last executing test programs: 6m33.573037593s ago: executing program 4 (id=2096): bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) socketpair$unix(0x1, 0x1, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, 0x0) socket$nl_route(0x10, 0x3, 0x0) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r2, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/13, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000400)=ANY=[@ANYBLOB="180000000000000000000000000000001812", @ANYRESOCT], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value=0x2000000}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r3}, 0x10) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r4, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000004c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r5, @ANYBLOB='ya \x00\x00\x00\x00\a\x00\x00~\x00'], 0x1c}}, 0x0) syz_genetlink_get_family_id$nl802154(0x0, 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_ACKREQ_DEFAULT(0xffffffffffffffff, 0x0, 0x24004805) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000040)={0x0, &(0x7f00000001c0)}) bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x16, 0x13, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000071000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb70200000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) 6m28.82111429s ago: executing program 4 (id=2115): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="070000000400000008000000d9"], 0x50) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000300)=ANY=[@ANYBLOB="180000000000000000000000fcffffff18120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x4, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0xb30, 0x0, 0x0, 0x40f00, 0x49, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94) r1 = socket$netlink(0x10, 0x3, 0x14) setpriority(0x0, 0x0, 0xacf0165) sendmsg$RDMA_NLDEV_CMD_NEWLINK(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000000)=ANY=[@ANYBLOB="380000000314010000000000000000000900020073797a2f000000000800410072786500140033007465616d5f736c6176655f30"], 0x38}, 0x1, 0x0, 0x0, 0x1}, 0x8844) 6m24.257209939s ago: executing program 4 (id=2132): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sys_enter\x00', r0}, 0x18) bpf$MAP_CREATE(0x0, 0x0, 0x48) lsm_list_modules(&(0x7f0000000000)=[0x0, 0x0], &(0x7f0000000140)=0x10, 0x0) 6m23.20541111s ago: executing program 4 (id=2136): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x94) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa20000000000000702"], 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10) socket(0x2, 0x1, 0x1) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000040340000000000000800000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000357500007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0xa, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x18) close(0xffffffffffffffff) r4 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r4, 0x84, 0x6f, &(0x7f0000000300)={0x0, 0x10, &(0x7f0000000280)=[@in={0x2, 0x4e24, @private=0xa010100}]}, &(0x7f0000000080)=0x10) r5 = syz_io_uring_setup(0x40790c, &(0x7f00000006c0)={0x0, 0x7358, 0x4000, 0x1020800a, 0x2b7}, &(0x7f0000000040), 0x0) io_uring_enter(r5, 0x10007b0f, 0x96f0, 0x20, 0x0, 0x0) syz_mount_image$iso9660(&(0x7f0000000540), &(0x7f00000001c0)='./file1\x00', 0x14084, &(0x7f00000000c0)=ANY=[@ANYRESOCT], 0x4, 0x70a, &(0x7f00000232c0)="$eJzs3V+P21gZBvDnJJkkk0JVAapWVbdzOmWlqRhSJ7NNFRUkjHOSMSRxZHtgRkJaFTqDRs0UaItEc9PODX+k5Qtwtzdc8CFW4oKr/RZwBdIKhIR2BUJGPraTTOJkJm3a2aXPb7Qb5/j18etjr896xj4GERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERQVgNw6gItO3uzq6czWq4Tif5ksXU/Ki2FdyMJm7OW+dKuF5AhP+gWMRbUfFbXxmFXA7/tY6r0berKIYfRQwuXL5098u5TLL8nIRfBBat8PHTwYN7/f7+ozPEZrFw9ecJmTMEtVTX9hy7Y7aUtD1H1ms149Z205NNu628Pc9XHWm5KuM7rtywbspKvb4lVXnP2em2GmZbJYV3vl41jJr8TiHa0QDKnrVtt9t2t6VjwtlhzB35/g+iAGV2pDw47O9vjeXzLK2Nw6BKSvKZ8eAwqHra5laNarVSqVYrtdv123cMIzdVYISEMYSpiKUftHSeMvHxusAiyzt5E72kjNX4j/FnAbRRRBc72IVM/bHQgAsHnRnzY0n//84tNXe94/1/0suvjGZfge7/r0Xfrs3q/2fkIiH1AmlzxIzyxX5WdEYSj/EUAzzAPfTRxz4eLaFuCbn20jXkjbgll5LPzJ8WFLqw4cGBjQ5MtPBFyLhEoo4aajDwHrbRhAeJJmy0oeBhDx58qPCIyoeZKpjw4cCFxAYs3IREBXXUsQUJhTL24GAHXbTQgIlPgiA4wKFu9604n+cpW40kqDJjIwrIJcfdPqpztnZW///DZ9HScf9vsP9/U0XHQSH6+GheDNFnQBBf/y9o7dVkQ0RERERERESvgtC/fRf6r/JvAwjQtNvKOBFTOLfsiIiIiIiIiGgZBIICrkJEd+XjbYjp638iIiIiIiIi+nwT+hk7AaCkb+oXo8elzvJLgOxrSJGIiIiIiIiIXpJ+8v9aHgj0Xf5rEAtd/xMRERERERHR58Cvx8bYz2XjMXaD5M/6GQBrfymID/9egLsijnu7XxVHZjjHPIpjpu4A8JtXxMV4oF79kQegv1nqqojXJoF/Jb99CH18kD7W//MgIoRwJxLIZ8crmJGACNdcy8Xf8D6uR4tcj8eZvz/IQM+JRhQuNe22KltO+24Fpnkx46td/+cPD38BuMPtPDjs75d/9JP+fZ3LcVh0fBRW+uxEOpn0xhjl8kSPt6CfuUgb3XgVzWSVv+l2SkKv10i2PwvzKDO+onk7oLYKRFv5S6xH+2w9iGJLg+GI+wJY04M/VMp6l53YendFjLKoTG552o6YseVFncWNKObGxo3oI2mTsJ6MKH4tC1TLk/sgTHQsi+p4Fqe3hfjHRPvPzwKiGLbFVpjFH8OKJtri+x9GC2/1dpPhMc6SxdRRQER0Xg5GvZAexHxqjP2ke0hOamfvd5AD4rPcjN59tJYg7j+S3v3J74Koh8oCufhvE+lrSfoVhGf0DaHryUcDuueupJzRjfKnQRCYF4sYP6P/NwiSDTIW6N2OgyCYPKP/YfQOpDjtqSz+HQTB3YruSX470at+EC7wwcz1eu1qFkUU8OTop/gkmb3/4/2H1epWzXjXMG5XsaL/VyH+yIJ9DxERTTn9HTs6IjMnQryL61Ed1+//7Z1o6kSP96X4lgLtFtDHfWwmrxBYS6+1hAN885/RbQib0VUrsF6KPksDefnS3fCqdhh7KHL6DS+bM6/qdGcZxerbG6rD2OS9Q5NXgKPYrVe8F4iIiF6v9Rn9MHCi/8fJ/r94ov/fxEYUsXEl9bq7NHZL4WZydTy8pB9cOE6NrZye/LeW3BhERERvCOV+LEr+r4Tr2r33KvV6xfS3lXQd67vStRstJe2ur1xr2+y2lOy5ju9YTlv2XBTsVeVJb6fXc1xfNh1X9hzP3tVvfpfxq9891TG7vm15vbYyPSUtp+ubli8btmfJ3s6327a3rVy9sNdTlt20LdO3na70nB3XUmUpPaXGAu2G6vp20w4nu7Ln2h3T3ZPfc9o7HSUbyrNcu+c7UYXJuuxu03E7utoygoVfdEhERPT/6PHTwYN7/f7+o8mJ1fDSPCo5xoyY6Yl8SoUcI4iIiOgzZtRdL7BQ8RUmREREREREREREREREREREREREREREREREU05/pG/BiZW0hwWBYcnPLsYleI7RI4ZT9Qi8bD6fun/SA/u9yOKZYYkAcIalkkciBg8+mhO8OixJmn885niRDHEJeOH2+esXgAu6BFFJbokHwPTzo0s/xtImvnEQteisGD0zdVZhuC9yy//PIZx4+PvpWSJs+SAIgvmLF062Yf7sx3MOwKP8nF2wesrx87rPRET0uv0vAAD//ySOL9Y=") r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x0, 0x10, &(0x7f00000007c0)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080057f37b44bc63b562efe2017378e2e3b6c7e41589ed00000000007b8af0ff00001000bfa100000000000007010000f8ffffffbfa400000000000007040000f0", @ANYRES32=r7, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94) r8 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x38, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r9 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r9, &(0x7f0000000240)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x14}}, 0x10) sendmmsg$inet(r9, &(0x7f0000001480)=[{{&(0x7f0000000100)={0x2, 0x6e20, @multicast1}, 0x10, 0x0}}], 0x1, 0x2000c044) sendto$inet(r9, 0x0, 0x0, 0x12000000, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r8}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) r10 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), r6) sendmsg$ETHTOOL_MSG_TSINFO_GET(r6, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r10, @ANYBLOB="01002dbd7000fedbdf252c000000180001801400020064756d6d7930"], 0x2c}, 0x1, 0x0, 0x0, 0x20048881}, 0x2000c800) ptrace$getregs(0xc, 0xffffffffffffffff, 0x2, 0x0) getdents(0xffffffffffffffff, &(0x7f0000001fc0)=""/184, 0xb8) 6m21.387090381s ago: executing program 4 (id=2141): r0 = bpf$ITER_CREATE(0xb, &(0x7f0000000100), 0x0) close(r0) syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000300)='ns/net\x00') bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000001000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x24}, 0x94) r1 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x94) bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000005c0)={r1, 0x0, 0x24, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xa) r2 = socket$kcm(0x10, 0x2, 0x4) sendmsg$inet(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000240)="5c00000012006b04000000d86e6c1d0002887ea6ea65670000000000000090f9c3dc90f8f41f8ecff32c6e020075e300250045586c8da718ad4b4460bc24eab55600000000000000bf9367b4fa51f60a64c9f4d4938037e786a6d0bd", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0) 6m20.305852605s ago: executing program 4 (id=2146): socket$netlink(0x10, 0x3, 0x10) syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'syz_tun\x00', 0x0}) bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x6, 0xe, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x1}, 0x10}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10) syz_io_uring_setup(0x49a, &(0x7f00000000c0)={0x0, 0x79af, 0x3180, 0x8000, 0x400251}, &(0x7f0000000180)=0x0, &(0x7f0000000300)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4) syz_io_uring_submit(r2, r3, &(0x7f0000000500)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x33, 0x4000, @fd_index=0x1, 0x5, 0x0, 0x0, 0x2, 0x1, {0x2}}) r4 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_RX_RING(r4, 0x11b, 0x2, &(0x7f00000004c0)=0x1000000, 0x4) r5 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000540)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x3, '\x00', r0, 0xffffffffffffffff, 0x3, 0x5, 0x4}, 0x50) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x18) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x3a) r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x2400, 0x0) ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) close(r7) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000240)={{0x1, 0x1, 0x18, r5}, './file0\x00'}) r9 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$ETHTOOL_MSG_LINKMODES_GET(r9, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16, @ANYBLOB="010329bd7000fcdbdf252400000018000180140002006c6f"], 0x2c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) sendmsg$ETHTOOL_MSG_RINGS_GET(r8, &(0x7f0000001980)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000840)={&(0x7f0000000800)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16, @ANYBLOB="10002dbd7000fbdbdf257369743000"/26], 0x2c}, 0x1, 0x0, 0x0, 0x40104}, 0x90) 6m4.970247811s ago: executing program 32 (id=2146): socket$netlink(0x10, 0x3, 0x10) syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'syz_tun\x00', 0x0}) bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x6, 0xe, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x1}, 0x10}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10) syz_io_uring_setup(0x49a, &(0x7f00000000c0)={0x0, 0x79af, 0x3180, 0x8000, 0x400251}, &(0x7f0000000180)=0x0, &(0x7f0000000300)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4) syz_io_uring_submit(r2, r3, &(0x7f0000000500)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x33, 0x4000, @fd_index=0x1, 0x5, 0x0, 0x0, 0x2, 0x1, {0x2}}) r4 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_RX_RING(r4, 0x11b, 0x2, &(0x7f00000004c0)=0x1000000, 0x4) r5 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000540)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x3, '\x00', r0, 0xffffffffffffffff, 0x3, 0x5, 0x4}, 0x50) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x18) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x3a) r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x2400, 0x0) ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) close(r7) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000240)={{0x1, 0x1, 0x18, r5}, './file0\x00'}) r9 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$ETHTOOL_MSG_LINKMODES_GET(r9, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16, @ANYBLOB="010329bd7000fcdbdf252400000018000180140002006c6f"], 0x2c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) sendmsg$ETHTOOL_MSG_RINGS_GET(r8, &(0x7f0000001980)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000840)={&(0x7f0000000800)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16, @ANYBLOB="10002dbd7000fbdbdf257369743000"/26], 0x2c}, 0x1, 0x0, 0x0, 0x40104}, 0x90) 4.84919702s ago: executing program 3 (id=3794): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000b8ffffffb702000004000000b7030000000000de850000000400000095"], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) ioprio_set$pid(0x1, 0x0, 0x6000) 4.580872038s ago: executing program 5 (id=3797): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f0000000000)=[{0x6, 0x85, 0x7, 0x7ffc0001}]}) syz_io_uring_setup(0x3fb1, &(0x7f0000000300)={0x0, 0x9cae, 0x40, 0x5, 0xd6}, &(0x7f0000000100), &(0x7f00000000c0)) rt_sigsuspend(0x0, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0) futex(&(0x7f000000cffc)=0x1, 0x1, 0x800001, 0x0, 0x0, 0x0) mincore(&(0x7f0000ff5000/0x4000)=nil, 0x4000, 0x0) bpf$BPF_PROG_DETACH(0x1c, 0x0, 0x0) 4.462954297s ago: executing program 2 (id=3798): r0 = fsopen(&(0x7f0000000040)='configfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x0) fchownat(r1, 0x0, 0xffffffffffffffff, 0x0, 0x0) 4.368827513s ago: executing program 0 (id=3800): munmap(&(0x7f0000001000/0x3000)=nil, 0x3000) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) 4.246112442s ago: executing program 3 (id=3801): syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000040)='./file1\x00', 0x21081e, &(0x7f00000001c0)={[{@grpquota}, {@nogrpid}, {@quota}]}, 0x1, 0x4fa, &(0x7f00000005c0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=") r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r0}, 0x18) quotactl$Q_GETNEXTQUOTA(0xffffffff80000900, &(0x7f0000000040)=@loop={'/dev/loop', 0x0}, 0x0, 0x0) 4.032827902s ago: executing program 1 (id=3802): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000100)=0x1, 0x4) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x5e21, 0x0, @empty, 0x1000}, 0x1c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000240)='tunl0\x00', 0x10) setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000000), 0x4) 4.02295202s ago: executing program 5 (id=3803): r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, 0x0, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000005000000000400000900000001"], 0x48) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r1, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) ptrace(0x10, r0) prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0) ptrace(0x10, r0) 3.918379693s ago: executing program 2 (id=3804): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000003c0)=@deltfilter={0x24, 0x2d, 0x1, 0x78bd2d, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, {0xfff3, 0x3}, {0xfff2, 0xffff}, {0x0, 0xb}}}, 0x24}}, 0x20044000) 3.918187469s ago: executing program 0 (id=3805): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bf"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10) syz_mount_image$iso9660(&(0x7f0000000cc0), &(0x7f0000000180)='./file3\x00', 0x1004081, &(0x7f0000000500)=ANY=[@ANYRES16=0x0, @ANYRES32], 0x10, 0x7f4, &(0x7f0000000d80)="$eJzs3U9oHOfZAPBnFMl2FD5/Id9HPmMcZ2znA5s6ymqVKBU5pJvVSJ5ktSt2V8WmlMTEcjCWk5AQ0pjS1JekLS2lpx7TXEMuubUUWuih7anQHHrpoRDIpSUtLZSWUnDZ2V1r9Wcl/5HlNP39RPadfeeZd953drLPznpnJgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACASKqzpdJkErW8vnQ6Ha4622wsbDG/395P1xRbrDci6fwX+/bFgW7Vgf9dnX1/5+FoHOo+OxT7OsW+uHzP/fc+8T+jI/3lt+jQzToyfNbY4JMk4uudTl08u7Ky/Mpt6Mgu+taPexP7rnuRv1/tPM5n9bzVyBcq81matxrpzPR06ZFTc610Lq9lrTOtdraQVptZpd1opserJ9LJmZmpNJs401iqz89Walm/8vGHy6XSdPr0xGJWabYa9UeenmhVT+W1Wl6fL2LKpdejE/N4Z0d8Jm+n7ayykKbnL6wsT23X1U7Q5JqavWt2nEMP3fvxax/95cJyZ4cc1kjS2zHLk5Pl8uT0YzOPPV4qjZZL5bUVpXXiWkSMRHQibstOy511zyZ1o709ZsOMiKv/vTNv3nCLRnr5P2qRRz2W4nSkkcZI8bj6NxbVmI1mNGKh8/w3Y+vmb8j////IH3+11XoH838/yx9YnX0wivx/uPvs8LD8v6EXO/A3OqzV+vvd3gzWvRpvxOW4GGdjJVZiOV65mTXuWd/qbfwb2dn25iOLeuTRikbksRCVoibt1aQxE9MxHaV4Nk7FXLQijbnIoxZZtOJMtKIdWbFHVaMZWVSiHY1oRhrHoxonIo3JmImZmIo0spiIM9GIpajHfMxGpWjlfFwotvvUun7d/7XnfvTCrz9+pzN9LWhyi4EknQ9znaA/bxG0Id3fQP7vRIz09u5dyUnskn03+Kru0Ds33LqrRf4fvdPdAAAAAG6jpPj2PYmIsXigmJrLa9mX7nS3AAAAgB1U/K75UKcY60w9EEnn+L+0SeSHu943AAAAYGckxTl2SUSMx4Pdqf7pUpt9CQAAAAD8Gyr+/f9wpxiPeLOocPwPAAAAnzHfGHaN/Y/29K6x21rcm/zkT9FsjiVXFk8/lFyqdOIql+7qLtcrvnitxfbcwWR/r5GimB69fE8SEaPV7FDSv/rlP/d2y0+Kx4OrFyAcdq3/ZJsOxNYdKJ7Ft+NIN+bIuW55rj+nu5bxubyWTVQbtScmk96XI+3XXrzwlSiG/836wv4kzl9YWZ54/qWVc0VfrnRauXKpd3n4pL9URPeEii36crW3BeKBzUc8VpyI0VvveHe9pcHx964mO7L1+JPBdb4VR7sxR8e75fja8e/rrHNy4onJqFT2j7Sz0+3Xrg6MvteLydWR7+2PNrmBV+GtONaNOXb8WLfYpBflNb14cWMvyoPb//q2xXX34p0jb57+688bSTa1XS+mbrEXAHfK+eKqP6tZ6O4iC/3jalcnoa3Lu3f3l7yRd7nzq58y+ssP5LrR2JDd05vJ7m/F8W7M8e7nidGDm+SV0ibv6C9fePkXvXf0R9/7/g++fPiXH6zL6zfQi/fiRDemV8R9PxuSYztj/s66rPpuZ4l3h663VSsnr++dGku6Nx+Kyw9fuHT2heUXll8sl6emS4+WSo+VY6z4qNArhvRU5gH4z7bdPXY++Oq10GF34Uke3eao+r5rPymYiOfjpViJc3GyONsgIh7cvNXxgZ8hnNzmqHV84A4vJ7c5tlyNLa+P3XssiSGxUwNb7P++VxR/u00vCADsgqPb5OEk7u3Of/2/ekusi7grSU5uc9y9Npef6N44t390HMNz+aDf98rP3/YtAgCffVnzk2S8/XbSbOaLz07OzExW2qeytNmoPpM289n5LM3r7axZPVWpz2fpYrPRblT7Xx3PZq20tbS42Gi207lGM11stPLTxZ3f096t31vZQqXezqutxVpWaWVptVFvV6rtdDZvVdPFpadqeetU1iwWbi1m1Xwur1baeaOethpLzWo2kaatLBsIzGezejufy7OxNK+ni818odK8EhG1pYUsnc1a1Wa+2G50G+yvK6/PNZoLRbMTG4f/h93e3gDwafDqG5cvnl1ZWX7l5iZ+ez3Bd3qMAMBasjQAAAAAAAAAAAAAAHz6bTxdr1N7QycCjsVNnz746t64lbMPP3sTn3u/+7LsRIO30s7da17TPb2d5c5vnxueeO7JJy+u1iSjg5v3qTcPnPpdFv3RbdHO5v+nbHaq69v7I/b88Lvdmi8MCU5Gd3ikH0bETSx+NdkiZvffiwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgO/8KAAD//wifUTs=") 3.729630158s ago: executing program 1 (id=3806): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000040)={r0}, 0x4) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff) sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)={0x14, r2, 0x9c3fa077fa966179, 0x0, 0x0, {{0x7e}, {@void, @void}}}, 0x14}}, 0x4000054) 3.522482164s ago: executing program 2 (id=3807): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0) write$binfmt_aout(r0, &(0x7f0000000d00)=ANY=[], 0xff2e) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000140)={0x0, 0x0, 0xc, 0x80005, 0xed, "0062ba7d82000000000000000000f7ffffff00"}) r1 = syz_open_pts(r0, 0x0) dup3(r1, r0, 0x0) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000001100)=0x12) 3.50117893s ago: executing program 3 (id=3808): r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000008c80)=ANY=[@ANYBLOB="2c00000026000506"], 0x2c}}, 0x800) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=@newlink={0x44, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x5001e}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @geneve={{0xb}, {0x14, 0x2, 0x0, 0x1, [@IFLA_GENEVE_ID={0x8, 0x1, 0x1}, @IFLA_GENEVE_TTL_INHERIT={0x5}]}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x4090}, 0x2000000) sendmsg$TIPC_NL_BEARER_SET(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000940)=ANY=[@ANYBLOB="a8020000", @ANYRES16=r2, @ANYBLOB="010028bd7000fbdbdf2505"], 0x2a8}, 0x1, 0x0, 0x0, 0x48c05}, 0x2404c140) sendmsg$TIPC_NL_BEARER_GET(r0, 0x0, 0x0) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r5 = socket$nl_rdma(0x10, 0x3, 0x14) r6 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000200), 0xffffffffffffffff) r7 = gettid() bind$bt_hci(0xffffffffffffffff, 0x0, 0x0) io_setup(0x8f0, &(0x7f0000002400)=0x0) io_submit(r8, 0x1, &(0x7f0000000340)=[&(0x7f0000000100)={0x2002000000, 0x4, 0x0, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000040)="0200ffff0000", 0x6}]) r9 = eventfd(0x8000) io_cancel(r8, &(0x7f0000000580)={0x0, 0x0, 0x0, 0x8, 0x4, r5, &(0x7f00000003c0)="877da7e7", 0x4, 0x8000, 0x0, 0x2, r9}, &(0x7f00000005c0)) r10 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r10, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000004c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a34000000140a0703000000000000000002000b09080003400000000a0900010073797a30000000000c000640000008000000000214000000020a01"], 0x70}}, 0x0) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000001c00)={{r1, 0xffffffffffffffff}, &(0x7f0000001b80), &(0x7f0000001bc0)='%ps \x00'}, 0x20) r12 = socket$inet6(0xa, 0x1, 0x0) r13 = dup2(r12, r12) ioctl$sock_inet6_SIOCDELRT(r13, 0x890c, &(0x7f00000017c0)={@remote, @loopback, @ipv4={'\x00', '\xff\xff', @local}, 0xc, 0x40, 0x5, 0x100, 0x10000002, 0x20010}) bpf$PROG_LOAD(0x5, &(0x7f0000001d00)={0x13, 0x3, &(0x7f00000007c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x3}}, &(0x7f0000000680)='syzkaller\x00', 0x4, 0xdf, &(0x7f00000006c0)=""/223, 0x41000, 0x4, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x8, &(0x7f0000000900)={0x2, 0x2}, 0x8, 0x10, &(0x7f0000001980)={0x3, 0x0, 0x99e}, 0x10, 0x0, 0xffffffffffffffff, 0x5, &(0x7f0000001c40)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r11, r13], &(0x7f0000001c80)=[{0x3, 0x5, 0x8, 0x1}, {0x2, 0x5, 0x5, 0x2}, {0x3, 0x3, 0xe, 0x6}, {0x4, 0x4, 0x0, 0x5}, {0x0, 0x3, 0x5, 0x4}], 0x10, 0x7}, 0x94) sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)={0x24, r6, 0x1, 0x70bd28, 0x25dfdbff, {}, [@NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x1}, @NL802154_ATTR_PID={0x8, 0x1c, r7}]}, 0x24}, 0x1, 0x0, 0x0, 0x20000040}, 0x4000000) 3.122968091s ago: executing program 1 (id=3809): r0 = socket$tipc(0x1e, 0x5, 0x0) bind$tipc(r0, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10) r1 = socket$tipc(0x1e, 0x2, 0x0) setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, 0x0, 0x0) sendmsg$tipc(r1, &(0x7f0000000000)={&(0x7f00000001c0)=@name={0x1e, 0x2, 0x0, {{0x42}, 0x2}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x4000}, 0x8050) 3.080674734s ago: executing program 0 (id=3810): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=@newlink={0x48, 0x10, 0x19, 0x70bd2c, 0x255fdbfa, {0x0, 0x0, 0x0, 0x0, 0x40d87, 0x79269}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @ip6gretap={{0xe}, {0x14, 0x2, 0x0, 0x1, [@IFLA_GRE_ENCAP_FLAGS={0x6, 0xf, 0x5}, @IFLA_GRE_ENCAP_SPORT={0x6, 0x10, 0x7}]}}}]}, 0x48}, 0x1, 0x0, 0x0, 0xcc93f1266b77d0bf}, 0x8040) 2.846437383s ago: executing program 5 (id=3811): sched_setscheduler(0x0, 0x2, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000040)='kfree\x00', r0}, 0x18) syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f00000005c0)='./file1\x00', 0x1018e58, &(0x7f0000000000), 0x1, 0x644, &(0x7f00000012c0)="$eJzs3c9rG9kdAPDvSLZjJ26dlFIa01JDDwmUOHYamraXJumhOQQaaA6l9BAT26mJ8oPYgSYNJIFCW2ihlF7Dksv+A7kvue9tWdjd254XssuSZRd2g7XMaGRLthTLsiXZmc8HpMy8Gc17X41e3nsaPU8AhTWVPpUijkasXkkiJhq2jUdt41S+38vPH1xNH0lUq3/4LIkkT6vt/Y9YzV93KH1KIkYj4r3zEd8rb853+d7963OVaubZw4iTKzdun1y+d//E0o25awvXFm7Onvrl6TMzv5o9PbsrcR7K/71w8fc/+s/f//KLxfcrJ5I4G5eH/zYfTXF0pZq0SJyKqVithVhtTB+KiDPpQov3Zb/pKIQDvS8H3Snnn8fhiPhBTEQ5W6uZiKV/D7RwQE9VyxFVoKAS9R8Kqt4PqI/tOxsHX+5xr6R/XpyrDYA2xz9U+24kRrOx0cGXScPIqPbdxuFdyD/N49WDySfpI5q+h/hq7ewM7UI+7Tx6HBE/bBV/kpXtcBZpGn+paayfRMRMRIzk5fttF1k3Hqtuh9/DbL8Q24i/8TyUIuJs/m+afr7L/Kc2rPc7fgCK6fm5vCHPWuP19q+61jbV27/m/s94i7arG9tu/1pdaNmB9v2/ens/mvV7Shv6YWkxLrU+5PDGhI//deF/7fJv7P+9epBk5aj3BfvhxeOIyQ3x/zMNNu//pPEnLc5/usuVs53l8bsPPr3Qbltz/JNPOo1/05vcperTiGMtxz/rH7R06TXXJ08uLlUWZmrPLfN4590/v90u/27j3y3p+T/YJv6G81/a+Lr0PbndYR7PLj29MdJm2/iW8Zc+GUlq4836Mf46t7JyZzZiJLmY79KQfur1ZanvUz9GGv/xn7au/02f/8fNxxlrHMBs4fYfr79st62b899wMXm12mEZ2knjn9/6/G+q/2nafzvM48s/3f1xu20t4o/I4x/bSWAAAAAAAABQQKXsGmxSml5bLpWmp2vzZb8fB0uVW8srP1u8dffmfMTx7PeQw6X6le6J2nqSrs/mv4etr5/asP7ziDgSEf8vj2Xr01dvVeYHHTwAAAAAAAAAAAAAAAAAAADsEYfy+f/1+1R/Ua7N/wcKopc3mAP2NvUfiiur/5tu8bS1Az0oC9Bf2n8oLvUfikv9h+JS/6G41H8oLvUfikv9h+Laov67zA8AAAAA+9ORnzz/KImIR78eyx6pkXxbeXigRQN6rFUVrz4cQEGAvisPugDAwKxd+u9i+j+wv3U0xP86/+OAvS8OMABJq8Ssc1B9feV/3vKVTXQtAAAAAAAAAAAAAGB3HDvafv6/6f/wZvPbfCiuHcz/96cDYJ9z6w8orvUxvrt8QFFtNYt/tN2GDub/AwAAAAAAAAAAAAC7Yzx7JKXpfC7weJRK09MR34mIwzGcLC5VFmYi4rsR8WF5+EC6PjvoQgMAAAAAAAAAAAAAAAAAAMAbZvne/etzlcrCncaFbzalvNkL9bug9iGv38Q2XxVJ/9+WsYgY+Enp2cJQQ0oS8Sg983uiYHeWY28UI1sY8H9MAAAAAAAAAAAAAAAAAABQQA1zj1ubfKvPJQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/lu//3/vFgYdIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwP30bAAD//8UxQX0=") 2.57247402s ago: executing program 3 (id=3812): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000001dc0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000080000000000000000000180100003020702500000000002020207b1af8ff00000000bfa1000000000000070100003affffffb702000008000000b7030000000000a38500000070000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7ffd}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000280)='kmem_cache_free\x00', r0, 0x0, 0x2}, 0x18) r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f00000007c0)={0x40000000000ff80, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="020f000015"], 0xa8}}, 0x40080) 2.556117479s ago: executing program 1 (id=3813): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f0000000000)=[{0x6, 0x85, 0x7, 0x7ffc0001}]}) syz_io_uring_setup(0x3fb1, &(0x7f0000000300)={0x0, 0x9cae, 0x40, 0x5, 0xd6}, &(0x7f0000000100), &(0x7f00000000c0)) rt_sigsuspend(0x0, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0) futex(&(0x7f000000cffc)=0x1, 0x1, 0x800001, 0x0, 0x0, 0x0) mincore(&(0x7f0000ff5000/0x4000)=nil, 0x4000, 0x0) bpf$BPF_PROG_DETACH(0x1c, 0x0, 0x0) 2.464905745s ago: executing program 0 (id=3814): r0 = fsopen(&(0x7f0000000040)='configfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x0) fchownat(r1, 0x0, 0xffffffffffffffff, 0x0, 0x0) 2.261774885s ago: executing program 2 (id=3815): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000006000000050000000010"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r1}, 0x10) r2 = socket$inet6_sctp(0xa, 0x801, 0x84) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r2, 0x84, 0x7b, &(0x7f0000000180)={0x0, 0x2}, 0x8) sendto$inet6(r2, &(0x7f0000000040)="be", 0x1, 0x4008014, &(0x7f0000000000)={0xa, 0x4e22, 0x1, @dev={0xfe, 0x80, '\x00', 0x23}, 0x7}, 0x1c) shutdown(r2, 0x1) 1.739079099s ago: executing program 3 (id=3816): r0 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff) sendmsg$TIPC_NL_BEARER_SET(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000880)={0x18, r0, 0x1, 0x70bd27, 0x25dfdbfb, {}, [@TIPC_NLA_BEARER={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x48c05}, 0x4040140) 1.686770832s ago: executing program 5 (id=3817): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000003c0)=@deltfilter={0x24, 0x2d, 0x1, 0x78bd2d, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, {0xfff3, 0x3}, {0xfff2, 0xffff}, {0x0, 0xb}}}, 0x24}}, 0x20044000) 1.686541452s ago: executing program 2 (id=3818): syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000040)='./file1\x00', 0x21081e, &(0x7f00000001c0)={[{@grpquota}, {@nogrpid}, {@quota}]}, 0x1, 0x4fa, &(0x7f00000005c0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=") r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x0, 0x0, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41002, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r0}, 0x18) quotactl$Q_GETNEXTQUOTA(0xffffffff80000900, &(0x7f0000000040)=@loop={'/dev/loop', 0x0}, 0x0, 0x0) 1.684265518s ago: executing program 0 (id=3819): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x10000000013, &(0x7f0000d06000)=0x1, 0x4) setsockopt$inet_opts(r0, 0x0, 0x4, 0x0, 0x0) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000740)='bridge0\x00', 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$igmp(0x2, 0x3, 0x2) setsockopt$MRT_INIT(r2, 0x0, 0xc8, &(0x7f0000003d40), 0x4) unshare(0x40000000) setsockopt$MRT_ADD_VIF(r2, 0x0, 0xca, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, @vifc_lcl_addr=@local, @dev}, 0x10) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$inet_mreq(r3, 0x0, 0x23, &(0x7f0000000000)={@multicast1=0xe0000300, @local}, 0x8) syz_emit_ethernet(0x3e, &(0x7f00000002c0)={@local, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x20, 0xfc, 0x2, 0x0, @rand_addr=0x1c, @multicast1=0xe0000300}, @dest_unreach={0x3, 0x6, 0x0, 0x0, 0xfa, 0x9, {0x5, 0x4, 0x0, 0x1c, 0xfff6, 0x65, 0x5, 0x1, 0x4, 0x3, @private=0xa010102, @local}}}}}}, 0x0) setsockopt$inet6_tcp_TLS_TX(0xffffffffffffffff, 0x11a, 0x1, 0x0, 0x0) r4 = socket$igmp(0x2, 0x3, 0x2) bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xc, 0x6, &(0x7f0000000000)=@framed={{0x5, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x73}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x70) close(0x4) r5 = socket$igmp(0x2, 0x3, 0x2) setsockopt$MRT_ADD_VIF(r5, 0x0, 0xca, &(0x7f0000000040)={0x1, 0x1, 0x2, 0x4b, @vifc_lcl_addr=@dev={0xac, 0x14, 0x14, 0x3e}, @broadcast}, 0x10) setsockopt$MRT_ADD_MFC_PROXY(r4, 0x0, 0xd2, &(0x7f00000000c0)={@multicast1=0x1c, @empty=0xe0000300, 0x0, "8a79348df081496d0420922f45a71c1daa8b610468cd140526c41efcd3a4a422", 0x3, 0x1, 0x85}, 0x3c) sendmsg$NLBL_MGMT_C_ADD(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000004c0)={0x1a4, 0x0, 0xe701ac47a3d23ecd, 0x70bd2c, 0x25dfdbff, {}, [@NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_DOMAIN={0x17e, 0x1, 'C\xec\xf8\xa0w\x15|\xd8\xbcs\xe1\xb93\x14\xcd\xcb\xb6\xb9\xbb\x84\xe5\xbc\xdb\x7f\x9a\xf2\xea\xcc\x91:v@\xe83-\x1d\xaagQl\x7f\tKt\fc\x1f\x17]\xd5\xd0\xf0\xa8\xeb\xd2g\x92\x04\x02\v\x00\x91d\xe6,\xd3@I\x17\xf3\xbeeI8bz\xdb\xb8s0\xad\xc6\xbf/*\xb6(o\x91t\x12\x93U6\xf4@n\xdc\xdc\x8a7y\x81FY\xbe\xbbc\xd2\xc3\x01\xa5\xe2V\x8c\xb3im~\xd2V\xdaG\xbdbF\xc8n\x86\xac\x9c\xfb\xda\xe2&\"\xb4:\x13\xe9\tc\x85\xb4\xcb\x17\xbfm\x846\xe7\x7fp\x9eCdb\xad;\xa2\xacs\xbf6\xe8\xe3Xg3&\xe2 \xd6\n\x9d=~<\x93/\xaf\x89\x06+\x96]\xb5+\xee\xff8^D*\xdb\xb8\xd8t\x80\xd4\x8fK=40\xe8R\x83p,J\xca\x85\xcb\xfa:\xdb\xda\x05\xed\xc8\xad\xa2\xfc0C\x9e3\x8e*\xae\x91\xa4\xc7)\xc0\x87\x9b\xee~\xdb\xac\x03\x90\xb1\x05\x81\xb1j\xfaO`\xa7\xa0\xeb\x83\x13 \xc8\x98\xdb\v \x95\x8eD\xc3\xc6:\xcc%\x88\xc7\xa5\xe5\xfc\xccl\x96F_\x92\xa2\xc3\xea@\"\xb1\x1b`o~B\xb4W\xd8\v\xabCBL\x81A\x92D\xd5{K\xf0\xd5\x91\n\x94\x9b\xd9\xdb2E\\\xb1\x90\xf1\xfc\xc1}\x96\xf4\xba3g\xc8\xf7j\xbc\xf1\x11\xe3\x05\xean9M\xeb&\xd2\xdf\xbe\xa1\xe8[\x91\xa5\x90uX\xd0IH!\xe3\x8a9k\x94\xc8\xde\xea\xc6^\x96\xceV\xb2\xcba\x8b\xbc\xe9'}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x2}]}, 0x1a4}, 0x1, 0x0, 0x0, 0x2}, 0x4000840) socket$key(0xf, 0x3, 0x2) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000181100"/20, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) syz_clone(0x500, 0x0, 0x0, 0x0, 0x0, 0x0) 1.646408917s ago: executing program 1 (id=3820): bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0xc, 0xe, &(0x7f0000000900)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff"], 0x0}, 0x94) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f00000008c0)=@raw={'raw\x00', 0x8, 0x3, 0x1d8, 0x128, 0x43, 0xa0, 0x128, 0x98, 0x1d8, 0x178, 0x178, 0x1d8, 0x178, 0x49, 0x0, {[{{@ip={@loopback, @initdev={0xac, 0x1e, 0x0, 0x0}, 0xffffff00, 0xffffffff, 'veth0_vlan\x00', 'bond0\x00', {0xff}, {}, 0x0, 0x2}, 0x12a, 0x70, 0x90, 0x0, {0x0, 0x7a010000}}, @unspec=@TRACE={0x20}}, {{@uncond, 0x0, 0x70, 0xb0}, @common=@inet=@LOG={0x40, 'LOG\x00', 0x0, {0x3, 0x1, "7a7d0d9452729a5afa3851200a44a3d28da04828d1768c081f126a6bc527"}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x238) 1.294203415s ago: executing program 3 (id=3821): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000002040)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x48) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0) write$tun(0xffffffffffffffff, 0x0, 0x6e) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x41000}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x4000, &(0x7f00000001c0), 0x1, 0x4bc, &(0x7f0000000a40)="$eJzs3ctvW1UaAPDPdpMmaWb6mNGo7UjTSh2p81DjPDRqMjObWc3MotJoKrEBqYTEDSVOHMVOaaIuUth1wQKBQEIs2PMXsKErKiTEGvaIBSqCEiRAQjK613abOHGwII1p7u8n3ebch/2dU+s7Ovf4Xt8AMuts8k8uYjgiPoyIo43VrQecbfzZuH9zJllyUa9f/iKXHpestw5tve5IRKxHxEBE/P/fEc/ktsetrq7NT5fLpeXmerG2sFSsrq5duLYwPVeaKy2OTV6cmpocnRif2rO23n7puduX3vlv/9vfvHjv7svvvZtUa7i5b3M79lKj6X1xfNO2QxHxz0cRrAcKzfYM9roi/CTJ5/ebiDiX5v/RKKSfJpAF9Xq9/n39cKfd63XgwMqnY+BcfiQiGuV8fmSkMYb/bQzly5Vq7a9XKyuLs42x8rHoy1+9Vi6NNs8VjkVfLlkfS8sP18fb1ici0jHwK4XBdH1kplKe3d+uDmhzpC3/vy408h/ICKf8kF3yH7JL/kN2yX/ILvkP2SX/IbvkP2SX/Ifskv+QXfIfskv+Qyb979KlZKm37n+fvb66Ml+5fmG2VJ0fWViZGZmpLC+NzFUqc+k9Ows/9n7lSmVp7G+xcqNYK1Vrxerq2pWFyspi7Up6X/+VUt++tAroxvEzdz7ORcT63wfTJdHf3CdX4WCr13PR63uQgd4o9LoDAnrG1B9kl3N8oP0netvHBQOdXrj0cL4QeLzke10BoGfOn/L9H2SV+X/ILvP/kF3G+MAOj+jbYrf5f+DxZP4fsmu4w/O/frXp2V2jEfHriPio0He49awv4CDIf5Zrjv/PH/3jcPve/ty36VcE/RHx/BuXX7sxXastjyXbv3ywvfZ6c/v4phd2PGEAeqWVp608BgCya+P+zZnWsp9xP/9X4yKE7fEPNecmB9LvKIc2cluuVcjt0bUL67ci4uRO8XPN5503TmSGNgrb4p9o/s013iKt76H0uen7E//Upvh/2BT/9M/+X4FsuJP0P6M75V8+zel4kH9b+5/hPbp2onP/l3/Q/xU69H9nuozx7JsvfNox/q2I0zvGb8UbSGO1x0/qdr7L+PeeeuJ3nfbV32q8z07xW5JSsbawVKyurl1If0durrQ4NnlxampydGJ8qpjOURdbM9Xb/ePkB3d3a/9Qh/i7tT/Z9ucu2//d799/8uwu8f90bufP/8Qu8Qcj4i9dxv9q/JOnO+1L4s92aH9+l/jJtoku41df/c/hLg8FAPZBdXVtfrpcLi0rKCj0pHDrl1GNtkKveybgUauuJqfmSdL3uiYAAAAAAAAAAABAt/bjcuJetxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4CD4IQAA//9HcdTQ") creat(&(0x7f00000000c0)='./bus\x00', 0x182) r2 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x88882, 0x0) fallocate(r2, 0x0, 0x0, 0x1001f0) preadv2(0xffffffffffffffff, &(0x7f00000000c0)=[{&(0x7f0000001200)=""/4096, 0x100000}], 0x2, 0x0, 0x0, 0x0) 1.208544502s ago: executing program 5 (id=3822): openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) r0 = socket(0x400000000010, 0x3, 0x0) r1 = socket$unix(0x1, 0x5, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0x25dfdbfd, {0x0, 0x0, 0x0, r2, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x42}}}]}, 0x38}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@newtfilter={0x44, 0x2c, 0xd27, 0x70bd24, 0x25dfdbfc, {0x0, 0x0, 0x0, r2, {0x4, 0xa}, {}, {0xfff2, 0x2}}, [@filter_kind_options=@f_bpf={{0x8}, {0x18, 0x2, [@TCA_BPF_OPS={{0x6, 0x4, 0x1}, {0xc, 0x5, [{0x6, 0xd, 0x5, 0x4}]}}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x8848}, 0x80) sendmsg$nl_route_sched(r0, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=@gettfilter={0x24, 0x2e, 0x1, 0x70bd2a, 0x25dfdafd, {0x0, 0x0, 0x0, r2, {0xffff, 0xc}, {0x0, 0xfff1}, {0x6, 0x2}}}, 0x24}, 0x1, 0x0, 0x0, 0x4000000}, 0x4) 879.333012ms ago: executing program 1 (id=3823): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000002000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000010000008500000085000000b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x18) bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[], 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x2, 0xc, &(0x7f0000000a00)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000855c1d85500b18102c03dfbfeecaff7fdbcdb3d0e38d291e5e856b8c0a7150ae97592328c59c0c9a6a4d689289c13a96673bc192afd3a5c2bd05deeda30d02cf0d4ca91216", @ANYBLOB="27fe6aeaa63fecec7e2567c9e3bfc2e2de66f79e5b28162b441fc4fe45194507461b7c7be98dad0c8915fd7564742fcabe42870eda9e86c505928fd4a52f0581bc9d2ea7087156b5", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xc0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0200000004000000040400000900000000000000", @ANYRES32, @ANYBLOB="0000d56200"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/17], 0x50) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xd, 0x3, 0x4, 0x801, 0x1, r3, 0x15b4}, 0x50) bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000380)={r4, 0x0}, 0x20) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) r5 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0) r6 = openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/timer_list\x00', 0x0, 0x0) sendfile(r5, r6, 0x0, 0x20000023896) close(r5) r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000006000000050000000010"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x31, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r8}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x94) r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) r10 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000e00)={&(0x7f0000000980)='sys_exit\x00', r9}, 0x10) r11 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r10}, 0x8) write$cgroup_int(r11, &(0x7f00000001c0), 0xb452e779) r12 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r12}, &(0x7f0000bbdffc)=0x0) timer_settime(r13, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r6, 0x84, 0xa, &(0x7f0000000040)={0x3, 0xd9c, 0x8202, 0x2, 0x6, 0x6, 0x800, 0x7}, &(0x7f00000000c0)=0x20) openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0) 286.481172ms ago: executing program 2 (id=3824): nanosleep(&(0x7f0000000080)={0x77359400}, &(0x7f0000000180)) r0 = syz_open_procfs(0x0, &(0x7f0000000480)='task\x00') fchdir(r0) mount(0x0, &(0x7f0000000140)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='wchan\x00') pread64(r1, &(0x7f0000000500)=""/31, 0x1f, 0x40000000009) io_uring_setup(0x323f, 0x0) 149.167183ms ago: executing program 0 (id=3825): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f00000000c0)={0xe8, 0x30, 0x7, 0x2, 0x4, 0x5, 0x7, 0x8, 0xa, 0x5, 0x2, 0x52, 0x2, 0x3}, 0xe) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0xffff, @local}]}, &(0x7f0000000440)=0x10) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r0, 0x84, 0x78, &(0x7f0000000200)=r1, 0x4) 0s ago: executing program 5 (id=3826): bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000fd0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000500)='page_pool_state_release\x00', r0}, 0x10) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800"], 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000b703000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000300)={r2, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000280)="b9ff03076804268c989e14f088a8", 0x0, 0x2, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50) kernel console output (not intermixed with test programs): : p199 size 3328 extends beyond EOD, truncated [ 1091.995327][T14719] loop3: p200 size 3328 extends beyond EOD, truncated [ 1092.040240][T14719] loop3: p201 size 3328 extends beyond EOD, truncated [ 1092.053076][T14719] loop3: p202 size 3328 extends beyond EOD, truncated [ 1092.085367][T14719] loop3: p203 size 3328 extends beyond EOD, truncated [ 1092.108662][T14719] loop3: p204 size 3328 extends beyond EOD, truncated [ 1092.129045][T14719] loop3: p205 size 3328 extends beyond EOD, truncated [ 1092.177641][T14719] loop3: p206 size 3328 extends beyond EOD, truncated [ 1092.212188][T14719] loop3: p207 size 3328 extends beyond EOD, truncated [ 1092.256456][T14719] loop3: p208 size 3328 extends beyond EOD, truncated [ 1092.277840][T14719] loop3: p209 size 3328 extends beyond EOD, truncated [ 1092.302961][T14719] loop3: p210 size 3328 extends beyond EOD, truncated [ 1092.338811][T14719] loop3: p211 size 3328 extends beyond EOD, truncated [ 1092.362434][T14719] loop3: p212 size 3328 extends beyond EOD, truncated [ 1092.396842][T14719] loop3: p213 size 3328 extends beyond EOD, truncated [ 1092.439724][T14719] loop3: p214 size 3328 extends beyond EOD, truncated [ 1092.469122][T14719] loop3: p215 size 3328 extends beyond EOD, truncated [ 1092.520776][T14719] loop3: p216 size 3328 extends beyond EOD, truncated [ 1092.551883][T14719] loop3: p217 size 3328 extends beyond EOD, truncated [ 1092.569230][T14719] loop3: p218 size 3328 extends beyond EOD, truncated [ 1092.614790][T14719] loop3: p219 size 3328 extends beyond EOD, truncated [ 1092.658348][T14719] loop3: p220 size 3328 extends beyond EOD, truncated [ 1092.701452][T14719] loop3: p221 size 3328 extends beyond EOD, truncated [ 1092.737459][T14719] loop3: p222 size 3328 extends beyond EOD, truncated [ 1092.766272][T14693] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1092.783161][T14719] loop3: p223 size 3328 extends beyond EOD, truncated [ 1092.798638][T14719] loop3: p224 size 3328 extends beyond EOD, truncated [ 1092.834062][T14719] loop3: p225 size 3328 extends beyond EOD, truncated [ 1092.889762][T14719] loop3: p226 size 3328 extends beyond EOD, truncated [ 1092.916627][T14719] loop3: p227 size 3328 extends beyond EOD, truncated [ 1092.949266][T14719] loop3: p228 size 3328 extends beyond EOD, truncated [ 1093.009587][T14719] loop3: p229 size 3328 extends beyond EOD, truncated [ 1093.039266][T14719] loop3: p230 size 3328 extends beyond EOD, truncated [ 1093.090586][T14719] loop3: p231 size 3328 extends beyond EOD, truncated [ 1093.170886][T14719] loop3: p232 size 3328 extends beyond EOD, truncated [ 1093.193100][T14719] loop3: p233 size 3328 extends beyond EOD, truncated [ 1093.206180][T14693] veth0_vlan: entered promiscuous mode [ 1093.219296][T14719] loop3: p234 size 3328 extends beyond EOD, truncated [ 1093.269162][T14719] loop3: p235 size 3328 extends beyond EOD, truncated [ 1093.298624][T14719] loop3: p236 size 3328 extends beyond EOD, truncated [ 1093.311761][T14693] veth1_vlan: entered promiscuous mode [ 1093.323944][T14719] loop3: p237 size 3328 extends beyond EOD, truncated [ 1093.354802][T14719] loop3: p238 size 3328 extends beyond EOD, truncated [ 1093.391938][T14719] loop3: p239 size 3328 extends beyond EOD, truncated [ 1093.414746][T14719] loop3: p240 size 3328 extends beyond EOD, truncated [ 1093.449945][T14719] loop3: p241 size 3328 extends beyond EOD, truncated [ 1093.460979][T14719] loop3: p242 size 3328 extends beyond EOD, truncated [ 1093.510625][T14719] loop3: p243 size 3328 extends beyond EOD, truncated [ 1093.535374][T14719] loop3: p244 size 3328 extends beyond EOD, truncated [ 1093.583321][T14693] veth0_macvtap: entered promiscuous mode [ 1093.605787][T14719] loop3: p245 size 3328 extends beyond EOD, truncated [ 1093.641243][T14693] veth1_macvtap: entered promiscuous mode [ 1093.653589][T14719] loop3: p246 size 3328 extends beyond EOD, truncated [ 1093.701213][T14719] loop3: p247 size 3328 extends beyond EOD, truncated [ 1093.732660][T14719] loop3: p248 size 3328 extends beyond EOD, truncated [ 1093.759148][T14719] loop3: p249 size 3328 extends beyond EOD, truncated [ 1093.784999][T14693] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1093.809371][T14719] loop3: p250 size 3328 extends beyond EOD, truncated [ 1093.830373][T14719] loop3: p251 size 3328 extends beyond EOD, truncated [ 1093.853812][T14719] loop3: p252 size 3328 extends beyond EOD, truncated [ 1093.875796][T14693] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1093.913481][T14719] loop3: p253 size 3328 extends beyond EOD, truncated [ 1093.938822][T14719] loop3: p254 size 3328 extends beyond EOD, truncated [ 1093.961055][T14719] loop3: p255 size 3328 extends beyond EOD, truncated [ 1093.999570][ T3663] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1094.023193][ T3663] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1094.067852][ T3663] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1094.081690][T11388] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1095.401824][T14833] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3115'. [ 1095.411319][T14833] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3115'. [ 1095.535136][ T1288] ieee802154 phy0 wpan0: encryption failed: -22 [ 1098.203462][T14873] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3128'. [ 1098.213206][T14873] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3128'. [ 1098.905468][ T30] audit: type=1326 audit(1760719727.304:2038): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14886 comm="syz.5.3133" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f42539 code=0x7ffc0000 [ 1098.928695][ T30] audit: type=1326 audit(1760719727.304:2039): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14886 comm="syz.5.3133" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f42539 code=0x7ffc0000 [ 1099.077087][ T30] audit: type=1326 audit(1760719727.384:2040): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14886 comm="syz.5.3133" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f42539 code=0x7ffc0000 [ 1099.099909][ T30] audit: type=1326 audit(1760719727.384:2041): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14886 comm="syz.5.3133" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f42539 code=0x7ffc0000 [ 1099.123469][ T30] audit: type=1326 audit(1760719727.384:2042): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14886 comm="syz.5.3133" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f42539 code=0x7ffc0000 [ 1099.150751][ T30] audit: type=1326 audit(1760719727.384:2043): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14886 comm="syz.5.3133" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f42539 code=0x7ffc0000 [ 1099.173431][ T30] audit: type=1326 audit(1760719727.404:2044): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14886 comm="syz.5.3133" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f42539 code=0x7ffc0000 [ 1099.197652][ T30] audit: type=1326 audit(1760719727.404:2045): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14886 comm="syz.5.3133" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f42539 code=0x7ffc0000 [ 1099.221227][ T30] audit: type=1326 audit(1760719727.404:2046): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14886 comm="syz.5.3133" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f42539 code=0x7ffc0000 [ 1099.243843][ T30] audit: type=1326 audit(1760719727.404:2047): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14886 comm="syz.5.3133" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f42539 code=0x7ffc0000 [ 1099.933468][ T3663] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1099.941858][ T3663] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1100.056902][ T3663] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1100.065089][ T3663] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1100.218808][T14906] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3139'. [ 1100.232430][T14906] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3139'. [ 1100.504308][T14910] loop2: detected capacity change from 0 to 764 [ 1100.585669][T14910] rock: directory entry would overflow storage [ 1100.593251][T14910] rock: sig=0x5245, size=8, remaining=5 [ 1101.911043][T14929] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3148'. [ 1102.014042][T14929] netlink: 660 bytes leftover after parsing attributes in process `syz.5.3148'. [ 1102.307472][ T5810] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 1102.321775][ T5810] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 1102.332393][ T5810] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 1102.352473][ T5810] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 1102.364860][ T5810] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 1104.161705][T14934] chnl_net:caif_netlink_parms(): no params data found [ 1104.474172][T11602] Bluetooth: hci0: command tx timeout [ 1105.263003][T14966] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3160'. [ 1105.426636][T14966] netlink: 660 bytes leftover after parsing attributes in process `syz.1.3160'. [ 1105.726453][T14934] bridge0: port 1(bridge_slave_0) entered blocking state [ 1105.734272][T14934] bridge0: port 1(bridge_slave_0) entered disabled state [ 1105.742404][T14934] bridge_slave_0: entered allmulticast mode [ 1105.754667][T14934] bridge_slave_0: entered promiscuous mode [ 1105.893987][T14934] bridge0: port 2(bridge_slave_1) entered blocking state [ 1105.902017][T14934] bridge0: port 2(bridge_slave_1) entered disabled state [ 1105.910139][T14934] bridge_slave_1: entered allmulticast mode [ 1105.920497][T14934] bridge_slave_1: entered promiscuous mode [ 1106.002394][T13328] syz_tun (unregistering): left allmulticast mode [ 1106.272344][T14934] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1106.353280][T14934] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1106.548749][T11602] Bluetooth: hci0: command tx timeout [ 1106.600079][T14934] team0: Port device team_slave_0 added [ 1106.621220][T14934] team0: Port device team_slave_1 added [ 1106.732625][T13259] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 1106.759865][T14934] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1106.767015][T14934] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1106.797607][T14934] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1106.858534][T14934] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1106.865784][T14934] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1106.896445][T14934] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1106.948280][T13259] usb 1-1: Using ep0 maxpacket: 32 [ 1106.974343][T13259] usb 1-1: New USB device found, idVendor=17cc, idProduct=1020, bcdDevice=b4.bf [ 1106.983840][T13259] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1106.995766][T13259] usb 1-1: Product: syz [ 1107.001717][T13259] usb 1-1: Manufacturer: syz [ 1107.006548][T13259] usb 1-1: SerialNumber: syz [ 1107.054294][T13259] usb 1-1: config 0 descriptor?? [ 1107.280510][T14934] hsr_slave_0: entered promiscuous mode [ 1107.301451][T14934] hsr_slave_1: entered promiscuous mode [ 1107.313444][T14934] debugfs: 'hsr0' already exists in 'hsr' [ 1107.319644][T14934] Cannot create hsr debugfs directory [ 1107.484517][T13259] snd-usb-audio 1-1:0.0: probe with driver snd-usb-audio failed with error -71 [ 1107.550667][T13259] usb 1-1: USB disconnect, device number 4 [ 1108.059516][T14934] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1108.193689][T14934] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1108.356962][T14934] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1108.517182][T14934] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1108.638886][T11602] Bluetooth: hci0: command tx timeout [ 1109.026595][T14934] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 1109.094833][T14934] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 1109.147578][T14934] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 1109.201392][T14934] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 1109.249131][T14995] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3172'. [ 1109.294924][T14995] netlink: 660 bytes leftover after parsing attributes in process `syz.1.3172'. [ 1110.180654][T14934] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1110.200003][ T30] kauditd_printk_skb: 6 callbacks suppressed [ 1110.200083][ T30] audit: type=1326 audit(1760719738.604:2054): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15005 comm="syz.0.3177" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d539 code=0x7ffc0000 [ 1110.229982][ T30] audit: type=1326 audit(1760719738.604:2055): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15005 comm="syz.0.3177" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d539 code=0x7ffc0000 [ 1110.252696][ T30] audit: type=1326 audit(1760719738.624:2056): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15005 comm="syz.0.3177" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d539 code=0x7ffc0000 [ 1110.277746][ T30] audit: type=1326 audit(1760719738.634:2057): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15005 comm="syz.0.3177" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d539 code=0x7ffc0000 [ 1110.301226][ T30] audit: type=1326 audit(1760719738.644:2058): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15005 comm="syz.0.3177" exe="/root/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf706d539 code=0x7ffc0000 [ 1110.323685][ T30] audit: type=1326 audit(1760719738.644:2059): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15005 comm="syz.0.3177" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d539 code=0x7ffc0000 [ 1110.346268][ T30] audit: type=1326 audit(1760719738.644:2060): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15005 comm="syz.0.3177" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d539 code=0x7ffc0000 [ 1110.370575][ T30] audit: type=1326 audit(1760719738.644:2061): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15005 comm="syz.0.3177" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d539 code=0x7ffc0000 [ 1110.382622][T14934] 8021q: adding VLAN 0 to HW filter on device team0 [ 1110.394101][ T30] audit: type=1326 audit(1760719738.684:2062): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15005 comm="syz.0.3177" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d539 code=0x7ffc0000 [ 1110.422727][ T30] audit: type=1326 audit(1760719738.684:2063): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15005 comm="syz.0.3177" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d539 code=0x7ffc0000 [ 1110.471669][T11388] bridge0: port 1(bridge_slave_0) entered blocking state [ 1110.479411][T11388] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1110.609052][T11388] bridge0: port 2(bridge_slave_1) entered blocking state [ 1110.616563][T11388] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1110.719026][T11602] Bluetooth: hci0: command tx timeout [ 1112.073950][T13259] hid-generic 0000:0000:0000.0031: unknown main item tag 0x0 [ 1112.160840][T13259] hid-generic 0000:0000:0000.0031: hidraw0: HID v0.00 Device [syz1] on syz0 [ 1112.264714][T14934] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1112.711139][T14934] veth0_vlan: entered promiscuous mode [ 1112.810654][T14934] veth1_vlan: entered promiscuous mode [ 1113.086910][T14934] veth0_macvtap: entered promiscuous mode [ 1113.181942][T14934] veth1_macvtap: entered promiscuous mode [ 1113.373474][T14934] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1113.458419][T14934] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1113.527497][T11385] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1113.560835][T11385] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1113.625607][T11385] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1113.687556][T11385] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1114.527752][T15050] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3192'. [ 1114.765857][T15056] loop5: detected capacity change from 0 to 1024 [ 1114.962346][T15056] EXT4-fs error (device loop5): ext4_acquire_dquot:6945: comm syz.5.3192: Failed to acquire dquot type 0 [ 1115.025829][T15056] EXT4-fs error (device loop5): mb_free_blocks:2017: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt. [ 1115.044947][T15056] EXT4-fs error (device loop5): ext4_do_update_inode:5632: inode #13: comm syz.5.3192: corrupted inode contents [ 1115.088461][T15056] EXT4-fs error (device loop5): ext4_dirty_inode:6517: inode #13: comm syz.5.3192: mark_inode_dirty error [ 1115.124326][T15056] EXT4-fs error (device loop5): ext4_do_update_inode:5632: inode #13: comm syz.5.3192: corrupted inode contents [ 1115.198487][T15056] EXT4-fs error (device loop5): __ext4_ext_dirty:206: inode #13: comm syz.5.3192: mark_inode_dirty error [ 1115.292491][T15056] EXT4-fs error (device loop5): ext4_do_update_inode:5632: inode #13: comm syz.5.3192: corrupted inode contents [ 1115.347855][T15056] EXT4-fs error (device loop5) in ext4_orphan_del:301: Corrupt filesystem [ 1115.414836][T15056] EXT4-fs error (device loop5): ext4_do_update_inode:5632: inode #13: comm syz.5.3192: corrupted inode contents [ 1115.504459][T15056] EXT4-fs error (device loop5): ext4_truncate:4637: inode #13: comm syz.5.3192: mark_inode_dirty error [ 1115.569463][T15056] EXT4-fs error (device loop5) in ext4_process_orphan:343: Corrupt filesystem [ 1115.640819][T15056] EXT4-fs (loop5): 1 truncate cleaned up [ 1115.649251][T15056] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1115.817037][T15056] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 1116.299354][T12216] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1118.635040][T15117] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3206'. [ 1118.871752][ T9322] hid-generic 0000:0000:0000.0032: unknown main item tag 0x0 [ 1118.974386][T15113] loop3: detected capacity change from 0 to 8192 [ 1118.992330][ T9322] hid-generic 0000:0000:0000.0032: hidraw0: HID v0.00 Device [syz1] on syz0 [ 1119.032021][T11388] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1119.040610][T11388] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1119.064112][T15113] loop3: p2 p3 p4 [ 1119.073153][T15113] loop3: p2 start 164919041 is beyond EOD, truncated [ 1119.081517][T15113] loop3: p3 size 66846464 extends beyond EOD, truncated [ 1119.140549][T15113] loop3: p4 size 37048832 extends beyond EOD, truncated [ 1119.146091][T11387] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1119.155982][T11387] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1119.176965][ T5866] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 1119.368359][ T5866] usb 1-1: Using ep0 maxpacket: 32 [ 1119.418172][ T5866] usb 1-1: New USB device found, idVendor=17cc, idProduct=1020, bcdDevice=b4.bf [ 1119.427493][ T5866] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1119.436229][ T5866] usb 1-1: Product: syz [ 1119.440810][ T5866] usb 1-1: Manufacturer: syz [ 1119.445605][ T5866] usb 1-1: SerialNumber: syz [ 1119.532655][ T5866] usb 1-1: config 0 descriptor?? [ 1119.793050][ T5866] snd-usb-audio 1-1:0.0: probe with driver snd-usb-audio failed with error -71 [ 1119.842853][ T5866] usb 1-1: USB disconnect, device number 5 [ 1122.661253][T15161] loop5: detected capacity change from 0 to 512 [ 1122.675468][T15161] EXT4-fs: Ignoring removed nobh option [ 1122.751758][T15161] EXT4-fs error (device loop5): ext4_orphan_get:1392: inode #15: comm syz.5.3224: iget: bad i_size value: 38620345925642 [ 1122.787546][T15161] EXT4-fs error (device loop5): ext4_orphan_get:1397: comm syz.5.3224: couldn't read orphan inode 15 (err -117) [ 1122.833091][T15161] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1122.928223][T15161] EXT4-fs (loop5): shut down requested (2) [ 1122.989709][T15161] netlink: 276 bytes leftover after parsing attributes in process `syz.5.3224'. [ 1122.999436][T15161] netlink: 276 bytes leftover after parsing attributes in process `syz.5.3224'. [ 1123.616132][T12216] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1123.634878][ T30] kauditd_printk_skb: 167 callbacks suppressed [ 1123.634967][ T30] audit: type=1326 audit(1760719752.034:2229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15177 comm="syz.1.3229" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fd539 code=0x7ffc0000 [ 1123.664236][ T30] audit: type=1326 audit(1760719752.044:2230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15177 comm="syz.1.3229" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fd539 code=0x7ffc0000 [ 1123.696775][ T30] audit: type=1326 audit(1760719752.084:2231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15177 comm="syz.1.3229" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fd539 code=0x7ffc0000 [ 1123.722237][ T30] audit: type=1326 audit(1760719752.084:2232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15177 comm="syz.1.3229" exe="/root/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf70fd539 code=0x7ffc0000 [ 1123.745258][ T30] audit: type=1326 audit(1760719752.094:2233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15177 comm="syz.1.3229" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fd539 code=0x7ffc0000 [ 1123.768105][ T30] audit: type=1326 audit(1760719752.094:2234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15177 comm="syz.1.3229" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fd539 code=0x7ffc0000 [ 1123.793016][ T30] audit: type=1326 audit(1760719752.094:2235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15177 comm="syz.1.3229" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fd539 code=0x7ffc0000 [ 1123.816617][ T30] audit: type=1326 audit(1760719752.094:2236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15177 comm="syz.1.3229" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fd539 code=0x7ffc0000 [ 1123.839311][ T30] audit: type=1326 audit(1760719752.094:2237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15177 comm="syz.1.3229" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fd539 code=0x7ffc0000 [ 1123.861993][ T30] audit: type=1326 audit(1760719752.094:2238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15177 comm="syz.1.3229" exe="/root/syz-executor" sig=0 arch=40000003 syscall=425 compat=1 ip=0xf70fd539 code=0x7ffc0000 [ 1124.356616][T11456] hid-generic 0000:0000:0000.0033: unknown main item tag 0x0 [ 1124.404257][T11456] hid-generic 0000:0000:0000.0033: hidraw0: HID v0.00 Device [syz1] on syz0 [ 1124.757147][T15192] netlink: 'syz.5.3235': attribute type 27 has an invalid length. [ 1125.086248][T15192] bridge0: port 2(bridge_slave_1) entered disabled state [ 1125.096264][T15192] bridge0: port 1(bridge_slave_0) entered disabled state [ 1125.173838][T15192] nlmon0: left promiscuous mode [ 1125.179530][T15192] nlmon0: left allmulticast mode [ 1125.374185][T15192] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1125.402605][T15192] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1125.995312][T15192] ip6erspan0: left promiscuous mode [ 1126.004197][T15192] macvtap1: left promiscuous mode [ 1126.009735][T15192] macvtap1: left allmulticast mode [ 1126.019905][T15192] macvtap2: left promiscuous mode [ 1126.025164][T15192] macvtap2: left allmulticast mode [ 1126.086153][T11388] netdevsim netdevsim5 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 1126.177706][T11387] netdevsim netdevsim5 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 1126.204473][T11387] netdevsim netdevsim5 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 1126.270299][ T4262] netdevsim netdevsim5 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 1126.712529][T15213] loop2: detected capacity change from 0 to 1024 [ 1126.732639][T15213] EXT4-fs: Ignoring removed bh option [ 1126.753914][T15213] EXT4-fs (loop2): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 1126.823380][T15213] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1127.000537][T15215] netlink: 276 bytes leftover after parsing attributes in process `syz.1.3241'. [ 1127.010023][T15215] netlink: 276 bytes leftover after parsing attributes in process `syz.1.3241'. [ 1127.196238][T14934] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1128.126683][T15231] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3248'. [ 1128.308385][T15208] Bluetooth: hci3: command 0x0406 tx timeout [ 1129.358368][T15248] loop3: detected capacity change from 0 to 1024 [ 1129.381396][T15248] EXT4-fs: Ignoring removed bh option [ 1129.400770][ T30] kauditd_printk_skb: 119 callbacks suppressed [ 1129.400852][ T30] audit: type=1326 audit(1760719757.804:2358): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15249 comm="syz.2.3255" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01539 code=0x7ffc0000 [ 1129.432913][ T30] audit: type=1326 audit(1760719757.804:2359): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15249 comm="syz.2.3255" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01539 code=0x7ffc0000 [ 1129.456325][ T30] audit: type=1326 audit(1760719757.814:2360): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15249 comm="syz.2.3255" exe="/root/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf7f01539 code=0x7ffc0000 [ 1129.479077][ T30] audit: type=1326 audit(1760719757.824:2361): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15249 comm="gtp" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01539 code=0x7ffc0000 [ 1129.501175][ T30] audit: type=1326 audit(1760719757.834:2362): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15249 comm="gtp" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01539 code=0x7ffc0000 [ 1129.523228][ T30] audit: type=1326 audit(1760719757.844:2363): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15249 comm="gtp" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f01539 code=0x7ffc0000 [ 1129.531325][T15248] EXT4-fs (loop3): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 1129.555444][ T30] audit: type=1326 audit(1760719757.954:2364): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15249 comm="gtp" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01539 code=0x7ffc0000 [ 1129.555689][ T30] audit: type=1326 audit(1760719757.954:2365): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15249 comm="gtp" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01539 code=0x7ffc0000 [ 1129.608223][ T30] audit: type=1326 audit(1760719758.004:2366): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15249 comm="gtp" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f01539 code=0x7ffc0000 [ 1129.632708][ T30] audit: type=1326 audit(1760719758.004:2367): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15249 comm="gtp" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01539 code=0x7ffc0000 [ 1129.699423][T15248] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1130.047824][T14233] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1131.455725][T15288] loop2: detected capacity change from 0 to 1024 [ 1131.498715][T15288] EXT4-fs: Ignoring removed bh option [ 1131.535409][T15288] EXT4-fs (loop2): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 1131.622108][T15288] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1131.755652][T14934] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1133.397241][T15322] loop2: detected capacity change from 0 to 1024 [ 1133.435606][T15322] EXT4-fs: Ignoring removed bh option [ 1133.479411][T15322] EXT4-fs (loop2): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 1133.658680][T15322] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1133.790938][T14934] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1134.440441][ T69] Bluetooth: hci1: Frame reassembly failed (-84) [ 1134.712819][T15342] loop2: detected capacity change from 0 to 512 [ 1134.792798][T15342] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a843c198, mo2=0002] [ 1134.802074][T15342] System zones: 1-12 [ 1134.811878][T15342] EXT4-fs error (device loop2): ext4_iget_extra_inode:5075: inode #15: comm syz.2.3292: corrupted in-inode xattr: e_value size too large [ 1134.828762][T15342] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.3292: couldn't read orphan inode 15 (err -117) [ 1134.910635][T15342] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1135.060471][T15350] netlink: 'syz.3.3295': attribute type 1 has an invalid length. [ 1135.166263][T14934] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1135.227458][T15350] bond1: (slave vxcan3): The slave device specified does not support setting the MAC address [ 1135.241586][T15350] bond1: (slave vxcan3): Error -95 calling set_mac_address [ 1135.338875][T15354] bond1: (slave gretap1): making interface the new active one [ 1135.360266][T15354] bond1: (slave gretap1): Enslaving as an active interface with an up link [ 1135.429718][T15350] macvlan2: entered promiscuous mode [ 1135.435253][T15350] macvlan2: entered allmulticast mode [ 1135.442669][T15350] bond1: (slave macvlan2): Error -98 calling set_mac_address [ 1136.040640][ T30] kauditd_printk_skb: 37 callbacks suppressed [ 1136.040728][ T30] audit: type=1326 audit(1760719764.444:2405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15366 comm="syz.3.3301" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ed539 code=0x7ffc0000 [ 1136.072294][ T30] audit: type=1326 audit(1760719764.444:2406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15366 comm="syz.3.3301" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ed539 code=0x7ffc0000 [ 1136.112576][ T30] audit: type=1326 audit(1760719764.514:2407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15366 comm="syz.3.3301" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf70ed539 code=0x7ffc0000 [ 1136.135084][ C1] vkms_vblank_simulate: vblank timer overrun [ 1136.154208][ T30] audit: type=1326 audit(1760719764.554:2408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15366 comm="syz.3.3301" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ed539 code=0x7ffc0000 [ 1136.179653][ T30] audit: type=1326 audit(1760719764.554:2409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15366 comm="syz.3.3301" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ed539 code=0x7ffc0000 [ 1136.201984][ C1] vkms_vblank_simulate: vblank timer overrun [ 1136.209448][ T30] audit: type=1326 audit(1760719764.554:2410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15366 comm="syz.3.3301" exe="/root/syz-executor" sig=0 arch=40000003 syscall=283 compat=1 ip=0xf70ed539 code=0x7ffc0000 [ 1136.231761][ C1] vkms_vblank_simulate: vblank timer overrun [ 1136.238780][ T30] audit: type=1326 audit(1760719764.554:2411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15366 comm="syz.3.3301" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ed539 code=0x7ffc0000 [ 1136.261540][ T30] audit: type=1326 audit(1760719764.614:2412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15366 comm="syz.3.3301" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf70ed539 code=0x7ffc0000 [ 1136.283857][ C1] vkms_vblank_simulate: vblank timer overrun [ 1136.293741][ T30] audit: type=1326 audit(1760719764.614:2413): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15366 comm="syz.3.3301" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ed539 code=0x7ffc0000 [ 1136.316135][ C1] vkms_vblank_simulate: vblank timer overrun [ 1136.322884][ T30] audit: type=1326 audit(1760719764.614:2414): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15366 comm="syz.3.3301" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf70ed539 code=0x7ffc0000 [ 1136.473271][T11602] Bluetooth: hci1: Opcode 0x1003 failed: -110 [ 1136.480003][T15208] Bluetooth: hci1: command 0x1003 tx timeout [ 1137.183855][T15380] loop5: detected capacity change from 0 to 512 [ 1137.247993][T15380] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1137.261391][T15380] ext4 filesystem being mounted at /203/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 1137.580598][T15387] loop3: detected capacity change from 0 to 512 [ 1137.613858][T15387] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a843c198, mo2=0002] [ 1137.623311][T15387] System zones: 1-12 [ 1137.633242][T15387] EXT4-fs error (device loop3): ext4_iget_extra_inode:5075: inode #15: comm syz.3.3307: corrupted in-inode xattr: e_value size too large [ 1137.658404][T15387] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.3307: couldn't read orphan inode 15 (err -117) [ 1137.680321][T15387] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1137.896440][T14233] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1137.944321][T12216] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1138.409239][T15398] syz_tun: entered allmulticast mode [ 1138.431980][T15398] syz_tun: left allmulticast mode [ 1138.514776][T15398] dvmrp1: entered allmulticast mode [ 1140.443517][T15425] loop5: detected capacity change from 0 to 512 [ 1140.533873][T15425] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a843c198, mo2=0002] [ 1140.604197][T15425] System zones: 1-12 [ 1140.631362][T15425] EXT4-fs error (device loop5): ext4_iget_extra_inode:5075: inode #15: comm syz.5.3321: corrupted in-inode xattr: e_value size too large [ 1140.717790][T15425] EXT4-fs error (device loop5): ext4_orphan_get:1397: comm syz.5.3321: couldn't read orphan inode 15 (err -117) [ 1140.734687][T15425] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1140.928546][T15437] netlink: 'syz.1.3326': attribute type 1 has an invalid length. [ 1140.961668][T12216] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1141.055038][ T30] kauditd_printk_skb: 56 callbacks suppressed [ 1141.055116][ T30] audit: type=1326 audit(1760719769.454:2471): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15435 comm="syz.0.3325" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d539 code=0x7ffc0000 [ 1141.086693][ T30] audit: type=1326 audit(1760719769.454:2472): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15435 comm="syz.0.3325" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf706d539 code=0x7ffc0000 [ 1141.110641][ T30] audit: type=1326 audit(1760719769.454:2473): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15435 comm="syz.0.3325" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d539 code=0x7ffc0000 [ 1141.133355][ T30] audit: type=1326 audit(1760719769.454:2474): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15435 comm="syz.0.3325" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d539 code=0x7ffc0000 [ 1141.156026][ T30] audit: type=1326 audit(1760719769.514:2475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15435 comm="syz.0.3325" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d539 code=0x7ffc0000 [ 1141.160645][T15437] bond1: (slave vxcan3): The slave device specified does not support setting the MAC address [ 1141.178735][ T30] audit: type=1326 audit(1760719769.514:2476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15435 comm="syz.0.3325" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d539 code=0x7ffc0000 [ 1141.199429][T15437] bond1: (slave vxcan3): Error -95 calling set_mac_address [ 1141.238416][ T30] audit: type=1326 audit(1760719769.634:2477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15435 comm="syz.0.3325" exe="/root/syz-executor" sig=0 arch=40000003 syscall=179 compat=1 ip=0xf706d539 code=0x7ffc0000 [ 1141.261126][ T30] audit: type=1326 audit(1760719769.634:2478): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15435 comm="syz.0.3325" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d539 code=0x7ffc0000 [ 1141.284121][ T30] audit: type=1326 audit(1760719769.634:2479): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15435 comm="syz.0.3325" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d539 code=0x7ffc0000 [ 1141.309275][ T30] audit: type=1326 audit(1760719769.634:2480): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15435 comm="syz.0.3325" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d539 code=0x7ffc0000 [ 1141.550308][T15437] bond1: (slave gretap1): making interface the new active one [ 1141.561825][T15437] bond1: (slave gretap1): Enslaving as an active interface with an up link [ 1141.616816][T11387] bridge_slave_1: left allmulticast mode [ 1141.622977][T11387] bridge_slave_1: left promiscuous mode [ 1141.629833][T11387] bridge0: port 2(bridge_slave_1) entered disabled state [ 1141.733484][T11387] bridge_slave_0: left allmulticast mode [ 1141.739818][T11387] bridge_slave_0: left promiscuous mode [ 1141.746572][T11387] bridge0: port 1(bridge_slave_0) entered disabled state [ 1142.018368][T11387] bond1 (unregistering): (slave gretap1): Releasing active interface [ 1142.068880][T11387] dvmrp1 (unregistering): left allmulticast mode [ 1142.496619][T11387] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1142.552323][T11387] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1142.571397][T11387] bond0 (unregistering): Released all slaves [ 1142.595144][T11387] bond1 (unregistering): Released all slaves [ 1142.618559][T11387] bond2 (unregistering): Released all slaves [ 1142.645760][T11387] bond3 (unregistering): Released all slaves [ 1142.672139][T11387] bond4 (unregistering): Released all slaves [ 1142.744875][T11387] bond5 (unregistering): Released all slaves [ 1142.768126][T11387] bond6 (unregistering): Released all slaves [ 1142.890740][T15437] macvlan2: entered promiscuous mode [ 1142.896361][T15437] macvlan2: entered allmulticast mode [ 1142.905709][T15437] bond1: entered promiscuous mode [ 1142.911167][T15437] gretap1: entered promiscuous mode [ 1142.920653][T15437] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 1142.952958][T15437] bond1: (slave macvlan2): the slave hw address is in use by the bond; giving it the hw address of gretap1 [ 1143.016938][T15437] bond1: left promiscuous mode [ 1143.022591][T15437] gretap1: left promiscuous mode [ 1143.121295][T15460] loop3: detected capacity change from 0 to 512 [ 1143.161877][T15460] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 1143.562447][T15460] EXT4-fs (loop3): 1 orphan inode deleted [ 1143.573110][T15460] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1143.744771][T15460] ext4 filesystem being mounted at /57/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 1143.789014][ T4262] EXT4-fs error (device loop3): ext4_release_dquot:6981: comm kworker/u8:28: Failed to release dquot type 1 [ 1144.554444][T11387] hsr_slave_0: left promiscuous mode [ 1144.585491][T11387] hsr_slave_1: left promiscuous mode [ 1144.595012][T11387] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1144.619220][T14233] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1144.632146][T11387] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1145.024503][T11387] macvlan0 (unregistering): left allmulticast mode [ 1145.523674][T11387] team0 (unregistering): Port device team_slave_1 removed [ 1145.610331][T11387] team0 (unregistering): Port device team_slave_0 removed [ 1146.058332][ T30] kauditd_printk_skb: 103 callbacks suppressed [ 1146.058414][ T30] audit: type=1326 audit(1760719774.454:2583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15487 comm="syz.2.3342" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f01539 code=0x7ffc0000 [ 1146.089415][ T30] audit: type=1326 audit(1760719774.454:2584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15487 comm="syz.2.3342" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01539 code=0x7ffc0000 [ 1146.112971][ T30] audit: type=1326 audit(1760719774.464:2585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15487 comm="syz.2.3342" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01539 code=0x7ffc0000 [ 1146.138497][ T30] audit: type=1326 audit(1760719774.474:2586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15487 comm="syz.2.3342" exe="/root/syz-executor" sig=0 arch=40000003 syscall=179 compat=1 ip=0xf7f01539 code=0x7ffc0000 [ 1146.162236][ T30] audit: type=1326 audit(1760719774.474:2587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15487 comm="syz.2.3342" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01539 code=0x7ffc0000 [ 1146.184858][ T30] audit: type=1326 audit(1760719774.474:2588): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15487 comm="syz.2.3342" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01539 code=0x7ffc0000 [ 1146.209852][ T30] audit: type=1326 audit(1760719774.474:2589): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15487 comm="syz.2.3342" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01539 code=0x7ffc0000 [ 1146.235648][ T30] audit: type=1326 audit(1760719774.474:2590): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15487 comm="syz.2.3342" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01539 code=0x7ffc0000 [ 1146.260317][ T30] audit: type=1326 audit(1760719774.474:2591): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15487 comm="syz.2.3342" exe="/root/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf7f01539 code=0x7ffc0000 [ 1146.282961][ T30] audit: type=1326 audit(1760719774.474:2592): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15487 comm="syz.2.3342" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01539 code=0x7ffc0000 [ 1146.966384][T15497] netlink: 'syz.0.3345': attribute type 1 has an invalid length. [ 1147.242696][T15499] bond1: (slave vxcan3): The slave device specified does not support setting the MAC address [ 1147.258414][T15499] bond1: (slave vxcan3): Error -95 calling set_mac_address [ 1147.503430][T15497] bond1: (slave gretap1): making interface the new active one [ 1147.514735][T15497] bond1: (slave gretap1): Enslaving as an active interface with an up link [ 1147.613953][T15497] macvlan2: entered promiscuous mode [ 1147.619754][T15497] macvlan2: entered allmulticast mode [ 1147.628943][T15497] bond1: entered promiscuous mode [ 1147.634212][T15497] gretap1: entered promiscuous mode [ 1147.648639][T15497] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 1147.834118][T15497] bond1: (slave macvlan2): the slave hw address is in use by the bond; giving it the hw address of gretap1 [ 1147.994724][T15497] bond1: left promiscuous mode [ 1148.000352][T15497] gretap1: left promiscuous mode [ 1150.026916][T15533] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3358'. [ 1150.701669][T15540] netlink: 'syz.0.3361': attribute type 1 has an invalid length. [ 1150.820998][T15543] loop5: detected capacity change from 0 to 512 [ 1150.848176][T15546] bond2: (slave vxcan3): The slave device specified does not support setting the MAC address [ 1150.863330][T15546] bond2: (slave vxcan3): Error -95 calling set_mac_address [ 1150.947501][T15543] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a843c198, mo2=0002] [ 1151.002103][T15540] macvlan2: entered promiscuous mode [ 1151.007718][T15540] macvlan2: entered allmulticast mode [ 1151.021499][T15540] bond2: entered promiscuous mode [ 1151.029939][T15540] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 1151.043721][T15543] System zones: 1-12 [ 1151.080999][T15543] EXT4-fs error (device loop5): ext4_iget_extra_inode:5075: inode #15: comm syz.5.3363: corrupted in-inode xattr: e_value size too large [ 1151.135349][T15543] EXT4-fs error (device loop5): ext4_orphan_get:1397: comm syz.5.3363: couldn't read orphan inode 15 (err -117) [ 1151.162054][T15540] bond2: left promiscuous mode [ 1151.227818][T15543] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1151.652801][T12216] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1151.892966][ T30] kauditd_printk_skb: 104 callbacks suppressed [ 1151.893040][ T30] audit: type=1326 audit(1760719780.294:2697): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15559 comm="syz.0.3369" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d539 code=0x7ffc0000 [ 1151.923001][ T30] audit: type=1326 audit(1760719780.294:2698): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15559 comm="syz.0.3369" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d539 code=0x7ffc0000 [ 1151.949170][ T30] audit: type=1326 audit(1760719780.304:2699): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15559 comm="syz.0.3369" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf706d539 code=0x7ffc0000 [ 1152.018461][ T30] audit: type=1326 audit(1760719780.414:2700): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15559 comm="syz.0.3369" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d539 code=0x7ffc0000 [ 1152.044785][ T30] audit: type=1326 audit(1760719780.434:2701): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15559 comm="syz.0.3369" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d539 code=0x7ffc0000 [ 1152.077752][ T30] audit: type=1326 audit(1760719780.474:2702): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15559 comm="syz.0.3369" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf706d539 code=0x7ffc0000 [ 1152.100977][ T30] audit: type=1326 audit(1760719780.474:2703): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15559 comm="syz.0.3369" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d539 code=0x7ffc0000 [ 1152.124020][ T30] audit: type=1326 audit(1760719780.474:2704): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15559 comm="syz.0.3369" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d539 code=0x7ffc0000 [ 1152.149602][ T30] audit: type=1326 audit(1760719780.474:2705): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15559 comm="syz.0.3369" exe="/root/syz-executor" sig=0 arch=40000003 syscall=192 compat=1 ip=0xf706d539 code=0x7ffc0000 [ 1152.173236][ T30] audit: type=1326 audit(1760719780.474:2706): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15559 comm="syz.0.3369" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d539 code=0x7ffc0000 [ 1152.305573][T15569] loop3: detected capacity change from 0 to 1024 [ 1152.356506][T15569] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 1152.495476][T15569] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:483: comm syz.3.3373: Invalid block bitmap block 0 in block_group 0 [ 1152.516827][T15569] EXT4-fs error (device loop3): ext4_acquire_dquot:6945: comm syz.3.3373: Failed to acquire dquot type 0 [ 1152.536988][T15569] EXT4-fs error (device loop3): ext4_free_blocks:6706: comm syz.3.3373: Freeing blocks not in datazone - block = 0, count = 4096 [ 1152.601271][T15569] EXT4-fs error (device loop3): ext4_read_inode_bitmap:139: comm syz.3.3373: Invalid inode bitmap blk 0 in block_group 0 [ 1152.642621][T15569] EXT4-fs error (device loop3) in ext4_free_inode:361: Corrupt filesystem [ 1152.668988][ T69] EXT4-fs error (device loop3): ext4_release_dquot:6981: comm kworker/u8:4: Failed to release dquot type 0 [ 1152.713523][T15569] EXT4-fs (loop3): 1 orphan inode deleted [ 1152.721930][T15569] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1152.986249][T14233] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1153.404303][T15585] netlink: 'syz.2.3379': attribute type 1 has an invalid length. [ 1153.621147][T15590] bond1: (slave vxcan3): The slave device specified does not support setting the MAC address [ 1153.636369][T15590] bond1: (slave vxcan3): Error -95 calling set_mac_address [ 1153.873958][T15585] bond1: (slave gretap1): making interface the new active one [ 1153.889824][T15585] bond1: (slave gretap1): Enslaving as an active interface with an up link [ 1153.966173][T15591] macvlan2: entered promiscuous mode [ 1153.971945][T15591] macvlan2: entered allmulticast mode [ 1153.980969][T15591] bond1: entered promiscuous mode [ 1153.990189][T15591] gretap1: entered promiscuous mode [ 1154.001110][T15591] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 1154.072822][T15591] bond1: (slave macvlan2): the slave hw address is in use by the bond; giving it the hw address of gretap1 [ 1154.143349][T15591] bond1: left promiscuous mode [ 1154.149582][T15591] gretap1: left promiscuous mode [ 1156.051928][T15631] netlink: 40 bytes leftover after parsing attributes in process `syz.0.3395'. [ 1156.977595][ T1288] ieee802154 phy0 wpan0: encryption failed: -22 [ 1157.871653][T15649] syzkaller0: entered promiscuous mode [ 1157.881745][T15649] syzkaller0: entered allmulticast mode [ 1158.438974][ T30] kauditd_printk_skb: 211 callbacks suppressed [ 1158.439187][ T30] audit: type=1326 audit(1760719786.804:2915): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15653 comm="syz.5.3405" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f42539 code=0x7ffc0000 [ 1158.468749][ T30] audit: type=1326 audit(1760719786.804:2916): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15653 comm="syz.5.3405" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f42539 code=0x7ffc0000 [ 1158.789814][ T30] audit: type=1326 audit(1760719786.924:2917): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15653 comm="syz.5.3405" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f42539 code=0x7ffc0000 [ 1158.818281][ T30] audit: type=1326 audit(1760719786.924:2918): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15653 comm="syz.5.3405" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f42539 code=0x7ffc0000 [ 1158.842153][ T30] audit: type=1326 audit(1760719786.934:2919): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15653 comm="syz.5.3405" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f42539 code=0x7ffc0000 [ 1158.870999][ T30] audit: type=1326 audit(1760719786.934:2920): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15653 comm="syz.5.3405" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f42539 code=0x7ffc0000 [ 1158.893722][ T30] audit: type=1326 audit(1760719786.934:2921): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15653 comm="syz.5.3405" exe="/root/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf7f42539 code=0x7ffc0000 [ 1158.918858][ T30] audit: type=1326 audit(1760719786.944:2922): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15653 comm="syz.5.3405" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f42539 code=0x7ffc0000 [ 1158.942634][ T30] audit: type=1326 audit(1760719786.964:2923): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15653 comm="syz.5.3405" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f42539 code=0x7ffc0000 [ 1158.965459][ T30] audit: type=1326 audit(1760719786.964:2924): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15653 comm="syz.5.3405" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f42539 code=0x7ffc0000 [ 1159.845299][T15659] loop2: detected capacity change from 0 to 512 [ 1159.882541][T15661] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3408'. [ 1159.942619][T15659] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a843c198, mo2=0002] [ 1159.953959][T15659] System zones: 1-12 [ 1160.049876][T15659] EXT4-fs error (device loop2): ext4_iget_extra_inode:5075: inode #15: comm syz.2.3407: corrupted in-inode xattr: e_value size too large [ 1160.109385][T15659] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.3407: couldn't read orphan inode 15 (err -117) [ 1160.202940][T15659] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1160.932828][T14934] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1161.778520][T15686] syzkaller0: entered promiscuous mode [ 1161.784341][T15686] syzkaller0: entered allmulticast mode [ 1162.672756][T15696] netlink: 40 bytes leftover after parsing attributes in process `syz.3.3422'. [ 1163.329885][T15704] loop5: detected capacity change from 0 to 1024 [ 1163.344490][T15704] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 1163.393261][T15704] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:483: comm syz.5.3425: Invalid block bitmap block 0 in block_group 0 [ 1163.425364][T15704] EXT4-fs error (device loop5): ext4_acquire_dquot:6945: comm syz.5.3425: Failed to acquire dquot type 0 [ 1163.463601][T15704] EXT4-fs error (device loop5): ext4_free_blocks:6706: comm syz.5.3425: Freeing blocks not in datazone - block = 0, count = 4096 [ 1163.535030][T15704] EXT4-fs error (device loop5): ext4_read_inode_bitmap:139: comm syz.5.3425: Invalid inode bitmap blk 0 in block_group 0 [ 1163.561460][T11387] __quota_error: 297 callbacks suppressed [ 1163.561549][T11387] Quota error (device loop5): do_check_range: Getting block 0 out of range 1-7 [ 1163.577147][T11387] EXT4-fs error (device loop5): ext4_release_dquot:6981: comm kworker/u8:3: Failed to release dquot type 0 [ 1163.609902][T15704] EXT4-fs error (device loop5) in ext4_free_inode:361: Corrupt filesystem [ 1163.625947][T15704] EXT4-fs (loop5): 1 orphan inode deleted [ 1163.634471][T15704] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1163.859465][T12216] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1164.410620][T15718] syzkaller0: entered promiscuous mode [ 1164.416323][T15718] syzkaller0: entered allmulticast mode [ 1164.472414][T15724] netlink: 20 bytes leftover after parsing attributes in process `syz.3.3434'. [ 1164.579722][ T30] audit: type=1326 audit(1760719792.984:3220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15727 comm="syz.2.3435" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01539 code=0x7ffc0000 [ 1164.615997][ T30] audit: type=1326 audit(1760719793.004:3221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15727 comm="syz.2.3435" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01539 code=0x7ffc0000 [ 1164.689988][ T30] audit: type=1326 audit(1760719793.044:3222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15727 comm="syz.2.3435" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f01539 code=0x7ffc0000 [ 1164.712904][ T30] audit: type=1326 audit(1760719793.044:3223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15727 comm="syz.2.3435" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01539 code=0x7ffc0000 [ 1164.736100][ T30] audit: type=1326 audit(1760719793.044:3224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15727 comm="syz.2.3435" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01539 code=0x7ffc0000 [ 1164.761581][ T30] audit: type=1326 audit(1760719793.054:3225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15727 comm="syz.2.3435" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f01539 code=0x7ffc0000 [ 1164.785375][ T30] audit: type=1326 audit(1760719793.064:3226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15727 comm="syz.2.3435" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01539 code=0x7ffc0000 [ 1164.810289][ T30] audit: type=1326 audit(1760719793.074:3227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15727 comm="syz.2.3435" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f01539 code=0x7ffc0000 [ 1164.833721][ T30] audit: type=1326 audit(1760719793.074:3228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15727 comm="syz.2.3435" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01539 code=0x7ffc0000 [ 1165.883956][T15743] loop2: detected capacity change from 0 to 1024 [ 1165.924496][T15743] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 1166.039487][T15743] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:483: comm syz.2.3441: Invalid block bitmap block 0 in block_group 0 [ 1166.125732][T15743] EXT4-fs error (device loop2): ext4_acquire_dquot:6945: comm syz.2.3441: Failed to acquire dquot type 0 [ 1166.184662][T15743] EXT4-fs error (device loop2): ext4_free_blocks:6706: comm syz.2.3441: Freeing blocks not in datazone - block = 0, count = 4096 [ 1166.238788][T15743] EXT4-fs error (device loop2): ext4_read_inode_bitmap:139: comm syz.2.3441: Invalid inode bitmap blk 0 in block_group 0 [ 1166.268842][T11385] EXT4-fs error (device loop2): ext4_release_dquot:6981: comm kworker/u8:0: Failed to release dquot type 0 [ 1166.298168][T15743] EXT4-fs error (device loop2) in ext4_free_inode:361: Corrupt filesystem [ 1166.318497][T15743] EXT4-fs (loop2): 1 orphan inode deleted [ 1166.326674][T15743] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1166.618662][T14934] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1166.740714][T15759] syzkaller0: entered promiscuous mode [ 1166.746637][T15759] syzkaller0: entered allmulticast mode [ 1168.183302][T15782] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3457'. [ 1169.118104][T15795] syzkaller0: entered promiscuous mode [ 1169.123822][T15795] syzkaller0: entered allmulticast mode [ 1169.835121][T15811] netlink: 'syz.5.3470': attribute type 1 has an invalid length. [ 1169.949498][T15814] bond3: (slave vxcan3): The slave device specified does not support setting the MAC address [ 1169.967302][T15814] bond3: (slave vxcan3): Error -95 calling set_mac_address [ 1170.052670][T15811] macvlan2: entered promiscuous mode [ 1170.058377][T15811] macvlan2: entered allmulticast mode [ 1170.071738][T15811] bond3: entered promiscuous mode [ 1170.080228][T15811] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 1170.112673][ T30] kauditd_printk_skb: 314 callbacks suppressed [ 1170.112756][ T30] audit: type=1326 audit(1760719798.494:3540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15815 comm="syz.2.3472" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01539 code=0x7ffc0000 [ 1170.142255][ T30] audit: type=1326 audit(1760719798.494:3541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15815 comm="syz.2.3472" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01539 code=0x7ffc0000 [ 1170.196758][T15811] bond3: left promiscuous mode [ 1170.217794][ T30] audit: type=1326 audit(1760719798.584:3542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15815 comm="syz.2.3472" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01539 code=0x7ffc0000 [ 1170.240766][ T30] audit: type=1326 audit(1760719798.584:3543): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15815 comm="syz.2.3472" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01539 code=0x7ffc0000 [ 1170.263546][ T30] audit: type=1326 audit(1760719798.584:3544): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15815 comm="syz.2.3472" exe="/root/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf7f01539 code=0x7ffc0000 [ 1170.288406][ T30] audit: type=1326 audit(1760719798.584:3545): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15815 comm="syz.2.3472" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01539 code=0x7ffc0000 [ 1170.311988][ T30] audit: type=1326 audit(1760719798.584:3546): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15815 comm="syz.2.3472" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01539 code=0x7ffc0000 [ 1170.334851][ T30] audit: type=1326 audit(1760719798.584:3547): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15815 comm="syz.2.3472" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01539 code=0x7ffc0000 [ 1170.357425][ T30] audit: type=1326 audit(1760719798.584:3548): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15815 comm="syz.2.3472" exe="/root/syz-executor" sig=0 arch=40000003 syscall=425 compat=1 ip=0xf7f01539 code=0x7ffc0000 [ 1170.382828][ T30] audit: type=1326 audit(1760719798.594:3549): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15815 comm="syz.2.3472" exe="/root/syz-executor" sig=0 arch=40000003 syscall=192 compat=1 ip=0xf7f01539 code=0x7ffc0000 [ 1171.314577][T15831] loop2: detected capacity change from 0 to 1024 [ 1171.353009][T15831] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 1171.481755][T15831] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:483: comm syz.2.3474: Invalid block bitmap block 0 in block_group 0 [ 1171.507709][T15831] EXT4-fs error (device loop2): ext4_acquire_dquot:6945: comm syz.2.3474: Failed to acquire dquot type 0 [ 1171.582151][T15831] EXT4-fs error (device loop2): ext4_free_blocks:6706: comm syz.2.3474: Freeing blocks not in datazone - block = 0, count = 4096 [ 1171.598346][T15831] EXT4-fs error (device loop2): ext4_read_inode_bitmap:139: comm syz.2.3474: Invalid inode bitmap blk 0 in block_group 0 [ 1171.621803][T15831] EXT4-fs error (device loop2) in ext4_free_inode:361: Corrupt filesystem [ 1171.632392][ T69] EXT4-fs error (device loop2): ext4_release_dquot:6981: comm kworker/u8:4: Failed to release dquot type 0 [ 1171.651621][T15831] EXT4-fs (loop2): 1 orphan inode deleted [ 1171.660292][T15831] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1172.104091][T14934] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1172.496373][T15857] netlink: 'syz.1.3486': attribute type 1 has an invalid length. [ 1172.682884][T15859] bond2: (slave vxcan3): The slave device specified does not support setting the MAC address [ 1172.702499][T15859] bond2: (slave vxcan3): Error -95 calling set_mac_address [ 1172.859234][T15857] macvlan2: entered promiscuous mode [ 1172.864768][T15857] macvlan2: entered allmulticast mode [ 1172.873879][T15857] bond2: entered promiscuous mode [ 1172.882335][T15857] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 1172.974807][T15857] bond2: left promiscuous mode [ 1173.619216][T15874] netlink: 'syz.3.3491': attribute type 27 has an invalid length. [ 1173.627793][T15874] veth0_to_bridge: left promiscuous mode [ 1173.633946][T15874] veth0_to_bridge: left allmulticast mode [ 1173.689241][T15874] team_slave_0: left promiscuous mode [ 1173.695073][T15874] team_slave_0: left allmulticast mode [ 1174.389329][T15208] Bluetooth: hci2: command 0x0406 tx timeout [ 1174.745942][T15885] syzkaller0: entered promiscuous mode [ 1174.751953][T15885] syzkaller0: entered allmulticast mode [ 1174.943547][T15890] loop2: detected capacity change from 0 to 1024 [ 1175.068735][T15890] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1175.401702][T15894] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 1175.673579][T14934] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1175.828546][T15903] netlink: 'syz.0.3500': attribute type 1 has an invalid length. [ 1176.088331][T15903] bond3: (slave vxcan3): The slave device specified does not support setting the MAC address [ 1176.103828][T15903] bond3: (slave vxcan3): Error -95 calling set_mac_address [ 1176.192954][T15913] macvlan2: entered promiscuous mode [ 1176.198812][T15913] macvlan2: entered allmulticast mode [ 1176.213378][T15913] bond3: entered promiscuous mode [ 1176.221740][T15913] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 1176.275400][T15913] bond3: left promiscuous mode [ 1176.385929][T15916] tipc: Started in network mode [ 1176.391709][T15916] tipc: Node identity 520e9b36d081, cluster identity 4711 [ 1176.400152][T15916] tipc: Enabled bearer , priority 0 [ 1176.450815][T15912] syzkaller0: entered promiscuous mode [ 1176.456602][T15912] syzkaller0: entered allmulticast mode [ 1176.565333][T15912] tipc: Resetting bearer [ 1176.579010][T15911] tipc: Resetting bearer [ 1176.630275][T15911] tipc: Disabling bearer [ 1176.643614][T15918] netlink: 'syz.5.3505': attribute type 27 has an invalid length. [ 1177.382696][T15928] loop2: detected capacity change from 0 to 1024 [ 1177.396979][ T30] kauditd_printk_skb: 257 callbacks suppressed [ 1177.397060][ T30] audit: type=1326 audit(1760719805.794:3804): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15930 comm="syz.0.3511" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d539 code=0x7ffc0000 [ 1177.426398][ T30] audit: type=1326 audit(1760719805.794:3805): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15930 comm="syz.0.3511" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d539 code=0x7ffc0000 [ 1177.453751][ T30] audit: type=1326 audit(1760719805.854:3806): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15930 comm="syz.0.3511" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d539 code=0x7ffc0000 [ 1177.479879][ T30] audit: type=1326 audit(1760719805.854:3807): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15930 comm="syz.0.3511" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d539 code=0x7ffc0000 [ 1177.502719][ T30] audit: type=1326 audit(1760719805.884:3808): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15930 comm="syz.0.3511" exe="/root/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf706d539 code=0x7ffc0000 [ 1177.526352][ T30] audit: type=1326 audit(1760719805.884:3809): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15930 comm="syz.0.3511" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d539 code=0x7ffc0000 [ 1177.551609][ T30] audit: type=1326 audit(1760719805.884:3810): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15930 comm="syz.0.3511" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d539 code=0x7ffc0000 [ 1177.575228][ T30] audit: type=1326 audit(1760719805.884:3811): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15930 comm="syz.0.3511" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d539 code=0x7ffc0000 [ 1177.576151][T15928] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 1177.598118][ T30] audit: type=1326 audit(1760719805.884:3812): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15930 comm="syz.0.3511" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d539 code=0x7ffc0000 [ 1177.598373][ T30] audit: type=1326 audit(1760719805.934:3813): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15930 comm="syz.0.3511" exe="/root/syz-executor" sig=0 arch=40000003 syscall=425 compat=1 ip=0xf706d539 code=0x7ffc0000 [ 1177.729081][ T69] bridge_slave_1: left allmulticast mode [ 1177.735116][ T69] bridge_slave_1: left promiscuous mode [ 1177.742061][ T69] bridge0: port 2(bridge_slave_1) entered disabled state [ 1177.862375][ T69] bridge_slave_0: left allmulticast mode [ 1177.872104][ T69] bridge_slave_0: left promiscuous mode [ 1177.878968][ T69] bridge0: port 1(bridge_slave_0) entered disabled state [ 1177.905331][T15928] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:483: comm syz.2.3509: Invalid block bitmap block 0 in block_group 0 [ 1177.970151][T15928] EXT4-fs error (device loop2): ext4_acquire_dquot:6945: comm syz.2.3509: Failed to acquire dquot type 0 [ 1178.102082][T15928] EXT4-fs error (device loop2): ext4_free_blocks:6706: comm syz.2.3509: Freeing blocks not in datazone - block = 0, count = 4096 [ 1178.185804][T15928] EXT4-fs error (device loop2): ext4_read_inode_bitmap:139: comm syz.2.3509: Invalid inode bitmap blk 0 in block_group 0 [ 1178.290740][T15928] EXT4-fs error (device loop2) in ext4_free_inode:361: Corrupt filesystem [ 1178.334293][ T3663] EXT4-fs error (device loop2): ext4_release_dquot:6981: comm kworker/u8:15: Failed to release dquot type 0 [ 1178.347849][T15928] EXT4-fs (loop2): 1 orphan inode deleted [ 1178.362868][T15928] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1178.825758][ T69] bond1 (unregistering): (slave gretap1): Releasing active interface [ 1178.925150][ T69] dvmrp1 (unregistering): left allmulticast mode [ 1179.020700][T14934] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1179.563055][T15960] netlink: 'syz.1.3518': attribute type 27 has an invalid length. [ 1179.614522][T15964] netlink: 'syz.2.3517': attribute type 1 has an invalid length. [ 1179.841810][ T69] $Hÿ (unregistering): (slave bond_slave_0): Releasing backup interface [ 1179.861192][ T69] bond_slave_0: left promiscuous mode [ 1179.876963][ T69] $Hÿ (unregistering): (slave bond_slave_1): Releasing backup interface [ 1179.887603][ T69] bond_slave_1: left promiscuous mode [ 1179.902879][ T69] $Hÿ (unregistering): Released all slaves [ 1179.926678][ T69] bond1 (unregistering): Released all slaves [ 1179.952433][ T69] bond2 (unregistering): Released all slaves [ 1179.974863][ T69] bond3 (unregistering): Released all slaves [ 1180.028119][ T69] bond4 (unregistering): Released all slaves [ 1180.055450][ T69] bond5 (unregistering): Released all slaves [ 1180.115541][ T69] bond6 (unregistering): Released all slaves [ 1180.138325][ T69] bond7 (unregistering): Released all slaves [ 1180.196759][ T69] bond8 (unregistering): Released all slaves [ 1180.222976][ T69] bond9 (unregistering): Released all slaves [ 1180.295394][ T69] bond10 (unregistering): Released all slaves [ 1180.322867][ T69] bond0 (unregistering): Released all slaves [ 1180.344229][ T69] bond11 (unregistering): Released all slaves [ 1180.366398][ T69] bond12 (unregistering): Released all slaves [ 1180.712227][T15960] gre0: left promiscuous mode [ 1180.724226][T15960] gre0: left allmulticast mode [ 1180.898076][T15960] bridge0: port 2(bridge_slave_1) entered disabled state [ 1180.908214][T15960] bridge0: port 1(bridge_slave_0) entered disabled state [ 1181.204786][T15978] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3521'. [ 1181.259336][T15960] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1181.289779][T15960] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1181.966129][T15960] bond0: left allmulticast mode [ 1181.971724][T15960] bond_slave_0: left allmulticast mode [ 1181.977512][T15960] bond_slave_1: left allmulticast mode [ 1181.983392][T15960] bond0: left promiscuous mode [ 1181.988743][T15960] bond_slave_0: left promiscuous mode [ 1181.995629][T15960] bond_slave_1: left promiscuous mode [ 1182.010098][T15960] macvtap1: left promiscuous mode [ 1182.015466][T15960] macvtap1: left allmulticast mode [ 1182.039667][T15964] workqueue: Failed to create a rescuer kthread for wq "bond2": -EINTR [ 1182.198172][T15973] tipc: Started in network mode [ 1182.212806][T15973] tipc: Node identity e2e5a6be181d, cluster identity 4711 [ 1182.221309][T15973] tipc: Enabled bearer , priority 0 [ 1182.259717][T15974] syzkaller0: entered promiscuous mode [ 1182.265416][T15974] syzkaller0: entered allmulticast mode [ 1182.277309][ T69] tipc: Left network mode [ 1182.374783][T15979] tipc: Resetting bearer [ 1182.401776][T15971] tipc: Resetting bearer [ 1182.442389][T15971] tipc: Disabling bearer [ 1182.499303][ T3618] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 1182.542398][ T3618] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 1182.631873][ T3618] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 1182.808684][ T3618] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 1183.056864][T15990] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3525'. [ 1183.265444][ T69] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1183.277401][ T69] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1183.333612][ T69] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1183.341721][ T69] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1183.407355][ T69] veth1_macvtap: left promiscuous mode [ 1183.413357][ T69] veth0_macvtap: left promiscuous mode [ 1183.419477][ T69] veth1_vlan: left allmulticast mode [ 1183.425077][ T69] veth1_vlan: left promiscuous mode [ 1183.430894][ T69] veth0_vlan: left promiscuous mode [ 1183.898854][ T69] pim6reg (unregistering): left allmulticast mode [ 1184.272442][ T69] macvlan0 (unregistering): left allmulticast mode [ 1184.589532][ T69] team0 (unregistering): Port device team_slave_1 removed [ 1184.718403][ T69] team0 (unregistering): Port device team_slave_0 removed [ 1184.765905][T16005] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3532'. [ 1185.072247][T15998] workqueue: Failed to create a rescuer kthread for wq "bond4": -EINTR [ 1185.857014][T16017] netlink: 'syz.5.3534': attribute type 1 has an invalid length. [ 1186.085352][T16017] macvlan2: entered promiscuous mode [ 1186.091053][T16017] macvlan2: entered allmulticast mode [ 1186.101272][T16017] bond4: entered promiscuous mode [ 1186.109697][T16017] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 1186.126273][T16017] bond4: left promiscuous mode [ 1186.530989][T16029] netlink: 32 bytes leftover after parsing attributes in process `syz.3.3536'. [ 1186.612176][T16030] tipc: Started in network mode [ 1186.617488][T16030] tipc: Node identity 0a894494e3b2, cluster identity 4711 [ 1186.625874][T16030] tipc: Enabled bearer , priority 0 [ 1186.720937][T16030] syzkaller0: entered promiscuous mode [ 1186.726851][T16030] syzkaller0: entered allmulticast mode [ 1186.812370][T16030] tipc: Resetting bearer [ 1186.843582][T16028] tipc: Resetting bearer [ 1186.882726][T16028] tipc: Disabling bearer [ 1187.102925][T16035] loop3: detected capacity change from 0 to 512 [ 1187.264291][T16035] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1187.280754][T16035] ext4 filesystem being mounted at /102/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 1187.489285][ T30] kauditd_printk_skb: 67 callbacks suppressed [ 1187.489363][ T30] audit: type=1326 audit(1760719815.894:3878): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16038 comm="syz.1.3540" exe="/root/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf70fd539 code=0x0 [ 1187.517685][ C0] vkms_vblank_simulate: vblank timer overrun [ 1187.689962][T14233] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1187.931482][T16054] loop2: detected capacity change from 0 to 256 [ 1188.376607][T16058] netlink: 'syz.3.3548': attribute type 1 has an invalid length. [ 1188.528928][T16062] bond2: (slave vxcan3): The slave device specified does not support setting the MAC address [ 1188.543476][T16062] bond2: (slave vxcan3): Error -95 calling set_mac_address [ 1188.673289][T16061] syzkaller0: entered promiscuous mode [ 1188.681049][T16061] syzkaller0: entered allmulticast mode [ 1188.733409][T16065] macvlan2: entered promiscuous mode [ 1188.739134][T16065] macvlan2: entered allmulticast mode [ 1188.748105][T16065] bond2: entered promiscuous mode [ 1188.756396][T16065] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 1188.822268][T16065] bond2: left promiscuous mode [ 1189.044723][T16066] netlink: 32 bytes leftover after parsing attributes in process `syz.0.3549'. [ 1189.664109][ T30] audit: type=1326 audit(1760719818.064:3879): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16076 comm="syz.5.3555" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f42539 code=0x7ffc0000 [ 1189.720803][T16078] tipc: Enabled bearer , priority 0 [ 1189.756233][T16078] syzkaller0: entered promiscuous mode [ 1189.761592][ T30] audit: type=1326 audit(1760719818.094:3880): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16076 comm="syz.5.3555" exe="/root/syz-executor" sig=0 arch=40000003 syscall=152 compat=1 ip=0xf7f42539 code=0x7ffc0000 [ 1189.762087][T16078] syzkaller0: entered allmulticast mode [ 1189.784050][ C0] vkms_vblank_simulate: vblank timer overrun [ 1189.902176][T16084] loop3: detected capacity change from 0 to 512 [ 1189.905629][T16078] tipc: Resetting bearer [ 1189.942527][T16077] tipc: Resetting bearer [ 1189.995258][T16077] tipc: Disabling bearer [ 1190.047199][T16084] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1190.061747][T16084] ext4 filesystem being mounted at /106/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 1190.529767][T14233] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1190.740605][ T30] audit: type=1326 audit(1760719819.124:3881): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16090 comm="syz.2.3557" exe="/root/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f01539 code=0x0 [ 1191.427268][T16108] netlink: 'syz.0.3563': attribute type 1 has an invalid length. [ 1191.561991][T16110] bond4: (slave vxcan3): The slave device specified does not support setting the MAC address [ 1191.581888][T16110] bond4: (slave vxcan3): Error -95 calling set_mac_address [ 1191.725765][T16113] macvlan2: entered promiscuous mode [ 1191.732322][T16113] macvlan2: entered allmulticast mode [ 1191.741185][T16113] bond4: entered promiscuous mode [ 1191.749825][T16113] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 1191.806439][T16113] bond4: left promiscuous mode [ 1193.382031][ T30] audit: type=1326 audit(1760719821.774:3882): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16143 comm="syz.5.3574" exe="/root/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f42539 code=0x0 [ 1193.511442][ T30] audit: type=1326 audit(1760719821.914:3883): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16147 comm="syz.2.3575" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01539 code=0x7ffc0000 [ 1193.533864][ C0] vkms_vblank_simulate: vblank timer overrun [ 1193.620201][ T30] audit: type=1326 audit(1760719821.954:3884): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16147 comm="syz.2.3575" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01539 code=0x7ffc0000 [ 1193.643150][ T30] audit: type=1326 audit(1760719821.954:3885): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16147 comm="syz.2.3575" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f01539 code=0x7ffc0000 [ 1193.665502][ C0] vkms_vblank_simulate: vblank timer overrun [ 1193.672635][ T30] audit: type=1326 audit(1760719821.954:3886): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16147 comm="syz.2.3575" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01539 code=0x7ffc0000 [ 1193.695596][ T30] audit: type=1326 audit(1760719821.954:3887): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16147 comm="syz.2.3575" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01539 code=0x7ffc0000 [ 1193.718198][ C0] vkms_vblank_simulate: vblank timer overrun [ 1193.725622][ T30] audit: type=1326 audit(1760719821.964:3888): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16147 comm="syz.2.3575" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f01539 code=0x7ffc0000 [ 1193.748275][ C0] vkms_vblank_simulate: vblank timer overrun [ 1193.755306][ T30] audit: type=1326 audit(1760719821.974:3889): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16147 comm="syz.2.3575" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01539 code=0x7ffc0000 [ 1193.778226][ T30] audit: type=1326 audit(1760719821.974:3890): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16147 comm="syz.2.3575" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f01539 code=0x7ffc0000 [ 1193.800657][ C0] vkms_vblank_simulate: vblank timer overrun [ 1193.807242][ T30] audit: type=1326 audit(1760719821.974:3891): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16147 comm="syz.2.3575" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01539 code=0x7ffc0000 [ 1194.261331][T16156] loop2: detected capacity change from 0 to 764 [ 1194.291562][T16156] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 1194.796803][T16161] syzkaller0: entered promiscuous mode [ 1194.802831][T16161] syzkaller0: entered allmulticast mode [ 1195.101585][T16166] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3572'. [ 1195.911849][T16175] sd 0:0:1:0: device reset [ 1196.117248][T16178] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3587'. [ 1196.250882][T16178] veth0: entered promiscuous mode [ 1196.257669][T16178] veth0: left promiscuous mode [ 1198.381143][T16203] syzkaller0: entered promiscuous mode [ 1198.386942][T16203] syzkaller0: entered allmulticast mode [ 1198.828346][ T5866] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 1199.008408][ T5866] usb 2-1: Using ep0 maxpacket: 32 [ 1199.040384][ T5866] usb 2-1: New USB device found, idVendor=17cc, idProduct=1020, bcdDevice=b4.bf [ 1199.052404][ T5866] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1199.061779][ T5866] usb 2-1: Product: syz [ 1199.066175][ T5866] usb 2-1: Manufacturer: syz [ 1199.071247][ T5866] usb 2-1: SerialNumber: syz [ 1199.140360][ T5866] usb 2-1: config 0 descriptor?? [ 1199.365223][ T5866] snd-usb-audio 2-1:0.0: probe with driver snd-usb-audio failed with error -71 [ 1199.393085][ T5866] usb 2-1: USB disconnect, device number 3 [ 1199.847659][T16213] loop5: detected capacity change from 0 to 512 [ 1199.953584][T16213] EXT4-fs (loop5): revision level too high, forcing read-only mode [ 1200.014210][T16213] EXT4-fs (loop5): orphan cleanup on readonly fs [ 1200.107639][T16213] EXT4-fs error (device loop5): ext4_do_update_inode:5632: inode #16: comm syz.5.3600: corrupted inode contents [ 1200.130464][T16213] EXT4-fs (loop5): Remounting filesystem read-only [ 1200.152471][T16213] EXT4-fs (loop5): 1 truncate cleaned up [ 1200.176596][ T3618] EXT4-fs (loop5): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 1200.187776][ T3618] __quota_error: 16 callbacks suppressed [ 1200.193697][ T3618] Quota error (device loop5): write_blk: dquota write failed [ 1200.201534][ T3618] Quota error (device loop5): remove_free_dqentry: Can't write block (5) with free entries [ 1200.211935][ T3618] EXT4-fs (loop5): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 1200.222827][ T3618] Quota error (device loop5): write_blk: dquota write failed [ 1200.230548][ T3618] Quota error (device loop5): free_dqentry: Can't move quota data block (5) to free list [ 1200.241021][ T3618] EXT4-fs (loop5): Quota write (off=8, len=24) cancelled because transaction is not started [ 1200.251575][ T3618] Quota error (device loop5): v2_write_file_info: Can't write info structure [ 1200.261173][ T3618] Quota error (device loop5): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 1200.431601][T16213] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 1200.761142][T12216] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1201.186708][T16222] loop3: detected capacity change from 0 to 764 [ 1201.252481][T16222] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 1201.937377][ T30] audit: type=1326 audit(1760719830.334:3908): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16229 comm="syz.3.3605" exe="/root/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf70ed539 code=0x0 [ 1202.485101][T16236] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3607'. [ 1202.533735][T16236] bond_slave_0: entered promiscuous mode [ 1202.539867][T16236] bond_slave_1: entered promiscuous mode [ 1202.546047][T16236] macvtap1: entered promiscuous mode [ 1202.551705][T16236] bond0: entered promiscuous mode [ 1202.560454][T16236] macvtap1: entered allmulticast mode [ 1202.566063][T16236] bond0: entered allmulticast mode [ 1202.571609][T16236] bond_slave_0: entered allmulticast mode [ 1202.577550][T16236] bond_slave_1: entered allmulticast mode [ 1202.589796][T16236] 8021q: adding VLAN 0 to HW filter on device macvtap1 [ 1203.296901][ T30] audit: type=1326 audit(1760719831.684:3909): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16240 comm="syz.3.3609" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ed539 code=0x7ffc0000 [ 1203.398632][ T30] audit: type=1326 audit(1760719831.724:3910): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16240 comm="syz.3.3609" exe="/root/syz-executor" sig=0 arch=40000003 syscall=104 compat=1 ip=0xf70ed539 code=0x7ffc0000 [ 1203.421386][ T30] audit: type=1326 audit(1760719831.724:3911): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16240 comm="syz.3.3609" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ed539 code=0x7ffc0000 [ 1205.108320][T15208] Bluetooth: hci4: command 0x0406 tx timeout [ 1205.203375][T16273] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 1205.246446][T16272] tipc: Enabled bearer , priority 0 [ 1205.263239][T16272] syzkaller0: entered promiscuous mode [ 1205.269283][T16272] syzkaller0: entered allmulticast mode [ 1205.337230][T16270] tipc: Resetting bearer [ 1205.381537][T16270] tipc: Disabling bearer [ 1205.614539][ T30] kauditd_printk_skb: 20 callbacks suppressed [ 1205.614621][ T30] audit: type=1326 audit(1760719834.014:3932): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16274 comm="syz.3.3622" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ed539 code=0x7ffc0000 [ 1205.718669][ T30] audit: type=1326 audit(1760719834.054:3933): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16274 comm="syz.3.3622" exe="/root/syz-executor" sig=0 arch=40000003 syscall=104 compat=1 ip=0xf70ed539 code=0x7ffc0000 [ 1205.741814][ T30] audit: type=1326 audit(1760719834.054:3934): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16274 comm="syz.3.3622" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ed539 code=0x7ffc0000 [ 1205.764747][ T30] audit: type=1326 audit(1760719834.064:3935): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16274 comm="syz.3.3622" exe="/root/syz-executor" sig=0 arch=40000003 syscall=321 compat=1 ip=0xf70ed539 code=0x7ffc0000 [ 1205.787449][ T30] audit: type=1326 audit(1760719834.064:3936): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16274 comm="syz.3.3622" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ed539 code=0x7ffc0000 [ 1205.812224][ T30] audit: type=1326 audit(1760719834.064:3937): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16274 comm="syz.3.3622" exe="/root/syz-executor" sig=0 arch=40000003 syscall=39 compat=1 ip=0xf70ed539 code=0x7ffc0000 [ 1205.835906][ T30] audit: type=1326 audit(1760719834.064:3938): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16274 comm="syz.3.3622" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ed539 code=0x7ffc0000 [ 1205.858643][ T30] audit: type=1326 audit(1760719834.064:3939): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16274 comm="syz.3.3622" exe="/root/syz-executor" sig=0 arch=40000003 syscall=6 compat=1 ip=0xf70ed539 code=0x7ffc0000 [ 1205.881166][ T30] audit: type=1326 audit(1760719834.064:3940): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16274 comm="syz.3.3622" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ed539 code=0x7ffc0000 [ 1205.904504][ T30] audit: type=1326 audit(1760719834.064:3941): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16274 comm="syz.3.3622" exe="/root/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf70ed539 code=0x7ffc0000 [ 1206.855676][T16255] loop2: detected capacity change from 0 to 8192 [ 1207.001185][T16255] loop2: p1 p2 p3 p4[DM] [ 1207.005992][T16255] loop2: p1 size 835329 extends beyond EOD, truncated [ 1207.038804][T16255] loop2: p2 size 327680 extends beyond EOD, truncated [ 1207.060618][T16255] loop2: p3 start 1052673 is beyond EOD, truncated [ 1207.067411][T16255] loop2: p4 size 262144 extends beyond EOD, truncated [ 1208.939479][T16309] tipc: Started in network mode [ 1208.944659][T16309] tipc: Node identity 26c74ac9c356, cluster identity 4711 [ 1208.954121][T16309] tipc: Enabled bearer , priority 0 [ 1208.998557][T16312] syzkaller0: entered promiscuous mode [ 1209.004264][T16312] syzkaller0: entered allmulticast mode [ 1209.059507][T16307] tipc: Resetting bearer [ 1209.080888][T16307] tipc: Disabling bearer [ 1209.709629][T16320] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in; [ 1209.709629][T16320] program syz.2.3638 not setting count and/or reply_len properly [ 1210.867571][ T30] kauditd_printk_skb: 36 callbacks suppressed [ 1210.867648][ T30] audit: type=1326 audit(1760719839.264:3978): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16336 comm="syz.1.3644" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fd539 code=0x7ffc0000 [ 1210.958130][ T30] audit: type=1326 audit(1760719839.314:3979): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16336 comm="syz.1.3644" exe="/root/syz-executor" sig=0 arch=40000003 syscall=185 compat=1 ip=0xf70fd539 code=0x7ffc0000 [ 1210.981005][ T30] audit: type=1326 audit(1760719839.314:3980): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16336 comm="syz.1.3644" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fd539 code=0x7ffc0000 [ 1211.003805][ T30] audit: type=1326 audit(1760719839.314:3981): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16336 comm="syz.1.3644" exe="/root/syz-executor" sig=0 arch=40000003 syscall=363 compat=1 ip=0xf70fd539 code=0x7ffc0000 [ 1211.029180][ T30] audit: type=1326 audit(1760719839.314:3982): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16336 comm="syz.1.3644" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fd539 code=0x7ffc0000 [ 1211.052759][ T30] audit: type=1326 audit(1760719839.314:3983): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16336 comm="syz.1.3644" exe="/root/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf70fd539 code=0x7ffc0000 [ 1211.076473][ T30] audit: type=1326 audit(1760719839.314:3984): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16336 comm="syz.1.3644" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fd539 code=0x7ffc0000 [ 1211.099446][ T30] audit: type=1326 audit(1760719839.314:3985): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16336 comm="syz.1.3644" exe="/root/syz-executor" sig=0 arch=40000003 syscall=363 compat=1 ip=0xf70fd539 code=0x7ffc0000 [ 1211.122068][ T30] audit: type=1326 audit(1760719839.314:3986): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16336 comm="syz.1.3644" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fd539 code=0x7ffc0000 [ 1211.147292][ T30] audit: type=1326 audit(1760719839.324:3987): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16336 comm="syz.1.3644" exe="/root/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf70fd539 code=0x7ffc0000 [ 1211.345025][T16343] serio: Serial port ptm0 [ 1211.418603][T13259] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 1211.608969][T13259] usb 1-1: Using ep0 maxpacket: 32 [ 1211.674178][T13259] usb 1-1: New USB device found, idVendor=17cc, idProduct=1020, bcdDevice=b4.bf [ 1211.683783][T13259] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1211.692145][T13259] usb 1-1: Product: syz [ 1211.696508][T13259] usb 1-1: Manufacturer: syz [ 1211.701588][T13259] usb 1-1: SerialNumber: syz [ 1211.767541][T13259] usb 1-1: config 0 descriptor?? [ 1212.012262][T13259] snd-usb-audio 1-1:0.0: probe with driver snd-usb-audio failed with error -71 [ 1212.054087][T13259] usb 1-1: USB disconnect, device number 6 [ 1212.567403][T16349] loop2: detected capacity change from 0 to 4096 [ 1212.697293][T16349] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1213.045841][T14934] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1214.843034][T16377] loop0: detected capacity change from 0 to 1024 [ 1214.870021][T16377] EXT4-fs: Ignoring removed orlov option [ 1214.946862][T16377] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1215.032479][T16384] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.3659: bg 0: block 232: padding at end of block bitmap is not set [ 1215.085226][T16384] EXT4-fs (loop0): Remounting filesystem read-only [ 1215.112095][T16384] EXT4-fs (loop0): error restoring inline_data for inode -- potential data loss! (inode 12, error -30) [ 1215.210172][T16381] loop3: detected capacity change from 0 to 4096 [ 1215.333305][T16381] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1215.714466][T14233] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1215.859016][T14693] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1216.430690][ T30] kauditd_printk_skb: 12 callbacks suppressed [ 1216.430769][ T30] audit: type=1326 audit(1760719844.834:4000): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16396 comm="syz.3.3663" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ed539 code=0x7ffc0000 [ 1216.463560][ T30] audit: type=1326 audit(1760719844.834:4001): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16396 comm="syz.3.3663" exe="/root/syz-executor" sig=0 arch=40000003 syscall=185 compat=1 ip=0xf70ed539 code=0x7ffc0000 [ 1216.486392][ T30] audit: type=1326 audit(1760719844.834:4002): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16396 comm="syz.3.3663" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ed539 code=0x7ffc0000 [ 1216.509444][ T30] audit: type=1326 audit(1760719844.834:4003): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16396 comm="syz.3.3663" exe="/root/syz-executor" sig=0 arch=40000003 syscall=363 compat=1 ip=0xf70ed539 code=0x7ffc0000 [ 1216.532107][ T30] audit: type=1326 audit(1760719844.834:4004): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16396 comm="syz.3.3663" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ed539 code=0x7ffc0000 [ 1216.558848][ T30] audit: type=1326 audit(1760719844.864:4005): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16396 comm="syz.3.3663" exe="/root/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf70ed539 code=0x7ffc0000 [ 1216.581783][ T30] audit: type=1326 audit(1760719844.864:4006): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16396 comm="syz.3.3663" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ed539 code=0x7ffc0000 [ 1216.604466][ T30] audit: type=1326 audit(1760719844.894:4007): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16396 comm="syz.3.3663" exe="/root/syz-executor" sig=0 arch=40000003 syscall=363 compat=1 ip=0xf70ed539 code=0x7ffc0000 [ 1216.627181][ T30] audit: type=1326 audit(1760719844.894:4008): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16396 comm="syz.3.3663" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ed539 code=0x7ffc0000 [ 1216.649814][ T30] audit: type=1326 audit(1760719844.894:4009): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16396 comm="syz.3.3663" exe="/root/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf70ed539 code=0x7ffc0000 [ 1216.728477][T16400] lo speed is unknown, defaulting to 1000 [ 1216.734787][T16400] lo speed is unknown, defaulting to 1000 [ 1216.742189][T16400] lo speed is unknown, defaulting to 1000 [ 1216.805084][T16400] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98 [ 1216.932723][T16400] lo speed is unknown, defaulting to 1000 [ 1216.942031][T16400] lo speed is unknown, defaulting to 1000 [ 1216.951337][T16400] lo speed is unknown, defaulting to 1000 [ 1216.960457][T16400] lo speed is unknown, defaulting to 1000 [ 1217.070972][T16400] lo speed is unknown, defaulting to 1000 [ 1217.699076][T16400] lo speed is unknown, defaulting to 1000 [ 1218.518331][ T1288] ieee802154 phy0 wpan0: encryption failed: -22 [ 1219.545299][T16417] loop0: detected capacity change from 0 to 4096 [ 1219.633807][T16417] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1219.788237][T16426] loop3: detected capacity change from 0 to 512 [ 1219.818058][T16426] EXT4-fs: Ignoring removed nobh option [ 1219.844532][T16426] EXT4-fs error (device loop3): ext4_orphan_get:1392: inode #15: comm syz.3.3676: iget: bad i_size value: 38620345925642 [ 1219.864617][T16426] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.3676: couldn't read orphan inode 15 (err -117) [ 1219.881547][T16426] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1219.968675][T16426] EXT4-fs (loop3): shut down requested (2) [ 1220.138377][T14233] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1220.172790][T14693] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1220.861352][T16439] syzkaller0: entered promiscuous mode [ 1220.867053][T16439] syzkaller0: entered allmulticast mode [ 1221.787702][T16452] loop5: detected capacity change from 0 to 1024 [ 1221.848934][T16452] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 1221.904700][T16457] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3689'. [ 1221.914151][T16457] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3689'. [ 1221.949612][T16452] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:483: comm syz.5.3687: Invalid block bitmap block 0 in block_group 0 [ 1222.014002][ T30] kauditd_printk_skb: 18 callbacks suppressed [ 1222.014080][ T30] audit: type=1326 audit(1760719850.414:4028): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16460 comm="syz.3.3690" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ed539 code=0x7ffc0000 [ 1222.043217][ T30] audit: type=1326 audit(1760719850.414:4029): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16460 comm="syz.3.3690" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ed539 code=0x7ffc0000 [ 1222.049946][T16452] Quota error (device loop5): write_blk: dquota write failed [ 1222.078345][T16452] Quota error (device loop5): qtree_write_dquot: Error -117 occurred while creating quota [ 1222.092334][T16452] EXT4-fs error (device loop5): ext4_acquire_dquot:6945: comm syz.5.3687: Failed to acquire dquot type 0 [ 1222.190900][T16452] EXT4-fs error (device loop5): ext4_free_blocks:6706: comm syz.5.3687: Freeing blocks not in datazone - block = 0, count = 4096 [ 1222.228510][ T30] audit: type=1326 audit(1760719850.504:4030): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16460 comm="syz.3.3690" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ed539 code=0x7ffc0000 [ 1222.251593][ T30] audit: type=1326 audit(1760719850.514:4031): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16460 comm="syz.3.3690" exe="/root/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf70ed539 code=0x7ffc0000 [ 1222.253872][T16452] EXT4-fs error (device loop5): ext4_read_inode_bitmap:139: comm syz.5.3687: Invalid inode bitmap blk 0 in block_group 0 [ 1222.274067][ T30] audit: type=1326 audit(1760719850.514:4032): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16460 comm="syz.3.3690" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ed539 code=0x7ffc0000 [ 1222.274363][ T30] audit: type=1326 audit(1760719850.514:4033): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16460 comm="syz.3.3690" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ed539 code=0x7ffc0000 [ 1222.274597][ T30] audit: type=1326 audit(1760719850.514:4034): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16460 comm="syz.3.3690" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ed539 code=0x7ffc0000 [ 1222.274834][ T30] audit: type=1326 audit(1760719850.514:4035): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16460 comm="syz.3.3690" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ed539 code=0x7ffc0000 [ 1222.314555][T11387] EXT4-fs error (device loop5): ext4_release_dquot:6981: comm kworker/u8:3: Failed to release dquot type 0 [ 1222.528474][T16452] EXT4-fs error (device loop5) in ext4_free_inode:361: Corrupt filesystem [ 1222.558383][T16452] EXT4-fs (loop5): 1 orphan inode deleted [ 1222.566662][T16452] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1222.850299][T12216] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1223.474788][T16480] syzkaller0: entered promiscuous mode [ 1223.480761][T16480] syzkaller0: entered allmulticast mode [ 1224.092015][T16489] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3702'. [ 1224.101633][T16489] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3702'. [ 1224.825497][T16503] loop0: detected capacity change from 0 to 1024 [ 1224.843137][T16504] loop5: detected capacity change from 0 to 1024 [ 1224.879853][T16503] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 1224.893527][T16504] EXT4-fs: Ignoring removed orlov option [ 1224.965783][T16504] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1225.007614][T16503] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:483: comm syz.0.3707: Invalid block bitmap block 0 in block_group 0 [ 1225.087157][T16503] EXT4-fs error (device loop0): ext4_acquire_dquot:6945: comm syz.0.3707: Failed to acquire dquot type 0 [ 1225.149318][T16503] EXT4-fs error (device loop0): ext4_free_blocks:6706: comm syz.0.3707: Freeing blocks not in datazone - block = 0, count = 4096 [ 1225.211624][T16503] EXT4-fs error (device loop0): ext4_read_inode_bitmap:139: comm syz.0.3707: Invalid inode bitmap blk 0 in block_group 0 [ 1225.235646][T11388] EXT4-fs error (device loop0): ext4_release_dquot:6981: comm kworker/u8:5: Failed to release dquot type 0 [ 1225.249021][T16503] EXT4-fs error (device loop0) in ext4_free_inode:361: Corrupt filesystem [ 1225.264275][T16503] EXT4-fs (loop0): 1 orphan inode deleted [ 1225.273419][T16503] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1225.310617][T12216] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1225.363706][T16514] netlink: 'syz.1.3712': attribute type 1 has an invalid length. [ 1225.528055][T16516] bond3: (slave vxcan3): The slave device specified does not support setting the MAC address [ 1225.541993][T16516] bond3: (slave vxcan3): Error -95 calling set_mac_address [ 1225.575458][T14693] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1225.711993][T16519] macvlan2: entered promiscuous mode [ 1225.717552][T16519] macvlan2: entered allmulticast mode [ 1225.726421][T16519] bond3: entered promiscuous mode [ 1225.734647][T16519] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 1225.818440][T16523] loop3: detected capacity change from 0 to 512 [ 1225.839850][T16519] bond3: left promiscuous mode [ 1225.924052][T16523] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1225.937175][T16523] ext4 filesystem being mounted at /134/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 1226.018412][ T9322] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 1226.070517][T16530] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3717'. [ 1226.083030][T16530] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3717'. [ 1226.169049][T14233] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1226.200438][ T9322] usb 6-1: Using ep0 maxpacket: 32 [ 1226.248541][ T9322] usb 6-1: New USB device found, idVendor=17cc, idProduct=1020, bcdDevice=b4.bf [ 1226.258352][ T9322] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1226.266591][ T9322] usb 6-1: Product: syz [ 1226.271282][ T9322] usb 6-1: Manufacturer: syz [ 1226.276091][ T9322] usb 6-1: SerialNumber: syz [ 1226.329205][ T9322] usb 6-1: config 0 descriptor?? [ 1226.548570][ T9322] snd-usb-audio 6-1:0.0: probe with driver snd-usb-audio failed with error -71 [ 1226.581328][ T9322] usb 6-1: USB disconnect, device number 3 [ 1226.942182][T16541] bridge_slave_0: left allmulticast mode [ 1226.948719][T16541] bridge_slave_0: left promiscuous mode [ 1226.955941][T16541] bridge0: port 1(bridge_slave_0) entered disabled state [ 1227.010834][T16541] bridge_slave_1: left allmulticast mode [ 1227.016743][T16541] bridge_slave_1: left promiscuous mode [ 1227.023814][T16541] bridge0: port 2(bridge_slave_1) entered disabled state [ 1227.057209][T16545] netlink: 64 bytes leftover after parsing attributes in process `syz.0.3722'. [ 1227.074909][T16541] bond0: (slave bond_slave_0): Releasing backup interface [ 1227.135032][T16541] bond_slave_0: left allmulticast mode [ 1227.141873][T16541] bond_slave_0: left promiscuous mode [ 1227.216293][T16541] bond0: (slave bond_slave_1): Releasing backup interface [ 1227.266623][T16541] bond_slave_1: left allmulticast mode [ 1227.272732][T16541] bond_slave_1: left promiscuous mode [ 1227.399314][T16541] team0: Failed to send options change via netlink (err -105) [ 1227.411480][T16541] team0: Failed to send port change of device team_slave_0 via netlink (err -105) [ 1227.423029][T16541] team0: Port device team_slave_0 removed [ 1227.460215][T16541] team0: Failed to send options change via netlink (err -105) [ 1227.470970][T16541] team0: Failed to send port change of device team_slave_1 via netlink (err -105) [ 1227.482692][T16541] team0: Port device team_slave_1 removed [ 1227.494562][T16541] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1227.502434][T16541] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1227.605405][T16541] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1227.617367][T16541] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1227.650913][T16541] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check. [ 1227.775426][T16545] team0: Failed to send options change via netlink (err -105) [ 1227.783365][T16545] team0: Mode changed to "loadbalance" [ 1227.944628][ T30] kauditd_printk_skb: 114 callbacks suppressed [ 1227.944711][ T30] audit: type=1326 audit(1760719856.344:4146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16557 comm="syz.5.3727" exe="/root/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f42539 code=0x0 [ 1227.973045][ C1] vkms_vblank_simulate: vblank timer overrun [ 1228.106363][T16563] sch_fq: defrate 4294967295 ignored. [ 1228.218393][T16565] netlink: 'syz.1.3729': attribute type 1 has an invalid length. [ 1228.353624][T16569] bond4: (slave vxcan3): The slave device specified does not support setting the MAC address [ 1228.367270][T16569] bond4: (slave vxcan3): Error -95 calling set_mac_address [ 1228.479808][T16572] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3731'. [ 1228.489616][T16572] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3731'. [ 1228.585308][T16570] macvlan2: entered promiscuous mode [ 1228.591004][T16570] macvlan2: entered allmulticast mode [ 1228.600048][T16570] bond4: entered promiscuous mode [ 1228.608358][T16570] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 1228.654509][T16570] bond4: left promiscuous mode [ 1228.994022][ T30] audit: type=1326 audit(1760719857.394:4147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16580 comm="syz.3.3735" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ed539 code=0x7ffc0000 [ 1229.017709][ T30] audit: type=1326 audit(1760719857.394:4148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16580 comm="syz.3.3735" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ed539 code=0x7ffc0000 [ 1229.048071][ T30] audit: type=1326 audit(1760719857.394:4149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16580 comm="syz.3.3735" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ed539 code=0x7ffc0000 [ 1229.070389][ C1] vkms_vblank_simulate: vblank timer overrun [ 1229.077759][ T30] audit: type=1326 audit(1760719857.404:4150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16580 comm="syz.3.3735" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ed539 code=0x7ffc0000 [ 1229.100860][ T30] audit: type=1326 audit(1760719857.404:4151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16580 comm="syz.3.3735" exe="/root/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf70ed539 code=0x7ffc0000 [ 1229.123077][ C1] vkms_vblank_simulate: vblank timer overrun [ 1229.129890][ T30] audit: type=1326 audit(1760719857.404:4152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16580 comm="syz.3.3735" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ed539 code=0x7ffc0000 [ 1229.154856][ T30] audit: type=1326 audit(1760719857.414:4153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16580 comm="syz.3.3735" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ed539 code=0x7ffc0000 [ 1229.178679][ T30] audit: type=1326 audit(1760719857.414:4154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16580 comm="syz.3.3735" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ed539 code=0x7ffc0000 [ 1229.202285][ T30] audit: type=1326 audit(1760719857.414:4155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16580 comm="syz.3.3735" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ed539 code=0x7ffc0000 [ 1229.224594][ C1] vkms_vblank_simulate: vblank timer overrun [ 1230.726375][T16606] loop3: detected capacity change from 0 to 2048 [ 1230.795323][T16606] loop3: p3 p4 < > [ 1230.799933][T16606] loop3: p3 start 11362048 is beyond EOD, truncated [ 1230.845606][T16609] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3746'. [ 1230.855169][T16609] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3746'. [ 1232.256157][T16635] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3759'. [ 1232.265855][T16635] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3759'. [ 1232.346083][T16634] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3758'. [ 1232.740317][T16644] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3764'. [ 1232.794322][T16644] netlink: 660 bytes leftover after parsing attributes in process `syz.5.3764'. [ 1233.192721][ T30] kauditd_printk_skb: 58 callbacks suppressed [ 1233.192803][ T30] audit: type=1326 audit(1760719861.594:4214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16653 comm="syz.2.3767" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01539 code=0x7ffc0000 [ 1233.222096][ C1] vkms_vblank_simulate: vblank timer overrun [ 1233.232438][ T30] audit: type=1326 audit(1760719861.594:4215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16653 comm="syz.2.3767" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01539 code=0x7ffc0000 [ 1233.254868][ C1] vkms_vblank_simulate: vblank timer overrun [ 1233.288202][ T30] audit: type=1326 audit(1760719861.684:4216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16653 comm="syz.2.3767" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01539 code=0x7ffc0000 [ 1233.311163][ T30] audit: type=1326 audit(1760719861.684:4217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16653 comm="syz.2.3767" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01539 code=0x7ffc0000 [ 1233.333797][ T30] audit: type=1326 audit(1760719861.694:4218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16653 comm="syz.2.3767" exe="/root/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf7f01539 code=0x7ffc0000 [ 1233.355942][ C1] vkms_vblank_simulate: vblank timer overrun [ 1233.365333][ T30] audit: type=1326 audit(1760719861.694:4219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16653 comm="syz.2.3767" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01539 code=0x7ffc0000 [ 1233.387792][ C1] vkms_vblank_simulate: vblank timer overrun [ 1233.394975][ T30] audit: type=1326 audit(1760719861.694:4220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16653 comm="syz.2.3767" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01539 code=0x7ffc0000 [ 1233.455548][ T30] audit: type=1326 audit(1760719861.824:4221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16653 comm="syz.2.3767" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01539 code=0x7ffc0000 [ 1233.478622][ T30] audit: type=1326 audit(1760719861.824:4222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16653 comm="syz.2.3767" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01539 code=0x7ffc0000 [ 1233.501268][ T30] audit: type=1326 audit(1760719861.834:4223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16653 comm="syz.2.3767" exe="/root/syz-executor" sig=0 arch=40000003 syscall=179 compat=1 ip=0xf7f01539 code=0x7ffc0000 [ 1233.523768][ C1] vkms_vblank_simulate: vblank timer overrun [ 1233.686404][T16659] loop0: detected capacity change from 0 to 512 [ 1233.783559][T16659] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1233.797349][T16659] ext4 filesystem being mounted at /140/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 1234.009045][T16665] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3771'. [ 1234.176169][T16671] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3772'. [ 1234.186064][T16671] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3772'. [ 1234.204900][T14693] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1234.234073][T16674] loop2: detected capacity change from 0 to 512 [ 1234.288945][T16674] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 1234.343984][T16674] EXT4-fs (loop2): orphan cleanup on readonly fs [ 1234.424094][T16674] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.3771: bg 0: block 248: padding at end of block bitmap is not set [ 1234.510152][T16674] EXT4-fs error (device loop2): ext4_acquire_dquot:6945: comm syz.2.3771: Failed to acquire dquot type 1 [ 1234.555176][T16674] EXT4-fs (loop2): 1 truncate cleaned up [ 1234.569138][T16674] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 1234.932956][T16684] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3778'. [ 1235.057351][ T5866] hid-generic 0003:0003:0000.0034: unknown main item tag 0x0 [ 1235.065615][ T5866] hid-generic 0003:0003:0000.0034: unknown main item tag 0x0 [ 1235.073482][ T5866] hid-generic 0003:0003:0000.0034: unknown main item tag 0x0 [ 1235.081260][ T5866] hid-generic 0003:0003:0000.0034: unknown main item tag 0x0 [ 1235.092441][ T5866] hid-generic 0003:0003:0000.0034: unknown main item tag 0x0 [ 1235.101243][ T5866] hid-generic 0003:0003:0000.0034: unknown main item tag 0x0 [ 1235.109034][ T5866] hid-generic 0003:0003:0000.0034: unknown main item tag 0x0 [ 1235.116702][ T5866] hid-generic 0003:0003:0000.0034: unknown main item tag 0x0 [ 1235.124524][ T5866] hid-generic 0003:0003:0000.0034: unknown main item tag 0x0 [ 1235.132313][ T5866] hid-generic 0003:0003:0000.0034: unknown main item tag 0x0 [ 1235.149168][T16684] netlink: 660 bytes leftover after parsing attributes in process `syz.1.3778'. [ 1235.180150][ T5866] hid-generic 0003:0003:0000.0034: hidraw0: USB HID v0.00 Device [syz0] on syz1 [ 1235.540760][T14934] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1236.102261][T16703] loop0: detected capacity change from 0 to 512 [ 1236.196155][T16703] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1236.209813][T16703] ext4 filesystem being mounted at /143/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 1236.651637][T14693] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1236.990764][T16717] loop1: detected capacity change from 0 to 764 [ 1237.023533][T16717] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 1237.130305][T16720] netlink: 'syz.0.3791': attribute type 22 has an invalid length. [ 1237.261827][T16723] __nla_validate_parse: 2 callbacks suppressed [ 1237.261913][T16723] netlink: 660 bytes leftover after parsing attributes in process `syz.2.3793'. [ 1238.189431][T16740] loop3: detected capacity change from 0 to 512 [ 1238.284184][T16740] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1238.298350][T16740] ext4 filesystem being mounted at /153/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 1238.471359][ T30] kauditd_printk_skb: 114 callbacks suppressed [ 1238.471441][ T30] audit: type=1326 audit(1760719866.874:4336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16746 comm="syz.5.3803" exe="/root/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f42539 code=0x0 [ 1238.700733][T14233] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1238.722996][T16753] loop0: detected capacity change from 0 to 764 [ 1238.786010][T16753] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 1238.938503][T16759] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3808'. [ 1239.127686][T16759] netlink: 660 bytes leftover after parsing attributes in process `syz.3.3808'. [ 1239.667296][T16766] loop5: detected capacity change from 0 to 1024 [ 1239.716657][T16766] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 1239.790948][T16766] EXT4-fs (loop5): revision level too high, forcing read-only mode [ 1239.906173][T16766] EXT4-fs (loop5): orphan cleanup on readonly fs [ 1239.948397][T16766] Quota error (device loop5): v2_read_file_info: Block with free entry 1283 out of range (1, 6). [ 1239.960894][T16766] EXT4-fs warning (device loop5): ext4_enable_quotas:7180: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix. [ 1239.977031][T16766] EXT4-fs (loop5): Cannot turn on quotas: error -117 [ 1240.035596][T16766] EXT4-fs error (device loop5): ext4_free_blocks:6706: comm syz.5.3811: Freeing blocks not in datazone - block = 0, count = 4096 [ 1240.051773][T16766] EXT4-fs (loop5): 1 orphan inode deleted [ 1240.060455][T16766] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 1240.088165][ T30] audit: type=1326 audit(1760719868.484:4337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16771 comm="syz.1.3813" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fd539 code=0x7ffc0000 [ 1240.111673][ T30] audit: type=1326 audit(1760719868.484:4338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16771 comm="syz.1.3813" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fd539 code=0x7ffc0000 [ 1240.134638][ T30] audit: type=1326 audit(1760719868.494:4339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16771 comm="syz.1.3813" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fd539 code=0x7ffc0000 [ 1240.157362][ T30] audit: type=1326 audit(1760719868.494:4340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16771 comm="syz.1.3813" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fd539 code=0x7ffc0000 [ 1240.180612][ T30] audit: type=1326 audit(1760719868.494:4341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16771 comm="syz.1.3813" exe="/root/syz-executor" sig=0 arch=40000003 syscall=425 compat=1 ip=0xf70fd539 code=0x7ffc0000 [ 1240.203308][ T30] audit: type=1326 audit(1760719868.544:4342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16771 comm="syz.1.3813" exe="/root/syz-executor" sig=0 arch=40000003 syscall=192 compat=1 ip=0xf70fd539 code=0x7ffc0000 [ 1240.226830][ T30] audit: type=1326 audit(1760719868.564:4343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16771 comm="syz.1.3813" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fd539 code=0x7ffc0000 [ 1240.250091][ T30] audit: type=1326 audit(1760719868.564:4344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16771 comm="syz.1.3813" exe="/root/syz-executor" sig=0 arch=40000003 syscall=192 compat=1 ip=0xf70fd539 code=0x7ffc0000 [ 1240.482350][T12216] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1240.802634][T16781] loop2: detected capacity change from 0 to 512 [ 1240.939834][T16790] syz_tun: entered allmulticast mode [ 1241.072921][T16790] syz_tun: left allmulticast mode [ 1241.352475][T16787] lo speed is unknown, defaulting to 1000 [ 1241.505116][T16794] loop3: detected capacity change from 0 to 512 [ 1241.530677][T16781] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1241.546979][T16781] ext4 filesystem being mounted at /112/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 1241.666072][T16794] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1241.680054][T16794] ext4 filesystem being mounted at /157/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 1241.869340][T14934] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1242.185210][ T3663] ===================================================== [ 1242.192670][ T3663] BUG: KMSAN: uninit-value in n_tty_receive_buf_standard+0xafd/0x98a0 [ 1242.201530][ T3663] n_tty_receive_buf_standard+0xafd/0x98a0 [ 1242.207647][ T3663] n_tty_receive_buf_common+0x1a68/0x2540 [ 1242.213756][ T3663] n_tty_receive_buf2+0x4c/0x60 [ 1242.219016][ T3663] tty_ldisc_receive_buf+0xc6/0x2c0 [ 1242.224481][ T3663] tty_port_default_receive_buf+0xd7/0x1a0 [ 1242.230668][ T3663] flush_to_ldisc+0x43e/0xe30 [ 1242.235653][ T3663] process_scheduled_works+0xb91/0x1d80 [ 1242.241608][ T3663] worker_thread+0xedf/0x1590 [ 1242.246589][ T3663] kthread+0xd5c/0xf00 [ 1242.251793][ T3663] ret_from_fork+0x1f5/0x4c0 [ 1242.256727][ T3663] ret_from_fork_asm+0x1a/0x30 [ 1242.264833][ T3663] [ 1242.267277][ T3663] Uninit was stored to memory at: [ 1242.274054][ T3663] n_tty_receive_buf_standard+0xaf6/0x98a0 [ 1242.280437][ T3663] n_tty_receive_buf_common+0x1a68/0x2540 [ 1242.286435][ T3663] n_tty_receive_buf2+0x4c/0x60 [ 1242.291723][ T3663] tty_ldisc_receive_buf+0xc6/0x2c0 [ 1242.297156][ T3663] tty_port_default_receive_buf+0xd7/0x1a0 [ 1242.303903][ T3663] flush_to_ldisc+0x43e/0xe30 [ 1242.309244][ T3663] process_scheduled_works+0xb91/0x1d80 [ 1242.315019][ T3663] worker_thread+0xedf/0x1590 [ 1242.320060][ T3663] kthread+0xd5c/0xf00 [ 1242.324320][ T3663] ret_from_fork+0x1f5/0x4c0 [ 1242.329291][ T3663] ret_from_fork_asm+0x1a/0x30 [ 1242.334314][ T3663] [ 1242.336761][ T3663] Uninit was created at: [ 1242.341394][ T3663] __kmalloc_noprof+0xabb/0x1b40 [ 1242.346540][ T3663] __tty_buffer_request_room+0x3d4/0x7a0 [ 1242.352605][ T3663] __tty_insert_flip_string_flags+0x157/0x6f0 [ 1242.362275][ T3663] uart_insert_char+0x368/0x930 [ 1242.367348][ T3663] serial8250_read_char+0x1ba/0x670 [ 1242.373934][ T3663] serial8250_handle_irq+0x930/0x1110 [ 1242.379646][ T3663] serial8250_default_handle_irq+0x116/0x370 [ 1242.385899][ T3663] serial8250_interrupt+0xcb/0x430 [ 1242.391432][ T3663] __handle_irq_event_percpu+0x11e/0xf80 [ 1242.397301][ T3663] handle_irq_event+0xe0/0x2a0 [ 1242.402365][ T3663] handle_edge_irq+0x2a9/0xb50 [ 1242.407308][ T3663] __common_interrupt+0x9d/0x180 [ 1242.412670][ T3663] common_interrupt+0x94/0xb0 [ 1242.417664][ T3663] asm_common_interrupt+0x2b/0x40 [ 1242.423188][ T3663] [ 1242.425676][ T3663] CPU: 1 UID: 0 PID: 3663 Comm: kworker/u8:15 Tainted: G W syzkaller #0 PREEMPT(none) [ 1242.437198][ T3663] Tainted: [W]=WARN [ 1242.441204][ T3663] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1242.451710][ T3663] Workqueue: events_unbound flush_to_ldisc [ 1242.457769][ T3663] ===================================================== [ 1242.467749][ T3663] Disabling lock debugging due to kernel taint [ 1242.475263][ T3663] Kernel panic - not syncing: kmsan.panic set ... [ 1242.481979][ T3663] CPU: 1 UID: 0 PID: 3663 Comm: kworker/u8:15 Tainted: G B W syzkaller #0 PREEMPT(none) [ 1242.493358][ T3663] Tainted: [B]=BAD_PAGE, [W]=WARN [ 1242.498474][ T3663] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1242.508752][ T3663] Workqueue: events_unbound flush_to_ldisc [ 1242.514849][ T3663] Call Trace: [ 1242.518235][ T3663] [ 1242.521298][ T3663] __dump_stack+0x26/0x30 [ 1242.525801][ T3663] dump_stack_lvl+0x53/0x270 [ 1242.530576][ T3663] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 1242.536572][ T3663] dump_stack+0x1e/0x25 [ 1242.540891][ T3663] vpanic+0x435/0xd30 [ 1242.545126][ T3663] panic+0x15d/0x160 [ 1242.549239][ T3663] kmsan_report+0x31c/0x320 [ 1242.553907][ T3663] ? __msan_warning+0x1b/0x30 [ 1242.558748][ T3663] ? n_tty_receive_buf_standard+0xafd/0x98a0 [ 1242.564948][ T3663] ? n_tty_receive_buf_common+0x1a68/0x2540 [ 1242.571053][ T3663] ? n_tty_receive_buf2+0x4c/0x60 [ 1242.576284][ T3663] ? tty_ldisc_receive_buf+0xc6/0x2c0 [ 1242.581857][ T3663] ? tty_port_default_receive_buf+0xd7/0x1a0 [ 1242.588047][ T3663] ? flush_to_ldisc+0x43e/0xe30 [ 1242.593081][ T3663] ? process_scheduled_works+0xb91/0x1d80 [ 1242.599014][ T3663] ? worker_thread+0xedf/0x1590 [ 1242.604067][ T3663] ? kthread+0xd5c/0xf00 [ 1242.608453][ T3663] ? ret_from_fork+0x1f5/0x4c0 [ 1242.613405][ T3663] ? ret_from_fork_asm+0x1a/0x30 [ 1242.618539][ T3663] ? ret_from_fork_asm+0x1a/0x30 [ 1242.623671][ T3663] ? kmsan_internal_unpoison_memory+0x14/0x20 [ 1242.629969][ T3663] ? kmsan_get_metadata+0x150/0x160 [ 1242.635341][ T3663] ? kmsan_internal_set_shadow_origin+0x7a/0x110 [ 1242.641992][ T3663] ? kmsan_get_metadata+0x150/0x160 [ 1242.647368][ T3663] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 1242.653353][ T3663] ? n_tty_receive_char+0xfae/0x1440 [ 1242.658863][ T3663] ? kmsan_get_metadata+0xfb/0x160 [ 1242.664157][ T3663] __msan_warning+0x1b/0x30 [ 1242.668819][ T3663] n_tty_receive_buf_standard+0xafd/0x98a0 [ 1242.674906][ T3663] ? kmsan_get_metadata+0xfb/0x160 [ 1242.680195][ T3663] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 1242.686208][ T3663] ? kmsan_internal_set_shadow_origin+0x7a/0x110 [ 1242.692818][ T3663] n_tty_receive_buf_common+0x1a68/0x2540 [ 1242.698870][ T3663] n_tty_receive_buf2+0x4c/0x60 [ 1242.703940][ T3663] ? __pfx_n_tty_receive_buf2+0x10/0x10 [ 1242.709876][ T3663] tty_ldisc_receive_buf+0xc6/0x2c0 [ 1242.715281][ T3663] tty_port_default_receive_buf+0xd7/0x1a0 [ 1242.721299][ T3663] flush_to_ldisc+0x43e/0xe30 [ 1242.726202][ T3663] ? __pfx_tty_port_default_receive_buf+0x10/0x10 [ 1242.732827][ T3663] ? __pfx_flush_to_ldisc+0x10/0x10 [ 1242.738207][ T3663] process_scheduled_works+0xb91/0x1d80 [ 1242.744018][ T3663] worker_thread+0xedf/0x1590 [ 1242.748933][ T3663] kthread+0xd5c/0xf00 [ 1242.753161][ T3663] ? __pfx_worker_thread+0x10/0x10 [ 1242.758498][ T3663] ? __pfx_kthread+0x10/0x10 [ 1242.763239][ T3663] ret_from_fork+0x1f5/0x4c0 [ 1242.768044][ T3663] ? __pfx_kthread+0x10/0x10 [ 1242.772798][ T3663] ret_from_fork_asm+0x1a/0x30 [ 1242.777785][ T3663] [ 1242.781295][ T3663] Kernel Offset: disabled [ 1242.785713][ T3663] Rebooting in 86400 seconds..