last executing test programs: 9.667374612s ago: executing program 2 (id=923): socket(0x11, 0x80a, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000031c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf7cf39e3100c8acaa47684f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d7559f3b14820ed58b15627c95aa0b784625704f07372c29184ff7f4a7c0000070015006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e000000000000041201baa80b0b8ed8fb1ec577c377f627daaf787a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bdeda7be586602d985430cea080000000000fb1a26abfb0767192361448279b05d96a703a660587a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aab926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb155481ef836eb0f8c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaed2b25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec0271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761036eafed1fb2b98b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe514283707c70600000000000000b7561301bb997316db01ee601f2c9659db9bc04f7089a660d8dcc3ae83169cf331efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a515d83129cd857c775f9e7d6101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af403269b4a39ce40293947d9a631bcbe3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562e00e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb2214209ed2d5d776e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b55ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f608ce27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e30400000000000000000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a95d32f46ed9bd1f00fb8191bbab2dc599dda61ee2010000294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bfe2777e808fcba821a00e8c5c39609ff854256cb490000000000c1fee30a3f7a85d1b2b458c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd210819203828b202779d386ed295f023c67d867014d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff00004043060000005dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df40600000000000000e9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f00000000010000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b0600b805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1202000000b59fed817072a0da60160761fd3dffda0f7c742eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7000000000000000542954c167dd9b4acd946ffffffffffffffff1389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c9e281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b630500163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6e452a31bde54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f700400fa0c61d5fe6d8ff353f631080405547d65375ae04f44f0c2543c772c5ccb137be7dc87746e1785a8214454d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b036e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e010000005a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb3985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1428c0805b4031a667e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a9cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab9100781b9912160a3fd2a2e74dd690c57bdfdc1f069f9491bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c1227c8bed10591958c906321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b863af34bac64c247672a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677ec97c5c568a89d6e36b165c39132a0f27080ece2a94c360b002c77f82662675a7713c7067081cac1599a998c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc215a18ca0265400abf38e90000000000000000008faf2cddffbfa66bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942ce18e57bb7f337df5435bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de286553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c03f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c872a4882d21db2046a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265441d513a1294b8439276394945d94a589708e32a1cb30a8b07b391201385e0b92ecbb7b13d7a87284164018ace6ce58a82c5de321452461089cdd69259f5390f5f508646a524490583c30630bedb47e158ad41c0a653e86a4f4f255cd2a6e95f33b586823aef5564d9de1f5bdd8c80e193f0597b8003860302cd243c00bc5a82c52afb115d16258d507937966bb89409d6d47b8b652d0761d7c72875ae1efb9bc7c6807c2d783e31fd9cd7e84d3d50d8fc44ab8ac9ccd2c0d42e3bd4c029241320446bbf47e23d1320de30fbdf7ed13f80c28fb5c13fccc2e3f73509bdcddad8a2fe48cdd61f2f43611704af64eed8b0cbbd08754f93b8f3d6347aad5cde1ccc5cbd5eaa87e52cea257c856a4af5243eeb5e89f0000000000000000f420df5e4c6d856b3d55e455c08110b2ef4255a38f81555e8e1f22d59c0bc3c9013e66a1f5bda1b695e1602c0afb5c35b2f68f3b151b1e869f40ff4d1bef5e926e1ff95f6321131e4cb797f53455a093a95e67605222d6acc29c46e5db1ef3b8b07e2169fb24ced4b3ae87ebeca06df93212e465bbd1a7e41df2e1a0d508f86cfc7a469ac682685c44692877d03c34c23a65d2677acc73b5d276fdebd685c9b7a079eae228d8426188cb19b083548f5f29e493ab079f33d1965dcbb165015c46998ad410d60cc65fcfa73bd65a43fc024455c4bf530d663976cf71490577251780ab6b1cf8d397444b5be575229f687a3d95ea6b2aa62fce8acb3d4a6a130b4fefa55d0c1d6f3fa448ee24e588e2965c9a442f0baf90923dda91a6850fb7b9c7f432b63001423fedcf053fa28024cc9a178a07042dabc07176fc524032c2edb340c9c18a83565c431aeb0c869683507255254430f90f61e4eca9c8fa98c000b35fec357ee1ebd08439bd95c1ab0753dfd2603d1608bd8c589a1e160000a6ee0ad13346e08738c2d7b00b5d121d918f1dc8bceded939fa8605b54b37cdfcea0bf2bc63e655dc04a2e50212ff89d6587d49896ce18916cf3adc12839c345ca91bb232b891fae2fdd68aaa38281c0feb2c107af3e080d6cdd1c6646ec6804d7e9960c02aa0db9eda24bbcb287fd2a890fa7f9d6ae0c0b1f8dd1603c9ea2f66b572276f96a28b5b6dd9f9bf6ad4bdaa2139b90faf1f40b0f141258578bd825daaaf718d21b7ac05fe5d1b699e5422ca341fe1c944f68fe3a6d783dcf30b0e09d7688f696883b61cb64464b04d351a0a69b0733c348049b0430ed40e200f4ff0000000000000000000000996bcc1b721b152c892fab887e7d20466d90c049c0fdf51dcc16d226a2619c6f47bc25b7f5df5c09fed638922ed127ab36aa7b0c58a2ce5894b1b0f5375d340d96b69b966b05daaf585121a9c7605ed8e9964eef1f14b74cbb2ccdadc6d0b77cf0492b75e1cd11bfdcfddde91b20366715ba0cbe1041be2a65c25d7ca15ef8b71bd2ab9a4294899a1964b0152518fc2ac15a728bcb9e2bc4b551dfdf9011a2a607bc39ad2c4d7c64dcf967724e9b63c397d5265ad3f1da4395a5a800d8845257dcbf210d4f00fe0bd3deed05e506736e6bb6d40ee6cb960bcdb33633ee87f82beb665a9a4c2d4d2b06479ade3a4cd6bba765c9f52b52a0bdd0849ab92baae3775570accb5a57ee9f0035fc6d3df4eebec2e7eb4ff863d3979a20f4428ddca471037b49d4fd130743a97faa02c293b721e52bf53d64c6585e138162331ef98792e1e9b21a6a084fb7b42c64062ef1323a8a65a8ed6038f274f28ff4f78136a1ef108efbe8c4f4e347d50dcdbc33bf3ade4c3a39d316061930d7dd39b8acdecc3f27830e3eda40e648328d95a9aee65a9dd09fd4e96d5b852025dc53ec3f30cc753e6a796084b4e34f521dbb230ae0f3b79142073d437e1fd22d3b7503ffa95b1d5c7740b0ecbfd35dc0f8af895583dfcc2689f6e02c2dd4b57f3dcac54f40da013eb221fa3d65de760576031052c25a96ed4b20230b36d46d3d3fd6bb1d77cc8a48a6b10fa0149e55ccde4a2b26cca2d1ca9191c74ab006a602543fc24d1283e353cfb917620000000024bf3eed258c02a591ec4cd295212d9a98d38745f6f6c4530900000000000000f184f239098bf32551c7cf454e2865974f6520112743f73c619c3cab5609e00178f7393e53462f31559220c026bbde09837bf1b3ffe748a3247c9569f0c5e99f4494f93e0fa1badca90c888616eca97bddabd8003fc12a084d4b11d841979e161b998ddda92f194c4ec7947b7b303be11e0962d429a2c542a28c4932e14c123dfe2b8ec47a11cce134fd6e42a9f4e00ab6de6b45"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x41) r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='sys_enter\x00', r2}, 0x10) syz_open_dev$usbmon(&(0x7f0000000080), 0x0, 0x0) syz_open_dev$usbfs(&(0x7f0000000000), 0x20000007d, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) openat(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x0, 0x0) socket$inet6(0xa, 0x40000080806, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x48) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000004bc311ec8500000075000000a70000000800000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r4 = socket$nl_route(0x10, 0x3, 0x0) r5 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000040)={'team0\x00', 0x0}) r7 = socket$key(0xf, 0x3, 0x2) sendmsg$nl_route(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000840)=ANY=[@ANYBLOB="4c0000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="93630100200501001c00128009000100766c616e000000000c000280060001000000000008000500", @ANYRES32=r7, @ANYBLOB='\b\x00\n\x00', @ANYRES32=r6], 0x4c}}, 0x0) 8.387631868s ago: executing program 2 (id=926): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff) r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70200001400001cb7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b702000000000000850000008500"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r3}, 0x10) sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0) r4 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) r5 = fcntl$dupfd(r4, 0x0, r4) r6 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000040)={r6}, 0x4) r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r6, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffea8, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r7}, 0x10) ioctl$FIBMAP(r5, 0x1, &(0x7f0000000180)=0xa98) r8 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="18110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b7000000"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) sendmsg$DEVLINK_CMD_RATE_NEW(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)={0x34, r1, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0) 8.175737307s ago: executing program 0 (id=928): connect$pppoe(0xffffffffffffffff, &(0x7f00000000c0)={0x18, 0x0, {0x4, @local, 'wg1\x00'}}, 0x1e) ioctl$PPPOEIOCSFWD(0xffffffffffffffff, 0x40047452, &(0x7f0000000040)={0x18, 0x0, {0x1004, @multicast, 'veth1_to_bridge\x00'}}) 7.988748426s ago: executing program 0 (id=930): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000005000000005e002200850000006d00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000580)='timer_start\x00', r0, 0x0, 0x4}, 0x18) io_uring_register$IORING_REGISTER_MEM_REGION(0xffffffffffffffff, 0x22, 0x0, 0x1) fsetxattr$trusted_overlay_redirect(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) r1 = socket$inet6_sctp(0xa, 0x801, 0x84) connect$inet6(r1, &(0x7f0000000080)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}}, 0x1c) 7.810784196s ago: executing program 0 (id=931): socket$tipc(0x1e, 0x0, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000f000000c5000000a0ef010095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x9, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000200)='kmem_cache_free\x00', r0}, 0x10) r1 = socket$phonet_pipe(0x23, 0x5, 0x2) connect$phonet_pipe(r1, &(0x7f0000000040), 0x10) ioctl$SIOCPNENABLEPIPE(r1, 0x89ed, 0x0) 7.632016335s ago: executing program 0 (id=933): r0 = signalfd(0xffffffffffffffff, 0x0, 0x0) getsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, 0x0, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r1, &(0x7f0000002c80)={0xa, 0x14e24}, 0x1c) connect$inet6(r1, &(0x7f00000002c0)={0xa, 0x4e24}, 0x1c) sendmmsg$inet6(r1, 0x0, 0x0, 0xc8000) sendmmsg(r1, &(0x7f00000092c0), 0x4ff, 0x0) r2 = socket$pppl2tp(0x18, 0x1, 0x1) setsockopt$pppl2tp_PPPOL2TP_SO_DEBUG(r2, 0x111, 0x1, 0x7, 0x4) socket$nl_xfrm(0x10, 0x3, 0x6) utime(0x0, 0x0) mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) 7.256564824s ago: executing program 0 (id=937): r0 = semget$private(0x0, 0x6, 0x0) semtimedop(r0, &(0x7f0000000040)=[{0x0, 0xfffd}], 0x1, 0x0) semop(r0, &(0x7f00000000c0)=[{0x0, 0xfffd}], 0x1) socket$nl_route(0x10, 0x3, 0x0) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000011c0)={0xffffffffffffffff, &(0x7f00000001c0), 0x0}, 0x20) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc9ffb}]}) r1 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) fchmod(r1, 0x21) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB='\v\x00\x00\x00\b\x00\x00\x00\f'], 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000440), 0x5, r2}, 0x38) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, 0x0, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r3 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x121602, 0x0) ioctl$TIOCSETD(r3, 0x5423, &(0x7f00000003c0)=0x14) ioctl$TIOCVHANGUP(r3, 0x5437, 0x2) capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x7}) openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) unshare(0x2a060400) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000300)={0xffffffffffffffff, 0x0, 0x0}, 0x20) semctl$SETALL(r0, 0x0, 0x11, &(0x7f0000000080)=[0x3]) bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00'}, 0x10) semget$private(0x0, 0x3, 0x8) syz_emit_ethernet(0x67, &(0x7f0000000fc0)={@random="cf702e8cf675", @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, '\x00', 0x31, 0x3a, 0xff, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @mcast2, {[], @ndisc_redir={0x89, 0x0, 0x0, '\x00', @dev, @dev={0xfe, 0x80, '\x00', 0x36}, [{0x22, 0x1, "6f9a417bfb01d0"}]}}}}}}, 0x0) r4 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x77, 0x101301) ioctl$USBDEVFS_CONTROL(r4, 0xc0105500, &(0x7f0000000040)={0x0, 0x5, 0x0, 0xd, 0x0, 0x0, 0x0}) 5.255734828s ago: executing program 0 (id=943): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000c80)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x418484, &(0x7f0000000440), 0x1, 0x775, &(0x7f0000001180)="$eJzs3c9rXNUeAPDvnSRNm/a95MGD9+oqIGigdGJqbBVcVFyIYKGga9thMg01k0zJTEoTAlpEcCOouBB007U/6s6tP7b6X7gQS9W0WHEhkTu5t502M2mSJpnqfD5wM+fceyfnfOf+OGfmHu4NoGeNpn8KEYcj4t0kYjibn0TEQDPVH3Fybb1bK8vldEpidfXlX5LmOjdXlsvR8p7UwSzz/4j45q2II4X15dYXl2ZK1WplPsuPN2YvjNcXl46eny1NV6Yrc8cnJiePnXjqxPGdi/W375cOXXvvhcc/P/nHm/+7+s63SZyMQ9my1jh2ymiMZp/JQPoR3uX5nS6sy5JuV4BtSQ/NvrWjPA7HcPQ1UwDAP9nrEbEKAPSYRPsPAD0m/x3g5spyOZ+6+4vE3rr+XETsX4s/v765tqQ/u2a3v3kddOhmcteVkSQiRnag/NGI+PjLVz9Np9il65AA7bxxOSLOjoyuP/8n68YsbNUTGyzbl72O3jPf+Q/2zldp/+fpdv2/wu3+T7Tp/wy2OXa3477H/4EdKGQDaf/v2Zaxbbda4s+M9GW5fzX7fAPJufPVSnpu+3dEjMXAYJqf2KCMsRt/3ui0rLX/9+v7r32Slp++3lmj8FP/4N3vmSo1Sg8Sc6vrlyMe6W8Xf3J7+ycd+r+nN1nGi8+8/VGnZWn8abz5tD7+yEYn7Y7VKxGPtd3+d0a0JRuOTxxv7g7j+U7Rxhc/fDjUqfzW7Z9Oafn5d4G9kG7/oY3jH0lax2vWt17Gd1eGv+607P7xt9//9yWvNNN5P+JSqdGYn4jYl7y0fv6xO+/N8/n6afxjj7Y//jfa/9PvhGc3GX//tZ8/2378uyuNf2pL23/riau3Zvo6lb+57T/ZTI1lczZz/ttsBR/kswMAAAAAAAAAAAAAAAAAAAAAAACAzSpExKFICsXb6UKhWFx7hvd/Y6hQrdUbR87VFuamovms7JEYKOS3uhxuuR/qRHY//Dx/7J78kxHxn4j4YPBAkt9HcarLsQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA7mCH5/+nfhzsdu0AgF2zv9sVAAD2nPYfAHqP9h8Aeo/2HwB6j/YfAHqP9h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBddvrUqXRa/X1luZzmpy4uLszULh6dqtRnirML5WK5Nn+hOF2rTVcrxXJt9n7/r1qrXZiMuYVL441KvTFeX1w6M1tbmGucOT9bmq6cqQzsSVQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsDX1xaWZUrVamZfYRmL14ahG9xN92e70sNRnTxPJw1GNHU50+cQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8DfxVwAAAP//02Ii/w==") r2 = creat(&(0x7f0000000100)='./bus\x00', 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, 0x0, 0x0, 0xf, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r3 = open(&(0x7f0000000780)='./bus\x00', 0x14507e, 0x0) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x7ffffe, 0x4002011, r3, 0x0) fallocate(r2, 0x0, 0x0, 0x1000f4) name_to_handle_at(0xffffffffffffffff, &(0x7f0000004740)='\x00', 0x0, 0x0, 0x1200) io_setup(0x5ff, &(0x7f0000000040)=0x0) io_submit(r4, 0x2, &(0x7f0000001d00)=[&(0x7f0000000080)={0x2000000, 0x0, 0x0, 0x0, 0xf00, r3, &(0x7f0000000000)="96", 0xffffff20, 0x0, 0x0, 0x0, r3}, &(0x7f0000000740)={0x0, 0x0, 0x41, 0x3, 0x0, r2, 0x0, 0x0, 0xffffffffffffffff}]) 4.983673247s ago: executing program 2 (id=946): r0 = syz_io_uring_setup(0x6d3, 0x0, &(0x7f0000000100), &(0x7f0000000140)) prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0) io_uring_register$IORING_REGISTER_IOWQ_MAX_WORKERS(r0, 0x13, &(0x7f0000000280)=[0x4], 0x2) 4.656093106s ago: executing program 3 (id=949): r0 = socket(0x200000000000011, 0x2, 0x2) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'bridge0\x00', 0x0}) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000c00)=@newtaction={0x68, 0x30, 0xffff, 0x70bd2b, 0x0, {0x0, 0x0, 0x1300}, [{0x54, 0x1, [@m_mirred={0x50, 0x1, 0x0, 0x0, {{0xb}, {0x24, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0x45b240d7, 0x4, 0x3, 0x7fff, 0x1}, 0x2, r1}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x68}}, 0x24008844) 4.288890684s ago: executing program 3 (id=951): r0 = socket$inet6(0xa, 0x1, 0x0) utime(&(0x7f0000000000)='./file0\x00', &(0x7f0000000140)={0x7, 0x1}) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)) r1 = socket$nl_generic(0x10, 0x3, 0x10) openat$sequencer2(0xffffff9c, &(0x7f00000011c0), 0x0, 0x0) r2 = syz_genetlink_get_family_id$gtp(&(0x7f0000000080), 0xffffffffffffffff) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1) sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce) r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8) bind$inet6(0xffffffffffffffff, 0x0, 0x0) r4 = openat$mixer(0xffffffffffffff9c, &(0x7f00000018c0), 0x0, 0x0) ioctl$mixer_OSS_GETVERSION(r4, 0x80086303, &(0x7f0000000000)) sendmsg$GTP_CMD_NEWPDP(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x1c, r2, 0x1, 0x70bd2d, 0x25dfdbfe, {}, [@GTPA_LINK={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000005}, 0x40000) bind$inet6(r0, &(0x7f0000000180)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) r5 = creat(&(0x7f0000000040)='./file0\x00', 0x0) close(r5) sendto$inet6(r0, 0x0, 0x0, 0x4004095, 0x0, 0x0) r6 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) ioctl$SNDCTL_SEQ_NRSYNTHS(r6, 0x8004510a, 0xfffffffffffffffe) 3.402515811s ago: executing program 2 (id=953): r0 = semget$private(0x0, 0x6, 0x0) semtimedop(r0, &(0x7f0000000040)=[{0x0, 0xfffd}], 0x1, 0x0) semop(r0, &(0x7f00000000c0)=[{0x0, 0xfffd}], 0x1) socket$nl_route(0x10, 0x3, 0x0) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000011c0)={0xffffffffffffffff, &(0x7f00000001c0), 0x0}, 0x20) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc9ffb}]}) r1 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) fchmod(r1, 0x21) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB='\v\x00\x00\x00\b\x00\x00\x00\f'], 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000440), 0x5, r2}, 0x38) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, 0x0, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r3 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x121602, 0x0) ioctl$TIOCSETD(r3, 0x5423, &(0x7f00000003c0)=0x14) ioctl$TIOCVHANGUP(r3, 0x5437, 0x2) capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x7}) openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) unshare(0x2a060400) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000300)={0xffffffffffffffff, 0x0, 0x0}, 0x20) semctl$SETALL(r0, 0x0, 0x11, &(0x7f0000000080)=[0x3]) bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00'}, 0x10) semget$private(0x0, 0x3, 0x8) syz_emit_ethernet(0x67, &(0x7f0000000fc0)={@random="cf702e8cf675", @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, '\x00', 0x31, 0x3a, 0xff, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @mcast2, {[], @ndisc_redir={0x89, 0x0, 0x0, '\x00', @dev, @dev={0xfe, 0x80, '\x00', 0x36}, [{0x22, 0x1, "6f9a417bfb01d0"}]}}}}}}, 0x0) r4 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x77, 0x101301) ioctl$USBDEVFS_CONTROL(r4, 0xc0105500, &(0x7f0000000040)={0x0, 0x5, 0x0, 0xd, 0x0, 0x0, 0x0}) 2.81846764s ago: executing program 4 (id=954): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'bridge_slave_0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000280)=ANY=[@ANYBLOB="300000001d000bcc0000", @ANYRES32=r2, @ANYBLOB="000000000a0002"], 0x30}, 0x1, 0x0, 0x0, 0x40}, 0x0) 2.74246346s ago: executing program 1 (id=955): bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, @void, @value}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r0}, 0x10) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r1, 0x0, 0x0, 0x20004002, &(0x7f0000b63fe4)={0xa, 0x2, 0x80000000}, 0x1c) 2.678770889s ago: executing program 3 (id=956): r0 = fsopen(&(0x7f0000000100)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x0) symlinkat(&(0x7f0000000000)='.\x00', r1, &(0x7f0000000140)='./file0\x00') bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000810018110000", @ANYRES32, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.events\x00', 0x26e1, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x5, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000100)='mm_lru_insertion\x00', r3}, 0x10) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0) write$cgroup_type(r4, &(0x7f0000000180), 0x40010) 2.539477509s ago: executing program 4 (id=957): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007500000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0, 0x0, 0x40000000000}, 0x18) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f00000010c0)='/proc/bus/input/devices\x00', 0x0, 0x0) preadv(r1, 0x0, 0x0, 0x33, 0x1) 2.413167629s ago: executing program 1 (id=958): r0 = syz_open_procfs(0x0, &(0x7f0000000000)='cpuset\x00') r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000180)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r1}, &(0x7f0000000380), &(0x7f00000003c0)=r2}, 0x20) close(0xffffffffffffffff) preadv(r0, &(0x7f0000000840)=[{&(0x7f0000001dc0)=""/4088, 0xff8}], 0x1, 0x0, 0x0) 2.387845348s ago: executing program 4 (id=959): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x16, 0x16, &(0x7f0000000240)=ANY=[@ANYBLOB="61124c00000000006113960000000000bf2000000000000007000000180000003d030100000000009500f000000000006926000000000000bf67000000000000560602000fff07006706000020000000170200000ee60000bf050000000000002d350000000000006507000002080000070700004c0000001f750000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000080)=0x3) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78) ioctl$EVIOCGPROP(0xffffffffffffffff, 0x40047438, &(0x7f0000000180)=""/246) writev(0xffffffffffffffff, &(0x7f0000000440)=[{&(0x7f0000000280)="c021", 0x1700}], 0x1) 2.196005927s ago: executing program 3 (id=960): bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1b00"/12], 0x48) r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) r1 = socket$kcm(0x10, 0x2, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000e00)=ANY=[@ANYBLOB="bf16000000000000b7070000010000004070000000000000500000000000e1ff95000000000000002ba76bb33123751c4e345c652fbc1626cca2a2ad75806150ae0209e62751ee04000000670d25010000020000040000009fc404000000c788b277beee11bf9b0a4def23d410f6accd3641110bec4e90a6341965dac03d04683712a0b09edc9e9ef8f6e396ad200e011ea665c45a3449abe802f5ab3e89cf40b8580218ce740068720000074e3e8eea3fd8cf49827ca311f5b87e1ca8433a8acd715f5888b2007f0000000000000000010000000000fb00010000000000414027efc84293af6a22000000005335001db43a5c000000000000000024000000000000000000e75a89faff01210cce39bf405f1e846c1242000000000000cad326ad7add65873d9f87463ad6f7c2e8ee1a39244960b318778f2a047f6d5bc24fef5d7d617da7fb5e2a431ab9142f3a06d55740a43088696daaed74b9c5c29647d2f950a959cf9938d6df8600a62e96b7cb8e52cbdc2ba9d580609e31c30891f7e5ff7fd6fce424c2200af6c3784a1975fa657de38a3a32a4fd67ce446ac5431d07db79240acaf091231b986e77d05d988d6edc71df48dca02113a38300c2bf2b5543ffc1669557b3819d8c396d2c2361629d1022f722ec23812770d72cd0010000007889b8c7044f563a1f68d4eff895fdbc463f747c08f40105869035000000000000000000000000000000000000000000000000080000003ddf4aa4b1c8baa0ae6feb6737c275dc2740f742b5425f1d581961471cdb0500000000000000d4123f955267fe4a75c114f874e086287547d4099aeec9f1538ee25a365ccf4a9b604e88e12ff25184d4e3c6f7f623559435b26b50fb7113000000f0bc440550ee91302f5a000000000000000000000000006d0000e67ccc00148ac4c43021cce9f24f4b2f9492c32e7af05c648978d9980ba49789906d923e4916f390ab7edcd3f5b9fe14446dd446a52131c464f2c08efb46d934615c8631b7c42efd0294bea179b0433f5c899119ec2c3f4523110c0acef5383b5a2720caeb68f1e9c05b05d89467ded84da093dea262e51811e2d7fa515722516bd5ef6c8c4966e5937562a5648a696ad3a042a7097ddefe0671f977fb145890f5bf41ba92b8c4c8b14f0d4a880ef4518bb32881dfd15dc84e79d326337e21e041654f06bd7f000000000000000000000000000000282ffe0000000009350cfa3ab109ab4a7d95938c5334a0dd177f1a7389ee570d95e543a27546d3770740f354df6dd6b1bfe4104d2262f33f596d606ccce75a3c3d5f9ad94a7316b0c6ad14f1398a6b39b07121f636da418b34d48677cf8d2d99ee8ac50142bcdcc73dd73cc6ec46896ffb35ac82ac7a9309ea07396d2814dc630ad1a9913934849be25f7b81b59aaa9fa2e9d6ecafcfa1de81b2d3581ab1138537f98d2240b6c2bf40569da4e2bb77532ab9220347d78319617d17e14f7331486e86b2145980b95c88ae11b1c6b6ea6c2b2311d6ce6315cc451dd50ac746acd59d075b41f9a747894956b10453ccf6527d8f579256e9849bbaf6c7c84362209d3d2320101d57"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f00000002c0)=r2, 0x4) sendmsg$kcm(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f00000003c0)="d800000018007b18e00212ba0d8105040a0a1100fe0f040b067c55a1bc0009001e0006990300000015000500fe800000000000000300014002000c0901ac04000bd67f6f94007100a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4b01602b2a10c11ce1b14d6d930dfe1d9d322fe04fb95cae8c9010000730d7a5025ccca262f3d40fad95667e04adcdf634c1f215ce3bb9ad8ffd5e1cace81ed0b7fece0b42a9ecbee5de6ccd40dd601edef3d93452a92307f00000e97031e9f05e9f16e9cb5", 0xd2}, {&(0x7f00000004c0)="f80ec2e2badd", 0x6}], 0x2, 0x0, 0x0, 0x2663}, 0x0) 2.184460657s ago: executing program 1 (id=961): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) r0 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$SG_IO(r1, 0x2285, &(0x7f0000000040)={0x53, 0xfffffffe, 0x6, 0x0, @buffer={0x2, 0x40002, &(0x7f00000000c0)=""/81}, &(0x7f0000000380)="259374c96ee3", 0x0, 0x0, 0x0, 0x0, 0x0}) 2.012602847s ago: executing program 4 (id=962): creat(&(0x7f0000000400)='./bus\x00', 0x0) creat(&(0x7f00000000c0)='./file0\x00', 0x0) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0x2) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x61) close(r1) r2 = syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r2, 0xc04064a0, &(0x7f0000000140)={0x0, &(0x7f0000000380)=[0x0], 0x0, 0x0, 0x0, 0x1}) openat$sequencer(0xffffffffffffff9c, 0x0, 0x8002, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r4 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000008500000072000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) ioctl$DRM_IOCTL_MODE_GETCRTC(r1, 0xc06864a1, &(0x7f0000000300)={0x0, 0x0, r3, 0x0}) ioctl$DRM_IOCTL_MODE_GETFB2(r2, 0xc06864ce, &(0x7f0000000080)={r7, 0x2, 0x0, 0x0, 0x3, [0x0], [0x800000, 0x0, 0xffffffff], [0x0, 0x1001000], [0x0, 0x0, 0xe8a6]}) ioctl$DRM_IOCTL_MODE_ADDFB2(r1, 0xc06864b8, &(0x7f00000001c0)={0x0, 0xae, 0x3ff, 0x34325241, 0x0, [r8], [0x2b8], [0x0, 0x9]}) 1.936643507s ago: executing program 2 (id=963): r0 = syz_io_uring_setup(0x6d3, &(0x7f0000000080)={0x0, 0xed28, 0x40, 0x0, 0xce}, 0x0, &(0x7f0000000140)) prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0) io_uring_register$IORING_REGISTER_IOWQ_MAX_WORKERS(r0, 0x13, &(0x7f0000000280)=[0x4], 0x2) 1.907441707s ago: executing program 1 (id=964): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1, 0x4, 0x7fe2, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_DELETE_ELEM(0x2, &(0x7f0000000400)={r0, &(0x7f0000000000), 0x20000000}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000180)='workqueue_activate_work\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) 1.735948036s ago: executing program 3 (id=965): syz_mount_image$ext4(&(0x7f0000000540)='ext4\x00', &(0x7f0000000000)='./cgroup.cpu/cpuset.cpus\x00', 0x88, &(0x7f00000005c0), 0x1, 0x437, &(0x7f0000000f80)="$eJzs289rHFUcAPDv7CZt0x8mlvqjadVoFYM/kiattQcvioIHBUEP9RiTtMRuG2lWsCVoFKlHKXgXj4J/gSe9iHoSvCpepVAkl1ZPK7M7k+xudtMk3WSr+/nAJO/NvOW978683ffm7QTQs0bSP0nE/oj4LSIGa9nGAiOxJ/13a3lx+u/lxekkKpU3/0qq5W4uL07nRfPX7cszfRGFT5M40qLehctXzk+VSrOXsvx4+cJ74wuXrzw7d2Hq3Oy52YuTp0+fPDHx/KnJ5zoSZxrXzeEP548efvXta69Pn7n2zk/fJHn8TXF0yMh6B5+oVDpcXXcdqEsnfV1sCJtSrHXT6K/2/8EoxurJG4xXPulq44BtValUKve3P7xUAf7Hkuh2C4DuyL/o0/lvvu3Q0OOucOPF2gQojftWttWO9EUhK9PfNL/tpJGIOLP0z5fpFttzHwIAoMF36fjnmVbjv0LU3xe6J1tDGYqIeyPiYESciohDEXFfRLXsAxHx4Cbrb14kWTv+KVzfUmAblI7/XsjWthrHf/noL4aKWe5ANf7+5OxcafZ49p6MRv/uND+xTh3fv/zr5+2O1Y//0i2tPx8LZu243re78TUzU+WpO4m53o2PI4b7WsWfrKwEJBFxOCKGt1jH3FNfH2137Pbxr6MD60yVryKerJ3/pWiKP5esvz45vidKs8fH86tirZ9/ufpGu/rvKP4OSM//3pbX/0r8Q0n9eu3C5uu4+vtnbec0W73+dyVvNez7YKpcvjQRsSt5rdbo+v2TTeUmV8un8Y8ea93/D8bqO3EkItKL+KGIeDgiHsna/mhEPBYRx9aJ/8eXHn936/FvrzT+mU2d/9XErmje0zpRPP/Dtw2VDm0m/vT8n6ymRrM9G/n820i7tnY1AwAAwH9PISL2R1IYW0kXCmNjtd/wH4q9hdL8Qvnps/PvX5ypPSMwFP2F/E7XYN390IlsWp/nJ5vyJ7L7xl8UB6r5sen50ky3g4cet69N/0/9Wex264Bt53kt6F36P/Qu/R96l/4PvatF/x/oRjuAHZa0/v7/qAtNAXZeU/+37Ac9xPwfepf+D71L/4eetDAQt39IXkJiTSIKd0UzeijxRzli5yrt9icTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAZ/wbAAD//zKr5pM=") 896.580333ms ago: executing program 1 (id=966): r0 = socket$inet6(0xa, 0x1, 0x0) utime(&(0x7f0000000000)='./file0\x00', &(0x7f0000000140)={0x7, 0x1}) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)) r1 = socket$nl_generic(0x10, 0x3, 0x10) openat$sequencer2(0xffffff9c, &(0x7f00000011c0), 0x0, 0x0) r2 = syz_genetlink_get_family_id$gtp(&(0x7f0000000080), 0xffffffffffffffff) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1) sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce) r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8) bind$inet6(0xffffffffffffffff, 0x0, 0x0) r4 = openat$mixer(0xffffffffffffff9c, &(0x7f00000018c0), 0x0, 0x0) ioctl$mixer_OSS_GETVERSION(r4, 0x80086303, &(0x7f0000000000)) sendmsg$GTP_CMD_NEWPDP(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x1c, r2, 0x1, 0x70bd2d, 0x25dfdbfe, {}, [@GTPA_LINK={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000005}, 0x40000) bind$inet6(r0, &(0x7f0000000180)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) r5 = creat(&(0x7f0000000040)='./file0\x00', 0x0) close(r5) sendto$inet6(r0, 0x0, 0x0, 0x4004095, 0x0, 0x0) r6 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) ioctl$SNDCTL_SEQ_NRSYNTHS(r6, 0x8004510a, 0xfffffffffffffffe) 801.174393ms ago: executing program 4 (id=967): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'bridge_slave_0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000280)=ANY=[@ANYBLOB="300000001d000bcc0000", @ANYRES32=r2, @ANYBLOB="000000000a0002"], 0x30}, 0x1, 0x0, 0x0, 0x40}, 0x0) 785.505783ms ago: executing program 2 (id=968): r0 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f0000002c80)={0xa, 0x14e24}, 0x1c) connect$inet6(r0, &(0x7f00000002c0)={0xa, 0x4e24}, 0x1c) sendmmsg$inet6(r0, 0x0, 0x0, 0xc8000) sendmmsg(r0, &(0x7f00000092c0), 0x4ff, 0x0) 141.474441ms ago: executing program 3 (id=969): openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0) openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/notes', 0x0, 0x0) r0 = syz_io_uring_setup(0x3090, &(0x7f0000000100)={0x0, 0x0, 0x0, 0xfffffffc}, &(0x7f0000000000)=0x0, &(0x7f00000001c0)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}) io_uring_enter(r0, 0x47ba, 0x0, 0x0, 0x0, 0x0) 118.408511ms ago: executing program 1 (id=970): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000080000000c"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b708000000bc7a007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) openat$autofs(0xffffffffffffff9c, &(0x7f0000010400), 0x121c41, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r2}, 0x18) socket$inet(0x2, 0x3, 0x6) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) dup(r3) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0) r4 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000180)={'syz_tun\x00', 0x0}) r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) r7 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0xe, 0x4, 0x8, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r7}, &(0x7f0000000240), &(0x7f00000003c0)=r9}, 0x20) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r8, r5, 0x25, 0x2, @void}, 0x10) syz_emit_ethernet(0x2a, &(0x7f0000000340)=ANY=[@ANYBLOB="0700000000000000aaaaaa1308"], 0x0) 0s ago: executing program 4 (id=971): r0 = fsopen(&(0x7f0000000100)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x0) symlinkat(&(0x7f0000000000)='.\x00', r1, &(0x7f0000000140)='./file0\x00') bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000810018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.events\x00', 0x26e1, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x5, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000100)='mm_lru_insertion\x00', r3}, 0x10) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0) write$cgroup_type(r4, &(0x7f0000000180), 0x40010) kernel console output (not intermixed with test programs): 54529][ T4249] device veth0_macvtap entered promiscuous mode [ 75.585279][ T4314] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 75.612788][ T4314] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 75.625720][ T4314] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 75.642428][ T4314] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 75.658965][ T4258] device veth0_vlan entered promiscuous mode [ 75.677341][ T4249] device veth1_macvtap entered promiscuous mode [ 75.685971][ T4314] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 75.695395][ T4314] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 75.704221][ T4314] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 75.712475][ T4314] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 75.737396][ T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 75.748644][ T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 75.770332][ T4259] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 75.801798][ T33] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 75.810556][ T33] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 75.818926][ T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 75.828428][ T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 75.841146][ T4258] device veth1_vlan entered promiscuous mode [ 75.852652][ T4250] device veth0_macvtap entered promiscuous mode [ 75.866288][ T4314] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 75.876825][ T4314] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 75.885198][ T4314] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 75.898221][ T4249] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 75.906158][ T4314] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 75.914292][ T4314] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 75.924418][ T4314] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 75.933694][ T4314] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 75.977422][ T4249] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 75.985434][ T4256] device veth0_vlan entered promiscuous mode [ 75.995214][ T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 76.005542][ T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 76.014328][ T33] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 76.023365][ T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 76.033704][ T4258] device veth0_macvtap entered promiscuous mode [ 76.048472][ T4258] device veth1_macvtap entered promiscuous mode [ 76.058686][ T4250] device veth1_macvtap entered promiscuous mode [ 76.067827][ T4249] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.077157][ T4249] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.087978][ T4249] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.096992][ T4249] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.114469][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 76.123032][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 76.132615][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 76.141072][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 76.152575][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 76.173859][ T4256] device veth1_vlan entered promiscuous mode [ 76.199362][ T4258] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 76.211449][ T4258] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 76.228173][ T4258] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 76.236032][ T4261] Bluetooth: hci1: command 0x040f tx timeout [ 76.241440][ T4259] device veth0_vlan entered promiscuous mode [ 76.246031][ T4261] Bluetooth: hci0: command 0x040f tx timeout [ 76.267841][ T4314] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 76.276244][ T4314] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 76.284375][ T4314] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 76.293492][ T4314] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 76.302791][ T4314] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 76.311648][ T4314] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 76.319649][ T4261] Bluetooth: hci3: command 0x040f tx timeout [ 76.319670][ T4254] Bluetooth: hci4: command 0x040f tx timeout [ 76.325656][ T4261] Bluetooth: hci2: command 0x040f tx timeout [ 76.335094][ T4314] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 76.348043][ T4314] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 76.360177][ T4258] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 76.371146][ T4258] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 76.382626][ T4258] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 76.393942][ T4258] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.403398][ T4258] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.412208][ T4258] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.421401][ T4258] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.452790][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 76.463240][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 76.477955][ T4259] device veth1_vlan entered promiscuous mode [ 76.509593][ T4250] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 76.520888][ T4250] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 76.535296][ T4250] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 76.546192][ T4250] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 76.558881][ T4250] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 76.610015][ T33] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 76.619303][ T33] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 76.629214][ T33] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 76.639408][ T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 76.650676][ T4250] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 76.661446][ T4250] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 76.671839][ T4250] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 76.683054][ T4250] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 76.695011][ T4250] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 76.709785][ T4250] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.719180][ T4250] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.728072][ T4250] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.737081][ T4250] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.766588][ T33] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 76.775356][ T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 76.784934][ T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 76.793883][ T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 76.810468][ T4256] device veth0_macvtap entered promiscuous mode [ 76.838694][ T4314] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 76.853134][ T4314] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 76.863367][ T4314] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 76.873093][ T4314] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 76.884066][ T4256] device veth1_macvtap entered promiscuous mode [ 76.958721][ T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 76.967806][ T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 76.996295][ T4256] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 77.008496][ T4256] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 77.019287][ T4256] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 77.030401][ T4256] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 77.041384][ T4256] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 77.051948][ T4256] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 77.063355][ T4256] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 77.074775][ T4259] device veth0_macvtap entered promiscuous mode [ 77.075114][ T33] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 77.090241][ T4259] device veth1_macvtap entered promiscuous mode [ 77.098123][ T33] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 77.125320][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 77.134109][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 77.143007][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 77.152860][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 77.162227][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 77.172590][ T4256] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 77.183924][ T4256] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 77.194372][ T4256] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 77.206561][ T4256] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 77.216561][ T4256] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 77.227339][ T4256] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 77.240636][ T4256] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 77.266973][ T33] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 77.275035][ T33] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 77.288097][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 77.296826][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 77.305675][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 77.318593][ T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 77.319658][ T4256] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.333059][ T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 77.337239][ T4256] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.352480][ T4256] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.362061][ T4256] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.390257][ T4259] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 77.404105][ T4259] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 77.415081][ T4259] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 77.426184][ T4259] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 77.436172][ T4259] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 77.446658][ T4259] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 77.456744][ T4259] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 77.467245][ T4259] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 77.479486][ T4259] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 77.487400][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 77.495356][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 77.504780][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 77.542885][ T46] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 77.544658][ T4259] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 77.562719][ T46] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 77.569906][ T4259] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 77.590020][ T4259] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 77.612666][ T4259] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 77.623974][ T4259] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 77.651194][ T4259] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 77.661555][ T4259] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 77.672634][ T4259] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 77.686730][ T4259] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 77.787029][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 77.857020][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 77.870506][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 77.900898][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 77.913602][ T4259] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.928723][ T4259] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.941854][ T4259] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.954421][ T4259] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 78.011701][ T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 78.029359][ T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 78.072455][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 78.136147][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 78.145885][ T0] NOHZ tick-stop error: local softirq work is pending, handler #202!!! [ 78.326404][ T4261] Bluetooth: hci0: command 0x0419 tx timeout [ 78.332525][ T4261] Bluetooth: hci1: command 0x0419 tx timeout [ 78.396509][ T4261] Bluetooth: hci2: command 0x0419 tx timeout [ 78.403208][ T4260] Bluetooth: hci4: command 0x0419 tx timeout [ 78.403217][ T4254] Bluetooth: hci3: command 0x0419 tx timeout [ 78.462383][ T33] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 78.491648][ T33] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 78.577675][ T4336] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 78.586514][ T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 78.594471][ T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 78.604794][ T4292] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 78.606036][ T4336] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 78.647986][ T4292] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 78.841524][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 79.052744][ T4314] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 79.086548][ T4314] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 79.280528][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 80.391473][ T4352] netlink: 72 bytes leftover after parsing attributes in process `syz.4.5'. [ 80.433007][ T4352] [U]  [ 81.115393][ T4362] Zero length message leads to an empty skb [ 81.150850][ T26] audit: type=1326 audit(1737762682.763:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4360 comm="syz.1.2" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f5ab598cd29 code=0x0 [ 81.277495][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 81.285774][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 81.294079][ T0] NOHZ tick-stop error: local softirq work is pending, handler #0a!!! [ 81.302303][ T0] NOHZ tick-stop error: local softirq work is pending, handler #8a!!! [ 81.356282][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 81.364547][ T0] NOHZ tick-stop error: local softirq work is pending, handler #108!!! [ 81.669273][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 82.557262][ T41] usb 5-1: new full-speed USB device number 2 using dummy_hcd [ 82.705016][ T4378] loop0: detected capacity change from 0 to 512 [ 82.740035][ T4378] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 82.785486][ T4378] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 82.808769][ T41] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 82.836341][ T41] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 82.846544][ T41] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5 [ 82.850552][ T4378] EXT4-fs (loop0): 1 truncate cleaned up [ 82.864387][ T41] usb 5-1: New USB device found, idVendor=0566, idProduct=3004, bcdDevice= 0.00 [ 82.874760][ T41] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 82.901980][ T41] usb 5-1: config 0 descriptor?? [ 82.919428][ T4378] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 82.995872][ T26] audit: type=1800 audit(1737762684.603:3): pid=4378 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.14" name="bus" dev="loop0" ino=18 res=0 errno=0 [ 83.044423][ T26] audit: type=1804 audit(1737762684.653:4): pid=4378 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.14" name="/newroot/4/bus/bus" dev="loop0" ino=18 res=1 errno=0 [ 83.108208][ T26] audit: type=1804 audit(1737762684.683:5): pid=4378 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.14" name="/newroot/4/bus/bus" dev="loop0" ino=18 res=1 errno=0 [ 83.341764][ T41] monterey 0003:0566:3004.0001: unknown main item tag 0x6 [ 83.360243][ T41] monterey 0003:0566:3004.0001: report_id 29495 is invalid [ 83.452546][ T41] monterey 0003:0566:3004.0001: item 0 2 1 8 parsing failed [ 83.494560][ T41] monterey: probe of 0003:0566:3004.0001 failed with error -22 [ 85.619723][ T41] usb 5-1: USB disconnect, device number 2 [ 85.998117][ T4250] EXT4-fs (loop0): unmounting filesystem. [ 86.123720][ T4397] netlink: 4 bytes leftover after parsing attributes in process `syz.1.18'. [ 86.207317][ T4397] device veth1_macvtap left promiscuous mode [ 86.321818][ T4409] netlink: 72 bytes leftover after parsing attributes in process `syz.3.19'. [ 86.395109][ T4411] [U]  [ 86.657410][ T127] cfg80211: failed to load regulatory.db [ 86.886778][ T4415] atomic_op ffff88807e035998 conn xmit_atomic 0000000000000000 [ 88.655820][ C0] sched: RT throttling activated [ 89.225957][ T41] usb 1-1: new full-speed USB device number 2 using dummy_hcd [ 89.448004][ T41] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 89.479443][ T41] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 89.508704][ T41] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5 [ 89.545076][ T41] usb 1-1: New USB device found, idVendor=0566, idProduct=3004, bcdDevice= 0.00 [ 89.565225][ T41] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 89.587765][ T41] usb 1-1: config 0 descriptor?? [ 90.006162][ T41] monterey 0003:0566:3004.0002: unknown main item tag 0x6 [ 90.035993][ T41] monterey 0003:0566:3004.0002: report_id 29495 is invalid [ 90.053966][ T41] monterey 0003:0566:3004.0002: item 0 2 1 8 parsing failed [ 90.084928][ T41] monterey: probe of 0003:0566:3004.0002 failed with error -22 [ 90.209137][ T41] usb 1-1: USB disconnect, device number 2 [ 90.292532][ T4474] netlink: 72 bytes leftover after parsing attributes in process `syz.2.39'. [ 90.323942][ T4474] [U]  [ 93.286800][ T4519] device veth0_to_bridge entered promiscuous mode [ 95.281514][ T41] usb 4-1: new full-speed USB device number 2 using dummy_hcd [ 95.467684][ T41] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 95.496019][ T41] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 95.553803][ T41] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5 [ 95.608128][ T41] usb 4-1: New USB device found, idVendor=0566, idProduct=3004, bcdDevice= 0.00 [ 95.633789][ T41] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 95.673123][ T41] usb 4-1: config 0 descriptor?? [ 96.104457][ T41] monterey 0003:0566:3004.0003: unknown main item tag 0x6 [ 96.120902][ T41] monterey 0003:0566:3004.0003: report_id 29495 is invalid [ 96.153783][ T41] monterey 0003:0566:3004.0003: item 0 2 1 8 parsing failed [ 96.185406][ T41] monterey: probe of 0003:0566:3004.0003 failed with error -22 [ 96.303948][ T14] usb 4-1: USB disconnect, device number 2 [ 96.947825][ T4567] Process accounting resumed [ 97.070143][ T4570] x_tables: duplicate underflow at hook 2 [ 97.120012][ T26] audit: type=1326 audit(1737762698.733:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4565 comm="syz.2.71" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f970898cd29 code=0x7ffc0000 [ 97.207584][ T26] audit: type=1326 audit(1737762698.753:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4565 comm="syz.2.71" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f970898cd29 code=0x7ffc0000 [ 97.279848][ T26] audit: type=1326 audit(1737762698.753:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4565 comm="syz.2.71" exe="/root/syz-executor" sig=0 arch=c000003e syscall=430 compat=0 ip=0x7f970898cd29 code=0x7ffc0000 [ 97.301813][ C0] vkms_vblank_simulate: vblank timer overrun [ 97.423774][ T26] audit: type=1326 audit(1737762698.753:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4565 comm="syz.2.71" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f970898cd29 code=0x7ffc0000 [ 97.520645][ T26] audit: type=1326 audit(1737762698.753:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4565 comm="syz.2.71" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f970898cd29 code=0x7ffc0000 [ 97.610594][ T26] audit: type=1326 audit(1737762698.753:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4565 comm="syz.2.71" exe="/root/syz-executor" sig=0 arch=c000003e syscall=91 compat=0 ip=0x7f970898cd29 code=0x7ffc0000 [ 97.632605][ C0] vkms_vblank_simulate: vblank timer overrun [ 97.786630][ T26] audit: type=1326 audit(1737762698.763:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4565 comm="syz.2.71" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f970898cd29 code=0x7ffc0000 [ 97.809730][ T26] audit: type=1326 audit(1737762698.763:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4565 comm="syz.2.71" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f970898cd29 code=0x7ffc0000 [ 97.943073][ T26] audit: type=1326 audit(1737762698.763:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4565 comm="syz.2.71" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f970898cd29 code=0x7ffc0000 [ 97.967109][ T26] audit: type=1326 audit(1737762698.763:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4565 comm="syz.2.71" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f970898cd29 code=0x7ffc0000 [ 98.680660][ T4598] loop4: detected capacity change from 0 to 1024 [ 98.796316][ T4598] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 98.844078][ T4598] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 98.983865][ T4598] JBD2: no valid journal superblock found [ 99.002355][ T4598] EXT4-fs (loop4): error loading journal [ 99.137971][ T4611] device batadv_slave_1 entered promiscuous mode [ 99.169103][ T4611] device batadv_slave_1 left promiscuous mode [ 99.290904][ T4606] loop0: detected capacity change from 0 to 128 [ 99.326988][ T4606] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 99.388734][ T4606] ext4 filesystem being mounted at /19/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 99.420601][ C0] vkms_vblank_simulate: vblank timer overrun [ 99.696669][ T4250] EXT4-fs (loop0): unmounting filesystem. [ 100.056732][ T4633] loop4: detected capacity change from 0 to 512 [ 100.219236][ T4633] EXT4-fs (loop4): too many log groups per flexible block group [ 100.233503][ T4633] EXT4-fs (loop4): failed to initialize mballoc (-12) [ 100.243616][ T4633] EXT4-fs (loop4): mount failed [ 101.212551][ T4633] 9pnet_fd: Insufficient options for proto=fd [ 101.277916][ T4633] netlink: 332 bytes leftover after parsing attributes in process `syz.4.90'. [ 101.296489][ T4633] netlink: 'syz.4.90': attribute type 9 has an invalid length. [ 101.304122][ T4633] netlink: 108 bytes leftover after parsing attributes in process `syz.4.90'. [ 101.655895][ T4633] netlink: 32 bytes leftover after parsing attributes in process `syz.4.90'. [ 101.921366][ T4656] loop2: detected capacity change from 0 to 1024 [ 101.979412][ T4656] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 102.006107][ T4656] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 102.020175][ T4663] loop4: detected capacity change from 0 to 1764 [ 102.050944][ T4656] JBD2: no valid journal superblock found [ 102.061941][ T4656] EXT4-fs (loop2): error loading journal [ 102.179713][ T4668] device batadv_slave_1 entered promiscuous mode [ 102.221901][ T4668] device batadv_slave_1 left promiscuous mode [ 102.593936][ T4682] Illegal XDP return value 3762713878 on prog (id 25) dev N/A, expect packet loss! [ 103.831485][ T4706] device vlan2 entered promiscuous mode [ 103.849622][ T4706] device batadv0 entered promiscuous mode [ 103.874041][ T4706] team0: Port device vlan2 added [ 103.876074][ T14] usb 5-1: new full-speed USB device number 3 using dummy_hcd [ 104.086474][ T14] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 104.122779][ T14] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 104.144877][ T4716] loop3: detected capacity change from 0 to 1024 [ 104.145772][ T4721] loop1: detected capacity change from 0 to 256 [ 104.163993][ T14] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5 [ 104.167017][ T4721] ======================================================= [ 104.167017][ T4721] WARNING: The mand mount option has been deprecated and [ 104.167017][ T4721] and is ignored by this kernel. Remove the mand [ 104.167017][ T4721] option from the mount to silence this warning. [ 104.167017][ T4721] ======================================================= [ 104.186959][ T4716] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 104.235139][ T14] usb 5-1: New USB device found, idVendor=0566, idProduct=3004, bcdDevice= 0.00 [ 104.260355][ T14] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 104.271757][ T4716] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 104.303308][ T14] usb 5-1: config 0 descriptor?? [ 104.308108][ T4716] JBD2: no valid journal superblock found [ 104.338858][ T4716] EXT4-fs (loop3): error loading journal [ 104.349683][ T4725] atomic_op ffff8880551ee998 conn xmit_atomic 0000000000000000 [ 104.355308][ T4721] FAT-fs (loop1): Directory bread(block 64) failed [ 104.364597][ T4721] FAT-fs (loop1): Directory bread(block 65) failed [ 104.372192][ T4721] FAT-fs (loop1): Directory bread(block 66) failed [ 104.379441][ T4721] FAT-fs (loop1): Directory bread(block 67) failed [ 104.387448][ T4721] FAT-fs (loop1): Directory bread(block 68) failed [ 104.394300][ T4721] FAT-fs (loop1): Directory bread(block 69) failed [ 104.430830][ T4721] FAT-fs (loop1): Directory bread(block 70) failed [ 104.465579][ T4721] FAT-fs (loop1): Directory bread(block 71) failed [ 104.474176][ T4721] FAT-fs (loop1): Directory bread(block 72) failed [ 104.481938][ T4721] FAT-fs (loop1): Directory bread(block 73) failed [ 104.532389][ T4729] device batadv_slave_1 entered promiscuous mode [ 104.562992][ T4729] device batadv_slave_1 left promiscuous mode [ 104.730848][ T14] monterey 0003:0566:3004.0004: unknown main item tag 0x6 [ 104.765970][ T14] monterey 0003:0566:3004.0004: report_id 29495 is invalid [ 104.790558][ T14] monterey 0003:0566:3004.0004: item 0 2 1 8 parsing failed [ 104.808762][ T14] monterey: probe of 0003:0566:3004.0004 failed with error -22 [ 104.819094][ T4736] netlink: 'syz.3.122': attribute type 13 has an invalid length. [ 104.832078][ T4736] gretap0: refused to change device tx_queue_len [ 104.840792][ T4736] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check. [ 104.927739][ T4733] netlink: 8 bytes leftover after parsing attributes in process `syz.2.121'. [ 104.956495][ T4733] netlink: 20 bytes leftover after parsing attributes in process `syz.2.121'. [ 105.069186][ T4240] usb 5-1: USB disconnect, device number 3 [ 105.959046][ T4747] atomic_op ffff888079e2d998 conn xmit_atomic 0000000000000000 [ 105.984254][ T4749] loop1: detected capacity change from 0 to 512 [ 106.067641][ T4749] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 106.143853][ T4749] ext4 filesystem being mounted at /20/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 106.424055][ T26] kauditd_printk_skb: 46 callbacks suppressed [ 106.424073][ T26] audit: type=1326 audit(1737762708.033:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4766 comm="syz.2.134" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f970898cd29 code=0x7ffc0000 [ 106.454032][ T4259] EXT4-fs (loop1): unmounting filesystem. [ 106.514166][ T4770] loop2: detected capacity change from 0 to 1024 [ 106.600227][ T4770] EXT4-fs: Ignoring removed bh option [ 106.663904][ T4775] netlink: 4 bytes leftover after parsing attributes in process `syz.3.138'. [ 106.686643][ T26] audit: type=1326 audit(1737762708.033:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4766 comm="syz.2.134" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f970898cd29 code=0x7ffc0000 [ 106.770623][ T4775] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 106.783882][ T4770] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 106.785046][ T4775] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 106.808971][ T4770] ext4 filesystem being mounted at /29/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 107.605347][ T4775] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 107.638721][ T4775] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 107.676675][ T26] audit: type=1326 audit(1737762708.033:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4766 comm="syz.2.134" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f970898cd29 code=0x7ffc0000 [ 107.700634][ T26] audit: type=1326 audit(1737762708.033:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4766 comm="syz.2.134" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f970898cd29 code=0x7ffc0000 [ 107.839367][ T26] audit: type=1326 audit(1737762708.033:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4766 comm="syz.2.134" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f970898cd29 code=0x7ffc0000 [ 108.013643][ T4775] device batadv0 left promiscuous mode [ 108.317482][ T4755] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm ext4lazyinit: bg 0: block 273: padding at end of block bitmap is not set [ 108.501124][ T4258] EXT4-fs (loop2): unmounting filesystem. [ 108.553605][ T4775] team0: Port device vlan2 removed [ 108.586181][ T26] audit: type=1326 audit(1737762708.033:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4766 comm="syz.2.134" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f970898cd29 code=0x7ffc0000 [ 108.615893][ T41] usb 1-1: new full-speed USB device number 3 using dummy_hcd [ 108.644293][ T26] audit: type=1326 audit(1737762708.033:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4766 comm="syz.2.134" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f970898cd29 code=0x7ffc0000 [ 108.730202][ T26] audit: type=1326 audit(1737762708.033:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4766 comm="syz.2.134" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f970898cd29 code=0x7ffc0000 [ 108.752907][ T26] audit: type=1326 audit(1737762708.033:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4766 comm="syz.2.134" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f970898cd29 code=0x7ffc0000 [ 108.776089][ T26] audit: type=1326 audit(1737762708.033:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4766 comm="syz.2.134" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f970898cd29 code=0x7ffc0000 [ 108.888868][ T41] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 108.910811][ T41] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 108.938730][ T41] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5 [ 108.966079][ T41] usb 1-1: New USB device found, idVendor=0566, idProduct=3004, bcdDevice= 0.00 [ 108.996783][ T41] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 109.036835][ T41] usb 1-1: config 0 descriptor?? [ 109.065934][ T4805] loop4: detected capacity change from 0 to 1024 [ 109.116947][ T4805] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 109.133743][ T4805] EXT4-fs (loop4): orphan cleanup on readonly fs [ 109.161059][ T4805] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5885: Corrupt filesystem [ 109.265285][ T4805] EXT4-fs (loop4): Remounting filesystem read-only [ 109.268046][ T4814] loop2: detected capacity change from 0 to 764 [ 109.301086][ T4805] EXT4-fs error (device loop4): ext4_dirty_inode:6089: inode #3: comm syz.4.142: mark_inode_dirty error [ 109.313200][ T4814] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 109.324178][ T4816] mmap: syz.3.147 (4816) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 109.348208][ T4805] EXT4-fs (loop4): Remounting filesystem read-only [ 109.355046][ T4805] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:477: comm syz.4.142: Invalid block bitmap block 3 in block_group 0 [ 109.407904][ T4805] EXT4-fs (loop4): Remounting filesystem read-only [ 109.414811][ T4805] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5885: Corrupt filesystem [ 109.431735][ T4805] EXT4-fs (loop4): Remounting filesystem read-only [ 109.439419][ T4805] EXT4-fs error (device loop4): ext4_dirty_inode:6089: inode #3: comm syz.4.142: mark_inode_dirty error [ 109.453218][ T41] monterey 0003:0566:3004.0005: unknown main item tag 0x6 [ 109.456629][ T4805] EXT4-fs (loop4): Remounting filesystem read-only [ 109.461159][ T4814] netlink: 'syz.2.146': attribute type 4 has an invalid length. [ 109.472007][ T4805] EXT4-fs error (device loop4): ext4_map_blocks:634: inode #3: block 1: comm syz.4.142: lblock 6 mapped to illegal pblock 1 (length 1) [ 109.495966][ T41] monterey 0003:0566:3004.0005: report_id 29495 is invalid [ 109.503347][ T41] monterey 0003:0566:3004.0005: item 0 2 1 8 parsing failed [ 109.530536][ T4805] EXT4-fs (loop4): Remounting filesystem read-only [ 109.536428][ T41] monterey: probe of 0003:0566:3004.0005 failed with error -22 [ 109.569241][ T4805] EXT4-fs error (device loop4): ext4_map_blocks:634: inode #3: block 48: comm syz.4.142: lblock 0 mapped to illegal pblock 48 (length 1) [ 109.604669][ T4805] EXT4-fs (loop4): Remounting filesystem read-only [ 109.622193][ T4805] EXT4-fs error (device loop4): ext4_acquire_dquot:6794: comm syz.4.142: Failed to acquire dquot type 0 [ 109.639976][ T4805] EXT4-fs (loop4): Remounting filesystem read-only [ 109.648565][ T4805] EXT4-fs error (device loop4): ext4_map_blocks:634: inode #3: block 49: comm syz.4.142: lblock 1 mapped to illegal pblock 49 (length 1) [ 109.667107][ T41] usb 1-1: USB disconnect, device number 3 [ 109.670995][ T4805] EXT4-fs (loop4): Remounting filesystem read-only [ 109.692406][ T4805] EXT4-fs error (device loop4): ext4_acquire_dquot:6794: comm syz.4.142: Failed to acquire dquot type 0 [ 109.711843][ T4805] EXT4-fs (loop4): Remounting filesystem read-only [ 109.722396][ T4805] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5885: Corrupt filesystem [ 109.901719][ T4805] EXT4-fs (loop4): Remounting filesystem read-only [ 109.927256][ T4805] EXT4-fs error (device loop4): ext4_evict_inode:279: inode #15: comm syz.4.142: mark_inode_dirty error [ 109.946457][ T4805] EXT4-fs (loop4): Remounting filesystem read-only [ 109.953324][ T4805] EXT4-fs warning (device loop4): ext4_evict_inode:282: couldn't mark inode dirty (err -117) [ 109.964112][ T4805] EXT4-fs (loop4): 1 orphan inode deleted [ 109.976919][ T4805] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 110.381089][ T4805] EXT4-fs (loop4): unmounting filesystem. [ 110.932398][ T4839] atomic_op ffff88801d647998 conn xmit_atomic 0000000000000000 [ 112.033863][ T4854] loop4: detected capacity change from 0 to 1024 [ 112.069259][ T4854] EXT4-fs: inline encryption not supported [ 112.075158][ T4854] EXT4-fs: Ignoring removed nobh option [ 112.147263][ T4854] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 112.163055][ T4859] device vlan2 entered promiscuous mode [ 112.203503][ T4854] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 112.388245][ T4256] EXT4-fs (loop4): unmounting filesystem. [ 112.755380][ T4880] device geneve2 entered promiscuous mode [ 112.999123][ T4887] loop0: detected capacity change from 0 to 512 [ 113.004904][ T4875] xt_CT: No such helper "syz0" [ 113.015683][ T4887] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 113.039384][ T4887] EXT4-fs (loop0): 1 truncate cleaned up [ 113.045658][ T4887] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 113.068897][ T26] kauditd_printk_skb: 61 callbacks suppressed [ 113.068912][ T26] audit: type=1800 audit(1737762714.683:127): pid=4887 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.171" name="bus" dev="loop0" ino=18 res=0 errno=0 [ 113.180731][ T26] audit: type=1804 audit(1737762714.683:128): pid=4887 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.171" name="/newroot/39/bus/bus" dev="loop0" ino=18 res=1 errno=0 [ 113.202421][ T26] audit: type=1804 audit(1737762714.683:129): pid=4887 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.171" name="/newroot/39/bus/bus" dev="loop0" ino=18 res=1 errno=0 [ 113.968333][ T4908] loop3: detected capacity change from 0 to 512 [ 113.993682][ T4250] EXT4-fs (loop0): unmounting filesystem. [ 114.042799][ T4908] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 114.053750][ T4909] device vlan2 entered promiscuous mode [ 114.114601][ T4908] EXT4-fs (loop3): 1 truncate cleaned up [ 114.143533][ T4908] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 114.841438][ T4908] EXT4-fs (loop3): unmounting filesystem. [ 115.654845][ T4934] xt_CT: No such helper "syz0" [ 116.275042][ T4948] xt_hashlimit: max too large, truncated to 1048576 [ 116.487289][ T26] audit: type=1326 audit(1737762718.103:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4953 comm="syz.2.192" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f970898cd29 code=0x7ffc0000 [ 116.571823][ T26] audit: type=1326 audit(1737762718.123:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4953 comm="syz.2.192" exe="/root/syz-executor" sig=0 arch=c000003e syscall=430 compat=0 ip=0x7f970898cd29 code=0x7ffc0000 [ 116.603015][ T26] audit: type=1326 audit(1737762718.123:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4953 comm="syz.2.192" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f970898cd29 code=0x7ffc0000 [ 116.829017][ T26] audit: type=1326 audit(1737762718.123:133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4953 comm="syz.2.192" exe="/root/syz-executor" sig=0 arch=c000003e syscall=91 compat=0 ip=0x7f970898cd29 code=0x7ffc0000 [ 116.851220][ C0] vkms_vblank_simulate: vblank timer overrun [ 116.901374][ T26] audit: type=1326 audit(1737762718.133:134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4953 comm="syz.2.192" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f970898cd29 code=0x7ffc0000 [ 116.930174][ T26] audit: type=1326 audit(1737762718.153:135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4953 comm="syz.2.192" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f970898cd29 code=0x7ffc0000 [ 116.952709][ C0] vkms_vblank_simulate: vblank timer overrun [ 116.964802][ T26] audit: type=1326 audit(1737762718.153:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4953 comm="syz.2.192" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f970898cd29 code=0x7ffc0000 [ 118.636014][ T4959] device vlan2 entered promiscuous mode [ 119.041729][ T4980] loop1: detected capacity change from 0 to 512 [ 119.552094][ T26] kauditd_printk_skb: 36 callbacks suppressed [ 119.552110][ T26] audit: type=1326 audit(1737762721.163:173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4993 comm="syz.4.202" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f5ff9b8cd29 code=0x0 [ 119.587702][ T5000] device geneve2 entered promiscuous mode [ 119.611428][ T4995] xt_CT: No such helper "syz0" [ 123.553668][ T26] audit: type=1326 audit(1737762725.163:174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5049 comm="syz.2.221" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f970898cd29 code=0x0 [ 124.200531][ T5060] loop3: detected capacity change from 0 to 512 [ 124.238397][ T5060] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 124.504961][ T5060] EXT4-fs (loop3): 1 truncate cleaned up [ 124.518486][ T5060] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 124.664363][ T26] audit: type=1800 audit(1737762726.273:175): pid=5060 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.225" name="bus" dev="loop3" ino=18 res=0 errno=0 [ 124.758111][ T26] audit: type=1804 audit(1737762726.333:176): pid=5060 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.225" name="/newroot/48/bus/bus" dev="loop3" ino=18 res=1 errno=0 [ 124.808892][ T26] audit: type=1804 audit(1737762726.333:177): pid=5060 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.225" name="/newroot/48/bus/bus" dev="loop3" ino=18 res=1 errno=0 [ 126.130183][ T4249] EXT4-fs (loop3): unmounting filesystem. [ 126.315215][ T5084] program syz.3.232 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 126.524960][ T5084] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 126.617101][ T26] audit: type=1326 audit(1737762728.233:178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5093 comm="syz.2.236" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f970898cd29 code=0x0 [ 126.778850][ T5084] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 126.902693][ T5084] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 127.006686][ T5084] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 127.270183][ T5101] netlink: 12 bytes leftover after parsing attributes in process `+}[@'. [ 127.323980][ T5084] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 127.349160][ T5084] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 127.373455][ T5084] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 127.470651][ T5084] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 127.505945][ T26] audit: type=1107 audit(1737762729.113:179): pid=5102 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='' [ 129.562888][ T5124] loop0: detected capacity change from 0 to 1024 [ 129.759234][ T5127] netlink: 8 bytes leftover after parsing attributes in process `syz.1.249'. [ 129.774455][ T5124] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors [ 129.796693][ T5124] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (14919!=20869) [ 129.816673][ T5124] EXT4-fs (loop0): invalid journal inode [ 130.534478][ T5124] EXT4-fs (loop0): can't get journal size [ 130.652214][ T5124] EXT4-fs error (device loop0): ext4_protect_reserved_inode:182: inode #3: comm syz.0.248: blocks 2-2 from inode overlap system zone [ 130.711706][ T5124] EXT4-fs (loop0): failed to initialize system zone (-117) [ 130.725571][ T5124] EXT4-fs (loop0): mount failed [ 130.865898][ T5124] netlink: 4 bytes leftover after parsing attributes in process `syz.0.248'. [ 131.361736][ T5135] device team0 entered promiscuous mode [ 131.375985][ T5135] device team_slave_0 entered promiscuous mode [ 131.383317][ T5135] device team_slave_1 entered promiscuous mode [ 132.491646][ T5138] device team_slave_0 left promiscuous mode [ 132.600493][ T5138] team0 (unregistering): Port device team_slave_0 removed [ 132.620926][ T5138] device team_slave_1 left promiscuous mode [ 132.707789][ T5138] team0 (unregistering): Port device team_slave_1 removed [ 132.729615][ T1277] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.763961][ T1277] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.220292][ T5141] netlink: 24 bytes leftover after parsing attributes in process `syz.1.254'. [ 133.236636][ T5143] device vlan2 entered promiscuous mode [ 133.903089][ T5169] netlink: 12 bytes leftover after parsing attributes in process `syz.0.259'. [ 134.398409][ T5175] xt_recent: Unsupported userspace flags (000000da) [ 134.488082][ T26] audit: type=1326 audit(1737762736.103:180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5171 comm="syz.2.263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f970898cd29 code=0x7ffc0000 [ 134.582540][ T26] audit: type=1326 audit(1737762736.103:181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5171 comm="syz.2.263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f970898cd29 code=0x7ffc0000 [ 134.653235][ T5179] device veth1 entered promiscuous mode [ 134.670346][ T26] audit: type=1326 audit(1737762736.103:182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5171 comm="syz.2.263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f970898cd29 code=0x7ffc0000 [ 134.714984][ T5179] device vlan0 entered promiscuous mode [ 134.737668][ T26] audit: type=1326 audit(1737762736.103:183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5171 comm="syz.2.263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f970898cd29 code=0x7ffc0000 [ 134.760650][ T5179] device veth1 left promiscuous mode [ 134.798235][ T26] audit: type=1326 audit(1737762736.103:184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5171 comm="syz.2.263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f970898cd29 code=0x7ffc0000 [ 134.832702][ T26] audit: type=1326 audit(1737762736.133:185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5171 comm="syz.2.263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7f970898cd29 code=0x7ffc0000 [ 134.868867][ T26] audit: type=1326 audit(1737762736.133:186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5171 comm="syz.2.263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f970898cd29 code=0x7ffc0000 [ 134.930803][ T26] audit: type=1326 audit(1737762736.133:187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5171 comm="syz.2.263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f970898cd29 code=0x7ffc0000 [ 135.679967][ T26] audit: type=1326 audit(1737762736.133:188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5171 comm="syz.2.263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=299 compat=0 ip=0x7f970898cd29 code=0x7ffc0000 [ 136.597267][ T26] audit: type=1326 audit(1737762736.133:189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5171 comm="syz.2.263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f970898cd29 code=0x7ffc0000 [ 137.987876][ T5216] device vlan2 entered promiscuous mode [ 138.797218][ T5232] netlink: 8 bytes leftover after parsing attributes in process `syz.2.281'. [ 139.494100][ T5241] netlink: 12 bytes leftover after parsing attributes in process `syz.4.278'. [ 142.447502][ T5271] device vlan2 entered promiscuous mode [ 144.969293][ T5296] netlink: 8 bytes leftover after parsing attributes in process `syz.3.297'. [ 145.875597][ T26] kauditd_printk_skb: 19 callbacks suppressed [ 145.875613][ T26] audit: type=1326 audit(1737762747.483:209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5314 comm="syz.1.306" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ab598cd29 code=0x7ffc0000 [ 146.107880][ T26] audit: type=1326 audit(1737762747.483:210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5314 comm="syz.1.306" exe="/root/syz-executor" sig=0 arch=c000003e syscall=293 compat=0 ip=0x7f5ab598cd29 code=0x7ffc0000 [ 147.090796][ T26] audit: type=1326 audit(1737762747.483:211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5314 comm="syz.1.306" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ab598cd29 code=0x7ffc0000 [ 147.155068][ T26] audit: type=1326 audit(1737762747.483:212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5314 comm="syz.1.306" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f5ab598cd29 code=0x7ffc0000 [ 147.248523][ T5327] device vlan2 entered promiscuous mode [ 147.482581][ T26] audit: type=1326 audit(1737762747.483:213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5314 comm="syz.1.306" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ab598cd29 code=0x7ffc0000 [ 147.898662][ T5332] loop1: detected capacity change from 0 to 512 [ 148.136927][ T5332] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 148.145636][ T26] audit: type=1326 audit(1737762747.483:214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5314 comm="syz.1.306" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f5ab598cd29 code=0x7ffc0000 [ 149.061695][ T5332] EXT4-fs (loop1): 1 truncate cleaned up [ 149.104773][ T26] audit: type=1326 audit(1737762747.483:215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5314 comm="syz.1.306" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ab598cd29 code=0x7ffc0000 [ 149.105429][ T5332] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 149.325869][ T26] audit: type=1326 audit(1737762747.483:216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5314 comm="syz.1.306" exe="/root/syz-executor" sig=0 arch=c000003e syscall=223 compat=0 ip=0x7f5ab598cd29 code=0x7ffc0000 [ 149.417987][ T26] audit: type=1326 audit(1737762747.483:217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5314 comm="syz.1.306" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ab598cd29 code=0x7ffc0000 [ 149.452226][ T5345] atomic_op ffff88802fe7e198 conn xmit_atomic 0000000000000000 [ 149.559952][ T4259] EXT4-fs (loop1): unmounting filesystem. [ 149.619741][ T26] audit: type=1326 audit(1737762747.483:218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5314 comm="syz.1.306" exe="/root/syz-executor" sig=0 arch=c000003e syscall=195 compat=0 ip=0x7f5ab598cd29 code=0x7ffc0000 [ 151.178108][ T26] kauditd_printk_skb: 28 callbacks suppressed [ 151.178123][ T26] audit: type=1326 audit(1737762752.793:247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5355 comm="syz.4.321" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f5ff9b8cd29 code=0x0 [ 153.194646][ T5380] loop0: detected capacity change from 0 to 2048 [ 154.306958][ T5380] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 154.933793][ T4250] EXT4-fs (loop0): unmounting filesystem. [ 155.155161][ T26] audit: type=1326 audit(1737762756.763:248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5405 comm="syz.4.336" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f5ff9b8cd29 code=0x0 [ 157.725730][ T5428] loop4: detected capacity change from 0 to 1024 [ 157.781278][ T5428] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 157.839182][ T5428] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 157.900098][ T5428] JBD2: no valid journal superblock found [ 157.915605][ T5428] EXT4-fs (loop4): error loading journal [ 158.258160][ T5433] device geneve2 entered promiscuous mode [ 158.923077][ T5428] device batadv_slave_1 entered promiscuous mode [ 159.010931][ T5428] device batadv_slave_1 left promiscuous mode [ 159.313720][ T26] audit: type=1326 audit(1737762760.923:249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5441 comm="syz.4.347" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f5ff9b8cd29 code=0x0 [ 159.335463][ C0] vkms_vblank_simulate: vblank timer overrun [ 162.514892][ T5454] netlink: 28 bytes leftover after parsing attributes in process `syz.0.349'. [ 163.682305][ T5480] loop2: detected capacity change from 0 to 1024 [ 163.749632][ T5480] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 163.840686][ T26] audit: type=1326 audit(1737762765.453:250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5485 comm="syz.0.360" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f4b3b58cd29 code=0x0 [ 163.866595][ T5480] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 164.045114][ T5480] JBD2: no valid journal superblock found [ 164.053349][ T5480] EXT4-fs (loop2): error loading journal [ 164.535584][ T5480] device batadv_slave_1 entered promiscuous mode [ 164.782972][ T5480] device batadv_slave_1 left promiscuous mode [ 165.139098][ T5496] device vlan2 entered promiscuous mode [ 166.144214][ T5518] netlink: 28 bytes leftover after parsing attributes in process `syz.2.366'. [ 167.513018][ T26] audit: type=1326 audit(1737762769.113:251): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5528 comm="syz.0.372" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f4b3b58cd29 code=0x0 [ 167.534886][ C0] vkms_vblank_simulate: vblank timer overrun [ 167.673937][ T5535] loop2: detected capacity change from 0 to 1024 [ 167.704236][ T5535] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 167.724088][ T5535] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 167.762937][ T5535] JBD2: no valid journal superblock found [ 167.776838][ T5535] EXT4-fs (loop2): error loading journal [ 167.842536][ T5535] device batadv_slave_1 entered promiscuous mode [ 167.873431][ T5535] device batadv_slave_1 left promiscuous mode [ 167.874218][ T5541] loop4: detected capacity change from 0 to 512 [ 167.939982][ T5541] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 168.040271][ T5541] EXT4-fs (loop4): 1 truncate cleaned up [ 168.055837][ T5541] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 168.083965][ T26] audit: type=1800 audit(1737762769.693:252): pid=5541 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.377" name="bus" dev="loop4" ino=18 res=0 errno=0 [ 168.157160][ T26] audit: type=1804 audit(1737762769.753:253): pid=5541 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.377" name="/newroot/73/bus/bus" dev="loop4" ino=18 res=1 errno=0 [ 168.280200][ T26] audit: type=1804 audit(1737762769.753:254): pid=5541 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.4.377" name="/newroot/73/bus/bus" dev="loop4" ino=18 res=1 errno=0 [ 169.214464][ T4256] EXT4-fs (loop4): unmounting filesystem. [ 170.925089][ T5564] netlink: 28 bytes leftover after parsing attributes in process `syz.0.382'. [ 172.670659][ T5590] netlink: 72 bytes leftover after parsing attributes in process `syz.1.390'. [ 172.804921][ T5591] [U]  [ 173.242674][ T5593] atomic_op ffff8880558f6198 conn xmit_atomic 0000000000000000 [ 173.487519][ T26] audit: type=1326 audit(1737762775.103:255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5596 comm="syz.3.393" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f001c58cd29 code=0x0 [ 174.366623][ T5616] netlink: 4 bytes leftover after parsing attributes in process `syz.1.396'. [ 175.458660][ T5624] netlink: 72 bytes leftover after parsing attributes in process `syz.1.401'. [ 175.474263][ T5624] [U]  [ 178.248102][ T5654] device batadv_slave_1 entered promiscuous mode [ 178.309438][ T5651] device batadv_slave_1 left promiscuous mode [ 179.284790][ T5664] atomic_op ffff888056098198 conn xmit_atomic 0000000000000000 [ 179.360995][ T5667] netlink: 72 bytes leftover after parsing attributes in process `syz.1.414'. [ 179.378441][ T5667] [U]  [ 180.485499][ T5673] loop0: detected capacity change from 0 to 512 [ 180.526134][ T5673] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 180.583257][ T5673] EXT4-fs (loop0): 1 truncate cleaned up [ 180.594316][ T5673] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 180.689218][ T26] audit: type=1804 audit(1737762782.303:256): pid=5680 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.418" name="/newroot/92/bus/bus" dev="loop0" ino=18 res=1 errno=0 [ 180.744887][ T26] audit: type=1804 audit(1737762782.343:257): pid=5673 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.418" name="/newroot/92/bus/bus" dev="loop0" ino=18 res=1 errno=0 [ 180.766327][ T26] audit: type=1800 audit(1737762782.343:258): pid=5673 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.418" name="bus" dev="loop0" ino=18 res=0 errno=0 [ 180.787697][ T26] audit: type=1804 audit(1737762782.353:259): pid=5673 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.418" name="/newroot/92/bus/bus" dev="loop0" ino=18 res=1 errno=0 [ 182.263489][ T4250] EXT4-fs (loop0): unmounting filesystem. [ 182.359234][ T5694] device vlan2 entered promiscuous mode [ 183.714550][ T5710] device batadv_slave_1 entered promiscuous mode [ 183.741068][ T5710] device batadv_slave_1 left promiscuous mode [ 184.978082][ T5720] netlink: 72 bytes leftover after parsing attributes in process `syz.3.430'. [ 185.071995][ T5719] [U]  [ 185.613650][ T5727] loop3: detected capacity change from 0 to 512 [ 185.760979][ T5727] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 187.918909][ T5727] EXT4-fs (loop3): 1 truncate cleaned up [ 187.924628][ T5727] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 187.955088][ T5728] netlink: 4 bytes leftover after parsing attributes in process `syz.2.433'. [ 188.865890][ T26] audit: type=1800 audit(1737762789.923:260): pid=5727 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.435" name="bus" dev="loop3" ino=18 res=0 errno=0 [ 189.084726][ T26] audit: type=1326 audit(1737762790.483:261): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5742 comm="syz.1.436" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f5ab598cd29 code=0x0 [ 189.117882][ T26] audit: type=1804 audit(1737762790.523:262): pid=5727 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.435" name="/newroot/85/bus/bus" dev="loop3" ino=18 res=1 errno=0 [ 189.220374][ T26] audit: type=1804 audit(1737762790.643:263): pid=5727 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.435" name="/newroot/85/bus/bus" dev="loop3" ino=18 res=1 errno=0 [ 189.264437][ T4249] EXT4-fs (loop3): unmounting filesystem. [ 189.442893][ T5767] device batadv_slave_1 entered promiscuous mode [ 189.509000][ T5767] device batadv_slave_1 left promiscuous mode [ 190.799686][ T5776] atomic_op ffff888079aa6198 conn xmit_atomic 0000000000000000 [ 192.512919][ T26] audit: type=1326 audit(1737762794.123:264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5794 comm="syz.3.452" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f001c58cd29 code=0x0 [ 192.534625][ C0] vkms_vblank_simulate: vblank timer overrun [ 192.628149][ T5798] loop1: detected capacity change from 0 to 512 [ 192.649876][ T5798] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 192.720988][ T5798] EXT4-fs (loop1): 1 truncate cleaned up [ 192.735286][ T5798] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 192.810119][ T26] audit: type=1800 audit(1737762794.423:265): pid=5798 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.453" name="bus" dev="loop1" ino=18 res=0 errno=0 [ 192.830331][ C0] vkms_vblank_simulate: vblank timer overrun [ 192.920047][ T26] audit: type=1804 audit(1737762794.453:266): pid=5798 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.453" name="/newroot/81/bus/bus" dev="loop1" ino=18 res=1 errno=0 [ 193.071256][ T26] audit: type=1804 audit(1737762794.453:267): pid=5798 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.453" name="/newroot/81/bus/bus" dev="loop1" ino=18 res=1 errno=0 [ 193.687649][ T4259] EXT4-fs (loop1): unmounting filesystem. [ 194.168901][ T1277] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.175319][ T1277] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.577582][ T5797] netlink: 4 bytes leftover after parsing attributes in process `syz.4.450'. [ 196.144509][ T5827] loop0: detected capacity change from 0 to 1024 [ 196.235971][ T4254] Bluetooth: hci0: command 0x0406 tx timeout [ 196.242079][ T4254] Bluetooth: hci1: command 0x0406 tx timeout [ 196.248272][ T4261] Bluetooth: hci3: command 0x0406 tx timeout [ 196.254870][ T4261] Bluetooth: hci4: command 0x0406 tx timeout [ 196.263005][ T4261] Bluetooth: hci2: command 0x0406 tx timeout [ 197.498164][ T5827] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 197.524370][ T5827] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 197.580004][ T5827] JBD2: no valid journal superblock found [ 197.605091][ T5827] EXT4-fs (loop0): error loading journal [ 197.815426][ T5847] device batadv_slave_1 entered promiscuous mode [ 197.927382][ T5847] device batadv_slave_1 left promiscuous mode [ 198.233915][ T26] audit: type=1326 audit(1737762799.843:268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5853 comm="syz.4.468" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f5ff9b8cd29 code=0x0 [ 200.132190][ T5860] netlink: 4 bytes leftover after parsing attributes in process `syz.0.469'. [ 201.173427][ T5874] device vlan0 entered promiscuous mode [ 203.643747][ T26] audit: type=1326 audit(1737762805.253:269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5903 comm="syz.0.483" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f4b3b58cd29 code=0x0 [ 203.665893][ C0] vkms_vblank_simulate: vblank timer overrun [ 205.435725][ T5908] netlink: 4 bytes leftover after parsing attributes in process `syz.4.482'. [ 206.017672][ T5916] atomic_op ffff888055f33198 conn xmit_atomic 0000000000000000 [ 209.368394][ T5951] loop2: detected capacity change from 0 to 1024 [ 210.702991][ T5951] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 211.146898][ T5954] netlink: 4 bytes leftover after parsing attributes in process `syz.3.496'. [ 211.441036][ T5951] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 211.574725][ T5951] JBD2: no valid journal superblock found [ 211.655995][ T5951] EXT4-fs (loop2): error loading journal [ 211.735709][ T5963] loop3: detected capacity change from 0 to 512 [ 211.764320][ T5963] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 211.820067][ T5963] EXT4-fs (loop3): 1 truncate cleaned up [ 211.882461][ T5963] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 211.931814][ T5971] device batadv_slave_1 entered promiscuous mode [ 212.029340][ T5971] device batadv_slave_1 left promiscuous mode [ 212.716060][ T26] audit: type=1800 audit(1737762814.243:270): pid=5963 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.500" name="bus" dev="loop3" ino=18 res=0 errno=0 [ 212.818955][ T5977] netlink: 8 bytes leftover after parsing attributes in process `syz.2.503'. [ 212.886330][ T26] audit: type=1804 audit(1737762814.503:271): pid=5963 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.500" name="/newroot/95/bus/bus" dev="loop3" ino=18 res=1 errno=0 [ 213.073619][ T26] audit: type=1804 audit(1737762814.593:272): pid=5963 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.500" name="/newroot/95/bus/bus" dev="loop3" ino=18 res=1 errno=0 [ 213.096099][ C0] vkms_vblank_simulate: vblank timer overrun [ 213.930037][ T4249] EXT4-fs (loop3): unmounting filesystem. [ 214.249103][ T5989] device veth1 entered promiscuous mode [ 214.266548][ T5989] device vlan2 entered promiscuous mode [ 214.284626][ T5989] device veth1 left promiscuous mode [ 214.862532][ T6003] device vlan2 entered promiscuous mode [ 216.242392][ T6012] loop0: detected capacity change from 0 to 1024 [ 216.290903][ T6012] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 216.303418][ T6012] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 216.390404][ T6012] JBD2: no valid journal superblock found [ 216.432852][ T6012] EXT4-fs (loop0): error loading journal [ 216.481738][ T6016] atomic_op ffff88807bfe1198 conn xmit_atomic 0000000000000000 [ 216.572982][ T6018] device batadv_slave_1 entered promiscuous mode [ 216.612251][ T6018] device batadv_slave_1 left promiscuous mode [ 217.333640][ T6023] loop2: detected capacity change from 0 to 512 [ 217.411817][ T6023] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 217.439656][ T6023] EXT4-fs (loop2): 1 truncate cleaned up [ 217.459946][ T6023] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 217.534495][ T26] audit: type=1800 audit(1737762819.143:273): pid=6023 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.518" name="bus" dev="loop2" ino=18 res=0 errno=0 [ 217.652019][ T26] audit: type=1804 audit(1737762819.193:274): pid=6023 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.518" name="/newroot/102/bus/bus" dev="loop2" ino=18 res=1 errno=0 [ 217.830659][ T26] audit: type=1804 audit(1737762819.203:275): pid=6023 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.518" name="/newroot/102/bus/bus" dev="loop2" ino=18 res=1 errno=0 [ 219.614277][ T4258] EXT4-fs (loop2): unmounting filesystem. [ 219.678927][ T6048] netlink: 4 bytes leftover after parsing attributes in process `syz.3.524'. [ 222.099007][ T26] audit: type=1326 audit(1737762823.713:276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6071 comm="syz.3.533" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f001c58cd29 code=0x0 [ 223.658630][ T6088] loop4: detected capacity change from 0 to 512 [ 223.667125][ T6088] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 223.753505][ T6088] EXT4-fs (loop4): 1 truncate cleaned up [ 223.764158][ T6088] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 223.878210][ T26] audit: type=1800 audit(1737762825.493:277): pid=6088 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.540" name="bus" dev="loop4" ino=18 res=0 errno=0 [ 224.021272][ T6097] loop0: detected capacity change from 0 to 1024 [ 224.247785][ T6097] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 225.721303][ T6097] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 225.731124][ T26] audit: type=1804 audit(1737762825.533:278): pid=6088 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.540" name="/newroot/107/bus/bus" dev="loop4" ino=18 res=1 errno=0 [ 225.731169][ T26] audit: type=1804 audit(1737762825.533:279): pid=6088 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.4.540" name="/newroot/107/bus/bus" dev="loop4" ino=18 res=1 errno=0 [ 225.864007][ T6098] netlink: 4 bytes leftover after parsing attributes in process `syz.1.541'. [ 226.040159][ T4256] EXT4-fs (loop4): unmounting filesystem. [ 226.286468][ T6097] JBD2: no valid journal superblock found [ 226.306980][ T6097] EXT4-fs (loop0): error loading journal [ 227.936022][ T26] audit: type=1326 audit(1737762829.523:280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6125 comm="syz.1.550" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f5ab598cd29 code=0x0 [ 227.962694][ C0] vkms_vblank_simulate: vblank timer overrun [ 228.144428][ T6134] loop0: detected capacity change from 0 to 512 [ 228.259142][ T6134] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 228.274638][ T6134] EXT4-fs (loop0): 1 truncate cleaned up [ 228.281100][ T6134] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 228.302056][ T26] audit: type=1800 audit(1737762829.913:281): pid=6134 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.553" name="bus" dev="loop0" ino=18 res=0 errno=0 [ 228.328438][ T26] audit: type=1804 audit(1737762829.913:282): pid=6134 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.553" name="/newroot/127/bus/bus" dev="loop0" ino=18 res=1 errno=0 [ 228.350588][ T26] audit: type=1804 audit(1737762829.913:283): pid=6134 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.553" name="/newroot/127/bus/bus" dev="loop0" ino=18 res=1 errno=0 [ 229.431449][ T4250] EXT4-fs (loop0): unmounting filesystem. [ 231.036486][ T6146] netlink: 4 bytes leftover after parsing attributes in process `syz.3.554'. [ 232.320088][ T6162] loop2: detected capacity change from 0 to 512 [ 232.327728][ T6162] EXT4-fs: Ignoring removed mblk_io_submit option [ 232.393551][ T6163] loop4: detected capacity change from 0 to 1024 [ 232.429754][ T6163] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 232.447164][ T6162] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 232.482146][ T6163] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 232.636005][ T6163] JBD2: no valid journal superblock found [ 232.641803][ T6163] EXT4-fs (loop4): error loading journal [ 232.844525][ T6179] device batadv_slave_1 entered promiscuous mode [ 233.436764][ T6180] xt_CT: No such helper "syz0" [ 233.499632][ T6179] device batadv_slave_1 left promiscuous mode [ 233.890946][ T26] audit: type=1800 audit(1737762835.503:284): pid=6162 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.560" name="file1" dev="loop2" ino=15 res=0 errno=0 [ 234.180457][ T26] audit: type=1800 audit(1737762835.643:285): pid=6177 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.560" name="file1" dev="loop2" ino=15 res=0 errno=0 [ 234.736130][ T26] audit: type=1326 audit(1737762836.353:286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6195 comm="syz.1.567" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f5ab598cd29 code=0x0 [ 235.390470][ T4258] EXT4-fs (loop2): unmounting filesystem. [ 237.867734][ T6229] device geneve2 entered promiscuous mode [ 238.231802][ T6220] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 238.344549][ T6228] xt_CT: No such helper "syz0" [ 238.411929][ T6220] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 238.459820][ T6220] Bluetooth: hci1: Suspend notifier action (1) failed: -4 [ 238.532087][ T6220] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 238.560464][ T6220] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 238.579425][ T26] audit: type=1326 audit(1737762840.193:287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6238 comm="syz.4.582" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ff9b8cd29 code=0x7ffc0000 [ 238.625888][ T6220] Bluetooth: hci0: Suspend notifier action (1) failed: -4 [ 238.635330][ T26] audit: type=1326 audit(1737762840.223:288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6238 comm="syz.4.582" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5ff9b8cd29 code=0x7ffc0000 [ 238.675036][ T6220] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 238.685950][ T6220] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 238.691980][ T6220] Bluetooth: hci2: Suspend notifier action (1) failed: -4 [ 238.701602][ T26] audit: type=1326 audit(1737762840.223:289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6238 comm="syz.4.582" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ff9b8cd29 code=0x7ffc0000 [ 238.770358][ T6220] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 238.789847][ T26] audit: type=1326 audit(1737762840.223:290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6238 comm="syz.4.582" exe="/root/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7f5ff9b8cd29 code=0x7ffc0000 [ 238.829260][ T6220] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 238.835539][ T6220] Bluetooth: hci4: Suspend notifier action (1) failed: -4 [ 238.865207][ T6220] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 238.872541][ T26] audit: type=1326 audit(1737762840.223:291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6238 comm="syz.4.582" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ff9b8cd29 code=0x7ffc0000 [ 238.914964][ T6247] device vlan2 entered promiscuous mode [ 238.923193][ T6220] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 238.933973][ T6220] Bluetooth: hci3: Suspend notifier action (1) failed: -4 [ 239.262143][ T26] audit: type=1326 audit(1737762840.223:292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6238 comm="syz.4.582" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5ff9b8cd29 code=0x7ffc0000 [ 239.285376][ T26] audit: type=1326 audit(1737762840.223:293): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6238 comm="syz.4.582" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ff9b8cd29 code=0x7ffc0000 [ 239.448220][ T26] audit: type=1326 audit(1737762840.223:294): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6238 comm="syz.4.582" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5ff9b8cd29 code=0x7ffc0000 [ 239.516447][ T4260] Bluetooth: hci1: command 0x0c1a tx timeout [ 239.519685][ T26] audit: type=1326 audit(1737762840.223:295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6238 comm="syz.4.582" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ff9b8cd29 code=0x7ffc0000 [ 239.544919][ C0] vkms_vblank_simulate: vblank timer overrun [ 239.926017][ T26] audit: type=1326 audit(1737762840.223:296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6238 comm="syz.4.582" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f5ff9b8b7df code=0x7ffc0000 [ 240.060224][ T26] audit: type=1326 audit(1737762840.223:297): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6238 comm="syz.4.582" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ff9b8cd29 code=0x7ffc0000 [ 240.084255][ T26] audit: type=1326 audit(1737762840.223:298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6238 comm="syz.4.582" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5ff9b8cd29 code=0x7ffc0000 [ 240.150118][ T26] audit: type=1326 audit(1737762840.223:299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6238 comm="syz.4.582" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ff9b8cd29 code=0x7ffc0000 [ 240.229176][ T26] audit: type=1326 audit(1737762840.223:300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6238 comm="syz.4.582" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5ff9b8cd29 code=0x7ffc0000 [ 240.296173][ T26] audit: type=1326 audit(1737762840.223:301): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6238 comm="syz.4.582" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ff9b8cd29 code=0x7ffc0000 [ 240.565913][ T4261] Bluetooth: hci0: command 0x0c1a tx timeout [ 240.645922][ T4260] Bluetooth: hci2: command 0x0c1a tx timeout [ 240.875870][ T4260] Bluetooth: hci4: command 0x0c1a tx timeout [ 241.485910][ T6277] xt_CT: No such helper "syz0" [ 241.693839][ T4261] Bluetooth: hci3: command 0x0c1a tx timeout [ 241.726110][ T4260] Bluetooth: hci1: command 0x0406 tx timeout [ 241.890991][ T6283] atomic_op ffff88807d56b998 conn xmit_atomic 0000000000000000 [ 242.349359][ T6302] loop2: detected capacity change from 0 to 512 [ 242.375804][ T6302] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 242.461888][ T6302] EXT4-fs (loop2): 1 truncate cleaned up [ 242.470090][ T6302] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 242.635907][ T4261] Bluetooth: hci0: command 0x0406 tx timeout [ 242.715933][ T4261] Bluetooth: hci2: command 0x0406 tx timeout [ 242.999464][ T6319] device geneve2 entered promiscuous mode [ 243.373818][ T6318] xt_CT: No such helper "syz0" [ 243.556133][ T6325] atomic_op ffff8880554cf998 conn xmit_atomic 0000000000000000 [ 243.756261][ T4261] Bluetooth: hci4: command 0x0406 tx timeout [ 243.763936][ T4260] Bluetooth: hci3: command 0x0406 tx timeout [ 243.835585][ T4258] EXT4-fs (loop2): unmounting filesystem. [ 244.698845][ T6338] usb usb7: usbfs: process 6338 (syz.0.613) did not claim interface 0 before use [ 244.804664][ T26] kauditd_printk_skb: 75 callbacks suppressed [ 244.804681][ T26] audit: type=1326 audit(1737762846.413:377): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6345 comm="syz.4.614" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ff9b8cd29 code=0x7ffc0000 [ 244.915891][ T26] audit: type=1326 audit(1737762846.413:378): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6345 comm="syz.4.614" exe="/root/syz-executor" sig=0 arch=c000003e syscall=430 compat=0 ip=0x7f5ff9b8cd29 code=0x7ffc0000 [ 245.029453][ T26] audit: type=1326 audit(1737762846.413:379): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6345 comm="syz.4.614" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ff9b8cd29 code=0x7ffc0000 [ 245.083980][ T26] audit: type=1326 audit(1737762846.413:380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6345 comm="syz.4.614" exe="/root/syz-executor" sig=0 arch=c000003e syscall=91 compat=0 ip=0x7f5ff9b8cd29 code=0x7ffc0000 [ 245.117374][ T6361] loop3: detected capacity change from 0 to 512 [ 245.142603][ T6361] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 245.180825][ T6361] EXT4-fs (loop3): 1 truncate cleaned up [ 245.189110][ T26] audit: type=1326 audit(1737762846.413:381): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6345 comm="syz.4.614" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ff9b8cd29 code=0x7ffc0000 [ 245.193156][ T6361] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 245.211422][ C0] vkms_vblank_simulate: vblank timer overrun [ 245.293135][ T26] audit: type=1326 audit(1737762846.413:382): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6345 comm="syz.4.614" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5ff9b8cd29 code=0x7ffc0000 [ 245.316727][ T26] audit: type=1326 audit(1737762846.413:383): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6345 comm="syz.4.614" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ff9b8cd29 code=0x7ffc0000 [ 245.340702][ T26] audit: type=1326 audit(1737762846.413:384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6345 comm="syz.4.614" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5ff9b8cd29 code=0x7ffc0000 [ 245.391049][ T26] audit: type=1326 audit(1737762846.413:385): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6345 comm="syz.4.614" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ff9b8cd29 code=0x7ffc0000 [ 245.427186][ T26] audit: type=1326 audit(1737762846.413:386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6345 comm="syz.4.614" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5ff9b8cd29 code=0x7ffc0000 [ 245.576238][ T6371] device vlan0 entered promiscuous mode [ 245.796579][ T6375] atomic_op ffff8880551ea198 conn xmit_atomic 0000000000000000 [ 246.777813][ T4249] EXT4-fs (loop3): unmounting filesystem. [ 247.237725][ T6406] sg_write: data in/out 14238/14 bytes for SCSI command 0x0-- guessing data in; [ 247.237725][ T6406] program syz.1.632 not setting count and/or reply_len properly [ 247.598659][ T6420] atomic_op ffff8880770e8198 conn xmit_atomic 0000000000000000 [ 247.605152][ T6423] loop2: detected capacity change from 0 to 512 [ 247.623659][ T6423] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 247.645961][ T6423] EXT4-fs (loop2): 1 truncate cleaned up [ 247.653027][ T6423] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 248.943900][ T4258] EXT4-fs (loop2): unmounting filesystem. [ 249.680851][ T6463] netlink: 88 bytes leftover after parsing attributes in process `syz.2.652'. [ 249.738892][ T6463] netlink: 'syz.2.652': attribute type 1 has an invalid length. [ 249.765636][ T6465] atomic_op ffff88802444d198 conn xmit_atomic 0000000000000000 [ 249.907644][ T6453] loop3: detected capacity change from 0 to 8192 [ 250.069267][ T6468] loop2: detected capacity change from 0 to 512 [ 250.116010][ T6468] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 250.135222][ T3622] loop3: p1 p2 p3 p4 [ 250.150017][ T3622] loop3: partition table partially beyond EOD, truncated [ 250.173504][ T3622] loop3: p1 start 51379968 is beyond EOD, truncated [ 250.190836][ T6468] EXT4-fs (loop2): 1 truncate cleaned up [ 250.204584][ T6468] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 250.264673][ T26] kauditd_printk_skb: 52 callbacks suppressed [ 250.264688][ T26] audit: type=1800 audit(1737762851.873:439): pid=6468 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.656" name="bus" dev="loop2" ino=18 res=0 errno=0 [ 250.297969][ T3622] loop3: p3 size 100663552 extends beyond EOD, truncated [ 251.101837][ T26] audit: type=1804 audit(1737762851.933:440): pid=6477 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.656" name="/newroot/128/bus/bus" dev="loop2" ino=18 res=1 errno=0 [ 251.124674][ T26] audit: type=1804 audit(1737762851.933:441): pid=6477 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.656" name="/newroot/128/bus/bus" dev="loop2" ino=18 res=1 errno=0 [ 251.145683][ C0] vkms_vblank_simulate: vblank timer overrun [ 251.190189][ T3622] loop3: p4 size 81920 extends beyond EOD, truncated [ 251.245142][ T26] audit: type=1326 audit(1737762852.853:442): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6482 comm="syz.0.659" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4b3b58cd29 code=0x7ffc0000 [ 251.343486][ T26] audit: type=1326 audit(1737762852.883:443): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6482 comm="syz.0.659" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4b3b58cd29 code=0x7ffc0000 [ 251.375324][ T4258] EXT4-fs (loop2): unmounting filesystem. [ 251.433388][ T26] audit: type=1326 audit(1737762852.883:444): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6482 comm="syz.0.659" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f4b3b58cd29 code=0x7ffc0000 [ 251.496286][ T4392] udevd[4392]: inotify_add_watch(7, /dev/loop3p2, 10) failed: No such file or directory [ 251.565327][ T26] audit: type=1326 audit(1737762852.883:445): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6482 comm="syz.0.659" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4b3b58cd29 code=0x7ffc0000 [ 251.619263][ T4392] udevd[4392]: inotify_add_watch(7, /dev/loop3p3, 10) failed: No such file or directory [ 251.632372][ T4329] udevd[4329]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory [ 251.644501][ T26] audit: type=1326 audit(1737762852.883:446): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6482 comm="syz.0.659" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4b3b58cd29 code=0x7ffc0000 [ 251.768689][ T26] audit: type=1326 audit(1737762852.893:447): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6482 comm="syz.0.659" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f4b3b58cd29 code=0x7ffc0000 [ 251.866722][ T6494] loop1: detected capacity change from 0 to 512 [ 251.883268][ T26] audit: type=1326 audit(1737762852.893:448): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6482 comm="syz.0.659" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4b3b58cd29 code=0x7ffc0000 [ 251.975279][ T6483] 9pnet_fd: Insufficient options for proto=fd [ 252.012842][ T6494] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 252.077442][ T6494] ext4 filesystem being mounted at /129/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 252.232204][ T6503] netlink: 72 bytes leftover after parsing attributes in process `syz.2.664'. [ 252.293858][ T4259] EXT4-fs (loop1): unmounting filesystem. [ 252.357358][ T6503] [U]  [ 252.498073][ T6510] atomic_op ffff888075fb3198 conn xmit_atomic 0000000000000000 [ 252.805094][ T6519] loop3: detected capacity change from 0 to 512 [ 252.991475][ T6519] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 253.347596][ T6519] EXT4-fs (loop3): 1 truncate cleaned up [ 253.510074][ T6519] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 254.010554][ T4249] EXT4-fs (loop3): unmounting filesystem. [ 254.479465][ T6545] atomic_op ffff8880319ff198 conn xmit_atomic 0000000000000000 [ 254.997944][ T6558] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.686'. [ 255.616826][ T1277] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.623615][ T1277] ieee802154 phy1 wpan1: encryption failed: -22 [ 255.819009][ T26] kauditd_printk_skb: 97 callbacks suppressed [ 255.819026][ T26] audit: type=1326 audit(1737762857.433:546): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6557 comm="syz.1.686" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ab598cd29 code=0x7ffc0000 [ 256.003935][ T26] audit: type=1326 audit(1737762857.593:547): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6557 comm="syz.1.686" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7f5ab598cd29 code=0x7ffc0000 [ 256.026179][ C0] vkms_vblank_simulate: vblank timer overrun [ 256.167138][ T26] audit: type=1326 audit(1737762857.783:548): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6570 comm="syz.1.686" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f5ab59bf5e5 code=0x7ffc0000 [ 256.246717][ T26] audit: type=1326 audit(1737762857.823:549): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6557 comm="syz.1.686" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ab598cd29 code=0x7ffc0000 [ 256.343615][ T26] audit: type=1326 audit(1737762857.823:550): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6557 comm="syz.1.686" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ab598cd29 code=0x7ffc0000 [ 256.476105][ T26] audit: type=1326 audit(1737762857.863:551): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6557 comm="syz.1.686" exe="/root/syz-executor" sig=0 arch=c000003e syscall=247 compat=0 ip=0x7f5ab598cd29 code=0x7ffc0000 [ 256.538000][ T26] audit: type=1326 audit(1737762857.933:552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6570 comm="syz.1.686" exe="/root/syz-executor" sig=0 arch=c000003e syscall=60 compat=0 ip=0x7f5ab598cd29 code=0x7ffc0000 [ 256.561568][ C0] vkms_vblank_simulate: vblank timer overrun [ 256.645229][ T6582] loop2: detected capacity change from 0 to 164 [ 256.707019][ T6582] Unable to read rock-ridge attributes [ 256.811715][ T6585] atomic_op ffff888056407198 conn xmit_atomic 0000000000000000 [ 256.957672][ T6590] netlink: 72 bytes leftover after parsing attributes in process `syz.4.694'. [ 256.975415][ T6590] [U]  [ 257.048427][ T26] audit: type=1326 audit(1737762858.663:553): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6591 comm="syz.1.697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ab598cd29 code=0x7ffc0000 [ 257.109681][ T26] audit: type=1326 audit(1737762858.693:554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6591 comm="syz.1.697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=116 compat=0 ip=0x7f5ab598cd29 code=0x7ffc0000 [ 257.246370][ T26] audit: type=1326 audit(1737762858.693:555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6591 comm="syz.1.697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ab598cd29 code=0x7ffc0000 [ 258.760086][ T6604] device dummy0 entered promiscuous mode [ 258.809385][ T6604] device dummy0 left promiscuous mode [ 260.449856][ T6629] netlink: 4 bytes leftover after parsing attributes in process `syz.0.712'. [ 260.661363][ T6637] syzkaller0 speed is unknown, defaulting to 1000 [ 260.904709][ T6637] syzkaller0 speed is unknown, defaulting to 1000 [ 261.286276][ T6639] xt_CT: No such helper "syz0" [ 261.326616][ T6637] syzkaller0 speed is unknown, defaulting to 1000 [ 261.515051][ T6637] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 261.554788][ T6637] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 261.623321][ T6637] syzkaller0 speed is unknown, defaulting to 1000 [ 261.638666][ T6637] syzkaller0 speed is unknown, defaulting to 1000 [ 261.646912][ T6637] syzkaller0 speed is unknown, defaulting to 1000 [ 261.654535][ T6637] syzkaller0 speed is unknown, defaulting to 1000 [ 261.662823][ T6637] syzkaller0 speed is unknown, defaulting to 1000 [ 261.892288][ T6650] netlink: 72 bytes leftover after parsing attributes in process `syz.0.718'. [ 261.903400][ T6650] [U]  [ 261.980449][ T6656] process 'syz.1.720' launched './file0' with NULL argv: empty string added [ 262.266361][ T6658] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 262.442967][ T26] kauditd_printk_skb: 12 callbacks suppressed [ 262.442985][ T26] audit: type=1326 audit(1737762864.053:568): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6662 comm="syz.2.724" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f970898cd29 code=0x7ffc0000 [ 262.548181][ T26] audit: type=1326 audit(1737762864.083:569): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6662 comm="syz.2.724" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f970898cd29 code=0x7ffc0000 [ 262.671449][ T26] audit: type=1326 audit(1737762864.093:570): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6662 comm="syz.2.724" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f970898cd29 code=0x7ffc0000 [ 263.067232][ T26] audit: type=1326 audit(1737762864.093:571): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6662 comm="syz.2.724" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f970898cd29 code=0x7ffc0000 [ 263.392140][ T6671] netlink: 48 bytes leftover after parsing attributes in process `syz.3.726'. [ 263.462234][ T6671] loop3: detected capacity change from 0 to 512 [ 263.469666][ T26] audit: type=1326 audit(1737762864.093:572): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6662 comm="syz.2.724" exe="/root/syz-executor" sig=0 arch=c000003e syscall=272 compat=0 ip=0x7f970898cd29 code=0x7ffc0000 [ 263.531707][ T26] audit: type=1326 audit(1737762864.093:573): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6662 comm="syz.2.724" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f970898cd29 code=0x7ffc0000 [ 263.554188][ T26] audit: type=1326 audit(1737762864.093:574): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6662 comm="syz.2.724" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f970898cd29 code=0x7ffc0000 [ 263.576414][ C0] vkms_vblank_simulate: vblank timer overrun [ 263.597058][ T26] audit: type=1326 audit(1737762864.093:575): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6662 comm="syz.2.724" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f970898cd29 code=0x7ffc0000 [ 263.689976][ T26] audit: type=1326 audit(1737762864.093:576): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6662 comm="syz.2.724" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f970898cd29 code=0x7ffc0000 [ 263.712219][ C0] vkms_vblank_simulate: vblank timer overrun [ 263.721977][ T6671] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 263.731215][ T6676] loop1: detected capacity change from 0 to 512 [ 263.764264][ T6671] ext4 filesystem being mounted at /134/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 263.811137][ T26] audit: type=1326 audit(1737762864.093:577): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6662 comm="syz.2.724" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f970898cd29 code=0x7ffc0000 [ 263.890534][ T6676] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.728: bg 0: block 248: padding at end of block bitmap is not set [ 264.001243][ T6676] EXT4-fs error (device loop1): ext4_acquire_dquot:6794: comm syz.1.728: Failed to acquire dquot type 1 [ 264.025069][ T6676] EXT4-fs (loop1): 1 truncate cleaned up [ 264.026568][ T6686] netlink: 132 bytes leftover after parsing attributes in process `syz.0.730'. [ 264.032275][ T6676] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 264.371366][ T6676] ext4 filesystem being mounted at /147/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 264.687151][ T6687] xt_CT: No such helper "syz0" [ 264.944833][ T6691] netlink: 36 bytes leftover after parsing attributes in process `syz.4.732'. [ 264.966801][ T4249] EXT4-fs (loop3): unmounting filesystem. [ 265.023289][ T4259] EXT4-fs (loop1): unmounting filesystem. [ 265.124512][ T6697] device vlan2 entered promiscuous mode [ 266.568343][ T6718] netlink: 72 bytes leftover after parsing attributes in process `syz.4.740'. [ 266.583341][ T6718] [U]  [ 267.665920][ T6725] xt_CT: No such helper "syz0" [ 268.071884][ T6732] netlink: 36 bytes leftover after parsing attributes in process `syz.2.746'. [ 268.424767][ T26] kauditd_printk_skb: 29 callbacks suppressed [ 268.424804][ T26] audit: type=1326 audit(1737762870.033:605): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6733 comm="syz.0.744" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4b3b58cd29 code=0x7ffc0000 [ 268.965943][ T26] audit: type=1326 audit(1737762870.103:606): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6733 comm="syz.0.744" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4b3b58cd29 code=0x7ffc0000 [ 269.115842][ T26] audit: type=1326 audit(1737762870.113:607): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6733 comm="syz.0.744" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4b3b58cd29 code=0x7ffc0000 [ 269.225812][ T26] audit: type=1326 audit(1737762870.123:608): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6733 comm="syz.0.744" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4b3b58cd29 code=0x7ffc0000 [ 269.282490][ T6742] loop3: detected capacity change from 0 to 4096 [ 269.295889][ T26] audit: type=1326 audit(1737762870.123:609): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6733 comm="syz.0.744" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4b3b58cd29 code=0x7ffc0000 [ 269.320966][ T6742] EXT4-fs: Ignoring removed orlov option [ 269.346400][ T6742] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 269.364999][ T6745] device pim6reg1 entered promiscuous mode [ 269.373196][ T26] audit: type=1326 audit(1737762870.133:610): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6733 comm="syz.0.744" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4b3b58cd29 code=0x7ffc0000 [ 269.395400][ C0] vkms_vblank_simulate: vblank timer overrun [ 269.428290][ T26] audit: type=1326 audit(1737762870.133:611): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6733 comm="syz.0.744" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4b3b58cd29 code=0x7ffc0000 [ 269.438784][ T6742] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 269.450919][ T26] audit: type=1326 audit(1737762870.143:612): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6733 comm="syz.0.744" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4b3b58cd29 code=0x7ffc0000 [ 269.520989][ T26] audit: type=1326 audit(1737762870.163:613): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6733 comm="syz.0.744" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4b3b58cd29 code=0x7ffc0000 [ 269.545511][ T26] audit: type=1326 audit(1737762870.223:614): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6733 comm="syz.0.744" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4b3b58cd29 code=0x7ffc0000 [ 270.608233][ T4249] EXT4-fs (loop3): unmounting filesystem. [ 270.720950][ T6761] netlink: 36 bytes leftover after parsing attributes in process `syz.4.757'. [ 271.125478][ T6786] netlink: 4 bytes leftover after parsing attributes in process `syz.0.764'. [ 271.144310][ T6786] device ipvlan0 entered promiscuous mode [ 271.154527][ T6786] 8021q: adding VLAN 0 to HW filter on device ipvlan0 [ 271.168212][ T6786] team0: Device ipvlan0 is already an upper device of the team interface [ 271.448494][ T6795] loop3: detected capacity change from 0 to 1024 [ 271.471906][ T6795] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 271.501765][ T6795] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 271.521855][ T6795] JBD2: no valid journal superblock found [ 271.534992][ T6795] EXT4-fs (loop3): error loading journal [ 271.651660][ T6803] device batadv_slave_1 entered promiscuous mode [ 271.682170][ T6803] device batadv_slave_1 left promiscuous mode [ 271.714543][ T6805] netlink: 36 bytes leftover after parsing attributes in process `syz.1.772'. [ 271.899340][ T6810] netlink: 56 bytes leftover after parsing attributes in process `syz.2.774'. [ 271.975609][ T6814] xt_hashlimit: max too large, truncated to 1048576 [ 271.994970][ T6814] No such timeout policy "syz1" [ 272.897955][ T6824] xt_CT: No such helper "syz0" [ 272.974708][ T6823] loop4: detected capacity change from 0 to 1024 [ 273.090528][ T6823] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors [ 273.102888][ T6830] atomic_op ffff888058a7f998 conn xmit_atomic 0000000000000000 [ 273.138641][ T6823] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (14919!=20869) [ 273.191999][ T6823] EXT4-fs (loop4): invalid journal inode [ 273.384956][ T6839] xt_hashlimit: max too large, truncated to 1048576 [ 273.408893][ T6839] No such timeout policy "syz1" [ 273.541177][ T6841] device bond1 entered promiscuous mode [ 273.564144][ T6841] 8021q: adding VLAN 0 to HW filter on device bond1 [ 273.735684][ T6852] netlink: 4 bytes leftover after parsing attributes in process `syz.4.792'. [ 273.747421][ T6852] netlink: 4 bytes leftover after parsing attributes in process `syz.4.792'. [ 273.823688][ T6848] loop3: detected capacity change from 0 to 8192 [ 274.022424][ T6841] bond1 (unregistering): Released all slaves [ 274.076580][ T6846] netlink: 36 bytes leftover after parsing attributes in process `syz.0.788'. [ 274.282712][ T6864] atomic_op ffff88807b893198 conn xmit_atomic 0000000000000000 [ 274.342633][ T26] kauditd_printk_skb: 94 callbacks suppressed [ 274.342650][ T26] audit: type=1800 audit(1737762875.953:709): pid=6854 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.791" name="bus" dev="loop3" ino=1048595 res=0 errno=0 [ 274.834456][ T6877] device vlan2 entered promiscuous mode [ 274.846144][ T6877] device dummy0 entered promiscuous mode [ 274.851380][ T6884] loop1: detected capacity change from 0 to 128 [ 274.873011][ T6877] team0: Port device vlan2 added [ 274.949638][ T6884] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 274.979304][ T6884] ext4 filesystem being mounted at /167/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 274.981163][ T26] audit: type=1326 audit(1737762876.593:710): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6887 comm="syz.0.807" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4b3b58cd29 code=0x7ffc0000 [ 275.012847][ C0] vkms_vblank_simulate: vblank timer overrun [ 275.172809][ T4259] EXT4-fs (loop1): unmounting filesystem. [ 275.276549][ T26] audit: type=1800 audit(1737762876.663:711): pid=6884 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.806" name="file1" dev="loop1" ino=12 res=0 errno=0 [ 275.326343][ T6899] xt_hashlimit: max too large, truncated to 1048576 [ 275.343694][ T6899] No such timeout policy "syz1" [ 275.349686][ T26] audit: type=1326 audit(1737762876.673:712): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6887 comm="syz.0.807" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4b3b58cd29 code=0x7ffc0000 [ 275.470481][ T26] audit: type=1326 audit(1737762876.673:713): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6887 comm="syz.0.807" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4b3b58cd29 code=0x7ffc0000 [ 275.495978][ T6903] netlink: 72 bytes leftover after parsing attributes in process `syz.1.811'. [ 275.541838][ T6902] [U]  [ 275.575401][ T26] audit: type=1326 audit(1737762876.673:714): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6887 comm="syz.0.807" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4b3b58cd29 code=0x7ffc0000 [ 275.603489][ T26] audit: type=1326 audit(1737762876.683:715): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6887 comm="syz.0.807" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4b3b58cd29 code=0x7ffc0000 [ 275.619923][ T6907] loop3: detected capacity change from 0 to 512 [ 275.642181][ T6906] netlink: 4 bytes leftover after parsing attributes in process `syz.0.815'. [ 275.659325][ T26] audit: type=1326 audit(1737762876.683:716): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6887 comm="syz.0.807" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4b3b58cd29 code=0x7ffc0000 [ 275.685963][ T6907] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 275.724740][ T6907] EXT4-fs (loop3): 1 truncate cleaned up [ 275.736140][ T6907] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 275.809388][ T26] audit: type=1326 audit(1737762876.683:717): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6887 comm="syz.0.807" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4b3b58cd29 code=0x7ffc0000 [ 275.951111][ T26] audit: type=1326 audit(1737762876.683:718): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6887 comm="syz.0.807" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4b3b58cd29 code=0x7ffc0000 [ 276.110349][ T6924] loop4: detected capacity change from 0 to 1024 [ 276.140806][ T6924] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 276.150109][ T6924] EXT4-fs (loop4): orphan cleanup on readonly fs [ 276.164239][ T6924] EXT4-fs warning (device loop4): ext4_enable_quotas:7029: Failed to enable quota tracking (type=0, err=-5, ino=3). Please run e2fsck to fix. [ 276.179205][ T6924] EXT4-fs (loop4): Cannot turn on quotas: error -5 [ 276.191262][ T6924] EXT4-fs (loop4): 1 truncate cleaned up [ 276.197517][ T6924] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 276.208066][ T6928] device vlan2 entered promiscuous mode [ 276.257521][ T4256] EXT4-fs (loop4): unmounting filesystem. [ 276.480307][ T6935] netlink: 132 bytes leftover after parsing attributes in process `syz.0.825'. [ 276.515630][ T6935] netlink: 'syz.0.825': attribute type 10 has an invalid length. [ 276.574861][ T6935] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 276.629520][ T4249] EXT4-fs (loop3): unmounting filesystem. [ 277.105903][ T4297] usb 1-1: new full-speed USB device number 4 using dummy_hcd [ 277.308713][ T4297] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 277.325830][ T4297] usb 1-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 277.361753][ T6957] netlink: 72 bytes leftover after parsing attributes in process `syz.1.835'. [ 277.386927][ T6957] [U]  [ 277.412645][ T4297] usb 1-1: New USB device found, idVendor=0000, idProduct=a400, bcdDevice= 0.40 [ 277.422146][ T4297] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 277.432643][ T4297] usb 1-1: Product: syz [ 277.437575][ T4297] usb 1-1: Manufacturer: syz [ 277.442780][ T4297] usb 1-1: SerialNumber: syz [ 277.460681][ T4297] cdc_ncm 1-1:1.0: NCM or ECM functional descriptors missing [ 277.480293][ T4297] cdc_ncm 1-1:1.0: bind() failure [ 277.532471][ T6964] device vlan3 entered promiscuous mode [ 277.869682][ T6943] netlink: 4 bytes leftover after parsing attributes in process `syz.0.829'. [ 277.882096][ T129] usb 1-1: USB disconnect, device number 4 [ 278.437577][ T6974] loop1: detected capacity change from 0 to 2048 [ 278.461927][ T6974] EXT4-fs: Ignoring removed mblk_io_submit option [ 278.515505][ T6974] EXT4-fs: Ignoring removed i_version option [ 278.579062][ T6980] netlink: 32 bytes leftover after parsing attributes in process `syz.0.843'. [ 278.596916][ T6974] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 278.798339][ T6980] ebtables: ebtables: counters copy to user failed while replacing table [ 278.965055][ T4259] EXT4-fs (loop1): unmounting filesystem. [ 280.620564][ T7010] netlink: 72 bytes leftover after parsing attributes in process `syz.1.852'. [ 280.632658][ T7010] [U]  [ 280.975338][ T7026] loop2: detected capacity change from 0 to 512 [ 280.990743][ T7026] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 281.029899][ T7026] EXT4-fs (loop2): 1 truncate cleaned up [ 281.050417][ T7026] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 281.248510][ T4258] EXT4-fs (loop2): unmounting filesystem. [ 282.960919][ T7050] device vlan0 entered promiscuous mode [ 283.126091][ T26] kauditd_printk_skb: 17 callbacks suppressed [ 283.126124][ T26] audit: type=1326 audit(1737762884.733:735): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7057 comm="syz.2.871" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f970898cd29 code=0x0 [ 283.154173][ C1] vkms_vblank_simulate: vblank timer overrun [ 283.243836][ T26] audit: type=1326 audit(1737762884.853:736): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7061 comm="syz.3.873" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f001c58cd29 code=0x7ffc0000 [ 283.279428][ T26] audit: type=1326 audit(1737762884.853:737): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7061 comm="syz.3.873" exe="/root/syz-executor" sig=0 arch=c000003e syscall=190 compat=0 ip=0x7f001c58cd29 code=0x7ffc0000 [ 283.309151][ T26] audit: type=1326 audit(1737762884.863:738): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7061 comm="syz.3.873" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f001c58cd29 code=0x7ffc0000 [ 283.349618][ T26] audit: type=1326 audit(1737762884.863:739): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7061 comm="syz.3.873" exe="/root/syz-executor" sig=0 arch=c000003e syscall=199 compat=0 ip=0x7f001c58cd29 code=0x7ffc0000 [ 283.374329][ C1] vkms_vblank_simulate: vblank timer overrun [ 283.485840][ T26] audit: type=1326 audit(1737762884.863:740): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7061 comm="syz.3.873" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f001c58cd29 code=0x7ffc0000 [ 283.509365][ C1] vkms_vblank_simulate: vblank timer overrun [ 283.569436][ T26] audit: type=1326 audit(1737762884.893:741): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7061 comm="syz.3.873" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f001c58cd29 code=0x7ffc0000 [ 283.591911][ C1] vkms_vblank_simulate: vblank timer overrun [ 283.790400][ T7079] loop4: detected capacity change from 0 to 512 [ 283.808001][ T7079] EXT4-fs: Ignoring removed oldalloc option [ 283.826805][ T7079] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 283.931476][ T7079] EXT4-fs warning (device loop4): ext4_expand_extra_isize_ea:2809: Unable to expand inode 11. Delete some EAs or run e2fsck. [ 283.979109][ T7081] block device autoloading is deprecated and will be removed. [ 283.993997][ T7081] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 2 [ 284.071534][ T7079] EXT4-fs (loop4): 1 truncate cleaned up [ 284.128537][ T7079] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 284.585820][ T7079] loop4: detected capacity change from 512 to 64 [ 284.701418][ T7086] syz.4.879 (7086) used greatest stack depth: 18432 bytes left [ 284.734490][ T7092] loop3: detected capacity change from 0 to 128 [ 284.746879][ T7091] syz.1.884[7091] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 284.747003][ T7091] syz.1.884[7091] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 284.803050][ T7092] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x00067272 (sector = 1) [ 284.825643][ T7088] device bond1 entered promiscuous mode [ 284.845627][ T4256] EXT4-fs error (device loop4): mb_free_blocks:1815: group 0, inode 16: block 35:freeing already freed block (bit 34); block bitmap corrupt. [ 284.863856][ T26] audit: type=1326 audit(1737762886.473:742): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7089 comm="syz.1.884" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ab598cd29 code=0x7ffc0000 [ 284.899977][ T26] audit: type=1326 audit(1737762886.513:743): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7089 comm="syz.1.884" exe="/root/syz-executor" sig=0 arch=c000003e syscall=89 compat=0 ip=0x7f5ab598cd29 code=0x7ffc0000 [ 284.914538][ T7088] 8021q: adding VLAN 0 to HW filter on device bond1 [ 284.967070][ T26] audit: type=1326 audit(1737762886.533:744): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7089 comm="syz.1.884" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ab598cd29 code=0x7ffc0000 [ 285.000662][ T4256] EXT4-fs (loop4): unmounting filesystem. [ 285.007245][ T4336] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x00067272 (sector = 1) [ 285.325228][ T7088] bond1 (unregistering): Released all slaves [ 285.350211][ T7096] netlink: 12 bytes leftover after parsing attributes in process `syz.0.886'. [ 285.364510][ T7099] netlink: 4 bytes leftover after parsing attributes in process `syz.0.886'. [ 285.374884][ T7099] device bridge_slave_1 left promiscuous mode [ 285.393098][ T7099] bridge0: port 2(bridge_slave_1) entered disabled state [ 285.416696][ T7099] device bridge_slave_0 left promiscuous mode [ 285.423356][ T7099] bridge0: port 1(bridge_slave_0) entered disabled state [ 287.054913][ T7138] 9pnet_fd: Insufficient options for proto=fd [ 287.264899][ T7140] netlink: 28 bytes leftover after parsing attributes in process `syz.2.902'. [ 287.332971][ T7140] netlink: 28 bytes leftover after parsing attributes in process `syz.2.902'. [ 287.417579][ T7143] delete_channel: no stack [ 287.422679][ T7143] delete_channel: no stack [ 287.862424][ T7155] device vlan3 entered promiscuous mode [ 288.928254][ T26] kauditd_printk_skb: 34 callbacks suppressed [ 288.928270][ T26] audit: type=1326 audit(1737762890.543:779): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7176 comm="syz.1.915" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ab598cd29 code=0x7ffc0000 [ 289.058089][ T26] audit: type=1326 audit(1737762890.573:780): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7176 comm="syz.1.915" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ab598cd29 code=0x7ffc0000 [ 289.138954][ T26] audit: type=1326 audit(1737762890.573:781): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7176 comm="syz.1.915" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5ab598cd29 code=0x7ffc0000 [ 289.222464][ T26] audit: type=1326 audit(1737762890.573:782): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7176 comm="syz.1.915" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ab598cd29 code=0x7ffc0000 [ 289.281230][ T7189] loop1: detected capacity change from 0 to 1024 [ 289.323847][ T7189] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 289.355977][ T26] audit: type=1326 audit(1737762890.573:783): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7176 comm="syz.1.915" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ab598cd29 code=0x7ffc0000 [ 289.385820][ T7189] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 289.414805][ T7192] loop4: detected capacity change from 0 to 1024 [ 289.431476][ T7189] JBD2: no valid journal superblock found [ 289.441636][ T26] audit: type=1326 audit(1737762890.583:784): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7176 comm="syz.1.915" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5ab598cd29 code=0x7ffc0000 [ 289.475917][ T7189] EXT4-fs (loop1): error loading journal [ 289.497288][ T26] audit: type=1326 audit(1737762890.583:785): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7176 comm="syz.1.915" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ab598cd29 code=0x7ffc0000 [ 289.580808][ T7192] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors [ 289.642518][ T7192] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (14919!=20869) [ 289.693302][ T7200] device vlan2 entered promiscuous mode [ 289.706207][ T7192] EXT4-fs (loop4): invalid journal inode [ 289.718182][ T7192] EXT4-fs (loop4): can't get journal size [ 289.724956][ T26] audit: type=1326 audit(1737762890.583:786): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7176 comm="syz.1.915" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ab598cd29 code=0x7ffc0000 [ 289.749492][ T26] audit: type=1326 audit(1737762890.583:787): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7176 comm="syz.1.915" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f5ab598b690 code=0x7ffc0000 [ 289.772539][ T7192] EXT4-fs error (device loop4): ext4_protect_reserved_inode:182: inode #3: comm syz.4.921: blocks 2-2 from inode overlap system zone [ 289.787646][ T26] audit: type=1326 audit(1737762890.583:788): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7176 comm="syz.1.915" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ab598cd29 code=0x7ffc0000 [ 289.815987][ T7192] EXT4-fs (loop4): failed to initialize system zone (-117) [ 289.949233][ T7192] EXT4-fs (loop4): mount failed [ 290.245995][ T7202] device batadv_slave_1 entered promiscuous mode [ 290.295957][ T7202] device batadv_slave_1 left promiscuous mode [ 290.607376][ T7192] netlink: 4 bytes leftover after parsing attributes in process `syz.4.921'. [ 290.747607][ T7210] syz.0.924 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 290.844274][ T7218] program syz.2.926 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 291.438683][ T7218] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 291.702958][ T7218] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 291.759325][ T7245] loop3: detected capacity change from 0 to 512 [ 291.863063][ T7250] device vlan2 entered promiscuous mode [ 292.749141][ T7218] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 292.971731][ T7267] loop1: detected capacity change from 0 to 512 [ 293.065072][ T7267] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 293.093463][ T7218] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 293.267344][ T7267] EXT4-fs (loop1): 1 truncate cleaned up [ 293.425152][ T7267] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 293.697247][ T7218] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 293.785542][ T7218] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 293.875366][ T4259] EXT4-fs (loop1): unmounting filesystem. [ 293.881847][ T7218] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 293.915352][ T7218] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 294.023907][ T7282] loop0: detected capacity change from 0 to 2048 [ 294.102902][ T7282] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 294.148115][ T26] kauditd_printk_skb: 104 callbacks suppressed [ 294.148133][ T26] audit: type=1800 audit(1737762895.763:893): pid=7282 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.943" name="bus" dev="loop0" ino=18 res=0 errno=0 [ 294.236293][ T26] audit: type=1800 audit(1737762895.793:894): pid=7282 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.943" name="bus" dev="loop0" ino=18 res=0 errno=0 [ 294.329311][ T26] audit: type=1326 audit(1737762895.873:895): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7291 comm="syz.2.946" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f970898cd29 code=0x0 [ 294.742343][ T7305] device vlan0 entered promiscuous mode [ 296.329804][ T26] audit: type=1326 audit(1737762897.943:896): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7311 comm="syz.2.953" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f970898cd29 code=0x7ffc0000 [ 296.440223][ T26] audit: type=1326 audit(1737762897.973:897): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7311 comm="syz.2.953" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f970898cd29 code=0x7ffc0000 [ 296.532883][ T26] audit: type=1326 audit(1737762897.973:898): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7311 comm="syz.2.953" exe="/root/syz-executor" sig=0 arch=c000003e syscall=430 compat=0 ip=0x7f970898cd29 code=0x7ffc0000 [ 296.625966][ T26] audit: type=1326 audit(1737762897.973:899): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7311 comm="syz.2.953" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f970898cd29 code=0x7ffc0000 [ 296.713714][ T26] audit: type=1326 audit(1737762897.973:900): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7311 comm="syz.2.953" exe="/root/syz-executor" sig=0 arch=c000003e syscall=91 compat=0 ip=0x7f970898cd29 code=0x7ffc0000 [ 296.736910][ C1] vkms_vblank_simulate: vblank timer overrun [ 296.796251][ T26] audit: type=1326 audit(1737762897.973:901): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7311 comm="syz.2.953" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f970898cd29 code=0x7ffc0000 [ 296.818612][ C1] vkms_vblank_simulate: vblank timer overrun [ 296.885782][ T26] audit: type=1326 audit(1737762897.973:902): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7311 comm="syz.2.953" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f970898cd29 code=0x7ffc0000 [ 297.027445][ T7336] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 297.035299][ T7336] IPv6: NLM_F_CREATE should be set when creating new route [ 297.042755][ T7336] IPv6: NLM_F_CREATE should be set when creating new route [ 297.050111][ T7336] IPv6: NLM_F_CREATE should be set when creating new route [ 297.452947][ T7349] loop3: detected capacity change from 0 to 512 [ 297.460828][ T7349] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 297.751724][ T7349] EXT4-fs (loop3): 1 truncate cleaned up [ 297.901965][ T7349] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 298.172904][ T7349] EXT4-fs (loop3): unmounting filesystem. [ 299.116486][ T7286] ------------[ cut here ]------------ [ 299.122439][ T7286] kernel BUG at fs/buffer.c:2666! [ 299.137768][ T7286] invalid opcode: 0000 [#1] PREEMPT SMP KASAN [ 299.143912][ T7286] CPU: 0 PID: 7286 Comm: kmmpd-loop0 Not tainted 6.1.127-syzkaller #0 [ 299.152096][ T7286] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 299.162180][ T7286] RIP: 0010:submit_bh_wbc+0x4c0/0x4e0 [ 299.167596][ T7286] Code: 02 89 e9 80 e1 07 80 c1 03 38 c1 0f 8c be fe ff ff 48 89 ef e8 a1 48 e0 ff e9 b1 fe ff ff e8 b7 b5 88 ff 0f 0b e8 b0 b5 88 ff <0f> 0b e8 a9 b5 88 ff 0f 0b e8 a2 b5 88 ff 0f 0b e8 9b b5 88 ff 0f [ 299.187248][ T7286] RSP: 0018:ffffc90004b87c40 EFLAGS: 00010293 [ 299.193342][ T7286] RAX: ffffffff8201e6f0 RBX: 0000000000000000 RCX: ffff888030d23b80 [ 299.201435][ T7286] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 299.209524][ T7286] RBP: ffffc90004b87d50 R08: ffffffff8201e2cd R09: ffffed100e705258 [ 299.217525][ T7286] R10: 0000000000000000 R11: dffffc0000000001 R12: 1ffff1100e705257 [ 299.225522][ T7286] R13: ffff8880738292b8 R14: 0000000000000000 R15: 0000000000003801 [ 299.233521][ T7286] FS: 0000000000000000(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000 [ 299.242472][ T7286] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 299.249075][ T7286] CR2: 00007fbe0654bfe4 CR3: 000000005ca83000 CR4: 00000000003506f0 [ 299.257143][ T7286] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 299.265311][ T7286] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 299.273395][ T7286] Call Trace: [ 299.276775][ T7286] [ 299.279709][ T7286] ? __die_body+0x5e/0xa0 [ 299.284054][ T7286] ? die+0x83/0xb0 [ 299.287789][ T7286] ? do_trap+0x11e/0x350 [ 299.292070][ T7286] ? submit_bh_wbc+0x4c0/0x4e0 [ 299.297272][ T7286] ? submit_bh_wbc+0x4c0/0x4e0 [ 299.302063][ T7286] ? do_error_trap+0x13d/0x1e0 [ 299.306832][ T7286] ? submit_bh_wbc+0x4c0/0x4e0 [ 299.311688][ T7286] ? do_int3+0x30/0x30 [ 299.315763][ T7286] ? report_bug+0x3e0/0x500 [ 299.320295][ T7286] ? rcu_is_watching+0x11/0xb0 [ 299.325065][ T7286] ? handle_invalid_op+0x2c/0x40 [ 299.330096][ T7286] ? submit_bh_wbc+0x4c0/0x4e0 [ 299.334866][ T7286] ? exc_invalid_op+0x2f/0x40 [ 299.339545][ T7286] ? asm_exc_invalid_op+0x16/0x20 [ 299.344586][ T7286] ? submit_bh_wbc+0x9d/0x4e0 [ 299.349264][ T7286] ? submit_bh_wbc+0x4c0/0x4e0 [ 299.354054][ T7286] ? submit_bh_wbc+0x4c0/0x4e0 [ 299.358823][ T7286] write_mmp_block_thawed+0x3b6/0x5a0 [ 299.364200][ T7286] ? read_mmp_block+0x7e0/0x7e0 [ 299.369054][ T7286] ? update_process_times+0x1b0/0x1b0 [ 299.374453][ T7286] ? kmmpd+0x40c/0xa70 [ 299.378524][ T7286] write_mmp_block+0x13f/0x390 [ 299.383297][ T7286] kmmpd+0x40c/0xa70 [ 299.387205][ T7286] ? write_mmp_block_thawed+0x5a0/0x5a0 [ 299.392777][ T7286] ? __kthread_parkme+0x168/0x1c0 [ 299.397869][ T7286] kthread+0x28d/0x320 [ 299.401984][ T7286] ? write_mmp_block_thawed+0x5a0/0x5a0 [ 299.407579][ T7286] ? kthread_blkcg+0xd0/0xd0 [ 299.412348][ T7286] ret_from_fork+0x1f/0x30 [ 299.416802][ T7286] [ 299.419827][ T7286] Modules linked in: [ 299.449301][ T7286] ---[ end trace 0000000000000000 ]--- [ 299.454975][ T7286] RIP: 0010:submit_bh_wbc+0x4c0/0x4e0 [ 299.460998][ T7286] Code: 02 89 e9 80 e1 07 80 c1 03 38 c1 0f 8c be fe ff ff 48 89 ef e8 a1 48 e0 ff e9 b1 fe ff ff e8 b7 b5 88 ff 0f 0b e8 b0 b5 88 ff <0f> 0b e8 a9 b5 88 ff 0f 0b e8 a2 b5 88 ff 0f 0b e8 9b b5 88 ff 0f [ 299.481909][ T7286] RSP: 0018:ffffc90004b87c40 EFLAGS: 00010293 [ 299.490383][ T7286] RAX: ffffffff8201e6f0 RBX: 0000000000000000 RCX: ffff888030d23b80 [ 299.529267][ T7286] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 299.555247][ T7286] RBP: ffffc90004b87d50 R08: ffffffff8201e2cd R09: ffffed100e705258 [ 299.594256][ T7286] R10: 0000000000000000 R11: dffffc0000000001 R12: 1ffff1100e705257 [ 299.614729][ T7286] R13: ffff8880738292b8 R14: 0000000000000000 R15: 0000000000003801 [ 299.633963][ T7286] FS: 0000000000000000(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000 [ 299.660837][ T7286] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 299.697807][ T7286] CR2: 0000563a82314008 CR3: 0000000079d03000 CR4: 00000000003506f0 [ 299.714875][ T7286] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 299.727789][ T7286] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 299.737390][ T7286] Kernel panic - not syncing: Fatal exception [ 299.743638][ T7286] Kernel Offset: disabled [ 299.748873][ T7286] Rebooting in 86400 seconds..