last executing test programs: 6.215350385s ago: executing program 4 (id=513): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f00000003c0)=ANY=[@ANYBLOB="18010000008000000000000000000004850000006d00000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt(r1, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8) setsockopt$inet_sctp6_SCTP_AUTH_KEY(r1, 0x84, 0x17, &(0x7f0000000800)=ANY=[], 0x9) 5.690735778s ago: executing program 4 (id=520): r0 = socket$inet(0x2, 0x2, 0x1) sendmsg$SEG6_CMD_SETHMAC(0xffffffffffffffff, 0x0, 0x4010) sendmsg$inet(r0, &(0x7f0000001040)={&(0x7f0000000040)={0x2, 0xffff, @remote}, 0x10, &(0x7f0000000000)=[{&(0x7f0000000400)='\b\x00', 0x2}, {&(0x7f0000000180)="2d0000008058", 0x6}], 0x2, &(0x7f0000000100)=ANY=[@ANYBLOB="1c000000000000000000000007000000890b040a0101027f00000100000000001c000000000000000000000008"], 0x40}, 0x20000024) 5.508897734s ago: executing program 4 (id=522): bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x50) r0 = openat$pfkey(0xffffffffffffff9c, 0x0, 0x0, 0x0) pread64(r0, 0x0, 0x0, 0x300) r1 = openat$cgroup_int(0xffffffffffffffff, &(0x7f0000000080)='pids.max\x00', 0x2, 0x0) write$cgroup_subtree(r1, 0x0, 0x9) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) prctl$PR_SET_NAME(0xf, 0x0) r2 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0) r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x18, 0xf, &(0x7f0000000580)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014fa0000b7030000000008008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000020000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x5, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r4}, 0x10) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$MAP_GET_NEXT_KEY(0x2, 0x0, 0x0) bpf$MAP_LOOKUP_BATCH(0x18, 0x0, 0x0) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) sendmsg$NFT_BATCH(r5, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000006000000500000a3c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc4c0000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a310000000020000380100000800c00018006000100d10300000c000080080003400000000214000000110001"], 0xb0}}, 0x40) close_range(r2, 0xffffffffffffffff, 0x0) 5.50669829s ago: executing program 0 (id=523): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = dup(r0) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e24, 0x6, @loopback, 0x3}], 0x1c) setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000180)={0x0, 0xa4, 0x10}, 0xc) sendmsg$inet6(r0, &(0x7f0000000500)={&(0x7f0000000080)={0xa, 0x4e24, 0x8, @loopback, 0x1ff}, 0x1c, &(0x7f0000000380)=[{&(0x7f00000000c0)="88", 0x1}], 0x1}, 0x4048043) r2 = dup(r0) setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f0000000000)='ip6gretap0\x00', 0x10) setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e22, @empty}}, 0x8003, 0xbffc, 0xe652, 0x2, 0x4, 0x8, 0xff}, 0x9c) setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000200)={0x0, @in6={{0xa, 0xce20, 0x6, @empty, 0x2d}}, 0x7, 0x1, 0xf06, 0x3, 0xb4, 0x7f, 0x9}, 0x9c) pipe2$9p(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RSETATTR(r4, &(0x7f0000000000)={0x7, 0x1b, 0x2}, 0xffffff9a) splice(r3, 0x0, r0, 0x0, 0x20000000000002, 0x0) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, 0x0, 0x0) setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f00000001c0)={0x0, @in6={{0xa, 0x4e60, 0xeffffff2, @empty, 0x5}}, 0x10001fc, 0x6, 0xffff1896, 0x3, 0x26, 0xffffffb9, 0x1a}, 0x9c) 5.271459806s ago: executing program 3 (id=525): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x0, &(0x7f00000001c0), 0x1, 0x4bc, &(0x7f0000000a40)="$eJzs3ctvW1UaAPDPdpMmaWb6mNGo7UjTSh2p81DjPDRqMjObWc3MotJoKrEBqYTEDSVOHMVOaaIuUth1wQKBQEIs2PMXsKErKiTEGvaIBSqCEiRAQjK613abOHGwII1p7u8n3ebch/2dU+s7Ovf4Xt8AMuts8k8uYjgiPoyIo43VrQecbfzZuH9zJllyUa9f/iKXHpestw5tve5IRKxHxEBE/P/fEc/ktsetrq7NT5fLpeXmerG2sFSsrq5duLYwPVeaKy2OTV6cmpocnRif2rO23n7puduX3vlv/9vfvHjv7svvvZtUa7i5b3M79lKj6X1xfNO2QxHxz0cRrAcKzfYM9roi/CTJ5/ebiDiX5v/RKKSfJpAF9Xq9/n39cKfd63XgwMqnY+BcfiQiGuV8fmSkMYb/bQzly5Vq7a9XKyuLs42x8rHoy1+9Vi6NNs8VjkVfLlkfS8sP18fb1ici0jHwK4XBdH1kplKe3d+uDmhzpC3/vy408h/ICKf8kF3yH7JL/kN2yX/ILvkP2SX/IbvkP2SX/Ifskv+QXfIfskv+Qyb979KlZKm37n+fvb66Ml+5fmG2VJ0fWViZGZmpLC+NzFUqc+k9Ows/9n7lSmVp7G+xcqNYK1Vrxerq2pWFyspi7Up6X/+VUt++tAroxvEzdz7ORcT63wfTJdHf3CdX4WCr13PR63uQgd4o9LoDAnrG1B9kl3N8oP0netvHBQOdXrj0cL4QeLzke10BoGfOn/L9H2SV+X/ILvP/kF3G+MAOj+jbYrf5f+DxZP4fsmu4w/O/frXp2V2jEfHriPio0He49awv4CDIf5Zrjv/PH/3jcPve/ty36VcE/RHx/BuXX7sxXastjyXbv3ywvfZ6c/v4phd2PGEAeqWVp608BgCya+P+zZnWsp9xP/9X4yKE7fEPNecmB9LvKIc2cluuVcjt0bUL67ci4uRO8XPN5503TmSGNgrb4p9o/s013iKt76H0uen7E//Upvh/2BT/9M/+X4FsuJP0P6M75V8+zel4kH9b+5/hPbp2onP/l3/Q/xU69H9nuozx7JsvfNox/q2I0zvGb8UbSGO1x0/qdr7L+PeeeuJ3nfbV32q8z07xW5JSsbawVKyurl1If0durrQ4NnlxampydGJ8qpjOURdbM9Xb/ePkB3d3a/9Qh/i7tT/Z9ucu2//d799/8uwu8f90bufP/8Qu8Qcj4i9dxv9q/JOnO+1L4s92aH9+l/jJtoku41df/c/hLg8FAPZBdXVtfrpcLi0rKCj0pHDrl1GNtkKveybgUauuJqfmSdL3uiYAAAAAAAAAAABAt/bjcuJetxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4CD4IQAA//9HcdTQ") r0 = creat(0x0, 0x182) r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x181242, 0x148) pwrite64(r1, &(0x7f0000000140)='2', 0xfdef, 0xfecc) fallocate(r0, 0x0, 0xbf5, 0x2000402) ioctl$EXT4_IOC_MOVE_EXT(r1, 0xc028660f, &(0x7f0000000040)={0xc, r0, 0x0, 0x0, 0x0, 0xfffffffffdffffff}) 5.142637777s ago: executing program 4 (id=526): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = socket(0x400000000010, 0x3, 0x0) r2 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00'}, 0x18) sendmsg$nl_route_sched(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)=@newtfilter={0x50, 0x2c, 0xd27, 0x30bd29, 0x25dfdbff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff3}, {}, {0x10, 0x10}}, [@filter_kind_options=@f_flow={{0x9}, {0x20, 0x2, [@TCA_FLOW_EMATCHES={0x1c, 0xb, 0x0, 0x1, [@TCA_EMATCH_TREE_LIST={0x10, 0x2, 0x0, 0x1, [@TCF_EM_CONTAINER={0xc, 0x1, 0x0, 0x0, {{0xe6a7}}}]}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x3}}]}]}}]}, 0x50}, 0x1, 0x0, 0x0, 0x20048084}, 0x2008c010) 4.908853824s ago: executing program 4 (id=529): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000480)=ANY=[@ANYBLOB="6c0000000206030000000000000000000700000705000100070000000900020073797a31000000000c00078005001500030000000500050002000000050004000100000011000300686173683a6970"], 0x6c}, 0x1, 0x0, 0x0, 0x4000}, 0x20004012) 4.579465601s ago: executing program 4 (id=533): bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@base={0x7, 0x4, 0x200, 0x21db}, 0x50) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00'}, 0x18) bpf$MAP_CREATE(0x300000000000000, &(0x7f0000000580)=@base={0x18, 0x4, 0x41, 0x0, 0x1, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x4002, 0x4}, 0x50) r0 = socket$netlink(0x10, 0x3, 0x0) socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) getpeername$packet(r1, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000000c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x50) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r3}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000000)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r4}, 0x18) socket$nl_netfilter(0x10, 0x3, 0xc) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_ADD(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000004c0)=ANY=[@ANYBLOB="44000000090601020000000000000000000000000900020073797a310000000005000100070000001c0007800c00018008000140640101020c000280080001407f0000"], 0x44}, 0x1, 0x0, 0x0, 0x10040047}, 0x240008c4) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000240)=ANY=[@ANYBLOB="5000000010000305fcffffff0000000000000000", @ANYRES32=0x0, @ANYBLOB="1111020031880000280012800b0001006d61637365630000180002800c000400010000010002800008000500feffff7f08000500", @ANYRES32=r2], 0x50}, 0x1, 0x0, 0x0, 0x48890}, 0x0) 4.510583377s ago: executing program 3 (id=534): r0 = socket$inet(0x2, 0x2, 0x1) sendmsg$SEG6_CMD_SETHMAC(0xffffffffffffffff, 0x0, 0x4010) sendmsg$inet(r0, &(0x7f0000001040)={&(0x7f0000000040)={0x2, 0xffff, @remote}, 0x10, &(0x7f0000000000)=[{&(0x7f0000000400)='\b\x00', 0x2}, {&(0x7f0000000180)="2d0000008058", 0x6}], 0x2, &(0x7f0000000100)=ANY=[@ANYBLOB="1c000000000000000000000007000000890b040a0101027f00000100000000001c000000000000000000000008"], 0x40}, 0x20000024) 4.393738886s ago: executing program 0 (id=535): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000840)=ANY=[], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x12, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @cgroup_sock_addr=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$ITER_CREATE(0xb, &(0x7f0000000100), 0x0) close(r1) syz_open_procfs$namespace(0x0, &(0x7f0000000080)='ns/net\x00') r2 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24, r1}, 0x94) bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000005c0)={r2, 0x0, 0x24, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xa) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000640)={@map=r1, 0x24, 0x0, 0x0, &(0x7f0000000040)=[0x0], 0x1, 0x0, 0x0, 0x0, 0x0}, 0x40) 4.195161398s ago: executing program 2 (id=538): r0 = socket$netlink(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$team(&(0x7f00000000c0), 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000240)={'team0\x00', 0x0}) sendmsg$TEAM_CMD_OPTIONS_SET(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000840)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01002abd7000fcdbdf250100000008000100", @ANYRES32=r2, @ANYBLOB="3c000280380001"], 0x58}, 0x1, 0x1000000, 0x0, 0x24004000}, 0x24040840) 4.057635231s ago: executing program 3 (id=539): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x4000000) sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0xffffffffffffff84, &(0x7f0000009b00)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x2}}, [@NFT_MSG_NEWRULE={0x9c, 0x6, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x1}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_RULE_EXPRESSIONS={0x70, 0x4, 0x0, 0x1, [{0x58, 0x1, 0x0, 0x1, @target={{0xb}, @val={0x48, 0x2, 0x0, 0x1, [@NFTA_TARGET_INFO={0x2c, 0x3, "9ac420000461afb9fdd672bad09dfb78c7699c74e891a0c700"/40}, @NFTA_TARGET_REV={0x8}, @NFTA_TARGET_NAME={0xe, 0x1, 'IDLETIMER\x00'}]}}}, {0x14, 0x1, 0x0, 0x1, @socket={{0xb}, @val={0x4}}}]}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0xc4}, 0x1, 0x0, 0x0, 0x4000850}, 0x20040040) 4.000337374s ago: executing program 0 (id=540): r0 = syz_io_uring_setup(0x45b4, &(0x7f0000000280)={0x0, 0x0, 0x10100, 0x200000, 0x46}, &(0x7f0000000080)=0x0, &(0x7f00000000c0)=0x0) r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r3, 0x80, &(0x7f0000000580)=@sco}) sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000008c00)=[{{0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000180)='PU', 0x2}], 0x1}}, {{0x0, 0x0, &(0x7f0000000c80)=[{&(0x7f0000000a80)="fb24ba96", 0x4}], 0x1}}], 0x2, 0x20004810) r4 = socket(0x1e, 0x4, 0x0) setsockopt$packet_tx_ring(r4, 0x10f, 0x87, 0x0, 0x0) recvmsg$unix(r4, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x20) sendmmsg(r4, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x101d0}], 0x1}}], 0x400000000000181, 0x9200000000000000) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="17000000000000000400000003"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0}, 0x94) r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r6}, 0x18) mount$9p_unix(&(0x7f0000000080)='./file0\x00', &(0x7f0000000180)='.\x00', &(0x7f0000000280), 0x808008, &(0x7f0000000440)) io_uring_enter(r0, 0x2914, 0x58f2, 0x0, 0x0, 0x0) 3.900322851s ago: executing program 0 (id=541): bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x11, 0x5, &(0x7f0000000ac0)=ANY=[@ANYBLOB], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0xd, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80000000}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000f00)='kfree\x00', r0, 0x0, 0xfffffffffffffffd}, 0x18) r1 = mq_open(&(0x7f0000000040)='!\x7f\x00\xca\x00\x00\x00\f\x00\x00\x01E!Tnux\x00', 0x6e93ebbbcc0884f2, 0x0, 0x0) mq_timedreceive(r1, 0x0, 0xfffffffffffffee3, 0x0, 0x0) mq_timedsend(r1, 0x0, 0x0, 0x3ed7, 0x0) 3.797202963s ago: executing program 2 (id=544): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) r3 = syz_open_dev$tty20(0xc, 0x4, 0x1) readv(r3, &(0x7f0000000280)=[{&(0x7f0000000140)=""/164, 0xa4}], 0x1) ioctl$TCSETSW(r3, 0x5403, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x19, "90737f0000fbffffffffffffff679495ffffeb"}) 3.710924088s ago: executing program 3 (id=545): syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000740)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f0000000200)={[{@quota}, {@debug}]}, 0x1, 0x246, &(0x7f0000000ac0)="$eJzs3T9oM2UcB/DvXRJf+75BXnURxD8gIloor5vg8rooFKQUEUGFioiL0gq1xa1xcnHQWaWTSxE3q6N0KS6K4FS1Q10ELQ4WBx0iybVS24ja1Jz0Ph+43l3vee73HLnvkyyXBGisq0muJ2klmU7SSVIcb3B3tVw93F2f2l5I+v0nfiqG7ar9ylG/K0l6SR5KslUWeamdrG4+s/fLzmP3vbnSuff9zaenJnqRh/b3dh8/eG/ujY9mH1z94qsf5opcT/dP13X+ihH/axfJLf9Fsf+Jol33CPgn5l/78OtB7m9Ncs8w/52UqV68t5Zv2OrkgXf/qu/bP355+yTHCpy/fr8zeA/s9YHGKZN0U5QzSartspyZqT7Df9O6XL68tPzq9ItLK4sv1D1TAeelm+w++smlj6+cyP/3rSr/wMU1yP+T8xvfDrYPWnWPBpiIO6rVIP/Tz63dH/mHxpF/aC75h+aSf2gu+Yfmkn9oLvmHC6xztNEbeVj+obnkH5pL/qG5jucfAGiW/qW6n0AG6lL3/AMAAAAAAAAAAAAAAAAAAJy2PrW9cLRMquZn7yT7jyRpj6rfGv4ecXLj8O/ln4tBsz8UVbexPHvXmCcY0wc1P31903f11v/8znrrry0mvdeTXGu3T99/xeH9d3Y3/83xzvNjFviXihP7Dz812fon/bZRb/3ZneTTwfxzbdT8U+a24Xr0/NM9/hXLZ/TKr2OeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIn5PQAA//8PK23M") r0 = openat(0xffffffffffffff9c, &(0x7f0000000740)='./file1\x00', 0x183042, 0x15) ioctl$EXT4_IOC_GROUP_EXTEND(r0, 0x40086607, &(0x7f0000000000)=0x3ff) 3.555312197s ago: executing program 0 (id=546): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x0, &(0x7f00000001c0), 0x1, 0x4bc, &(0x7f0000000a40)="$eJzs3ctvW1UaAPDPdpMmaWb6mNGo7UjTSh2p81DjPDRqMjObWc3MotJoKrEBqYTEDSVOHMVOaaIuUth1wQKBQEIs2PMXsKErKiTEGvaIBSqCEiRAQjK613abOHGwII1p7u8n3ebch/2dU+s7Ovf4Xt8AMuts8k8uYjgiPoyIo43VrQecbfzZuH9zJllyUa9f/iKXHpestw5tve5IRKxHxEBE/P/fEc/ktsetrq7NT5fLpeXmerG2sFSsrq5duLYwPVeaKy2OTV6cmpocnRif2rO23n7puduX3vlv/9vfvHjv7svvvZtUa7i5b3M79lKj6X1xfNO2QxHxz0cRrAcKzfYM9roi/CTJ5/ebiDiX5v/RKKSfJpAF9Xq9/n39cKfd63XgwMqnY+BcfiQiGuV8fmSkMYb/bQzly5Vq7a9XKyuLs42x8rHoy1+9Vi6NNs8VjkVfLlkfS8sP18fb1ici0jHwK4XBdH1kplKe3d+uDmhzpC3/vy408h/ICKf8kF3yH7JL/kN2yX/ILvkP2SX/IbvkP2SX/Ifskv+QXfIfskv+Qyb979KlZKm37n+fvb66Ml+5fmG2VJ0fWViZGZmpLC+NzFUqc+k9Ows/9n7lSmVp7G+xcqNYK1Vrxerq2pWFyspi7Up6X/+VUt++tAroxvEzdz7ORcT63wfTJdHf3CdX4WCr13PR63uQgd4o9LoDAnrG1B9kl3N8oP0netvHBQOdXrj0cL4QeLzke10BoGfOn/L9H2SV+X/ILvP/kF3G+MAOj+jbYrf5f+DxZP4fsmu4w/O/frXp2V2jEfHriPio0He49awv4CDIf5Zrjv/PH/3jcPve/ty36VcE/RHx/BuXX7sxXastjyXbv3ywvfZ6c/v4phd2PGEAeqWVp608BgCya+P+zZnWsp9xP/9X4yKE7fEPNecmB9LvKIc2cluuVcjt0bUL67ci4uRO8XPN5503TmSGNgrb4p9o/s013iKt76H0uen7E//Upvh/2BT/9M/+X4FsuJP0P6M75V8+zel4kH9b+5/hPbp2onP/l3/Q/xU69H9nuozx7JsvfNox/q2I0zvGb8UbSGO1x0/qdr7L+PeeeuJ3nfbV32q8z07xW5JSsbawVKyurl1If0durrQ4NnlxampydGJ8qpjOURdbM9Xb/ePkB3d3a/9Qh/i7tT/Z9ucu2//d799/8uwu8f90bufP/8Qu8Qcj4i9dxv9q/JOnO+1L4s92aH9+l/jJtoku41df/c/hLg8FAPZBdXVtfrpcLi0rKCj0pHDrl1GNtkKveybgUauuJqfmSdL3uiYAAAAAAAAAAABAt/bjcuJetxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4CD4IQAA//9HcdTQ") r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x182) r1 = openat(0xffffffffffffff9c, 0x0, 0x181242, 0x148) pwrite64(r1, &(0x7f0000000140)='2', 0xfdef, 0xfecc) fallocate(r0, 0x0, 0xbf5, 0x2000402) ioctl$EXT4_IOC_MOVE_EXT(r1, 0xc028660f, &(0x7f0000000040)={0xc, r0, 0x0, 0x0, 0x0, 0xfffffffffdffffff}) 3.137164584s ago: executing program 3 (id=548): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f00000035c0)={0x0, 0x0, &(0x7f0000003580)={&(0x7f00000009c0)=@newsa={0x138, 0x10, 0x1, 0x0, 0x0, {{@in=@initdev={0xac, 0x1e, 0x1, 0x0}, @in6=@local, 0x0, 0x0, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x5c, 0x0, 0xffffffffffffffff}, {@in6=@remote, 0x14, 0x6c}, @in6=@private0, {0x0, 0x800000000, 0x0, 0xfffffff7ffffffff}, {0x0, 0x4}, {}, 0x80000000, 0x0, 0x2, 0x4, 0x6, 0xc}, [@algo_comp={0x48, 0x3, {{'deflate\x00'}}}]}, 0x138}, 0x1, 0x0, 0x0, 0x400c050}, 0x0) 2.652405323s ago: executing program 3 (id=550): prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7) getpid() sched_setscheduler(0x0, 0x2, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f0000000840)=@abs={0x0, 0x0, 0x4e20}, 0x9) sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r3}, 0x10) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x3000000, &(0x7f0000000600)={[{@grpid}]}, 0x1, 0x521, &(0x7f0000000640)="$eJzs3d9rZFcdAPDvvcmkyW5qpiqyFmyLrewW3ZmksRpF2gqiTwW1vq8xmYSQSSZkJnUTiqb4BwgiKvgH+CL44KMg/RNEWNB3UVFEd/VR98qdudH8mEnGZJJZJ58PnMw598f5nnPJ3Lk/DvcGcG29EBFvRMRYRLwcETPF9LRIsd9J+XKPHr6zlKcksuytvyaRFNMO6srL4xFxs1htMiK++qWIbyQn4zZ399YX6/XadlGutja2qs3dvbtrG4urtdXa5vz83M8j4tWF2axwoX6WI+K1L/zxB9/9yRdf++Unvvm7e3++8628WZ/7UKfdEbF0oQA9dOoutbfFgXwbbV9GsCHJ+1MaG3YrAADoR36M//6I+Gj7+H8mxtpHcwAAAMAoyV6fjn8mERkAAAAwstKImI4krRRjAaYjTSuVzhjeD8aNtN5otj6+0tjZXM7nRZSjlK6s1WuzxVjhcpSSvDxXjLE9KL9yrDwfEc9ExPdnptrlylKjvjzsix8AAABwTdx8/uj5/z9m0nYeAAAAGDHlngUAAABgVDjlBwAAgNHn/B8AAABG2pfffDNP2cF7vJff3t1Zb7x9d7nWXK9s7CxVlhrbW5XVRmO1/cy+jbPqqzcaW5+MzZ371Vat2ao2d/fubTR2Nlv31o68AhsAAAC4Qs88/95vk4jY/+xUO0XxHECAI/4w7AYAgzQ27AYAQzM+7AYAQ1M6cwl7CBh1yRnzTw7e6VwrjF9dTnsAAIDBu/3hk/f/J4p5Z18bAP6fGesDANfP0bt7U0NrB3D1SucdAXhr0C0BhuV9nY+nes3v+fCOPu7/d64xZNm5GgYAAAzMdDslaaU4Tp+ONK1UIp6Ox1k5SsnKWr02W5wf/Gam9FRenmuvmZw5ZhgAAAAAAAAAAAAAAAAAAAAAAAAA6MiyJDIAAABgpEWkf0raT/OPuD3z0vTRqwPH3vr147d+eH+x1dqei5hI/jaTT5qIiNaPiumvZF4JAAAAAMM1lf/pnKcXn3PDbhIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAo+bRw3eWDtJVxv3L5yOi3C3+eEy2PyejFBE3/p7E+KH1kogYG0D8/Xcj4la3+Ek8zrKsXLSiW/ypS45fbm+a7vHTiLg5gPhwnb2X73/e6Pb9S+OF9mf37994kS6q9/4v/c/+b6zH/ufpY+Venn3ws2rP+O9GPDveff9zED/pxD8SIi+82Gcfv/61vb2uMw5V2S3+4VjV1sZWtbm7d3dtY3G1tlrbnJ+f+9TCpxdeXZitrqzVa8XfrmG+95FfPD6t/zd6xC8f7f+J7f9SX73P4l8P7j/8QKdQ6hb/zovdf39v9YifFr99Hyvy+fzbB/n9Tv6w53766+dO6/9yj/5PntH/O331Pz7z8le+8/uuc05sDQDgKjR399YX6/Xa9imZyT6W+Z8yERet5/WBtudJyMTZy0w+IU29jEz27c7/48XqueDqJzLZRVYfjwE0Y+LE93QszlthErGf19XnPyQAADBi/nvQf9odJAAAAAAAAAAAAAAAAAAAAOAynfOxZJMR0ffCx2PuD6erAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACn+ncAAAD//+8b0g8=") 2.315462516s ago: executing program 5 (id=552): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x12, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @cgroup_sock_addr=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$ITER_CREATE(0xb, &(0x7f0000000100), 0x0) close(r1) syz_open_procfs$namespace(0x0, &(0x7f0000000080)='ns/net\x00') r2 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24, r1}, 0x94) bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000005c0)={r2, 0x0, 0x24, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xa) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000640)={@map=r1, 0x24, 0x0, 0x0, &(0x7f0000000040)=[0x0], 0x1, 0x0, 0x0, 0x0, 0x0}, 0x40) 2.060029711s ago: executing program 1 (id=553): r0 = syz_io_uring_setup(0x45b4, &(0x7f0000000280)={0x0, 0x0, 0x10100, 0x200000, 0x46}, &(0x7f0000000080)=0x0, &(0x7f00000000c0)=0x0) r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r3, 0x80, &(0x7f0000000580)=@sco}) sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000008c00)=[{{0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000180)='PU', 0x2}], 0x1}}, {{0x0, 0x0, &(0x7f0000000c80)=[{&(0x7f0000000a80)="fb24ba96", 0x4}], 0x1}}], 0x2, 0x20004810) r4 = socket(0x1e, 0x4, 0x0) setsockopt$packet_tx_ring(r4, 0x10f, 0x87, 0x0, 0x0) recvmsg$unix(r4, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x20) sendmmsg(r4, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x101d0}], 0x1}}], 0x400000000000181, 0x9200000000000000) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="17000000000000000400000003"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0}, 0x94) r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r6}, 0x18) mount$9p_unix(&(0x7f0000000080)='./file0\x00', &(0x7f0000000180)='.\x00', &(0x7f0000000280), 0x808008, &(0x7f0000000440)) io_uring_enter(r0, 0x2914, 0x58f2, 0x0, 0x0, 0x0) 1.824452077s ago: executing program 5 (id=554): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x7, @ipv4={'\x00', '\xff\xff', @local}, 0x1}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000002c0), 0x4) setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000400)=0x1, 0x4) setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, &(0x7f0000000000)=@gcm_128={{0x304}, "bd88818314ff7d84", "0b3ea924c47b25d7624cd362581725c7", "000400", "78cb6e6d9d2574d4"}, 0x28) recvfrom(r0, &(0x7f0000001300)=""/4096, 0x1000, 0x2, 0x0, 0x0) setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000080)=@gcm_128={{0x304}, "bb28ced7b820ec2d", "ca08bd91171e6405c84cdc6e52f57229", "f5ce6f37", "fe017c9f4e95f742"}, 0x28) syz_genetlink_get_family_id$ethtool(&(0x7f0000000200), r0) setsockopt$sock_int(r0, 0x1, 0x12, &(0x7f00000000c0)=0x8, 0x4) 1.572419058s ago: executing program 1 (id=555): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000fdff00000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0xe, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000080)='kmem_cache_free\x00', r0}, 0x18) mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x87) r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000001940), 0x100000, 0x0) ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(r1, 0xc0189374, &(0x7f0000001980)={{0x1, 0x1, 0x1018, 0xffffffffffffffff, {0x5}}, './file0\x00'}) 1.559442683s ago: executing program 5 (id=556): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0500000004000000990000000b"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2}) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000340)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x1, 0x25dfdbfd, {0x0, 0x0, 0x0, r4, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x3, 0x3, 0x6361, 0x7, 0xffffffff, 0x3}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40088c1}, 0x0) 1.431535513s ago: executing program 2 (id=557): syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_SENDMSG={0x9, 0x4, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x50, 0x1}) r0 = syz_io_uring_setup(0x223d, &(0x7f0000000100)={0x0, 0x2e7f, 0x800, 0x2, 0x5cc}, &(0x7f0000000280)=0x0, &(0x7f00000005c0)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffa, 0x0, 0x4) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f0000000740)=[{&(0x7f00000003c0)=""/201, 0xc9}], 0x1) socket$nl_audit(0x10, 0x3, 0x9) r3 = socket(0x10, 0x803, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x1, 0x0, 0xffffffffffffffff, 0x0, r0}) io_uring_enter(r0, 0x749f, 0x4, 0x100000000000000, 0x0, 0xfffffffffffffef5) 1.307258169s ago: executing program 0 (id=558): syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x0, &(0x7f00000004c0)={[{@journal_ioprio={'journal_ioprio', 0x3d, 0x4}}, {@noload}, {@acl}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}]}, 0x1, 0x783, &(0x7f0000001000)="$eJzs3c9rHFUcAPDvbJKmSauJIGg9BQQNlG5Mja2Ch4oHESwU9Gy7bLahZpMt2U1pQg4tIngRVDwIeunZH/Xm1R9X/S88SEvVtFjxIJHZH+222U03bXY3kM8HXva9mdm89903P97sDDsB7FkT6Z9MxKGI+DiJGKtPTyJiqJobjDhRW+72+lo+TUlsbLz9Z1Jd5tb6Wj6a3pM6UC88HRE/fRBxOLO53vLK6nyuWCws1ctTlYXzU+WV1SPnFnJzhbnC4rHpmZmjx186fmznYv3719WD1z954/lvT/z7/lNXP/o5iRNxsD6vOY6dMhET9c9kKP0I7/H6TlfWZ0m/G8BDSTfNgdpWHodiLAaquTZGetkyAKBbNgCAPSgxBgCAPabxPcCt9bV8I/X3G4neuvFaROyvxd+4vlmbM1i/Zre/eh109FZyz5WRJCLGd6D+iYj48vt3v05T1PvBtTSgFy5djogz4xOb9//JpnsWtuuFrWZuDFdfJu6bvNeOP9BPP6Tjn5dbjf8yd8Y/0WL8M9xi230YD97+M9d2oJq20vHfq033tt1uir9ufKBeeqw65htKzp4rFtJ92+MRMRlDw2l5urpo65Hb5M3/brarv3n899en732V1p++3l0ic21w+N73zOYquUeNu+HG5YhnBlvFn9zp/6TN+PdUh3W8+cqHX7Sbl8afxttIm+Pvro0rEc+17P+7fZlseX/iVHV1mGqsFC1899vno+3qb+7/NKX1N84FeiHt/9Gt4x9Pmu/XLG+/jl+ujP3Ybt6D42+9/u9L3qnm99WnXcxVKkvTEfuStzZPP3r3vY1yY/k0/slnW2//tWpbr//pOeGZDuMfvP7HNw8ff3el8c9uq/+3n7l6e36gXf2d9f9MNTdZn9LJ/q/TBj7KZwcAAAAAAAAAAAAAAAAAAAAAAAAAncpExMFIMtk7+Uwmm609w/vJGM0US+XK4bOl5cXZqD4rezyGMo2fuhxr+j3U6frv4TfKR+8rvxgRT0TEZ8Mj1XI2XyrO9jt4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKg70Ob5/6nfh/vdOgCga/b3uwEAQM85/gPA3rO94/9I19oBAPSO838A2Hs6Pv6f6W47AIDecf4PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAl506eTJNG/+sr+XT8uyFleX50oUjs4XyfHZhOZ/Nl5bOZ+dKpbliIZsvLbT9R5dqL8VS6fxMLC5fnKoUypWp8srq6YXS8mLl9LmF3FzhdGGoZ5EBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQOfKK6vzuWKxsCSzZWZkdzRj12QGY1c0Q6Zrmea9xEj/dlAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAu9z/AQAA//+MoS4e") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) pwrite64(r0, &(0x7f0000000140)='2', 0x1, 0x8000c61) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) sendfile(r1, r1, 0x0, 0xe3aa6ea) prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f00000004c0)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, 0x0, 0x0, 0x2, 0x0) r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r6 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_udp_encap(r6, 0x11, 0x64, &(0x7f0000000080)=0x2, 0x4) sendmsg$inet(0xffffffffffffffff, &(0x7f0000000f80)={0x0, 0x0, &(0x7f0000000f40)=[{0x0}], 0x1}, 0x0) recvmsg(0xffffffffffffffff, 0x0, 0x1c3) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000000f0000000000000c00000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000014000200b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r7}, 0x10) bpf$PROG_LOAD(0x5, 0x0, 0x0) accept4(r4, 0x0, 0x0, 0x800) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) add_key$fscrypt_v1(0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff) unshare(0x64000600) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$EXT4_IOC_MOVE_EXT(r0, 0x40305829, &(0x7f0000000240)={0x17c04, 0xffffffffffffffff, 0x100, 0x100000002}) 1.307059265s ago: executing program 1 (id=559): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000de0000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='kmem_cache_free\x00', r0}, 0x18) r1 = socket$tipc(0x1e, 0x2, 0x0) bind$tipc(r1, &(0x7f0000000100)=@name={0x1e, 0x2, 0x0, {{0x42}}}, 0x10) setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000040)={0x42, 0x0, 0x3}, 0x10) r2 = socket$tipc(0x1e, 0x2, 0x0) setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000000)={0x42, 0x0, 0x1}, 0x10) sendmsg$tipc(r2, &(0x7f00000008c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81}, 0x80) r3 = dup3(r1, r2, 0x0) write$RDMA_USER_CM_CMD_RESOLVE_ROUTE(r3, 0x0, 0x0) setsockopt$TIPC_GROUP_LEAVE(r3, 0x10f, 0x88) 1.162454658s ago: executing program 2 (id=560): r0 = socket$kcm(0x11, 0x3, 0x0) setsockopt$sock_attach_bpf(r0, 0x107, 0xf, &(0x7f0000000000), 0x4) sendmsg$kcm(r0, &(0x7f0000000080)={&(0x7f0000000100)=@hci={0x1f, 0x0, 0x4}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="27050200590214000600002fb96dbcf706e10500000086ddffff1144ee1611d4b8bf4a31accbe1ba0777cfbf6ae77256da82f6184b8a34f9", 0x38}, {&(0x7f0000003a00)="1c393502dda1a67d93b1ceccbe972c4fef9c33ecf2d824f3a33513f45f472bbdc8e3a2275f2587f0da0b3ae419bed996116448f90d113ce98aa985f379d729430858f5cb9a668a1800bf2354b33cdff83033de518580a3080d7f4cc2406e071138439e1566dd17983ee153ab672f362d3292e24a9952f18ec3d8b37bb3391096c1d4442a754899299321c03cbcfb98a26994b2a072c2b9d9c70d619545e5f61b050e40166d2ff57dcc008f24fd5339e7bc21e25863f80d2487c30b6bf781608a31d68e9319ab1712d8f5bdde849c040417c864cbfd3923dcb9fc6bdc2ea53334184b03efcb631dc68f0a7b6e13eea4b80d4237120e32932ca4e2b50bad0a35496d36a191d91f03b477b9587bc0ba489932e34f819fa1524ebad53a3d94b46c6aeff4f42fa067729fbb2862c09d337a75e0c8429d4bfe0dee2e1e23e8c22787178600ecca135623731e4701f35bd4e7c936a8ee274120e7662328a5aba1161b05889b045696721c79bff0547efe051f3c5de77fdd3c77afd41a1a7747a982b7efb013c9d6bac7d3ad1f9b7c3a5a1448b35696f03bca1c875e346edc55b7a271c3e5f3c0df72c8e4d7cccfa2e9b598f0ae06efbc1a5d5bd91aed6b32deccf7755cef50fab72633c802533b9d94f17f9be978f2514c47671575ee528fbdddc6194328e605e4d10e293756d20eb8a545f2bfe48df5d1d98a270458392a0a57647dcb8ee005e78877a072d12d0429b9b9957a695c3289b4a59469691115e6ba204181708b9d1ae47418ed594b8128f20c100f5485a84e60d73ab818da73fab78caf42afd1f89cdb29dfdd6676c55ea00d35321bc4878170c62b056b4e03ae556ac804026cabcbc8e79e7a18f2", 0x26a}], 0x2}, 0x9cdc2384056b48b8) 1.122779659s ago: executing program 5 (id=561): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000001100)={&(0x7f0000001140)=ANY=[@ANYBLOB="a00100001000010000000000004000007e88000000000000caf393a6f8488a5c34a00000000000d3b1aad91414bb0000000200"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000000000000000000000000000032000000ac14143500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fdffffffffffffff00000000000000000000000800000000000200000000000000000000000000000200000000000000000000000a000000f4000000000000004800020063626328616573290000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001c0017000000000000000000000000002abd700028bd7000000000004c001400"], 0x1a0}}, 0x0) 951.241396ms ago: executing program 1 (id=562): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000012c0)={0x3, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000002000000000000000008500000061000000850000000700000095"], &(0x7f0000000200)='GPL\x00'}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r0, 0x1f2f, 0xe, 0x0, &(0x7f0000000440)="9f449470fe919559684010a40800", 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 814.747028ms ago: executing program 2 (id=563): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = socket(0x400000000010, 0x3, 0x0) socket$unix(0x1, 0x1, 0x0) sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, 0x0, {0x0, 0x1}, {0xffff, 0xffff}, {0x0, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x1, 0x8}}}]}, 0x38}}, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00'}, 0x18) sendmsg$nl_route_sched(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)=@newtfilter={0x50, 0x2c, 0xd27, 0x30bd29, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, {0x0, 0xfff3}, {}, {0x10, 0x10}}, [@filter_kind_options=@f_flow={{0x9}, {0x20, 0x2, [@TCA_FLOW_EMATCHES={0x1c, 0xb, 0x0, 0x1, [@TCA_EMATCH_TREE_LIST={0x10, 0x2, 0x0, 0x1, [@TCF_EM_CONTAINER={0xc, 0x1, 0x0, 0x0, {{0xe6a7}}}]}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x3}}]}]}}]}, 0x50}, 0x1, 0x0, 0x0, 0x20048084}, 0x2008c010) 557.158373ms ago: executing program 5 (id=564): socket$netlink(0x10, 0x3, 0x10) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0) r0 = io_uring_setup(0x7, &(0x7f0000000040)={0x0, 0xc8a1, 0xc000, 0x8, 0xc1}) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x2, 0x4, 0x1, 0xbf22}, 0x48) io_uring_enter(r0, 0x2219, 0x7721, 0x16, 0x0, 0x0) 267.209658ms ago: executing program 1 (id=565): r0 = socket$inet(0x2, 0x2, 0x1) sendmsg$SEG6_CMD_SETHMAC(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x14}, 0x4010) sendmsg$inet(r0, 0x0, 0x20000024) 106.969613ms ago: executing program 5 (id=566): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x12, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @cgroup_sock_addr=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$ITER_CREATE(0xb, &(0x7f0000000100), 0x0) close(r1) syz_open_procfs$namespace(0x0, &(0x7f0000000080)='ns/net\x00') r2 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24, r1}, 0x94) bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000005c0)={r2, 0x0, 0x24, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xa) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000640)={@map=r1, 0x24, 0x0, 0x0, &(0x7f0000000040)=[0x0], 0x1, 0x0, 0x0, 0x0, 0x0}, 0x40) 70.536753ms ago: executing program 2 (id=567): r0 = syz_open_procfs$namespace(0x0, &(0x7f0000001380)='ns/cgroup\x00') open_by_handle_at(r0, &(0x7f00000003c0)=ANY=[@ANYBLOB="20000000f10002000600000000000000000002"], 0x0) 0s ago: executing program 1 (id=568): r0 = syz_io_uring_setup(0x45b4, &(0x7f0000000280)={0x0, 0x0, 0x10100, 0x200000, 0x46}, &(0x7f0000000080)=0x0, &(0x7f00000000c0)=0x0) r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r3, 0x80, &(0x7f0000000580)=@sco}) sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000008c00)=[{{0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000180)='PU', 0x2}], 0x1}}, {{0x0, 0x0, &(0x7f0000000c80)=[{&(0x7f0000000a80)="fb24ba96", 0x4}], 0x1}}], 0x2, 0x20004810) r4 = socket(0x1e, 0x4, 0x0) setsockopt$packet_tx_ring(r4, 0x10f, 0x87, 0x0, 0x0) recvmsg$unix(r4, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x20) sendmmsg(r4, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x101d0}], 0x1}}], 0x400000000000181, 0x9200000000000000) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0}, 0x94) r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="17000000000000000400000003"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0}, 0x94) r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r6}, 0x18) mount$9p_unix(&(0x7f0000000080)='./file0\x00', &(0x7f0000000180)='.\x00', &(0x7f0000000280), 0x808008, &(0x7f0000000440)) io_uring_enter(r0, 0x2914, 0x58f2, 0x0, 0x0, 0x0) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.1.120' (ED25519) to the list of known hosts. [ 101.422962][ T43] cfg80211: failed to load regulatory.db [ 101.970184][ T5813] cgroup: Unknown subsys name 'net' [ 102.146065][ T5813] cgroup: Unknown subsys name 'cpuset' [ 102.156000][ T5813] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 103.848173][ T5813] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 106.821912][ T5841] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 106.842228][ T5843] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 106.851089][ T5850] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 106.859405][ T5850] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 106.865321][ T5851] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 106.868166][ T5850] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 106.874425][ T5851] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 106.881572][ T5850] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 106.888324][ T5851] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 106.896272][ T5850] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 106.903512][ T5851] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 106.909786][ T5850] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 106.915594][ T5851] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 106.931499][ T5850] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 106.931934][ T5851] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 106.952278][ T5850] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 106.961911][ T5851] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 106.972406][ T5850] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 106.979891][ T5850] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 107.006983][ T5838] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 107.009077][ T5854] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 107.017759][ T5838] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 107.031487][ T5854] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 107.032946][ T5853] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 107.042050][ T5854] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 107.052629][ T5853] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 107.053355][ T5854] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 107.061049][ T5853] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 107.075772][ T5853] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 107.089368][ T5853] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 107.868046][ T5835] chnl_net:caif_netlink_parms(): no params data found [ 107.906134][ T5832] chnl_net:caif_netlink_parms(): no params data found [ 108.086858][ T5834] chnl_net:caif_netlink_parms(): no params data found [ 108.270550][ T5833] chnl_net:caif_netlink_parms(): no params data found [ 108.386963][ T5835] bridge0: port 1(bridge_slave_0) entered blocking state [ 108.394214][ T5835] bridge0: port 1(bridge_slave_0) entered disabled state [ 108.401907][ T5835] bridge_slave_0: entered allmulticast mode [ 108.409506][ T5835] bridge_slave_0: entered promiscuous mode [ 108.470590][ T5830] chnl_net:caif_netlink_parms(): no params data found [ 108.489418][ T5835] bridge0: port 2(bridge_slave_1) entered blocking state [ 108.496640][ T5835] bridge0: port 2(bridge_slave_1) entered disabled state [ 108.504159][ T5835] bridge_slave_1: entered allmulticast mode [ 108.512003][ T5835] bridge_slave_1: entered promiscuous mode [ 108.543378][ T5832] bridge0: port 1(bridge_slave_0) entered blocking state [ 108.550497][ T5832] bridge0: port 1(bridge_slave_0) entered disabled state [ 108.558341][ T5832] bridge_slave_0: entered allmulticast mode [ 108.565990][ T5832] bridge_slave_0: entered promiscuous mode [ 108.573799][ T5831] chnl_net:caif_netlink_parms(): no params data found [ 108.633330][ T5832] bridge0: port 2(bridge_slave_1) entered blocking state [ 108.640452][ T5832] bridge0: port 2(bridge_slave_1) entered disabled state [ 108.647722][ T5832] bridge_slave_1: entered allmulticast mode [ 108.655831][ T5832] bridge_slave_1: entered promiscuous mode [ 108.693574][ T5835] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 108.760562][ T5835] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 108.770383][ T5834] bridge0: port 1(bridge_slave_0) entered blocking state [ 108.777825][ T5834] bridge0: port 1(bridge_slave_0) entered disabled state [ 108.785203][ T5834] bridge_slave_0: entered allmulticast mode [ 108.792827][ T5834] bridge_slave_0: entered promiscuous mode [ 108.801065][ T5834] bridge0: port 2(bridge_slave_1) entered blocking state [ 108.808211][ T5834] bridge0: port 2(bridge_slave_1) entered disabled state [ 108.815513][ T5834] bridge_slave_1: entered allmulticast mode [ 108.823066][ T5834] bridge_slave_1: entered promiscuous mode [ 108.925403][ T5832] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 108.979768][ T5835] team0: Port device team_slave_0 added [ 109.003685][ T5832] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 109.022081][ T5845] Bluetooth: hci2: command tx timeout [ 109.036348][ T5833] bridge0: port 1(bridge_slave_0) entered blocking state [ 109.043882][ T5833] bridge0: port 1(bridge_slave_0) entered disabled state [ 109.051634][ T5833] bridge_slave_0: entered allmulticast mode [ 109.059157][ T5833] bridge_slave_0: entered promiscuous mode [ 109.068045][ T5833] bridge0: port 2(bridge_slave_1) entered blocking state [ 109.075331][ T5833] bridge0: port 2(bridge_slave_1) entered disabled state [ 109.082554][ T5833] bridge_slave_1: entered allmulticast mode [ 109.090399][ T5833] bridge_slave_1: entered promiscuous mode [ 109.100948][ T5845] Bluetooth: hci0: command tx timeout [ 109.106542][ T5843] Bluetooth: hci5: command tx timeout [ 109.116381][ T5835] team0: Port device team_slave_1 added [ 109.125439][ T5834] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 109.181150][ T5843] Bluetooth: hci4: command tx timeout [ 109.181236][ T5845] Bluetooth: hci3: command tx timeout [ 109.192753][ T5843] Bluetooth: hci1: command tx timeout [ 109.201385][ T5830] bridge0: port 1(bridge_slave_0) entered blocking state [ 109.209429][ T5830] bridge0: port 1(bridge_slave_0) entered disabled state [ 109.216759][ T5830] bridge_slave_0: entered allmulticast mode [ 109.224360][ T5830] bridge_slave_0: entered promiscuous mode [ 109.248634][ T5834] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 109.273654][ T5832] team0: Port device team_slave_0 added [ 109.310404][ T5831] bridge0: port 1(bridge_slave_0) entered blocking state [ 109.318134][ T5831] bridge0: port 1(bridge_slave_0) entered disabled state [ 109.325395][ T5831] bridge_slave_0: entered allmulticast mode [ 109.333203][ T5831] bridge_slave_0: entered promiscuous mode [ 109.359083][ T5833] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 109.368383][ T5830] bridge0: port 2(bridge_slave_1) entered blocking state [ 109.375703][ T5830] bridge0: port 2(bridge_slave_1) entered disabled state [ 109.383094][ T5830] bridge_slave_1: entered allmulticast mode [ 109.390702][ T5830] bridge_slave_1: entered promiscuous mode [ 109.413957][ T5832] team0: Port device team_slave_1 added [ 109.420939][ T5835] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 109.427901][ T5835] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 109.454289][ T5835] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 109.468149][ T5834] team0: Port device team_slave_0 added [ 109.474640][ T5831] bridge0: port 2(bridge_slave_1) entered blocking state [ 109.482430][ T5831] bridge0: port 2(bridge_slave_1) entered disabled state [ 109.489596][ T5831] bridge_slave_1: entered allmulticast mode [ 109.497338][ T5831] bridge_slave_1: entered promiscuous mode [ 109.506842][ T5833] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 109.562827][ T5835] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 109.569770][ T5835] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 109.596536][ T5835] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 109.609607][ T5834] team0: Port device team_slave_1 added [ 109.718161][ T5833] team0: Port device team_slave_0 added [ 109.727194][ T5830] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 109.738048][ T5832] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 109.745207][ T5832] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 109.771603][ T5832] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 109.784312][ T5832] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 109.791310][ T5832] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 109.817527][ T5832] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 109.845789][ T5831] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 109.857538][ T5833] team0: Port device team_slave_1 added [ 109.866253][ T5830] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 109.925285][ T5834] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 109.932320][ T5834] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 109.958332][ T5834] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 109.972250][ T5831] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 110.027822][ T5834] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 110.035084][ T5834] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 110.061172][ T5834] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 110.103273][ T5830] team0: Port device team_slave_0 added [ 110.109863][ T5833] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 110.117459][ T5833] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 110.143495][ T5833] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 110.161016][ T5835] hsr_slave_0: entered promiscuous mode [ 110.167557][ T5835] hsr_slave_1: entered promiscuous mode [ 110.199701][ T5830] team0: Port device team_slave_1 added [ 110.206468][ T5833] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 110.213554][ T5833] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 110.239533][ T5833] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 110.296456][ T5832] hsr_slave_0: entered promiscuous mode [ 110.303300][ T5832] hsr_slave_1: entered promiscuous mode [ 110.309787][ T5832] debugfs: 'hsr0' already exists in 'hsr' [ 110.315661][ T5832] Cannot create hsr debugfs directory [ 110.327498][ T5831] team0: Port device team_slave_0 added [ 110.411121][ T5831] team0: Port device team_slave_1 added [ 110.418671][ T5830] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 110.425629][ T5830] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 110.451638][ T5830] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 110.522816][ T5830] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 110.529757][ T5830] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 110.555902][ T5830] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 110.595222][ T5834] hsr_slave_0: entered promiscuous mode [ 110.602056][ T5834] hsr_slave_1: entered promiscuous mode [ 110.608248][ T5834] debugfs: 'hsr0' already exists in 'hsr' [ 110.614023][ T5834] Cannot create hsr debugfs directory [ 110.674872][ T5833] hsr_slave_0: entered promiscuous mode [ 110.681939][ T5833] hsr_slave_1: entered promiscuous mode [ 110.688160][ T5833] debugfs: 'hsr0' already exists in 'hsr' [ 110.694027][ T5833] Cannot create hsr debugfs directory [ 110.722544][ T5831] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 110.729496][ T5831] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 110.755619][ T5831] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 110.768830][ T5831] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 110.775963][ T5831] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 110.801990][ T5831] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 110.882336][ T5830] hsr_slave_0: entered promiscuous mode [ 110.888800][ T5830] hsr_slave_1: entered promiscuous mode [ 110.895734][ T5830] debugfs: 'hsr0' already exists in 'hsr' [ 110.901505][ T5830] Cannot create hsr debugfs directory [ 111.092055][ T5831] hsr_slave_0: entered promiscuous mode [ 111.098560][ T5831] hsr_slave_1: entered promiscuous mode [ 111.105550][ T5831] debugfs: 'hsr0' already exists in 'hsr' [ 111.111195][ T5845] Bluetooth: hci2: command tx timeout [ 111.111322][ T5831] Cannot create hsr debugfs directory [ 111.181342][ T5845] Bluetooth: hci5: command tx timeout [ 111.181489][ T5843] Bluetooth: hci0: command tx timeout [ 111.261041][ T5845] Bluetooth: hci4: command tx timeout [ 111.266708][ T5843] Bluetooth: hci1: command tx timeout [ 111.279096][ T5845] Bluetooth: hci3: command tx timeout [ 111.674812][ T5835] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 111.692536][ T5835] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 111.717037][ T5835] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 111.744924][ T5835] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 111.802461][ T5833] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 111.815064][ T5833] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 111.837607][ T5833] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 111.848965][ T5833] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 111.931352][ T5834] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 111.945614][ T5834] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 111.956832][ T5834] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 111.969165][ T5834] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 112.123358][ T5830] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 112.135489][ T5830] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 112.149732][ T5830] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 112.172203][ T5830] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 112.241992][ T5835] 8021q: adding VLAN 0 to HW filter on device bond0 [ 112.313638][ T5832] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 112.325446][ T5832] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 112.354208][ T5834] 8021q: adding VLAN 0 to HW filter on device bond0 [ 112.370735][ T5832] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 112.383191][ T5832] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 112.418084][ T5835] 8021q: adding VLAN 0 to HW filter on device team0 [ 112.448664][ T5833] 8021q: adding VLAN 0 to HW filter on device bond0 [ 112.488496][ T3557] bridge0: port 1(bridge_slave_0) entered blocking state [ 112.495836][ T3557] bridge0: port 1(bridge_slave_0) entered forwarding state [ 112.546403][ T5831] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 112.564290][ T3557] bridge0: port 2(bridge_slave_1) entered blocking state [ 112.571427][ T3557] bridge0: port 2(bridge_slave_1) entered forwarding state [ 112.585636][ T5833] 8021q: adding VLAN 0 to HW filter on device team0 [ 112.598983][ T5834] 8021q: adding VLAN 0 to HW filter on device team0 [ 112.606217][ T5831] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 112.637648][ T5831] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 112.649932][ T49] bridge0: port 1(bridge_slave_0) entered blocking state [ 112.657212][ T49] bridge0: port 1(bridge_slave_0) entered forwarding state [ 112.668983][ T49] bridge0: port 2(bridge_slave_1) entered blocking state [ 112.676157][ T49] bridge0: port 2(bridge_slave_1) entered forwarding state [ 112.698322][ T5831] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 112.753179][ T49] bridge0: port 1(bridge_slave_0) entered blocking state [ 112.760319][ T49] bridge0: port 1(bridge_slave_0) entered forwarding state [ 112.818942][ T2976] bridge0: port 2(bridge_slave_1) entered blocking state [ 112.826121][ T2976] bridge0: port 2(bridge_slave_1) entered forwarding state [ 112.878783][ T5835] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 112.892301][ T5835] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 112.933378][ T5833] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 112.997966][ T5830] 8021q: adding VLAN 0 to HW filter on device bond0 [ 113.038694][ T5830] 8021q: adding VLAN 0 to HW filter on device team0 [ 113.113818][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 113.121811][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 113.158699][ T5832] 8021q: adding VLAN 0 to HW filter on device bond0 [ 113.186172][ T5843] Bluetooth: hci2: command tx timeout [ 113.197113][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 113.204310][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 113.260970][ T5843] Bluetooth: hci0: command tx timeout [ 113.273261][ T5843] Bluetooth: hci5: command tx timeout [ 113.307801][ T5832] 8021q: adding VLAN 0 to HW filter on device team0 [ 113.348163][ T5843] Bluetooth: hci1: command tx timeout [ 113.354330][ T5845] Bluetooth: hci3: command tx timeout [ 113.359752][ T5845] Bluetooth: hci4: command tx timeout [ 113.366865][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 113.374062][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 113.459989][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 113.467223][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 113.512944][ T5831] 8021q: adding VLAN 0 to HW filter on device bond0 [ 113.615222][ T5835] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 113.643254][ T5831] 8021q: adding VLAN 0 to HW filter on device team0 [ 113.703431][ T5833] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 113.763718][ T49] bridge0: port 1(bridge_slave_0) entered blocking state [ 113.770935][ T49] bridge0: port 1(bridge_slave_0) entered forwarding state [ 113.872808][ T49] bridge0: port 2(bridge_slave_1) entered blocking state [ 113.879987][ T49] bridge0: port 2(bridge_slave_1) entered forwarding state [ 113.927532][ T5834] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 114.293779][ T5834] veth0_vlan: entered promiscuous mode [ 114.326555][ T5830] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 114.372518][ T5834] veth1_vlan: entered promiscuous mode [ 114.544394][ T5834] veth0_macvtap: entered promiscuous mode [ 114.584775][ T5834] veth1_macvtap: entered promiscuous mode [ 114.636310][ T5830] veth0_vlan: entered promiscuous mode [ 114.705491][ T5830] veth1_vlan: entered promiscuous mode [ 114.726564][ T5834] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 114.773845][ T5834] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 114.797121][ T5832] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 114.829272][ T5830] veth0_macvtap: entered promiscuous mode [ 114.850349][ T5835] veth0_vlan: entered promiscuous mode [ 114.871491][ T36] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 114.895377][ T36] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 114.923476][ T5830] veth1_macvtap: entered promiscuous mode [ 114.937019][ T36] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 114.947849][ T36] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 114.964765][ T5835] veth1_vlan: entered promiscuous mode [ 114.997360][ T5833] veth0_vlan: entered promiscuous mode [ 115.009492][ T5831] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 115.040151][ T5833] veth1_vlan: entered promiscuous mode [ 115.074990][ T5830] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 115.117219][ T5830] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 115.145491][ T5832] veth0_vlan: entered promiscuous mode [ 115.172574][ T3557] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 115.180524][ T3557] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 115.197875][ T3557] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 115.223489][ T5832] veth1_vlan: entered promiscuous mode [ 115.243135][ T49] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 115.253273][ T49] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 115.262770][ T5845] Bluetooth: hci2: command tx timeout [ 115.292056][ T49] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 115.336375][ T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 115.348002][ T5833] veth0_macvtap: entered promiscuous mode [ 115.351316][ T5843] Bluetooth: hci0: command tx timeout [ 115.359442][ T5845] Bluetooth: hci5: command tx timeout [ 115.368217][ T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 115.383080][ T5835] veth0_macvtap: entered promiscuous mode [ 115.412956][ T5835] veth1_macvtap: entered promiscuous mode [ 115.426798][ T5845] Bluetooth: hci4: command tx timeout [ 115.428258][ T5832] veth0_macvtap: entered promiscuous mode [ 115.432338][ T5843] Bluetooth: hci1: command tx timeout [ 115.438126][ T5853] Bluetooth: hci3: command tx timeout [ 115.452502][ T5833] veth1_macvtap: entered promiscuous mode [ 115.504976][ T5832] veth1_macvtap: entered promiscuous mode [ 115.513776][ T5831] veth0_vlan: entered promiscuous mode [ 115.543535][ T5834] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 115.547224][ T5833] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 115.601448][ T5835] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 115.619618][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 115.656865][ T5833] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 115.662772][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 115.706100][ T5831] veth1_vlan: entered promiscuous mode [ 115.734364][ T5832] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 115.747147][ T49] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 115.747852][ T5971] loop2: detected capacity change from 0 to 1024 [ 115.766940][ T49] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 115.775826][ T5971] ======================================================= [ 115.775826][ T5971] WARNING: The mand mount option has been deprecated and [ 115.775826][ T5971] and is ignored by this kernel. Remove the mand [ 115.775826][ T5971] option from the mount to silence this warning. [ 115.775826][ T5971] ======================================================= [ 115.775946][ T5971] EXT4-fs: Ignoring removed nomblk_io_submit option [ 115.775978][ T5971] EXT4-fs: inline encryption not supported [ 115.776003][ T5971] EXT4-fs: Ignoring removed i_version option [ 115.863162][ T5971] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 115.875759][ T5832] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 115.895587][ T5835] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 115.907281][ T49] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 115.915265][ T30] audit: type=1800 audit(1760491892.218:2): pid=5971 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.3" name="file1" dev="loop2" ino=15 res=0 errno=0 [ 115.945964][ T30] audit: type=1800 audit(1760491892.258:3): pid=5971 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.3" name="file1" dev="loop2" ino=15 res=0 errno=0 [ 115.978139][ T49] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 115.997068][ T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 115.999319][ T36] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 116.005597][ T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 116.051263][ T36] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 116.067511][ T5834] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 116.096217][ T5831] veth0_macvtap: entered promiscuous mode [ 116.118859][ T36] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 116.245439][ T36] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 116.271384][ T36] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 116.289367][ T5976] loop0: detected capacity change from 0 to 2048 [ 116.291010][ T5831] veth1_macvtap: entered promiscuous mode [ 116.328444][ T36] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 116.331389][ T5978] Zero length message leads to an empty skb [ 116.366416][ T5976] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 116.378101][ T3557] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 116.398131][ T36] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 116.400839][ T3557] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 116.421103][ T36] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 116.545624][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 116.589311][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 116.620981][ T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 116.639970][ T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 116.754770][ T5984] loop2: detected capacity change from 0 to 128 [ 116.766749][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 116.787831][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 116.789548][ T5984] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 116.883429][ T5984] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 116.921454][ T36] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 116.941521][ T36] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 116.964178][ T1143] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 117.029142][ T1143] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 117.127179][ T1143] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 117.152451][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 117.160317][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 117.176699][ T5987] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1286: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters [ 117.214032][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 117.223342][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 117.278809][ T5987] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 192 with error 28 [ 117.408602][ T5990] loop2: detected capacity change from 0 to 512 [ 117.452500][ T5987] EXT4-fs (loop0): This should not happen!! Data will be lost [ 117.452500][ T5987] [ 117.468573][ T5990] EXT4-fs error (device loop2): ext4_orphan_get:1392: inode #15: comm syz.2.9: casefold flag without casefold feature [ 117.502313][ T5987] EXT4-fs (loop0): Total free blocks count 0 [ 117.508340][ T5987] EXT4-fs (loop0): Free/Dirty block details [ 117.513565][ T5990] EXT4-fs error (device loop2): ext4_orphan_get:1395: comm syz.2.9: couldn't read orphan inode 15 (err -117) [ 117.520444][ T5987] EXT4-fs (loop0): free_blocks=2415919504 [ 117.540585][ T5994] syz.1.2 uses obsolete (PF_INET,SOCK_PACKET) [ 117.552208][ T5990] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 117.618293][ T5987] EXT4-fs (loop0): dirty_blocks=208 [ 117.732976][ T5834] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 117.741747][ T5987] EXT4-fs (loop0): Block reservation details [ 117.782234][ T5987] EXT4-fs (loop0): i_reserved_data_blocks=13 [ 117.811007][ T1143] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 117.852025][ T1143] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 118.874039][ T6006] xt_policy: output policy not valid in PREROUTING and INPUT [ 119.328886][ T1143] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 119.358314][ T1143] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 119.494429][ T30] audit: type=1326 audit(1760491895.798:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6012 comm="syz.5.6" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcac8d8eec9 code=0x7ffc0000 [ 119.579995][ T30] audit: type=1326 audit(1760491895.798:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6012 comm="syz.5.6" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcac8d8eec9 code=0x7ffc0000 [ 119.682169][ T30] audit: type=1326 audit(1760491895.798:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6012 comm="syz.5.6" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcac8d8eec9 code=0x7ffc0000 [ 119.755756][ T30] audit: type=1326 audit(1760491895.798:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6012 comm="syz.5.6" exe="/root/syz-executor" sig=0 arch=c000003e syscall=22 compat=0 ip=0x7fcac8d8eec9 code=0x7ffc0000 [ 119.831932][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 119.852560][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 119.891756][ T30] audit: type=1326 audit(1760491895.808:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6012 comm="syz.5.6" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcac8d8eec9 code=0x7ffc0000 [ 120.003004][ T30] audit: type=1326 audit(1760491895.808:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6012 comm="syz.5.6" exe="/root/syz-executor" sig=0 arch=c000003e syscall=278 compat=0 ip=0x7fcac8d8eec9 code=0x7ffc0000 [ 120.078093][ T30] audit: type=1326 audit(1760491895.808:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6012 comm="syz.5.6" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcac8d8eec9 code=0x7ffc0000 [ 120.188727][ T30] audit: type=1326 audit(1760491895.808:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6012 comm="syz.5.6" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcac8d8eec9 code=0x7ffc0000 [ 121.434340][ T6034] usb usb1: usbfs: interface 0 claimed by hub while 'syz.3.4' sets config #1 [ 121.645022][ T6038] loop2: detected capacity change from 0 to 256 [ 121.781475][ T6038] FAT-fs (loop2): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 121.825461][ T6038] FAT-fs (loop2): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 121.885927][ T6038] FAT-fs (loop2): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 121.941326][ T30] audit: type=1800 audit(1760491898.248:12): pid=6038 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.21" name="file1" dev="loop2" ino=1048611 res=0 errno=0 [ 122.745774][ T6061] netlink: 12 bytes leftover after parsing attributes in process `syz.2.30'. [ 122.805502][ T6061] netlink: 4 bytes leftover after parsing attributes in process `syz.2.30'. [ 122.862318][ T6061] bridge0: port 2(bridge_slave_1) entered disabled state [ 123.094242][ T6061] bridge_slave_1 (unregistering): left allmulticast mode [ 123.132364][ T6061] bridge_slave_1 (unregistering): left promiscuous mode [ 123.142502][ T30] audit: type=1326 audit(1760491899.458:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6066 comm="syz.4.34" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7be78eec9 code=0x7ffc0000 [ 123.164782][ T6061] bridge0: port 2(bridge_slave_1) entered disabled state [ 123.207779][ T6069] netlink: 'syz.5.33': attribute type 4 has an invalid length. [ 123.250425][ T30] audit: type=1326 audit(1760491899.458:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6066 comm="syz.4.34" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff7be78eec9 code=0x7ffc0000 [ 123.357582][ T30] audit: type=1326 audit(1760491899.458:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6066 comm="syz.4.34" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7be78eec9 code=0x7ffc0000 [ 123.480873][ T30] audit: type=1326 audit(1760491899.458:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6066 comm="syz.4.34" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7be78eec9 code=0x7ffc0000 [ 123.573828][ T30] audit: type=1326 audit(1760491899.458:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6066 comm="syz.4.34" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff7be78eec9 code=0x7ffc0000 [ 123.681651][ T30] audit: type=1326 audit(1760491899.458:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6066 comm="syz.4.34" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7be78eec9 code=0x7ffc0000 [ 123.773278][ T30] audit: type=1326 audit(1760491899.468:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6066 comm="syz.4.34" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff7be78eec9 code=0x7ffc0000 [ 123.850912][ T30] audit: type=1326 audit(1760491899.488:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6066 comm="syz.4.34" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7be78eec9 code=0x7ffc0000 [ 123.950270][ T30] audit: type=1326 audit(1760491899.508:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6066 comm="syz.4.34" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7be78eec9 code=0x7ffc0000 [ 124.111945][ T6083] netlink: 20 bytes leftover after parsing attributes in process `syz.5.39'. [ 124.415439][ T6091] loop2: detected capacity change from 0 to 764 [ 124.444567][ T6093] netlink: 8 bytes leftover after parsing attributes in process `syz.3.43'. [ 124.496753][ T6091] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 124.887759][ T6084] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 124.921190][ T6084] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 124.967972][ T6103] loop2: detected capacity change from 0 to 512 [ 125.023353][ T6084] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 125.057794][ T6084] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 125.077013][ T6103] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 125.115781][ T6084] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 125.171096][ T6103] ext4 filesystem being mounted at /15/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 125.215530][ T6084] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 125.343284][ T6084] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 125.358105][ T6084] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 125.494621][ T6084] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 125.517176][ T5834] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 125.553550][ T6084] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 125.562686][ T6084] Bluetooth: hci5: Opcode 0x0406 failed: -4 [ 125.614490][ T6084] Bluetooth: hci5: Opcode 0x0406 failed: -4 [ 125.693545][ T6084] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 125.770979][ T6084] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 125.872231][ T6084] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 125.895224][ T3557] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 65537 with max blocks 1 with error 28 [ 125.952259][ T6084] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 125.962142][ T3557] EXT4-fs (loop0): This should not happen!! Data will be lost [ 125.962142][ T3557] [ 126.002554][ T3557] EXT4-fs (loop0): Total free blocks count 0 [ 126.011022][ T6084] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 126.028897][ T6084] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 126.035085][ T3557] EXT4-fs (loop0): Free/Dirty block details [ 126.046087][ T3557] EXT4-fs (loop0): free_blocks=2415919504 [ 126.052890][ T3557] EXT4-fs (loop0): dirty_blocks=16 [ 126.058467][ T3557] EXT4-fs (loop0): Block reservation details [ 126.066205][ T3557] EXT4-fs (loop0): i_reserved_data_blocks=1 [ 126.461423][ T5853] Bluetooth: hci1: command 0x0c1a tx timeout [ 127.101007][ T5853] Bluetooth: hci0: command 0x0c1a tx timeout [ 127.434256][ T5853] Bluetooth: hci2: command 0x0c1a tx timeout [ 127.443014][ T5830] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 127.498635][ T6138] loop3: detected capacity change from 0 to 512 [ 127.555130][ T6138] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 127.555534][ T6139] netlink: 4 bytes leftover after parsing attributes in process `syz.5.61'. [ 127.576724][ T6142] loop0: detected capacity change from 0 to 1024 [ 127.584581][ T5853] Bluetooth: hci5: command 0x0c1a tx timeout [ 127.619239][ T6142] EXT4-fs: Ignoring removed orlov option [ 127.645088][ T6138] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 127.737885][ T6138] EXT4-fs warning (device loop3): ext4_expand_extra_isize_ea:2852: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 127.754485][ T5853] Bluetooth: hci3: command 0x0c1a tx timeout [ 127.765774][ T6138] EXT4-fs (loop3): 1 truncate cleaned up [ 127.786556][ T6145] loop2: detected capacity change from 0 to 512 [ 127.790443][ T6142] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 127.807801][ T6138] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 127.885691][ T6145] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 127.942119][ T6145] ext4 filesystem being mounted at /18/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 127.987270][ T5853] Bluetooth: hci4: command 0x0c1a tx timeout [ 128.032144][ T5831] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 128.515823][ T5193] udevd[5193]: worker [5892] terminated by signal 33 (Unknown signal 33) [ 128.541743][ T5853] Bluetooth: hci1: command 0x0c1a tx timeout [ 128.554150][ T5834] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 128.918566][ T5830] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 128.947123][ T6154] syz.1.64: vmalloc error: size 268439552, failed to allocated page array size 524296, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 129.004805][ T6154] CPU: 1 UID: 0 PID: 6154 Comm: syz.1.64 Not tainted syzkaller #0 PREEMPT(full) [ 129.004853][ T6154] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 129.004874][ T6154] Call Trace: [ 129.004885][ T6154] [ 129.004897][ T6154] dump_stack_lvl+0x16c/0x1f0 [ 129.004960][ T6154] warn_alloc+0x248/0x3a0 [ 129.005028][ T6154] ? __pfx_warn_alloc+0x10/0x10 [ 129.005110][ T6154] ? xskq_create+0xfb/0x1d0 [ 129.005155][ T6154] ? srso_alias_return_thunk+0x5/0xfbef5 [ 129.005199][ T6154] ? __vmalloc_node_noprof+0xad/0xf0 [ 129.005260][ T6154] __vmalloc_node_range_noprof+0xfe2/0x1480 [ 129.005329][ T6154] ? xskq_create+0xfb/0x1d0 [ 129.005386][ T6154] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 129.005455][ T6154] ? xskq_create+0xfb/0x1d0 [ 129.005501][ T6154] vmalloc_user_noprof+0x9e/0xe0 [ 129.005552][ T6154] ? xskq_create+0xfb/0x1d0 [ 129.005599][ T6154] xskq_create+0xfb/0x1d0 [ 129.005649][ T6154] xsk_setsockopt+0x792/0x9a0 [ 129.005701][ T6154] ? __pfx_xsk_setsockopt+0x10/0x10 [ 129.005743][ T6154] ? srso_alias_return_thunk+0x5/0xfbef5 [ 129.005786][ T6154] ? find_held_lock+0x2b/0x80 [ 129.005849][ T6154] ? srso_alias_return_thunk+0x5/0xfbef5 [ 129.005892][ T6154] ? aa_sock_opt_perm+0xfd/0x1c0 [ 129.005954][ T6154] ? __pfx_xsk_setsockopt+0x10/0x10 [ 129.006000][ T6154] do_sock_setsockopt+0xf3/0x1d0 [ 129.006045][ T6154] __sys_setsockopt+0x1a0/0x230 [ 129.006106][ T6154] __x64_sys_setsockopt+0xbd/0x160 [ 129.006157][ T6154] ? do_syscall_64+0x91/0xfa0 [ 129.006212][ T6154] ? srso_alias_return_thunk+0x5/0xfbef5 [ 129.006256][ T6154] ? lockdep_hardirqs_on+0x7c/0x110 [ 129.006308][ T6154] do_syscall_64+0xcd/0xfa0 [ 129.006366][ T6154] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 129.006401][ T6154] RIP: 0033:0x7fcd3818eec9 [ 129.006428][ T6154] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 129.006461][ T6154] RSP: 002b:00007fcd38f6a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 129.006494][ T6154] RAX: ffffffffffffffda RBX: 00007fcd383e6180 RCX: 00007fcd3818eec9 [ 129.006518][ T6154] RDX: 0000000000000002 RSI: 000000000000011b RDI: 0000000000000006 [ 129.006539][ T6154] RBP: 00007fcd38211f91 R08: 0000000000000004 R09: 0000000000000000 [ 129.006560][ T6154] R10: 00002000000004c0 R11: 0000000000000246 R12: 0000000000000000 [ 129.006583][ T6154] R13: 00007fcd383e6218 R14: 00007fcd383e6180 R15: 00007fff435f3d48 [ 129.006633][ T6154] [ 129.261034][ T5853] Bluetooth: hci0: command 0x0c1a tx timeout [ 129.270595][ T6154] Mem-Info: [ 129.278735][ T6154] active_anon:5124 inactive_anon:0 isolated_anon:0 [ 129.278735][ T6154] active_file:3530 inactive_file:39897 isolated_file:0 [ 129.278735][ T6154] unevictable:768 dirty:117 writeback:0 [ 129.278735][ T6154] slab_reclaimable:10558 slab_unreclaimable:97861 [ 129.278735][ T6154] mapped:35524 shmem:1483 pagetables:1105 [ 129.278735][ T6154] sec_pagetables:0 bounce:0 [ 129.278735][ T6154] kernel_misc_reclaimable:0 [ 129.278735][ T6154] free:1299112 free_pcp:19571 free_cma:0 [ 129.358023][ T6154] Node 0 active_anon:20196kB inactive_anon:0kB active_file:14120kB inactive_file:159384kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:142096kB dirty:468kB writeback:0kB shmem:3896kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:12452kB pagetables:4288kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 129.488983][ T6154] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:48kB pagetables:132kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 129.572591][ T5853] Bluetooth: hci2: command 0x0c1a tx timeout [ 129.627348][ T6154] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 129.671844][ T5853] Bluetooth: hci5: command 0x0c1a tx timeout [ 129.762501][ T6154] lowmem_reserve[]: 0 2483 2485 2485 2485 [ 129.821166][ T5853] Bluetooth: hci3: command 0x0c1a tx timeout [ 129.837248][ T6154] Node 0 DMA32 free:1285312kB boost:0kB min:34108kB low:42632kB high:51156kB reserved_highatomic:0KB free_highatomic:0KB active_anon:20196kB inactive_anon:0kB active_file:14120kB inactive_file:159384kB unevictable:1536kB writepending:468kB zspages:0kB present:3129332kB managed:2543524kB mlocked:0kB bounce:0kB free_pcp:63532kB local_pcp:44352kB free_cma:0kB [ 129.883040][ T6154] lowmem_reserve[]: 0 0 1 1 1 [ 129.887991][ T6154] Node 0 Normal free:0kB boost:0kB min:24kB low:28kB high:32kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:1900kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 129.958855][ T6154] lowmem_reserve[]: 0 0 0 0 0 [ 129.997890][ T6154] Node 1 Normal free:3894576kB boost:0kB min:55768kB low:69708kB high:83648kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB writepending:0kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:18712kB local_pcp:7392kB free_cma:0kB [ 130.065712][ T6154] lowmem_reserve[]: 0 0 0 0 0 [ 130.070687][ T6154] Node 0 DMA: 0*4kB [ 130.070902][ T5853] Bluetooth: hci4: command 0x0c1a tx timeout [ 130.081152][ T6154] 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 130.114184][ T6154] Node 0 DMA32: 373*4kB (UME) 165*8kB (M) 93*16kB (UM) 60*32kB (ME) 46*64kB (UME) 27*128kB (UM) 18*256kB (UM) 7*512kB (M) 4*1024kB (UME) 5*2048kB (M) 305*4096kB (M) = 1284428kB [ 130.140564][ T6154] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 130.169846][ T6154] Node 1 Normal: 98*4kB (UE) 49*8kB (UME) 36*16kB (UME) 71*32kB (UME) 20*64kB (UME) 6*128kB (UME) 5*256kB (UME) 3*512kB (ME) 1*1024kB (M) 1*2048kB (E) 948*4096kB (M) = 3894576kB [ 130.188489][ T6154] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 130.198893][ T6154] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 130.260015][ T6154] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 130.277796][ T6181] loop0: detected capacity change from 0 to 2048 [ 130.289199][ T6154] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 130.325143][ T6181] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 130.325860][ T6154] 45012 total pagecache pages [ 130.365853][ T6154] 0 pages in swap cache [ 130.370091][ T6154] Free swap = 124996kB [ 130.386604][ T6154] Total swap = 124996kB [ 130.402315][ T6154] 2097051 pages RAM [ 130.433836][ T6154] 0 pages HighMem/MovableOnly [ 130.486679][ T6154] 429080 pages reserved [ 130.528180][ T6154] 0 pages cma reserved [ 130.631803][ T5853] Bluetooth: hci1: command 0x0c1a tx timeout [ 130.805526][ T6146] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 131.353016][ T5853] Bluetooth: hci0: command 0x0c1a tx timeout [ 131.379385][ T6198] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1286: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters [ 131.395487][ T6198] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 224 with error 28 [ 131.408127][ T6198] EXT4-fs (loop0): This should not happen!! Data will be lost [ 131.408127][ T6198] [ 131.437382][ T6198] EXT4-fs (loop0): Total free blocks count 0 [ 131.450020][ T6198] EXT4-fs (loop0): Free/Dirty block details [ 131.459946][ T6146] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 131.515647][ T6198] EXT4-fs (loop0): free_blocks=2415919504 [ 131.580959][ T5853] Bluetooth: hci2: command 0x0c1a tx timeout [ 131.590579][ T6198] EXT4-fs (loop0): dirty_blocks=240 [ 131.596051][ T6198] EXT4-fs (loop0): Block reservation details [ 131.602664][ T6198] EXT4-fs (loop0): i_reserved_data_blocks=15 [ 131.656031][ T30] kauditd_printk_skb: 11 callbacks suppressed [ 131.656056][ T30] audit: type=1326 audit(1760491907.968:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6201 comm="syz.4.83" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7be78eec9 code=0x7ffc0000 [ 131.709950][ T6203] loop4: detected capacity change from 0 to 512 [ 131.724857][ T6203] EXT4-fs (loop4): orphan cleanup on readonly fs [ 131.731496][ T30] audit: type=1326 audit(1760491907.998:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6201 comm="syz.4.83" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7be78eec9 code=0x7ffc0000 [ 131.761190][ T5853] Bluetooth: hci5: command 0x0c1a tx timeout [ 131.772197][ T30] audit: type=1326 audit(1760491908.008:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6201 comm="syz.4.83" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7be78eec9 code=0x7ffc0000 [ 131.786429][ T6203] EXT4-fs error (device loop4): ext4_orphan_get:1418: comm syz.4.83: bad orphan inode 13 [ 131.797587][ T30] audit: type=1326 audit(1760491908.008:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6201 comm="syz.4.83" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7be78eec9 code=0x7ffc0000 [ 131.827179][ T30] audit: type=1326 audit(1760491908.008:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6201 comm="syz.4.83" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff7be78eec9 code=0x7ffc0000 [ 131.849657][ T30] audit: type=1326 audit(1760491908.008:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6201 comm="syz.4.83" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7be78eec9 code=0x7ffc0000 [ 131.872275][ T30] audit: type=1326 audit(1760491908.008:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6201 comm="syz.4.83" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7be78eec9 code=0x7ffc0000 [ 131.897820][ T30] audit: type=1326 audit(1760491908.008:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6201 comm="syz.4.83" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7be78eec9 code=0x7ffc0000 [ 131.920666][ T5853] Bluetooth: hci3: command 0x0c1a tx timeout [ 131.926979][ T30] audit: type=1326 audit(1760491908.008:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6201 comm="syz.4.83" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7be78eec9 code=0x7ffc0000 [ 131.949358][ T30] audit: type=1326 audit(1760491908.008:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6201 comm="syz.4.83" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff7be78eec9 code=0x7ffc0000 [ 131.962813][ T6203] ext4_test_bit(bit=12, block=18) = 1 [ 132.001898][ T6203] is_bad_inode(inode)=0 [ 132.006148][ T6203] NEXT_ORPHAN(inode)=2130706432 [ 132.081875][ T6203] max_ino=32 [ 132.085138][ T6203] i_nlink=1 [ 132.113234][ T6203] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 132.145251][ T5853] Bluetooth: hci4: command 0x0c1a tx timeout [ 132.201236][ T6146] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 132.311942][ T5833] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 132.550461][ T6146] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 132.839782][ T6227] Driver unsupported XDP return value 0 on prog (id 51) dev N/A, expect packet loss! [ 132.891551][ T6230] netlink: 'syz.3.92': attribute type 13 has an invalid length. [ 132.924866][ T6230] netlink: 28 bytes leftover after parsing attributes in process `syz.3.92'. [ 133.254558][ T6237] loop5: detected capacity change from 0 to 512 [ 133.265541][ T49] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 133.279702][ T6237] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 133.300612][ T1159] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 133.335660][ T6237] EXT4-fs (loop5): 1 truncate cleaned up [ 133.367807][ T6240] loop3: detected capacity change from 0 to 512 [ 133.390383][ T6237] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 133.425547][ T6031] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 133.449477][ T6240] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x05417272 (sector = 1) [ 133.472332][ T6031] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 133.494620][ T6240] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 133.644816][ T5835] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 134.001445][ T6254] ip6_tunnel: non-ECT from fc02:0000:0000:0000:0000:0000:0000:0000 with DS=0x6 [ 134.265614][ T6240] netlink: 16 bytes leftover after parsing attributes in process `syz.3.97'. [ 134.756795][ T6268] 9pnet_fd: p9_fd_create_unix (6268): problem connecting socket: ./file0: -2 [ 134.816876][ T6273] netlink: 'syz.1.109': attribute type 13 has an invalid length. [ 134.847634][ T6273] netlink: 28 bytes leftover after parsing attributes in process `syz.1.109'. [ 135.207008][ T6282] 9p: Unknown access argument : -22 [ 136.391944][ T6318] netlink: 520 bytes leftover after parsing attributes in process `syz.4.122'. [ 136.719333][ T6328] loop5: detected capacity change from 0 to 512 [ 136.818983][ T6328] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 136.852938][ T6328] ext4 filesystem being mounted at /19/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 137.226577][ T5835] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 137.495242][ T6350] ip6_tunnel: non-ECT from fc02:0000:0000:0000:0000:0000:0000:0000 with DS=0x6 [ 137.783766][ T1159] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 65537 with max blocks 1 with error 28 [ 137.809383][ T1159] EXT4-fs (loop0): This should not happen!! Data will be lost [ 137.809383][ T1159] [ 137.855280][ T6331] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 137.866498][ T1159] EXT4-fs (loop0): Total free blocks count 0 [ 137.881323][ T1159] EXT4-fs (loop0): Free/Dirty block details [ 137.905356][ T1159] EXT4-fs (loop0): free_blocks=2415919504 [ 137.921108][ T1159] EXT4-fs (loop0): dirty_blocks=16 [ 137.926503][ T1159] EXT4-fs (loop0): Block reservation details [ 137.932640][ T1159] EXT4-fs (loop0): i_reserved_data_blocks=1 [ 137.973534][ T5830] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 138.209630][ T6331] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 138.424390][ T6331] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 138.786417][ T6377] loop0: detected capacity change from 0 to 128 [ 138.793736][ T6377] vfat: Unknown parameter '017777777777777777777770000000000000000000000018446744073709551615{i:A- yWn8v4blb_;5 93dAU]^LtDxJ' [ 139.631723][ T6331] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 139.722060][ T6382] netlink: 56 bytes leftover after parsing attributes in process `syz.5.136'. [ 139.734000][ T6382] netlink: 28 bytes leftover after parsing attributes in process `syz.5.136'. [ 139.743110][ T6382] netlink: 28 bytes leftover after parsing attributes in process `syz.5.136'. [ 139.978346][ T3557] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 140.056917][ T3557] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 140.154784][ T6031] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 140.203265][ T3557] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 140.536531][ T6403] erspan0: entered promiscuous mode [ 140.687247][ T6417] loop1: detected capacity change from 0 to 512 [ 140.751443][ T6417] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 140.805414][ T6417] EXT4-fs (loop1): 1 truncate cleaned up [ 140.831272][ T6417] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 140.868403][ T6433] loop2: detected capacity change from 0 to 512 [ 140.876530][ T6430] process 'syz.5.158' launched './file0' with NULL argv: empty string added [ 140.897855][ T6427] loop4: detected capacity change from 0 to 1024 [ 140.937319][ T6433] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 140.972071][ T6427] EXT4-fs: Ignoring removed nomblk_io_submit option [ 140.980996][ T6433] ext4 filesystem being mounted at /32/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 141.031101][ T6427] EXT4-fs: quotafile must be on filesystem root [ 141.094325][ T6427] loop4: detected capacity change from 0 to 512 [ 141.107331][ T6427] ext4: Unknown parameter 'nouser_xattr' [ 141.195267][ T30] kauditd_printk_skb: 34 callbacks suppressed [ 141.195293][ T30] audit: type=1326 audit(1760491917.448:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6438 comm="syz.3.161" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7f4b8eec9 code=0x7ffc0000 [ 141.212257][ T5832] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 141.320940][ T30] audit: type=1326 audit(1760491917.448:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6438 comm="syz.3.161" exe="/root/syz-executor" sig=0 arch=c000003e syscall=435 compat=0 ip=0x7fc7f4b8eec9 code=0x7ffc0000 [ 141.404781][ T30] audit: type=1326 audit(1760491917.558:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6438 comm="syz.3.161" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7f4b8eec9 code=0x7ffc0000 [ 141.530764][ T30] audit: type=1326 audit(1760491917.558:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6438 comm="syz.3.161" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7f4b8eec9 code=0x7ffc0000 [ 141.591095][ T30] audit: type=1326 audit(1760491917.578:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6442 comm="syz.3.161" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fc7f4bc1785 code=0x7ffc0000 [ 141.643662][ T5834] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 141.682646][ T30] audit: type=1326 audit(1760491917.758:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6442 comm="syz.3.161" exe="/root/syz-executor" sig=0 arch=c000003e syscall=60 compat=0 ip=0x7fc7f4b8eec9 code=0x7ffc0000 [ 141.917265][ T6455] 9pnet_fd: p9_fd_create_unix (6455): problem connecting socket: ./file0: -2 [ 142.956381][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 142.963351][ T1296] ieee802154 phy1 wpan1: encryption failed: -22 [ 143.044057][ T6473] loop5: detected capacity change from 0 to 128 [ 143.052484][ T6473] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 143.067124][ T6473] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 143.206909][ T3557] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 143.300966][ T6475] loop1: detected capacity change from 0 to 512 [ 143.319005][ T6475] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 143.334718][ T6468] bridge0: port 2(bridge_slave_1) entered disabled state [ 143.342647][ T6468] bridge0: port 1(bridge_slave_0) entered disabled state [ 143.388465][ T6475] EXT4-fs (loop1): 1 truncate cleaned up [ 143.433857][ T6475] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 143.446359][ T6477] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(12) [ 143.453215][ T6477] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 143.472845][ T6481] loop5: detected capacity change from 0 to 128 [ 143.496535][ T6477] vhci_hcd vhci_hcd.0: Device attached [ 143.528177][ T6468] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 143.535674][ T6486] vhci_hcd vhci_hcd.0: pdev(0) rhport(1) sockfd(15) [ 143.535760][ T6486] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 143.535826][ T6486] vhci_hcd vhci_hcd.0: Device attached [ 143.569036][ T6468] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 143.577503][ T6489] vhci_hcd vhci_hcd.0: pdev(0) rhport(2) sockfd(14) [ 143.584205][ T6489] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 143.599910][ T6477] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 143.623930][ T6489] vhci_hcd vhci_hcd.0: Device attached [ 143.645812][ T5832] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 143.693703][ T6477] vhci_hcd vhci_hcd.0: pdev(0) rhport(4) sockfd(18) [ 143.700360][ T6477] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 143.713872][ T6477] vhci_hcd vhci_hcd.0: Device attached [ 143.750376][ T6477] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(22) [ 143.757038][ T6477] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 143.773038][ T6017] usb 33-1: new low-speed USB device number 2 using vhci_hcd [ 143.790516][ T6477] vhci_hcd vhci_hcd.0: Device attached [ 143.797035][ T6486] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 143.836274][ T6501] ip6_tunnel: non-ECT from fc02:0000:0000:0000:0000:0000:0000:0000 with DS=0x6 [ 143.859829][ T6477] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 143.919801][ T3557] netdevsim netdevsim3 eth0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 143.932184][ T6486] vhci_hcd vhci_hcd.0: port 0 already used [ 144.049805][ T3557] netdevsim netdevsim3 eth1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 144.111047][ T3557] netdevsim netdevsim3 eth2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 144.119475][ T3557] netdevsim netdevsim3 eth3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 144.160208][ T6495] vhci_hcd: connection closed [ 144.160336][ T6487] vhci_hcd: connection closed [ 144.161774][ T6491] vhci_hcd: connection closed [ 144.171629][ T6482] vhci_hcd: connection reset by peer [ 144.181890][ T6497] vhci_hcd: connection closed [ 144.189772][ T49] vhci_hcd: stop threads [ 144.202542][ T6510] loop3: detected capacity change from 0 to 512 [ 144.225350][ T49] vhci_hcd: release socket [ 144.237798][ T49] vhci_hcd: disconnect device [ 144.252606][ T49] vhci_hcd: stop threads [ 144.273110][ T49] vhci_hcd: release socket [ 144.288978][ T49] vhci_hcd: disconnect device [ 144.313569][ T6510] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 144.326445][ T49] vhci_hcd: stop threads [ 144.330723][ T49] vhci_hcd: release socket [ 144.331081][ T6510] ext4 filesystem being mounted at /29/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 144.381396][ T49] vhci_hcd: disconnect device [ 144.413155][ T49] vhci_hcd: stop threads [ 144.417454][ T49] vhci_hcd: release socket [ 144.444668][ T5831] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 144.460589][ T6481] syz.5.177 (6481) used greatest stack depth: 19720 bytes left [ 144.460886][ T49] vhci_hcd: disconnect device [ 144.513710][ T49] vhci_hcd: stop threads [ 144.528209][ T49] vhci_hcd: release socket [ 144.534749][ T49] vhci_hcd: disconnect device [ 144.583138][ T6522] netlink: 'syz.1.188': attribute type 4 has an invalid length. [ 144.614853][ T6519] 9pnet_fd: p9_fd_create_unix (6519): problem connecting socket: ./file0: -2 [ 144.660321][ T6524] loop3: detected capacity change from 0 to 1024 [ 144.682678][ T6521] netlink: 52 bytes leftover after parsing attributes in process `syz.2.189'. [ 144.813448][ T6493] infiniband syz!: set active [ 144.819651][ T6493] infiniband syz!: added team_slave_0 [ 144.827614][ T6524] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 144.842500][ T6493] syz!: rxe_create_cq: returned err = -12 [ 144.848591][ T6493] infiniband syz!: Couldn't create ib_mad CQ [ 144.863117][ T6493] infiniband syz!: Couldn't open port 1 [ 144.913084][ T6529] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING [ 144.940909][ T6493] RDS/IB: syz!: added [ 144.945634][ T6493] smc: adding ib device syz! with port count 1 [ 144.954381][ T6493] smc: ib device syz! port 1 has no pnetid [ 145.027775][ T5831] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 145.554215][ T6549] netlink: 168 bytes leftover after parsing attributes in process `syz.3.199'. [ 145.859741][ T6563] loop2: detected capacity change from 0 to 512 [ 145.884289][ T30] audit: type=1326 audit(1760491922.188:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6564 comm="syz.1.207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd3818eec9 code=0x7ffc0000 [ 145.934527][ T6563] EXT4-fs (loop2): 1 truncate cleaned up [ 145.963272][ T30] audit: type=1326 audit(1760491922.188:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6564 comm="syz.1.207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=69 compat=0 ip=0x7fcd3818eec9 code=0x7ffc0000 [ 145.991577][ T30] audit: type=1326 audit(1760491922.188:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6564 comm="syz.1.207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd3818eec9 code=0x7ffc0000 [ 146.009375][ T6563] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 146.017672][ T30] audit: type=1326 audit(1760491922.188:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6564 comm="syz.1.207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=118 compat=0 ip=0x7fcd3818eec9 code=0x7ffc0000 [ 146.205096][ T5834] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 146.448485][ T30] kauditd_printk_skb: 1 callbacks suppressed [ 146.448509][ T30] audit: type=1326 audit(1760491922.748:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6578 comm="syz.2.212" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe48738eec9 code=0x7ffc0000 [ 146.541926][ T30] audit: type=1326 audit(1760491922.748:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6578 comm="syz.2.212" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe48738eec9 code=0x7ffc0000 [ 146.645438][ T6586] erspan0: entered promiscuous mode [ 146.658375][ T30] audit: type=1326 audit(1760491922.758:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6578 comm="syz.2.212" exe="/root/syz-executor" sig=0 arch=c000003e syscall=121 compat=0 ip=0x7fe48738eec9 code=0x7ffc0000 [ 146.728584][ T30] audit: type=1326 audit(1760491922.758:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6578 comm="syz.2.212" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe48738eec9 code=0x7ffc0000 [ 146.781717][ T30] audit: type=1326 audit(1760491922.758:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6578 comm="syz.2.212" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe48738eec9 code=0x7ffc0000 [ 146.845247][ T30] audit: type=1326 audit(1760491922.758:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6578 comm="syz.2.212" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe48738eec9 code=0x7ffc0000 [ 146.896397][ T30] audit: type=1326 audit(1760491922.758:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6578 comm="syz.2.212" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe48738eec9 code=0x7ffc0000 [ 146.961041][ T30] audit: type=1326 audit(1760491922.758:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6578 comm="syz.2.212" exe="/root/syz-executor" sig=0 arch=c000003e syscall=434 compat=0 ip=0x7fe48738eec9 code=0x7ffc0000 [ 147.029540][ T30] audit: type=1326 audit(1760491922.758:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6578 comm="syz.2.212" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe48738eec9 code=0x7ffc0000 [ 147.083957][ T30] audit: type=1326 audit(1760491922.758:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6578 comm="syz.2.212" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe48738eec9 code=0x7ffc0000 [ 147.762972][ T6606] netlink: 20 bytes leftover after parsing attributes in process `syz.2.224'. [ 148.054168][ T6619] ip6_tunnel: non-ECT from fc02:0000:0000:0000:0000:0000:0000:0000 with DS=0x6 [ 148.729153][ T6641] loop4: detected capacity change from 0 to 512 [ 148.768444][ T6647] netlink: 20 bytes leftover after parsing attributes in process `syz.3.242'. [ 148.810860][ T6641] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 148.871291][ T6641] EXT4-fs (loop4): 1 truncate cleaned up [ 148.882996][ T6641] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 148.938406][ T6654] netlink: 24 bytes leftover after parsing attributes in process `+}[@'. [ 148.948752][ T6017] vhci_hcd: vhci_device speed not set [ 149.125062][ T5833] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 150.177462][ T6684] loop3: detected capacity change from 0 to 512 [ 150.231653][ T5911] usb usb34-port1: attempt power cycle [ 150.283680][ T6684] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 150.329711][ T6684] ext4 filesystem being mounted at /45/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 150.407874][ T5831] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 150.574164][ T6697] ip6_tunnel: non-ECT from fc02:0000:0000:0000:0000:0000:0000:0000 with DS=0x6 [ 150.635849][ T6699] loop0: detected capacity change from 0 to 2048 [ 150.709073][ T6699] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 150.833822][ T5911] usb usb34-port1: unable to enumerate USB device [ 151.671860][ T6725] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1286: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters [ 151.686831][ T6725] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 96 with error 28 [ 151.699307][ T6725] EXT4-fs (loop0): This should not happen!! Data will be lost [ 151.699307][ T6725] [ 151.709180][ T6725] EXT4-fs (loop0): Total free blocks count 0 [ 151.715217][ T6725] EXT4-fs (loop0): Free/Dirty block details [ 151.721153][ T6725] EXT4-fs (loop0): free_blocks=2415919504 [ 151.726885][ T6725] EXT4-fs (loop0): dirty_blocks=112 [ 151.732148][ T6725] EXT4-fs (loop0): Block reservation details [ 151.738135][ T6725] EXT4-fs (loop0): i_reserved_data_blocks=7 [ 151.803975][ T6714] Bluetooth: hci0: Opcode 0x0c03 failed: -4 [ 152.209968][ T6732] loop1: detected capacity change from 0 to 512 [ 152.333548][ T6732] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 152.449006][ T6732] ext4 filesystem being mounted at /51/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 152.934595][ T5832] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 153.034441][ T6745] capability: warning: `syz.5.279' uses deprecated v2 capabilities in a way that may be insecure [ 153.280117][ T6747] lo speed is unknown, defaulting to 1000 [ 153.286337][ T6747] lo speed is unknown, defaulting to 1000 [ 153.371102][ T6747] lo speed is unknown, defaulting to 1000 [ 153.376714][ T6752] tmpfs: Bad value for 'mpol' [ 153.402098][ T6031] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 65537 with max blocks 1 with error 28 [ 153.416672][ T6747] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 153.513314][ T6747] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98 [ 153.814229][ T6747] lo speed is unknown, defaulting to 1000 [ 153.849834][ T6747] lo speed is unknown, defaulting to 1000 [ 153.894781][ T6747] lo speed is unknown, defaulting to 1000 [ 153.935607][ T6747] lo speed is unknown, defaulting to 1000 [ 153.981198][ T6747] lo speed is unknown, defaulting to 1000 [ 154.010612][ T6747] lo speed is unknown, defaulting to 1000 [ 154.463277][ T6787] loop0: detected capacity change from 0 to 512 [ 154.502431][ T6787] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 154.523960][ T6791] netlink: 56 bytes leftover after parsing attributes in process `syz.4.294'. [ 154.541923][ T6791] netlink: 28 bytes leftover after parsing attributes in process `syz.4.294'. [ 154.562849][ T6787] ext4 filesystem being mounted at /30/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 154.594456][ T6791] netlink: 28 bytes leftover after parsing attributes in process `syz.4.294'. [ 154.666507][ T30] kauditd_printk_skb: 51 callbacks suppressed [ 154.666532][ T30] audit: type=1804 audit(1760491930.978:149): pid=6787 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.292" name="/newroot/30/file1/bus" dev="loop0" ino=18 res=1 errno=0 [ 154.788784][ T30] audit: type=1800 audit(1760491930.978:150): pid=6787 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.292" name="bus" dev="loop0" ino=18 res=0 errno=0 [ 154.794968][ T5830] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 154.874529][ T6798] netlink: 80 bytes leftover after parsing attributes in process `syz.3.297'. [ 155.212268][ T6808] 9pnet_fd: p9_fd_create_unix (6808): problem connecting socket: ./file0: -2 [ 155.524367][ T30] audit: type=1326 audit(1760491931.828:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6818 comm="syz.5.308" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcac8d8eec9 code=0x7ffc0000 [ 155.648191][ T6828] loop1: detected capacity change from 0 to 512 [ 155.684684][ T30] audit: type=1326 audit(1760491931.838:152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6818 comm="syz.5.308" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7fcac8d8eec9 code=0x7ffc0000 [ 155.720967][ T6830] netlink: 8 bytes leftover after parsing attributes in process `syz.4.312'. [ 155.759973][ T30] audit: type=1326 audit(1760491931.838:153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6818 comm="syz.5.308" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcac8d8eec9 code=0x7ffc0000 [ 155.788613][ T30] audit: type=1326 audit(1760491931.868:154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6818 comm="syz.5.308" exe="/root/syz-executor" sig=0 arch=c000003e syscall=221 compat=0 ip=0x7fcac8d8eec9 code=0x7ffc0000 [ 155.814785][ T6828] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 155.836438][ T6834] loop5: detected capacity change from 0 to 1024 [ 155.845363][ T30] audit: type=1326 audit(1760491931.868:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6818 comm="syz.5.308" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcac8d8eec9 code=0x7ffc0000 [ 155.869697][ T6828] ext4 filesystem being mounted at /56/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 155.875408][ T6834] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 155.909241][ T6831] pim6reg: entered allmulticast mode [ 155.914816][ T6838] pim6reg: left allmulticast mode [ 155.964000][ T6834] EXT4-fs error (device loop5): ext4_ext_check_inode:523: inode #11: comm syz.5.313: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512) [ 155.988002][ T6834] EXT4-fs error (device loop5): ext4_orphan_get:1395: comm syz.5.313: couldn't read orphan inode 11 (err -117) [ 156.005229][ T6834] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 156.037688][ T6834] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:482: comm syz.5.313: Invalid block bitmap block 0 in block_group 0 [ 156.057733][ T6834] Quota error (device loop5): write_blk: dquota write failed [ 156.074442][ T6834] Quota error (device loop5): qtree_write_dquot: Error -117 occurred while creating quota [ 156.091105][ T6834] EXT4-fs error (device loop5): ext4_acquire_dquot:6943: comm syz.5.313: Failed to acquire dquot type 0 [ 156.127356][ T5832] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 156.149382][ T6846] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000. [ 156.330165][ T5835] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 156.521547][ T6859] 9pnet_fd: p9_fd_create_unix (6859): problem connecting socket: ./file0: -2 [ 156.686568][ T6864] loop1: detected capacity change from 0 to 512 [ 156.742083][ T6864] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 156.787799][ T6864] ext4 filesystem being mounted at /58/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 156.858784][ T6864] netlink: 'syz.1.323': attribute type 27 has an invalid length. [ 156.887825][ T6874] loop3: detected capacity change from 0 to 512 [ 156.919601][ T6874] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 156.935185][ T6874] ext4 filesystem being mounted at /62/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 157.056167][ T6864] bridge0: port 2(bridge_slave_1) entered disabled state [ 157.064087][ T6864] bridge0: port 1(bridge_slave_0) entered disabled state [ 157.084852][ T5831] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 157.108594][ T6886] serio: Serial port ptm0 [ 157.179060][ T30] audit: type=1326 audit(1760491933.488:156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6883 comm="syz.4.330" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7be78eec9 code=0x7ffc0000 [ 157.268814][ T6887] loop4: detected capacity change from 0 to 512 [ 157.349563][ T6887] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 157.390976][ T6887] ext4 filesystem being mounted at /68/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 157.460141][ T6887] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 157.581955][ T6864] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 157.648592][ T6864] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 158.115471][ T6876] erspan0: left promiscuous mode [ 158.188732][ T6895] netlink: 4 bytes leftover after parsing attributes in process `syz.5.332'. [ 158.199796][ T6876] 8021q: adding VLAN 0 to HW filter on device bond0 [ 158.223512][ T6876] 8021q: adding VLAN 0 to HW filter on device team0 [ 158.250706][ T6895] netlink: 4 bytes leftover after parsing attributes in process `syz.5.332'. [ 158.270423][ T6876] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 158.417040][ T5832] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 158.736635][ T6884] bridge1: the hash_elasticity option has been deprecated and is always 16 [ 158.995263][ T6914] 9pnet_fd: p9_fd_create_unix (6914): problem connecting socket: ./file0: -2 [ 159.052833][ T1143] netdevsim netdevsim1 eth0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 159.108713][ T1143] netdevsim netdevsim1 eth1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 159.162828][ T1143] netdevsim netdevsim1 eth2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 159.220844][ T1143] netdevsim netdevsim1 eth3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 159.402579][ T6925] netlink: 19 bytes leftover after parsing attributes in process `syz.2.342'. [ 159.453013][ T6929] loop0: detected capacity change from 0 to 512 [ 159.500562][ T6929] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 159.547709][ T6929] ext4 filesystem being mounted at /39/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 159.757243][ T5830] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 160.082273][ T30] kauditd_printk_skb: 33 callbacks suppressed [ 160.082297][ T30] audit: type=1326 audit(1760491936.398:190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6948 comm="syz.5.352" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcac8d8eec9 code=0x7ffc0000 [ 160.155629][ T30] audit: type=1326 audit(1760491936.428:191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6948 comm="syz.5.352" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcac8d8eec9 code=0x7ffc0000 [ 160.215539][ T30] audit: type=1326 audit(1760491936.428:192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6948 comm="syz.5.352" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcac8d8eec9 code=0x7ffc0000 [ 160.270850][ T30] audit: type=1326 audit(1760491936.428:193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6948 comm="syz.5.352" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcac8d8eec9 code=0x7ffc0000 [ 160.346454][ T30] audit: type=1326 audit(1760491936.428:194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6948 comm="syz.5.352" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcac8d8eec9 code=0x7ffc0000 [ 160.381912][ T30] audit: type=1326 audit(1760491936.438:195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6948 comm="syz.5.352" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcac8d8eec9 code=0x7ffc0000 [ 160.444427][ T30] audit: type=1326 audit(1760491936.438:196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6948 comm="syz.5.352" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcac8d8eec9 code=0x7ffc0000 [ 160.509547][ T30] audit: type=1326 audit(1760491936.438:197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6948 comm="syz.5.352" exe="/root/syz-executor" sig=0 arch=c000003e syscall=247 compat=0 ip=0x7fcac8d8eec9 code=0x7ffc0000 [ 160.549818][ T30] audit: type=1326 audit(1760491936.438:198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6948 comm="syz.5.352" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcac8d8eec9 code=0x7ffc0000 [ 160.600747][ T30] audit: type=1326 audit(1760491936.438:199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6948 comm="syz.5.352" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fcac8d8db2a code=0x7ffc0000 [ 161.154511][ T6976] loop1: detected capacity change from 0 to 1024 [ 161.188561][ T6976] EXT4-fs: inline encryption not supported [ 161.230393][ T6976] EXT4-fs: Ignoring removed i_version option [ 161.530626][ T6990] loop2: detected capacity change from 0 to 512 [ 161.549597][ T6976] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 161.587772][ T6990] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 161.820178][ T6990] ext4 filesystem being mounted at /63/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 162.172381][ T6998] ext4: Unknown parameter ' Z* m.Dc8'@C9G9?9S{1Jլ5 æԌqqY糔' [ 162.368456][ T7002] netlink: 'syz.0.373': attribute type 10 has an invalid length. [ 162.386322][ T7002] team0: Port device dummy0 added [ 162.411792][ T7002] netlink: 'syz.0.373': attribute type 10 has an invalid length. [ 162.420902][ T7002] team0: Failed to send port change of device dummy0 via netlink (err -105) [ 162.457283][ T7002] team0: Failed to send options change via netlink (err -105) [ 162.465979][ T7002] team0: Failed to send port change of device dummy0 via netlink (err -105) [ 162.479579][ T7002] team0: Port device dummy0 removed [ 162.507835][ T5834] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 162.527889][ T7002] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 162.614349][ T5832] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 163.156506][ T7015] netlink: 56 bytes leftover after parsing attributes in process `syz.5.374'. [ 163.165561][ T7015] netlink: 28 bytes leftover after parsing attributes in process `syz.5.374'. [ 163.174545][ T7015] netlink: 28 bytes leftover after parsing attributes in process `syz.5.374'. [ 164.814327][ T7037] 9pnet_fd: p9_fd_create_unix (7037): problem connecting socket: ./file0: -2 [ 165.722556][ T5837] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 165.790605][ T7068] loop3: detected capacity change from 0 to 512 [ 165.824273][ T7070] loop1: detected capacity change from 0 to 512 [ 165.859178][ T7070] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 165.885322][ T7070] ext4 filesystem being mounted at /67/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 165.917071][ T7068] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 166.031002][ T7068] ext4 filesystem being mounted at /77/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 166.064421][ T7070] capability: warning: `syz.1.399' uses 32-bit capabilities (legacy support in use) [ 166.193723][ T5837] usb 5-1: Using ep0 maxpacket: 8 [ 166.209961][ T5837] usb 5-1: unable to get BOS descriptor or descriptor too short [ 166.222350][ T5837] usb 5-1: unable to read config index 0 descriptor/start: -71 [ 166.224689][ T5832] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 166.229968][ T5837] usb 5-1: can't read configurations, error -71 [ 167.076192][ T5831] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 167.150989][ T30] kauditd_printk_skb: 15 callbacks suppressed [ 167.151014][ T30] audit: type=1326 audit(1760491943.468:215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7082 comm="syz.4.403" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7be78eec9 code=0x7ffc0000 [ 167.228796][ T30] audit: type=1326 audit(1760491943.468:216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7082 comm="syz.4.403" exe="/root/syz-executor" sig=0 arch=c000003e syscall=179 compat=0 ip=0x7ff7be78eec9 code=0x7ffc0000 [ 167.251297][ T30] audit: type=1326 audit(1760491943.528:217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7082 comm="syz.4.403" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7be78eec9 code=0x7ffc0000 [ 167.274331][ T30] audit: type=1326 audit(1760491943.528:218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7082 comm="syz.4.403" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7be78eec9 code=0x7ffc0000 [ 167.308299][ T7086] 9pnet_fd: p9_fd_create_unix (7086): problem connecting socket: ./file0: -2 [ 167.623547][ T7095] loop2: detected capacity change from 0 to 1024 [ 167.651930][ T7095] EXT4-fs: Ignoring removed orlov option [ 167.741799][ T7095] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 167.796678][ T30] audit: type=1800 audit(1760491944.098:219): pid=7095 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.418" name="file1" dev="loop2" ino=15 res=0 errno=0 [ 167.929660][ T5834] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 168.161833][ T30] audit: type=1326 audit(1760491944.478:220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7110 comm="syz.3.414" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7f4b8eec9 code=0x7ffc0000 [ 168.272449][ T30] audit: type=1326 audit(1760491944.478:221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7110 comm="syz.3.414" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7f4b8eec9 code=0x7ffc0000 [ 168.366733][ T30] audit: type=1326 audit(1760491944.478:222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7110 comm="syz.3.414" exe="/root/syz-executor" sig=0 arch=c000003e syscall=322 compat=0 ip=0x7fc7f4b8eec9 code=0x7ffc0000 [ 168.412082][ T30] audit: type=1326 audit(1760491944.478:223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7110 comm="syz.3.414" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7f4b8eec9 code=0x7ffc0000 [ 168.509790][ T30] audit: type=1326 audit(1760491944.478:224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7110 comm="syz.3.414" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7fc7f4b8eec9 code=0x7ffc0000 [ 169.371329][ T7105] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 169.492243][ T7116] netlink: 16 bytes leftover after parsing attributes in process `syz.3.414'. [ 169.514769][ T7131] SET target dimension over the limit! [ 169.720509][ T7133] 9pnet_fd: p9_fd_create_unix (7133): problem connecting socket: ./file0: -2 [ 169.828872][ T7105] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 170.363355][ T7144] loop2: detected capacity change from 0 to 512 [ 170.403015][ T7105] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 170.433641][ T7144] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 170.516041][ T7144] ext4 filesystem being mounted at /74/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 170.778543][ T5834] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 170.822646][ T7150] loop3: detected capacity change from 0 to 512 [ 170.878435][ T7150] EXT4-fs error (device loop3): ext4_orphan_get:1392: inode #15: comm syz.3.427: casefold flag without casefold feature [ 171.003827][ T7150] EXT4-fs error (device loop3): ext4_orphan_get:1395: comm syz.3.427: couldn't read orphan inode 15 (err -117) [ 171.040342][ T7150] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 171.055146][ T7105] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 171.612077][ T5831] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 171.752615][ T2976] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 171.837141][ T12] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 171.927961][ T2976] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 171.960899][ T6031] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 172.263257][ T7173] loop3: detected capacity change from 0 to 512 [ 172.344189][ T7178] netlink: 28 bytes leftover after parsing attributes in process `syz.1.435'. [ 172.370361][ T7173] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 172.479996][ T7173] ext4 filesystem being mounted at /86/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 172.744878][ T5831] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 172.991059][ T30] kauditd_printk_skb: 9 callbacks suppressed [ 172.991084][ T30] audit: type=1326 audit(1760491949.298:234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7188 comm="syz.3.441" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7f4b8eec9 code=0x7ffc0000 [ 173.103346][ T30] audit: type=1326 audit(1760491949.298:235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7188 comm="syz.3.441" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc7f4b8eec9 code=0x7ffc0000 [ 173.160964][ T30] audit: type=1326 audit(1760491949.298:236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7188 comm="syz.3.441" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7f4b8eec9 code=0x7ffc0000 [ 173.256595][ T30] audit: type=1326 audit(1760491949.298:237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7188 comm="syz.3.441" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fc7f4b8eec9 code=0x7ffc0000 [ 174.192171][ T30] audit: type=1326 audit(1760491950.508:238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7188 comm="syz.3.441" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7f4b8eec9 code=0x7ffc0000 [ 174.257470][ T7207] loop4: detected capacity change from 0 to 512 [ 174.280950][ T30] audit: type=1326 audit(1760491950.508:239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7188 comm="syz.3.441" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7f4b8eec9 code=0x7ffc0000 [ 174.297379][ T7207] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 174.360070][ T30] audit: type=1326 audit(1760491950.508:240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7188 comm="syz.3.441" exe="/root/syz-executor" sig=0 arch=c000003e syscall=450 compat=0 ip=0x7fc7f4b8eec9 code=0x7ffc0000 [ 174.361609][ T7207] EXT4-fs (loop4): 1 truncate cleaned up [ 174.393709][ T7207] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 174.412924][ T30] audit: type=1326 audit(1760491950.508:241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7188 comm="syz.3.441" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7f4b8eec9 code=0x7ffc0000 [ 174.438922][ T30] audit: type=1326 audit(1760491950.508:242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7188 comm="syz.3.441" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7f4b8eec9 code=0x7ffc0000 [ 174.461710][ T30] audit: type=1326 audit(1760491950.508:243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7188 comm="syz.3.441" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fc7f4b8eec9 code=0x7ffc0000 [ 174.615740][ T5833] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 174.754770][ T7200] nfs4: Bad value for 'source' [ 175.461448][ T7228] netlink: 60 bytes leftover after parsing attributes in process `syz.4.458'. [ 175.462207][ T7225] netlink: 12 bytes leftover after parsing attributes in process `syz.3.456'. [ 175.557125][ T7208] infiniband syz!: set active [ 175.612689][ T7208] infiniband syz!: added team_slave_0 [ 175.618844][ T7208] syz!: rxe_create_cq: returned err = -12 [ 175.681648][ T7208] infiniband syz!: Couldn't create ib_mad CQ [ 175.721211][ T7208] infiniband syz!: Couldn't open port 1 [ 175.819894][ T7208] RDS/IB: syz!: added [ 175.840080][ T7208] smc: adding ib device syz! with port count 1 [ 175.864300][ T7208] smc: ib device syz! port 1 has no pnetid [ 176.287305][ T7249] loop5: detected capacity change from 0 to 512 [ 176.387434][ T7249] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 176.469252][ T7249] ext4 filesystem being mounted at /68/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 176.511823][ T7249] EXT4-fs error (device loop5): ext4_group_add:1739: inode #7: comm syz.5.466: iget: checksum invalid [ 176.919270][ T7259] netlink: 56 bytes leftover after parsing attributes in process `syz.4.464'. [ 176.928316][ T7259] netlink: 28 bytes leftover after parsing attributes in process `syz.4.464'. [ 176.938398][ T7259] netlink: 28 bytes leftover after parsing attributes in process `syz.4.464'. [ 177.298557][ T7249] EXT4-fs warning (device loop5): ext4_group_add:1741: Error opening resize inode [ 177.603777][ T5835] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 177.972222][ T7273] loop3: detected capacity change from 0 to 764 [ 177.998760][ T7273] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 178.431169][ T7285] ip6_tunnel: non-ECT from fc02:0000:0000:0000:0000:0000:0000:0000 with DS=0x6 [ 178.487435][ T7284] loop3: detected capacity change from 0 to 512 [ 178.589491][ T7284] EXT4-fs (loop3): too many log groups per flexible block group [ 178.635605][ T7284] EXT4-fs (loop3): failed to initialize mballoc (-12) [ 178.689277][ T7284] EXT4-fs (loop3): mount failed [ 178.922352][ T5911] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 179.005230][ T5911] hid-generic 0000:0000:0000.0001: hidraw0: HID v0.00 Device [syz1] on syz0 [ 179.147768][ T7301] loop5: detected capacity change from 0 to 512 [ 179.215969][ T7301] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 179.277594][ T7301] ext4 filesystem being mounted at /73/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 180.327259][ T5835] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 180.740518][ T7332] netlink: 4 bytes leftover after parsing attributes in process `syz.0.497'. [ 180.816156][ T7332] netlink: 28 bytes leftover after parsing attributes in process `syz.0.497'. [ 181.361115][ T7345] loop1: detected capacity change from 0 to 512 [ 181.398805][ T7345] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 181.488899][ T7348] loop4: detected capacity change from 0 to 512 [ 181.499980][ T7345] ext4 filesystem being mounted at /86/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 181.562132][ T7345] EXT4-fs error (device loop1): ext4_group_add:1739: inode #7: comm syz.1.502: iget: checksum invalid [ 181.614457][ T7345] EXT4-fs warning (device loop1): ext4_group_add:1741: Error opening resize inode [ 181.626282][ T7348] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 181.658135][ T7348] ext4 filesystem being mounted at /104/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 181.865414][ T5832] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 181.880653][ T7356] Invalid ELF header type: 3 != 1 [ 182.007878][ T7360] netlink: 'syz.5.507': attribute type 1 has an invalid length. [ 182.044035][ T7361] netlink: 'syz.3.508': attribute type 4 has an invalid length. [ 182.099110][ T7363] netlink: 'syz.1.509': attribute type 10 has an invalid length. [ 182.159769][ T7366] netlink: 'syz.1.509': attribute type 10 has an invalid length. [ 182.191616][ T7363] team0: Port device dummy0 added [ 182.222290][ T7366] team0: Failed to send port change of device dummy0 via netlink (err -105) [ 182.287408][ T5833] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 182.325101][ T7366] team0: Failed to send options change via netlink (err -105) [ 182.335878][ T7366] team0: Failed to send port change of device dummy0 via netlink (err -105) [ 182.371409][ T7366] team0: Port device dummy0 removed [ 182.398710][ T7366] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 182.766322][ T7380] loop1: detected capacity change from 0 to 128 [ 183.297502][ T7398] loop3: detected capacity change from 0 to 512 [ 183.347790][ T7398] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 183.362519][ T7398] ext4 filesystem being mounted at /101/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 183.674516][ T7407] loop2: detected capacity change from 0 to 1024 [ 183.692408][ T7409] netlink: 20 bytes leftover after parsing attributes in process `syz.4.529'. [ 183.716205][ T7407] EXT4-fs: Ignoring removed nobh option [ 183.783183][ T7407] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 183.803422][ T7407] netlink: 4 bytes leftover after parsing attributes in process `syz.2.528'. [ 183.897821][ T5834] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 184.015385][ T5831] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 184.204577][ T7416] erspan0: entered promiscuous mode [ 184.268827][ T7424] loop5: detected capacity change from 0 to 1024 [ 184.317968][ T7424] EXT4-fs: Ignoring removed orlov option [ 184.394885][ T7431] netlink: 52 bytes leftover after parsing attributes in process `syz.2.538'. [ 184.415992][ T7424] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 184.438549][ T7431] netlink: 52 bytes leftover after parsing attributes in process `syz.2.538'. [ 184.517759][ T7435] 9pnet_fd: p9_fd_create_unix (7435): problem connecting socket: ./file0: -2 [ 184.685226][ T5835] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 184.876676][ T7445] loop3: detected capacity change from 0 to 128 [ 184.948269][ T7445] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=16, mo=a84ec018, mo2=0002] [ 184.968214][ T7447] loop5: detected capacity change from 0 to 512 [ 184.974814][ T7445] System zones: 1-3, 19-19, 35-36 [ 185.000440][ T7447] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 185.040861][ T7445] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback. [ 185.092299][ T7445] ext4 filesystem being mounted at /104/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 185.092393][ T7447] EXT4-fs (loop5): 1 truncate cleaned up [ 185.136524][ T7447] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 185.185935][ T7445] EXT4-fs warning (device loop3): ext4_group_extend:1891: can't read last block, resize aborted [ 185.337609][ T5831] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 185.385989][ T30] audit: type=1800 audit(1760491961.688:244): pid=7447 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.543" name="file1" dev="loop5" ino=15 res=0 errno=0 [ 185.927954][ T30] audit: type=1800 audit(1760491962.238:245): pid=7456 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.543" name="file1" dev="loop5" ino=15 res=0 errno=0 [ 186.265943][ T5835] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 186.335465][ T7468] loop3: detected capacity change from 0 to 512 [ 186.393546][ T7468] EXT4-fs (loop3): 1 orphan inode deleted [ 186.413447][ T49] Quota error (device loop3): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 186.440268][ T7468] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 186.455939][ T49] EXT4-fs error (device loop3): ext4_release_dquot:6979: comm kworker/u8:3: Failed to release dquot type 1 [ 186.476707][ T7468] ext4 filesystem being mounted at /106/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 186.703063][ T7475] 9pnet_fd: p9_fd_create_unix (7475): problem connecting socket: ./file0: -2 [ 187.966340][ T7495] lo speed is unknown, defaulting to 1000 [ 188.538530][ T7508] ------------[ cut here ]------------ [ 188.544682][ T7508] WARNING: CPU: 1 PID: 7508 at fs/nsfs.c:493 nsfs_fh_to_dentry+0x9de/0xe10 [ 188.553410][ T7508] Modules linked in: [ 188.557498][ T7508] CPU: 1 UID: 0 PID: 7508 Comm: syz.2.567 Not tainted syzkaller #0 PREEMPT(full) [ 188.566784][ T7508] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 188.577081][ T7508] RIP: 0010:nsfs_fh_to_dentry+0x9de/0xe10 [ 188.582951][ T7508] Code: 8a 4f ff e9 63 fe ff ff e8 ef f9 73 ff 90 0f 0b 90 e9 7b f8 ff ff e8 e1 f9 73 ff 90 0f 0b 90 e9 ce f8 ff ff e8 d3 f9 73 ff 90 <0f> 0b 90 e9 32 f9 ff ff e8 c5 f9 73 ff 49 8d 7d 10 48 b8 00 00 00 [ 188.602973][ T7508] RSP: 0018:ffffc90002fc7b28 EFLAGS: 00010287 [ 188.609826][ T7508] RAX: 0000000000000084 RBX: 0000000000000000 RCX: ffffc9000c6b4000 [ 188.618834][ T7508] RDX: 0000000000080000 RSI: ffffffff82492e8d RDI: 0000000000000004 [ 188.627400][ T7508] RBP: ffff888086351808 R08: 0000000000000004 R09: 00000000f0000014 [ 188.635543][ T7508] R10: 0000000000000000 R11: 0000000000000001 R12: 1ffff920005f8f66 [ 188.643602][ T7508] R13: ffff88801beb0200 R14: 00000000f0000014 R15: 0000000000000006 [ 188.651952][ T7508] FS: 00007fe48830d6c0(0000) GS:ffff888124ada000(0000) knlGS:0000000000000000 [ 188.660980][ T7508] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 188.667584][ T7508] CR2: 00002000000003c0 CR3: 000000007a7fe000 CR4: 0000000000350ef0 [ 188.675633][ T7508] Call Trace: [ 188.678923][ T7508] [ 188.681900][ T7508] ? kasan_save_stack+0x33/0x60 [ 188.686788][ T7508] ? __pfx_nsfs_fh_to_dentry+0x10/0x10 [ 188.692340][ T7508] ? do_handle_open+0x564/0xc90 [ 188.697224][ T7508] ? do_syscall_64+0xcd/0xfa0 [ 188.702011][ T7508] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 188.708704][ T7508] exportfs_decode_fh_raw+0x167/0x7d0 [ 188.714674][ T7508] ? __pfx_vfs_dentry_acceptable+0x10/0x10 [ 188.720528][ T7508] ? __pfx_nsfs_fh_to_dentry+0x10/0x10 [ 188.726192][ T7508] ? __pfx_exportfs_decode_fh_raw+0x10/0x10 [ 188.732234][ T7508] do_handle_open+0x702/0xc90 [ 188.736954][ T7508] ? __pfx_do_handle_open+0x10/0x10 [ 188.742256][ T7508] ? srso_alias_return_thunk+0x5/0xfbef5 [ 188.747933][ T7508] ? srso_alias_return_thunk+0x5/0xfbef5 [ 188.753734][ T7508] ? xfd_validate_state+0x61/0x180 [ 188.758881][ T7508] ? srso_alias_return_thunk+0x5/0xfbef5 [ 188.764623][ T7508] ? do_syscall_64+0xcd/0xfa0 [ 188.769339][ T7508] do_syscall_64+0xcd/0xfa0 [ 188.773937][ T7508] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 188.779902][ T7508] RIP: 0033:0x7fe48738eec9 [ 188.784457][ T7508] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 188.804185][ T7508] RSP: 002b:00007fe48830d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000130 [ 188.813249][ T7508] RAX: ffffffffffffffda RBX: 00007fe4875e5fa0 RCX: 00007fe48738eec9 [ 188.822202][ T7508] RDX: 0000000000000000 RSI: 00002000000003c0 RDI: 0000000000000003 [ 188.830197][ T7508] RBP: 00007fe487411f91 R08: 0000000000000000 R09: 0000000000000000 [ 188.838225][ T7508] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 188.846291][ T7508] R13: 00007fe4875e6038 R14: 00007fe4875e5fa0 R15: 00007fffa3e9b9a8 [ 188.854366][ T7508] [ 188.857396][ T7508] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 188.864683][ T7508] CPU: 1 UID: 0 PID: 7508 Comm: syz.2.567 Not tainted syzkaller #0 PREEMPT(full) [ 188.873909][ T7508] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 188.883977][ T7508] Call Trace: [ 188.887255][ T7508] [ 188.890181][ T7508] dump_stack_lvl+0x3d/0x1f0 [ 188.894803][ T7508] vpanic+0x640/0x6f0 [ 188.898806][ T7508] ? nsfs_fh_to_dentry+0x9de/0xe10 [ 188.903935][ T7508] panic+0xca/0xd0 [ 188.907672][ T7508] ? __pfx_panic+0x10/0x10 [ 188.912129][ T7508] check_panic_on_warn+0xab/0xb0 [ 188.917100][ T7508] __warn+0xf6/0x3c0 [ 188.921018][ T7508] ? nsfs_fh_to_dentry+0x9de/0xe10 [ 188.926152][ T7508] report_bug+0x3c3/0x580 [ 188.930529][ T7508] ? nsfs_fh_to_dentry+0x9de/0xe10 [ 188.935683][ T7508] handle_bug+0x184/0x210 [ 188.940063][ T7508] exc_invalid_op+0x17/0x50 [ 188.944580][ T7508] asm_exc_invalid_op+0x1a/0x20 [ 188.949443][ T7508] RIP: 0010:nsfs_fh_to_dentry+0x9de/0xe10 [ 188.955185][ T7508] Code: 8a 4f ff e9 63 fe ff ff e8 ef f9 73 ff 90 0f 0b 90 e9 7b f8 ff ff e8 e1 f9 73 ff 90 0f 0b 90 e9 ce f8 ff ff e8 d3 f9 73 ff 90 <0f> 0b 90 e9 32 f9 ff ff e8 c5 f9 73 ff 49 8d 7d 10 48 b8 00 00 00 [ 188.974814][ T7508] RSP: 0018:ffffc90002fc7b28 EFLAGS: 00010287 [ 188.980901][ T7508] RAX: 0000000000000084 RBX: 0000000000000000 RCX: ffffc9000c6b4000 [ 188.988889][ T7508] RDX: 0000000000080000 RSI: ffffffff82492e8d RDI: 0000000000000004 [ 188.996963][ T7508] RBP: ffff888086351808 R08: 0000000000000004 R09: 00000000f0000014 [ 189.004947][ T7508] R10: 0000000000000000 R11: 0000000000000001 R12: 1ffff920005f8f66 [ 189.012926][ T7508] R13: ffff88801beb0200 R14: 00000000f0000014 R15: 0000000000000006 [ 189.020929][ T7508] ? nsfs_fh_to_dentry+0x9dd/0xe10 [ 189.026083][ T7508] ? nsfs_fh_to_dentry+0x9dd/0xe10 [ 189.031212][ T7508] ? kasan_save_stack+0x33/0x60 [ 189.036081][ T7508] ? __pfx_nsfs_fh_to_dentry+0x10/0x10 [ 189.041731][ T7508] ? do_handle_open+0x564/0xc90 [ 189.046599][ T7508] ? do_syscall_64+0xcd/0xfa0 [ 189.051300][ T7508] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 189.057415][ T7508] exportfs_decode_fh_raw+0x167/0x7d0 [ 189.062924][ T7508] ? __pfx_vfs_dentry_acceptable+0x10/0x10 [ 189.068759][ T7508] ? __pfx_nsfs_fh_to_dentry+0x10/0x10 [ 189.074239][ T7508] ? __pfx_exportfs_decode_fh_raw+0x10/0x10 [ 189.080222][ T7508] do_handle_open+0x702/0xc90 [ 189.084921][ T7508] ? __pfx_do_handle_open+0x10/0x10 [ 189.090138][ T7508] ? srso_alias_return_thunk+0x5/0xfbef5 [ 189.095796][ T7508] ? srso_alias_return_thunk+0x5/0xfbef5 [ 189.101446][ T7508] ? xfd_validate_state+0x61/0x180 [ 189.106580][ T7508] ? srso_alias_return_thunk+0x5/0xfbef5 [ 189.112238][ T7508] ? do_syscall_64+0xcd/0xfa0 [ 189.116943][ T7508] do_syscall_64+0xcd/0xfa0 [ 189.121490][ T7508] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 189.127394][ T7508] RIP: 0033:0x7fe48738eec9 [ 189.131810][ T7508] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 189.151426][ T7508] RSP: 002b:00007fe48830d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000130 [ 189.159852][ T7508] RAX: ffffffffffffffda RBX: 00007fe4875e5fa0 RCX: 00007fe48738eec9 [ 189.167831][ T7508] RDX: 0000000000000000 RSI: 00002000000003c0 RDI: 0000000000000003 [ 189.175802][ T7508] RBP: 00007fe487411f91 R08: 0000000000000000 R09: 0000000000000000 [ 189.183775][ T7508] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 189.191833][ T7508] R13: 00007fe4875e6038 R14: 00007fe4875e5fa0 R15: 00007fffa3e9b9a8 [ 189.199833][ T7508] [ 189.203067][ T7508] Kernel Offset: disabled [ 189.207388][ T7508] Rebooting in 86400 seconds..