], 0x1}}], 0x400000000000181, 0x9200000000000000) r2 = dup3(r1, r0, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0x8, 0x2}, 0x50) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000840)={{r3}, &(0x7f0000000600), &(0x7f0000000800)}, 0x20) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10) recvmmsg(r2, &(0x7f0000008840)=[{{0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000040)=""/8, 0x8}], 0x1}, 0xffffffff}], 0x1, 0x40000001, 0x0) 46.028580249s ago: executing program 2 (id=73): r0 = creat(&(0x7f0000000080)='./file0\x00', 0xc7) close(r0) r1 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r1, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000), 0x101000, 0x800, 0x3, 0x1}, 0x20) setsockopt$XDP_TX_RING(r1, 0x11b, 0x3, &(0x7f00000003c0)=0x800, 0x4) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'veth1_to_batadv\x00', 0x0}) setsockopt$XDP_UMEM_COMPLETION_RING(r1, 0x11b, 0x6, &(0x7f0000000180)=0x20, 0x4) setsockopt$XDP_UMEM_FILL_RING(r1, 0x11b, 0x5, &(0x7f0000000140)=0x4000, 0x4) bind$xdp(r1, &(0x7f00000001c0)={0x2c, 0x8, r3}, 0x10) mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r0}}) 45.96691287s ago: executing program 2 (id=75): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0xae, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r0}, 0x10) timer_delete(0x0) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x41, &(0x7f0000000080), 0x64, 0x50a, &(0x7f0000000200)="$eJzs3UFvG1kdAPD/OHZp2nSTBQ6wEsvCLkorqJ1s2DbiUIqE4FQJKPcSEieK4sRR7LRNVEEqPgASQoDECS5ckPgASKgSF44IqRKcQYBACFo4cIDOyvY4TVM7cVs3TuPfT5rMmzfz/H/P0YznzTzNBDC03oqIqxHxKE3TCxExnuXnsil2WlNju4cP7sw3piTS9Po/k0iyvPZnJdn8bFbsdER87csR30yejlvb2l6Zq1TKG9lyqb66XqptbV9cXp1bKi+V12Zmpi/NXp59b3aqL+08FxFXvvjXH3z3Z1+68qvP3PrTjb+f/1ajWmPZ+r3teEb5g1a2ml5ofhd7C2w8Z7DjKN9sYWa00xYjT+Xcfcl1AgCgs8Y5/gcj4pMRcSHGY+Tg01kAAADgFZR+fiz+l0SknZ3qkg8AAAC8QnLNMbBJrpiNBRiLXK5YbI3h/XCcyVWqtfqnF6ubawutsbITUcgtLlfKU9lY4YkoJI3l6Wb68fK7+5ZnIuL1iPj++GhzuThfrSwM+uIHAAAADImz+/r//xlv9f8BAACAE2Zi0BUAAAAAXjr9fwAAADj59P8BAADgRPvKtWuNKW2//3rh5tbmSvXmxYVybaW4ujlfnK9urBeXqtWl5jP7Vg/7vEq1uv7ZWNu8XaqXa/VSbWv7xmp1c61+Y/mJV2ADAAAAR+j1j9/7QxIRO58bbU4Np3or2uNmwHGV300l2bzDbv3H11rzvxxRpYAjMTLoCgADkx90BYCBKQy6AsDAJYes7zp457fZ/BP9rQ8AANB/kx/tfv8/d2DJnYNXA8eenRiGl/v/MLya9/97HcnrZAFOlIIzABh6L3z//1Bp+kwVAgAA+m6sOSW5YnZ5byxyuWIx4lzztQCFZHG5Up6KiNci4vfjhQ80lqebJZND+wwAAAAAAAAAAAAAAAAAAAAAAAAAQEuaJpECAAAAJ1pE7m/Jr1vP8p8cf2ds//WBU8l/xyN7ReitH1//4e25en1jupH/r938+o+y/HcHcQUDAAAAhsIzvcC/3U9v9+MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoJ8ePrgz356OMu4/vhARE53i5+N0c346ChFx5t9J5PeUy0XESB/ijzb+fKRT/KRRrd2Q++Mn7bIvaOfugfFjIvsWOsU/24f4MMzuNY4/Vzvtf7l4qznvvP/lI55Yfl7dj3+xe/wb6bL/n+sxxhv3f1HqGv9uxBv5zsefdvykS/y3e4z/ja9vb3dbl/4kYrLj70/yRKxSfXW9VNvavri8OrdUXiqvzcxMX5q9PPve7FRpcblSzv52jPG9j/3y0UHtP9Ml/sQh7X+nx/b///7tBx9qJQud4p9/u0P83/w02+Lp+O3fvk9l6cb6yXZ6p5Xe682f/+7Ng9q/0KX9h/3/z/fY/gtf/c6fe9wUADgCta3tlblKpbxxYhONXvoxqIbEMUx8u68fmKZp2tinXuBzkjgOX0szMegjEwAA0G+PT/oHXRMAAAAAAAAAAAAAAAAAAAAYXkfxOLH9MXd2U0k/HqENAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANAX7wcAAP//ZWfZVg==") r1 = fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0) r2 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0) write$binfmt_register(r2, &(0x7f00000000c0)={0x3a, 'syz3', 0x3a, 'M', 0x3a, 0x9, 0x3a, '+\'', 0x3a, '', 0x3a, './file2', 0x3a, [0x46]}, 0x2a) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r1, 0x7, 0x0, 0x0, 0x0) 45.621361374s ago: executing program 2 (id=83): bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000080000000050000000010"], 0x48) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000000c0)='sys_enter\x00', r2}, 0x18) rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x0, 0x8) r3 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) waitid(0x2, 0x0, 0x0, 0x4, 0x0) r4 = syz_pidfd_open(r3, 0x0) pidfd_send_signal(r4, 0x2, 0x0, 0x0) 42.514058538s ago: executing program 2 (id=138): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x37, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0xd}, 0x4c58, 0x10000, 0x0, 0x1, 0x8, 0x20002, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000006c0)=ANY=[@ANYBLOB="18000000000000000000000095980000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f0ffffffb702000005000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000440)=ANY=[@ANYBLOB="4c00000002060108000034e40000000000000000050001000600000005000400000000000900020073797a3100000080050005000200000011000300686173683a69702c706f7274"], 0x4c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) sendmsg$IPSET_CMD_ADD(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)=ANY=[@ANYBLOB="50000000090601020000000000000000020000840900020073797a31000000000500010007000000280007800c00018008000140fffffff70500070084000000060004404e22000006000540"], 0x50}, 0x1, 0x0, 0x0, 0x10000082}, 0x90) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2d, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r3}, 0x10) r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r4, &(0x7f0000000f80)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000006c0)=@newtaction={0xf8, 0x30, 0xffff, 0x70bd25, 0x0, {}, [{0xe4, 0x1, [@m_police={0x6c, 0x1, 0x0, 0x0, {{0xb}, {0x40, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c, 0x1, {0x0, 0x3, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x4}, {0x0, 0x0, 0x0, 0x40}, 0x0, 0x0, 0x6}}]]}, {0x4}, {0xc}, {0xc}}}, @m_gact={0x48, 0x2, 0x0, 0x0, {{0x9}, {0x1c, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc}}}, @m_bpf={0x2c, 0x3, 0x0, 0x0, {{0x8}, {0x4}, {0x4}, {0xc}, {0xc}}}]}]}, 0xf8}, 0x1, 0x0, 0x0, 0x20044815}, 0x4040045) 42.498431688s ago: executing program 32 (id=138): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x37, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0xd}, 0x4c58, 0x10000, 0x0, 0x1, 0x8, 0x20002, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000006c0)=ANY=[@ANYBLOB="18000000000000000000000095980000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f0ffffffb702000005000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000440)=ANY=[@ANYBLOB="4c00000002060108000034e40000000000000000050001000600000005000400000000000900020073797a3100000080050005000200000011000300686173683a69702c706f7274"], 0x4c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) sendmsg$IPSET_CMD_ADD(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)=ANY=[@ANYBLOB="50000000090601020000000000000000020000840900020073797a31000000000500010007000000280007800c00018008000140fffffff70500070084000000060004404e22000006000540"], 0x50}, 0x1, 0x0, 0x0, 0x10000082}, 0x90) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2d, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r3}, 0x10) r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r4, &(0x7f0000000f80)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000006c0)=@newtaction={0xf8, 0x30, 0xffff, 0x70bd25, 0x0, {}, [{0xe4, 0x1, [@m_police={0x6c, 0x1, 0x0, 0x0, {{0xb}, {0x40, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c, 0x1, {0x0, 0x3, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x4}, {0x0, 0x0, 0x0, 0x40}, 0x0, 0x0, 0x6}}]]}, {0x4}, {0xc}, {0xc}}}, @m_gact={0x48, 0x2, 0x0, 0x0, {{0x9}, {0x1c, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc}}}, @m_bpf={0x2c, 0x3, 0x0, 0x0, {{0x8}, {0x4}, {0x4}, {0xc}, {0xc}}}]}]}, 0xf8}, 0x1, 0x0, 0x0, 0x20044815}, 0x4040045) 3.49122179s ago: executing program 0 (id=922): r0 = socket(0x40000000015, 0x5, 0x0) connect$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a000000020000000110000007"], 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r1}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r2}, 0x10) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x300000e, 0x20c44fb6edc09a38, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0900000004000000e27f000001"], 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000600), &(0x7f0000000340), 0x2931890e, r3}, 0x38) 2.947737148s ago: executing program 0 (id=918): r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x95, 0x3}, 0x100002, 0x0, 0xfffffffc, 0x3, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10) capset(&(0x7f0000000040)={0x19980330}, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x81, 0xffffffff, 0xfffffffd}) r3 = syz_io_uring_setup(0x4b5, &(0x7f00000004c0)={0x0, 0x80086e1, 0x2, 0x8, 0x1}, &(0x7f0000010080), &(0x7f0000000000)) setrlimit(0x40000000000008, &(0x7f0000000000)={0x0, 0x8}) io_uring_register$IORING_REGISTER_BUFFERS(r3, 0x0, &(0x7f0000001600)=[{&(0x7f0000000300)=""/43, 0x2b}], 0x1) 2.867716099s ago: executing program 0 (id=920): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) memfd_create(0x0, 0x0) bind$tipc(0xffffffffffffffff, &(0x7f0000000080)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x200, 0xfffffffd}}, 0x10) r0 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x0) fchdir(r1) r2 = open(&(0x7f0000000040)='./bus\x00', 0x143142, 0x80) ftruncate(r2, 0x2007ffb) sendfile(r2, r2, 0x0, 0x1000000201005) 2.741782571s ago: executing program 1 (id=926): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x1, 0x0, 0x7ffc1ffb}]}) bpf$MAP_CREATE(0x0, 0x0, 0x48) r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r2}, 0x10) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x4, &(0x7f0000000700)=ANY=[@ANYBLOB="18020000090000000000000000000000850000004100000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r3, 0x0, 0xe, 0x0, &(0x7f0000000240)="bf1ea0e3c19ed614ebadb3161741", 0x0, 0x500, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x9}, 0x50) 2.371847776s ago: executing program 1 (id=931): r0 = socket(0x10, 0x3, 0x0) r1 = epoll_create1(0x0) r2 = fcntl$dupfd(r0, 0x0, r1) r3 = epoll_create1(0x80000) epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r2, &(0x7f00000000c0)={0x10000000}) r4 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r0, &(0x7f0000000340)) epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r2, &(0x7f000086fff4)) r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6}]}) socket$inet(0x2, 0x4, 0x2) close_range(r5, 0xffffffffffffffff, 0x3e00000000000000) 2.218083298s ago: executing program 0 (id=936): r0 = creat(&(0x7f0000000080)='./file0\x00', 0xc7) close(r0) r1 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r1, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000), 0x101000, 0x800, 0x2, 0x4}, 0x20) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'veth1_to_batadv\x00', 0x0}) setsockopt$XDP_RX_RING(r1, 0x11b, 0x2, &(0x7f0000000200)=0x2000, 0x4) setsockopt$XDP_UMEM_COMPLETION_RING(r1, 0x11b, 0x6, &(0x7f0000000180)=0x20, 0x4) setsockopt$XDP_UMEM_FILL_RING(r1, 0x11b, 0x5, &(0x7f0000000140)=0x4000, 0x4) bind$xdp(r1, &(0x7f00000001c0)={0x2c, 0x8, r3}, 0x10) mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r0}}) 2.13480467s ago: executing program 3 (id=939): r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40000100, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x7}, 0x0, 0x800, 0xfffffffc, 0x7, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x11, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x1, 0x0, 0x0, 0x41000, 0x37, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x200}, 0x94) r2 = socket$inet6(0x10, 0x3, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000380)='neigh_update\x00', r3}, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0) mount$9p_tcp(&(0x7f0000000100), &(0x7f0000000140)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='trans=tcp,por']) sendto$inet6(r2, &(0x7f00000000c0)="900000001c001f4d154a817393278bff0a80a578020000000104740014000100ac1414bb0542d6401051a2d708f37ac8da1a297e0099c5ac0000c5b068d0bf46d323456536016466fcb78dcaaf6c3efed495a46215be0000760700c0c80cefd28581d158ba86c9d2896c6d3bca2d0000000b0015009e49a6560641263da4de1df32c1739d7fbee9aa241731ae9e0b390", 0x90, 0x0, 0x0, 0x0) 2.076121961s ago: executing program 3 (id=942): r0 = socket(0x1e, 0x4, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000100)=@req={0x3fc, 0x4000}, 0x10) r1 = socket(0x1e, 0x4, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000004c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x7}, 0x94) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10) sendmmsg(r1, &(0x7f00000030c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x9200000000000000) recvfrom(r0, &(0x7f0000000140)=""/104, 0xfffffffffffffef3, 0x12040, 0x0, 0x0) 2.050244401s ago: executing program 3 (id=943): syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000002c0)='./file0\x00', 0x10, &(0x7f0000000040)={[{@mb_optimize_scan}, {@nobarrier}]}, 0x1, 0x59d, &(0x7f0000001100)="$eJzs3c9vFGUfAPDvs7stlAItb97kfZGDTUiERG1pwWiMiRDx5sEfJJ5IrG0hhAUaWhNBjJDgf6B/gIk3E2M8EmOIevHqzcSriSESA714WzO7s2WB3f7cMsh8PsnQ55mnk+8zu3z7zDw7MxtAaY1l/1Qi9kbEfIoY6WirRd441vq9u3euzCzduTKTotF4568UKV/X/v2U/xzON94eEb/8kOI/1YfjLly6fHa6Xp+7mNcnFs/NTyxcuvz8mXPTp+dOz52fmnxx8oUjh6eOHOrLfu6KiJ/Gj9eun3pt3zczX+755LuvbqQ4Gjvz9s796JexGFt+TTplr+tL/Q5WkGq+P51vcaoV2CHWpf3+DUTE/2IkqnHvzRuJT98qtHPAlmqkiAZQUkn+Q0m1jwOy89/2UuwRCfCo3D7WmgC4m1pze0vL+V9rzQ3G9ubcwI6lFJ3TOiki+jEzl8WYfyaNZEts0Twc0N3VaxHx/27jf2rm5mhzFj/L/8p9+V+JiDfzn9n6tzcYf+yBuvyHR2cz+f9eR/6/v8H48h8AAAAAAAD65+axiHiu2+d/leXrf6LL9T/DEXG0D/FX//yvcqsPYYAubh+LeCUi2tf+LXXkf260mtd2Na8HGEinztTnDkXE7og4GAPbsvrkCjHG9v080LOt4/q/bMnit68FzPtxq7bt/m1mpxenN7PPQMvtaxFP1brlf1oe/1OX8T8b++fXGKNx/NUfe7Wtnv/AVml8EXGg6/h/78kVaeXnc0w0jwcm2kcFD/vo5I1ve8WX/1CcbPzfsXL+j6bO5/UsrD/Gx3/+ton87378P5hONB85M5iv+3B6cfHiZMRgeuPh9VPr7zM8idr50M6XLP8P7u9+/r/S8f9QRFxdY8wT379+vVeb8R+KM3QtYnZd4//6C/vf/fzvXvHXNv4faY7pB/M15v9gZWtN0KL7CQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/RpWI2BmpMr5crlTGxyOGI+K/saNSv7Cw+OypCx+cn83amt//X2l/0+9Iq57a3/8/2lGfeqB+OCL2RMRn1aFmfXzmQn226J0HAAAAAAAAAAAAAAAAAACAx8Rwj/v/M39Ui+4dsOVqRXcAKIz8h/KS/1Be8h/KS/5Decl/KC/5D+Ul/6G85D+UV7Xx9cmi+wAAAAAAAPTNnqdv/poi4urLQ80lM5i3DRTaM2CrHS26A0BhPOIHysulf1Beq53jmwOAJ19apX37hrcEAAAAAAAAAAAAAPrlwF73/0NZVYruAFCY3vf/ezIAPOnc/w/l5RwfcP8/AAAAAAAAAAAAADz+Fi5dPjtdr89d3Ghh2+Y2V1BYa+H33a3/s49Lf9ZfiNSHjHtEhaL/MgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG3/BAAA//9r5fVk") chroot(&(0x7f0000000340)='./file0\x00') r0 = socket$inet_sctp(0x2, 0x5, 0x84) close(r0) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="05000000040000000800000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x10, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r2}, &(0x7f0000000040), &(0x7f0000000280)}, 0x20) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000040)={0x0, 0x10, &(0x7f0000000000)=[@in={0x2, 0x0, @private=0xa010101}]}, &(0x7f0000000080)=0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x1d, &(0x7f0000000140)={0x1, [0x0]}, &(0x7f0000000240)=0x8) sendmsg$inet_sctp(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f00000001c0)='F', 0x1}, {0x0}], 0x2, &(0x7f0000000180)=[@sndinfo={0x20, 0x84, 0x2, {0xa, 0x4, 0x28, 0x200000b, r3}}], 0x20, 0x2400e044}, 0x0) 1.753995545s ago: executing program 3 (id=948): r0 = syz_io_uring_setup(0x5c2, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x4}, &(0x7f0000000300)=0x0, &(0x7f0000000580)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffff8, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000004c0)=@IORING_OP_TIMEOUT={0xb, 0x18, 0x0, 0x0, 0x4, &(0x7f0000000280)={0x0, 0x989680}, 0x1, 0x40, 0x1}) io_uring_enter(r0, 0x6e2, 0x3900, 0x1, 0x0, 0xe00) bpf$MAP_CREATE(0x0, 0x0, 0x48) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) r3 = socket$tipc(0x1e, 0x5, 0x0) bind$tipc(r3, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10) r4 = socket$tipc(0x1e, 0x2, 0x0) setsockopt$TIPC_GROUP_JOIN(r4, 0x10f, 0x87, &(0x7f0000000180)={0x42, 0x0, 0x2}, 0x10) socket$netlink(0x10, 0x3, 0x0) sendmsg$tipc(r4, &(0x7f0000000540)={&(0x7f00000001c0)=@name={0x1e, 0x2, 0x0, {{0x42}, 0x2}}, 0x10, 0x0}, 0x10) 1.519455568s ago: executing program 1 (id=953): r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x80080, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) bpf$MAP_CREATE(0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x50) r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='mm_page_free\x00', r2}, 0x18) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r1) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @broadcast}}, 0x80, 0x0, 0x0, &(0x7f0000000140)=[{0x18, 0x110, 0x1, 'p'}], 0x18}, 0x0) syz_emit_ethernet(0xfdef, &(0x7f00000002c0)=ANY=[@ANYBLOB="ffffffffffffaaaaaaaaaa0086dd6002000800fe2c00fe8000000000000000000000000000bbff02000000000000000000000000000132"], 0x0) r3 = socket(0x22, 0x2, 0x3) ioctl$IMGETVERSION(r3, 0x80044942, &(0x7f0000000080)) ioctl$TUNSETOFFLOAD(0xffffffffffffffff, 0x400454d0, 0x4) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000180)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xd4, 0xd4, 0x3, [@enum64={0xe, 0x3, 0x0, 0x13, 0x1, 0x3, [{0x6, 0x7, 0x200}, {0x2, 0x401, 0x7}, {0x7, 0x4, 0x45}]}, @enum64={0x3, 0x8, 0x0, 0x13, 0x1, 0x3, [{0xa, 0x7, 0x7ff}, {0x10, 0xffffffed, 0x7}, {0x4, 0x25d1, 0x17e}, {0x2, 0x7, 0x2}, {0x8, 0x6, 0x358}, {0x3, 0x8, 0x101}, {0x7, 0x3, 0x48774233}, {0x3, 0x5}]}, @const={0x7, 0x0, 0x0, 0xa, 0x3}, @enum={0x10, 0x1, 0x0, 0x6, 0x4, [{0x3, 0x1}]}, @typedef={0xe}, @typedef={0x8}]}, {0x0, [0x30]}}, &(0x7f0000000100)=""/69, 0xef, 0x45, 0x0, 0x5, 0x10000}, 0x7) 1.465167099s ago: executing program 1 (id=954): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x80680, 0x0) r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x21, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000240)='kfree\x00', r2, 0x0, 0x4ab}, 0x18) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r3 = socket(0x400000000010, 0x3, 0x0) r4 = socket$unix(0x1, 0x5, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, r5, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0) sendmsg$nl_route_sched(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000001300)=@newtfilter={0x74, 0x2c, 0xd27, 0x70bd24, 0x8020, {0x0, 0x0, 0x0, r5, {0x5, 0x7}, {}, {0x8, 0x2}}, [@filter_kind_options=@f_basic={{0xa}, {0x44, 0x2, [@TCA_BASIC_POLICE={0x40, 0x4, [@TCA_POLICE_TBF={0x3c, 0x1, {0x2, 0x7, 0x6, 0x6, 0x0, {0x3, 0x1, 0x1, 0x8, 0xaf, 0x8}, {0x9, 0x1, 0x6, 0xc, 0x9}, 0x6, 0x1200, 0x60ee}}]}]}}]}, 0x74}, 0x1, 0x0, 0x0, 0x20048a9}, 0x20000004) 1.40170968s ago: executing program 1 (id=956): pipe(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x17, 0x0, 0x0, 0x0}, 0x94) socket$inet6(0xa, 0x3, 0x8000000003c) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4) pipe(&(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) write(r3, &(0x7f0000000140)="6d527cd53870164a3a0d4b64fb0d7bebad2dce076e7768215970e33adf15173c9e665cff10727f6273ef2aace367c13b8e834788d7da2d60077ebc24a796b221a2f39fd294dc01861206b499138d02ebf3cfc3b11f0e18858568476bac483df9c4d0a61da2d2f9b7c4cb601c0141f209fc9e06d9457920a9a749a23ccd52eb91db50189627774719cf91bd6e63a2b8a3b657c0e438ffc3e275b03ef0f384a0c1f20143b7b87f2e34729b000000805e0ad338423d4200f349c545516c46bb9f104a3816b12950faa20fab5827bc62a8d4cc12c4c8954308a933d63aa66cdb3646a37626de7361b5338c197dd3e6844dafcb4338dce0b79ee41da150eca12fbd36b4873ce8e4747b63e8830ee6c32f254d37792053e2b77cc86279ea843600"/297, 0x3accf8d5) pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd, 0x9323, 0xfffffffffffffffe, 0x0, 0x2}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x7dc48146, 0x7fffffff, 0x5539e0cf}, 0x0, 0x0) fcntl$setpipe(r0, 0x407, 0x7000000) 1.36678858s ago: executing program 0 (id=957): sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000480)=ANY=[@ANYBLOB="4c00000002060108000034e400000000000000000500010006000000"], 0x4c}}, 0x2) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000480)=ANY=[@ANYBLOB="280000002100010002000000000000000a00000000000002016200000c"], 0x28}], 0x1}, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) getpid() mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) unshare(0x40000000) 1.146140554s ago: executing program 5 (id=962): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x50) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x18) r2 = socket$inet(0xa, 0x801, 0x84) connect$inet(r2, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10) listen(r2, 0x8) r3 = accept4(r2, 0x0, 0x0, 0x0) sendto$inet(r3, &(0x7f00000002c0)="cc", 0x1, 0x0, 0x0, 0x0) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r3, 0x84, 0x7b, &(0x7f0000000140)={0x0, 0x1}, 0x8) close(r3) 1.096266584s ago: executing program 5 (id=964): bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{}, 0x0, &(0x7f00000002c0)}, 0x20) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000047b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000007b00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000540)='fib6_table_lookup\x00', r1}, 0x10) perf_event_open(&(0x7f00000001c0)={0x0, 0x80, 0x0, 0x0, 0x2a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ffffffe}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'ip6tnl0\x00', 0x210}) socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x89f1, &(0x7f0000000080)) 1.068802655s ago: executing program 5 (id=965): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r0 = openat$ttyS3(0xffffffffffffff9c, 0x0, 0x42002, 0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCVHANGUP(r0, 0x5437, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x0, 0x1, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x65, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2, 0x0, 0xffffffffffffffff}, 0x18) r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000200), 0x800) ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r3, 0x4058534c, &(0x7f0000000180)={0x80, 0x2a, 0x3}) ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r3, 0x4058534c, &(0x7f0000000040)={0x80, 0x18, 0x2, 0xfffffff7, 0x0, 0x9}) sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0) 882.480507ms ago: executing program 3 (id=968): bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[], 0x50) pipe(0x0) write$eventfd(0xffffffffffffffff, 0x0, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000040), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xa, 0x5, 0x2, 0x4}, 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x11, 0x14, &(0x7f0000000200)=ANY=[@ANYBLOB="1802000000000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb700000000000000b703000000000000850000007300000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000300)='tlb_flush\x00', r2}, 0x10) connect$netlink(0xffffffffffffffff, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x1}, 0xc) ftruncate(r0, 0x5) 850.749618ms ago: executing program 5 (id=969): bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@bloom_filter={0x1e, 0x0, 0x3, 0x7, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0xc}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000580)='./file1\x00', 0x800040, &(0x7f00000001c0), 0x1, 0x597, &(0x7f0000000b80)="$eJzs3U1sG2UaAOB3xvH2L9t0pV1pd9VDtYtUpKpO0h8onNorolKlHpC4lMhxoyhOHMUONFEO6b1C9IAA9VJucOAI4sABcUHiwpULiDNSRSOQmh7AyH9pm9jBKXWdxs8jjT3ffON5v2/G73hmNCMHMLCO1V7SiP9ExKUkYuShuqFoVh5rzLe+tpK/v7aST6JavfxzEklE3FtbybfmT5rvhyJiNSL+HRFfZSNOpFvjlpeWZyaKxcJCszxamZ0fLS8tn5yenZgqTBXmTr/40tlzZ86Onxrv3Pjszvp644ebb9/49pXbNz/+5Ohq/t2JJM7HcLPu4X48SY11ko3zm6af6UWwPkr63QAeS6aZ57VU+leMRKaZ9e1UR55q04Aeq+6LqO5Esrqj2YHdLNlZ/gN7Rus4oHb+2xoeOUDI9Pb4486FxglILe56c2jUDDWuTcT++rnJwV+SR85MauebR3rbNAbA6vWIGBsa2vr9T5rfv8c39iQaSE99eaGxobZu/3Rj/xNt9j/DrWunf1Fr/7e+Zf/3IH6mw/7vUpcxfnv9xw86xr8e8d+28ZON+Emb+GlEvNFl/FuvfX6uU131w4jj0T5+S7L99eHRq9PFwljjtW2ML44ffXm7/h/sEL9xzXZ//Wem3fqf77L/n3396f9Wt4n//P+33/7t1v+BiHiny/j/uPfRq53q7lxP7taOAna6/WvTbncZ/4Xzx77vUHWgy0UAAAAAAAAAAABtpPV72ZI0tzGeprlc4xnef8bBtFgqV05cLS3OTTbueTsS2bR1p9VIo5zUyuPN+3Fb5VObyqdb9xFnDtTLuXypONnnvgMAAAAAAAAAAAAAAAAAAMBucWjT8/+/ZurP/2/+u2pgr+r8l9/AXif/YXA9mv9JxL6+NQV4yvz+w8Cqyn8YXPIfBpf8h8El/2FwyX8YXPIfBpf8BwAAAAAAAAAAAAAAAAAAAAAAAACAnrh08WJtqN5fW8nXypNDS4szpTdPThbKM7nZxXwuX1qYz02VSlPFQi5fmv2z5RVLpfmxmFu8NloplCuj5aXlK7OlxbnKlenZianClUL2qfQKAAAAAAAAAAAAAAAAAAAAni3D9SFJcxGR1sfTNJeL+HtEHIlscnW6WBiLiMMR8V0mu69WHu93owEAAAAAAAAAAAAAAAAAAGCPKS8tz0wUi4WFARkZ2jLlm84zR8Tqk21GbYk7/lS2ua12yzp81kYObz9PJvrewt040ucdEwAAAAAAAAAAAAAAAAAADKAHD/12+4nfe9sgAAAAAAAAAAAAAAAAAAAAGEjpT0lE1IbjI88Nb679W7Keqb9HxFu3Lr93baJSWRivTb+7Mb3yfnP6qX60H+hWK09beQwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8UF5anpkoFgsLPRzpdx8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHscfAQAA//+aXtbd") r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x802, 0xa2) pwrite64(r1, &(0x7f0000000180)="f7", 0x1, 0x200980) r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) sendfile(r2, r2, 0x0, 0xe0000000) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r3}, 0x10) close(0xffffffffffffffff) 515.638813ms ago: executing program 1 (id=971): sendmsg$ETHTOOL_MSG_DEBUG_SET(0xffffffffffffffff, &(0x7f0000001540)={0x0, 0x0, &(0x7f0000001500)={&(0x7f0000000000)=ANY=[@ANYBLOB], 0x44}, 0x1, 0x0, 0x0, 0x10}, 0x8090) syz_usb_control_io$hid(0xffffffffffffffff, &(0x7f00000001c0)={0x24, &(0x7f0000001180)=ANY=[@ANYBLOB="00020c0000"], 0x0, 0x0, 0x0}, 0x0) syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0) syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0) syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x972, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) restart_syscall() socket$nl_xfrm(0x10, 0x3, 0x6) socket$inet6(0xa, 0x3, 0x26) ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8924, 0x0) 465.091413ms ago: executing program 4 (id=972): bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48) syz_open_dev$tty20(0xc, 0x4, 0x0) r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0) close(0x3) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={0x0}, 0x18) syz_open_procfs$namespace(0x0, 0xfffffffffffffffe) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x5, 0x2, 0x7, 0x0, 0x1}, 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4b, 0x0, 0x0, 0x0, 0x4000}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x8, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='tlb_flush\x00', r2}, 0x10) madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x15) 463.678523ms ago: executing program 3 (id=973): prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x2, 0x0) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x5, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1ff}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x82) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000002c0)='sched_process_fork\x00', r2}, 0x10) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 411.010084ms ago: executing program 4 (id=974): socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x1, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000700)={0x0, 0x0, 0x0}, 0x0) ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc0189374, &(0x7f0000000240)={{0x1, 0x1, 0x5f, 0xffffffffffffffff, {0x29}}, './file0\x00'}) openat$pidfd(0xffffffffffffff9c, 0x0, 0x4040, 0x0) mprotect(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x5) r0 = add_key$keyring(&(0x7f00000004c0), &(0x7f0000000580)={'syz', 0x1}, 0x0, 0x0, 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_DEBUG_SET(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000480)=ANY=[@ANYRES16, @ANYRES16, @ANYRES8], 0x38}}, 0x4000) keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r0, &(0x7f0000000200)='asymmetric\x00', &(0x7f00000002c0)=@chain) add_key$keyring(&(0x7f0000000080), &(0x7f00000000c0)={'syz', 0x1}, 0x0, 0x0, r0) 392.685444ms ago: executing program 4 (id=975): syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000c80)='./file1\x00', 0x210000, &(0x7f00000002c0)={[{@jqfmt_vfsv1}, {}, {@barrier_val}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@resuid}, {@nodiscard}, {@acl}, {@noinit_itable}]}, 0xfc, 0x572, &(0x7f0000003780)="$eJzs3d9rW1UcAPDvTdPup66DMdQHGezByVy6tv6YIDgfRYcDfZ+hvSuj6TKadKx14PbgXnyRIYg4EP8A330c/gP+FQMdDBlFH0So3PSmy9qkv5aZbPl84Lbn5N7bc78593t7Tm5CAhhYx7IfhYiXI+KbJOJQy7pi5CuPrW63/PD6VLYksbLy6Z9JJPljze2T/PeBvPJSRPz6VcTJwsZ2a4tLs+VKJZ3P62P1uStjtcWlU5fmyjPpTHp5YnLyzFuTE+++83bXYn39/N/ff3L3wzNfH1/+7uf7h28ncTYO5uta43gCN1orx8r/5qXhOLtuw/EuNNZPkl4fALsylOf5cGTXgEMxlGc98Pz7MiJWgAGVyH8YUM1xQHNu36V58DPjwQerE6BG7COt8RdXXxuJvY250f7l5LGZUTbfHe1C+1kbv/xx53a2xOavQ+zbog6wIzduRsTpYnHj9T/Jr3+7d7rx4vHm1rcxaP9/oJfuZuOfN9qN/wpr459oM/450CZ3d2Pr/C/c70IzHWXjv/fajn/XLl2jQ3nthcaYbzi5eKmSno6IFyPiRAzvyeqb3c85s3xvpdO61vFftmTtN8eC+XHcL+55fJ/pcr0cESNPEnfTg5sRrxTbxZ+s9X/Spv+z5+P8Nts4mt55tdO6reN/ulZ+initbf8/uqOVbH5/cqxxPow1z4qN/rp19LdO7fc6/qz/928e/2jSer+2tvM2ftz7T9pp3W7P/5Hks0a5mQTXyvX6/HjESPLxxscnHu3brDe3z+I/cXzz61+78z+bfH2+zfhvHbnVcdN+6P/pHfX/zgv3Pvrih07tb6//32yUTuSP5Ne/9vJzZbsH+KTPHwAAAAAAAPSTQkQcjKRQWisXCqXS6vs7jsT+QqVaq5+8WF24PB2Nz8qOxnCheaf7UMv7Icbz98M26xPr6pMRcTgivh3a16iXpqqV6V4HDwAAAAAAAAAAAAAAAAAAAH3iQIfP/2d+H+r10QFPXeOLDfb0+iiAXtjyK/+78U1PQF/aMv+B55b8h8El/2FwyX8YXPIfBpf8h8El/2FwyX8AAAAAAAAAAAAAAAAAAAAAAAAAAADoqvPnzmXLyvLD61NZffrq4sJs9eqp6bQ2W5pbmCpNVeevlGaq1ZlKWpqqzm319yrV6pXxiVi4NlZPa/Wx2uLShbnqwuX6hUtz5Zn0Qjr8v0QFAAAAAAAAAAAAAAAAAAAAz5ba4tJsuVJJ5xU6Ft6PvjiMpxngql3tXuyXKBQ6FG7m3buzvXp4UQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAdf4LAAD//++4Mnc=") r0 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0x7, 0x4, 0x208, 0xd9}, 0x50) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r1}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r2}, 0x18) pwritev2(r0, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x78c00}], 0x1, 0x1200, 0x30, 0x3) getsockopt$llc_int(0xffffffffffffffff, 0x10c, 0x9, 0x0, 0x0) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) getpid() socket$nl_route(0x10, 0x3, 0x0) setns(0xffffffffffffffff, 0x24020000) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 253.844656ms ago: executing program 5 (id=976): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$vsock_stream(0x28, 0x1, 0x0) connect$vsock_stream(r1, &(0x7f0000000140)={0x28, 0x0, 0x0, @my=0x1}, 0x10) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x10001}, 0xc104}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x11, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x40f00}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r4}, &(0x7f0000000180), &(0x7f00000001c0)=r3}, 0x20) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffff000}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r5}, 0x10) close_range(r0, r2, 0x0) 224.127717ms ago: executing program 4 (id=977): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=@base={0x7, 0x4, 0x100, 0x1, 0x28}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_WOL_GET(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)={0x2c, r3, 0x1, 0x70bd2d, 0x0, {0x1b}, [@HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'dummy0\x00'}]}]}, 0x2c}}, 0x0) r4 = socket$packet(0x11, 0x3, 0x300) socket(0x10, 0x803, 0x0) sendto$packet(r4, &(0x7f0000000480)="7eeb99b6f78ca44054798fa8d0e9", 0xe, 0x85, &(0x7f0000000140)={0x11, 0x86dd, 0x0, 0x1, 0x6, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x18}}, 0x14) getsockname$packet(0xffffffffffffffff, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000180)=0x14) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000480)={r1, 0xe0, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, &(0x7f00000001c0)=[0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1, &(0x7f0000000200)=[0x0, 0x0], &(0x7f0000000240)=[0x0], 0x0, 0xed, &(0x7f0000000280)=[{}, {}, {}, {}], 0x20, 0x10, &(0x7f00000002c0), &(0x7f0000000300), 0x8, 0xac, 0x8, 0x8, &(0x7f0000000340)}}, 0x10) 213.239057ms ago: executing program 0 (id=978): bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=") r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0) getsockopt$sock_timeval(0xffffffffffffffff, 0x1, 0x15, 0x0, &(0x7f00000000c0)) r1 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x0) write(r1, &(0x7f0000004200)='t', 0x1) sendfile(r1, r0, 0x0, 0x3ffff) add_key$keyring(&(0x7f00000000c0), &(0x7f0000000400)={'syz', 0x0}, 0x0, 0x0, 0xffffffffffffffff) r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYRES32=0x0, @ANYBLOB='\x00'/19, @ANYRES32=0x0, @ANYBLOB='\x00'/27], 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7020000140000e5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10) sendfile(r1, r0, 0x0, 0x7ffff000) 103.677528ms ago: executing program 4 (id=979): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000006ffc)=0x4000000000000200, 0xe50fb6c50bc849c9) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000001e00100000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000fcffffffb702000004000000b7030000000000de850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='kmem_cache_free\x00', r3}, 0x10) sendmsg$nl_route_sched(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0) getsockname$packet(r2, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000180)=0x14) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r4, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000940)=@newqdisc={0x78, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}, {0xffe0}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x4c, 0x2, [@TCA_TBF_RATE64={0xc, 0x4, 0x4e1e2563543d84f9}, @TCA_TBF_PBURST={0x8, 0x7, 0x1fc0}, @TCA_TBF_PARMS={0x28, 0x1, {{0x0, 0x0, 0x0, 0xffff}, {0x0, 0x0, 0x0, 0x8, 0x2, 0x3}, 0x0, 0x81}}, @TCA_TBF_PRATE64={0xc, 0x5, 0xcb59372f370e8465}]}}]}, 0x78}}, 0x4000080) bind$packet(r0, &(0x7f0000000040)={0x11, 0x0, r4, 0x1, 0x0, 0x6, @remote}, 0x14) sendto$inet6(r0, &(0x7f0000000800)="4103082c1116480401020200c52cf7c25975e005b02f000006892f000300897c6b118777faffffff3066090cb600c5471d130a66321a54e7df305fbe258161b6fd8f2428652265d94c6fdbaefc57376a57c2feffff188be9427c323ef024a37016d2a7f9ab6e7941a6fc4f95aa73c1dfff4941f6503b5bd8c91db22cd33795481c94085fa12cdc679ac2a5d7b5d99b93fb07acb0da680e78b74c74aae8d7690d5986a9af81622a0ac210bc7b5ca5fed11cb54d046642670041e846bb184ff5d39fe8516d2d2a8d84e6e7dfcb2b8a8023444db513a3d7a124b59f0a5cd36489dbbb75cce3145d0ea3c3aa21af7cbcbc7a7575db782e757ca543109f5ddcec4930aa91f4119ea3d1f56140cb86cfe0724b23904ef5d05c725ee23918a502b1afe09fb0757d", 0xfc13, 0x880, 0x0, 0xfffffffffffffef0) 34.804189ms ago: executing program 4 (id=980): r0 = socket(0x10, 0x803, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), r0) getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0xa) sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="4800000010000507000000000000000000000002", @ANYRES32=r1, @ANYBLOB="0000400000000002280012000c00010076657468"], 0x48}}, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=ANY=[@ANYBLOB="2800000014002101000000000000000002200000", @ANYRES32=r1, @ANYBLOB="08000400ffffffff08000200e0"], 0x28}}, 0x4048001) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=ANY=[@ANYBLOB="280000001400212100000000000000000200"], 0x28}}, 0x0) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000480)=@ipv4_newaddr={0x20, 0x14, 0x121, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, r5}, [@IFA_LOCAL={0x8, 0x2, @dev}]}, 0x20}}, 0x0) sendmsg$nl_route(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=@ipv4_deladdr={0x18, 0x15, 0x1, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, r5}}, 0x18}}, 0x0) 0s ago: executing program 5 (id=981): r0 = socket$kcm(0x2d, 0x2, 0x0) r1 = socket$kcm(0x2d, 0x2, 0x0) ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x89e2, &(0x7f0000000380)={r0}) close(r2) socket$inet6_sctp(0xa, 0x5, 0x84) r3 = syz_io_uring_setup(0x19ec, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000040)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r4, 0x0, &(0x7f00000001c0)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x40, 0x0, 0x3, 0x1, 0x0, 0xce}) r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) write$UHID_CREATE2(r6, &(0x7f00000001c0)=ANY=[@ANYBLOB='.'], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r6, 0x0) syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x55, 0x2000, @fd_index=0xd, 0x7, 0x0, 0x0, 0x0, 0x1}) io_uring_enter(r3, 0x2d3e, 0x0, 0x0, 0x0, 0x0) kernel console output (not intermixed with test programs): ridge0: port 2(bridge_slave_1) entered forwarding state [ 35.862938][ T3307] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 35.873372][ T3307] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 35.908773][ T3305] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 35.919306][ T3305] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 35.936031][ T3310] 8021q: adding VLAN 0 to HW filter on device bond0 [ 35.965864][ T3306] 8021q: adding VLAN 0 to HW filter on device bond0 [ 35.979292][ T3310] 8021q: adding VLAN 0 to HW filter on device team0 [ 35.992241][ T3307] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 36.006574][ T3306] 8021q: adding VLAN 0 to HW filter on device team0 [ 36.021587][ T290] bridge0: port 1(bridge_slave_0) entered blocking state [ 36.028699][ T290] bridge0: port 1(bridge_slave_0) entered forwarding state [ 36.037650][ T290] bridge0: port 2(bridge_slave_1) entered blocking state [ 36.044800][ T290] bridge0: port 2(bridge_slave_1) entered forwarding state [ 36.069809][ T3310] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 36.080354][ T3310] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 36.095364][ T290] bridge0: port 1(bridge_slave_0) entered blocking state [ 36.102424][ T290] bridge0: port 1(bridge_slave_0) entered forwarding state [ 36.111122][ T290] bridge0: port 2(bridge_slave_1) entered blocking state [ 36.118278][ T290] bridge0: port 2(bridge_slave_1) entered forwarding state [ 36.145518][ T3317] 8021q: adding VLAN 0 to HW filter on device bond0 [ 36.177029][ T3305] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 36.193578][ T3317] 8021q: adding VLAN 0 to HW filter on device team0 [ 36.226839][ T290] bridge0: port 1(bridge_slave_0) entered blocking state [ 36.233970][ T290] bridge0: port 1(bridge_slave_0) entered forwarding state [ 36.259564][ T290] bridge0: port 2(bridge_slave_1) entered blocking state [ 36.266705][ T290] bridge0: port 2(bridge_slave_1) entered forwarding state [ 36.328692][ T3306] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 36.336764][ T3307] veth0_vlan: entered promiscuous mode [ 36.368311][ T3310] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 36.381847][ T3307] veth1_vlan: entered promiscuous mode [ 36.418733][ T3305] veth0_vlan: entered promiscuous mode [ 36.429488][ T3307] veth0_macvtap: entered promiscuous mode [ 36.443069][ T3307] veth1_macvtap: entered promiscuous mode [ 36.458038][ T3305] veth1_vlan: entered promiscuous mode [ 36.466074][ T3307] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 36.477316][ T3307] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 36.497768][ T3317] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 36.511687][ T3307] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 36.520590][ T3307] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 36.529417][ T3307] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 36.538255][ T3307] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 36.618029][ T3310] veth0_vlan: entered promiscuous mode [ 36.625061][ T3305] veth0_macvtap: entered promiscuous mode [ 36.636565][ T3310] veth1_vlan: entered promiscuous mode [ 36.648391][ T3307] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 36.655939][ T3305] veth1_macvtap: entered promiscuous mode [ 36.710944][ T3306] veth0_vlan: entered promiscuous mode [ 36.718238][ T3310] veth0_macvtap: entered promiscuous mode [ 36.728304][ T3305] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 36.742269][ T3310] veth1_macvtap: entered promiscuous mode [ 36.753431][ T3310] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 36.766002][ T3305] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 36.782654][ T3310] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 36.791380][ T3317] veth0_vlan: entered promiscuous mode [ 36.797507][ T3476] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6'. [ 36.800873][ T3317] veth1_vlan: entered promiscuous mode [ 36.814178][ T3305] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 36.822979][ T3305] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 36.831793][ T3305] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 36.840636][ T3305] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 36.855002][ T3310] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 36.863743][ T3310] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 36.872616][ T3310] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 36.881400][ T3310] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 36.895434][ T3306] veth1_vlan: entered promiscuous mode [ 36.950989][ T3306] veth0_macvtap: entered promiscuous mode [ 36.969564][ T3317] veth0_macvtap: entered promiscuous mode [ 36.987802][ T3306] veth1_macvtap: entered promiscuous mode [ 36.998455][ T3317] veth1_macvtap: entered promiscuous mode [ 37.025580][ T3306] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 37.041412][ T3317] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 37.066703][ T3306] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 37.076387][ T3317] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 37.085115][ C0] hrtimer: interrupt took 27360 ns [ 37.091615][ T3306] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 37.100483][ T3306] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 37.109291][ T3306] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 37.118078][ T3306] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 37.135110][ T3317] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 37.143896][ T3317] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 37.152694][ T3317] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 37.161468][ T3317] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 37.203279][ T29] kauditd_printk_skb: 37 callbacks suppressed [ 37.203297][ T29] audit: type=1400 audit(1751996363.993:109): avc: denied { create } for pid=3492 comm="syz.2.10" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 37.233440][ T29] audit: type=1400 audit(1751996364.023:110): avc: denied { write } for pid=3492 comm="syz.2.10" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 37.253838][ T29] audit: type=1400 audit(1751996364.023:111): avc: denied { read } for pid=3492 comm="syz.2.10" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 37.259080][ T3493] netlink: 28 bytes leftover after parsing attributes in process `syz.2.10'. [ 37.276360][ T29] audit: type=1400 audit(1751996364.033:112): avc: denied { create } for pid=3492 comm="syz.2.10" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 37.558986][ T3496] IPVS: sync thread started: state = BACKUP, mcast_ifn = vcan0, syncid = 0, id = 0 [ 37.585607][ T29] audit: type=1400 audit(1751996364.373:113): avc: denied { allowed } for pid=3500 comm="syz.4.5" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1 [ 37.604815][ T29] audit: type=1400 audit(1751996364.373:114): avc: denied { create } for pid=3500 comm="syz.4.5" anonclass=[io_uring] scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 37.661275][ T3507] netlink: 'syz.0.13': attribute type 1 has an invalid length. [ 37.732695][ T3507] netlink: 8 bytes leftover after parsing attributes in process `syz.0.13'. [ 37.840397][ T29] audit: type=1400 audit(1751996364.483:115): avc: denied { name_bind } for pid=3500 comm="syz.4.5" src=20002 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1 [ 37.861915][ T29] audit: type=1400 audit(1751996364.483:116): avc: denied { node_bind } for pid=3500 comm="syz.4.5" src=20002 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1 [ 37.882370][ T29] audit: type=1326 audit(1751996364.483:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3501 comm="syz.3.4" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f281945e929 code=0x7ffc0000 [ 37.905511][ T29] audit: type=1326 audit(1751996364.483:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3501 comm="syz.3.4" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f281945e929 code=0x7ffc0000 [ 38.073517][ T3524] loop1: detected capacity change from 0 to 512 [ 38.117448][ T3526] netlink: 56 bytes leftover after parsing attributes in process `syz.4.21'. [ 38.137596][ T3524] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 38.150452][ T3526] netlink: 24 bytes leftover after parsing attributes in process `syz.4.21'. [ 38.157837][ T3524] ext4 filesystem being mounted at /1/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 38.179635][ T3530] netlink: 'syz.2.22': attribute type 2 has an invalid length. [ 38.187405][ T3530] netlink: 'syz.2.22': attribute type 1 has an invalid length. [ 38.195048][ T3530] netlink: 199820 bytes leftover after parsing attributes in process `syz.2.22'. [ 38.208051][ T3530] SELinux: Context system_u:object_r:fsadm_exec_t:s0 is not valid (left unmapped). [ 38.349952][ T3544] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 38.665427][ T3563] netlink: 'syz.3.36': attribute type 12 has an invalid length. [ 38.738910][ T3570] loop4: detected capacity change from 0 to 512 [ 38.746795][ T3570] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 38.759943][ T3570] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 38.771377][ T3570] EXT4-fs warning (device loop4): ext4_expand_extra_isize_ea:2848: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 38.784678][ T3570] EXT4-fs (loop4): 1 truncate cleaned up [ 38.790687][ T3570] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 38.826057][ T3306] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 38.914198][ T3310] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 39.152546][ T3597] loop1: detected capacity change from 0 to 2048 [ 39.175018][ T3597] EXT4-fs (loop1): failed to initialize system zone (-117) [ 39.192579][ T3597] EXT4-fs (loop1): mount failed [ 39.306284][ T3609] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 39.329134][ T3609] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 39.541915][ T3544] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 39.721364][ T3599] Set syz1 is full, maxelem 65536 reached [ 39.807254][ T3544] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 39.861494][ T3666] netlink: 'syz.4.57': attribute type 1 has an invalid length. [ 39.869818][ T3666] netlink: 4 bytes leftover after parsing attributes in process `syz.4.57'. [ 39.881406][ T3666] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 39.897135][ T3666] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 39.929144][ T3544] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 40.005462][ T3679] loop4: detected capacity change from 0 to 1024 [ 40.019386][ T3544] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 40.033330][ T3544] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 40.037958][ T3679] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 40.048203][ T3544] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 40.066834][ T3544] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 40.087045][ T3679] ======================================================= [ 40.087045][ T3679] WARNING: The mand mount option has been deprecated and [ 40.087045][ T3679] and is ignored by this kernel. Remove the mand [ 40.087045][ T3679] option from the mount to silence this warning. [ 40.087045][ T3679] ======================================================= [ 40.171274][ T3679] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 40.268537][ T3691] program syz.4.63 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 40.333672][ T3695] netlink: 12 bytes leftover after parsing attributes in process `syz.2.65'. [ 40.376191][ T3695] vlan2: entered allmulticast mode [ 40.388837][ T3599] syz.0.50 (3599) used greatest stack depth: 10800 bytes left [ 40.453160][ T3701] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 40.457955][ T3697] team0 (unregistering): Port device team_slave_0 removed [ 40.482566][ T3701] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 40.492887][ T3697] team0 (unregistering): Port device team_slave_1 removed [ 40.642097][ T3697] syz.4.66 (3697) used greatest stack depth: 10704 bytes left [ 40.799253][ T3726] loop2: detected capacity change from 0 to 512 [ 40.816954][ T3726] EXT4-fs (loop2): orphan cleanup on readonly fs [ 40.833492][ T3726] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.75: bg 0: block 248: padding at end of block bitmap is not set [ 40.856763][ T3707] chnl_net:caif_netlink_parms(): no params data found [ 40.875241][ T3726] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.75: Failed to acquire dquot type 1 [ 40.898718][ T3733] netlink: 44 bytes leftover after parsing attributes in process `syz.1.77'. [ 40.907908][ T3733] netlink: 8 bytes leftover after parsing attributes in process `syz.1.77'. [ 40.909003][ T3726] EXT4-fs (loop2): 1 truncate cleaned up [ 40.928812][ T3726] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 40.957743][ T3726] EXT4-fs (loop2): warning: mounting fs with errors, running e2fsck is recommended [ 40.968197][ T3707] bridge0: port 1(bridge_slave_0) entered blocking state [ 40.975337][ T3707] bridge0: port 1(bridge_slave_0) entered disabled state [ 40.982595][ T3707] bridge_slave_0: entered allmulticast mode [ 40.986085][ T3726] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.75: Failed to acquire dquot type 1 [ 40.989492][ T3707] bridge_slave_0: entered promiscuous mode [ 41.006981][ T3707] bridge0: port 2(bridge_slave_1) entered blocking state [ 41.011317][ T3726] EXT4-fs warning (device loop2): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-28, ino=4). Please run e2fsck to fix. [ 41.014080][ T3707] bridge0: port 2(bridge_slave_1) entered disabled state [ 41.038401][ T3707] bridge_slave_1: entered allmulticast mode [ 41.045111][ T3707] bridge_slave_1: entered promiscuous mode [ 41.083472][ T3726] syz.2.75 (3726) used greatest stack depth: 9304 bytes left [ 41.100280][ T3749] netlink: 'syz.4.82': attribute type 1 has an invalid length. [ 41.120368][ T3707] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 41.130602][ T3749] veth1_macvtap: left promiscuous mode [ 41.136373][ T3307] EXT4-fs error (device loop2): ext4_lookup:1791: inode #2: comm syz-executor: deleted inode referenced: 12 [ 41.153320][ T3307] EXT4-fs error (device loop2): ext4_lookup:1791: inode #2: comm syz-executor: deleted inode referenced: 12 [ 41.157114][ T3707] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 41.214312][ T3707] team0: Port device team_slave_0 added [ 41.220949][ T3707] team0: Port device team_slave_1 added [ 41.238725][ T3707] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 41.245801][ T3707] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 41.271792][ T3707] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 41.287987][ T3707] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 41.295043][ T3707] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 41.321074][ T3707] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 41.348115][ T3707] hsr_slave_0: entered promiscuous mode [ 41.354579][ T3707] hsr_slave_1: entered promiscuous mode [ 41.360438][ T3707] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 41.368041][ T3707] Cannot create hsr debugfs directory [ 41.464020][ T3760] syzkaller0: entered promiscuous mode [ 41.469643][ T3760] syzkaller0: entered allmulticast mode [ 41.531162][ T3707] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 41.586870][ T3707] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 41.627147][ T3707] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 41.647918][ T3779] loop4: detected capacity change from 0 to 512 [ 41.665949][ T3779] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 41.679475][ T3779] ext4 filesystem being mounted at /34/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 41.692838][ T3779] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #2: comm +}[@: corrupted inode contents [ 41.704514][ T3779] EXT4-fs error (device loop4): ext4_dirty_inode:6459: inode #2: comm +}[@: mark_inode_dirty error [ 41.716244][ T3779] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #2: comm +}[@: corrupted inode contents [ 41.716916][ T3707] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 41.731556][ T3779] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #2: comm +}[@: corrupted inode contents [ 41.749468][ T3779] EXT4-fs error (device loop4): ext4_dirty_inode:6459: inode #2: comm +}[@: mark_inode_dirty error [ 41.760791][ T3779] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #2: comm +}[@: corrupted inode contents [ 41.773529][ T3779] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #2: comm +}[@: mark_inode_dirty error [ 41.794718][ T3779] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #2: comm +}[@: corrupted inode contents [ 41.802793][ T3707] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 41.814000][ T3779] EXT4-fs error (device loop4): ext4_dirty_inode:6459: inode #2: comm +}[@: mark_inode_dirty error [ 41.829774][ T3707] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 41.842592][ T3707] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 41.851865][ T3306] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 41.853123][ T3707] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 41.894960][ T3707] bridge0: port 2(bridge_slave_1) entered blocking state [ 41.902168][ T3707] bridge0: port 2(bridge_slave_1) entered forwarding state [ 41.951720][ T3707] 8021q: adding VLAN 0 to HW filter on device bond0 [ 41.962557][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 41.977274][ T3707] 8021q: adding VLAN 0 to HW filter on device team0 [ 41.991641][ T3799] syz.1.96 uses obsolete (PF_INET,SOCK_PACKET) [ 42.004203][ T3619] bridge0: port 1(bridge_slave_0) entered blocking state [ 42.011306][ T3619] bridge0: port 1(bridge_slave_0) entered forwarding state [ 42.021055][ T3619] bridge0: port 2(bridge_slave_1) entered blocking state [ 42.028242][ T3619] bridge0: port 2(bridge_slave_1) entered forwarding state [ 42.123611][ T3707] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 42.223338][ T3707] veth0_vlan: entered promiscuous mode [ 42.232021][ T3707] veth1_vlan: entered promiscuous mode [ 42.252357][ T3707] veth0_macvtap: entered promiscuous mode [ 42.271645][ T3707] veth1_macvtap: entered promiscuous mode [ 42.283588][ T29] kauditd_printk_skb: 159 callbacks suppressed [ 42.283606][ T29] audit: type=1400 audit(1751996369.073:274): avc: denied { setopt } for pid=3815 comm="syz.4.101" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 42.300534][ T3707] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 42.340420][ T3707] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 42.350903][ T3707] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 42.359755][ T3707] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 42.368575][ T3707] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 42.377372][ T3707] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 42.387912][ T3820] bridge0: port 2(bridge_slave_1) entered disabled state [ 42.395202][ T3820] bridge0: port 1(bridge_slave_0) entered disabled state [ 42.404879][ T3820] bridge0: entered allmulticast mode [ 42.416887][ T3820] bridge_slave_1: left allmulticast mode [ 42.422584][ T3820] bridge_slave_1: left promiscuous mode [ 42.428355][ T3820] bridge0: port 2(bridge_slave_1) entered disabled state [ 42.439471][ T3820] bridge_slave_0: left allmulticast mode [ 42.445332][ T3820] bridge_slave_0: left promiscuous mode [ 42.447757][ T29] audit: type=1326 audit(1751996369.243:275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3823 comm="syz.0.105" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd34cf2e929 code=0x7ffc0000 [ 42.451064][ T3820] bridge0: port 1(bridge_slave_0) entered disabled state [ 42.475586][ T29] audit: type=1326 audit(1751996369.243:276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3823 comm="syz.0.105" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd34cf2e929 code=0x7ffc0000 [ 42.510898][ T29] audit: type=1326 audit(1751996369.303:277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3823 comm="syz.0.105" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7fd34cf2e929 code=0x7ffc0000 [ 42.534418][ T29] audit: type=1326 audit(1751996369.303:278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3823 comm="syz.0.105" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd34cf2e929 code=0x7ffc0000 [ 42.545553][ T3827] loop4: detected capacity change from 0 to 1024 [ 42.558071][ T29] audit: type=1326 audit(1751996369.303:279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3823 comm="syz.0.105" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd34cf2e929 code=0x7ffc0000 [ 42.587749][ T29] audit: type=1326 audit(1751996369.303:280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3823 comm="syz.0.105" exe="/root/syz-executor" sig=0 arch=c000003e syscall=271 compat=0 ip=0x7fd34cf2e929 code=0x7ffc0000 [ 42.589493][ T3827] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 42.611095][ T29] audit: type=1326 audit(1751996369.303:281): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3823 comm="syz.0.105" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd34cf2e929 code=0x7ffc0000 [ 42.623527][ T3827] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 42.643140][ T29] audit: type=1326 audit(1751996369.303:282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3823 comm="syz.0.105" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd34cf2e929 code=0x7ffc0000 [ 42.643198][ T29] audit: type=1326 audit(1751996369.303:283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3823 comm="syz.0.105" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7fd34cf2e929 code=0x7ffc0000 [ 42.702634][ T3827] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 42.710988][ T3827] EXT4-fs (loop4): orphan cleanup on readonly fs [ 42.717923][ T3827] EXT4-fs error (device loop4): ext4_free_blocks:6587: comm syz.4.103: Freeing blocks not in datazone - block = 0, count = 4096 [ 42.733174][ T3827] EXT4-fs (loop4): Remounting filesystem read-only [ 42.740686][ T3827] EXT4-fs (loop4): 1 orphan inode deleted [ 42.747470][ T3827] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 42.854054][ T3835] __nla_validate_parse: 3 callbacks suppressed [ 42.854160][ T3835] netlink: 8 bytes leftover after parsing attributes in process `syz.0.107'. [ 42.875589][ T3306] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 43.071860][ T3847] bond1: entered promiscuous mode [ 43.076998][ T3847] bond1: entered allmulticast mode [ 43.089457][ T3847] 8021q: adding VLAN 0 to HW filter on device bond1 [ 43.101964][ T3847] bond1 (unregistering): Released all slaves [ 43.131996][ T3852] netlink: 'syz.3.114': attribute type 4 has an invalid length. [ 43.233399][ T3862] netlink: 12 bytes leftover after parsing attributes in process `syz.4.119'. [ 43.280806][ T3862] 8021q: adding VLAN 0 to HW filter on device bond2 [ 43.289019][ T3862] bond1: (slave bond2): Enslaving as an active interface with an up link [ 43.301216][ T3870] sch_tbf: burst 32855 is lower than device lo mtu (65550) ! [ 43.305148][ T3862] netlink: 4 bytes leftover after parsing attributes in process `syz.4.119'. [ 43.326290][ T3862] bond1 (unregistering): (slave bond2): Releasing backup interface [ 43.341301][ T3862] bond1 (unregistering): Released all slaves [ 43.351139][ T3872] sch_fq: defrate 0 ignored. [ 43.389142][ T3878] netlink: 4 bytes leftover after parsing attributes in process `syz.0.124'. [ 43.403278][ T3878] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 43.411761][ T3878] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 43.438644][ T3878] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 43.448191][ T3878] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 43.523348][ T3884] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 43.587733][ T3884] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 43.608061][ T3887] netlink: 4 bytes leftover after parsing attributes in process `syz.1.128'. [ 43.667060][ T3884] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 43.708281][ T3884] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 43.784661][ T3884] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 43.815953][ T3896] loop0: detected capacity change from 0 to 1024 [ 43.828084][ T3884] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 43.840768][ T3884] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 43.853512][ T3884] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 43.901651][ T3896] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 44.270758][ T3667] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 44.317907][ T3915] netlink: '¬í': attribute type 10 has an invalid length. [ 44.330568][ T3915] team0: Port device dummy0 added [ 44.340136][ T3915] netlink: '¬í': attribute type 10 has an invalid length. [ 44.348182][ T3915] team0: Failed to send port change of device dummy0 via netlink (err -105) [ 44.359554][ T3915] team0: Failed to send options change via netlink (err -105) [ 44.367713][ T3915] team0: Failed to send port change of device dummy0 via netlink (err -105) [ 44.379992][ T3305] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 44.389661][ T3915] team0: Port device dummy0 removed [ 44.400164][ T3915] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 44.410993][ T3667] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 44.465661][ T3667] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 44.525529][ T3667] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 44.672993][ T3667] bridge_slave_1: left allmulticast mode [ 44.673254][ T3927] netlink: 24 bytes leftover after parsing attributes in process `+}[@'. [ 44.678696][ T3667] bridge_slave_1: left promiscuous mode [ 44.693050][ T3667] bridge0: port 2(bridge_slave_1) entered disabled state [ 44.700755][ T3929] loop1: detected capacity change from 0 to 512 [ 44.715003][ T3929] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 44.733749][ T3938] Driver unsupported XDP return value 0 on prog (id 105) dev N/A, expect packet loss! [ 44.756437][ T3929] EXT4-fs (loop1): 1 truncate cleaned up [ 44.762714][ T3929] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 44.834597][ T3667] bridge_slave_0: left promiscuous mode [ 44.840399][ T3667] bridge0: port 1(bridge_slave_0) entered disabled state [ 44.877861][ T3310] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 44.931778][ T3944] xt_bpf: check failed: parse error [ 45.017065][ T3667] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 45.028852][ T3667] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 45.039163][ T3667] bond0 (unregistering): Released all slaves [ 45.128857][ T3667] IPVS: stopping backup sync thread 3496 ... [ 45.181068][ T3962] netlink: 12 bytes leftover after parsing attributes in process `syz.1.151'. [ 45.203190][ T3667] hsr_slave_0: left promiscuous mode [ 45.215131][ T3667] hsr_slave_1: left promiscuous mode [ 45.222111][ T3667] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 45.229767][ T3667] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 45.239183][ T3667] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 45.246703][ T3667] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 45.259220][ T3667] veth1_macvtap: left promiscuous mode [ 45.265016][ T3667] veth0_macvtap: left promiscuous mode [ 45.270680][ T3667] veth1_vlan: left promiscuous mode [ 45.277127][ T3667] veth0_vlan: left promiscuous mode [ 45.349576][ T3667] team0 (unregistering): Port device team_slave_1 removed [ 45.360430][ T3667] team0 (unregistering): Port device team_slave_0 removed [ 45.370440][ T3958] netlink: 8 bytes leftover after parsing attributes in process `syz.3.149'. [ 45.403233][ T3962] 8021q: adding VLAN 0 to HW filter on device bond1 [ 45.415192][ T3965] vlan2: entered allmulticast mode [ 45.420471][ T3965] bond1: entered allmulticast mode [ 45.437129][ T3914] chnl_net:caif_netlink_parms(): no params data found [ 45.493403][ T3914] bridge0: port 1(bridge_slave_0) entered blocking state [ 45.500609][ T3914] bridge0: port 1(bridge_slave_0) entered disabled state [ 45.532774][ T3914] bridge_slave_0: entered allmulticast mode [ 45.539728][ T3914] bridge_slave_0: entered promiscuous mode [ 45.548690][ T3914] bridge0: port 2(bridge_slave_1) entered blocking state [ 45.555959][ T3914] bridge0: port 2(bridge_slave_1) entered disabled state [ 45.563420][ T3914] bridge_slave_1: entered allmulticast mode [ 45.572101][ T3914] bridge_slave_1: entered promiscuous mode [ 45.594873][ T3972] loop1: detected capacity change from 0 to 128 [ 45.606779][ T3914] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 45.650043][ T3914] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 45.715285][ T3914] team0: Port device team_slave_0 added [ 45.739917][ T3914] team0: Port device team_slave_1 added [ 45.775393][ T3914] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 45.782408][ T3914] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 45.808537][ T3914] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 45.833790][ T3914] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 45.840947][ T3914] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 45.867002][ T3914] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 45.896080][ T3914] hsr_slave_0: entered promiscuous mode [ 45.902154][ T3914] hsr_slave_1: entered promiscuous mode [ 46.005258][ T3914] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 46.014203][ T3914] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 46.023044][ T3914] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 46.032412][ T3914] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 46.054838][ T3914] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.062072][ T3914] bridge0: port 2(bridge_slave_1) entered forwarding state [ 46.069500][ T3914] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.076662][ T3914] bridge0: port 1(bridge_slave_0) entered forwarding state [ 46.104203][ T3914] 8021q: adding VLAN 0 to HW filter on device bond0 [ 46.118700][ T51] bridge0: port 1(bridge_slave_0) entered disabled state [ 46.131686][ T51] bridge0: port 2(bridge_slave_1) entered disabled state [ 46.151951][ T3914] 8021q: adding VLAN 0 to HW filter on device team0 [ 46.167178][ T3667] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.174332][ T3667] bridge0: port 1(bridge_slave_0) entered forwarding state [ 46.199935][ T3914] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 46.210480][ T3914] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 46.224450][ T3667] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.231617][ T3667] bridge0: port 2(bridge_slave_1) entered forwarding state [ 46.297058][ T3914] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 46.330345][ T4027] netlink: 16 bytes leftover after parsing attributes in process `syz.1.169'. [ 46.348629][ T4027] netlink: 28 bytes leftover after parsing attributes in process `syz.1.169'. [ 46.425180][ T4038] vlan2: entered allmulticast mode [ 46.513084][ T3914] veth0_vlan: entered promiscuous mode [ 46.521693][ T3914] veth1_vlan: entered promiscuous mode [ 46.542060][ T3914] veth0_macvtap: entered promiscuous mode [ 46.550096][ T3914] veth1_macvtap: entered promiscuous mode [ 46.562699][ T3914] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 46.579860][ T3914] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 46.591450][ T4051] loop1: detected capacity change from 0 to 512 [ 46.608168][ T3914] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 46.617010][ T3914] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 46.622529][ T4051] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 46.625813][ T3914] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 46.635685][ T4051] EXT4-fs (loop1): couldn't mount as ext2 due to feature incompatibilities [ 46.644382][ T3914] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 46.733065][ T4060] @ÿ: renamed from bond_slave_0 (while UP) [ 46.782516][ T4066] loop4: detected capacity change from 0 to 764 [ 46.826047][ T4070] tipc: Started in network mode [ 46.831429][ T4070] tipc: Node identity ac14140f, cluster identity 4711 [ 46.841477][ T4070] tipc: New replicast peer: 255.255.255.255 [ 46.847960][ T4070] tipc: Enabled bearer , priority 10 [ 46.886017][ T4074] loop4: detected capacity change from 0 to 128 [ 47.231351][ T4074] syz.4.185: attempt to access beyond end of device [ 47.231351][ T4074] loop4: rw=2049, sector=137, nr_sectors = 8 limit=128 [ 47.284024][ T4074] syz.4.185: attempt to access beyond end of device [ 47.284024][ T4074] loop4: rw=2049, sector=153, nr_sectors = 8 limit=128 [ 47.311683][ T4074] syz.4.185: attempt to access beyond end of device [ 47.311683][ T4074] loop4: rw=2049, sector=169, nr_sectors = 8 limit=128 [ 47.326891][ T4074] syz.4.185: attempt to access beyond end of device [ 47.326891][ T4074] loop4: rw=2049, sector=185, nr_sectors = 8 limit=128 [ 47.349891][ T4074] syz.4.185: attempt to access beyond end of device [ 47.349891][ T4074] loop4: rw=2049, sector=201, nr_sectors = 8 limit=128 [ 47.379204][ T29] kauditd_printk_skb: 131 callbacks suppressed [ 47.379222][ T29] audit: type=1326 audit(1751996374.173:415): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4109 comm="syz.1.198" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc4454e929 code=0x7ffc0000 [ 47.385643][ T4074] syz.4.185: attempt to access beyond end of device [ 47.385643][ T4074] loop4: rw=2049, sector=217, nr_sectors = 8 limit=128 [ 47.438242][ T4074] syz.4.185: attempt to access beyond end of device [ 47.438242][ T4074] loop4: rw=2049, sector=233, nr_sectors = 8 limit=128 [ 47.441569][ T29] audit: type=1326 audit(1751996374.173:416): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4109 comm="syz.1.198" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc4454e929 code=0x7ffc0000 [ 47.462730][ T4074] syz.4.185: attempt to access beyond end of device [ 47.462730][ T4074] loop4: rw=2049, sector=249, nr_sectors = 8 limit=128 [ 47.474977][ T29] audit: type=1326 audit(1751996374.223:417): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4109 comm="syz.1.198" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbc4454e929 code=0x7ffc0000 [ 47.475005][ T29] audit: type=1326 audit(1751996374.223:418): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4109 comm="syz.1.198" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc4454e929 code=0x7ffc0000 [ 47.534931][ T29] audit: type=1326 audit(1751996374.223:419): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4109 comm="syz.1.198" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc4454e929 code=0x7ffc0000 [ 47.558325][ T29] audit: type=1326 audit(1751996374.223:420): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4109 comm="syz.1.198" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbc4454e929 code=0x7ffc0000 [ 47.575239][ T4074] syz.4.185: attempt to access beyond end of device [ 47.575239][ T4074] loop4: rw=2049, sector=265, nr_sectors = 8 limit=128 [ 47.581741][ T29] audit: type=1326 audit(1751996374.223:421): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4109 comm="syz.1.198" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc4454e929 code=0x7ffc0000 [ 47.618300][ T29] audit: type=1326 audit(1751996374.223:422): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4109 comm="syz.1.198" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc4454e929 code=0x7ffc0000 [ 47.627254][ T4074] syz.4.185: attempt to access beyond end of device [ 47.627254][ T4074] loop4: rw=2049, sector=281, nr_sectors = 8 limit=128 [ 47.641678][ T29] audit: type=1326 audit(1751996374.223:423): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4109 comm="syz.1.198" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7fbc4454e929 code=0x7ffc0000 [ 47.678379][ T29] audit: type=1326 audit(1751996374.223:424): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4109 comm="syz.1.198" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc4454e929 code=0x7ffc0000 [ 47.955582][ T4123] __nla_validate_parse: 5 callbacks suppressed [ 47.955600][ T4123] netlink: 8 bytes leftover after parsing attributes in process `syz.4.204'. [ 47.991531][ T36] tipc: Node number set to 2886997007 [ 47.994576][ T4123] IPVS: Error joining to the multicast group [ 48.102686][ T4132] capability: warning: `syz.3.208' uses 32-bit capabilities (legacy support in use) [ 48.184434][ T4138] loop3: detected capacity change from 0 to 128 [ 48.233690][ T4140] wg2: entered promiscuous mode [ 48.238751][ T4140] wg2: entered allmulticast mode [ 48.285780][ T4143] loop3: detected capacity change from 0 to 512 [ 48.358408][ T4143] EXT4-fs (loop3): 1 orphan inode deleted [ 48.379387][ T4143] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 48.392166][ T3667] EXT4-fs error (device loop3): ext4_release_dquot:6969: comm kworker/u8:57: Failed to release dquot type 1 [ 48.407121][ T4143] ext4 filesystem being mounted at /36/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 48.435027][ T4153] hub 9-0:1.0: USB hub found [ 48.441378][ T4143] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 48.444349][ T4153] hub 9-0:1.0: 8 ports detected [ 48.529045][ T4162] loop0: detected capacity change from 0 to 128 [ 48.558266][ T4162] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 48.587076][ T4162] ext4 filesystem being mounted at /37/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 48.720856][ T3305] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 49.202594][ T4179] netlink: 8 bytes leftover after parsing attributes in process `syz.3.224'. [ 49.233872][ T4179] netlink: 4 bytes leftover after parsing attributes in process `syz.3.224'. [ 49.265962][ T4181] loop5: detected capacity change from 0 to 2048 [ 49.267524][ T4183] IPv4: Oversized IP packet from 127.202.26.0 [ 49.300773][ T4181] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 49.622810][ T4207] netlink: 'syz.0.236': attribute type 2 has an invalid length. [ 49.630640][ T4207] netlink: 'syz.0.236': attribute type 1 has an invalid length. [ 49.638465][ T4207] netlink: 212408 bytes leftover after parsing attributes in process `syz.0.236'. [ 49.650619][ T4209] loop4: detected capacity change from 0 to 164 [ 49.662778][ T4209] process 'syz.4.235' launched '/dev/fd/3' with NULL argv: empty string added [ 49.838496][ T4223] pim6reg1: entered promiscuous mode [ 49.844007][ T4223] pim6reg1: entered allmulticast mode [ 50.208978][ T3914] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 50.298842][ T4230] Zero length message leads to an empty skb [ 50.501617][ T4239] netlink: 4 bytes leftover after parsing attributes in process `syz.3.250'. [ 50.644413][ T4251] capability: warning: `syz.1.254' uses deprecated v2 capabilities in a way that may be insecure [ 50.750120][ T4257] ªªªªªª: renamed from vlan0 (while UP) [ 50.973613][ T4265] veth0_vlan: entered allmulticast mode [ 51.037455][ T4265] veth0_vlan: left promiscuous mode [ 51.062248][ T4265] veth0_vlan: entered promiscuous mode [ 51.067108][ T4269] loop4: detected capacity change from 0 to 1024 [ 51.097444][ T4269] EXT4-fs: Ignoring removed orlov option [ 51.117098][ T4269] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 51.540284][ T3306] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 51.592704][ T4292] netlink: 'syz.4.267': attribute type 10 has an invalid length. [ 52.391707][ T29] kauditd_printk_skb: 332 callbacks suppressed [ 52.391734][ T29] audit: type=1326 audit(1751996379.183:756): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4314 comm=77DEA305FF07 exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f9fc5f858e7 code=0x7ffc0000 [ 52.460542][ T4346] netem: change failed [ 52.466652][ T29] audit: type=1326 audit(1751996379.183:757): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4314 comm=77DEA305FF07 exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f9fc5f2ab19 code=0x7ffc0000 [ 52.490121][ T29] audit: type=1326 audit(1751996379.183:758): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4314 comm=77DEA305FF07 exe="/root/syz-executor" sig=0 arch=c000003e syscall=299 compat=0 ip=0x7f9fc5f8e929 code=0x7ffc0000 [ 52.513581][ T29] audit: type=1326 audit(1751996379.193:759): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4314 comm=77DEA305FF07 exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f9fc5f858e7 code=0x7ffc0000 [ 52.537165][ T29] audit: type=1326 audit(1751996379.193:760): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4314 comm=77DEA305FF07 exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f9fc5f2ab19 code=0x7ffc0000 [ 52.560473][ T29] audit: type=1326 audit(1751996379.193:761): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4314 comm=77DEA305FF07 exe="/root/syz-executor" sig=0 arch=c000003e syscall=299 compat=0 ip=0x7f9fc5f8e929 code=0x7ffc0000 [ 52.584011][ T29] audit: type=1326 audit(1751996379.193:762): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4314 comm=77DEA305FF07 exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f9fc5f858e7 code=0x7ffc0000 [ 52.607354][ T29] audit: type=1326 audit(1751996379.193:763): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4314 comm=77DEA305FF07 exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f9fc5f2ab19 code=0x7ffc0000 [ 52.630745][ T29] audit: type=1326 audit(1751996379.193:764): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4314 comm=77DEA305FF07 exe="/root/syz-executor" sig=0 arch=c000003e syscall=299 compat=0 ip=0x7f9fc5f8e929 code=0x7ffc0000 [ 52.654254][ T29] audit: type=1326 audit(1751996379.223:765): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4314 comm=77DEA305FF07 exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f9fc5f858e7 code=0x7ffc0000 [ 52.734373][ T4355] netlink: 'syz.5.294': attribute type 10 has an invalid length. [ 52.746697][ T4355] team0: Port device dummy0 added [ 52.758766][ T4355] netlink: 'syz.5.294': attribute type 10 has an invalid length. [ 52.768540][ T4355] team0: Failed to send port change of device dummy0 via netlink (err -105) [ 52.790274][ T4355] team0: Failed to send options change via netlink (err -105) [ 52.800104][ T4355] team0: Failed to send port change of device dummy0 via netlink (err -105) [ 52.830140][ T4355] team0: Port device dummy0 removed [ 52.855591][ T4355] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 53.224961][ T4371] syzkaller0: entered allmulticast mode [ 53.241008][ T4371] syzkaller0: entered promiscuous mode [ 53.265975][ T4371] syzkaller0 (unregistering): left allmulticast mode [ 53.272763][ T4371] syzkaller0 (unregistering): left promiscuous mode [ 53.449717][ T4381] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 53.529861][ T4383] bridge0: port 2(bridge_slave_1) entered disabled state [ 53.537146][ T4383] bridge0: port 1(bridge_slave_0) entered disabled state [ 53.589535][ T4387] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 53.626621][ T4387] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 53.639060][ T4383] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 53.648755][ T4378] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported [ 53.668183][ T4383] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 53.698058][ T4387] netlink: 'syz.4.306': attribute type 1 has an invalid length. [ 53.729592][ T4383] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 53.738900][ T4383] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 53.747970][ T4383] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 53.756985][ T4383] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 53.799688][ T4389] tipc: New replicast peer: 255.255.255.83 [ 53.805835][ T4389] tipc: Enabled bearer , priority 10 [ 53.888692][ T4394] netlink: 96 bytes leftover after parsing attributes in process `syz.3.308'. [ 54.709392][ T4417] loop4: detected capacity change from 0 to 512 [ 54.852789][ T4417] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 54.896229][ T4417] EXT4-fs (loop4): 1 truncate cleaned up [ 54.902250][ T4417] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 55.017530][ T3306] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 55.066413][ T4435] loop4: detected capacity change from 0 to 512 [ 55.081909][ T4436] netlink: 8 bytes leftover after parsing attributes in process `syz.3.324'. [ 55.090879][ T4436] netlink: 8 bytes leftover after parsing attributes in process `syz.3.324'. [ 55.106238][ T4435] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 55.124015][ T4435] ext4 filesystem being mounted at /76/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 55.222553][ T3306] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 55.967799][ T4449] Set syz1 is full, maxelem 65536 reached [ 56.215521][ T4471] netlink: 'syz.5.339': attribute type 10 has an invalid length. [ 56.235490][ T4471] bond0: (slave dummy0): Releasing backup interface [ 56.254051][ T4464] xt_CT: No such helper "pptp" [ 56.259376][ T4471] team0: Failed to send options change via netlink (err -105) [ 56.266920][ T4471] team0: Port device dummy0 added [ 56.284397][ T4475] netlink: 'syz.5.339': attribute type 10 has an invalid length. [ 56.294473][ T4475] team0: Failed to send port change of device dummy0 via netlink (err -105) [ 56.316591][ T4475] team0: Failed to send options change via netlink (err -105) [ 56.336034][ T4475] team0: Failed to send port change of device dummy0 via netlink (err -105) [ 56.354360][ T4475] team0: Port device dummy0 removed [ 56.368182][ T4475] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 56.403658][ T4477] pim6reg1: entered promiscuous mode [ 56.409215][ T4477] pim6reg1: entered allmulticast mode [ 56.516422][ T10] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 56.538250][ T10] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 56.545749][ T10] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 56.553280][ T10] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 56.560822][ T10] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 56.568253][ T10] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 56.575749][ T10] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 56.583194][ T10] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 56.590660][ T10] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 56.598137][ T10] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 56.605640][ T10] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 56.610458][ T4494] netlink: 164 bytes leftover after parsing attributes in process `syz.3.347'. [ 56.613046][ T10] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 56.661114][ T10] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 56.668627][ T10] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 56.676182][ T10] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 56.683603][ T10] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 56.691111][ T10] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 56.698536][ T10] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 56.705972][ T10] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 56.713389][ T10] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 56.721015][ T10] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 56.728474][ T10] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 56.736008][ T10] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 56.743487][ T10] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 56.750917][ T10] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 56.758462][ T10] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 56.898589][ T4501] netlink: 'syz.0.349': attribute type 12 has an invalid length. [ 56.998720][ T10] hid-generic 0000:0000:0000.0001: hidraw0: HID v8.00 Device [syz1] on syz0 [ 57.051221][ T4515] fido_id[4515]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 57.102695][ T4517] netlink: 8 bytes leftover after parsing attributes in process `syz.4.350'. [ 57.205574][ T4482] Set syz1 is full, maxelem 65536 reached [ 57.243706][ T4526] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 57.266089][ T4526] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 57.293562][ T4529] loop3: detected capacity change from 0 to 2048 [ 57.397605][ T4529] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 57.575181][ T4547] netlink: 8 bytes leftover after parsing attributes in process `syz.5.358'. [ 57.584139][ T4547] IPVS: Error joining to the multicast group [ 57.632545][ T3707] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 57.646199][ T29] kauditd_printk_skb: 112 callbacks suppressed [ 57.646216][ T29] audit: type=1326 audit(1751996384.443:878): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4551 comm="syz.5.361" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fc5f8e929 code=0x7ffc0000 [ 57.676007][ T29] audit: type=1326 audit(1751996384.443:879): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4551 comm="syz.5.361" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fc5f8e929 code=0x7ffc0000 [ 57.713854][ T29] audit: type=1326 audit(1751996384.483:880): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4551 comm="syz.5.361" exe="/root/syz-executor" sig=0 arch=c000003e syscall=430 compat=0 ip=0x7f9fc5f8e929 code=0x7ffc0000 [ 57.737390][ T29] audit: type=1326 audit(1751996384.483:881): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4551 comm="syz.5.361" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fc5f8e929 code=0x7ffc0000 [ 57.760782][ T29] audit: type=1326 audit(1751996384.483:882): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4551 comm="syz.5.361" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fc5f8e929 code=0x7ffc0000 [ 57.784141][ T29] audit: type=1326 audit(1751996384.483:883): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4551 comm="syz.5.361" exe="/root/syz-executor" sig=0 arch=c000003e syscall=431 compat=0 ip=0x7f9fc5f8e929 code=0x7ffc0000 [ 57.807509][ T29] audit: type=1326 audit(1751996384.483:884): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4551 comm="syz.5.361" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fc5f8e929 code=0x7ffc0000 [ 57.830859][ T29] audit: type=1326 audit(1751996384.483:885): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4551 comm="syz.5.361" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fc5f8e929 code=0x7ffc0000 [ 57.854176][ T29] audit: type=1326 audit(1751996384.483:886): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4551 comm="syz.5.361" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9fc5f8e929 code=0x7ffc0000 [ 57.877449][ T29] audit: type=1326 audit(1751996384.483:887): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4551 comm="syz.5.361" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fc5f8e929 code=0x7ffc0000 [ 58.038604][ T4564] loop5: detected capacity change from 0 to 8192 [ 58.094487][ T3298] loop5: p1 p2[DM] p4 [ 58.101973][ T3298] loop5: p1 size 196608 extends beyond EOD, truncated [ 58.121855][ T3298] loop5: p2 start 4292936063 is beyond EOD, truncated [ 58.128867][ T3298] loop5: p4 size 50331648 extends beyond EOD, truncated [ 58.158995][ T4564] loop5: p1 p2[DM] p4 [ 58.163204][ T4564] loop5: p1 size 196608 extends beyond EOD, truncated [ 58.173971][ T4564] loop5: p2 start 4292936063 is beyond EOD, truncated [ 58.180839][ T4564] loop5: p4 size 50331648 extends beyond EOD, truncated [ 58.220573][ T4580] pim6reg1: entered promiscuous mode [ 58.226050][ T4580] pim6reg1: entered allmulticast mode [ 58.869295][ T4608] wireguard0: entered promiscuous mode [ 58.874962][ T4608] wireguard0: entered allmulticast mode [ 58.901688][ T4613] netlink: 96 bytes leftover after parsing attributes in process `syz.3.386'. [ 59.058866][ T4626] netlink: 'syz.0.391': attribute type 4 has an invalid length. [ 59.114446][ T4630] netlink: 'syz.0.391': attribute type 4 has an invalid length. [ 59.140732][ T4621] syzkaller0: entered promiscuous mode [ 59.146386][ T4621] syzkaller0: entered allmulticast mode [ 59.282642][ T4638] loop0: detected capacity change from 0 to 1024 [ 59.304997][ T4638] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.396: Failed to acquire dquot type 0 [ 59.333910][ T4638] EXT4-fs error (device loop0): mb_free_blocks:1948: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt. [ 59.415260][ T4638] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #13: comm syz.0.396: corrupted inode contents [ 59.433578][ T4617] syzkaller1: entered promiscuous mode [ 59.439254][ T4617] syzkaller1: entered allmulticast mode [ 59.451137][ T4638] EXT4-fs error (device loop0): ext4_dirty_inode:6459: inode #13: comm syz.0.396: mark_inode_dirty error [ 59.463405][ T4638] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #13: comm syz.0.396: corrupted inode contents [ 59.478575][ T4638] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #13: comm syz.0.396: mark_inode_dirty error [ 59.508453][ T4645] netlink: 'syz.5.398': attribute type 21 has an invalid length. [ 59.517957][ T4638] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #13: comm syz.0.396: corrupted inode contents [ 59.574019][ T4638] EXT4-fs error (device loop0) in ext4_orphan_del:305: Corrupt filesystem [ 59.593705][ T4638] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #13: comm syz.0.396: corrupted inode contents [ 59.639520][ T4638] EXT4-fs error (device loop0): ext4_truncate:4597: inode #13: comm syz.0.396: mark_inode_dirty error [ 59.659931][ T4600] GPL invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=1000 [ 59.673602][ T4600] CPU: 1 UID: 0 PID: 4600 Comm: GPL Not tainted 6.16.0-rc5-syzkaller-00025-gd006330be3f7 #0 PREEMPT(voluntary) [ 59.673638][ T4600] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 59.673657][ T4600] Call Trace: [ 59.673664][ T4600] [ 59.673671][ T4600] __dump_stack+0x1d/0x30 [ 59.673697][ T4600] dump_stack_lvl+0xe8/0x140 [ 59.673743][ T4600] dump_stack+0x15/0x1b [ 59.673765][ T4600] dump_header+0x81/0x220 [ 59.673809][ T4600] oom_kill_process+0x334/0x3f0 [ 59.673909][ T4600] out_of_memory+0x979/0xb80 [ 59.673947][ T4600] try_charge_memcg+0x5e6/0x9e0 [ 59.674066][ T4600] obj_cgroup_charge_pages+0xa6/0x150 [ 59.674097][ T4600] __memcg_kmem_charge_page+0x9f/0x170 [ 59.674132][ T4600] __alloc_frozen_pages_noprof+0x188/0x360 [ 59.674188][ T4600] alloc_pages_mpol+0xb3/0x250 [ 59.674228][ T4600] alloc_pages_noprof+0x90/0x130 [ 59.674261][ T4600] __vmalloc_node_range_noprof+0x6f2/0xe00 [ 59.674372][ T4600] __kvmalloc_node_noprof+0x30f/0x4e0 [ 59.674498][ T4600] ? ip_set_alloc+0x1f/0x30 [ 59.674533][ T4600] ? ip_set_alloc+0x1f/0x30 [ 59.674562][ T4600] ? __kmalloc_cache_noprof+0x189/0x320 [ 59.674669][ T4600] ip_set_alloc+0x1f/0x30 [ 59.674705][ T4600] hash_netiface_create+0x282/0x740 [ 59.674754][ T4600] ? __pfx_hash_netiface_create+0x10/0x10 [ 59.674788][ T4600] ip_set_create+0x3c9/0x960 [ 59.674901][ T4600] ? __nla_parse+0x40/0x60 [ 59.675000][ T4600] nfnetlink_rcv_msg+0x4c3/0x590 [ 59.675102][ T4600] ? selinux_capable+0x1f9/0x270 [ 59.675143][ T4600] netlink_rcv_skb+0x120/0x220 [ 59.675246][ T4600] ? __pfx_nfnetlink_rcv_msg+0x10/0x10 [ 59.675286][ T4600] nfnetlink_rcv+0x16b/0x1690 [ 59.675314][ T4600] ? __folio_put+0x11e/0x150 [ 59.675403][ T4600] ? bpf_check+0xbe55/0xced0 [ 59.675463][ T4600] ? do_jit+0x7d43/0x7f70 [ 59.675497][ T4600] ? xas_load+0x413/0x430 [ 59.675577][ T4600] ? __rcu_read_unlock+0x4f/0x70 [ 59.675600][ T4600] ? xa_load+0xb1/0xe0 [ 59.675617][ T4600] ? should_fail_ex+0x30/0x280 [ 59.675668][ T4600] ? selinux_nlmsg_lookup+0x99/0x890 [ 59.675703][ T4600] ? selinux_netlink_send+0x59f/0x5f0 [ 59.675741][ T4600] ? __rcu_read_unlock+0x34/0x70 [ 59.675789][ T4600] ? __netlink_lookup+0x266/0x2a0 [ 59.675812][ T4600] netlink_unicast+0x59e/0x670 [ 59.675926][ T4600] netlink_sendmsg+0x58b/0x6b0 [ 59.675965][ T4600] ? __pfx_netlink_sendmsg+0x10/0x10 [ 59.676054][ T4600] __sock_sendmsg+0x142/0x180 [ 59.676080][ T4600] ____sys_sendmsg+0x31e/0x4e0 [ 59.676118][ T4600] ___sys_sendmsg+0x17b/0x1d0 [ 59.676261][ T4600] __x64_sys_sendmsg+0xd4/0x160 [ 59.676301][ T4600] x64_sys_call+0x2999/0x2fb0 [ 59.676324][ T4600] do_syscall_64+0xd2/0x200 [ 59.676360][ T4600] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 59.676395][ T4600] ? clear_bhb_loop+0x40/0x90 [ 59.676419][ T4600] ? clear_bhb_loop+0x40/0x90 [ 59.676442][ T4600] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 59.676478][ T4600] RIP: 0033:0x7fbc4454e929 [ 59.676568][ T4600] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 59.676588][ T4600] RSP: 002b:00007fbc42bb7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 59.676608][ T4600] RAX: ffffffffffffffda RBX: 00007fbc44775fa0 RCX: 00007fbc4454e929 [ 59.676621][ T4600] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000006 [ 59.676634][ T4600] RBP: 00007fbc445d0b39 R08: 0000000000000000 R09: 0000000000000000 [ 59.676704][ T4600] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 59.676716][ T4600] R13: 0000000000000000 R14: 00007fbc44775fa0 R15: 00007ffe222f91f8 [ 59.676740][ T4600] [ 60.030013][ T4600] memory: usage 307200kB, limit 307200kB, failcnt 250 [ 60.037290][ T4600] memory+swap: usage 307396kB, limit 9007199254740988kB, failcnt 0 [ 60.045243][ T4600] kmem: usage 307196kB, limit 9007199254740988kB, failcnt 0 [ 60.052631][ T4600] Memory cgroup stats for /syz1: [ 60.052819][ T4600] cache 0 [ 60.060769][ T4600] rss 0 [ 60.061369][ T4638] EXT4-fs error (device loop0) in ext4_process_orphan:347: Corrupt filesystem [ 60.063539][ T4600] shmem 0 [ 60.063550][ T4600] mapped_file 0 [ 60.073547][ T4638] EXT4-fs (loop0): 1 truncate cleaned up [ 60.075442][ T4600] dirty 0 [ 60.075452][ T4600] writeback 0 [ 60.079552][ T4638] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 60.084710][ T4600] workingset_refault_anon 33 [ 60.108149][ T4600] workingset_refault_file 149 [ 60.112874][ T4600] swap 200704 [ 60.116233][ T4600] swapcached 4096 [ 60.119888][ T4600] pgpgin 25641 [ 60.123386][ T4600] pgpgout 25640 [ 60.126884][ T4600] pgfault 24017 [ 60.130367][ T4600] pgmajfault 19 [ 60.133891][ T4600] inactive_anon 0 [ 60.137595][ T4600] active_anon 0 [ 60.141155][ T4600] inactive_file 0 [ 60.144836][ T4600] active_file 0 [ 60.148310][ T4600] unevictable 0 [ 60.151791][ T4600] hierarchical_memory_limit 314572800 [ 60.157287][ T4600] hierarchical_memsw_limit 9223372036854771712 [ 60.163512][ T4600] total_cache 0 [ 60.167077][ T4600] total_rss 0 [ 60.170380][ T4600] total_shmem 0 [ 60.173859][ T4600] total_mapped_file 0 [ 60.177917][ T4600] total_dirty 0 [ 60.181472][ T4600] total_writeback 0 [ 60.185368][ T4600] total_workingset_refault_anon 33 [ 60.190503][ T4600] total_workingset_refault_file 149 [ 60.195785][ T4600] total_swap 200704 [ 60.199651][ T4600] total_swapcached 4096 [ 60.203835][ T4600] total_pgpgin 25641 [ 60.207971][ T4600] total_pgpgout 25640 [ 60.211990][ T4600] total_pgfault 24017 [ 60.216029][ T4600] total_pgmajfault 19 [ 60.220097][ T4600] total_inactive_anon 0 [ 60.224303][ T4600] total_active_anon 0 [ 60.228465][ T4600] total_inactive_file 0 [ 60.232649][ T4600] total_active_file 0 [ 60.236724][ T4600] total_unevictable 0 [ 60.240774][ T4600] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz1,task_memcg=/syz1,task=syz.1.381,pid=4599,uid=0 [ 60.255453][ T4600] Memory cgroup out of memory: Killed process 4599 (syz.1.381) total-vm:95804kB, anon-rss:1068kB, file-rss:22056kB, shmem-rss:0kB, UID:0 pgtables:120kB oom_score_adj:1000 [ 60.316538][ T3305] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 60.572793][ T4674] TCP: out of memory -- consider tuning tcp_mem [ 60.611113][ T4600] GPL (4600) used greatest stack depth: 6952 bytes left [ 60.664707][ T4676] netlink: 4 bytes leftover after parsing attributes in process `syz.4.409'. [ 60.712229][ T4683] netlink: 'syz.3.412': attribute type 4 has an invalid length. [ 60.742226][ T4683] netlink: 'syz.3.412': attribute type 4 has an invalid length. [ 60.948567][ T4693] loop4: detected capacity change from 0 to 2048 [ 61.027892][ T4693] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 61.101063][ T4692] syzkaller1: entered promiscuous mode [ 61.106664][ T4692] syzkaller1: entered allmulticast mode [ 61.156652][ T4689] xt_CT: No such helper "pptp" [ 61.445775][ T3306] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 61.461303][ T4702] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 61.478043][ T4702] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 61.613222][ T4705] netlink: 8 bytes leftover after parsing attributes in process `syz.3.418'. [ 61.624465][ T4706] netlink: 'syz.4.419': attribute type 12 has an invalid length. [ 61.662519][ T3401] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 61.670150][ T3401] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 61.677636][ T3401] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 61.685186][ T3401] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 61.692797][ T3401] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 61.700381][ T3401] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 61.707890][ T3401] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 61.715375][ T3401] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 61.722815][ T3401] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 61.730330][ T3401] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 61.737781][ T3401] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 61.745219][ T3401] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 61.755019][ T3401] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 61.762565][ T3401] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 61.770105][ T3401] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 61.777585][ T3401] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 61.785047][ T3401] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 61.792523][ T3401] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 61.800050][ T3401] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 61.807495][ T3401] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 61.815029][ T3401] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 61.822454][ T3401] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 61.829918][ T3401] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 61.837373][ T3401] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 61.844882][ T3401] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 61.852311][ T3401] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 61.860485][ T3401] hid-generic 0000:0000:0000.0002: hidraw0: HID v8.00 Device [syz1] on syz0 [ 61.903608][ T4717] fido_id[4717]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 62.008133][ T4714] syzkaller1: entered promiscuous mode [ 62.013754][ T4714] syzkaller1: entered allmulticast mode [ 62.332803][ T4737] netlink: 4 bytes leftover after parsing attributes in process `syz.1.428'. [ 62.430698][ T4733] netlink: 'syz.5.426': attribute type 4 has an invalid length. [ 62.465300][ T4739] netlink: 'syz.5.426': attribute type 4 has an invalid length. [ 62.604643][ T4721] Set syz1 is full, maxelem 65536 reached [ 62.730133][ T29] kauditd_printk_skb: 84 callbacks suppressed [ 62.730152][ T29] audit: type=1326 audit(1751996389.523:970): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4755 comm="syz.1.435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc4454e929 code=0x7ffc0000 [ 62.807627][ T29] audit: type=1326 audit(1751996389.523:971): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4755 comm="syz.1.435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc4454e929 code=0x7ffc0000 [ 62.831100][ T29] audit: type=1326 audit(1751996389.523:972): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4755 comm="syz.1.435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbc4454e929 code=0x7ffc0000 [ 62.854519][ T29] audit: type=1326 audit(1751996389.523:973): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4755 comm="syz.1.435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc4454e929 code=0x7ffc0000 [ 62.877808][ T29] audit: type=1326 audit(1751996389.523:974): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4755 comm="syz.1.435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc4454e929 code=0x7ffc0000 [ 62.901450][ T29] audit: type=1326 audit(1751996389.523:975): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4755 comm="syz.1.435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbc4454e929 code=0x7ffc0000 [ 62.924753][ T29] audit: type=1326 audit(1751996389.523:976): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4755 comm="syz.1.435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc4454e929 code=0x7ffc0000 [ 62.948271][ T29] audit: type=1326 audit(1751996389.523:977): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4755 comm="syz.1.435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc4454e929 code=0x7ffc0000 [ 62.971591][ T29] audit: type=1326 audit(1751996389.523:978): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4755 comm="syz.1.435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbc4454e929 code=0x7ffc0000 [ 62.994881][ T29] audit: type=1326 audit(1751996389.533:979): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4755 comm="syz.1.435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc4454e929 code=0x7ffc0000 [ 63.017403][ T4752] xt_CT: No such helper "pptp" [ 63.464436][ T4775] loop4: detected capacity change from 0 to 512 [ 63.476692][ T4775] EXT4-fs (loop4): too many log groups per flexible block group [ 63.484547][ T4775] EXT4-fs (loop4): failed to initialize mballoc (-12) [ 63.492268][ T4775] EXT4-fs (loop4): mount failed [ 63.523014][ T4780] netlink: 'syz.0.440': attribute type 10 has an invalid length. [ 63.581376][ T4785] netlink: 'syz.0.440': attribute type 10 has an invalid length. [ 63.614734][ T4780] team0: Port device dummy0 added [ 63.644500][ T4785] team0: Failed to send port change of device dummy0 via netlink (err -105) [ 63.673021][ T4785] team0: Failed to send options change via netlink (err -105) [ 63.691724][ T4791] netlink: 'syz.4.443': attribute type 4 has an invalid length. [ 63.700343][ T4785] team0: Failed to send port change of device dummy0 via netlink (err -105) [ 63.710975][ T4785] team0: Port device dummy0 removed [ 63.719872][ T4785] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 63.744112][ T4788] netlink: 'syz.4.443': attribute type 4 has an invalid length. [ 63.985229][ T4808] loop4: detected capacity change from 0 to 128 [ 64.059771][ T4808] bio_check_eod: 107 callbacks suppressed [ 64.059788][ T4808] syz.4.452: attempt to access beyond end of device [ 64.059788][ T4808] loop4: rw=0, sector=121, nr_sectors = 920 limit=128 [ 64.274478][ T4827] loop5: detected capacity change from 0 to 2048 [ 64.310528][ T4827] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 64.359875][ T4841] netlink: 'syz.0.465': attribute type 1 has an invalid length. [ 64.367809][ T4841] netlink: 161700 bytes leftover after parsing attributes in process `syz.0.465'. [ 64.528160][ T3914] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 64.565533][ T4855] loop5: detected capacity change from 0 to 1024 [ 64.581850][ T4855] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 64.591694][ T4855] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (42152!=20869) [ 64.626913][ T4855] EXT4-fs (loop5): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 64.627070][ T4853] loop0: detected capacity change from 0 to 8192 [ 64.643419][ T4855] EXT4-fs error (device loop5): ext4_get_journal_inode:5796: inode #5: comm syz.5.472: unexpected bad inode w/o EXT4_IGET_BAD [ 64.666484][ T4857] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 64.683893][ T4855] EXT4-fs (loop5): no journal found [ 64.689223][ T4855] EXT4-fs (loop5): can't get journal size [ 64.696333][ T4855] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 64.907069][ T4868] loop0: detected capacity change from 0 to 512 [ 64.928589][ T4868] EXT4-fs error (device loop0): ext4_iget_extra_inode:5035: inode #15: comm syz.0.478: corrupted in-inode xattr: invalid ea_ino [ 64.962341][ T3914] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 65.002152][ T4868] EXT4-fs error (device loop0): ext4_orphan_get:1398: comm syz.0.478: couldn't read orphan inode 15 (err -117) [ 65.014773][ T4868] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 65.064413][ T4882] loop3: detected capacity change from 0 to 1024 [ 65.073205][ T4882] EXT4-fs: Ignoring removed nobh option [ 65.075334][ T4880] loop5: detected capacity change from 0 to 2048 [ 65.079953][ T4882] EXT4-fs: Ignoring removed bh option [ 65.093374][ T4868] Invalid ELF header magic: != ELF [ 65.100306][ T4882] EXT4-fs (loop3): stripe (32769) is not aligned with cluster size (16), stripe is disabled [ 65.127580][ T4882] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 65.143821][ T3305] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 65.154403][ T4880] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 65.168251][ T4882] netlink: 4 bytes leftover after parsing attributes in process `syz.3.484'. [ 65.180708][ T4880] EXT4-fs error (device loop5): ext4_find_extent:939: inode #2: comm syz.5.483: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4) [ 65.203976][ T4880] EXT4-fs (loop5): Remounting filesystem read-only [ 65.210708][ T4882] veth1_macvtap: left promiscuous mode [ 65.218124][ T4880] xt_hashlimit: max too large, truncated to 1048576 [ 65.291110][ T3914] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 65.300980][ T3707] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 65.358810][ T4896] netlink: 76 bytes leftover after parsing attributes in process `syz.5.488'. [ 65.935616][ T4903] : renamed from bond0 (while UP) [ 65.987919][ T4912] netlink: 'syz.0.494': attribute type 4 has an invalid length. [ 66.006153][ T4912] netlink: 'syz.0.494': attribute type 4 has an invalid length. [ 66.008576][ T4911] loop5: detected capacity change from 0 to 1024 [ 66.060266][ T4911] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 66.109609][ T4911] ext4 filesystem being mounted at /60/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 66.147689][ T4921] netlink: 24 bytes leftover after parsing attributes in process `syz.1.498'. [ 66.156691][ T4921] netlink: 212 bytes leftover after parsing attributes in process `syz.1.498'. [ 66.200400][ T4923] sg_write: process 252 (syz.4.499) changed security contexts after opening file descriptor, this is not allowed. [ 66.222699][ T4911] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters [ 66.268704][ T4911] EXT4-fs (loop5): Remounting filesystem read-only [ 66.297133][ T4932] netlink: 4 bytes leftover after parsing attributes in process `syz.4.503'. [ 66.322981][ T3914] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 66.333818][ T4932] netlink: 4 bytes leftover after parsing attributes in process `syz.4.503'. [ 66.487653][ T4945] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 66.539252][ T4945] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 66.563256][ T4952] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4952 comm=syz.0.513 [ 66.590877][ T4949] loop5: detected capacity change from 0 to 1024 [ 66.620107][ T4949] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 66.635546][ T4945] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 66.650918][ T4949] EXT4-fs (loop5): revision level too high, forcing read-only mode [ 66.662156][ T4958] loop3: detected capacity change from 0 to 512 [ 66.666968][ T4949] EXT4-fs (loop5): orphan cleanup on readonly fs [ 66.690559][ T4958] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 66.703405][ T4945] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 66.705523][ T4949] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.511: bg 0: block 10: padding at end of block bitmap is not set [ 66.732329][ T4949] EXT4-fs error (device loop5): ext4_acquire_dquot:6933: comm syz.5.511: Failed to acquire dquot type 0 [ 66.748355][ T4949] EXT4-fs error (device loop5): ext4_acquire_dquot:6933: comm syz.5.511: Failed to acquire dquot type 0 [ 66.759399][ T4958] EXT4-fs (loop3): 1 truncate cleaned up [ 66.766383][ T4958] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 66.779374][ T4949] EXT4-fs error (device loop5): ext4_free_blocks:6587: comm syz.5.511: Freeing blocks not in datazone - block = 0, count = 4096 [ 66.801588][ T4945] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.813935][ T4945] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.837934][ T4945] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.841086][ T4949] EXT4-fs error (device loop5): ext4_acquire_dquot:6933: comm syz.5.511: Failed to acquire dquot type 0 [ 66.862819][ T4945] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.871877][ T4949] EXT4-fs (loop5): 1 orphan inode deleted [ 66.885805][ T4949] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 66.935305][ T3914] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 66.964037][ T4967] netlink: 'syz.0.518': attribute type 13 has an invalid length. [ 66.973374][ T3707] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 67.036429][ T4975] loop3: detected capacity change from 0 to 1024 [ 67.043112][ T4967] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 67.083114][ T4975] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 67.149039][ T4975] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4113: comm syz.3.521: Allocating blocks 449-513 which overlap fs metadata [ 67.226319][ T4975] SELinux: Context @ is not valid (left unmapped). [ 67.257160][ T4975] EXT4-fs (loop3): pa ffff888106e01770: logic 48, phys. 177, len 21 [ 67.265649][ T4975] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 4 [ 67.335574][ T3707] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 67.639136][ T5019] netlink: 8 bytes leftover after parsing attributes in process `syz.0.537'. [ 67.648260][ T5019] netlink: 8 bytes leftover after parsing attributes in process `syz.0.537'. [ 67.795946][ T5033] vlan2: entered allmulticast mode [ 67.801230][ T5033] dummy0: entered allmulticast mode [ 67.884425][ T29] kauditd_printk_skb: 153 callbacks suppressed [ 67.884442][ T29] audit: type=1400 audit(1751996394.683:1124): avc: denied { unmount } for pid=3310 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 67.925828][ T5041] netlink: 24 bytes leftover after parsing attributes in process `syz.0.548'. [ 68.010046][ T5052] loop1: detected capacity change from 0 to 512 [ 68.039496][ T5052] ext4: Unknown parameter 'audit' [ 68.048718][ T29] audit: type=1400 audit(1751996394.843:1125): avc: denied { read } for pid=5051 comm="syz.1.554" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 68.113597][ T5056] loop4: detected capacity change from 0 to 512 [ 68.145487][ T5056] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 68.160099][ T5046] mmap: syz.3.544 (5046) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 68.194090][ T5056] ext4 filesystem being mounted at /118/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 68.238553][ T3306] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 68.279996][ T5074] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 68.287515][ T5074] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 68.327511][ T29] audit: type=1326 audit(1751996395.123:1126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5075 comm="syz.0.561" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd34cf2e929 code=0x7ffc0000 [ 68.351138][ T29] audit: type=1326 audit(1751996395.123:1127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5075 comm="syz.0.561" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd34cf2e929 code=0x7ffc0000 [ 68.374636][ T29] audit: type=1326 audit(1751996395.123:1128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5075 comm="syz.0.561" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd34cf2e929 code=0x7ffc0000 [ 68.398072][ T29] audit: type=1326 audit(1751996395.123:1129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5075 comm="syz.0.561" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd34cf2e929 code=0x7ffc0000 [ 68.421432][ T29] audit: type=1326 audit(1751996395.123:1130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5075 comm="syz.0.561" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd34cf2e929 code=0x7ffc0000 [ 68.444813][ T29] audit: type=1326 audit(1751996395.123:1131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5075 comm="syz.0.561" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd34cf2e929 code=0x7ffc0000 [ 68.468247][ T29] audit: type=1326 audit(1751996395.123:1132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5075 comm="syz.0.561" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd34cf2e929 code=0x7ffc0000 [ 68.502238][ T29] audit: type=1326 audit(1751996395.213:1133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5075 comm="syz.0.561" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd34cf2e929 code=0x7ffc0000 [ 68.721801][ T5096] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 68.797526][ T5096] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 68.848433][ T5096] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 68.882516][ T5106] vlan0: entered promiscuous mode [ 68.887672][ T5106] bridge0: entered promiscuous mode [ 68.917631][ T5096] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 68.952375][ T5101] syz.3.572: attempt to access beyond end of device [ 68.952375][ T5101] loop7: rw=0, sector=0, nr_sectors = 1 limit=0 [ 68.965557][ T5101] FAT-fs (loop7): unable to read boot sector [ 69.025097][ T5096] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 69.058422][ T5096] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 69.073441][ T5096] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 69.093033][ T5096] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 69.167339][ T5123] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=5123 comm=syz.1.582 [ 69.230310][ T5131] loop5: detected capacity change from 0 to 512 [ 69.252899][ T5131] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 69.288598][ T5131] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 69.325301][ T5131] ext4 filesystem being mounted at /80/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 69.339624][ T5131] EXT4-fs error (device loop5): ext4_xattr_block_get:593: inode #15: comm syz.5.587: corrupted xattr block 19: overlapping e_value [ 69.358172][ T5131] SELinux: inode_doinit_use_xattr: getxattr returned 117 for dev=loop5 ino=15 [ 69.368542][ T5131] EXT4-fs error (device loop5): ext4_xattr_block_get:593: inode #15: comm syz.5.587: corrupted xattr block 19: overlapping e_value [ 69.387191][ T5146] __nla_validate_parse: 3 callbacks suppressed [ 69.387208][ T5146] netlink: 8 bytes leftover after parsing attributes in process `syz.1.593'. [ 69.389566][ T5131] SELinux: inode_doinit_use_xattr: getxattr returned 117 for dev=loop5 ino=15 [ 69.393397][ T5146] netlink: 8 bytes leftover after parsing attributes in process `syz.1.593'. [ 69.410897][ T5131] EXT4-fs error (device loop5): ext4_xattr_block_get:593: inode #15: comm syz.5.587: corrupted xattr block 19: overlapping e_value [ 69.411294][ T5146] netlink: 2 bytes leftover after parsing attributes in process `syz.1.593'. [ 69.457281][ T3914] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 69.481348][ T5146] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 69.490290][ T5146] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 69.499191][ T5146] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 69.508135][ T5146] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 69.522797][ T5150] netlink: 'syz.0.595': attribute type 4 has an invalid length. [ 69.531181][ T5152] loop3: detected capacity change from 0 to 1024 [ 69.540249][ T5152] EXT4-fs: Ignoring removed orlov option [ 69.583244][ T5152] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 69.634126][ T5162] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 69.644577][ T5162] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 69.666813][ T3707] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 69.866977][ T5186] netlink: 'syz.5.606': attribute type 4 has an invalid length. [ 69.882715][ T5186] netlink: 'syz.5.606': attribute type 4 has an invalid length. [ 70.062955][ T5205] netlink: 'syz.3.615': attribute type 3 has an invalid length. [ 70.070831][ T5205] netlink: 'syz.3.615': attribute type 3 has an invalid length. [ 70.203355][ T5214] syz_tun: entered allmulticast mode [ 70.214449][ T5214] SELinux: failure in sel_netif_sid_slow(), invalid network interface (0) [ 70.223065][ T5214] mroute: pending queue full, dropping entries [ 70.231214][ T5213] syz_tun: left allmulticast mode [ 70.287195][ T5209] netlink: 8 bytes leftover after parsing attributes in process `syz.3.617'. [ 70.296107][ T5209] netlink: 40 bytes leftover after parsing attributes in process `syz.3.617'. [ 70.307391][ T5218] netlink: 12 bytes leftover after parsing attributes in process `syz.0.621'. [ 70.353596][ T5218] 8021q: adding VLAN 0 to HW filter on device bond1 [ 70.404986][ T5218] vlan2: entered allmulticast mode [ 70.410208][ T5218] bond1: entered allmulticast mode [ 70.586177][ T5235] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 70.806321][ T5235] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 70.822636][ T5249] x_tables: ip6_tables: CLASSIFY target: used from hooks PREROUTING, but only usable from FORWARD/OUTPUT/POSTROUTING [ 71.043759][ T5235] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 71.162329][ T5235] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 71.189786][ T5259] loop4: detected capacity change from 0 to 2048 [ 71.235567][ T5259] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 71.260772][ T5261] netlink: 96 bytes leftover after parsing attributes in process `syz.1.640'. [ 71.550482][ T3306] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 71.690722][ T5295] pim6reg1: entered promiscuous mode [ 71.696315][ T5295] pim6reg1: entered allmulticast mode [ 71.809408][ T5305] bridge: RTM_NEWNEIGH with invalid ether address [ 71.876116][ T5312] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 71.883377][ T5312] IPv6: NLM_F_CREATE should be set when creating new route [ 71.932377][ T5314] sch_tbf: burst 4398 is lower than device lo mtu (65550) ! [ 72.002701][ T5318] netlink: 8 bytes leftover after parsing attributes in process `syz.5.663'. [ 72.027580][ T5320] netlink: 12 bytes leftover after parsing attributes in process `syz.1.664'. [ 72.100478][ T5327] netlink: 96 bytes leftover after parsing attributes in process `syz.5.667'. [ 72.575032][ T5370] loop1: detected capacity change from 0 to 512 [ 72.582556][ T5370] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 72.594570][ T5370] EXT4-fs (loop1): 1 truncate cleaned up [ 72.600910][ T5370] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 72.628988][ T3310] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 72.675267][ T5376] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(5) [ 72.681887][ T5376] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 72.689436][ T5376] vhci_hcd vhci_hcd.0: Device attached [ 72.750892][ T5377] usbip_core: unknown command [ 72.755638][ T5377] vhci_hcd: unknown pdu 0 [ 72.755651][ T5377] usbip_core: unknown command [ 72.755985][ T3656] vhci_hcd: stop threads [ 72.769140][ T3656] vhci_hcd: release socket [ 72.769152][ T3656] vhci_hcd: disconnect device [ 72.897622][ T29] kauditd_printk_skb: 490 callbacks suppressed [ 72.897640][ T29] audit: type=1326 audit(1751996399.693:1624): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5347 comm="syz.4.675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f92f2f558e7 code=0x7ffc0000 [ 72.927228][ T29] audit: type=1326 audit(1751996399.693:1625): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5347 comm="syz.4.675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f92f2efab19 code=0x7ffc0000 [ 72.950574][ T29] audit: type=1326 audit(1751996399.693:1626): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5347 comm="syz.4.675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=304 compat=0 ip=0x7f92f2f5e929 code=0x7ffc0000 [ 72.974094][ T29] audit: type=1326 audit(1751996399.693:1627): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5347 comm="syz.4.675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f92f2f558e7 code=0x7ffc0000 [ 72.997405][ T29] audit: type=1326 audit(1751996399.693:1628): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5347 comm="syz.4.675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f92f2efab19 code=0x7ffc0000 [ 73.020656][ T29] audit: type=1326 audit(1751996399.693:1629): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5347 comm="syz.4.675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=304 compat=0 ip=0x7f92f2f5e929 code=0x7ffc0000 [ 73.044142][ T29] audit: type=1326 audit(1751996399.693:1630): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5347 comm="syz.4.675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f92f2f558e7 code=0x7ffc0000 [ 73.067413][ T29] audit: type=1326 audit(1751996399.693:1631): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5347 comm="syz.4.675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f92f2efab19 code=0x7ffc0000 [ 73.090676][ T29] audit: type=1326 audit(1751996399.693:1632): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5347 comm="syz.4.675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=304 compat=0 ip=0x7f92f2f5e929 code=0x7ffc0000 [ 73.115987][ T29] audit: type=1326 audit(1751996399.723:1633): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5347 comm="syz.4.675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f92f2f558e7 code=0x7ffc0000 [ 73.180394][ T5235] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.223264][ T5235] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.241334][ T5235] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.257705][ T5388] loop3: detected capacity change from 0 to 256 [ 73.288913][ T5235] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.305712][ T5388] FAT-fs (loop3): Directory bread(block 64) failed [ 73.313883][ T5388] FAT-fs (loop3): Directory bread(block 65) failed [ 73.323297][ T5388] FAT-fs (loop3): Directory bread(block 66) failed [ 73.331170][ T5388] FAT-fs (loop3): Directory bread(block 67) failed [ 73.350352][ T5388] FAT-fs (loop3): Directory bread(block 68) failed [ 73.357356][ T5388] FAT-fs (loop3): Directory bread(block 69) failed [ 73.364722][ T5388] FAT-fs (loop3): Directory bread(block 70) failed [ 73.371341][ T5388] FAT-fs (loop3): Directory bread(block 71) failed [ 73.439465][ T5388] FAT-fs (loop3): Directory bread(block 72) failed [ 73.448709][ T5408] loop4: detected capacity change from 0 to 128 [ 73.449400][ T5388] FAT-fs (loop3): Directory bread(block 73) failed [ 73.476508][ T5410] loop1: detected capacity change from 0 to 512 [ 73.525148][ T5388] syz.3.689: attempt to access beyond end of device [ 73.525148][ T5388] loop3: rw=524288, sector=1800, nr_sectors = 20 limit=256 [ 73.571658][ T5388] syz.3.689: attempt to access beyond end of device [ 73.571658][ T5388] loop3: rw=0, sector=1800, nr_sectors = 8 limit=256 [ 73.650713][ T3387] IPVS: starting estimator thread 0... [ 73.744110][ T5427] IPVS: using max 2400 ests per chain, 120000 per kthread [ 73.750438][ T5440] netlink: 'syz.0.712': attribute type 3 has an invalid length. [ 73.780137][ T5440] netlink: 'syz.0.712': attribute type 3 has an invalid length. [ 73.781577][ T5444] netlink: 'syz.1.714': attribute type 1 has an invalid length. [ 73.848844][ T5444] 8021q: adding VLAN 0 to HW filter on device bond2 [ 73.852523][ T5454] program syz.5.718 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 73.873819][ T5444] bond2 (unregistering): Released all slaves [ 73.894868][ T5459] loop0: detected capacity change from 0 to 128 [ 73.939374][ T5462] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant. [ 73.939374][ T5462] The task syz.4.717 (5462) triggered the difference, watch for misbehavior. [ 74.137659][ T5466] xt_CHECKSUM: CHECKSUM should be avoided. If really needed, restrict with "-p udp" and only use in OUTPUT [ 74.149421][ T5466] xt_CHECKSUM: unsupported CHECKSUM operation 68 [ 74.837056][ T5544] serio: Serial port ptm0 [ 74.876686][ T5546] loop1: detected capacity change from 0 to 512 [ 74.880861][ T5546] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 74.907579][ T5546] EXT4-fs (loop1): 1 truncate cleaned up [ 74.907987][ T5546] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 75.021850][ T3310] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 75.562423][ T5592] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 75.597639][ T5599] bridge0: port 2(bridge_slave_1) entered disabled state [ 75.604904][ T5599] bridge0: port 1(bridge_slave_0) entered disabled state [ 75.619011][ T5599] bridge0: entered allmulticast mode [ 75.627143][ T5592] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 75.638130][ T5599] bridge_slave_1: left allmulticast mode [ 75.643865][ T5599] bridge_slave_1: left promiscuous mode [ 75.649667][ T5599] bridge0: port 2(bridge_slave_1) entered disabled state [ 75.657500][ T5599] bridge_slave_0: left promiscuous mode [ 75.663278][ T5599] bridge0: port 1(bridge_slave_0) entered disabled state [ 75.683196][ T5604] loop3: detected capacity change from 0 to 1024 [ 75.691459][ T5604] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 75.700550][ T5604] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 75.711530][ T5604] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 75.720780][ T5604] EXT4-fs (loop3): orphan cleanup on readonly fs [ 75.728301][ T5604] EXT4-fs error (device loop3): ext4_free_blocks:6587: comm syz.3.777: Freeing blocks not in datazone - block = 0, count = 4096 [ 75.749190][ T5604] EXT4-fs (loop3): Remounting filesystem read-only [ 75.756102][ T5604] EXT4-fs (loop3): 1 orphan inode deleted [ 75.762329][ T5604] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 75.780120][ T5592] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 75.799267][ T5609] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 75.808296][ T5609] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 75.830115][ T3707] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 75.846070][ T5592] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 76.447861][ T5633] netlink: 'syz.4.793': attribute type 3 has an invalid length. [ 76.459086][ T5633] netlink: 'syz.4.793': attribute type 3 has an invalid length. [ 76.552955][ T5645] loop1: detected capacity change from 0 to 512 [ 76.562753][ T5645] EXT4-fs (loop1): orphan cleanup on readonly fs [ 76.575554][ T5645] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.797: bg 0: block 248: padding at end of block bitmap is not set [ 76.590104][ T5645] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.797: Failed to acquire dquot type 1 [ 76.606243][ T5645] EXT4-fs (loop1): 1 truncate cleaned up [ 76.613797][ T5645] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 76.641486][ T5645] EXT4-fs (loop1): warning: mounting fs with errors, running e2fsck is recommended [ 76.654556][ T5645] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.797: Failed to acquire dquot type 1 [ 76.666292][ T5645] EXT4-fs warning (device loop1): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-28, ino=4). Please run e2fsck to fix. [ 76.705794][ T3310] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 76.749483][ T5656] netdevsim netdevsim1 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 76.845598][ T5656] netdevsim netdevsim1 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 76.865302][ T5592] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.880125][ T5592] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.897194][ T5592] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.909338][ T5592] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.920353][ T5656] netdevsim netdevsim1 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 76.976699][ T5656] netdevsim netdevsim1 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 76.989774][ T5664] loop3: detected capacity change from 0 to 2048 [ 77.018909][ T5666] bridge0: port 2(bridge_slave_1) entered disabled state [ 77.026322][ T5666] bridge0: port 1(bridge_slave_0) entered disabled state [ 77.033843][ T5666] bridge0: entered allmulticast mode [ 77.041940][ T5664] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 77.045565][ T5666] bridge_slave_1: left allmulticast mode [ 77.060294][ T5666] bridge_slave_1: left promiscuous mode [ 77.066101][ T5666] bridge0: port 2(bridge_slave_1) entered disabled state [ 77.076545][ T5666] bridge_slave_0: left allmulticast mode [ 77.082281][ T5666] bridge_slave_0: left promiscuous mode [ 77.088178][ T5666] bridge0: port 1(bridge_slave_0) entered disabled state [ 77.099607][ T5664] EXT4-fs error (device loop3): ext4_find_extent:939: inode #2: comm syz.3.802: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4) [ 77.123784][ T5671] loop0: detected capacity change from 0 to 1024 [ 77.132911][ T5671] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 77.145920][ T5664] EXT4-fs (loop3): Remounting filesystem read-only [ 77.169008][ T5664] xt_hashlimit: max too large, truncated to 1048576 [ 77.180625][ T5671] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 77.193831][ T5671] EXT4-fs (loop0): revision level too high, forcing read-only mode [ 77.202417][ T5671] EXT4-fs (loop0): orphan cleanup on readonly fs [ 77.215991][ T5656] netdevsim netdevsim1 eth0: set [0, 0] type 1 family 0 port 8472 - 0 [ 77.218639][ T5671] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz.0.803: Freeing blocks not in datazone - block = 0, count = 4096 [ 77.239876][ T5656] netdevsim netdevsim1 eth1: set [0, 0] type 1 family 0 port 8472 - 0 [ 77.246644][ T5671] EXT4-fs (loop0): Remounting filesystem read-only [ 77.252475][ T5656] netdevsim netdevsim1 eth2: set [0, 0] type 1 family 0 port 8472 - 0 [ 77.254773][ T5671] EXT4-fs (loop0): 1 orphan inode deleted [ 77.268559][ T5656] netdevsim netdevsim1 eth3: set [0, 0] type 1 family 0 port 8472 - 0 [ 77.278175][ T5671] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 77.319089][ T5677] loop4: detected capacity change from 0 to 512 [ 77.327395][ T3707] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 77.353127][ T5679] netlink: 'syz.1.807': attribute type 3 has an invalid length. [ 77.369113][ T5679] netlink: 'syz.1.807': attribute type 3 has an invalid length. [ 78.050990][ T5714] loop4: detected capacity change from 0 to 2048 [ 78.069182][ T5714] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 78.070336][ T5716] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 78.096006][ T5714] EXT4-fs error (device loop4): ext4_find_extent:939: inode #2: comm syz.4.818: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4) [ 78.096215][ T5714] EXT4-fs (loop4): Remounting filesystem read-only [ 78.129373][ T5714] xt_hashlimit: max too large, truncated to 1048576 [ 78.140484][ T5716] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 78.179270][ T5716] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 78.191924][ T3306] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 78.228367][ T5716] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 78.283104][ T5716] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 78.287214][ T5716] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 78.303899][ T5716] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 78.316871][ T5716] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 78.407067][ T29] kauditd_printk_skb: 222 callbacks suppressed [ 78.407113][ T29] audit: type=1326 audit(1751996405.203:1852): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5727 comm="syz.5.824" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fc5f8e929 code=0x7ffc0000 [ 78.442419][ T29] audit: type=1326 audit(1751996405.213:1853): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5727 comm="syz.5.824" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9fc5f8e929 code=0x7ffc0000 [ 78.466036][ T29] audit: type=1326 audit(1751996405.213:1854): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5727 comm="syz.5.824" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fc5f8e929 code=0x7ffc0000 [ 78.489582][ T29] audit: type=1326 audit(1751996405.213:1855): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5727 comm="syz.5.824" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fc5f8e929 code=0x7ffc0000 [ 78.513002][ T29] audit: type=1326 audit(1751996405.213:1856): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5727 comm="syz.5.824" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9fc5f8e929 code=0x7ffc0000 [ 78.536457][ T29] audit: type=1326 audit(1751996405.213:1857): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5727 comm="syz.5.824" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fc5f8e929 code=0x7ffc0000 [ 78.560044][ T29] audit: type=1326 audit(1751996405.213:1858): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5727 comm="syz.5.824" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fc5f8e929 code=0x7ffc0000 [ 78.583459][ T29] audit: type=1326 audit(1751996405.213:1859): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5727 comm="syz.5.824" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f9fc5f8e929 code=0x7ffc0000 [ 78.606876][ T29] audit: type=1326 audit(1751996405.233:1860): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5727 comm="syz.5.824" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fc5f8e929 code=0x7ffc0000 [ 78.630271][ T29] audit: type=1326 audit(1751996405.233:1861): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5727 comm="syz.5.824" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fc5f8e929 code=0x7ffc0000 [ 78.704569][ T5734] __nla_validate_parse: 3 callbacks suppressed [ 78.704587][ T5734] netlink: 4 bytes leftover after parsing attributes in process `syz.4.827'. [ 78.793264][ T5744] netlink: 12 bytes leftover after parsing attributes in process `syz.5.830'. [ 78.837742][ T5750] netlink: 'syz.5.832': attribute type 3 has an invalid length. [ 78.845893][ T5750] netlink: 'syz.5.832': attribute type 3 has an invalid length. [ 79.006190][ T5755] loop5: detected capacity change from 0 to 164 [ 79.031028][ T5757] loop1: detected capacity change from 0 to 2048 [ 79.032058][ T5755] syz.5.834: attempt to access beyond end of device [ 79.032058][ T5755] loop5: rw=524288, sector=263328, nr_sectors = 4 limit=164 [ 79.055862][ T5755] syz.5.834: attempt to access beyond end of device [ 79.055862][ T5755] loop5: rw=0, sector=263328, nr_sectors = 4 limit=164 [ 79.076705][ T5757] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 79.115821][ T5762] netlink: 'syz.5.836': attribute type 4 has an invalid length. [ 79.156185][ T5757] EXT4-fs error (device loop1): ext4_find_extent:939: inode #2: comm syz.1.833: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4) [ 79.173260][ T5757] EXT4-fs (loop1): Remounting filesystem read-only [ 79.181422][ T5757] xt_hashlimit: max too large, truncated to 1048576 [ 79.245421][ T3310] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 79.266453][ T5773] program syz.5.842 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 79.340497][ T5779] loop1: detected capacity change from 0 to 1024 [ 79.356448][ T5779] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 79.390938][ T5779] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 79.401738][ T5784] netlink: 'syz.5.845': attribute type 1 has an invalid length. [ 79.423036][ T5784] 8021q: adding VLAN 0 to HW filter on device bond1 [ 79.447934][ T5784] netlink: 4 bytes leftover after parsing attributes in process `syz.5.845'. [ 79.459088][ T5784] bond1 (unregistering): Released all slaves [ 79.529506][ T5789] netlink: 'syz.1.856': attribute type 4 has an invalid length. [ 79.547833][ T5789] netlink: 'syz.1.856': attribute type 4 has an invalid length. [ 79.635608][ T5801] netlink: 'syz.4.851': attribute type 12 has an invalid length. [ 79.811028][ T5820] loop3: detected capacity change from 0 to 128 [ 79.870381][ T5826] netlink: 'syz.1.859': attribute type 10 has an invalid length. [ 79.881335][ T5826] team0: Port device dummy0 added [ 79.888332][ T5826] netlink: 'syz.1.859': attribute type 10 has an invalid length. [ 79.911735][ T5826] team0: Failed to send port change of device dummy0 via netlink (err -105) [ 79.926410][ T5826] team0: Failed to send options change via netlink (err -105) [ 79.942843][ T5826] team0: Failed to send port change of device dummy0 via netlink (err -105) [ 79.971814][ T5826] team0: Port device dummy0 removed [ 79.979332][ T5826] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 79.988671][ T5830] hub 9-0:1.0: USB hub found [ 80.003192][ T5830] hub 9-0:1.0: 8 ports detected [ 80.508893][ T5846] loop4: detected capacity change from 0 to 512 [ 80.548449][ T5846] EXT4-fs (loop4): 1 orphan inode deleted [ 80.554875][ T5846] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 80.569844][ T12] EXT4-fs error (device loop4): ext4_release_dquot:6969: comm kworker/u8:0: Failed to release dquot type 1 [ 80.569890][ T5846] ext4 filesystem being mounted at /180/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 80.593772][ T5846] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 80.968026][ T5854] loop1: detected capacity change from 0 to 128 [ 81.025955][ T5854] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 81.107632][ T5854] ext4 filesystem being mounted at /172/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 81.123270][ T3305] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 81.238597][ T3310] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 81.269296][ T5865] netlink: 4 bytes leftover after parsing attributes in process `syz.3.873'. [ 81.502133][ T5881] loop0: detected capacity change from 0 to 8192 [ 81.574246][ T3298] loop0: p1 p2[DM] p4 [ 81.578628][ T3298] loop0: p1 size 196608 extends beyond EOD, truncated [ 81.589323][ T3298] loop0: p2 start 4292936063 is beyond EOD, truncated [ 81.596303][ T3298] loop0: p4 size 50331648 extends beyond EOD, truncated [ 81.637088][ T5881] loop0: p1 p2[DM] p4 [ 81.641310][ T5881] loop0: p1 size 196608 extends beyond EOD, truncated [ 81.662631][ T5881] loop0: p2 start 4292936063 is beyond EOD, truncated [ 81.669577][ T5881] loop0: p4 size 50331648 extends beyond EOD, truncated [ 82.401510][ T5909] : renamed from bond0 (while UP) [ 82.623451][ T5930] @ÿ: renamed from bond_slave_0 (while UP) [ 82.890297][ T5944] loop3: detected capacity change from 0 to 512 [ 82.926495][ T5944] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 83.015016][ T5946] tipc: Started in network mode [ 83.020033][ T5946] tipc: Node identity ac14140f, cluster identity 4711 [ 83.033341][ T5946] tipc: New replicast peer: 255.255.255.83 [ 83.039486][ T5946] tipc: Enabled bearer , priority 10 [ 83.061502][ T5944] EXT4-fs (loop3): 1 truncate cleaned up [ 83.084609][ T5944] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 83.271267][ T3707] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 83.395874][ T5961] netlink: 'syz.3.914': attribute type 10 has an invalid length. [ 83.444909][ T5961] : (slave dummy0): Releasing backup interface [ 83.462091][ T5961] team0: Failed to send options change via netlink (err -105) [ 83.469734][ T5961] team0: Port device dummy0 added [ 83.492279][ T5964] team0: Failed to send port change of device dummy0 via netlink (err -105) [ 83.515880][ T5964] team0: Failed to send options change via netlink (err -105) [ 83.526162][ T5964] team0: Failed to send port change of device dummy0 via netlink (err -105) [ 83.536365][ T5964] team0: Port device dummy0 removed [ 83.544449][ T5964] : (slave dummy0): Enslaving as an active interface with an up link [ 83.624999][ T29] kauditd_printk_skb: 112 callbacks suppressed [ 83.625016][ T29] audit: type=1400 audit(1751996410.423:1973): avc: denied { bind } for pid=5968 comm="syz.3.915" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 83.660047][ T5969] ªªªªªª: renamed from vlan0 (while UP) [ 83.686257][ T5899] GPL (5899) used greatest stack depth: 6824 bytes left [ 83.751629][ T5973] syzkaller0: entered promiscuous mode [ 83.757200][ T5973] syzkaller0: entered allmulticast mode [ 83.801678][ T29] audit: type=1400 audit(1751996410.593:1974): avc: denied { sqpoll } for pid=5977 comm="syz.0.918" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1 [ 83.832359][ T29] audit: type=1400 audit(1751996410.623:1975): avc: denied { write } for pid=5978 comm="syz.3.919" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 83.853231][ T29] audit: type=1400 audit(1751996410.623:1976): avc: denied { open } for pid=5978 comm="syz.3.919" path="/195/file0" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 83.885414][ T29] audit: type=1400 audit(1751996410.683:1977): avc: denied { mount } for pid=5982 comm="syz.0.920" name="/" dev="ramfs" ino=15441 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1 [ 83.939052][ T5985] loop3: detected capacity change from 0 to 1024 [ 83.965668][ T5985] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 83.992951][ T29] audit: type=1326 audit(1751996410.773:1978): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5988 comm="syz.1.924" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc4454e929 code=0x7ffc0000 [ 84.016429][ T29] audit: type=1326 audit(1751996410.773:1979): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5988 comm="syz.1.924" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc4454e929 code=0x7ffc0000 [ 84.031295][ T5985] ext4 filesystem being mounted at /196/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 84.039874][ T29] audit: type=1326 audit(1751996410.773:1980): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5988 comm="syz.1.924" exe="/root/syz-executor" sig=0 arch=c000003e syscall=220 compat=0 ip=0x7fbc4454e929 code=0x7ffc0000 [ 84.073709][ T29] audit: type=1326 audit(1751996410.773:1981): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5988 comm="syz.1.924" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc4454e929 code=0x7ffc0000 [ 84.097176][ T29] audit: type=1326 audit(1751996410.773:1982): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5988 comm="syz.1.924" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fbc4454d290 code=0x7ffc0000 [ 84.143697][ T5985] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters [ 84.154019][ T3408] tipc: Node number set to 2886997007 [ 84.169319][ T5985] EXT4-fs (loop3): Remounting filesystem read-only [ 84.189024][ T3707] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 84.231019][ T5998] loop3: detected capacity change from 0 to 1024 [ 84.257792][ T5998] EXT4-fs: Ignoring removed nobh option [ 84.288285][ T5998] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 84.304300][ T5996] syzkaller0: entered promiscuous mode [ 84.309817][ T5996] syzkaller0: entered allmulticast mode [ 84.351796][ T5998] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4113: comm syz.3.928: Allocating blocks 385-513 which overlap fs metadata [ 84.451996][ T5998] EXT4-fs (loop3): pa ffff888106e01700: logic 16, phys. 129, len 24 [ 84.460107][ T5998] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 8 [ 84.478084][ T6007] vlan2: entered allmulticast mode [ 84.502127][ T3707] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 84.563302][ T6016] loop5: detected capacity change from 0 to 128 [ 84.621025][ T6020] 9pnet_fd: p9_fd_create_tcp (6020): problem connecting socket to 127.0.0.1 [ 84.635294][ T6020] netlink: 96 bytes leftover after parsing attributes in process `syz.3.939'. [ 84.663278][ T6024] netlink: 4 bytes leftover after parsing attributes in process `syz.4.941'. [ 84.700470][ T6028] loop3: detected capacity change from 0 to 1024 [ 84.715506][ T6028] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.943: Failed to acquire dquot type 0 [ 84.729959][ T6028] EXT4-fs error (device loop3): mb_free_blocks:1948: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt. [ 84.750197][ T6028] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #13: comm syz.3.943: corrupted inode contents [ 84.762332][ T6028] EXT4-fs error (device loop3): ext4_dirty_inode:6459: inode #13: comm syz.3.943: mark_inode_dirty error [ 84.763403][ T6032] netlink: 4 bytes leftover after parsing attributes in process `syz.5.944'. [ 84.775416][ T6028] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #13: comm syz.3.943: corrupted inode contents [ 84.794866][ T6028] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #13: comm syz.3.943: mark_inode_dirty error [ 84.795097][ T6032] : (slave bond_slave_1): Releasing backup interface [ 84.814192][ T6028] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #13: comm syz.3.943: corrupted inode contents [ 84.830111][ T6028] EXT4-fs error (device loop3) in ext4_orphan_del:305: Corrupt filesystem [ 84.841078][ T6028] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #13: comm syz.3.943: corrupted inode contents [ 84.853147][ T6028] EXT4-fs error (device loop3): ext4_truncate:4597: inode #13: comm syz.3.943: mark_inode_dirty error [ 84.864697][ T6028] EXT4-fs error (device loop3) in ext4_process_orphan:347: Corrupt filesystem [ 84.874375][ T6028] EXT4-fs (loop3): 1 truncate cleaned up [ 84.875870][ T6034] random: crng reseeded on system resumption [ 84.895944][ T6028] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 84.984454][ T3707] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 85.250263][ T6051] loop4: detected capacity change from 0 to 256 [ 85.524565][ T6076] loop5: detected capacity change from 0 to 1024 [ 85.531465][ T6076] EXT4-fs: Ignoring removed orlov option [ 85.557094][ T6076] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 85.592637][ T3914] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 85.979871][ T6101] loop4: detected capacity change from 0 to 128 [ 86.036033][ T6101] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 86.061670][ T6101] ext4 filesystem being mounted at /204/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 86.125492][ T6104] loop5: detected capacity change from 0 to 1024 [ 86.176256][ T6104] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 86.204017][ T6104] ext4 filesystem being mounted at /185/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 86.272921][ T3306] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 86.359468][ T6117] loop4: detected capacity change from 0 to 1024 [ 86.408273][ T6117] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 86.488209][ T297] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm kworker/u8:6: bg 0: block 393: padding at end of block bitmap is not set [ 86.504078][ T3306] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 86.534671][ T297] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 2035 with error 117 [ 86.547458][ T297] EXT4-fs (loop5): This should not happen!! Data will be lost [ 86.547458][ T297] [ 86.612349][ T3914] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 86.645077][ T6127] netlink: 12 bytes leftover after parsing attributes in process `syz.4.979'. [ 86.741582][ T6132] netlink: 24 bytes leftover after parsing attributes in process `syz.4.980'. [ 86.789680][ T6128] ================================================================== [ 86.797824][ T6128] BUG: KCSAN: data-race in shmem_file_splice_read / shmem_file_splice_read [ 86.806438][ T6128] [ 86.808787][ T6128] write to 0xffff88811dec1fa8 of 8 bytes by task 6124 on cpu 0: [ 86.816440][ T6128] shmem_file_splice_read+0x470/0x600 [ 86.821840][ T6128] splice_direct_to_actor+0x26f/0x680 [ 86.827254][ T6128] do_splice_direct+0xda/0x150 [ 86.832058][ T6128] do_sendfile+0x380/0x650 [ 86.836492][ T6128] __x64_sys_sendfile64+0x105/0x150 [ 86.841729][ T6128] x64_sys_call+0xb39/0x2fb0 [ 86.846355][ T6128] do_syscall_64+0xd2/0x200 [ 86.850893][ T6128] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 86.856810][ T6128] [ 86.859153][ T6128] write to 0xffff88811dec1fa8 of 8 bytes by task 6128 on cpu 1: [ 86.866804][ T6128] shmem_file_splice_read+0x470/0x600 [ 86.872203][ T6128] splice_direct_to_actor+0x26f/0x680 [ 86.877602][ T6128] do_splice_direct+0xda/0x150 [ 86.882396][ T6128] do_sendfile+0x380/0x650 [ 86.886843][ T6128] __x64_sys_sendfile64+0x105/0x150 [ 86.892077][ T6128] x64_sys_call+0xb39/0x2fb0 [ 86.896689][ T6128] do_syscall_64+0xd2/0x200 [ 86.901239][ T6128] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 86.907163][ T6128] [ 86.909528][ T6128] value changed: 0x0000000000001943 -> 0x0000000000001949 [ 86.916652][ T6128] [ 86.918996][ T6128] Reported by Kernel Concurrency Sanitizer on: [ 86.925166][ T6128] CPU: 1 UID: 0 PID: 6128 Comm: syz.0.978 Not tainted 6.16.0-rc5-syzkaller-00025-gd006330be3f7 #0 PREEMPT(voluntary) [ 86.937878][ T6128] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 86.947966][ T6128] ================================================================== [ 87.224085][ T6128] ================================================================== [ 87.232328][ T6128] BUG: KCSAN: data-race in atime_needs_update / inode_update_timestamps [ 87.240688][ T6128] [ 87.243033][ T6128] write to 0xffff888119ed89ac of 4 bytes by task 6124 on cpu 1: [ 87.250696][ T6128] inode_update_timestamps+0x147/0x270 [ 87.256204][ T6128] file_update_time+0x20e/0x2b0 [ 87.261137][ T6128] shmem_file_write_iter+0x9c/0xf0 [ 87.266275][ T6128] iter_file_splice_write+0x5ef/0x970 [ 87.271687][ T6128] direct_splice_actor+0x153/0x2a0 [ 87.276850][ T6128] splice_direct_to_actor+0x30f/0x680 [ 87.282263][ T6128] do_splice_direct+0xda/0x150 [ 87.287067][ T6128] do_sendfile+0x380/0x650 [ 87.291535][ T6128] __x64_sys_sendfile64+0x105/0x150 [ 87.296767][ T6128] x64_sys_call+0xb39/0x2fb0 [ 87.301387][ T6128] do_syscall_64+0xd2/0x200 [ 87.305940][ T6128] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 87.311866][ T6128] [ 87.314212][ T6128] read to 0xffff888119ed89ac of 4 bytes by task 6128 on cpu 0: [ 87.321781][ T6128] atime_needs_update+0x2a8/0x3e0 [ 87.326832][ T6128] touch_atime+0x4a/0x340 [ 87.331186][ T6128] shmem_file_splice_read+0x5b1/0x600 [ 87.336583][ T6128] splice_direct_to_actor+0x26f/0x680 [ 87.341986][ T6128] do_splice_direct+0xda/0x150 [ 87.346789][ T6128] do_sendfile+0x380/0x650 [ 87.351240][ T6128] __x64_sys_sendfile64+0x105/0x150 [ 87.356469][ T6128] x64_sys_call+0xb39/0x2fb0 [ 87.361089][ T6128] do_syscall_64+0xd2/0x200 [ 87.365645][ T6128] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 87.371566][ T6128] [ 87.373907][ T6128] value changed: 0x00ca897d -> 0x01631ffd [ 87.379643][ T6128] [ 87.381978][ T6128] Reported by Kernel Concurrency Sanitizer on: [ 87.388140][ T6128] CPU: 0 UID: 0 PID: 6128 Comm: syz.0.978 Not tainted 6.16.0-rc5-syzkaller-00025-gd006330be3f7 #0 PREEMPT(voluntary) [ 87.400503][ T6128] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 87.410589][ T6128] ==================================================================