last executing test programs: 55.831264835s ago: executing program 1 (id=3437): mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000080)='mqueue\x00', 0x200011, 0x0) open$dir(&(0x7f0000000140)='./file0\x00', 0x2, 0x0) 55.687135101s ago: executing program 1 (id=3439): openat(0xffffffffffffffff, 0x0, 0x10002, 0x10) ptrace(0x10, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0x18, 0x4, 0x0, 0x0, 0x1, 0x1}, 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_ADD(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)={0x14, 0x9, 0x6, 0x201}, 0x14}, 0x1, 0x0, 0x0, 0x10040057}, 0x240008c4) syz_read_part_table(0x59d, &(0x7f0000000000)="$eJzs0r1Lu1cUB/CbgKSFSkQEBzsIBpdGhTjokAxWYprFiFiR0llw0EFwcJCU6OzLP6D4BuIidnYUI4hCnCSjOBcUl0wprU+hrV3aYkp/fD5LuPece08u3yfwvxYPPzWbzVgIoZn4+6e/Pc1PFHunxqZnQoiF70MI+S+/+LUSizp+u/U8WpeidTGRqe3fjL+cdtz23VdTh/GofhEP4YcQwuLjUfLfvo1P31nuKrm+sVzYXM0tPBTWnobnB/I9W/mlnZGDbHm2OzsXfVgX8dbMT9VGj++apefd9sG2aq2RuY760rGPmc9/68/573VV6pXGZP/JylC6s35Z3o5yf5U/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwwc5yV8n1jeXC5mpu4aGw9jQ8P5Dv2cov7YwcZMuz3dm5+FvfRbw181O10eO7Zul5t32wrVprZK6jvnTs3dGvf/yYv0QLfRX+mP9eV6VeaUz2n6wMpTvrl+XtKPfX9/kDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPyl/ESxd2pseiaEWPgshPDN/Xd9v+w3E2/1WNR3Hv2Wov1iIlPbvxl/Oe247buvpg6nEiEkfnfv4uNR8vNWPoR/5OcAAAD//8gGhpo=") close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 55.355972326s ago: executing program 1 (id=3442): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000100)={r0, &(0x7f0000000080), &(0x7f0000000280)=@udp}, 0x20) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x2008002, &(0x7f0000000080), 0x1, 0x55c, &(0x7f00000006c0)="$eJzs3c1vG2kZAPBnJh92u91mC3uAFdCCFgqqajfubrXay7YXEFqthFhxQBy6IXGjqHZdamfZhEpk/4ZFAokT/AkckDgg7YkDN45IHBDSckAqEIEaJJCMZux8NHGIiR17E/9+0mQ+Xs88z9tkPK/fcecNYGJdiYiNiJiNiHciYq67PelOcbszZa97uvl4cWvz8WIS7fbbf0vy8mxbvkNh95jPdY9ZjIhvfi3iu8nBuM219fsLtVr1UXe93Ko/LDfX1q+v1BeWq8vVB5XKrflbN167+WplaHW9XP/Fk6+uvPmtX//qsx/9buMrP8jSutAt26nHkHWqPrMTJzMdEW+eRLAxmOrOZ8ecB8eTRsQnIuIL+fk/F1P5XycAcJa123PRntu7DgCcdWneB5akpYhI024joNTpw3sxzqe1RrN17V5j9cFSp6/shZhJ763UqjcuFf7wvfzFM0m2Pp+X5eX5emXf+s2IuBQRPyqcy9dLi43a0niaPAAw8Z7be/2PiH8W0rRU6mvXHnf1AIBTo3jsPX1ZAABOq+Nf/wGA02rf9f/cuPIAAEanj8//3Zv9GyeeCwAwGv9f///FE8sDABgd9/8BYPK4/gPARPnGW29lU3ur+/zrpXfXVu833r2+VG3eL9VXF0uLjUcPS8uNxnL+zJ76UcerNRoP51+J1ffKrWqzVW6urd+tN1YftO7mz/W+W50ZSa0AgP/l0uUPf59ExMbr5/Ip9ozl4FoNZ1s67gSAsZkaZGcNBDjVPMALJldfl/C8kfDbE88FGI+eD/Mu9lx81k86sw/6CeJ7RvCxcvXT/ff/G+MZzhb9/zC5jtf//8bQ8wBGT/8/TK52O9k/5v/sThEAcCYN8BW+9g+H1QgBxuqowbyPuv8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAk+jC7exnkpbyscDT7GdaKkU8HxEvxExyb6VWvRERF+NyRMwUsvX5cScNAAwo/UvSHf/r6tzLF/aXzib/KuTziPj+T9/+8XsLrdaj+Wz733e2F7aHD6vs7jfAuIIAwJDl1+9Kd77ng/zTzceL29Mo83lyJ/7THYp4cWvzcT51SqYj2xhRzNsS5/+RxHR3n2JEvBQRU0OIv/F+RHyqV/2TuJD3gXRGPt0bP7qxnx9p/PSZ+Gle1plnja9PDiEXmDQf3omI273OvzSu5PPe538xf4ca3JM7nYNtv/dt7Yk/3Y001SN+ds5f6TfGK7/5+oGN7blO2fsRL033ip/sxE8Oif9yn/H/+JnPffDGIWXtn0Vcjd7x98Yqt+oPy8219esr9YXl6nL1QaVya/7Wjdduvlop533U5e2e6oP++vq1i4flltX//CHxiz3rP7uz7xf7rP/P//3Odz6/u1rYH//L21v2/f5f7Bm/I7smfqnP+Avnf3no8N1Z/KVD6n/U7/9an/E/+vP6Up8vBQBGoLm2fn+hVqs+Gmgh+xQ6jOMcWMhS7O/F283FwYL+KU6iFsdcmDmpf9VjLxT7zGd6p6043DS+nR2xR1Ha5x/JcRbSoddioIWno4o1vvckYDR2T/pxZwIAAAAAAAAAAAAAABxmFP91adx1BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Oz6bwAAAP//yxbH0Q==") syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000140)='./file2\x00', 0x404, &(0x7f0000000080)={[{@nogrpid}, {@noinit_itable}, {@jqfmt_vfsold}, {@debug}, {@nodiscard}, {@quota}]}, 0x1, 0x43d, &(0x7f0000000700)="$eJzs28tvG0UYAPBv7SQlfZBQlUfTAoGCiHgkTVpKD1xAIHEACQkO5RiStAp1G9QEiVYRBITKEVXijjgi8RdwggsCTkhc4Y4qVSiXFk5Ga+8mtmOneThxW/9+0iYzu+PMfN4de2YnG0DXGk5/JBH7I+LPiBioZusLDFd/3VpenPp3eXEqiXL5nX+SSrmby4tTedH8dfvyTE9E4YskjjSpd/7ylfOTpdLMpSw/tnDhw7H5y1demL0weW7m3MzFidOnT54Yf+nUxIttiTON6+bQJ3NHD7/x3rW3ps5ce//X75M8/oY42mR4vYNPl8ttrq6zDtSkk54ONoRNKVa7afRW+v9AFGP15A3E65/n6b5ONRDYMeVyufxQ68NLZeAelkSnWwB0Rv5Fn85/822Xhh53hBuvVCdAady3sq16pCcKWZnehvltOw1HxJml/75Jt9iZ+xAAAHV+TMc/zzcb/xWi9r7Q/dkaymBEPBARByPiVEQciogHIyplH46IRzZZf+MiydrxT+H6lgLboHT893K2tlU//stHfzFYzHIHKvH3JmdnSzPHs/dkJHr3pPnxder46bU/vmp1rHb8l25p/flYMGvH9Z499a+ZnlyY3E7MtW58FjHU0yz+ZGUlIImIwxExtMU6Zp/97mirY7ePfx1tWGcqfxvxTPX8L0VD/LlktaZm65Nj90Vp5vhYflWs9dvvV99uVf+24m+D9PzvbXr9r8Q/mNSu185vvo6rf33Zck6z1eu/L3m3bt/HkwsLl8Yj+pI3q42u3T/RUG5itXwa/8ix5v3/YKy+E0ciIr2IH42IxyLi8aztT0TEkxFxbJ34f3n1qQ+2Hv/OSuOf3tT5X030ReOe5oni+Z9/qKt0cDPxp+f/ZCU1ku3ZyOffRtq1tasZAAAA7j6FiNgfSWF0JV0ojI5W/4f/UOwtlObmF547O/fRxenqMwKD0VvI73QN1NwPHc+m9Xl+oiF/Irtv/HWxv5IfnZorTXc6eOhy+1r0/9TfxU63DthxnteC7qX/Q/fS/6F76f/QvZr0//5OtAPYfc2+/z/tQDuA3dfQ/y37QRcx/4fupf9D99L/oSvN98ftH5KXkFiTiMId0Yx7J5EkEdv/O0m0qT2d/mQCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABoj/8DAAD//7Pm4aw=") r2 = creat(&(0x7f0000000040)='./bus\x00', 0x4) io_setup(0x202, &(0x7f0000000200)=0x0) io_submit(r3, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0x0, 0x13, 0x1, 0x0, r2, &(0x7f0000000000), 0x4000, 0x2000}]) write$bt_hci(0xffffffffffffffff, &(0x7f0000000080)=ANY=[@ANYBLOB="01"], 0x2b) execveat(0xffffffffffffffff, &(0x7f0000000300)='./file2\x00', 0x0, 0x0, 0x100) ioctl$EXT4_IOC_CLEAR_ES_CACHE(0xffffffffffffffff, 0x6628) sendto$inet_nvme_icreq_pdu(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) r4 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000ac0), 0x2, 0x0) ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0x40305828, &(0x7f0000000240)={0x17c04, 0xffffffffffffffff, 0x100, 0x100000002, 0xfffffffffffffffe}) write$RDMA_USER_CM_CMD_MIGRATE_ID(r4, &(0x7f00000002c0)={0x12, 0x10, 0xfa00, {0x0}}, 0x18) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f00000007c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r5 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r5, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000400)=ANY=[@ANYBLOB="020300030f0000002cbd7040fcdbdf2503000900800000001cdc0dca1d9f68846960e56de42944af030006000000000002004e22ac1414bb000000000000000002000100000000000000070c00000080030005000000000002004e22ac14140a00000000000000000200130002"], 0x78}, 0x1, 0x7}, 0x0) r6 = syz_open_dev$tty20(0xc, 0x4, 0x0) bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000040)={0x0, 0x0, 0x0, &(0x7f00000005c0)="a8b6c52283ed61f385165c71b6a989e2e4ea3278ab21410d4f48bc13f1a3cf24e47763c75c99cd4bdb10ff405626324a69b449918c5845c3d838ffd49aab54fff2be22f6fd8ecd47c6f0997e4eeb0c513d1a2350ae79e7ac39fe2b984500fdf82004bdb0f383e68cbbde766654083fa3f7be1090ed82d54d634072a941176154ad364958b134ed8736c0ad42c06a429f136a00670dfddc4c91b6e8ad6f8b2748738d9e31196b393e36feea739531da0bf1d01351f7237c009683c8be599c90d015e50d2d6ecab42c85eb4bd4b9dfd08e4363d2e1f6d9adc3117aac8ec79c40eed00bad4e8939548e0dafa94b91fd5e69a1b70fe452362dae58d10beabce80413a9c1508bf6029b452f19e1853670b904e20ca1d40788f33689ab0e84d795a76fbc1301c5faf0ae69916eeeb50622b3272055753e6b7190cc8639038430da638e30716fde14e3ee11a29d6fac40935e5da43d7a3ead6e7729129b82c20b5ecc0e1874300e2b154530aa613b0f85a63ae5ed83a43f8f488a3b0bffb3a7bc3fc413c8997cd1cf82dee49ddfbab53b8204e2fa94a941f70d1b66950ea868b22c7d625baff44c108ac97fa3e3fdba8bcbee580f9c2f40379cdb6701ca16f23bcb5269ce8dcb6afbc3e7dbe68c800d9242eb6deb29d3f0e4dcbff2b15b90acabcd7d916a8314fe3ed4617b642044194548bc75948f89895017972401a902884cf9c32007ca10502d4397f6d4e56898cb7c6b2c54ff0c1e9818fe76d56dccf9ccb53bcf29bc90ecb890e99887c6051d78d385dca478230a975d7b0021dadde87cd636d81efe9427c9026507b4506f3c6465b1a9f390d6f2f49c70f270ca3e9ac4045006146a60fe2c0e62fd406f0d396b9440b1f84becdc306d23947966742db355cb1e5c514b00d85d94664c0b4009cdee8a2dc8122a092a1545b61c9db354609081f7a01c8ba6d0c454e2572f8cf654bf7ebb7d7effa2c5f736037dcf7b42bb88c40e5dcc4d23c31d29974677306afb7a6e4a28df1eb8ecd1104b1c5836c125f49699a335818524d264f6b25f9e5016ed6d91fc6beb21fc1a20f3314dcdb4a46d912f0232c1a3f58956ce23ec1d98ba2704b4f01b1b0773aa432e7a9ca3c2345b4d8111612d7ae84d448361204286d99c437f32fb9d86c56553fb123355cdbab8c256e851c6ad44ecec88afca256ee6db40d88f2de2e75df6b1bed9c03a2b2469785a6b431ccdf48fe1a00c5150740b7d083213b63e68871f45eba84ff3e5ce1304fdc4fa10e7ccdfd6b503681c7b4f667cec73d18fb771692a1aa04f8f70e3317dbb9e38f13eec1927e8538c4af3e8bfee26351b5a", 0xd1f, 0xffffffffffffffff, 0x4}, 0x38) write$binfmt_misc(r6, &(0x7f0000000240), 0xfffffecc) ioctl$TIOCSTI(r6, 0x5412, &(0x7f0000000280)=0x15) 54.287558662s ago: executing program 1 (id=3444): r0 = socket(0x28, 0xa, 0x2) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @empty, 0x4000002}, 0x1c) syz_open_dev$MSR(&(0x7f0000000200), 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) ioctl$F2FS_IOC_ABORT_ATOMIC_WRITE(r1, 0xf505, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$inet6_mptcp(0xa, 0x1, 0x106) syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x41, &(0x7f0000000080), 0x67, 0x52e, &(0x7f0000000480)="$eJzs3U9vI2cZAPBnHHvZ7GabFDhAJUqhRdkVrJ00tI04lCIhOFUCyr2ExImiOHEUO+0mqtis+ABICAESJ7hwQeIDIKFKXDgipEpwBgECIdjCgQN00NjjNJv4X7tOnE1+P2ky78y8M8/zOprxvJ7RTACX1lMR8VJEvJOm6a2ImM7nF/IhDtpDVu/t+28sZ0MSafrKP5JI8nmdbSX5+Hq+2tWI+NqXI76ZnIzb2NvfWKrVqjv5dKW5uV1p7O3fXt9cWquuVbcWFuafX3xh8bnFuZG080ZEvPjFv3z/Oz/90ou//Mzrf3z1bze/laU1lS8/2o73qNhvYbvppdZncXSFnfcZ7DwqtlqYm+xWY+LEnHunnBMAAN1l5/gfjIhPRsStmI6J/qezAAAAwCMo/fxU/DeJSLu70mM+AAAA8AgptO6BTQrl/F6AqSgUyuX2PbwfjmuFWr3R/PRqfXdrpX2v7EyUCqvrtepcfq/wTJSSbHq+VX53+tlj0wsR8XhEfG96sjVdXq7XVsb94wcAAABcEteP9f//Pd3u/3fcHWdyAAAAwOjMjDsBAAAA4NQN2/+/dsp5AAAAAKfH9X8AAAC40L7y8svZkHbef73y2t7uRv212yvVxkZ5c3e5vFzf2S6v1etrrWf2bQ7aXq1e3/5sbO3eqTSrjWalsXc1Nuu7W81X1x94BTYAAABwhh7/+Ju/TyLi4HOTrSFzZbhVh6wGnFfFw1KSj7vs1n94rD3+8xklBZyJiXEnAIxNcdwJAGNTGncCwNglA5b3vHnnN/n4E6PNBwAAGL3Zj/a+/l/ou+ZB/8XAuWcnhsvL9X+4vFrX/4e9k7fgbeBwkZQGnQH07SA4HsBF8NDX/wdK0/eUEAAAMHJTrSEplIud6UKhXI640XotQClZXa9V5yLisYj43XTpA9n0fKtmMrDPAAAAAAAAAAAAAAAAAAAAAAAAAAC0pWkSKQAAAHChRRT+mvyq/Sz/2elnpo7/PnAl+c905K8Iff1Hr/zgzlKzuTOfzf/n4fzmD/P5z47jFwwAAAC4FAa8wP9BnX56px8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKP09v03ljvDWcb9+xciYqZb/GJcbY2vRikirv0rieKR9ZKImBhB/Mnsz0e6xU+ytA5Ddos/OYL4B/f6xo+D/FPoFv/6COLDZfZmdvx5qdv+V4inWuPu+18x4oHp96v38S8Oj38TPfb/G0PGeOKtn1d6xr8X8UTxRPy7WYRO/KRH/KeHjP+Nr+/v91qW/jhituv3T9Kpkh0ho9Lc3K409vZvr28urVXXqlsLC/PPL76w+NziXGV1vVbN/3aN8d2P/eKdfu2/1iP+zID2P3Nia1e6xvjfW3fuf6hdLHWLf/PpLvF//ZO8xsn4hfy771N5OVs+2ykftMtHPfmz3z7Zr/0rPdo/6P9/s9dGj7n11W//aciqAMAZaOztbyzVatWdC1vIeulDVs7Ozs5FzgpDFCYefjt3R5pYmqZptk89xHaSGPenelgY95EJAAAYtXdP+sedCQAAAAAAAAAAAAAAAAAAAFxeZ/E4seMxDw5LySgeoQ0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBL/DwAA//9t9tlI") r3 = fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0) r4 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f0000000100), 0x1, 0x0) write$binfmt_register(r4, &(0x7f0000000440)={0x3a, 'syz2', 0x3a, 'M', 0x3a, 0x0, 0x3a, 'usrjquota=', 0x3a, '', 0x3a, './file2', 0x3a, [0x46]}, 0x32) fsconfig$FSCONFIG_CMD_RECONFIGURE(r3, 0x7, 0x0, 0x0, 0x0) prctl$PR_SET_NAME(0xf, &(0x7f0000000200)='usrjquota=') pselect6(0x40, &(0x7f00000001c0)={0x0, 0x2, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f0000000240)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0) connect$inet6(r2, &(0x7f0000000040)={0xa, 0x3, 0x0, @loopback}, 0x1c) syz_genetlink_get_family_id$mptcp(0x0, 0xffffffffffffffff) connect$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000001580)='kmem_cache_free\x00', r5, 0x0, 0x3}, 0x18) r6 = getpid() r7 = syz_pidfd_open(r6, 0x0) setns(r7, 0x24020000) mount_setattr(0xffffffffffffff9c, &(0x7f0000000180)='.\x00', 0x8000, &(0x7f0000001dc0)={0x8, 0x70, 0x80000}, 0x20) connect$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0xa, 0x4e22, 0x7, @remote, 0x4}, 0x1c) socket(0x10, 0x803, 0x0) socket$unix(0x1, 0x1, 0x0) tkill(0x0, 0x13) 53.326132723s ago: executing program 1 (id=3445): socketpair$unix(0x1, 0x2, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000005000000020000000010"], 0x48) getdents(0xffffffffffffffff, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000001140)='ext2\x00', &(0x7f00000007c0)='./file0\x00', 0x1909a457300a19fb, &(0x7f0000000180)={[{@dioread_lock}, {@noinit_itable}]}, 0x1, 0x79a, &(0x7f0000001180)="$eJzs3c9rXNUeAPDvnSRNm/a95MGD9+oqIGigNDE1tgouKi5EsFDQrbYhmYaaSaZkJqUJAVtEcCOouBB007U/d4IL8cdW/4suxFI1LVZclMid3NtOmpnJJE2T1vl84GbOuWdmzv3Oufeek7mHOwF0rMH0TyHiYES8m0T0Z+tfjYieWqo74vjq824uL02kSxIrKy//lkQSETeWlyby90qyx/1Z5v8R8f1bEYcK6+utLCxOj5dKxbksP1KdOTdSWVg8fHZmfKo4VZw9Ojo2duTYU8eObl+sf/y0eODqey88/vnxv9783xfv/JDE8TiQldXHsYGL7dY3GIPZZ9KTfoRrPN/umzwkkt3eALYkPTS7Vo/yOBj90VVLAQD/ZG9ExAoA0GES/T8AdJj8e4Aby0sT+bK730jsrGvPRcTe1fjz65urJd3ZNbu9teugfTeSNVdGkogY2Ib6ByPi469e+zRdotF1yK+/2YZaANa7eCkiTg8Mrjn/X4naGe7uOQub9USLsj3Z4+Bd6zut/4Hd9G06/nm60fivcHv8Ew3GP70Njt2t2PD437cNlbSQjv+erZvbdrMu/sxAV5b7V23M15OcOVsqpue2f0fEUPT0pvnRFnUMXb91vVlZ/fjv9/df/yStP32884zCL929a18zOV4dv5eY6127FPFId6P4k9vtnzQZ/55ss44Xn3n7o2ZlafxpvPmyPv7IZifdHyuXIx5r2P53ZrQlLecnjtR2h5F8p2jgyysf9jWrv7790yWtP/9fYCek7d/XOv6BpH6+ZmXzdfx4uf+7ZmUbx994/9+TvFJL5+OIC+PV6txoxJ7kpfXrj9x5bZ7Pn5/GP/Ro4+O/1f6f/k94us34u6/++tnW47+/0vgnm7f/vvXtv+lE0mpuaHvtP1ZLDWVr2jn/tbuB9/ThAQAAAAAAAAAAAAAAAAAAAAAAAECbChFxIJLC8O10oTA8vPob3v+NvkKpXKkeOlOen52M2m9lD0RPIb/VZX/d/VBHs/vh5/kjd+WfjIj/RMQHvfuS/D6Kk7scOwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADk9jf5/f/Uz727vXUAwH2zd7c3AADYcfp/AOg8+n8A6Dz6fwDoPPp/AOg8W+3/jRsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABo08kTJ9Jl5c/lpYk0P3l+YX66fP7wZLEyPTwzPzE8UZ47NzxVLk+VisMT5ZmN3q9ULp8bi9n5CyPVYqU6UllYPDVTnp+tnjo7Mz5VPFXs2ZGoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGBzKguL0+OlUnFOYguJlXt4eVdEPBhRbEOiK9udHpTt2dFE0rDo1sqqB2ELt5JoddYo7MzJCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOAh8HcAAAD//2ViJo4=") process_vm_readv(0x0, &(0x7f0000008400), 0x0, 0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) sendmsg$inet(0xffffffffffffffff, 0x0, 0x20000000) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10) r2 = memfd_secret(0x80000) fcntl$setlease(r2, 0x400, 0x0) close(r2) 52.531640968s ago: executing program 1 (id=3453): bpf$BPF_BTF_LOAD(0x12, &(0x7f00000001c0)={&(0x7f0000000340)=ANY=[], &(0x7f0000000100)=""/141, 0x26, 0x8d, 0x1, 0x7}, 0x28) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) r1 = socket$igmp6(0xa, 0x3, 0x2) r2 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r1, 0x8983, &(0x7f0000000300)={0x0, 'syzkaller1\x00', {0x2}}) write$tun(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="06000000bbbbbbbbbbbbaaaaaaaaaabb"], 0x72) 51.570357999s ago: executing program 32 (id=3453): bpf$BPF_BTF_LOAD(0x12, &(0x7f00000001c0)={&(0x7f0000000340)=ANY=[], &(0x7f0000000100)=""/141, 0x26, 0x8d, 0x1, 0x7}, 0x28) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) r1 = socket$igmp6(0xa, 0x3, 0x2) r2 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r1, 0x8983, &(0x7f0000000300)={0x0, 'syzkaller1\x00', {0x2}}) write$tun(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="06000000bbbbbbbbbbbbaaaaaaaaaabb"], 0x72) 6.320512467s ago: executing program 4 (id=3698): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000000)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x18) syz_clone(0x40000000, 0x0, 0x0, 0x0, 0x0, 0x0) 6.087590077s ago: executing program 3 (id=3701): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000100)={0x1b, 0x0, 0x0, 0x200, 0x0, 0xffffffffffffffff, 0x401, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x0, 0x3}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x18, 0x15, &(0x7f0000000280)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x10e, 0x0, 0x0, 0x0, 0x9}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@generic={0xc1, 0x3, 0xb, 0x40}, @tail_call], {{}, {}, {0x85, 0x0, 0x0, 0x109}}}, 0x0, 0x4, 0x0, 0x0, 0x40f00, 0x3, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r2 = bpf$MAP_CREATE(0x0, 0x0, 0x48) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000180)={{0x1, 0x1, 0x18, r2, {r1}}, './file0\x00'}) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, r3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000300)='sched_switch\x00', r4, 0x0, 0x80000001}, 0x18) socket$kcm(0x21, 0x2, 0x2) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r5 = getpid() sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xb2570000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r6, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x2000000}, 0x6e) sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$nl_route(0x10, 0x3, 0x0) unshare(0x62040200) bpf$PROG_LOAD(0x5, 0x0, 0x0) fsopen(0x0, 0x0) syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000240)='./file0\x00', 0x0, &(0x7f0000000ac0)=ANY=[@ANYBLOB="75746638006d61703d6f983c756661703d6e6f726d616c2c6909000000f2ff00003dda5de4d586f0df206d65656b416d6f64653d3078303030303010303071303030303030302c73657373696f6e3d307830faffffff30303030303030f4e4b4f82c6d61736b3d4d4159574b50be30c8486470722677b93165cfe6f62127553b2017754598752d977369672c7063723d303030303030303030303030303030303030332c64566e745f6d6561737572652c00000000000000006bbf4d6406b59dbc529c00000000000000fada265ab14119997600a2299d2c35a2efc1bf037787a0d801f26d335ef2ba9ac2423a358ccbb776b21e1d3b", @ANYRESDEC=0x0, @ANYRESHEX], 0xfe, 0x677, &(0x7f0000000c00)="$eJzs3UtvG9fdx/HfUNT1AYwHbREYhmOd2A0goy5NUrECwV2UHQ6lSUkOMUMV0ipwYykwTDmt7QK1Nqk2vQDtG+gumyz6Igp0nXXfQJcFgnZXoBsWc+NFnBFp3ew234+Q8HDOf+b85+I5GpFzRgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQJZdL5crlppue2fX5LPrvtc6pT5e2rzuxoW7U9uVrPA/LS3pejzp+neG1e+E/7utm/G7m1oKX5Z09H/v/P/DbxcL6fynJHQWet0Fvnh19PRRr7f//Gyt9a2zzHcpJjJRYYa5tpy2G3huq7blGDfwzObGRvn+diMwDbfpBHtB12kZ23cKXc83a/ZdU9ncXDdOac/baW/Va00nnfjh96vl8ob5aDHZ/fc/KgX2tttsuu2tKCasDmMWB0eIU2sZc/Ckt78+LckwqDJLUHVaULVcrVYq1Wpl48Hmgw/L5eLEhPIJmogYHrRvz87HVbqgMzdwfoWw//+bJTW1pLZ2tCuT+WOrLl+eWjn1ibT/f/++c2q7o/1/2stfH1bfUNT/34rf3crr/3NyMTLRDFk1Vs70s/280Csd6akeqaee9vX8Ypa7enEZXu7PllSUXAXy5KqlmrbkyCRTjDa1oQ2V9bG21VAgo4ZcNeUo0J4CdeWoFe0TX45q6sqTL6M12boro4o2tal1GTkqaU+edtTWluqq6V/9fv9AT6Ltvn5KjkqDKrMEFQfH4GRQXv//08/jOV6v/8f/nsGxM0MM8Mb1k+v/fHNZE1cvLyMAAAAAAHDRrOiv71b02f27kvpquE2n/KbTAgAAAAAAFyj65P9m+DIflt6VlXP937/63AAAAAAAwMWwonvsLEkr0Zf6reGdULN8CSDz5gAAAAAAAPB2iT7/v7Ug9aOh1VZlvdb1PwAAAAAA+C/w25Ex9ovpGLv99GP9gqSgs2j9+R+L8uet487ud63DWlhTO0xiJr4B0G3csIqKB+qNxutdkBS9s52bVjI+cDIIphUP7Ct9fTBtrH/LP5HAwlz654uMBK4djSSwUUze6fd6L455L2n38VFBUU3cykrDbTol22s+rKhWu1boOrvdXzx78kvJH6znwZPefumTz3qPo1yOw0nHh2Een4+lU5iWy8tovIXonousNV5WI23yd+3WihW1W07Xf061w8JoQ7Ot/691O465vRK/rhyle0DWr5JCpRTtsuHaR6NDWMMsKifXPGtH5GSxFGVxJ465s3Ynfknzi/fC0vfmpGppch/4o1lUR7OYvi2sf05siylZhMfCepjFX8IF5WSx/npZTOwRAHhTDoa9UDSI+eQY+yf73Yyz3HLymnuWm967/3C8lZd/7Mc3HM5JRfUXk+6ln9+vKDyjr8VhC/Eo7sUbGWf0ctKvLCnnjF4+R+8WtvWn4TOQkqfVJDXFQRb/7vf7DytRu3840at+Ec7wRW67QbM6F27C+y8PfxYNgB/6dP/T/WfV6vpG+YNy+UFV89FqJC/0PQCADNOfsTMesTTszwZ99weDq+rHf38/Lo31u98afKWgpE/0mXp6rHvpIwRWs9tdGfkawr3Jq9YwNvqtYzy2onu5V3VRXzoSWx3EziudZfz3hWHs+mXvBgAArtTtKf3wyf4/69r9XnrdvXYj87p7vC8/+YTgvNjKFW8JAAC+ORz/a2ul+xvL993Ox5XNzUqtu+0Y37N/bHy3vuUYt911fHu71t5yTMf3up7tNU3H16JbdwIT7HQ6nt81Dc83HS9wd6Mnv5vk0e+B06q1u64ddJpOLXCM7bW7Nbtr6m5gm87Oj5pusO340cxBx7HdhmvXuq7XNoG3LNspGRM4zkigW3faXbfhhsW26fhuq+bvmZ94zZ2WY+pOYPtup+vFC0zbctsNz29Fiy2pf9qDDgEA+MZ48ero6aNeb//5KYVjxYX0+2hJ1VcZwQtZC3zDqwgAAE6glwYAAAAAAAAAAAAAAAAAAAAA4O03y/1/pxbSmwLTKfPKCJYGU35+baYlWxpO+fKv58rwDIXCySnJSLv96bN/FReKWTHLYWFBUi/d/KMxx1MTm8uYK6+wOtOaKi4UL34bLktZR8KlFX5wMH4cTsSElZlVi4OtWjz/P4eswrMvc6qmH1GL49tw4bQVHC8UJT1fOMcuuNrzEICr958AAAD//7gMOck=") 3.505982888s ago: executing program 3 (id=3705): r0 = bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x60, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='rss_stat\x00', r1}, 0x10) syz_clone(0x40042700, 0x0, 0x0, 0x0, 0x0, 0x0) 2.489587192s ago: executing program 0 (id=3709): r0 = socket(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)=@newqdisc={0x60, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, r2, {0x0, 0xa}, {0xffff, 0xffff}, {0x0, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x34, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0x4, 0x2, 0x0, 0x0, 0x7, 0x8}, {0x12, 0x3, 0x0, 0x1, 0x8001, 0x2400}, 0xa5, 0x4, 0x10100000}}, @TCA_TBF_BURST={0x8, 0x6, 0x3ff}]}}]}, 0x60}}, 0x44080) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) openat$tun(0xffffff9c, 0x0, 0x101080, 0x0) r5 = socket(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=@newqdisc={0x48, 0x24, 0xd0f, 0x70bd26, 0x0, {0x60, 0x0, 0x0, r4, {}, {0xfff2, 0xa}, {0x6, 0xffff}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x7, 0x800}}]}}]}, 0x48}}, 0x800) r6 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r6, 0x84, 0x9, &(0x7f0000000140)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3f8, 0x0, 0x32}, 0x9c) bind$inet6(r6, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) sendto$inet6(r6, &(0x7f0000847fff)='X', 0xfee4, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) 1.688503977s ago: executing program 4 (id=3714): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001c00)=ANY=[@ANYBLOB="0b00000005000000070000000900000001"], 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) mkdir(&(0x7f0000000400)='./file0\x00', 0x0) pipe2$9p(&(0x7f0000001900)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r3}, 0x18) r4 = dup(r2) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[], [], 0x6b}}) 1.550845003s ago: executing program 0 (id=3717): bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000b80)={&(0x7f0000000780)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xffffffffffffff2b, 0xb, [@enum64={0xb, 0x0, 0x0, 0x13, 0x1, 0x5}]}, {0x0, [0x0, 0x0, 0x5f, 0x61, 0x5f, 0x2e, 0x2e, 0x30, 0x5f]}}, &(0x7f0000003680)=""/4096, 0x2f, 0x1000, 0x1}, 0x28) 1.473632246s ago: executing program 4 (id=3718): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000100)={r0, &(0x7f0000000080), &(0x7f0000000280)=@udp}, 0x20) syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000140)='./file2\x00', 0x404, &(0x7f0000000080)={[{@nogrpid}, {@noinit_itable}, {@jqfmt_vfsold}, {@debug}, {@nodiscard}, {@quota}]}, 0x1, 0x43d, &(0x7f0000000700)="$eJzs28tvG0UYAPBv7SQlfZBQlUfTAoGCiHgkTVpKD1xAIHEACQkO5RiStAp1G9QEiVYRBITKEVXijjgi8RdwggsCTkhc4Y4qVSiXFk5Ga+8mtmOneThxW/9+0iYzu+PMfN4de2YnG0DXGk5/JBH7I+LPiBioZusLDFd/3VpenPp3eXEqiXL5nX+SSrmby4tTedH8dfvyTE9E4YskjjSpd/7ylfOTpdLMpSw/tnDhw7H5y1demL0weW7m3MzFidOnT54Yf+nUxIttiTON6+bQJ3NHD7/x3rW3ps5ce//X75M8/oY42mR4vYNPl8ttrq6zDtSkk54ONoRNKVa7afRW+v9AFGP15A3E65/n6b5ONRDYMeVyufxQ68NLZeAelkSnWwB0Rv5Fn85/822Xhh53hBuvVCdAady3sq16pCcKWZnehvltOw1HxJml/75Jt9iZ+xAAAHV+TMc/zzcb/xWi9r7Q/dkaymBEPBARByPiVEQciogHIyplH46IRzZZf+MiydrxT+H6lgLboHT893K2tlU//stHfzFYzHIHKvH3JmdnSzPHs/dkJHr3pPnxder46bU/vmp1rHb8l25p/flYMGvH9Z499a+ZnlyY3E7MtW58FjHU0yz+ZGUlIImIwxExtMU6Zp/97mirY7ePfx1tWGcqfxvxTPX8L0VD/LlktaZm65Nj90Vp5vhYflWs9dvvV99uVf+24m+D9PzvbXr9r8Q/mNSu185vvo6rf33Zck6z1eu/L3m3bt/HkwsLl8Yj+pI3q42u3T/RUG5itXwa/8ix5v3/YKy+E0ciIr2IH42IxyLi8aztT0TEkxFxbJ34f3n1qQ+2Hv/OSuOf3tT5X030ReOe5oni+Z9/qKt0cDPxp+f/ZCU1ku3ZyOffRtq1tasZAAAA7j6FiNgfSWF0JV0ojI5W/4f/UOwtlObmF547O/fRxenqMwKD0VvI73QN1NwPHc+m9Xl+oiF/Irtv/HWxv5IfnZorTXc6eOhy+1r0/9TfxU63DthxnteC7qX/Q/fS/6F76f/QvZr0//5OtAPYfc2+/z/tQDuA3dfQ/y37QRcx/4fupf9D99L/oSvN98ftH5KXkFiTiMId0Yx7J5EkEdv/O0m0qT2d/mQCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABoj/8DAAD//7Pm4aw=") r1 = creat(&(0x7f0000000040)='./bus\x00', 0x4) io_submit(0x0, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0x0, 0x13, 0x1, 0x0, r1, &(0x7f0000000000), 0x4000, 0x2000}]) r2 = memfd_create(&(0x7f0000000540)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xe4\x034|k\xab/\x14\xa7)t\xc7YE\xe2\xc8\x95HX\xa9\xff\x00\x00\x81p\xf3%Se\xe5\xd8U\xe3<\xf1\xb3\x9eG\xd9,U\xb1\x92o\xabs\xab\xee\x9cml9]*\xe8\xf1\x03\x00\x00\x00\x00\x00\x00\x00\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x04\x00\x00\x00\x00\x00\x00\x00\xbf3S\xef}\xfd\x16\xbc\xa5^\xff\xf5\x95\xd2q/\xc6\xca\x97\x9d?\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec=\x9e\xc3\x04\x00\x00\x00l5\xf3\xbe\" 6\r>\xea\x8dz\xcf6\x99\x91\xear8p\xaaR\xd5\xa6\xab#N>\x9a\xdf\xea\x009\xfbB\xc1\xd0_\xc0\'Z\xeb\xd8\xaf\xf0\'J\xe2\xff\xe5x*;(p\xf7p\xce\xbbm/\x1ex\xf8\x88^\xbaU\xb9\xa6\xab\x8d\a\xa6\"\xd9\x13\t\xe2\rh\x8dsx\xaa!\x19\xdc\xdc\xcf\x0f\x9a\xa2o>\xb9\xfc\x01\fW\xee\xffh\xbd\xb2\xb4z\xeb\x84\x13\x13u\x8f\xe2\\Z\xef\x81\xe1c\xc5\xe6\x00\x00\x009\xcc\xd458\xd6(@\xab\xa9\x00'/322, 0x0) write$bt_hci(r2, &(0x7f0000000080)=ANY=[@ANYBLOB="01"], 0x2b) execveat(r2, &(0x7f0000000300)='./file2\x00', 0x0, 0x0, 0x100) ioctl$EXT4_IOC_CLEAR_ES_CACHE(0xffffffffffffffff, 0x6628) sendto$inet_nvme_icreq_pdu(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000ac0), 0x2, 0x0) ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0x40305828, &(0x7f0000000240)={0x17c04, 0xffffffffffffffff, 0x100, 0x100000002, 0xfffffffffffffffe}) write$RDMA_USER_CM_CMD_MIGRATE_ID(r3, &(0x7f00000002c0)={0x12, 0x10, 0xfa00, {0x0}}, 0x18) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f00000007c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r4 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r4, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000400)=ANY=[@ANYBLOB="020300030f0000002cbd7040fcdbdf2503000900800000001cdc0dca1d9f68846960e56de42944af030006000000000002004e22ac1414bb000000000000000002000100000000000000070c00000080030005000000000002004e22ac14140a00000000000000000200130002"], 0x78}, 0x1, 0x7}, 0x0) r5 = syz_open_dev$tty20(0xc, 0x4, 0x0) bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000040)={0x0, 0x0, 0x0, &(0x7f00000005c0)="a8b6c52283ed61f385165c71b6a989e2e4ea3278ab21410d4f48bc13f1a3cf24e47763c75c99cd4bdb10ff405626324a69b449918c5845c3d838ffd49aab54fff2be22f6fd8ecd47c6f0997e4eeb0c513d1a2350ae79e7ac39fe2b984500fdf82004bdb0f383e68cbbde766654083fa3f7be1090ed82d54d634072a941176154ad364958b134ed8736c0ad42c06a429f136a00670dfddc4c91b6e8ad6f8b2748738d9e31196b393e36feea739531da0bf1d01351f7237c009683c8be599c90d015e50d2d6ecab42c85eb4bd4b9dfd08e4363d2e1f6d9adc3117aac8ec79c40eed00bad4e8939548e0dafa94b91fd5e69a1b70fe452362dae58d10beabce80413a9c1508bf6029b452f19e1853670b904e20ca1d40788f33689ab0e84d795a76fbc1301c5faf0ae69916eeeb50622b3272055753e6b7190cc8639038430da638e30716fde14e3ee11a29d6fac40935e5da43d7a3ead6e7729129b82c20b5ecc0e1874300e2b154530aa613b0f85a63ae5ed83a43f8f488a3b0bffb3a7bc3fc413c8997cd1cf82dee49ddfbab53b8204e2fa94a941f70d1b66950ea868b22c7d625baff44c108ac97fa3e3fdba8bcbee580f9c2f40379cdb6701ca16f23bcb5269ce8dcb6afbc3e7dbe68c800d9242eb6deb29d3f0e4dcbff2b15b90acabcd7d916a8314fe3ed4617b642044194548bc75948f89895017972401a902884cf9c32007ca10502d4397f6d4e56898cb7c6b2c54ff0c1e9818fe76d56dccf9ccb53bcf29bc90ecb890e99887c6051d78d385dca478230a975d7b0021dadde87cd636d81efe9427c9026507b4506f3c6465b1a9f390d6f2f49c70f270ca3e9ac4045006146a60fe2c0e62fd406f0d396b9440b1f84becdc306d23947966742db355cb1e5c514b00d85d94664c0b4009cdee8a2dc8122a092a1545b61c9db354609081f7a01c8ba6d0c454e2572f8cf654bf7ebb7d7effa2c5f736037dcf7b42bb88c40e5dcc4d23c31d29974677306afb7a6e4a28df1eb8ecd1104b1c5836c125f49699a335818524d264f6b25f9e5016ed6d91fc6beb21fc1a20f3314dcdb4a46d912f0232c1a3f58956ce23ec1d98ba2704b4f01b1b0773aa432e7a9ca3c2345b4d8111612d7ae84d448361204286d99c437f32fb9d86c56553fb123355cdbab8c256e851c6ad44ecec88afca256ee6db40d88f2de2e75df6b1bed9c03a2b2469785a6b431ccdf48fe1a00c5150740b7d083213b63e68871f45eba84ff3e5ce1304fdc4fa10e7ccdfd6b503681c7b4f667cec73d18fb771692a1aa04f8f70e3317dbb9e38f13eec1927e8538c4af3e8bfee26351b5a", 0xd1f, 0xffffffffffffffff, 0x4}, 0x38) write$binfmt_misc(r5, &(0x7f0000000240), 0xfffffecc) ioctl$TIOCSTI(r5, 0x5412, &(0x7f0000000280)=0x15) 1.411270019s ago: executing program 0 (id=3720): socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r0, 0x8914, &(0x7f0000000280)={'wg2\x00'}) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000040000000800000005"], 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000240)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000300)='fib_table_lookup\x00', r2}, 0x10) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000040)={'wg2\x00', @multicast}) 1.37704996s ago: executing program 3 (id=3721): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xb, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001d00)=ANY=[@ANYBLOB="0b00000005000000050000000900000001"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='contention_end\x00', r1}, 0x10) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r3 = openat$cgroup_procs(r2, &(0x7f0000000840)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r3, &(0x7f0000000340), 0x12) 1.304069174s ago: executing program 3 (id=3722): bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x8, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000130000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x5, 0x2, 0x7}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000818110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x4a000, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'pim6reg1\x00', 0x2}) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000300)='qdisc_create\x00', r2}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0x1fffffffffffffcd, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000072"], 0x0, 0x2000000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x4, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000300)='qdisc_create\x00', r3}, 0x10) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000000140)={'pim6reg1\x00', @broadcast}) 1.116790222s ago: executing program 2 (id=3724): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0xd, 0x4, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x2020000}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, @fallback=0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002ac0)={0x1a, 0x3, &(0x7f0000000700)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x19, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x2008}, 0x94) 1.093793943s ago: executing program 0 (id=3725): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000500000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000a40)=ANY=[@ANYBLOB="0a00000004000000080000000c"], 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000002ec0)=ANY=[@ANYBLOB="b702000007000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e01f3440cee51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cad32b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337602d3e5a815232f5e16c1b30c3a6abc85018e5ff2c91018afc9ffc2cc788bee1b47683db012469398685211dfbbae3e2ed0a50e7393bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d300006aca54183fb01c73f979ca9857399537f5dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7af22e30d46a9d26d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e48455b5a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977fb536a9caab37d9ac4cfc1c7b400000000000007ffc826b956ba859ac8e3c177b91bd7d5e41ff83ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d000069a16203a967c1bbe09315c29877a308bcc87dc3addb08142bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8240000e3428d2129369ee1b85af9ffffff0d0df414b315f651c8412392191fa83ee830548f11be359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92000000000f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb74d4ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905de328c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a978ee56c83a3466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342e0eaf6f330e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea95ec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf81700cd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be3827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f969369de47422604e2fc5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293b6c833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b612272d40f522d8c98c879aca11033ec14bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbe71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd46dbd61627a2e0a74b5e6aefb7eee403502734137ff47a57f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d65a125e3af1130d66a7b66837ae7e7123dde7404a067ad0a6a2d6bec9411b61cad4121be3c72ff3a04713042253d438e7becf8120de3895b8ce974958bde39cb8da3427a2e9e2de936431e67fed5ab5684db07de39083d8948cc4c8a2608100000000000000000000aecb8b0b7941088f971ce17427eec32a012295cc0cdd32955176b6ad5a4bb953e58ccfa9428f452cfb5a48a9fda26db3985c8be3c2f99827da074825b01c4a3a71fb59d5798100000000000000c76b05a45d2dd8c20d971e2f3e4369168f5cb83d6ff3a18733fec726034fbfa95624135bee374414b2c8c61f52357a520efd6a10aff244bc8a62ed367981fb4d5d77f7bc093958ff46527499957da4934cd4b370cf76f72dd05fa80cdfb68c836fd81be7a58532e041a87f9222f157610a4bcdc05b2a55308c8e7568b90f7a338557e816a16972aea79dff5becefa6f9c5ce6c58fb38da9e7532dc53cfdc2e789b76f7d32aca1bfea2aa62621b78dded30fc07171866bf3d552900000000a32dda61eeda1750e157c2d569b9d08f583c0ee28daec2e8bb85f3c8e91c4448096ee953def18dc73e55cb30f9cd069d8780b00eaba382f0c3ae391c30a5f1b0f36dd0c2193b791995d2890327a10d7abac76d1202f72e97f0105184d7aaaab8d3e29c9a8d263f076b55cf53c5bb9c0662a3d19a6722d7f83ae4331d3256f90af0857788b380ccc3b266c418e66d1d756d5df6423dd0cea67bc235d3776d22270fc19301ead09f156893e9"], &(0x7f0000000340)='syzkaller\x00'}, 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001300)={&(0x7f0000000c00)='net_dev_start_xmit\x00', r2}, 0x10) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r1, 0x18000000000002a0, 0xe2c, 0x60000000, &(0x7f0000000100)="b9ff03316844268cb89e14f0080047e0ffff00124000632f77fbac14fe16e000030a07080403fe80000020006558845013f2325f1a3901050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0x24, 0x60000000}, 0x2c) 1.061849385s ago: executing program 2 (id=3726): r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2}) ioctl$TUNATTACHFILTER(r0, 0x401054d5, &(0x7f0000000400)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0xffffffff}]}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="190000000400"], 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x0, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB='0'], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x90) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2}) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) 939.529369ms ago: executing program 2 (id=3727): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0a00000004000000040000000a"], 0x50) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x8e7}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x4, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_BIND_MAP(0x23, &(0x7f0000000180)={r3, r0}, 0xc) 938.369359ms ago: executing program 3 (id=3728): bpf$MAP_CREATE(0x600000000000000, &(0x7f0000000300)=ANY=[@ANYBLOB="0f0000000400000004000000020002"], 0x50) 883.703502ms ago: executing program 0 (id=3729): bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000d8d60b007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000005000000000400000d00000001"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000280)={'pim6reg1\x00', 0x2}) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000300)='qdisc_create\x00', r2}, 0x10) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000140)={'pim6reg1\x00', @broadcast}) 825.857744ms ago: executing program 2 (id=3730): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48) bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r0, 0x0, &(0x7f0000001700)=""/44}, 0x20) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000059"], 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='percpu_create_chunk\x00', r1}, 0x18) bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0a00000001010000ff7f0000cc"], 0x48) 805.738385ms ago: executing program 3 (id=3731): syz_clone(0x640c7000, 0x0, 0x0, 0x0, 0x0, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x8, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000130000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48) mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0) r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r2 = openat$cgroup_procs(r1, &(0x7f00000003c0)='cgroup.procs\x00', 0x2, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='contention_end\x00', r3}, 0x10) write$cgroup_pid(r2, &(0x7f00000005c0), 0x12) 591.697414ms ago: executing program 0 (id=3732): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000012c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='rss_stat\x00', r1}, 0x10) syz_clone(0x42000000, 0x0, 0x0, 0x0, 0x0, 0x0) 508.010058ms ago: executing program 4 (id=3733): socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) recvmsg$unix(r0, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x18}, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r3, 0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r5}, 0x18) write$cgroup_subtree(r2, &(0x7f0000000000)=ANY=[], 0xe) 353.149105ms ago: executing program 2 (id=3734): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000300)={'pim6reg1\x00', 0x1}) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000005000000000400000900000001"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000100)={'pim6reg1\x00', @link_local}) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='qdisc_destroy\x00', r3}, 0x10) close(r0) 183.593962ms ago: executing program 4 (id=3735): bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x17, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0xb, 0x8, 0xc, 0xffffbffb, 0x1, 0x1}, 0x50) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r0}, 0x38) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1d, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000810018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000100)='mm_lru_insertion\x00', r1}, 0x10) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0) write$cgroup_type(r2, &(0x7f0000000180), 0x40010) 68.028328ms ago: executing program 4 (id=3736): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="0b00000005000000000400000900000001"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b708000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r0, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffff3, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='timer_start\x00', r1}, 0x10) socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f00000010c0)) 0s ago: executing program 2 (id=3737): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = socket(0x400000000010, 0x3, 0x0) r2 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd27, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0x2}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0x4}}]}, 0x38}}, 0x0) r4 = socket$inet6(0xa, 0x2, 0x0) r5 = socket(0x400000000010, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r5, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000027c0)=@newtfilter={0x24, 0x2c, 0xd27, 0x30bd29, 0x25dfdc00, {0x0, 0x0, 0x0, r6, {0x0, 0x4}, {}, {0x8}}}, 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0) r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) close(r7) socket(0x2, 0x5, 0x0) ioctl$SIOCSIFHWADDR(r7, 0x8914, &(0x7f00000000c0)={'syzkaller0\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}}) r8 = socket$unix(0x1, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmmsg$inet(r4, &(0x7f00000017c0)=[{{&(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10, 0x0, 0x0, &(0x7f00000006c0)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r9, @dev={0xac, 0x14, 0x14, 0x41}, @empty}}}], 0x20}}], 0x27, 0x0) kernel console output (not intermixed with test programs): netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 394.550144][T13164] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 394.570665][T13164] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 394.583230][T13164] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 394.765692][ T1090] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 394.798232][ T1090] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 394.839358][ T60] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 394.852376][ T60] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 394.876991][T13354] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2561'. [ 394.892312][T13354] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2561'. [ 395.291890][T13365] loop3: detected capacity change from 0 to 512 [ 395.351559][T13365] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 395.446341][T13365] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 395.553640][ T51] Bluetooth: hci3: command tx timeout [ 396.929239][T13164] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 397.157604][T13382] Process accounting resumed [ 397.291924][T13399] netlink: 'syz.3.2575': attribute type 4 has an invalid length. [ 397.357593][T13399] netlink: 'syz.3.2575': attribute type 4 has an invalid length. [ 397.376546][T13400] syzkaller0: entered promiscuous mode [ 397.382041][T13400] syzkaller0: entered allmulticast mode [ 397.690380][T13412] can0: slcan on ttyS3. [ 397.704209][T13412] xt_addrtype: both incoming and outgoing interface limitation cannot be selected [ 398.171806][T13417] syz.2.2582: attempt to access beyond end of device [ 398.171806][T13417] md34: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 398.694212][T13403] can0 (unregistered): slcan off ttyS3. [ 399.035244][T13427] netlink: 'syz.2.2587': attribute type 4 has an invalid length. [ 399.069986][T13427] netlink: 'syz.2.2587': attribute type 4 has an invalid length. [ 399.901148][ T27] kauditd_printk_skb: 8 callbacks suppressed [ 399.901163][ T27] audit: type=1326 audit(1763745914.690:33842): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13445 comm="syz.3.2593" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd94698f749 code=0x7ffc0000 [ 399.968480][T13330] Set syz1 is full, maxelem 65536 reached [ 399.991471][T13424] Process accounting resumed [ 399.996204][ T27] audit: type=1326 audit(1763745914.690:33843): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13445 comm="syz.3.2593" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd94698f749 code=0x7ffc0000 [ 400.028956][ T27] audit: type=1326 audit(1763745914.690:33844): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13445 comm="syz.3.2593" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fd94698f749 code=0x7ffc0000 [ 400.103130][ T27] audit: type=1326 audit(1763745914.690:33845): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13445 comm="syz.3.2593" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd94698f749 code=0x7ffc0000 [ 400.173621][ T27] audit: type=1326 audit(1763745914.730:33846): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13445 comm="syz.3.2593" exe="/root/syz-executor" sig=0 arch=c000003e syscall=277 compat=0 ip=0x7fd94698f749 code=0x7ffc0000 [ 400.230168][ T27] audit: type=1326 audit(1763745914.730:33847): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13445 comm="syz.3.2593" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd94698f749 code=0x7ffc0000 [ 400.273849][ T27] audit: type=1326 audit(1763745914.730:33848): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13445 comm="syz.3.2593" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd94698f749 code=0x7ffc0000 [ 400.348837][ T27] audit: type=1326 audit(1763745914.730:33849): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13445 comm="syz.3.2593" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fd94698f749 code=0x7ffc0000 [ 400.449219][ T27] audit: type=1326 audit(1763745915.240:33850): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13445 comm="syz.3.2593" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd94698f749 code=0x7ffc0000 [ 400.479731][ T27] audit: type=1326 audit(1763745915.260:33851): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13445 comm="syz.3.2593" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd94698f749 code=0x7ffc0000 [ 400.624087][ T60] Bluetooth: hci1: Frame reassembly failed (-84) [ 401.291947][T13485] syz.3.2608: attempt to access beyond end of device [ 401.291947][T13485] md34: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 402.366398][T13498] loop3: detected capacity change from 0 to 512 [ 402.377706][T13498] EXT4-fs: Ignoring removed mblk_io_submit option [ 402.385609][T13498] EXT4-fs: Ignoring removed nomblk_io_submit option [ 402.406260][T13498] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 402.416178][T13498] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 402.451080][T13498] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4031: comm syz.3.2615: Allocating blocks 41-42 which overlap fs metadata [ 402.482416][T13498] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4031: comm syz.3.2615: Allocating blocks 41-42 which overlap fs metadata [ 402.522218][T13498] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.2615: Failed to acquire dquot type 1 [ 402.551727][T13498] EXT4-fs error (device loop3): mb_free_blocks:1938: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt. [ 402.576690][T13498] EXT4-fs error (device loop3): ext4_do_update_inode:5244: inode #12: comm syz.3.2615: corrupted inode contents [ 402.597668][T13498] EXT4-fs error (device loop3): ext4_dirty_inode:6120: inode #12: comm syz.3.2615: mark_inode_dirty error [ 402.622189][T13498] EXT4-fs error (device loop3): ext4_do_update_inode:5244: inode #12: comm syz.3.2615: corrupted inode contents [ 402.655207][T13498] EXT4-fs error (device loop3): __ext4_ext_dirty:202: inode #12: comm syz.3.2615: mark_inode_dirty error [ 402.673308][ T51] Bluetooth: hci1: Opcode 0x1003 failed: -110 [ 402.674187][ T5104] Bluetooth: hci1: command 0x1003 tx timeout [ 402.696693][T13498] EXT4-fs error (device loop3): ext4_do_update_inode:5244: inode #12: comm syz.3.2615: corrupted inode contents [ 402.726721][T13498] EXT4-fs error (device loop3) in ext4_orphan_del:301: Corrupt filesystem [ 402.735757][T13498] EXT4-fs error (device loop3): ext4_do_update_inode:5244: inode #12: comm syz.3.2615: corrupted inode contents [ 402.752335][T13498] EXT4-fs error (device loop3): ext4_truncate:4294: inode #12: comm syz.3.2615: mark_inode_dirty error [ 402.777926][T13498] EXT4-fs error (device loop3) in ext4_process_orphan:343: Corrupt filesystem [ 402.832423][T13498] EXT4-fs (loop3): 1 truncate cleaned up [ 402.843087][T13498] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 403.173071][T13498] netlink: 'syz.3.2615': attribute type 30 has an invalid length. [ 403.191605][T13498] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 403.200935][T13498] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 403.209770][T13498] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 403.218563][T13498] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 403.279830][T13498] netdevsim netdevsim3 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 403.288806][T13498] netdevsim netdevsim3 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 403.297725][T13498] netdevsim netdevsim3 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 403.306664][T13498] netdevsim netdevsim3 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 403.448917][T13164] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 403.738414][T13521] loop3: detected capacity change from 0 to 512 [ 403.761069][T13521] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 404.222467][T13521] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 404.804572][T13164] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 405.419310][T13551] syz.0.2630: attempt to access beyond end of device [ 405.419310][T13551] md34: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 406.370202][T13474] Set syz1 is full, maxelem 65536 reached [ 406.389750][T13557] loop1: detected capacity change from 0 to 128 [ 406.950306][T13562] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(10) [ 406.956941][T13562] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 407.084504][ T27] kauditd_printk_skb: 82 callbacks suppressed [ 407.084517][ T27] audit: type=1804 audit(1763745921.880:33930): pid=13567 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.2634" name="/newroot/69/file7/bus" dev="loop1" ino=1048644 res=1 errno=0 [ 407.115325][T13557] pim6reg: entered allmulticast mode [ 407.126289][T13562] vhci_hcd vhci_hcd.0: Device attached [ 407.131892][ T27] audit: type=1800 audit(1763745921.910:33931): pid=13567 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2634" name="bus" dev="loop1" ino=1048644 res=0 errno=0 [ 407.162459][T13560] pim6reg: left allmulticast mode [ 407.353417][ T5822] vhci_hcd: vhci_device speed not set [ 407.375376][T13564] vhci_hcd: connection closed [ 407.381811][ T60] vhci_hcd: stop threads [ 407.413314][ T60] vhci_hcd: release socket [ 407.423683][ T5822] usb 35-1: new full-speed USB device number 2 using vhci_hcd [ 407.429198][ T60] vhci_hcd: disconnect device [ 407.925329][T13592] syz.3.2641: attempt to access beyond end of device [ 407.925329][T13592] md34: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 408.728117][T13596] syzkaller0: entered promiscuous mode [ 408.746216][T13596] syzkaller0: entered allmulticast mode [ 409.408485][T13623] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2651'. [ 409.447812][T13623] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2651'. [ 409.499468][ T27] audit: type=1326 audit(1763745924.290:33932): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13624 comm="syz.0.2652" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3d518f749 code=0x7ffc0000 [ 409.563539][ T27] audit: type=1326 audit(1763745924.290:33933): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13624 comm="syz.0.2652" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3d518f749 code=0x7ffc0000 [ 409.615871][ T27] audit: type=1326 audit(1763745924.300:33934): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13624 comm="syz.0.2652" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff3d518f749 code=0x7ffc0000 [ 409.631467][T13629] xfrm1: entered allmulticast mode [ 409.693251][ T27] audit: type=1326 audit(1763745924.300:33935): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13624 comm="syz.0.2652" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3d518f749 code=0x7ffc0000 [ 409.711857][T13633] syzkaller0: entered promiscuous mode [ 409.737430][T13633] syzkaller0: entered allmulticast mode [ 409.743234][ T27] audit: type=1326 audit(1763745924.300:33936): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13624 comm="syz.0.2652" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3d518f749 code=0x7ffc0000 [ 409.788248][ T27] audit: type=1326 audit(1763745924.300:33937): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13624 comm="syz.0.2652" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7ff3d518f749 code=0x7ffc0000 [ 409.816603][ T27] audit: type=1326 audit(1763745924.300:33938): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13624 comm="syz.0.2652" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3d518f749 code=0x7ffc0000 [ 409.841540][ T27] audit: type=1326 audit(1763745924.300:33939): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13624 comm="syz.0.2652" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7ff3d518f749 code=0x7ffc0000 [ 410.336960][T13651] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2661'. [ 410.364288][T13651] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2661'. [ 410.500194][T13658] syzkaller0: entered promiscuous mode [ 410.511507][T13658] syzkaller0: entered allmulticast mode [ 410.884856][T13671] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in; [ 410.884856][T13671] program syz.3.2667 not setting count and/or reply_len properly [ 411.514461][T13689] loop1: detected capacity change from 0 to 512 [ 411.568854][T13688] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2674'. [ 411.623435][T13689] EXT4-fs (loop1): revision level too high, forcing read-only mode [ 411.633350][T13689] EXT4-fs (loop1): orphan cleanup on readonly fs [ 411.645265][T13689] EXT4-fs error (device loop1): ext4_orphan_get:1399: inode #16: comm +}[@: iget: bad extended attribute block 1661952 [ 411.671515][T13689] EXT4-fs error (device loop1): ext4_orphan_get:1404: comm +}[@: couldn't read orphan inode 16 (err -117) [ 411.706692][T13689] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 412.084829][T13696] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2674'. [ 412.289526][T12547] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 412.513474][ T5822] vhci_hcd: vhci_device speed not set [ 412.591673][T13711] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2680'. [ 412.604674][T13711] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 412.612270][T13711] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 412.624053][T13711] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 412.631477][T13711] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 412.679816][T13715] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2682'. [ 412.693314][T13715] netlink: 108 bytes leftover after parsing attributes in process `syz.0.2682'. [ 412.736592][T13715] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2682'. [ 412.789338][ T27] kauditd_printk_skb: 27 callbacks suppressed [ 412.789353][ T27] audit: type=1326 audit(1763745927.580:33967): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13716 comm="syz.1.2683" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ead38f749 code=0x7ffc0000 [ 412.860134][ T27] audit: type=1326 audit(1763745927.580:33968): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13716 comm="syz.1.2683" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ead38f749 code=0x7ffc0000 [ 412.902657][ T27] audit: type=1326 audit(1763745927.580:33969): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13716 comm="syz.1.2683" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3ead38f749 code=0x7ffc0000 [ 412.962582][ T27] audit: type=1326 audit(1763745927.580:33970): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13716 comm="syz.1.2683" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ead38f749 code=0x7ffc0000 [ 413.001986][ T27] audit: type=1326 audit(1763745927.580:33971): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13716 comm="syz.1.2683" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3ead38f749 code=0x7ffc0000 [ 413.047079][ T27] audit: type=1326 audit(1763745927.620:33972): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13716 comm="syz.1.2683" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ead38f749 code=0x7ffc0000 [ 413.073042][ T27] audit: type=1326 audit(1763745927.620:33973): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13716 comm="syz.1.2683" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ead38f749 code=0x7ffc0000 [ 413.103110][ T27] audit: type=1326 audit(1763745927.630:33974): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13716 comm="syz.1.2683" exe="/root/syz-executor" sig=0 arch=c000003e syscall=28 compat=0 ip=0x7f3ead38f749 code=0x7ffc0000 [ 413.127485][ T27] audit: type=1326 audit(1763745927.630:33975): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13716 comm="syz.1.2683" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f3ead3865e7 code=0x7ffc0000 [ 413.171203][ T27] audit: type=1326 audit(1763745927.630:33976): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13716 comm="syz.1.2683" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f3ead32b829 code=0x7ffc0000 [ 413.829100][T12976] Bluetooth: hci1: sending frame failed (-49) [ 413.838060][ T51] Bluetooth: hci1: Opcode 0x1003 failed: -49 [ 414.732788][T13761] xfrm1: entered allmulticast mode [ 418.446176][ T27] kauditd_printk_skb: 46 callbacks suppressed [ 418.446189][ T27] audit: type=1326 audit(1763745933.240:34023): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13813 comm="syz.2.2724" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa363b8f749 code=0x7ffc0000 [ 418.458095][T13812] loop3: detected capacity change from 0 to 512 [ 418.485889][ T27] audit: type=1326 audit(1763745933.280:34024): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13813 comm="syz.2.2724" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa363b8f749 code=0x7ffc0000 [ 418.516587][T13812] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 418.531930][ T27] audit: type=1326 audit(1763745933.280:34025): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13813 comm="syz.2.2724" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa363b8f749 code=0x7ffc0000 [ 418.558890][ T27] audit: type=1326 audit(1763745933.280:34026): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13813 comm="syz.2.2724" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa363b8f749 code=0x7ffc0000 [ 418.609916][T13812] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 418.641244][ T27] audit: type=1326 audit(1763745933.310:34027): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13813 comm="syz.2.2724" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fa363b8f749 code=0x7ffc0000 [ 418.654605][T13814] xfrm1: entered allmulticast mode [ 418.663962][ T27] audit: type=1326 audit(1763745933.310:34028): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13813 comm="syz.2.2724" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa363b8f749 code=0x7ffc0000 [ 418.691710][ T27] audit: type=1326 audit(1763745933.310:34029): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13813 comm="syz.2.2724" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa363b8f749 code=0x7ffc0000 [ 418.714767][ T27] audit: type=1326 audit(1763745933.310:34030): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13813 comm="syz.2.2724" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fa363b8f749 code=0x7ffc0000 [ 418.737925][ T27] audit: type=1326 audit(1763745933.310:34031): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13813 comm="syz.2.2724" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa363b8f749 code=0x7ffc0000 [ 418.760520][ T27] audit: type=1326 audit(1763745933.310:34032): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13813 comm="syz.2.2724" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa363b8f749 code=0x7ffc0000 [ 419.386760][T13164] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 420.102485][T13840] loop3: detected capacity change from 0 to 764 [ 420.555343][T13853] __nla_validate_parse: 4 callbacks suppressed [ 420.555385][T13853] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2738'. [ 420.589574][T13853] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2738'. [ 421.059017][T13866] syz.2.2743[13866] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 421.059145][T13866] syz.2.2743[13866] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 421.521984][T13881] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2749'. [ 421.543443][T13881] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2749'. [ 422.061536][T13906] syz.1.2756: attempt to access beyond end of device [ 422.061536][T13906] md34: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 422.790326][T13911] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2760'. [ 422.807124][T13911] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2760'. [ 423.075707][T13924] ALSA: seq fatal error: cannot create timer (-22) [ 423.117038][ T42] Bluetooth: hci1: Frame reassembly failed (-84) [ 423.771785][T13939] syz.3.2770: attempt to access beyond end of device [ 423.771785][T13939] md34: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 425.119573][T13961] Cannot find del_set index 29 as target [ 425.153400][ T51] Bluetooth: hci1: Opcode 0x1003 failed: -110 [ 425.156562][T12976] Bluetooth: hci1: command 0x1003 tx timeout [ 425.389062][T13972] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2782'. [ 425.406277][T13972] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2782'. [ 425.516788][ T27] kauditd_printk_skb: 79 callbacks suppressed [ 425.516800][ T27] audit: type=1326 audit(1763745940.310:34112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13975 comm="syz.3.2783" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd94698f749 code=0x7ffc0000 [ 425.611120][T13977] syz.0.2780: attempt to access beyond end of device [ 425.611120][T13977] md34: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 425.676584][ T27] audit: type=1326 audit(1763745940.340:34113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13975 comm="syz.3.2783" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd94698f749 code=0x7ffc0000 [ 425.912931][ T27] audit: type=1326 audit(1763745940.340:34114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13975 comm="syz.3.2783" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fd94698f749 code=0x7ffc0000 [ 426.135094][ T27] audit: type=1326 audit(1763745940.340:34115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13975 comm="syz.3.2783" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd94698f749 code=0x7ffc0000 [ 426.161642][ T27] audit: type=1326 audit(1763745940.350:34116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13975 comm="syz.3.2783" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd94698f749 code=0x7ffc0000 [ 426.192427][ T27] audit: type=1326 audit(1763745940.350:34117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13975 comm="syz.3.2783" exe="/root/syz-executor" sig=0 arch=c000003e syscall=18 compat=0 ip=0x7fd94698f749 code=0x7ffc0000 [ 426.249290][ T27] audit: type=1326 audit(1763745940.360:34118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13975 comm="syz.3.2783" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd94698f749 code=0x7ffc0000 [ 426.271891][ T27] audit: type=1326 audit(1763745940.360:34119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13975 comm="syz.3.2783" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd94698f749 code=0x7ffc0000 [ 426.388866][T13988] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2787'. [ 426.411730][T13992] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 426.419017][T13992] IPv6: NLM_F_CREATE should be set when creating new route [ 426.423402][T13988] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2787'. [ 426.426265][T13992] IPv6: NLM_F_CREATE should be set when creating new route [ 426.612553][T13996] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2791'. [ 426.635113][T13996] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2791'. [ 426.829477][T14003] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 426.934376][T14003] netlink: 'syz.0.2794': attribute type 3 has an invalid length. [ 427.013056][ T27] audit: type=1326 audit(1763745941.800:34120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14006 comm="syz.1.2796" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ead38f749 code=0x7ffc0000 [ 427.071575][ T27] audit: type=1326 audit(1763745941.840:34121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14006 comm="syz.1.2796" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f3ead38f749 code=0x7ffc0000 [ 427.268734][T14013] xt_CT: You must specify a L4 protocol and not use inversions on it [ 428.241668][T14025] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2803'. [ 428.252325][T14025] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2803'. [ 428.353280][T14031] block device autoloading is deprecated and will be removed. [ 428.713903][T14045] (null): rxe_set_mtu: Set mtu to 1024 [ 428.936650][T14049] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2813'. [ 428.946570][T14049] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2813'. [ 429.699379][T14045] infiniband syz1: set active [ 429.723499][T14045] infiniband syz1: added bond0 [ 429.740764][T14045] syz1: rxe_create_cq: returned err = -12 [ 429.748487][T14045] infiniband syz1: Couldn't create ib_mad CQ [ 429.754857][T14045] infiniband syz1: Couldn't open port 1 [ 429.783082][T14045] RDS/IB: syz1: added [ 429.787218][T14045] smc: adding ib device syz1 with port count 1 [ 429.798654][T14045] smc: ib device syz1 port 1 has pnetid [ 429.834985][T14055] netlink: 44 bytes leftover after parsing attributes in process `syz.3.2815'. [ 430.052301][T14066] netdevsim netdevsim3: Direct firmware load for ÿÿÿÿ failed with error -2 [ 430.063030][T14066] netdevsim netdevsim3: Falling back to sysfs fallback for: ÿÿÿÿ [ 430.267295][T14072] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2823'. [ 430.495478][T14079] loop1: detected capacity change from 0 to 1024 [ 430.598137][T14079] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 431.646823][T14092] loop3: detected capacity change from 0 to 256 [ 431.657352][T14092] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 431.672187][T14092] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 431.900817][T14099] __nla_validate_parse: 1 callbacks suppressed [ 431.900832][T14099] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2832'. [ 431.945534][T14099] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2832'. [ 431.965601][ T27] kauditd_printk_skb: 17 callbacks suppressed [ 431.965614][ T27] audit: type=1326 audit(1763745946.760:34139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14101 comm="syz.2.2833" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa363b8f749 code=0x7ffc0000 [ 432.000488][ T27] audit: type=1326 audit(1763745946.790:34140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14101 comm="syz.2.2833" exe="/root/syz-executor" sig=0 arch=c000003e syscall=35 compat=0 ip=0x7fa363b8f749 code=0x7ffc0000 [ 432.029428][ T27] audit: type=1326 audit(1763745946.820:34141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14101 comm="syz.2.2833" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa363b8f749 code=0x7ffc0000 [ 432.029472][ T27] audit: type=1326 audit(1763745946.820:34142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14101 comm="syz.2.2833" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa363b8f749 code=0x7ffc0000 [ 432.148845][T12547] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 432.464702][T14121] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2842'. [ 432.479180][T14119] loop1: detected capacity change from 0 to 1024 [ 432.491355][T14121] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2842'. [ 432.510482][T14119] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 432.566399][ T27] audit: type=1800 audit(1763745947.350:34143): pid=14119 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2841" name="bus" dev="loop1" ino=18 res=0 errno=0 [ 432.603846][ T27] audit: type=1804 audit(1763745947.390:34144): pid=14119 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.2841" name="/newroot/115/bus/bus" dev="loop1" ino=18 res=1 errno=0 [ 432.697616][ T27] audit: type=1326 audit(1763745947.490:34145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14124 comm="syz.0.2843" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3d518f749 code=0x7ffc0000 [ 432.735676][ T27] audit: type=1326 audit(1763745947.490:34146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14124 comm="syz.0.2843" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3d518f749 code=0x7ffc0000 [ 432.785069][ T27] audit: type=1326 audit(1763745947.530:34147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14124 comm="syz.0.2843" exe="/root/syz-executor" sig=0 arch=c000003e syscall=289 compat=0 ip=0x7ff3d518f749 code=0x7ffc0000 [ 432.851587][ T27] audit: type=1326 audit(1763745947.530:34148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14124 comm="syz.0.2843" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3d518f749 code=0x7ffc0000 [ 433.322246][T12547] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 437.599475][ T27] kauditd_printk_skb: 72 callbacks suppressed [ 437.599490][ T27] audit: type=1326 audit(1763745952.390:34221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14189 comm="syz.2.2867" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa363b8f749 code=0x7ffc0000 [ 437.673192][ T27] audit: type=1326 audit(1763745952.390:34222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14189 comm="syz.2.2867" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa363b8f749 code=0x7ffc0000 [ 437.723445][ T27] audit: type=1326 audit(1763745952.390:34223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14189 comm="syz.2.2867" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa363b8f749 code=0x7ffc0000 [ 437.749661][T14194] loop1: detected capacity change from 0 to 8192 [ 437.766826][ T27] audit: type=1326 audit(1763745952.400:34224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14189 comm="syz.2.2867" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa363b8f749 code=0x7ffc0000 [ 437.789632][ T27] audit: type=1326 audit(1763745952.400:34225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14189 comm="syz.2.2867" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa363b8f749 code=0x7ffc0000 [ 437.824598][ T27] audit: type=1326 audit(1763745952.400:34226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14189 comm="syz.2.2867" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa363b8f749 code=0x7ffc0000 [ 437.848138][ T27] audit: type=1326 audit(1763745952.400:34227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14189 comm="syz.2.2867" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa363b8f749 code=0x7ffc0000 [ 437.878567][ T27] audit: type=1326 audit(1763745952.410:34228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14189 comm="syz.2.2867" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fa363b8f749 code=0x7ffc0000 [ 437.904844][ T27] audit: type=1326 audit(1763745952.410:34229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14189 comm="syz.2.2867" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa363b8f749 code=0x7ffc0000 [ 437.931686][ T27] audit: type=1326 audit(1763745952.410:34230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14189 comm="syz.2.2867" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa363b8f749 code=0x7ffc0000 [ 438.249969][T14211] netlink: 'syz.3.2874': attribute type 4 has an invalid length. [ 438.359252][T14229] sch_tbf: burst 1023 is lower than device lo mtu (11337746) ! [ 439.059189][T14231] loop1: detected capacity change from 0 to 164 [ 439.090230][T14231] Unable to read rock-ridge attributes [ 439.143473][T14211] (null): rxe_set_mtu: Set mtu to 1024 [ 439.348487][T14211] infiniband syz0: set active [ 439.366048][T14211] infiniband syz0: added bond_slave_0 [ 439.407179][T14211] RDS/IB: syz0: added [ 439.411313][T14211] smc: adding ib device syz0 with port count 1 [ 439.421502][T14211] smc: ib device syz0 port 1 has pnetid [ 440.121212][ T1281] ieee802154 phy0 wpan0: encryption failed: -22 [ 440.127672][ T1281] ieee802154 phy1 wpan1: encryption failed: -22 [ 444.442268][T14244] Set syz1 is full, maxelem 65536 reached [ 446.486733][ T27] kauditd_printk_skb: 270 callbacks suppressed [ 446.486747][ T27] audit: type=1326 audit(1763745961.280:34501): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14281 comm="syz.0.2894" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3d518f749 code=0x7ffc0000 [ 446.560524][ T27] audit: type=1326 audit(1763745961.310:34502): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14281 comm="syz.0.2894" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3d518f749 code=0x7ffc0000 [ 446.620403][ T27] audit: type=1326 audit(1763745961.310:34503): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14281 comm="syz.0.2894" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff3d518f749 code=0x7ffc0000 [ 446.648407][ T27] audit: type=1326 audit(1763745961.310:34504): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14281 comm="syz.0.2894" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3d518f749 code=0x7ffc0000 [ 446.711097][ T27] audit: type=1326 audit(1763745961.310:34505): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14281 comm="syz.0.2894" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3d518f749 code=0x7ffc0000 [ 446.737961][ T27] audit: type=1326 audit(1763745961.310:34506): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14281 comm="syz.0.2894" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7ff3d518f749 code=0x7ffc0000 [ 446.761111][ T27] audit: type=1326 audit(1763745961.310:34507): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14281 comm="syz.0.2894" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3d518f749 code=0x7ffc0000 [ 446.811313][ T27] audit: type=1326 audit(1763745961.310:34508): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14281 comm="syz.0.2894" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7ff3d518f749 code=0x7ffc0000 [ 446.870471][ T27] audit: type=1326 audit(1763745961.310:34509): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14281 comm="syz.0.2894" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3d518f749 code=0x7ffc0000 [ 446.898543][ T27] audit: type=1326 audit(1763745961.310:34510): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14281 comm="syz.0.2894" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff3d518f749 code=0x7ffc0000 [ 448.444351][T14304] netlink: 'syz.0.2902': attribute type 21 has an invalid length. [ 448.452259][T14304] netlink: 156 bytes leftover after parsing attributes in process `syz.0.2902'. [ 448.461596][T14304] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2902'. [ 448.646911][T14309] loop3: detected capacity change from 0 to 2048 [ 448.709162][T14309] Alternate GPT is invalid, using primary GPT. [ 448.715692][T14309] loop3: p2 p3 p7 [ 449.464671][T14272] Set syz1 is full, maxelem 65536 reached [ 453.383692][ T27] kauditd_printk_skb: 53 callbacks suppressed [ 453.383706][ T27] audit: type=1326 audit(1763745968.170:34564): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14356 comm="syz.2.2921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa363b8f749 code=0x7ffc0000 [ 453.437447][ T27] audit: type=1326 audit(1763745968.180:34565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14356 comm="syz.2.2921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa363b8f749 code=0x7ffc0000 [ 453.488217][ T27] audit: type=1326 audit(1763745968.260:34566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14356 comm="syz.2.2921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa363b8f749 code=0x7ffc0000 [ 453.511191][ T27] audit: type=1326 audit(1763745968.260:34567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14356 comm="syz.2.2921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa363b8f749 code=0x7ffc0000 [ 453.538918][ T27] audit: type=1326 audit(1763745968.260:34568): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14356 comm="syz.2.2921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa363b8f749 code=0x7ffc0000 [ 453.586303][ T27] audit: type=1326 audit(1763745968.260:34569): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14356 comm="syz.2.2921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa363b8f749 code=0x7ffc0000 [ 453.656769][ T27] audit: type=1326 audit(1763745968.260:34570): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14356 comm="syz.2.2921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa363b8f749 code=0x7ffc0000 [ 453.685624][ T27] audit: type=1326 audit(1763745968.270:34571): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14356 comm="syz.2.2921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fa363b8f749 code=0x7ffc0000 [ 453.721102][ T27] audit: type=1326 audit(1763745968.270:34572): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14356 comm="syz.2.2921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa363b8f749 code=0x7ffc0000 [ 453.762420][ T27] audit: type=1326 audit(1763745968.270:34573): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14356 comm="syz.2.2921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa363b8f749 code=0x7ffc0000 [ 454.857781][T14305] Set syz1 is full, maxelem 65536 reached [ 455.956827][T14215] Bluetooth: hci1: Frame reassembly failed (-84) [ 457.839925][T14458] loop3: detected capacity change from 0 to 2048 [ 457.921419][T14458] Alternate GPT is invalid, using primary GPT. [ 457.927817][T14458] loop3: p2 p3 p7 [ 458.668141][T14463] loop1: detected capacity change from 0 to 164 [ 458.676265][T13962] Bluetooth: hci1: Opcode 0x1003 failed: -110 [ 458.718178][T14463] Unable to read rock-ridge attributes [ 458.931364][ T27] kauditd_printk_skb: 102 callbacks suppressed [ 458.931379][ T27] audit: type=1326 audit(1763745973.720:34676): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14465 comm="syz.0.2955" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3d518f749 code=0x7ffc0000 [ 458.990655][ T27] audit: type=1326 audit(1763745973.720:34677): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14465 comm="syz.0.2955" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3d518f749 code=0x7ffc0000 [ 459.040263][ T27] audit: type=1326 audit(1763745973.720:34678): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14465 comm="syz.0.2955" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff3d518f749 code=0x7ffc0000 [ 459.082939][ T27] audit: type=1326 audit(1763745973.720:34679): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14465 comm="syz.0.2955" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3d518f749 code=0x7ffc0000 [ 459.140251][ T27] audit: type=1326 audit(1763745973.730:34680): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14465 comm="syz.0.2955" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7ff3d518f749 code=0x7ffc0000 [ 459.177179][ T27] audit: type=1326 audit(1763745973.730:34681): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14465 comm="syz.0.2955" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3d518f749 code=0x7ffc0000 [ 459.206292][ T27] audit: type=1326 audit(1763745973.730:34682): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14465 comm="syz.0.2955" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7ff3d518f749 code=0x7ffc0000 [ 459.207806][T14476] netlink: 'syz.3.2957': attribute type 12 has an invalid length. [ 459.229259][ T27] audit: type=1326 audit(1763745973.730:34683): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14465 comm="syz.0.2955" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3d518f749 code=0x7ffc0000 [ 459.269179][ T27] audit: type=1326 audit(1763745973.730:34684): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14465 comm="syz.0.2955" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff3d518f749 code=0x7ffc0000 [ 459.292033][ T27] audit: type=1326 audit(1763745973.730:34685): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14465 comm="syz.0.2955" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3d518f749 code=0x7ffc0000 [ 459.390194][T14482] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2958'. [ 459.403720][T14482] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2958'. [ 459.552640][T14490] loop3: detected capacity change from 0 to 128 [ 459.825343][ T49] kworker/u4:3: attempt to access beyond end of device [ 459.825343][ T49] loop3: rw=1, sector=145, nr_sectors = 896 limit=128 [ 460.070020][T13962] Bluetooth: hci1: sending frame failed (-49) [ 460.077874][ T5104] Bluetooth: hci1: Opcode 0x1003 failed: -49 [ 460.423472][T14513] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2970'. [ 460.433092][T14513] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2970'. [ 461.362053][T14524] loop3: detected capacity change from 0 to 128 [ 461.529615][ T1090] kworker/u4:7: attempt to access beyond end of device [ 461.529615][ T1090] loop3: rw=1, sector=145, nr_sectors = 768 limit=128 [ 461.636259][T14532] loop3: detected capacity change from 0 to 512 [ 461.647716][T14532] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 461.679552][T14532] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 462.606746][T13164] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 464.189251][ T27] kauditd_printk_skb: 20 callbacks suppressed [ 464.189265][ T27] audit: type=1326 audit(1763745978.980:34706): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14560 comm="syz.3.2986" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd94698f749 code=0x7ffc0000 [ 464.259640][ T27] audit: type=1326 audit(1763745979.010:34707): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14560 comm="syz.3.2986" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd94698f749 code=0x7ffc0000 [ 464.578467][ T27] audit: type=1326 audit(1763745979.360:34708): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14560 comm="syz.3.2986" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd94698f749 code=0x7ffc0000 [ 464.876778][ T27] audit: type=1326 audit(1763745979.400:34709): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14560 comm="syz.3.2986" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd94698f749 code=0x7ffc0000 [ 464.929453][ T27] audit: type=1326 audit(1763745979.480:34710): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14560 comm="syz.3.2986" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fd94698f749 code=0x7ffc0000 [ 464.983317][ T27] audit: type=1326 audit(1763745979.480:34711): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14560 comm="syz.3.2986" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd94698f749 code=0x7ffc0000 [ 465.006972][ T27] audit: type=1326 audit(1763745979.510:34712): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14560 comm="syz.3.2986" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd94698f749 code=0x7ffc0000 [ 465.046348][ T27] audit: type=1326 audit(1763745979.510:34713): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14560 comm="syz.3.2986" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd94698f749 code=0x7ffc0000 [ 465.118557][ T27] audit: type=1326 audit(1763745979.530:34714): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14560 comm="syz.3.2986" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd94698f749 code=0x7ffc0000 [ 465.162230][ T27] audit: type=1326 audit(1763745979.530:34715): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14560 comm="syz.3.2986" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd94698f749 code=0x7ffc0000 [ 465.493466][T14586] loop1: detected capacity change from 0 to 164 [ 465.533321][T14586] Unable to read rock-ridge attributes [ 466.475300][T14600] syz.0.2995: attempt to access beyond end of device [ 466.475300][T14600] md34: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 469.316901][T14635] rdma_op ffff888058fb01f0 conn xmit_rdma 0000000000000000 [ 469.344643][T14631] loop3: detected capacity change from 0 to 2048 [ 469.391668][T14631] Alternate GPT is invalid, using primary GPT. [ 469.398129][T14631] loop3: p2 p3 p7 [ 469.830640][T14642] loop3: detected capacity change from 0 to 512 [ 469.886425][T14642] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 469.896301][T14642] EXT4-fs (loop3): orphan cleanup on readonly fs [ 469.923129][T14642] EXT4-fs error (device loop3): ext4_orphan_get:1399: inode #16: comm +}[@: iget: bad extended attribute block 1661952 [ 469.944214][T14642] EXT4-fs error (device loop3): ext4_orphan_get:1404: comm +}[@: couldn't read orphan inode 16 (err -117) [ 469.957812][T14642] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 469.971819][T14642] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 470.650496][T14663] loop3: detected capacity change from 0 to 512 [ 470.665248][T14663] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 470.719344][T14663] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 470.949252][T14674] loop1: detected capacity change from 0 to 2048 [ 471.018083][T14674] Alternate GPT is invalid, using primary GPT. [ 471.018248][T14674] loop1: p2 p3 p7 [ 471.454438][T14682] rdma_op ffff88805ec351f0 conn xmit_rdma 0000000000000000 [ 471.746529][T13164] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 472.710507][T14697] netlink: 44 bytes leftover after parsing attributes in process `syz.2.3029'. [ 472.723076][T14697] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3029'. [ 472.769305][T14695] loop3: detected capacity change from 0 to 512 [ 472.799639][T14695] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 472.807973][T14695] EXT4-fs (loop3): orphan cleanup on readonly fs [ 472.815618][T14695] EXT4-fs error (device loop3): ext4_orphan_get:1399: inode #16: comm +}[@: iget: bad extended attribute block 1661952 [ 472.828542][T14695] EXT4-fs error (device loop3): ext4_orphan_get:1404: comm +}[@: couldn't read orphan inode 16 (err -117) [ 472.841788][T14695] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 472.855868][T14695] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 472.898916][T14702] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3030'. [ 473.710727][T14708] loop3: detected capacity change from 0 to 512 [ 473.720137][T14708] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 473.751968][T14708] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 474.705456][T13164] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 474.811785][T14666] Set syz1 is full, maxelem 65536 reached [ 474.884888][T14702] IPVS: Error connecting to the multicast addr [ 474.918987][T14701] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98 [ 475.011085][T14717] loop1: detected capacity change from 0 to 128 [ 475.074727][T14721] serio: Serial port ptm0 [ 475.112379][T14726] rdma_op ffff88807daa61f0 conn xmit_rdma 0000000000000000 [ 475.168539][T14215] kworker/u4:11: attempt to access beyond end of device [ 475.168539][T14215] loop1: rw=1, sector=145, nr_sectors = 896 limit=128 [ 476.170441][T14736] loop3: detected capacity change from 0 to 164 [ 476.228518][T14736] Unable to read rock-ridge attributes [ 476.356169][ T27] kauditd_printk_skb: 15 callbacks suppressed [ 476.356183][ T27] audit: type=1326 audit(1763745991.140:34731): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14741 comm="syz.2.3042" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa363b8f749 code=0x7ffc0000 [ 476.414650][ T27] audit: type=1326 audit(1763745991.140:34732): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14741 comm="syz.2.3042" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa363b8f749 code=0x7ffc0000 [ 476.442887][ T27] audit: type=1326 audit(1763745991.180:34733): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14741 comm="syz.2.3042" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa363b8f749 code=0x7ffc0000 [ 476.468153][ T27] audit: type=1326 audit(1763745991.180:34734): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14741 comm="syz.2.3042" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa363b8f749 code=0x7ffc0000 [ 476.491540][ T27] audit: type=1326 audit(1763745991.180:34735): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14741 comm="syz.2.3042" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fa363b8f749 code=0x7ffc0000 [ 476.524592][ T27] audit: type=1326 audit(1763745991.180:34736): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14741 comm="syz.2.3042" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa363b8f749 code=0x7ffc0000 [ 476.547288][ T27] audit: type=1326 audit(1763745991.180:34737): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14741 comm="syz.2.3042" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa363b8f749 code=0x7ffc0000 [ 476.570435][ T27] audit: type=1326 audit(1763745991.190:34738): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14741 comm="syz.2.3042" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fa363b8f749 code=0x7ffc0000 [ 476.602813][ T27] audit: type=1326 audit(1763745991.190:34739): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14741 comm="syz.2.3042" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa363b8f749 code=0x7ffc0000 [ 476.625496][ T27] audit: type=1326 audit(1763745991.190:34740): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14741 comm="syz.2.3042" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa363b8f749 code=0x7ffc0000 [ 477.881829][T14771] loop3: detected capacity change from 0 to 128 [ 477.918298][T14773] serio: Serial port ptm0 [ 477.989365][T14778] syzkaller0: entered promiscuous mode [ 477.998718][T14778] syzkaller0: entered allmulticast mode [ 478.180669][T14787] loop3: detected capacity change from 0 to 512 [ 478.195113][T14787] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 478.236811][T14787] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 479.185720][T13164] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 479.318740][T14809] loop3: detected capacity change from 0 to 128 [ 479.646195][T14813] loop3: detected capacity change from 0 to 2048 [ 479.691814][T14813] Alternate GPT is invalid, using primary GPT. [ 479.707739][T14813] loop3: p2 p3 p7 [ 481.211817][T14826] netlink: 'syz.3.3069': attribute type 12 has an invalid length. [ 481.466229][T14838] loop1: detected capacity change from 0 to 128 [ 481.924138][T14847] loop1: detected capacity change from 0 to 2048 [ 481.981326][T14847] Alternate GPT is invalid, using primary GPT. [ 481.981542][T14847] loop1: p2 p3 p7 [ 482.414188][T14855] netlink: 'syz.1.3080': attribute type 12 has an invalid length. [ 483.090507][T14885] loop1: detected capacity change from 0 to 2048 [ 483.149667][T14885] Alternate GPT is invalid, using primary GPT. [ 483.159116][T14885] loop1: p2 p3 p7 [ 483.159957][T13962] Bluetooth: hci2: command 0x0406 tx timeout [ 483.625546][T14896] loop3: detected capacity change from 0 to 512 [ 483.641010][T14895] netlink: 'syz.1.3092': attribute type 12 has an invalid length. [ 483.652685][T14896] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 483.730069][T14896] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 484.256009][T14927] loop1: detected capacity change from 0 to 128 [ 484.364042][T14927] rdma_op ffff888059b261f0 conn xmit_rdma 0000000000000000 [ 484.704756][T13164] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 484.804491][T14940] netlink: 'syz.2.3104': attribute type 12 has an invalid length. [ 485.574199][T14966] loop3: detected capacity change from 0 to 128 [ 485.609916][T14966] rdma_op ffff888030ac89f0 conn xmit_rdma 0000000000000000 [ 486.035289][T14976] loop3: detected capacity change from 0 to 512 [ 486.044582][T14976] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 487.298826][T14984] loop1: detected capacity change from 0 to 164 [ 487.606424][T14984] Unable to read rock-ridge attributes [ 487.637652][T14976] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 487.912878][T14994] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3116'. [ 487.914100][T14994] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3116'. [ 488.366793][T13164] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 488.452721][T15005] loop3: detected capacity change from 0 to 2048 [ 488.502824][T15005] Alternate GPT is invalid, using primary GPT. [ 488.511551][T15005] loop3: p2 p3 p7 [ 488.962957][T15015] syz.3.3124: attempt to access beyond end of device [ 488.962957][T15015] md34: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 489.969136][T15022] rdma_op ffff88807e1e09f0 conn xmit_rdma 0000000000000000 [ 491.099590][T15033] loop1: detected capacity change from 0 to 512 [ 491.187556][T15033] EXT4-fs (loop1): revision level too high, forcing read-only mode [ 491.196009][T15033] EXT4-fs (loop1): orphan cleanup on readonly fs [ 491.207018][T15033] EXT4-fs error (device loop1): ext4_orphan_get:1399: inode #16: comm +}[@: iget: bad extended attribute block 1661952 [ 491.233571][T15033] EXT4-fs error (device loop1): ext4_orphan_get:1404: comm +}[@: couldn't read orphan inode 16 (err -117) [ 491.254799][T15033] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 491.268957][T15033] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 491.422796][T15037] loop3: detected capacity change from 0 to 512 [ 491.431355][T15037] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 491.511906][T15037] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 492.340691][T13164] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 492.519502][T15060] netlink: 96 bytes leftover after parsing attributes in process `syz.2.3135'. [ 492.661796][T15066] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3136'. [ 492.681813][T15066] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3136'. [ 493.265781][T15075] loop3: detected capacity change from 0 to 512 [ 493.372781][T15075] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 493.381298][T15075] EXT4-fs (loop3): orphan cleanup on readonly fs [ 493.391772][T15075] EXT4-fs error (device loop3): ext4_orphan_get:1399: inode #16: comm syz.3.3139: iget: bad extended attribute block 1661952 [ 493.408107][T15075] EXT4-fs error (device loop3): ext4_orphan_get:1404: comm syz.3.3139: couldn't read orphan inode 16 (err -117) [ 493.425915][T15075] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 493.441574][T15075] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 493.453658][T13962] Bluetooth: hci4: command 0x0406 tx timeout [ 494.194620][T15096] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3146'. [ 494.226602][T15096] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3146'. [ 494.848114][T15103] loop3: detected capacity change from 0 to 164 [ 495.592063][T15103] Unable to read rock-ridge attributes [ 496.060591][T15122] loop1: detected capacity change from 0 to 128 [ 496.308301][T15128] syz.3.3150: attempt to access beyond end of device [ 496.308301][T15128] md34: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 496.944924][ T1137] kworker/u4:9: attempt to access beyond end of device [ 496.944924][ T1137] loop1: rw=1, sector=145, nr_sectors = 136 limit=128 [ 497.122736][T15137] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3156'. [ 497.254467][T15137] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3156'. [ 497.314326][T15142] netlink: 36 bytes leftover after parsing attributes in process `syz.0.3158'. [ 497.518181][T15146] loop1: detected capacity change from 0 to 512 [ 497.552416][T15150] serio: Serial port ptm0 [ 497.627972][T15146] EXT4-fs (loop1): revision level too high, forcing read-only mode [ 497.677603][T15146] EXT4-fs (loop1): orphan cleanup on readonly fs [ 497.787333][T15146] EXT4-fs error (device loop1): ext4_orphan_get:1399: inode #16: comm +}[@: iget: bad extended attribute block 1661952 [ 497.926488][T15146] EXT4-fs error (device loop1): ext4_orphan_get:1404: comm +}[@: couldn't read orphan inode 16 (err -117) [ 498.139147][T15146] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 498.197272][T15146] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 498.859706][T15183] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3167'. [ 498.869522][T15183] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3167'. [ 498.988854][T15189] netlink: 36 bytes leftover after parsing attributes in process `syz.0.3169'. [ 500.216108][T15212] loop1: detected capacity change from 0 to 164 [ 500.259234][T15212] Unable to read rock-ridge attributes [ 500.828525][T15221] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3177'. [ 500.865150][T15221] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3177'. [ 501.368464][T15230] rdma_op ffff88807c39a1f0 conn xmit_rdma 0000000000000000 [ 501.558526][ T1281] ieee802154 phy0 wpan0: encryption failed: -22 [ 501.565058][ T1281] ieee802154 phy1 wpan1: encryption failed: -22 [ 502.316999][T15255] loop3: detected capacity change from 0 to 128 [ 502.375406][T15255] rdma_op ffff88805c3459f0 conn xmit_rdma 0000000000000000 [ 502.425777][T15257] netlink: 'syz.2.3192': attribute type 12 has an invalid length. [ 502.531013][T15259] netlink: 96 bytes leftover after parsing attributes in process `syz.3.3193'. [ 503.633454][T13962] Bluetooth: hci0: command 0x0406 tx timeout [ 503.668539][ T27] kauditd_printk_skb: 65 callbacks suppressed [ 503.668552][ T27] audit: type=1326 audit(1763746018.460:34806): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15281 comm="syz.3.3200" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd94698f749 code=0x7ffc0000 [ 503.735296][ T27] audit: type=1326 audit(1763746018.460:34807): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15281 comm="syz.3.3200" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd94698f749 code=0x7ffc0000 [ 503.762431][ T27] audit: type=1326 audit(1763746018.500:34808): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15281 comm="syz.3.3200" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd94698f749 code=0x7ffc0000 [ 503.813935][ T27] audit: type=1326 audit(1763746018.500:34809): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15281 comm="syz.3.3200" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd94698f749 code=0x7ffc0000 [ 503.844829][ T27] audit: type=1326 audit(1763746018.500:34810): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15281 comm="syz.3.3200" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fd94698f749 code=0x7ffc0000 [ 503.885776][ T27] audit: type=1326 audit(1763746018.500:34811): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15281 comm="syz.3.3200" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd94698f749 code=0x7ffc0000 [ 503.895709][T15288] netlink: 'syz.0.3203': attribute type 12 has an invalid length. [ 503.908949][ T27] audit: type=1326 audit(1763746018.500:34812): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15281 comm="syz.3.3200" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd94698f749 code=0x7ffc0000 [ 503.918170][T15291] loop1: detected capacity change from 0 to 128 [ 503.951979][ T27] audit: type=1326 audit(1763746018.500:34813): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15281 comm="syz.3.3200" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fd94698f749 code=0x7ffc0000 [ 503.976146][ T27] audit: type=1326 audit(1763746018.500:34814): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15281 comm="syz.3.3200" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd94698f749 code=0x7ffc0000 [ 504.017989][T15291] rdma_op ffff888050fe09f0 conn xmit_rdma 0000000000000000 [ 504.041837][ T27] audit: type=1326 audit(1763746018.500:34815): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15281 comm="syz.3.3200" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd94698f749 code=0x7ffc0000 [ 504.368937][T15308] loop1: detected capacity change from 0 to 1024 [ 504.428573][T15308] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 504.896293][T15324] syz.3.3210: attempt to access beyond end of device [ 504.896293][T15324] md34: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 505.933561][T15335] netlink: 'syz.3.3214': attribute type 12 has an invalid length. [ 506.061818][T12547] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 506.387372][T15346] loop1: detected capacity change from 0 to 2048 [ 506.449422][T15346] Alternate GPT is invalid, using primary GPT. [ 506.449569][T15346] loop1: p2 p3 p7 [ 506.686107][T15349] loop1: detected capacity change from 0 to 128 [ 509.919617][T15384] siw: device registration error -23 [ 510.414693][T15383] netdevsim netdevsim0 netdevsim0: entered promiscuous mode [ 510.422035][T15383] netdevsim netdevsim0 netdevsim0: entered allmulticast mode [ 510.498283][T15396] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3236'. [ 510.609641][T15400] loop1: detected capacity change from 0 to 2048 [ 510.649836][T15400] Alternate GPT is invalid, using primary GPT. [ 510.674108][T15400] loop1: p2 p3 p7 [ 510.709111][T15405] loop3: detected capacity change from 0 to 128 [ 510.760244][T15405] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 510.779635][T15405] ext4 filesystem being mounted at /167/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 510.857415][T13164] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 512.178118][T15420] loop3: detected capacity change from 0 to 512 [ 512.191206][T15420] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 512.218135][T15421] loop1: detected capacity change from 0 to 512 [ 512.232734][T15420] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 512.305890][T15421] EXT4-fs (loop1): revision level too high, forcing read-only mode [ 512.361244][T15421] EXT4-fs (loop1): orphan cleanup on readonly fs [ 512.374045][T15421] EXT4-fs error (device loop1): ext4_orphan_get:1399: inode #16: comm +}[@: iget: bad extended attribute block 1661952 [ 512.377240][T15421] EXT4-fs error (device loop1): ext4_orphan_get:1404: comm +}[@: couldn't read orphan inode 16 (err -117) [ 512.392287][T15421] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 512.404086][T15421] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 512.657805][T15434] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3247'. [ 513.083875][T15446] netlink: 88 bytes leftover after parsing attributes in process `syz.0.3250'. [ 513.180665][T13164] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 515.123574][T15462] syz.3.3253: attempt to access beyond end of device [ 515.123574][T15462] md34: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 515.512170][T13962] Bluetooth: hci3: command 0x0406 tx timeout [ 515.898897][T15476] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3260'. [ 515.932384][T15478] loop1: detected capacity change from 0 to 512 [ 515.947687][T15478] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended [ 516.015228][T15478] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 517.364515][T12547] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 518.722916][T15501] netlink: 'syz.1.3268': attribute type 12 has an invalid length. [ 518.822930][T15512] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3271'. [ 518.921817][ T27] kauditd_printk_skb: 20 callbacks suppressed [ 518.921830][ T27] audit: type=1326 audit(1763746033.710:34836): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15516 comm="syz.2.3274" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa363b8f749 code=0x7ffc0000 [ 518.998197][ T27] audit: type=1326 audit(1763746033.710:34837): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15516 comm="syz.2.3274" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa363b8f749 code=0x7ffc0000 [ 519.053286][ T27] audit: type=1326 audit(1763746033.740:34838): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15516 comm="syz.2.3274" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa363b8f749 code=0x7ffc0000 [ 519.086505][ T27] audit: type=1326 audit(1763746033.740:34839): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15516 comm="syz.2.3274" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa363b8f749 code=0x7ffc0000 [ 519.130951][ T27] audit: type=1326 audit(1763746033.750:34840): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15516 comm="syz.2.3274" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fa363b8f749 code=0x7ffc0000 [ 519.158458][ T27] audit: type=1326 audit(1763746033.750:34841): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15516 comm="syz.2.3274" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa363b8f749 code=0x7ffc0000 [ 519.182167][ T27] audit: type=1326 audit(1763746033.750:34842): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15516 comm="syz.2.3274" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fa363b8f749 code=0x7ffc0000 [ 519.205045][ T27] audit: type=1326 audit(1763746033.750:34843): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15516 comm="syz.2.3274" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa363b8f749 code=0x7ffc0000 [ 519.266493][ T27] audit: type=1326 audit(1763746033.750:34844): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15516 comm="syz.2.3274" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa363b8f749 code=0x7ffc0000 [ 519.291259][ T27] audit: type=1326 audit(1763746033.750:34845): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15516 comm="syz.2.3274" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa363b8f749 code=0x7ffc0000 [ 519.447721][T15532] netlink: 'syz.0.3280': attribute type 12 has an invalid length. [ 520.346953][T15565] netlink: 'syz.3.3291': attribute type 12 has an invalid length. [ 521.873839][T13962] Bluetooth: hci1: command 0x1003 tx timeout [ 521.873946][ T5104] Bluetooth: hci1: Opcode 0x1003 failed: -110 [ 522.466487][T15596] netlink: 'syz.0.3302': attribute type 12 has an invalid length. [ 522.886127][T15611] syz.1.3304: attempt to access beyond end of device [ 522.886127][T15611] md34: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 523.660680][T15619] loop3: detected capacity change from 0 to 128 [ 523.686987][T14051] Bluetooth: hci1: Frame reassembly failed (-84) [ 523.799528][T14216] kworker/u4:12: attempt to access beyond end of device [ 523.799528][T14216] loop3: rw=1, sector=145, nr_sectors = 896 limit=128 [ 523.931951][T15626] netlink: 'syz.3.3313': attribute type 12 has an invalid length. [ 525.717555][T13962] Bluetooth: hci1: command 0x1003 tx timeout [ 525.726402][ T5104] Bluetooth: hci1: Opcode 0x1003 failed: -110 [ 525.835473][T15639] netlink: 36 bytes leftover after parsing attributes in process `syz.1.3318'. [ 525.856232][ T27] kauditd_printk_skb: 83 callbacks suppressed [ 525.856245][ T27] audit: type=1326 audit(1763746040.650:34929): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15638 comm="syz.1.3318" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ead38f749 code=0x7ffc0000 [ 525.892511][ T27] audit: type=1326 audit(1763746040.650:34930): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15638 comm="syz.1.3318" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ead38f749 code=0x7ffc0000 [ 525.915160][ T27] audit: type=1326 audit(1763746040.650:34931): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15638 comm="syz.1.3318" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f3ead38f749 code=0x7ffc0000 [ 525.945995][ T27] audit: type=1326 audit(1763746040.650:34932): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15638 comm="syz.1.3318" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ead38f749 code=0x7ffc0000 [ 525.969618][ T27] audit: type=1326 audit(1763746040.650:34933): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15638 comm="syz.1.3318" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ead38f749 code=0x7ffc0000 [ 525.992289][ T27] audit: type=1326 audit(1763746040.650:34934): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15638 comm="syz.1.3318" exe="/root/syz-executor" sig=0 arch=c000003e syscall=451 compat=0 ip=0x7f3ead38f749 code=0x7ffc0000 [ 526.014861][ T27] audit: type=1326 audit(1763746040.650:34935): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15638 comm="syz.1.3318" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ead38f749 code=0x7ffc0000 [ 526.038349][ T27] audit: type=1326 audit(1763746040.650:34936): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15638 comm="syz.1.3318" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ead38f749 code=0x7ffc0000 [ 526.061321][ T27] audit: type=1326 audit(1763746040.650:34937): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15638 comm="syz.1.3318" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3ead38f749 code=0x7ffc0000 [ 526.083997][ T27] audit: type=1326 audit(1763746040.650:34938): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15638 comm="syz.1.3318" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ead38f749 code=0x7ffc0000 [ 526.502455][T15639] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) ! [ 526.957001][T15659] syz.1.3319: attempt to access beyond end of device [ 526.957001][T15659] md34: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 527.704474][T15667] loop3: detected capacity change from 0 to 128 [ 527.902242][ T49] kworker/u4:3: attempt to access beyond end of device [ 527.902242][ T49] loop3: rw=1, sector=145, nr_sectors = 792 limit=128 [ 528.058267][T15681] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3332'. [ 528.069125][T15681] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3332'. [ 528.167175][T15683] loop1: detected capacity change from 0 to 2048 [ 528.228180][T15683] Alternate GPT is invalid, using primary GPT. [ 528.234710][T15683] loop1: p2 p3 p7 [ 529.445246][ T12] Bluetooth: hci1: Frame reassembly failed (-90) [ 529.451858][T15698] Bluetooth: hci1: Frame reassembly failed (-84) [ 529.467698][T15698] Bluetooth: hci1: Frame reassembly failed (-84) [ 530.613721][T15700] loop3: detected capacity change from 0 to 128 [ 530.776783][T14216] kworker/u4:12: attempt to access beyond end of device [ 530.776783][T14216] loop3: rw=1, sector=145, nr_sectors = 768 limit=128 [ 530.939234][T15715] loop3: detected capacity change from 0 to 2048 [ 531.008175][T15715] Alternate GPT is invalid, using primary GPT. [ 531.016291][T15715] loop3: p2 p3 p7 [ 531.474648][T13962] Bluetooth: hci1: command 0x1003 tx timeout [ 531.481369][ T5104] Bluetooth: hci1: Opcode 0x1003 failed: -110 [ 532.265452][ T27] kauditd_printk_skb: 11 callbacks suppressed [ 532.265466][ T27] audit: type=1326 audit(1763746047.050:34950): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15747 comm="syz.2.3357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa363b8f749 code=0x7ffc0000 [ 532.328762][T15750] loop1: detected capacity change from 0 to 2048 [ 532.343749][ T27] audit: type=1326 audit(1763746047.060:34951): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15747 comm="syz.2.3357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa363b8f749 code=0x7ffc0000 [ 532.381878][ T27] audit: type=1326 audit(1763746047.100:34952): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15747 comm="syz.2.3357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa363b8f749 code=0x7ffc0000 [ 532.410360][ T27] audit: type=1326 audit(1763746047.100:34953): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15747 comm="syz.2.3357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa363b8f749 code=0x7ffc0000 [ 532.433866][ T27] audit: type=1326 audit(1763746047.100:34954): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15747 comm="syz.2.3357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa363b8f749 code=0x7ffc0000 [ 532.457584][ T27] audit: type=1326 audit(1763746047.110:34955): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15747 comm="syz.2.3357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa363b8f749 code=0x7ffc0000 [ 532.483147][ T27] audit: type=1326 audit(1763746047.110:34956): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15747 comm="syz.2.3357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa363b8f749 code=0x7ffc0000 [ 532.507532][ T27] audit: type=1326 audit(1763746047.110:34957): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15747 comm="syz.2.3357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa363b8f749 code=0x7ffc0000 [ 532.531349][ T27] audit: type=1326 audit(1763746047.120:34958): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15747 comm="syz.2.3357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa363b8f749 code=0x7ffc0000 [ 532.542004][T15750] Alternate GPT is invalid, using primary GPT. [ 532.559525][ T27] audit: type=1326 audit(1763746047.120:34959): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15747 comm="syz.2.3357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa363b8f749 code=0x7ffc0000 [ 532.560434][T15750] loop1: p2 p3 p7 [ 533.073505][T14215] Bluetooth: hci1: Frame reassembly failed (-90) [ 533.241660][T15766] Bluetooth: hci1: Frame reassembly failed (-84) [ 533.514773][T15764] Bluetooth: hci1: Frame reassembly failed (-84) [ 533.685487][T15771] netlink: 36 bytes leftover after parsing attributes in process `syz.3.3363'. [ 534.938967][ T5104] Bluetooth: hci1: Opcode 0x1003 failed: -110 [ 534.939115][T13962] Bluetooth: hci1: command 0x1003 tx timeout [ 536.424780][T15816] netlink: 'syz.2.3376': attribute type 12 has an invalid length. [ 537.878924][T15851] loop3: detected capacity change from 0 to 2048 [ 537.982207][T15851] Alternate GPT is invalid, using primary GPT. [ 537.990731][T15851] loop3: p2 p3 p7 [ 538.454372][ T27] kauditd_printk_skb: 121 callbacks suppressed [ 538.454385][ T27] audit: type=1326 audit(1763746053.250:35081): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15872 comm="syz.3.3396" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd94698f749 code=0x7ffc0000 [ 538.487300][ T27] audit: type=1326 audit(1763746053.280:35082): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15872 comm="syz.3.3396" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd94698f749 code=0x7ffc0000 [ 538.542019][ T27] audit: type=1326 audit(1763746053.280:35083): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15872 comm="syz.3.3396" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd94698f749 code=0x7ffc0000 [ 538.583655][ T27] audit: type=1326 audit(1763746053.320:35084): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15872 comm="syz.3.3396" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd94698f749 code=0x7ffc0000 [ 538.645166][ T27] audit: type=1326 audit(1763746053.320:35085): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15872 comm="syz.3.3396" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd94698f749 code=0x7ffc0000 [ 538.676061][ T5104] Bluetooth: hci1: Opcode 0x1003 failed: -110 [ 538.679206][T13962] Bluetooth: hci1: command 0x1003 tx timeout [ 538.700896][ T27] audit: type=1326 audit(1763746053.320:35086): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15872 comm="syz.3.3396" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fd94698f749 code=0x7ffc0000 [ 538.752108][ T27] audit: type=1326 audit(1763746053.320:35087): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15872 comm="syz.3.3396" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd94698f749 code=0x7ffc0000 [ 538.837676][ T27] audit: type=1326 audit(1763746053.320:35088): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15872 comm="syz.3.3396" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fd94698f749 code=0x7ffc0000 [ 538.903048][ T27] audit: type=1326 audit(1763746053.320:35089): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15872 comm="syz.3.3396" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd94698f749 code=0x7ffc0000 [ 538.958912][ T27] audit: type=1326 audit(1763746053.320:35090): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15872 comm="syz.3.3396" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd94698f749 code=0x7ffc0000 [ 539.056337][T15888] netlink: 'syz.0.3402': attribute type 12 has an invalid length. [ 539.584695][T15908] loop1: detected capacity change from 0 to 2048 [ 539.660851][T15908] Alternate GPT is invalid, using primary GPT. [ 539.673609][T15908] loop1: p2 p3 p7 [ 539.939803][T15917] netlink: 'syz.1.3414': attribute type 12 has an invalid length. [ 541.553354][T13962] Bluetooth: hci1: command 0x1003 tx timeout [ 541.553707][ T5104] Bluetooth: hci1: Opcode 0x1003 failed: -110 [ 541.660710][T15946] netlink: 'syz.2.3425': attribute type 12 has an invalid length. [ 542.909787][T15977] syz.1.3433: attempt to access beyond end of device [ 542.909787][T15977] md34: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 543.865752][T15987] loop1: detected capacity change from 0 to 2048 [ 543.957279][T15987] Alternate GPT is invalid, using primary GPT. [ 543.967577][T15987] loop1: p2 p3 p7 [ 544.010401][T15989] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3440'. [ 544.187417][T15996] loop1: detected capacity change from 0 to 512 [ 544.213781][T15996] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended [ 544.258903][T15996] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 545.131295][T12547] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 545.241033][T16008] loop1: detected capacity change from 0 to 512 [ 545.259724][T16008] EXT4-fs (loop1): orphan cleanup on readonly fs [ 545.267028][T16008] EXT4-fs error (device loop1): ext4_orphan_get:1425: comm syz.1.3444: bad orphan inode 13 [ 545.281583][T16008] ext4_test_bit(bit=12, block=18) = 1 [ 545.287840][T16008] is_bad_inode(inode)=0 [ 545.292011][T16008] NEXT_ORPHAN(inode)=2130706432 [ 545.296981][T16008] max_ino=32 [ 545.300184][T16008] i_nlink=1 [ 545.305313][T16008] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 545.350313][T16008] EXT4-fs (loop1): warning: mounting fs with errors, running e2fsck is recommended [ 545.452502][T16008] EXT4-fs error (device loop1): ext4_validate_block_bitmap:439: comm syz.1.3444: bg 0: block 248: padding at end of block bitmap is not set [ 545.471269][ T27] kauditd_printk_skb: 85 callbacks suppressed [ 545.471282][ T27] audit: type=1326 audit(1763746060.240:35176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16007 comm="syz.1.3444" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ead38f749 code=0x7ffc0000 [ 545.476279][T16008] Quota error (device loop1): write_blk: dquota write failed [ 545.488111][ T27] audit: type=1326 audit(1763746060.270:35177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16007 comm="syz.1.3444" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ead38f749 code=0x7ffc0000 [ 545.518521][T16008] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota [ 545.531685][ T27] audit: type=1326 audit(1763746060.270:35178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16007 comm="syz.1.3444" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3ead38f749 code=0x7ffc0000 [ 545.570059][T16008] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.3444: Failed to acquire dquot type 1 [ 545.574328][ T27] audit: type=1326 audit(1763746060.300:35179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16007 comm="syz.1.3444" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ead38f749 code=0x7ffc0000 [ 545.626318][ T27] audit: type=1326 audit(1763746060.300:35180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16007 comm="syz.1.3444" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ead38f749 code=0x7ffc0000 [ 545.629976][T16008] EXT4-fs warning (device loop1): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 545.656965][ T27] audit: type=1326 audit(1763746060.300:35181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16007 comm="syz.1.3444" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3ead38f749 code=0x7ffc0000 [ 545.693950][ T27] audit: type=1326 audit(1763746060.300:35182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16007 comm="syz.1.3444" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ead38f749 code=0x7ffc0000 [ 545.716848][ T27] audit: type=1326 audit(1763746060.300:35183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16007 comm="syz.1.3444" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ead38f749 code=0x7ffc0000 [ 546.105456][T12547] EXT4-fs error (device loop1): ext4_lookup:1862: inode #2: comm syz-executor: deleted inode referenced: 12 [ 546.118944][T12547] EXT4-fs error (device loop1): ext4_lookup:1862: inode #2: comm syz-executor: deleted inode referenced: 12 [ 546.768779][T16018] netlink: 'syz.0.3447': attribute type 12 has an invalid length. [ 546.958198][T14214] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 547.339971][T16031] loop3: detected capacity change from 0 to 512 [ 547.407923][T16031] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 547.417758][T16031] EXT4-fs (loop3): orphan cleanup on readonly fs [ 547.428818][T16031] EXT4-fs error (device loop3): ext4_orphan_get:1399: inode #16: comm +}[@: iget: bad extended attribute block 1661952 [ 547.448432][T16031] EXT4-fs error (device loop3): ext4_orphan_get:1404: comm +}[@: couldn't read orphan inode 16 (err -117) [ 547.467854][T16031] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 547.488524][T16031] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 547.785498][T14214] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 547.900112][T14214] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 548.317842][T14214] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 548.684435][T13962] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 548.699896][T13962] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 548.708167][T13962] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 548.716320][T13962] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 548.734013][T13962] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 548.741483][T13962] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 548.943109][T16065] netlink: 'syz.2.3461': attribute type 12 has an invalid length. [ 549.415719][T14214] IPVS: stopping master sync thread 13001 ... [ 550.437676][T16059] chnl_net:caif_netlink_parms(): no params data found [ 550.849664][T13962] Bluetooth: hci1: command tx timeout [ 550.947288][T16059] bridge0: port 1(bridge_slave_0) entered blocking state [ 550.954618][T16059] bridge0: port 1(bridge_slave_0) entered disabled state [ 550.961784][T16059] bridge_slave_0: entered allmulticast mode [ 550.969377][T16059] bridge_slave_0: entered promiscuous mode [ 550.977760][T16059] bridge0: port 2(bridge_slave_1) entered blocking state [ 550.984962][T16059] bridge0: port 2(bridge_slave_1) entered disabled state [ 550.992133][T16059] bridge_slave_1: entered allmulticast mode [ 550.999334][T16059] bridge_slave_1: entered promiscuous mode [ 551.010349][T14214] hsr_slave_0: left promiscuous mode [ 551.056266][T14214] hsr_slave_1: left promiscuous mode [ 551.066516][T14214] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 551.074644][T14214] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 551.084423][T14214] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 551.091929][T14214] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 551.099843][T14214] bridge_slave_1: left allmulticast mode [ 551.106404][T14214] bridge_slave_1: left promiscuous mode [ 551.113059][T14214] bridge0: port 2(bridge_slave_1) entered disabled state [ 551.134000][T14214] bridge_slave_0: left allmulticast mode [ 551.139689][T14214] bridge_slave_0: left promiscuous mode [ 551.153586][T14214] bridge0: port 1(bridge_slave_0) entered disabled state [ 551.187880][T14214] veth1_macvtap: left promiscuous mode [ 551.193637][T14214] veth0_macvtap: left promiscuous mode [ 551.199279][T14214] veth1_vlan: left promiscuous mode [ 551.204696][T14214] veth0_vlan: left promiscuous mode [ 551.623012][ T27] kauditd_printk_skb: 95 callbacks suppressed [ 551.623025][ T27] audit: type=1326 audit(1763746066.410:35279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16108 comm="syz.0.3471" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3d518f749 code=0x7ffc0000 [ 551.656681][ T27] audit: type=1326 audit(1763746066.450:35280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16108 comm="syz.0.3471" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff3d518f749 code=0x7ffc0000 [ 551.685560][ T27] audit: type=1326 audit(1763746066.480:35281): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16108 comm="syz.0.3471" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3d518f749 code=0x7ffc0000 [ 551.708497][ T27] audit: type=1326 audit(1763746066.480:35282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16108 comm="syz.0.3471" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7ff3d518f749 code=0x7ffc0000 [ 551.733492][ T27] audit: type=1326 audit(1763746066.480:35283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16108 comm="syz.0.3471" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3d518f749 code=0x7ffc0000 [ 551.756188][ T27] audit: type=1326 audit(1763746066.480:35284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16108 comm="syz.0.3471" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3d518f749 code=0x7ffc0000 [ 551.778898][ T27] audit: type=1326 audit(1763746066.480:35285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16108 comm="syz.0.3471" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7ff3d518f749 code=0x7ffc0000 [ 551.801429][ T27] audit: type=1326 audit(1763746066.480:35286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16108 comm="syz.0.3471" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3d518f749 code=0x7ffc0000 [ 551.824008][ T27] audit: type=1326 audit(1763746066.480:35287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16108 comm="syz.0.3471" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3d518f749 code=0x7ffc0000 [ 551.858001][ T27] audit: type=1326 audit(1763746066.480:35288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16108 comm="syz.0.3471" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff3d518f749 code=0x7ffc0000 [ 551.961808][T14214] team0 (unregistering): Port device team_slave_1 removed [ 552.002866][T14214] team0 (unregistering): Port device team_slave_0 removed [ 552.042918][T14214] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 552.084054][T14214] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 552.527393][T14214] bond0 (unregistering): Released all slaves [ 552.916972][T13962] Bluetooth: hci1: command tx timeout [ 554.255700][T16105] netlink: 'syz.2.3470': attribute type 12 has an invalid length. [ 554.296877][T16059] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 554.340693][T16059] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 554.524711][T16059] team0: Port device team_slave_0 added [ 554.545497][T16059] team0: Port device team_slave_1 added [ 554.675039][T16059] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 554.682012][T16059] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 554.997080][T13962] Bluetooth: hci1: command tx timeout [ 555.064076][T16059] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 555.376343][T16059] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 555.404616][T16059] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 555.487398][T16059] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 555.628242][T16059] hsr_slave_0: entered promiscuous mode [ 555.644286][T16059] hsr_slave_1: entered promiscuous mode [ 555.651860][T16059] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 555.664203][T16059] Cannot create hsr debugfs directory [ 556.008579][T16139] netlink: 'syz.3.3480': attribute type 12 has an invalid length. [ 556.024631][T16059] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 556.086735][T16059] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 556.101377][T16059] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 556.114833][T16059] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 556.972001][ T27] kauditd_printk_skb: 50 callbacks suppressed [ 556.972034][ T27] audit: type=1326 audit(1763746071.760:35339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16142 comm="syz.3.3482" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd94698f749 code=0x7ffc0000 [ 557.088416][T13962] Bluetooth: hci1: command tx timeout [ 557.188203][ T27] audit: type=1326 audit(1763746071.800:35340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16142 comm="syz.3.3482" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd94698f749 code=0x7ffc0000 [ 559.912634][T16170] sit0: entered promiscuous mode [ 559.927409][T16170] sit0: entered allmulticast mode [ 560.220954][T16059] 8021q: adding VLAN 0 to HW filter on device bond0 [ 560.281693][T16059] 8021q: adding VLAN 0 to HW filter on device team0 [ 560.311676][ T49] bridge0: port 1(bridge_slave_0) entered blocking state [ 560.318883][ T49] bridge0: port 1(bridge_slave_0) entered forwarding state [ 560.348793][ T49] bridge0: port 2(bridge_slave_1) entered blocking state [ 560.355983][ T49] bridge0: port 2(bridge_slave_1) entered forwarding state [ 561.149163][T16189] (null): rxe_set_mtu: Set mtu to 1024 [ 561.164069][T16189] rdma_rxe: rxe_newlink: failed to add bond_slave_0 [ 561.266895][ T27] audit: type=1326 audit(1763746076.060:35341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16193 comm="syz.3.3496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd94698f749 code=0x7ffc0000 [ 561.326209][ T27] audit: type=1326 audit(1763746076.080:35342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16193 comm="syz.3.3496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd94698f749 code=0x7ffc0000 [ 561.350397][ T27] audit: type=1326 audit(1763746076.080:35343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16193 comm="syz.3.3496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd94698f749 code=0x7ffc0000 [ 561.387900][ T27] audit: type=1326 audit(1763746076.100:35344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16193 comm="syz.3.3496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fd94698f749 code=0x7ffc0000 [ 561.414162][ T27] audit: type=1326 audit(1763746076.100:35345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16193 comm="syz.3.3496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd94698f749 code=0x7ffc0000 [ 561.456941][ T27] audit: type=1326 audit(1763746076.100:35346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16193 comm="syz.3.3496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd94698f749 code=0x7ffc0000 [ 561.502766][ T27] audit: type=1326 audit(1763746076.100:35347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16193 comm="syz.3.3496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fd94698f749 code=0x7ffc0000 [ 561.537030][ T27] audit: type=1326 audit(1763746076.100:35348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16193 comm="syz.3.3496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd94698f749 code=0x7ffc0000 [ 562.093390][ T27] kauditd_printk_skb: 18 callbacks suppressed [ 562.093406][ T27] audit: type=1326 audit(1763746076.890:35367): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16193 comm="syz.3.3496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd94698f749 code=0x7ffc0000 [ 562.123738][ T27] audit: type=1326 audit(1763746076.890:35368): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16193 comm="syz.3.3496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd94698f749 code=0x7ffc0000 [ 562.998815][ T1281] ieee802154 phy0 wpan0: encryption failed: -22 [ 563.005515][ T1281] ieee802154 phy1 wpan1: encryption failed: -22 [ 564.073035][T16221] sch_tbf: burst 1023 is lower than device lo mtu (11337746) ! [ 564.087417][T16059] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 564.254162][T16232] (null): rxe_set_mtu: Set mtu to 1024 [ 564.278975][T16232] rdma_rxe: rxe_newlink: failed to add bond_slave_0 [ 564.458611][ T27] audit: type=1326 audit(1763746079.250:35369): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16243 comm="syz.0.3511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3d518f749 code=0x7ffc0000 [ 564.524978][ T27] audit: type=1326 audit(1763746079.250:35370): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16243 comm="syz.0.3511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3d518f749 code=0x7ffc0000 [ 564.552023][ T27] audit: type=1326 audit(1763746079.250:35371): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16243 comm="syz.0.3511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff3d518f749 code=0x7ffc0000 [ 564.600353][ T27] audit: type=1326 audit(1763746079.280:35372): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16243 comm="syz.0.3511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3d518f749 code=0x7ffc0000 [ 564.649675][T16059] veth0_vlan: entered promiscuous mode [ 564.690068][ T27] audit: type=1326 audit(1763746079.280:35373): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16243 comm="syz.0.3511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7ff3d518f749 code=0x7ffc0000 [ 564.729646][T16059] veth1_vlan: entered promiscuous mode [ 564.759488][ T27] audit: type=1326 audit(1763746079.280:35374): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16243 comm="syz.0.3511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3d518f749 code=0x7ffc0000 [ 564.782483][ T27] audit: type=1326 audit(1763746079.280:35375): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16243 comm="syz.0.3511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3d518f749 code=0x7ffc0000 [ 564.805822][ T27] audit: type=1326 audit(1763746079.280:35376): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16243 comm="syz.0.3511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7ff3d518f749 code=0x7ffc0000 [ 564.820782][T16059] veth0_macvtap: entered promiscuous mode [ 564.847810][T16059] veth1_macvtap: entered promiscuous mode [ 564.923487][T16251] syz.3.3512: attempt to access beyond end of device [ 564.923487][T16251] md34: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 565.460305][T16059] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 565.503899][T16059] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 565.544894][T16059] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 565.569637][T16059] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 565.581185][T16059] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 565.600669][T16059] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 565.615724][T16059] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 565.626135][T16059] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 565.636764][T16059] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 565.649423][T16059] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 565.660963][T16059] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 565.674973][T16059] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 565.685926][T16059] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 565.700453][T16059] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 565.755322][T16257] sch_tbf: burst 1023 is lower than device lo mtu (65550) ! [ 565.891374][ T1090] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 565.911678][ T1090] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 566.237599][T16264] loop3: detected capacity change from 0 to 164 [ 566.269539][T16264] Unable to read rock-ridge attributes [ 566.336445][T14215] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 566.344638][T14215] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 566.550430][T16274] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3519'. [ 566.947608][T16288] bridge0: port 2(bridge_slave_1) entered disabled state [ 566.955360][T16288] bridge0: port 1(bridge_slave_0) entered disabled state [ 566.967370][T16288] bridge0: entered allmulticast mode [ 567.025116][T16288] bridge_slave_1: left allmulticast mode [ 567.031281][T16288] bridge_slave_1: left promiscuous mode [ 567.049151][T16288] bridge0: port 2(bridge_slave_1) entered disabled state [ 567.072497][T16288] bridge_slave_0: left allmulticast mode [ 567.080393][T16288] bridge_slave_0: left promiscuous mode [ 567.088982][T16288] bridge0: port 1(bridge_slave_0) entered disabled state [ 567.848202][ T27] kauditd_printk_skb: 89 callbacks suppressed [ 567.848215][ T27] audit: type=1326 audit(1763746082.640:35466): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16315 comm="syz.2.3534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa363b8f749 code=0x7ffc0000 [ 567.848338][ T27] audit: type=1326 audit(1763746082.640:35467): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16315 comm="syz.2.3534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa363b8f749 code=0x7ffc0000 [ 567.848897][ T27] audit: type=1326 audit(1763746082.640:35468): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16315 comm="syz.2.3534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa363b8f749 code=0x7ffc0000 [ 567.855593][ T27] audit: type=1326 audit(1763746082.640:35469): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16315 comm="syz.2.3534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa363b8f749 code=0x7ffc0000 [ 567.855642][ T27] audit: type=1326 audit(1763746082.640:35470): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16315 comm="syz.2.3534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fa363b8f749 code=0x7ffc0000 [ 567.855685][ T27] audit: type=1326 audit(1763746082.640:35471): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16315 comm="syz.2.3534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa363b8f749 code=0x7ffc0000 [ 567.856073][ T27] audit: type=1326 audit(1763746082.640:35472): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16315 comm="syz.2.3534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fa363b8f749 code=0x7ffc0000 [ 567.856111][ T27] audit: type=1326 audit(1763746082.640:35473): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16315 comm="syz.2.3534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa363b8f749 code=0x7ffc0000 [ 567.856147][ T27] audit: type=1326 audit(1763746082.640:35474): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16315 comm="syz.2.3534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa363b8f749 code=0x7ffc0000 [ 567.856331][ T27] audit: type=1326 audit(1763746082.640:35475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16315 comm="syz.2.3534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa363b8f749 code=0x7ffc0000 [ 568.510971][T16332] pim6reg1: entered promiscuous mode [ 568.518518][ T5104] Bluetooth: hci2: command 0x1003 tx timeout [ 568.527666][T13962] Bluetooth: hci2: Opcode 0x1003 failed: -110 [ 568.533554][T16332] pim6reg1: entered allmulticast mode [ 568.856805][T16343] sch_tbf: burst 1023 is lower than device lo mtu (65550) ! [ 568.954777][T16350] loop3: detected capacity change from 0 to 512 [ 568.985605][T16350] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 569.049204][T16350] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 569.110578][T16355] pim6reg1: entered promiscuous mode [ 569.110597][T16355] pim6reg1: entered allmulticast mode [ 569.330807][T14217] Bluetooth: hci2: Frame reassembly failed (-84) [ 570.111843][T13164] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 570.953250][T16405] syz.3.3563: attempt to access beyond end of device [ 570.953250][T16405] md34: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 571.404963][ T5104] Bluetooth: hci2: command 0x1003 tx timeout [ 571.406210][T13962] Bluetooth: hci2: Opcode 0x1003 failed: -110 [ 571.810350][T16415] 9pnet_fd: Insufficient options for proto=fd [ 572.371470][T16438] syz.0.3574: attempt to access beyond end of device [ 572.371470][T16438] md34: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 572.865547][T16440] loop4: detected capacity change from 0 to 512 [ 573.013340][ T27] kauditd_printk_skb: 206 callbacks suppressed [ 573.013354][ T27] audit: type=1326 audit(1763746087.800:35682): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16413 comm="syz.3.3566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd94698f749 code=0x7ffc0000 [ 573.114817][T16440] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 573.123342][T16440] EXT4-fs (loop4): orphan cleanup on readonly fs [ 573.149660][T16440] EXT4-fs error (device loop4): ext4_orphan_get:1399: inode #16: comm +}[@: iget: bad extended attribute block 1661952 [ 573.179488][T16440] EXT4-fs error (device loop4): ext4_orphan_get:1404: comm +}[@: couldn't read orphan inode 16 (err -117) [ 573.196703][T16440] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 573.209348][ T27] audit: type=1326 audit(1763746087.800:35683): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16413 comm="syz.3.3566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd94698f749 code=0x7ffc0000 [ 573.235531][T16440] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 573.404551][T16449] 9pnet_fd: Insufficient options for proto=fd [ 573.774176][T16460] siw: device registration error -23 [ 573.786434][T16460] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3583'. [ 573.801317][T16460] IPVS: Error connecting to the multicast addr [ 574.047116][ T27] audit: type=1326 audit(1763746088.830:35684): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16471 comm="syz.3.3586" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd94698f749 code=0x7ffc0000 [ 574.112554][ T27] audit: type=1326 audit(1763746088.830:35685): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16471 comm="syz.3.3586" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd94698f749 code=0x7ffc0000 [ 574.171756][ T27] audit: type=1326 audit(1763746088.830:35686): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16471 comm="syz.3.3586" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd94698f749 code=0x7ffc0000 [ 574.176598][T16477] loop4: detected capacity change from 0 to 512 [ 574.203459][ T27] audit: type=1326 audit(1763746088.830:35687): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16471 comm="syz.3.3586" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd94698f749 code=0x7ffc0000 [ 574.235133][T16477] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 574.236881][ T27] audit: type=1326 audit(1763746088.850:35688): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16471 comm="syz.3.3586" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fd94698f749 code=0x7ffc0000 [ 574.247700][T16477] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=200ec018, mo2=0002] [ 574.285158][T16477] System zones: 1-12 [ 574.290007][ T27] audit: type=1326 audit(1763746088.850:35689): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16471 comm="syz.3.3586" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd94698f749 code=0x7ffc0000 [ 574.314799][T16477] EXT4-fs (loop4): 1 truncate cleaned up [ 574.320570][ T27] audit: type=1326 audit(1763746088.850:35690): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16471 comm="syz.3.3586" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fd94698f749 code=0x7ffc0000 [ 574.321787][T16477] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 574.343103][ T27] audit: type=1326 audit(1763746088.850:35691): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16471 comm="syz.3.3586" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd94698f749 code=0x7ffc0000 [ 574.452468][T16483] netlink: 'syz.2.3588': attribute type 4 has an invalid length. [ 574.508701][T16483] (null): rxe_set_mtu: Set mtu to 1024 [ 574.508983][T16483] rdma_rxe: rxe_newlink: failed to add bond_slave_0 [ 575.016950][T16059] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 575.287529][T16512] siw: device registration error -23 [ 575.497360][ T5104] Bluetooth: hci2: command 0x1003 tx timeout [ 575.526751][T16512] netlink: 24 bytes leftover after parsing attributes in process `syz.4.3594'. [ 575.540041][T16512] IPVS: Error connecting to the multicast addr [ 575.672303][T13962] Bluetooth: hci2: Opcode 0x1003 failed: -110 [ 576.631125][T16531] netlink: 'syz.3.3598': attribute type 12 has an invalid length. [ 576.780116][T16532] netlink: 'syz.4.3600': attribute type 4 has an invalid length. [ 576.836388][T16534] (null): rxe_set_mtu: Set mtu to 1024 [ 576.850205][T16534] rdma_rxe: rxe_newlink: failed to add bond_slave_0 [ 576.889445][T16539] loop3: detected capacity change from 0 to 512 [ 576.898956][T16539] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 576.922681][T16539] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=200ec018, mo2=0002] [ 576.934718][T16539] System zones: 1-12 [ 577.082339][T16539] EXT4-fs (loop3): 1 truncate cleaned up [ 577.106785][T16539] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 577.847241][T13164] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 578.850740][ T27] kauditd_printk_skb: 319 callbacks suppressed [ 578.850770][ T27] audit: type=1326 audit(1763746093.640:36011): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16569 comm="syz.2.3614" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa363b8f749 code=0x7ffc0000 [ 578.899823][ T27] audit: type=1326 audit(1763746093.690:36012): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16569 comm="syz.2.3614" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa363b8f749 code=0x7ffc0000 [ 578.929098][ T27] audit: type=1326 audit(1763746093.690:36013): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16569 comm="syz.2.3614" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fa363b8f749 code=0x7ffc0000 [ 578.957752][ T27] audit: type=1326 audit(1763746093.690:36014): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16569 comm="syz.2.3614" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa363b8f749 code=0x7ffc0000 [ 579.019376][ T27] audit: type=1326 audit(1763746093.690:36015): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16569 comm="syz.2.3614" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa363b8f749 code=0x7ffc0000 [ 579.059887][T16576] netlink: 'syz.3.3617': attribute type 12 has an invalid length. [ 579.068776][ T27] audit: type=1326 audit(1763746093.720:36016): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16569 comm="syz.2.3614" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7fa363b8f749 code=0x7ffc0000 [ 579.092924][ T27] audit: type=1326 audit(1763746093.720:36017): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16569 comm="syz.2.3614" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa363b8f749 code=0x7ffc0000 [ 579.117350][ T27] audit: type=1326 audit(1763746093.720:36018): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16569 comm="syz.2.3614" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fa363b8f749 code=0x7ffc0000 [ 579.153514][ T27] audit: type=1326 audit(1763746093.720:36019): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16569 comm="syz.2.3614" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa363b8f749 code=0x7ffc0000 [ 579.178425][T16579] netlink: 'syz.2.3614': attribute type 4 has an invalid length. [ 579.178481][ T27] audit: type=1326 audit(1763746093.720:36020): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16569 comm="syz.2.3614" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa363b8f749 code=0x7ffc0000 [ 579.231607][T16572] (null): rxe_set_mtu: Set mtu to 1024 [ 579.241098][T16572] rdma_rxe: rxe_newlink: failed to add bond_slave_0 [ 579.318374][T16585] loop3: detected capacity change from 0 to 512 [ 579.347611][T16585] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 579.362967][T16585] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=200ec018, mo2=0002] [ 579.373412][T16585] System zones: 1-12 [ 579.389031][T16585] EXT4-fs (loop3): 1 truncate cleaned up [ 579.397328][T16585] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 580.360532][T13164] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 580.817416][T16610] netlink: 'syz.2.3628': attribute type 12 has an invalid length. [ 580.986830][T16615] loop3: detected capacity change from 0 to 512 [ 581.029857][T16615] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 581.038292][T16615] EXT4-fs (loop3): orphan cleanup on readonly fs [ 581.046481][T16615] EXT4-fs error (device loop3): ext4_orphan_get:1399: inode #16: comm +}[@: iget: bad extended attribute block 1661952 [ 581.153649][ T5104] Bluetooth: hci2: command 0x1003 tx timeout [ 581.161832][T13962] Bluetooth: hci2: Opcode 0x1003 failed: -110 [ 581.196453][T16615] EXT4-fs error (device loop3): ext4_orphan_get:1404: comm +}[@: couldn't read orphan inode 16 (err -117) [ 581.518422][T16615] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 581.841491][T16615] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 582.007074][T16626] pim6reg1: entered promiscuous mode [ 582.012494][T16626] pim6reg1: entered allmulticast mode [ 582.466873][T16637] netlink: 'syz.4.3637': attribute type 12 has an invalid length. [ 584.223889][T16663] loop4: detected capacity change from 0 to 164 [ 584.249250][T16663] Unable to read rock-ridge attributes [ 584.259836][T16665] netlink: 'syz.3.3647': attribute type 12 has an invalid length. [ 584.602169][ T27] kauditd_printk_skb: 85 callbacks suppressed [ 584.602183][ T27] audit: type=1326 audit(1763746099.390:36106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16672 comm="syz.3.3651" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd94698f749 code=0x7ffc0000 [ 584.631289][ T27] audit: type=1326 audit(1763746099.420:36107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16672 comm="syz.3.3651" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd94698f749 code=0x7ffc0000 [ 584.702707][ T27] audit: type=1326 audit(1763746099.480:36108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16672 comm="syz.3.3651" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fd94698f749 code=0x7ffc0000 [ 584.777268][ T27] audit: type=1326 audit(1763746099.480:36109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16672 comm="syz.3.3651" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd94698f749 code=0x7ffc0000 [ 584.819136][T16675] netlink: 'syz.3.3651': attribute type 4 has an invalid length. [ 584.923022][ T27] audit: type=1326 audit(1763746099.480:36110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16672 comm="syz.3.3651" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd94698f749 code=0x7ffc0000 [ 584.973138][ T27] audit: type=1326 audit(1763746099.480:36111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16672 comm="syz.3.3651" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7fd94698f749 code=0x7ffc0000 [ 584.999533][ T27] audit: type=1326 audit(1763746099.490:36112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16672 comm="syz.3.3651" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd94698f749 code=0x7ffc0000 [ 584.999599][ T27] audit: type=1326 audit(1763746099.520:36113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16672 comm="syz.3.3651" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fd94698f749 code=0x7ffc0000 [ 584.999636][ T27] audit: type=1326 audit(1763746099.520:36114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16672 comm="syz.3.3651" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd94698f749 code=0x7ffc0000 [ 584.999673][ T27] audit: type=1326 audit(1763746099.520:36115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16672 comm="syz.3.3651" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd94698f749 code=0x7ffc0000 [ 585.348815][T16686] wg2: entered promiscuous mode [ 585.354908][T16686] wg2: entered allmulticast mode [ 585.632862][T16695] syz.0.3656: attempt to access beyond end of device [ 585.632862][T16695] md34: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 586.609021][T16701] netlink: 'syz.4.3662': attribute type 4 has an invalid length. [ 586.643130][T16701] (null): rxe_set_mtu: Set mtu to 1024 [ 586.672885][T16708] pim6reg1: entered promiscuous mode [ 586.687129][T16708] pim6reg1: entered allmulticast mode [ 587.141310][T16701] rdma_rxe: rxe_newlink: failed to add bond_slave_0 [ 587.263785][T16725] syz.0.3670: attempt to access beyond end of device [ 587.263785][T16725] md34: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 588.151331][T16732] loop3: detected capacity change from 0 to 512 [ 588.191531][T16732] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 588.234973][T16732] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=200ec018, mo2=0002] [ 588.279258][T16732] System zones: 1-12 [ 588.295707][T16732] EXT4-fs (loop3): 1 truncate cleaned up [ 588.302602][T16732] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 588.583015][T16744] loop4: detected capacity change from 0 to 512 [ 588.641969][T16744] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 588.642342][T16744] EXT4-fs (loop4): orphan cleanup on readonly fs [ 588.670073][T16744] EXT4-fs error (device loop4): ext4_orphan_get:1399: inode #16: comm +}[@: iget: bad extended attribute block 1661952 [ 588.678601][T16744] EXT4-fs error (device loop4): ext4_orphan_get:1404: comm +}[@: couldn't read orphan inode 16 (err -117) [ 588.712424][T16742] pim6reg1: entered promiscuous mode [ 588.712447][T16742] pim6reg1: entered allmulticast mode [ 588.798534][T16744] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 588.835609][T16744] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 589.041055][T13164] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 591.363057][T16775] netlink: 'syz.4.3686': attribute type 12 has an invalid length. [ 591.555878][T16777] syz.2.3688[16777] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 591.556110][T16777] syz.2.3688[16777] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 591.605249][T16781] loop4: detected capacity change from 0 to 512 [ 591.711494][T16781] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 591.782187][T16781] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=200ec018, mo2=0002] [ 591.826021][T16781] System zones: 1-12 [ 591.870341][T16781] EXT4-fs (loop4): 1 truncate cleaned up [ 591.886428][T16781] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 592.464976][T16805] syz.3.3696: attempt to access beyond end of device [ 592.464976][T16805] md34: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 593.102238][T16059] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 593.791649][T16819] loop3: detected capacity change from 0 to 164 [ 594.361119][T16819] Unable to read rock-ridge attributes [ 597.005082][T16841] sch_tbf: burst 1023 is lower than device lo mtu (65550) ! [ 598.032284][T16869] loop4: detected capacity change from 0 to 512 [ 598.061447][T16869] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 598.098343][T16869] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=200ec018, mo2=0002] [ 598.113767][T16869] System zones: 1-12 [ 598.124742][T16869] EXT4-fs (loop4): 1 truncate cleaned up [ 598.141871][T16869] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 598.267284][T16874] wg2: entered promiscuous mode [ 598.267305][T16874] wg2: entered allmulticast mode [ 598.280242][T16879] pim6reg1: entered promiscuous mode [ 598.280262][T16879] pim6reg1: entered allmulticast mode [ 598.615751][T16894] pim6reg1: entered promiscuous mode [ 598.615771][T16894] pim6reg1: entered allmulticast mode [ 598.902847][T16059] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 599.426612][ T5911] [ 599.428999][ T5911] ====================================================== [ 599.436026][ T5911] WARNING: possible circular locking dependency detected [ 599.443057][ T5911] syzkaller #0 Not tainted [ 599.447476][ T5911] ------------------------------------------------------ [ 599.454493][ T5911] kworker/0:6/5911 is trying to acquire lock: [ 599.460560][ T5911] ffff8880b8e29370 (krc.lock){..-.}-{2:2}, at: kvfree_call_rcu+0x15a/0x780 [ 599.469198][ T5911] [ 599.469198][ T5911] but task is already holding lock: [ 599.476561][ T5911] ffff8880b8e29598 (&base->lock){-.-.}-{2:2}, at: lock_timer_base+0x123/0x270 [ 599.485467][ T5911] [ 599.485467][ T5911] which lock already depends on the new lock. [ 599.485467][ T5911] [ 599.495878][ T5911] [ 599.495878][ T5911] the existing dependency chain (in reverse order) is: [ 599.504899][ T5911] [ 599.504899][ T5911] -> #1 (&base->lock){-.-.}-{2:2}: [ 599.512216][ T5911] _raw_spin_lock_irqsave+0xa8/0xf0 [ 599.517961][ T5911] lock_timer_base+0x123/0x270 [ 599.523264][ T5911] __mod_timer+0xf9/0xdb0 [ 599.528134][ T5911] queue_delayed_work_on+0x12a/0x1e0 [ 599.533959][ T5911] kvfree_call_rcu+0x541/0x780 [ 599.539263][ T5911] rtnl_register_internal+0x486/0x590 [ 599.545173][ T5911] rtnl_register+0x32/0x70 [ 599.550136][ T5911] ip_rt_init+0x2ec/0x390 [ 599.555006][ T5911] ip_init+0xe/0x20 [ 599.559348][ T5911] inet_init+0x2c1/0x3e0 [ 599.564125][ T5911] do_one_initcall+0x1fd/0x750 [ 599.569425][ T5911] do_initcall_level+0x137/0x1f0 [ 599.574896][ T5911] do_initcalls+0x69/0xd0 [ 599.579761][ T5911] kernel_init_freeable+0x3d2/0x570 [ 599.585496][ T5911] kernel_init+0x1d/0x1c0 [ 599.590365][ T5911] ret_from_fork+0x48/0x80 [ 599.595318][ T5911] ret_from_fork_asm+0x11/0x20 [ 599.600627][ T5911] [ 599.600627][ T5911] -> #0 (krc.lock){..-.}-{2:2}: [ 599.607676][ T5911] __lock_acquire+0x2ddb/0x7c80 [ 599.613042][ T5911] lock_acquire+0x197/0x410 [ 599.618054][ T5911] _raw_spin_lock+0x2e/0x40 [ 599.623060][ T5911] kvfree_call_rcu+0x15a/0x780 [ 599.628332][ T5911] trie_delete_elem+0x535/0x6a0 [ 599.633697][ T5911] bpf_prog_41385012b43a9f2e+0x48/0x4c [ 599.639665][ T5911] bpf_trace_run3+0x1e7/0x400 [ 599.644848][ T5911] __bpf_trace_timer_start+0x14a/0x1b0 [ 599.650819][ T5911] enqueue_timer+0x398/0x530 [ 599.655913][ T5911] __mod_timer+0x977/0xdb0 [ 599.660841][ T5911] process_srcu+0x51e/0x1330 [ 599.665938][ T5911] process_scheduled_works+0xa45/0x15b0 [ 599.671994][ T5911] worker_thread+0xa55/0xfc0 [ 599.677091][ T5911] kthread+0x2fa/0x390 [ 599.681662][ T5911] ret_from_fork+0x48/0x80 [ 599.686584][ T5911] ret_from_fork_asm+0x11/0x20 [ 599.691871][ T5911] [ 599.691871][ T5911] other info that might help us debug this: [ 599.691871][ T5911] [ 599.702096][ T5911] Possible unsafe locking scenario: [ 599.702096][ T5911] [ 599.709569][ T5911] CPU0 CPU1 [ 599.714924][ T5911] ---- ---- [ 599.720281][ T5911] lock(&base->lock); [ 599.724347][ T5911] lock(krc.lock); [ 599.730666][ T5911] lock(&base->lock); [ 599.737242][ T5911] lock(krc.lock); [ 599.741058][ T5911] [ 599.741058][ T5911] *** DEADLOCK *** [ 599.741058][ T5911] [ 599.749181][ T5911] 5 locks held by kworker/0:6/5911: [ 599.754359][ T5911] #0: ffff888017872538 ((wq_completion)rcu_gp){+.+.}-{0:0}, at: process_scheduled_works+0x957/0x15b0 [ 599.765310][ T5911] #1: ffffc90004b0fd00 ((work_completion)(&(&ssp->srcu_sup->work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x957/0x15b0 [ 599.778607][ T5911] #2: ffffffff8cd780c8 (&ssp->srcu_sup->srcu_cb_mutex){+.+.}-{3:3}, at: process_srcu+0x2b2/0x1330 [ 599.789289][ T5911] #3: ffff8880b8e29598 (&base->lock){-.-.}-{2:2}, at: lock_timer_base+0x123/0x270 [ 599.798605][ T5911] #4: ffffffff8cd2fee0 (rcu_read_lock){....}-{1:2}, at: bpf_trace_run3+0xf4/0x400 [ 599.807893][ T5911] [ 599.807893][ T5911] stack backtrace: [ 599.813765][ T5911] CPU: 0 PID: 5911 Comm: kworker/0:6 Not tainted syzkaller #0 [ 599.821208][ T5911] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 599.831248][ T5911] Workqueue: rcu_gp process_srcu [ 599.836178][ T5911] Call Trace: [ 599.839444][ T5911] [ 599.842366][ T5911] dump_stack_lvl+0x16c/0x230 [ 599.847034][ T5911] ? load_image+0x3b0/0x3b0 [ 599.851530][ T5911] ? show_regs_print_info+0x20/0x20 [ 599.856718][ T5911] ? print_circular_bug+0x12b/0x1a0 [ 599.861906][ T5911] check_noncircular+0x2bd/0x3c0 [ 599.866840][ T5911] ? print_deadlock_bug+0x5d0/0x5d0 [ 599.872026][ T5911] ? lockdep_lock+0xe0/0x220 [ 599.876608][ T5911] ? _find_first_zero_bit+0xd3/0x100 [ 599.881883][ T5911] __lock_acquire+0x2ddb/0x7c80 [ 599.886727][ T5911] ? stack_trace_snprint+0xf0/0xf0 [ 599.891845][ T5911] ? __stack_depot_save+0x560/0x630 [ 599.897046][ T5911] ? verify_lock_unused+0x140/0x140 [ 599.902237][ T5911] ? kasan_save_stack+0x4d/0x60 [ 599.907077][ T5911] ? kasan_save_stack+0x3e/0x60 [ 599.911921][ T5911] ? __kasan_record_aux_stack+0xaf/0xc0 [ 599.917459][ T5911] ? kvfree_call_rcu+0xee/0x780 [ 599.922298][ T5911] ? trie_delete_elem+0x535/0x6a0 [ 599.927321][ T5911] ? bpf_prog_41385012b43a9f2e+0x48/0x4c [ 599.932935][ T5911] ? bpf_trace_run3+0x1e7/0x400 [ 599.937766][ T5911] ? __bpf_trace_timer_start+0x14a/0x1b0 [ 599.943389][ T5911] ? enqueue_timer+0x398/0x530 [ 599.948134][ T5911] ? __mod_timer+0x977/0xdb0 [ 599.952710][ T5911] ? process_srcu+0x51e/0x1330 [ 599.957464][ T5911] ? process_scheduled_works+0xa45/0x15b0 [ 599.963185][ T5911] ? worker_thread+0xa55/0xfc0 [ 599.967956][ T5911] ? kthread+0x2fa/0x390 [ 599.972191][ T5911] ? ret_from_fork+0x48/0x80 [ 599.976772][ T5911] ? ret_from_fork_asm+0x11/0x20 [ 599.981704][ T5911] lock_acquire+0x197/0x410 [ 599.986199][ T5911] ? kvfree_call_rcu+0x15a/0x780 [ 599.991130][ T5911] ? read_lock_is_recursive+0x20/0x20 [ 599.996492][ T5911] ? __phys_addr+0xba/0x170 [ 600.000981][ T5911] _raw_spin_lock+0x2e/0x40 [ 600.005470][ T5911] ? kvfree_call_rcu+0x15a/0x780 [ 600.010394][ T5911] kvfree_call_rcu+0x15a/0x780 [ 600.015149][ T5911] ? call_rcu+0x930/0x930 [ 600.019464][ T5911] ? _raw_spin_unlock_irqrestore+0xae/0x110 [ 600.025344][ T5911] ? _raw_spin_unlock+0x40/0x40 [ 600.030185][ T5911] trie_delete_elem+0x535/0x6a0 [ 600.035030][ T5911] bpf_prog_41385012b43a9f2e+0x48/0x4c [ 600.040477][ T5911] bpf_trace_run3+0x1e7/0x400 [ 600.045139][ T5911] ? bpf_trace_run3+0xf4/0x400 [ 600.049887][ T5911] ? bpf_trace_run2+0x3c0/0x3c0 [ 600.054724][ T5911] ? __bpf_trace_timer_start+0x133/0x1b0 [ 600.060345][ T5911] __bpf_trace_timer_start+0x14a/0x1b0 [ 600.065802][ T5911] ? __bpf_trace_timer_class+0x100/0x100 [ 600.071493][ T5911] ? _raw_spin_unlock_irqrestore+0xae/0x110 [ 600.077395][ T5911] ? _raw_spin_unlock+0x40/0x40 [ 600.082238][ T5911] ? _raw_spin_lock_irqsave+0xb4/0xf0 [ 600.087599][ T5911] enqueue_timer+0x398/0x530 [ 600.092182][ T5911] __mod_timer+0x977/0xdb0 [ 600.096599][ T5911] process_srcu+0x51e/0x1330 [ 600.101189][ T5911] ? _raw_spin_unlock_irq+0x23/0x50 [ 600.106373][ T5911] ? process_scheduled_works+0x957/0x15b0 [ 600.112082][ T5911] ? process_scheduled_works+0x957/0x15b0 [ 600.117789][ T5911] process_scheduled_works+0xa45/0x15b0 [ 600.123353][ T5911] ? assign_work+0x400/0x400 [ 600.127932][ T5911] ? assign_work+0x39e/0x400 [ 600.132516][ T5911] worker_thread+0xa55/0xfc0 [ 600.137093][ T5911] ? _raw_spin_unlock_irqrestore+0xae/0x110 [ 600.142968][ T5911] ? _raw_spin_unlock+0x40/0x40 [ 600.147800][ T5911] ? _raw_spin_unlock_irqrestore+0x86/0x110 [ 600.153684][ T5911] kthread+0x2fa/0x390 [ 600.157738][ T5911] ? pr_cont_work+0x560/0x560 [ 600.162399][ T5911] ? kthread_blkcg+0xd0/0xd0 [ 600.166975][ T5911] ret_from_fork+0x48/0x80 [ 600.171382][ T5911] ? kthread_blkcg+0xd0/0xd0 [ 600.175958][ T5911] ret_from_fork_asm+0x11/0x20 [ 600.180728][ T5911]