last executing test programs: 8.237308932s ago: executing program 2 (id=13025): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000380)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, 0x0) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r4, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r5, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) socketpair(0x11, 0x3, 0x300, &(0x7f0000000000)) 4.834603274s ago: executing program 0 (id=13040): r0 = socket(0x1e, 0x4, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc, 0x0, 0x2}, 0x10) r1 = socket(0x1e, 0x4, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req={0x3fc, 0x0, 0x0, 0xffffffff}, 0x10) r2 = socket(0x1e, 0x4, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$TIPC_CMD_SET_NODE_ADDR(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)={0x24, r4, 0x201, 0x400000, 0x0, {{}, {}, {0x8, 0x11, 0x4}}}, 0x24}, 0x1, 0x0, 0x0, 0x4000}, 0x0) setsockopt$packet_tx_ring(r2, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10) r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]}) close_range(r5, 0xffffffffffffffff, 0x200000000000000) 4.77837849s ago: executing program 2 (id=13041): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5) futex(0x0, 0x3, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) socket$nl_netfilter(0x10, 0x3, 0xc) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000a80)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1088d8b8588d72ec29c48f0af5f2d9f51c4b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465ad32b77a74e802a0dc6bf25cca242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767042361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae645ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1fb8f72cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa7956488bef241875f3b4b6ab7929a57affe760e797724f4fce1093b62d7e8c7123d890decacec55bf404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f870b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f154772f514216bdf57d2a40d40b51ab67903ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1594e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c471c784ae7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec30cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89f0000377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f0059161c5e0000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe34124172e436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f491d8e97c862e29e457060000007ac691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104ebc1581848f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426ca85e82ccf821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ad6acf5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bdc4a60d637545ed4c8a1c649c3ce54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c5140200000054d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a3bc38613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae0040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483f02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e9180100000000000000654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272ab28a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece98c077b358e752b439132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac48f1201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef365303f0e9b4fc969c9dab6df5e8a795b140fcc09e8a7b694d12932917facd8ceaa4e2d0d16bb0b95387fcd5ff136d8abddf94daf442bbff744591931872a36cf921ad69f2127386e8b0f9afee4da8d3fbec809fbb3ca0fded2859cf25d4c6155d396c5b9bd1a928923123f63f4c40688eae69990a9419456247bbaeb7948de84d2ff875414883bb1e503d4bfebc01bc12a53ea06bf38e571157bd642dac25dbee7832c58378374a39483d6721eec96c28911db21c0c006b42afc90000000000000000000000700000000000000000008ce4ea442c1a207108b35511186c5e860278f6463f52f3990ce08b1bfccc3cff4b5ae27b610aa9ba11b47d4f94c439e055cdbb2b12c983885c93ea4ab4ca1e02d831ae162ee104"], &(0x7f0000000100)='GPL\x00'}, 0x41) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10) openat$cgroup(0xffffffffffffffff, 0x0, 0x200002, 0x0) bpf$BPF_LINK_CREATE_XDP(0x1c, 0x0, 0x0) ioprio_set$pid(0x3, r0, 0x4007) sched_setaffinity(0x0, 0x0, 0x0) read$msr(0xffffffffffffffff, 0x0, 0x0) ioctl$KVM_CAP_HYPERV_ENFORCE_CPUID(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000180)) mknod$loop(0x0, 0x6000, 0x0) creat(&(0x7f00000000c0)='./file0\x00', 0x61) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00'}, 0x80) sched_setscheduler(0x0, 0x2, &(0x7f00000005c0)=0x7) 4.77473081s ago: executing program 3 (id=13042): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) write(r0, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r4, &(0x7f00000001c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) sched_setscheduler(0x0, 0x2, 0x0) 4.598490688s ago: executing program 3 (id=13043): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) write(r0, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r4, &(0x7f00000001c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r5, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r6 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$SIOCGIFHWADDR(r6, 0x8927, 0x0) 4.597991788s ago: executing program 0 (id=13044): syz_mount_image$ext4(&(0x7f0000000100)='ext3\x00', &(0x7f0000000340)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x4000004, &(0x7f0000000480)={[{@jqfmt_vfsold}, {@nogrpid}, {@grpquota}, {@grpid}, {@noauto_da_alloc}, {@commit={'commit', 0x3d, 0x5}}, {@init_itable_val={'init_itable', 0x3d, 0x9}}, {@debug}, {@usrjquota}, {@nolazytime}, {@norecovery}]}, 0xfe, 0x477, &(0x7f0000000780)="$eJzs3M1vFOUfAPDvTLctLz9+rYgvIEgVjcSXlpYXOXjRaMJBExM9YDzVtpDKQg2tiRCi1QMeDYl3439hPOnFqBdNvOrdkBDDBdTLmtmZKUvZLVu67QL7+STTPs/M0z7Pd2ae2Wfm2d0AetZI9iOJ+F9E/B4RQ3n25gIj+a/rVy9M/X31wlQStdpbfyX1cteuXpgqi5Z/tzXP1GpFfrBJvRffjZisVmfOFvmxhdMfjM2fO//C7OnJkzMnZ85MHD166OCegSMThzsSZxbXtV0fz+3eeeydS29MHb/03k9JJfK4Y1kcnTKS792mnu50ZV22rSFd37FL9v5yI93sTKCb+iIiO1z99f4/FH2xeWnbULz2WVcbB6yrWq1WW+GqvFgD7mNJdLsFQHcUtwD1+99y2cDhR9ddeTm/Acrivl4s+ZZKpHlib/+y+9tOGomI44v/fJUtsU7PIQAAGn2XjX+ebzb+S+PhPDGQ/fh/MYcyHBEPRMT2iHgwInZExEMR9bKPRMSjq6x/+QzJreOf9PIdB9eGbPz3UjG3dfP4Ly2LDPcVuW31+PuTE7PVmQPFPtkf/YMnZpOZ8RXq+P7V375ota1x/JctWf3lWLBox+XK4Kab/mZ6cmFyTUE3uPJpxK5Ks/iTKKdxkojYGRG77rCO2WcrLbfdPv4VtP63bat9HfFMfvwXY1n8paTl/OT4i0cmDo9tiurMgbHyrLjVz79efLNV/WuKvwOy47+l6fm/FP9wsili/tz5U/X52vnV13Hxj89b3tO0d/4vZY5tK87/geTt+oqBYsNHkwsLZ8cjBpLXb10/ceO/lfmyfBb//n3N+//2uLEnHouI3RGxJyIez24Ki7Y/ERFPRsS+FeL/8ZWn3l99/BszV5rFP3274x+Nx3/1ib5TP3x7+/iza1yr43+ontpfrGnn+tduA9ey7wAAAOBekdbfA5+ko0mlSKfp6Gj+Hv4dsSWtzs0vPHdi7sMz0/l75YejPy2fdA01PA8dL54Nl/mJZfmDxXPjL/s21/OjU3PV6W4HDz1ua9n/l64Fef/P/NnX7dYB664D82jAPUr/h96l/0NvSvR/6Gn6P/SuZv3/k5alR79Z18YAG8rrP/SuNvr/Yv6r9agAuDd5/Yfepf9DT2r52fh0TR/53/DEv8X3Gd4t7bn/E5HeFc24/xOVtr/MYhWJ2lDe/7M1g03LdPvKBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0Bn/BQAA///T8uXN") socket(0x10, 0x803, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x48) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000400007b8af8ff00000000bfa200000000000007020000fcffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000400)='sched_switch\x00', r4}, 0x18) setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, 0x0, 0x0) mount$overlay(0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)) socket$inet(0x2, 0x3, 0x2) socket$inet_tcp(0x2, 0x1, 0x0) creat(&(0x7f0000000e00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x9) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae08, 0x0) syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000280)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x10cd0e0, 0x0, 0xfc, 0x0, &(0x7f00000000c0)) mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x1) symlink(&(0x7f0000000440)='./cgroup.cpu/cgroup.procs\x00', &(0x7f0000000980)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') 4.469309061s ago: executing program 3 (id=13045): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) write(r0, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r3, &(0x7f0000003c00), 0x0, 0x4) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r4, &(0x7f00000001c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r5, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) sched_setscheduler(0x0, 0x2, &(0x7f0000001700)=0x4) 4.388863239s ago: executing program 3 (id=13046): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, 0x0) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = dup(r0) sendmsg$NL80211_CMD_TDLS_CHANNEL_SWITCH(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}, 0x1, 0x0, 0x0, 0x4004}, 0x10000) r3 = socket$inet_tcp(0x2, 0x1, 0x0) sendmmsg$inet(r3, &(0x7f0000000a40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40040) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r4, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) write(r5, 0x0, 0x0) socketpair(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) getpeername$packet(r6, 0x0, &(0x7f0000000040)) 3.295091299s ago: executing program 0 (id=13047): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r1}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0) 2.98258282s ago: executing program 2 (id=13048): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) write(r0, 0x0, 0x0) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) socketpair$unix(0x1, 0x2, 0x0, 0x0) connect$unix(0xffffffffffffffff, 0x0, 0x0) 2.863026803s ago: executing program 2 (id=13049): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="09000000040000"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x1d, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r4}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@printk={@ld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x4}}, @call={0x85, 0x0, 0x0, 0x50}]}, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) 2.751980354s ago: executing program 2 (id=13050): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000380)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, 0x0) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r4, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r5, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) socketpair(0x11, 0x3, 0x300, &(0x7f0000000000)) 2.302584669s ago: executing program 1 (id=13051): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) write(r0, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r4, &(0x7f00000001c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) sched_setscheduler(0x0, 0x2, 0x0) 2.197015659s ago: executing program 1 (id=13052): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0b00000007000000020000000400000005"], 0x87) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r0, 0xffffffffffffffff}, &(0x7f0000000b00), &(0x7f0000000300)}, 0x20) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000005c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000020000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000300)='kmem_cache_free\x00', r2}, 0x10) r3 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r3, 0x107, 0xf, &(0x7f0000000000)=0x9, 0x4) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000300)={'wg0\x00', 0x0}) setsockopt$packet_int(r3, 0x107, 0x14, &(0x7f0000000080)=0x8000, 0x4) sendto$packet(r3, &(0x7f0000000180)="0b03feff4f00020002004788aa96a13bb1000011000088ca1a00", 0x1fffc, 0x0, &(0x7f0000000140)={0x11, 0x0, r4}, 0x14) 2.098683329s ago: executing program 0 (id=13053): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0x3, &(0x7f0000000300)=ANY=[], &(0x7f0000000280)='GPL\x00', 0xa, 0xb9, &(0x7f0000000140)=""/185, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file1\x00'}, 0x6e) sendmmsg$unix(r1, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r3, &(0x7f0000003340)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000002c0)=[@rights={{0xc}}], 0xc, 0x40}}], 0x1, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0) r4 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r4, 0x40086602, &(0x7f0000000040)=0x80) mknodat$loop(r4, &(0x7f0000001600)='./file1\x00', 0x8000, 0x0) chdir(&(0x7f0000000140)='./bus\x00') link(&(0x7f0000000200)='./file1\x00', &(0x7f0000000300)='./bus\x00') splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x39011, 0x0) socket$nl_generic(0x10, 0x3, 0x10) 2.010542388s ago: executing program 1 (id=13054): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) write(r0, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r3, &(0x7f0000003c00), 0x0, 0x4) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r4, &(0x7f00000001c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r5, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) sched_setscheduler(0x0, 0x2, &(0x7f0000001700)=0x4) 1.728304136s ago: executing program 3 (id=13055): r0 = socket$netlink(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)=@newqdisc={0x30, 0x24, 0xd0f, 0x70bd29, 0x25dfdbfe, {0x60, 0x0, 0x0, r2, {0x0, 0x1}, {0xffff, 0xffff}, {0x7, 0xa}}, [@qdisc_kind_options=@q_clsact={0xb}]}, 0x30}, 0x1, 0x0, 0x0, 0x4002001}, 0x3000c81c) 1.717725978s ago: executing program 1 (id=13056): r0 = syz_open_procfs(0x0, &(0x7f0000000000)='statm\x00') read$FUSE(r0, &(0x7f0000002640)={0x2020}, 0x2020) 1.632927016s ago: executing program 1 (id=13057): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) write(r0, 0x0, 0x0) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) socketpair$unix(0x1, 0x2, 0x0, 0x0) connect$unix(0xffffffffffffffff, 0x0, 0x0) 1.474330332s ago: executing program 1 (id=13058): sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYRES64=0x0], 0x44}}, 0x0) r0 = syz_usb_connect(0x0, 0x36, &(0x7f0000000200)=ANY=[@ANYBLOB="1201000014da2108ab12a390eb1e000000010902240001b30000040904410017ff5d810009050f1f01040000000905830300b3"], 0x0) ioctl$EVIOCSCLOCKID(0xffffffffffffffff, 0x400445a0, &(0x7f0000000080)=0xb309) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) sched_setaffinity(0x0, 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f00000003c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0xfffffffc}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0x12, 0x5, &(0x7f0000000040)=@framed={{0x45, 0xa, 0x0, 0x0, 0x0, 0x61, 0x11, 0x12}, [@initr0]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf}, 0x94) syz_usb_connect$printer(0x0, 0x2d, &(0x7f00000000c0)=ANY=[@ANYBLOB="0d01"], 0x0) syz_usb_ep_write$ath9k_ep2(r0, 0x83, 0x8, &(0x7f00000000c0)=ANY=[]) 563.324634ms ago: executing program 3 (id=13059): bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000004bc311ec8500000075000000a70000000800000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001780)=ANY=[@ANYBLOB="020000000400000006000000050000000010"], 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='sched_switch\x00', r2}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000000c0)='percpu_alloc_percpu\x00', r0}, 0x10) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]}) r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ff9}]}) close_range(r3, 0xffffffffffffffff, 0x0) 148.011355ms ago: executing program 0 (id=13060): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) write(r0, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r4, &(0x7f00000001c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) sched_setscheduler(0x0, 0x2, 0x0) 22.497138ms ago: executing program 2 (id=13061): mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x10) rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff}, 0x94) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='writeback_bdi_register\x00', r5}, 0x10) 0s ago: executing program 0 (id=13062): r0 = socket(0x10, 0x3, 0x0) sendmsg$nl_xfrm(r0, &(0x7f0000000380)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)=@getspdinfo={0x14, 0x25, 0x605, 0x70bd2a, 0x25dfdbfe, 0x2, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x20040000}, 0x0) kernel console output (not intermixed with test programs): 4][ T28] audit: type=1326 audit(1763233395.828:4027): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7265 comm="syz.0.11449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f419bb8f6c9 code=0x7ffc0000 [ 2909.307096][ T28] audit: type=1326 audit(1763233395.828:4028): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7265 comm="syz.0.11449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=114 compat=0 ip=0x7f419bb8f6c9 code=0x7ffc0000 [ 2909.385785][ T28] audit: type=1326 audit(1763233395.828:4029): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7265 comm="syz.0.11449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f419bb8f6c9 code=0x7ffc0000 [ 2909.440918][ T28] audit: type=1326 audit(1763233395.828:4030): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7265 comm="syz.0.11449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f419bb8f6c9 code=0x7ffc0000 [ 2909.501945][ T7289] batadv_slave_1: entered promiscuous mode [ 2909.520937][ T7289] netlink: 4 bytes leftover after parsing attributes in process `syz.2.11456'. [ 2909.530130][ T7289] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 2909.559993][ T28] audit: type=1326 audit(1763233395.828:4031): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7265 comm="syz.0.11449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=119 compat=0 ip=0x7f419bb8f6c9 code=0x7ffc0000 [ 2909.639538][ T28] audit: type=1326 audit(1763233395.828:4032): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7265 comm="syz.0.11449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f419bb8f6c9 code=0x7ffc0000 [ 2910.175863][ T7289] batadv_slave_1 (unregistering): left promiscuous mode [ 2910.197893][ T7289] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 2910.656515][ T7310] loop2: detected capacity change from 0 to 512 [ 2910.673226][ T7310] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem [ 2910.724512][ T7310] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a017c11c, mo2=0002] [ 2910.755984][ T7310] System zones: 1-12 [ 2910.775327][ T7310] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2249: inode #15: comm syz.2.11464: corrupted in-inode xattr: e_value size too large [ 2910.795156][ T7310] EXT4-fs error (device loop2): ext4_orphan_get:1404: comm syz.2.11464: couldn't read orphan inode 15 (err -117) [ 2910.816615][ T7310] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 2912.125252][ T896] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 2913.386643][ T7343] loop1: detected capacity change from 0 to 2048 [ 2913.487097][ T7343] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 2913.516679][ T7329] netlink: 24 bytes leftover after parsing attributes in process `syz.3.11469'. [ 2914.537047][ T2617] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 2915.808102][ T28] kauditd_printk_skb: 1 callbacks suppressed [ 2915.808117][ T28] audit: type=1326 audit(1763233403.268:4034): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7379 comm="syz.3.11487" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d5a78f6c9 code=0x7ffc0000 [ 2915.841830][ T28] audit: type=1326 audit(1763233403.278:4035): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7379 comm="syz.3.11487" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d5a78f6c9 code=0x7ffc0000 [ 2915.868633][ T28] audit: type=1326 audit(1763233403.308:4036): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7379 comm="syz.3.11487" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4d5a78f6c9 code=0x7ffc0000 [ 2916.105134][ T28] audit: type=1326 audit(1763233403.308:4037): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7379 comm="syz.3.11487" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d5a78f6c9 code=0x7ffc0000 [ 2916.521425][ T28] audit: type=1326 audit(1763233403.308:4038): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7379 comm="syz.3.11487" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d5a78f6c9 code=0x7ffc0000 [ 2916.577466][ T28] audit: type=1326 audit(1763233403.528:4039): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7379 comm="syz.3.11487" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f4d5a78f6c9 code=0x7ffc0000 [ 2916.601258][ T28] audit: type=1326 audit(1763233403.538:4040): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7379 comm="syz.3.11487" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d5a78f6c9 code=0x7ffc0000 [ 2916.624992][ T28] audit: type=1326 audit(1763233403.538:4041): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7379 comm="syz.3.11487" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d5a78f6c9 code=0x7ffc0000 [ 2916.659393][ T28] audit: type=1326 audit(1763233404.118:4042): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7379 comm="syz.3.11487" exe="/root/syz-executor" sig=0 arch=c000003e syscall=20 compat=0 ip=0x7f4d5a78f6c9 code=0x7ffc0000 [ 2916.704376][ T28] audit: type=1326 audit(1763233404.118:4043): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7379 comm="syz.3.11487" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d5a78f6c9 code=0x7ffc0000 [ 2922.296994][ T28] kauditd_printk_skb: 38 callbacks suppressed [ 2922.297028][ T28] audit: type=1326 audit(1763233409.748:4082): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7475 comm="syz.3.11518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d5a78f6c9 code=0x7ffc0000 [ 2922.801971][ T28] audit: type=1326 audit(1763233409.748:4083): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7475 comm="syz.3.11518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d5a78f6c9 code=0x7ffc0000 [ 2922.899201][ T28] audit: type=1326 audit(1763233409.748:4084): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7475 comm="syz.3.11518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f4d5a78f6c9 code=0x7ffc0000 [ 2922.930396][ T28] audit: type=1326 audit(1763233409.748:4085): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7475 comm="syz.3.11518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d5a78f6c9 code=0x7ffc0000 [ 2923.014460][ T28] audit: type=1326 audit(1763233409.748:4086): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7475 comm="syz.3.11518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d5a78f6c9 code=0x7ffc0000 [ 2923.074618][ T28] audit: type=1326 audit(1763233409.748:4087): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7475 comm="syz.3.11518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=114 compat=0 ip=0x7f4d5a78f6c9 code=0x7ffc0000 [ 2923.149904][ T28] audit: type=1326 audit(1763233409.758:4088): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7475 comm="syz.3.11518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d5a78f6c9 code=0x7ffc0000 [ 2923.192778][ T28] audit: type=1326 audit(1763233409.758:4089): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7475 comm="syz.3.11518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d5a78f6c9 code=0x7ffc0000 [ 2923.234887][ T28] audit: type=1326 audit(1763233409.758:4090): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7475 comm="syz.3.11518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=119 compat=0 ip=0x7f4d5a78f6c9 code=0x7ffc0000 [ 2923.266177][ T28] audit: type=1326 audit(1763233409.758:4091): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7475 comm="syz.3.11518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d5a78f6c9 code=0x7ffc0000 [ 2923.301981][ T7492] netlink: 96 bytes leftover after parsing attributes in process `syz.1.11523'. [ 2926.438295][ T7548] bridge: RTM_NEWNEIGH with invalid ether address [ 2930.235489][ T28] kauditd_printk_skb: 23 callbacks suppressed [ 2930.235506][ T28] audit: type=1326 audit(1763233417.638:4115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7582 comm="syz.0.11554" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f419bb8f6c9 code=0x7ffc0000 [ 2930.318986][ T28] audit: type=1326 audit(1763233417.688:4116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7582 comm="syz.0.11554" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f419bb8f6c9 code=0x7ffc0000 [ 2940.816912][ T7777] loop2: detected capacity change from 0 to 2048 [ 2940.901558][ T7777] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 2941.908640][ T896] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 2942.482327][ T7811] overlay: Unknown parameter 'appraise' [ 2959.363874][ T1280] ieee802154 phy0 wpan0: encryption failed: -22 [ 2959.377177][ T1280] ieee802154 phy1 wpan1: encryption failed: -22 [ 2968.730267][ T9549] usb 2-1: new high-speed USB device number 39 using dummy_hcd [ 2968.920487][ T9549] usb 2-1: Using ep0 maxpacket: 16 [ 2968.928340][ T9549] usb 2-1: unable to get BOS descriptor or descriptor too short [ 2968.938818][ T9549] usb 2-1: config 11 has too many interfaces: 183, using maximum allowed: 32 [ 2968.948672][ T9549] usb 2-1: config 11 has an invalid descriptor of length 72, skipping remainder of the config [ 2968.959377][ T9549] usb 2-1: config 11 has 0 interfaces, different from the descriptor's value: 183 [ 2968.975904][ T9549] usb 2-1: New USB device found, idVendor=04b8, idProduct=0202, bcdDevice= 0.40 [ 2968.985300][ T9549] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 2968.994909][ T8067] netlink: 68 bytes leftover after parsing attributes in process `syz.0.11717'. [ 2968.998193][ T9549] usb 2-1: Product: syz [ 2969.009033][ T9549] usb 2-1: Manufacturer: syz [ 2969.016839][ T9549] usb 2-1: SerialNumber: syz [ 2969.239301][ T9549] usb 2-1: USB disconnect, device number 39 [ 2969.447282][ T8076] 9pnet_fd: Insufficient options for proto=fd [ 2971.441548][ T8103] netlink: 'syz.3.11729': attribute type 3 has an invalid length. [ 2971.474435][ T8103] netlink: 'syz.3.11729': attribute type 3 has an invalid length. [ 2976.245972][ T8145] netlink: 'syz.1.11744': attribute type 3 has an invalid length. [ 2976.255848][ T8145] netlink: 'syz.1.11744': attribute type 3 has an invalid length. [ 2976.280055][ T8148] netlink: 68 bytes leftover after parsing attributes in process `syz.0.11743'. [ 2979.494936][ T8177] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 2979.506719][ T8177] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 2979.617605][ T8177] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 2979.627510][ T8177] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 2979.636163][ T8177] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 2979.643732][ T8177] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 2980.989795][ T8176] chnl_net:caif_netlink_parms(): no params data found [ 2981.146097][T12429] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2981.363580][T12429] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2981.455887][ T8176] bridge0: port 1(bridge_slave_0) entered blocking state [ 2981.467496][ T8176] bridge0: port 1(bridge_slave_0) entered disabled state [ 2981.492174][ T8176] bridge_slave_0: entered allmulticast mode [ 2981.499599][ T8176] bridge_slave_0: entered promiscuous mode [ 2981.572654][T12429] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2981.606521][ T8176] bridge0: port 2(bridge_slave_1) entered blocking state [ 2981.621283][ T8176] bridge0: port 2(bridge_slave_1) entered disabled state [ 2981.628566][ T8176] bridge_slave_1: entered allmulticast mode [ 2981.651745][ T8176] bridge_slave_1: entered promiscuous mode [ 2981.722475][T12429] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2981.760410][ T8177] Bluetooth: hci1: command tx timeout [ 2981.846619][ T8176] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 2981.884799][ T8176] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 2982.155838][ T8176] team0: Port device team_slave_0 added [ 2982.194550][ T8176] team0: Port device team_slave_1 added [ 2982.253857][ T8176] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 2982.267914][ T8176] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 2982.322699][ T8176] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 2982.336188][ T8176] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 2982.343323][ T8176] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 2982.370970][ T8176] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 2983.262382][ T8176] hsr_slave_0: entered promiscuous mode [ 2983.279291][ T8176] hsr_slave_1: entered promiscuous mode [ 2983.309372][ T8176] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 2983.327410][ T8176] Cannot create hsr debugfs directory [ 2983.840893][ T8177] Bluetooth: hci1: command tx timeout [ 2985.185122][ T8176] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 2985.229610][ T8176] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 2985.430977][ T8176] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 2985.950460][ T8177] Bluetooth: hci1: command tx timeout [ 2986.113587][ T8176] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 2986.275998][T12429] hsr_slave_0: left promiscuous mode [ 2986.303163][T12429] hsr_slave_1: left promiscuous mode [ 2986.311603][T12429] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 2986.319145][T12429] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 2986.353089][T12429] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 2986.370004][T12429] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 2986.392442][T12429] bridge_slave_1: left allmulticast mode [ 2986.398248][T12429] bridge_slave_1: left promiscuous mode [ 2986.431293][T12429] bridge0: port 2(bridge_slave_1) entered disabled state [ 2986.454077][T12429] bridge_slave_0: left allmulticast mode [ 2986.459796][T12429] bridge_slave_0: left promiscuous mode [ 2986.486949][T12429] bridge0: port 1(bridge_slave_0) entered disabled state [ 2986.597101][T12429] veth1_macvtap: left promiscuous mode [ 2986.608505][T12429] veth0_macvtap: left promiscuous mode [ 2986.615021][T12429] veth1_vlan: left promiscuous mode [ 2986.629511][T12429] veth0_vlan: left promiscuous mode [ 2988.089979][ T8177] Bluetooth: hci1: command tx timeout [ 2989.297597][T12429] team0 (unregistering): Port device team_slave_1 removed [ 2989.374850][T12429] team0 (unregistering): Port device team_slave_0 removed [ 2989.464933][T12429] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 2989.586404][T12429] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 2989.702100][ T8258] loop2: detected capacity change from 0 to 512 [ 2989.712649][ T8258] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem [ 2989.724658][ T8258] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a017c11c, mo2=0002] [ 2989.738448][ T8258] System zones: 1-12 [ 2989.743494][ T8258] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2249: inode #15: comm syz.2.11770: corrupted in-inode xattr: e_value size too large [ 2989.788296][ T8258] EXT4-fs error (device loop2): ext4_orphan_get:1404: comm syz.2.11770: couldn't read orphan inode 15 (err -117) [ 2989.816252][ T8258] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 2990.768260][ T896] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 2991.268060][T12429] bond0 (unregistering): Released all slaves [ 2991.876064][ T8176] 8021q: adding VLAN 0 to HW filter on device bond0 [ 2991.955646][ T8176] 8021q: adding VLAN 0 to HW filter on device team0 [ 2992.016302][ T2880] bridge0: port 1(bridge_slave_0) entered blocking state [ 2992.023503][ T2880] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2992.138700][ T2880] bridge0: port 2(bridge_slave_1) entered blocking state [ 2992.145937][ T2880] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2992.755093][ T8176] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 2992.933363][ T8176] veth0_vlan: entered promiscuous mode [ 2992.985695][ T8176] veth1_vlan: entered promiscuous mode [ 2993.100890][ T8176] veth0_macvtap: entered promiscuous mode [ 2993.129808][ T8176] veth1_macvtap: entered promiscuous mode [ 2993.205858][ T8176] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2993.224569][ T8176] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2993.243606][ T8176] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 2993.256409][ T8176] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2993.274426][ T8176] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 2993.294988][ T8176] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 2993.305923][ T8176] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2993.317964][ T8176] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 2993.334443][ T8176] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 2993.374609][ T8176] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 2993.420333][ T8176] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 2993.448520][ T8176] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 2993.756036][T13657] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 2993.828022][T13657] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 2993.985703][T13657] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 2994.005009][T13657] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 2995.744561][ T28] audit: type=1326 audit(1763233483.188:4117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8346 comm="syz.0.11796" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f561718f6c9 code=0x7ffc0000 [ 2996.240403][ T28] audit: type=1326 audit(1763233483.188:4118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8346 comm="syz.0.11796" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f561718f6c9 code=0x7ffc0000 [ 2996.357316][ T28] audit: type=1326 audit(1763233483.198:4119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8346 comm="syz.0.11796" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f561718f6c9 code=0x7ffc0000 [ 2996.421635][ T28] audit: type=1326 audit(1763233483.198:4120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8346 comm="syz.0.11796" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f561718f6c9 code=0x7ffc0000 [ 2996.468474][ T28] audit: type=1326 audit(1763233483.198:4121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8346 comm="syz.0.11796" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f561718f6c9 code=0x7ffc0000 [ 2996.496113][ T28] audit: type=1326 audit(1763233483.198:4122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8346 comm="syz.0.11796" exe="/root/syz-executor" sig=0 arch=c000003e syscall=114 compat=0 ip=0x7f561718f6c9 code=0x7ffc0000 [ 2996.575860][ T28] audit: type=1326 audit(1763233483.198:4123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8346 comm="syz.0.11796" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f561718f6c9 code=0x7ffc0000 [ 2996.657272][ T28] audit: type=1326 audit(1763233483.198:4124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8346 comm="syz.0.11796" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f561718f6c9 code=0x7ffc0000 [ 2996.725405][ T28] audit: type=1326 audit(1763233483.198:4125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8346 comm="syz.0.11796" exe="/root/syz-executor" sig=0 arch=c000003e syscall=119 compat=0 ip=0x7f561718f6c9 code=0x7ffc0000 [ 2996.786965][ T28] audit: type=1326 audit(1763233483.208:4126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8346 comm="syz.0.11796" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f561718f6c9 code=0x7ffc0000 [ 3005.892080][ T28] kauditd_printk_skb: 12 callbacks suppressed [ 3005.892114][ T28] audit: type=1326 audit(1763233493.338:4139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8461 comm="syz.0.11834" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f561718f6c9 code=0x7ffc0000 [ 3006.431299][ T28] audit: type=1326 audit(1763233493.338:4140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8461 comm="syz.0.11834" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f561718f6c9 code=0x7ffc0000 [ 3006.554293][ T28] audit: type=1326 audit(1763233493.338:4141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8461 comm="syz.0.11834" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f561718f6c9 code=0x7ffc0000 [ 3006.640879][ T28] audit: type=1326 audit(1763233493.348:4142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8461 comm="syz.0.11834" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f561718f6c9 code=0x7ffc0000 [ 3006.707744][ T28] audit: type=1326 audit(1763233493.348:4143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8461 comm="syz.0.11834" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f561718f6c9 code=0x7ffc0000 [ 3006.809417][ T28] audit: type=1326 audit(1763233493.348:4144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8461 comm="syz.0.11834" exe="/root/syz-executor" sig=0 arch=c000003e syscall=114 compat=0 ip=0x7f561718f6c9 code=0x7ffc0000 [ 3006.907687][ T28] audit: type=1326 audit(1763233493.348:4145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8461 comm="syz.0.11834" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f561718f6c9 code=0x7ffc0000 [ 3007.006271][ T28] audit: type=1326 audit(1763233493.348:4146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8461 comm="syz.0.11834" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f561718f6c9 code=0x7ffc0000 [ 3007.117585][ T28] audit: type=1326 audit(1763233493.348:4147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8461 comm="syz.0.11834" exe="/root/syz-executor" sig=0 arch=c000003e syscall=119 compat=0 ip=0x7f561718f6c9 code=0x7ffc0000 [ 3007.182470][ T28] audit: type=1326 audit(1763233493.348:4148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8461 comm="syz.0.11834" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f561718f6c9 code=0x7ffc0000 [ 3007.641336][ T692] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 3007.672344][ T692] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 3007.690341][ T692] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 3007.706304][ T692] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 3007.719203][ T692] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 3007.730649][ T692] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 3008.725159][ T8484] chnl_net:caif_netlink_parms(): no params data found [ 3008.882932][T12429] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3009.026473][T12429] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3009.293718][T12429] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3009.345514][ T8484] bridge0: port 1(bridge_slave_0) entered blocking state [ 3009.370398][ T8484] bridge0: port 1(bridge_slave_0) entered disabled state [ 3009.390424][ T8484] bridge_slave_0: entered allmulticast mode [ 3009.397975][ T8484] bridge_slave_0: entered promiscuous mode [ 3009.431889][ T8484] bridge0: port 2(bridge_slave_1) entered blocking state [ 3009.439147][ T8484] bridge0: port 2(bridge_slave_1) entered disabled state [ 3009.450433][ T8484] bridge_slave_1: entered allmulticast mode [ 3009.458383][ T8484] bridge_slave_1: entered promiscuous mode [ 3009.519237][T12429] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3009.664230][ T8484] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 3009.714208][ T8484] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 3009.834385][ T8484] team0: Port device team_slave_0 added [ 3009.840959][ T692] Bluetooth: hci3: command tx timeout [ 3009.880589][ T8484] team0: Port device team_slave_1 added [ 3010.008257][ T8484] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 3010.020229][ T8484] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 3010.125515][ T8484] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 3010.184594][ T8484] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 3010.196916][ T8484] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 3010.230639][ T8484] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 3010.637014][ T8484] hsr_slave_0: entered promiscuous mode [ 3010.690142][ T8484] hsr_slave_1: entered promiscuous mode [ 3010.700543][ T8484] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 3010.708171][ T8484] Cannot create hsr debugfs directory [ 3011.920390][ T692] Bluetooth: hci3: command tx timeout [ 3012.391168][ T28] kauditd_printk_skb: 1 callbacks suppressed [ 3012.391183][ T28] audit: type=1326 audit(1763233499.858:4150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8527 comm="syz.0.11850" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f561718f6c9 code=0x7ffc0000 [ 3012.496369][ T28] audit: type=1326 audit(1763233499.858:4151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8527 comm="syz.0.11850" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f561718f6c9 code=0x7ffc0000 [ 3012.580044][ T28] audit: type=1326 audit(1763233499.858:4152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8527 comm="syz.0.11850" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7f561718f6c9 code=0x7ffc0000 [ 3012.670061][ T28] audit: type=1326 audit(1763233499.948:4153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8527 comm="syz.0.11850" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f561718f6c9 code=0x7ffc0000 [ 3012.743218][ T28] audit: type=1326 audit(1763233499.948:4154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8527 comm="syz.0.11850" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f561718f6c9 code=0x7ffc0000 [ 3013.871908][ T8484] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 3014.000381][ T692] Bluetooth: hci3: command tx timeout [ 3014.013427][ T8484] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 3014.060805][T12429] hsr_slave_0: left promiscuous mode [ 3014.097705][T12429] hsr_slave_1: left promiscuous mode [ 3014.151488][T12429] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 3014.180397][T12429] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 3014.310087][T12429] veth1_macvtap: left promiscuous mode [ 3014.324702][T12429] veth0_macvtap: left promiscuous mode [ 3014.356148][T12429] veth1_vlan: left promiscuous mode [ 3014.366211][T12429] veth0_vlan: left promiscuous mode [ 3014.856981][ T8566] netlink: 68 bytes leftover after parsing attributes in process `syz.3.11857'. [ 3016.080695][ T692] Bluetooth: hci3: command tx timeout [ 3016.418626][ T8574] loop1: detected capacity change from 0 to 512 [ 3016.462962][ T8574] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem [ 3016.501732][ T8574] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a017c11c, mo2=0002] [ 3016.551350][ T8574] System zones: 1-12 [ 3016.606380][ T8574] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2249: inode #15: comm syz.1.11861: corrupted in-inode xattr: e_value size too large [ 3016.659416][ T8574] EXT4-fs error (device loop1): ext4_orphan_get:1404: comm syz.1.11861: couldn't read orphan inode 15 (err -117) [ 3016.740428][ T8574] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 3017.062726][T12429] team0 (unregistering): Port device team_slave_1 removed [ 3017.215941][T12429] team0 (unregistering): Port device team_slave_0 removed [ 3017.383581][ T2617] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 3017.579056][T12429] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 3017.837951][T12429] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 3018.478995][ T8612] loop1: detected capacity change from 0 to 512 [ 3018.531740][ T8612] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem [ 3018.590810][ T8612] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a017c11c, mo2=0002] [ 3018.613513][ T8612] System zones: 1-12 [ 3018.632353][ T8612] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2249: inode #15: comm syz.1.11876: corrupted in-inode xattr: e_value size too large [ 3018.670383][ T8612] EXT4-fs error (device loop1): ext4_orphan_get:1404: comm syz.1.11876: couldn't read orphan inode 15 (err -117) [ 3018.735089][ T8612] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 3019.537999][ T2617] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 3020.365650][T12429] bond0 (unregistering): Released all slaves [ 3020.516828][ T8484] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 3020.545234][ T8484] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 3020.738583][ T8642] loop1: detected capacity change from 0 to 512 [ 3020.812519][ T1280] ieee802154 phy0 wpan0: encryption failed: -22 [ 3020.823377][ T1280] ieee802154 phy1 wpan1: encryption failed: -22 [ 3020.849199][ T8642] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 3020.920410][ T8642] ext4 filesystem being mounted at /472/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 3020.930115][ T8484] 8021q: adding VLAN 0 to HW filter on device bond0 [ 3021.053720][ T8484] 8021q: adding VLAN 0 to HW filter on device team0 [ 3021.055054][ T2617] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 3021.084708][T13680] bridge0: port 1(bridge_slave_0) entered blocking state [ 3021.091955][T13680] bridge0: port 1(bridge_slave_0) entered forwarding state [ 3021.157789][T13680] bridge0: port 2(bridge_slave_1) entered blocking state [ 3021.165047][T13680] bridge0: port 2(bridge_slave_1) entered forwarding state [ 3021.348026][ T8653] loop1: detected capacity change from 0 to 512 [ 3021.353053][ T8484] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 3021.378207][ T8653] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem [ 3021.387609][ T8484] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 3021.457740][ T8653] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a017c11c, mo2=0002] [ 3021.496585][ T8653] System zones: 1-12 [ 3021.535873][ T8653] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2249: inode #15: comm syz.1.11887: corrupted in-inode xattr: e_value size too large [ 3021.602080][ T8653] EXT4-fs error (device loop1): ext4_orphan_get:1404: comm syz.1.11887: couldn't read orphan inode 15 (err -117) [ 3021.643857][ T8653] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 3021.999107][ T8484] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 3022.248624][ T8484] veth0_vlan: entered promiscuous mode [ 3022.337869][ T8484] veth1_vlan: entered promiscuous mode [ 3022.448758][ T2617] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 3022.514222][ T8484] veth0_macvtap: entered promiscuous mode [ 3022.548527][ T8484] veth1_macvtap: entered promiscuous mode [ 3022.619741][ T8484] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 3022.663633][ T8484] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 3022.684645][ T8484] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 3022.712199][ T8484] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 3022.782660][ T8484] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 3022.808981][ T8484] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 3022.842433][ T8484] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 3022.859655][ T8484] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 3022.870791][ T8484] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 3022.902039][ T8484] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 3022.936301][ T8484] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 3022.981217][ T8484] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 3022.990081][ T8484] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 3023.025156][ T8484] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 3023.308876][ T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 3023.342997][ T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 3023.454126][T32132] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 3023.490758][T32132] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 3024.018638][ T8698] netlink: 68 bytes leftover after parsing attributes in process `syz.1.11896'. [ 3024.886615][ T8712] loop2: detected capacity change from 0 to 512 [ 3024.899590][ T8712] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem [ 3024.942655][ T8712] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a017c11c, mo2=0002] [ 3024.953864][ T8712] System zones: 1-12 [ 3024.992227][ T8712] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2249: inode #15: comm syz.2.11898: corrupted in-inode xattr: e_value size too large [ 3025.063220][ T8712] EXT4-fs error (device loop2): ext4_orphan_get:1404: comm syz.2.11898: couldn't read orphan inode 15 (err -117) [ 3025.102179][ T8712] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 3025.886266][ T8484] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 3027.071340][ T8753] netlink: 68 bytes leftover after parsing attributes in process `syz.3.11908'. [ 3028.587662][ T28] audit: type=1326 audit(1763233516.038:4155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8773 comm="syz.2.11916" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51c6d8f6c9 code=0x7ffc0000 [ 3028.733998][ T28] audit: type=1326 audit(1763233516.038:4156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8773 comm="syz.2.11916" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51c6d8f6c9 code=0x7ffc0000 [ 3028.802547][ T28] audit: type=1326 audit(1763233516.038:4157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8773 comm="syz.2.11916" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f51c6d8f6c9 code=0x7ffc0000 [ 3028.840336][ T28] audit: type=1326 audit(1763233516.038:4158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8773 comm="syz.2.11916" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51c6d8f6c9 code=0x7ffc0000 [ 3028.881849][ T28] audit: type=1326 audit(1763233516.038:4159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8773 comm="syz.2.11916" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51c6d8f6c9 code=0x7ffc0000 [ 3028.950631][ T28] audit: type=1326 audit(1763233516.038:4160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8773 comm="syz.2.11916" exe="/root/syz-executor" sig=0 arch=c000003e syscall=114 compat=0 ip=0x7f51c6d8f6c9 code=0x7ffc0000 [ 3029.025228][ T28] audit: type=1326 audit(1763233516.038:4161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8773 comm="syz.2.11916" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51c6d8f6c9 code=0x7ffc0000 [ 3029.099398][ T28] audit: type=1326 audit(1763233516.038:4162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8773 comm="syz.2.11916" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51c6d8f6c9 code=0x7ffc0000 [ 3029.149768][ T28] audit: type=1326 audit(1763233516.038:4163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8773 comm="syz.2.11916" exe="/root/syz-executor" sig=0 arch=c000003e syscall=119 compat=0 ip=0x7f51c6d8f6c9 code=0x7ffc0000 [ 3029.191914][ T28] audit: type=1326 audit(1763233516.038:4164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8773 comm="syz.2.11916" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51c6d8f6c9 code=0x7ffc0000 [ 3030.630372][ T8812] netlink: 68 bytes leftover after parsing attributes in process `syz.1.11925'. [ 3032.661746][ T8836] xt_bpf: check failed: parse error [ 3033.731181][ T28] kauditd_printk_skb: 12 callbacks suppressed [ 3033.731217][ T28] audit: type=1326 audit(1763233521.178:4177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8846 comm="syz.0.11941" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f561718f6c9 code=0x7ffc0000 [ 3034.289545][ T28] audit: type=1326 audit(1763233521.178:4178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8846 comm="syz.0.11941" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f561718f6c9 code=0x7ffc0000 [ 3034.380610][ T28] audit: type=1326 audit(1763233521.178:4179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8846 comm="syz.0.11941" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f561718f6c9 code=0x7ffc0000 [ 3034.454800][ T28] audit: type=1326 audit(1763233521.178:4180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8846 comm="syz.0.11941" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f561718f6c9 code=0x7ffc0000 [ 3034.540337][ T28] audit: type=1326 audit(1763233521.178:4181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8846 comm="syz.0.11941" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f561718f6c9 code=0x7ffc0000 [ 3034.600305][ T28] audit: type=1326 audit(1763233521.178:4182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8846 comm="syz.0.11941" exe="/root/syz-executor" sig=0 arch=c000003e syscall=114 compat=0 ip=0x7f561718f6c9 code=0x7ffc0000 [ 3034.647050][ T28] audit: type=1326 audit(1763233521.188:4183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8846 comm="syz.0.11941" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f561718f6c9 code=0x7ffc0000 [ 3034.720305][ T28] audit: type=1326 audit(1763233521.188:4184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8846 comm="syz.0.11941" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f561718f6c9 code=0x7ffc0000 [ 3034.770264][ T28] audit: type=1326 audit(1763233521.188:4185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8846 comm="syz.0.11941" exe="/root/syz-executor" sig=0 arch=c000003e syscall=119 compat=0 ip=0x7f561718f6c9 code=0x7ffc0000 [ 3034.821919][ T28] audit: type=1326 audit(1763233521.188:4186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8846 comm="syz.0.11941" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f561718f6c9 code=0x7ffc0000 [ 3037.211104][ T8894] netlink: 68 bytes leftover after parsing attributes in process `syz.0.11956'. [ 3042.761062][ T8953] IPv6: NLM_F_CREATE should be specified when creating new route [ 3043.715685][ T28] kauditd_printk_skb: 12 callbacks suppressed [ 3043.715701][ T28] audit: type=1326 audit(1763233531.178:4199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8960 comm="syz.2.11984" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51c6d8f6c9 code=0x7ffc0000 [ 3043.820792][ T28] audit: type=1326 audit(1763233531.178:4200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8960 comm="syz.2.11984" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51c6d8f6c9 code=0x7ffc0000 [ 3043.875690][ T8966] 9pnet_fd: Insufficient options for proto=fd [ 3043.882105][ T28] audit: type=1326 audit(1763233531.188:4201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8960 comm="syz.2.11984" exe="/root/syz-executor" sig=0 arch=c000003e syscall=229 compat=0 ip=0x7f51c6d8f6c9 code=0x7ffc0000 [ 3043.930436][ T28] audit: type=1326 audit(1763233531.188:4202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8960 comm="syz.2.11984" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51c6d8f6c9 code=0x7ffc0000 [ 3044.004530][ T28] audit: type=1326 audit(1763233531.188:4203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8960 comm="syz.2.11984" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51c6d8f6c9 code=0x7ffc0000 [ 3047.801376][ T28] audit: type=1326 audit(1763233535.258:4204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9004 comm="syz.3.12000" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d5a78f6c9 code=0x7ffc0000 [ 3047.919351][ T28] audit: type=1326 audit(1763233535.268:4205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9004 comm="syz.3.12000" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4d5a78f6c9 code=0x7ffc0000 [ 3048.012819][ T28] audit: type=1326 audit(1763233535.298:4206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9004 comm="syz.3.12000" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d5a78f6c9 code=0x7ffc0000 [ 3048.160658][ T28] audit: type=1326 audit(1763233535.298:4207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9004 comm="syz.3.12000" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d5a78f6c9 code=0x7ffc0000 [ 3048.510486][ T28] audit: type=1326 audit(1763233535.298:4208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9004 comm="syz.3.12000" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4d5a78f6c9 code=0x7ffc0000 [ 3053.093822][T29869] usb 2-1: new high-speed USB device number 40 using dummy_hcd [ 3053.489039][T29869] usb 2-1: Using ep0 maxpacket: 16 [ 3053.504536][T29869] usb 2-1: New USB device found, idVendor=0d49, idProduct=7010, bcdDevice= c.90 [ 3053.535730][T29869] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 3053.571107][T29869] usb 2-1: Product: syz [ 3053.575339][T29869] usb 2-1: Manufacturer: syz [ 3053.579964][T29869] usb 2-1: SerialNumber: syz [ 3053.625265][T29869] usb 2-1: config 0 descriptor?? [ 3053.662088][T29869] ums-onetouch 2-1:0.0: USB Mass Storage device detected [ 3053.906240][T29869] usb 2-1: USB disconnect, device number 40 [ 3054.082889][ T9070] 9pnet_fd: Insufficient options for proto=fd [ 3055.188747][ T9095] loop1: detected capacity change from 0 to 512 [ 3055.235907][ T9095] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem [ 3055.296534][ T9095] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a017c11c, mo2=0002] [ 3055.350442][ T9095] System zones: 1-12 [ 3055.432738][ T9095] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2249: inode #15: comm syz.1.12031: corrupted in-inode xattr: e_value size too large [ 3055.493212][ T9095] EXT4-fs error (device loop1): ext4_orphan_get:1404: comm syz.1.12031: couldn't read orphan inode 15 (err -117) [ 3055.552850][ T9095] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 3056.337453][ T28] kauditd_printk_skb: 11 callbacks suppressed [ 3056.337487][ T28] audit: type=1326 audit(1763233543.708:4220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9103 comm="syz.0.12033" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f561718f6c9 code=0x7ffc0000 [ 3056.599418][ T28] audit: type=1326 audit(1763233543.708:4221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9103 comm="syz.0.12033" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f561718f6c9 code=0x7ffc0000 [ 3056.771236][ T28] audit: type=1326 audit(1763233543.708:4222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9103 comm="syz.0.12033" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f561718f6c9 code=0x7ffc0000 [ 3056.903014][ T28] audit: type=1326 audit(1763233543.708:4223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9103 comm="syz.0.12033" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f561718f6c9 code=0x7ffc0000 [ 3056.997013][ T28] audit: type=1326 audit(1763233543.718:4224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9103 comm="syz.0.12033" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f561718f6c9 code=0x7ffc0000 [ 3057.079802][ T28] audit: type=1326 audit(1763233543.718:4225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9103 comm="syz.0.12033" exe="/root/syz-executor" sig=0 arch=c000003e syscall=114 compat=0 ip=0x7f561718f6c9 code=0x7ffc0000 [ 3057.136171][ T9117] loop2: detected capacity change from 0 to 2048 [ 3057.181008][ T28] audit: type=1326 audit(1763233543.718:4226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9103 comm="syz.0.12033" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f561718f6c9 code=0x7ffc0000 [ 3057.273523][ T9117] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 3057.308493][ T28] audit: type=1326 audit(1763233543.718:4227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9103 comm="syz.0.12033" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f561718f6c9 code=0x7ffc0000 [ 3057.365593][ T28] audit: type=1326 audit(1763233543.718:4228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9103 comm="syz.0.12033" exe="/root/syz-executor" sig=0 arch=c000003e syscall=119 compat=0 ip=0x7f561718f6c9 code=0x7ffc0000 [ 3057.388768][ T28] audit: type=1326 audit(1763233543.718:4229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9103 comm="syz.0.12033" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f561718f6c9 code=0x7ffc0000 [ 3059.428684][ T2617] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 3059.699076][ T9151] block device autoloading is deprecated and will be removed. [ 3059.741318][ T9151] syz.3.12048: attempt to access beyond end of device [ 3059.741318][ T9151] loop7: rw=0, sector=0, nr_sectors = 1 limit=0 [ 3059.787795][ T9151] FAT-fs (loop7): unable to read boot sector [ 3060.121518][ T8484] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 3061.262920][ T9176] loop2: detected capacity change from 0 to 512 [ 3061.280984][ T9176] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem [ 3061.303297][ T9176] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a017c11c, mo2=0002] [ 3061.315903][ T9176] System zones: 1-12 [ 3061.340942][ T9176] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2249: inode #15: comm syz.2.12057: corrupted in-inode xattr: e_value size too large [ 3061.415476][ T9176] EXT4-fs error (device loop2): ext4_orphan_get:1404: comm syz.2.12057: couldn't read orphan inode 15 (err -117) [ 3061.518026][ T9176] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 3063.827196][ T8484] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 3063.889210][ T9211] 9pnet_fd: Insufficient options for proto=fd [ 3064.667830][ T9225] netlink: 12 bytes leftover after parsing attributes in process `syz.1.12072'. [ 3065.624258][ T9252] loop2: detected capacity change from 0 to 2048 [ 3065.715558][ T9252] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 3067.460022][ T8484] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 3069.592747][ T9290] loop2: detected capacity change from 0 to 2048 [ 3069.714204][ T9290] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 3069.830683][T24810] usb 2-1: new full-speed USB device number 41 using dummy_hcd [ 3070.068196][T24810] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 3070.085031][T24810] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 3070.098917][T24810] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.00 [ 3070.111036][T24810] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 3070.153828][T24810] usb 2-1: SerialNumber: syz [ 3070.871695][T24810] usb 2-1: 0:2 : does not exist [ 3070.881204][ T8484] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 3071.351786][ T9285] 8021q: adding VLAN 0 to HW filter on device bond0 [ 3071.415991][ T9285] 8021q: adding VLAN 0 to HW filter on device team0 [ 3071.461029][ T9285] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 3071.505373][ T2167] usb 2-1: USB disconnect, device number 41 [ 3072.954848][ T9326] loop1: detected capacity change from 0 to 2048 [ 3073.134852][ T9326] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 3074.202650][ T2617] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 3082.248234][ T1280] ieee802154 phy0 wpan0: encryption failed: -22 [ 3082.255579][ T1280] ieee802154 phy1 wpan1: encryption failed: -22 [ 3083.909306][ T9445] netlink: 68 bytes leftover after parsing attributes in process `syz.1.12150'. [ 3084.235017][ T28] kauditd_printk_skb: 1 callbacks suppressed [ 3084.235054][ T28] audit: type=1326 audit(1763233571.648:4231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9441 comm="syz.2.12153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51c6d8f6c9 code=0x7ffc0000 [ 3084.761663][ T28] audit: type=1326 audit(1763233571.648:4232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9441 comm="syz.2.12153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51c6d8f6c9 code=0x7ffc0000 [ 3084.825964][ T28] audit: type=1326 audit(1763233571.648:4233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9441 comm="syz.2.12153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f51c6d8f6c9 code=0x7ffc0000 [ 3084.908006][ T28] audit: type=1326 audit(1763233571.648:4234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9441 comm="syz.2.12153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51c6d8f6c9 code=0x7ffc0000 [ 3084.971177][ T28] audit: type=1326 audit(1763233571.658:4235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9441 comm="syz.2.12153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51c6d8f6c9 code=0x7ffc0000 [ 3085.064567][ T28] audit: type=1326 audit(1763233571.658:4236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9441 comm="syz.2.12153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=114 compat=0 ip=0x7f51c6d8f6c9 code=0x7ffc0000 [ 3085.140351][ T28] audit: type=1326 audit(1763233571.658:4237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9441 comm="syz.2.12153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51c6d8f6c9 code=0x7ffc0000 [ 3085.239296][ T28] audit: type=1326 audit(1763233571.658:4238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9441 comm="syz.2.12153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51c6d8f6c9 code=0x7ffc0000 [ 3085.262909][ T28] audit: type=1326 audit(1763233571.658:4239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9441 comm="syz.2.12153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=119 compat=0 ip=0x7f51c6d8f6c9 code=0x7ffc0000 [ 3085.383960][ T28] audit: type=1326 audit(1763233571.658:4240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9441 comm="syz.2.12153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51c6d8f6c9 code=0x7ffc0000 [ 3086.092679][ T9470] netlink: 172 bytes leftover after parsing attributes in process `syz.2.12160'. [ 3086.253685][ T8177] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 3086.351662][ T8177] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 3086.371722][ T8177] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 3086.381361][ T8177] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 3086.389144][ T8177] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 3086.396730][ T8177] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 3088.599922][ T8177] Bluetooth: hci4: command tx timeout [ 3088.897165][ T9473] chnl_net:caif_netlink_parms(): no params data found [ 3089.229909][ T9473] bridge0: port 1(bridge_slave_0) entered blocking state [ 3089.252233][ T9473] bridge0: port 1(bridge_slave_0) entered disabled state [ 3089.259607][ T9473] bridge_slave_0: entered allmulticast mode [ 3089.271483][ T9473] bridge_slave_0: entered promiscuous mode [ 3089.286579][ T9473] bridge0: port 2(bridge_slave_1) entered blocking state [ 3089.296195][ T9473] bridge0: port 2(bridge_slave_1) entered disabled state [ 3089.307338][ T9473] bridge_slave_1: entered allmulticast mode [ 3089.314874][ T9473] bridge_slave_1: entered promiscuous mode [ 3089.456902][ T9473] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 3089.688087][ T28] kauditd_printk_skb: 12 callbacks suppressed [ 3089.688124][ T28] audit: type=1326 audit(1763233577.128:4253): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9523 comm="syz.0.12175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f561718f6c9 code=0x7ffc0000 [ 3090.109183][ T28] audit: type=1326 audit(1763233577.138:4254): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9523 comm="syz.0.12175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f561718f6c9 code=0x7ffc0000 [ 3090.143074][ T28] audit: type=1326 audit(1763233577.138:4255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9523 comm="syz.0.12175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f561718f6c9 code=0x7ffc0000 [ 3090.202202][ T28] audit: type=1326 audit(1763233577.138:4256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9523 comm="syz.0.12175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f561718f6c9 code=0x7ffc0000 [ 3090.253256][ T2880] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3090.367336][ T28] audit: type=1326 audit(1763233577.138:4257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9523 comm="syz.0.12175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f561718f6c9 code=0x7ffc0000 [ 3090.392782][ T9473] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 3090.421722][ T28] audit: type=1326 audit(1763233577.138:4258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9523 comm="syz.0.12175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=114 compat=0 ip=0x7f561718f6c9 code=0x7ffc0000 [ 3090.565638][ T28] audit: type=1326 audit(1763233577.138:4259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9523 comm="syz.0.12175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f561718f6c9 code=0x7ffc0000 [ 3090.632866][ T28] audit: type=1326 audit(1763233577.148:4260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9523 comm="syz.0.12175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f561718f6c9 code=0x7ffc0000 [ 3090.656165][ T8177] Bluetooth: hci4: command tx timeout [ 3090.661704][ T28] audit: type=1326 audit(1763233577.148:4261): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9523 comm="syz.0.12175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=119 compat=0 ip=0x7f561718f6c9 code=0x7ffc0000 [ 3090.697319][ T28] audit: type=1326 audit(1763233577.148:4262): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9523 comm="syz.0.12175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f561718f6c9 code=0x7ffc0000 [ 3090.729765][ T2880] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3091.064074][ T9473] team0: Port device team_slave_0 added [ 3091.074830][ T9473] team0: Port device team_slave_1 added [ 3091.110999][ T9473] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 3091.118332][ T9473] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 3091.163126][ T9473] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 3091.338024][ T2880] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3091.355325][ T9473] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 3091.408214][ T9473] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 3091.481859][ T9473] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 3091.520268][ T9556] loop1: detected capacity change from 0 to 2048 [ 3091.589741][ T9556] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 3091.637565][ T2880] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3091.769503][ T9473] hsr_slave_0: entered promiscuous mode [ 3091.788969][ T9473] hsr_slave_1: entered promiscuous mode [ 3091.799431][ T9473] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 3091.807145][ T9473] Cannot create hsr debugfs directory [ 3092.722080][ T8177] Bluetooth: hci4: command tx timeout [ 3093.292683][ T2617] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 3094.056275][ T9580] loop1: detected capacity change from 0 to 512 [ 3094.236518][ T9580] EXT4-fs warning (device loop1): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 3094.259695][ T9580] EXT4-fs (loop1): mount failed [ 3094.810366][ T8177] Bluetooth: hci4: command tx timeout [ 3097.174323][ T9609] loop1: detected capacity change from 0 to 2048 [ 3097.199572][ T9473] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 3097.236149][ T9609] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 3097.403192][ T9473] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 3097.447797][ T9473] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 3097.484183][ T9473] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 3098.186536][ T2617] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 3098.733914][ T9473] 8021q: adding VLAN 0 to HW filter on device bond0 [ 3098.863982][ T2880] hsr_slave_0: left promiscuous mode [ 3098.907068][ T2880] hsr_slave_1: left promiscuous mode [ 3098.949971][ T2880] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 3098.971112][ T2880] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 3098.999533][ T2880] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 3099.020459][ T2880] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 3099.046421][ T2880] bridge_slave_1: left allmulticast mode [ 3099.058059][ T2880] bridge_slave_1: left promiscuous mode [ 3099.080495][ T2880] bridge0: port 2(bridge_slave_1) entered disabled state [ 3099.151126][ T2880] bridge_slave_0: left allmulticast mode [ 3099.156822][ T2880] bridge_slave_0: left promiscuous mode [ 3099.181509][ T2880] bridge0: port 1(bridge_slave_0) entered disabled state [ 3099.265655][ T28] kauditd_printk_skb: 2 callbacks suppressed [ 3099.265671][ T28] audit: type=1326 audit(1763233586.718:4264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9648 comm="syz.1.12205" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4fbd98f6c9 code=0x7ffc0000 [ 3099.305416][ T2880] veth1_macvtap: left promiscuous mode [ 3099.316760][ T2880] veth0_macvtap: left promiscuous mode [ 3099.327783][ T2880] veth1_vlan: left promiscuous mode [ 3099.340653][ T2880] veth0_vlan: left promiscuous mode [ 3099.356978][ T28] audit: type=1326 audit(1763233586.718:4265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9648 comm="syz.1.12205" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4fbd98f6c9 code=0x7ffc0000 [ 3099.402088][ T28] audit: type=1326 audit(1763233586.768:4266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9648 comm="syz.1.12205" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4fbd98f6c9 code=0x7ffc0000 [ 3099.529991][ T28] audit: type=1326 audit(1763233586.768:4267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9648 comm="syz.1.12205" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4fbd98f6c9 code=0x7ffc0000 [ 3099.710257][ T28] audit: type=1326 audit(1763233586.768:4268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9648 comm="syz.1.12205" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4fbd98f6c9 code=0x7ffc0000 [ 3099.747894][ T28] audit: type=1326 audit(1763233586.768:4269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9648 comm="syz.1.12205" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4fbd98f6c9 code=0x7ffc0000 [ 3099.780265][ T28] audit: type=1326 audit(1763233586.768:4270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9648 comm="syz.1.12205" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4fbd98f6c9 code=0x7ffc0000 [ 3099.803210][ T28] audit: type=1326 audit(1763233586.768:4271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9648 comm="syz.1.12205" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4fbd98f6c9 code=0x7ffc0000 [ 3099.828093][ T28] audit: type=1326 audit(1763233586.768:4272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9648 comm="syz.1.12205" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4fbd98f6c9 code=0x7ffc0000 [ 3099.880330][ T28] audit: type=1326 audit(1763233586.768:4273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9648 comm="syz.1.12205" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4fbd98f6c9 code=0x7ffc0000 [ 3101.992245][ T2880] team0 (unregistering): Port device team_slave_1 removed [ 3102.072032][ T2880] team0 (unregistering): Port device team_slave_0 removed [ 3102.688870][ T2880] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 3102.865275][ T2880] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 3104.380605][ T2880] bond0 (unregistering): Released all slaves [ 3104.523777][ T9659] netlink: 'syz.1.12209': attribute type 3 has an invalid length. [ 3104.534346][ T9659] netlink: 'syz.1.12209': attribute type 3 has an invalid length. [ 3104.570954][ T9473] 8021q: adding VLAN 0 to HW filter on device team0 [ 3104.600911][T13687] bridge0: port 1(bridge_slave_0) entered blocking state [ 3104.608119][T13687] bridge0: port 1(bridge_slave_0) entered forwarding state [ 3104.679857][T13687] bridge0: port 2(bridge_slave_1) entered blocking state [ 3104.687082][T13687] bridge0: port 2(bridge_slave_1) entered forwarding state [ 3104.803329][ T692] Bluetooth: hci1: command 0x0406 tx timeout [ 3104.936120][ T9473] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 3104.946977][ T9473] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 3106.217842][ T9473] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 3106.402562][ T9702] netlink: 'syz.2.12223': attribute type 3 has an invalid length. [ 3106.411695][ T9702] netlink: 'syz.2.12223': attribute type 3 has an invalid length. [ 3106.768842][ T9473] veth0_vlan: entered promiscuous mode [ 3107.072859][ T9473] veth1_vlan: entered promiscuous mode [ 3107.189422][ T9473] veth0_macvtap: entered promiscuous mode [ 3107.226446][ T9473] veth1_macvtap: entered promiscuous mode [ 3107.853446][ T9473] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 3107.912780][ T9473] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 3107.923451][ T9473] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 3107.934621][ T9473] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 3107.946805][ T9473] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 3107.961273][ T9473] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 3107.971786][ T9473] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 3107.997286][ T9473] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 3108.013487][ T9473] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 3108.036044][ T9473] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 3108.063163][ T9473] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 3108.097215][ T9473] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 3108.116351][ T9473] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 3108.141355][ T9473] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 3108.957786][T13680] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 3108.985188][T13680] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 3109.002679][ T9718] loop1: detected capacity change from 0 to 2048 [ 3109.032563][ T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 3109.041315][ T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 3109.117654][ T9718] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 3110.899624][ T2617] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 3113.737236][ T9770] netlink: 96 bytes leftover after parsing attributes in process `syz.1.12244'. [ 3117.831408][ T9808] IPv6: NLM_F_CREATE should be specified when creating new route [ 3124.841419][ T28] kauditd_printk_skb: 25 callbacks suppressed [ 3124.841435][ T28] audit: type=1326 audit(1763233612.298:4299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9870 comm="syz.2.12278" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51c6d8f6c9 code=0x7ffc0000 [ 3124.936165][ T28] audit: type=1326 audit(1763233612.298:4300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9870 comm="syz.2.12278" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51c6d8f6c9 code=0x7ffc0000 [ 3124.987077][ T28] audit: type=1326 audit(1763233612.298:4301): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9870 comm="syz.2.12278" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f51c6d8f6c9 code=0x7ffc0000 [ 3125.049489][ T28] audit: type=1326 audit(1763233612.298:4302): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9870 comm="syz.2.12278" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51c6d8f6c9 code=0x7ffc0000 [ 3125.100343][ T28] audit: type=1326 audit(1763233612.298:4303): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9870 comm="syz.2.12278" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51c6d8f6c9 code=0x7ffc0000 [ 3125.324317][ T28] audit: type=1326 audit(1763233612.308:4304): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9870 comm="syz.2.12278" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f51c6d8f6c9 code=0x7ffc0000 [ 3125.348643][ T28] audit: type=1326 audit(1763233612.308:4305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9870 comm="syz.2.12278" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51c6d8f6c9 code=0x7ffc0000 [ 3125.400508][ T28] audit: type=1326 audit(1763233612.308:4306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9870 comm="syz.2.12278" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51c6d8f6c9 code=0x7ffc0000 [ 3125.460915][ T28] audit: type=1326 audit(1763233612.338:4307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9870 comm="syz.2.12278" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f51c6d8f6c9 code=0x7ffc0000 [ 3126.130320][ T28] audit: type=1326 audit(1763233612.338:4308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9870 comm="syz.2.12278" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51c6d8f6c9 code=0x7ffc0000 [ 3126.362696][ T9898] netlink: 4 bytes leftover after parsing attributes in process `syz.1.12286'. [ 3130.671733][ T8177] Bluetooth: hci3: command 0x0406 tx timeout [ 3134.709980][ T9977] loop1: detected capacity change from 0 to 512 [ 3134.732479][ T9977] EXT4-fs: Ignoring removed mblk_io_submit option [ 3134.759443][ T9977] EXT4-fs: inline encryption not supported [ 3134.783407][ T9977] EXT4-fs: Ignoring removed mblk_io_submit option [ 3134.802457][ T9977] EXT4-fs (loop1): Test dummy encryption mode enabled [ 3134.809304][ T9977] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 3134.916032][ T9977] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c018, mo2=0002] [ 3134.934801][ T9977] System zones: 1-12 [ 3135.009746][ T9977] EXT4-fs (loop1): 1 truncate cleaned up [ 3135.027309][ T9977] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 3135.793992][ T2617] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 3137.159983][ T28] kauditd_printk_skb: 17 callbacks suppressed [ 3137.159998][ T28] audit: type=1326 audit(1763233623.978:4326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9984 comm="syz.3.12313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5058f8f6c9 code=0x7ffc0000 [ 3137.394906][ T28] audit: type=1326 audit(1763233623.988:4327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9984 comm="syz.3.12313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5058f8f6c9 code=0x7ffc0000 [ 3137.468880][ T28] audit: type=1326 audit(1763233623.988:4328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9984 comm="syz.3.12313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f5058f8f6c9 code=0x7ffc0000 [ 3137.492378][ T28] audit: type=1326 audit(1763233623.988:4329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9984 comm="syz.3.12313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5058f8f6c9 code=0x7ffc0000 [ 3137.516654][ T28] audit: type=1326 audit(1763233623.988:4330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9984 comm="syz.3.12313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5058f8f6c9 code=0x7ffc0000 [ 3137.559104][ T28] audit: type=1326 audit(1763233623.988:4331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9984 comm="syz.3.12313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=114 compat=0 ip=0x7f5058f8f6c9 code=0x7ffc0000 [ 3137.700484][ T28] audit: type=1326 audit(1763233623.988:4332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9984 comm="syz.3.12313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5058f8f6c9 code=0x7ffc0000 [ 3137.790885][ T28] audit: type=1326 audit(1763233623.988:4333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9984 comm="syz.3.12313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5058f8f6c9 code=0x7ffc0000 [ 3137.814150][ T28] audit: type=1326 audit(1763233623.998:4334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9984 comm="syz.3.12313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=119 compat=0 ip=0x7f5058f8f6c9 code=0x7ffc0000 [ 3137.861334][ T28] audit: type=1326 audit(1763233623.998:4335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9984 comm="syz.3.12313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5058f8f6c9 code=0x7ffc0000 [ 3137.951587][T10001] IPv6: NLM_F_CREATE should be specified when creating new route [ 3139.723588][T10012] netlink: 128 bytes leftover after parsing attributes in process `syz.3.12314'. [ 3143.528169][T10056] netlink: 4 bytes leftover after parsing attributes in process `syz.2.12333'. [ 3143.555703][T10054] 9pnet_fd: Insufficient options for proto=fd [ 3143.687364][ T1280] ieee802154 phy0 wpan0: encryption failed: -22 [ 3143.696162][ T1280] ieee802154 phy1 wpan1: encryption failed: -22 [ 3144.241737][T10079] xt_CT: You must specify a L4 protocol and not use inversions on it [ 3146.565776][T10086] 9pnet_fd: Insufficient options for proto=fd [ 3146.873492][ T692] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 3146.884766][ T692] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 3146.894225][ T692] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 3146.906043][ T692] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 3146.916051][ T692] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 3147.041470][ T692] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 3147.130069][T10092] loop2: detected capacity change from 0 to 512 [ 3147.213892][T10092] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem [ 3147.278200][T10092] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a017c11c, mo2=0002] [ 3147.326166][T10092] System zones: 1-12 [ 3147.361557][T10092] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2249: inode #15: comm syz.2.12347: corrupted in-inode xattr: e_value size too large [ 3147.436577][T10092] EXT4-fs error (device loop2): ext4_orphan_get:1404: comm syz.2.12347: couldn't read orphan inode 15 (err -117) [ 3147.515038][T10092] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 3148.507812][T10113] 9pnet_fd: Insufficient options for proto=fd [ 3148.539799][ T8484] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 3148.714091][T10089] chnl_net:caif_netlink_parms(): no params data found [ 3149.132127][ T692] Bluetooth: hci2: command tx timeout [ 3150.123307][T10089] bridge0: port 1(bridge_slave_0) entered blocking state [ 3150.150412][T10089] bridge0: port 1(bridge_slave_0) entered disabled state [ 3150.171620][T10089] bridge_slave_0: entered allmulticast mode [ 3150.195791][T10089] bridge_slave_0: entered promiscuous mode [ 3150.366720][T10089] bridge0: port 2(bridge_slave_1) entered blocking state [ 3150.382408][T10089] bridge0: port 2(bridge_slave_1) entered disabled state [ 3150.414809][T10089] bridge_slave_1: entered allmulticast mode [ 3150.440843][T10089] bridge_slave_1: entered promiscuous mode [ 3150.703302][T10089] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 3150.729841][T10089] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 3151.109371][T10089] team0: Port device team_slave_0 added [ 3151.312901][ T692] Bluetooth: hci2: command tx timeout [ 3151.851476][T10089] team0: Port device team_slave_1 added [ 3153.027607][T10089] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 3153.415132][ T692] Bluetooth: hci2: command tx timeout [ 3153.478715][T10089] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 3153.596728][T10089] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 3153.666484][T10089] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 3153.673686][T10089] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 3153.710426][T10089] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 3153.931618][T10089] hsr_slave_0: entered promiscuous mode [ 3154.011255][T10089] hsr_slave_1: entered promiscuous mode [ 3155.462862][ T692] Bluetooth: hci2: command tx timeout [ 3156.377541][ T9584] hsr_slave_0: left promiscuous mode [ 3156.396225][ T9584] hsr_slave_1: left promiscuous mode [ 3156.645654][ T9584] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 3156.844319][ T9584] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 3157.043868][ T9584] bridge_slave_1: left allmulticast mode [ 3157.166200][ T9584] bridge_slave_1: left promiscuous mode [ 3157.264319][ T9584] bridge0: port 2(bridge_slave_1) entered disabled state [ 3157.385349][ T9584] bridge_slave_0: left allmulticast mode [ 3157.422861][ T9584] bridge_slave_0: left promiscuous mode [ 3157.452745][ T9584] bridge0: port 1(bridge_slave_0) entered disabled state [ 3164.408708][ T28] kauditd_printk_skb: 12 callbacks suppressed [ 3164.408724][ T28] audit: type=1326 audit(1763233651.868:4348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10246 comm="syz.3.12386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5058f8f6c9 code=0x7ffc0000 [ 3164.526061][ T28] audit: type=1326 audit(1763233651.908:4349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10246 comm="syz.3.12386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5058f8f6c9 code=0x7ffc0000 [ 3164.601423][ T28] audit: type=1326 audit(1763233651.908:4350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10246 comm="syz.3.12386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5058f8f6c9 code=0x7ffc0000 [ 3164.624285][ T28] audit: type=1326 audit(1763233651.908:4351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10246 comm="syz.3.12386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5058f8f6c9 code=0x7ffc0000 [ 3164.646966][ T28] audit: type=1326 audit(1763233651.908:4352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10246 comm="syz.3.12386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5058f8f6c9 code=0x7ffc0000 [ 3164.675322][ T28] audit: type=1326 audit(1763233651.938:4353): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10246 comm="syz.3.12386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5058f8f6c9 code=0x7ffc0000 [ 3164.873668][ T28] audit: type=1326 audit(1763233651.938:4354): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10246 comm="syz.3.12386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5058f8f6c9 code=0x7ffc0000 [ 3164.925843][ T28] audit: type=1326 audit(1763233651.938:4355): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10246 comm="syz.3.12386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5058f8f6c9 code=0x7ffc0000 [ 3164.949425][ T28] audit: type=1326 audit(1763233651.938:4356): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10246 comm="syz.3.12386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5058f8f6c9 code=0x7ffc0000 [ 3165.011237][ T9584] team0 (unregistering): Port device team_slave_1 removed [ 3165.067222][ T28] audit: type=1326 audit(1763233651.938:4357): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10246 comm="syz.3.12386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5058f8f6c9 code=0x7ffc0000 [ 3165.491999][ T9584] team0 (unregistering): Port device team_slave_0 removed [ 3165.702972][ T9584] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 3165.783393][ T9584] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 3168.023255][ T9584] bond0 (unregistering): Released all slaves [ 3170.345888][T10314] loop2: detected capacity change from 0 to 512 [ 3170.351960][T10089] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 3170.373983][T10314] EXT4-fs: Ignoring removed i_version option [ 3170.391588][T10089] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 3170.410331][T10314] EXT4-fs: Ignoring removed nobh option [ 3170.425162][T10314] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 3170.436043][T10089] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 3170.493047][T10089] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 3170.526416][T10314] EXT4-fs (loop2): 1 truncate cleaned up [ 3170.538029][T10314] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 3170.879195][T10325] netlink: 8 bytes leftover after parsing attributes in process `syz.2.12408'. [ 3171.465735][T10089] 8021q: adding VLAN 0 to HW filter on device bond0 [ 3171.474979][ T8484] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 3171.612707][T10089] 8021q: adding VLAN 0 to HW filter on device team0 [ 3171.653378][ T9584] bridge0: port 1(bridge_slave_0) entered blocking state [ 3171.660579][ T9584] bridge0: port 1(bridge_slave_0) entered forwarding state [ 3171.688429][ T1127] bridge0: port 2(bridge_slave_1) entered blocking state [ 3171.695672][ T1127] bridge0: port 2(bridge_slave_1) entered forwarding state [ 3172.146914][ T28] kauditd_printk_skb: 28 callbacks suppressed [ 3172.146930][ T28] audit: type=1326 audit(1763233659.608:4386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10350 comm="syz.2.12415" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51c6d8f6c9 code=0x7ffc0000 [ 3172.187192][ T28] audit: type=1326 audit(1763233659.638:4387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10350 comm="syz.2.12415" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51c6d8f6c9 code=0x7ffc0000 [ 3172.260690][ T28] audit: type=1326 audit(1763233659.638:4388): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10350 comm="syz.2.12415" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f51c6d8f6c9 code=0x7ffc0000 [ 3172.327877][ T28] audit: type=1326 audit(1763233659.638:4389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10350 comm="syz.2.12415" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51c6d8f6c9 code=0x7ffc0000 [ 3172.390235][ T28] audit: type=1326 audit(1763233659.638:4390): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10350 comm="syz.2.12415" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51c6d8f6c9 code=0x7ffc0000 [ 3172.422796][T10089] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 3172.480050][T10361] loop2: detected capacity change from 0 to 2048 [ 3172.502787][ T28] audit: type=1326 audit(1763233659.638:4391): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10350 comm="syz.2.12415" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f51c6d915e7 code=0x7ffc0000 [ 3172.577308][T10089] veth0_vlan: entered promiscuous mode [ 3172.585799][T10361] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 3172.607113][ T28] audit: type=1326 audit(1763233659.648:4392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10350 comm="syz.2.12415" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7f51c6d9155c code=0x7ffc0000 [ 3172.664864][T10089] veth1_vlan: entered promiscuous mode [ 3172.695997][ T28] audit: type=1326 audit(1763233659.648:4393): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10350 comm="syz.2.12415" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f51c6d91494 code=0x7ffc0000 [ 3173.944735][ T28] audit: type=1326 audit(1763233659.648:4394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10350 comm="syz.2.12415" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f51c6d91494 code=0x7ffc0000 [ 3174.007694][T10089] veth0_macvtap: entered promiscuous mode [ 3174.027961][ T28] audit: type=1326 audit(1763233659.648:4395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10350 comm="syz.2.12415" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f51c6d8e32a code=0x7ffc0000 [ 3174.035153][ T8484] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 3174.093613][T10089] veth1_macvtap: entered promiscuous mode [ 3174.173505][T10089] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 3174.199442][T10089] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 3174.233834][T10089] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 3174.253915][T10089] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 3174.277038][T10089] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 3174.305869][T10089] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 3174.352065][T10089] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 3174.380293][T10089] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 3174.420311][T10089] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 3174.450417][T10089] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 3174.478341][T10089] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 3174.514511][T10089] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 3174.549221][T10089] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 3174.591106][T10089] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 3174.626785][T10089] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 3174.660296][T10089] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 3174.671414][T10089] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 3174.680643][T10089] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 3175.231518][ T2880] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 3175.269184][ T2880] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 3175.364925][ T2880] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 3175.426129][ T2880] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 3176.827935][T10433] netlink: 4 bytes leftover after parsing attributes in process `syz.1.12344'. [ 3178.633727][T10470] loop2: detected capacity change from 0 to 2048 [ 3179.213201][T10470] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 3180.258877][ T8484] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 3181.580006][T10523] IPv6: NLM_F_CREATE should be specified when creating new route [ 3184.629920][T10569] netlink: 'syz.3.12468': attribute type 3 has an invalid length. [ 3184.638794][T10569] netlink: 'syz.3.12468': attribute type 3 has an invalid length. [ 3187.696727][T10585] loop1: detected capacity change from 0 to 512 [ 3187.741552][T10585] EXT4-fs: Ignoring removed i_version option [ 3187.748894][T10585] EXT4-fs: Ignoring removed nobh option [ 3187.775841][T10585] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 3187.852624][T10585] EXT4-fs (loop1): 1 truncate cleaned up [ 3187.859627][T10585] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 3188.288597][T10606] netlink: 8 bytes leftover after parsing attributes in process `syz.1.12472'. [ 3188.846552][T10089] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 3188.902047][T10612] netlink: 'syz.3.12478': attribute type 3 has an invalid length. [ 3188.910779][T10612] netlink: 'syz.3.12478': attribute type 3 has an invalid length. [ 3191.996815][T10638] 9pnet_fd: Insufficient options for proto=fd [ 3192.416559][T10648] loop2: detected capacity change from 0 to 512 [ 3192.451324][T10648] EXT4-fs: Ignoring removed i_version option [ 3192.477834][T10648] EXT4-fs: Ignoring removed nobh option [ 3192.506861][T10648] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 3192.588144][T10648] EXT4-fs (loop2): 1 truncate cleaned up [ 3192.599266][T10648] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 3192.977487][T10660] netlink: 8 bytes leftover after parsing attributes in process `syz.2.12487'. [ 3193.569922][ T8484] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 3195.241316][T10676] netlink: 'syz.1.12499': attribute type 3 has an invalid length. [ 3195.250764][T10676] netlink: 'syz.1.12499': attribute type 3 has an invalid length. [ 3196.488926][ T28] kauditd_printk_skb: 11 callbacks suppressed [ 3196.488942][ T28] audit: type=1326 audit(1763233683.948:4407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10692 comm="syz.1.12507" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc43e18f6c9 code=0x7ffc0000 [ 3196.595376][T10696] netlink: 8 bytes leftover after parsing attributes in process `syz.3.12506'. [ 3196.690264][ T28] audit: type=1326 audit(1763233683.948:4408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10692 comm="syz.1.12507" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc43e18f6c9 code=0x7ffc0000 [ 3197.177963][ T28] audit: type=1326 audit(1763233683.948:4409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10692 comm="syz.1.12507" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7fc43e18f6c9 code=0x7ffc0000 [ 3197.528340][ T28] audit: type=1326 audit(1763233683.948:4410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10692 comm="syz.1.12507" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc43e18f6c9 code=0x7ffc0000 [ 3197.799595][ T28] audit: type=1326 audit(1763233683.948:4411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10692 comm="syz.1.12507" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fc43e18f6c9 code=0x7ffc0000 [ 3197.823613][ T28] audit: type=1326 audit(1763233683.948:4412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10692 comm="syz.1.12507" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc43e18f6c9 code=0x7ffc0000 [ 3198.269018][T10710] netlink: 'syz.3.12511': attribute type 3 has an invalid length. [ 3198.277184][T10710] netlink: 'syz.3.12511': attribute type 3 has an invalid length. [ 3198.940677][ T28] audit: type=1326 audit(1763233683.948:4413): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10692 comm="syz.1.12507" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc43e18f6c9 code=0x7ffc0000 [ 3199.197660][ T28] audit: type=1326 audit(1763233683.948:4414): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10692 comm="syz.1.12507" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fc43e18f6c9 code=0x7ffc0000 [ 3199.311095][ T28] audit: type=1326 audit(1763233683.948:4415): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10692 comm="syz.1.12507" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc43e18f6c9 code=0x7ffc0000 [ 3199.375202][ T28] audit: type=1326 audit(1763233683.948:4416): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10692 comm="syz.1.12507" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc43e18f6c9 code=0x7ffc0000 [ 3204.196930][T10810] loop2: detected capacity change from 0 to 2048 [ 3204.261853][T10810] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 3205.123452][ T1280] ieee802154 phy0 wpan0: encryption failed: -22 [ 3205.140595][ T1280] ieee802154 phy1 wpan1: encryption failed: -22 [ 3205.314366][ T28] kauditd_printk_skb: 17 callbacks suppressed [ 3205.314382][ T28] audit: type=1326 audit(1763233692.778:4434): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10826 comm="syz.1.12545" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc43e18f6c9 code=0x7ffc0000 [ 3205.378786][ T8484] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 3205.404112][ T28] audit: type=1326 audit(1763233692.778:4435): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10826 comm="syz.1.12545" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc43e18f6c9 code=0x7ffc0000 [ 3205.427663][ T28] audit: type=1326 audit(1763233692.818:4436): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10826 comm="syz.1.12545" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fc43e1915e7 code=0x7ffc0000 [ 3205.462321][ T28] audit: type=1326 audit(1763233692.818:4437): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10826 comm="syz.1.12545" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7fc43e19155c code=0x7ffc0000 [ 3205.697873][ T28] audit: type=1326 audit(1763233692.818:4438): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10826 comm="syz.1.12545" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7fc43e191494 code=0x7ffc0000 [ 3206.180526][ T28] audit: type=1326 audit(1763233692.818:4439): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10826 comm="syz.1.12545" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7fc43e191494 code=0x7ffc0000 [ 3206.233974][ T28] audit: type=1326 audit(1763233692.818:4440): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10826 comm="syz.1.12545" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fc43e18e32a code=0x7ffc0000 [ 3206.285830][ T28] audit: type=1326 audit(1763233692.818:4441): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10826 comm="syz.1.12545" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc43e18f6c9 code=0x7ffc0000 [ 3206.320890][T10834] loop2: detected capacity change from 0 to 512 [ 3206.369080][T10834] EXT4-fs: Ignoring removed i_version option [ 3206.377257][ T28] audit: type=1326 audit(1763233692.818:4442): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10826 comm="syz.1.12545" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc43e18f6c9 code=0x7ffc0000 [ 3206.405565][T10834] EXT4-fs: Ignoring removed nobh option [ 3206.415918][T10834] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 3206.467229][T10834] EXT4-fs (loop2): 1 truncate cleaned up [ 3206.502408][T10834] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 3207.615505][T10850] netlink: 8 bytes leftover after parsing attributes in process `syz.2.12547'. [ 3208.086859][T10854] loop1: detected capacity change from 0 to 2048 [ 3208.107532][ T8484] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 3208.157971][T10854] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 3209.867406][T10089] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 3210.292889][ T28] audit: type=1326 audit(1763233697.698:4443): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10876 comm="syz.0.12563" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f561718f6c9 code=0x7ffc0000 [ 3210.342263][ T28] audit: type=1326 audit(1763233697.698:4444): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10876 comm="syz.0.12563" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f56171915e7 code=0x7ffc0000 [ 3210.392900][ T28] audit: type=1326 audit(1763233697.698:4445): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10876 comm="syz.0.12563" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7f561719155c code=0x7ffc0000 [ 3210.416185][ T28] audit: type=1326 audit(1763233697.698:4446): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10876 comm="syz.0.12563" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f5617191494 code=0x7ffc0000 [ 3210.450283][ T28] audit: type=1326 audit(1763233697.698:4447): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10876 comm="syz.0.12563" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f5617191494 code=0x7ffc0000 [ 3210.478020][ T28] audit: type=1326 audit(1763233697.698:4448): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10876 comm="syz.0.12563" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f561718e32a code=0x7ffc0000 [ 3210.616538][ T28] audit: type=1326 audit(1763233697.698:4449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10876 comm="syz.0.12563" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f561718f6c9 code=0x7ffc0000 [ 3210.943889][T10882] loop1: detected capacity change from 0 to 1024 [ 3210.985931][T10882] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 3210.995874][T10882] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (42152!=20869) [ 3211.005958][T10882] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 3211.028892][T10882] EXT4-fs error (device loop1): ext4_get_journal_inode:5800: inode #5: comm syz.1.12559: unexpected bad inode w/o EXT4_IGET_BAD [ 3211.045742][T10882] EXT4-fs (loop1): no journal found [ 3211.051073][T10882] EXT4-fs (loop1): can't get journal size [ 3211.095310][T10882] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 3211.138181][ T28] audit: type=1326 audit(1763233697.698:4450): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10876 comm="syz.0.12563" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f561718f6c9 code=0x7ffc0000 [ 3211.336528][T10089] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 3211.745750][T10894] loop2: detected capacity change from 0 to 2048 [ 3212.320278][ T8177] Bluetooth: hci4: command 0x0406 tx timeout [ 3212.344318][T10894] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 3212.765446][T10903] netlink: 'syz.1.12570': attribute type 32 has an invalid length. [ 3212.816877][T10903] netlink: 28 bytes leftover after parsing attributes in process `syz.1.12570'. [ 3213.362616][ T8484] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 3217.107837][T10936] loop1: detected capacity change from 0 to 2048 [ 3217.221529][T10936] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 3218.082065][T10939] netlink: 'syz.3.12582': attribute type 32 has an invalid length. [ 3218.123209][T10939] netlink: 28 bytes leftover after parsing attributes in process `syz.3.12582'. [ 3218.228344][T10089] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 3220.920661][T10971] 9pnet_fd: Insufficient options for proto=fd [ 3221.113284][T10974] loop1: detected capacity change from 0 to 2048 [ 3221.198911][T10974] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 3222.211931][T10089] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 3223.105109][T10997] netlink: 'syz.3.12595': attribute type 32 has an invalid length. [ 3224.748815][T11016] netlink: 4 bytes leftover after parsing attributes in process `syz.0.12606'. [ 3224.791876][T11018] loop1: detected capacity change from 0 to 2048 [ 3224.792643][T11016] bridge0: port 1(bridge_slave_0) entered disabled state [ 3224.877019][T11018] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 3225.489167][T11016] bridge_slave_0 (unregistering): left allmulticast mode [ 3225.691091][T11016] bridge_slave_0 (unregistering): left promiscuous mode [ 3225.729124][T11016] bridge0: port 1(bridge_slave_0) entered disabled state [ 3225.828748][T10089] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 3228.886674][T11051] netlink: 'syz.0.12613': attribute type 32 has an invalid length. [ 3228.957680][T11052] loop1: detected capacity change from 0 to 2048 [ 3229.028104][T11052] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 3231.820621][T11075] netlink: 8 bytes leftover after parsing attributes in process `syz.0.12620'. [ 3233.131612][T10089] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 3233.400551][T11083] netlink: 12 bytes leftover after parsing attributes in process `syz.0.12627'. [ 3233.826106][T11095] 9pnet_fd: Insufficient options for proto=fd [ 3234.017222][T11087] netlink: 'syz.3.12628': attribute type 32 has an invalid length. [ 3235.207337][T11109] netlink: 8 bytes leftover after parsing attributes in process `syz.0.12634'. [ 3237.326257][T11125] netlink: 68 bytes leftover after parsing attributes in process `syz.3.12640'. [ 3239.265611][T11144] loop1: detected capacity change from 0 to 512 [ 3239.293087][T11144] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem [ 3239.337012][T11144] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a017c11c, mo2=0002] [ 3239.345695][T11144] System zones: 1-12 [ 3239.370258][T11144] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2249: inode #15: comm syz.1.12647: corrupted in-inode xattr: e_value size too large [ 3239.427709][T11144] EXT4-fs error (device loop1): ext4_orphan_get:1404: comm syz.1.12647: couldn't read orphan inode 15 (err -117) [ 3239.450721][T11144] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 3239.459165][T11152] loop2: detected capacity change from 0 to 512 [ 3239.491817][T11152] EXT4-fs: Ignoring removed i_version option [ 3239.497877][T11152] EXT4-fs: Ignoring removed nobh option [ 3239.553039][T11152] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 3239.874654][T11152] EXT4-fs (loop2): 1 truncate cleaned up [ 3240.857441][T11152] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 3241.163697][T10089] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 3242.124517][T11166] xt_CT: You must specify a L4 protocol and not use inversions on it [ 3242.331417][ T8484] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 3249.966587][T11210] loop2: detected capacity change from 0 to 512 [ 3249.981066][T11210] EXT4-fs: Ignoring removed i_version option [ 3249.990310][T11210] EXT4-fs: Ignoring removed nobh option [ 3250.004025][T11210] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 3250.167423][T11210] EXT4-fs (loop2): 1 truncate cleaned up [ 3250.177132][T11210] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 3251.828179][ T8484] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 3255.022239][T11252] netlink: 68 bytes leftover after parsing attributes in process `syz.1.12672'. [ 3256.804711][T11285] xt_CT: You must specify a L4 protocol and not use inversions on it [ 3259.237008][T11301] netlink: 'syz.1.12690': attribute type 3 has an invalid length. [ 3259.247445][T11301] netlink: 'syz.1.12690': attribute type 3 has an invalid length. [ 3259.970907][T11305] vlan0: entered promiscuous mode [ 3260.539460][T11325] netlink: 68 bytes leftover after parsing attributes in process `syz.3.12698'. [ 3261.056138][T11336] 9pnet_fd: Insufficient options for proto=fd [ 3263.025694][T11360] 9pnet_fd: Insufficient options for proto=fd [ 3263.360574][ T28] audit: type=1326 audit(1763233750.758:4451): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11362 comm="syz.2.12718" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51c6d8f6c9 code=0x7ffc0000 [ 3263.513642][ T28] audit: type=1326 audit(1763233750.758:4452): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11362 comm="syz.2.12718" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51c6d8f6c9 code=0x7ffc0000 [ 3263.652744][ T28] audit: type=1326 audit(1763233750.768:4453): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11362 comm="syz.2.12718" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f51c6d915e7 code=0x7ffc0000 [ 3263.755735][ T28] audit: type=1326 audit(1763233750.768:4454): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11362 comm="syz.2.12718" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7f51c6d9155c code=0x7ffc0000 [ 3263.851374][ T28] audit: type=1326 audit(1763233750.768:4455): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11362 comm="syz.2.12718" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f51c6d91494 code=0x7ffc0000 [ 3263.875540][ T28] audit: type=1326 audit(1763233750.768:4456): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11362 comm="syz.2.12718" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f51c6d91494 code=0x7ffc0000 [ 3263.898514][ T28] audit: type=1326 audit(1763233750.768:4457): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11362 comm="syz.2.12718" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f51c6d8e32a code=0x7ffc0000 [ 3263.928312][ T28] audit: type=1326 audit(1763233750.768:4458): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11362 comm="syz.2.12718" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51c6d8f6c9 code=0x7ffc0000 [ 3263.971652][ T28] audit: type=1326 audit(1763233750.768:4459): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11362 comm="syz.2.12718" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51c6d8f6c9 code=0x7ffc0000 [ 3264.111139][T11375] loop2: detected capacity change from 0 to 512 [ 3264.150308][T11375] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem [ 3264.209523][T11375] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a017c11c, mo2=0002] [ 3264.229968][T11375] System zones: 1-12 [ 3264.260128][T11375] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2249: inode #15: comm syz.2.12724: corrupted in-inode xattr: e_value size too large [ 3264.291453][T11380] 9pnet_fd: Insufficient options for proto=fd [ 3264.322491][T11375] EXT4-fs error (device loop2): ext4_orphan_get:1404: comm syz.2.12724: couldn't read orphan inode 15 (err -117) [ 3264.377146][T11375] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 3264.878361][ T8484] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 3265.214194][T11398] netlink: 84 bytes leftover after parsing attributes in process `syz.3.12733'. [ 3266.568426][ T1280] ieee802154 phy0 wpan0: encryption failed: -22 [ 3266.578048][ T1280] ieee802154 phy1 wpan1: encryption failed: -22 [ 3266.998429][T11418] netlink: 128 bytes leftover after parsing attributes in process `syz.1.12742'. [ 3269.764620][T11459] xt_CT: You must specify a L4 protocol and not use inversions on it [ 3272.063018][T11482] netlink: 'syz.1.12767': attribute type 3 has an invalid length. [ 3272.356583][T11492] loop1: detected capacity change from 0 to 512 [ 3272.411423][T11492] EXT4-fs error (device loop1): ext4_orphan_get:1399: inode #15: comm syz.1.12772: inode has both inline data and extents flags [ 3272.435143][T11492] EXT4-fs error (device loop1): ext4_orphan_get:1404: comm syz.1.12772: couldn't read orphan inode 15 (err -117) [ 3272.489082][T11492] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 3273.466289][T10089] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 3273.763995][ T692] Bluetooth: hci2: command 0x0406 tx timeout [ 3274.182566][T11526] IPv6: NLM_F_CREATE should be specified when creating new route [ 3275.049861][T11533] loop2: detected capacity change from 0 to 256 [ 3275.282707][T11533] syz.2.12787: attempt to access beyond end of device [ 3275.282707][T11533] loop2: rw=2049, sector=256, nr_sectors = 68 limit=256 [ 3275.331471][T11535] netlink: 68 bytes leftover after parsing attributes in process `syz.1.12788'. [ 3276.094417][T11554] loop2: detected capacity change from 0 to 512 [ 3276.124797][T11554] EXT4-fs: Ignoring removed i_version option [ 3276.170642][T11554] EXT4-fs: Ignoring removed nobh option [ 3276.278989][T11557] IPv6: NLM_F_CREATE should be specified when creating new route [ 3276.448669][T11554] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 3276.837254][T11554] EXT4-fs (loop2): 1 truncate cleaned up [ 3276.913961][T11554] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 3277.107441][T11561] loop1: detected capacity change from 0 to 2048 [ 3277.232656][T11561] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 3277.846400][ T8484] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 3280.019251][T11587] xt_CT: You must specify a L4 protocol and not use inversions on it [ 3280.356520][T11593] netlink: 68 bytes leftover after parsing attributes in process `syz.2.12807'. [ 3283.265717][T10089] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 3283.353437][T11622] xt_CT: You must specify a L4 protocol and not use inversions on it [ 3283.464624][T11624] loop1: detected capacity change from 0 to 512 [ 3283.488342][T11624] EXT4-fs: Ignoring removed i_version option [ 3283.517901][T11624] EXT4-fs: Ignoring removed nobh option [ 3283.537714][T11624] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 3283.572759][T11624] EXT4-fs (loop1): 1 truncate cleaned up [ 3283.597973][T11624] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 3285.131609][T10089] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 3289.779433][ T28] audit: type=1326 audit(1763233777.208:4460): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11692 comm="syz.0.12843" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f561718f6c9 code=0x7ffc0000 [ 3290.017171][ T28] audit: type=1326 audit(1763233777.218:4461): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11692 comm="syz.0.12843" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f561718f6c9 code=0x7ffc0000 [ 3290.412161][ T28] audit: type=1326 audit(1763233777.218:4462): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11692 comm="syz.0.12843" exe="/root/syz-executor" sig=0 arch=c000003e syscall=160 compat=0 ip=0x7f561718f6c9 code=0x7ffc0000 [ 3290.443934][ T28] audit: type=1326 audit(1763233777.218:4463): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11692 comm="syz.0.12843" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f561718f6c9 code=0x7ffc0000 [ 3290.466754][ T28] audit: type=1326 audit(1763233777.218:4464): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11692 comm="syz.0.12843" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f561718f6c9 code=0x7ffc0000 [ 3290.530392][ T28] audit: type=1326 audit(1763233777.218:4465): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11692 comm="syz.0.12843" exe="/root/syz-executor" sig=0 arch=c000003e syscall=430 compat=0 ip=0x7f561718f6c9 code=0x7ffc0000 [ 3290.559019][ T28] audit: type=1326 audit(1763233777.218:4466): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11692 comm="syz.0.12843" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f561718f6c9 code=0x7ffc0000 [ 3290.584173][ T28] audit: type=1326 audit(1763233777.218:4467): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11692 comm="syz.0.12843" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f561718f6c9 code=0x7ffc0000 [ 3290.608241][ T28] audit: type=1326 audit(1763233777.218:4468): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11692 comm="syz.0.12843" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f561718f6c9 code=0x7ffc0000 [ 3290.639015][ T28] audit: type=1326 audit(1763233777.218:4469): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11692 comm="syz.0.12843" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f561718f6c9 code=0x7ffc0000 [ 3290.934501][T11706] netlink: 68 bytes leftover after parsing attributes in process `syz.0.12845'. [ 3290.989855][T11711] loop2: detected capacity change from 0 to 2048 [ 3291.033830][T11711] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 3293.304952][T11739] xt_CT: You must specify a L4 protocol and not use inversions on it [ 3293.677886][ T8484] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 3295.198214][T11778] loop2: detected capacity change from 0 to 2048 [ 3295.319678][T11778] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 3296.162038][ T8484] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 3296.494445][T11796] netlink: 'syz.2.12877': attribute type 3 has an invalid length. [ 3296.503086][T11796] netlink: 'syz.2.12877': attribute type 3 has an invalid length. [ 3297.741819][T11808] loop2: detected capacity change from 0 to 256 [ 3298.062915][ T28] kauditd_printk_skb: 19 callbacks suppressed [ 3298.062932][ T28] audit: type=1326 audit(1763233785.528:4489): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11813 comm="syz.1.12887" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc43e18f6c9 code=0x7ffc0000 [ 3298.160464][ T28] audit: type=1326 audit(1763233785.528:4490): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11813 comm="syz.1.12887" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fc43e1915e7 code=0x7ffc0000 [ 3298.219535][ T28] audit: type=1326 audit(1763233785.528:4491): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11813 comm="syz.1.12887" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7fc43e19155c code=0x7ffc0000 [ 3298.279065][ T28] audit: type=1326 audit(1763233785.528:4492): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11813 comm="syz.1.12887" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7fc43e191494 code=0x7ffc0000 [ 3298.350617][ T28] audit: type=1326 audit(1763233785.528:4493): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11813 comm="syz.1.12887" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7fc43e191494 code=0x7ffc0000 [ 3298.417036][ T28] audit: type=1326 audit(1763233785.528:4494): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11813 comm="syz.1.12887" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fc43e18e32a code=0x7ffc0000 [ 3298.485145][ T28] audit: type=1326 audit(1763233785.568:4495): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11813 comm="syz.1.12887" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc43e18f6c9 code=0x7ffc0000 [ 3298.533630][ T28] audit: type=1326 audit(1763233785.568:4496): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11813 comm="syz.1.12887" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc43e18f6c9 code=0x7ffc0000 [ 3300.911949][T11846] netlink: 68 bytes leftover after parsing attributes in process `syz.3.12899'. [ 3306.976078][T11930] loop1: detected capacity change from 0 to 512 [ 3307.028093][T11930] Quota error (device loop1): v2_read_file_info: Free block number 1 out of range (1, 6). [ 3307.038398][T11930] EXT4-fs warning (device loop1): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 3307.071507][T11930] EXT4-fs (loop1): mount failed [ 3315.033308][T12006] block device autoloading is deprecated and will be removed. [ 3316.024735][T12016] netlink: 8 bytes leftover after parsing attributes in process `syz.3.12959'. [ 3318.421345][T12051] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3851450944 (3851450944 ns) > initial count (1115526657 ns). Using initial count to start timer. [ 3320.838112][T12080] bridge: RTM_NEWNEIGH with invalid ether address [ 3321.267931][ T28] audit: type=1326 audit(1763233808.728:4497): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12083 comm="syz.2.12991" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51c6d8f6c9 code=0x7ffc0000 [ 3321.330653][ T28] audit: type=1326 audit(1763233808.728:4498): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12083 comm="syz.2.12991" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51c6d8f6c9 code=0x7ffc0000 [ 3321.404603][ T28] audit: type=1326 audit(1763233808.768:4499): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12083 comm="syz.2.12991" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f51c6d915e7 code=0x7ffc0000 [ 3321.482480][ T28] audit: type=1326 audit(1763233808.768:4500): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12083 comm="syz.2.12991" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7f51c6d9155c code=0x7ffc0000 [ 3321.547766][ T28] audit: type=1326 audit(1763233808.768:4501): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12083 comm="syz.2.12991" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f51c6d91494 code=0x7ffc0000 [ 3321.610576][ T28] audit: type=1326 audit(1763233808.768:4502): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12083 comm="syz.2.12991" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f51c6d91494 code=0x7ffc0000 [ 3321.663834][ T28] audit: type=1326 audit(1763233808.768:4503): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12083 comm="syz.2.12991" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f51c6d8e32a code=0x7ffc0000 [ 3321.764648][ T28] audit: type=1326 audit(1763233808.768:4504): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12083 comm="syz.2.12991" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51c6d8f6c9 code=0x7ffc0000 [ 3321.799755][ T28] audit: type=1326 audit(1763233808.768:4505): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12083 comm="syz.2.12991" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51c6d8f6c9 code=0x7ffc0000 [ 3322.257432][T12110] xt_CT: You must specify a L4 protocol and not use inversions on it [ 3323.588371][T12129] loop1: detected capacity change from 0 to 512 [ 3323.645695][T12129] EXT4-fs: Ignoring removed i_version option [ 3323.685593][T12129] EXT4-fs: Ignoring removed nobh option [ 3323.727367][T12129] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 3323.835816][T12129] EXT4-fs (loop1): 1 truncate cleaned up [ 3323.871713][T12129] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 3324.265733][T12139] netlink: 8 bytes leftover after parsing attributes in process `syz.1.13011'. [ 3324.778029][T10089] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 3324.940310][T29229] usb 4-1: new high-speed USB device number 22 using dummy_hcd [ 3325.130698][T29229] usb 4-1: Using ep0 maxpacket: 8 [ 3325.138112][T29229] usb 4-1: unable to get BOS descriptor or descriptor too short [ 3325.169317][T29229] usb 4-1: New USB device found, idVendor=1a0a, idProduct=0104, bcdDevice=55.44 [ 3325.195524][T29229] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 3325.214082][T29229] usb 4-1: Product: syz [ 3325.229520][T29229] usb 4-1: Manufacturer: syz [ 3325.237471][T12154] xt_CT: You must specify a L4 protocol and not use inversions on it [ 3325.252935][T29229] usb 4-1: SerialNumber: syz [ 3325.540619][T29229] usb_ehset_test: probe of 4-1:4.0 failed with error -32 [ 3325.606344][T29229] usb 4-1: USB disconnect, device number 22 [ 3328.005692][ T1280] ieee802154 phy0 wpan0: encryption failed: -22 [ 3328.012306][ T1280] ieee802154 phy1 wpan1: encryption failed: -22 [ 3329.307438][T12198] tipc: Started in network mode [ 3329.323743][T12198] tipc: Node identity 4, cluster identity 4711 [ 3329.332430][T12198] tipc: Node number set to 4 [ 3329.479390][T12203] loop0: detected capacity change from 0 to 512 [ 3329.522592][T12203] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem [ 3329.563800][T12203] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a017c11c, mo2=0002] [ 3329.604799][T12203] System zones: 1-12 [ 3329.660085][T12203] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2249: inode #15: comm syz.0.13044: corrupted in-inode xattr: e_value size too large [ 3329.733791][T12203] EXT4-fs error (device loop0): ext4_orphan_get:1404: comm syz.0.13044: couldn't read orphan inode 15 (err -117) [ 3329.777879][T12203] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 3330.729048][ T8176] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 3331.099959][ T28] audit: type=1326 audit(1763233818.558:4506): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12221 comm="syz.0.13047" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f561718f6c9 code=0x0 [ 3332.920267][ T5852] usb 2-1: new high-speed USB device number 42 using dummy_hcd [ 3333.120996][ T5852] usb 2-1: Using ep0 maxpacket: 8 [ 3333.132358][ T5852] usb 2-1: config 179 has an invalid interface number: 65 but max is 0 [ 3333.154404][ T5852] usb 2-1: config 179 has no interface number 0 [ 3333.179029][ T5852] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 3333.210413][ T5852] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 3333.240405][ T5852] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 3333.261938][ T5852] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024 [ 3333.290240][ T5852] usb 2-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 3333.330245][ T5852] usb 2-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 3333.349723][ T5852] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 3333.374532][T12245] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 3333.860459][T12245] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 3333.869887][T12245] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 3334.127236][T17951] usb 2-1: USB disconnect, device number 42 [ 3334.127269][ C1] xpad 2-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 3334.141986][ C1] xpad 2-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 3334.151398][ C1] ================================================================== [ 3334.159494][ C1] BUG: KASAN: slab-use-after-free in do_raw_spin_lock+0x26d/0x2c0 [ 3334.167339][ C1] Read of size 4 at addr ffff888064f4985c by task syz.0.13062/12254 [ 3334.175340][ C1] [ 3334.177706][ C1] CPU: 1 PID: 12254 Comm: syz.0.13062 Not tainted syzkaller #0 [ 3334.185363][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 3334.195471][ C1] Call Trace: [ 3334.198772][ C1] [ 3334.201644][ C1] dump_stack_lvl+0x16c/0x230 [ 3334.206366][ C1] ? __lock_acquire+0x7c80/0x7c80 [ 3334.211408][ C1] ? show_regs_print_info+0x20/0x20 [ 3334.216639][ C1] ? load_image+0x3b0/0x3b0 [ 3334.221173][ C1] ? __virt_addr_valid+0x469/0x540 [ 3334.226396][ C1] print_report+0xac/0x220 [ 3334.230840][ C1] ? do_raw_spin_lock+0x26d/0x2c0 [ 3334.235897][ C1] kasan_report+0x117/0x150 [ 3334.240607][ C1] ? do_raw_spin_lock+0x26d/0x2c0 [ 3334.245671][ C1] do_raw_spin_lock+0x26d/0x2c0 [ 3334.250620][ C1] ? read_lock_is_recursive+0x20/0x20 [ 3334.256032][ C1] ? __rwlock_init+0x150/0x150 [ 3334.260823][ C1] _raw_spin_lock_irqsave+0xb4/0xf0 [ 3334.266050][ C1] ? _raw_spin_lock+0x40/0x40 [ 3334.270754][ C1] __wake_up+0xf8/0x190 [ 3334.274933][ C1] ? __wake_up_bit+0x1e0/0x1e0 [ 3334.279729][ C1] __usb_hcd_giveback_urb+0x396/0x520 [ 3334.285224][ C1] dummy_timer+0x88a/0x3140 [ 3334.289882][ C1] ? mark_lock+0x94/0x320 [ 3334.294241][ C1] ? lock_chain_count+0x20/0x20 [ 3334.299114][ C1] ? _raw_spin_unlock_irqrestore+0x86/0x110 [ 3334.305051][ C1] ? dummy_free_streams+0x530/0x530 [ 3334.310278][ C1] ? debug_object_deactivate+0x67/0x350 [ 3334.315849][ C1] __hrtimer_run_queues+0x51e/0xc40 [ 3334.321164][ C1] ? dummy_free_streams+0x530/0x530 [ 3334.326384][ C1] ? hrtimer_interrupt+0x9c0/0x9c0 [ 3334.331513][ C1] ? ktime_get_update_offsets_now+0x3d2/0x3f0 [ 3334.337613][ C1] hrtimer_run_softirq+0x187/0x2b0 [ 3334.342743][ C1] handle_softirqs+0x280/0x820 [ 3334.347682][ C1] ? __irq_exit_rcu+0xc7/0x190 [ 3334.352478][ C1] ? do_softirq+0x180/0x180 [ 3334.357017][ C1] ? irqtime_account_irq+0xb6/0x1c0 [ 3334.362255][ C1] __irq_exit_rcu+0xc7/0x190 [ 3334.366900][ C1] ? irq_exit_rcu+0x20/0x20 [ 3334.371437][ C1] irq_exit_rcu+0x9/0x20 [ 3334.375698][ C1] sysvec_apic_timer_interrupt+0xa4/0xc0 [ 3334.381371][ C1] [ 3334.384314][ C1] [ 3334.387271][ C1] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 3334.393290][ C1] RIP: 0010:lock_acquire+0x1f2/0x410 [ 3334.398605][ C1] Code: 00 9c 8f 84 24 80 00 00 00 f6 84 24 81 00 00 00 02 0f 85 f5 00 00 00 41 f7 c6 00 02 00 00 74 01 fb 48 c7 44 24 60 0e 36 e0 45 <4b> c7 04 3c 00 00 00 00 66 43 c7 44 3c 09 00 00 43 c6 44 3c 0b 00 [ 3334.418229][ C1] RSP: 0000:ffffc90004ccf8c0 EFLAGS: 00000206 [ 3334.424318][ C1] RAX: 0000000000000001 RBX: 0000000000000000 RCX: 38018a5254135100 [ 3334.432307][ C1] RDX: 0000000000000000 RSI: ffffffff8aaace60 RDI: ffffffff8afc6b00 [ 3334.440615][ C1] RBP: ffffc90004ccf9d0 R08: dffffc0000000000 R09: 1ffffffff21b50a0 [ 3334.448606][ C1] R10: dffffc0000000000 R11: fffffbfff21b50a1 R12: 1ffff92000999f24 [ 3334.456621][ C1] R13: ffffffff8cd2ffa0 R14: 0000000000000246 R15: dffffc0000000000 [ 3334.464707][ C1] ? lock_chain_count+0x20/0x20 [ 3334.469566][ C1] ? percpu_counter_add_batch+0x1d9/0x280 [ 3334.475317][ C1] ? read_lock_is_recursive+0x20/0x20 [ 3334.480702][ C1] ? percpu_counter_add_batch+0x22b/0x280 [ 3334.486446][ C1] ? pfn_valid+0xcd/0x420 [ 3334.490779][ C1] pfn_valid+0xe9/0x420 [ 3334.495034][ C1] ? pfn_valid+0xcd/0x420 [ 3334.499373][ C1] page_table_check_set+0x25/0x6f0 [ 3334.504501][ C1] set_pte_range+0x679/0x6a0 [ 3334.509168][ C1] filemap_map_pages+0xcdd/0x1630 [ 3334.514322][ C1] ? filemap_map_pages+0x154/0x1630 [ 3334.519545][ C1] ? filemap_read_folio+0x760/0x760 [ 3334.524770][ C1] handle_mm_fault+0x379b/0x4920 [ 3334.529729][ C1] ? handle_mm_fault+0xd1/0x4920 [ 3334.534679][ C1] ? lock_vma_under_rcu+0x526/0x650 [ 3334.539880][ C1] ? numa_migrate_prep+0x350/0x350 [ 3334.545020][ C1] ? do_user_addr_fault+0x1c3/0x12e0 [ 3334.550325][ C1] do_user_addr_fault+0xad0/0x12e0 [ 3334.555472][ C1] ? rcu_is_watching+0x15/0xb0 [ 3334.560360][ C1] exc_page_fault+0x67/0x110 [ 3334.564974][ C1] asm_exc_page_fault+0x26/0x30 [ 3334.569837][ C1] RIP: 0033:0x7f561706f24d [ 3334.574271][ C1] Code: ff 48 83 e8 01 48 89 ee bf 01 00 00 00 48 c1 e0 0e 48 c1 ee 06 48 01 c8 48 89 e9 81 e6 ff 3f 00 00 48 c1 e9 03 83 e1 07 d3 e7 <40> 84 bc 06 20 20 00 00 0f 85 11 fd ff ff e9 c0 fd ff ff e8 fb 26 [ 3334.593891][ C1] RSP: 002b:00007fff0d86df60 EFLAGS: 00010202 [ 3334.599993][ C1] RAX: 000000110c2f4000 RBX: 00007f5617f15720 RCX: 0000000000000004 [ 3334.607980][ C1] RDX: 0000000000000464 RSI: 0000000000002a11 RDI: 0000000000000010 [ 3334.615981][ C1] RBP: ffffffff81aa8464 R08: 00007f56173e6038 R09: 00007f56173d2000 [ 3334.623966][ C1] R10: 00007f5616bff008 R11: 0000000000000000 R12: 0000000000000000 [ 3334.632043][ C1] R13: 0000000000000000 R14: ffffffff81aa8559 R15: 0000000000000012 [ 3334.640039][ C1] ? bpf_lsm_socket_create+0x9/0x10 [ 3334.645251][ C1] ? bpf_lsm_d_instantiate+0x4/0x10 [ 3334.650556][ C1] [ 3334.653600][ C1] [ 3334.655942][ C1] Allocated by task 5852: [ 3334.660264][ C1] kasan_set_track+0x4e/0x70 [ 3334.664880][ C1] __kasan_kmalloc+0x8f/0xa0 [ 3334.669484][ C1] xpad_probe+0x41c/0x1ec0 [ 3334.673907][ C1] usb_probe_interface+0x5a4/0xb00 [ 3334.679034][ C1] really_probe+0x25b/0xb40 [ 3334.683548][ C1] __driver_probe_device+0x18c/0x330 [ 3334.688866][ C1] driver_probe_device+0x4f/0x420 [ 3334.693899][ C1] __device_attach_driver+0x2ca/0x520 [ 3334.699273][ C1] bus_for_each_drv+0x24b/0x2d0 [ 3334.704126][ C1] __device_attach+0x2b5/0x400 [ 3334.708914][ C1] bus_probe_device+0x180/0x260 [ 3334.713762][ C1] device_add+0x85b/0xc20 [ 3334.718091][ C1] usb_set_configuration+0x1a79/0x20c0 [ 3334.723550][ C1] usb_generic_driver_probe+0x8d/0x150 [ 3334.729027][ C1] usb_probe_device+0x13d/0x280 [ 3334.733903][ C1] really_probe+0x25b/0xb40 [ 3334.738437][ C1] __driver_probe_device+0x18c/0x330 [ 3334.743732][ C1] driver_probe_device+0x4f/0x420 [ 3334.748765][ C1] __device_attach_driver+0x2ca/0x520 [ 3334.754152][ C1] bus_for_each_drv+0x24b/0x2d0 [ 3334.759019][ C1] __device_attach+0x2b5/0x400 [ 3334.763787][ C1] bus_probe_device+0x180/0x260 [ 3334.768680][ C1] device_add+0x85b/0xc20 [ 3334.773064][ C1] usb_new_device+0xa31/0x1630 [ 3334.777850][ C1] hub_event+0x2962/0x49c0 [ 3334.782273][ C1] process_scheduled_works+0xa45/0x15b0 [ 3334.787842][ C1] worker_thread+0xa55/0xfc0 [ 3334.792445][ C1] kthread+0x2fa/0x390 [ 3334.796526][ C1] ret_from_fork+0x48/0x80 [ 3334.800953][ C1] ret_from_fork_asm+0x11/0x20 [ 3334.805735][ C1] [ 3334.808056][ C1] Freed by task 17951: [ 3334.812125][ C1] kasan_set_track+0x4e/0x70 [ 3334.816728][ C1] kasan_save_free_info+0x2e/0x50 [ 3334.821751][ C1] ____kasan_slab_free+0x126/0x1e0 [ 3334.826853][ C1] slab_free_freelist_hook+0x130/0x1b0 [ 3334.832332][ C1] __kmem_cache_free+0xba/0x1f0 [ 3334.837197][ C1] xpad_disconnect+0x350/0x480 [ 3334.841969][ C1] usb_unbind_interface+0x1f2/0x870 [ 3334.847193][ C1] device_release_driver_internal+0x4cb/0x7a0 [ 3334.853469][ C1] bus_remove_device+0x342/0x400 [ 3334.858416][ C1] device_del+0x50b/0x900 [ 3334.862754][ C1] usb_disable_device+0x3e9/0x8a0 [ 3334.867778][ C1] usb_disconnect+0x34c/0x8a0 [ 3334.872456][ C1] hub_event+0x1cef/0x49c0 [ 3334.876856][ C1] process_scheduled_works+0xa45/0x15b0 [ 3334.882408][ C1] worker_thread+0xa55/0xfc0 [ 3334.887003][ C1] kthread+0x2fa/0x390 [ 3334.891068][ C1] ret_from_fork+0x48/0x80 [ 3334.895473][ C1] ret_from_fork_asm+0x11/0x20 [ 3334.900232][ C1] [ 3334.902542][ C1] The buggy address belongs to the object at ffff888064f49800 [ 3334.902542][ C1] which belongs to the cache kmalloc-1k of size 1024 [ 3334.916606][ C1] The buggy address is located 92 bytes inside of [ 3334.916606][ C1] freed 1024-byte region [ffff888064f49800, ffff888064f49c00) [ 3334.930761][ C1] [ 3334.933078][ C1] The buggy address belongs to the physical page: [ 3334.939501][ C1] page:ffffea000193d200 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x64f48 [ 3334.949672][ C1] head:ffffea000193d200 order:3 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 3334.958679][ C1] flags: 0xfff00000000840(slab|head|node=0|zone=1|lastcpupid=0x7ff) [ 3334.966686][ C1] page_type: 0xffffffff() [ 3334.971024][ C1] raw: 00fff00000000840 ffff888017841dc0 ffffea0000915e00 dead000000000002 [ 3334.979617][ C1] raw: 0000000000000000 0000000000100010 00000001ffffffff 0000000000000000 [ 3334.988196][ C1] page dumped because: kasan: bad access detected [ 3334.994610][ C1] page_owner tracks the page as allocated [ 3335.000312][ C1] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x1d20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL), pid 1830, tgid 1830 (syz-executor), ts 2473828125063, free_ts 2471822388565 [ 3335.023481][ C1] post_alloc_hook+0x1cd/0x210 [ 3335.028244][ C1] get_page_from_freelist+0x195c/0x19f0 [ 3335.033781][ C1] __alloc_pages+0x1e3/0x460 [ 3335.038360][ C1] alloc_slab_page+0x5d/0x170 [ 3335.043028][ C1] new_slab+0x87/0x2e0 [ 3335.047086][ C1] ___slab_alloc+0xc6d/0x1300 [ 3335.051772][ C1] __kmem_cache_alloc_node+0x1a2/0x260 [ 3335.057250][ C1] kmalloc_trace+0x2a/0xe0 [ 3335.061670][ C1] rxrpc_alloc_connection+0x7b/0x550 [ 3335.066967][ C1] rxrpc_prealloc_service_connection+0x26/0x2e0 [ 3335.073199][ C1] rxrpc_service_prealloc_one+0x2d6/0xd40 [ 3335.078996][ C1] rxrpc_kernel_charge_accept+0xd4/0x100 [ 3335.084616][ C1] afs_charge_preallocation+0x3a4/0x4f0 [ 3335.090150][ C1] afs_open_socket+0x29c/0x330 [ 3335.094924][ C1] afs_net_init+0x7bc/0x9a0 [ 3335.099426][ C1] ops_init+0x397/0x640 [ 3335.103576][ C1] page last free stack trace: [ 3335.108315][ C1] free_unref_page_prepare+0x7ce/0x8e0 [ 3335.113797][ C1] free_unref_page+0x32/0x2e0 [ 3335.118479][ C1] __unfreeze_partials+0x1cf/0x210 [ 3335.123591][ C1] put_cpu_partial+0x17c/0x250 [ 3335.128356][ C1] __slab_free+0x31d/0x410 [ 3335.132768][ C1] qlist_free_all+0x75/0xe0 [ 3335.137280][ C1] kasan_quarantine_reduce+0x143/0x160 [ 3335.142749][ C1] __kasan_slab_alloc+0x22/0x80 [ 3335.147616][ C1] slab_post_alloc_hook+0x6e/0x4d0 [ 3335.152746][ C1] __kmem_cache_alloc_node+0x13e/0x260 [ 3335.158227][ C1] __kmalloc+0xa4/0x240 [ 3335.162385][ C1] tracepoint_probe_unregister+0x251/0x930 [ 3335.168292][ C1] bpf_raw_tp_link_release+0x63/0x90 [ 3335.173589][ C1] bpf_link_free+0x131/0x310 [ 3335.178195][ C1] bpf_link_release+0x6e/0x80 [ 3335.182875][ C1] __fput+0x234/0x970 [ 3335.186855][ C1] [ 3335.189178][ C1] Memory state around the buggy address: [ 3335.194789][ C1] ffff888064f49700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 3335.202837][ C1] ffff888064f49780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 3335.210925][ C1] >ffff888064f49800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 3335.219000][ C1] ^ [ 3335.225935][ C1] ffff888064f49880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 3335.233994][ C1] ffff888064f49900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 3335.242047][ C1] ================================================================== [ 3335.250131][ C1] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 3335.257334][ C1] CPU: 1 PID: 12254 Comm: syz.0.13062 Not tainted syzkaller #0 [ 3335.264880][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 3335.274928][ C1] Call Trace: [ 3335.278202][ C1] [ 3335.281033][ C1] dump_stack_lvl+0x16c/0x230 [ 3335.285709][ C1] ? show_regs_print_info+0x20/0x20 [ 3335.290898][ C1] ? load_image+0x3b0/0x3b0 [ 3335.295394][ C1] panic+0x2c0/0x710 [ 3335.299277][ C1] ? bpf_jit_dump+0xd0/0xd0 [ 3335.303767][ C1] ? _raw_spin_unlock_irqrestore+0xae/0x110 [ 3335.309648][ C1] ? _raw_spin_unlock+0x40/0x40 [ 3335.314553][ C1] ? print_memory_metadata+0x314/0x400 [ 3335.320095][ C1] ? do_raw_spin_lock+0x26d/0x2c0 [ 3335.325110][ C1] check_panic_on_warn+0x84/0xa0 [ 3335.330037][ C1] ? do_raw_spin_lock+0x26d/0x2c0 [ 3335.335075][ C1] end_report+0x6f/0x140 [ 3335.339306][ C1] kasan_report+0x128/0x150 [ 3335.343819][ C1] ? do_raw_spin_lock+0x26d/0x2c0 [ 3335.348836][ C1] do_raw_spin_lock+0x26d/0x2c0 [ 3335.353684][ C1] ? read_lock_is_recursive+0x20/0x20 [ 3335.359043][ C1] ? __rwlock_init+0x150/0x150 [ 3335.363798][ C1] _raw_spin_lock_irqsave+0xb4/0xf0 [ 3335.368982][ C1] ? _raw_spin_lock+0x40/0x40 [ 3335.373646][ C1] __wake_up+0xf8/0x190 [ 3335.377808][ C1] ? __wake_up_bit+0x1e0/0x1e0 [ 3335.382562][ C1] __usb_hcd_giveback_urb+0x396/0x520 [ 3335.387925][ C1] dummy_timer+0x88a/0x3140 [ 3335.392431][ C1] ? mark_lock+0x94/0x320 [ 3335.396752][ C1] ? lock_chain_count+0x20/0x20 [ 3335.401677][ C1] ? _raw_spin_unlock_irqrestore+0x86/0x110 [ 3335.407588][ C1] ? dummy_free_streams+0x530/0x530 [ 3335.412855][ C1] ? debug_object_deactivate+0x67/0x350 [ 3335.418429][ C1] __hrtimer_run_queues+0x51e/0xc40 [ 3335.423643][ C1] ? dummy_free_streams+0x530/0x530 [ 3335.428846][ C1] ? hrtimer_interrupt+0x9c0/0x9c0 [ 3335.433953][ C1] ? ktime_get_update_offsets_now+0x3d2/0x3f0 [ 3335.440011][ C1] hrtimer_run_softirq+0x187/0x2b0 [ 3335.445112][ C1] handle_softirqs+0x280/0x820 [ 3335.449863][ C1] ? __irq_exit_rcu+0xc7/0x190 [ 3335.454620][ C1] ? do_softirq+0x180/0x180 [ 3335.459108][ C1] ? irqtime_account_irq+0xb6/0x1c0 [ 3335.464386][ C1] __irq_exit_rcu+0xc7/0x190 [ 3335.468988][ C1] ? irq_exit_rcu+0x20/0x20 [ 3335.473593][ C1] irq_exit_rcu+0x9/0x20 [ 3335.477949][ C1] sysvec_apic_timer_interrupt+0xa4/0xc0 [ 3335.483602][ C1] [ 3335.486524][ C1] [ 3335.489440][ C1] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 3335.495409][ C1] RIP: 0010:lock_acquire+0x1f2/0x410 [ 3335.500685][ C1] Code: 00 9c 8f 84 24 80 00 00 00 f6 84 24 81 00 00 00 02 0f 85 f5 00 00 00 41 f7 c6 00 02 00 00 74 01 fb 48 c7 44 24 60 0e 36 e0 45 <4b> c7 04 3c 00 00 00 00 66 43 c7 44 3c 09 00 00 43 c6 44 3c 0b 00 [ 3335.520369][ C1] RSP: 0000:ffffc90004ccf8c0 EFLAGS: 00000206 [ 3335.526542][ C1] RAX: 0000000000000001 RBX: 0000000000000000 RCX: 38018a5254135100 [ 3335.534499][ C1] RDX: 0000000000000000 RSI: ffffffff8aaace60 RDI: ffffffff8afc6b00 [ 3335.542455][ C1] RBP: ffffc90004ccf9d0 R08: dffffc0000000000 R09: 1ffffffff21b50a0 [ 3335.550410][ C1] R10: dffffc0000000000 R11: fffffbfff21b50a1 R12: 1ffff92000999f24 [ 3335.558371][ C1] R13: ffffffff8cd2ffa0 R14: 0000000000000246 R15: dffffc0000000000 [ 3335.566347][ C1] ? lock_chain_count+0x20/0x20 [ 3335.571198][ C1] ? percpu_counter_add_batch+0x1d9/0x280 [ 3335.576923][ C1] ? read_lock_is_recursive+0x20/0x20 [ 3335.582297][ C1] ? percpu_counter_add_batch+0x22b/0x280 [ 3335.588009][ C1] ? pfn_valid+0xcd/0x420 [ 3335.592328][ C1] pfn_valid+0xe9/0x420 [ 3335.596471][ C1] ? pfn_valid+0xcd/0x420 [ 3335.600804][ C1] page_table_check_set+0x25/0x6f0 [ 3335.605929][ C1] set_pte_range+0x679/0x6a0 [ 3335.610623][ C1] filemap_map_pages+0xcdd/0x1630 [ 3335.615653][ C1] ? filemap_map_pages+0x154/0x1630 [ 3335.620858][ C1] ? filemap_read_folio+0x760/0x760 [ 3335.626066][ C1] handle_mm_fault+0x379b/0x4920 [ 3335.631016][ C1] ? handle_mm_fault+0xd1/0x4920 [ 3335.636050][ C1] ? lock_vma_under_rcu+0x526/0x650 [ 3335.641240][ C1] ? numa_migrate_prep+0x350/0x350 [ 3335.646346][ C1] ? do_user_addr_fault+0x1c3/0x12e0 [ 3335.651640][ C1] do_user_addr_fault+0xad0/0x12e0 [ 3335.656762][ C1] ? rcu_is_watching+0x15/0xb0 [ 3335.661525][ C1] exc_page_fault+0x67/0x110 [ 3335.666106][ C1] asm_exc_page_fault+0x26/0x30 [ 3335.670982][ C1] RIP: 0033:0x7f561706f24d [ 3335.675384][ C1] Code: ff 48 83 e8 01 48 89 ee bf 01 00 00 00 48 c1 e0 0e 48 c1 ee 06 48 01 c8 48 89 e9 81 e6 ff 3f 00 00 48 c1 e9 03 83 e1 07 d3 e7 <40> 84 bc 06 20 20 00 00 0f 85 11 fd ff ff e9 c0 fd ff ff e8 fb 26 [ 3335.694981][ C1] RSP: 002b:00007fff0d86df60 EFLAGS: 00010202 [ 3335.701049][ C1] RAX: 000000110c2f4000 RBX: 00007f5617f15720 RCX: 0000000000000004 [ 3335.709010][ C1] RDX: 0000000000000464 RSI: 0000000000002a11 RDI: 0000000000000010 [ 3335.716965][ C1] RBP: ffffffff81aa8464 R08: 00007f56173e6038 R09: 00007f56173d2000 [ 3335.724948][ C1] R10: 00007f5616bff008 R11: 0000000000000000 R12: 0000000000000000 [ 3335.732922][ C1] R13: 0000000000000000 R14: ffffffff81aa8559 R15: 0000000000000012 [ 3335.740886][ C1] ? bpf_lsm_socket_create+0x9/0x10 [ 3335.746081][ C1] ? bpf_lsm_d_instantiate+0x4/0x10 [ 3335.751278][ C1] [ 3335.754588][ C1] Kernel Offset: disabled [ 3335.758896][ C1] Rebooting in 86400 seconds..