last executing test programs: 7.018900998s ago: executing program 3 (id=1271): symlinkat(&(0x7f0000001040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00') r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000020000000c0000000014"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001700000000000000ff000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008002010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10) execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) 6.955838692s ago: executing program 3 (id=1272): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000002080)={&(0x7f0000000300)='kfree\x00', r0}, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_1\x00', 0x0}) sendmsg$ETHTOOL_MSG_LINKMODES_GET(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000180)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010328bd7000fedbdf251c0000000c00018008000100", @ANYRES32=r3], 0x20}}, 0x10) 2.096184992s ago: executing program 3 (id=1279): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = bpf$MAP_CREATE(0x0, 0x0, 0x50) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYRES32=r1, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r2}, 0x10) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f000000c280)={&(0x7f0000000f80)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000050000000900010073797a300000000078000000030a01030000000000000000050000000900010073797a300000000008000540000000001c0008800c000240000000000000ffff0b00014000000000000000000900030073797a3200000000280004800800024000000000140003007465616d5f736c6176655f3000000000080001"], 0xd4}}, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000054850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x37, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r3}, 0x10) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000aac020000060a0b040000000000000000020000003c020480380201800a0001006d6174636800000028020280080002400000000114020300d67a8527f76ec1d39e537c4c3060c6a405106c72848aa8bcb429b3a20d532452032d5f166334739d1719a5778bd4f724ee4ca57f2527aeeb0c75755d68fc6fa55f4825682ee95e581039823e5963beedcf65b8b005623d90772b8b6ebd2498b0aff725a3eabb6c99cb2edfe10b9c33be8a971e08401bc0807e75a2ff376b7934473bc1f02bb512b77414daf260c9c7d4e1f0758b56ec5823892af310e6252fcfb1d9dbad362baa26f43f12f831fd221926d6536eeff641db46920ae0e48f3ff5de599714ba6510ce479d4116a519792281736f39c9fc0e10ef557392c43389271cebcf36543fcf6f83bf74b93ee4eb5e8c82e35bb4784cc1ed0ad291b16e8368487589f7590bf5896f340a36555a1cf69736da230a809176dbdfba3d47efb9a6932e5503d277532b7d4e6f7c7373a298e5843a9f74d5fd07fbc6ad22bc644ba9b3c94ec3c8f0b9321b16e5826b1f058f781760a5d4b6a8880202b41689139c37cd51f65a92d883f8901add03b650c9ec182fb565a4d657ebba9d6a5eb426b22d5933b72362e6ec327fb679aa8034b8b3b6680ad138be47652a3e77981187d2921cebfc1639aa280e3d38dba9b1af49ceded79c78a2d656b3a3e946e17e6257def6679f70f11aa01a2d906aecf4dbc7d1a332a8932ed719ce7eecb5450f494f944b3f6b637502ddba609c6e45dcfad1db7c7dda3e2c8d5ddcf27132985442e9b8df16f96c82e72e3e2491856d07756b9f08000100627066000900010073797a30000000000900020073797a32"], 0x2d4}}, 0x4048010) r5 = socket$nl_generic(0x10, 0x3, 0x10) syz_emit_ethernet(0x5e, &(0x7f0000000640)={@local, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "4dd318", 0x28, 0x6, 0x0, @private1={0xfc, 0x1, '\x00', 0x2}, @local, {[], {{0x0, 0x4001, 0x41424344, 0x41424344, 0x0, 0x0, 0xa, 0x2, 0x0, 0x0, 0x0, {[@sack={0x5, 0x2}, @generic={0x22, 0x12, "7236ae42dcfb08535f8c57711e3907a4"}]}}}}}}}}, 0x0) sendmsg$NL80211_CMD_TRIGGER_SCAN(r5, &(0x7f0000000340)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000080)={&(0x7f0000000380)={0x80, 0x0, 0x4, 0x70bd25, 0x25dfdbfe, {{}, {@void, @val={0xc, 0x99, {0xd70, 0x33}}}}, [@NL80211_ATTR_SCAN_FREQUENCIES={0x4c, 0x2c, 0x0, 0x1, [{0x8, 0x0, 0x401}, {0x8, 0x0, 0x7fffffff}, {0x8, 0x0, 0xfffffff8}, {0x8, 0x0, 0xd4d}, {0x8, 0x0, 0x7}, {0x8, 0x0, 0xa2}, {0x8, 0x0, 0x2}, {0x8, 0x0, 0x8}, {0x8, 0x0, 0x5}]}, @NL80211_ATTR_BG_SCAN_PERIOD={0x6, 0x98, 0x1}, @NL80211_ATTR_BSSID={0xa, 0xf5, @random="f26fcecc6088"}]}, 0x80}, 0x1, 0x0, 0x0, 0x40000}, 0x4) r6 = socket$nl_netfilter(0x10, 0x3, 0xc) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$PPPIOCATTCHAN(0xffffffffffffffff, 0x40047438, &(0x7f00000006c0)=0x3) r7 = syz_open_dev$usbmon(&(0x7f0000000000), 0x1, 0x0) ioctl$MON_IOCX_GET(r7, 0x40189206, &(0x7f0000000240)={0x0, 0x0}) sendmsg$NFT_BATCH(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010000000000fe0000000000000a30000000030a01080000000000000000010000000900030073797a320000000004000480090001000000001100010000000000000000000000000a0000000000000000006ae315a2f32cbf1d55c1af82367d45214af361349892137888f6e8c75b06eb719adb6a51acff083b73006fc2e445e256736bcab679417559d2d07c35ea458e2cf07e7d5bfec1f2d5eb4b25986cb5d735a19775bba84e2f327287125cd531c3848010820be1b02d27cf8eb1b04d13a42dc84e7cbf867969093719db344df31cea1e1a956eb94543a6aa21a152fc28505c7ea0767d6aa23c3dcf067f4225dee6a05901e1e14524a67b9ac9c9ab8c2ec59f1fffe1d60e0e2f65bbf5ed8fd17a23a221560c5ac5b4419f4ec34955969e5aacb26297c7c1c42216b3fc0eb5126c48a10f9504a224edd7f46df4a2291de361cbc98a"], 0x58}, 0x1, 0x0, 0x0, 0x4000000}, 0x8090) 2.096009422s ago: executing program 1 (id=1280): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) getrandom(0x0, 0x0, 0x1) 1.892572244s ago: executing program 1 (id=1284): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000bc0), r0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(r2, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000180)=ANY=[@ANYBLOB="c4000000", @ANYRES16=r1, @ANYBLOB="01000000000000000000010000000400048008000200010000000800010000000000800008801400078008000600fd68"], 0xc4}}, 0x20044414) 1.846250797s ago: executing program 1 (id=1285): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000005000000050000000900000001", @ANYBLOB], 0x48) bpf$MAP_GET_NEXT_KEY(0x2, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x3000000, &(0x7f00000006c0), 0x1, 0x512, &(0x7f0000000c40)="$eJzs3W1rZFcdAPD/vcmk2d3UTFVkLdgWW9ktujNJY9so0lYQfVVQ6/s1JpMQMsmEzKRuQtEsfgBBRAU/gG8EP4Ag+xFEWND3oqKI7upL3St35kbzMJMMySSzTn4/OJlz7sP5n3PJ3LkPh3sDuLJeioh3ImIsIl6NiOlielqk2OukfLnHjz5YzFMSWfbe35JIimn7deXl8Yi4Uaw2GRFf/0rEt5LjcZs7u2sL9XptqyhXW+ub1ebO7p3V9YWV2kptY25u9o35N+dfn5/JCufqZzki3vrSn370/Z99+a1ffebbv7/7l9vfyZv1hY912h0Ri+cK0EOn7lJ7W+zLt9HWRQQbkrw/pbFhtwIAgH7kx/gfjohPto//p2OsfTQHAAAAjJLs7an4VxKRAQAAACMrjYipSNJKMRZgKtK0UumM4f1oXE/rjWbr08uN7Y2lfF5EOUrp8mq9NlOMFS5HKcnLs8UY2/3ya0fKcxHxXET8cPpau1xZbNSXhn3xAwAAAK6IGy8ePv//53TazgMAAAAjptyzAAAAAIwKp/wAAAAw+pz/AwAAwEj76rvv5inbf4/30vs722uN9+8s1ZprlfXtxcpiY2uzstJorLSf2bd+Wn31RmPzs7Gxfa/aqjVb1ebO7t31xvZG6+7qoVdgAwAAAJfouRcf/C6JiL3PX2unKJ4DCHDIH4fdAGCQxobdAGBoxofdAGBoSqcuYQ8Boy45Zf7xwTuda4Xx64tpDwAAMHi3Pn78/v9EMe/0awPA/zNjfQDg6nF3D66u0llHAN4cdEuAYflQ5+OZXvN7Pryjj/v/nWsMWXamhgEAAAMz1U5JWimO06ciTSuViGfbrwUoJcur9dpMcX7w2+nSM3l5tr1mcuqYYQAAAAAAAAAAAAAAAAAAAAAAAACgI8uSyAAAAICRFpH+OWk/zT/i1vQrU4evDhx569dP3/vxvYVWa2s2YiL5+3Q+aSIiWj8ppr+WeSUAAAAAPAU65+nF5+ywWwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAqHn86IPF/XSZcf/6xYgod4s/HpPtz8koRcT1fyQxfmC9JCLGBhB/735E3OwWP4knWZaVi1Z0i3/tguOX25ume/w0Im4MID5cZQ/y/c873b5/abzU/uz+/Rsv0nn13v+l/93/jfXY/zx7pNzL8w9/Ue0Z/37E8+Pd9z/78ZNO/EMh8sLLffbxm9/Y3e0640CV3eIfjFVtrW9Wmzu7d1bXF1ZqK7WNubnZN+bfnH99fqa6vFqvFX+7hvnBJ3755KT+X+8Rv3y4/8e2/yt99T6Lfz+89+gjnUKpW/zbL3f//b3ZI35a/PZ9qsjn82/t5/c6+YNe+PlvXjip/0s9+j95Sv9v99X/+NyrX/veH7rOObY1AIDL0NzZXVuo12tbJ2Qm+1jmkjNvPx3NGGAmno5mDCuTfbfz/3i+es65+rFMdp7Vx2MAzZg49j0di7NWmETs5XX1+Q8JAACMmP8d9J90BwkAAAAAAAAAAAAAAAAAAAC4SGd8LNlkRPS98NGYe8PpKgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAif4TAAD//4RX0Xo=") r2 = fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0) fsconfig$FSCONFIG_SET_FLAG(r2, 0x0, &(0x7f0000000080)='ro\x00', 0x0, 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r2, 0x7, 0x0, 0x0, 0x0) 1.040845826s ago: executing program 2 (id=1287): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_LIST(r0, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000840)={0x24, 0x7, 0x6, 0x201, 0x0, 0x0, {0x3, 0x0, 0xa}, [@IPSET_ATTR_FLAGS={0x8, 0x6, 0x1, 0x0, 0x7ff}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0xc004}, 0x8804) 1.040604486s ago: executing program 1 (id=1288): r0 = syz_clone(0xa00200, 0x0, 0xfffffffffffffef2, 0x0, 0x0, 0x0) prctl$PR_SET_SECUREBITS(0x1c, 0x2c) setuid(0xee00) r1 = syz_open_procfs(0x0, &(0x7f0000000480)='task\x00') fchdir(r1) mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0) r2 = syz_open_procfs(r0, &(0x7f0000000040)='stat\x00') prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xc, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10) pread64(r2, &(0x7f0000000140)=""/15, 0xf, 0x4) 1.038591796s ago: executing program 4 (id=1289): bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0e0000000400"], 0x48) r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0, r0}, 0x18) sendmsg$tipc(0xffffffffffffffff, 0x0, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r1}, 0x10) socket$nl_route(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_LINKMODES_SET(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000680)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="0700000000000000000005000000180001801400020073797a5f74756e0000000000000000000800038004000380080005"], 0x3c}}, 0x0) 973.984961ms ago: executing program 2 (id=1290): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="180000000000000000000000000000008500000050"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x62d004e3b9bfb93f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000200)='fdb_delete\x00', r2}, 0x10) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = getpid() sched_setparam(r4, &(0x7f0000000280)=0x8) ioctl$SIOCSIFHWADDR(r3, 0x8924, &(0x7f0000000000)={'bridge_slave_0\x00', @random="010000201000"}) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=ANY=[@ANYBLOB="640000000206050000000000000000000000000015000300686173683a69702c706f72742c6e6574000000000900020073797a30000000000500040000400000050005000a000000050001000600000014000780080006400000000008001340"], 0x64}}, 0x24002800) sendmsg$IPSET_CMD_DESTROY(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffef5, &(0x7f0000000300)={&(0x7f0000000340)=ANY=[@ANYBLOB="1c000000030601020000000000000000000000000500010007"], 0x1c}}, 0x4000000) 911.449914ms ago: executing program 4 (id=1292): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x12, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f0000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000004c0)='mm_page_free\x00', r0, 0x0, 0x178}, 0x18) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil) r1 = io_uring_setup(0x3454, &(0x7f0000000080)={0x0, 0x8e8c, 0x18, 0x2}) io_uring_register$IORING_REGISTER_BUFFERS(r1, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a) mremap(&(0x7f00003eb000/0x2000)=nil, 0x2000, 0x1000, 0x3, &(0x7f0000003000/0x1000)=nil) io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r1, 0x10, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000002700)=""/4096, 0x1000}], 0x0, 0xa}, 0x20) 764.237864ms ago: executing program 3 (id=1294): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb7030000de080000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x28, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) r2 = syz_open_dev$usbfs(&(0x7f0000003f00), 0x1ff, 0xa401) ioctl$USBDEVFS_DISCONNECT_CLAIM(r2, 0x8108551b, &(0x7f0000000000)={0x0, 0x0, "ec9fe44d4dbe56a60274fcffffffffffffff14e315eeb406bfdd73835e57efa94b1a0275781c647aa7e3470c6028643b17832b10b386a6f73791011c26a9aa141f406e312295ee620a9a46577b9249b738fe7750bec83bf6ed5b67213fa7d6c0823fd154ed29ede1ff379742c3f0b46caa357d70ee438f901d7645c3f87e4b21482b76f2ad8eaac090272081f98fd2e3e5a63e008104df635e731a5bfcd942f4529517454618de595cd179445b4bdbf698b9986356f0ebf7d25a57774ef474f86a3ad24ae9f0bf94b99e6b87de5f79d383d05bb32701daed400785a49788f08caecc9e0c48a3740bbe6e1c1fd4f6cfdfe756bc00d08e36655c00"}) ioctl$USBDEVFS_CONTROL(r2, 0xc0185500, &(0x7f0000000140)={0x2, 0x0, 0x0, 0xff81, 0x0, 0x0, 0x0}) 750.464014ms ago: executing program 3 (id=1296): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f00000003c0)=ANY=[@ANYBLOB="18010000008000000000000000000004850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000340)='kfree\x00', r0}, 0x18) r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=ANY=[@ANYBLOB="0202000311000000000000000000000005000500000000000a00000000000000fe8000000000000000000000000000bb000000000000000002000100000007000000000b000000000200090000000000000000000000000005000600000000000a00000000000000fe8800000000000000000000000000010000000000000000010018"], 0x88}}, 0x0) 665.50563ms ago: executing program 1 (id=1298): unshare(0x2a020400) pidfd_send_signal(0xffffffffffffffff, 0x21, 0x0, 0x4) 615.868753ms ago: executing program 3 (id=1299): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x10, 0x2, &(0x7f0000000100)=@raw=[@ldst={0x1, 0x2, 0x4, 0x0, 0x1, 0x25}, @jmp={0x5, 0x0, 0x9, 0x0, 0x0, 0xfffffffffffffff0}], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r0 = socket(0x2, 0x80805, 0x0) sendmmsg$inet_sctp(r0, &(0x7f0000002240)=[{&(0x7f0000001000)=@in={0x2, 0x4e23, @local}, 0x10, &(0x7f0000001040)=[{&(0x7f00000010c0)="13", 0x1}], 0x1, &(0x7f0000002180)=[@init={0x18, 0x84, 0x0, {0x40, 0xb, 0x101, 0xff}}, @dstaddrv4={0x18, 0x84, 0x7, @loopback}], 0x30, 0x40010}], 0x1, 0x240000c0) r1 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$F2FS_IOC_WRITE_CHECKPOINT(r1, 0xf507, 0x0) ioctl$VT_RESIZEX(r1, 0x560a, &(0x7f0000000180)={0x2, 0x76, 0x10b, 0x5, 0x4}) futex(0xfffffffffffffffe, 0x3, 0x0, 0x0, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000240)={[{@nogrpid}, {@resuid}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@jqfmt_vfsold}, {@nombcache}, {@quota}]}, 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV") lsetxattr$trusted_overlay_upper(&(0x7f0000000200)='./file1\x00', &(0x7f00000000c0), &(0x7f0000000040)=ANY=[], 0xfe37, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="58000000020605000000000000000000000000000900020073797a3100000000050005000a000000050001000600000013000300686173683a6e65742c696661636500000c0007800800124005000000050004"], 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec8500000050000000660000000f00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000b40), 0x600, 0x0) r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) r5 = dup3(r4, r3, 0x0) setsockopt$inet_tcp_TCP_MD5SIG(r5, 0x6, 0xe, 0x0, 0x0) ioctl$PAGEMAP_SCAN(r5, 0xc0606610, &(0x7f00000003c0)={0x60, 0x0, &(0x7f00005ac000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, 0x4, &(0x7f0000000140)=[{0x5, 0xfe3e}], 0x1, 0x7, 0x14, 0xb, 0x23, 0x2a}) socketpair(0x11, 0x802, 0x0, &(0x7f0000000040)) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='tlb_flush\x00'}, 0x10) mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2) 615.668043ms ago: executing program 4 (id=1300): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_LIST(r0, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000840)={0x24, 0x7, 0x6, 0x201, 0x0, 0x0, {0x3, 0x0, 0xa}, [@IPSET_ATTR_FLAGS={0x8, 0x6, 0x1, 0x0, 0x7ff}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0xc004}, 0x8804) 591.610444ms ago: executing program 4 (id=1302): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, @fallback=0x1b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000240)='kfree\x00', r0}, 0x10) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000c80)='./file1\x00', 0x210000, &(0x7f0000000580)={[{@jqfmt_vfsv1}, {@resgid}, {@nodioread_nolock}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@resgid}, {@errors_remount}, {@grpid}, {@orlov}]}, 0xfc, 0x572, &(0x7f0000003780)="$eJzs3d9rW1UcAPDvTdPup66DMdQHGezByVy6tv6YIDgfRYcDfZ+hvSuj6TKadKx14PbgXnyRIYg4EP8A330c/gP+FQMdDBlFH0So3PSmy9qkv5aZbPl84Lbn5N7bc78593t7Tm5CAhhYx7IfhYiXI+KbJOJQy7pi5CuPrW63/PD6VLYksbLy6Z9JJPljze2T/PeBvPJSRPz6VcTJwsZ2a4tLs+VKJZ3P62P1uStjtcWlU5fmyjPpTHp5YnLyzFuTE+++83bXYn39/N/ff3L3wzNfH1/+7uf7h28ncTYO5uta43gCN1orx8r/5qXhOLtuw/EuNNZPkl4fALsylOf5cGTXgEMxlGc98Pz7MiJWgAGVyH8YUM1xQHNu36V58DPjwQerE6BG7COt8RdXXxuJvY250f7l5LGZUTbfHe1C+1kbv/xx53a2xOavQ+zbog6wIzduRsTpYnHj9T/Jr3+7d7rx4vHm1rcxaP9/oJfuZuOfN9qN/wpr459oM/450CZ3d2Pr/C/c70IzHWXjv/fajn/XLl2jQ3nthcaYbzi5eKmSno6IFyPiRAzvyeqb3c85s3xvpdO61vFftmTtN8eC+XHcL+55fJ/pcr0cESNPEnfTg5sRrxTbxZ+s9X/Spv+z5+P8Nts4mt55tdO6reN/ulZ+initbf8/uqOVbH5/cqxxPow1z4qN/rp19LdO7fc6/qz/928e/2jSer+2tvM2ftz7T9pp3W7P/5Hks0a5mQTXyvX6/HjESPLxxscnHu3brDe3z+I/cXzz61+78z+bfH2+zfhvHbnVcdN+6P/pHfX/zgv3Pvrih07tb6//32yUTuSP5Ne/9vJzZbsH+KTPHwAAAAAAAPSTQkQcjKRQWisXCqXS6vs7jsT+QqVaq5+8WF24PB2Nz8qOxnCheaf7UMv7Icbz98M26xPr6pMRcTgivh3a16iXpqqV6V4HDwAAAAAAAAAAAAAAAAAAAH3iQIfP/2d+H+r10QFPXeOLDfb0+iiAXtjyK/+78U1PQF/aMv+B55b8h8El/2FwyX8YXPIfBpf8h8El/2FwyX8AAAAAAAAAAAAAAAAAAAAAAAAAAADoqvPnzmXLyvLD61NZffrq4sJs9eqp6bQ2W5pbmCpNVeevlGaq1ZlKWpqqzm319yrV6pXxiVi4NlZPa/Wx2uLShbnqwuX6hUtz5Zn0Qjr8v0QFAAAAAAAAAAAAAAAAAAAAz5ba4tJsuVJJ5xU6Ft6PvjiMpxngql3tXuyXKBQ6FG7m3buzvXp4UQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAdf4LAAD//++4Mnc=") openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0xa0242, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x441, 0x14a) fallocate(r1, 0x20, 0x0, 0x8000) 554.710956ms ago: executing program 0 (id=1303): bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0e0000000400"], 0x48) r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0, r0}, 0x18) sendmsg$tipc(0xffffffffffffffff, 0x0, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r1}, 0x10) socket$nl_route(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_LINKMODES_SET(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000680)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="0700000000000000000005000000180001801400020073797a5f74756e0000000000000000000800038004000380080005"], 0x3c}}, 0x0) 547.810407ms ago: executing program 2 (id=1304): r0 = socket$netlink(0x10, 0x3, 0x10) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x8, 0x0, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$devlink(0x0, 0xffffffffffffffff) sendmsg$DEVLINK_CMD_RATE_NEW(r1, 0x0, 0x0) r2 = syz_genetlink_get_family_id$team(&(0x7f00000000c0), 0xffffffffffffffff) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r4}, 0x10) socket(0xa, 0x3, 0x3a) bind$netlink(0xffffffffffffffff, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x8, &(0x7f0000000000), 0x4) setsockopt$netlink_NETLINK_BROADCAST_ERROR(0xffffffffffffffff, 0x10e, 0x4, &(0x7f0000000640)=0x1800, 0x4) syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000240)={'team0\x00', 0x0}) sendmsg$TEAM_CMD_OPTIONS_SET(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000840)={0x58, r2, 0x1, 0x70bd2a, 0x25dfdbfc, {}, [{{0x8, 0x1, r5}, {0x3c, 0x2, 0x0, 0x1, [{0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0xfffffff9}}}]}}]}, 0x58}, 0x1, 0x0, 0x0, 0x24004000}, 0x24040840) 476.210451ms ago: executing program 1 (id=1305): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = bpf$MAP_CREATE(0x0, 0x0, 0x50) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYRES32=r1, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r2}, 0x10) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f000000c280)={&(0x7f0000000f80)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000050000000900010073797a300000000078000000030a01030000000000000000050000000900010073797a300000000008000540000000001c0008800c000240000000000000ffff0b00014000000000000000000900030073797a3200000000280004800800024000000000140003007465616d5f736c6176655f3000000000080001"], 0xd4}}, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000054850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x37, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r3}, 0x10) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000aac020000060a0b040000000000000000020000003c020480380201800a0001006d6174636800000028020280080002400000000114020300d67a8527f76ec1d39e537c4c3060c6a405106c72848aa8bcb429b3a20d532452032d5f166334739d1719a5778bd4f724ee4ca57f2527aeeb0c75755d68fc6fa55f4825682ee95e581039823e5963beedcf65b8b005623d90772b8b6ebd2498b0aff725a3eabb6c99cb2edfe10b9c33be8a971e08401bc0807e75a2ff376b7934473bc1f02bb512b77414daf260c9c7d4e1f0758b56ec5823892af310e6252fcfb1d9dbad362baa26f43f12f831fd221926d6536eeff641db46920ae0e48f3ff5de599714ba6510ce479d4116a519792281736f39c9fc0e10ef557392c43389271cebcf36543fcf6f83bf74b93ee4eb5e8c82e35bb4784cc1ed0ad291b16e8368487589f7590bf5896f340a36555a1cf69736da230a809176dbdfba3d47efb9a6932e5503d277532b7d4e6f7c7373a298e5843a9f74d5fd07fbc6ad22bc644ba9b3c94ec3c8f0b9321b16e5826b1f058f781760a5d4b6a8880202b41689139c37cd51f65a92d883f8901add03b650c9ec182fb565a4d657ebba9d6a5eb426b22d5933b72362e6ec327fb679aa8034b8b3b6680ad138be47652a3e77981187d2921cebfc1639aa280e3d38dba9b1af49ceded79c78a2d656b3a3e946e17e6257def6679f70f11aa01a2d906aecf4dbc7d1a332a8932ed719ce7eecb5450f494f944b3f6b637502ddba609c6e45dcfad1db7c7dda3e2c8d5ddcf27132985442e9b8df16f96c82e72e3e2491856d07756b9f08000100627066000900010073797a30000000000900020073797a32"], 0x2d4}}, 0x4048010) r5 = socket$nl_generic(0x10, 0x3, 0x10) syz_emit_ethernet(0x5e, &(0x7f0000000640)={@local, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "4dd318", 0x28, 0x6, 0x0, @private1={0xfc, 0x1, '\x00', 0x2}, @local, {[], {{0x0, 0x4001, 0x41424344, 0x41424344, 0x0, 0x0, 0xa, 0x2, 0x0, 0x0, 0x0, {[@sack={0x5, 0x2}, @generic={0x22, 0x12, "7236ae42dcfb08535f8c57711e3907a4"}]}}}}}}}}, 0x0) sendmsg$NL80211_CMD_TRIGGER_SCAN(r5, &(0x7f0000000340)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000080)={&(0x7f0000000380)={0x80, 0x0, 0x4, 0x70bd25, 0x25dfdbfe, {{}, {@void, @val={0xc, 0x99, {0xd70, 0x33}}}}, [@NL80211_ATTR_SCAN_FREQUENCIES={0x4c, 0x2c, 0x0, 0x1, [{0x8, 0x0, 0x401}, {0x8, 0x0, 0x7fffffff}, {0x8, 0x0, 0xfffffff8}, {0x8, 0x0, 0xd4d}, {0x8, 0x0, 0x7}, {0x8, 0x0, 0xa2}, {0x8, 0x0, 0x2}, {0x8, 0x0, 0x8}, {0x8, 0x0, 0x5}]}, @NL80211_ATTR_BG_SCAN_PERIOD={0x6, 0x98, 0x1}, @NL80211_ATTR_BSSID={0xa, 0xf5, @random="f26fcecc6088"}]}, 0x80}, 0x1, 0x0, 0x0, 0x40000}, 0x4) r6 = socket$nl_netfilter(0x10, 0x3, 0xc) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$PPPIOCATTCHAN(0xffffffffffffffff, 0x40047438, &(0x7f00000006c0)=0x3) r7 = syz_open_dev$usbmon(&(0x7f0000000000), 0x1, 0x0) ioctl$MON_IOCX_GET(r7, 0x40189206, &(0x7f0000000240)={0x0, 0x0}) sendmsg$NFT_BATCH(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010000000000fe0000000000000a30000000030a01080000000000000000010000000900030073797a320000000004000480090001000000001100010000000000000000000000000a0000000000000000006ae315a2f32cbf1d55c1af82367d45214af361349892137888f6e8c75b06eb719adb6a51acff083b73006fc2e445e256736bcab679417559d2d07c35ea458e2cf07e7d5bfec1f2d5eb4b25986cb5d735a19775bba84e2f327287125cd531c3848010820be1b02d27cf8eb1b04d13a42dc84e7cbf867969093719db344df31cea1e1a956eb94543a6aa21a152fc28505c7ea0767d6aa23c3dcf067f4225dee6a05901e1e14524a67b9ac9c9ab8c2ec59f1fffe1d60e0e2f65bbf5ed8fd17a23a221560c5ac5b4419f4ec34955969e5aacb26297c7c1c42216b3fc0eb5126c48a10f9504a224edd7f46df4a2291de361cbc98a"], 0x58}, 0x1, 0x0, 0x0, 0x4000000}, 0x8090) 449.919843ms ago: executing program 0 (id=1306): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r0 = socket$pppoe(0x18, 0x1, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000001580)={0x8, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], 0x0, 0x800, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x27, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) connect$pppoe(r0, &(0x7f0000000000)={0x18, 0x0, {0x22, @broadcast, 'macvlan1\x00'}}, 0x1e) write$binfmt_aout(r0, &(0x7f0000001640)=ANY=[], 0x5ea) 431.290794ms ago: executing program 2 (id=1307): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000800000006"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10) r2 = getpid() r3 = syz_pidfd_open(r2, 0x0) setns(r3, 0x24020000) mount_setattr(0xffffffffffffff9c, &(0x7f0000000100)='.\x00', 0x8800, &(0x7f0000000200)={0x0, 0x0, 0x100000}, 0x20) 308.294092ms ago: executing program 0 (id=1308): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000000000000000000ff000000850000000e000000c500000001f0ffff95"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x10) r1 = socket$vsock_stream(0x28, 0x1, 0x0) connect$vsock_stream(r1, &(0x7f0000000140)={0x28, 0x0, 0x0, @host}, 0x10) 274.035894ms ago: executing program 2 (id=1309): r0 = syz_clone(0xa00200, 0x0, 0xfffffffffffffef2, 0x0, 0x0, 0x0) prctl$PR_SET_SECUREBITS(0x1c, 0x2c) setuid(0xee00) r1 = syz_open_procfs(0x0, &(0x7f0000000480)='task\x00') fchdir(r1) mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0) r2 = syz_open_procfs(r0, &(0x7f0000000040)='stat\x00') prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xc, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10) pread64(r2, &(0x7f0000000140)=""/15, 0xf, 0x4) 263.344254ms ago: executing program 4 (id=1310): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00001f0000), 0x1000002, 0x0) r1 = dup(r0) ioctl$BLKTRACESETUP(r1, 0xc0481273, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x40542, 0x0) ftruncate(r2, 0xee72) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000010005000900000001"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000001b40)='sched_switch\x00', r4}, 0x10) sendfile(r1, r2, 0x0, 0x8000fffffffe) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0x1b) 208.862688ms ago: executing program 0 (id=1311): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000002c0)={{r0}, &(0x7f0000000040), &(0x7f0000000280)='%pS \x00'}, 0x20) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x6c, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000300)='kfree\x00', r1}, 0x10) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000003940)=ANY=[@ANYBLOB="210000000000000000000000000010000004"], 0x48) mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x2000002, 0x13, r2, 0x0) munmap(&(0x7f0000001000/0x3000)=nil, 0x3000) 72.095876ms ago: executing program 0 (id=1312): bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000008000000060000000010"], 0x48) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x20, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000080)={r0, 0xffffffffffffffff, 0x2d, 0x0, @val=@netfilter={0x2, 0x0, 0x6}}, 0x20) bpf$LINK_DETACH(0x22, &(0x7f00000001c0)=r1, 0x4) 2.04032ms ago: executing program 0 (id=1313): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_LIST(r0, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000840)={0x24, 0x7, 0x6, 0x201, 0x0, 0x0, {0x3, 0x0, 0xa}, [@IPSET_ATTR_FLAGS={0x8, 0x6, 0x1, 0x0, 0x7ff}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0xc004}, 0x8804) 1.944821ms ago: executing program 4 (id=1314): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000100), 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==") r0 = open(&(0x7f0000000000)='./file1\x00', 0x109042, 0x0) pwrite64(r0, &(0x7f00000000c0)='a', 0x1, 0x9000) 0s ago: executing program 2 (id=1324): r0 = io_uring_setup(0x1691, &(0x7f0000000400)={0x0, 0x631d, 0x80, 0x2000002, 0x2d9}) io_uring_register$IORING_REGISTER_BUFFERS2(r0, 0xf, &(0x7f0000002700)={0x1, 0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000480)=""/264, 0x108}], 0x0}, 0x20) kernel console output (not intermixed with test programs): HANGE): bridge0: link becomes ready [ 48.386376][ T4024] device veth1_vlan entered promiscuous mode [ 48.391073][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 48.393688][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 48.396370][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 48.400371][ T136] bridge0: port 2(bridge_slave_1) entered blocking state [ 48.402135][ T136] bridge0: port 2(bridge_slave_1) entered forwarding state [ 48.416053][ T4029] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 48.427994][ T636] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 48.431866][ T636] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 48.443291][ T636] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 48.446113][ T636] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 48.450336][ T636] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 48.466398][ T636] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 48.473059][ T636] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 48.476991][ T636] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 48.496152][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 48.500009][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 48.516188][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 48.519944][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 48.536389][ T4024] device veth0_macvtap entered promiscuous mode [ 48.539046][ T677] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 48.541869][ T677] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 48.544496][ T677] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 48.546547][ T677] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 48.549548][ T677] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 48.552319][ T677] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 48.554818][ T677] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 48.561516][ T4034] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 48.573513][ T677] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 48.576390][ T677] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 48.579044][ T4069] Bluetooth: hci1: command 0x041b tx timeout [ 48.580993][ T4069] Bluetooth: hci0: command 0x041b tx timeout [ 48.582638][ T4069] Bluetooth: hci3: command 0x041b tx timeout [ 48.584221][ T4069] Bluetooth: hci2: command 0x041b tx timeout [ 48.586485][ T677] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 48.590254][ T677] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 48.593486][ T4023] device veth0_vlan entered promiscuous mode [ 48.613315][ T4031] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 48.615362][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 48.618478][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 48.630654][ T4023] device veth1_vlan entered promiscuous mode [ 48.637743][ T4024] device veth1_macvtap entered promiscuous mode [ 48.656154][ T677] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 48.659517][ T677] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 48.662023][ T677] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 48.665296][ T677] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 48.667928][ T677] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 48.670871][ T4069] Bluetooth: hci4: command 0x041b tx timeout [ 48.674616][ T677] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 48.677188][ T677] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 48.685165][ T4029] device veth0_vlan entered promiscuous mode [ 48.724654][ T4024] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 48.726965][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 48.734330][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 48.737159][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 48.745954][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 48.752778][ T4029] device veth1_vlan entered promiscuous mode [ 48.756470][ T4023] device veth0_macvtap entered promiscuous mode [ 48.774458][ T4023] device veth1_macvtap entered promiscuous mode [ 48.785275][ T4024] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 48.790303][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 48.792929][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 48.795778][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 48.805307][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 48.808088][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 48.817734][ T4024] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.821165][ T4024] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.823271][ T4024] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.825469][ T4024] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.855655][ T4023] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 48.860777][ T4023] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 48.864747][ T4023] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 48.875394][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 48.878057][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 48.881526][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 48.885694][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 48.887736][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 48.892305][ T4023] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 48.895075][ T4023] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 48.899711][ T4023] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 48.919977][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 48.922612][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 48.925194][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 48.927798][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 48.942069][ T4023] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.944286][ T4023] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.946389][ T4023] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.949862][ T4023] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.964434][ T4034] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 48.974972][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 48.977652][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 48.987423][ T4029] device veth0_macvtap entered promiscuous mode [ 49.007436][ T4029] device veth1_macvtap entered promiscuous mode [ 49.023467][ T636] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 49.026440][ T636] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 49.031109][ T636] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 49.033732][ T636] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 49.036507][ T636] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 49.039918][ T636] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 49.071862][ T4031] device veth0_vlan entered promiscuous mode [ 49.076846][ T636] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 49.080793][ T636] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 49.103939][ T4029] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 49.106598][ T4029] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 49.110811][ T4029] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 49.113432][ T4029] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 49.117776][ T4029] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 49.123282][ T4031] device veth1_vlan entered promiscuous mode [ 49.133785][ T636] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 49.136452][ T636] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 49.137032][ T148] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 49.140122][ T636] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 49.144943][ T148] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 49.147788][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 49.151899][ T4029] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 49.154721][ T4029] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 49.157226][ T4029] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 49.160352][ T4029] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 49.164000][ T4029] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 49.179304][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 49.181990][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 49.186476][ T4029] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.191237][ T4029] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.193548][ T4029] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.195697][ T4029] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.209601][ T4034] device veth0_vlan entered promiscuous mode [ 49.222643][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 49.225391][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 49.231832][ T636] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 49.234304][ T636] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 49.241744][ T4034] device veth1_vlan entered promiscuous mode [ 49.259449][ T136] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 49.261616][ T136] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 49.264547][ T636] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 49.267185][ T636] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 49.270885][ T636] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 49.316272][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 49.318851][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 49.321642][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 49.325827][ T4031] device veth0_macvtap entered promiscuous mode [ 49.331948][ T136] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 49.333976][ T136] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 49.347155][ T636] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 49.352283][ T636] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 49.372868][ T4031] device veth1_macvtap entered promiscuous mode [ 49.378843][ T677] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 49.381294][ T677] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 49.384246][ T677] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 49.440111][ T136] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 49.442335][ T136] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 49.447351][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 49.456187][ T4034] device veth0_macvtap entered promiscuous mode [ 49.502077][ T4034] device veth1_macvtap entered promiscuous mode [ 49.538385][ T4031] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 49.554827][ T4031] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 49.557435][ T4031] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 49.562303][ T4031] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 49.564809][ T4031] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 49.567478][ T4031] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 49.580678][ T4031] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 49.605459][ T26] audit: type=1326 audit(49.570:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4105 comm="syz.2.7" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8cfa3d28 code=0x7ffc0000 [ 49.615953][ T26] audit: type=1326 audit(49.580:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4105 comm="syz.2.7" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff8cfa3d28 code=0x7ffc0000 [ 49.629653][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 49.632351][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 49.635110][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 49.641344][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 49.648075][ T26] audit: type=1326 audit(49.610:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4105 comm="syz.2.7" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8cfa3d28 code=0x7ffc0000 [ 49.668889][ T26] audit: type=1326 audit(49.630:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4105 comm="syz.2.7" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8cfa3d28 code=0x7ffc0000 [ 49.674246][ T26] audit: type=1326 audit(49.630:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4105 comm="syz.2.7" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff8cfa3d28 code=0x7ffc0000 [ 49.714584][ T26] audit: type=1326 audit(49.650:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4105 comm="syz.2.7" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8cfa3d28 code=0x7ffc0000 [ 49.727670][ T26] audit: type=1326 audit(49.650:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4105 comm="syz.2.7" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff8cfa3d28 code=0x7ffc0000 [ 49.746056][ T26] audit: type=1326 audit(49.650:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4105 comm="syz.2.7" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8cfa3d28 code=0x7ffc0000 [ 49.764402][ T26] audit: type=1326 audit(49.650:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4105 comm="syz.2.7" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=172 compat=0 ip=0xffff8cfa3d28 code=0x7ffc0000 [ 49.790306][ T4034] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 49.792984][ T4034] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 49.795608][ T4034] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 49.802982][ T4034] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 49.805498][ T4034] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 49.808788][ T4034] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 49.811598][ T4034] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 49.814274][ T4034] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 49.817143][ T26] audit: type=1326 audit(49.650:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4105 comm="syz.2.7" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8cfa3d28 code=0x7ffc0000 [ 49.818335][ T4034] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 49.828367][ T136] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 49.830486][ T136] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 49.832331][ T636] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 49.835603][ T636] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 49.843360][ T636] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 50.613747][ T677] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 50.616378][ T677] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 50.668797][ T25] Bluetooth: hci2: command 0x040f tx timeout [ 50.670642][ T25] Bluetooth: hci3: command 0x040f tx timeout [ 50.673209][ T25] Bluetooth: hci0: command 0x040f tx timeout [ 50.675011][ T25] Bluetooth: hci1: command 0x040f tx timeout [ 50.690261][ T4031] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 50.693073][ T4031] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 50.695715][ T4031] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 50.738826][ T25] Bluetooth: hci4: command 0x040f tx timeout [ 50.746035][ T4031] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 50.751418][ T4031] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 50.754291][ T4031] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 50.768992][ T4031] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 50.781685][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 50.784241][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 50.787163][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 50.831198][ T4034] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 50.834292][ T4034] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 50.836923][ T4034] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 50.840847][ T4034] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 50.843405][ T4034] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 50.850294][ T4034] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 50.859160][ T4034] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 50.861849][ T4034] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 50.874850][ T4034] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 50.894087][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 50.897305][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 50.925932][ T4122] tmpfs: Bad value for 'mpol' [ 50.955008][ T4031] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 50.957424][ T4031] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 50.984344][ T4031] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 50.986635][ T4031] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 51.010107][ T4125] Zero length message leads to an empty skb [ 51.014893][ T4034] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 51.017253][ T4034] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 51.031005][ T4034] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 51.033606][ T4034] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 51.105346][ T4130] binfmt_misc: register: failed to install interpreter file ./file2 [ 51.239739][ T136] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 51.242351][ T136] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 51.245425][ T1624] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 51.406067][ T1624] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 51.413444][ T1624] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 51.512410][ T636] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 51.514524][ T636] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 51.520094][ T1624] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 51.522519][ T1624] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 51.527892][ T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 51.530811][ T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 51.534357][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 52.533308][ T4151] netlink: 'syz.4.5': attribute type 21 has an invalid length. [ 52.535506][ T4151] netlink: 'syz.4.5': attribute type 20 has an invalid length. [ 52.537523][ T4151] IPv6: NLM_F_CREATE should be specified when creating new route [ 52.571277][ T4153] tmpfs: Bad value for 'mpol' [ 52.643733][ T4158] device ip6tnl1 entered promiscuous mode [ 52.739978][ T4069] Bluetooth: hci1: command 0x0419 tx timeout [ 52.741902][ T4069] Bluetooth: hci0: command 0x0419 tx timeout [ 52.743452][ T4069] Bluetooth: hci3: command 0x0419 tx timeout [ 52.745076][ T4069] Bluetooth: hci2: command 0x0419 tx timeout [ 52.843588][ T4069] Bluetooth: hci4: command 0x0419 tx timeout [ 53.911323][ T4186] loop3: detected capacity change from 0 to 256 [ 53.915138][ T4186] FAT-fs (loop3): Unrecognized mount option "shortname=mixedCshortna!C+¦º" or missing value [ 53.977577][ T4187] loop4: detected capacity change from 0 to 2048 [ 54.016151][ T4186] loop3: detected capacity change from 0 to 1764 [ 54.078567][ T4186] netlink: 76 bytes leftover after parsing attributes in process `syz.3.33'. [ 54.081308][ T4195] loop1: detected capacity change from 0 to 512 [ 54.105107][ T4187] Alternate GPT is invalid, using primary GPT. [ 54.106867][ T4187] loop4: p1 p2 p3 [ 54.118597][ T4195] EXT4-fs (loop1): orphan cleanup on readonly fs [ 54.121559][ T4195] EXT4-fs warning (device loop1): ext4_enable_quotas:6432: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix. [ 54.125359][ T4195] EXT4-fs (loop1): Cannot turn on quotas: error -22 [ 54.139384][ T4195] EXT4-fs error (device loop1): ext4_ext_check_inode:501: inode #13: comm syz.1.39: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0) [ 54.146457][ T4195] EXT4-fs error (device loop1): ext4_orphan_get:1406: comm syz.1.39: couldn't read orphan inode 13 (err -117) [ 54.153751][ T4195] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 54.161822][ T4195] EXT4-fs (loop1): warning: mounting fs with errors, running e2fsck is recommended [ 54.198936][ T4195] EXT4-fs warning (device loop1): read_mmp_block:115: Error -117 while reading MMP block 2 [ 54.256645][ T4200] loop2: detected capacity change from 0 to 512 [ 54.342140][ T4187] netlink: 180900 bytes leftover after parsing attributes in process `syz.4.35'. [ 54.344794][ T4187] openvswitch: netlink: Flow actions attr not present in new flow. [ 54.373956][ T4200] ======================================================= [ 54.373956][ T4200] WARNING: The mand mount option has been deprecated and [ 54.373956][ T4200] and is ignored by this kernel. Remove the mand [ 54.373956][ T4200] option from the mount to silence this warning. [ 54.373956][ T4200] ======================================================= [ 54.476305][ T4200] EXT4-fs (loop2): orphan cleanup on readonly fs [ 54.512985][ T3643] Alternate GPT is invalid, using primary GPT. [ 54.514736][ T3643] loop4: p1 p2 p3 [ 54.548849][ T4200] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.41: bg 0: block 248: padding at end of block bitmap is not set [ 54.649028][ T4200] __quota_error: 6 callbacks suppressed [ 54.649045][ T4200] Quota error (device loop2): write_blk: dquota write failed [ 54.652461][ T4200] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota [ 54.668265][ T4200] EXT4-fs error (device loop2): ext4_acquire_dquot:6197: comm syz.2.41: Failed to acquire dquot type 1 [ 54.703527][ T4200] EXT4-fs (loop2): 1 truncate cleaned up [ 54.741421][ T4200] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 55.687293][ T4230] netlink: 8 bytes leftover after parsing attributes in process `syz.3.52'. [ 55.721845][ T4228] loop2: detected capacity change from 0 to 1024 [ 55.910672][ T4228] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 55.939554][ T4239] loop3: detected capacity change from 0 to 1024 [ 56.071519][ T4239] EXT4-fs (loop3): mounted filesystem without journal. Opts: jqfmt=vfsv1,auto_da_alloc,barrier=0x0000000000000000,journal_ioprio=0x0000000000000000,debug_want_extra_isize=0x0000000000000080,resuid=0x0000000000000000,nodelalloc,acl,noinit_itable,,errors=continue. Quota mode: none. [ 56.125519][ T26] audit: type=1400 audit(56.090:18): apparmor="DENIED" operation="setprocattr" info="fscreate" error=-22 profile="unconfined" pid=4244 comm="syz.2.57" [ 56.182808][ T4246] loop2: detected capacity change from 0 to 512 [ 56.274120][ T4246] EXT4-fs (loop2): mounted filesystem without journal. Opts: delalloc,sysvgroups,errors=remount-ro,. Quota mode: writeback. [ 56.606943][ T4269] xt_recent: hitcount (16385) is larger than allowed maximum (255) [ 56.612817][ T4272] netlink: 4 bytes leftover after parsing attributes in process `syz.1.66'. [ 56.700712][ T4275] xt_recent: hitcount (16385) is larger than allowed maximum (255) [ 57.934112][ T4366] netlink: 24 bytes leftover after parsing attributes in process `syz.1.76'. [ 57.942773][ T4368] loop2: detected capacity change from 0 to 764 [ 57.981631][ T26] audit: type=1326 audit(57.950:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4369 comm="syz.3.77" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8e566d28 code=0x7ffc0000 [ 58.018359][ T26] audit: type=1326 audit(57.990:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4369 comm="syz.3.77" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8e566d28 code=0x7ffc0000 [ 58.024395][ T26] audit: type=1326 audit(57.990:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4369 comm="syz.3.77" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff8e566d28 code=0x7ffc0000 [ 58.048177][ T26] audit: type=1326 audit(57.990:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4369 comm="syz.3.77" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8e566d28 code=0x7ffc0000 [ 58.057283][ T26] audit: type=1326 audit(57.990:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4369 comm="syz.3.77" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8e566d28 code=0x7ffc0000 [ 58.074267][ T26] audit: type=1326 audit(58.000:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4369 comm="syz.3.77" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff8e566d28 code=0x7ffc0000 [ 58.087278][ T26] audit: type=1326 audit(58.000:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4369 comm="syz.3.77" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8e566d28 code=0x7ffc0000 [ 58.134722][ T4368] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 58.226108][ T4381] loop4: detected capacity change from 0 to 1024 [ 58.292275][ T4381] EXT4-fs (loop4): mounted filesystem without journal. Opts: jqfmt=vfsold,,errors=continue. Quota mode: none. [ 58.456294][ T4393] netlink: 8 bytes leftover after parsing attributes in process `syz.0.86'. [ 58.488402][ T4397] 9pnet: Insufficient options for proto=fd [ 58.545793][ T4401] netlink: 8 bytes leftover after parsing attributes in process `syz.0.92'. [ 58.629738][ T4407] tmpfs: Bad value for 'mpol' [ 60.020581][ T4421] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.99'. [ 60.023325][ T4420] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.99'. [ 60.204410][ T4430] udc-core: couldn't find an available UDC or it's busy [ 60.206155][ T4430] misc raw-gadget: fail, usb_gadget_probe_driver returned -19 [ 60.300780][ T4436] loop3: detected capacity change from 0 to 512 [ 60.460795][ T4436] EXT4-fs (loop3): mounted filesystem without journal. Opts: resgid=0x0000000000000000,,errors=continue. Quota mode: writeback. [ 61.193409][ T4441] Cannot find add_set index 0 as target [ 61.229121][ T4440] syz.4.106 uses obsolete (PF_INET,SOCK_PACKET) [ 61.249836][ T4436] process 'syz.3.105' launched '/dev/fd/8' with NULL argv: empty string added [ 61.374078][ T26] kauditd_printk_skb: 16 callbacks suppressed [ 61.374090][ T26] audit: type=1326 audit(61.340:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4449 comm="syz.2.109" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8cfa3d28 code=0x7ffc0000 [ 61.391767][ T26] audit: type=1326 audit(61.340:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4449 comm="syz.2.109" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=160 compat=0 ip=0xffff8cfa3d28 code=0x7ffc0000 [ 61.403303][ T26] audit: type=1326 audit(61.340:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4449 comm="syz.2.109" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8cfa3d28 code=0x7ffc0000 [ 61.443139][ T26] audit: type=1326 audit(61.340:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4449 comm="syz.2.109" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8cfa3d28 code=0x7ffc0000 [ 61.479728][ T4458] IPv6: Can't replace route, no match found [ 61.508450][ T4457] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(6) [ 61.510513][ T4457] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 61.513087][ T4457] vhci_hcd vhci_hcd.0: Device attached [ 61.559546][ T4457] vhci_hcd vhci_hcd.0: pdev(3) rhport(1) sockfd(8) [ 61.561267][ T4457] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 61.563418][ T4457] vhci_hcd vhci_hcd.0: Device attached [ 61.565845][ T4457] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 61.604057][ T4457] vhci_hcd vhci_hcd.0: pdev(3) rhport(3) sockfd(12) [ 61.605783][ T4457] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 61.607633][ T4457] vhci_hcd vhci_hcd.0: Device attached [ 61.622990][ T4457] vhci_hcd vhci_hcd.0: pdev(3) rhport(4) sockfd(14) [ 61.624765][ T4457] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 61.626761][ T4457] vhci_hcd vhci_hcd.0: Device attached [ 61.679413][ T4457] netlink: 81 bytes leftover after parsing attributes in process `syz.3.111'. [ 61.691428][ T4466] vhci_hcd: connection closed [ 61.693171][ T4340] vhci_hcd: stop threads [ 61.696176][ T4340] vhci_hcd: release socket [ 61.698592][ T4462] vhci_hcd: connection closed [ 61.698745][ T4459] vhci_hcd: connection closed [ 61.705879][ T4470] vhci_hcd: connection closed [ 61.720597][ T4340] vhci_hcd: disconnect device [ 61.723323][ T4340] vhci_hcd: stop threads [ 61.724553][ T4340] vhci_hcd: release socket [ 61.794673][ T4180] vhci_hcd: vhci_device speed not set [ 61.813414][ T4340] vhci_hcd: disconnect device [ 61.826660][ T4340] vhci_hcd: stop threads [ 61.836576][ T4340] vhci_hcd: release socket [ 61.842358][ T4340] vhci_hcd: disconnect device [ 61.847660][ T4340] vhci_hcd: stop threads [ 61.858217][ T4340] vhci_hcd: release socket [ 61.869308][ T4340] vhci_hcd: disconnect device [ 61.879603][ T4180] usb 8-1: new full-speed USB device number 2 using vhci_hcd [ 61.881746][ T4180] usb 8-1: enqueue for inactive port 0 [ 61.890449][ T4481] netlink: 132 bytes leftover after parsing attributes in process `syz.1.117'. [ 61.958262][ T4180] vhci_hcd: vhci_device speed not set [ 62.434719][ T4506] udc-core: couldn't find an available UDC or it's busy [ 62.436561][ T4506] misc raw-gadget: fail, usb_gadget_probe_driver returned -19 [ 62.702663][ T4503] Cannot find add_set index 0 as target [ 62.749014][ T4515] netlink: 12 bytes leftover after parsing attributes in process `syz.0.131'. [ 62.754751][ T4515] device batadv0 entered promiscuous mode [ 62.926516][ T26] audit: type=1326 audit(62.890:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4517 comm="syz.0.135" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa50edd28 code=0x7ffc0000 [ 62.938104][ T26] audit: type=1326 audit(62.900:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4517 comm="syz.0.135" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffa50edd28 code=0x7ffc0000 [ 62.991693][ T26] audit: type=1326 audit(62.900:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4517 comm="syz.0.135" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa50edd28 code=0x7ffc0000 [ 63.048618][ T26] audit: type=1326 audit(62.920:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4517 comm="syz.0.135" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffa50edd28 code=0x7ffc0000 [ 63.092523][ T26] audit: type=1326 audit(62.920:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4517 comm="syz.0.135" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa50edd28 code=0x7ffc0000 [ 63.097916][ T26] audit: type=1326 audit(62.920:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4517 comm="syz.0.135" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffa50edd28 code=0x7ffc0000 [ 63.295271][ T4538] loop2: detected capacity change from 0 to 1024 [ 63.393866][ T4538] EXT4-fs (loop2): mounted filesystem without journal. Opts: grpjquota=,,errors=continue. Quota mode: writeback. [ 63.464018][ T4543] device syzkaller1 entered promiscuous mode [ 63.782441][ T4567] netlink: 'syz.1.159': attribute type 298 has an invalid length. [ 63.934224][ T4578] IPv6: sit1: Disabled Multicast RS [ 64.880429][ T4604] loop2: detected capacity change from 0 to 512 [ 64.959816][ T4604] EXT4-fs error (device loop2): ext4_orphan_get:1401: inode #15: comm syz.2.175: casefold flag without casefold feature [ 64.963569][ T4604] EXT4-fs error (device loop2): ext4_orphan_get:1406: comm syz.2.175: couldn't read orphan inode 15 (err -117) [ 64.970561][ T4604] EXT4-fs (loop2): mounted filesystem without journal. Opts: errors=continue,,errors=continue. Quota mode: writeback. [ 65.181294][ T4622] netlink: 24 bytes leftover after parsing attributes in process `syz.2.181'. [ 65.400596][ T4636] loop2: detected capacity change from 0 to 512 [ 65.468555][ T4636] EXT4-fs (loop2): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,quota,,errors=continue. Quota mode: writeback. [ 65.585580][ T4648] loop3: detected capacity change from 0 to 512 [ 65.614499][ T4647] netlink: 12 bytes leftover after parsing attributes in process `syz.4.192'. [ 65.719590][ T4648] EXT4-fs (loop3): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 65.722859][ T4648] EXT4-fs error (device loop3): ext4_get_journal_inode:5160: comm syz.3.187: inode #1: comm syz.3.187: iget: illegal inode # [ 65.728682][ T4648] EXT4-fs (loop3): Remounting filesystem read-only [ 65.730275][ T4648] EXT4-fs (loop3): no journal found [ 65.731727][ T4648] EXT4-fs (loop3): can't get journal size [ 65.750848][ T4648] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended [ 65.758989][ T4648] EXT4-fs (loop3): failed to initialize system zone (-22) [ 65.770341][ T4648] EXT4-fs (loop3): mount failed [ 66.184473][ T4665] IPv6: NLM_F_REPLACE set, but no existing node found! [ 66.258099][ T4669] netlink: 132 bytes leftover after parsing attributes in process `syz.0.201'. [ 66.385393][ T26] kauditd_printk_skb: 189 callbacks suppressed [ 66.385407][ T26] audit: type=1326 audit(66.350:241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4654 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=172 compat=0 ip=0xffff8cf9b80c code=0x7ffc0000 [ 66.389206][ T4674] netlink: 80 bytes leftover after parsing attributes in process `syz.4.203'. [ 66.405527][ T26] audit: type=1326 audit(66.350:242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4654 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=139 compat=0 ip=0xffff8d0ab87c code=0x7ffc0000 [ 66.432019][ T26] audit: type=1326 audit(66.350:243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4654 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=65 compat=0 ip=0xffff8cfa3d28 code=0x7ffc0000 [ 66.468403][ T26] audit: type=1326 audit(66.360:244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4654 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=172 compat=0 ip=0xffff8cf9b80c code=0x7ffc0000 [ 66.473660][ T26] audit: type=1326 audit(66.360:245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4654 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=139 compat=0 ip=0xffff8d0ab87c code=0x7ffc0000 [ 66.509368][ T26] audit: type=1326 audit(66.360:246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4654 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=65 compat=0 ip=0xffff8cfa3d28 code=0x7ffc0000 [ 66.514753][ T26] audit: type=1326 audit(66.370:247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4654 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=172 compat=0 ip=0xffff8cf9b80c code=0x7ffc0000 [ 66.566502][ T26] audit: type=1326 audit(66.370:248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4654 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=139 compat=0 ip=0xffff8d0ab87c code=0x7ffc0000 [ 66.596902][ T26] audit: type=1326 audit(66.370:249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4654 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=65 compat=0 ip=0xffff8cfa3d28 code=0x7ffc0000 [ 66.617161][ T26] audit: type=1326 audit(66.380:250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4654 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=172 compat=0 ip=0xffff8cf9b80c code=0x7ffc0000 [ 66.699510][ T4685] netlink: 4 bytes leftover after parsing attributes in process `syz.4.208'. [ 66.846778][ T4697] netlink: 60 bytes leftover after parsing attributes in process `syz.0.213'. [ 67.081555][ T4712] netlink: 'syz.4.215': attribute type 1 has an invalid length. [ 67.083801][ T4712] netlink: 'syz.4.215': attribute type 2 has an invalid length. [ 67.085906][ T4712] netlink: 4 bytes leftover after parsing attributes in process `syz.4.215'. [ 67.191046][ T4716] loop3: detected capacity change from 0 to 512 [ 67.527863][ T4727] capability: warning: `syz.2.224' uses deprecated v2 capabilities in a way that may be insecure [ 68.332482][ T4716] EXT4-fs (loop3): 1 orphan inode deleted [ 68.348991][ T4716] EXT4-fs (loop3): mounted filesystem without journal. Opts: errors=remount-ro,nodiscard,noquota,init_itable,stripe=0x0000000000000079,resgid=0x0000000000000000,sysvgroups,delalloc,usrquota,. Quota mode: writeback. [ 68.355861][ T4741] loop1: detected capacity change from 0 to 512 [ 68.369802][ T4740] netlink: 8 bytes leftover after parsing attributes in process `syz.4.229'. [ 68.415839][ T4743] device pim6reg1 entered promiscuous mode [ 68.441109][ T4741] EXT4-fs (loop1): Ignoring removed orlov option [ 68.489202][ T4741] EXT4-fs (loop1): mounted filesystem without journal. Opts: nodelalloc,orlov,auto_da_alloc,,errors=continue. Quota mode: writeback. [ 68.569721][ T4727] Falling back ldisc for ttyS3. [ 68.712894][ T4755] loop2: detected capacity change from 0 to 2048 [ 68.781413][ T4755] EXT4-fs (loop2): Unrecognized mount option "obj_user=/proc/locks" or missing value [ 69.095976][ T4781] mmap: syz.1.240 (4781) uses deprecated remap_file_pages() syscall. See Documentation/vm/remap_file_pages.rst. [ 69.221988][ T4786] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 69.224470][ T4786] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 69.226692][ T4786] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 69.228885][ T4789] netlink: 270 bytes leftover after parsing attributes in process `syz.0.244'. [ 69.231142][ T4786] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 69.622965][ T1961] cfg80211: failed to load regulatory.db [ 69.626043][ T2056] ieee802154 phy0 wpan0: encryption failed: -22 [ 69.627875][ T2056] ieee802154 phy1 wpan1: encryption failed: -22 [ 69.697478][ T4818] loop4: detected capacity change from 0 to 512 [ 70.504436][ T4847] netlink: 16 bytes leftover after parsing attributes in process `syz.0.262'. [ 70.883551][ T4858] udc-core: couldn't find an available UDC or it's busy [ 70.885267][ T4858] misc raw-gadget: fail, usb_gadget_probe_driver returned -19 [ 70.973804][ T4857] xt_CT: No such helper "pptp" [ 71.658417][ T26] kauditd_printk_skb: 208 callbacks suppressed [ 71.658433][ T26] audit: type=1326 audit(327.622:459): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4879 comm="syz.1.278" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffaeaf3d28 code=0x7ffc0000 [ 71.665591][ T26] audit: type=1326 audit(327.622:460): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4879 comm="syz.1.278" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffaeaf3d28 code=0x7ffc0000 [ 71.707047][ T26] audit: type=1326 audit(327.622:461): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4879 comm="syz.1.278" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffaeaf3d28 code=0x7ffc0000 [ 71.751544][ T26] audit: type=1326 audit(327.622:462): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4879 comm="syz.1.278" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffaeaf3d28 code=0x7ffc0000 [ 71.757250][ T26] audit: type=1326 audit(327.622:463): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4879 comm="syz.1.278" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffaeaf3d28 code=0x7ffc0000 [ 71.760776][ T4886] loop4: detected capacity change from 0 to 256 [ 71.796352][ T26] audit: type=1326 audit(327.622:464): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4879 comm="syz.1.278" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffaeaf3d28 code=0x7ffc0000 [ 71.826766][ T26] audit: type=1326 audit(327.622:465): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4879 comm="syz.1.278" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffaeaf3d28 code=0x7ffc0000 [ 71.875882][ T26] audit: type=1326 audit(327.622:466): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4879 comm="syz.1.278" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=198 compat=0 ip=0xffffaeaf3d28 code=0x7ffc0000 [ 71.879508][ T4888] loop1: detected capacity change from 0 to 2048 [ 71.893069][ T26] audit: type=1326 audit(327.622:467): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4879 comm="syz.1.278" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffaeaf3d28 code=0x7ffc0000 [ 71.926895][ T26] audit: type=1326 audit(327.622:468): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4879 comm="syz.1.278" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=208 compat=0 ip=0xffffaeaf3d28 code=0x7ffc0000 [ 71.944569][ T4888] EXT4-fs (loop1): Ignoring removed bh option [ 72.068291][ T4888] EXT4-fs (loop1): mounted filesystem without journal. Opts: discard,bh,mb_optimize_scan=0x0000000000000001,,errors=continue. Quota mode: none. [ 72.323407][ T4900] netlink: 4 bytes leftover after parsing attributes in process `syz.1.284'. [ 72.612400][ T4904] loop1: detected capacity change from 0 to 8192 [ 72.635077][ T4908] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 72.651659][ T4908] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 72.673573][ T4904] loop1: p1 p4 < > [ 72.674829][ T4904] loop1: p1 size 108937597 extends beyond EOD, truncated [ 72.736107][ T3643] loop1: p1 p4 < > [ 72.737321][ T3643] loop1: p1 size 108937597 extends beyond EOD, truncated [ 72.800382][ T4914] loop2: detected capacity change from 0 to 2048 [ 72.874933][ T3643] loop2: p1 < > p4 [ 72.888942][ T3643] loop2: p4 size 8388608 extends beyond EOD, truncated [ 72.911152][ T4914] loop2: p1 < > p4 [ 72.917520][ T4914] loop2: p4 size 8388608 extends beyond EOD, truncated [ 72.925503][ T4922] netlink: 12 bytes leftover after parsing attributes in process `syz.4.296'. [ 72.993063][ T4926] netlink: 36 bytes leftover after parsing attributes in process `syz.1.298'. [ 73.055797][ T4015] udevd[4015]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory [ 74.126149][ T4015] udevd[4015]: inotify_add_watch(7, /dev/loop1p4, 10) failed: No such file or directory [ 74.305743][ T4213] udevd[4213]: inotify_add_watch(7, /dev/loop1p4, 10) failed: No such file or directory [ 74.314560][ T4015] udevd[4015]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory [ 74.428855][ T4219] udevd[4219]: inotify_add_watch(7, /dev/loop2p4, 10) failed: No such file or directory [ 74.469653][ T4213] udevd[4213]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory [ 74.613509][ T4219] udevd[4219]: inotify_add_watch(7, /dev/loop2p4, 10) failed: No such file or directory [ 74.675026][ T4015] udevd[4015]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory [ 75.114951][ T4965] netlink: 16 bytes leftover after parsing attributes in process `syz.4.311'. [ 75.501541][ T4973] device bond0 entered promiscuous mode [ 75.503242][ T4973] device bond_slave_0 entered promiscuous mode [ 75.505097][ T4973] device bond_slave_1 entered promiscuous mode [ 75.584541][ T4973] device bond0 left promiscuous mode [ 75.586120][ T4973] device bond_slave_0 left promiscuous mode [ 75.587886][ T4973] device bond_slave_1 left promiscuous mode [ 76.305323][ T4992] loop3: detected capacity change from 0 to 256 [ 76.872403][ T5006] netlink: 28 bytes leftover after parsing attributes in process `syz.0.329'. [ 76.872430][ T5006] tipc: Started in network mode [ 76.872446][ T5006] tipc: Node identity dd6cce07, cluster identity 5 [ 76.872457][ T5006] tipc: Node number set to 3714895367 [ 76.983230][ T5008] netlink: 64 bytes leftover after parsing attributes in process `syz.0.330'. [ 77.110703][ T5010] netlink: 24 bytes leftover after parsing attributes in process `syz.2.331'. [ 77.704822][ T5036] usb usb1: usbfs: process 5036 (syz.3.344) did not claim interface 0 before use [ 77.800226][ T5043] sctp: [Deprecated]: syz.0.347 (pid 5043) Use of int in max_burst socket option. [ 77.800226][ T5043] Use struct sctp_assoc_value instead [ 77.941451][ T5052] netlink: 'syz.0.351': attribute type 21 has an invalid length. [ 77.943541][ T5052] netlink: 'syz.0.351': attribute type 20 has an invalid length. [ 77.986314][ T5052] IPv6: NLM_F_CREATE should be specified when creating new route [ 77.990594][ T5048] loop2: detected capacity change from 0 to 2048 [ 78.054099][ T5055] loop3: detected capacity change from 0 to 512 [ 78.145353][ T5048] EXT4-fs (loop2): mounted filesystem without journal. Opts: grpquota,lazytime,data_err=abort,errors=remount-ro,. Quota mode: writeback. [ 78.153642][ T5056] loop4: detected capacity change from 0 to 2048 [ 78.155827][ T5046] EXT4-fs error (device loop2): ext4_ext_precache:608: inode #2: comm syz.2.349: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 5(5) [ 78.182757][ T5046] EXT4-fs (loop2): Remounting filesystem read-only [ 78.223405][ T5056] EXT4-fs (loop4): Unrecognized mount option "obj_user=/proc/locks" or missing value [ 78.234318][ T5055] EXT4-fs (loop3): mounted filesystem without journal. Opts: delalloc,auto_da_alloc,mb_optimize_scan=0x0000000000000001,,errors=continue. Quota mode: writeback. [ 78.527067][ T5071] loop2: detected capacity change from 0 to 512 [ 78.598502][ T5071] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 78.601892][ T5071] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 78.664012][ T5071] EXT4-fs warning (device loop2): ext4_expand_extra_isize_ea:2816: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 78.678480][ T5073] ALSA: seq fatal error: cannot create timer (-19) [ 78.709043][ T5071] EXT4-fs (loop2): 1 truncate cleaned up [ 78.710536][ T5071] EXT4-fs (loop2): mounted filesystem without journal. Opts: nogrpid,min_batch_time=0x0000000000000000,debug_want_extra_isize=0x0000000000000068,nobarrier,nodiscard,quota,,errors=continue. Quota mode: writeback. [ 79.701756][ T5107] loop4: detected capacity change from 0 to 512 [ 79.786562][ T5107] EXT4-fs (loop4): Ignoring removed bh option [ 79.792697][ T5107] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 79.839070][ T5107] EXT4-fs (loop4): 1 truncate cleaned up [ 79.840558][ T5107] EXT4-fs (loop4): mounted filesystem without journal. Opts: errors=remount-ro,bh,debug_want_extra_isize=0x0000000000000068,resgid=0x0000000000000000,auto_da_alloc,quota,. Quota mode: writeback. [ 80.209696][ T5121] loop3: detected capacity change from 0 to 128 [ 80.227329][ T26] kauditd_printk_skb: 27 callbacks suppressed [ 80.227340][ T26] audit: type=1326 audit(336.182:496): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5120 comm="syz.4.377" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff911d0d28 code=0x7ffc0000 [ 80.238434][ T26] audit: type=1326 audit(336.192:497): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5120 comm="syz.4.377" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=198 compat=0 ip=0xffff911d0d28 code=0x7ffc0000 [ 80.255205][ T26] audit: type=1326 audit(336.192:498): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5120 comm="syz.4.377" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff911d0d28 code=0x7ffc0000 [ 80.275466][ T26] audit: type=1326 audit(336.202:499): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5120 comm="syz.4.377" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=203 compat=0 ip=0xffff911d0d28 code=0x7ffc0000 [ 80.295000][ T26] audit: type=1326 audit(336.202:500): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5120 comm="syz.4.377" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff911d0d28 code=0x7ffc0000 [ 80.388369][ T5124] loop4: detected capacity change from 0 to 512 [ 80.460911][ T5124] EXT4-fs (loop4): mounted filesystem without journal. Opts: grpquota,auto_da_alloc,minixdf,,errors=continue. Quota mode: writeback. [ 80.595347][ T4340] attempt to access beyond end of device [ 80.595347][ T4340] loop3: rw=1, want=769, limit=128 [ 80.943711][ T26] audit: type=1326 audit(336.902:501): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5143 comm="syz.3.386" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8e566d28 code=0x7ffc0000 [ 80.949592][ T26] audit: type=1326 audit(336.902:502): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5143 comm="syz.3.386" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8e566d28 code=0x7ffc0000 [ 80.977654][ T26] audit: type=1326 audit(336.932:503): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5143 comm="syz.3.386" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff8e566d28 code=0x7ffc0000 [ 80.991075][ T26] audit: type=1326 audit(336.932:504): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5143 comm="syz.3.386" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8e566d28 code=0x7ffc0000 [ 80.997009][ T26] audit: type=1326 audit(336.932:505): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5143 comm="syz.3.386" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8e566d28 code=0x7ffc0000 [ 81.446401][ T5165] loop3: detected capacity change from 0 to 1024 [ 81.489817][ T5165] EXT4-fs (loop3): Quota format mount options ignored when QUOTA feature is enabled [ 81.492387][ T5165] EXT4-fs (loop3): Ignoring removed nomblk_io_submit option [ 81.538102][ T5165] EXT4-fs (loop3): mounted filesystem without journal. Opts: errors=remount-ro,sysvgroups,resuid=0x0000000000000000,jqfmt=vfsold,data=ordered,resuid=0x000000000000ee00,nomblk_io_submit,noauto_da_alloc,. Quota mode: writeback. [ 81.608619][ T4180] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 81.998467][ T4180] usb 1-1: config 15 has an invalid interface number: 165 but max is 2 [ 82.001092][ T4180] usb 1-1: config 15 has an invalid interface number: 18 but max is 2 [ 82.002879][ T5183] netlink: 'syz.3.400': attribute type 6 has an invalid length. [ 82.007118][ T4180] usb 1-1: config 15 contains an unexpected descriptor of type 0x2, skipping [ 82.011124][ T4180] usb 1-1: config 15 has an invalid descriptor of length 0, skipping remainder of the config [ 82.013887][ T4180] usb 1-1: config 15 has 2 interfaces, different from the descriptor's value: 3 [ 82.016219][ T4180] usb 1-1: config 15 has no interface number 0 [ 82.037088][ T4180] usb 1-1: config 15 has no interface number 1 [ 82.041357][ T5182] loop2: detected capacity change from 0 to 2048 [ 82.050360][ T4180] usb 1-1: config 15 interface 165 altsetting 213 has an invalid endpoint with address 0x80, skipping [ 82.054305][ T4180] usb 1-1: config 15 interface 165 altsetting 213 has 2 endpoint descriptors, different from the interface descriptor's value: 10 [ 82.057868][ T4180] usb 1-1: too many endpoints for config 15 interface 18 altsetting 166: 90, using maximum allowed: 30 [ 82.089527][ T4180] usb 1-1: config 15 interface 18 altsetting 166 endpoint 0xC has invalid wMaxPacketSize 0 [ 82.091038][ T5182] EXT4-fs (loop2): Unrecognized mount option "obj_user=/proc/locks" or missing value [ 82.102531][ T4180] usb 1-1: config 15 interface 18 altsetting 166 has an invalid endpoint with address 0xB1, skipping [ 82.105471][ T4180] usb 1-1: config 15 interface 18 altsetting 166 has a duplicate endpoint with address 0xC, skipping [ 82.122886][ T4180] usb 1-1: config 15 interface 18 altsetting 166 has an invalid endpoint with address 0xE7, skipping [ 82.125832][ T4180] usb 1-1: config 15 interface 18 altsetting 166 has 5 endpoint descriptors, different from the interface descriptor's value: 90 [ 82.142030][ T4180] usb 1-1: config 15 interface 165 has no altsetting 0 [ 82.143995][ T4180] usb 1-1: config 15 interface 18 has no altsetting 0 [ 82.216856][ T5189] loop3: detected capacity change from 0 to 164 [ 82.226768][ T5191] loop1: detected capacity change from 0 to 512 [ 82.258948][ T5189] ISOFS: unable to read i-node block [ 82.260448][ T5189] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet. [ 82.265676][ T5191] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 82.283378][ T5191] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2219: inode #15: comm syz.1.405: corrupted in-inode xattr [ 82.299648][ T5191] EXT4-fs (loop1): Remounting filesystem read-only [ 82.303985][ T5191] EXT4-fs (loop1): 1 truncate cleaned up [ 82.314121][ T5191] EXT4-fs (loop1): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000001,resuid=0x000000000000ee01,debug_want_extra_isize=0x0000000000000068,lazytime,errors=remount-ro,noload,. Quota mode: none. [ 82.390533][ T5195] netlink: 176 bytes leftover after parsing attributes in process `syz.4.407'. [ 82.398670][ T4180] usb 1-1: string descriptor 0 read error: -22 [ 82.400763][ T4180] usb 1-1: New USB device found, idVendor=1039, idProduct=2131, bcdDevice=56.a0 [ 82.403060][ T4180] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 82.459318][ T5159] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 82.537658][ T4180] usb 1-1: [ueagle-atm] ADSL device founded vid (0X1039) pid (0X2131) Rev (0X56A0): Eagle II [ 82.708275][ T4180] usb 1-1: reset high-speed USB device number 2 using dummy_hcd [ 82.726189][ T5211] loop1: detected capacity change from 0 to 512 [ 82.776712][ T5211] EXT4-fs (loop1): error: journal path ./bus is not a block device [ 83.045842][ T5231] netlink: 'syz.3.421': attribute type 3 has an invalid length. [ 83.157297][ T5236] loop2: detected capacity change from 0 to 512 [ 83.173854][ T5240] loop1: detected capacity change from 0 to 1024 [ 83.192399][ T5236] EXT4-fs (loop2): Ignoring removed mblk_io_submit option [ 83.198823][ T5236] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem [ 83.276507][ T5236] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=b002c118, mo2=0002] [ 83.284601][ T5236] System zones: 1-12 [ 83.291689][ T5240] EXT4-fs (loop1): revision level too high, forcing read-only mode [ 83.294779][ T5240] EXT4-fs (loop1): orphan cleanup on readonly fs [ 83.308919][ T5240] EXT4-fs error (device loop1): __ext4_get_inode_loc:4320: comm syz.1.426: Invalid inode table block 0 in block_group 0 [ 83.330143][ T5236] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2219: inode #15: comm syz.2.425: corrupted in-inode xattr [ 83.339510][ T5240] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5806: Corrupt filesystem [ 83.366503][ T5236] EXT4-fs error (device loop2): ext4_orphan_get:1406: comm syz.2.425: couldn't read orphan inode 15 (err -117) [ 83.378549][ T5240] EXT4-fs error (device loop1): ext4_quota_write:6592: inode #3: comm syz.1.426: mark_inode_dirty error [ 83.382664][ T5240] EXT4-fs error (device loop1): ext4_acquire_dquot:6197: comm syz.1.426: Failed to acquire dquot type 0 [ 83.405094][ T5236] EXT4-fs (loop2): mounted filesystem without journal. Opts: jqfmt=vfsold,data_err=abort,debug,noload,mblk_io_submit,commit=0x0000000000000005,init_itable=0x0000000000000601,debug,,errors=continue. Quota mode: none. [ 83.414129][ T5240] EXT4-fs error (device loop1): __ext4_get_inode_loc:4320: comm syz.1.426: Invalid inode table block 0 in block_group 0 [ 83.426140][ T5240] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5806: Corrupt filesystem [ 83.446221][ T5240] EXT4-fs error (device loop1): ext4_ext_truncate:4454: inode #15: comm syz.1.426: mark_inode_dirty error [ 83.451917][ T5240] EXT4-fs error (device loop1): __ext4_get_inode_loc:4320: comm syz.1.426: Invalid inode table block 0 in block_group 0 [ 83.462074][ T5240] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5806: Corrupt filesystem [ 83.466332][ T5240] EXT4-fs error (device loop1) in ext4_orphan_del:305: Corrupt filesystem [ 83.496339][ T5253] loop4: detected capacity change from 0 to 1024 [ 83.507182][ T5240] EXT4-fs error (device loop1): __ext4_get_inode_loc:4320: comm syz.1.426: Invalid inode table block 0 in block_group 0 [ 83.526432][ T5240] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5806: Corrupt filesystem [ 83.533452][ T5240] EXT4-fs error (device loop1): ext4_truncate:4272: inode #15: comm syz.1.426: mark_inode_dirty error [ 83.538488][ T5240] EXT4-fs error (device loop1) in ext4_process_orphan:347: Corrupt filesystem [ 83.540945][ T5240] EXT4-fs (loop1): 1 truncate cleaned up [ 83.542596][ T5240] EXT4-fs (loop1): mounted filesystem without journal. Opts: max_dir_size_kb=0x0000000000000000,stripe=0x0000000000000008,grpid,errors=remount-ro,discard,block_validity,minixdf,errors=continue,. Quota mode: writeback. [ 83.621726][ T5253] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a800e01c, mo2=0002] [ 83.623920][ T5253] System zones: 0-1, 3-12 [ 83.625845][ T5253] EXT4-fs (loop4): mounted filesystem without journal. Opts: nolazytime,nouid32,barrier=0x0000000000000000,debug,debug_want_extra_isize=0x0000000000000008,resuid=0x0000000000000000,init_itable=0x0000000000000800,bsdgroups,min_batch_time=0x0000000000000006,,errors=continue. Quota mode: none. [ 83.643954][ T5240] EXT4-fs error (device loop1): ext4_search_dir:1549: inode #2: block 16: comm syz.1.426: bad entry in directory: inode out of bounds - offset=44, inode=40, rec_len=16, size=1024 fake=0 [ 83.743336][ T5261] loop3: detected capacity change from 0 to 8192 [ 84.034904][ T5280] loop4: detected capacity change from 0 to 512 [ 84.046112][ T5278] loop2: detected capacity change from 0 to 512 [ 84.126319][ T5278] EXT4-fs (loop2): 1 orphan inode deleted [ 84.127944][ T5278] EXT4-fs (loop2): mounted filesystem without journal. Opts: errors=remount-ro,nodiscard,noquota,init_itable,stripe=0x0000000000000079,resgid=0x0000000000000000,sysvgroups,delalloc,usrquota,. Quota mode: writeback. [ 84.158869][ T5280] EXT4-fs (loop4): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 84.164995][ T4180] usb 1-1: [ueagle-atm] pre-firmware device, uploading firmware [ 84.178259][ T4180] usb 1-1: [ueagle-atm] loading firmware ueagle-atm/eagleII.fw [ 84.183356][ T4180] usb 1-1: [ueagle-atm] ADSL device founded vid (0X1039) pid (0X2131) Rev (0X56A0): Eagle II [ 84.186271][ T4180] usb 1-1: [ueagle-atm] pre-firmware device, uploading firmware [ 84.213468][ T5280] EXT4-fs error (device loop4): ext4_get_branch:178: inode #11: block 4294967295: comm syz.4.439: invalid block [ 84.227172][ T5280] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #11: comm syz.4.439: invalid indirect mapped block 4294967295 (level 1) [ 84.237140][ T4180] usb 1-1: [ueagle-atm] loading firmware ueagle-atm/eagleII.fw [ 84.242643][ T4067] usb 1-1: Direct firmware load for ueagle-atm/eagleII.fw failed with error -2 [ 84.245177][ T4067] usb 1-1: Falling back to sysfs fallback for: ueagle-atm/eagleII.fw [ 84.261291][ T5280] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #11: comm syz.4.439: invalid indirect mapped block 4294967295 (level 1) [ 84.271119][ T5280] EXT4-fs (loop4): 2 truncates cleaned up [ 84.294080][ T5280] EXT4-fs (loop4): mounted filesystem without journal. Opts: grpjquota=,init_itable=0x0000000000000007,dioread_nolock,,errors=continue. Quota mode: writeback. [ 84.295104][ T4180] usb 1-1: USB disconnect, device number 2 [ 84.646684][ T5302] netlink: 8 bytes leftover after parsing attributes in process `syz.1.448'. [ 84.759173][ T5306] hub 9-0:1.0: USB hub found [ 84.760702][ T5306] hub 9-0:1.0: 8 ports detected [ 84.771892][ T5312] netlink: 1072 bytes leftover after parsing attributes in process `syz.0.452'. [ 85.035853][ T5318] lo speed is unknown, defaulting to 1000 [ 85.038052][ T5318] lo speed is unknown, defaulting to 1000 [ 85.077644][ T5318] lo speed is unknown, defaulting to 1000 [ 85.101039][ T5330] loop4: detected capacity change from 0 to 512 [ 85.107955][ T5318] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 85.118998][ T5318] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98 [ 85.163053][ T5330] EXT4-fs (loop4): Ignoring removed bh option [ 85.166184][ T5330] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 85.211447][ T5330] EXT4-fs (loop4): 1 truncate cleaned up [ 85.232918][ T5330] EXT4-fs (loop4): mounted filesystem without journal. Opts: errors=remount-ro,bh,debug_want_extra_isize=0x0000000000000068,resgid=0x0000000000000000,auto_da_alloc,quota,. Quota mode: writeback. [ 85.290832][ T5318] lo speed is unknown, defaulting to 1000 [ 85.293425][ T5318] lo speed is unknown, defaulting to 1000 [ 85.332547][ T5318] lo speed is unknown, defaulting to 1000 [ 85.334711][ T5318] lo speed is unknown, defaulting to 1000 [ 85.356593][ T5318] lo speed is unknown, defaulting to 1000 [ 85.366717][ T5318] lo speed is unknown, defaulting to 1000 [ 85.369179][ T5318] lo speed is unknown, defaulting to 1000 [ 85.379980][ T5318] lo speed is unknown, defaulting to 1000 [ 85.495277][ T26] kauditd_printk_skb: 99 callbacks suppressed [ 85.495289][ T26] audit: type=1326 audit(341.452:603): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5345 comm="syz.3.464" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8e566d28 code=0x7ffc0000 [ 85.506667][ T26] audit: type=1326 audit(341.462:604): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5345 comm="syz.3.464" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=139 compat=0 ip=0xffff8e66e87c code=0x7ffc0000 [ 85.520230][ T26] audit: type=1326 audit(341.462:605): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5345 comm="syz.3.464" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8e566d28 code=0x7ffc0000 [ 85.536717][ T26] audit: type=1326 audit(341.472:606): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5345 comm="syz.3.464" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=139 compat=0 ip=0xffff8e66e87c code=0x7ffc0000 [ 85.551438][ T26] audit: type=1326 audit(341.472:607): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5345 comm="syz.3.464" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8e566d28 code=0x7ffc0000 [ 85.567041][ T5350] usb usb8: usbfs: process 5350 (syz.0.465) did not claim interface 0 before use [ 85.576834][ T26] audit: type=1326 audit(341.482:608): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5345 comm="syz.3.464" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=139 compat=0 ip=0xffff8e66e87c code=0x7ffc0000 [ 85.596494][ T26] audit: type=1326 audit(341.482:609): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5345 comm="syz.3.464" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8e566d28 code=0x7ffc0000 [ 85.614595][ T26] audit: type=1326 audit(341.492:610): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5345 comm="syz.3.464" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=139 compat=0 ip=0xffff8e66e87c code=0x7ffc0000 [ 85.644456][ T26] audit: type=1326 audit(341.492:611): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5345 comm="syz.3.464" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8e566d28 code=0x7ffc0000 [ 85.666199][ T26] audit: type=1326 audit(341.502:612): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5345 comm="syz.3.464" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=139 compat=0 ip=0xffff8e66e87c code=0x7ffc0000 [ 88.047186][ T5411] loop4: detected capacity change from 0 to 512 [ 88.208719][ T5411] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 88.269114][ T5411] EXT4-fs (loop4): 1 truncate cleaned up [ 88.270692][ T5411] EXT4-fs (loop4): mounted filesystem without journal. Opts: errors=remount-ro,i_version,debug_want_extra_isize=0x0000000000000068,nobarrier,mb_optimize_scan=0x0000000000000001,quota,. Quota mode: writeback. [ 88.710098][ T5434] loop4: detected capacity change from 0 to 1024 [ 88.777968][ T5434] EXT4-fs error (device loop4): ext4_acquire_dquot:6197: comm syz.4.501: Failed to acquire dquot type 0 [ 88.782297][ T5434] EXT4-fs error (device loop4): mb_free_blocks:1865: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt. [ 88.799565][ T5434] EXT4-fs error (device loop4): ext4_do_update_inode:5174: inode #13: comm syz.4.501: corrupted inode contents [ 88.807240][ T5434] EXT4-fs error (device loop4): ext4_dirty_inode:6010: inode #13: comm syz.4.501: mark_inode_dirty error [ 88.856096][ T5434] EXT4-fs error (device loop4): ext4_do_update_inode:5174: inode #13: comm syz.4.501: corrupted inode contents [ 88.866256][ T5434] EXT4-fs error (device loop4): __ext4_ext_dirty:183: inode #13: comm syz.4.501: mark_inode_dirty error [ 88.876397][ T5434] EXT4-fs error (device loop4): ext4_do_update_inode:5174: inode #13: comm syz.4.501: corrupted inode contents [ 88.897962][ T5434] EXT4-fs error (device loop4) in ext4_orphan_del:305: Corrupt filesystem [ 88.913894][ T5434] EXT4-fs error (device loop4): ext4_do_update_inode:5174: inode #13: comm syz.4.501: corrupted inode contents [ 88.927854][ T5434] EXT4-fs error (device loop4): ext4_truncate:4272: inode #13: comm syz.4.501: mark_inode_dirty error [ 88.942477][ T5434] EXT4-fs error (device loop4) in ext4_process_orphan:347: Corrupt filesystem [ 88.974820][ T5434] EXT4-fs (loop4): 1 truncate cleaned up [ 88.976426][ T5434] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 89.534270][ T5451] netlink: 4 bytes leftover after parsing attributes in process `syz.1.509'. [ 90.211572][ T5471] lo speed is unknown, defaulting to 1000 [ 90.974182][ T5478] loop3: detected capacity change from 0 to 1024 [ 91.046175][ T5478] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 91.416343][ T5496] loop3: detected capacity change from 0 to 512 [ 91.503952][ T5496] EXT4-fs (loop3): mounted filesystem without journal. Opts: barrier=0x0000000000000007,i_version,,errors=continue. Quota mode: writeback. [ 91.712655][ T5515] loop3: detected capacity change from 0 to 512 [ 91.831254][ T5515] EXT4-fs (loop3): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000080000,quota,,errors=continue. Quota mode: writeback. [ 92.277770][ T5540] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.541'. [ 92.499165][ T5546] loop4: detected capacity change from 0 to 1024 [ 92.563619][ T5546] EXT4-fs (loop4): Ignoring removed bh option [ 92.565385][ T5546] EXT4-fs (loop4): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 92.606790][ T5546] EXT4-fs (loop4): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000002,dioread_lock,nouid32,max_dir_size_kb=0x00000000004007b1,data_err=ignore,grpquota,sysvgroups,user_xattr,bh,dioread_nolock,,errors=continue. Quota mode: writeback. [ 92.715262][ T26] kauditd_printk_skb: 107 callbacks suppressed [ 92.715274][ T26] audit: type=1326 audit(348.672:718): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5545 comm="syz.4.544" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff911d0d28 code=0x7ffc0000 [ 92.739933][ T26] audit: type=1326 audit(348.692:719): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5545 comm="syz.4.544" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff911d0d28 code=0x7ffc0000 [ 92.778238][ T26] audit: type=1326 audit(348.702:720): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5545 comm="syz.4.544" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff911d0d28 code=0x7ffc0000 [ 92.783584][ T26] audit: type=1326 audit(348.702:721): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5545 comm="syz.4.544" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff911d0d28 code=0x7ffc0000 [ 92.840174][ T26] audit: type=1326 audit(348.702:722): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5545 comm="syz.4.544" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff911d0d28 code=0x7ffc0000 [ 92.855921][ T26] audit: type=1326 audit(348.702:723): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5545 comm="syz.4.544" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=29 compat=0 ip=0xffff911d0d28 code=0x7ffc0000 [ 92.878924][ T5546] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:3876: comm syz.4.544: Allocating blocks 497-513 which overlap fs metadata [ 92.891644][ T26] audit: type=1326 audit(348.702:724): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5545 comm="syz.4.544" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff911d0d28 code=0x7ffc0000 [ 92.903362][ T5546] EXT4-fs (loop4): pa 000000009fe1b1f4: logic 128, phys. 385, len 8 [ 92.906355][ T5546] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:4893: group 0, free 0, pa_free 1 [ 92.915790][ T26] audit: type=1326 audit(348.702:725): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5545 comm="syz.4.544" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=56 compat=0 ip=0xffff911d0d28 code=0x7ffc0000 [ 92.944375][ T26] audit: type=1326 audit(348.712:726): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5545 comm="syz.4.544" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff911d0d28 code=0x7ffc0000 [ 92.970006][ T26] audit: type=1326 audit(348.712:727): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5545 comm="syz.4.544" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=68 compat=0 ip=0xffff911d0d28 code=0x7ffc0000 [ 93.021621][ T5564] do_dccp_getsockopt: sockopt(PACKET_SIZE) is deprecated: fix your app [ 93.184870][ T5566] loop3: detected capacity change from 0 to 2048 [ 93.268066][ T5566] EXT4-fs (loop3): Ignoring removed bh option [ 93.525583][ T5566] EXT4-fs (loop3): mounted filesystem without journal. Opts: discard,bh,mb_optimize_scan=0x0000000000000001,,errors=continue. Quota mode: none. [ 93.987358][ T4338] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 94.004433][ T4338] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28 [ 94.012272][ T4338] EXT4-fs (loop3): This should not happen!! Data will be lost [ 94.012272][ T4338] [ 94.016878][ T4338] EXT4-fs (loop3): Total free blocks count 0 [ 94.021273][ T4338] EXT4-fs (loop3): Free/Dirty block details [ 94.025119][ T4338] EXT4-fs (loop3): free_blocks=2415919104 [ 94.028834][ T4338] EXT4-fs (loop3): dirty_blocks=1232 [ 94.034371][ T4338] EXT4-fs (loop3): Block reservation details [ 94.038050][ T4338] EXT4-fs (loop3): i_reserved_data_blocks=77 [ 94.047045][ T4338] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 18 with max blocks 1206 with error 28 [ 94.055762][ T4338] EXT4-fs (loop3): This should not happen!! Data will be lost [ 94.055762][ T4338] [ 94.098084][ T5601] netlink: 'syz.0.565': attribute type 21 has an invalid length. [ 94.117072][ T5601] netlink: 'syz.0.565': attribute type 20 has an invalid length. [ 94.613610][ T5620] netlink: 'syz.3.572': attribute type 10 has an invalid length. [ 94.615796][ T5620] netlink: 40 bytes leftover after parsing attributes in process `syz.3.572'. [ 94.632916][ T5620] device batadv0 entered promiscuous mode [ 94.634929][ T5620] bridge0: port 3(batadv0) entered blocking state [ 94.640820][ T5620] bridge0: port 3(batadv0) entered disabled state [ 94.644548][ T5620] bridge0: port 3(batadv0) entered blocking state [ 94.646744][ T5620] bridge0: port 3(batadv0) entered forwarding state [ 94.675356][ T5620] batman_adv: batadv0: Adding interface: dummy0 [ 94.676873][ T5620] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 94.708297][ T5620] batman_adv: batadv0: Interface activated: dummy0 [ 94.734234][ T5620] batadv0: mtu less than device minimum [ 94.740225][ T5620] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 94.747368][ T5620] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 94.754132][ T5620] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 94.761057][ T5620] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 94.768074][ T5620] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 94.775036][ T5620] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 94.781884][ T5620] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 94.788817][ T5620] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 94.998018][ T4338] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled [ 95.000962][ T4338] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled [ 95.079879][ T5632] loop1: detected capacity change from 0 to 512 [ 95.153402][ T5634] netlink: 40 bytes leftover after parsing attributes in process `syz.4.578'. [ 95.156432][ T5632] EXT4-fs (loop1): revision level too high, forcing read-only mode [ 95.162887][ T5632] EXT4-fs (loop1): orphan cleanup on readonly fs [ 95.176117][ T5632] EXT4-fs error (device loop1): ext4_acquire_dquot:6197: comm syz.1.576: Failed to acquire dquot type 1 [ 95.182452][ T5632] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.576: bg 0: block 40: padding at end of block bitmap is not set [ 95.186511][ T5632] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6183: Corrupt filesystem [ 95.193669][ T5632] EXT4-fs (loop1): 1 truncate cleaned up [ 95.195408][ T5632] EXT4-fs (loop1): mounted filesystem without journal. Opts: nolazytime,,errors=continue. Quota mode: writeback. [ 95.436303][ T5643] loop4: detected capacity change from 0 to 128 [ 95.517837][ T5643] netlink: 'syz.4.582': attribute type 39 has an invalid length. [ 96.643690][ T5662] udc-core: couldn't find an available UDC or it's busy [ 96.645519][ T5662] misc raw-gadget: fail, usb_gadget_probe_driver returned -19 [ 97.460239][ T5684] infiniband syz2: set active [ 97.461901][ T5684] infiniband syz2: added veth0_to_bond [ 97.519708][ T5684] RDS/IB: syz2: added [ 97.526045][ T5684] smc: adding ib device syz2 with port count 1 [ 97.530382][ T5684] smc: ib device syz2 port 1 has pnetid [ 97.836380][ T26] kauditd_printk_skb: 4 callbacks suppressed [ 97.836392][ T26] audit: type=1326 audit(353.792:730): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5696 comm="syz.3.606" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8e566d28 code=0x7ffc0000 [ 97.868099][ T26] audit: type=1326 audit(353.822:731): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5696 comm="syz.3.606" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff8e566d28 code=0x7ffc0000 [ 97.876926][ T26] audit: type=1326 audit(353.832:732): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5696 comm="syz.3.606" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8e566d28 code=0x7ffc0000 [ 97.904532][ T26] audit: type=1326 audit(353.832:733): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5696 comm="syz.3.606" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8e566d28 code=0x7ffc0000 [ 97.930755][ T26] audit: type=1326 audit(353.832:734): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5696 comm="syz.3.606" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff8e566d28 code=0x7ffc0000 [ 97.961219][ T26] audit: type=1326 audit(353.832:735): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5696 comm="syz.3.606" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8e566d28 code=0x7ffc0000 [ 97.965672][ T26] audit: type=1326 audit(353.832:736): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5696 comm="syz.3.606" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8e566d28 code=0x7ffc0000 [ 98.001892][ T26] audit: type=1326 audit(353.832:737): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5696 comm="syz.3.606" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff8e566d28 code=0x7ffc0000 [ 98.007405][ T26] audit: type=1326 audit(353.842:738): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5696 comm="syz.3.606" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8e566d28 code=0x7ffc0000 [ 98.034972][ T5705] netlink: '+|[@': attribute type 10 has an invalid length. [ 98.049406][ T5705] bridge0: port 3(batadv0) entered disabled state [ 98.051417][ T5705] bridge0: port 2(bridge_slave_1) entered disabled state [ 98.054074][ T5705] bridge0: port 1(bridge_slave_0) entered disabled state [ 98.068189][ T26] audit: type=1326 audit(353.842:739): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5696 comm="syz.3.606" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff8e566d28 code=0x7ffc0000 [ 98.126311][ T5705] bridge0: port 3(batadv0) entered blocking state [ 98.128102][ T5705] bridge0: port 3(batadv0) entered forwarding state [ 98.130117][ T5705] bridge0: port 2(bridge_slave_1) entered blocking state [ 98.131907][ T5705] bridge0: port 2(bridge_slave_1) entered forwarding state [ 98.133857][ T5705] bridge0: port 1(bridge_slave_0) entered blocking state [ 98.135786][ T5705] bridge0: port 1(bridge_slave_0) entered forwarding state [ 98.188418][ C1] net_ratelimit: 11 callbacks suppressed [ 98.188433][ C1] batman_adv: batadv0: Local translation table size (100) exceeds maximum packet size (-320); Ignoring new local tt entry: aa:aa:aa:aa:aa:17 [ 98.198587][ T5705] bond0: (slave bridge0): Enslaving as an active interface with an up link [ 98.375163][ T5717] netdevsim netdevsim4: loading /lib/firmware/. failed with error -22 [ 98.377162][ T5717] netdevsim netdevsim4: Direct firmware load for . failed with error -22 [ 98.392364][ T5717] netdevsim netdevsim4: Falling back to sysfs fallback for: . [ 98.443930][ T5719] netlink: 20 bytes leftover after parsing attributes in process `syz.1.617'. [ 98.447223][ T5719] netlink: 'syz.1.617': attribute type 4 has an invalid length. [ 98.728622][ C1] batman_adv: batadv0: Local translation table size (100) exceeds maximum packet size (-320); Ignoring new local tt entry: aa:aa:aa:aa:aa:17 [ 98.889696][ T5726] loop1: detected capacity change from 0 to 1024 [ 99.008495][ T5726] EXT4-fs (loop1): mounted filesystem without journal. Opts: nombcache,abort,dioread_lock,norecovery,discard,lazytime,noload,usrquota,noauto_da_alloc,,errors=continue. Quota mode: writeback. [ 99.393210][ T5737] lo speed is unknown, defaulting to 1000 [ 100.005878][ T5742] loop4: detected capacity change from 0 to 164 [ 100.063094][ T5728] infiniband syz1: set active [ 100.064435][ T5728] infiniband syz1: added team_slave_0 [ 100.087038][ T5728] infiniband syz1: Couldn't open port 1 [ 100.114410][ T5728] RDS/IB: syz1: added [ 100.115491][ T5728] smc: adding ib device syz1 with port count 1 [ 100.117186][ T5728] smc: ib device syz1 port 1 has pnetid [ 100.347988][ T5752] usb usb8: usbfs: process 5752 (syz.2.629) did not claim interface 0 before use [ 101.108595][ T5780] loop4: detected capacity change from 0 to 256 [ 101.476234][ T5796] loop1: detected capacity change from 0 to 736 [ 102.005099][ T5836] netlink: 8 bytes leftover after parsing attributes in process `syz.1.669'. [ 102.161741][ T5840] loop2: detected capacity change from 0 to 2048 [ 102.221549][ T5840] EXT4-fs (loop2): Unrecognized mount option "defcontext=root" or missing value [ 102.377760][ T5846] lo speed is unknown, defaulting to 1000 [ 102.588388][ T5864] 9pnet: p9_errstr2errno: server reported unknown error 18446744073 [ 102.847858][ T26] kauditd_printk_skb: 37 callbacks suppressed [ 102.847870][ T26] audit: type=1326 audit(358.802:777): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5877 comm="syz.4.690" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff911d0d28 code=0x7ffc0000 [ 102.887612][ T26] audit: type=1326 audit(358.842:778): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5877 comm="syz.4.690" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=88 compat=0 ip=0xffff911d0d28 code=0x7ffc0000 [ 102.906703][ T26] audit: type=1326 audit(358.842:779): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5877 comm="syz.4.690" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff911d0d28 code=0x7ffc0000 [ 103.016448][ T5891] loop3: detected capacity change from 0 to 1024 [ 103.136912][ T5891] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 103.448225][ T26] audit: type=1326 audit(359.402:780): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5912 comm="syz.3.702" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8e566d28 code=0x7ffc0000 [ 103.457873][ T26] audit: type=1326 audit(359.412:781): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5912 comm="syz.3.702" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8e566d28 code=0x7ffc0000 [ 103.479606][ T26] audit: type=1326 audit(359.412:782): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5912 comm="syz.3.702" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=92 compat=0 ip=0xffff8e566d28 code=0x7ffc0000 [ 103.499908][ T26] audit: type=1326 audit(359.412:783): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5912 comm="syz.3.702" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8e566d28 code=0x7ffc0000 [ 103.523733][ T26] audit: type=1326 audit(359.412:784): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5912 comm="syz.3.702" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8e566d28 code=0x7ffc0000 [ 103.540242][ T5917] loop3: detected capacity change from 0 to 512 [ 103.618518][ T5917] EXT4-fs (loop3): Ignoring removed nobh option [ 103.654961][ T5917] EXT4-fs (loop3): mounted filesystem without journal. Opts: noquota,barrier=0x0000000000001000,grpjquota=,nobh,dioread_lock,,errors=continue. Quota mode: writeback. [ 103.712295][ T5917] EXT4-fs warning (device loop3): verify_group_input:165: Last group not full [ 103.937176][ T5933] netlink: 44 bytes leftover after parsing attributes in process `syz.3.710'. [ 103.976662][ T26] audit: type=1326 audit(359.932:785): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5932 comm="syz.3.710" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8e566d28 code=0x7ffc0000 [ 103.982952][ T26] audit: type=1326 audit(359.932:786): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5932 comm="syz.3.710" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=198 compat=0 ip=0xffff8e566d28 code=0x7ffc0000 [ 104.231281][ T5939] netlink: 12 bytes leftover after parsing attributes in process `syz.0.713'. [ 104.403161][ T5953] netlink: 4 bytes leftover after parsing attributes in process `syz.4.719'. [ 104.513817][ T5958] loop4: detected capacity change from 0 to 128 [ 104.608613][ T5961] netlink: 16 bytes leftover after parsing attributes in process `syz.2.723'. [ 104.616603][ T5961] netlink: 20 bytes leftover after parsing attributes in process `syz.2.723'. [ 104.753293][ T5965] loop2: detected capacity change from 0 to 2048 [ 104.833946][ T5964] loop4: detected capacity change from 0 to 8192 [ 104.864743][ T5964] loop4: p1 p2 p3 p4 [ 104.865828][ T5964] loop4: partition table partially beyond EOD, truncated [ 104.869671][ T5964] loop4: p1 start 67159808 is beyond EOD, truncated [ 104.872573][ T5964] loop4: p2 size 130943 extends beyond EOD, truncated [ 104.874872][ T5964] loop4: p3 start 340266 is beyond EOD, truncated [ 104.876493][ T5964] loop4: p4 size 3599499264 extends beyond EOD, truncated [ 104.912154][ T5965] EXT4-fs (loop2): mounted filesystem without journal. Opts: lazytime,usrjquota=,errors=remount-ro,bsdgroups,auto_da_alloc,jqfmt=vfsv1,nouid32,journal_dev=0x0000000000000007,grpjquota=,bsddf,. Quota mode: none. [ 104.982033][ T5970] loop3: detected capacity change from 0 to 512 [ 105.015610][ T5972] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.725: bg 0: block 234: padding at end of block bitmap is not set [ 105.025147][ T5972] EXT4-fs (loop2): Remounting filesystem read-only [ 105.073530][ T5970] EXT2-fs (loop3): warning: feature flags set on rev 0 fs, running e2fsck is recommended [ 105.144895][ T4015] udevd[4015]: inotify_add_watch(7, /dev/loop4p2, 10) failed: No such file or directory [ 105.153171][ T4213] udevd[4213]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory [ 105.468065][ T5992] netlink: 8 bytes leftover after parsing attributes in process `syz.0.736'. [ 105.684169][ T6003] lo speed is unknown, defaulting to 1000 [ 106.058972][ T6024] netlink: 8 bytes leftover after parsing attributes in process `syz.2.751'. [ 106.069264][ T6024] netlink: 8 bytes leftover after parsing attributes in process `syz.2.751'. [ 106.071764][ T6024] netlink: 2 bytes leftover after parsing attributes in process `syz.2.751'. [ 106.353016][ T6033] IPv6: NLM_F_CREATE should be specified when creating new route [ 106.739095][ C0] batman_adv: batadv0: Local translation table size (100) exceeds maximum packet size (-320); Ignoring new local tt entry: aa:aa:aa:aa:aa:1c [ 107.484679][ T6043] lo speed is unknown, defaulting to 1000 [ 107.770669][ T6055] loop4: detected capacity change from 0 to 1024 [ 107.836398][ T6062] netlink: 24 bytes leftover after parsing attributes in process `syz.0.764'. [ 107.899565][ T6055] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 107.992560][ T6070] netlink: 12 bytes leftover after parsing attributes in process `syz.3.768'. [ 108.028896][ C1] batman_adv: batadv0: Local translation table size (100) exceeds maximum packet size (-320); Ignoring new local tt entry: aa:aa:aa:aa:aa:17 [ 108.034215][ C1] batman_adv: batadv0: Local translation table size (100) exceeds maximum packet size (-320); Ignoring new local tt entry: aa:aa:aa:aa:aa:1b [ 108.128509][ T6072] capability: warning: `syz.4.769' uses 32-bit capabilities (legacy support in use) [ 108.291266][ T6082] loop4: detected capacity change from 0 to 1024 [ 108.346384][ T6082] EXT4-fs (loop4): Ignoring removed orlov option [ 108.351448][ T6082] EXT4-fs (loop4): Ignoring removed nomblk_io_submit option [ 108.403711][ T6082] EXT4-fs (loop4): mounted filesystem without journal. Opts: noblock_validity,bsddf,sysvgroups,data_err=ignore,debug_want_extra_isize=0x0000000000000080,orlov,nogrpid,noauto_da_alloc,nomblk_io_submit,,errors=continue. Quota mode: none. [ 108.668245][ T6082] EXT4-fs (loop4): Ignoring removed orlov option [ 108.675972][ T6082] EXT4-fs (loop4): can't enable nombcache during remount [ 109.177966][ T6114] netlink: 12 bytes leftover after parsing attributes in process `syz.0.788'. [ 109.314464][ T6123] netlink: 268 bytes leftover after parsing attributes in process `syz.4.792'. [ 109.332306][ T6119] IPVS: sh: UDP 224.0.0.2:0 - no destination available [ 109.433922][ T26] kauditd_printk_skb: 13 callbacks suppressed [ 109.433935][ T26] audit: type=1326 audit(365.392:800): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6127 comm="syz.4.794" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff911d0d28 code=0x7ffc0000 [ 109.473809][ T26] audit: type=1326 audit(365.432:801): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6127 comm="syz.4.794" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff911d0d28 code=0x7ffc0000 [ 109.500667][ T26] audit: type=1326 audit(365.432:802): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6127 comm="syz.4.794" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff911d0d28 code=0x7ffc0000 [ 109.523069][ T26] audit: type=1326 audit(365.432:803): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6127 comm="syz.4.794" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff911d0d28 code=0x7ffc0000 [ 109.558254][ T26] audit: type=1326 audit(365.432:804): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6127 comm="syz.4.794" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff911d0d28 code=0x7ffc0000 [ 109.578291][ T26] audit: type=1326 audit(365.432:805): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6127 comm="syz.4.794" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff911d0d28 code=0x7ffc0000 [ 109.603308][ T26] audit: type=1326 audit(365.442:806): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6127 comm="syz.4.794" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff911d0d28 code=0x7ffc0000 [ 109.624456][ T26] audit: type=1326 audit(365.442:807): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6127 comm="syz.4.794" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=5 compat=0 ip=0xffff911d0d28 code=0x7ffc0000 [ 109.644612][ T26] audit: type=1326 audit(365.442:808): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6127 comm="syz.4.794" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff911d0d28 code=0x7ffc0000 [ 109.663374][ T26] audit: type=1326 audit(365.442:809): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6127 comm="syz.4.794" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff911d0d28 code=0x7ffc0000 [ 109.785755][ T6143] netlink: 60 bytes leftover after parsing attributes in process `syz.4.799'. [ 109.785799][ T6143] netlink: 8 bytes leftover after parsing attributes in process `syz.4.799'. [ 109.818549][ T6141] IPv6: Can't replace route, no match found [ 109.919550][ T6149] loop4: detected capacity change from 0 to 2048 [ 110.000252][ T6149] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 110.001421][ T6162] netlink: 16 bytes leftover after parsing attributes in process `syz.2.805'. [ 110.115067][ T6166] loop3: detected capacity change from 0 to 1024 [ 110.155516][ T6168] loop2: detected capacity change from 0 to 2048 [ 110.175778][ T6166] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 110.186951][ T6168] EXT4-fs (loop2): Ignoring removed bh option [ 110.237581][ T6168] EXT4-fs (loop2): mounted filesystem without journal. Opts: discard,bh,mb_optimize_scan=0x0000000000000001,,errors=continue. Quota mode: none. [ 110.427515][ T6182] loop3: detected capacity change from 0 to 512 [ 110.495635][ T6182] EXT4-fs (loop3): too many log groups per flexible block group [ 110.497672][ T6182] EXT4-fs (loop3): failed to initialize mballoc (-12) [ 110.499597][ T6182] EXT4-fs (loop3): mount failed [ 110.561042][ T6194] loop2: detected capacity change from 0 to 164 [ 110.595306][ T6192] lo speed is unknown, defaulting to 1000 [ 110.605684][ T6194] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 111.152651][ T6212] netlink: 4 bytes leftover after parsing attributes in process `syz.4.827'. [ 111.155016][ T6212] device bridge_slave_1 left promiscuous mode [ 111.162482][ T6212] bridge0: port 2(bridge_slave_1) entered disabled state [ 111.214899][ T6212] device bridge_slave_0 left promiscuous mode [ 111.216856][ T6212] bridge0: port 1(bridge_slave_0) entered disabled state [ 112.500541][ T6249] Cannot find del_set index 4 as target [ 112.631725][ T6258] IPv6: Can't replace route, no match found [ 113.345004][ T6291] loop4: detected capacity change from 0 to 256 [ 113.456508][ T6293] loop2: detected capacity change from 0 to 2048 [ 113.573929][ T6293] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 113.658909][ T6302] netlink: 28 bytes leftover after parsing attributes in process `syz.3.863'. [ 113.661088][ T6302] netlink: 28 bytes leftover after parsing attributes in process `syz.3.863'. [ 113.703621][ T6306] loop4: detected capacity change from 0 to 256 [ 113.776838][ T6306] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 113.964479][ T6315] device syzkaller1 entered promiscuous mode [ 113.973800][ T6317] loop3: detected capacity change from 0 to 512 [ 114.097885][ T6317] EXT4-fs (loop3): mounted filesystem without journal. Opts: barrier=0x0000000000000007,i_version,,errors=continue. Quota mode: writeback. [ 114.613621][ T6341] loop3: detected capacity change from 0 to 128 [ 114.617691][ T6341] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 115.578322][ T6343] netlink: 256 bytes leftover after parsing attributes in process `syz.2.878'. [ 115.580912][ T6343] netlink: 72 bytes leftover after parsing attributes in process `syz.2.878'. [ 115.920407][ T6341] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 116.324498][ T26] kauditd_printk_skb: 81 callbacks suppressed [ 116.324512][ T26] audit: type=1326 audit(372.282:891): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6354 comm="syz.2.884" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8cfa3d28 code=0x7ffc0000 [ 116.338593][ T26] audit: type=1326 audit(372.282:892): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6354 comm="syz.2.884" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8cfa3d28 code=0x7ffc0000 [ 116.358228][ T26] audit: type=1326 audit(372.282:893): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6354 comm="syz.2.884" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=111 compat=0 ip=0xffff8cfa3d28 code=0x7ffc0000 [ 116.363550][ T26] audit: type=1326 audit(372.282:894): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6354 comm="syz.2.884" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8cfa3d28 code=0x7ffc0000 [ 116.404127][ T26] audit: type=1326 audit(372.292:895): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6354 comm="syz.2.884" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8cfa3d28 code=0x7ffc0000 [ 116.439085][ T26] audit: type=1326 audit(372.292:896): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6354 comm="syz.2.884" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff8cfa3d28 code=0x7ffc0000 [ 116.468332][ T26] audit: type=1326 audit(372.292:897): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6354 comm="syz.2.884" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8cfa3d28 code=0x7ffc0000 [ 116.473998][ T26] audit: type=1326 audit(372.292:898): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6354 comm="syz.2.884" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8cfa3d28 code=0x7ffc0000 [ 116.507609][ T26] audit: type=1326 audit(372.292:899): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6354 comm="syz.2.884" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff8cfa3d28 code=0x7ffc0000 [ 116.524148][ T6364] IPv6: Can't replace route, no match found [ 116.536317][ T26] audit: type=1326 audit(372.292:900): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6354 comm="syz.2.884" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8cfa3d28 code=0x7ffc0000 [ 116.587596][ T6367] netlink: 180900 bytes leftover after parsing attributes in process `syz.1.890'. [ 116.598518][ T6367] openvswitch: netlink: Flow actions attr not present in new flow. [ 116.659765][ T6370] netlink: 4 bytes leftover after parsing attributes in process `syz.4.892'. [ 116.674522][ T6370] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 116.677120][ T6370] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 116.699248][ T6370] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 116.701277][ T6370] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 116.981951][ T6379] loop2: detected capacity change from 0 to 8192 [ 117.078845][ T6385] ieee802154 phy0 wpan0: encryption failed: -22 [ 117.318057][ T6393] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.900'. [ 117.326595][ T6389] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.900'. [ 117.532343][ T6392] loop4: detected capacity change from 0 to 8192 [ 117.904372][ T6404] loop3: detected capacity change from 0 to 128 [ 117.954401][ T6404] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 118.398388][ T6423] netlink: 12 bytes leftover after parsing attributes in process `syz.2.914'. [ 118.408570][ T6423] bridge0: port 3(batadv1) entered blocking state [ 118.410213][ T6423] bridge0: port 3(batadv1) entered disabled state [ 118.412641][ T6423] device batadv1 entered promiscuous mode [ 118.544397][ T6430] loop4: detected capacity change from 0 to 512 [ 118.633869][ T6442] loop2: detected capacity change from 0 to 512 [ 118.691223][ T6442] EXT4-fs error (device loop2): ext4_xattr_block_get:546: inode #2: comm syz.2.922: corrupted xattr block 255 [ 118.719213][ T6430] EXT4-fs (loop4): Ignoring removed orlov option [ 118.723962][ T6442] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -117 [ 118.726364][ T6442] EXT4-fs (loop2): mounted filesystem without journal. Opts: data_err=abort,noblock_validity,dioread_lock,init_itable,auto_da_alloc,grpjquota=.noload,barrier=0x0000000000000007,jqfmt=vfsv1,grpid,,,errors=continue. Quota mode: writeback. [ 118.746460][ T6442] EXT4-fs error (device loop2): ext4_xattr_block_get:546: inode #2: comm syz.2.922: corrupted xattr block 255 [ 118.753851][ T6430] EXT4-fs (loop4): orphan cleanup on readonly fs [ 118.757404][ T6430] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.919: bg 0: block 248: padding at end of block bitmap is not set [ 118.772996][ T6430] EXT4-fs error (device loop4): ext4_acquire_dquot:6197: comm syz.4.919: Failed to acquire dquot type 1 [ 118.794884][ T6430] EXT4-fs (loop4): 1 truncate cleaned up [ 118.823215][ T6430] EXT4-fs (loop4): mounted filesystem without journal. Opts: bsdgroups,nodiscard,noblock_validity,grpjquota=,grpjquota=,orlov,abort,nombcache,stripe=0x0000000000000010,,errors=continue. Quota mode: writeback. [ 118.938441][ T6430] EXT4-fs (loop4): Ignoring removed orlov option [ 118.940095][ T6430] EXT4-fs error (device loop4): ext4_remount:5855: comm syz.4.919: Abort forced by user [ 118.941257][ T4179] batman_adv: batadv1: No IGMP Querier present - multicast optimizations disabled [ 118.945072][ T4179] batman_adv: batadv1: No MLD Querier present - multicast optimizations disabled [ 119.004537][ T6461] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 119.007061][ T6461] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 119.107058][ T6468] netlink: 12 bytes leftover after parsing attributes in process `syz.4.933'. [ 119.201319][ T6476] netlink: 4 bytes leftover after parsing attributes in process `syz.4.938'. [ 119.244931][ T6477] netlink: 312 bytes leftover after parsing attributes in process `syz.1.939'. [ 119.379993][ T6485] No such timeout policy "syz0" [ 119.482038][ T6496] loop4: detected capacity change from 0 to 128 [ 119.511469][ T6499] netlink: 8 bytes leftover after parsing attributes in process `syz.1.950'. [ 119.723625][ T6511] sch_tbf: burst 0 is lower than device lo mtu (11337746) ! [ 121.017193][ T6537] netlink: 24 bytes leftover after parsing attributes in process `syz.1.966'. [ 121.248557][ T6548] netlink: 24 bytes leftover after parsing attributes in process `syz.1.971'. [ 121.411865][ T6556] loop4: detected capacity change from 0 to 512 [ 121.505563][ T6556] EXT4-fs (loop4): mounted filesystem without journal. Opts: nodelalloc,grpid,auto_da_alloc,,errors=continue. Quota mode: writeback. [ 121.519641][ T26] kauditd_printk_skb: 175 callbacks suppressed [ 121.519654][ T26] audit: type=1326 audit(377.482:1074): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6555 comm="syz.4.972" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff911d0d28 code=0x7ffc0000 [ 121.544027][ T26] audit: type=1326 audit(377.482:1075): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6555 comm="syz.4.972" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=211 compat=0 ip=0xffff911d0d28 code=0x7ffc0000 [ 121.559719][ T26] audit: type=1326 audit(377.482:1076): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6555 comm="syz.4.972" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff911d0d28 code=0x7ffc0000 [ 121.573478][ T26] audit: type=1326 audit(377.482:1077): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6555 comm="syz.4.972" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=35 compat=0 ip=0xffff911d0d28 code=0x7ffc0000 [ 121.582684][ T26] audit: type=1326 audit(377.492:1078): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6555 comm="syz.4.972" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff911d0d28 code=0x7ffc0000 [ 121.652361][ T6568] team0: Device ipvlan2 failed to register rx_handler [ 121.734801][ T6574] lo speed is unknown, defaulting to 1000 [ 121.788658][ T26] audit: type=1326 audit(377.752:1079): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6573 comm="syz.4.983" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff911d0d28 code=0x7ffc0000 [ 121.797549][ T26] audit: type=1326 audit(377.752:1080): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6573 comm="syz.4.983" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=220 compat=0 ip=0xffff911d0d28 code=0x7ffc0000 [ 121.800830][ T6581] loop3: detected capacity change from 0 to 128 [ 121.814884][ T26] audit: type=1326 audit(377.752:1081): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6573 comm="syz.4.983" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff911d0d28 code=0x7ffc0000 [ 121.829534][ T26] audit: type=1326 audit(377.772:1082): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6573 comm="syz.4.983" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=117 compat=0 ip=0xffff911d0d28 code=0x7ffc0000 [ 121.846192][ T26] audit: type=1326 audit(377.772:1083): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6573 comm="syz.4.983" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff911d0d28 code=0x7ffc0000 [ 121.965310][ T6581] attempt to access beyond end of device [ 121.965310][ T6581] loop3: rw=2049, want=977, limit=128 [ 121.997471][ T6588] lo speed is unknown, defaulting to 1000 [ 122.010953][ T6581] attempt to access beyond end of device [ 122.010953][ T6581] loop3: rw=524288, want=977, limit=128 [ 122.452127][ T6609] loop3: detected capacity change from 0 to 1024 [ 122.589295][ T6609] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 122.716807][ T6630] tipc: Started in network mode [ 122.718403][ T6630] tipc: Node identity ffe00000000000000079940000000001, cluster identity 4711 [ 122.720875][ T6630] tipc: Enabling of bearer rejected, failed to enable media [ 122.926784][ T6646] loop4: detected capacity change from 0 to 512 [ 123.006387][ T6646] EXT4-fs (loop4): 1 orphan inode deleted [ 123.013609][ T6646] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 123.029661][ T6656] usb usb1: usbfs: interface 0 claimed by hub while 'syz.3.1010' sets config #0 [ 123.165677][ T6668] loop3: detected capacity change from 0 to 512 [ 123.199563][ T6673] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1016'. [ 123.225443][ T6668] EXT4-fs (loop3): Quota format mount options ignored when QUOTA feature is enabled [ 123.228023][ T6668] EXT4-fs (loop3): Ignoring removed orlov option [ 123.256258][ T6668] EXT4-fs (loop3): mounted filesystem without journal. Opts: usrquota,quota,jqfmt=vfsold,orlov,nogrpid,,errors=continue. Quota mode: writeback. [ 123.273806][ T6673] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1016'. [ 123.308732][ T6668] EXT4-fs (loop3): re-mounted. Opts: (null). Quota mode: writeback. [ 123.366901][ T6687] loop4: detected capacity change from 0 to 256 [ 123.394890][ T6683] netlink: 'syz.2.1018': attribute type 39 has an invalid length. [ 123.469012][ T6689] loop3: detected capacity change from 0 to 512 [ 123.552734][ T6687] syz.4.1021 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 123.578433][ T6689] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.1022: bg 0: block 248: padding at end of block bitmap is not set [ 123.620787][ T6689] EXT4-fs error (device loop3): ext4_acquire_dquot:6197: comm syz.3.1022: Failed to acquire dquot type 1 [ 123.634895][ T6689] EXT4-fs (loop3): 1 truncate cleaned up [ 123.636284][ T6689] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 124.140012][ T6733] vhci_hcd: USB_PORT_FEAT_U1/2_TIMEOUT req not supported for USB 2.0 roothub [ 124.200384][ T6741] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1045'. [ 124.216949][ T6740] lo speed is unknown, defaulting to 1000 [ 124.295181][ T6747] device veth0_to_bond entered promiscuous mode [ 124.314715][ T6747] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1049'. [ 124.372337][ T6747] device veth0_to_bond left promiscuous mode [ 124.426831][ T6747] bond0: (slave bond_slave_0): Releasing backup interface [ 124.830847][ T6773] loop4: detected capacity change from 0 to 512 [ 124.874588][ T6773] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 124.890737][ T6773] EXT4-fs error (device loop4): ext4_orphan_get:1401: inode #15: comm syz.4.1061: iget: bad extra_isize 15 (inode size 256) [ 124.917626][ T6773] EXT4-fs error (device loop4): ext4_orphan_get:1406: comm syz.4.1061: couldn't read orphan inode 15 (err -117) [ 124.922165][ T6773] EXT4-fs (loop4): mounted filesystem without journal. Opts: i_version,nombcache,debug_want_extra_isize=0x0000000000000068,lazytime,block_validity,sysvgroups,,errors=continue. Quota mode: none. [ 124.993221][ T6780] smc: net device bond0 applied user defined pnetid SYZ0 [ 125.001412][ T6780] smc: ib device syz1 ibport 1 applied user defined pnetid SYZ0 [ 125.017456][ T6780] smc: net device bond0 erased user defined pnetid SYZ0 [ 125.043923][ T6780] smc: ib device syz1 ibport 1 erased user defined pnetid SYZ0 [ 125.207348][ T6794] loop3: detected capacity change from 0 to 256 [ 125.239339][ T6794] FAT-fs (loop3): Unrecognized mount option "ÿÿÿÿÿÿÿ" or missing value [ 125.436494][ T6805] xt_CT: You must specify a L4 protocol and not use inversions on it [ 125.445258][ T6808] mmap: syz.1.1078 (6808): VmData 50077696 exceed data ulimit 2. Update limits or use boot option ignore_rlimit_data. [ 125.452400][ T6805] futex_wake_op: syz.3.1076 tries to shift op by -1; fix this program [ 125.596270][ T6814] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1081'. [ 125.786660][ T6828] loop3: detected capacity change from 0 to 2048 [ 125.816320][ T6832] tipc: Started in network mode [ 125.827319][ T6832] tipc: Node identity ac14140f, cluster identity 4711 [ 125.836222][ T6832] tipc: New replicast peer: 255.255.255.255 [ 125.841049][ T6832] tipc: Enabled bearer , priority 10 [ 125.866480][ T6834] smc: net device bond0 applied user defined pnetid SYZ0 [ 125.870222][ T6834] smc: ib device syz1 ibport 1 applied user defined pnetid SYZ0 [ 125.874395][ T6828] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 125.885067][ T6828] EXT4-fs (loop3): shut down requested (0) [ 125.887440][ T6834] smc: net device bond0 erased user defined pnetid SYZ0 [ 125.911070][ T6834] smc: ib device syz1 ibport 1 erased user defined pnetid SYZ0 [ 126.573600][ T6865] smc: net device bond0 applied user defined pnetid SYZ0 [ 126.575417][ T6865] smc: ib device syz1 ibport 1 applied user defined pnetid SYZ0 [ 126.578591][ T6865] smc: net device bond0 erased user defined pnetid SYZ0 [ 126.582702][ T6865] smc: ib device syz1 ibport 1 erased user defined pnetid SYZ0 [ 126.651582][ T6870] loop4: detected capacity change from 0 to 128 [ 126.706326][ T6870] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 126.949547][ T1961] tipc: Node number set to 2886997007 [ 127.408867][ T26] kauditd_printk_skb: 47 callbacks suppressed [ 127.408881][ T26] audit: type=1326 audit(383.372:1129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6891 comm="syz.3.1115" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8e566d28 code=0x7ffc0000 [ 127.435535][ T26] audit: type=1326 audit(383.392:1130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6891 comm="syz.3.1115" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=198 compat=0 ip=0xffff8e566d28 code=0x7ffc0000 [ 127.435579][ T26] audit: type=1326 audit(383.392:1131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6891 comm="syz.3.1115" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8e566d28 code=0x7ffc0000 [ 127.437877][ T26] audit: type=1326 audit(383.392:1132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6891 comm="syz.3.1115" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=208 compat=0 ip=0xffff8e566d28 code=0x7ffc0000 [ 127.633689][ T26] audit: type=1326 audit(383.392:1133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6891 comm="syz.3.1115" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8e566d28 code=0x7ffc0000 [ 127.633736][ T26] audit: type=1326 audit(383.392:1134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6891 comm="syz.3.1115" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff8e566d28 code=0x7ffc0000 [ 127.633771][ T26] audit: type=1326 audit(383.392:1135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6891 comm="syz.3.1115" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8e566d28 code=0x7ffc0000 [ 127.633805][ T26] audit: type=1326 audit(383.392:1136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6891 comm="syz.3.1115" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff8e566d28 code=0x7ffc0000 [ 127.633855][ T26] audit: type=1326 audit(383.412:1137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6891 comm="syz.3.1115" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8e566d28 code=0x7ffc0000 [ 127.633891][ T26] audit: type=1326 audit(383.412:1138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6891 comm="syz.3.1115" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff8e566d28 code=0x7ffc0000 [ 127.695296][ T6905] IPv6: Can't replace route, no match found [ 127.794735][ T6910] xt_CT: You must specify a L4 protocol and not use inversions on it [ 128.560288][ T4015] udevd[4015]: inotify_add_watch(7, /dev/loop2, 10) failed: No such file or directory [ 128.642400][ T6924] rdma_op 0000000054afc75f conn xmit_rdma 0000000000000000 [ 128.747492][ T6931] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1131'. [ 128.937361][ T6947] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1136'. [ 128.956754][ T6947] device veth1_macvtap left promiscuous mode [ 129.029505][ T6951] netlink: 'syz.4.1137': attribute type 10 has an invalid length. [ 129.056255][ T6957] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1140'. [ 129.060463][ T6957] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1140'. [ 129.062787][ T6957] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1140'. [ 129.086401][ T6951] team0: Port device netdevsim0 added [ 129.090372][ T6955] netlink: 'syz.4.1137': attribute type 10 has an invalid length. [ 129.164672][ T6955] team0: Port device netdevsim0 removed [ 129.171566][ T6955] bond0: (slave netdevsim0): Enslaving as an active interface with an up link [ 129.382369][ T6969] device batadv0 entered promiscuous mode [ 129.395064][ T6966] device batadv0 left promiscuous mode [ 129.453935][ T6972] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1148'. [ 129.557279][ T6978] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1150'. [ 129.679798][ T6990] atomic_op 00000000ffcad5cd conn xmit_atomic 0000000000000000 [ 130.039960][ T7011] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.1164'. [ 130.051465][ T7010] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.1164'. [ 130.216272][ T7019] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1167'. [ 130.942755][ T7045] IPv6: NLM_F_CREATE should be specified when creating new route [ 130.956244][ T7042] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1180'. [ 131.060241][ T2056] ieee802154 phy0 wpan0: encryption failed: -22 [ 131.062048][ T2056] ieee802154 phy1 wpan1: encryption failed: -22 [ 131.144449][ T7054] IPv6: Can't replace route, no match found [ 131.497407][ T7071] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1193'. [ 131.503841][ T7072] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1192'. [ 131.506403][ T7071] IPVS: Unknown mcast interface: vcan0 [ 132.869087][ T7107] xt_CT: You must specify a L4 protocol and not use inversions on it [ 133.685128][ T7121] netlink: 'syz.0.1213': attribute type 39 has an invalid length. [ 134.483168][ T26] kauditd_printk_skb: 16 callbacks suppressed [ 134.483181][ T26] audit: type=1326 audit(390.442:1155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7154 comm="syz.0.1228" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa50edd28 code=0x7ffc0000 [ 134.492588][ T26] audit: type=1326 audit(390.452:1156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7154 comm="syz.0.1228" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=448 compat=0 ip=0xffffa50edd28 code=0x7ffc0000 [ 134.505422][ T26] audit: type=1326 audit(390.452:1157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7154 comm="syz.0.1228" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa50edd28 code=0x7ffc0000 [ 134.811879][ T7170] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1235'. [ 135.306733][ T7181] lo speed is unknown, defaulting to 1000 [ 136.422604][ T7210] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported [ 137.243493][ T7223] tipc: Enabled bearer , priority 0 [ 137.393585][ T7221] tipc: Resetting bearer [ 137.464570][ T7221] tipc: Disabling bearer [ 137.816227][ T7235] bond0: (slave netdevsim0): Error: Slave device does not support XDP [ 137.971537][ T7240] netdevsim netdevsim4 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 137.975832][ T7240] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 138.067641][ T7240] netdevsim netdevsim4 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 138.079163][ T7240] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 138.159604][ T7240] netdevsim netdevsim4 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 138.165751][ T7240] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 138.273040][ T7240] bond0: (slave netdevsim0): Releasing backup interface [ 138.303275][ T7240] netdevsim netdevsim4 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 138.309481][ T7240] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 138.526978][ T7240] netdevsim netdevsim4 eth0: set [0, 0] type 1 family 0 port 8472 - 0 [ 138.533087][ T7240] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 138.554222][ T7240] netdevsim netdevsim4 eth1: set [0, 0] type 1 family 0 port 8472 - 0 [ 138.556539][ T7240] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 138.567297][ T7240] netdevsim netdevsim4 eth2: set [0, 0] type 1 family 0 port 8472 - 0 [ 138.578414][ T7240] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 138.592996][ T7240] netdevsim netdevsim4 eth3: set [0, 0] type 1 family 0 port 8472 - 0 [ 138.605573][ T7240] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 138.897441][ T7250] netdevsim netdevsim4 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 138.926203][ T7194] Can't find ip_set type bitmap:ip [ 138.939914][ T7250] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 139.052616][ T7250] netdevsim netdevsim4 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 139.055231][ T7250] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 139.149739][ T7250] netdevsim netdevsim4 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 139.180448][ T7250] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 139.253568][ T7250] netdevsim netdevsim4 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 139.262676][ T7250] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 139.332866][ T6942] Set syz1 is full, maxelem 65536 reached [ 144.191368][ T7250] netdevsim netdevsim4 eth0: set [0, 0] type 1 family 0 port 8472 - 0 [ 144.193412][ T7250] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 144.199052][ T7250] netdevsim netdevsim4 eth1: set [0, 0] type 1 family 0 port 8472 - 0 [ 144.201117][ T7250] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 144.207004][ T7250] netdevsim netdevsim4 eth2: set [0, 0] type 1 family 0 port 8472 - 0 [ 144.211044][ T7250] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 144.217684][ T7250] netdevsim netdevsim4 eth3: set [0, 0] type 1 family 0 port 8472 - 0 [ 144.220097][ T7250] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 144.323082][ T26] audit: type=1326 audit(400.282:1158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7281 comm="syz.1.1280" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffaeaf3d28 code=0x7ffc0000 [ 144.343130][ T7284] netlink: 'syz.3.1279': attribute type 1 has an invalid length. [ 144.345448][ T26] audit: type=1326 audit(400.302:1159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7281 comm="syz.1.1280" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffaeaf3d28 code=0x7ffc0000 [ 144.365114][ T26] audit: type=1326 audit(400.322:1160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7281 comm="syz.1.1280" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=278 compat=0 ip=0xffffaeaf3d28 code=0x7ffc0000 [ 144.376285][ T26] audit: type=1326 audit(400.332:1161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7281 comm="syz.1.1280" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffaeaf3d28 code=0x7ffc0000 [ 144.392195][ T26] audit: type=1326 audit(400.332:1162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7281 comm="syz.1.1280" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffaeaf3d28 code=0x7ffc0000 [ 144.501397][ T7284] netlink: 68 bytes leftover after parsing attributes in process `syz.3.1279'. [ 144.520695][ T7299] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1283'. [ 144.536422][ T7302] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1284'. [ 144.538746][ T7302] netlink: 104 bytes leftover after parsing attributes in process `syz.1.1284'. [ 144.540992][ T7302] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1284'. [ 145.383993][ T26] audit: type=1326 audit(401.342:1163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7307 comm="syz.0.1286" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa50edd28 code=0x7ffc0000 [ 145.389818][ T26] audit: type=1326 audit(401.342:1164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7307 comm="syz.0.1286" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=109 compat=0 ip=0xffffa50edd28 code=0x7ffc0000 [ 145.395109][ T26] audit: type=1326 audit(401.342:1165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7307 comm="syz.0.1286" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa50edd28 code=0x7ffc0000 [ 145.556154][ T26] audit: type=1326 audit(401.512:1166): auid=4294967295 uid=60928 gid=0 ses=4294967295 subj=unconfined pid=7310 comm="syz.1.1288" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffaeaf3d28 code=0x7ffc0000 [ 145.568786][ T26] audit: type=1326 audit(401.532:1167): auid=4294967295 uid=60928 gid=0 ses=4294967295 subj=unconfined pid=7310 comm="syz.1.1288" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffaeaf3d28 code=0x7ffc0000 [ 145.875264][ T7343] loop4: detected capacity change from 0 to 1024 [ 145.933403][ T7343] EXT4-fs (loop4): Ignoring removed orlov option [ 145.940470][ T7349] netlink: 'syz.1.1305': attribute type 1 has an invalid length. [ 145.993374][ T7349] netlink: 68 bytes leftover after parsing attributes in process `syz.1.1305'. [ 145.999889][ T7343] EXT4-fs (loop4): mounted filesystem without journal. Opts: jqfmt=vfsv1,resgid=0x0000000000000000,nodioread_nolock,norecovery,debug_want_extra_isize=0x0000000000000080,resgid=0x0000000000000000,errors=remount-ro,grpid,orlov,. Quota mode: none. [ 146.429783][ T4067] ------------[ cut here ]------------ [ 146.431514][ T4067] sysfs group 'power' not found for kobject 'ueagle-atm!eagleII.fw' [ 146.434449][ T4068] usb 1-1: [UEAGLE-ATM] firmware is not available [ 146.436434][ T4067] WARNING: CPU: 1 PID: 4067 at fs/sysfs/group.c:281 sysfs_remove_group+0x174/0x288 [ 146.438809][ T4067] Modules linked in: [ 146.439822][ T4067] CPU: 1 PID: 4067 Comm: kworker/1:3 Not tainted 5.15.178-syzkaller #0 [ 146.441917][ T4067] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 146.444474][ T4067] Workqueue: events request_firmware_work_func [ 146.446065][ T4067] pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 146.448085][ T4067] pc : sysfs_remove_group+0x174/0x288 [ 146.449471][ T4067] lr : sysfs_remove_group+0x174/0x288 [ 146.450914][ T4067] sp : ffff80001ff977e0 [ 146.452020][ T4067] x29: ffff80001ff977e0 x28: 1fffe00018cef004 x27: dfff800000000000 [ 146.454174][ T4067] x26: ffff80001ff978a0 x25: 1fffe0001ac2360a x24: 1ffff000025320c0 [ 146.456252][ T4067] x23: dfff800000000000 x22: ffff0000d611b068 x21: ffff0000d611b008 [ 146.458272][ T4067] x20: ffff0000dc036e80 x19: ffff8000129905e0 x18: 1fffe00036832d8e [ 146.460516][ T4067] x17: 1fffe00036832d8e x16: ffff800011b4e3fc x15: ffff800014c0fac0 [ 146.462640][ T4067] x14: 1ffff0000296e06c x13: dfff800000000000 x12: 0000000000000001 [ 146.464727][ T4067] x11: 0000000000000000 x10: 0000000000000000 x9 : 56a81a115106b000 [ 146.466766][ T4067] x8 : 56a81a115106b000 x7 : 0000000000000000 x6 : 0000000000000000 [ 146.468832][ T4067] x5 : 0000000000000080 x4 : 0000000000000000 x3 : ffff8000085568c0 [ 146.470876][ T4067] x2 : 0000000000000001 x1 : 0000000100000000 x0 : 0000000000000041 [ 146.473065][ T4067] Call trace: [ 146.473911][ T4067] sysfs_remove_group+0x174/0x288 [ 146.475267][ T4067] dpm_sysfs_remove+0xa4/0xd4 [ 146.476537][ T4067] device_del+0x268/0x9b4 [ 146.477697][ T4067] firmware_fallback_sysfs+0x7ec/0xae8 [ 146.479139][ T4067] _request_firmware+0x950/0x1050 [ 146.480468][ T4067] request_firmware_work_func+0xfc/0x214 [ 146.481952][ T4067] process_one_work+0x790/0x11b8 [ 146.483261][ T4067] worker_thread+0x910/0x1034 [ 146.484439][ T4067] kthread+0x37c/0x45c [ 146.485513][ T4067] ret_from_fork+0x10/0x20 [ 146.486643][ T4067] irq event stamp: 30808 [ 146.487800][ T4067] hardirqs last enabled at (30807): [] finish_lock_switch+0xbc/0x1e8 [ 146.490373][ T4067] hardirqs last disabled at (30808): [] el1_dbg+0x24/0x80 [ 146.492659][ T4067] softirqs last enabled at (30654): [] handle_softirqs+0xb88/0xdbc [ 146.495024][ T4067] softirqs last disabled at (30553): [] __irq_exit_rcu+0x268/0x4d8 [ 146.497413][ T4067] ---[ end trace b34e6857a850ca66 ]--- [ 146.515559][ T7374] loop4: detected capacity change from 0 to 1024 [ 146.553782][ T4067] usb 1-1: [UEAGLE-ATM] firmware is not available [ 146.625544][ T7374] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 148.515959][ T4034] syz-executor invoked oom-killer: gfp_mask=0x1100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0 [ 148.520541][ T4034] CPU: 1 PID: 4034 Comm: syz-executor Tainted: G W 5.15.178-syzkaller #0 [ 148.523176][ T4034] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 148.525855][ T4034] Call trace: [ 148.526729][ T4034] dump_backtrace+0x0/0x530 [ 148.527880][ T4034] show_stack+0x2c/0x3c [ 148.528926][ T4034] dump_stack_lvl+0x108/0x170 [ 148.530172][ T4034] dump_stack+0x1c/0x58 [ 148.531275][ T4034] dump_header+0xb0/0x8ec [ 148.532363][ T4034] oom_kill_process+0x108/0x560 [ 148.533621][ T4034] out_of_memory+0xcc4/0xfe0 [ 148.534812][ T4034] mem_cgroup_out_of_memory+0x250/0x330 [ 148.536252][ T4034] try_charge_memcg+0xe70/0x128c [ 148.537554][ T4034] charge_memcg+0xac/0x220 [ 148.538665][ T4034] __mem_cgroup_charge+0x38/0xa8 [ 148.539934][ T4034] __add_to_page_cache_locked+0x968/0xe68 [ 148.541432][ T4034] add_to_page_cache_lru+0x1bc/0x4f0 [ 148.542780][ T4034] pagecache_get_page+0xb2c/0xd94 [ 148.544070][ T4034] filemap_fault+0x740/0xf5c [ 148.545379][ T4034] __do_fault+0x120/0x5d0 [ 148.546432][ T4034] handle_mm_fault+0x21e8/0x33a8 [ 148.547758][ T4034] do_page_fault+0x700/0xb60 [ 148.548922][ T4034] do_translation_fault+0xe8/0x138 [ 148.550264][ T4034] do_mem_abort+0x70/0x1d8 [ 148.551419][ T4034] el0_da+0x94/0x20c [ 148.552416][ T4034] el0t_64_sync_handler+0xc0/0xe4 [ 148.553764][ T4034] el0t_64_sync+0x1a0/0x1a4 [ 148.562075][ T4034] memory: usage 307200kB, limit 307200kB, failcnt 1119 [ 148.563882][ T4034] memory+swap: usage 315756kB, limit 9007199254740988kB, failcnt 0 [ 148.565981][ T4034] kmem: usage 307184kB, limit 9007199254740988kB, failcnt 0 [ 148.567877][ T4034] Memory cgroup stats for /syz3: [ 148.570586][ T4034] anon 0 [ 148.570586][ T4034] file 0 [ 148.570586][ T4034] kernel_stack 65536 [ 148.570586][ T4034] pagetables 225280 [ 148.570586][ T4034] percpu 72 [ 148.570586][ T4034] sock 0 [ 148.570586][ T4034] shmem 0 [ 148.570586][ T4034] file_mapped 0 [ 148.570586][ T4034] file_dirty 0 [ 148.570586][ T4034] file_writeback 0 [ 148.570586][ T4034] swapcached 15056896 [ 148.570586][ T4034] anon_thp 0 [ 148.570586][ T4034] file_thp 0 [ 148.570586][ T4034] shmem_thp 0 [ 148.570586][ T4034] inactive_anon 0 [ 148.570586][ T4034] active_anon 0 [ 148.570586][ T4034] inactive_file 0 [ 148.570586][ T4034] active_file 0 [ 148.570586][ T4034] unevictable 0 [ 148.570586][ T4034] slab_reclaimable 178816 [ 148.570586][ T4034] slab_unreclaimable 1117712 [ 148.570586][ T4034] slab 1296528 [ 148.570586][ T4034] workingset_refault_anon 5 [ 148.570586][ T4034] workingset_refault_file 178 [ 148.570586][ T4034] workingset_activate_anon 5 [ 148.570586][ T4034] workingset_activate_file 143 [ 148.602371][ T4034] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0,oom_memcg=/syz3,task_memcg=/syz3,task=syz.3.1299,pid=7335,uid=0 [ 148.606787][ T4034] Memory cgroup out of memory: Killed process 7336 (syz.3.1299) total-vm:102020kB, anon-rss:924kB, file-rss:23236kB, shmem-rss:0kB, UID:0 pgtables:148kB oom_score_adj:1000