last executing test programs: 4.285532492s ago: executing program 4 (id=1727): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 3.881402129s ago: executing program 4 (id=1730): r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) sendmsg$IPVS_CMD_SET_INFO(r1, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32, @ANYBLOB="01000000000000001c0012000c000100626f6e64"], 0x3c}}, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) getsockname$packet(r1, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000004c0)=ANY=[@ANYBLOB="580000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="46060900000000002800128009000100766c616e00000000180002800c0002001f0000001f000000060001000100000008000500", @ANYRES32=r3, @ANYBLOB='\b\x00\n\x00', @ANYRES32=r3], 0x58}, 0x1, 0x0, 0x0, 0x600}, 0x0) 3.358310832s ago: executing program 4 (id=1734): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000010c0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000240)='rss_stat\x00', r1, 0x0, 0x9}, 0x18) madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x15) 3.328793887s ago: executing program 1 (id=1735): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100000000001c000000000000ea04850000007b00000095"], &(0x7f0000000100)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0xe329d319fd1f7800, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00"/13], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x18, 0x0, 0x0, &(0x7f0000000680)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x62, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10) r2 = socket(0x2a, 0x2, 0x0) getsockname$packet(r2, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x38, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}, {0x0, 0xfff1}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0x4}}]}, 0x38}}, 0x0) sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000000c0)={0x0}}, 0x29a83a768e447add) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000003c0)=@newtfilter={0x44, 0x2c, 0xd27, 0x70bd2d, 0x20000000, {0x0, 0x0, 0x0, r3, {0x5, 0x2}, {}, {0x5, 0xffe0}}, [@filter_kind_options=@f_flower={{0xb}, {0x14, 0x2, [@TCA_FLOWER_CLASSID={0x8, 0x1, {0x0, 0x1}}, @TCA_FLOWER_FLAGS={0x8, 0x16, 0x2}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x8000}, 0x0) r4 = socket$netlink(0x10, 0x3, 0x0) sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000ff0f000007"], 0x50) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r5}, 0x10) mount_setattr(0xffffffffffffff9c, 0x0, 0x8100, 0x0, 0x0) r6 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x0, 0xc, &(0x7f0000000780)=ANY=[@ANYBLOB="18000000000000000000001801000080ffffffff78e1fcc38d9731b1195d3351cf77abbb013434e1ed71e9ff22b3d517883ea523f4765a3d27a0fd8d455c1c3b51bc433922f903f4b9071286383773a2ab13ba5d9382f2752756544103e9aa8c0e53f906f44d8bd9a7a9327c8a551240d799", @ANYRES32, @ANYBLOB="0000000000000000b70800000c0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000430000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa}, 0x94) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000001640)='kfree\x00', r7}, 0x10) syz_read_part_table(0x5c2, &(0x7f0000000000)="$eJzs2z1oU2sYB/AnavCil+vi5GQdnFwURzOoJFFRCNEu4qCgiBi4EEGIECjoYDO0NEPp2KUUsvRjapqhw6Wlhc6ldOil0KHTpV0KXZpL6Xv39vYDhN8PDg/v+/7Pec4znPEEv7QL8U+3281ERPfy8e/ubeULT2+WHpZfRWTiTUT0/PXH1MFJJiX+e+qttF5P67HRK53+nSfZ1trL3dtv5xsX0nlfuq6Ot3tPPBxnbiK3cO37j2pxoJb7tFqsb/5cWX4xuZ0vt583mlPPso/fp9xiqpdS/RK1+Baf411UohIfonpK/UdaG3f3bxRbMx8f7BU6g3P3Uq50wjmP2v9rz9DrZv3Rnenrw/drs0vlrYuHucr/+LoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADh/E7mFa99/VIsDtdyn1WJ98+fK8ovJ7Xy5/bzRnHqWffw+5RZTvZTql6jFt/gc76ISlfgQ1VPqP9LauLt/o9ia+fhgr9AZnLuXcqUTznnU/l97hl4364/uTF8fvl+bXSpvXTzMVS6f0QsAAAAAAAAAAAAAAAAAAABAROQLT2+WHpZfRWTiTUT8+fvczMF+N/3vnkm5W6mup/2x0Sud/p0n2dbay93bb+cbf6f9vt8i+iLi6ni799yH4dj+DQAA///B9JXf") setsockopt$SO_ATTACH_FILTER(r6, 0x1, 0x1a, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x6}]}, 0x10) io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000580), 0x0) bind$bt_hci(r6, &(0x7f0000000140)={0x1f, 0xffff, 0x2}, 0x6) r8 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x11) setsockopt$TIPC_GROUP_JOIN(r8, 0x10f, 0x87, &(0x7f00000000c0)={0x40, 0x2}, 0x10) 2.866618274s ago: executing program 0 (id=1739): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="7c0100001a0001000000000000000000fc000000000000000000000000000000ff01000000000000000000000000000100000000000008000000000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ac1414aa00000000000000000000000010000800330000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fdffffffffffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000440000f4ffffff00890001006d64350000000000000000000000000000008000"/209], 0x17c}}, 0x0) 2.811986962s ago: executing program 3 (id=1740): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000010001004900000001"], 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x182, 0x0) ioctl$TIOCGPTPEER(r1, 0x5441, 0x3) 2.427447837s ago: executing program 0 (id=1742): bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0, r0}, 0x18) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, 0x0, 0x0) 2.32580755s ago: executing program 3 (id=1743): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000000000d00000000080000000850000007d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000280)='netlink_extack\x00', r0}, 0x10) r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000000040)={0x3, 0x0, 0x0, 0x1, 0x7}, 0x4004000) 2.257761768s ago: executing program 1 (id=1744): r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) sendmsg$IPVS_CMD_SET_INFO(r1, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32, @ANYBLOB="01000000000000001c0012000c000100626f6e64"], 0x3c}}, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) getsockname$packet(r1, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000004c0)=ANY=[@ANYBLOB="580000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="46060900000000002800128009000100766c616e00000000180002800c0002001f0000001f000000060001000100000008000500", @ANYRES32=r3, @ANYBLOB='\b\x00\n\x00', @ANYRES32=r3], 0x58}, 0x1, 0x0, 0x0, 0x600}, 0x0) 2.11675852s ago: executing program 2 (id=1745): mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) openat$cgroup_procs(r0, &(0x7f0000000040)='cgroup.procs\x00', 0x2, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a00)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0xc94284a3061bb7fe, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1, 0x0, 0xffffffffffffffff}, 0x18) mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1) unlinkat(0xffffffffffffff9c, &(0x7f0000000000)='mnt/encrypted_dir\x00', 0x200) 1.935028093s ago: executing program 0 (id=1746): openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) io_pgetevents(0x0, 0x8000, 0x0, 0x0, 0x0, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000007c0)={0xa, 0x2, 0x0, @empty, 0x80000001}, 0x1c) setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4) sendto$inet6(r0, &(0x7f0000000340)="fb", 0x1, 0x20000845, &(0x7f0000b63fe4)={0xa, 0x2}, 0x1c) setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000100)={@in6={{0xa, 0x4e24, 0x0, @loopback, 0x1}}, 0x0, 0x0, 0x2, 0x0, "10baa70a93289349d889de25b87376f64276337642b890d33cb5b592266c5b98fb19402835fee1b3871b7ef6619db5b2a94edb6f73ea08b02aa3b47debd38b6d889a8c986b33eb49c3157f1f370dfd67"}, 0xd8) r1 = dup(r0) sendto$inet6(r1, &(0x7f0000000800), 0x0, 0x4041, 0x0, 0x0) 1.839744209s ago: executing program 3 (id=1747): syz_io_uring_setup(0xa4d, &(0x7f0000000480)={0x0, 0x0, 0x80, 0x1, 0x24f}, &(0x7f00000000c0)=0x0, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000785ceb2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10) syz_memcpy_off$IO_URING_METADATA_GENERIC(r0, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)=@ipv6_getanyicast={0x14, 0x3e, 0x400, 0x70bd26, 0x3, {}, [""]}, 0x14}, 0x1, 0x0, 0x0, 0x48000}, 0x1) r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000000c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r3}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000080)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2000000, 0x0, 0x0, 0x0, &(0x7f0000000000)) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='devpts\x00', 0x5, 0x0) mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000080)='./file0/../file0\x00', 0x0, 0x1adc51, 0x0) mount$tmpfs(0x0, &(0x7f0000000400)='./file0/../file0\x00', &(0x7f00000003c0), 0x200044, 0x0) umount2(&(0x7f00000002c0)='./file0/../file0\x00', 0x0) 1.724191661s ago: executing program 4 (id=1748): io_pgetevents(0x0, 0x8000, 0x0, 0x0, 0x0, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000007c0)={0xa, 0x2, 0x0, @empty, 0x80000001}, 0x1c) setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4) sendto$inet6(r0, &(0x7f0000000340)="fb", 0x1, 0x20000845, &(0x7f0000b63fe4)={0xa, 0x2}, 0x1c) setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, 0x0, 0x0) r1 = dup(r0) sendto$inet6(r1, &(0x7f0000000800)="1e", 0x1, 0x4041, 0x0, 0x0) r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]}) close_range(r2, 0xffffffffffffffff, 0x0) 1.688057975s ago: executing program 1 (id=1749): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) close(r1) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r2) sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast}) r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0) close(r4) r5 = socket$unix(0x1, 0x1, 0x0) r6 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x8000000, {0x0, 0x0, 0x0, r7, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x28, 0x2, {{0x100, 0x7, 0x6361, 0x5, 0xfffffffd, 0x6}, [@TCA_NETEM_LATENCY64={0xc, 0xa, 0x7}]}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x20000001}, 0x0) sendmsg$nl_route_sched(r6, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x2000c061}, 0x4000000) ioctl$SIOCSIFHWADDR(r4, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"}) 1.627856725s ago: executing program 2 (id=1750): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000780)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff000000000200000009000100"], 0x7c}, 0x1, 0x0, 0x0, 0x4}, 0x40000) sendmsg$NFT_BATCH(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000700)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a2c000000060a0b040000000000000000020000000900010073797a30000000000900020073797a3200000000140000001100", @ANYRES8], 0x54}, 0x1, 0x0, 0x0, 0x24068045}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000002580)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000080a01010000000000000000020000000900010073797a300000000038000000060a17d50000000000000000020000000900020073797a32000000000900010073797a30000000000c0003400000000000000002"], 0xcdc}}, 0x0) 1.415284403s ago: executing program 0 (id=1751): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="0100000004000000080000000b"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000f4751f2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f00000191c0)=ANY=[@ANYBLOB="010000000b000000050010000200000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32, @ANYRES32, @ANYBLOB="0000000002"], 0x48) 1.303478116s ago: executing program 3 (id=1752): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="7c0100001a0001000000000000000000fc000000000000000000000000000000ff01000000000000000000000000000100000000000008000000000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ac1414aa00000000000000000000000010000800330000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fdffffffffffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000440000f4ffffff00890001006d64350000000000000000000000000000008000"/209], 0x17c}}, 0x0) 1.22491735s ago: executing program 2 (id=1753): bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000010001004900000001"], 0x48) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000400)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0xc, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x182, 0x0) ioctl$TIOCGPTPEER(r1, 0x5441, 0x3) 1.145225263s ago: executing program 4 (id=1754): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100000000001c000000000000ea04850000007b00000095"], &(0x7f0000000100)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0xe329d319fd1f7800, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00"/13], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x18, 0x0, 0x0, &(0x7f0000000680)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x62, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10) r2 = socket(0x2a, 0x2, 0x0) getsockname$packet(r2, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x38, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}, {0x0, 0xfff1}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0x4}}]}, 0x38}}, 0x0) sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000000c0)={0x0}}, 0x29a83a768e447add) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000003c0)=@newtfilter={0x44, 0x2c, 0xd27, 0x70bd2d, 0x20000000, {0x0, 0x0, 0x0, r3, {0x5, 0x2}, {}, {0x5, 0xffe0}}, [@filter_kind_options=@f_flower={{0xb}, {0x14, 0x2, [@TCA_FLOWER_CLASSID={0x8, 0x1, {0x0, 0x1}}, @TCA_FLOWER_FLAGS={0x8, 0x16, 0x2}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x8000}, 0x0) r4 = socket$netlink(0x10, 0x3, 0x0) sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000ff0f000007"], 0x50) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r5}, 0x10) mount_setattr(0xffffffffffffff9c, 0x0, 0x8100, 0x0, 0x0) r6 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x0, 0xc, &(0x7f0000000780)=ANY=[@ANYBLOB="18000000000000000000001801000080ffffffff78e1fcc38d9731b1195d3351cf77abbb013434e1ed71e9ff22b3d517883ea523f4765a3d27a0fd8d455c1c3b51bc433922f903f4b9071286383773a2ab13ba5d9382f2752756544103e9aa8c0e53f906f44d8bd9a7a9327c8a551240d799", @ANYRES32, @ANYBLOB="0000000000000000b70800000c0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000430000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa}, 0x94) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000001640)='kfree\x00', r7}, 0x10) syz_read_part_table(0x5c2, &(0x7f0000000000)="$eJzs2z1oU2sYB/AnavCil+vi5GQdnFwURzOoJFFRCNEu4qCgiBi4EEGIECjoYDO0NEPp2KUUsvRjapqhw6Wlhc6ldOil0KHTpV0KXZpL6Xv39vYDhN8PDg/v+/7Pec4znPEEv7QL8U+3281ERPfy8e/ubeULT2+WHpZfRWTiTUT0/PXH1MFJJiX+e+qttF5P67HRK53+nSfZ1trL3dtv5xsX0nlfuq6Ot3tPPBxnbiK3cO37j2pxoJb7tFqsb/5cWX4xuZ0vt583mlPPso/fp9xiqpdS/RK1+Baf411UohIfonpK/UdaG3f3bxRbMx8f7BU6g3P3Uq50wjmP2v9rz9DrZv3Rnenrw/drs0vlrYuHucr/+LoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADh/E7mFa99/VIsDtdyn1WJ98+fK8ovJ7Xy5/bzRnHqWffw+5RZTvZTql6jFt/gc76ISlfgQ1VPqP9LauLt/o9ia+fhgr9AZnLuXcqUTznnU/l97hl4364/uTF8fvl+bXSpvXTzMVS6f0QsAAAAAAAAAAAAAAAAAAABAROQLT2+WHpZfRWTiTUT8+fvczMF+N/3vnkm5W6mup/2x0Sud/p0n2dbay93bb+cbf6f9vt8i+iLi6ni799yH4dj+DQAA///B9JXf") setsockopt$SO_ATTACH_FILTER(r6, 0x1, 0x1a, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x6}]}, 0x10) io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000580), 0x0) bind$bt_hci(r6, &(0x7f0000000140)={0x1f, 0xffff, 0x2}, 0x6) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x11) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) 1.014786292s ago: executing program 1 (id=1755): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4) setsockopt$packet_fanout_data(r0, 0x107, 0x16, &(0x7f0000000100)={0x3, &(0x7f0000000080)=[{0x28, 0x0, 0x1, 0xfffff034}, {0x48, 0x0, 0x40}, {0x6, 0x37, 0x0, 0x9}]}, 0x10) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000005a40)=ANY=[], 0xb4}}, 0x0) 859.832611ms ago: executing program 0 (id=1756): bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0, r0}, 0x18) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, 0x0, 0x0) 797.842605ms ago: executing program 2 (id=1757): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001380)=@base={0xf, 0x4, 0x8, 0x1}, 0x50) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000012c0)={0x15, 0xe, &(0x7f0000001440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000020000001800000000000000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x6}, 0x94) 736.35569ms ago: executing program 3 (id=1758): r0 = socket$rds(0x15, 0x5, 0x0) bind$rds(r0, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10) sendmsg$rds(r0, &(0x7f0000000200)={&(0x7f0000000040)={0x2, 0x0, @dev}, 0x10, 0x0, 0x0, &(0x7f0000000140)=[@rdma_map={0x30, 0x114, 0x3, {{0x0}, 0x0, 0x6}}], 0x30, 0x45}, 0x0) 650.652377ms ago: executing program 1 (id=1759): r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) sendmsg$IPVS_CMD_SET_INFO(r1, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32, @ANYBLOB="01000000000000001c0012000c000100626f6e64"], 0x3c}}, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) getsockname$packet(r1, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000004c0)=ANY=[@ANYBLOB="580000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="46060900000000002800128009000100766c616e00000000180002800c0002001f0000001f000000060001000100000008000500", @ANYRES32=r3, @ANYBLOB='\b\x00\n\x00', @ANYRES32=r3], 0x58}, 0x1, 0x0, 0x0, 0x600}, 0x0) 387.962482ms ago: executing program 0 (id=1760): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000a00)='fib_table_lookup\x00', r1}, 0x18) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000ebff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000"], &(0x7f0000000540)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = openat$nci(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r6) ioctl$IOCTL_GET_NCIDEV_IDX(r5, 0x0, &(0x7f00000000c0)=0x0) r9 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000200), r4) sendmsg$MPTCP_PM_CMD_DEL_ADDR(r4, &(0x7f0000000680)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000640)={&(0x7f0000000580)={0xb0, r9, 0x100, 0x70bd2c, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_TOKEN={0x8, 0x4, 0xf}, @MPTCP_PM_ATTR_ADDR_REMOTE={0x4}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x6}, @MPTCP_PM_ATTR_TOKEN={0x8, 0x4, 0x7}, @MPTCP_PM_ATTR_ADDR_REMOTE={0x24, 0x6, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e23}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x3873d1d0f99e2a8}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0xe}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x1}]}, @MPTCP_PM_ATTR_LOC_ID={0x5, 0x5, 0xd5}, @MPTCP_PM_ATTR_TOKEN={0x8, 0x4, 0x2}, @MPTCP_PM_ATTR_ADDR_REMOTE={0x14, 0x6, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x1}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}]}, @MPTCP_PM_ATTR_ADDR={0x38, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x8}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x8}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}]}]}, 0xb0}, 0x1, 0x0, 0x0, 0x8014}, 0x8014) sendmsg$NFC_CMD_DEV_UP(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000004c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r7, @ANYBLOB="010026bd70003c0200000200000008000100", @ANYRES32=r8], 0xfd45}}, 0x0) write$nci(r5, &(0x7f0000000300)=ANY=[@ANYBLOB="60800290dd"], 0x5) close(0x4) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x18) syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301) r10 = socket(0x2, 0x805, 0x0) getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r10, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000100)=[@in={0x2, 0x4e20, @rand_addr=0x64010102}]}, &(0x7f00000007c0)=0x10) 378.597145ms ago: executing program 2 (id=1761): openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) io_pgetevents(0x0, 0x8000, 0x0, 0x0, 0x0, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000007c0)={0xa, 0x2, 0x0, @empty, 0x80000001}, 0x1c) setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4) sendto$inet6(r0, &(0x7f0000000340)="fb", 0x1, 0x20000845, &(0x7f0000b63fe4)={0xa, 0x2}, 0x1c) setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000100)={@in6={{0xa, 0x4e24, 0x0, @loopback, 0x1}}, 0x0, 0x0, 0x2, 0x0, "10baa70a93289349d889de25b87376f64276337642b890d33cb5b592266c5b98fb19402835fee1b3871b7ef6619db5b2a94edb6f73ea08b02aa3b47debd38b6d889a8c986b33eb49c3157f1f370dfd67"}, 0xd8) r1 = dup(r0) sendto$inet6(r1, &(0x7f0000000800), 0x0, 0x4041, 0x0, 0x0) 279.070907ms ago: executing program 3 (id=1762): openat2$dir(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup\x00', 0x0, 0x0) mprotect(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x4) r0 = socket(0xa, 0x3, 0xff) setsockopt$inet6_int(r0, 0x29, 0x5, &(0x7f0000000040)=0xfffffff9, 0x4) syz_emit_ethernet(0x4e, &(0x7f00000020c0)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaa3986dd6c370c8900182b01fe800000000000000000000000000025fe8000000000000000000000000000aaff"], 0x0) recvmmsg(r0, &(0x7f0000002280)=[{{0x0, 0x0, 0x0}, 0x3}], 0x1, 0x102, 0x0) 92.095373ms ago: executing program 2 (id=1763): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000780)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a3000000000090003007379"], 0x7c}, 0x1, 0x0, 0x0, 0x4}, 0x40000) sendmsg$NFT_BATCH(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000700)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a2c000000060a0b040000000000000000020000000900010073797a30000000000900020073797a3200000000140000001100", @ANYRES8], 0x54}, 0x1, 0x0, 0x0, 0x24068045}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000002580)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000080a01010000000000000000020000000900010073797a300000000038000000060a17d50000000000000000020000000900020073797a32000000000900010073797a30000000000c0003400000000000000002"], 0xcdc}}, 0x0) 84.444359ms ago: executing program 1 (id=1764): io_pgetevents(0x0, 0x8000, 0x0, 0x0, 0x0, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000007c0)={0xa, 0x2, 0x0, @empty, 0x80000001}, 0x1c) setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4) sendto$inet6(r0, &(0x7f0000000340)="fb", 0x1, 0x20000845, &(0x7f0000b63fe4)={0xa, 0x2}, 0x1c) setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, 0x0, 0x0) r1 = dup(r0) sendto$inet6(r1, &(0x7f0000000800)="1e", 0x1, 0x4041, 0x0, 0x0) r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]}) close_range(r2, 0xffffffffffffffff, 0x0) 0s ago: executing program 4 (id=1765): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) close(r1) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r2) sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast}) r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0) close(r4) r5 = socket$unix(0x1, 0x1, 0x0) r6 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x8000000, {0x0, 0x0, 0x0, r7, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x28, 0x2, {{0x100, 0x7, 0x6361, 0x5, 0xfffffffd, 0x6}, [@TCA_NETEM_LATENCY64={0xc, 0xa, 0x7}]}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x20000001}, 0x0) sendmsg$nl_route_sched(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={0x0}, 0x1, 0x0, 0x0, 0x2000c061}, 0x4000000) ioctl$SIOCSIFHWADDR(r4, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"}) kernel console output (not intermixed with test programs): T5873] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 284.987996][ T5873] usb 3-1: Using ep0 maxpacket: 32 [ 285.084965][ T5873] usb 3-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92 [ 285.094834][ T5873] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 285.200188][ T7055] loop4: detected capacity change from 0 to 764 [ 285.236181][ T5873] usb 3-1: config 0 descriptor?? [ 285.321330][ T5873] gspca_main: nw80x-2.14.0 probing 055f:d001 [ 285.768974][ T5873] gspca_nw80x: reg_r err -32 [ 285.774004][ T5873] nw80x 3-1:0.0: probe with driver nw80x failed with error -32 [ 285.959345][ T1290] ieee802154 phy0 wpan0: encryption failed: -22 [ 285.965950][ T1290] ieee802154 phy1 wpan1: encryption failed: -22 [ 286.056585][ T5818] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 286.694378][ T7067] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 286.834677][ T7067] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 286.866462][ T7069] loop1: detected capacity change from 0 to 2048 [ 286.967899][ T7067] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 287.029681][ T7069] Alternate GPT is invalid, using primary GPT. [ 287.036767][ T7069] loop1: p1 p2 p3 [ 287.040860][ T7069] loop1: partition table partially beyond EOD, truncated [ 287.156066][ T7067] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 287.222859][ T30] kauditd_printk_skb: 4 callbacks suppressed [ 287.222932][ T30] audit: type=1326 audit(1758085643.564:387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7078 comm="syz.3.373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa11258eba9 code=0x7ffc0000 [ 287.327118][ T30] audit: type=1326 audit(1758085643.614:388): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7078 comm="syz.3.373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa11258eba9 code=0x7ffc0000 [ 287.350438][ T30] audit: type=1326 audit(1758085643.614:389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7078 comm="syz.3.373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa11258eba9 code=0x7ffc0000 [ 287.373021][ T30] audit: type=1326 audit(1758085643.614:390): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7078 comm="syz.3.373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa11258eba9 code=0x7ffc0000 [ 287.396140][ T30] audit: type=1326 audit(1758085643.634:391): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7078 comm="syz.3.373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa11258eba9 code=0x7ffc0000 [ 287.419081][ T30] audit: type=1326 audit(1758085643.634:392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7078 comm="syz.3.373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7fa11258eba9 code=0x7ffc0000 [ 287.444654][ T30] audit: type=1326 audit(1758085643.634:393): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7078 comm="syz.3.373" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa11258eba9 code=0x0 [ 287.546883][ T3645] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 287.605224][ T3645] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 287.660368][ T3645] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 287.688166][ T3645] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 287.880034][ T5865] usb 3-1: USB disconnect, device number 2 [ 288.061869][ T7091] netlink: 232 bytes leftover after parsing attributes in process `syz.1.377'. [ 288.931970][ T7109] 9pnet_fd: Insufficient options for proto=fd [ 289.311886][ T7115] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 289.502647][ T7115] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 289.612558][ T30] audit: type=1326 audit(1758085645.934:394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7118 comm="syz.3.389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa11258eba9 code=0x7ffc0000 [ 289.635679][ T30] audit: type=1326 audit(1758085645.934:395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7118 comm="syz.3.389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa11258eba9 code=0x7ffc0000 [ 289.658481][ T30] audit: type=1326 audit(1758085645.934:396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7118 comm="syz.3.389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa11258eba9 code=0x7ffc0000 [ 289.867198][ T7115] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 289.925983][ T7123] netlink: 232 bytes leftover after parsing attributes in process `syz.1.390'. [ 290.019440][ T7115] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 291.290744][ T1882] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 291.491949][ T1882] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 291.662406][ T1882] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 291.663014][ T1882] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 294.297886][ T7159] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 294.424858][ T7159] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 294.606226][ T7159] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 294.763299][ T7159] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 294.967833][ T1882] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 295.023792][ T3860] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 295.048112][ T7169] pim6reg1: entered promiscuous mode [ 295.053721][ T7169] pim6reg1: entered allmulticast mode [ 295.074524][ T6804] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 295.201703][ T4940] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 296.247241][ T7184] loop4: detected capacity change from 0 to 1024 [ 296.279775][ T7184] EXT4-fs: Ignoring removed bh option [ 296.285578][ T7184] EXT4-fs: inline encryption not supported [ 296.328779][ T7184] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 296.568752][ T24] Process accounting resumed [ 296.684460][ T7196] loop3: detected capacity change from 0 to 128 [ 296.753780][ T7184] EXT4-fs error (device loop4): ext4_map_blocks:778: inode #3: block 2: comm syz.4.414: lblock 2 mapped to illegal pblock 2 (length 1) [ 296.783038][ T7184] __quota_error: 26 callbacks suppressed [ 296.783127][ T7184] Quota error (device loop4): qtree_write_dquot: dquota write failed [ 296.797860][ T7184] EXT4-fs error (device loop4): ext4_map_blocks:778: inode #3: block 48: comm syz.4.414: lblock 0 mapped to illegal pblock 48 (length 1) [ 296.854337][ T7184] Quota error (device loop4): v2_write_file_info: Can't write info structure [ 296.864440][ T7184] EXT4-fs error (device loop4): ext4_acquire_dquot:6937: comm syz.4.414: Failed to acquire dquot type 0 [ 296.881756][ T7184] EXT4-fs error (device loop4) in ext4_reserve_inode_write:6334: Corrupt filesystem [ 296.923398][ T7184] EXT4-fs error (device loop4): ext4_evict_inode:254: inode #11: comm syz.4.414: mark_inode_dirty error [ 296.962031][ T7184] EXT4-fs warning (device loop4): ext4_evict_inode:257: couldn't mark inode dirty (err -117) [ 296.973357][ T7184] EXT4-fs (loop4): 1 orphan inode deleted [ 296.981755][ T7184] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 297.007098][ T6804] EXT4-fs error (device loop4): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:32: lblock 1 mapped to illegal pblock 1 (length 1) [ 297.032664][ T6804] Quota error (device loop4): remove_tree: Can't read quota data block 1 [ 297.041915][ T6804] EXT4-fs error (device loop4): ext4_release_dquot:6973: comm kworker/u8:32: Failed to release dquot type 0 [ 297.076625][ T7184] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 297.086562][ T7184] EXT4-fs error (device loop4): __ext4_get_inode_loc:4861: comm syz.4.414: Invalid inode table block 1 in block_group 0 [ 297.106069][ T7184] EXT4-fs error (device loop4) in ext4_reserve_inode_write:6334: Corrupt filesystem [ 297.131795][ T7184] EXT4-fs error (device loop4): ext4_quota_off:7221: inode #3: comm syz.4.414: mark_inode_dirty error [ 297.778664][ T7209] pim6reg1: entered promiscuous mode [ 297.784152][ T7209] pim6reg1: entered allmulticast mode [ 297.914123][ T7211] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 298.065110][ T7211] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 298.378321][ T7211] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 298.525227][ T7211] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 298.814405][ T4369] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 298.927735][ T4369] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 298.956601][ T4369] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 298.974129][ T4369] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 299.077204][ T7233] netlink: 8 bytes leftover after parsing attributes in process `syz.0.434'. [ 300.075638][ T7243] pim6reg1: entered promiscuous mode [ 300.081364][ T7243] pim6reg1: entered allmulticast mode [ 300.109237][ T7244] netlink: 24 bytes leftover after parsing attributes in process `syz.0.438'. [ 300.963235][ T7262] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 301.134099][ T7262] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 301.270259][ T7262] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 301.355849][ T7262] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 301.694413][ T7278] netlink: 24 bytes leftover after parsing attributes in process `syz.2.453'. [ 302.419419][ T7282] random: crng reseeded on system resumption [ 302.555753][ T7284] pim6reg1: entered promiscuous mode [ 302.561868][ T7284] pim6reg1: entered allmulticast mode [ 303.551058][ T7308] netlink: 24 bytes leftover after parsing attributes in process `syz.2.465'. [ 303.609206][ T7311] netlink: 12 bytes leftover after parsing attributes in process `syz.0.464'. [ 303.690085][ T4940] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 303.755308][ T4940] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 303.821074][ T4940] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 303.871027][ T4940] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 304.105551][ T7318] netlink: 'syz.4.468': attribute type 1 has an invalid length. [ 304.120775][ T7319] loop2: detected capacity change from 0 to 1024 [ 304.175545][ T7319] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 304.224268][ T30] audit: type=1800 audit(1758085660.534:423): pid=7319 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.469" name="file1" dev="loop2" ino=15 res=0 errno=0 [ 304.275589][ T7319] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.469: bg 0: block 494: padding at end of block bitmap is not set [ 304.293556][ T7319] EXT4-fs (loop2): Remounting filesystem read-only [ 304.300994][ T7319] EXT4-fs (loop2): error restoring inline_data for inode -- potential data loss! (inode 15, error -30) [ 306.240340][ T7344] netlink: 224 bytes leftover after parsing attributes in process `syz.4.477'. [ 306.344741][ T5812] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 307.162563][ T7351] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 307.284928][ T7354] loop1: detected capacity change from 0 to 512 [ 307.358180][ T7354] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem [ 307.422950][ T7351] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 307.451612][ T7354] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a043c11c, mo2=0002] [ 307.522292][ T7354] System zones: 1-12 [ 307.533329][ T7354] EXT4-fs error (device loop1): ext4_iget_extra_inode:5104: inode #15: comm syz.1.479: corrupted in-inode xattr: e_value size too large [ 307.553001][ T7354] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.479: couldn't read orphan inode 15 (err -117) [ 307.598838][ T7354] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 307.604274][ T7351] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 307.711222][ T7351] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 307.742743][ T7363] netlink: 'syz.2.483': attribute type 10 has an invalid length. [ 307.797201][ T7363] team0: Port device dummy0 added [ 307.817967][ T7362] pim6reg1: entered promiscuous mode [ 307.820391][ T7367] netlink: 'syz.2.483': attribute type 10 has an invalid length. [ 307.823425][ T7362] pim6reg1: entered allmulticast mode [ 307.933532][ T7367] team0: Port device dummy0 removed [ 307.954606][ T7367] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 308.090661][ T6796] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 308.120142][ T5818] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 308.165779][ T6796] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 308.216841][ T6796] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 308.233655][ T6796] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 308.563009][ T7373] loop0: detected capacity change from 0 to 1024 [ 308.653326][ T7373] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 308.698437][ T30] audit: type=1800 audit(1758085665.024:424): pid=7373 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.488" name="file1" dev="loop0" ino=15 res=0 errno=0 [ 308.732847][ T7373] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.488: bg 0: block 494: padding at end of block bitmap is not set [ 308.733876][ T49] Bluetooth: hci0: command 0x0406 tx timeout [ 308.749144][ T5824] Bluetooth: hci1: command 0x0406 tx timeout [ 308.756238][ T5827] Bluetooth: hci3: command 0x0406 tx timeout [ 308.761523][ T5824] Bluetooth: hci2: command 0x0406 tx timeout [ 308.761637][ T5824] Bluetooth: hci4: command 0x0406 tx timeout [ 308.763442][ T7373] EXT4-fs (loop0): Remounting filesystem read-only [ 308.788445][ T7373] EXT4-fs (loop0): error restoring inline_data for inode -- potential data loss! (inode 15, error -30) [ 310.691244][ T7390] netlink: 224 bytes leftover after parsing attributes in process `syz.3.492'. [ 310.764994][ T5810] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 311.203251][ T7397] loop3: detected capacity change from 0 to 512 [ 311.291846][ T7397] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem [ 311.538294][ T7397] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a043c11c, mo2=0002] [ 311.583958][ T7397] System zones: 1-12 [ 311.684085][ T7397] EXT4-fs error (device loop3): ext4_iget_extra_inode:5104: inode #15: comm syz.3.496: corrupted in-inode xattr: e_value size too large [ 311.738245][ T7397] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.496: couldn't read orphan inode 15 (err -117) [ 311.782070][ T7404] loop1: detected capacity change from 0 to 2048 [ 311.804318][ T7397] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 311.926768][ T7404] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 312.224527][ T5819] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 312.295222][ T5818] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 312.565382][ T7416] pim6reg1: entered promiscuous mode [ 312.571086][ T7416] pim6reg1: entered allmulticast mode [ 312.785891][ T7418] loop1: detected capacity change from 0 to 1024 [ 312.917864][ T7418] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 313.057730][ T30] audit: type=1800 audit(1758085669.394:425): pid=7418 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.503" name="file1" dev="loop1" ino=15 res=0 errno=0 [ 313.390327][ T5818] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 313.776083][ T7434] netlink: 224 bytes leftover after parsing attributes in process `syz.1.506'. [ 314.339962][ T7445] loop2: detected capacity change from 0 to 512 [ 314.497785][ T7445] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem [ 314.546207][ T7445] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a043c11c, mo2=0002] [ 314.582125][ T7445] System zones: 1-12 [ 314.613236][ T7445] EXT4-fs error (device loop2): ext4_iget_extra_inode:5104: inode #15: comm syz.2.511: corrupted in-inode xattr: e_value size too large [ 314.701758][ T7445] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.511: couldn't read orphan inode 15 (err -117) [ 314.849784][ T7445] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 315.132986][ T5812] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 315.619488][ T7469] pim6reg1: entered promiscuous mode [ 315.625205][ T7469] pim6reg1: entered allmulticast mode [ 316.230127][ T7475] netlink: 224 bytes leftover after parsing attributes in process `syz.0.520'. [ 316.582999][ T30] audit: type=1326 audit(1758085672.924:426): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7480 comm="syz.0.523" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09b4f8eba9 code=0x7ffc0000 [ 316.724993][ T30] audit: type=1326 audit(1758085672.964:427): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7480 comm="syz.0.523" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09b4f8eba9 code=0x7ffc0000 [ 316.748404][ T30] audit: type=1326 audit(1758085672.974:428): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7480 comm="syz.0.523" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f09b4f8eba9 code=0x7ffc0000 [ 316.770944][ T30] audit: type=1326 audit(1758085672.974:429): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7480 comm="syz.0.523" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09b4f8eba9 code=0x7ffc0000 [ 316.793734][ T30] audit: type=1326 audit(1758085672.974:430): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7480 comm="syz.0.523" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09b4f8eba9 code=0x7ffc0000 [ 316.819292][ T30] audit: type=1326 audit(1758085672.974:431): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7480 comm="syz.0.523" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f09b4f8eba9 code=0x7ffc0000 [ 316.843049][ T30] audit: type=1326 audit(1758085672.974:432): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7480 comm="syz.0.523" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09b4f8eba9 code=0x7ffc0000 [ 316.865665][ T30] audit: type=1326 audit(1758085672.974:433): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7480 comm="syz.0.523" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f09b4f8eba9 code=0x7ffc0000 [ 316.889221][ T30] audit: type=1326 audit(1758085673.084:434): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7480 comm="syz.0.523" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09b4f8eba9 code=0x7ffc0000 [ 317.993436][ T7510] netlink: 224 bytes leftover after parsing attributes in process `syz.1.533'. [ 318.983769][ T7525] netlink: 8 bytes leftover after parsing attributes in process `syz.2.537'. [ 319.593993][ T7539] loop2: detected capacity change from 0 to 512 [ 319.647965][ T7539] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem [ 319.749002][ T7539] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a043c11c, mo2=0002] [ 319.768781][ T7539] System zones: 1-12 [ 319.853110][ T7539] EXT4-fs error (device loop2): ext4_iget_extra_inode:5104: inode #15: comm syz.2.541: corrupted in-inode xattr: e_value size too large [ 319.921783][ T7539] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.541: couldn't read orphan inode 15 (err -117) [ 319.961519][ T7539] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 320.271743][ T5812] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 320.686635][ T7567] netlink: 8 bytes leftover after parsing attributes in process `syz.1.551'. [ 321.328440][ T7580] netlink: 8 bytes leftover after parsing attributes in process `syz.4.552'. [ 321.337805][ T7580] netlink: 8 bytes leftover after parsing attributes in process `syz.4.552'. [ 321.519105][ T7581] netlink: 4 bytes leftover after parsing attributes in process `syz.2.556'. [ 322.773500][ T7609] netlink: 8 bytes leftover after parsing attributes in process `syz.1.565'. [ 323.040089][ T7615] netlink: 'syz.0.567': attribute type 4 has an invalid length. [ 323.506312][ T7620] IPVS: wlc: UDP 224.0.0.2:0 - no destination available [ 323.535846][ T24] IPVS: starting estimator thread 0... [ 323.641854][ T7623] IPVS: using max 240 ests per chain, 12000 per kthread [ 323.985148][ T7628] loop3: detected capacity change from 0 to 512 [ 324.044483][ T7628] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem [ 324.098701][ T7628] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a043c11c, mo2=0002] [ 324.107265][ T7628] System zones: 1-12 [ 324.189571][ T7628] EXT4-fs error (device loop3): ext4_iget_extra_inode:5104: inode #15: comm syz.3.573: corrupted in-inode xattr: e_value size too large [ 324.229212][ T7628] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.573: couldn't read orphan inode 15 (err -117) [ 324.276631][ T7628] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 324.771784][ T5819] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 325.045577][ T7641] netlink: 'syz.4.579': attribute type 4 has an invalid length. [ 325.271106][ T7644] loop2: detected capacity change from 0 to 128 [ 329.425363][ T7680] loop3: detected capacity change from 0 to 512 [ 329.558124][ T7680] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem [ 329.655740][ T7680] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a043c11c, mo2=0002] [ 329.690610][ T7680] System zones: 1-12 [ 329.739711][ T7680] EXT4-fs error (device loop3): ext4_iget_extra_inode:5104: inode #15: comm syz.3.588: corrupted in-inode xattr: e_value size too large [ 329.820809][ T7680] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.588: couldn't read orphan inode 15 (err -117) [ 329.935218][ T7680] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 329.983268][ T7688] netlink: 'syz.4.591': attribute type 4 has an invalid length. [ 330.517548][ T5819] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 330.686122][ T7691] random: crng reseeded on system resumption [ 331.344126][ T24] IPVS: starting estimator thread 0... [ 331.360962][ T7697] IPVS: wlc: UDP 224.0.0.2:0 - no destination available [ 331.448725][ T7701] IPVS: using max 192 ests per chain, 9600 per kthread [ 331.647146][ T7703] netlink: 12 bytes leftover after parsing attributes in process `syz.3.594'. [ 332.308374][ T24] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 332.527845][ T24] usb 5-1: Using ep0 maxpacket: 32 [ 332.575740][ T24] usb 5-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92 [ 332.590124][ T24] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 332.725607][ T24] usb 5-1: config 0 descriptor?? [ 332.775145][ T24] gspca_main: nw80x-2.14.0 probing 055f:d001 [ 333.205354][ T7718] netlink: 'syz.3.603': attribute type 4 has an invalid length. [ 333.575860][ T24] gspca_nw80x: reg_r err -32 [ 333.581152][ T24] nw80x 5-1:0.0: probe with driver nw80x failed with error -32 [ 333.816216][ T7728] netlink: 12 bytes leftover after parsing attributes in process `syz.0.608'. [ 334.124877][ T30] kauditd_printk_skb: 3 callbacks suppressed [ 334.124952][ T30] audit: type=1326 audit(1758085690.464:438): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7736 comm="syz.3.612" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa11258eba9 code=0x7ffc0000 [ 334.230401][ T30] audit: type=1326 audit(1758085690.504:439): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7736 comm="syz.3.612" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa11258eba9 code=0x7ffc0000 [ 334.253302][ T30] audit: type=1326 audit(1758085690.524:440): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7736 comm="syz.3.612" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa11258eba9 code=0x7ffc0000 [ 334.276226][ T30] audit: type=1326 audit(1758085690.524:441): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7736 comm="syz.3.612" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa11258eba9 code=0x7ffc0000 [ 334.298808][ T30] audit: type=1326 audit(1758085690.524:442): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7736 comm="syz.3.612" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa11258eba9 code=0x7ffc0000 [ 334.324781][ T30] audit: type=1326 audit(1758085690.524:443): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7736 comm="syz.3.612" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa11258eba9 code=0x7ffc0000 [ 334.348452][ T30] audit: type=1326 audit(1758085690.524:444): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7736 comm="syz.3.612" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa11258eba9 code=0x7ffc0000 [ 334.371043][ T30] audit: type=1326 audit(1758085690.534:445): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7736 comm="syz.3.612" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7fa11258eba9 code=0x7ffc0000 [ 334.393770][ T30] audit: type=1326 audit(1758085690.534:446): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7736 comm="syz.3.612" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa11258eba9 code=0x7ffc0000 [ 334.416341][ T30] audit: type=1326 audit(1758085690.534:447): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7736 comm="syz.3.612" exe="/root/syz-executor" sig=0 arch=c000003e syscall=435 compat=0 ip=0x7fa11258eba9 code=0x7ffc0000 [ 335.115600][ T7752] netlink: 'syz.2.617': attribute type 4 has an invalid length. [ 335.186159][ T24] usb 5-1: USB disconnect, device number 3 [ 335.546776][ T7760] netlink: 12 bytes leftover after parsing attributes in process `syz.0.621'. [ 335.916173][ T7764] loop3: detected capacity change from 0 to 2048 [ 336.032575][ T7764] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 336.312052][ T7778] tipc: Started in network mode [ 336.318621][ T7778] tipc: Node identity fe03010172ba, cluster identity 4711 [ 336.331653][ T7778] tipc: Enabled bearer , priority 0 [ 336.406723][ T7781] tipc: Disabling bearer [ 336.474970][ T5819] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 336.688072][ T5865] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 336.893389][ T5865] usb 1-1: Using ep0 maxpacket: 32 [ 336.928994][ T5865] usb 1-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92 [ 336.939854][ T5865] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 337.006231][ T5865] usb 1-1: config 0 descriptor?? [ 337.045817][ T5865] gspca_main: nw80x-2.14.0 probing 055f:d001 [ 337.338661][ T7799] loop2: detected capacity change from 0 to 128 [ 337.416025][ T7799] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 337.460060][ T7799] ext4 filesystem being mounted at /131/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 337.853867][ T5865] gspca_nw80x: reg_r err -32 [ 337.859166][ T5865] nw80x 1-1:0.0: probe with driver nw80x failed with error -32 [ 338.022699][ T5812] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 338.241621][ T7810] tipc: Enabled bearer , priority 0 [ 338.267269][ T7810] tipc: Disabling bearer [ 338.509993][ T7815] loop2: detected capacity change from 0 to 2048 [ 338.604564][ T7815] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 339.270132][ T7830] pim6reg1: entered promiscuous mode [ 339.270240][ T7830] pim6reg1: entered allmulticast mode [ 339.397129][ T5812] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 339.780596][ T2203] usb 1-1: USB disconnect, device number 3 [ 341.103752][ T7851] tipc: Enabled bearer , priority 0 [ 341.125421][ T7851] tipc: Disabling bearer [ 341.559951][ T7857] pim6reg1: entered promiscuous mode [ 341.565452][ T7857] pim6reg1: entered allmulticast mode [ 343.857901][ T7897] pim6reg1: entered promiscuous mode [ 343.863562][ T7897] pim6reg1: entered allmulticast mode [ 344.060143][ T7898] tipc: Enabled bearer , priority 0 [ 344.222368][ T7899] tipc: Disabling bearer [ 345.595610][ T7919] loop4: detected capacity change from 0 to 512 [ 345.640837][ T7919] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem [ 345.714327][ T7919] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a043c11c, mo2=0002] [ 345.748260][ T7919] System zones: 1-12 [ 345.770036][ T7919] EXT4-fs error (device loop4): ext4_iget_extra_inode:5104: inode #15: comm syz.4.681: corrupted in-inode xattr: e_value size too large [ 345.829837][ T7919] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.681: couldn't read orphan inode 15 (err -117) [ 345.898519][ T7919] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 346.025238][ T7929] pim6reg1: entered promiscuous mode [ 346.031012][ T7929] pim6reg1: entered allmulticast mode [ 346.184943][ T5821] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 346.629876][ T7933] tipc: Enabled bearer , priority 0 [ 346.667809][ T7933] tipc: Disabling bearer [ 347.382713][ T1290] ieee802154 phy0 wpan0: encryption failed: -22 [ 347.389496][ T1290] ieee802154 phy1 wpan1: encryption failed: -22 [ 348.479350][ T7960] pim6reg1: entered promiscuous mode [ 348.484995][ T7960] pim6reg1: entered allmulticast mode [ 349.000042][ T7974] tipc: Enabled bearer , priority 0 [ 349.043537][ T7974] tipc: Disabling bearer [ 349.694594][ T7986] loop4: detected capacity change from 0 to 2048 [ 349.845289][ T7986] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 349.934542][ T7995] syzkaller1: entered promiscuous mode [ 349.934647][ T7995] syzkaller1: entered allmulticast mode [ 350.355445][ T5821] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 350.448857][ T8005] pim6reg1: entered promiscuous mode [ 350.448958][ T8005] pim6reg1: entered allmulticast mode [ 350.886819][ T8013] bridge0: entered promiscuous mode [ 350.898772][ T8013] bridge0: port 3(macsec1) entered blocking state [ 350.905679][ T8013] bridge0: port 3(macsec1) entered disabled state [ 350.918044][ T8013] macsec1: entered allmulticast mode [ 350.923592][ T8013] bridge0: entered allmulticast mode [ 350.947199][ T8013] macsec1: left allmulticast mode [ 350.952677][ T8013] bridge0: left allmulticast mode [ 351.033533][ T8013] bridge0: left promiscuous mode [ 351.201593][ T8016] tipc: Started in network mode [ 351.206814][ T8016] tipc: Node identity f2255708a915, cluster identity 4711 [ 351.215065][ T8016] tipc: Enabled bearer , priority 0 [ 351.268723][ T8019] tipc: Disabling bearer [ 351.592405][ T30] kauditd_printk_skb: 4 callbacks suppressed [ 351.592480][ T30] audit: type=1326 audit(1758085707.934:452): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8025 comm="syz.2.726" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae4a58eba9 code=0x7ffc0000 [ 351.621645][ T30] audit: type=1326 audit(1758085707.944:453): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8025 comm="syz.2.726" exe="/root/syz-executor" sig=0 arch=c000003e syscall=113 compat=0 ip=0x7fae4a58eba9 code=0x7ffc0000 [ 351.647702][ T30] audit: type=1326 audit(1758085707.944:454): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8025 comm="syz.2.726" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae4a58eba9 code=0x7ffc0000 [ 351.672000][ T30] audit: type=1326 audit(1758085708.004:455): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8025 comm="syz.2.726" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae4a58eba9 code=0x7ffc0000 [ 352.211495][ T8038] pim6reg1: entered promiscuous mode [ 352.217117][ T8038] pim6reg1: entered allmulticast mode [ 352.910084][ T8050] bridge0: entered promiscuous mode [ 352.916496][ T8050] bridge0: port 3(macsec1) entered blocking state [ 352.916864][ T8050] bridge0: port 3(macsec1) entered disabled state [ 352.918576][ T8050] macsec1: entered allmulticast mode [ 352.918670][ T8050] bridge0: entered allmulticast mode [ 353.041070][ T8050] macsec1: left allmulticast mode [ 353.041181][ T8050] bridge0: left allmulticast mode [ 353.071717][ T8050] bridge0: left promiscuous mode [ 353.583060][ T8056] lo speed is unknown, defaulting to 1000 [ 353.591480][ T8056] lo speed is unknown, defaulting to 1000 [ 353.598754][ T8056] lo speed is unknown, defaulting to 1000 [ 353.936636][ T8061] loop4: detected capacity change from 0 to 1024 [ 354.037928][ T8056] infiniband sz1: set down [ 354.042642][ T8056] infiniband sz1: added lo [ 354.050957][ T8056] workqueue: Failed to create a rescuer kthread for wq "ib_mad1": -EINTR [ 354.059704][ T8056] infiniband sz1: Couldn't open port 1 [ 354.079958][ T5865] lo speed is unknown, defaulting to 1000 [ 354.118257][ T8056] RDS/IB: sz1: added [ 354.122467][ T8056] smc: adding ib device sz1 with port count 1 [ 354.133985][ T8056] smc: ib device sz1 port 1 has pnetid [ 354.142022][ T8056] lo speed is unknown, defaulting to 1000 [ 354.609990][ T8056] lo speed is unknown, defaulting to 1000 [ 354.869260][ T30] audit: type=1326 audit(1758085711.174:456): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8071 comm="syz.3.744" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa11258eba9 code=0x7ffc0000 [ 354.892282][ T30] audit: type=1326 audit(1758085711.174:457): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8071 comm="syz.3.744" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa11258eba9 code=0x7ffc0000 [ 355.074095][ T8056] lo speed is unknown, defaulting to 1000 [ 355.235809][ T30] audit: type=1326 audit(1758085711.264:458): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8071 comm="syz.3.744" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fa11258eba9 code=0x7ffc0000 [ 355.259383][ T30] audit: type=1326 audit(1758085711.264:459): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8071 comm="syz.3.744" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa11258eba9 code=0x7ffc0000 [ 355.282384][ T30] audit: type=1326 audit(1758085711.284:460): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8071 comm="syz.3.744" exe="/root/syz-executor" sig=0 arch=c000003e syscall=213 compat=0 ip=0x7fa11258eba9 code=0x7ffc0000 [ 355.305103][ T30] audit: type=1326 audit(1758085711.284:461): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8071 comm="syz.3.744" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa11258eba9 code=0x7ffc0000 [ 355.470883][ T8061] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 355.554037][ T8077] pim6reg1: entered promiscuous mode [ 355.560139][ T8077] pim6reg1: entered allmulticast mode [ 355.581272][ T5865] lo speed is unknown, defaulting to 1000 [ 355.587522][ T8056] lo speed is unknown, defaulting to 1000 [ 356.049732][ T8056] lo speed is unknown, defaulting to 1000 [ 356.614321][ T5821] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 357.140969][ T8094] loop4: detected capacity change from 0 to 512 [ 357.160651][ T8094] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 357.227046][ T8094] EXT4-fs warning (device loop4): ext4_expand_extra_isize_ea:2848: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 357.238137][ T8094] EXT4-fs (loop4): 1 truncate cleaned up [ 357.240402][ T8094] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 357.335769][ T8101] bridge0: entered promiscuous mode [ 357.342669][ T8101] bridge0: port 3(macsec1) entered blocking state [ 357.343052][ T8101] bridge0: port 3(macsec1) entered disabled state [ 357.343503][ T8101] macsec1: entered allmulticast mode [ 357.343593][ T8101] bridge0: entered allmulticast mode [ 357.400034][ T8101] macsec1: left allmulticast mode [ 357.445932][ T8101] bridge0: left allmulticast mode [ 357.518121][ T8101] bridge0: left promiscuous mode [ 357.587822][ T5821] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 358.576371][ T8113] pim6reg1: entered promiscuous mode [ 358.586107][ T8113] pim6reg1: entered allmulticast mode [ 359.554337][ T8123] loop4: detected capacity change from 0 to 2048 [ 359.765151][ T8123] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 360.016761][ T8136] rdma_rxe: rxe_newlink: failed to add lo [ 361.685098][ T5821] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 362.422417][ T8154] pim6reg1: entered promiscuous mode [ 362.428337][ T8154] pim6reg1: entered allmulticast mode [ 363.583727][ T8174] lo speed is unknown, defaulting to 1000 [ 364.342576][ T8189] rdma_rxe: rxe_newlink: failed to add lo [ 365.599573][ T8196] random: crng reseeded on system resumption [ 366.204120][ T5899] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 366.599799][ T8201] IPVS: wlc: UDP 224.0.0.2:0 - no destination available [ 366.743980][ T5899] usb 3-1: device descriptor read/all, error -71 [ 366.956234][ T8203] pim6reg1: entered promiscuous mode [ 366.963865][ T8203] pim6reg1: entered allmulticast mode [ 368.081839][ T8229] random: crng reseeded on system resumption [ 368.365096][ T8231] ÿÿÿÿÿÿ: renamed from vlan1 (while UP) [ 368.736384][ T8236] sz1: rxe_newlink: already configured on lo [ 369.950581][ T8245] netlink: 12 bytes leftover after parsing attributes in process `syz.3.805'. [ 370.309650][ T8249] netlink: 4 bytes leftover after parsing attributes in process `syz.2.806'. [ 370.509857][ T8248] pim6reg1: entered promiscuous mode [ 370.515522][ T8248] pim6reg1: entered allmulticast mode [ 371.692484][ T8264] random: crng reseeded on system resumption [ 372.274562][ T30] kauditd_printk_skb: 3 callbacks suppressed [ 372.274636][ T30] audit: type=1326 audit(1758085728.614:465): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8273 comm="syz.0.818" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09b4f8eba9 code=0x7ffc0000 [ 372.303875][ T30] audit: type=1326 audit(1758085728.614:466): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8273 comm="syz.0.818" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09b4f8eba9 code=0x7ffc0000 [ 372.331580][ T30] audit: type=1326 audit(1758085728.614:467): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8273 comm="syz.0.818" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f09b4f8eba9 code=0x7ffc0000 [ 372.356391][ T30] audit: type=1326 audit(1758085728.614:468): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8273 comm="syz.0.818" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f09b4f8eba9 code=0x0 [ 373.250708][ T8286] pim6reg1: entered promiscuous mode [ 373.256298][ T8286] pim6reg1: entered allmulticast mode [ 373.617116][ T8290] rdma_rxe: rxe_newlink: failed to add lo [ 374.375026][ T8300] random: crng reseeded on system resumption [ 374.618701][ T8306] program syz.4.829 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 375.623802][ T8327] pim6reg1: entered promiscuous mode [ 375.629533][ T8327] pim6reg1: entered allmulticast mode [ 376.070849][ T8333] random: crng reseeded on system resumption [ 376.508324][ T8336] rdma_rxe: rxe_newlink: failed to add lo [ 378.248585][ T8365] random: crng reseeded on system resumption [ 378.496293][ T8369] bridge0: entered promiscuous mode [ 378.509086][ T8369] bridge0: port 3(macsec1) entered blocking state [ 378.515987][ T8369] bridge0: port 3(macsec1) entered disabled state [ 378.523456][ T8369] macsec1: entered allmulticast mode [ 378.529058][ T8369] bridge0: entered allmulticast mode [ 378.562620][ T8369] macsec1: left allmulticast mode [ 378.570087][ T8369] bridge0: left allmulticast mode [ 378.603979][ T8369] bridge0: left promiscuous mode [ 378.768955][ T8367] pim6reg1: entered promiscuous mode [ 378.774449][ T8367] pim6reg1: entered allmulticast mode [ 379.630385][ T8391] Invalid ELF header magic: != ELF [ 379.669268][ T8390] syzkaller0: entered promiscuous mode [ 379.675131][ T8390] syzkaller0: entered allmulticast mode [ 380.057227][ T8397] loop4: detected capacity change from 0 to 1024 [ 380.219125][ T30] audit: type=1326 audit(1758085736.564:469): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8406 comm="syz.3.870" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa11258eba9 code=0x7ffc0000 [ 380.243714][ T30] audit: type=1326 audit(1758085736.564:470): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8406 comm="syz.3.870" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa11258eba9 code=0x7ffc0000 [ 380.266746][ T30] audit: type=1326 audit(1758085736.564:471): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8406 comm="syz.3.870" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa11258eba9 code=0x7ffc0000 [ 380.289415][ T30] audit: type=1326 audit(1758085736.564:472): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8406 comm="syz.3.870" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa11258eba9 code=0x7ffc0000 [ 380.321069][ T8397] EXT4-fs (loop4): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 380.334100][ T8397] ext4 filesystem being mounted at /146/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 380.635631][ T30] audit: type=1326 audit(1758085736.664:473): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8406 comm="syz.3.870" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa11258eba9 code=0x7ffc0000 [ 380.658538][ T30] audit: type=1326 audit(1758085736.664:474): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8406 comm="syz.3.870" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa11258eba9 code=0x7ffc0000 [ 380.682022][ T30] audit: type=1326 audit(1758085736.664:475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8406 comm="syz.3.870" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa11258eba9 code=0x7ffc0000 [ 380.704699][ T30] audit: type=1326 audit(1758085736.694:476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8406 comm="syz.3.870" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa11258eba9 code=0x7ffc0000 [ 380.732177][ T30] audit: type=1326 audit(1758085736.694:477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8406 comm="syz.3.870" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa11258eba9 code=0x7ffc0000 [ 380.756515][ T30] audit: type=1326 audit(1758085736.694:478): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8406 comm="syz.3.870" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa11258eba9 code=0x7ffc0000 [ 381.068015][ T5821] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 381.367260][ T8424] pim6reg1: entered promiscuous mode [ 381.373187][ T8424] pim6reg1: entered allmulticast mode [ 382.608872][ T8442] syzkaller0: entered promiscuous mode [ 382.614643][ T8442] syzkaller0: entered allmulticast mode [ 383.129002][ T8451] netlink: 8 bytes leftover after parsing attributes in process `syz.3.885'. [ 383.311579][ T8451] netlink: 4 bytes leftover after parsing attributes in process `syz.3.885'. [ 383.965240][ T8461] pim6reg1: entered promiscuous mode [ 383.972020][ T8461] pim6reg1: entered allmulticast mode [ 384.302124][ T8467] tipc: Enabled bearer , priority 0 [ 384.371257][ T8472] tipc: Disabling bearer [ 384.596421][ T8471] lo speed is unknown, defaulting to 1000 [ 384.828976][ T8475] netlink: 'syz.3.894': attribute type 1 has an invalid length. [ 385.138467][ T8475] bond1: entered promiscuous mode [ 385.145131][ T8475] 8021q: adding VLAN 0 to HW filter on device bond1 [ 385.223666][ T8486] mmap: syz.1.899 (8486) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 385.236323][ T30] kauditd_printk_skb: 36 callbacks suppressed [ 385.236395][ T30] audit: type=1326 audit(1758085741.564:515): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8484 comm="syz.1.899" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6bbf38eba9 code=0x7ffc0000 [ 385.266089][ T30] audit: type=1326 audit(1758085741.564:516): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8484 comm="syz.1.899" exe="/root/syz-executor" sig=0 arch=c000003e syscall=277 compat=0 ip=0x7f6bbf38eba9 code=0x7ffc0000 [ 385.288873][ T30] audit: type=1326 audit(1758085741.564:517): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8484 comm="syz.1.899" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6bbf38eba9 code=0x7ffc0000 [ 385.311702][ T30] audit: type=1326 audit(1758085741.564:518): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8484 comm="syz.1.899" exe="/root/syz-executor" sig=0 arch=c000003e syscall=216 compat=0 ip=0x7f6bbf38eba9 code=0x7ffc0000 [ 385.350693][ T30] audit: type=1326 audit(1758085741.694:519): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8484 comm="syz.1.899" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6bbf38eba9 code=0x7ffc0000 [ 385.374481][ T30] audit: type=1326 audit(1758085741.694:520): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8484 comm="syz.1.899" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6bbf38eba9 code=0x7ffc0000 [ 385.843366][ T30] audit: type=1326 audit(1758085741.974:521): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8470 comm="syz.3.894" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa11258eba9 code=0x7ffc0000 [ 385.866598][ T30] audit: type=1326 audit(1758085741.974:522): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8470 comm="syz.3.894" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa11258eba9 code=0x7ffc0000 [ 385.889525][ T30] audit: type=1326 audit(1758085741.994:523): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8495 comm="syz.3.894" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fa1125c1465 code=0x7ffc0000 [ 385.913569][ T30] audit: type=1326 audit(1758085742.154:524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8495 comm="syz.3.894" exe="/root/syz-executor" sig=0 arch=c000003e syscall=60 compat=0 ip=0x7fa11258eba9 code=0x7ffc0000 [ 386.284746][ T8471] netlink: 3 bytes leftover after parsing attributes in process `syz.3.894'. [ 386.312542][ T8471] batadv1: entered promiscuous mode [ 386.318082][ T8471] batadv1: entered allmulticast mode [ 386.331447][ T8471] 8021q: adding VLAN 0 to HW filter on device batadv1 [ 386.354668][ T8471] bond1: (slave batadv1): making interface the new active one [ 386.366842][ T8471] bond1: (slave batadv1): Enslaving as an active interface with an up link [ 387.478705][ T8515] pim6reg1: entered promiscuous mode [ 387.484267][ T8515] pim6reg1: entered allmulticast mode [ 387.931401][ T8519] tipc: Enabled bearer , priority 0 [ 388.008867][ T8519] tipc: Disabling bearer [ 388.452697][ T8528] syzkaller0: entered promiscuous mode [ 388.458632][ T8528] syzkaller0: entered allmulticast mode [ 388.614434][ T8535] lo speed is unknown, defaulting to 1000 [ 388.620567][ T8535] lo speed is unknown, defaulting to 1000 [ 388.628323][ T8535] lo speed is unknown, defaulting to 1000 [ 388.645956][ T8535] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 388.686756][ T8535] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98 [ 388.765693][ T8535] lo speed is unknown, defaulting to 1000 [ 388.774548][ T8535] lo speed is unknown, defaulting to 1000 [ 388.783479][ T8535] lo speed is unknown, defaulting to 1000 [ 388.792119][ T8535] lo speed is unknown, defaulting to 1000 [ 388.807263][ T8535] lo speed is unknown, defaulting to 1000 [ 388.817549][ T8535] lo speed is unknown, defaulting to 1000 [ 389.739667][ T8552] pim6reg1: entered promiscuous mode [ 389.745166][ T8552] pim6reg1: entered allmulticast mode [ 390.329561][ T8558] tipc: Enabled bearer , priority 0 [ 390.398023][ T8560] tipc: Disabling bearer [ 390.421029][ T30] kauditd_printk_skb: 40 callbacks suppressed [ 390.421102][ T30] audit: type=1326 audit(1758085746.764:565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8562 comm="syz.3.926" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa11258eba9 code=0x7ffc0000 [ 390.454528][ T30] audit: type=1326 audit(1758085746.774:566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8562 comm="syz.3.926" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa11258eba9 code=0x7ffc0000 [ 390.478702][ T30] audit: type=1326 audit(1758085746.774:567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8562 comm="syz.3.926" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa11258eba9 code=0x7ffc0000 [ 390.501616][ T30] audit: type=1326 audit(1758085746.774:568): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8562 comm="syz.3.926" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa11258eba9 code=0x7ffc0000 [ 390.524776][ T30] audit: type=1326 audit(1758085746.774:569): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8562 comm="syz.3.926" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa11258eba9 code=0x7ffc0000 [ 390.547582][ T30] audit: type=1326 audit(1758085746.804:570): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8562 comm="syz.3.926" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa11258eba9 code=0x7ffc0000 [ 390.574505][ T30] audit: type=1326 audit(1758085746.804:571): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8562 comm="syz.3.926" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa11258eba9 code=0x7ffc0000 [ 390.598820][ T30] audit: type=1326 audit(1758085746.824:572): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8562 comm="syz.3.926" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa11258eba9 code=0x7ffc0000 [ 390.621591][ T30] audit: type=1326 audit(1758085746.824:573): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8562 comm="syz.3.926" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa11258eba9 code=0x7ffc0000 [ 390.649028][ T30] audit: type=1326 audit(1758085746.824:574): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8562 comm="syz.3.926" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa11258eba9 code=0x7ffc0000 [ 390.692148][ T8563] loop4: detected capacity change from 0 to 512 [ 390.759538][ T8563] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem [ 390.889381][ T8569] syzkaller0: entered promiscuous mode [ 390.895149][ T8569] syzkaller0: entered allmulticast mode [ 390.960659][ T8563] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a043c11c, mo2=0002] [ 390.970354][ T8563] System zones: 1-12 [ 390.989546][ T8563] EXT4-fs error (device loop4): ext4_iget_extra_inode:5104: inode #15: comm syz.4.927: corrupted in-inode xattr: e_value size too large [ 391.075614][ T8563] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.927: couldn't read orphan inode 15 (err -117) [ 391.150725][ T8563] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 391.442721][ T5821] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 392.231296][ T8593] pim6reg1: entered promiscuous mode [ 392.236789][ T8593] pim6reg1: entered allmulticast mode [ 392.472597][ T8597] loop4: detected capacity change from 0 to 1024 [ 392.537168][ T8597] EXT4-fs: Ignoring removed bh option [ 392.581166][ T8597] EXT4-fs (loop4): stripe (3) is not aligned with cluster size (16), stripe is disabled [ 392.783675][ T8597] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 393.133235][ T8608] tipc: Enabled bearer , priority 0 [ 393.192488][ T8608] tipc: Disabling bearer [ 393.267148][ T8612] syzkaller0: entered promiscuous mode [ 393.273053][ T8612] syzkaller0: entered allmulticast mode [ 395.980072][ T5821] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 396.525709][ T8642] bridge0: entered promiscuous mode [ 396.537999][ T8642] bridge0: port 3(macsec1) entered blocking state [ 396.544887][ T8642] bridge0: port 3(macsec1) entered disabled state [ 396.552109][ T8642] macsec1: entered allmulticast mode [ 396.557732][ T8642] bridge0: entered allmulticast mode [ 396.672606][ T8642] macsec1: left allmulticast mode [ 396.678120][ T8642] bridge0: left allmulticast mode [ 396.745703][ T8642] bridge0: left promiscuous mode [ 398.625067][ T8679] netlink: 32 bytes leftover after parsing attributes in process `syz.3.965'. [ 399.461842][ T8691] netlink: 20 bytes leftover after parsing attributes in process `syz.0.971'. [ 399.769305][ T8696] syzkaller0: entered promiscuous mode [ 399.775118][ T8696] syzkaller0: entered allmulticast mode [ 401.849436][ T8712] lo speed is unknown, defaulting to 1000 [ 402.256208][ T8712] lo speed is unknown, defaulting to 1000 [ 407.082642][ T8740] syzkaller0: entered promiscuous mode [ 407.088492][ T8740] syzkaller0: entered allmulticast mode [ 408.811074][ T1290] ieee802154 phy0 wpan0: encryption failed: -22 [ 408.817876][ T1290] ieee802154 phy1 wpan1: encryption failed: -22 [ 408.821597][ T8775] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1003'. [ 410.081932][ T30] kauditd_printk_skb: 2 callbacks suppressed [ 410.082012][ T30] audit: type=1326 audit(1758085766.414:577): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8799 comm="syz.0.1014" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09b4f8eba9 code=0x7ffc0000 [ 410.089287][ T8798] lo speed is unknown, defaulting to 1000 [ 410.347888][ T30] audit: type=1326 audit(1758085766.464:578): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8799 comm="syz.0.1014" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f09b4f8eba9 code=0x7ffc0000 [ 410.371337][ T30] audit: type=1326 audit(1758085766.464:579): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8799 comm="syz.0.1014" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09b4f8eba9 code=0x7ffc0000 [ 410.394382][ T30] audit: type=1326 audit(1758085766.464:580): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8799 comm="syz.0.1014" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09b4f8eba9 code=0x7ffc0000 [ 410.420127][ T30] audit: type=1326 audit(1758085766.504:581): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8799 comm="syz.0.1014" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f09b4f8eba9 code=0x7ffc0000 [ 410.443903][ T30] audit: type=1326 audit(1758085766.504:582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8799 comm="syz.0.1014" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09b4f8eba9 code=0x7ffc0000 [ 410.466647][ T30] audit: type=1326 audit(1758085766.504:583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8799 comm="syz.0.1014" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f09b4f8eba9 code=0x7ffc0000 [ 410.489874][ T30] audit: type=1326 audit(1758085766.504:584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8799 comm="syz.0.1014" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09b4f8eba9 code=0x7ffc0000 [ 410.515463][ T30] audit: type=1326 audit(1758085766.504:585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8799 comm="syz.0.1014" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09b4f8eba9 code=0x7ffc0000 [ 410.538992][ T8798] lo speed is unknown, defaulting to 1000 [ 410.545006][ T30] audit: type=1326 audit(1758085766.514:586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8799 comm="syz.0.1014" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f09b4f8eba9 code=0x7ffc0000 [ 412.526308][ T8818] loop4: detected capacity change from 0 to 2048 [ 413.360307][ T8818] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 413.380200][ T8818] ext4 filesystem being mounted at /173/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 414.696137][ T5821] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 415.077376][ C1] hrtimer: interrupt took 318928 ns [ 415.874212][ T8898] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1031'. [ 417.813265][ T30] kauditd_printk_skb: 13 callbacks suppressed [ 417.813343][ T30] audit: type=1326 audit(1758085774.154:600): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8910 comm="syz.4.1034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff51e18eba9 code=0x7ffc0000 [ 418.018725][ T30] audit: type=1326 audit(1758085774.224:601): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8910 comm="syz.4.1034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff51e18eba9 code=0x7ffc0000 [ 418.042239][ T30] audit: type=1326 audit(1758085774.234:602): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8910 comm="syz.4.1034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff51e18eba9 code=0x7ffc0000 [ 418.065084][ T30] audit: type=1326 audit(1758085774.244:603): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8910 comm="syz.4.1034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff51e18eba9 code=0x7ffc0000 [ 418.092760][ T30] audit: type=1326 audit(1758085774.254:604): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8910 comm="syz.4.1034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff51e18eba9 code=0x7ffc0000 [ 418.117043][ T30] audit: type=1326 audit(1758085774.274:605): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8910 comm="syz.4.1034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff51e18eba9 code=0x7ffc0000 [ 418.139761][ T30] audit: type=1326 audit(1758085774.274:606): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8913 comm="syz.0.1035" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09b4f8eba9 code=0x7ffc0000 [ 418.162586][ T30] audit: type=1326 audit(1758085774.274:607): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8913 comm="syz.0.1035" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09b4f8eba9 code=0x7ffc0000 [ 418.185269][ T30] audit: type=1326 audit(1758085774.284:608): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8913 comm="syz.0.1035" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f09b4f8eba9 code=0x7ffc0000 [ 418.212407][ T30] audit: type=1326 audit(1758085774.294:609): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8913 comm="syz.0.1035" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f09b4f8ebe3 code=0x7ffc0000 [ 419.564084][ T8934] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1045'. [ 421.551858][ T8984] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1049'. [ 421.561301][ T8984] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1049'. [ 422.061180][ T8994] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1054'. [ 422.582879][ T9005] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1059'. [ 422.989265][ T9015] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1064'. [ 423.002223][ T9015] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1064'. [ 423.470005][ T9023] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1068'. [ 423.772266][ T30] kauditd_printk_skb: 29 callbacks suppressed [ 423.772340][ T30] audit: type=1326 audit(1758085780.114:639): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9027 comm="syz.3.1070" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa11258eba9 code=0x7ffc0000 [ 423.801724][ T30] audit: type=1326 audit(1758085780.124:640): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9027 comm="syz.3.1070" exe="/root/syz-executor" sig=0 arch=c000003e syscall=216 compat=0 ip=0x7fa11258eba9 code=0x7ffc0000 [ 423.828865][ T30] audit: type=1326 audit(1758085780.124:641): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9027 comm="syz.3.1070" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa11258eba9 code=0x7ffc0000 [ 423.853247][ T30] audit: type=1326 audit(1758085780.124:642): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9027 comm="syz.3.1070" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa11258eba9 code=0x7ffc0000 [ 424.091585][ T30] audit: type=1326 audit(1758085780.224:643): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9028 comm="syz.2.1071" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae4a58eba9 code=0x7ffc0000 [ 424.095224][ T9037] block device autoloading is deprecated and will be removed. [ 424.114917][ T30] audit: type=1326 audit(1758085780.224:644): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9028 comm="syz.2.1071" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae4a58eba9 code=0x7ffc0000 [ 424.115154][ T30] audit: type=1326 audit(1758085780.254:645): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9028 comm="syz.2.1071" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fae4a58eba9 code=0x7ffc0000 [ 424.173772][ T30] audit: type=1326 audit(1758085780.254:646): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9028 comm="syz.2.1071" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae4a58eba9 code=0x7ffc0000 [ 424.196548][ T30] audit: type=1326 audit(1758085780.254:647): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9028 comm="syz.2.1071" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fae4a58eba9 code=0x7ffc0000 [ 424.219981][ T30] audit: type=1326 audit(1758085780.274:648): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9028 comm="syz.2.1071" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae4a58eba9 code=0x7ffc0000 [ 424.474654][ T9040] 9pnet_fd: Insufficient options for proto=fd [ 425.798162][ T9068] 9pnet: p9_errstr2errno: server reported unknown error [ 425.983300][ T9072] pim6reg1: entered promiscuous mode [ 425.989360][ T9072] pim6reg1: entered allmulticast mode [ 426.803738][ T9090] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1098'. [ 428.462053][ T9120] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1110'. [ 428.685634][ T9122] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 428.833794][ T9122] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 428.860755][ T9127] netlink: 224 bytes leftover after parsing attributes in process `syz.3.1113'. [ 428.970657][ T9122] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 429.137024][ T9122] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 429.564479][ T68] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 429.628006][ T68] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 429.717575][ T68] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 429.768491][ T6808] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 429.871025][ T9137] loop4: detected capacity change from 0 to 2048 [ 429.882609][ T30] kauditd_printk_skb: 4 callbacks suppressed [ 429.882682][ T30] audit: type=1326 audit(1758085786.224:653): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9138 comm="syz.0.1119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09b4f8eba9 code=0x7ffc0000 [ 429.915030][ T30] audit: type=1326 audit(1758085786.224:654): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9138 comm="syz.0.1119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09b4f8eba9 code=0x7ffc0000 [ 430.054439][ T30] audit: type=1326 audit(1758085786.294:655): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9138 comm="syz.0.1119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f09b4f8eba9 code=0x7ffc0000 [ 430.082287][ T30] audit: type=1326 audit(1758085786.294:656): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9138 comm="syz.0.1119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09b4f8eba9 code=0x7ffc0000 [ 430.106980][ T30] audit: type=1326 audit(1758085786.294:657): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9138 comm="syz.0.1119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09b4f8eba9 code=0x7ffc0000 [ 430.129746][ T30] audit: type=1326 audit(1758085786.304:658): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9138 comm="syz.0.1119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f09b4f8eba9 code=0x7ffc0000 [ 430.140723][ T9137] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 430.153421][ T30] audit: type=1326 audit(1758085786.304:659): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9138 comm="syz.0.1119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09b4f8eba9 code=0x7ffc0000 [ 430.191951][ T30] audit: type=1326 audit(1758085786.304:660): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9138 comm="syz.0.1119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09b4f8eba9 code=0x7ffc0000 [ 430.216418][ T30] audit: type=1326 audit(1758085786.304:661): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9138 comm="syz.0.1119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f09b4f8eba9 code=0x7ffc0000 [ 430.239182][ T30] audit: type=1326 audit(1758085786.324:662): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9138 comm="syz.0.1119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09b4f8eba9 code=0x7ffc0000 [ 430.317995][ T9140] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1102'. [ 430.329405][ T9137] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 430.763482][ T5821] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 430.914713][ T9155] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1124'. [ 431.367217][ T9159] netlink: 224 bytes leftover after parsing attributes in process `syz.3.1126'. [ 431.770039][ T9163] pim6reg1: entered promiscuous mode [ 431.775616][ T9163] pim6reg1: entered allmulticast mode [ 432.394172][ T9176] usb usb1: usbfs: process 9176 (syz.0.1135) did not claim interface 4 before use [ 432.880702][ T9185] netlink: 224 bytes leftover after parsing attributes in process `syz.2.1139'. [ 432.910161][ T9183] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 433.046490][ T9183] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 433.290663][ T9183] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 433.435988][ T9183] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 434.073030][ T12] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 434.145254][ T12] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 434.213794][ T12] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 434.287120][ T12] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 434.666306][ T9197] pim6reg1: entered promiscuous mode [ 434.671967][ T9197] pim6reg1: entered allmulticast mode [ 434.696340][ T9200] netlink: 232 bytes leftover after parsing attributes in process `syz.0.1145'. [ 435.259017][ T9207] loop4: detected capacity change from 0 to 2048 [ 435.272484][ T9207] EXT4-fs (loop4): Can't support bigalloc feature without extents feature [ 435.272484][ T9207] [ 435.276380][ T9211] netlink: 224 bytes leftover after parsing attributes in process `syz.1.1151'. [ 436.220083][ T9228] netlink: 232 bytes leftover after parsing attributes in process `syz.1.1160'. [ 436.348375][ T9233] pim6reg1: entered promiscuous mode [ 436.353963][ T9233] pim6reg1: entered allmulticast mode [ 436.697855][ T9240] netlink: 224 bytes leftover after parsing attributes in process `syz.1.1165'. [ 437.586830][ T9259] netlink: 232 bytes leftover after parsing attributes in process `syz.1.1175'. [ 438.340445][ T9272] netlink: 224 bytes leftover after parsing attributes in process `syz.0.1180'. [ 438.384391][ T9268] pim6reg1: entered promiscuous mode [ 438.390307][ T9268] pim6reg1: entered allmulticast mode [ 439.843468][ T9301] netlink: 'syz.2.1193': attribute type 4 has an invalid length. [ 439.887619][ T9301] netlink: 'syz.2.1193': attribute type 4 has an invalid length. [ 440.198652][ T9306] netlink: 224 bytes leftover after parsing attributes in process `syz.4.1195'. [ 440.335120][ T9310] pim6reg1: entered promiscuous mode [ 440.340826][ T9310] pim6reg1: entered allmulticast mode [ 440.830391][ T9316] loop4: detected capacity change from 0 to 512 [ 440.889699][ T9321] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1202'. [ 440.964313][ T9316] __quota_error: 32 callbacks suppressed [ 440.964403][ T9316] Quota error (device loop4): v2_read_file_info: Free block number 1 out of range (1, 6). [ 440.981021][ T9316] EXT4-fs warning (device loop4): ext4_enable_quotas:7172: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 441.087027][ T9316] EXT4-fs (loop4): mount failed [ 441.932007][ T9316] syz.4.1200 (9316) used greatest stack depth: 2440 bytes left [ 441.996970][ T30] audit: type=1326 audit(1758085798.334:695): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9336 comm="syz.3.1207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa11258eba9 code=0x7ffc0000 [ 442.020011][ T30] audit: type=1326 audit(1758085798.334:696): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9336 comm="syz.3.1207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa11258eba9 code=0x7ffc0000 [ 442.117843][ T30] audit: type=1326 audit(1758085798.404:697): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9336 comm="syz.3.1207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=201 compat=0 ip=0x7fa11258eba9 code=0x7ffc0000 [ 442.140884][ T30] audit: type=1326 audit(1758085798.404:698): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9336 comm="syz.3.1207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa11258eba9 code=0x7ffc0000 [ 442.166693][ T30] audit: type=1326 audit(1758085798.404:699): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9336 comm="syz.3.1207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa11258eba9 code=0x7ffc0000 [ 442.190539][ T30] audit: type=1326 audit(1758085798.404:700): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9336 comm="syz.3.1207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fa11258eba9 code=0x7ffc0000 [ 442.213154][ T30] audit: type=1326 audit(1758085798.404:701): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9336 comm="syz.3.1207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa11258eba9 code=0x7ffc0000 [ 442.235820][ T30] audit: type=1326 audit(1758085798.404:702): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9336 comm="syz.3.1207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa11258eba9 code=0x7ffc0000 [ 442.261550][ T30] audit: type=1326 audit(1758085798.404:703): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9336 comm="syz.3.1207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7fa11258eba9 code=0x7ffc0000 [ 442.448877][ T9344] netlink: 224 bytes leftover after parsing attributes in process `syz.4.1210'. [ 442.782509][ T9353] pim6reg1: entered promiscuous mode [ 442.788528][ T9353] pim6reg1: entered allmulticast mode [ 443.503229][ T9366] netlink: 'syz.3.1220': attribute type 1 has an invalid length. [ 443.545176][ T9366] netlink: 3 bytes leftover after parsing attributes in process `syz.3.1220'. [ 443.573260][ T9366] batadv2: entered promiscuous mode [ 443.578838][ T9366] batadv2: entered allmulticast mode [ 443.618571][ T9369] loop4: detected capacity change from 0 to 512 [ 443.718369][ T9369] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 443.732228][ T9369] ext4 filesystem being mounted at /213/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 443.913668][ T9369] EXT4-fs error (device loop4): ext4_xattr_block_get:593: inode #15: comm syz.4.1221: corrupted xattr block 19: overlapping e_value [ 443.974868][ T9369] EXT4-fs (loop4): Remounting filesystem read-only [ 444.045019][ T9380] loop1: detected capacity change from 0 to 512 [ 444.112598][ T9380] EXT4-fs (loop1): orphan cleanup on readonly fs [ 444.132506][ T9380] EXT4-fs error (device loop1): ext4_orphan_get:1418: comm syz.1.1224: bad orphan inode 13 [ 444.154337][ T9380] ext4_test_bit(bit=12, block=18) = 1 [ 444.160061][ T9380] is_bad_inode(inode)=0 [ 444.164548][ T9380] NEXT_ORPHAN(inode)=2130706432 [ 444.169620][ T9380] max_ino=32 [ 444.172944][ T9380] i_nlink=1 [ 444.178743][ T9380] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 444.209688][ T9380] EXT4-fs (loop1): warning: mounting fs with errors, running e2fsck is recommended [ 444.231774][ T5821] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 444.254745][ T9380] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 r/w. [ 444.478231][ T5818] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 444.569831][ T9387] netlink: 224 bytes leftover after parsing attributes in process `syz.4.1226'. [ 445.110219][ T9398] pim6reg1: entered promiscuous mode [ 445.115924][ T9398] pim6reg1: entered allmulticast mode [ 445.175122][ T9399] loop4: detected capacity change from 0 to 164 [ 445.303813][ T9399] rock: directory entry would overflow storage [ 445.310933][ T9399] rock: sig=0x4f50, size=4, remaining=3 [ 445.317101][ T9399] iso9660: Corrupted directory entry in block 4 of inode 1792 [ 445.533861][ T9407] netlink: 'syz.1.1235': attribute type 1 has an invalid length. [ 445.594107][ T9409] netlink: 3 bytes leftover after parsing attributes in process `syz.1.1235'. [ 445.626797][ T9407] bond1: entered promiscuous mode [ 445.640899][ T9407] 8021q: adding VLAN 0 to HW filter on device bond1 [ 445.669649][ T9409] batadv1: entered promiscuous mode [ 445.675042][ T9409] batadv1: entered allmulticast mode [ 446.120922][ T9417] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1238'. [ 446.130477][ T9417] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1238'. [ 446.209312][ T9421] netlink: 224 bytes leftover after parsing attributes in process `syz.2.1241'. [ 446.932160][ T9433] pim6reg1: entered promiscuous mode [ 446.939526][ T9433] pim6reg1: entered allmulticast mode [ 447.527936][ T9442] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1250'. [ 448.281779][ T9452] netlink: 224 bytes leftover after parsing attributes in process `syz.1.1255'. [ 448.309050][ T9451] netlink: 'syz.4.1253': attribute type 1 has an invalid length. [ 448.388705][ T9451] bond1: entered promiscuous mode [ 448.400217][ T9451] 8021q: adding VLAN 0 to HW filter on device bond1 [ 448.442985][ T9455] netlink: 3 bytes leftover after parsing attributes in process `syz.4.1253'. [ 448.479618][ T9455] batadv1: entered promiscuous mode [ 448.485018][ T9455] batadv1: entered allmulticast mode [ 448.645311][ T9458] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1256'. [ 448.654948][ T9458] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1256'. [ 449.020879][ T9462] netlink: 'syz.0.1257': attribute type 1 has an invalid length. [ 449.106612][ T9462] bond1: entered promiscuous mode [ 449.118449][ T9462] 8021q: adding VLAN 0 to HW filter on device bond1 [ 449.339645][ T9473] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1260'. [ 449.780140][ T9480] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1263'. [ 450.338074][ T9488] netlink: 224 bytes leftover after parsing attributes in process `syz.2.1268'. [ 450.984510][ T9492] lo speed is unknown, defaulting to 1000 [ 451.409349][ T9492] lo speed is unknown, defaulting to 1000 [ 454.237210][ T30] kauditd_printk_skb: 88 callbacks suppressed [ 454.246661][ T30] audit: type=1326 audit(1758085810.574:792): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9514 comm="syz.1.1276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6bbf38eba9 code=0x7ffc0000 [ 454.347549][ T30] audit: type=1326 audit(1758085810.624:793): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9514 comm="syz.1.1276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6bbf38eba9 code=0x7ffc0000 [ 454.370829][ T30] audit: type=1326 audit(1758085810.634:794): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9514 comm="syz.1.1276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6bbf38eba9 code=0x7ffc0000 [ 454.393787][ T30] audit: type=1326 audit(1758085810.634:795): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9514 comm="syz.1.1276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6bbf38eba9 code=0x7ffc0000 [ 454.416653][ T30] audit: type=1326 audit(1758085810.644:796): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9514 comm="syz.1.1276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f6bbf38eba9 code=0x7ffc0000 [ 454.443689][ T30] audit: type=1326 audit(1758085810.644:797): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9514 comm="syz.1.1276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6bbf38eba9 code=0x7ffc0000 [ 454.467994][ T30] audit: type=1326 audit(1758085810.644:798): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9514 comm="syz.1.1276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f6bbf38eba9 code=0x7ffc0000 [ 454.490998][ T30] audit: type=1326 audit(1758085810.644:799): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9514 comm="syz.1.1276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6bbf38eba9 code=0x7ffc0000 [ 454.514362][ T30] audit: type=1326 audit(1758085810.654:800): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9514 comm="syz.1.1276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6bbf38eba9 code=0x7ffc0000 [ 454.537076][ T30] audit: type=1326 audit(1758085810.654:801): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9514 comm="syz.1.1276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6bbf38eba9 code=0x7ffc0000 [ 454.624351][ T9517] netlink: 224 bytes leftover after parsing attributes in process `syz.4.1280'. [ 454.769184][ T9520] geneve2: entered promiscuous mode [ 454.774813][ T9520] geneve2: entered allmulticast mode [ 455.170074][ T9529] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1281'. [ 455.175103][ T9532] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1278'. [ 455.195596][ C0] vcan0: j1939_xtp_rx_dat: no tx connection found [ 455.202256][ C0] vcan0: j1939_xtp_rx_dat: no rx connection found [ 455.209886][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 455.217927][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 455.226886][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 455.234924][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 455.243945][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 455.251984][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 455.260994][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 455.269036][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 455.278047][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 455.286020][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 455.295049][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 455.303095][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 455.312106][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 455.320150][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 455.329185][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 455.337163][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 455.346177][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 455.354229][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 455.363255][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 455.371294][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 455.380322][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 455.388369][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 455.397400][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 455.405379][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 455.414402][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 455.422456][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 455.431496][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 455.439661][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 455.448684][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 455.456683][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 455.465704][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 455.473761][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 455.482799][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 455.490853][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 455.499885][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 455.507925][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 455.516862][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 455.524899][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 455.533912][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 455.541976][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 455.551030][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 455.559082][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 455.568116][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 455.576127][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 455.585160][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 455.593218][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 455.602263][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 455.610340][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 455.619392][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 455.627459][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 455.636405][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 455.644455][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 455.653501][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 455.661552][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 456.419142][ T24] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 456.616986][ T24] usb 3-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 456.617140][ T24] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 456.617270][ T24] usb 3-1: Product: syz [ 456.617770][ T24] usb 3-1: Manufacturer: syz [ 456.617876][ T24] usb 3-1: SerialNumber: syz [ 456.656511][ T24] usb 3-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 456.803836][ T5871] usb 3-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 456.904517][ T9558] syzkaller1: entered promiscuous mode [ 456.904624][ T9558] syzkaller1: entered allmulticast mode [ 457.119231][ T24] usb 3-1: USB disconnect, device number 5 [ 457.778237][ T9570] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1296'. [ 458.027905][ T9580] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1300'. [ 458.232623][ T9579] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1298'. [ 458.245598][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 458.252303][ C1] vcan0: j1939_xtp_rx_dat: no rx connection found [ 458.259609][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 458.267676][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 458.276554][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 458.284630][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 458.293349][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 458.301421][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 458.310149][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 458.318184][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 458.326886][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 458.334953][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 458.343670][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 458.351743][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 458.360450][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 458.368505][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 458.377128][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 458.385201][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 458.393927][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 458.401995][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 458.410706][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 458.418746][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 458.427459][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 458.435427][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 458.444205][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 458.452279][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 458.461016][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 458.469063][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 458.477793][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 458.485771][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 458.494509][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 458.502593][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 458.511328][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 458.519497][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 458.528182][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 458.536149][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 458.544903][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 458.552976][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 458.561694][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 458.569771][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 458.578450][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 458.586423][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 458.595170][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 458.603250][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 458.611984][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 458.620053][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 458.628728][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 458.636691][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 458.645394][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 458.653475][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 458.683599][ T5871] ath9k_htc 3-1:1.0: ath9k_htc: Target is unresponsive [ 458.691524][ T5871] ath9k_htc: Failed to initialize the device [ 458.700700][ T24] usb 3-1: ath9k_htc: USB layer deinitialized [ 459.137839][ T9590] syzkaller1: entered promiscuous mode [ 459.143508][ T9590] syzkaller1: entered allmulticast mode [ 459.258901][ T30] kauditd_printk_skb: 9 callbacks suppressed [ 459.258976][ T30] audit: type=1326 audit(1758085815.594:811): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9592 comm="syz.3.1306" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa11258eba9 code=0x7ffc0000 [ 459.289323][ T30] audit: type=1326 audit(1758085815.604:812): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9592 comm="syz.3.1306" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa11258eba9 code=0x7ffc0000 [ 459.312086][ T30] audit: type=1326 audit(1758085815.604:813): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9592 comm="syz.3.1306" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa11258eba9 code=0x7ffc0000 [ 459.334869][ T30] audit: type=1326 audit(1758085815.604:814): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9592 comm="syz.3.1306" exe="/root/syz-executor" sig=0 arch=c000003e syscall=333 compat=0 ip=0x7fa11258eba9 code=0x7ffc0000 [ 459.363895][ T30] audit: type=1326 audit(1758085815.604:815): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9592 comm="syz.3.1306" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa11258eba9 code=0x7ffc0000 [ 459.386629][ T30] audit: type=1326 audit(1758085815.604:816): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9592 comm="syz.3.1306" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa11258eba9 code=0x7ffc0000 [ 459.409330][ T30] audit: type=1326 audit(1758085815.604:817): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9592 comm="syz.3.1306" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fa11258eba9 code=0x7ffc0000 [ 459.432804][ T30] audit: type=1326 audit(1758085815.604:818): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9592 comm="syz.3.1306" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa11258eba9 code=0x7ffc0000 [ 459.459943][ T30] audit: type=1326 audit(1758085815.604:819): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9592 comm="syz.3.1306" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fa11258eba9 code=0x7ffc0000 [ 459.484315][ T30] audit: type=1326 audit(1758085815.604:820): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9592 comm="syz.3.1306" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa11258eba9 code=0x7ffc0000 [ 460.046417][ T9606] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1312'. [ 460.103632][ T9609] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1311'. [ 460.391446][ T24] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 460.506579][ T9612] atomic_op ffff888050fc7528 conn xmit_atomic 0000000000000000 [ 460.591926][ T24] usb 3-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 460.601408][ T24] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 460.609958][ T24] usb 3-1: Product: syz [ 460.614300][ T24] usb 3-1: Manufacturer: syz [ 460.619323][ T24] usb 3-1: SerialNumber: syz [ 460.676978][ T24] usb 3-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 460.828835][ T5871] usb 3-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 461.042792][ T2203] usb 3-1: USB disconnect, device number 6 [ 461.134896][ T9621] tipc: Enabled bearer , priority 0 [ 461.169308][ T9621] syzkaller0: entered promiscuous mode [ 461.174974][ T9621] syzkaller0: entered allmulticast mode [ 461.239099][ T9626] tipc: Resetting bearer [ 461.268944][ T9620] tipc: Resetting bearer [ 461.289220][ T9620] tipc: Disabling bearer [ 461.700621][ T9637] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1324'. [ 461.916463][ T5871] ath9k_htc 3-1:1.0: ath9k_htc: Target is unresponsive [ 461.924863][ T5871] ath9k_htc: Failed to initialize the device [ 462.000792][ T2203] usb 3-1: ath9k_htc: USB layer deinitialized [ 462.228267][ T9648] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1329'. [ 463.389821][ T2203] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 463.588464][ T2203] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 463.599249][ T2203] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 463.607661][ T2203] usb 2-1: Product: syz [ 463.612000][ T2203] usb 2-1: Manufacturer: syz [ 463.616770][ T2203] usb 2-1: SerialNumber: syz [ 463.732214][ T9681] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1339'. [ 463.739123][ T2203] usb 2-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 463.891070][ T5865] usb 2-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 464.154298][ T5871] usb 2-1: USB disconnect, device number 3 [ 465.077445][ T5865] ath9k_htc 2-1:1.0: ath9k_htc: Target is unresponsive [ 465.089163][ T5865] ath9k_htc: Failed to initialize the device [ 465.099645][ T5871] usb 2-1: ath9k_htc: USB layer deinitialized [ 465.666756][ T9696] bridge0: entered promiscuous mode [ 465.679244][ T9696] bridge0: port 3(macsec1) entered blocking state [ 465.686117][ T9696] bridge0: port 3(macsec1) entered disabled state [ 465.693917][ T9696] macsec1: entered allmulticast mode [ 465.703555][ T9696] bridge0: entered allmulticast mode [ 465.796124][ T9702] netlink: 'syz.0.1351': attribute type 1 has an invalid length. [ 465.818826][ T9696] macsec1: left allmulticast mode [ 465.824055][ T9696] bridge0: left allmulticast mode [ 465.844490][ T9696] bridge0: left promiscuous mode [ 465.874179][ T9703] netlink: 3 bytes leftover after parsing attributes in process `syz.0.1351'. [ 465.997226][ T9702] bond2: entered promiscuous mode [ 466.003894][ T9702] 8021q: adding VLAN 0 to HW filter on device bond2 [ 466.041029][ T9703] batadv1: entered promiscuous mode [ 466.046432][ T9703] batadv1: entered allmulticast mode [ 466.278158][ T9708] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1353'. [ 466.706068][ T9713] loop4: detected capacity change from 0 to 1024 [ 466.818078][ T9713] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 467.293298][ T5821] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 467.674026][ T9732] bridge0: entered promiscuous mode [ 467.686798][ T9732] bridge0: port 3(macsec1) entered blocking state [ 467.694089][ T9732] bridge0: port 3(macsec1) entered disabled state [ 467.701273][ T9732] macsec1: entered allmulticast mode [ 467.706735][ T9732] bridge0: entered allmulticast mode [ 467.808329][ T9732] macsec1: left allmulticast mode [ 467.813569][ T9732] bridge0: left allmulticast mode [ 467.838269][ T9732] bridge0: left promiscuous mode [ 468.478449][ T9747] netlink: 'syz.1.1368': attribute type 1 has an invalid length. [ 468.572998][ T9747] bond2: entered promiscuous mode [ 468.579658][ T9747] 8021q: adding VLAN 0 to HW filter on device bond2 [ 468.652930][ T9750] netlink: 3 bytes leftover after parsing attributes in process `syz.1.1368'. [ 468.686279][ T9750] batadv2: entered promiscuous mode [ 468.692028][ T9750] batadv2: entered allmulticast mode [ 468.831320][ T9751] netlink: 'syz.0.1370': attribute type 12 has an invalid length. [ 470.251017][ T1290] ieee802154 phy0 wpan0: encryption failed: -22 [ 470.903515][ T9786] macvtap0: refused to change device tx_queue_len [ 471.256674][ T9792] loop4: detected capacity change from 0 to 128 [ 471.894910][ T9800] loop4: detected capacity change from 0 to 512 [ 471.954571][ T9800] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem [ 471.964829][ T9803] program syz.2.1393 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 472.000065][ T9800] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a043c11c, mo2=0002] [ 472.037987][ T9800] System zones: 1-12 [ 472.079038][ T9800] EXT4-fs error (device loop4): ext4_iget_extra_inode:5104: inode #15: comm syz.4.1391: corrupted in-inode xattr: e_value size too large [ 472.133186][ T9800] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.1391: couldn't read orphan inode 15 (err -117) [ 472.164985][ T9800] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 472.392326][ T5821] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 472.431673][ T9812] macvtap0: refused to change device tx_queue_len [ 474.083094][ T9841] loop4: detected capacity change from 0 to 512 [ 474.166844][ T9841] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem [ 474.241291][ T9841] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a043c11c, mo2=0002] [ 474.250394][ T9841] System zones: 1-12 [ 474.263053][ T9841] EXT4-fs error (device loop4): ext4_iget_extra_inode:5104: inode #15: comm syz.4.1409: corrupted in-inode xattr: e_value size too large [ 474.298767][ T9841] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.1409: couldn't read orphan inode 15 (err -117) [ 474.349786][ T9841] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 474.426289][ T9850] macvtap0: refused to change device tx_queue_len [ 474.456645][ T9852] can0: slcan on ptm0. [ 474.584164][ T5821] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 474.635806][ T9852] loop1: detected capacity change from 0 to 2048 [ 474.835970][ T9852] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 475.367591][ T9851] can0 (unregistered): slcan off ptm0. [ 475.612022][ T5818] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 478.485271][ T9923] loop1: detected capacity change from 0 to 2048 [ 478.679960][ T9923] loop1: p2 p3 p7 [ 480.632655][ T9969] tipc: New replicast peer: 255.255.255.255 [ 480.642686][ T9969] tipc: Enabled bearer , priority 10 [ 480.777735][ T9973] serio: Serial port ptm0 [ 481.757957][ T5873] tipc: Node number set to 1529894664 [ 482.384742][T10007] tipc: New replicast peer: 255.255.255.255 [ 482.402330][T10007] tipc: Enabled bearer , priority 10 [ 483.155812][T10017] bond0: (slave dummy0): Releasing backup interface [ 483.258807][T10017] bridge_slave_0: left allmulticast mode [ 483.264658][T10017] bridge_slave_0: left promiscuous mode [ 483.271417][T10017] bridge0: port 1(bridge_slave_0) entered disabled state [ 483.447614][T10017] bridge_slave_1: left allmulticast mode [ 483.453459][T10017] bridge_slave_1: left promiscuous mode [ 483.460228][T10017] bridge0: port 2(bridge_slave_1) entered disabled state [ 483.515516][T10027] netlink: 'syz.3.1482': attribute type 1 has an invalid length. [ 483.533762][ T5871] tipc: Node number set to 2938815172 [ 483.576573][T10028] netlink: 3 bytes leftover after parsing attributes in process `syz.3.1482'. [ 483.605989][T10017] bond0: (slave bond_slave_0): Releasing backup interface [ 483.683103][T10017] bond0: (slave bond_slave_1): Releasing backup interface [ 483.803374][T10017] team0: Port device team_slave_0 removed [ 483.890137][T10017] team0: Port device team_slave_1 removed [ 483.900758][T10017] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 483.908539][T10017] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 483.975144][T10017] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 483.982898][T10017] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 484.195746][T10021] team0: Mode changed to "activebackup" [ 484.275350][T10028] batadv2: entered promiscuous mode [ 484.280984][T10028] batadv2: entered allmulticast mode [ 484.861980][T10041] tipc: New replicast peer: 255.255.255.255 [ 484.871924][T10041] tipc: Enabled bearer , priority 10 [ 484.899035][T10045] netlink: 132 bytes leftover after parsing attributes in process `syz.2.1488'. [ 485.963324][T10064] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1497'. [ 485.990352][ T5871] tipc: Node number set to 3259047941 [ 486.373078][T10072] tipc: Enabling of bearer rejected, already enabled [ 486.394836][T10075] netlink: 'syz.3.1499': attribute type 1 has an invalid length. [ 486.423587][T10076] ip6gre1: entered allmulticast mode [ 486.479696][T10075] netlink: 3 bytes leftover after parsing attributes in process `syz.3.1499'. [ 486.515075][T10075] batadv2: entered promiscuous mode [ 486.524927][T10075] batadv2: entered allmulticast mode [ 487.850521][T10101] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1510'. [ 487.970321][T10101] 8021q: adding VLAN 0 to HW filter on device bond3 [ 488.094778][T10108] vlan2: entered allmulticast mode [ 488.100322][T10108] bond3: entered allmulticast mode [ 488.188326][T10110] bridge0: entered promiscuous mode [ 488.200739][T10110] bridge0: port 3(macsec1) entered blocking state [ 488.207736][T10110] bridge0: port 3(macsec1) entered disabled state [ 488.214723][T10110] macsec1: entered allmulticast mode [ 488.220324][T10110] bridge0: entered allmulticast mode [ 488.241676][T10110] macsec1: left allmulticast mode [ 488.247021][T10110] bridge0: left allmulticast mode [ 488.271570][T10110] bridge0: left promiscuous mode [ 489.608242][ T30] kauditd_printk_skb: 56 callbacks suppressed [ 489.608319][ T30] audit: type=1326 audit(1758085845.944:877): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10124 comm="syz.4.1520" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff51e18eba9 code=0x7ffc0000 [ 490.595306][ T30] audit: type=1326 audit(1758085846.354:878): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10124 comm="syz.4.1520" exe="/root/syz-executor" sig=0 arch=c000003e syscall=273 compat=0 ip=0x7ff51e18eba9 code=0x7ffc0000 [ 490.618372][ T30] audit: type=1326 audit(1758085846.354:879): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10124 comm="syz.4.1520" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff51e18eba9 code=0x7ffc0000 [ 490.641875][ T30] audit: type=1326 audit(1758085846.354:880): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10124 comm="syz.4.1520" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff51e18eba9 code=0x7ffc0000 [ 494.211030][T10144] bridge0: entered promiscuous mode [ 494.225519][T10144] bridge0: port 3(macsec1) entered blocking state [ 494.232553][T10144] bridge0: port 3(macsec1) entered disabled state [ 494.245526][T10144] macsec1: entered allmulticast mode [ 494.251151][T10144] bridge0: entered allmulticast mode [ 494.356258][T10144] macsec1: left allmulticast mode [ 494.361624][T10144] bridge0: left allmulticast mode [ 494.529682][T10144] bridge0: left promiscuous mode [ 494.770747][ T30] audit: type=1326 audit(1758085851.094:881): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10154 comm="syz.4.1533" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff51e18eba9 code=0x7ffc0000 [ 494.798910][ T30] audit: type=1326 audit(1758085851.114:882): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10154 comm="syz.4.1533" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff51e18eba9 code=0x7ffc0000 [ 494.823290][ T30] audit: type=1326 audit(1758085851.114:883): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10154 comm="syz.4.1533" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff51e18eba9 code=0x7ffc0000 [ 494.846292][ T30] audit: type=1326 audit(1758085851.114:884): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10154 comm="syz.4.1533" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff51e18eba9 code=0x7ffc0000 [ 494.871677][ T30] audit: type=1326 audit(1758085851.114:885): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10154 comm="syz.4.1533" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff51e18eba9 code=0x7ffc0000 [ 494.899956][ T30] audit: type=1326 audit(1758085851.144:886): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10154 comm="syz.4.1533" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff51e18eba9 code=0x7ffc0000 [ 494.924899][ T30] audit: type=1326 audit(1758085851.194:887): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10154 comm="syz.4.1533" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff51e18eba9 code=0x7ffc0000 [ 494.948471][ T30] audit: type=1326 audit(1758085851.194:888): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10154 comm="syz.4.1533" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff51e18eba9 code=0x7ffc0000 [ 494.971312][ T30] audit: type=1326 audit(1758085851.274:889): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10154 comm="syz.4.1533" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff51e18eba9 code=0x7ffc0000 [ 494.994110][ T30] audit: type=1326 audit(1758085851.274:890): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10154 comm="syz.4.1533" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff51e18eba9 code=0x7ffc0000 [ 495.617622][T10168] loop4: detected capacity change from 0 to 2048 [ 495.652217][T10172] IPVS: wlc: UDP 224.0.0.2:0 - no destination available [ 495.741585][T10168] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 495.754351][T10168] ext4 filesystem being mounted at /276/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 495.848922][T10177] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm ext4lazyinit: bg 0: block 345: padding at end of block bitmap is not set [ 495.932640][T10177] EXT4-fs (loop4): Remounting filesystem read-only [ 495.947226][ T5821] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 496.282686][T10183] tipc: New replicast peer: 255.255.255.255 [ 496.292316][T10183] tipc: Enabled bearer , priority 10 [ 496.442578][T10187] bridge0: entered promiscuous mode [ 496.454942][T10187] bridge0: port 3(macsec1) entered blocking state [ 496.461982][T10187] bridge0: port 3(macsec1) entered disabled state [ 496.469280][T10187] macsec1: entered allmulticast mode [ 496.474743][T10187] bridge0: entered allmulticast mode [ 496.521167][T10190] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1547'. [ 496.607898][T10187] macsec1: left allmulticast mode [ 496.613128][T10187] bridge0: left allmulticast mode [ 496.652756][T10187] bridge0: left promiscuous mode [ 497.417780][ T5865] tipc: Node number set to 3069012010 [ 498.231575][T10225] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1561'. [ 499.910669][T10254] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1575'. [ 499.984958][T10262] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1578'. [ 500.795726][T10275] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 500.862837][T10276] IPv6: Can't replace route, no match found [ 500.902730][T10275] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 501.005180][T10275] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 501.142600][T10275] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 501.532795][ T6800] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 501.717704][ T6796] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 501.876142][ T6796] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 501.936173][ T6796] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 501.962685][T10288] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1590'. [ 502.120685][T10292] netlink: 72 bytes leftover after parsing attributes in process `syz.1.1593'. [ 502.585990][T10303] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1598'. [ 503.128136][ T30] kauditd_printk_skb: 6 callbacks suppressed [ 503.128221][ T30] audit: type=1326 audit(1758085859.464:897): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10313 comm="syz.1.1603" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6bbf38eba9 code=0x7ffc0000 [ 503.245971][ T30] audit: type=1326 audit(1758085859.514:898): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10313 comm="syz.1.1603" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6bbf38eba9 code=0x7ffc0000 [ 503.269672][ T30] audit: type=1326 audit(1758085859.524:899): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10313 comm="syz.1.1603" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6bbf38eba9 code=0x7ffc0000 [ 503.295482][ T30] audit: type=1326 audit(1758085859.524:900): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10313 comm="syz.1.1603" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6bbf38eba9 code=0x7ffc0000 [ 503.319428][ T30] audit: type=1326 audit(1758085859.524:901): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10313 comm="syz.1.1603" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6bbf38eba9 code=0x7ffc0000 [ 503.342274][ T30] audit: type=1326 audit(1758085859.534:902): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10313 comm="syz.1.1603" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6bbf38eba9 code=0x7ffc0000 [ 503.365111][ T30] audit: type=1326 audit(1758085859.534:903): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10313 comm="syz.1.1603" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6bbf38eba9 code=0x7ffc0000 [ 503.391015][ T30] audit: type=1326 audit(1758085859.534:904): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10313 comm="syz.1.1603" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6bbf38eba9 code=0x7ffc0000 [ 503.417623][ T30] audit: type=1326 audit(1758085859.544:905): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10313 comm="syz.1.1603" exe="/root/syz-executor" sig=0 arch=c000003e syscall=451 compat=0 ip=0x7f6bbf38eba9 code=0x7ffc0000 [ 503.440657][ T30] audit: type=1326 audit(1758085859.544:906): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10313 comm="syz.1.1603" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6bbf38eba9 code=0x7ffc0000 [ 503.645403][ T24] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 503.670991][T10321] tipc: Enabling of bearer rejected, already enabled [ 503.686717][ T24] hid-generic 0000:0000:0000.0001: hidraw0: HID v0.00 Device [syz1] on syz0 [ 504.087803][T10330] netlink: 72 bytes leftover after parsing attributes in process `syz.0.1608'. [ 504.125728][T10328] loop4: detected capacity change from 0 to 512 [ 504.157874][T10328] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 504.244479][T10336] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1611'. [ 504.244751][T10328] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #16: comm syz.4.1609: invalid indirect mapped block 4294967295 (level 0) [ 504.298697][T10328] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #16: comm syz.4.1609: invalid indirect mapped block 4294967295 (level 1) [ 504.338809][T10328] EXT4-fs (loop4): 1 orphan inode deleted [ 504.344738][T10328] EXT4-fs (loop4): 1 truncate cleaned up [ 504.352738][T10328] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 504.846231][T10347] bond2: entered promiscuous mode [ 504.853365][T10347] 8021q: adding VLAN 0 to HW filter on device bond2 [ 506.242562][T10370] netlink: 72 bytes leftover after parsing attributes in process `syz.3.1623'. [ 507.139769][T10383] netlink: 132 bytes leftover after parsing attributes in process `syz.3.1629'. [ 507.944069][T10398] netlink: 48 bytes leftover after parsing attributes in process `syz.0.1635'. [ 508.261029][T10404] netlink: 140 bytes leftover after parsing attributes in process `syz.0.1637'. [ 509.203271][T10337] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters [ 509.978624][T10427] netlink: 140 bytes leftover after parsing attributes in process `syz.0.1648'. [ 510.397231][ T5821] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 510.561594][T10435] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1652'. [ 510.691451][T10435] 8021q: adding VLAN 0 to HW filter on device bond1 [ 510.837258][ T30] kauditd_printk_skb: 12 callbacks suppressed [ 510.845135][ T30] audit: type=1326 audit(1758085867.174:919): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10440 comm="syz.0.1653" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f09b4f8eba9 code=0x0 [ 511.150955][T10444] netlink: 232 bytes leftover after parsing attributes in process `syz.4.1654'. [ 511.807546][ T30] audit: type=1326 audit(1758085868.124:920): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10447 comm="syz.3.1656" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa11258eba9 code=0x7ffc0000 [ 511.830109][ C0] vkms_vblank_simulate: vblank timer overrun [ 511.837203][ T30] audit: type=1326 audit(1758085868.134:921): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10447 comm="syz.3.1656" exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7fa11258eba9 code=0x7ffc0000 [ 512.249869][T10459] netlink: 140 bytes leftover after parsing attributes in process `syz.0.1660'. [ 512.310299][ T30] audit: type=1326 audit(1758085868.644:922): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10447 comm="syz.3.1656" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa11258eba9 code=0x7ffc0000 [ 512.332854][ C0] vkms_vblank_simulate: vblank timer overrun [ 512.339464][ T30] audit: type=1326 audit(1758085868.654:923): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10447 comm="syz.3.1656" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa11258eba9 code=0x7ffc0000 [ 512.361977][ C0] vkms_vblank_simulate: vblank timer overrun [ 512.760622][T10463] pim6reg1: entered promiscuous mode [ 512.766404][T10463] pim6reg1: entered allmulticast mode [ 513.348418][T10472] can0: slcan on ptm0. [ 513.469981][T10475] netlink: 232 bytes leftover after parsing attributes in process `syz.4.1667'. [ 514.175140][T10471] can0 (unregistered): slcan off ptm0. [ 514.407129][T10491] netlink: 140 bytes leftover after parsing attributes in process `syz.4.1673'. [ 514.892099][ T5865] hid-generic 0000:0006:0000.0002: unknown main item tag 0x0 [ 514.900276][ T5865] hid-generic 0000:0006:0000.0002: unknown main item tag 0x0 [ 514.908138][ T5865] hid-generic 0000:0006:0000.0002: unknown main item tag 0x0 [ 514.961733][ T5865] hid-generic 0000:0006:0000.0002: hidraw0: HID v0.03 Device [syz0] on syz0 [ 515.445157][ T30] audit: type=1326 audit(1758085871.784:924): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10513 comm="syz.0.1684" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09b4f8eba9 code=0x7ffc0000 [ 515.532533][ T30] audit: type=1326 audit(1758085871.814:925): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10513 comm="syz.0.1684" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f09b4f8eba9 code=0x7ffc0000 [ 515.555757][ T30] audit: type=1326 audit(1758085871.824:926): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10513 comm="syz.0.1684" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09b4f8eba9 code=0x7ffc0000 [ 515.583468][ T30] audit: type=1326 audit(1758085871.834:927): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10513 comm="syz.0.1684" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09b4f8eba9 code=0x7ffc0000 [ 515.608483][ T30] audit: type=1326 audit(1758085871.844:928): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10513 comm="syz.0.1684" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f09b4f8eba9 code=0x7ffc0000 [ 515.813553][T10521] netlink: 140 bytes leftover after parsing attributes in process `syz.2.1687'. [ 515.847710][T10520] can0: slcan on ptm0. [ 516.662265][T10518] can0 (unregistered): slcan off ptm0. [ 516.937639][ T5865] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 517.018185][T10539] capability: warning: `syz.1.1694' uses deprecated v2 capabilities in a way that may be insecure [ 517.169761][ T5865] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 517.179297][ T5865] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 517.187884][ T5865] usb 1-1: Product: syz [ 517.192219][ T5865] usb 1-1: Manufacturer: syz [ 517.197041][ T5865] usb 1-1: SerialNumber: syz [ 517.304899][ T5865] usb 1-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 517.436478][ T2203] usb 1-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 517.664657][ T5871] usb 1-1: USB disconnect, device number 4 [ 517.793050][T10550] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1698'. [ 517.802587][T10550] netlink: 312 bytes leftover after parsing attributes in process `syz.2.1698'. [ 517.811967][T10550] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1698'. [ 517.999860][T10557] loop4: detected capacity change from 0 to 2048 [ 518.074130][T10557] loop4: p1 < > p4 [ 518.103612][T10557] loop4: p4 size 8388608 extends beyond EOD, truncated [ 518.304985][T10561] tipc: Enabled bearer , priority 0 [ 518.346083][T10561] syzkaller0: entered promiscuous mode [ 518.352036][T10561] syzkaller0: entered allmulticast mode [ 518.389543][T10559] loop1: detected capacity change from 0 to 2048 [ 518.464606][T10561] tipc: Resetting bearer [ 518.518861][T10559] Alternate GPT is invalid, using primary GPT. [ 518.526313][T10559] loop1: p1 p2 p3 [ 518.530440][T10559] loop1: partition table partially beyond EOD, truncated [ 518.558876][ T2203] ath9k_htc 1-1:1.0: ath9k_htc: Target is unresponsive [ 518.559201][T10560] tipc: Resetting bearer [ 518.566927][ T2203] ath9k_htc: Failed to initialize the device [ 518.623520][T10560] tipc: Disabling bearer [ 518.630859][ T5871] usb 1-1: ath9k_htc: USB layer deinitialized [ 518.808347][T10570] geneve2: entered promiscuous mode [ 518.813838][T10570] geneve2: entered allmulticast mode [ 520.368561][ T2203] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 520.623142][ T2203] usb 4-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 520.632718][ T2203] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 520.641058][ T2203] usb 4-1: Product: syz [ 520.645445][ T2203] usb 4-1: Manufacturer: syz [ 520.650398][ T2203] usb 4-1: SerialNumber: syz [ 520.727069][ T2203] usb 4-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 520.797630][ T5865] usb 4-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 521.058156][ T5871] usb 4-1: USB disconnect, device number 2 [ 521.078426][ C0] vkms_vblank_simulate: vblank timer overrun [ 521.911011][ T5865] ath9k_htc 4-1:1.0: ath9k_htc: Target is unresponsive [ 521.923609][ T5865] ath9k_htc: Failed to initialize the device [ 521.994901][ T5871] usb 4-1: ath9k_htc: USB layer deinitialized [ 522.118681][T10631] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1730'. [ 522.136479][T10633] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1731'. [ 522.587222][T10645] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1737'. [ 522.894393][T10642] loop1: detected capacity change from 0 to 2048 [ 523.058372][T10642] Alternate GPT is invalid, using primary GPT. [ 523.065509][T10642] loop1: p1 p2 p3 [ 523.069696][T10642] loop1: partition table partially beyond EOD, truncated [ 523.746193][T10662] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1744'. [ 524.209553][T10668] tipc: Enabled bearer , priority 0 [ 524.247694][T10672] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1750'. [ 524.258549][T10668] syzkaller0: entered promiscuous mode [ 524.264196][T10668] syzkaller0: entered allmulticast mode [ 524.332764][T10668] tipc: Resetting bearer [ 524.426981][T10667] tipc: Resetting bearer [ 524.510369][T10667] tipc: Disabling bearer [ 525.134688][T10684] loop4: detected capacity change from 0 to 2048 [ 525.246639][T10694] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1759'. [ 525.260428][T10684] Alternate GPT is invalid, using primary GPT. [ 525.267762][T10684] loop4: p1 p2 p3 [ 525.271671][T10684] loop4: partition table partially beyond EOD, truncated [ 525.776343][T10698] ===================================================== [ 525.784768][T10698] BUG: KMSAN: uninit-value in nci_dev_up+0x13a2/0x1ba0 [ 525.792754][T10698] nci_dev_up+0x13a2/0x1ba0 [ 525.797477][T10698] nfc_dev_up+0x201/0x3d0 [ 525.801976][T10698] nfc_genl_dev_up+0xe9/0x1c0 [ 525.806792][T10698] genl_family_rcv_msg_doit+0x338/0x3f0 [ 525.816450][T10698] genl_rcv_msg+0xacf/0xc10 [ 525.822350][T10698] netlink_rcv_skb+0x54a/0x680 [ 525.827390][T10698] genl_rcv+0x41/0x60 [ 525.832113][T10698] netlink_unicast+0xf01/0x12b0 [ 525.837133][T10698] netlink_sendmsg+0x10b3/0x1250 [ 525.842416][T10698] __sock_sendmsg+0x333/0x3d0 [ 525.847235][T10698] ____sys_sendmsg+0x7e0/0xd80 [ 525.852288][T10698] ___sys_sendmsg+0x271/0x3b0 [ 525.857142][T10698] __x64_sys_sendmsg+0x211/0x3e0 [ 525.862348][T10698] x64_sys_call+0x1dfd/0x3e20 [ 525.867218][T10698] do_syscall_64+0xd9/0x210 [ 525.873769][T10698] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 525.882420][T10698] [ 525.884816][T10698] Uninit was stored to memory at: [ 525.891572][T10698] nci_dev_up+0x139b/0x1ba0 [ 525.896224][T10698] nfc_dev_up+0x201/0x3d0 [ 525.902171][T10698] nfc_genl_dev_up+0xe9/0x1c0 [ 525.906995][T10698] genl_family_rcv_msg_doit+0x338/0x3f0 [ 525.917793][T10698] genl_rcv_msg+0xacf/0xc10 [ 525.922456][T10698] netlink_rcv_skb+0x54a/0x680 [ 525.929823][T10698] genl_rcv+0x41/0x60 [ 525.933957][T10698] netlink_unicast+0xf01/0x12b0 [ 525.940393][T10698] netlink_sendmsg+0x10b3/0x1250 [ 525.945524][T10698] __sock_sendmsg+0x333/0x3d0 [ 525.951512][T10698] ____sys_sendmsg+0x7e0/0xd80 [ 525.956466][T10698] ___sys_sendmsg+0x271/0x3b0 [ 525.962538][T10698] __x64_sys_sendmsg+0x211/0x3e0 [ 525.967782][T10698] x64_sys_call+0x1dfd/0x3e20 [ 525.972651][T10698] do_syscall_64+0xd9/0x210 [ 525.977410][T10698] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 525.983463][T10698] [ 525.985852][T10698] Uninit was stored to memory at: [ 525.991213][T10698] nci_ntf_packet+0x179d/0x42b0 [ 525.996227][T10698] nci_rx_work+0x403/0x750 [ 526.000934][T10698] process_scheduled_works+0xb8e/0x1d80 [ 526.006702][T10698] worker_thread+0xedf/0x1590 [ 526.011663][T10698] kthread+0xd59/0xf00 [ 526.019859][T10698] ret_from_fork+0x233/0x380 [ 526.024604][T10698] ret_from_fork_asm+0x1a/0x30 [ 526.030796][T10698] [ 526.033187][T10698] Uninit was created at: [ 526.037707][T10698] kmem_cache_alloc_node_noprof+0x818/0xf00 [ 526.043786][T10698] kmalloc_reserve+0x13c/0x4b0 [ 526.049044][T10698] __alloc_skb+0x347/0x7d0 [ 526.053615][T10698] virtual_ncidev_write+0x6b/0x430 [ 526.059018][T10698] vfs_write+0x48a/0x15d0 [ 526.063519][T10698] __x64_sys_write+0x1fb/0x4d0 [ 526.068592][T10698] x64_sys_call+0x3014/0x3e20 [ 526.073460][T10698] do_syscall_64+0xd9/0x210 [ 526.078392][T10698] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 526.084454][T10698] [ 526.086885][T10698] CPU: 0 UID: 0 PID: 10698 Comm: syz.0.1760 Not tainted syzkaller #0 PREEMPT(none) [ 526.096533][T10698] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 526.106795][T10698] ===================================================== [ 526.113963][T10698] Disabling lock debugging due to kernel taint [ 526.124139][T10698] Kernel panic - not syncing: kmsan.panic set ... [ 526.130696][T10698] CPU: 0 UID: 0 PID: 10698 Comm: syz.0.1760 Tainted: G B syzkaller #0 PREEMPT(none) [ 526.141821][T10698] Tainted: [B]=BAD_PAGE [ 526.146059][T10698] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 526.156248][T10698] Call Trace: [ 526.159626][T10698] [ 526.162640][T10698] __dump_stack+0x26/0x30 [ 526.167167][T10698] dump_stack_lvl+0x53/0x270 [ 526.171930][T10698] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 526.177920][T10698] dump_stack+0x1e/0x25 [ 526.182240][T10698] vpanic+0x361/0xc50 [ 526.186392][T10698] panic+0x15d/0x160 [ 526.190493][T10698] kmsan_report+0x31c/0x320 [ 526.195161][T10698] ? __msan_warning+0x1b/0x30 [ 526.199967][T10698] ? nci_dev_up+0x13a2/0x1ba0 [ 526.204779][T10698] ? nfc_dev_up+0x201/0x3d0 [ 526.209451][T10698] ? nfc_genl_dev_up+0xe9/0x1c0 [ 526.214428][T10698] ? genl_family_rcv_msg_doit+0x338/0x3f0 [ 526.220301][T10698] ? genl_rcv_msg+0xacf/0xc10 [ 526.225119][T10698] ? netlink_rcv_skb+0x54a/0x680 [ 526.230230][T10698] ? genl_rcv+0x41/0x60 [ 526.234509][T10698] ? netlink_unicast+0xf01/0x12b0 [ 526.239689][T10698] ? netlink_sendmsg+0x10b3/0x1250 [ 526.244988][T10698] ? __sock_sendmsg+0x333/0x3d0 [ 526.249979][T10698] ? ____sys_sendmsg+0x7e0/0xd80 [ 526.255090][T10698] ? ___sys_sendmsg+0x271/0x3b0 [ 526.260110][T10698] ? __x64_sys_sendmsg+0x211/0x3e0 [ 526.265394][T10698] ? x64_sys_call+0x1dfd/0x3e20 [ 526.270423][T10698] ? do_syscall_64+0xd9/0x210 [ 526.275221][T10698] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 526.281429][T10698] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 526.287641][T10698] ? kmsan_get_metadata+0xfb/0x160 [ 526.292909][T10698] ? kmsan_internal_set_shadow_origin+0x79/0x110 [ 526.299395][T10698] ? kmsan_internal_unpoison_memory+0x14/0x20 [ 526.305619][T10698] ? _raw_spin_unlock_irqrestore+0x3f/0x60 [ 526.311601][T10698] ? stack_depot_save_flags+0x615/0x7b0 [ 526.317291][T10698] ? kmsan_get_metadata+0xfb/0x160 [ 526.322566][T10698] ? kmsan_internal_set_shadow_origin+0x79/0x110 [ 526.329059][T10698] ? kmsan_get_metadata+0xfb/0x160 [ 526.334344][T10698] __msan_warning+0x1b/0x30 [ 526.338983][T10698] nci_dev_up+0x13a2/0x1ba0 [ 526.343633][T10698] ? kmsan_internal_unpoison_memory+0x14/0x20 [ 526.349868][T10698] ? __pfx_nci_dev_up+0x10/0x10 [ 526.354868][T10698] nfc_dev_up+0x201/0x3d0 [ 526.359368][T10698] nfc_genl_dev_up+0xe9/0x1c0 [ 526.364181][T10698] ? __pfx_nfc_genl_dev_up+0x10/0x10 [ 526.369594][T10698] genl_family_rcv_msg_doit+0x338/0x3f0 [ 526.375336][T10698] genl_rcv_msg+0xacf/0xc10 [ 526.379973][T10698] ? __pfx_nfc_genl_dev_up+0x10/0x10 [ 526.385432][T10698] netlink_rcv_skb+0x54a/0x680 [ 526.390392][T10698] ? __pfx_genl_rcv_msg+0x10/0x10 [ 526.395574][T10698] genl_rcv+0x41/0x60 [ 526.399673][T10698] ? __pfx_genl_rcv+0x10/0x10 [ 526.404471][T10698] netlink_unicast+0xf01/0x12b0 [ 526.409511][T10698] netlink_sendmsg+0x10b3/0x1250 [ 526.414654][T10698] ? __pfx_netlink_sendmsg+0x10/0x10 [ 526.420112][T10698] ? __pfx_netlink_sendmsg+0x10/0x10 [ 526.425575][T10698] __sock_sendmsg+0x333/0x3d0 [ 526.430410][T10698] ____sys_sendmsg+0x7e0/0xd80 [ 526.435388][T10698] ___sys_sendmsg+0x271/0x3b0 [ 526.440271][T10698] ? __rcu_read_unlock+0x6d/0xd0 [ 526.445362][T10698] ? __fget_files+0x3b4/0x4a0 [ 526.450219][T10698] ? __fget_files+0x3b9/0x4a0 [ 526.455079][T10698] ? kmsan_get_metadata+0xfb/0x160 [ 526.460354][T10698] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 526.466337][T10698] __x64_sys_sendmsg+0x211/0x3e0 [ 526.471474][T10698] ? kmsan_get_metadata+0xfb/0x160 [ 526.476760][T10698] x64_sys_call+0x1dfd/0x3e20 [ 526.481618][T10698] do_syscall_64+0xd9/0x210 [ 526.486253][T10698] ? irqentry_exit+0x16/0x60 [ 526.491021][T10698] ? clear_bhb_loop+0x40/0x90 [ 526.495849][T10698] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 526.501902][T10698] RIP: 0033:0x7f09b4f8eba9 [ 526.506436][T10698] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 526.526214][T10698] RSP: 002b:00007f09b5e18038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 526.534794][T10698] RAX: ffffffffffffffda RBX: 00007f09b51d5fa0 RCX: 00007f09b4f8eba9 [ 526.542894][T10698] RDX: 0000000000000000 RSI: 0000200000000140 RDI: 0000000000000009 [ 526.550985][T10698] RBP: 00007f09b5011e19 R08: 0000000000000000 R09: 0000000000000000 [ 526.559059][T10698] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 526.567480][T10698] R13: 00007f09b51d6038 R14: 00007f09b51d5fa0 R15: 00007ffc3e6d4968 [ 526.575600][T10698] [ 526.578964][T10698] Kernel Offset: disabled [ 526.583332][T10698] Rebooting in 86400 seconds..