last executing test programs: 1m9.33298178s ago: executing program 3 (id=335): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='signal_generate\x00', r1, 0x0, 0x4}, 0x18) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) writev(r2, &(0x7f0000000d00)=[{0x0}, {&(0x7f0000000000)="2303942fe0dfd8f8c04e6ae35e91", 0xe}], 0x2) 1m8.199908267s ago: executing program 3 (id=336): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sched_switch\x00', r1, 0x0, 0x20000000}, 0x18) openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = socket$kcm(0x21, 0x2, 0x2) sendmsg$kcm(r2, &(0x7f0000000140)={&(0x7f0000000440)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @loopback}}, 0x80, &(0x7f00000004c0)=[{&(0x7f0000000100)="a6", 0xfffffcf4}, {0x0, 0x300}], 0x2, &(0x7f0000001a00)=ANY=[@ANYBLOB="180000000000000010010000010000007d95df16a39b1a6c900000000000000001000005040500002b24ec10064b6f2f000000fb718aef932f3889d1fdda5b00000009860f5878c37ffe36e1165814d435be5b317c6c8189767d2f97879f07a515bb7c169f46933d9338f4ab04834e6f618988c5944741afe403461323110f62055394412158e7a3adb164d641aa40d4ab077fe34232aa8b319d7666d0998a61d7da0c86d70000001010"], 0x10b8}, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r3, 0x0, 0x0) setsockopt$inet6_tcp_TCP_ULP(r3, 0x6, 0x1f, &(0x7f00000002c0), 0x4) sendmsg$inet6(r3, 0x0, 0x40001080) setsockopt$inet6_tcp_TLS_TX(r3, 0x11a, 0x2, &(0x7f0000000100)=@gcm_128={{0x304}, "fd9192068590ef44", "4ded6853efa14266912ec2cb350be183", "15861006", "84d6d4ab8749281f"}, 0x28) 1m8.110166257s ago: executing program 3 (id=337): open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x22) socket$inet6(0xa, 0x2, 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) socket$inet6_mptcp(0xa, 0x1, 0x106) socket(0x10, 0x3, 0x0) epoll_create1(0x80000) pipe(&(0x7f0000000000)) socket$kcm(0x22, 0x2, 0x21) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x50) r0 = socket$kcm(0xa, 0x6, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000007c0)='memory.events\x00', 0x26e1, 0x0) setsockopt$sock_attach_bpf(r0, 0x10d, 0xa, &(0x7f0000000000)=r1, 0x4) 1m7.99569124s ago: executing program 3 (id=338): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x13, &(0x7f00000002c0)=ANY=[@ANYBLOB], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='block_split\x00', r0}, 0x10) syz_mount_image$ext4(&(0x7f0000001100)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x2000480, &(0x7f0000004080), 0x1, 0x762, &(0x7f0000001180)="$eJzs3c9rHFUcAPDvbJKmTauJIGg9BQQNlG5Mja2Ch4oHESwU9GxdNttQs8mW7KY0IaAighdBxYOgl579UW/exB9X/S88SEvVtFjxIJHZzKbbZrfJpkmWup8PTPt9M7N5892Zee/tzrATQM8aTf/JRRyOiA+TiOFsfhIRA/WoP+Lk2no3V5aL6ZTE6uqrfyT1dW6sLBej6TWpg1nh0Yj48b2II7mN9VYXl2YK5XJpPiuP12bPj1cXl46emy1Ml6ZLc8cnJiePnXjmxPGdy/WvX5YOXf3opSe/PvnPu49c/uCnJE7GoWxZcx47ZTRGs/dkIH0Lb/PiTlfWZUm3N4BtSU/NvrWzPA7HcPTVIwDg/+ytiFgFAHpMov8HgB7T+B7gxspysTF19xuJvXXthYjYv5Z/4/rm2pL+7Jrd/vp10KEbyW1XRpKIGNmB+kcj4vNvX/8ynWKXrkMCtPL2d1mwof1PNtyz0KmntrDO6B1l7R/sne/T8c+zrcZ/ufXxT7QY/wy2OHe3Y/PzP3dlB6ppKx3/Pd90b9vNpvwzI31Z6YH6mG8gOXuuXErbtgcjYiwGBtPyxF3qGLv+7/V2y5rHf39+/OYXaf3p/7fWyF3pH7z9NVOFWuFecm527Z2Ix/pb5Z+s7/+kzfj39BbrePm59z9rtyzNP823MW3Mf3etXop4ouX+v3VHW3LX+xPH64fDeOOgaOGbXz8dald/8/5Pp7T+xmeBvZDu/6G75z+SNN+vWe28jp8vDf/Qbtnm+bc+/vclr9Xjfdm8i4VabX4iYl/yysb5x269tlFurJ/mP/Z4Pf8D2Sob2r9Wx3/6mfCNzRLPNqL/6u9fbT//3ZXmP9XR/u88uHxzpq9d/Vvb/5P1aCybs5X2b6sbeC/vHQAAAAAAAAAAAAAAAAAAAAAAAABsVS4iDkWSy6/HuVw+v/YM74djKFeuVGtHzlYW5qai/qzskRjINX7qcrjp91Anst/Db5SP3VF+OiIeiohPBg/Uy/lipTzV7eQBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIHOwzfP/U78NdnvrAIBds7/bGwAA7Dn9PwD0nk77f+MFALj/6c8BoPfo/wGg9+j/AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2GWnT51Kp9W/V5aLaXnqwuLCTOXC0alSdSY/u1DMFyvz5/PTlcp0uZQvVmY3+3vlSuX8ZMwtXByvlaq18eri0pnZysJc7cy52cJ06UxpYE+yAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDOVBeXZgrlcmleIBAI1oNut0wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA94f/AgAA///tuiN0") r1 = creat(&(0x7f0000000000)='./bus\x00', 0x0) r2 = syz_clone(0x20940200, 0x0, 0x9, 0x0, 0x0, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r3, 0x0, 0x100000000}, 0x18) syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000240)='./file0\x00', 0x444, &(0x7f0000000ac0)=ANY=[@ANYBLOB="75746638006d61703d6f983c756661703d6e6f726d616c2c6909000000f2ff00003dda5de4d586f0df206d65656b416d6f64653d3078303030303010303071303030303030302c73657373696f6e3d307830faffffff30303030303030f4e4b4f82c6d61736b3d4d4159574b50be30c8486470722677b93165cfe6f62127553b2017754598752d977369672c7063723d303030303030303030303030303030303030332c64566e745f6d6561737572652c00000000000000006bbf4d6406b59dbc529c00000000000000fada265ab14119997600a2299d2c35a2efc1bf037787a0d801f26d335ef2ba9ac2423a358ccbb776b21e1d3b", @ANYRESDEC=0x0, @ANYRESHEX], 0xfe, 0x667, &(0x7f00000002c0)="$eJzs3U1v28gdx/EfZfmxQFC0xSIIsvFs0gUcNFUkeeOFkR7KUpTNrSQKJF3Yp0W6sRdB5GybpEDjy9aXPgDtG+htL3voiyjQc899Az0WWLS3Ar2oIClKskRZip+Sdr8fI9GI/JPzJ4fRhBY5FAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAkOXUyuWKpYbX2tk1kzm1wG+eMj9d27zupoW7U+uVrPiPlpZ0PZ10/TuD2e/Ef93WzfTdTS3FL0s6+sY733z47WIhW/6UhM5Cr7vCF6+Onj7qdPafn622rnWW5S7FWCYqzLDUltvyQt9r2luu8ULfbG5slO9v10NT9xpuuBdGbtM4gVuI/MCsOXdNZXNz3bilPX+ntVWzG2428cPvV8vlDfPRYq/5739UCp1tr9HwWltJTDw7jlnsHyGu3TTm4Elnf31aknFQZZag6rSgarlarVSq1crGg80HH5bLxbEJ5REaixgctG9P4+MqXdAnN3B+hbj//7slNbSklna0K5P746imQL6aE+b3ZP3/+/fdU+sd7v+zXv76YPYNJf3/rfTdrUn9/4RcjEyyQN4ca8L0s/280Csd6akeqaOO9vX8Yta7enEZXu7PllSUPIXy5akpW1tyZXpTjDa1oQ2V9bG2VVcoo7o8NeQq1J5CRXLVTNokkCtbkXwFMlqTo7syqmhTm1qXkauS9uRrRy1tqSZb/+52uwd6kuz39VNyVBZUmSWo2D8Gx4Mm9f8//Txd4vX6f/z/6R87M8QAb1y3d/4/2VzexNXLywgAAAAAAFw0K/ntu5V8d/+upK7qXsMtv+m0AAAAAADABUq++b8Zv8zHpXdlTTj/7159bgAAAAAA4GJYyT12lqSV5KJ+a3An1CwXAeTeHAAAAAAAAN4uyff/txakbjK02qqs1zr/BwAAAAAA/wN+OzTGfjEbY7ebfa1fkBS2F60//3NRwbx13N79rnVox3Psw17M2BUAUf2GVVQ6UG8yXu+CpOSd4960euMD9wbBtNKBfaWvDqaN9W8FIwkszGW/vshJ4NrRUAIbxd47/V7vpTHv9ep9fFRQMietZaXuNdyS4zceVmTb1wqRuxv94tmTX0pBfzsPnnT2S5981nmc5HIcTzo+jPP4/EQ6hWm5vEzGW0juucjb4mXVsyp/12quWEm95Wz752QfFoYrmm37f63bacztlfR15ShrAVm/6hUqpaTJBlufjA5hDbKojG55XkNMyGIpyeJOGnNn7U76kuWXtsLS9+akamm8DYLhLKrDWUzfF9a/xvbFlCziY2E9zuIv8YomZLH+elmMtQgAvCkHg14oGcR8fIz90X73LJ9y03v3H56s5eUfu+kNh3NSsffdRHoT4qR+RfEn+loatpCO4l68kfOJXu71K0ua8IlePkfvFtf1p8EzkHpp9+YU+1n8p9vtPqwk9f5hpFf9Il7gi4n1ho3qXLwL7788/FkyAH7s0/1P959Vq+sb5Q/K5QdVzSeb0Xuh7wEA5Jj+jJ2TEUuD/qzfd3/QP6t+/I/309KJfvdb/UsKSvpEn6mjx7qXPUJgNb/elaHLEO6Nn7XGscvSaGxF9yae1SV96VBstR87r2yRk/9fGMSuX3YzAABwpW5P6YdH+/+8c/d72Xn32o3c8+6TffnoE4InxVaueE8AAPD14QZfWSvRb6wg8NofVzY3K3a07ZrAd35sAq+25RqvFbmBs223tlzTDvzId/yGaQda9GpuaMKddtsPIlP3A9P2Q283efK76T36PXSbdivynLDdcO3QNY7fimwnMjUvdEx750cNL9x2g2ThsO06Xt1z7MjzWyb0l+W4JWNC1x0K9GpuK/LqXlxsmXbgNe1gz/zEb+w0XVNzQyfw2pGfrjCry2vV/aCZrLak7mkPOgQA4Gvjxaujp486nf3npxSOlRay69FOCV7IW+Eb3kQAADCCXhoAAAAAAAAAAAAAAAAAAAAAgLffLPf/nVrIbgrMpswrJ1jqT/n5tZnWbGkw5cu/nSvDMxQKo1N6I+12py/+17RQzItZjgsLkjrZ7h+OOb7QrVidKVhpoXjx+3BZyjsSLq3wg4OTx+FYTDwzd9Zivy2K5//nkFd49uWEWdOPqMWT+3DhtA08WShKer5wjia4+s8iAFfrvwEAAP//pJI9bA==") r4 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='.\x00', 0x0) faccessat(r4, &(0x7f0000000000)='./file0\x00', 0x5) tgkill(r2, r2, 0x11) fcntl$setstatus(r1, 0x4, 0x6100) write$cgroup_type(r1, &(0x7f0000000200), 0x175d9003) r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[], 0x48) fsopen(&(0x7f0000000080)='romfs\x00', 0x1) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000003000010850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r6}, 0x10) lsm_get_self_attr(0x69, &(0x7f0000000580)={0x0, 0x0, 0x33, 0x13, ""/19}, 0x0, 0x0) 1m7.667972481s ago: executing program 3 (id=339): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='setgroups\x00') close_range(r2, 0xffffffffffffffff, 0x0) 1m7.324328563s ago: executing program 3 (id=340): bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000067dfb4a518110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000060000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffff6f, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='leases_conflict\x00', r1}, 0x10) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0) fcntl$setlease(r2, 0x400, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0, 0x0) 1m7.040090535s ago: executing program 32 (id=340): bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000067dfb4a518110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000060000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffff6f, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='leases_conflict\x00', r1}, 0x10) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0) fcntl$setlease(r2, 0x400, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0, 0x0) 9.042214219s ago: executing program 1 (id=689): r0 = socket$inet_udp(0x2, 0x2, 0x0) socket$key(0xf, 0x3, 0x2) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, 0x0, 0x0) syz_emit_ethernet(0x0, 0x0, 0x0) bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16) connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10) sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'syz_tun\x00'}) sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20044080}, 0x0) 7.841814953s ago: executing program 1 (id=692): bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000140)='ext4_free_inode\x00', r0}, 0x18) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x10e, &(0x7f0000000300)={[{@discard}, {@noinit_itable}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x2a}}, {@errors_remount}, {@block_validity}, {@i_version}]}, 0x3, 0x469, &(0x7f00000006c0)="$eJzs3M1rHOUfAPDvTJL2l778ErW+9EWNVjH4kjRp1R68KAoeFAQR6jEmaalNG2ki2FK0itSjFASP4lHwL/CkF1FPgle9S6FIL1ZPK7M7033p7mbbbDNN9/OB6T7PzDM7z3eeeXafmaebAAbWRPZPErEjIn6PiLFatrnARO3l6pVz8/9cOTefRKXy5l9JtdzfV87NF0WL/bbnmck0Iv00ib1tjrty5uyJuaWlxdN5fnr15HvTK2fOPnP85NyxxWOLp2YPHz50cOb552af7Uucd2V13fPh8r7dr7598fX5Ixff+fnbpIi/JY4+mei28fFKpc+HK9fOhnQy3MMOQ7ewMvQsa4asuUaq/X8shqLeeGPxyielVg64pSq5DpvPV4A7WBJl1wAoR/FFn93/FsvGjT7Kd/nF2g1QFvfVfKltGY40LzPScn/bTxMRceT8v19lS9ya5xAAAE2+z8Y/T7cb/6VxX0O5/8fW6tzQeD6X8lZE3BMRuyLi3ohq2fsj4oF2B+kyIdA6SXL9+Ce9dPPRrS0b/72Qz201j/+K0V+MD+W5ndX4R5Kjx5cWD1TPScRkjGzN8jNdjvHDy7993mlb4/gvW7LjF2PBvB6Xhrc277Mwtzq3npgbXf44Ys9wu/iTazMBSUTsjog9N3mM409+s6/TtrXj76KXeaY1VL6OeKLW/uejJf5C0n1+cvp/sbR4YLq4Kq73y68X3uh0/HXF3wdZ+29re/1fi388aZyvXbmRd6/17gt/fNbxnmbqpq7/+oot+esHc6urp2citiSv1SrduH62vm+RL8pn8U/ub9//7476mdgbEdlF/GBEPBQRD+fRPRIRj0bE/i5n4aeXHnu32xkqu/0XWtp/vLlIS/vXE1uidU37xNCJH79rfsd6srfPv0PV1GS+pvr592X3uHqp141ezQAAALBZpRGxI5J06lo6Taemav+Hf1dsS5eWV1afOrr8/qmF2m8ExmMkLZ50jTU8D53Jb+uL/GxL/mD+3PiLodFqfmp+eWmh7OBhwG3v0P8zf/qNBtz5+jCPBmxS+j8MLv0fBpf+D4OrTf8fLaMewMZr9/3/UQn1ADZeS/837QcDxP0/DC79HwZXY/9PSqwHsKFWRmPtH8mfGe2hzG2eqFQqlTabRkuv2GZNRLrO9yn+DMTtEE7SSy9YR2JH2QHeeKLsTyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID++C8AAP//ZOHnZA==") 6.583688138s ago: executing program 1 (id=702): syz_usb_connect(0x0, 0x24, &(0x7f0000000080)=ANY=[@ANYBLOB="120100009e173610ef171e7206de010203010902"], 0x0) r0 = dup(0xffffffffffffffff) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') mount$9p_fd(0x0, &(0x7f00000001c0)='.\x00', &(0x7f0000000180), 0x0, &(0x7f0000000040)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 6.155905416s ago: executing program 0 (id=703): r0 = socket$inet_udp(0x2, 0x2, 0x0) socket$key(0xf, 0x3, 0x2) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, 0x0, 0x0) syz_emit_ethernet(0x0, 0x0, 0x0) bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16) connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10) sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'syz_tun\x00'}) sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x20}, 0x1, 0x0, 0x0, 0x20044080}, 0x0) 5.445591095s ago: executing program 0 (id=704): mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) bind$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x0, @any, 0xf5, 0x1}, 0xe) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x1, &(0x7f0000000400)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYRES64=r2], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r4}, 0x18) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) ioctl$sock_x25_SIOCADDRT(0xffffffffffffffff, 0x5411, &(0x7f0000000280)={@remote={'\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc', 0x3}, 0xd, 'veth1_to_batadv\x00'}) syz_genetlink_get_family_id$nl80211(&(0x7f0000000480), 0xffffffffffffffff) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$ENABLE_STATS(0x20, 0x0, 0x0) lseek(0xffffffffffffffff, 0xffffffffffffeffa, 0x0) mkdir(&(0x7f00000002c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000240)='./file0\x00', &(0x7f0000000280)='tracefs\x00', 0x0, 0x0) mount$tmpfs(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x2204c3b, 0x0) r5 = socket$nl_rdma(0x10, 0x3, 0x14) r6 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0) write$P9_RLERRORu(r6, 0x0, 0x0) sendmsg$RDMA_NLDEV_CMD_NEWLINK(r5, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="3800000003147df800000000fedbdf250900020073797b300000000008004100736977001400330076657468305f6d616376746170"], 0x38}}, 0x0) 4.068327798s ago: executing program 0 (id=706): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0) mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x0, 0x12, r0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0xb, &(0x7f0000000140)=ANY=[@ANYBLOB="180000000000000000000000018008001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f6ffffffb702000008000000b70300000000000185000000"], &(0x7f0000000000)='GPL\x00', 0xd, 0xfe7, &(0x7f0000001e00)=""/4071, 0x0, 0x48, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) 3.983981325s ago: executing program 2 (id=707): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000008000000000000001000000940000000fad413ec50000000f00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='netlink_extack\x00', r0}, 0x10) r1 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', 0x0}) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="3400000011000100000000000000000007000000", @ANYRES32=r2, @ANYBLOB="000000000000000014001a80100004"], 0x34}}, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x49d1f586de5c007a, 0x4008032, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) r4 = socket$xdp(0x2c, 0x3, 0x0) getsockopt$XDP_STATISTICS(r4, 0x11b, 0x8, &(0x7f0000003140), &(0x7f0000000040)=0x30) 3.892412588s ago: executing program 5 (id=708): bind$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10) syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f00000004c0)='./file0\x00', 0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="646f74732c646f74732c646f74732c636865636b3d72656c617865642c616c6c6f775f7574696d653d30303030303030303030303030303030303030303030302c6e6f646f74732c646f74732c6e6f646f74732c6e6f646f74732c636865636b3d7374726963742c616c6c6f775f7574696d653d30303030303030303030303030303030303030303030312c646f74732c646f74732c616c6c6f775f7574696d653d30303030303030303030303030303030303030303030312c6e6f646f74732c646f74732c666d61736b3d30303030303030303030303030303030303030303030322c6e6f646f74732c646f74732c666c7573682c6e6f646f74732c636865636b3d6e6f726d616c2c0079c7cebee7a0df8765ffc536c4e752679b645307d1bf097e07b8e261bb27d1bb80ee490fc501e4f230ddf1483b11ac5c39a93cfc3ba360037c79a9be063a3bf5015e3d6a8cad0e98ccb29619c51c44ec612fc7ff44fa8cf7759eada764c43ba9d602a958bd209ace3df01c3dae04baa94aedc5515da8160ae0"], 0xfd, 0x1bf, &(0x7f0000000300)="$eJzs3TGL02AYB/Cn9bzmnG4TRCHg4nSon+BEThADgtJBJ4XT5SqCt0SX9mP4Af0A0qmLRGrSxkaHWmxS6++39En/edvnHZp26ZNXN99dnL+/fPvl+udIkl70T+M0Zr04jn4sTAIA2CezooivRanrXgCAdqzx/f+t5ZYAgC17/uLlkwdZdvYsTZOI6SQf5sPyscwfPc7O7qY/HNerpnk+vLLM76XN3w7z/Gpcq/L75fp0NT+MO7fLfJ49fJo18kGcb3frAAAAAAAAAAAAAAAAAAAAAADQmVuRLvx2vs/JSTM/qvLy6Kf5QI35PQdx46A6rMcDFeM2NgUAAAAAAAAAAAAAAAAAAAD/mMuPny5ej0ZvPtTFICJWn/mTole98IbL2y76sRNtKP5qke5GG6MNPwWHEbGtxmZFUax1cn2NGHR1cQIAAAAAAAAAAAAAAAAAgP9M/affX7Oki4YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoAP1/f83KMYRscbJyzc76nSrAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7LHvAQAA///DgjXa") mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff) 3.660202763s ago: executing program 0 (id=710): bpf$MAP_CREATE(0x0, 0x0, 0x50) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000003c0)={r0, 0x0, 0x0}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0006}]}) r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000380), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f0000000240)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000140), 0x106}}, 0x20) write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000040)={0xffffffffffffffff}, 0x111}}, 0x20) write$RDMA_USER_CM_CMD_RESOLVE_IP(r3, &(0x7f0000000180)={0x3, 0x40, 0xfa02, {{0x6000000, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}, 0xffffffff}, {0xa, 0x0, 0x0, @mcast2={0xff, 0x5}}, r4}}, 0x48) close_range(r2, 0xffffffffffffffff, 0x0) 3.443736997s ago: executing program 5 (id=711): bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000818110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x3, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000200)='fdb_delete\x00', r2}, 0x10) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000200)='fdb_delete\x00', r3}, 0x10) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r4, 0x8924, &(0x7f0000000000)={'bridge_slave_0\x00', @random="010000201000"}) 3.414180238s ago: executing program 0 (id=713): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000021b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) mbind(&(0x7f0000564000/0x2000)=nil, 0x2000, 0x2, &(0x7f0000000080)=0xffff, 0xc, 0x0) munmap(&(0x7f00003fe000/0xc00000)=nil, 0xc00000) 3.067725629s ago: executing program 4 (id=714): r0 = socket$inet_udp(0x2, 0x2, 0x0) socket$key(0xf, 0x3, 0x2) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, 0x0, 0x0) syz_emit_ethernet(0x0, 0x0, 0x0) bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16) connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10) sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'syz_tun\x00'}) sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x20}, 0x1, 0x0, 0x0, 0x20044080}, 0x0) 3.067533476s ago: executing program 0 (id=715): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001680)={0x11, 0x3, &(0x7f0000000d00)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000640)={&(0x7f0000000040)='mmap_lock_acquire_returned\x00', 0xffffffffffffffff, 0x0, 0x40000}, 0x18) move_pages(0x0, 0x20000000000001ab, &(0x7f0000000000), 0x0, &(0x7f0000000000)=[0x0], 0x0) 3.051344061s ago: executing program 5 (id=716): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./mnt\x00', 0x2200054, &(0x7f0000000140)={[{@minixdf}, {@nodelalloc}]}, 0x1, 0x242, &(0x7f0000000540)="$eJzs3T9oM2UcB/DvXRJf+75BX3URBBVERAvldRNcXheFgpQiIqhQEXFRWqG2uLVOLg46q3RyKeJmdZQiFBdFcKraoS6CFocWBx0il2u11oh/UnPifT5wyV3yPM/vOS7fJ1mOBGity0muJukkmU7SS1KcbnB7vV0+PtyY2llIBoNHvi+G7erj2km/S0nWk9yXZLss8lw3Wd16Yv+H3YfuenWld+fbW49PTfQkjx3s7z189NbcK+/N3rv66effzhW5mv5vzuv8FSNe6xbJjf9Gsf+Iotv0DPgr5l9694sq9zcluWOY/17K1BfvteVrtnu5580/6vv6d5/dMsm5AudvMOhV34HrA6B1yiT9FOVMknq/LGdm6t/wX3Yuls8vLb84/ezSyuIzTa9UwHnpJ3sPfnDh/Utn8v9Np84/8P9V5f/R+c2vqv2jTtOzASapyv/0U2t3R/6hdeQf2kv+ob3kH9pL/qG95B/aS/6hveQf2kv+ob3+Tv4/mtCcgMk4nX8AoF0GF5q+AxloStPrDwAAAAAAAAAAAAAAAAAA8HsbUzsLJ9ukan78RnLwQJLuqPqd4f8RJ9cOHy8eFlWzXxR1t7E8eduYA/xq8fAfdHqn4buvr/u62fqf3Nps/bXFZP3lJFe63bOfv8H1449/w5+833t6/BrjuP+xZuv/tNls/dnd5MNq/bkyav0pc/PwefT606+u35j1X/hxzAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACYmJ8DAAD//7lGcFk=") bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='ext4_request_blocks\x00', r1}, 0x10) mkdir(&(0x7f0000000100)='./file0\x00', 0x0) 2.748913645s ago: executing program 4 (id=717): r0 = socket$inet_udp(0x2, 0x2, 0x0) r1 = socket$key(0xf, 0x3, 0x2) r2 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_fanout(r2, 0x107, 0x12, 0x0, 0x0) syz_emit_ethernet(0x0, 0x0, 0x0) sendmsg$key(r1, 0x0, 0x0) bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16) connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10) setsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f00000002c0)={{{@in6=@dev, @in6=@dev={0xfe, 0x80, '\x00', 0x1}, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xee01}, {0x0, 0x0, 0x0, 0xffffffffffffffff}, {}, 0xfffffffc, 0x0, 0x1}, {{@in6=@dev, 0x4d4, 0x33}, 0x0, @in6=@mcast1, 0x0, 0x0, 0x0, 0xb7, 0xffffffff}}, 0xe8) sendmmsg(r0, 0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0), 0x401, 0x0) syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) syz_emit_ethernet(0x0, 0x0, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000180)={'syz_tun\x00', 0x0}) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB="200000001100010100"/20, @ANYRES32=r5], 0x20}, 0x1, 0x0, 0x0, 0x20044080}, 0x0) 2.712937268s ago: executing program 2 (id=718): r0 = epoll_create1(0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r2, &(0x7f0000000100)={0x20000014}) epoll_wait(r0, &(0x7f0000000040)=[{}], 0x1, 0x400) 2.556687141s ago: executing program 5 (id=719): mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) bind$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x0, @any, 0xf5, 0x1}, 0xe) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x1, &(0x7f0000000400)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYRES64=r2], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r4}, 0x18) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) ioctl$sock_x25_SIOCADDRT(0xffffffffffffffff, 0x5411, &(0x7f0000000280)={@remote={'\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc', 0x3}, 0xd, 'veth1_to_batadv\x00'}) syz_genetlink_get_family_id$nl80211(&(0x7f0000000480), 0xffffffffffffffff) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$ENABLE_STATS(0x20, 0x0, 0x0) lseek(0xffffffffffffffff, 0xffffffffffffeffa, 0x0) mkdir(&(0x7f00000002c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000240)='./file0\x00', &(0x7f0000000280)='tracefs\x00', 0x0, 0x0) mount$tmpfs(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x2204c3b, 0x0) r5 = socket$nl_rdma(0x10, 0x3, 0x14) r6 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0) write$P9_RLERRORu(r6, 0x0, 0x0) sendmsg$RDMA_NLDEV_CMD_NEWLINK(r5, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="3800000003147df800000000fedbdf250900020073797b300000000008004100736977001400330076657468305f6d616376746170"], 0x38}}, 0x0) 1.457927492s ago: executing program 1 (id=720): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0) mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x0, 0x12, r0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0xb, &(0x7f0000000140)=ANY=[@ANYBLOB="180000000000000000000000018008001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f6ffffffb702000008000000b70300000000000185000000100000"], &(0x7f0000000000)='GPL\x00', 0xd, 0xfe7, &(0x7f0000001e00)=""/4071, 0x0, 0x48, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) 1.372252346s ago: executing program 5 (id=721): bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1, 0xfffffffc, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5, @void, @value}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000400000000000000000180100002020702500000000002020207b1af8ff00000000bfa1000000000000070100"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10) r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x2, 0x0, 0x106, 0x6}}, 0x20) write$RDMA_USER_CM_CMD_DESTROY_ID(r1, 0x0, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc9ffb}]}) io_pgetevents(0x0, 0x1, 0x0, &(0x7f0000000580), 0x0, 0x0) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0xc, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000580)='sched_switch\x00', r2}, 0x10) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000240)={'wpan0\x00'}) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000680), r4) ioctl$sock_SIOCGIFINDEX_802154(r4, 0x8933, &(0x7f0000000180)={'wpan1\x00', 0x0}) r7 = getpid() sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000004c0)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010000000000000000001400000008000300", @ANYRES32=r6, @ANYBLOB='\b\x00', @ANYRES32=r7, @ANYBLOB], 0x24}}, 0x0) r8 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r8}, 0x10) r9 = socket(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r9, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000002c0)=@newqdisc={0x38, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r11, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_hhf={{0x8}, {0xc, 0x2, [@TCA_HHF_QUANTUM={0x8}]}}]}, 0x38}, 0x1, 0x0, 0x0, 0x4000}, 0x0) 1.341424446s ago: executing program 4 (id=722): add_key$keyring(0x0, &(0x7f0000000040)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffe) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000ab4000000060a01040000000000000000020000280900010073797a30000000000900020073797a320000000088000480100001800c000100636f756e7465720014000180090001006d6173710000000004000280600001800a0001006c696d6974000000500002800c000140000000000000000808000440000000010c00014000000000000080010c00024000000000000000090800034000000fba0c00024000000000000000000c000140000000000000000714000000110001"], 0xdc}}, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) r2 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) write$tun(r0, &(0x7f0000000280)={@val={0x1c, 0x800}, @val={0x1, 0x0, 0x0, 0x0, 0x3d}, @mpls={[], @ipv4=@tcp={{0x6, 0x4, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x84, 0x0, @empty=0x3fffffff, @local}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x2, 0xb, 0xfe, 0x600, 0x0, 0x1c, {[@window={0xe, 0x3, 0x2}, @timestamp={0x5, 0x2}, @generic={0x0, 0x2, "d58838068b91"}]}}}}}}, 0x4e) 1.188415997s ago: executing program 2 (id=723): r0 = socket$phonet_pipe(0x23, 0x5, 0x2) writev(r0, &(0x7f0000000300)=[{&(0x7f0000000200)="1cdc71c9", 0x4}, {0x0, 0xea}], 0x2) 1.187682922s ago: executing program 1 (id=724): r0 = socket$packet(0x11, 0x3, 0x300) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{r1}, &(0x7f0000000280), &(0x7f00000002c0)}, 0x20) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x89a0, &(0x7f0000000040)={'syzkaller0\x00'}) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'syzkaller0\x00', 0x0}) setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000100)={r3, 0x2, 0x6}, 0x10) setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f00000000c0)={r3, 0x2, 0x6, @remote}, 0x10) r4 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r4, 0x89a1, &(0x7f0000000040)={'syzkaller0\x00'}) 754.850181ms ago: executing program 2 (id=725): sendmsg$inet(0xffffffffffffffff, &(0x7f0000001640)={&(0x7f0000000300)={0x2, 0x0, @multicast2=0xe0000001}, 0x10, 0x0, 0x0, 0x0, 0x38}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0xd, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='page_pool_release\x00', r0}, 0x10) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='page_pool_release\x00', r1}, 0x10) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x6, 0x7, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x21, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$PROG_BIND_MAP(0xa, &(0x7f00000002c0)={r3}, 0x69) 627.930997ms ago: executing program 4 (id=726): r0 = syz_open_dev$tty20(0xc, 0x4, 0x1) r1 = dup(r0) ioctl$TCSETAF(r1, 0x5408, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x7, 0xfe, "0000ca06e700"}) ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000740)=0xff) 544.556011ms ago: executing program 2 (id=727): r0 = socket$inet_udp(0x2, 0x2, 0x0) socket$key(0xf, 0x3, 0x2) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, 0x0, 0x0) syz_emit_ethernet(0x0, 0x0, 0x0) bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16) connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10) sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'syz_tun\x00'}) sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x20}, 0x1, 0x0, 0x0, 0x20044080}, 0x0) 541.590151ms ago: executing program 5 (id=728): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000008000000000000001000000940000000fad413ec50000000f00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='netlink_extack\x00', r0}, 0x10) r1 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00'}) socket$nl_route(0x10, 0x3, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x49d1f586de5c007a, 0x4008032, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) r2 = socket$xdp(0x2c, 0x3, 0x0) getsockopt$XDP_STATISTICS(r2, 0x11b, 0x8, &(0x7f0000003140), &(0x7f0000000040)=0x30) 326.984106ms ago: executing program 4 (id=729): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0) fsetxattr$security_capability(r2, &(0x7f0000000240), &(0x7f0000000280)=@v3={0x3000000, [{}, {0x0, 0x4}]}, 0x18, 0x0) 325.144406ms ago: executing program 1 (id=730): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0) socket$netlink(0x10, 0x3, 0x0) syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f0000000000)=ANY=[], 0x1, 0x357, &(0x7f0000000180)="$eJzs3c9rI2UYwPEnaTa/lm1yEEVB+qAXvQxt9KwG2QUx4NLdiLuCMLudaMiYlJlQiYitJ6/izX9AcNljbwX1H+jFW7148dZLQdAi4shMZtr8mCRNmpLWfj9Q8kze95mZNzOE5w3M28MPvvm0UXONmtmWZFYlISJyLFKUpEQS4WsyiNPSa0devfnHwYv3Hjx8t1yp3F5XvVO+/1pJVZdXfvzsi1zYbS8j+8WPDo9Kv+8/u//84b/3P6m7Wne12WqrqY9av7XNR7alG3W3YajetS3TtbTedC2n297qttfs1uZmR83mxq38pmO5rprNjjasjrZb2nY6an5s1ptqGIbeysv1kh3Y9hKTc6pP1tfN8owHfDxjHubtb8/zxjQ7TtlcEjFyQy3VJxd6XgAA4FIaqP+/i2qEoiRPCspE31xguP6P4qD+96vO0/r/6Us/t2++v7sc1v976bj6//Vfu/l99b9/9LnX/z8MbA9XRFfe9jSdz1X/43JYSQ+91T/18+v/fDh/D3z14dPVIKD+BwAAAAAAAAAAAAAAAAAAAADgKjj2vILneYXoNfo7fYQg3I62xj1ojCtn1PXPhCsKnNwP+F+69+ChZIMH91LLIvbXW9Wtavc1bI86rkpB/gnuh1B3wYmdoFF9RfnJ3g7zt7eqS0FLWUTFFkvWpCDFvvwgvvNO5faadvXnJ1J5P78m9SC/JAV5Jj6/FJufllde7sk3pCC/PJaW2LIRfo9F+V+uqb79XmUgPxf0i/PmxV8WAAAAAADmylDNhtPn2Pm7YajGtftzeemdnw//PnAyv16NnZ+nCi+kFjt2AAAAAACuCzf9ecO0bctxOyODnEzqkwn3Nn4/8UFqms5+cBAEN8b1WeoZ4Vn3nA7/g8YUJy/TjdS07T8zEvthRku49jVlz/GpmnY0/jN0zk57CRw3Of3YLcdd8c9HZxpOTxD9bDSqj9yddc+jgmjl3Emdn/v2+79mO0QiXLW3t+mN3eyEkQZBYuCdnQk37ZHnTTyfGxf5nQMAAABgMaKiP+dG77y12BMCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOAamusyaSOCRY8RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuCz+CwAA//+9m/li") r0 = creat(&(0x7f0000000280)='./bus\x00', 0x2) pwritev2(r0, &(0x7f00000015c0)=[{&(0x7f0000000080)="ec", 0x1}], 0x1, 0xfffff, 0x0, 0x0) r1 = open(&(0x7f0000000200)='./bus\x00', 0x44000, 0x0) prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00') bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) dup3(r1, r0, 0x0) finit_module(r1, 0x0, 0x0) 73.320774ms ago: executing program 2 (id=731): r0 = socket(0x11, 0x800000003, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000600)={'team0\x00', 0x0}) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r2, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000240)=@newqdisc={0xa4, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x12, r1, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x74, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x2, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1], 0x0, [0x8, 0x5, 0x0, 0x0, 0x0, 0xfffc], [0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff, 0x8]}}, @TCA_TAPRIO_ATTR_SCHED_CLOCKID={0x8}, @TCA_TAPRIO_ATTR_SCHED_ENTRY_LIST={0x10, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@TCA_TAPRIO_SCHED_ENTRY_INTERVAL={0x8, 0x4, 0xff}]}]}]}}]}, 0xa4}}, 0x0) 0s ago: executing program 4 (id=732): r0 = socket$inet_udp(0x2, 0x2, 0x0) r1 = socket$key(0xf, 0x3, 0x2) r2 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_fanout(r2, 0x107, 0x12, 0x0, 0x0) syz_emit_ethernet(0x0, 0x0, 0x0) sendmsg$key(r1, 0x0, 0x0) bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16) connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10) setsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f00000002c0)={{{@in6=@dev, @in6=@dev={0xfe, 0x80, '\x00', 0x1}, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xee01}, {0x0, 0x0, 0x0, 0xffffffffffffffff}, {}, 0xfffffffc, 0x0, 0x1}, {{@in6=@dev, 0x4d4, 0x33}, 0x0, @in6=@mcast1, 0x0, 0x0, 0x0, 0xb7, 0xffffffff}}, 0xe8) sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$snapshot(0xffffffffffffff9c, 0x0, 0x401, 0x0) syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) syz_emit_ethernet(0x0, 0x0, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000180)={'syz_tun\x00', 0x0}) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB="200000001100010100"/20, @ANYRES32=r5], 0x20}, 0x1, 0x0, 0x0, 0x20044080}, 0x0) kernel console output (not intermixed with test programs): ast mode [ 71.722689][ T5840] bridge_slave_1: entered promiscuous mode [ 71.733900][ T5831] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 71.744503][ T5830] bridge0: port 2(bridge_slave_1) entered blocking state [ 71.751626][ T5830] bridge0: port 2(bridge_slave_1) entered disabled state [ 71.759243][ T5830] bridge_slave_1: entered allmulticast mode [ 71.766099][ T5830] bridge_slave_1: entered promiscuous mode [ 71.791671][ T5831] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 71.809224][ T5843] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 71.817898][ T5843] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 71.847091][ T5843] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 71.885406][ T5843] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 71.892633][ T5843] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 71.919206][ T5843] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 71.936469][ T1295] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.943421][ T1295] ieee802154 phy1 wpan1: encryption failed: -22 [ 71.948792][ T5840] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 71.975634][ T5831] team0: Port device team_slave_0 added [ 71.984453][ T5830] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 72.000290][ T5831] team0: Port device team_slave_1 added [ 72.019750][ T5840] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 72.043537][ T5830] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 72.080944][ T5831] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 72.088427][ T5831] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 72.116383][ T5831] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 72.165470][ T5831] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 72.173213][ T5831] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 72.200285][ T5831] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 72.223596][ T5840] team0: Port device team_slave_0 added [ 72.234385][ T5830] team0: Port device team_slave_0 added [ 72.252668][ T5843] hsr_slave_0: entered promiscuous mode [ 72.252922][ T5834] Bluetooth: hci0: command tx timeout [ 72.266175][ T5843] hsr_slave_1: entered promiscuous mode [ 72.272859][ T5843] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 72.280633][ T5843] Cannot create hsr debugfs directory [ 72.294030][ T5840] team0: Port device team_slave_1 added [ 72.305502][ T5830] team0: Port device team_slave_1 added [ 72.342001][ T5834] Bluetooth: hci2: command tx timeout [ 72.376125][ T5840] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 72.385021][ T5840] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 72.413454][ T5834] Bluetooth: hci3: command tx timeout [ 72.419540][ T5840] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 72.422180][ T5834] Bluetooth: hci1: command tx timeout [ 72.430267][ T5838] Bluetooth: hci4: command tx timeout [ 72.444081][ T5840] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 72.451070][ T5840] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 72.478584][ T5840] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 72.496123][ T5831] hsr_slave_0: entered promiscuous mode [ 72.502983][ T5831] hsr_slave_1: entered promiscuous mode [ 72.509098][ T5831] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 72.516846][ T5831] Cannot create hsr debugfs directory [ 72.523781][ T5830] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 72.530943][ T5830] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 72.558021][ T5830] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 72.612140][ T5830] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 72.619328][ T5830] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 72.646207][ T5830] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 72.721021][ T5830] hsr_slave_0: entered promiscuous mode [ 72.731067][ T5830] hsr_slave_1: entered promiscuous mode [ 72.738539][ T5830] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 72.746628][ T5830] Cannot create hsr debugfs directory [ 72.782131][ T5828] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 72.827317][ T5828] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 72.840657][ T5840] hsr_slave_0: entered promiscuous mode [ 72.848794][ T5840] hsr_slave_1: entered promiscuous mode [ 72.856245][ T5840] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 72.864378][ T5840] Cannot create hsr debugfs directory [ 72.880881][ T5828] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 72.924557][ T5828] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 73.091641][ T5843] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 73.130697][ T5843] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 73.158437][ T5843] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 73.187836][ T5843] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 73.225931][ T5831] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 73.242744][ T5831] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 73.252209][ T5831] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 73.286927][ T5831] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 73.359217][ T5830] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 73.369742][ T5830] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 73.411265][ T5830] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 73.420456][ T5830] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 73.443398][ T5840] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 73.472405][ T5828] 8021q: adding VLAN 0 to HW filter on device bond0 [ 73.479497][ T5840] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 73.489783][ T5840] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 73.501846][ T5840] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 73.560057][ T5828] 8021q: adding VLAN 0 to HW filter on device team0 [ 73.597672][ T52] bridge0: port 1(bridge_slave_0) entered blocking state [ 73.605281][ T52] bridge0: port 1(bridge_slave_0) entered forwarding state [ 73.626032][ T5843] 8021q: adding VLAN 0 to HW filter on device bond0 [ 73.645909][ T52] bridge0: port 2(bridge_slave_1) entered blocking state [ 73.653436][ T52] bridge0: port 2(bridge_slave_1) entered forwarding state [ 73.760748][ T5843] 8021q: adding VLAN 0 to HW filter on device team0 [ 73.786453][ T52] bridge0: port 1(bridge_slave_0) entered blocking state [ 73.793617][ T52] bridge0: port 1(bridge_slave_0) entered forwarding state [ 73.814878][ T5830] 8021q: adding VLAN 0 to HW filter on device bond0 [ 73.839832][ T3523] bridge0: port 2(bridge_slave_1) entered blocking state [ 73.847783][ T3523] bridge0: port 2(bridge_slave_1) entered forwarding state [ 73.868950][ T5830] 8021q: adding VLAN 0 to HW filter on device team0 [ 73.909036][ T3523] bridge0: port 1(bridge_slave_0) entered blocking state [ 73.916241][ T3523] bridge0: port 1(bridge_slave_0) entered forwarding state [ 73.927811][ T3523] bridge0: port 2(bridge_slave_1) entered blocking state [ 73.935675][ T3523] bridge0: port 2(bridge_slave_1) entered forwarding state [ 73.961621][ T5831] 8021q: adding VLAN 0 to HW filter on device bond0 [ 73.985616][ T5840] 8021q: adding VLAN 0 to HW filter on device bond0 [ 74.075878][ T5840] 8021q: adding VLAN 0 to HW filter on device team0 [ 74.094043][ T5831] 8021q: adding VLAN 0 to HW filter on device team0 [ 74.106758][ T5828] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 74.124623][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 74.132292][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 74.171075][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 74.179271][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 74.194846][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 74.202228][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 74.238374][ T3018] bridge0: port 2(bridge_slave_1) entered blocking state [ 74.245836][ T3018] bridge0: port 2(bridge_slave_1) entered forwarding state [ 74.332888][ T5834] Bluetooth: hci0: command tx timeout [ 74.413448][ T5834] Bluetooth: hci2: command tx timeout [ 74.467793][ T5830] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 74.492229][ T5834] Bluetooth: hci4: command tx timeout [ 74.493213][ T5838] Bluetooth: hci3: command tx timeout [ 74.497680][ T5834] Bluetooth: hci1: command tx timeout [ 74.539657][ T5828] veth0_vlan: entered promiscuous mode [ 74.598096][ T5843] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 74.617363][ T5828] veth1_vlan: entered promiscuous mode [ 74.698064][ T5828] veth0_macvtap: entered promiscuous mode [ 74.764095][ T5828] veth1_macvtap: entered promiscuous mode [ 74.800031][ T5843] veth0_vlan: entered promiscuous mode [ 74.809834][ T5840] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 74.836962][ T5843] veth1_vlan: entered promiscuous mode [ 74.850328][ T5828] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 74.896802][ T5831] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 74.907121][ T5828] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 74.939756][ T5828] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.949459][ T5828] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.960135][ T5828] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.970511][ T5828] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.991580][ T5840] veth0_vlan: entered promiscuous mode [ 75.049616][ T5843] veth0_macvtap: entered promiscuous mode [ 75.064746][ T5830] veth0_vlan: entered promiscuous mode [ 75.077575][ T5840] veth1_vlan: entered promiscuous mode [ 75.089148][ T5843] veth1_macvtap: entered promiscuous mode [ 75.151198][ T5830] veth1_vlan: entered promiscuous mode [ 75.179410][ T5843] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 75.199776][ T5843] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 75.211558][ T5843] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 75.265819][ T5840] veth0_macvtap: entered promiscuous mode [ 75.298490][ T5843] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 75.299380][ T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 75.322455][ T5843] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 75.324483][ T5843] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 75.349631][ T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 75.360567][ T5831] veth0_vlan: entered promiscuous mode [ 75.389993][ T5840] veth1_macvtap: entered promiscuous mode [ 75.407555][ T5843] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.417986][ T5843] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.428532][ T5843] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.438379][ T5843] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.463340][ T5831] veth1_vlan: entered promiscuous mode [ 75.494892][ T68] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 75.504865][ T68] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 75.506711][ T5830] veth0_macvtap: entered promiscuous mode [ 75.535836][ T5830] veth1_macvtap: entered promiscuous mode [ 75.573052][ T5840] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 75.588229][ T5840] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 75.601556][ T5840] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 75.614117][ T5840] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 75.626722][ T5840] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 75.680531][ T5828] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 75.681226][ T5830] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 75.707185][ T5830] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 75.717397][ T5830] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 75.729301][ T5830] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 75.741028][ T5830] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 75.752503][ T5830] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 75.763677][ T5830] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 75.795823][ T5830] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 75.806967][ T5830] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 75.817674][ T5830] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 75.828885][ T5830] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 75.840667][ T5830] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 75.849983][ T5831] veth0_macvtap: entered promiscuous mode [ 75.878350][ T5830] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.887550][ T5830] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.896657][ T5830] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.905984][ T5830] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.917784][ T5840] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 75.929644][ T5840] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 75.952323][ T5840] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 75.964180][ T5840] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 75.975467][ T5840] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 75.986797][ T5840] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 75.998667][ T5840] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 76.017097][ T5831] veth1_macvtap: entered promiscuous mode [ 76.050504][ T62] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 76.073122][ T5840] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.085468][ T62] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 76.110589][ T5840] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.128311][ T5840] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.138755][ T5840] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.247902][ T5831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 76.266931][ T5831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 76.278547][ T5831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 76.311038][ T5831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 76.322742][ T5831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 76.334450][ T5831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 76.346822][ T5831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 76.357511][ T5831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 76.369540][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 76.407523][ T5831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 76.419981][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 76.420414][ T5831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 76.429202][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 76.439428][ T5834] Bluetooth: hci0: command tx timeout [ 76.457447][ T5831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 76.469747][ T5831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 76.480606][ T5831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 76.491593][ T5831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 76.503380][ T5834] Bluetooth: hci2: command tx timeout [ 76.509904][ T5831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 76.521274][ T5831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 76.533523][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 76.564572][ T5831] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.577944][ T5831] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.582146][ T5834] Bluetooth: hci1: command tx timeout [ 76.590053][ T5848] Bluetooth: hci3: command tx timeout [ 76.595484][ T5838] Bluetooth: hci4: command tx timeout [ 76.614772][ T5831] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.628056][ T5831] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.670633][ T68] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 76.689475][ T68] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 76.726605][ T3523] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 76.770201][ T3523] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 76.853338][ T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 76.883009][ T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 76.994531][ T62] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 77.012205][ T62] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 77.020667][ T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 77.038161][ T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 77.116581][ T62] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 77.134635][ T62] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 77.354839][ T29] audit: type=1326 audit(1732922579.189:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5933 comm="syz.0.9" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d15f80849 code=0x7ffc0000 [ 77.413746][ T29] audit: type=1326 audit(1732922579.189:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5933 comm="syz.0.9" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d15f80849 code=0x7ffc0000 [ 77.505656][ T29] audit: type=1326 audit(1732922579.189:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5933 comm="syz.0.9" exe="/root/syz-executor" sig=0 arch=c000003e syscall=252 compat=0 ip=0x7f9d15f80849 code=0x7ffc0000 [ 77.564891][ T5936] hub 6-0:1.0: USB hub found [ 77.582540][ T5936] hub 6-0:1.0: 1 port detected [ 77.591936][ T29] audit: type=1326 audit(1732922579.189:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5933 comm="syz.0.9" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d15f80849 code=0x7ffc0000 [ 77.711865][ T29] audit: type=1326 audit(1732922579.189:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5933 comm="syz.0.9" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d15f80849 code=0x7ffc0000 [ 78.493486][ T5834] Bluetooth: hci0: command tx timeout [ 78.578137][ T5834] Bluetooth: hci2: command tx timeout [ 78.624810][ T5963] loop2: detected capacity change from 0 to 512 [ 78.651837][ T5834] Bluetooth: hci3: command tx timeout [ 78.662371][ T5834] Bluetooth: hci1: command tx timeout [ 78.668297][ T5834] Bluetooth: hci4: command tx timeout [ 78.682666][ T5963] EXT4-fs: Ignoring removed i_version option [ 78.704352][ T5965] loop3: detected capacity change from 0 to 512 [ 78.757162][ T5965] EXT4-fs: inline encryption not supported [ 78.781675][ T5963] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 78.851827][ T5963] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 78.933634][ T5965] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 78.997339][ T5965] ext4 filesystem being mounted at /5/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 79.021370][ T5965] EXT4-fs error (device loop3): ext4_do_update_inode:5153: inode #2: comm syz.3.18: corrupted inode contents [ 79.048961][ T5963] EXT4-fs (loop2): 1 orphan inode deleted [ 79.076511][ T5965] EXT4-fs error (device loop3): ext4_dirty_inode:6041: inode #2: comm syz.3.18: mark_inode_dirty error [ 79.090881][ T5963] EXT4-fs (loop2): 1 truncate cleaned up [ 79.121955][ T5963] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 79.167241][ T5965] EXT4-fs error (device loop3): ext4_do_update_inode:5153: inode #2: comm syz.3.18: corrupted inode contents [ 79.344221][ T5840] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 79.603052][ T5965] EXT4-fs error (device loop3): __ext4_ext_dirty:207: inode #2: comm syz.3.18: mark_inode_dirty error [ 79.647048][ T5986] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 80.502445][ T5843] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 80.741560][ T5996] delete_channel: no stack [ 81.003286][ T6005] loop2: detected capacity change from 0 to 512 [ 81.036907][ T6005] EXT4-fs: Ignoring removed i_version option [ 81.084295][ T6005] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 81.103751][ T6011] netlink: 12 bytes leftover after parsing attributes in process `syz.3.36'. [ 81.125025][ T6010] bridge0: port 3(vlan2) entered blocking state [ 81.135175][ T6010] bridge0: port 3(vlan2) entered disabled state [ 81.146461][ T6010] vlan2: entered allmulticast mode [ 81.152863][ T6010] team0: entered allmulticast mode [ 81.194485][ T6010] team_slave_0: entered allmulticast mode [ 81.230918][ T6010] team_slave_1: entered allmulticast mode [ 81.231450][ T6005] EXT4-fs (loop2): 1 orphan inode deleted [ 81.274260][ T6010] vlan2: entered promiscuous mode [ 81.284011][ T6014] loop3: detected capacity change from 0 to 1024 [ 81.298368][ T6005] EXT4-fs (loop2): 1 truncate cleaned up [ 81.308192][ T6005] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 81.320959][ T6010] team0: entered promiscuous mode [ 81.336906][ T6010] team_slave_0: entered promiscuous mode [ 81.358060][ T6014] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 81.377644][ T6018] loop4: detected capacity change from 0 to 512 [ 81.402112][ T6010] team_slave_1: entered promiscuous mode [ 81.446847][ T6014] EXT4-fs error (device loop3): ext4_expand_extra_isize_ea:2793: inode #12: comm syz.3.38: corrupted in-inode xattr: bad magic number in in-inode xattr [ 81.472195][ T6010] bridge0: port 3(vlan2) entered blocking state [ 81.479612][ T6010] bridge0: port 3(vlan2) entered forwarding state [ 81.481914][ T6018] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 81.494927][ T5840] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 81.530113][ T6018] EXT4-fs error (device loop4): ext4_orphan_get:1415: comm syz.4.37: bad orphan inode 131083 [ 81.531231][ T6014] EXT4-fs warning (device loop3): ext4_expand_extra_isize_ea:2863: Unable to expand inode 12. Delete some EAs or run e2fsck. [ 81.607942][ T6018] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 81.834426][ T5843] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 81.894894][ T5830] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 81.987206][ T29] audit: type=1326 audit(1732922583.839:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6024 comm="syz.2.42" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63c1380849 code=0x7ffc0000 [ 82.062025][ T29] audit: type=1326 audit(1732922583.839:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6024 comm="syz.2.42" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63c1380849 code=0x7ffc0000 [ 82.162881][ T29] audit: type=1326 audit(1732922583.839:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6024 comm="syz.2.42" exe="/root/syz-executor" sig=0 arch=c000003e syscall=83 compat=0 ip=0x7f63c1380849 code=0x7ffc0000 [ 82.230552][ T6028] delete_channel: no stack [ 82.288729][ T29] audit: type=1326 audit(1732922583.839:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6024 comm="syz.2.42" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63c1380849 code=0x7ffc0000 [ 82.422252][ T29] audit: type=1326 audit(1732922583.839:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6024 comm="syz.2.42" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63c1380849 code=0x7ffc0000 [ 82.512962][ T29] audit: type=1326 audit(1732922583.839:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6024 comm="syz.2.42" exe="/root/syz-executor" sig=0 arch=c000003e syscall=4 compat=0 ip=0x7f63c1380849 code=0x7ffc0000 [ 82.659727][ T29] audit: type=1326 audit(1732922583.839:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6024 comm="syz.2.42" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63c1380849 code=0x7ffc0000 [ 82.961859][ T29] audit: type=1326 audit(1732922583.839:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6024 comm="syz.2.42" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63c1380849 code=0x7ffc0000 [ 83.581455][ T6063] delete_channel: no stack [ 83.642017][ T6075] random: crng reseeded on system resumption [ 83.999448][ T6083] netlink: 'syz.3.63': attribute type 29 has an invalid length. [ 84.098595][ T6086] netlink: 'syz.3.63': attribute type 29 has an invalid length. [ 84.142594][ T6083] netlink: 500 bytes leftover after parsing attributes in process `syz.3.63'. [ 84.174490][ T6083] unsupported nla_type 40 [ 84.643984][ T6095] Zero length message leads to an empty skb [ 85.148784][ T6103] loop0: detected capacity change from 0 to 512 [ 85.176775][ T6103] ======================================================= [ 85.176775][ T6103] WARNING: The mand mount option has been deprecated and [ 85.176775][ T6103] and is ignored by this kernel. Remove the mand [ 85.176775][ T6103] option from the mount to silence this warning. [ 85.176775][ T6103] ======================================================= [ 85.283955][ T6103] EXT4-fs (loop0): couldn't mount as ext2 due to feature incompatibilities [ 85.716812][ T6113] loop0: detected capacity change from 0 to 512 [ 86.553783][ T6113] EXT4-fs: Ignoring removed i_version option [ 86.601991][ T6113] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 86.740105][ T6113] EXT4-fs (loop0): 1 orphan inode deleted [ 86.793549][ T6113] EXT4-fs (loop0): 1 truncate cleaned up [ 86.817643][ T29] audit: type=1326 audit(1732922588.669:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6120 comm="syz.4.78" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f19e6580849 code=0x7ffc0000 [ 86.827184][ T6113] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 86.876108][ T29] audit: type=1326 audit(1732922588.699:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6120 comm="syz.4.78" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f19e6580849 code=0x7ffc0000 [ 86.985636][ T29] audit: type=1326 audit(1732922588.699:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6120 comm="syz.4.78" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f19e6580849 code=0x7ffc0000 [ 87.046453][ T6123] netdevsim netdevsim3: loading /lib/firmware/. failed with error -22 [ 87.087695][ T29] audit: type=1326 audit(1732922588.699:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6120 comm="syz.4.78" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f19e6580849 code=0x7ffc0000 [ 87.127795][ T6123] netdevsim netdevsim3: Direct firmware load for . failed with error -22 [ 87.136204][ T5828] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 87.154288][ T29] audit: type=1326 audit(1732922588.699:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6120 comm="syz.4.78" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f19e6580849 code=0x7ffc0000 [ 87.186428][ T6123] netdevsim netdevsim3: Falling back to sysfs fallback for: . [ 87.244111][ T29] audit: type=1326 audit(1732922588.699:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6120 comm="syz.4.78" exe="/root/syz-executor" sig=0 arch=c000003e syscall=447 compat=0 ip=0x7f19e6580849 code=0x7ffc0000 [ 87.333380][ T1206] cfg80211: failed to load regulatory.db [ 87.636765][ T6135] loop1: detected capacity change from 0 to 512 [ 87.696158][ T6135] EXT4-fs error (device loop1): ext4_orphan_get:1389: inode #15: comm syz.1.83: casefold flag without casefold feature [ 87.696451][ T6135] EXT4-fs error (device loop1): ext4_orphan_get:1394: comm syz.1.83: couldn't read orphan inode 15 (err -117) [ 87.699443][ T6135] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 87.728084][ T29] kauditd_printk_skb: 8 callbacks suppressed [ 87.728104][ T29] audit: type=1800 audit(1732922589.579:29): pid=6135 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.83" name="file1" dev="loop1" ino=18 res=0 errno=0 [ 87.754776][ T6143] loop2: detected capacity change from 0 to 512 [ 87.891441][ T5831] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 87.924789][ T6143] EXT4-fs (loop2): couldn't mount as ext2 due to feature incompatibilities [ 88.318958][ T6154] loop2: detected capacity change from 0 to 512 [ 88.391267][ T6154] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 88.445178][ T29] audit: type=1326 audit(1732922590.299:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6158 comm="syz.4.95" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f19e6580849 code=0x7ffc0000 [ 88.482038][ T6154] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 88.569358][ T29] audit: type=1326 audit(1732922590.329:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6158 comm="syz.4.95" exe="/root/syz-executor" sig=0 arch=c000003e syscall=333 compat=0 ip=0x7f19e6580849 code=0x7ffc0000 [ 88.578152][ T6154] ext4 filesystem being mounted at /13/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 88.642364][ T29] audit: type=1326 audit(1732922590.329:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6158 comm="syz.4.95" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f19e6580849 code=0x7ffc0000 [ 88.733121][ T29] audit: type=1326 audit(1732922590.329:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6158 comm="syz.4.95" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f19e6580849 code=0x7ffc0000 [ 88.761628][ T29] audit: type=1326 audit(1732922590.329:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6158 comm="syz.4.95" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f19e6580849 code=0x7ffc0000 [ 88.787369][ T29] audit: type=1326 audit(1732922590.349:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6158 comm="syz.4.95" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f19e6580849 code=0x7ffc0000 [ 88.813783][ T29] audit: type=1326 audit(1732922590.349:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6158 comm="syz.4.95" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f19e6580849 code=0x7ffc0000 [ 88.838555][ T29] audit: type=1326 audit(1732922590.349:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6158 comm="syz.4.95" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f19e657f1b0 code=0x7ffc0000 [ 88.863647][ T29] audit: type=1326 audit(1732922590.349:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6158 comm="syz.4.95" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7f19e6582077 code=0x7ffc0000 [ 88.899193][ T5840] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 89.145021][ T6171] loop2: detected capacity change from 0 to 512 [ 89.356821][ T6171] EXT4-fs error (device loop2): ext4_orphan_get:1389: inode #15: comm syz.2.98: casefold flag without casefold feature [ 89.363441][ T6176] loop3: detected capacity change from 0 to 2048 [ 89.432246][ T6171] EXT4-fs error (device loop2): ext4_orphan_get:1394: comm syz.2.98: couldn't read orphan inode 15 (err -117) [ 89.506717][ T6171] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 89.525821][ T6176] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 89.730446][ T5840] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 89.878281][ T6186] loop2: detected capacity change from 0 to 512 [ 89.902210][ T6186] EXT4-fs (loop2): couldn't mount as ext2 due to feature incompatibilities [ 89.957447][ T5843] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 90.198546][ T6198] random: crng reseeded on system resumption [ 90.266589][ T6200] loop1: detected capacity change from 0 to 2048 [ 90.320166][ T5206] loop1: p1 < > p4 [ 90.333575][ T5206] loop1: p4 size 8388608 extends beyond EOD, truncated [ 90.348918][ T5206] loop1: p1 < > p4 [ 90.378797][ T5206] loop1: p4 size 8388608 extends beyond EOD, truncated [ 90.443914][ T6200] loop1: p1 < > p4 [ 90.453094][ T6200] loop1: p4 size 8388608 extends beyond EOD, truncated [ 90.484002][ T6206] IPVS: stopping master sync thread 6208 ... [ 90.591997][ T5206] loop1: p1 < > p4 [ 90.613535][ T5206] loop1: p4 size 8388608 extends beyond EOD, truncated [ 90.629422][ T6210] loop0: detected capacity change from 0 to 512 [ 90.679221][ T6210] EXT4-fs error (device loop0): ext4_orphan_get:1389: inode #15: comm syz.0.113: casefold flag without casefold feature [ 90.716422][ T6210] EXT4-fs error (device loop0): ext4_orphan_get:1394: comm syz.0.113: couldn't read orphan inode 15 (err -117) [ 90.750237][ T6210] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 90.876775][ T6215] loop3: detected capacity change from 0 to 2048 [ 90.879799][ T5837] udevd[5837]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory [ 90.911345][ T5849] udevd[5849]: inotify_add_watch(7, /dev/loop1p4, 10) failed: No such file or directory [ 91.036308][ T5829] loop3: p1 < > p4 [ 91.044042][ T5828] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 91.063265][ T5829] loop3: p4 size 8388608 extends beyond EOD, truncated [ 91.095281][ T5837] udevd[5837]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory [ 91.139622][ T5849] udevd[5849]: inotify_add_watch(7, /dev/loop1p4, 10) failed: No such file or directory [ 91.151288][ T6215] loop3: p1 < > p4 [ 91.185521][ T6215] loop3: p4 size 8388608 extends beyond EOD, truncated [ 91.207300][ T5849] udevd[5849]: inotify_add_watch(7, /dev/loop1p4, 10) failed: No such file or directory [ 91.225693][ T5837] udevd[5837]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory [ 91.328279][ T5837] udevd[5837]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory [ 91.332658][ T5851] udevd[5851]: inotify_add_watch(7, /dev/loop1p4, 10) failed: No such file or directory [ 91.740189][ T5849] udevd[5849]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory [ 91.753913][ T5837] udevd[5837]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory [ 91.841943][ T6233] syz.3.120 uses obsolete (PF_INET,SOCK_PACKET) [ 92.853877][ T120] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 92.890309][ T120] hid-generic 0000:0000:0000.0001: hidraw0: HID v0.00 Device [syz1] on syz0 [ 93.017362][ T6265] process 'syz.3.130' launched './file1' with NULL argv: empty string added [ 93.103046][ T6267] random: crng reseeded on system resumption [ 94.048738][ T6289] loop0: detected capacity change from 0 to 164 [ 94.148396][ T6289] rock: directory entry would overflow storage [ 94.180442][ T6289] rock: sig=0x66, size=4, remaining=3 [ 94.243088][ T6289] rock: directory entry would overflow storage [ 94.250144][ T6289] rock: sig=0x66, size=4, remaining=3 [ 94.343257][ T6289] iso9660: Corrupted directory entry in block 4 of inode 1792 [ 94.414382][ T6302] loop4: detected capacity change from 0 to 256 [ 94.555475][ T6302] FAT-fs (loop4): Directory bread(block 64) failed [ 94.573579][ T6307] random: crng reseeded on system resumption [ 94.581635][ T6302] FAT-fs (loop4): Directory bread(block 65) failed [ 94.629708][ T6302] FAT-fs (loop4): Directory bread(block 66) failed [ 94.679508][ T6302] FAT-fs (loop4): Directory bread(block 67) failed [ 94.751252][ T6302] FAT-fs (loop4): Directory bread(block 68) failed [ 94.805860][ T6302] FAT-fs (loop4): Directory bread(block 69) failed [ 94.848296][ T6302] FAT-fs (loop4): Directory bread(block 70) failed [ 94.882387][ T6302] FAT-fs (loop4): Directory bread(block 71) failed [ 94.908405][ T6302] FAT-fs (loop4): Directory bread(block 72) failed [ 94.931418][ T6302] FAT-fs (loop4): Directory bread(block 73) failed [ 95.079261][ T6302] syz.4.148: attempt to access beyond end of device [ 95.079261][ T6302] loop4: rw=524288, sector=1736, nr_sectors = 32 limit=256 [ 95.145077][ T6302] syz.4.148: attempt to access beyond end of device [ 95.145077][ T6302] loop4: rw=0, sector=1736, nr_sectors = 8 limit=256 [ 95.424246][ T6328] loop3: detected capacity change from 0 to 2048 [ 95.501456][ T6332] random: crng reseeded on system resumption [ 95.508744][ T6328] loop3: p1 < > p4 [ 95.516255][ T6328] loop3: p4 size 8388608 extends beyond EOD, truncated [ 96.845771][ T6371] loop1: detected capacity change from 0 to 2048 [ 96.917535][ T6371] loop1: p1 < > p4 [ 96.927359][ T6371] loop1: p4 size 8388608 extends beyond EOD, truncated [ 97.453002][ T6390] netlink: 16 bytes leftover after parsing attributes in process `syz.3.186'. [ 97.532483][ T29] kauditd_printk_skb: 37 callbacks suppressed [ 97.532500][ T29] audit: type=1326 audit(1732922599.379:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6395 comm="syz.1.189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f645c780849 code=0x7ffc0000 [ 97.567326][ T6394] syzkaller0: entered allmulticast mode [ 97.580220][ T6398] capability: warning: `syz.0.191' uses 32-bit capabilities (legacy support in use) [ 97.668496][ T29] audit: type=1326 audit(1732922599.419:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6395 comm="syz.1.189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f645c780849 code=0x7ffc0000 [ 97.685273][ T6394] syzkaller0 (unregistering): left allmulticast mode [ 97.733328][ T6401] random: crng reseeded on system resumption [ 97.791076][ T29] audit: type=1326 audit(1732922599.429:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6395 comm="syz.1.189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f645c780849 code=0x7ffc0000 [ 97.912713][ T6408] loop0: detected capacity change from 0 to 2048 [ 97.919895][ T29] audit: type=1326 audit(1732922599.429:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6395 comm="syz.1.189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f645c780849 code=0x7ffc0000 [ 97.986440][ T29] audit: type=1326 audit(1732922599.429:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6395 comm="syz.1.189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f645c780849 code=0x7ffc0000 [ 98.025590][ T6408] loop0: p1 < > p4 [ 98.042049][ T6408] loop0: p4 size 8388608 extends beyond EOD, truncated [ 98.129402][ T29] audit: type=1326 audit(1732922599.429:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6395 comm="syz.1.189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7f645c780849 code=0x7ffc0000 [ 98.204459][ T29] audit: type=1326 audit(1732922599.429:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6395 comm="syz.1.189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f645c780849 code=0x7ffc0000 [ 98.227492][ T29] audit: type=1326 audit(1732922599.429:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6395 comm="syz.1.189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7f645c780849 code=0x7ffc0000 [ 98.250014][ T29] audit: type=1326 audit(1732922599.429:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6395 comm="syz.1.189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f645c780849 code=0x7ffc0000 [ 98.450831][ T5837] udevd[5837]: inotify_add_watch(7, /dev/loop0p1, 10) failed: No such file or directory [ 98.485504][ T5849] udevd[5849]: inotify_add_watch(7, /dev/loop0p4, 10) failed: No such file or directory [ 98.608252][ T6430] netlink: 16 bytes leftover after parsing attributes in process `syz.0.202'. [ 98.692098][ T6435] loop3: detected capacity change from 0 to 512 [ 98.915614][ T6435] EXT4-fs error (device loop3): ext4_orphan_get:1389: inode #15: comm syz.3.205: casefold flag without casefold feature [ 98.968116][ T6435] EXT4-fs error (device loop3): ext4_orphan_get:1394: comm syz.3.205: couldn't read orphan inode 15 (err -117) [ 99.009559][ T6435] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 99.088551][ T29] audit: type=1800 audit(1732922600.939:85): pid=6435 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.205" name="file1" dev="loop3" ino=18 res=0 errno=0 [ 99.223641][ T5843] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 99.546399][ T6470] netlink: 16 bytes leftover after parsing attributes in process `syz.4.216'. [ 99.687906][ T6474] random: crng reseeded on system resumption [ 99.911193][ T6485] loop1: detected capacity change from 0 to 512 [ 99.932042][ T6484] netlink: 'syz.3.222': attribute type 27 has an invalid length. [ 99.966867][ T6485] EXT4-fs error (device loop1): ext4_orphan_get:1389: inode #15: comm syz.1.223: casefold flag without casefold feature [ 100.006470][ T6485] EXT4-fs error (device loop1): ext4_orphan_get:1394: comm syz.1.223: couldn't read orphan inode 15 (err -117) [ 100.076778][ T6485] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 100.156542][ T6484] bridge0: port 2(bridge_slave_1) entered disabled state [ 100.166232][ T6484] bridge0: port 1(bridge_slave_0) entered disabled state [ 100.254662][ T5831] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 100.491538][ T6484] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 100.577403][ T6484] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 100.773520][ T6508] loop4: detected capacity change from 0 to 764 [ 100.852917][ T6484] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 100.873216][ T6484] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 100.900861][ T6484] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 100.934361][ T6484] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 101.051313][ T6514] vlan2: entered promiscuous mode [ 101.072289][ T6514] dummy0: entered promiscuous mode [ 101.100207][ T6514] dummy0: left promiscuous mode [ 101.217120][ T6520] loop3: detected capacity change from 0 to 512 [ 101.256728][ T6520] EXT4-fs error (device loop3): ext4_orphan_get:1389: inode #15: comm syz.3.235: casefold flag without casefold feature [ 101.325745][ T6520] EXT4-fs error (device loop3): ext4_orphan_get:1394: comm syz.3.235: couldn't read orphan inode 15 (err -117) [ 101.389356][ T6525] random: crng reseeded on system resumption [ 101.406731][ T6520] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 101.589283][ T5843] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 102.195406][ T6547] loop4: detected capacity change from 0 to 512 [ 102.321532][ T6547] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 102.741352][ T6547] EXT4-fs (loop4): 1 truncate cleaned up [ 102.950574][ T6547] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 103.296432][ T6547] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 103.340841][ T6547] Cannot find set identified by id 0 to match [ 103.350278][ T6561] loop0: detected capacity change from 0 to 512 [ 103.463775][ T6561] EXT4-fs error (device loop0): ext4_orphan_get:1389: inode #15: comm syz.0.248: casefold flag without casefold feature [ 103.540563][ T6561] EXT4-fs error (device loop0): ext4_orphan_get:1394: comm syz.0.248: couldn't read orphan inode 15 (err -117) [ 103.560253][ T6561] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 103.605438][ T29] kauditd_printk_skb: 9 callbacks suppressed [ 103.605457][ T29] audit: type=1800 audit(1732922605.459:95): pid=6561 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.248" name="file1" dev="loop0" ino=18 res=0 errno=0 [ 103.706692][ T5830] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 103.754534][ T5828] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 103.915479][ T6578] random: crng reseeded on system resumption [ 103.943156][ T6581] program syz.0.258 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 104.061273][ T6584] Driver unsupported XDP return value 0 on prog (id 68) dev N/A, expect packet loss! [ 104.595182][ T6609] loop1: detected capacity change from 0 to 512 [ 104.632946][ T6609] EXT4-fs error (device loop1): ext4_orphan_get:1389: inode #15: comm syz.1.269: casefold flag without casefold feature [ 104.683215][ T6609] EXT4-fs error (device loop1): ext4_orphan_get:1394: comm syz.1.269: couldn't read orphan inode 15 (err -117) [ 104.702877][ T6609] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 104.726217][ T29] audit: type=1800 audit(1732922606.579:96): pid=6609 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.269" name="file1" dev="loop1" ino=18 res=0 errno=0 [ 104.764295][ T5831] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 105.398244][ T6641] random: crng reseeded on system resumption [ 105.565400][ T6643] loop0: detected capacity change from 0 to 2048 [ 105.590661][ T6647] loop1: detected capacity change from 0 to 512 [ 105.642771][ T6643] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 105.676666][ T6647] EXT4-fs error (device loop1): ext4_orphan_get:1389: inode #15: comm syz.1.282: casefold flag without casefold feature [ 105.766236][ T6647] EXT4-fs error (device loop1): ext4_orphan_get:1394: comm syz.1.282: couldn't read orphan inode 15 (err -117) [ 105.781049][ T6643] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 105.848695][ T6647] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 105.897120][ T6643] EXT4-fs (loop0): Remounting filesystem read-only [ 105.924030][ T6643] EXT4-fs (loop0): error restoring inline_data for inode -- potential data loss! (inode 12, error -5) [ 105.945202][ T29] audit: type=1800 audit(1732922607.779:97): pid=6647 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.282" name="file1" dev="loop1" ino=18 res=0 errno=0 [ 106.047846][ T5831] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 106.075063][ T5828] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 106.168806][ T29] audit: type=1326 audit(1732922608.019:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6663 comm="syz.1.286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f645c780849 code=0x7ffc0000 [ 106.260036][ T29] audit: type=1326 audit(1732922608.049:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6663 comm="syz.1.286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f645c780849 code=0x7ffc0000 [ 106.374835][ T29] audit: type=1326 audit(1732922608.059:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6663 comm="syz.1.286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=43 compat=0 ip=0x7f645c780849 code=0x7ffc0000 [ 106.463945][ T29] audit: type=1326 audit(1732922608.059:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6663 comm="syz.1.286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f645c780849 code=0x7ffc0000 [ 106.520787][ T29] audit: type=1326 audit(1732922608.059:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6663 comm="syz.1.286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f645c780849 code=0x7ffc0000 [ 106.681385][ T6676] loop1: detected capacity change from 0 to 512 [ 106.724914][ T6676] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #11: comm syz.1.290: invalid indirect mapped block 256 (level 2) [ 106.747868][ T6649] syz.4.283: vmalloc error: size 536870912, failed to allocated page array size 1048576, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 106.801890][ T6649] CPU: 1 UID: 0 PID: 6649 Comm: syz.4.283 Not tainted 6.12.0-next-20241128-syzkaller #0 [ 106.811886][ T6649] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 106.822340][ T6649] Call Trace: [ 106.826723][ T6649] [ 106.829666][ T6649] dump_stack_lvl+0x241/0x360 [ 106.834558][ T6649] ? __pfx_dump_stack_lvl+0x10/0x10 [ 106.839853][ T6649] ? __pfx__printk+0x10/0x10 [ 106.844535][ T6649] ? cpuset_print_current_mems_allowed+0x1f/0x350 [ 106.851318][ T6649] ? cpuset_print_current_mems_allowed+0x31e/0x350 [ 106.858122][ T6649] warn_alloc+0x278/0x410 [ 106.862643][ T6649] ? __pfx_warn_alloc+0x10/0x10 [ 106.868142][ T6649] ? translate_table+0x174/0x2260 [ 106.873280][ T6649] ? __get_vm_area_node+0x1c8/0x2d0 [ 106.879050][ T6649] ? __get_vm_area_node+0x25c/0x2d0 [ 106.884448][ T6649] __vmalloc_node_range_noprof+0x62f/0x1380 [ 106.890634][ T6649] ? __pfx___alloc_pages_noprof+0x10/0x10 [ 106.896478][ T6649] ? rcu_is_watching+0x15/0xb0 [ 106.902050][ T6649] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 106.908601][ T6649] ? rcu_is_watching+0x15/0xb0 [ 106.913657][ T6649] ? trace_kmalloc+0x1f/0xd0 [ 106.918384][ T6649] ? __kmalloc_node_noprof+0x2ad/0x4d0 [ 106.924216][ T6649] ? __kvmalloc_node_noprof+0x72/0x190 [ 106.929716][ T6649] __kvmalloc_node_noprof+0x142/0x190 [ 106.935298][ T6649] ? translate_table+0x174/0x2260 [ 106.940922][ T6649] translate_table+0x174/0x2260 [ 106.946014][ T6649] ? __pfx_translate_table+0x10/0x10 [ 106.951492][ T6649] ? __might_fault+0xaa/0x120 [ 106.956630][ T6649] ? __pfx_lock_release+0x10/0x10 [ 106.962496][ T6649] ? __might_fault+0xaa/0x120 [ 106.968051][ T6649] ? __might_fault+0xc6/0x120 [ 106.972829][ T6649] ? _copy_from_user+0x99/0xc0 [ 106.977605][ T6649] ? copy_from_sockptr_offset+0x6b/0xb0 [ 106.983509][ T6649] do_ipt_set_ctl+0xe3d/0x1250 [ 106.988352][ T6649] ? __pfx___mutex_trylock_common+0x10/0x10 [ 106.994259][ T6649] ? __pfx_do_ipt_set_ctl+0x10/0x10 [ 106.999473][ T6649] ? __pfx_lock_release+0x10/0x10 [ 107.004685][ T6649] ? rcu_is_watching+0x15/0xb0 [ 107.009716][ T6649] ? trace_contention_end+0x3c/0x120 [ 107.015266][ T6649] ? __mutex_unlock_slowpath+0x21e/0x790 [ 107.020984][ T6649] ? __pfx___mutex_lock+0x10/0x10 [ 107.026034][ T6649] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 107.032643][ T6649] ? smc_setsockopt+0x1c3/0xe50 [ 107.037689][ T6649] ? __pfx___mutex_lock+0x10/0x10 [ 107.042867][ T6649] nf_setsockopt+0x295/0x2c0 [ 107.048946][ T6649] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 107.055168][ T6649] smc_setsockopt+0x275/0xe50 [ 107.060355][ T6649] ? __pfx_smc_setsockopt+0x10/0x10 [ 107.066006][ T6649] ? aa_sock_opt_perm+0x79/0x120 [ 107.071181][ T6649] ? __pfx_smc_setsockopt+0x10/0x10 [ 107.076584][ T6649] do_sock_setsockopt+0x3af/0x720 [ 107.082005][ T6649] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 107.087750][ T6649] ? __fget_files+0x395/0x410 [ 107.093213][ T6649] ? __fget_files+0x2a/0x410 [ 107.097970][ T6649] __x64_sys_setsockopt+0x1ee/0x280 [ 107.103219][ T6649] do_syscall_64+0xf3/0x230 [ 107.108388][ T6649] ? clear_bhb_loop+0x35/0x90 [ 107.113076][ T6649] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 107.119328][ T6649] RIP: 0033:0x7f19e6580849 [ 107.124160][ T6649] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 107.144680][ T6649] RSP: 002b:00007f19e7330058 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 107.153227][ T6649] RAX: ffffffffffffffda RBX: 00007f19e6745fa0 RCX: 00007f19e6580849 [ 107.162444][ T6649] RDX: 0000000000000040 RSI: 0004000000000000 RDI: 0000000000000004 [ 107.171070][ T6649] RBP: 00007f19e65f3986 R08: 0000000000000298 R09: 0000000000000000 [ 107.179333][ T6649] R10: 0000000020000300 R11: 0000000000000246 R12: 0000000000000000 [ 107.187344][ T6649] R13: 0000000000000000 R14: 00007f19e6745fa0 R15: 00007ffe66cc26e8 [ 107.196054][ T6649] [ 107.221948][ T6649] Mem-Info: [ 107.225507][ T6649] active_anon:4750 inactive_anon:0 isolated_anon:0 [ 107.225507][ T6649] active_file:10883 inactive_file:38203 isolated_file:0 [ 107.225507][ T6649] unevictable:768 dirty:98 writeback:0 [ 107.225507][ T6649] slab_reclaimable:9771 slab_unreclaimable:96810 [ 107.225507][ T6649] mapped:28918 shmem:1486 pagetables:771 [ 107.225507][ T6649] sec_pagetables:0 bounce:0 [ 107.225507][ T6649] kernel_misc_reclaimable:0 [ 107.225507][ T6649] free:1311938 free_pcp:213 free_cma:0 [ 107.250342][ T6676] EXT4-fs (loop1): Remounting filesystem read-only [ 107.291891][ T6649] Node 0 active_anon:19000kB inactive_anon:0kB active_file:43532kB inactive_file:152740kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:115672kB dirty:392kB writeback:0kB shmem:4408kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11120kB pagetables:3084kB sec_pagetables:0kB all_unreclaimable? no [ 107.328365][ T6676] EXT4-fs (loop1): 2 truncates cleaned up [ 107.349055][ T6649] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:72kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no [ 107.372595][ T6676] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 107.473629][ T6649] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 107.519252][ T6676] capability: warning: `syz.1.290' uses deprecated v2 capabilities in a way that may be insecure [ 107.565412][ T6649] lowmem_reserve[]: 0 2465 2466 0 0 [ 107.588132][ T6649] Node 0 DMA32 free:1312468kB boost:0kB min:34200kB low:42748kB high:51296kB reserved_highatomic:0KB active_anon:18864kB inactive_anon:0kB active_file:43532kB inactive_file:151952kB unevictable:1536kB writepending:408kB present:3129332kB managed:2552840kB mlocked:0kB bounce:0kB free_pcp:29592kB local_pcp:27836kB free_cma:0kB [ 107.651897][ T6649] lowmem_reserve[]: 0 0 0 0 0 [ 107.663960][ T6649] Node 0 Normal free:0kB boost:0kB min:8kB low:8kB high:8kB reserved_highatomic:0KB active_anon:40kB inactive_anon:0kB active_file:0kB inactive_file:836kB unevictable:0kB writepending:0kB present:1048580kB managed:876kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 107.742145][ T6649] lowmem_reserve[]: 0 0 0 0 0 [ 107.790607][ T6649] Node 1 Normal free:3913288kB boost:0kB min:55688kB low:69608kB high:83528kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:72kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:24kB local_pcp:0kB free_cma:0kB [ 107.867515][ T6649] lowmem_reserve[]: 0 0 0 0 0 [ 107.880029][ T6692] loop3: detected capacity change from 0 to 512 [ 107.895264][ T6649] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 108.617772][ T6649] Node 0 DMA32: 716*4kB (UM) 115*8kB (UM) 53*16kB (UME) 322*32kB (UME) 307*64kB (UME) 200*128kB (UME) 61*256kB (UM) 26*512kB (UME) 15*1024kB (UM) 1*2048kB (M) 301*4096kB (M) = 1339416kB [ 108.699690][ T5831] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 108.742254][ T6649] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 108.777261][ T6692] EXT4-fs error (device loop3): ext4_orphan_get:1389: inode #15: comm syz.3.296: casefold flag without casefold feature [ 108.814221][ T6649] Node 1 Normal: 224*4kB (UE) 49*8kB (UME) 30*16kB (UME) 171*32kB (UME) 74*64kB (UME) 31*128kB (UME) 10*256kB (UM) 9*512kB (UME) 3*1024kB (UM) 4*2048kB (UE) 947*4096kB (M) = 3913288kB [ 108.836789][ T6692] EXT4-fs error (device loop3): ext4_orphan_get:1394: comm syz.3.296: couldn't read orphan inode 15 (err -117) [ 108.851287][ T6692] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 108.928811][ T6649] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 108.943861][ T6649] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 108.955441][ T29] audit: type=1800 audit(1732922610.809:103): pid=6692 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.296" name="file1" dev="loop3" ino=18 res=0 errno=0 [ 108.983374][ T6706] random: crng reseeded on system resumption [ 108.999697][ T6649] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 109.030427][ T6649] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 109.047392][ T6649] 50591 total pagecache pages [ 109.057829][ T6649] 0 pages in swap cache [ 109.063566][ T6649] Free swap = 124728kB [ 109.070002][ T6649] Total swap = 124996kB [ 109.074399][ T6649] 2097051 pages RAM [ 109.074640][ T5843] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 109.078579][ T6649] 0 pages HighMem/MovableOnly [ 109.097751][ T6649] 426991 pages reserved [ 109.102129][ T6649] 0 pages cma reserved [ 110.060836][ T6727] loop1: detected capacity change from 0 to 2048 [ 110.133026][ T6727] loop1: p1 < > p4 [ 110.142291][ T6727] loop1: p4 size 8388608 extends beyond EOD, truncated [ 110.486237][ T6733] delete_channel: no stack [ 112.350298][ T6760] random: crng reseeded on system resumption [ 112.966981][ T29] audit: type=1326 audit(1732922614.819:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6772 comm="syz.4.320" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f19e6580849 code=0x7ffc0000 [ 113.050302][ T6776] loop0: detected capacity change from 0 to 512 [ 113.070713][ T29] audit: type=1326 audit(1732922614.819:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6772 comm="syz.4.320" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f19e6580849 code=0x7ffc0000 [ 113.152469][ T29] audit: type=1326 audit(1732922614.869:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6772 comm="syz.4.320" exe="/root/syz-executor" sig=0 arch=c000003e syscall=10 compat=0 ip=0x7f19e6580849 code=0x7ffc0000 [ 113.178486][ T6776] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2240: inode #15: comm syz.0.321: corrupted in-inode xattr: invalid ea_ino [ 113.204724][ T6781] program syz.2.318 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 113.233436][ T6776] EXT4-fs error (device loop0): ext4_orphan_get:1394: comm syz.0.321: couldn't read orphan inode 15 (err -117) [ 113.272305][ T29] audit: type=1326 audit(1732922614.869:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6772 comm="syz.4.320" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f19e6580849 code=0x7ffc0000 [ 113.297535][ T6776] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 113.371809][ T29] audit: type=1326 audit(1732922614.869:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6772 comm="syz.4.320" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f19e6580849 code=0x7ffc0000 [ 113.445431][ T29] audit: type=1326 audit(1732922615.109:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6779 comm="syz.4.323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f19e6580849 code=0x7ffc0000 [ 113.536681][ T29] audit: type=1326 audit(1732922615.109:110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6779 comm="syz.4.323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f19e6580849 code=0x7ffc0000 [ 113.565072][ T29] audit: type=1326 audit(1732922615.119:111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6779 comm="syz.4.323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f19e6580849 code=0x7ffc0000 [ 113.591575][ T5828] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 113.651194][ T29] audit: type=1326 audit(1732922615.119:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6779 comm="syz.4.323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f19e6580849 code=0x7ffc0000 [ 114.004019][ T6809] random: crng reseeded on system resumption [ 114.098677][ T6813] loop3: detected capacity change from 0 to 256 [ 114.140191][ T6813] FAT-fs (loop3): bogus number of FAT sectors [ 114.168117][ T6813] FAT-fs (loop3): Can't find a valid FAT filesystem [ 114.314428][ T6817] loop7: detected capacity change from 0 to 16384 [ 115.745042][ T6828] delete_channel: no stack [ 115.889160][ T6831] loop3: detected capacity change from 0 to 2048 [ 115.936904][ T6831] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 116.212809][ T6823] loop7: detected capacity change from 16384 to 16383 [ 116.330868][ T6835] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 116.845618][ T6840] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 117.098019][ T6853] loop4: detected capacity change from 0 to 512 [ 117.122825][ T6853] EXT4-fs: Ignoring removed i_version option [ 117.177812][ T6853] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 117.243821][ T6853] EXT4-fs (loop4): 1 orphan inode deleted [ 117.249733][ T6853] EXT4-fs (loop4): 1 truncate cleaned up [ 117.325574][ T6853] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 117.350470][ T5838] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 117.360988][ T5838] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 117.381616][ T5838] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 117.443511][ T6860] loop0: detected capacity change from 0 to 512 [ 117.472178][ T6860] EXT4-fs: Ignoring removed orlov option [ 117.522572][ T5838] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 117.540160][ T5838] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 117.541955][ T68] bridge_slave_1: left allmulticast mode [ 117.553804][ T5838] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 117.553947][ T6860] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 117.642084][ T5830] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 117.664884][ T68] bridge_slave_1: left promiscuous mode [ 117.672828][ T6860] EXT4-fs (loop0): orphan cleanup on readonly fs [ 117.707228][ T68] bridge0: port 2(bridge_slave_1) entered disabled state [ 117.730680][ T6860] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.351: bg 0: block 248: padding at end of block bitmap is not set [ 117.787564][ T68] bridge_slave_0: left allmulticast mode [ 117.807016][ T68] bridge_slave_0: left promiscuous mode [ 117.813747][ T6860] __quota_error: 33 callbacks suppressed [ 117.813766][ T6860] Quota error (device loop0): write_blk: dquota write failed [ 117.830180][ T68] bridge0: port 1(bridge_slave_0) entered disabled state [ 117.849468][ T6875] random: crng reseeded on system resumption [ 117.862283][ T6860] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota [ 117.917278][ T6860] EXT4-fs error (device loop0): ext4_acquire_dquot:6938: comm syz.0.351: Failed to acquire dquot type 1 [ 117.949529][ T6860] EXT4-fs (loop0): 1 truncate cleaned up [ 117.960925][ T6879] loop4: detected capacity change from 0 to 128 [ 117.967414][ T6860] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 118.024794][ T6879] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 118.159646][ T6860] EXT4-fs: Ignoring removed orlov option [ 118.166313][ T6860] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 118.196386][ T6879] ext4 filesystem being mounted at /54/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 118.211613][ T6860] EXT4-fs (loop0): warning: mounting fs with errors, running e2fsck is recommended [ 118.256311][ T6860] EXT4-fs error (device loop0): __ext4_remount:6749: comm syz.0.351: Abort forced by user [ 118.286644][ T6860] EXT4-fs (loop0): Remounting filesystem read-only [ 118.318411][ T6860] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback. [ 118.360798][ T6860] ext4 filesystem being remounted at /76/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 118.380440][ T6864] warn_alloc: 1 callbacks suppressed [ 118.380463][ T6864] syz.1.353: vmalloc error: size 536870912, failed to allocated page array size 1048576, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null) [ 118.392093][ T5830] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 118.419703][ T6864] ,cpuset=/,mems_allowed=0-1 [ 118.424965][ T6864] CPU: 0 UID: 0 PID: 6864 Comm: syz.1.353 Not tainted 6.12.0-next-20241128-syzkaller #0 [ 118.435367][ T6864] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 118.446212][ T6864] Call Trace: [ 118.449878][ T6864] [ 118.452933][ T6864] dump_stack_lvl+0x241/0x360 [ 118.458133][ T6864] ? __pfx_dump_stack_lvl+0x10/0x10 [ 118.463755][ T6864] ? __pfx__printk+0x10/0x10 [ 118.468573][ T6864] ? cpuset_print_current_mems_allowed+0x1f/0x350 [ 118.476408][ T6864] ? cpuset_print_current_mems_allowed+0x31e/0x350 [ 118.484845][ T6864] warn_alloc+0x278/0x410 [ 118.490738][ T6864] ? __pfx_warn_alloc+0x10/0x10 [ 118.496190][ T6864] ? translate_table+0x174/0x2260 [ 118.501709][ T6864] ? __get_vm_area_node+0x1c8/0x2d0 [ 118.507487][ T6864] ? __get_vm_area_node+0x25c/0x2d0 [ 118.514325][ T6864] __vmalloc_node_range_noprof+0x62f/0x1380 [ 118.521414][ T6864] ? __pfx___alloc_pages_noprof+0x10/0x10 [ 118.528639][ T6864] ? rcu_is_watching+0x15/0xb0 [ 118.535387][ T6864] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 118.544425][ T6864] ? rcu_is_watching+0x15/0xb0 [ 118.549986][ T6864] ? trace_kmalloc+0x1f/0xd0 [ 118.550014][ T6864] ? __kmalloc_node_noprof+0x2ad/0x4d0 [ 118.560873][ T6864] ? __kvmalloc_node_noprof+0x72/0x190 [ 118.567230][ T6864] __kvmalloc_node_noprof+0x142/0x190 [ 118.572796][ T6864] ? translate_table+0x174/0x2260 [ 118.572829][ T6864] translate_table+0x174/0x2260 [ 118.572874][ T6864] ? __pfx_translate_table+0x10/0x10 [ 118.572897][ T6864] ? __might_fault+0xaa/0x120 [ 118.572920][ T6864] ? __pfx_lock_release+0x10/0x10 [ 118.600236][ T6864] ? __might_fault+0xaa/0x120 [ 118.605128][ T6864] ? __might_fault+0xc6/0x120 [ 118.609972][ T6864] ? _copy_from_user+0x99/0xc0 [ 118.615149][ T6864] ? copy_from_sockptr_offset+0x6b/0xb0 [ 118.621170][ T6864] do_ipt_set_ctl+0xe3d/0x1250 [ 118.625950][ T6864] ? __pfx___mutex_trylock_common+0x10/0x10 [ 118.632521][ T6864] ? __pfx_do_ipt_set_ctl+0x10/0x10 [ 118.637762][ T6864] ? __pfx_lock_release+0x10/0x10 [ 118.642880][ T6864] ? rcu_is_watching+0x15/0xb0 [ 118.648508][ T6864] ? trace_contention_end+0x3c/0x120 [ 118.654343][ T6864] ? __mutex_unlock_slowpath+0x21e/0x790 [ 118.661783][ T6864] ? __pfx___mutex_lock+0x10/0x10 [ 118.666842][ T6864] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 118.673108][ T6864] ? smc_setsockopt+0x1c3/0xe50 [ 118.678174][ T6864] ? __pfx___mutex_lock+0x10/0x10 [ 118.683517][ T6864] nf_setsockopt+0x295/0x2c0 [ 118.688590][ T6864] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 118.694784][ T6864] smc_setsockopt+0x275/0xe50 [ 118.699496][ T6864] ? __pfx_smc_setsockopt+0x10/0x10 [ 118.704899][ T6864] ? aa_sock_opt_perm+0x79/0x120 [ 118.710373][ T6864] ? __pfx_smc_setsockopt+0x10/0x10 [ 118.715594][ T6864] do_sock_setsockopt+0x3af/0x720 [ 118.720728][ T6864] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 118.726282][ T6864] ? __fget_files+0x395/0x410 [ 118.731240][ T6864] ? __fget_files+0x2a/0x410 [ 118.736217][ T6864] __x64_sys_setsockopt+0x1ee/0x280 [ 118.742244][ T6864] do_syscall_64+0xf3/0x230 [ 118.746859][ T6864] ? clear_bhb_loop+0x35/0x90 [ 118.751671][ T6864] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 118.758082][ T6864] RIP: 0033:0x7f645c780849 [ 118.763071][ T6864] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 118.784269][ T6864] RSP: 002b:00007f645d4e4058 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 118.794524][ T6864] RAX: ffffffffffffffda RBX: 00007f645c945fa0 RCX: 00007f645c780849 [ 118.802708][ T6864] RDX: 0000000000000040 RSI: 0004000000000000 RDI: 0000000000000004 [ 118.810922][ T6864] RBP: 00007f645c7f3986 R08: 0000000000000298 R09: 0000000000000000 [ 118.819156][ T6864] R10: 0000000020000300 R11: 0000000000000246 R12: 0000000000000000 [ 118.827524][ T6864] R13: 0000000000000000 R14: 00007f645c945fa0 R15: 00007ffcd7fff7a8 [ 118.835886][ T6864] [ 118.843436][ T6864] Mem-Info: [ 118.847133][ T6864] active_anon:5738 inactive_anon:0 isolated_anon:0 [ 118.847133][ T6864] active_file:10917 inactive_file:38234 isolated_file:0 [ 118.847133][ T6864] unevictable:768 dirty:226 writeback:0 [ 118.847133][ T6864] slab_reclaimable:9811 slab_unreclaimable:97427 [ 118.847133][ T6864] mapped:30967 shmem:2407 pagetables:774 [ 118.847133][ T6864] sec_pagetables:0 bounce:0 [ 118.847133][ T6864] kernel_misc_reclaimable:0 [ 118.847133][ T6864] free:1317030 free_pcp:1101 free_cma:0 [ 118.881034][ T6860] syz.0.351 (6860) used greatest stack depth: 18904 bytes left [ 118.897308][ T6864] Node 0 active_anon:22952kB inactive_anon:0kB active_file:43668kB inactive_file:152864kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:123868kB dirty:904kB writeback:0kB shmem:8092kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11096kB pagetables:3096kB sec_pagetables:0kB all_unreclaimable? no [ 118.939155][ T6864] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:72kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no [ 119.007513][ T6864] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 119.044119][ T5828] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 119.080924][ T6885] loop4: detected capacity change from 0 to 512 [ 119.110648][ T6864] lowmem_reserve[]: 0 2465 2466 0 0 [ 119.116395][ T6864] Node 0 DMA32 free:1345360kB boost:0kB min:34200kB low:42748kB high:51296kB reserved_highatomic:0KB active_anon:22812kB inactive_anon:0kB active_file:43668kB inactive_file:152028kB unevictable:1536kB writepending:904kB present:3129332kB managed:2552840kB mlocked:0kB bounce:0kB free_pcp:252kB local_pcp:572kB free_cma:0kB [ 119.160785][ T6864] lowmem_reserve[]: 0 0 0 0 0 [ 119.176256][ T6864] Node 0 Normal free:0kB boost:0kB min:8kB low:8kB high:8kB reserved_highatomic:0KB active_anon:40kB inactive_anon:0kB active_file:0kB inactive_file:836kB unevictable:0kB writepending:0kB present:1048580kB managed:876kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 119.178420][ T6885] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 119.204524][ T6864] lowmem_reserve[]: 0 0 0 0 0 [ 119.235612][ T6864] Node 1 Normal free:3913036kB boost:0kB min:55688kB low:69608kB high:83528kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:72kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:268kB local_pcp:244kB free_cma:0kB [ 119.274041][ T6885] ext4 filesystem being mounted at /55/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 119.289277][ T6864] lowmem_reserve[]: 0 0 0 0 0 [ 119.309379][ T6864] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 119.339993][ T6885] Quota error (device loop4): do_check_range: Getting block 4128768 out of range 0-5 [ 119.388042][ T6864] Node 0 DMA32: 2*4kB (UM) 39*8kB (UM) 184*16kB (ME) 342*32kB (UME) 276*64kB (UME) 170*128kB (UME) 35*256kB (UM) 48*512kB (UME) 47*1024kB (UM) 20*2048kB (UM) 285*4096kB (UM) = 1343616kB [ 119.442111][ T6864] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 119.465524][ T6894] xt_hashlimit: max too large, truncated to 1048576 [ 119.472909][ T6864] Node 1 Normal: 222*4kB (UE) 49*8kB (UME) 30*16kB (UME) 171*32kB (UME) 74*64kB (UME) 31*128kB (UME) 10*256kB (UM) 9*512kB (UME) 3*1024kB (UM) 4*2048kB (UE) 947*4096kB (M) = 3913280kB [ 119.474224][ T5830] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 119.511078][ T6864] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 119.526293][ T6864] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 119.550299][ T6864] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 119.563589][ T6864] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 119.593891][ T6864] 51456 total pagecache pages [ 119.598884][ T6864] 0 pages in swap cache [ 119.613464][ T5838] Bluetooth: hci4: command tx timeout [ 119.617506][ T6864] Free swap = 124472kB [ 119.653994][ T6864] Total swap = 124996kB [ 119.658590][ T6864] 2097051 pages RAM [ 119.662543][ T6864] 0 pages HighMem/MovableOnly [ 119.667484][ T6864] 426991 pages reserved [ 119.668706][ T29] audit: type=1326 audit(1732922621.519:146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6896 comm="syz.0.362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d15f80849 code=0x7ffc0000 [ 119.671909][ T6864] 0 pages cma reserved [ 119.702396][ T29] audit: type=1326 audit(1732922621.549:147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6896 comm="syz.0.362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9d15f80849 code=0x7ffc0000 [ 119.732286][ T68] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 119.766659][ T68] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 119.777721][ T68] bond0 (unregistering): Released all slaves [ 119.852055][ T29] audit: type=1326 audit(1732922621.549:148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6896 comm="syz.0.362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d15f80849 code=0x7ffc0000 [ 119.880197][ T6897] loop0: detected capacity change from 0 to 1024 [ 119.991835][ T29] audit: type=1326 audit(1732922621.549:149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6896 comm="syz.0.362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d15f80849 code=0x7ffc0000 [ 120.080206][ T6897] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 120.143611][ T29] audit: type=1326 audit(1732922621.549:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6896 comm="syz.0.362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9d15f80849 code=0x7ffc0000 [ 120.166898][ T29] audit: type=1326 audit(1732922621.579:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6896 comm="syz.0.362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d15f80849 code=0x7ffc0000 [ 120.190182][ T29] audit: type=1326 audit(1732922621.579:152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6896 comm="syz.0.362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9d15f80849 code=0x7ffc0000 [ 120.259822][ T5828] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 120.260032][ T6905] tmpfs: Bad value for 'mpol' [ 121.162969][ T6934] loop2: detected capacity change from 0 to 512 [ 121.428650][ T6934] EXT4-fs error (device loop2): ext4_orphan_get:1389: inode #15: comm syz.2.372: casefold flag without casefold feature [ 121.844349][ T5838] Bluetooth: hci4: command tx timeout [ 122.140493][ T68] hsr_slave_0: left promiscuous mode [ 122.167553][ T6934] EXT4-fs error (device loop2): ext4_orphan_get:1394: comm syz.2.372: couldn't read orphan inode 15 (err -117) [ 122.173697][ T6934] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 122.186907][ T68] hsr_slave_1: left promiscuous mode [ 122.191419][ T68] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 122.207580][ T68] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 122.265496][ T6944] tty tty21: ldisc open failed (-12), clearing slot 20 [ 122.304528][ T5840] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 122.450492][ T6955] delete_channel: no stack [ 123.208911][ T68] team0 (unregistering): Port device team_slave_1 removed [ 123.286472][ T68] team0 (unregistering): Port device team_slave_0 removed [ 123.765401][ T6950] : renamed from vlan0 (while UP) [ 123.815323][ T6861] chnl_net:caif_netlink_parms(): no params data found [ 123.851864][ T5838] Bluetooth: hci4: command tx timeout [ 124.019913][ T6981] loop2: detected capacity change from 0 to 512 [ 124.060922][ T6982] delete_channel: no stack [ 124.075788][ T6981] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2240: inode #15: comm syz.2.386: corrupted in-inode xattr: invalid ea_ino [ 124.125816][ T6981] EXT4-fs error (device loop2): ext4_orphan_get:1394: comm syz.2.386: couldn't read orphan inode 15 (err -117) [ 124.200632][ T6981] EXT4-fs (loop2): mounted filesystem 00000007-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 124.306306][ T6861] bridge0: port 1(bridge_slave_0) entered blocking state [ 124.343633][ T6861] bridge0: port 1(bridge_slave_0) entered disabled state [ 124.362861][ T6861] bridge_slave_0: entered allmulticast mode [ 124.363601][ T5840] EXT4-fs (loop2): unmounting filesystem 00000007-0000-0000-0000-000000000000. [ 124.378811][ T6861] bridge_slave_0: entered promiscuous mode [ 124.423581][ T6861] bridge0: port 2(bridge_slave_1) entered blocking state [ 124.436981][ T6861] bridge0: port 2(bridge_slave_1) entered disabled state [ 124.444518][ T6861] bridge_slave_1: entered allmulticast mode [ 124.452338][ T6861] bridge_slave_1: entered promiscuous mode [ 124.510653][ T6861] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 124.574518][ T6861] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 124.600148][ T7003] loop2: detected capacity change from 0 to 128 [ 124.706970][ T7003] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 124.745899][ T6861] team0: Port device team_slave_0 added [ 124.815248][ T6861] team0: Port device team_slave_1 added [ 124.821146][ T7003] ext4 filesystem being mounted at /81/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 125.046436][ T5840] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 125.180426][ T6861] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 125.194901][ T6861] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 125.248857][ T6861] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 125.290700][ T29] kauditd_printk_skb: 91 callbacks suppressed [ 125.290719][ T29] audit: type=1326 audit(1732922627.139:244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7018 comm="syz.4.395" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f19e6580849 code=0x7ffc0000 [ 125.388585][ T29] audit: type=1326 audit(1732922627.139:245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7018 comm="syz.4.395" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f19e6580849 code=0x7ffc0000 [ 125.391236][ T6861] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 125.455233][ T6861] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 125.494524][ T29] audit: type=1326 audit(1732922627.139:246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7018 comm="syz.4.395" exe="/root/syz-executor" sig=0 arch=c000003e syscall=333 compat=0 ip=0x7f19e6580849 code=0x7ffc0000 [ 125.552541][ T29] audit: type=1326 audit(1732922627.139:247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7018 comm="syz.4.395" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f19e6580849 code=0x7ffc0000 [ 125.596613][ T6861] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 125.654772][ T29] audit: type=1326 audit(1732922627.139:248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7018 comm="syz.4.395" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f19e6580849 code=0x7ffc0000 [ 125.709028][ T29] audit: type=1326 audit(1732922627.139:249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7018 comm="syz.4.395" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f19e6580849 code=0x7ffc0000 [ 125.816740][ T6861] hsr_slave_0: entered promiscuous mode [ 125.835451][ T6861] hsr_slave_1: entered promiscuous mode [ 125.867667][ T29] audit: type=1326 audit(1732922627.139:250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7018 comm="syz.4.395" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f19e6580849 code=0x7ffc0000 [ 125.898272][ T6861] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 125.927759][ T6861] Cannot create hsr debugfs directory [ 125.948195][ T5838] Bluetooth: hci4: command tx timeout [ 126.052731][ T29] audit: type=1326 audit(1732922627.179:251): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7018 comm="syz.4.395" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f19e6580849 code=0x7ffc0000 [ 126.106455][ T29] audit: type=1326 audit(1732922627.179:252): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7018 comm="syz.4.395" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f19e6580849 code=0x7ffc0000 [ 126.129042][ T29] audit: type=1326 audit(1732922627.189:253): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7018 comm="syz.4.395" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f19e657f1b0 code=0x7ffc0000 [ 126.527644][ T7041] random: crng reseeded on system resumption [ 126.845503][ T6861] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 127.666073][ T6861] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 127.812872][ T6861] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 127.902495][ T6861] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 128.564690][ T6861] 8021q: adding VLAN 0 to HW filter on device bond0 [ 128.628818][ T6861] 8021q: adding VLAN 0 to HW filter on device team0 [ 128.724302][ T6861] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 128.734793][ T6861] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 128.766417][ T3018] bridge0: port 1(bridge_slave_0) entered blocking state [ 128.773895][ T3018] bridge0: port 1(bridge_slave_0) entered forwarding state [ 128.783488][ T3018] bridge0: port 2(bridge_slave_1) entered blocking state [ 128.791073][ T3018] bridge0: port 2(bridge_slave_1) entered forwarding state [ 129.857446][ T6861] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 130.745858][ T7107] loop2: detected capacity change from 0 to 512 [ 130.783587][ T7107] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 130.845815][ T7107] EXT4-fs (loop2): orphan cleanup on readonly fs [ 130.879405][ T6861] veth0_vlan: entered promiscuous mode [ 130.892258][ T6861] veth1_vlan: entered promiscuous mode [ 130.915263][ T6861] veth0_macvtap: entered promiscuous mode [ 130.924977][ T6861] veth1_macvtap: entered promiscuous mode [ 130.930129][ T7107] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.412: bg 0: block 248: padding at end of block bitmap is not set [ 130.939477][ T6861] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 130.959427][ T6861] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 130.969652][ T6861] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 130.980524][ T6861] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 130.990438][ T6861] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 131.001067][ T6861] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 131.012071][ T6861] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 131.023664][ T6861] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 131.035052][ T6861] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 131.047141][ T6861] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 131.057952][ T6861] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 131.071796][ T6861] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 131.082884][ T6861] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 131.093338][ T6861] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 131.103860][ T6861] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 131.113977][ T6861] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 131.124513][ T6861] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 131.135548][ T6861] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 131.146655][ T7107] __quota_error: 52 callbacks suppressed [ 131.146670][ T7107] Quota error (device loop2): write_blk: dquota write failed [ 131.160649][ T7107] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota [ 131.212244][ T7107] EXT4-fs error (device loop2): ext4_acquire_dquot:6938: comm syz.2.412: Failed to acquire dquot type 1 [ 131.314563][ T6861] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 131.330592][ T7107] EXT4-fs (loop2): 1 truncate cleaned up [ 131.341991][ T6861] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 131.364661][ T6861] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 131.379351][ T6861] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 131.396352][ T7107] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 133.130751][ T7107] syz.2.412 (7107) used greatest stack depth: 17656 bytes left [ 133.327840][ T5840] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 133.365173][ T52] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 133.396551][ T1295] ieee802154 phy0 wpan0: encryption failed: -22 [ 133.455312][ T52] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 133.595143][ T3523] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 133.628302][ T3523] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 134.097612][ T29] audit: type=1326 audit(1732922635.949:306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7171 comm="syz.2.429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63c1380849 code=0x7ffc0000 [ 134.145178][ T29] audit: type=1326 audit(1732922635.969:307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7171 comm="syz.2.429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=333 compat=0 ip=0x7f63c1380849 code=0x7ffc0000 [ 134.202084][ T29] audit: type=1326 audit(1732922635.969:308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7171 comm="syz.2.429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63c1380849 code=0x7ffc0000 [ 134.224737][ T29] audit: type=1326 audit(1732922635.969:309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7171 comm="syz.2.429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f63c1380849 code=0x7ffc0000 [ 134.247635][ T29] audit: type=1326 audit(1732922636.019:310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7171 comm="syz.2.429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63c1380849 code=0x7ffc0000 [ 134.271030][ T29] audit: type=1326 audit(1732922636.019:311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7171 comm="syz.2.429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63c1380849 code=0x7ffc0000 [ 134.293769][ T29] audit: type=1326 audit(1732922636.019:312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7171 comm="syz.2.429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f63c1380849 code=0x7ffc0000 [ 134.316618][ T29] audit: type=1326 audit(1732922636.019:313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7171 comm="syz.2.429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63c1380849 code=0x7ffc0000 [ 135.094474][ T7211] loop0: detected capacity change from 0 to 2048 [ 135.247934][ T7211] loop0: p1 < > p4 [ 135.270891][ T7211] loop0: p4 size 8388608 extends beyond EOD, truncated [ 135.373726][ T5206] loop0: p1 < > p4 [ 135.392388][ T5206] loop0: p4 size 8388608 extends beyond EOD, truncated [ 135.657311][ T5849] udevd[5849]: inotify_add_watch(7, /dev/loop0p4, 10) failed: No such file or directory [ 135.679592][ T5837] udevd[5837]: inotify_add_watch(7, /dev/loop0p1, 10) failed: No such file or directory [ 135.703741][ T5849] udevd[5849]: inotify_add_watch(7, /dev/loop0p4, 10) failed: No such file or directory [ 135.726973][ T5837] udevd[5837]: inotify_add_watch(7, /dev/loop0p1, 10) failed: No such file or directory [ 135.758889][ T5849] udevd[5849]: inotify_add_watch(7, /dev/loop0p4, 10) failed: No such file or directory [ 135.837089][ T5837] udevd[5837]: inotify_add_watch(7, /dev/loop0p1, 10) failed: No such file or directory [ 136.239758][ T29] kauditd_printk_skb: 53 callbacks suppressed [ 136.239776][ T29] audit: type=1326 audit(1732922638.089:367): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7263 comm="syz.2.459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63c1380849 code=0x7ffc0000 [ 136.351439][ T29] audit: type=1326 audit(1732922638.129:368): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7263 comm="syz.2.459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63c1380849 code=0x7ffc0000 [ 136.401581][ T7266] loop4: detected capacity change from 0 to 2048 [ 136.410822][ T29] audit: type=1326 audit(1732922638.129:369): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7263 comm="syz.2.459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=333 compat=0 ip=0x7f63c1380849 code=0x7ffc0000 [ 136.488481][ T29] audit: type=1326 audit(1732922638.129:370): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7263 comm="syz.2.459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63c1380849 code=0x7ffc0000 [ 136.513158][ T7279] loop4: p1 < > p4 [ 136.551624][ T7279] loop4: p4 size 8388608 extends beyond EOD, truncated [ 136.604098][ T7266] loop4: p1 < > p4 [ 136.626695][ T29] audit: type=1326 audit(1732922638.129:371): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7263 comm="syz.2.459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63c1380849 code=0x7ffc0000 [ 136.701160][ T7266] loop4: p4 size 8388608 extends beyond EOD, truncated [ 136.719431][ T29] audit: type=1326 audit(1732922638.149:372): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7263 comm="syz.2.459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f63c1380849 code=0x7ffc0000 [ 136.764199][ T5832] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 136.819022][ T29] audit: type=1326 audit(1732922638.149:373): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7263 comm="syz.2.459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63c1380849 code=0x7ffc0000 [ 136.892112][ T29] audit: type=1326 audit(1732922638.149:374): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7263 comm="syz.2.459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f63c1380849 code=0x7ffc0000 [ 136.919361][ T29] audit: type=1326 audit(1732922638.149:375): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7263 comm="syz.2.459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63c1380849 code=0x7ffc0000 [ 136.943118][ T29] audit: type=1326 audit(1732922638.149:376): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7263 comm="syz.2.459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f63c137f1b0 code=0x7ffc0000 [ 137.046886][ T5837] udevd[5837]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory [ 137.048249][ T5849] udevd[5849]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory [ 137.057172][ T5832] usb 1-1: Using ep0 maxpacket: 16 [ 137.078037][ T7293] loop1: detected capacity change from 0 to 2048 [ 137.136151][ T5832] usb 1-1: config 0 has no interfaces? [ 137.141112][ T7293] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 137.161239][ T5851] udevd[5851]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory [ 137.174731][ T5837] udevd[5837]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory [ 137.178641][ T5832] usb 1-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 137.195470][ T5832] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 137.204358][ T5832] usb 1-1: Product: syz [ 137.208562][ T5832] usb 1-1: Manufacturer: syz [ 137.219870][ T5832] usb 1-1: SerialNumber: syz [ 137.238765][ T5832] r8152-cfgselector 1-1: Unknown version 0x0000 [ 137.245410][ T5832] r8152-cfgselector 1-1: config 0 descriptor?? [ 137.454128][ T7308] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 137.679536][ T5883] r8152-cfgselector 1-1: USB disconnect, device number 2 [ 137.710448][ T5831] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 137.956249][ T7327] ALSA: seq fatal error: cannot create timer (-22) [ 138.115664][ T7334] loop1: detected capacity change from 0 to 2048 [ 138.279682][ T7334] loop1: p1 < > p4 [ 138.322983][ T7334] loop1: p4 size 8388608 extends beyond EOD, truncated [ 138.456959][ T5206] loop1: p1 < > p4 [ 138.466748][ T5206] loop1: p4 size 8388608 extends beyond EOD, truncated [ 138.479960][ T7350] netlink: 4 bytes leftover after parsing attributes in process `syz.0.483'. [ 138.553455][ T7354] loop2: detected capacity change from 0 to 512 [ 138.662939][ T7354] EXT4-fs (loop2): mounted filesystem 00800000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 138.768214][ T7361] loop1: detected capacity change from 0 to 128 [ 138.935014][ T7361] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 138.988049][ T7361] ext4 filesystem being mounted at /107/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 139.008010][ T7354] EXT4-fs warning (device loop2): ext4_enable_quotas:7156: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 139.101871][ T5831] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 139.120328][ T7350] team0 (unregistering): Port device team_slave_0 removed [ 139.170368][ T5840] EXT4-fs (loop2): unmounting filesystem 00800000-0000-0000-0000-000000000000. [ 139.266426][ T7373] loop5: detected capacity change from 0 to 764 [ 139.387810][ T7350] team0 (unregistering): Port device team_slave_1 removed [ 140.778711][ T7404] loop4: detected capacity change from 0 to 2048 [ 140.856173][ T7404] loop4: p1 < > p4 [ 140.875299][ T7404] loop4: p4 size 8388608 extends beyond EOD, truncated [ 140.883017][ T978] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 141.042389][ T978] usb 3-1: Using ep0 maxpacket: 16 [ 141.080098][ T978] usb 3-1: config 0 has no interfaces? [ 141.100900][ T978] usb 3-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 141.132002][ T978] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 141.178403][ T978] usb 3-1: Product: syz [ 141.188716][ T5837] udevd[5837]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory [ 141.201419][ T5849] udevd[5849]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory [ 141.218269][ T978] usb 3-1: Manufacturer: syz [ 141.239145][ T978] usb 3-1: SerialNumber: syz [ 141.245276][ T29] kauditd_printk_skb: 88 callbacks suppressed [ 141.245294][ T29] audit: type=1326 audit(1732922643.099:464): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7417 comm="syz.1.504" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f645c780849 code=0x7ffc0000 [ 141.299136][ T29] audit: type=1326 audit(1732922643.129:465): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7417 comm="syz.1.504" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f645c780849 code=0x7ffc0000 [ 141.354856][ T978] r8152-cfgselector 3-1: Unknown version 0x0000 [ 141.384101][ T978] r8152-cfgselector 3-1: config 0 descriptor?? [ 141.422941][ T7422] loop4: detected capacity change from 0 to 2048 [ 141.431477][ T29] audit: type=1326 audit(1732922643.129:466): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7417 comm="syz.1.504" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f645c77f1b0 code=0x7ffc0000 [ 141.455840][ T7422] EXT4-fs: mb_optimize_scan should be set to 0 or 1. [ 141.530778][ T29] audit: type=1326 audit(1732922643.139:467): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7418 comm="syz.4.505" exe="/root/syz-executor" sig=0 arch=c000003e syscall=237 compat=0 ip=0x7f19e6580849 code=0x7ffc0000 [ 141.631375][ T7392] 9pnet_fd: Insufficient options for proto=fd [ 141.652834][ T29] audit: type=1326 audit(1732922643.139:468): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7418 comm="syz.4.505" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f19e6580849 code=0x7ffc0000 [ 141.674531][ T1206] r8152-cfgselector 3-1: USB disconnect, device number 2 [ 141.698497][ T29] audit: type=1326 audit(1732922643.139:469): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7418 comm="syz.4.505" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f19e6580849 code=0x7ffc0000 [ 141.721291][ T29] audit: type=1326 audit(1732922643.139:470): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7418 comm="syz.4.505" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f19e6580849 code=0x7ffc0000 [ 141.743725][ T29] audit: type=1326 audit(1732922643.139:471): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7418 comm="syz.4.505" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f19e6580849 code=0x7ffc0000 [ 141.766102][ T29] audit: type=1326 audit(1732922643.139:472): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7418 comm="syz.4.505" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f19e6580849 code=0x7ffc0000 [ 141.788842][ T29] audit: type=1326 audit(1732922643.139:473): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7418 comm="syz.4.505" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f19e6580849 code=0x7ffc0000 [ 141.920352][ T7431] random: crng reseeded on system resumption [ 141.978659][ T7434] loop4: detected capacity change from 0 to 512 [ 142.012620][ T7434] EXT4-fs: Ignoring removed i_version option [ 142.032553][ T7434] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 142.100277][ T7434] EXT4-fs (loop4): 1 orphan inode deleted [ 142.107047][ T7434] EXT4-fs (loop4): 1 truncate cleaned up [ 142.113985][ T7434] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 142.199362][ T5830] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 142.512925][ T7447] loop2: detected capacity change from 0 to 2048 [ 142.596974][ T7447] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 142.945796][ T7454] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 143.173455][ T5840] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 143.722320][ T7474] loop1: detected capacity change from 0 to 512 [ 143.856408][ T7474] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 143.920034][ T7474] ext4 filesystem being mounted at /115/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 144.309353][ T5831] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 144.523960][ T7485] loop0: detected capacity change from 0 to 128 [ 144.547263][ T7483] loop1: detected capacity change from 0 to 2048 [ 144.560705][ T7485] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 144.576037][ T7485] ext4 filesystem being mounted at /104/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 144.743288][ T7483] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 144.782809][ T5828] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 144.797869][ T5832] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 144.821156][ T7483] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 8 with max blocks 2 with error 28 [ 144.890876][ T7483] EXT4-fs (loop1): This should not happen!! Data will be lost [ 144.890876][ T7483] [ 144.939146][ T7483] EXT4-fs (loop1): Total free blocks count 0 [ 144.961858][ T5832] usb 3-1: Using ep0 maxpacket: 16 [ 144.961914][ T7483] EXT4-fs (loop1): Free/Dirty block details [ 144.969821][ T5832] usb 3-1: config 0 has no interfaces? [ 144.989300][ T7483] EXT4-fs (loop1): free_blocks=0 [ 144.995868][ T5832] usb 3-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 145.012954][ T5832] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 145.018861][ T7483] EXT4-fs (loop1): dirty_blocks=0 [ 145.041778][ T5832] usb 3-1: Product: syz [ 145.045720][ T7483] EXT4-fs (loop1): Block reservation details [ 145.045993][ T5832] usb 3-1: Manufacturer: syz [ 145.068376][ T7483] EXT4-fs (loop1): i_reserved_data_blocks=0 [ 145.091453][ T5832] usb 3-1: SerialNumber: syz [ 145.193930][ T5832] r8152-cfgselector 3-1: Unknown version 0x0000 [ 145.200430][ T5832] r8152-cfgselector 3-1: config 0 descriptor?? [ 145.251248][ T7499] netlink: 8 bytes leftover after parsing attributes in process `syz.5.527'. [ 145.318219][ T5831] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 145.470411][ T7505] delete_channel: no stack [ 145.552569][ T7512] 9pnet_fd: Insufficient options for proto=fd [ 145.613406][ T5832] r8152-cfgselector 3-1: USB disconnect, device number 3 [ 145.628103][ T7514] loop0: detected capacity change from 0 to 512 [ 145.717647][ T7514] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 145.825281][ T7514] ext4 filesystem being mounted at /108/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 146.913323][ T7514] netlink: 'syz.0.533': attribute type 10 has an invalid length. [ 154.127830][ T7538] netlink: 8 bytes leftover after parsing attributes in process `syz.1.541'. [ 154.672750][ T5828] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 154.962796][ T7555] delete_channel: no stack [ 155.113710][ T7559] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 155.144231][ T7559] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 155.172169][ T7559] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 155.192070][ T7559] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 155.686205][ T7573] netlink: 8 bytes leftover after parsing attributes in process `syz.0.553'. [ 156.476919][ T7581] delete_channel: no stack [ 156.817877][ T7587] smc: net device bond0 applied user defined pnetid SYZ0 [ 156.861888][ T7587] netlink: 116 bytes leftover after parsing attributes in process `syz.0.559'. [ 156.898865][ T7587] smc: net device bond0 erased user defined pnetid SYZ0 [ 157.196101][ T7597] loop0: detected capacity change from 0 to 764 [ 157.226762][ T7597] iso9660: Unknown parameter 'o)4}-O">7%fa V߭4R2ws' [ 157.397156][ T7603] loop4: detected capacity change from 0 to 512 [ 157.444042][ T7603] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 157.533838][ T7603] EXT4-fs (loop4): 1 truncate cleaned up [ 157.559683][ T7603] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 157.793600][ T7618] loop0: detected capacity change from 0 to 164 [ 157.812500][ T7617] EXT4-fs error (device loop4): htree_dirblock_to_tree:1112: inode #2: block 13: comm syz.4.563: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0 [ 157.870672][ T7618] syz.0.566: attempt to access beyond end of device [ 157.870672][ T7618] loop0: rw=524288, sector=263328, nr_sectors = 4 limit=164 [ 157.944927][ T7618] syz.0.566: attempt to access beyond end of device [ 157.944927][ T7618] loop0: rw=0, sector=263328, nr_sectors = 4 limit=164 [ 157.986583][ T29] kauditd_printk_skb: 72 callbacks suppressed [ 157.986600][ T29] audit: type=1800 audit(1732922659.839:546): pid=7618 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.566" name="file0" dev="loop0" ino=1862 res=0 errno=0 [ 158.135257][ T5830] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 158.247835][ T7628] delete_channel: no stack [ 158.503429][ T7633] netlink: 8 bytes leftover after parsing attributes in process `syz.0.571'. [ 159.054839][ T7643] loop5: detected capacity change from 0 to 764 [ 159.109464][ T7643] iso9660: Unknown parameter 'o)4}-O">7%fa V߭4R2ws' [ 159.406942][ T7645] loop5: detected capacity change from 0 to 128 [ 160.044572][ T7667] loop0: detected capacity change from 0 to 512 [ 160.306638][ T7667] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 160.371473][ T7668] delete_channel: no stack [ 160.388304][ T7667] EXT4-fs (loop0): 1 truncate cleaned up [ 160.432724][ T7667] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 160.512585][ T7678] netlink: 8 bytes leftover after parsing attributes in process `syz.1.582'. [ 160.610817][ T5828] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 160.627120][ T7680] netlink: 8 bytes leftover after parsing attributes in process `syz.2.584'. [ 162.499123][ T7723] delete_channel: no stack [ 162.601650][ T7729] netlink: 8 bytes leftover after parsing attributes in process `syz.0.598'. [ 162.895145][ T7748] syz.4.604[7748] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 162.895258][ T7748] syz.4.604[7748] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 162.943531][ T7748] syz.4.604[7748] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 162.944715][ T7744] IPVS: wlc: UDP 224.0.0.2:0 - no destination available [ 163.110845][ T7755] loop4: detected capacity change from 0 to 764 [ 163.128373][ T5832] IPVS: starting estimator thread 0... [ 163.360005][ T7761] delete_channel: no stack [ 163.367006][ T7752] IPVS: using max 26 ests per chain, 62400 per kthread [ 163.702387][ T7774] netlink: 8 bytes leftover after parsing attributes in process `syz.0.612'. [ 164.003269][ T7780] loop1: detected capacity change from 0 to 512 [ 164.088869][ T7780] EXT4-fs: Ignoring removed i_version option [ 164.157390][ T7780] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 164.332067][ T7780] EXT4-fs (loop1): 1 orphan inode deleted [ 164.393903][ T7780] EXT4-fs (loop1): 1 truncate cleaned up [ 164.417689][ T7793] IPVS: wlc: UDP 224.0.0.2:0 - no destination available [ 164.421131][ T5832] IPVS: starting estimator thread 0... [ 164.444766][ T7780] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 164.643359][ T7810] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 164.673244][ T7810] infiniband sy{0: RDMA CMA: cma_listen_on_dev, error -98 [ 165.078417][ T7803] IPVS: using max 20 ests per chain, 48000 per kthread [ 165.385908][ T7812] loop5: detected capacity change from 0 to 764 [ 165.563637][ T7820] netlink: 8 bytes leftover after parsing attributes in process `syz.4.623'. [ 165.607522][ T5831] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 165.617500][ T7816] delete_channel: no stack [ 165.823946][ T7827] IPVS: wlc: UDP 224.0.0.2:0 - no destination available [ 165.848901][ T7827] random: crng reseeded on system resumption [ 165.914043][ T7835] loop1: detected capacity change from 0 to 128 [ 165.994197][ T7835] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 166.125655][ T7835] ext4 filesystem being mounted at /138/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 166.359555][ T5831] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 167.174206][ T5832] IPVS: starting estimator thread 0... [ 167.268877][ T7878] loop5: detected capacity change from 0 to 512 [ 167.292761][ T7878] EXT4-fs: Ignoring removed i_version option [ 167.317016][ T7879] IPVS: using max 22 ests per chain, 52800 per kthread [ 167.345617][ T7878] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 167.395336][ T7878] EXT4-fs (loop5): 1 orphan inode deleted [ 167.421855][ T7878] EXT4-fs (loop5): 1 truncate cleaned up [ 167.429283][ T7878] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 167.499876][ T7889] loop0: detected capacity change from 0 to 764 [ 167.805583][ T6861] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 167.938198][ T7899] loop4: detected capacity change from 0 to 512 [ 168.003568][ T7900] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 168.050633][ T7899] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 168.056581][ T7900] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 168.149268][ T7899] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters [ 168.308865][ T7918] random: crng reseeded on system resumption [ 168.326349][ T7899] EXT4-fs (loop4): 1 truncate cleaned up [ 168.394573][ T7899] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 168.551862][ T5832] IPVS: starting estimator thread 0... [ 168.642344][ T7929] IPVS: using max 27 ests per chain, 64800 per kthread [ 168.880172][ T7937] loop2: detected capacity change from 0 to 512 [ 168.905248][ T5830] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 169.054137][ T7937] EXT4-fs error (device loop2): ext4_orphan_get:1389: inode #15: comm syz.2.653: casefold flag without casefold feature [ 169.080944][ T7937] EXT4-fs error (device loop2): ext4_orphan_get:1394: comm syz.2.653: couldn't read orphan inode 15 (err -117) [ 169.129004][ T7937] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 169.316324][ T7953] netlink: 8 bytes leftover after parsing attributes in process `syz.5.656'. [ 169.770059][ T7961] IPVS: wlc: UDP 224.0.0.2:0 - no destination available [ 169.778726][ T977] IPVS: starting estimator thread 0... [ 170.072113][ T7966] IPVS: using max 18 ests per chain, 43200 per kthread [ 170.415340][ T5840] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 171.410026][ T7992] IPVS: wlc: UDP 224.0.0.2:0 - no destination available [ 171.540527][ T7992] random: crng reseeded on system resumption [ 171.684979][ T7998] loop0: detected capacity change from 0 to 512 [ 171.718277][ T7998] EXT4-fs: Ignoring removed orlov option [ 171.757783][ T7998] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 171.805333][ T7998] EXT4-fs (loop0): 1 orphan inode deleted [ 171.830159][ T7998] EXT4-fs (loop0): 1 truncate cleaned up [ 171.871519][ T7998] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 172.065804][ T5828] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 172.121014][ T8005] IPVS: wlc: UDP 224.0.0.2:0 - no destination available [ 172.314454][ T8009] IPVS: wlc: UDP 224.0.0.2:0 - no destination available [ 174.288136][ T8033] loop1: detected capacity change from 0 to 512 [ 174.330821][ T8033] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 174.450679][ T8040] random: crng reseeded on system resumption [ 174.460704][ T8033] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters [ 174.552515][ T8033] EXT4-fs (loop1): 1 truncate cleaned up [ 174.561435][ T8033] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 174.731437][ T5831] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 174.759679][ T8048] 9pnet_fd: Insufficient options for proto=fd [ 174.922382][ T8050] IPVS: wlc: UDP 224.0.0.2:0 - no destination available [ 175.141553][ T8057] siw: device registration error -23 [ 176.180513][ T8068] loop1: detected capacity change from 0 to 512 [ 176.422754][ T8068] EXT4-fs: Ignoring removed i_version option [ 176.454391][ T8068] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 176.827404][ T8068] EXT4-fs (loop1): 1 orphan inode deleted [ 176.932194][ T8068] EXT4-fs (loop1): 1 truncate cleaned up [ 176.942065][ T8068] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 177.238392][ T5831] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 177.349247][ T8088] random: crng reseeded on system resumption [ 178.686591][ T8110] siw: device registration error -23 [ 180.088150][ T8132] loop5: detected capacity change from 0 to 256 [ 180.281795][ T978] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 180.481145][ T978] usb 2-1: Using ep0 maxpacket: 16 [ 180.525025][ T978] usb 2-1: config 0 has no interfaces? [ 180.535201][ T978] usb 2-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 180.572669][ T978] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 180.583970][ T978] usb 2-1: Product: syz [ 180.615623][ T978] usb 2-1: Manufacturer: syz [ 180.641968][ T978] usb 2-1: SerialNumber: syz [ 180.668033][ T978] r8152-cfgselector 2-1: Unknown version 0x0000 [ 180.698427][ T978] r8152-cfgselector 2-1: config 0 descriptor?? [ 180.824959][ T8153] IPVS: wlc: UDP 224.0.0.2:0 - no destination available [ 180.840188][ T8155] loop5: detected capacity change from 0 to 128 [ 180.914047][ T8155] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 180.944681][ T8155] ext4 filesystem being mounted at /64/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 180.976198][ T8129] 9pnet_fd: Insufficient options for proto=fd [ 180.984510][ T5832] r8152-cfgselector 2-1: USB disconnect, device number 2 [ 181.102595][ T8162] random: crng reseeded on system resumption [ 181.249478][ T6861] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 181.622377][ T8174] siw: device registration error -23 [ 182.613282][ T29] audit: type=1326 audit(1732922684.459:547): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8179 comm="syz.5.721" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03e1d80849 code=0x7ffc0000 [ 182.641205][ T29] audit: type=1326 audit(1732922684.459:548): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8179 comm="syz.5.721" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03e1d80849 code=0x7ffc0000 [ 182.671323][ T29] audit: type=1326 audit(1732922684.459:549): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8179 comm="syz.5.721" exe="/root/syz-executor" sig=0 arch=c000003e syscall=333 compat=0 ip=0x7f03e1d80849 code=0x7ffc0000 [ 182.722007][ T29] audit: type=1326 audit(1732922684.459:550): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8179 comm="syz.5.721" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03e1d80849 code=0x7ffc0000 [ 182.752169][ T29] audit: type=1326 audit(1732922684.489:551): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8179 comm="syz.5.721" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f03e1d80849 code=0x7ffc0000 [ 182.780003][ T29] audit: type=1326 audit(1732922684.489:552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8179 comm="syz.5.721" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03e1d80849 code=0x7ffc0000 [ 182.782533][ T8185] syzkaller0: entered allmulticast mode [ 182.816098][ T29] audit: type=1326 audit(1732922684.499:553): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8179 comm="syz.5.721" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03e1d80849 code=0x7ffc0000 [ 182.856636][ T29] audit: type=1326 audit(1732922684.579:554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8179 comm="syz.5.721" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f03e1d80849 code=0x7ffc0000 [ 182.888359][ T29] audit: type=1326 audit(1732922684.629:555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8179 comm="syz.5.721" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03e1d80849 code=0x7ffc0000 [ 182.924975][ T29] audit: type=1326 audit(1732922684.779:556): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8179 comm="syz.5.721" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03e1d80849 code=0x7ffc0000 [ 183.127583][ T8184] syzkaller0 (unregistering): left allmulticast mode [ 183.380846][ T8198] IPVS: wlc: UDP 224.0.0.2:0 - no destination available [ 183.625023][ T8205] loop1: detected capacity change from 0 to 128 [ 183.874350][ T8211] IPVS: wlc: UDP 224.0.0.2:0 - no destination available [ 192.616919][ C1] hrtimer: interrupt took 8760164518 ns [ 297.671669][ C0] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks: [ 297.678796][ C0] rcu: 1-...!: (1 GPs behind) idle=075c/1/0x4000000000000000 softirq=24342/24344 fqs=0 [ 297.690414][ C0] rcu: Tasks blocked on level-0 rcu_node (CPUs 0-1): P8151/1:b..l [ 297.698545][ C0] rcu: (detected by 0, t=10504 jiffies, g=20405, q=369 ncpus=2) [ 297.706328][ C0] Sending NMI from CPU 0 to CPUs 1: [ 297.706381][ C1] NMI backtrace for cpu 1 [ 297.706395][ C1] CPU: 1 UID: 0 PID: 8213 Comm: syz.5.728 Not tainted 6.12.0-next-20241128-syzkaller #0 [ 297.706414][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 297.706430][ C1] RIP: 0010:advance_sched+0x9a/0xca0 [ 297.706462][ C1] Code: 28 00 74 08 48 89 df e8 f4 3d 31 f8 48 8b 1b 48 83 c3 36 48 89 d8 48 c1 e8 03 0f b6 04 28 84 c0 0f 85 bb 0b 00 00 4c 0f bf 23 <49> 8d 7e a8 48 89 bc 24 80 00 00 00 e8 35 74 fd 01 e8 40 bd fa 01 [ 297.706476][ C1] RSP: 0018:ffffc90000a18c70 EFLAGS: 00000046 [ 297.706491][ C1] RAX: 0000000000000000 RBX: ffff88807e4d4036 RCX: ffff88801efd1e00 [ 297.706503][ C1] RDX: 0000000000010000 RSI: 0000000000000000 RDI: ffff88805cd12340 [ 297.706514][ C1] RBP: dffffc0000000000 R08: ffffffff818cd93f R09: 1ffffffff20333d6 [ 297.706526][ C1] R10: dffffc0000000000 R11: ffffffff89d92830 R12: 0000000000000002 [ 297.706538][ C1] R13: ffffffff89d92830 R14: ffff88805cd12340 R15: ffff88801efd28c8 [ 297.706550][ C1] FS: 00007f03e2b156c0(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000 [ 297.706564][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 297.706576][ C1] CR2: 00007f03e2b14fb8 CR3: 000000007fea8000 CR4: 00000000003526f0 [ 297.706590][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 297.706600][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 297.706610][ C1] Call Trace: [ 297.706618][ C1] [ 297.706627][ C1] ? nmi_cpu_backtrace+0x3c2/0x4d0 [ 297.706668][ C1] ? __pfx_lock_acquire+0x10/0x10 [ 297.706709][ C1] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 297.706731][ C1] ? nmi_handle+0x2a/0x5a0 [ 297.706756][ C1] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 297.706771][ C1] ? nmi_handle+0x14f/0x5a0 [ 297.706789][ C1] ? nmi_handle+0x2a/0x5a0 [ 297.706808][ C1] ? advance_sched+0x9a/0xca0 [ 297.706828][ C1] ? default_do_nmi+0x63/0x160 [ 297.706848][ C1] ? exc_nmi+0x123/0x1f0 [ 297.706866][ C1] ? end_repeat_nmi+0xf/0x53 [ 297.706884][ C1] ? __pfx_advance_sched+0x10/0x10 [ 297.706927][ C1] ? __pfx_advance_sched+0x10/0x10 [ 297.706947][ C1] ? __hrtimer_run_queues+0x53f/0xd30 [ 297.706971][ C1] ? advance_sched+0x9a/0xca0 [ 297.706992][ C1] ? advance_sched+0x9a/0xca0 [ 297.707013][ C1] ? advance_sched+0x9a/0xca0 [ 297.707033][ C1] [ 297.707038][ C1] [ 297.707045][ C1] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 297.707067][ C1] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 297.707093][ C1] ? __pfx_advance_sched+0x10/0x10 [ 297.707114][ C1] __hrtimer_run_queues+0x59b/0xd30 [ 297.707144][ C1] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 297.707165][ C1] ? sched_clock+0x4a/0x70 [ 297.707188][ C1] ? rcu_is_watching+0x15/0xb0 [ 297.707212][ C1] hrtimer_interrupt+0x403/0xa40 [ 297.707244][ C1] __sysvec_apic_timer_interrupt+0x110/0x420 [ 297.707270][ C1] sysvec_apic_timer_interrupt+0xa1/0xc0 [ 297.707295][ C1] [ 297.707300][ C1] [ 297.707306][ C1] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 297.707323][ C1] RIP: 0010:_raw_spin_unlock_irq+0x29/0x50 [ 297.707345][ C1] Code: 90 f3 0f 1e fa 53 48 89 fb 48 83 c7 18 48 8b 74 24 08 e8 ca 33 a4 f5 48 89 df e8 02 7b a5 f5 e8 ed 9c d0 f5 fb bf 01 00 00 00 c2 e4 96 f5 65 8b 05 03 34 2d 74 85 c0 74 06 5b c3 cc cc cc cc [ 297.707359][ C1] RSP: 0018:ffffc900142e67d0 EFLAGS: 00000286 [ 297.707372][ C1] RAX: 38214ebeb63f1f00 RBX: ffff8881442a2008 RCX: ffffffff817b270a [ 297.707384][ C1] RDX: dffffc0000000000 RSI: ffffffff8c0a96a0 RDI: 0000000000000001 [ 297.707396][ C1] RBP: ffffc900142e6958 R08: ffffffff942c48b7 R09: 1ffffffff2858916 [ 297.707408][ C1] R10: dffffc0000000000 R11: fffffbfff2858917 R12: 00000000000002c9 [ 297.707419][ C1] R13: 1ffff9200285cd14 R14: 0000000000000000 R15: 0000000000000000 [ 297.707433][ C1] ? mark_lock+0x9a/0x360 [ 297.707455][ C1] add_to_swap_cache+0xdb1/0x1d80 [ 297.707482][ C1] ? __pfx_add_to_swap_cache+0x10/0x10 [ 297.707500][ C1] ? __pfx_workingset_update_node+0x10/0x10 [ 297.707531][ C1] add_to_swap+0x137/0x350 [ 297.707549][ C1] shrink_folio_list+0x284f/0x8cb0 [ 297.707586][ C1] ? __pfx_shrink_folio_list+0x10/0x10 [ 297.707659][ C1] reclaim_folio_list+0x13c/0x5f0 [ 297.707677][ C1] ? __mod_memcg_lruvec_state+0x2f7/0x4d0 [ 297.707695][ C1] ? __pfx_reclaim_folio_list+0x10/0x10 [ 297.707728][ C1] reclaim_pages+0x5b8/0x700 [ 297.707749][ C1] ? __pfx_reclaim_pages+0x10/0x10 [ 297.707767][ C1] ? folio_isolate_lru+0x754/0xee0 [ 297.707787][ C1] madvise_cold_or_pageout_pte_range+0x295a/0x32a0 [ 297.707812][ C1] ? mark_lock+0x9a/0x360 [ 297.707841][ C1] ? __pfx_madvise_cold_or_pageout_pte_range+0x10/0x10 [ 297.707873][ C1] ? mt_find+0x2a9/0x920 [ 297.707889][ C1] walk_pgd_range+0xc3d/0x17e0 [ 297.707925][ C1] ? __pfx_walk_pgd_range+0x10/0x10 [ 297.707952][ C1] __walk_page_range+0x15f/0x700 [ 297.707974][ C1] ? find_vma+0xf9/0x170 [ 297.707988][ C1] ? __pfx_find_vma+0x10/0x10 [ 297.708005][ C1] ? process_vma_walk_lock+0x135/0x390 [ 297.708029][ C1] walk_page_range_mm+0x58f/0x7c0 [ 297.708055][ C1] ? __pfx_walk_page_range_mm+0x10/0x10 [ 297.708078][ C1] ? __pfx_lock_release+0x10/0x10 [ 297.708097][ C1] ? tlb_gather_mmu+0x24e/0x310 [ 297.708115][ C1] ? walk_page_range+0x6a/0x90 [ 297.708137][ C1] do_madvise+0x391c/0x4d70 [ 297.708174][ C1] ? __pfx_do_madvise+0x10/0x10 [ 297.708196][ C1] ? count_memcg_event_mm+0x94/0x420 [ 297.708220][ C1] ? __pfx_lock_release+0x10/0x10 [ 297.708236][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 297.708262][ C1] ? mark_lock+0x9a/0x360 [ 297.708282][ C1] ? __lock_acquire+0x1397/0x2100 [ 297.708316][ C1] ? __pfx_reacquire_held_locks+0x10/0x10 [ 297.708348][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 297.708370][ C1] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 297.708388][ C1] ? exc_page_fault+0x590/0x8b0 [ 297.708412][ C1] __x64_sys_madvise+0xa6/0xc0 [ 297.708435][ C1] do_syscall_64+0xf3/0x230 [ 297.708452][ C1] ? clear_bhb_loop+0x35/0x90 [ 297.708469][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 297.708485][ C1] RIP: 0033:0x7f03e1d80849 [ 297.708505][ C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 297.708518][ C1] RSP: 002b:00007f03e2b15058 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 297.708534][ C1] RAX: ffffffffffffffda RBX: 00007f03e1f46080 RCX: 00007f03e1d80849 [ 297.708545][ C1] RDX: 0000000000000015 RSI: 0000000000600000 RDI: 0000000020000000 [ 297.708556][ C1] RBP: 00007f03e1df3986 R08: 0000000000000000 R09: 0000000000000000 [ 297.708566][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 297.708576][ C1] R13: 0000000000000001 R14: 00007f03e1f46080 R15: 00007ffdcbac3428 [ 297.708595][ C1] [ 297.709421][ C0] task:syz.0.715 state:R running task stack:23448 pid:8151 tgid:8150 ppid:5828 flags:0x00004006 [ 298.390489][ C0] Call Trace: [ 298.393783][ C0] [ 298.396729][ C0] __schedule+0x1850/0x4c30 [ 298.401323][ C0] ? __pfx___schedule+0x10/0x10 [ 298.406224][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 298.412242][ C0] ? preempt_schedule_irq+0xf0/0x1c0 [ 298.417557][ C0] preempt_schedule_irq+0xfb/0x1c0 [ 298.422692][ C0] ? __pfx_preempt_schedule_irq+0x10/0x10 [ 298.428535][ C0] irqentry_exit+0x5e/0x90 [ 298.432966][ C0] asm_sysvec_reschedule_ipi+0x1a/0x20 [ 298.438527][ C0] RIP: 0010:lock_acquire+0x264/0x550 [ 298.443849][ C0] Code: 2b 00 74 08 4c 89 f7 e8 6a b6 8f 00 f6 44 24 61 02 0f 85 85 01 00 00 41 f7 c7 00 02 00 00 74 01 fb 48 c7 44 24 40 0e 36 e0 45 <4b> c7 44 25 00 00 00 00 00 43 c7 44 25 09 00 00 00 00 43 c7 44 25 [ 298.463663][ C0] RSP: 0018:ffffc9001265f280 EFLAGS: 00000206 [ 298.470360][ C0] RAX: 0000000000000001 RBX: 1ffff920024cbe5c RCX: ffff88805ebca8d8 [ 298.478602][ C0] RDX: dffffc0000000000 RSI: ffffffff8c0aa8a0 RDI: ffffffff8c5f8da0 [ 298.486707][ C0] RBP: ffffc9001265f3c8 R08: ffffffff942c4887 R09: 1ffffffff2858910 [ 298.494714][ C0] R10: dffffc0000000000 R11: fffffbfff2858911 R12: 1ffff920024cbe58 [ 298.502702][ C0] R13: dffffc0000000000 R14: ffffc9001265f2e0 R15: 0000000000000246 [ 298.510800][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 298.515850][ C0] ? page_ext_put+0x97/0xc0 [ 298.520388][ C0] __pte_offset_map+0x9e/0x380 [ 298.525164][ C0] ? __pte_offset_map+0x82/0x380 [ 298.530116][ C0] ? __pfx_validate_chain+0x10/0x10 [ 298.535347][ C0] ? __pfx___pte_offset_map+0x10/0x10 [ 298.540732][ C0] ? __page_table_check_ptes_set+0x30f/0x410 [ 298.546772][ C0] pte_offset_map_rw_nolock+0x3b/0x140 [ 298.552292][ C0] handle_pte_fault+0x1f0/0x66b0 [ 298.557272][ C0] ? __pfx_cgroup_rstat_updated+0x10/0x10 [ 298.563123][ C0] ? __pfx_handle_pte_fault+0x10/0x10 [ 298.568638][ C0] ? __lock_acquire+0x1397/0x2100 [ 298.573763][ C0] ? mt_find+0x2a9/0x920 [ 298.578072][ C0] ? __pfx_lock_release+0x10/0x10 [ 298.583154][ C0] handle_mm_fault+0x1106/0x1bb0 [ 298.588118][ C0] ? mt_find+0x2a9/0x920 [ 298.592419][ C0] ? __pfx_handle_mm_fault+0x10/0x10 [ 298.597776][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 298.604171][ C0] ? lock_mm_and_find_vma+0x9c/0x2f0 [ 298.609488][ C0] exc_page_fault+0x2b9/0x8b0 [ 298.614229][ C0] asm_exc_page_fault+0x26/0x30 [ 298.619147][ C0] RIP: 0010:rep_movs_alternative+0x4a/0x70 [ 298.625078][ C0] Code: 75 f1 c3 cc cc cc cc 66 0f 1f 84 00 00 00 00 00 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 df 83 f9 08 73 e8 eb c9 a4 c3 cc cc cc cc 48 89 c8 48 c1 e9 03 83 e0 07 f3 48 a5 89 c1 [ 298.644724][ C0] RSP: 0018:ffffc9001265fb90 EFLAGS: 00050202 [ 298.650826][ C0] RAX: 0000000000000001 RBX: 000000002027e000 RCX: 0000000000000080 [ 298.658817][ C0] RDX: 0000000000000001 RSI: 000000002027e000 RDI: ffffc9001265fd10 [ 298.666891][ C0] RBP: ffffc9001265ff00 R08: ffffc9001265fd8f R09: 1ffff920024cbfb1 [ 298.674878][ C0] R10: dffffc0000000000 R11: fffff520024cbfb2 R12: 000000002027e000 [ 298.682892][ C0] R13: 00000000fffffff2 R14: ffffc9001265fd10 R15: 0000000000000080 [ 298.690913][ C0] _copy_from_user+0x7f/0xc0 [ 298.695569][ C0] __se_sys_move_pages+0x150b/0x1cc0 [ 298.700908][ C0] ? __fget_files+0x395/0x410 [ 298.705618][ C0] ? __pfx___se_sys_move_pages+0x10/0x10 [ 298.711376][ C0] ? __pfx___sys_bpf+0x10/0x10 [ 298.716235][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 298.722269][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 298.728640][ C0] ? do_syscall_64+0x100/0x230 [ 298.733437][ C0] ? __x64_sys_move_pages+0x21/0xf0 [ 298.738697][ C0] do_syscall_64+0xf3/0x230 [ 298.743266][ C0] ? clear_bhb_loop+0x35/0x90 [ 298.747974][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 298.753901][ C0] RIP: 0033:0x7f9d15f80849 [ 298.758352][ C0] RSP: 002b:00007f9d16ce4058 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 298.766809][ C0] RAX: ffffffffffffffda RBX: 00007f9d16145fa0 RCX: 00007f9d15f80849 [ 298.774835][ C0] RDX: 0000000020000000 RSI: 20000000000001ab RDI: 0000000000000000 [ 298.782821][ C0] RBP: 00007f9d15ff3986 R08: 0000000020000000 R09: 0000000000000000 [ 298.790807][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 298.798987][ C0] R13: 0000000000000000 R14: 00007f9d16145fa0 R15: 00007ffff4cea168 [ 298.807005][ C0] [ 298.810140][ C0] rcu: rcu_preempt kthread starved for 10504 jiffies! g20405 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0 [ 298.821345][ C0] rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior. [ 298.831351][ C0] rcu: RCU grace-period kthread stack dump: [ 298.837266][ C0] task:rcu_preempt state:R running task stack:25976 pid:17 tgid:17 ppid:2 flags:0x00004000 [ 298.849051][ C0] Call Trace: [ 298.852346][ C0] [ 298.855294][ C0] __schedule+0x1850/0x4c30 [ 298.859985][ C0] ? __pfx___schedule+0x10/0x10 [ 298.864893][ C0] ? __pfx_lock_release+0x10/0x10 [ 298.869947][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 298.876379][ C0] ? schedule+0x90/0x320 [ 298.880658][ C0] schedule+0x14b/0x320 [ 298.884856][ C0] schedule_timeout+0x15a/0x290 [ 298.889738][ C0] ? __pfx_schedule_timeout+0x10/0x10 [ 298.895309][ C0] ? __pfx_process_timeout+0x10/0x10 [ 298.900620][ C0] ? prepare_to_swait_event+0x330/0x350 [ 298.906188][ C0] rcu_gp_fqs_loop+0x2df/0x1330 [ 298.911063][ C0] ? lockdep_hardirqs_on+0x99/0x150 [ 298.916718][ C0] ? rcu_gp_init+0x1256/0x1630 [ 298.921595][ C0] ? __pfx_rcu_gp_init+0x10/0x10 [ 298.926566][ C0] ? __pfx_rcu_watching_snap_save+0x10/0x10 [ 298.932566][ C0] ? __pfx_rcu_gp_fqs_loop+0x10/0x10 [ 298.937959][ C0] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 298.943884][ C0] ? finish_swait+0xd4/0x1e0 [ 298.948513][ C0] rcu_gp_kthread+0xa7/0x3b0 [ 298.953143][ C0] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 298.958366][ C0] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 298.964294][ C0] ? __kthread_parkme+0x169/0x1d0 [ 298.969340][ C0] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 298.974587][ C0] kthread+0x2f0/0x390 [ 298.978686][ C0] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 298.983898][ C0] ? __pfx_kthread+0x10/0x10 [ 298.988509][ C0] ret_from_fork+0x4b/0x80 [ 298.992939][ C0] ? __pfx_kthread+0x10/0x10 [ 298.997671][ C0] ret_from_fork_asm+0x1a/0x30 [ 299.002479][ C0] [ 299.005691][ C0] rcu: Stack dump where RCU GP kthread last ran: [ 299.012191][ C0] CPU: 0 UID: 0 PID: 7527 Comm: kworker/u8:9 Not tainted 6.12.0-next-20241128-syzkaller #0 [ 299.022273][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 299.032863][ C0] Workqueue: events_unbound toggle_allocation_gate [ 299.039395][ C0] RIP: 0010:smp_call_function_many_cond+0x19f8/0x2c60 [ 299.046182][ C0] Code: 89 e6 83 e6 01 31 ff e8 66 e9 0b 00 41 83 e4 01 49 bc 00 00 00 00 00 fc ff df 75 07 e8 11 e5 0b 00 eb 38 f3 90 42 0f b6 04 23 <84> c0 75 11 41 f7 45 00 01 00 00 00 74 1e e8 f5 e4 0b 00 eb e4 44 [ 299.065831][ C0] RSP: 0018:ffffc9000b5876e0 EFLAGS: 00000293 [ 299.072029][ C0] RAX: 0000000000000000 RBX: 1ffff110170e88e9 RCX: ffff88802e8bda00 [ 299.080248][ C0] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000 [ 299.088242][ C0] RBP: ffffc9000b5878e0 R08: ffffffff81938fda R09: 1ffffffff2858910 [ 299.096316][ C0] R10: dffffc0000000000 R11: fffffbfff2858911 R12: dffffc0000000000 [ 299.104301][ C0] R13: ffff8880b8744748 R14: ffff8880b863fac0 R15: 0000000000000001 [ 299.112376][ C0] FS: 0000000000000000(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000 [ 299.121320][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 299.127920][ C0] CR2: 000055557c8135c8 CR3: 000000000e736000 CR4: 00000000003526f0 [ 299.135906][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 299.143891][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 299.151894][ C0] Call Trace: [ 299.155209][ C0] [ 299.158069][ C0] ? rcu_check_gp_kthread_starvation+0x278/0x310 [ 299.164430][ C0] ? print_other_cpu_stall+0x1481/0x15c0 [ 299.170096][ C0] ? __pfx_print_other_cpu_stall+0x10/0x10 [ 299.175967][ C0] ? kvm_check_and_clear_guest_paused+0x6a/0xd0 [ 299.182292][ C0] ? rcu_sched_clock_irq+0xa26/0x10e0 [ 299.187730][ C0] ? __pfx_rcu_sched_clock_irq+0x10/0x10 [ 299.193417][ C0] ? update_process_times+0x242/0x2f0 [ 299.198818][ C0] ? tick_nohz_handler+0x37c/0x500 [ 299.204034][ C0] ? __pfx_tick_nohz_handler+0x10/0x10 [ 299.209511][ C0] ? __hrtimer_run_queues+0x551/0xd30 [ 299.214928][ C0] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 299.220758][ C0] ? sched_clock+0x4a/0x70 [ 299.225236][ C0] ? read_tsc+0x9/0x20 [ 299.229327][ C0] ? ktime_get_update_offsets_now+0x393/0x3b0 [ 299.235598][ C0] ? hrtimer_interrupt+0x403/0xa40 [ 299.240853][ C0] ? __sysvec_apic_timer_interrupt+0x110/0x420 [ 299.247447][ C0] ? sysvec_apic_timer_interrupt+0xa1/0xc0 [ 299.253309][ C0] [ 299.256260][ C0] [ 299.259204][ C0] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 299.265388][ C0] ? smp_call_function_many_cond+0x19da/0x2c60 [ 299.271570][ C0] ? smp_call_function_many_cond+0x19f8/0x2c60 [ 299.277757][ C0] ? __pfx_do_sync_core+0x10/0x10 [ 299.282819][ C0] ? __pfx___text_poke+0x10/0x10 [ 299.287777][ C0] ? process_scheduled_works+0x976/0x1840 [ 299.293524][ C0] ? __pfx_smp_call_function_many_cond+0x10/0x10 [ 299.299989][ C0] ? __pfx___might_resched+0x10/0x10 [ 299.305324][ C0] ? __pfx___mutex_trylock_common+0x10/0x10 [ 299.311247][ C0] ? __pfx_do_sync_core+0x10/0x10 [ 299.316317][ C0] on_each_cpu_cond_mask+0x3f/0x80 [ 299.321498][ C0] text_poke_bp_batch+0x352/0xb30 [ 299.326549][ C0] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 299.332553][ C0] ? arch_jump_label_transform_apply+0x17/0x30 [ 299.338740][ C0] ? __pfx_text_poke_bp_batch+0x10/0x10 [ 299.344319][ C0] ? arch_jump_label_transform_queue+0x9b/0x100 [ 299.350585][ C0] ? process_scheduled_works+0x976/0x1840 [ 299.356319][ C0] text_poke_finish+0x30/0x50 [ 299.361024][ C0] arch_jump_label_transform_apply+0x1c/0x30 [ 299.367161][ C0] static_key_enable_cpuslocked+0x136/0x260 [ 299.373078][ C0] static_key_enable+0x1a/0x20 [ 299.377863][ C0] toggle_allocation_gate+0xbc/0x260 [ 299.383185][ C0] ? __pfx_toggle_allocation_gate+0x10/0x10 [ 299.389105][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 299.395464][ C0] process_scheduled_works+0xa66/0x1840 [ 299.401073][ C0] ? __pfx_process_scheduled_works+0x10/0x10 [ 299.407098][ C0] ? assign_work+0x364/0x3d0 [ 299.411731][ C0] worker_thread+0x870/0xd30 [ 299.416347][ C0] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 299.422324][ C0] ? __kthread_parkme+0x169/0x1d0 [ 299.427377][ C0] ? __pfx_worker_thread+0x10/0x10 [ 299.432589][ C0] kthread+0x2f0/0x390 [ 299.436680][ C0] ? __pfx_worker_thread+0x10/0x10 [ 299.441808][ C0] ? __pfx_kthread+0x10/0x10 [ 299.446417][ C0] ret_from_fork+0x4b/0x80 [ 299.450847][ C0] ? __pfx_kthread+0x10/0x10 [ 299.455455][ C0] ret_from_fork_asm+0x1a/0x30 [ 299.460247][ C0]