last executing test programs: 27.217600044s ago: executing program 2 (id=5159): r0 = socket$unix(0x1, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'ipvlan0\x00', 0x0}) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1801000000000000000000004b84ffec850000006d000000850000002a00000095"], &(0x7f0000000340)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00', r2}, 0x10) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000040)=ANY=[@ANYBLOB="4c000000100003052cbd7000fedbdf2500000020", @ANYRES32=0x0, @ANYBLOB="0000000000080400240012800b0001006d61637365630000140002800500060000000000050007000000000008000500", @ANYRES32=r1], 0x4c}}, 0x0) 26.796349423s ago: executing program 2 (id=5163): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000009c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020148100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) r1 = socket$phonet_pipe(0x23, 0x5, 0x2) connect$phonet_pipe(r1, &(0x7f0000000040)={0x23, 0x0, 0x0, 0x3}, 0x10) 26.62427653s ago: executing program 2 (id=5167): mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0xfffff000) unshare(0x60400) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x2, &(0x7f00000001c0)=0x7ff, 0x4) 26.458095057s ago: executing program 2 (id=5171): syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000000c0)='./file1\x00', 0x800714, &(0x7f0000000000), 0xff, 0x4a7, &(0x7f0000000280)="$eJzs3M9rHFUcAPDv7OZHfyfWWm1tdbWKxR9Jk1btwYOKggcFQQ/1GJO01mwbaSLYEjQVqUcpeBePgn+BNy+iHkTwquBRCkWD0NRTZHZm2s1mkyZpkm2znw9s9r35se99Z+btvpmXmQDaViX9k0TsiIjfI6Iny85foJK9zc5MDV+fmRpOYm7urb+T2nLXZqaGi0WL9bbnmcOliNJnSbyYLCx34vyFsaFqdfRcnu+fPPNB/8T5C8+cPjN0avTU6NnB48ePHR14/rnBZ9ckzjSua/s/Hj+w77V3Lr8xfOLyuz99m1Zr78Fsfn0ct3S9SUBNVNKt9s9cTeO8x1dQ97vBzrp00tHCirAi5YhId1dnrf33RDlu7ryeePXTllYOWFfpb1P34rOn54BNLIlW1wBojeKHPj3/LV4b1PW4I1x9KaIrT8/OTA3P3oi/I0r59M51LL8SESem//sqfcVKr0MAAKxCrW/zdLP+Xyn21t6zsY5d+RhKb0TcExG7I+LeiNgTEfdF1Ja9PyIeyFae61lm+ZWG/ML+T+lK0zqvkbT/90Jd32+2Lv78rbec53bW4u9MTp6ujh7Jt8nh6OxO8wNLlPH9K799sdi8+v5f+krLL/qCeQWudDRcoBsZmhxaq41w9WLE/o5m8Sc3RgLSI2BfROxf2UfvKhKnn/zmwGIL3Tr+JazBONPc1xFPZPt/OhriLyRLj0/2b4nq6JH+4qhY6OdfL72ZJ7sa591W/Gsg3f/b5h//+ZyL+XvPv0k2XtsZ1erouYmVl3Hpj88XPadZ7fHflbxdG7P+5b1s2kdDk5PnBiK6ktdr+WJD16YP3ly3yBfLp/EfPtS8/e/O10njfzAi0oP4YEQ8FBEP53V/JCIejYhDS8T/48uPvb9E/Ekk0dL9P9L0++/G8d+b1I/XryJRHvvhu/zTtiyMv5i01P4/FtO179pM7fvvFpZbwdvcfAAAAHBXKEXEjkhKfVm6siNKpb6+7H/498S2UnV8YvKpk+Mfnh3J7hHojc5ScaWrp+566EAynX9ilh/MrxUX84/m142/LG+t5fuGx6sjLY4d2t32+e0/ivaf+qvc6toB6879WtC+Gtt/qUX1ADbecn7/nQvA5tSk/W9tRT2Ajef8H9pXs/b/SUNe/x82p4Xt/88mj6wDNiP9f2hf2j+0L+0f2tJy7+LviojuiFj1QwDmJYqbBVa6evFFdWFsy7Lv8L/zEpV1+eTiiRfrWfmtcXNKlO6IjbmBifJYd8tKT1vMxhba5GE1AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAd6H/AwAA///g6dxC") bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[], 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) r0 = creat(&(0x7f0000000380)='./bus\x00', 0x0) mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0) r1 = open(&(0x7f0000000080)='./file1\x00', 0x181842, 0xc0) pwritev2(r1, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0xffffffc2}], 0x1, 0x7800, 0x0, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) ioctl$LOOP_SET_STATUS64(r2, 0x4c04, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x1, 0x8005, 0x0, 0x0, 0x19, 0xd, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x8]}) ioctl$BLKOPENZONE(r0, 0x40101286, &(0x7f0000000040)={0x2, 0x10}) 25.584538056s ago: executing program 2 (id=5179): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000008000000060000000010"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x18) syz_emit_ethernet(0x2e, 0x0, 0x0) syz_usb_connect_ath9k(0x3, 0x5a, &(0x7f0000000840)={{0x12, 0x1, 0x200, 0xff, 0xff, 0xff, 0x40, 0xcf3, 0x9271, 0x108, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x48}}]}}, 0x0) 25.108943907s ago: executing program 2 (id=5182): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000060000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000001000000850000000300000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb3a}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r2, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)={0x14, r3, 0x9c3fa077fa966179, 0x0, 0x0, {{0x7e}, {@void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x40}, 0x0) 24.862154147s ago: executing program 32 (id=5182): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000060000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000001000000850000000300000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb3a}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r2, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)={0x14, r3, 0x9c3fa077fa966179, 0x0, 0x0, {{0x7e}, {@void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x40}, 0x0) 10.796321436s ago: executing program 0 (id=5286): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000600000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000001900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffd98, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000001600)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='vm_unmapped_area\x00', r1}, 0x10) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x1d, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000020100008500000043"], 0x0, 0x8, 0x0, 0x0, 0x0, 0x11, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x94) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0xd1cb3ed8a708bab1, 0x44, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='vm_unmapped_area\x00', r3}, 0x10) syz_io_uring_setup(0x42ca, &(0x7f0000000300)={0x0, 0x125a, 0x40, 0x0, 0x16f}, &(0x7f0000000040), &(0x7f00000002c0)) 10.039877199s ago: executing program 0 (id=5289): msync(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x0) 9.928316694s ago: executing program 0 (id=5291): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff) r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0) sched_setscheduler(0x0, 0x2, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, 0x0) connect$unix(0xffffffffffffffff, 0x0, 0x0) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000001b80)=ANY=[@ANYBLOB="0600000004000000080000000a"], 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r2, 0x0, 0x0, 0x0, 0x0, 0x40200}, 0x94) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10) syz_clone(0x41aa1000, 0x0, 0x0, 0x0, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) sendmsg$TIPC_NL_NET_SET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010025bd7000000000250f"], 0x24}, 0x1, 0x0, 0x0, 0x4008000}, 0x4040804) 7.620935715s ago: executing program 0 (id=5316): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0xb30, 0x0, 0x0, 0x40f00, 0x49, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x202}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000480)='./file0\x00', 0x18000, &(0x7f0000003f80)=ANY=[], 0x1, 0x2f4, &(0x7f0000000900)="$eJzs3M9PE1sUwPHTn7QlUBYv7+W95IUb3ehmAtW10hhIjE0kSI0/EpMBptp0bEmnwdQY0ZVb4x/hgrBkR6L8A2zc6caNOzYmLmRhrOn8oKVMKYVKEb6fhMxhzj3tvZ2SnNt02Lrz+nEhZ2k5vSLBmJKAiMi2yIgExRNwj0E7jkqzF3Jx8NvH/2/dvXcjnclMzig1lZ69lFJKDY++e/Is7g5bH5DNkQdbX1NfNv/e/Hfr5+yjvKXyliqWKkpXc6XPFX3ONNRC3ipoSk2bhm4ZKl+0jLKTLzn5nFlaXKwqvbgwlFgsG5al9GJVFYyqqpRUpVxVoYd6vqg0TVNDCUEn2ZWZGT19yOL5Hk8Gv0m5nNZDIhLfk8mu9GVCAACgr1r7/6CoXvb/q+c2KoO314bd/n896tf/X/7kPNau/j8mIr79v/f8vv2/3l3/v7cjOluO1P/jZBiN7jkVaIT1ZDmtJ9y/X9vL+6tjdkD/DwAAAAAAAAAAAAAAAAAAAADAn2C7VkvWarWkd/R+6rmYiDT/3iIkIlePf8bopXbXf6Dz9ccp0LhxLzwsYr5ayi5lnaM7YENETDFkTJLyw34/uOqxd+eRqhuR9+ayW7+8lA3ZmXRO8nb9uCQj0lpfq01dz0yOK8fu+ogkmutTkpS//OtTvvVRuXC+qV6TpHyYl5KYsmDPo1H/fFypazczLfVxexwAAAAAAKeBpnb47t81rV3eqd/ZX7d+PhBq7K/HfPfnYfkv3N+1AwAAAABwVljVpwXdNI3yPkFcOo9xgsgBxrQG4W4GdxF4Kzxolfddhh5P42CB9+S7UjH3ZM9flkAXL0ubICiHqRqtr0YddRXex0btxsj0xPFfQTv4583b7717wCtrsQ4rPXwQ2v8NEHG//gUAAADgFGk0/d6Zif5OCAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAM+g4/jtav9cIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnBS/AgAA//9p2gTn") 7.368879896s ago: executing program 0 (id=5320): syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) mmap$IORING_OFF_SQES(&(0x7f0000002000/0x4000)=nil, 0x4000, 0x1000008, 0xc94ee3b6e518beb0, 0xffffffffffffffff, 0x10000000) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x565c}}, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0900000004000000e27f00000100000000000000", @ANYRES32, @ANYBLOB="c200000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48) ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, 0x0) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r4}, {}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) r6 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$IPVS_CMD_ZERO(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000001c0)=ANY=[@ANYRES16=r6, @ANYBLOB="01002bbd7000fcdbdf2510"], 0xd0}, 0x1, 0x0, 0x0, 0x4001}, 0x4000000) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) syz_open_procfs(0x0, &(0x7f0000000000)='map_files\x00') bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000001b40)='sched_switch\x00', r7}, 0x10) mmap(&(0x7f0000feb000/0x4000)=nil, 0x4000, 0x9, 0x32, 0xffffffffffffffff, 0x0) capget(0x0, &(0x7f0000000180)={0x0, 0x8, 0x0, 0x0, 0x80, 0xc11}) syz_clone(0x41200100, 0x0, 0x0, 0x0, 0x0, 0x0) r8 = openat$ttyS3(0xffffffffffffff9c, 0x0, 0x48200, 0x0) ioctl$TIOCSETD(r8, 0x5423, 0x0) dup(r5) 5.874165112s ago: executing program 1 (id=5325): socket$nl_generic(0x10, 0x3, 0x10) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0, 0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000640)='kfree\x00', r2}, 0x18) syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) r3 = socket(0x10, 0x3, 0x0) r4 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', 0x0}) sendmsg$nl_route_sched(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=@newqdisc={0x78, 0x24, 0x3fe3aa0262d8c783, 0x20, 0x0, {0x0, 0x0, 0x0, r5, {0x0, 0xa}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x3, 0x0, 0x7ff, 0x1}, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x8, 0x80, 0x0, 0x0, 0x0, {0x0, 0x0, 0xffffffdc, 0x0, 0xff}}}}]}, 0x78}, 0x1, 0x0, 0x0, 0x40}, 0x0) 1.416186748s ago: executing program 1 (id=5333): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0x4, &(0x7f0000000980)=ANY=[@ANYBLOB="1801000000000000000000006dfeff00850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000040)='kfree\x00', r0, 0x0, 0x401}, 0x11) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="70000000100003042abd70009da1d2b900000004", @ANYRES32=0x0, @ANYBLOB="0000000000000000500012800b000100627269646765000040000280080005000000000005002900010000000600270004"], 0x70}}, 0x0) 1.324608772s ago: executing program 3 (id=5336): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000c40)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) sendmsg$NFT_BATCH(r2, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a3c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc4c0000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a310000000020000380100000800c00018006000100d10300000c0000800800034000000002"], 0xdc}, 0x1, 0x0, 0x0, 0x4000850}, 0x40) 1.248306435s ago: executing program 1 (id=5337): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000c80)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400001cb7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10) r2 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000000c0)={'bridge_slave_0\x00', 0x0}) r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000005a40)=ANY=[@ANYBLOB="b400000010000904000000000000000000002200", @ANYRES32=0x0, @ANYBLOB="fffffffed9526cfd8400128009000100766c616e000000007400028006000100000600000c000200367da1650e000000280003800c00010001800000002000000c000100a1000000c84200000c0001000800000008000000340004800c00010006000000ff0300000c00010004000000080000000c00010004000000020000000c000100050000000300000008000500", @ANYRES32=r3, @ANYBLOB='\b\x00\n\x00', @ANYRESOCT], 0xb4}}, 0x0) 1.151284409s ago: executing program 3 (id=5338): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000180)='kfree\x00', r0, 0x0, 0xf1c38fa000000000}, 0x18) r1 = syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff) r2 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$SMC_PNETID_ADD(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)={0x34, r1, 0x1, 0x0, 0x0, {}, [@SMC_PNETID_ETHNAME={0x14, 0x2, 'bond0\x00'}, @SMC_PNETID_NAME={0x9, 0x1, 'syz0\x00'}]}, 0x34}}, 0x0) sendmsg$SMC_PNETID_DEL(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)={0x14, r1, 0xe27, 0x70bd29, 0x0, {0x4, 0x7, 0x2}}, 0x14}, 0x1, 0x40030000000000}, 0x4000) 943.994038ms ago: executing program 4 (id=5340): r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000000000)=ANY=[@ANYBLOB="20000000720001032abd70000400000007"], 0x20}, 0x1, 0xf00, 0x0, 0x80}, 0x4000810) 943.759899ms ago: executing program 1 (id=5341): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000200)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x11, &(0x7f0000000100)={[{@noblock_validity}, {@debug}, {@norecovery}, {@min_batch_time={'min_batch_time', 0x3d, 0x71d}}, {@abort}]}, 0x1, 0x610, &(0x7f0000000a40)="$eJzs3c9rFGcfAPDvTH6avO+bKC+8rz3UQCkKrYmJWqQUau5F7I9/IDVRxGgkSaFRwQjtsfTSQ6GnHmr/i1borfTQaw+9F0FK8VCL1C2zOxs3m93Nz/3h7ucDa+aZmczznTXfPM88eWY2gJ41kf2TRhyNiJtJxFjFtv7IN06U9nv8x51L2SuJQuH935O4czdZrzxWkn8dzb/577FIfk4jjvRtrXdl7da1ucXFheW8PLV6/ebUytqtk1evz11ZuLJwY+aNmXNnz5w9N31qX+c3UGPdN189Taa//fVCEufjWR5bdl7V+w3tq+bsPZuIQsmTyvXZ+3pun8fuFH+OlX9OnkuqV9CxLud5m+XJ/2Is+ir+N8fi03fbGhzQVIUkym0U0HOSOvn/42yj3wzDTYsHaJVyP6B8bV/rOnirtMm9EqAVHs2WBqRKuT8QEeX87y+NDcZwcWxg5HGyaZwniYj9jcyVZHX89MOFT7JX1BmHA5pj/V55lLu6/U+KuTkew8XSyON0c/6vFwpp3hPI1r+3x/onqsryH1pn/V5E/D9v/wdjx/mf5rlbzv8P91i//AcAAAAAAICD82A2Il6vNf8v3Zj/M1hj/s9oRJw/gPq3//tf+jBfSKp2HTyA6qGnPZqNeKvm/N+NOb7jfXnp38X5ALeTy1cXF05FxH8i4kQMDGXl6arjVs4QPvnZkS/r1V85/y97ZfWX5wLmR3rYX3Uj7vzc6tx+zxuIeHQv4qXi/N9j+ZrN83+y9j+p0f5n+X1zh3UcefX+xXrbts9/oFkKX0ccr9n+P+9uJ42fzzFV7A9MlXsFW718+/Pv6tVfnf9NOEWgjqz9H2mc/0NJ5fN6VnZ3/Owi/fRaf6He9r32/weTD/qiYhDg47nV1eXpiMHkna3rZ3YXM3SrPB+ORZ4vWf6feKXx+N9G/78iDw9FxPoO6hveZrv+P7RPlv/zjdv/8c3t/+4XZu6Pf1+v/os7av/PFNv0E/ka439QaevzOHaaoG0JFwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABecGlE/CuSdHJjOU0nJyNGI+K/MZIuLq2svnZ56aMb89m2iPEYSMuf9DtWKiflz/8fryjPVJVPR8ThiPii71CxPHlpaXG+3ScPAAAAAAAAAAAAAAAAAAAAHWK0eM9/Yaj6/v/Mb33tjg5ouv78q3yH3tO/5+8sDB1oIEDL7T3/gRdYds2/i/wfaGYsQBvUz/8nTwtFLQ0HaCH9f+hde8x/fy6ALqD9h161wzG94WbHAbSD9h8AAAAAALrK4WMPfkkiYv3NQ8VXZjDfZrI/dLe03QEAbWMOL/Su/qV2RwC0i2t8INlY+qvmzf71Z/8nzQkIAAAAAAAAAAAAANji+FH3/0Ovanz/v7n90M0a3P9fK/k9LgC6SP2P/tD2Q7dzjQ9s19q7/x8AAAAAAAAAAAAAOsDwrWtzi4sLyytrL97C250Rxu4W1uc6IoxdLBTuRjTe51lzah+IiE55E5ZXsmhaVVf5ERxtPOU2/14CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2/BMAAP//cdEbCg==") openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0) capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000000180)={0x0, 0x0, 0x9, 0xfffffffc, 0xffffffff, 0x6}) 925.72222ms ago: executing program 3 (id=5342): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000004f4b000000000000000000180100002020702000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000fdffffff850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x300000a, 0x200000005c831, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000000)='pagemap\x00') pread64(r0, &(0x7f0000000200)=""/102400, 0x19000, 0x1000000000) 806.271135ms ago: executing program 4 (id=5343): prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0) r0 = socket(0x2, 0x80805, 0x0) getsockopt$bt_hci(r0, 0x84, 0x6d, 0x0, &(0x7f0000000180)=0x20) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', 0xffffffffffffffff, 0x0, 0x2}, 0x18) fgetxattr(0xffffffffffffffff, 0x0, 0x0, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000300)={0x1, &(0x7f0000000040)=[{0x200000000006, 0xfa, 0x0, 0x7ffc0002}]}) r1 = mq_open(&(0x7f0000000080)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xb8\x93\xc3C\xae\x9dc\xd1T\xdd\x14\xd3\xe1\xbe_$A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\v\x01\xbe\xeb\xbb\x91\x11z\xc2|d\x1b\x04\xd2\xf9yx\xb2\x1b\bLTrw\x88\x9e0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\xcf\xbf\xf5\x80a%\xdcQ\xb3CuT\xcc7\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1J\xec\x926\xb5a0\xa0B\xae|', 0x42, 0x0, 0x0) mq_timedsend(r1, 0x0, 0x0, 0x9, 0x0) mq_timedreceive(r1, &(0x7f000001d600)=""/102390, 0x18ff6, 0x0, 0x0) 626.634932ms ago: executing program 4 (id=5344): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e00000004000000040000000c"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000001940)=@newtaction={0xe98, 0x30, 0x871a15abc695fa3d, 0x0, 0x0, {}, [{0xe84, 0x1, [@m_pedit={0xe80, 0x1, 0x0, 0x0, {{0xa}, {0xe54, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS={0xe50, 0x2, {{{}, 0x97, 0x0, [{0x0, 0x0, 0x9c}, {}]}, [{0x0, 0x40000}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, {}, {0x0, 0x813f, 0x0, 0x0, 0x0, 0x100}, {0x448eade7}, {0x0, 0x0, 0x80000000}, {0x0, 0x0, 0x0, 0x0, 0x5}, {0x0, 0x0, 0x0, 0x2000}, {0x0, 0x10000, 0x0, 0x0, 0x400}, {}, {0x0, 0x400}, {0x0, 0x0, 0x0, 0x0, 0x3}, {0x0, 0x1, 0x1, 0x0, 0xfffffffe, 0x8001}, {}, {0x0, 0x0, 0x80}, {}, {}, {}, {}, {0x0, 0x3, 0x0, 0x0, 0x0, 0x9}, {}, {0x0, 0x0, 0x100}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, {}, {0xfffffffa, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, {0xfffffffc}, {}, {}, {0x2, 0x4}, {}, {0x0, 0x0, 0x0, 0x1}, {0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x7}, {0x0, 0x0, 0x0, 0xe}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, {}, {0x7}, {0xfffffffe, 0x0, 0x0, 0x5}, {0x0, 0x0, 0x10, 0x0, 0x0, 0x5}, {0xd5}, {0x0, 0x0, 0x0, 0x0, 0x7ff}, {0x0, 0x0, 0x0, 0xffffffff}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000}, {0x0, 0x0, 0x0, 0xfffffffe}, {}, {0x0, 0x0, 0x0, 0x1}, {}, {}, {0x0, 0x10}, {}, {}, {0x10, 0x0, 0x0, 0x0, 0x800, 0x6}, {}, {}, {0x0, 0x0, 0x0, 0x3}, {}, {0x0, 0x0, 0x0, 0x0, 0x3}, {0x0, 0x5, 0x0, 0x2}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000}, {0x0, 0x0, 0x0, 0x5, 0x10001}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {0xffffffff}, {0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4}, {}, {0x0, 0x0, 0x0, 0x2}, {0xffffffff, 0x0, 0x0, 0x10000}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, {0x0, 0x800000}, {}, {0x0, 0x0, 0x0, 0xfd, 0x0, 0xfffffffb}, {0x0, 0xfffffffd}, {0x2}, {0x0, 0x0, 0x9}, {}, {0x4}, {}, {0xa7, 0x0, 0x0, 0x1f23}, {0x100000, 0xfffffffb}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffa}, {0x0, 0x0, 0x1000}, {}, {0xd2, 0x0, 0x0, 0x0, 0x0, 0x20000000}, {}, {0x0, 0x0, 0x0, 0x0, 0x8}, {}, {0x4, 0x0, 0x0, 0x0, 0xfffffffe}, {}, {0x0, 0x9, 0x0, 0x0, 0x0, 0xfffffffc}, {0xffffffff}, {0x0, 0x2d52, 0x0, 0x0, 0x2}, {}, {0x0, 0x200, 0x0, 0x0, 0x4}, {}, {}, {}, {0x0, 0x0, 0x0, 0x1, 0x0, 0x2}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x0, 0x1000000}, {}, {0x0, 0x0, 0x0, 0x3}, {}, {0x0, 0x1}, {0x0, 0x0, 0x0, 0x8, 0x10000000}, {0x0, 0x0, 0x0, 0x4}, {}, {}, {}, {0x523e}, {}, {0x4, 0x0, 0x0, 0x10}, {}, {0x2, 0x0, 0xfc000000}, {}, {0x0, 0x0, 0x0, 0x0, 0x4, 0xb}], [{}, {0x4}, {}, {}, {}, {}, {0x2}, {}, {}, {}, {}, {}, {}, {0x2}, {}, {0x3}, {}, {}, {}, {}, {}, {0x3}, {}, {}, {}, {}, {}, {0x4}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x4}, {}, {}, {}, {}, {}, {}, {}, {0x2}, {}, {}, {0x0, 0x1}, {0x0, 0x1}, {}, {}, {}, {0x5}, {}, {}, {}, {0x5}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {0x3}, {}, {0x0, 0x1}, {}, {}, {}, {}, {0x2}, {0x2}, {0x0, 0x1}, {}, {}, {0x3}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {0x1}, {0x0, 0x1}]}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xe98}, 0x1, 0x0, 0x0, 0x4008000}, 0x0) socket$nl_route(0x10, 0x3, 0x0) 610.610333ms ago: executing program 3 (id=5345): openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0) truncate(&(0x7f0000000900)='./file1\x00', 0x3000000) 519.124547ms ago: executing program 4 (id=5346): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x45, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r0}, 0x10) r1 = openat$sysfs(0xffffff9c, &(0x7f0000000000)='/sys/kernel/uevent_helper', 0x42, 0x80) pwritev(r1, &(0x7f0000000500)=[{&(0x7f0000000040)='9', 0x1}], 0x1, 0xffffff01, 0x2) 296.326477ms ago: executing program 3 (id=5347): prctl$PR_SET_NAME(0xf, &(0x7f0000000980)='\xff\x00\x00\x00\x00\x00\x000`\x14\x99\x06\xc0\x7fs\x00\t\x14\x17\xc3\xf5\xc9\v\x85\xe7\x00\x00\x18\x88\x06\x94\x98\xa9\xe7\x1c\x8a\x89\xdc\xcc\xf7L\xbd%\xc3!\x0e\x91S\xb2~8\"\xe2\xed\xbf\x12\x1a\\6p\'p\xef\x1a\n\x99\x12\xe8\'\x1c\x97M\xa5N\xd9\xbeV&\x1c2K?\x95\xd9\"\xbe\x050+\xca\xea\'\xe9)\xfe\xeb\x9c\xb5\xa0F`\xe4D\x10F\x831\xec\\v\xf0\xab_M\b\x03\xc3\n\x89\x01E`\xd35Q2\xecZz\xdc\x065p\x1c\x8f\x9b\x99IGXO\x00\x00\v\xed\xb0\xc5\xd4\xc7,\x1a\xb3}CMOO\x8a\xa8kh\x7f\x05c\xfc\xebb\xc8\xa2\xa9\xbf\xb3\x9b\xafE\xbd\xc5\xdc\xde\xbe_') r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873f1a103c87f69"], &(0x7f0000000100)='GPL\x00'}, 0x41) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000180)={0x0, &(0x7f00000000c0)=""/84, 0x38, 0x54, 0x0, 0x2}, 0x28) 296.119747ms ago: executing program 1 (id=5348): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000b00)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$NL80211_CMD_RELOAD_REGDB(r0, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x14, r3, 0x421, 0x70bd2a, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0xc35d4f6d52288271}, 0x200048c4) 278.558518ms ago: executing program 4 (id=5349): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x6, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, 0x0, 0x0) setsockopt$packet_drop_memb(0xffffffffffffffff, 0x107, 0x2, &(0x7f0000000100)={0x0, 0x1, 0x6, @broadcast}, 0x10) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket(0x1, 0x803, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000780)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @veth={{0x9}, {0x18, 0x2, 0x0, 0x1, @val=@VETH_INFO_PEER={0x14, 0x1, {{0x0, 0x0, 0x0, r4, 0x0, 0x343}}}}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x48800}, 0x0) 171.586422ms ago: executing program 3 (id=5350): r0 = socket$can_j1939(0x1d, 0x2, 0x7) socket$netlink(0x10, 0x3, 0x0) r1 = socket(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x14}}, 0x0) getsockname$packet(r1, &(0x7f00000002c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14) bind$can_j1939(r0, &(0x7f00000001c0)={0x1d, r2, 0x1, {0x1, 0xff, 0x1}, 0xfd}, 0x18) 4.20393ms ago: executing program 1 (id=5351): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="0b00000005000000000400000900000001"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b708000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r0, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x8, &(0x7f00000017c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546000677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5467a932b77674e802a0d42bc6099ad238af770b5ed8925161729298700000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809b5b9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed3957f813567f7a95435ac15fc0288d9b2a169cdcacc413b48dafb7a2c8cb482bac0ac559eaf39027ceb379a902d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff7a1ef3282830689da6b53b263339863297771429d120000003341bf4abacac94500fca0493cf29b33dcc9ffffffffffffffd39f6ce0c6ff01589646efd1cf870cd7bb2366fdf870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1293b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd000c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c7df8be5877050c91301fb997316dbf17866fb84d4173731efe895ff2e1c55ef08235a0126e01254c44060926e90109b598502d3e959efc71f665c4d75cf2458e3542c9062ece84c99a861887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc74aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7ad333545794f37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f4df90400000000000000d6b2c5ea139376f24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff070000001e48418046c216c1f895778cb25122a2a998de0842a486721737390cbf3a74cb2003016f1514216bdf57d2a40dddb51ab63e96ec84ac3571f02f647b3385b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba2f58ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df986741517abf11389b751f4e109b60000000000000000d6d5210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288d139bd3da230ed05a8fe64680b0a3f9f2dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30235b9100000000a55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c776f4b4ce07e1c6fa66fcfc7a228805f76785efc0ceb1c8e5729c66418d169fc03aa18854693ad2a182068e1e3a0e2505bc7f41019645466ac96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7e478950aa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab848753203b458b97ec1afb079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7db3c4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b70ebc660309e1e245b0fdf9743af932cd6db49a47613808bad959719c0000000000378ac2e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6ca0400966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e3030108000000000000c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bffef97dcecc467ace456597685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4cba6e6390a9f302c6eb2df7766411bef0ebb5000000000006065d6735eb7a00e127c0000000000000000000000bfb0bba79344643b1d8daa9f38e4b62c1e2af68c6f5054b078acd74b4a9c944e4505da485a3a4154387a0a88370d9ed9467b09c5888a06431df3f68abf0b366c4d5f8bea7b29c257ed756dff7a21c6b661cbdd43de65afd7f661d5c84f915c90e3d6ea012b68b787eb01d8320000000000000060176dacba0ec503a37fae6b472ec369c79ee6a420c0fd8d8d82fe136d5af6c30bfeb0a7275babfdb96a127aa9386e0671c6454245a18c1c8c49552cff5d27b547cdc34c0858c77a47a9ff86ee9fbd9ceda428716a4218821176d8067997527230fa67d26950d3e4f2750fa7c872874ad3a2d11f9f6eb08e6d7b6fa257b04d8ce36360f524e3dfd2211641f3d2637d86b80681eca50ce0eecafdd22d41fa515c15591e70ded4b70efac3cb42fb352d82e8f7573e8ed8248da356fa91a252976d3a4d8c1843a8d5bb7f5f1028453a0562a3ea93117076dd4940b7df50d78289fe66197525f6095f8662d232970bef61b03fa83027963a1a2e07cfee30c0d0b4c5877f93b3637ca21eab5afcf5d4638dfe8f9202aaad51c979049dd76d65368cbd4187d9f74257c7c4a23ac4a34eec5aa17e78c5167216f5e72138d20f8325dd5f8f96c32189c904eaef580987f1ce601a7cdc35461db9981ac42f9e24b0699bbe4e3d986e38952b0b7938eefd9e7a292bbb66367ad77045fdc18855c81c031dedd185c723238373fc698d676791d04f1ff5f0825a6619e844882f31ed190233d58ecee949e310bf2b1a51b8a33ae65a06d2b6ad386bf8dc49dd328bcd75d1843a13d68560175a18af7efc3c0f20e32f84f6aaaf000000000000000000000013a6c66bce74a8fb9092023df695da2714a7933d699d42de2bc4a85e0a0e22228290a7a7553ab93a16e42553ed86869a02df2f47d4088fac1772d3cd955c81cbf91c2ca7942942f61723b558079b82547844f92df2499c4b2c2ef2539e5daa8d8727baaa6b5755e6f83bbfca000000000000000000000509619f5f0cbc72eebc653946d3552236f0dfe485cfa71bd69f4ded6e131128c3875b785875addfcbd5931c12adbef75535e694f3a19f28f9f99fa32e8ff66e7b1ff674434fb63ba0e28aadccf77d387525c98e81476058c958eaccfa7d251d0671222dc9d06485f7f690d3d4227bd21bd7ff8338617705b7faec47c86789a488b43d0fedf1b0ee05d65c677ced1e8214b2f6cb74d73886eb"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xffffffffffffff7e}, 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000240)='timer_start\x00', r1}, 0x18) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffff3, 0x0, 0x0, 0x0}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='timer_start\x00', r2}, 0x10) socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f00000010c0)) 4.011959ms ago: executing program 4 (id=5352): r0 = socket$key(0xf, 0x3, 0x2) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000003c0)='kmem_cache_free\x00', r1}, 0x18) sendmsg$key(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="0209000007"], 0x38}}, 0x0) 0s ago: executing program 0 (id=5353): r0 = openat(0xffffffffffffff9c, &(0x7f0000000440)='./file1\x00', 0x42, 0x0) write$P9_RREADLINK(r0, &(0x7f0000000000)={0xffffffffffffff23, 0x17, 0x2, {0x7, './file0'}}, 0xfffffdab) chown(&(0x7f0000001bc0)='./file1\x00', 0x0, 0x0) kernel console output (not intermixed with test programs): f5a13f91 R08: 0000000000000000 R09: 0000000000000000 [ 540.346897][T17046] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 540.354968][T17046] R13: 00007fd6f5be6038 R14: 00007fd6f5be5fa0 R15: 00007ffc1444eef8 [ 540.363006][T17046] [ 540.394203][T17046] Mem-Info: [ 540.397394][T17046] active_anon:10193 inactive_anon:0 isolated_anon:0 [ 540.397394][T17046] active_file:16160 inactive_file:40633 isolated_file:0 [ 540.397394][T17046] unevictable:768 dirty:43 writeback:0 [ 540.397394][T17046] slab_reclaimable:11664 slab_unreclaimable:174044 [ 540.397394][T17046] mapped:25242 shmem:7103 pagetables:526 [ 540.397394][T17046] sec_pagetables:0 bounce:0 [ 540.397394][T17046] kernel_misc_reclaimable:0 [ 540.397394][T17046] free:1221979 free_pcp:11636 free_cma:0 [ 540.450355][T17095] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4537'. [ 540.475767][T17046] Node 0 active_anon:40772kB inactive_anon:0kB active_file:64640kB inactive_file:162324kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:100968kB dirty:172kB writeback:0kB shmem:26876kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:14404kB pagetables:2104kB sec_pagetables:0kB all_unreclaimable? no [ 540.549392][T17046] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:208kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no [ 540.598760][T17046] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 540.626322][T17046] lowmem_reserve[]: 0 2525 2526 2526 2526 [ 540.636422][T17046] Node 0 DMA32 free:968052kB boost:0kB min:34676kB low:43344kB high:52012kB reserved_highatomic:0KB active_anon:44924kB inactive_anon:0kB active_file:64640kB inactive_file:161008kB unevictable:1536kB writepending:172kB present:3129332kB managed:2589596kB mlocked:0kB bounce:0kB free_pcp:26616kB local_pcp:5748kB free_cma:0kB [ 540.671724][T17046] lowmem_reserve[]: 0 0 1 1 1 [ 540.676699][T17046] Node 0 Normal free:8kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB active_anon:48kB inactive_anon:0kB active_file:0kB inactive_file:1316kB unevictable:0kB writepending:0kB present:1048576kB managed:1384kB mlocked:0kB bounce:0kB free_pcp:12kB local_pcp:12kB free_cma:0kB [ 540.704678][T17046] lowmem_reserve[]: 0 0 0 0 0 [ 540.709602][T17046] Node 1 Normal free:3900212kB boost:0kB min:55208kB low:69008kB high:82808kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:208kB unevictable:1536kB writepending:0kB present:4194304kB managed:4117312kB mlocked:0kB bounce:0kB free_pcp:19748kB local_pcp:9216kB free_cma:0kB [ 540.739557][T17046] lowmem_reserve[]: 0 0 0 0 0 [ 540.744925][T17046] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 540.757941][T17046] Node 0 DMA32: 12*4kB (ME) 123*8kB (M) 367*16kB (ME) 283*32kB (UME) 140*64kB (UME) 90*128kB (ME) 50*256kB (ME) 18*512kB (ME) 8*1024kB (UM) 3*2048kB (M) 219*4096kB (M) = 969816kB [ 540.776155][T17046] Node 0 Normal: 0*4kB 1*8kB (M) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB [ 540.838540][T17046] Node 1 Normal: 175*4kB (UME) 49*8kB (UME) 35*16kB (UME) 94*32kB (UME) 30*64kB (UME) 3*128kB (UM) 4*256kB (UME) 0*512kB 1*1024kB (E) 2*2048kB (UE) 949*4096kB (M) = 3900212kB [ 540.861148][T17046] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 540.873259][T17046] Node 0 hugepages_total=3 hugepages_free=3 hugepages_surp=0 hugepages_size=2048kB [ 540.884252][T17046] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 540.896324][T17100] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4538'. [ 540.918950][T17103] netlink: 50 bytes leftover after parsing attributes in process `syz.0.4538'. [ 540.928392][T17046] Node 1 hugepages_total=1 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB [ 540.944115][T17046] 63895 total pagecache pages [ 540.948961][T17046] 0 pages in swap cache [ 540.971236][T17046] Free swap = 124528kB [ 540.980723][T17046] Total swap = 124996kB [ 540.985064][T17046] 2097051 pages RAM [ 540.988918][T17046] 0 pages HighMem/MovableOnly [ 540.996252][T17046] 416138 pages reserved [ 541.000498][T17046] 0 pages cma reserved [ 542.044157][T17130] __nla_validate_parse: 1 callbacks suppressed [ 542.044176][T17130] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4551'. [ 542.472138][T17138] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4554'. [ 542.636546][T17144] syz.3.4556[17144] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 542.636688][T17144] syz.3.4556[17144] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 542.814449][T17150] syz.3.4559[17150] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 542.840605][T17150] syz.3.4559[17150] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 543.220998][T17156] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4564'. [ 544.094206][ T28] kauditd_printk_skb: 59 callbacks suppressed [ 544.094222][ T28] audit: type=1326 audit(544.048:5308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17172 comm="syz.3.4572" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f115c98f749 code=0x7ffc0000 [ 544.124744][ T28] audit: type=1326 audit(544.078:5309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17172 comm="syz.3.4572" exe="/root/syz-executor" sig=0 arch=c000003e syscall=63 compat=0 ip=0x7f115c98f749 code=0x7ffc0000 [ 544.146879][ T28] audit: type=1326 audit(544.078:5310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17172 comm="syz.3.4572" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f115c98f749 code=0x7ffc0000 [ 544.227284][ T28] audit: type=1326 audit(544.078:5311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17172 comm="syz.3.4572" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f115c98f749 code=0x7ffc0000 [ 544.280878][T17179] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4574'. [ 544.632485][ T28] audit: type=1326 audit(544.588:5312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17197 comm="syz.0.4583" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1b758f749 code=0x7ffc0000 [ 544.710296][ T28] audit: type=1326 audit(544.588:5313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17197 comm="syz.0.4583" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1b758f749 code=0x7ffc0000 [ 544.790214][ T28] audit: type=1326 audit(544.588:5314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17197 comm="syz.0.4583" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1b758f749 code=0x7ffc0000 [ 544.844099][ T28] audit: type=1326 audit(544.618:5315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17197 comm="syz.0.4583" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff1b758f749 code=0x7ffc0000 [ 544.873920][ T28] audit: type=1326 audit(544.618:5316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17197 comm="syz.0.4583" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1b758f749 code=0x7ffc0000 [ 544.884763][T17204] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4585'. [ 544.896164][ T28] audit: type=1326 audit(544.618:5317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17197 comm="syz.0.4583" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1b758f749 code=0x7ffc0000 [ 545.680000][T17222] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4594'. [ 546.061821][ T5794] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 546.073591][ T5794] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 546.088490][ T5794] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 546.131096][ T5794] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 546.163672][ T5794] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 546.174717][ T5794] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 546.567888][T17245] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4604'. [ 546.890242][T17229] lo speed is unknown, defaulting to 1000 [ 546.898004][T17229] lo speed is unknown, defaulting to 1000 [ 547.086788][T15443] tipc: Disabling bearer [ 547.114451][T15443] tipc: Disabling bearer [ 547.119980][T15443] tipc: Left network mode [ 547.432866][T17229] chnl_net:caif_netlink_parms(): no params data found [ 547.558938][T17271] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4614'. [ 547.792974][T17281] netlink: 'syz.3.4620': attribute type 12 has an invalid length. [ 547.864257][T17289] netlink: 'syz.1.4621': attribute type 1 has an invalid length. [ 547.976468][T17229] bridge0: port 1(bridge_slave_0) entered blocking state [ 547.990989][T17229] bridge0: port 1(bridge_slave_0) entered disabled state [ 547.998302][T17229] bridge_slave_0: entered allmulticast mode [ 548.014259][T17229] bridge_slave_0: entered promiscuous mode [ 548.088886][T17229] bridge0: port 2(bridge_slave_1) entered blocking state [ 548.102593][T17229] bridge0: port 2(bridge_slave_1) entered disabled state [ 548.121953][T17229] bridge_slave_1: entered allmulticast mode [ 548.143208][T17229] bridge_slave_1: entered promiscuous mode [ 548.167072][T17299] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4625'. [ 548.190823][ T5103] Bluetooth: hci0: command tx timeout [ 548.393433][T17229] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 548.458987][T17315] syz.3.4632[17315] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 548.459139][T17315] syz.3.4632[17315] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 548.488915][T17229] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 548.733814][T17229] team0: Port device team_slave_0 added [ 548.801747][T17229] team0: Port device team_slave_1 added [ 548.924080][T17329] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4638'. [ 549.036097][T17229] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 549.054985][T17229] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 549.110229][T17229] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 549.166717][T17229] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 549.193642][T17229] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 549.251376][T17229] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 549.415225][T15443] hsr_slave_0: left promiscuous mode [ 549.429258][T15443] hsr_slave_1: left promiscuous mode [ 549.501374][T17334] atomic_op ffff88805a7ca198 conn xmit_atomic 0000000000000000 [ 549.565399][T15443] pim6reg (unregistering): left allmulticast mode [ 550.274274][ T5103] Bluetooth: hci0: command tx timeout [ 551.138236][T15443] bond0 (unregistering): Released all slaves [ 551.249138][T17229] hsr_slave_0: entered promiscuous mode [ 551.273618][T17229] hsr_slave_1: entered promiscuous mode [ 551.571490][T17354] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4648'. [ 551.870928][T17361] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4650'. [ 551.920351][T15443] IPVS: stop unused estimator thread 0... [ 552.103198][T17341] lo speed is unknown, defaulting to 1000 [ 552.113884][T17341] lo speed is unknown, defaulting to 1000 [ 552.214938][T17371] 9pnet_fd: Insufficient options for proto=fd [ 552.354388][ T5103] Bluetooth: hci0: command tx timeout [ 552.357083][T17229] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 552.375656][T17229] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 552.413795][T17229] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 552.438576][T17229] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 552.575090][T17229] 8021q: adding VLAN 0 to HW filter on device bond0 [ 552.611880][T17229] 8021q: adding VLAN 0 to HW filter on device team0 [ 552.660018][ T3444] bridge0: port 1(bridge_slave_0) entered blocking state [ 552.667277][ T3444] bridge0: port 1(bridge_slave_0) entered forwarding state [ 552.723617][T15431] bridge0: port 2(bridge_slave_1) entered blocking state [ 552.730851][T15431] bridge0: port 2(bridge_slave_1) entered forwarding state [ 553.057957][ T28] kauditd_printk_skb: 58 callbacks suppressed [ 553.057971][ T28] audit: type=1326 audit(553.008:5376): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17397 comm="syz.3.4663" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f115c98f749 code=0x7ffc0000 [ 553.099423][ T28] audit: type=1326 audit(553.028:5377): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17397 comm="syz.3.4663" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f115c98f749 code=0x7ffc0000 [ 553.121813][ T28] audit: type=1326 audit(553.038:5378): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17397 comm="syz.3.4663" exe="/root/syz-executor" sig=0 arch=c000003e syscall=284 compat=0 ip=0x7f115c98f749 code=0x7ffc0000 [ 553.147809][ T28] audit: type=1326 audit(553.038:5379): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17397 comm="syz.3.4663" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f115c98f749 code=0x7ffc0000 [ 553.173254][ T28] audit: type=1326 audit(553.038:5380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17397 comm="syz.3.4663" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f115c98f749 code=0x7ffc0000 [ 553.200387][ T28] audit: type=1326 audit(553.038:5381): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17397 comm="syz.3.4663" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f115c98df90 code=0x7ffc0000 [ 553.234827][ T28] audit: type=1326 audit(553.038:5382): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17397 comm="syz.3.4663" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f115c98df90 code=0x7ffc0000 [ 553.262656][ T28] audit: type=1326 audit(553.038:5383): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17397 comm="syz.3.4663" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f115c98f749 code=0x7ffc0000 [ 553.320264][ T28] audit: type=1326 audit(553.048:5384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17397 comm="syz.3.4663" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f115c98f749 code=0x7ffc0000 [ 553.412069][ T28] audit: type=1326 audit(553.048:5385): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17397 comm="syz.3.4663" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f115c98f749 code=0x7ffc0000 [ 553.492523][T17405] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4664'. [ 553.544178][T17229] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 553.653879][T17229] veth0_vlan: entered promiscuous mode [ 553.672357][T17413] netlink: 96 bytes leftover after parsing attributes in process `syz.0.4668'. [ 553.695065][T17229] veth1_vlan: entered promiscuous mode [ 553.751046][T17229] veth0_macvtap: entered promiscuous mode [ 553.772947][T17229] veth1_macvtap: entered promiscuous mode [ 553.819444][T17229] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 553.850032][T17229] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 553.865041][T17229] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 553.894030][T17229] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 553.904957][T17229] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 553.914007][T17229] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 554.215273][T15431] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 554.240817][T15431] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 554.312274][T15443] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 554.336966][T15443] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 554.349617][T17431] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4676'. [ 554.430432][ T5103] Bluetooth: hci0: command tx timeout [ 554.688669][T17449] loop2: detected capacity change from 0 to 512 [ 554.725017][T17449] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 554.795249][T17454] netlink: 16 bytes leftover after parsing attributes in process `+}[@'. [ 554.820065][T17229] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 555.181742][T17469] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4689'. [ 555.422219][T17475] program syz.2.4690 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 555.679307][T17472] loop2: detected capacity change from 0 to 512 [ 556.003869][T17492] netlink: 96 bytes leftover after parsing attributes in process `syz.3.4698'. [ 556.181893][T17497] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4700'. [ 556.467448][T17506] netlink: 16 bytes leftover after parsing attributes in process `syz.2.4704'. [ 556.499948][T17504] Process accounting resumed [ 556.604360][T17512] @0Ù: renamed from bond_slave_1 [ 556.999497][T17524] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4713'. [ 557.986057][T17548] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4724'. [ 558.420583][ T28] kauditd_printk_skb: 69 callbacks suppressed [ 558.420602][ T28] audit: type=1326 audit(558.368:5455): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17564 comm="syz.2.4732" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d9078f749 code=0x7ffc0000 [ 558.471485][ T28] audit: type=1326 audit(558.368:5456): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17564 comm="syz.2.4732" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d9078f749 code=0x7ffc0000 [ 558.546720][ T28] audit: type=1326 audit(558.378:5457): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17564 comm="syz.2.4732" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9d9078f749 code=0x7ffc0000 [ 558.590835][ T28] audit: type=1326 audit(558.378:5458): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17564 comm="syz.2.4732" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d9078f749 code=0x7ffc0000 [ 558.628421][ T28] audit: type=1326 audit(558.378:5459): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17564 comm="syz.2.4732" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9d9078f749 code=0x7ffc0000 [ 558.677608][ T28] audit: type=1326 audit(558.378:5460): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17564 comm="syz.2.4732" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d9078f749 code=0x7ffc0000 [ 558.712127][ T28] audit: type=1326 audit(558.378:5461): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17564 comm="syz.2.4732" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d9078f749 code=0x7ffc0000 [ 558.763750][ T28] audit: type=1326 audit(558.378:5462): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17564 comm="syz.2.4732" exe="/root/syz-executor" sig=0 arch=c000003e syscall=125 compat=0 ip=0x7f9d9078f749 code=0x7ffc0000 [ 558.786346][ T28] audit: type=1326 audit(558.378:5463): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17564 comm="syz.2.4732" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d9078f749 code=0x7ffc0000 [ 558.850415][T17577] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4738'. [ 558.869370][T17579] syz.2.4739[17579] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 558.869584][T17579] syz.2.4739[17579] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 558.874817][ T28] audit: type=1326 audit(558.818:5464): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17578 comm="syz.2.4739" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d9078f749 code=0x7ffc0000 [ 558.977252][T17584] netlink: 14 bytes leftover after parsing attributes in process `syz.3.4741'. [ 558.988007][T17584] hsr_slave_0: left promiscuous mode [ 558.995523][T17584] hsr_slave_1: left promiscuous mode [ 559.097977][T17588] loop2: detected capacity change from 0 to 512 [ 559.134438][T17590] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4744'. [ 559.242946][T17594] netlink: 16 bytes leftover after parsing attributes in process `syz.1.4746'. [ 559.268610][T17592] Invalid ELF header magic: != ELF [ 559.530641][T17605] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4752'. [ 559.641905][T17607] loop2: detected capacity change from 0 to 4096 [ 559.711588][T17607] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 559.896234][T17229] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 560.166964][T17631] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4763'. [ 561.076951][ T5794] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 561.183922][ T5794] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 561.194027][ T5794] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 561.202812][ T5794] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 561.210892][ T5794] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 561.218618][ T5794] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 561.986072][T17667] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4776'. [ 562.466631][ T3444] : left promiscuous mode [ 562.582558][ T3444] tipc: Left network mode [ 562.709397][T17658] lo speed is unknown, defaulting to 1000 [ 562.717167][T17658] lo speed is unknown, defaulting to 1000 [ 562.954809][T17695] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4786'. [ 563.091027][T17658] chnl_net:caif_netlink_parms(): no params data found [ 563.154657][ T1279] ieee802154 phy0 wpan0: encryption failed: -22 [ 563.162227][ T1279] ieee802154 phy1 wpan1: encryption failed: -22 [ 563.197871][T17700] syz.3.4788[17700] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 563.198007][T17700] syz.3.4788[17700] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 563.311193][ T5794] Bluetooth: hci4: command tx timeout [ 563.372470][T17658] bridge0: port 1(bridge_slave_0) entered blocking state [ 563.402549][T17658] bridge0: port 1(bridge_slave_0) entered disabled state [ 563.409875][T17658] bridge_slave_0: entered allmulticast mode [ 563.441169][T17658] bridge_slave_0: entered promiscuous mode [ 563.521973][T17658] bridge0: port 2(bridge_slave_1) entered blocking state [ 563.531165][T17658] bridge0: port 2(bridge_slave_1) entered disabled state [ 563.551688][T17658] bridge_slave_1: entered allmulticast mode [ 563.565151][T17658] bridge_slave_1: entered promiscuous mode [ 563.607206][T17717] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4794'. [ 563.633507][T17721] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING [ 563.747912][T17658] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 563.815881][T17728] loop2: detected capacity change from 0 to 512 [ 563.863561][T17728] EXT4-fs (loop2): bad s_want_extra_isize: 1916 [ 563.865167][T17658] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 564.016866][T17658] team0: Port device team_slave_0 added [ 564.042033][ T28] kauditd_printk_skb: 52 callbacks suppressed [ 564.042048][ T28] audit: type=1326 audit(563.998:5517): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17731 comm="syz.3.4801" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f115c98f749 code=0x7ffc0000 [ 564.082798][T17658] team0: Port device team_slave_1 added [ 564.094410][ T28] audit: type=1326 audit(564.028:5518): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17731 comm="syz.3.4801" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f115c98f749 code=0x7ffc0000 [ 564.151569][ T28] audit: type=1326 audit(564.028:5519): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17731 comm="syz.3.4801" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f115c98f749 code=0x7ffc0000 [ 564.203270][T17738] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'filter' [ 564.220421][ T28] audit: type=1326 audit(564.028:5520): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17731 comm="syz.3.4801" exe="/root/syz-executor" sig=0 arch=c000003e syscall=111 compat=0 ip=0x7f115c98f749 code=0x7ffc0000 [ 564.260869][ T28] audit: type=1326 audit(564.028:5521): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17731 comm="syz.3.4801" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f115c98f749 code=0x7ffc0000 [ 564.316938][ T28] audit: type=1326 audit(564.178:5522): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17735 comm="syz.1.4803" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5cb458f749 code=0x7ffc0000 [ 564.360927][ T28] audit: type=1326 audit(564.178:5523): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17735 comm="syz.1.4803" exe="/root/syz-executor" sig=0 arch=c000003e syscall=115 compat=0 ip=0x7f5cb458f749 code=0x7ffc0000 [ 564.386819][T17658] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 564.440376][T17658] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 564.515678][T17658] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 564.580201][ T28] audit: type=1326 audit(564.178:5524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17735 comm="syz.1.4803" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5cb458f749 code=0x7ffc0000 [ 564.621071][T17738] netlink: 14 bytes leftover after parsing attributes in process `syz.3.4804'. [ 564.631363][T17739] tipc: Enabling of bearer rejected, failed to enable media [ 564.640612][ T28] audit: type=1326 audit(564.208:5525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17735 comm="syz.1.4803" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5cb458f749 code=0x7ffc0000 [ 564.662847][T17743] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4806'. [ 564.737108][T17745] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4805'. [ 564.752762][T17658] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 564.763323][T17658] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 564.790002][T17658] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 564.850413][ T3444] hsr_slave_0: left promiscuous mode [ 564.875048][ T3444] hsr_slave_1: left promiscuous mode [ 565.390479][ T5794] Bluetooth: hci4: command tx timeout [ 565.900780][ T3444] bond2 (unregistering): Released all slaves [ 566.399208][ T3444] bond1 (unregistering): Released all slaves [ 567.470309][ T5794] Bluetooth: hci4: command tx timeout [ 567.576752][ T3444] bond0 (unregistering): Released all slaves [ 567.663072][T17770] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4817'. [ 567.730222][T17780] netlink: 'syz.3.4821': attribute type 13 has an invalid length. [ 567.991171][ T28] audit: type=1326 audit(567.948:5526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17788 comm="syz.2.4826" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9d9078f749 code=0x0 [ 568.103215][T17793] syz.1.4827[17793] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 568.103371][T17793] syz.1.4827[17793] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 568.243859][T17658] hsr_slave_0: entered promiscuous mode [ 568.301075][T17658] hsr_slave_1: entered promiscuous mode [ 568.315411][T17658] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 568.333636][T17658] Cannot create hsr debugfs directory [ 568.422795][T17801] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4830'. [ 568.548450][T17798] xt_CT: You must specify a L4 protocol and not use inversions on it [ 568.723994][ T3444] IPVS: stop unused estimator thread 0... [ 568.923452][T17808] netlink: 17188 bytes leftover after parsing attributes in process `syz.2.4833'. [ 569.139230][T17814] syz.1.4836[17814] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 569.139373][T17814] syz.1.4836[17814] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 569.159326][T17814] netem: change failed [ 569.371491][T17818] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4838'. [ 569.392569][T17658] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 569.437394][T17658] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 569.456472][T17658] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 569.483625][T17658] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 569.551132][ T5794] Bluetooth: hci4: command tx timeout [ 569.677840][T17658] 8021q: adding VLAN 0 to HW filter on device bond0 [ 569.715686][T17658] 8021q: adding VLAN 0 to HW filter on device team0 [ 569.737683][ T3444] bridge0: port 1(bridge_slave_0) entered blocking state [ 569.744964][ T3444] bridge0: port 1(bridge_slave_0) entered forwarding state [ 569.787760][T15426] bridge0: port 2(bridge_slave_1) entered blocking state [ 569.795008][T15426] bridge0: port 2(bridge_slave_1) entered forwarding state [ 570.215507][T17851] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4848'. [ 570.359549][T17658] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 570.473810][T17658] veth0_vlan: entered promiscuous mode [ 570.513201][T17658] veth1_vlan: entered promiscuous mode [ 570.610001][T17658] veth0_macvtap: entered promiscuous mode [ 570.643979][T17658] veth1_macvtap: entered promiscuous mode [ 570.695825][T17658] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 570.720267][T17658] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 570.742539][T17658] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 570.773433][T17658] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 570.807456][T17658] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 570.836261][T17658] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 570.904072][T17658] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 570.936034][T17658] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 570.945031][T17658] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 570.954530][T17658] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 571.061704][T17867] ip6t_rpfilter: unknown options [ 571.688459][T15590] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 571.732635][T15590] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 571.855560][T15443] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 571.874007][T15443] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 571.903090][T17871] syz.2.4856[17871] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 571.903230][T17871] syz.2.4856[17871] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 571.995056][T17873] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4857'. [ 572.320261][ T28] audit: type=1326 audit(572.268:5527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17883 comm="syz.0.4862" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e34b8f749 code=0x7ffc0000 [ 572.343212][T17884] syz.0.4862[17884] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 572.343346][T17884] syz.0.4862[17884] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 572.360388][ T28] audit: type=1326 audit(572.268:5528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17883 comm="syz.0.4862" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e34b8f749 code=0x7ffc0000 [ 572.398045][ T28] audit: type=1326 audit(572.298:5529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17883 comm="syz.0.4862" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0e34b8f749 code=0x7ffc0000 [ 572.443729][ T28] audit: type=1326 audit(572.348:5530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17883 comm="syz.0.4862" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e34b8f749 code=0x7ffc0000 [ 572.530316][ T28] audit: type=1326 audit(572.348:5531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17883 comm="syz.0.4862" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e34b8f749 code=0x7ffc0000 [ 572.568184][T17891] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4867'. [ 572.578775][ T28] audit: type=1326 audit(572.378:5532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17883 comm="syz.0.4862" exe="/root/syz-executor" sig=0 arch=c000003e syscall=90 compat=0 ip=0x7f0e34b8f749 code=0x7ffc0000 [ 572.631548][ T28] audit: type=1326 audit(572.378:5533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17883 comm="syz.0.4862" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e34b8f749 code=0x7ffc0000 [ 572.688479][ T28] audit: type=1326 audit(572.558:5534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17893 comm="syz.1.4864" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5cb458f749 code=0x7ffc0000 [ 572.772352][ T28] audit: type=1326 audit(572.558:5535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17893 comm="syz.1.4864" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5cb458f749 code=0x7ffc0000 [ 572.831925][T17904] loop2: detected capacity change from 0 to 1024 [ 572.842462][ T28] audit: type=1326 audit(572.558:5536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17893 comm="syz.1.4864" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5cb458f749 code=0x7ffc0000 [ 572.906773][T17904] EXT4-fs (loop2): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 572.963106][T17904] EXT4-fs error (device loop2): ext4_map_blocks:718: inode #15: block 3: comm syz.2.4870: lblock 3 mapped to illegal pblock 3 (length 3) [ 573.002918][T17904] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117 [ 573.019413][T17904] EXT4-fs (loop2): This should not happen!! Data will be lost [ 573.019413][T17904] [ 573.261172][T15443] EXT4-fs error (device loop2): ext4_map_blocks:718: inode #15: block 8: comm kworker/u4:40: lblock 8 mapped to illegal pblock 8 (length 8) [ 573.284547][T15443] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 8 with error 117 [ 573.300720][T15443] EXT4-fs (loop2): This should not happen!! Data will be lost [ 573.300720][T15443] [ 573.357419][T15443] EXT4-fs error (device loop2): ext4_validate_block_bitmap:439: comm kworker/u4:40: bg 0: block 112: padding at end of block bitmap is not set [ 573.401595][T15443] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 48 with max blocks 20 with error 117 [ 573.438074][T15443] EXT4-fs (loop2): This should not happen!! Data will be lost [ 573.438074][T15443] [ 573.474555][T17229] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 573.591739][ T5103] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 573.606631][ T5103] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 573.617179][ T5103] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 573.627994][ T5103] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 573.636406][ T5103] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 573.646862][ T5103] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 573.964234][T17931] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4879'. [ 574.411233][ T9011] hid-generic 0003:0006:0000.0004: unknown main item tag 0x0 [ 574.439353][ T9011] hid-generic 0003:0006:0000.0004: unknown main item tag 0x0 [ 574.459413][ T9011] hid-generic 0003:0006:0000.0004: unknown main item tag 0x0 [ 574.482361][ T9011] hid-generic 0003:0006:0000.0004: unknown main item tag 0x0 [ 574.505173][ T9011] hid-generic 0003:0006:0000.0004: unknown main item tag 0x0 [ 574.523863][ T9011] hid-generic 0003:0006:0000.0004: unknown main item tag 0x0 [ 574.545572][ T9011] hid-generic 0003:0006:0000.0004: unknown main item tag 0x0 [ 574.567842][ T9011] hid-generic 0003:0006:0000.0004: unknown main item tag 0x0 [ 574.589837][ T9011] hid-generic 0003:0006:0000.0004: unknown main item tag 0x0 [ 574.615569][ T9011] hid-generic 0003:0006:0000.0004: unknown main item tag 0x0 [ 574.638773][ T9011] hid-generic 0003:0006:0000.0004: unknown main item tag 0x0 [ 574.661325][ T9011] hid-generic 0003:0006:0000.0004: unknown main item tag 0x0 [ 574.665206][T17924] lo speed is unknown, defaulting to 1000 [ 574.688642][ T9011] hid-generic 0003:0006:0000.0004: unknown main item tag 0x0 [ 574.705516][ T9011] hid-generic 0003:0006:0000.0004: unknown main item tag 0x0 [ 574.719506][ T9011] hid-generic 0003:0006:0000.0004: unknown main item tag 0x0 [ 574.742491][ T9011] hid-generic 0003:0006:0000.0004: unknown main item tag 0x0 [ 574.775717][ T9011] hid-generic 0003:0006:0000.0004: unknown main item tag 0x0 [ 574.795721][ T9011] hid-generic 0003:0006:0000.0004: unknown main item tag 0x0 [ 574.826314][ T9011] hid-generic 0003:0006:0000.0004: hidraw0: USB HID v0.02 Device [syz1] on syz1 [ 575.328029][T17954] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4889'. [ 575.478782][T17960] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 575.649710][T17924] chnl_net:caif_netlink_parms(): no params data found [ 575.710824][ T5794] Bluetooth: hci2: command tx timeout [ 576.021570][T17924] bridge0: port 1(bridge_slave_0) entered blocking state [ 576.040253][T17924] bridge0: port 1(bridge_slave_0) entered disabled state [ 576.057690][T17924] bridge_slave_0: entered allmulticast mode [ 576.074953][T17924] bridge_slave_0: entered promiscuous mode [ 576.117424][T17924] bridge0: port 2(bridge_slave_1) entered blocking state [ 576.124999][T17924] bridge0: port 2(bridge_slave_1) entered disabled state [ 576.132488][T17924] bridge_slave_1: entered allmulticast mode [ 576.141379][T17924] bridge_slave_1: entered promiscuous mode [ 576.163296][T17984] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4900'. [ 576.236717][T17924] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 576.336198][T17924] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 576.545555][T17924] team0: Port device team_slave_0 added [ 576.602731][T17924] team0: Port device team_slave_1 added [ 576.764160][T18005] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4910'. [ 576.809413][T17924] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 576.816616][T17924] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 576.871239][T17924] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 577.185003][T17924] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 577.201048][T17924] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 577.246639][T17924] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 577.333735][T18012] Cannot find add_set index 0 as target [ 577.403763][T15590] bridge_slave_1: left allmulticast mode [ 577.409709][T15590] bridge_slave_1: left promiscuous mode [ 577.419199][T15590] bridge0: port 2(bridge_slave_1) entered disabled state [ 577.431975][T15590] bridge_slave_0: left allmulticast mode [ 577.446062][T15590] bridge_slave_0: left promiscuous mode [ 577.453508][T15590] bridge0: port 1(bridge_slave_0) entered disabled state [ 577.796497][ T5794] Bluetooth: hci2: command tx timeout [ 577.853994][T18024] loop2: detected capacity change from 0 to 1024 [ 577.894682][T18024] EXT4-fs: inline encryption not supported [ 577.911255][T18024] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 577.937918][T18024] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 578.008388][T18024] usb usb1: usbfs: interface 0 claimed by hub while 'syz.2.4918' sets config #0 [ 578.105334][T17229] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 578.259105][T18035] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING [ 579.211027][T18045] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4923'. [ 579.378569][T15590] team0 (unregistering): Port device team_slave_1 removed [ 579.448044][T15590] team0 (unregistering): Port device team_slave_0 removed [ 579.513608][T15590] bond0 (unregistering): (slave 4@0Ù): Releasing backup interface [ 579.579029][T15590] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 579.591726][ T1140] smc: removing ib device syû [ 579.870688][ T5794] Bluetooth: hci2: command tx timeout [ 580.836872][T15590] bond0 (unregistering): Released all slaves [ 580.955545][T18034] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4920'. [ 581.026841][T17924] hsr_slave_0: entered promiscuous mode [ 581.035601][T17924] hsr_slave_1: entered promiscuous mode [ 581.042395][T17924] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 581.050008][T17924] Cannot create hsr debugfs directory [ 581.526655][T15590] IPVS: stop unused estimator thread 0... [ 581.950338][ T5794] Bluetooth: hci2: command tx timeout [ 582.323388][T17924] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 582.343496][T17924] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 582.383471][T17924] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 582.402299][T17924] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 582.618551][T17924] 8021q: adding VLAN 0 to HW filter on device bond0 [ 582.649079][T18074] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4931'. [ 582.774951][T17924] 8021q: adding VLAN 0 to HW filter on device team0 [ 582.802461][T15443] bridge0: port 1(bridge_slave_0) entered blocking state [ 582.809674][T15443] bridge0: port 1(bridge_slave_0) entered forwarding state [ 582.824631][T18077] netlink: 24 bytes leftover after parsing attributes in process `syz.2.4932'. [ 582.845441][T15443] bridge0: port 2(bridge_slave_1) entered blocking state [ 582.852711][T15443] bridge0: port 2(bridge_slave_1) entered forwarding state [ 583.335653][T17924] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 583.439802][T17924] veth0_vlan: entered promiscuous mode [ 583.493297][T17924] veth1_vlan: entered promiscuous mode [ 583.569190][T17924] veth0_macvtap: entered promiscuous mode [ 583.623250][T17924] veth1_macvtap: entered promiscuous mode [ 583.679605][T17924] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 583.697022][T17924] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 583.710018][T17924] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 583.740147][T17924] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 583.758086][T17924] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 583.764722][T18096] loop2: detected capacity change from 0 to 8192 [ 583.772156][T18100] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4940'. [ 583.886581][T17924] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 583.903679][T17924] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 583.917052][T17924] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 583.934520][T17924] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 583.948403][T17924] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 583.970567][T17924] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 583.979443][T17924] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 584.008324][T17924] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 584.026532][T17924] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 584.258833][T15590] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 584.281212][T15590] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 584.416529][T15590] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 584.431178][T18109] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4942'. [ 584.447389][T15590] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 584.681971][T18115] netlink: 2 bytes leftover after parsing attributes in process `syz.0.4946'. [ 584.706561][T18115] netlink: 2 bytes leftover after parsing attributes in process `syz.0.4946'. [ 584.726813][ T28] kauditd_printk_skb: 45 callbacks suppressed [ 584.726827][ T28] audit: type=1326 audit(584.678:5582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18117 comm="syz.3.4875" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbee378f749 code=0x7ffc0000 [ 584.794845][ T28] audit: type=1326 audit(584.718:5583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18117 comm="syz.3.4875" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbee378f749 code=0x7ffc0000 [ 584.863252][ T28] audit: type=1326 audit(584.728:5584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18117 comm="syz.3.4875" exe="/root/syz-executor" sig=0 arch=c000003e syscall=312 compat=0 ip=0x7fbee378f749 code=0x7ffc0000 [ 584.946497][ T28] audit: type=1326 audit(584.728:5585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18117 comm="syz.3.4875" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbee378f749 code=0x7ffc0000 [ 584.974266][ T28] audit: type=1326 audit(584.728:5586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18117 comm="syz.3.4875" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbee378f749 code=0x7ffc0000 [ 585.005977][ T28] audit: type=1326 audit(584.728:5587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18117 comm="syz.3.4875" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbee378f749 code=0x7ffc0000 [ 585.044476][ T28] audit: type=1326 audit(584.728:5588): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18117 comm="syz.3.4875" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbee378f749 code=0x7ffc0000 [ 585.077191][ T28] audit: type=1326 audit(584.728:5589): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18117 comm="syz.3.4875" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbee378f749 code=0x7ffc0000 [ 585.104548][ T28] audit: type=1326 audit(584.728:5590): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18117 comm="syz.3.4875" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbee378f749 code=0x7ffc0000 [ 585.135189][ T28] audit: type=1326 audit(584.728:5591): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18117 comm="syz.3.4875" exe="/root/syz-executor" sig=0 arch=c000003e syscall=25 compat=0 ip=0x7fbee378f749 code=0x7ffc0000 [ 585.171228][T18122] netlink: 'syz.3.4947': attribute type 13 has an invalid length. [ 585.952338][ T5103] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 585.963727][ T5103] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 585.973440][ T5103] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 585.983482][ T5103] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 586.002315][ T5103] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 586.009767][ T5103] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 586.094962][T18122] bridge0: port 2(bridge_slave_1) entered disabled state [ 586.102970][T18122] bridge0: port 1(bridge_slave_0) entered disabled state [ 586.822970][T18122] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 586.854904][T18122] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 587.018693][T18122] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 587.032689][T18122] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 587.043341][T18122] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 587.052817][T18122] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 587.119223][T18124] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4948'. [ 587.285670][T18145] loop3: detected capacity change from 0 to 128 [ 587.577330][T18130] lo speed is unknown, defaulting to 1000 [ 587.747599][T18164] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4964'. [ 587.877701][T18168] loop3: detected capacity change from 0 to 128 [ 587.893594][T18171] loop2: detected capacity change from 0 to 128 [ 587.908067][T18171] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 587.930866][T18168] FAT-fs (loop3): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1) [ 587.940381][T18171] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 587.977453][T18130] chnl_net:caif_netlink_parms(): no params data found [ 588.018199][T18168] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100) [ 588.040447][T18168] FAT-fs (loop3): Filesystem has been set read-only [ 588.057427][T18168] +}[@: attempt to access beyond end of device [ 588.057427][T18168] loop3: rw=524288, sector=2065, nr_sectors = 8 limit=128 [ 588.082330][ T1140] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 588.111547][ T5794] Bluetooth: hci1: command tx timeout [ 588.124655][T18130] bridge0: port 1(bridge_slave_0) entered blocking state [ 588.127490][T18168] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100) [ 588.132907][T18130] bridge0: port 1(bridge_slave_0) entered disabled state [ 588.147547][T18130] bridge_slave_0: entered allmulticast mode [ 588.155790][T18130] bridge_slave_0: entered promiscuous mode [ 588.163671][T18168] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100) [ 588.182061][T18130] bridge0: port 2(bridge_slave_1) entered blocking state [ 588.189247][T18130] bridge0: port 2(bridge_slave_1) entered disabled state [ 588.203225][T18168] +}[@: attempt to access beyond end of device [ 588.203225][T18168] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 588.217663][T18130] bridge_slave_1: entered allmulticast mode [ 588.225898][T18130] bridge_slave_1: entered promiscuous mode [ 588.333375][T18130] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 588.383231][T18186] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4972'. [ 588.397430][T18130] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 588.509154][T18130] team0: Port device team_slave_0 added [ 588.550421][T18130] team0: Port device team_slave_1 added [ 588.611516][T18194] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4975'. [ 588.646916][T18130] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 588.655716][T18130] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 588.688397][T18130] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 588.725936][T18130] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 588.739656][T18130] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 588.773199][T18130] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 588.946865][T18130] hsr_slave_0: entered promiscuous mode [ 588.957402][T18130] hsr_slave_1: entered promiscuous mode [ 588.965147][T18130] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 588.978609][T18130] Cannot create hsr debugfs directory [ 589.306970][T18213] infiniband syb2: RDMA CMA: cma_listen_on_dev, error -98 [ 589.552100][T18219] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4986'. [ 589.665222][T18130] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 589.680520][T18130] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 589.692603][T18130] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 589.704299][T18130] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 589.835063][T18229] loop3: detected capacity change from 0 to 1024 [ 589.852170][T18229] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 589.886203][T18229] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (42152!=20869) [ 589.910298][T18229] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 589.921171][T18233] random: crng reseeded on system resumption [ 589.945921][T18229] EXT4-fs error (device loop3): ext4_get_journal_inode:5800: inode #5: comm syz.3.4989: unexpected bad inode w/o EXT4_IGET_BAD [ 589.969601][T18229] EXT4-fs (loop3): no journal found [ 589.985337][T18130] 8021q: adding VLAN 0 to HW filter on device bond0 [ 589.995642][T18229] EXT4-fs (loop3): can't get journal size [ 590.026341][T18229] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=8800e11c, mo2=0102] [ 590.044826][T18130] 8021q: adding VLAN 0 to HW filter on device team0 [ 590.045193][T18229] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 590.086948][T15414] bridge0: port 1(bridge_slave_0) entered blocking state [ 590.094243][T15414] bridge0: port 1(bridge_slave_0) entered forwarding state [ 590.141686][T15414] bridge0: port 2(bridge_slave_1) entered blocking state [ 590.148883][T15414] bridge0: port 2(bridge_slave_1) entered forwarding state [ 590.158686][T17924] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 590.167987][T18239] loop2: detected capacity change from 0 to 1024 [ 590.169283][T18239] EXT4-fs: inline encryption not supported [ 590.190364][ T5794] Bluetooth: hci1: command tx timeout [ 590.250689][T18239] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 590.346332][T18239] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 590.449796][T18239] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4031: comm syz.2.4992: Allocating blocks 385-513 which overlap fs metadata [ 590.494013][T18239] EXT4-fs (loop2): pa ffff8880773d62b8: logic 16, phys. 129, len 24 [ 590.502481][T18239] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:5372: group 0, free 0, pa_free 8 [ 590.563859][T18130] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 590.584113][T17229] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 590.665175][T18251] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4994'. [ 590.724051][ T28] kauditd_printk_skb: 16 callbacks suppressed [ 590.724067][ T28] audit: type=1326 audit(590.678:5608): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18252 comm="syz.0.4995" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e34b8f749 code=0x7ffc0000 [ 590.759201][ T28] audit: type=1326 audit(590.678:5609): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18252 comm="syz.0.4995" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e34b8f749 code=0x7ffc0000 [ 590.816534][T18130] veth0_vlan: entered promiscuous mode [ 590.830606][ T28] audit: type=1326 audit(590.708:5610): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18252 comm="syz.0.4995" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e34b8f749 code=0x7ffc0000 [ 590.856829][T18130] veth1_vlan: entered promiscuous mode [ 590.894135][ T28] audit: type=1326 audit(590.708:5611): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18252 comm="syz.0.4995" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0e34b8f749 code=0x7ffc0000 [ 590.923234][ T28] audit: type=1326 audit(590.708:5612): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18252 comm="syz.0.4995" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e34b8f749 code=0x7ffc0000 [ 590.946302][ T28] audit: type=1326 audit(590.738:5613): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18252 comm="syz.0.4995" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e34b8f749 code=0x7ffc0000 [ 590.977920][T18130] veth0_macvtap: entered promiscuous mode [ 590.984982][ T28] audit: type=1326 audit(590.738:5614): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18252 comm="syz.0.4995" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e34b8f749 code=0x7ffc0000 [ 590.997500][T18130] veth1_macvtap: entered promiscuous mode [ 591.030748][ T28] audit: type=1326 audit(590.738:5615): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18252 comm="syz.0.4995" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e34b8f749 code=0x7ffc0000 [ 591.075026][ T28] audit: type=1326 audit(590.738:5616): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18252 comm="syz.0.4995" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e34b8f749 code=0x7ffc0000 [ 591.090424][T18130] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 591.118454][ T28] audit: type=1326 audit(590.738:5617): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18252 comm="syz.0.4995" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0e34b8f749 code=0x7ffc0000 [ 591.122059][T18130] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 591.162181][T18130] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 591.178606][T18130] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 591.199046][T18130] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 591.266335][T18130] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 591.284178][T18130] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 591.298215][T18130] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 591.313061][T18130] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 591.342192][T18130] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 591.368990][T18130] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 591.387977][T18130] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 591.399785][T18130] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 591.430164][T18130] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 591.648870][ T3444] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 591.667632][ T3444] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 591.679048][T18270] netlink: 12 bytes leftover after parsing attributes in process `syz.3.5003'. [ 591.770032][ T3444] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 591.779264][ T3444] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 592.270613][ T5794] Bluetooth: hci1: command tx timeout [ 592.293990][T18292] netlink: 4236 bytes leftover after parsing attributes in process `syz.3.5011'. [ 592.314192][T18294] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5013'. [ 592.576389][T18300] loop3: detected capacity change from 0 to 512 [ 592.582907][T18301] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5015'. [ 592.593896][T18301] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 592.597146][T18300] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 592.603786][T18301] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 592.618457][T18301] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 592.626991][T18301] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 592.913987][T18300] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 593.422048][T17924] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 593.759098][T18321] 9pnet: Could not find request transport: up.net/syz0 [ 593.759470][T18324] netlink: 12 bytes leftover after parsing attributes in process `syz.3.5023'. [ 594.320038][T15426] bond1: (slave ip6erspan0): Releasing active interface [ 594.351730][ T5794] Bluetooth: hci1: command tx timeout [ 594.396007][T18337] bond1: entered promiscuous mode [ 594.401419][T18337] bond1: entered allmulticast mode [ 594.407107][T18337] 8021q: adding VLAN 0 to HW filter on device bond1 [ 594.538231][T18343] binfmt_misc: register: failed to install interpreter file ./file0 [ 594.656500][T18337] bond1 (unregistering): Released all slaves [ 594.709627][T18342] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5027'. [ 594.710019][T18345] netlink: 20 bytes leftover after parsing attributes in process `syz.2.5031'. [ 595.071371][T18354] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5035'. [ 595.921218][T18377] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5046'. [ 595.979771][T15426] hsr_slave_0: left promiscuous mode [ 595.995132][T15426] hsr_slave_1: left promiscuous mode [ 596.002635][T15426] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 596.014340][T15426] bridge_slave_1: left allmulticast mode [ 596.020301][T15426] bridge_slave_1: left promiscuous mode [ 596.027589][T15426] bridge0: port 2(bridge_slave_1) entered disabled state [ 596.037943][T15426] bridge_slave_0: left allmulticast mode [ 596.043971][T15426] bridge_slave_0: left promiscuous mode [ 596.049888][T15426] bridge0: port 1(bridge_slave_0) entered disabled state [ 596.075351][T15426] pim6reg (unregistering): left allmulticast mode [ 596.190273][T18383] netlink: 'syz.3.5048': attribute type 3 has an invalid length. [ 596.230496][ T8960] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 596.343821][T15426] bond2 (unregistering): Released all slaves [ 596.380324][ T8960] usb 2-1: device descriptor read/64, error -71 [ 596.409787][T18385] loop3: detected capacity change from 0 to 8192 [ 596.463877][T18385] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 596.489691][ T28] kauditd_printk_skb: 26 callbacks suppressed [ 596.489707][ T28] audit: type=1326 audit(596.448:5644): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18384 comm="syz.3.5049" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbee378f749 code=0x7ffc0000 [ 596.521250][ T28] audit: type=1326 audit(596.458:5645): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18384 comm="syz.3.5049" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbee378f749 code=0x7ffc0000 [ 596.547872][ T28] audit: type=1326 audit(596.478:5646): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18384 comm="syz.3.5049" exe="/root/syz-executor" sig=0 arch=c000003e syscall=137 compat=0 ip=0x7fbee378f749 code=0x7ffc0000 [ 596.574098][ T28] audit: type=1326 audit(596.498:5647): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18384 comm="syz.3.5049" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbee378f749 code=0x7ffc0000 [ 596.596115][T18385] netlink: 96 bytes leftover after parsing attributes in process `syz.3.5049'. [ 596.605451][ T28] audit: type=1326 audit(596.498:5648): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18384 comm="syz.3.5049" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbee378f749 code=0x7ffc0000 [ 596.628161][ T28] audit: type=1326 audit(596.498:5649): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18384 comm="syz.3.5049" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fbee378f749 code=0x7ffc0000 [ 596.650019][ T28] audit: type=1326 audit(596.498:5650): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18384 comm="syz.3.5049" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbee378f749 code=0x7ffc0000 [ 596.678538][ T8960] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 596.689982][ T28] audit: type=1326 audit(596.498:5651): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18384 comm="syz.3.5049" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbee378f749 code=0x7ffc0000 [ 596.713591][ T28] audit: type=1326 audit(596.518:5652): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18384 comm="syz.3.5049" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fbee3791667 code=0x7ffc0000 [ 596.736380][ T28] audit: type=1326 audit(596.518:5653): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18384 comm="syz.3.5049" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7fbee37915dc code=0x7ffc0000 [ 596.840289][ T8960] usb 2-1: device descriptor read/64, error -71 [ 596.848385][T15426] bond1 (unregistering): Released all slaves [ 596.973911][ T8960] usb usb2-port1: attempt power cycle [ 597.223956][ T9012] usb 4-1: new high-speed USB device number 9 using dummy_hcd [ 597.389731][T15426] team0 (unregistering): Port device team_slave_1 removed [ 597.399266][ T8960] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 597.435119][ T9012] usb 4-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 597.435198][ T8960] usb 2-1: device descriptor read/8, error -71 [ 597.449694][ T9012] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 597.464217][ T9012] usb 4-1: Product: syz [ 597.468455][ T9012] usb 4-1: Manufacturer: syz [ 597.475653][ T9012] usb 4-1: SerialNumber: syz [ 597.487462][T15426] team0 (unregistering): Port device team_slave_0 removed [ 597.490027][ T9012] usb 4-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 597.523899][ T5877] usb 4-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 597.574337][T15426] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 597.645161][T15426] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 597.734435][ T8960] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 597.777769][ T9012] usb 4-1: USB disconnect, device number 9 [ 597.791137][ T8960] usb 2-1: device descriptor read/8, error -71 [ 597.925594][ T8960] usb usb2-port1: unable to enumerate USB device [ 598.495568][T15426] bond0 (unregistering): Released all slaves [ 598.590414][ T5877] ath9k_htc 4-1:1.0: ath9k_htc: Target is unresponsive [ 598.597553][ T5877] ath9k_htc: Failed to initialize the device [ 598.625022][ T9012] usb 4-1: ath9k_htc: USB layer deinitialized [ 598.965628][T18369] lo speed is unknown, defaulting to 1000 [ 599.174184][T15426] IPVS: stop unused estimator thread 0... [ 599.309120][T18396] lo speed is unknown, defaulting to 1000 [ 599.324327][T18400] siw: device registration error -23 [ 599.496613][T18414] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5063'. [ 599.807077][T18420] can0: slcan on ttyS3. [ 599.892015][T18419] can0 (unregistered): slcan off ttyS3. [ 600.406240][T18436] netlink: 16 bytes leftover after parsing attributes in process `syz.0.5074'. [ 600.484999][T18442] loop2: detected capacity change from 0 to 512 [ 600.511676][T18442] ext4: Unknown parameter 'mask' [ 600.593125][T18442] loop2: detected capacity change from 0 to 512 [ 600.621853][T18442] EXT4-fs: Ignoring removed orlov option [ 600.639952][T18442] EXT4-fs: Mount option(s) incompatible with ext2 [ 600.905567][T18457] loop3: detected capacity change from 0 to 512 [ 600.943362][T18457] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 600.982491][T18457] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 601.031150][T18457] EXT4-fs error (device loop3): ext4_orphan_get:1399: inode #15: comm syz.3.5080: inode has both inline data and extents flags [ 601.092817][T18457] EXT4-fs error (device loop3): ext4_orphan_get:1404: comm syz.3.5080: couldn't read orphan inode 15 (err -117) [ 601.164893][T18457] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 601.614954][T18464] usb usb7: usbfs: process 18464 (syz.2.5082) did not claim interface 0 before use [ 601.843348][T18468] loop2: detected capacity change from 0 to 512 [ 601.890688][T18468] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended [ 602.024796][T18468] EXT4-fs warning (device loop2): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 602.142010][T18468] EXT4-fs (loop2): mount failed [ 602.721648][T18483] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5090'. [ 602.744451][T18483] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5090'. [ 602.775231][T18483] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5090'. [ 602.803622][T18483] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 602.838143][T18483] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 602.877611][T18483] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 602.893396][T18483] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 603.571277][T18493] sctp: [Deprecated]: syz.0.5094 (pid 18493) Use of int in max_burst socket option deprecated. [ 603.571277][T18493] Use struct sctp_assoc_value instead [ 604.698585][T18501] RDS: rds_bind could not find a transport for fe88::101, load rds_tcp or rds_rdma? [ 604.775739][T18502] netlink: 28 bytes leftover after parsing attributes in process `syz.2.5095'. [ 604.886540][T17924] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 604.974592][T18441] warn_alloc: 3 callbacks suppressed [ 604.974611][T18441] syz.1.5075: vmalloc error: size 536870912, failed to allocated page array size 1048576, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=syz1,mems_allowed=0-1 [ 605.016047][ T28] kauditd_printk_skb: 97 callbacks suppressed [ 605.016062][ T28] audit: type=1326 audit(604.968:5751): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18505 comm="syz.3.5099" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbee378f749 code=0x7ffc0000 [ 605.060680][T18441] CPU: 1 PID: 18441 Comm: syz.1.5075 Not tainted syzkaller #0 [ 605.068230][T18441] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 605.078336][T18441] Call Trace: [ 605.081667][T18441] [ 605.084630][T18441] dump_stack_lvl+0x16c/0x230 [ 605.089367][T18441] ? show_regs_print_info+0x20/0x20 [ 605.094613][T18441] ? load_image+0x3b0/0x3b0 [ 605.099162][T18441] ? cpuset_print_current_mems_allowed+0x1f/0x360 [ 605.105620][T18441] ? cpuset_print_current_mems_allowed+0x2e3/0x360 [ 605.112219][T18441] warn_alloc+0x210/0x300 [ 605.116613][T18441] ? zone_watermark_ok_safe+0x230/0x230 [ 605.122233][T18441] ? _raw_spin_unlock+0x28/0x40 [ 605.126753][ T28] audit: type=1326 audit(604.968:5752): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18505 comm="syz.3.5099" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbee378f749 code=0x7ffc0000 [ 605.127120][T18441] ? __kmem_cache_free+0xba/0x1f0 [ 605.153997][T18441] __vmalloc_node_range+0x662/0x1320 [ 605.159366][T18441] ? free_vm_area+0x50/0x50 [ 605.163909][T18441] ? kvmalloc_node+0x70/0x180 [ 605.168619][T18441] ? rcu_is_watching+0x15/0xb0 [ 605.173406][T18441] ? kvmalloc_node+0x70/0x180 [ 605.178100][T18441] ? trace_kmalloc+0x1f/0xa0 [ 605.182770][T18441] kvmalloc_node+0x13f/0x180 [ 605.187418][T18441] ? translate_table+0x19c/0x2020 [ 605.192481][T18441] translate_table+0x19c/0x2020 [ 605.197403][T18441] ? ip6t_register_table+0x7b0/0x7b0 [ 605.202797][T18441] ? __might_fault+0xaa/0x120 [ 605.207497][T18441] ? __lock_acquire+0x7c80/0x7c80 [ 605.212548][T18441] ? __virt_addr_valid+0x18c/0x540 [ 605.217719][T18441] ? __might_fault+0xaa/0x120 [ 605.223136][T18441] ? __might_fault+0xc6/0x120 [ 605.227883][T18441] ? __might_fault+0xaa/0x120 [ 605.232674][T18441] do_ip6t_set_ctl+0x969/0xcd0 [ 605.237483][T18441] ? ip6t_unregister_table_exit+0x230/0x230 [ 605.243423][T18441] ? __lock_acquire+0x7c80/0x7c80 [ 605.248496][T18441] ? rcu_is_watching+0x15/0xb0 [ 605.253312][T18441] ? trace_contention_end+0x39/0xe0 [ 605.258560][T18441] ? __mutex_unlock_slowpath+0x1a2/0x6a0 [ 605.264228][T18441] ? mutex_unlock+0x10/0x10 [ 605.268758][T18441] ? __might_sleep+0xe0/0xe0 [ 605.273372][T18441] ? mutex_lock_nested+0x20/0x20 [ 605.278346][T18441] nf_setsockopt+0x263/0x280 [ 605.282964][T18441] ? sock_common_recvmsg+0x1b0/0x1b0 [ 605.288274][T18441] smc_setsockopt+0x229/0xab0 [ 605.292983][T18441] ? smc_shutdown+0x9b0/0x9b0 [ 605.297724][T18441] ? __fget_files+0x28/0x4d0 [ 605.302450][T18441] ? bpf_lsm_socket_setsockopt+0x9/0x10 [ 605.308037][T18441] ? security_socket_setsockopt+0x7e/0xa0 [ 605.313779][T18441] ? smc_shutdown+0x9b0/0x9b0 [ 605.318492][T18441] do_sock_setsockopt+0x175/0x1a0 [ 605.323548][T18441] ? __fdget+0x180/0x210 [ 605.327820][T18441] __x64_sys_setsockopt+0x184/0x200 [ 605.333060][T18441] do_syscall_64+0x55/0xb0 [ 605.337510][T18441] ? clear_bhb_loop+0x40/0x90 [ 605.342211][T18441] ? clear_bhb_loop+0x40/0x90 [ 605.346933][T18441] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 605.352870][T18441] RIP: 0033:0x7f6f3e58f749 [ 605.357399][T18441] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 605.377050][T18441] RSP: 002b:00007f6f3f51b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 605.385498][T18441] RAX: ffffffffffffffda RBX: 00007f6f3e7e5fa0 RCX: 00007f6f3e58f749 [ 605.393499][T18441] RDX: 0000000000000040 RSI: 0000000000000029 RDI: 0000000000000003 [ 605.401494][T18441] RBP: 00007f6f3e613f91 R08: 0000000000000330 R09: 0000000000000000 [ 605.409484][T18441] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000 [ 605.417489][T18441] R13: 00007f6f3e7e6038 R14: 00007f6f3e7e5fa0 R15: 00007ffef8f88e18 [ 605.425497][T18441] [ 605.445557][T18441] Mem-Info: [ 605.449951][T18441] active_anon:5482 inactive_anon:0 isolated_anon:0 [ 605.449951][T18441] active_file:16160 inactive_file:40673 isolated_file:0 [ 605.449951][T18441] unevictable:768 dirty:30 writeback:0 [ 605.449951][T18441] slab_reclaimable:11602 slab_unreclaimable:138593 [ 605.449951][T18441] mapped:24034 shmem:2616 pagetables:453 [ 605.449951][T18441] sec_pagetables:0 bounce:0 [ 605.449951][T18441] kernel_misc_reclaimable:0 [ 605.449951][T18441] free:1279862 free_pcp:9505 free_cma:0 [ 605.474211][ T28] audit: type=1326 audit(604.968:5753): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18505 comm="syz.3.5099" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbee378f749 code=0x7ffc0000 [ 605.512145][T18441] Node 0 active_anon:22028kB inactive_anon:0kB active_file:64640kB inactive_file:162484kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:96136kB dirty:120kB writeback:0kB shmem:8928kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:13876kB pagetables:1812kB sec_pagetables:0kB all_unreclaimable? no [ 605.547877][ T28] audit: type=1326 audit(604.968:5754): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18505 comm="syz.3.5099" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbee378f749 code=0x7ffc0000 [ 605.598111][T18441] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:208kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no [ 605.631456][T18441] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 605.638356][ T28] audit: type=1326 audit(604.968:5755): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18505 comm="syz.3.5099" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbee378f749 code=0x7ffc0000 [ 605.658867][T18441] lowmem_reserve[]: 0 2525 2526 2526 2526 [ 605.658928][T18441] Node 0 DMA32 free:1203868kB boost:0kB min:34676kB low:43344kB high:52012kB reserved_highatomic:0KB active_anon:17020kB inactive_anon:0kB active_file:64640kB inactive_file:161152kB unevictable:1536kB writepending:116kB present:3129332kB managed:2589596kB mlocked:0kB bounce:0kB free_pcp:23200kB local_pcp:12164kB free_cma:0kB [ 605.658992][T18441] lowmem_reserve[]: 0 0 1 1 1 [ 605.681546][ T28] audit: type=1326 audit(604.968:5756): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18505 comm="syz.3.5099" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbee378f749 code=0x7ffc0000 [ 605.770354][T18441] Node 0 Normal free:8kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB active_anon:48kB inactive_anon:0kB active_file:0kB inactive_file:1316kB unevictable:0kB writepending:4kB present:1048576kB managed:1384kB mlocked:0kB bounce:0kB free_pcp:12kB local_pcp:12kB free_cma:0kB [ 605.829789][T18441] lowmem_reserve[]: 0 0 0 0 0 [ 605.833837][ T28] audit: type=1326 audit(604.968:5757): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18505 comm="syz.3.5099" exe="/root/syz-executor" sig=0 arch=c000003e syscall=326 compat=0 ip=0x7fbee378f749 code=0x7ffc0000 [ 605.888058][ T28] audit: type=1326 audit(604.968:5758): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18505 comm="syz.3.5099" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbee378f749 code=0x7ffc0000 [ 605.890397][T18441] Node 1 Normal free:3900212kB boost:0kB min:55208kB low:69008kB high:82808kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:208kB unevictable:1536kB writepending:0kB present:4194304kB managed:4117312kB mlocked:0kB bounce:0kB free_pcp:19748kB local_pcp:9216kB free_cma:0kB [ 605.950500][ T28] audit: type=1326 audit(604.968:5759): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18505 comm="syz.3.5099" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbee378f749 code=0x7ffc0000 [ 606.012216][T18441] lowmem_reserve[]: 0 0 0 0 0 [ 606.017033][T18441] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 606.070899][T18441] Node 0 DMA32: 1767*4kB (UME) 663*8kB (ME) 493*16kB (UME) 347*32kB (ME) 221*64kB (UME) 442*128kB (UM) 211*256kB (UME) 99*512kB (UME) 47*1024kB (UM) 29*2048kB (UM) 217*4096kB (UM) = 1203140kB [ 606.090723][T18441] Node 0 Normal: 0*4kB 1*8kB (M) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB [ 606.103187][T18441] Node 1 Normal: 175*4kB (UME) 49*8kB (UME) 35*16kB (UME) 94*32kB (UME) 30*64kB (UME) 3*128kB (UM) 4*256kB (UME) 0*512kB 1*1024kB (E) 2*2048kB (UE) 949*4096kB (M) = 3900212kB [ 606.121012][T18441] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 606.130882][T18441] Node 0 hugepages_total=3 hugepages_free=3 hugepages_surp=0 hugepages_size=2048kB [ 606.143701][T18441] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 606.175916][T18524] syz.0.5107[18524] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 606.176058][T18524] syz.0.5107[18524] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 606.182695][T18441] Node 1 hugepages_total=1 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB [ 606.230151][T18441] 60422 total pagecache pages [ 606.235001][T18441] 0 pages in swap cache [ 606.239204][T18441] Free swap = 124528kB [ 606.260208][T18441] Total swap = 124996kB [ 606.264440][T18441] 2097051 pages RAM [ 606.268303][T18441] 0 pages HighMem/MovableOnly [ 606.280136][T18441] 416138 pages reserved [ 606.284414][T18441] 0 pages cma reserved [ 606.363611][T18514] netlink: 24 bytes leftover after parsing attributes in process `syz.2.5102'. [ 606.439233][T18529] block device autoloading is deprecated and will be removed. [ 606.946860][T18537] caif0: entered promiscuous mode [ 606.952348][T18537] caif0: entered allmulticast mode [ 607.232866][T18549] netlink: 96 bytes leftover after parsing attributes in process `syz.1.5120'. [ 607.423634][T18558] hub 9-0:1.0: USB hub found [ 607.434702][T18558] hub 9-0:1.0: 1 port detected [ 607.450798][T18561] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(3) [ 607.457395][T18561] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 607.481109][T18561] vhci_hcd vhci_hcd.0: Device attached [ 607.504204][T18561] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 607.529686][T18561] vhci_hcd vhci_hcd.0: pdev(1) rhport(2) sockfd(7) [ 607.536279][T18561] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 607.554843][T18561] vhci_hcd vhci_hcd.0: Device attached [ 607.561273][T18564] vhci_hcd: connection closed [ 607.562074][T18562] vhci_hcd: connection closed [ 607.572431][ T1140] vhci_hcd: stop threads [ 607.596127][ T1140] vhci_hcd: release socket [ 607.611912][ T1140] vhci_hcd: disconnect device [ 607.616934][ T1140] vhci_hcd: stop threads [ 607.626990][ T1140] vhci_hcd: release socket [ 607.637166][ T1140] vhci_hcd: disconnect device [ 607.680221][T10786] vhci_hcd: vhci_device speed not set [ 609.358083][ T28] audit: type=1326 audit(609.308:5760): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18587 comm="syz.1.5134" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6f3e58f749 code=0x7ffc0000 [ 609.735322][T18598] loop3: detected capacity change from 0 to 512 [ 609.756257][T18598] EXT4-fs: Ignoring removed nomblk_io_submit option [ 609.775673][T18598] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 609.790486][ T5103] Bluetooth: hci3: command 0x1003 tx timeout [ 609.798508][ T5794] Bluetooth: hci3: Opcode 0x1003 failed: -110 [ 609.875216][T18598] EXT4-fs error (device loop3): ext4_xattr_inode_iget:440: comm syz.3.5139: Parent and EA inode have the same ino 15 [ 609.894478][T18598] EXT4-fs (loop3): Remounting filesystem read-only [ 609.923850][T18598] EXT4-fs (loop3): 1 orphan inode deleted [ 609.952536][T18598] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 610.082856][T17924] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 610.181172][T18608] loop2: detected capacity change from 0 to 2048 [ 610.226394][T18608] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 610.340781][T18608] EXT4-fs error (device loop2): ext4_validate_block_bitmap:439: comm syz.2.5142: bg 0: block 345: padding at end of block bitmap is not set [ 610.379538][T18608] EXT4-fs (loop2): Remounting filesystem read-only [ 610.403014][T18608] EXT4-fs warning (device loop2): ext4_xattr_inode_lookup_create:1619: inode #18: comm syz.2.5142: cleanup dec ref error -117 [ 610.527353][T17229] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 611.529045][T18636] loop2: detected capacity change from 0 to 128 [ 611.728370][T18640] loop3: detected capacity change from 0 to 1024 [ 611.751613][T18640] EXT4-fs: inline encryption not supported [ 611.766508][T18640] EXT4-fs: Ignoring removed nobh option [ 611.776617][T18640] EXT4-fs: Ignoring removed bh option [ 611.800258][T18640] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 611.856227][T18640] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 611.879552][T18650] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5158'. [ 611.898478][T18650] bond0: entered promiscuous mode [ 611.909548][T18650] bond_slave_0: entered promiscuous mode [ 611.918842][T18640] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4031: comm syz.3.5155: Allocating blocks 385-513 which overlap fs metadata [ 611.930666][T18650] bond_slave_1: entered promiscuous mode [ 611.945486][T18650] gretap0: entered promiscuous mode [ 611.958517][T18650] hsr1: entered promiscuous mode [ 611.964922][T18639] EXT4-fs (loop3): pa ffff888030195bc8: logic 16, phys. 129, len 24 [ 611.973119][T18639] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:5372: group 0, free 0, pa_free 8 [ 612.019395][T17924] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 612.089295][ T28] kauditd_printk_skb: 8 callbacks suppressed [ 612.089308][ T28] audit: type=1326 audit(612.038:5769): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18653 comm="syz.1.5161" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6f3e58f749 code=0x7ffc0000 [ 612.142535][ T28] audit: type=1326 audit(612.068:5770): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18653 comm="syz.1.5161" exe="/root/syz-executor" sig=0 arch=c000003e syscall=37 compat=0 ip=0x7f6f3e58f749 code=0x7ffc0000 [ 612.197260][ T28] audit: type=1326 audit(612.068:5771): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18653 comm="syz.1.5161" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6f3e58f749 code=0x7ffc0000 [ 612.241981][ T28] audit: type=1326 audit(612.068:5772): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18653 comm="syz.1.5161" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6f3e58f749 code=0x7ffc0000 [ 612.438707][T18664] pimreg: entered allmulticast mode [ 612.449527][T18664] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5165'. [ 612.461226][T18664] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5165'. [ 612.500685][T18664] loop3: detected capacity change from 0 to 512 [ 612.517148][T18664] EXT4-fs error (device loop3): ext4_orphan_get:1425: comm syz.3.5165: bad orphan inode 13 [ 612.551768][T18664] ext4_test_bit(bit=12, block=4) = 1 [ 612.557134][T18664] is_bad_inode(inode)=0 [ 612.579362][T18664] NEXT_ORPHAN(inode)=0 [ 612.588897][T18664] max_ino=32 [ 612.602432][T18664] i_nlink=1 [ 612.607048][T18664] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 612.660166][T18664] EXT4-fs warning (device loop3): dx_probe:833: inode #2: comm syz.3.5165: Unrecognised inode hash code 20 [ 612.681239][T18664] EXT4-fs warning (device loop3): dx_probe:966: inode #2: comm syz.3.5165: Corrupt directory, running e2fsck is recommended [ 612.694568][T18664] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2249: inode #15: comm syz.3.5165: corrupted in-inode xattr: e_value out of bounds [ 612.725893][T18662] pimreg: left allmulticast mode [ 612.764238][T18677] loop2: detected capacity change from 0 to 512 [ 612.788328][T18677] EXT4-fs error (device loop2): ext4_orphan_get:1399: inode #15: comm syz.2.5171: inode has both inline data and extents flags [ 612.821408][T18677] EXT4-fs error (device loop2): ext4_orphan_get:1404: comm syz.2.5171: couldn't read orphan inode 15 (err -117) [ 612.845875][T18677] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 612.995782][T17924] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 613.010225][T18685] loop2: detected capacity change from 512 to 64 [ 613.042439][T18677] syz.2.5171: attempt to access beyond end of device [ 613.042439][T18677] loop2: rw=14337, sector=510, nr_sectors = 2 limit=64 [ 613.064227][T18690] loop1: detected capacity change from 0 to 2048 [ 613.073821][T18677] Buffer I/O error on dev loop2, logical block 255, lost sync page write [ 613.085816][T18677] EXT4-fs error (device loop2): ext4_splice_branch:472: inode #19: block 255: comm syz.2.5171: IO error syncing itable block [ 613.101187][T18677] EXT4-fs error (device loop2): ext4_check_bdev_write_error:225: comm syz.2.5171: Error while async write back metadata [ 613.118356][T18677] syz.2.5171: attempt to access beyond end of device [ 613.118356][T18677] loop2: rw=2051, sector=284, nr_sectors = 2 limit=64 [ 613.132272][T18690] loop1: p1 < > p4 [ 613.137892][T18690] loop1: p4 size 8388608 extends beyond EOD, truncated [ 613.145247][T18677] EXT4-fs (loop2): discard request in group:0 block:141 count:1 failed with -5 [ 613.152229][T18693] loop3: detected capacity change from 0 to 1024 [ 613.156564][T18677] EXT4-fs error (device loop2): mb_free_blocks:1938: group 0, inode 19: block 142:freeing already freed block (bit 141); block bitmap corrupt. [ 613.167211][T18693] EXT4-fs: Ignoring removed oldalloc option [ 613.177703][T18677] EXT4-fs (loop2): pa ffff8880773d63a0: logic 32, phys. 97, len 96 [ 613.186077][T18693] EXT4-fs: Ignoring removed bh option [ 613.189831][T18677] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:5372: group 0, free 83, pa_free 82 [ 613.211884][T18693] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 613.223117][T18677] syz.2.5171: attempt to access beyond end of device [ 613.223117][T18677] loop2: rw=14337, sector=510, nr_sectors = 2 limit=64 [ 613.223276][T18677] Buffer I/O error on dev loop2, logical block 255, lost sync page write [ 613.223302][T18677] EXT4-fs error (device loop2): ext4_free_data:985: inode #19: block 255: comm syz.2.5171: IO error syncing itable block [ 613.234419][T18677] EXT4-fs error (device loop2): ext4_check_bdev_write_error:225: comm syz.2.5171: Error while async write back metadata [ 613.272414][T18677] syz.2.5171: attempt to access beyond end of device [ 613.272414][T18677] loop2: rw=2049, sector=446, nr_sectors = 4 limit=64 [ 613.287433][T18677] EXT4-fs warning (device loop2): ext4_end_bio:357: I/O error 10 writing to inode 19 starting block 223) [ 613.299816][T18677] Buffer I/O error on device loop2, logical block 223 [ 613.307277][T18677] Buffer I/O error on device loop2, logical block 224 [ 613.307939][T18693] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 613.316124][T18677] syz.2.5171: attempt to access beyond end of device [ 613.316124][T18677] loop2: rw=2049, sector=130, nr_sectors = 64 limit=64 [ 613.340860][T18677] EXT4-fs warning (device loop2): ext4_end_bio:357: I/O error 10 writing to inode 19 starting block 65) [ 613.352096][T18677] Buffer I/O error on device loop2, logical block 65 [ 613.358815][T18677] Buffer I/O error on device loop2, logical block 66 [ 613.365512][T18677] Buffer I/O error on device loop2, logical block 67 [ 613.372224][T18677] Buffer I/O error on device loop2, logical block 68 [ 613.379211][T18677] Buffer I/O error on device loop2, logical block 69 [ 613.385928][T18677] Buffer I/O error on device loop2, logical block 70 [ 613.392730][T18677] Buffer I/O error on device loop2, logical block 71 [ 613.399435][T18677] Buffer I/O error on device loop2, logical block 72 [ 613.410900][T18677] syz.2.5171: attempt to access beyond end of device [ 613.410900][T18677] loop2: rw=2049, sector=258, nr_sectors = 24 limit=64 [ 613.437852][ T28] audit: type=1804 audit(613.368:5773): pid=18693 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.5177" name="/newroot/58/file1/bus" dev="loop3" ino=18 res=1 errno=0 [ 613.468592][T18677] EXT4-fs warning (device loop2): ext4_end_bio:357: I/O error 10 writing to inode 19 starting block 129) [ 613.560500][T17229] EXT4-fs warning (device loop2): htree_dirblock_to_tree:1083: inode #2: lblock 0: comm syz-executor: error -12 reading directory block [ 613.634279][T17229] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 613.807021][ T28] audit: type=1326 audit(613.758:5774): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18696 comm="syz.1.5178" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6f3e58f749 code=0x7ffc0000 [ 613.835481][ T28] audit: type=1326 audit(613.788:5775): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18696 comm="syz.1.5178" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6f3e58f749 code=0x7ffc0000 [ 613.864658][T17924] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 613.903756][ T28] audit: type=1326 audit(613.788:5776): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18696 comm="syz.1.5178" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6f3e58f749 code=0x7ffc0000 [ 613.927528][ T28] audit: type=1326 audit(613.788:5777): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18696 comm="syz.1.5178" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f6f3e58f749 code=0x7ffc0000 [ 613.952774][ T28] audit: type=1326 audit(613.788:5778): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18696 comm="syz.1.5178" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6f3e58f749 code=0x7ffc0000 [ 614.380869][T18715] xt_hashlimit: max too large, truncated to 1048576 [ 614.482957][T18717] netlink: 12 bytes leftover after parsing attributes in process `syz.3.5189'. [ 614.504429][T18717] netlink: 12 bytes leftover after parsing attributes in process `syz.3.5189'. [ 614.790990][T18718] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 614.856791][T18721] loop3: detected capacity change from 0 to 1024 [ 614.857657][T18713] lo speed is unknown, defaulting to 1000 [ 614.875818][T18721] EXT4-fs: Ignoring removed orlov option [ 614.889308][T18721] EXT4-fs: inline encryption not supported [ 614.920231][T18721] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 614.952528][ T5103] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 614.964123][ T5103] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 614.982290][ T5103] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 614.995014][T18718] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 615.006528][ T5103] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 615.018765][ T5103] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 615.024709][T17924] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 615.035223][ T5103] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 615.127322][T18718] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 615.350743][T18727] loop3: detected capacity change from 0 to 8192 [ 615.385842][T18718] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 615.446729][T18727] syz.3.5191: attempt to access beyond end of device [ 615.446729][T18727] loop3: rw=0, sector=57847, nr_sectors = 1 limit=8192 [ 615.466614][T18724] lo speed is unknown, defaulting to 1000 [ 615.495328][T18727] Buffer I/O error on dev loop3, logical block 57847, async page read [ 615.522489][T18727] syz.3.5191: attempt to access beyond end of device [ 615.522489][T18727] loop3: rw=0, sector=57847, nr_sectors = 1 limit=8192 [ 615.538152][T18727] Buffer I/O error on dev loop3, logical block 57847, async page read [ 615.613496][T18718] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 615.647042][T18718] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 615.683629][T18718] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 615.715193][T18718] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 615.936424][T18724] chnl_net:caif_netlink_parms(): no params data found [ 616.249090][T18724] bridge0: port 1(bridge_slave_0) entered blocking state [ 616.266186][T18724] bridge0: port 1(bridge_slave_0) entered disabled state [ 616.286004][T18724] bridge_slave_0: entered allmulticast mode [ 616.302516][T18724] bridge_slave_0: entered promiscuous mode [ 616.319064][T18724] bridge0: port 2(bridge_slave_1) entered blocking state [ 616.326512][T18724] bridge0: port 2(bridge_slave_1) entered disabled state [ 616.334113][T18724] bridge_slave_1: entered allmulticast mode [ 616.342038][T18724] bridge_slave_1: entered promiscuous mode [ 616.495763][T18724] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 616.507207][T18764] $Hÿ: renamed from bond0 [ 616.518292][T18764] $Hÿ: entered promiscuous mode [ 616.523661][T18764] bond_slave_0: entered promiscuous mode [ 616.529630][T18764] bond_slave_1: entered promiscuous mode [ 616.543247][T18724] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 616.733910][T18724] team0: Port device team_slave_0 added [ 616.749624][T18724] team0: Port device team_slave_1 added [ 616.755860][T18770] netlink: 12 bytes leftover after parsing attributes in process `syz.3.5205'. [ 616.766991][T18770] netlink: 36 bytes leftover after parsing attributes in process `syz.3.5205'. [ 616.826296][T18770] bridge0: port 3(vlan2) entered blocking state [ 616.844035][T18770] bridge0: port 3(vlan2) entered disabled state [ 616.863809][T18770] vlan2: entered allmulticast mode [ 616.869024][T18770] bridge0: entered allmulticast mode [ 616.887400][T18770] vlan2: left allmulticast mode [ 616.900440][T18770] bridge0: left allmulticast mode [ 616.934029][T18774] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies. [ 617.071548][ T5794] Bluetooth: hci0: command tx timeout [ 617.136081][T18724] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 617.147073][T18724] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 617.175970][T18724] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 617.190369][T18724] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 617.197375][T18724] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 617.240378][T18724] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 617.365428][T18724] hsr_slave_0: entered promiscuous mode [ 617.368136][T18782] program syz.3.5210 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 617.387135][T18724] hsr_slave_1: entered promiscuous mode [ 617.407191][T18724] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 617.415976][ T28] kauditd_printk_skb: 4 callbacks suppressed [ 617.415991][ T28] audit: type=1326 audit(617.368:5783): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18781 comm="syz.3.5210" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbee378f749 code=0x7ffc0000 [ 617.420141][T18724] Cannot create hsr debugfs directory [ 617.447479][ T28] audit: type=1326 audit(617.378:5784): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18781 comm="syz.3.5210" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbee378f749 code=0x7ffc0000 [ 617.493696][ T28] audit: type=1326 audit(617.378:5785): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18781 comm="syz.3.5210" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7fbee378f749 code=0x7ffc0000 [ 617.571711][ T28] audit: type=1326 audit(617.378:5786): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18781 comm="syz.3.5210" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fbee378f783 code=0x7ffc0000 [ 617.629893][ T28] audit: type=1326 audit(617.378:5787): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18781 comm="syz.3.5210" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fbee378f783 code=0x7ffc0000 [ 617.659614][ T28] audit: type=1326 audit(617.378:5788): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18781 comm="syz.3.5210" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbee378f749 code=0x7ffc0000 [ 617.688830][ T28] audit: type=1326 audit(617.388:5789): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18781 comm="syz.3.5210" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbee378f749 code=0x7ffc0000 [ 617.716369][ T28] audit: type=1326 audit(617.388:5790): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18781 comm="syz.3.5210" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbee378f749 code=0x7ffc0000 [ 617.739130][ T28] audit: type=1326 audit(617.388:5791): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18781 comm="syz.3.5210" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbee378f749 code=0x7ffc0000 [ 617.762043][ T28] audit: type=1326 audit(617.388:5792): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18781 comm="syz.3.5210" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbee378f749 code=0x7ffc0000 [ 618.176408][T18724] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 618.231947][T18724] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 618.283430][T18724] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 618.320012][T18724] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 618.445371][T18795] loop3: detected capacity change from 0 to 512 [ 618.528540][T18795] EXT4-fs error (device loop3): ext4_validate_block_bitmap:430: comm syz.3.5213: bg 0: block 16: invalid block bitmap [ 618.600533][T18795] EXT4-fs (loop3): Remounting filesystem read-only [ 618.642751][T18795] EXT4-fs (loop3): 1 truncate cleaned up [ 618.649871][T18795] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 618.721542][T18724] 8021q: adding VLAN 0 to HW filter on device bond0 [ 618.771821][T18724] 8021q: adding VLAN 0 to HW filter on device team0 [ 618.807488][ T1140] bridge0: port 1(bridge_slave_0) entered blocking state [ 618.814739][ T1140] bridge0: port 1(bridge_slave_0) entered forwarding state [ 618.854197][ T1140] bridge0: port 2(bridge_slave_1) entered blocking state [ 618.861455][ T1140] bridge0: port 2(bridge_slave_1) entered forwarding state [ 619.154265][ T5794] Bluetooth: hci0: command tx timeout [ 619.209735][T18791] lo speed is unknown, defaulting to 1000 [ 619.309166][T18724] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 619.323539][T17924] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 619.974491][T18724] veth0_vlan: entered promiscuous mode [ 620.005056][T18724] veth1_vlan: entered promiscuous mode [ 620.086743][T18724] veth0_macvtap: entered promiscuous mode [ 620.109507][T18724] veth1_macvtap: entered promiscuous mode [ 620.199305][T18724] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 620.219429][T18724] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 620.233380][T18724] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 620.283268][T18724] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 620.298330][T18724] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 620.312104][T18724] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 620.339471][T18724] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 620.354098][T18724] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 620.364814][T18724] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 620.381316][T18724] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 620.554311][T18817] lo speed is unknown, defaulting to 1000 [ 620.563450][T15443] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 620.580134][T15443] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 620.658135][T15443] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 620.677917][T15443] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 620.881538][T18821] netlink: 'syz.4.5185': attribute type 1 has an invalid length. [ 621.241851][ T5794] Bluetooth: hci0: command tx timeout [ 622.636697][T18844] xt_hashlimit: max too large, truncated to 1048576 [ 623.319140][ T5794] Bluetooth: hci0: command tx timeout [ 623.672245][T18870] binfmt_misc: register: failed to install interpreter file ./file2 [ 623.778466][ T28] kauditd_printk_skb: 81 callbacks suppressed [ 623.778482][ T28] audit: type=1326 audit(623.728:5874): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18871 comm="syz.4.5235" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feeecf8f749 code=0x7ffc0000 [ 623.843570][ T28] audit: type=1326 audit(623.728:5875): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18871 comm="syz.4.5235" exe="/root/syz-executor" sig=0 arch=c000003e syscall=97 compat=0 ip=0x7feeecf8f749 code=0x7ffc0000 [ 623.899765][ T28] audit: type=1326 audit(623.728:5876): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18871 comm="syz.4.5235" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feeecf8f749 code=0x7ffc0000 [ 623.922497][T18874] netlink: 132 bytes leftover after parsing attributes in process `syz.0.5236'. [ 623.957177][ T28] audit: type=1326 audit(623.748:5877): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18871 comm="syz.4.5235" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feeecf8f749 code=0x7ffc0000 [ 624.106094][ T28] audit: type=1326 audit(624.058:5878): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18880 comm="syz.0.5239" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e34b8f749 code=0x7ffc0000 [ 624.136664][T18882] loop4: detected capacity change from 0 to 512 [ 624.160481][ T28] audit: type=1326 audit(624.098:5879): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18880 comm="syz.0.5239" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e34b8f749 code=0x7ffc0000 [ 624.209653][T18882] ext4: Unknown parameter 'noacl' [ 624.220486][ T28] audit: type=1326 audit(624.098:5880): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18880 comm="syz.0.5239" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e34b8f749 code=0x7ffc0000 [ 624.280227][ T28] audit: type=1326 audit(624.098:5881): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18880 comm="syz.0.5239" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0e34b8f749 code=0x7ffc0000 [ 624.311070][T18884] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5241'. [ 624.330619][ T28] audit: type=1326 audit(624.098:5882): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18880 comm="syz.0.5239" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e34b8f749 code=0x7ffc0000 [ 624.393810][ T28] audit: type=1326 audit(624.098:5883): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18880 comm="syz.0.5239" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e34b8f749 code=0x7ffc0000 [ 624.595056][ T1279] ieee802154 phy0 wpan0: encryption failed: -22 [ 624.996502][ T9002] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 625.013258][ T9002] hid-generic 0000:0000:0000.0005: hidraw0: HID v0.00 Device [syz1] on syz0 [ 625.140441][T18768] Set syz1 is full, maxelem 65536 reached [ 625.768617][T18938] syz.0.5262[18938] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 625.768760][T18938] syz.0.5262[18938] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 626.064493][T18947] netlink: 168 bytes leftover after parsing attributes in process `syz.3.5266'. [ 626.342364][T18924] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 626.349064][T18924] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 626.413075][T18924] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 626.448825][T18924] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 626.463872][T18924] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 626.747701][T18924] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 626.955740][T18924] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 627.148339][T18924] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 627.205494][T18924] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 627.246462][T18924] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 627.270472][T18924] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 627.286939][T18958] netlink: 52 bytes leftover after parsing attributes in process `syz.1.5270'. [ 627.353127][T18924] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 627.455451][T18962] netlink: 822 bytes leftover after parsing attributes in process `syz.1.5273'. [ 627.483525][T18962] bridge: RTM_NEWNEIGH with unconfigured vlan 1033 on bridge0 [ 627.505259][T18964] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5275'. [ 627.533658][T18964] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5275'. [ 627.567941][ T5103] Bluetooth: hci4: command 0x0c1a tx timeout [ 627.664267][T18970] loop4: detected capacity change from 0 to 1024 [ 627.672161][T18970] EXT4-fs: Ignoring removed oldalloc option [ 627.678131][T18970] EXT4-fs: Ignoring removed bh option [ 627.693620][T18970] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 627.750430][T18970] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 627.848835][T18970] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4031: comm syz.4.5277: Allocating blocks 497-513 which overlap fs metadata [ 627.871357][T18970] EXT4-fs (loop4): pa ffff8880773d6bc8: logic 256, phys. 385, len 8 [ 627.879940][T18970] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:5372: group 0, free 0, pa_free 1 [ 627.917758][T18982] loop1: detected capacity change from 0 to 512 [ 627.933588][T18982] EXT4-fs (loop1): orphan cleanup on readonly fs [ 627.941859][T18982] EXT4-fs error (device loop1): ext4_orphan_get:1425: comm syz.1.5280: bad orphan inode 13 [ 627.968763][T18982] ext4_test_bit(bit=12, block=18) = 1 [ 627.974574][T18982] is_bad_inode(inode)=0 [ 627.978867][T18982] NEXT_ORPHAN(inode)=2130706432 [ 627.983874][T18982] max_ino=32 [ 627.987259][T18982] i_nlink=1 [ 627.992540][T18982] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 628.022696][T18982] EXT4-fs (loop1): warning: mounting fs with errors, running e2fsck is recommended [ 628.070896][T18982] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 r/w. [ 628.085639][T18724] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 628.145298][T18130] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 628.468429][T18999] loop1: detected capacity change from 0 to 128 [ 628.510271][ T5103] Bluetooth: hci2: command 0x0c1a tx timeout [ 628.783046][ T28] kauditd_printk_skb: 227 callbacks suppressed [ 628.783061][ T28] audit: type=1326 audit(628.738:6111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18998 comm="syz.1.5287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f6f3e5865e7 code=0x7ffc0000 [ 628.815933][ T28] audit: type=1326 audit(628.768:6112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18998 comm="syz.1.5287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f6f3e52b829 code=0x7ffc0000 [ 628.848207][ T28] audit: type=1326 audit(628.768:6113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18998 comm="syz.1.5287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f6f3e5865e7 code=0x7ffc0000 [ 628.871798][ T28] audit: type=1326 audit(628.768:6114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18998 comm="syz.1.5287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f6f3e52b829 code=0x7ffc0000 [ 628.896091][ T28] audit: type=1326 audit(628.768:6115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18998 comm="syz.1.5287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f6f3e5865e7 code=0x7ffc0000 [ 628.919078][ T28] audit: type=1326 audit(628.768:6116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18998 comm="syz.1.5287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f6f3e52b829 code=0x7ffc0000 [ 628.944456][ T28] audit: type=1326 audit(628.768:6117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18998 comm="syz.1.5287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f6f3e58f749 code=0x7ffc0000 [ 628.978817][ T28] audit: type=1326 audit(628.768:6118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18998 comm="syz.1.5287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6f3e58f749 code=0x7ffc0000 [ 629.004427][ T28] audit: type=1326 audit(628.768:6119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18998 comm="syz.1.5287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=244 compat=0 ip=0x7f6f3e58f749 code=0x7ffc0000 [ 629.026399][ T5103] Bluetooth: hci1: command 0x0c1a tx timeout [ 629.066470][ T28] audit: type=1326 audit(628.768:6120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18998 comm="syz.1.5287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6f3e58f749 code=0x7ffc0000 [ 629.310698][ T5103] Bluetooth: hci0: command 0x0c1a tx timeout [ 629.625182][T19022] syz.1.5296[19022] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 629.625335][T19022] syz.1.5296[19022] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 629.626870][T19019] loop4: detected capacity change from 0 to 512 [ 629.650319][ T5103] Bluetooth: hci4: command 0x0c1a tx timeout [ 629.697807][T19019] EXT4-fs warning (device loop4): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 629.724781][T19021] netlink: 16 bytes leftover after parsing attributes in process `syz.0.5291'. [ 629.775007][T19019] EXT4-fs (loop4): mount failed [ 629.788996][T19026] netlink: 16 bytes leftover after parsing attributes in process `+}[@'. [ 630.039831][T19011] lo speed is unknown, defaulting to 1000 [ 630.069618][T19035] loop1: detected capacity change from 0 to 164 [ 630.337898][T19045] loop4: detected capacity change from 0 to 512 [ 630.354080][T19045] EXT4-fs: Ignoring removed oldalloc option [ 630.375200][T19045] EXT4-fs (loop4): 1 truncate cleaned up [ 630.385831][T19045] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 630.502930][T18724] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 630.590582][ T5103] Bluetooth: hci2: command 0x0c1a tx timeout [ 630.796395][T19059] netlink: 76 bytes leftover after parsing attributes in process `'. [ 630.825412][T19057] loop3: detected capacity change from 0 to 512 [ 630.852146][T19057] EXT4-fs (loop3): orphan cleanup on readonly fs [ 630.880329][T19057] EXT4-fs error (device loop3): ext4_orphan_get:1425: comm syz.3.5308: bad orphan inode 13 [ 630.950479][T19057] ext4_test_bit(bit=12, block=18) = 1 [ 630.982480][T19057] is_bad_inode(inode)=0 [ 630.991718][T19057] NEXT_ORPHAN(inode)=2130706432 [ 631.010324][T19057] max_ino=32 [ 631.015981][T19057] i_nlink=1 [ 631.035397][T19057] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 631.080199][ T5103] Bluetooth: hci1: command 0x0c1a tx timeout [ 631.102708][T19057] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended [ 631.124898][T19057] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 r/w. [ 631.282816][T19068] bridge1: entered promiscuous mode [ 631.288247][T19068] bridge1: entered allmulticast mode [ 631.303763][T19068] team0: Port device bridge1 added [ 631.338082][T19068] bridge0: port 3(team0) entered blocking state [ 631.348801][T19068] bridge0: port 3(team0) entered disabled state [ 631.359183][T19068] team0: entered allmulticast mode [ 631.366828][T19068] team_slave_0: entered allmulticast mode [ 631.377986][T19068] team_slave_1: entered allmulticast mode [ 631.390016][T19068] team0: entered promiscuous mode [ 631.395749][T19068] team_slave_0: entered promiscuous mode [ 631.407506][T19068] team_slave_1: entered promiscuous mode [ 631.417383][T19068] bridge0: port 3(team0) entered blocking state [ 631.425648][T19068] bridge0: port 3(team0) entered forwarding state [ 631.552710][T19057] Bluetooth: hci0: Opcode 0x0c03 failed: -4 [ 631.556319][T19072] xt_recent: Unsupported userspace flags (000000b1) [ 631.622704][T17924] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 631.711150][ T5103] Bluetooth: hci4: command 0x0c1a tx timeout [ 632.633216][T19080] syzkaller0: entered promiscuous mode [ 632.638775][T19080] syzkaller0: entered allmulticast mode [ 632.728582][ T5103] Bluetooth: hci2: command 0x0c1a tx timeout [ 633.017896][T19097] loop1: detected capacity change from 0 to 512 [ 633.046376][T19097] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 633.108931][T19097] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1215: group 0, block bitmap and bg descriptor inconsistent: 214 vs 220 free clusters [ 633.132810][T19097] EXT4-fs (loop1): 1 truncate cleaned up [ 633.142932][T19097] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 633.164127][ T5103] Bluetooth: hci1: command 0x0c1a tx timeout [ 633.273871][T18130] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 634.286574][T19109] loop4: detected capacity change from 0 to 764 [ 634.299296][T19109] rock: directory entry would overflow storage [ 634.306377][T19109] rock: sig=0x4654, size=5, remaining=4 [ 637.571644][T19087] lo speed is unknown, defaulting to 1000 [ 637.761755][T19139] netlink: 36 bytes leftover after parsing attributes in process `syz.1.5333'. [ 637.930909][T19146] vlan2: entered allmulticast mode [ 638.056162][T19149] smc: net device bond0 applied user defined pnetid SYZ0 [ 638.061414][ T28] kauditd_printk_skb: 258 callbacks suppressed [ 638.061432][ T28] audit: type=1326 audit(638.008:6378): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19150 comm="syz.4.5339" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feeecf8f749 code=0x7ffc0000 [ 638.098758][T19149] smc: net device bond0 erased user defined pnetid SYZ0 [ 638.120171][ T28] audit: type=1326 audit(638.048:6379): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19150 comm="syz.4.5339" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7feeecf8f749 code=0x7ffc0000 [ 638.169209][ T28] audit: type=1326 audit(638.048:6380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19150 comm=77DEA305FF07 exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feeecf8f749 code=0x7ffc0000 [ 638.226177][ T28] audit: type=1326 audit(638.048:6381): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19150 comm=77DEA305FF07 exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7feeecf8f749 code=0x7ffc0000 [ 638.248267][T19153] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5340'. [ 638.282664][T19155] loop1: detected capacity change from 0 to 1024 [ 638.290203][ T28] audit: type=1326 audit(638.048:6382): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19150 comm=77DEA305FF07 exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feeecf8f749 code=0x7ffc0000 [ 638.306983][T19155] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 638.330911][T19155] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (42152!=20869) [ 638.350452][ T28] audit: type=1326 audit(638.048:6383): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19150 comm=77DEA305FF07 exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7feeecf8f749 code=0x7ffc0000 [ 638.376915][T19155] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 638.387237][ T28] audit: type=1326 audit(638.048:6384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19150 comm=77DEA305FF07 exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feeecf8f749 code=0x7ffc0000 [ 638.387290][ T28] audit: type=1326 audit(638.048:6385): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19150 comm=77DEA305FF07 exe="/root/syz-executor" sig=0 arch=c000003e syscall=173 compat=0 ip=0x7feeecf8f749 code=0x7ffc0000 [ 638.387335][ T28] audit: type=1326 audit(638.048:6386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19150 comm=77DEA305FF07 exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feeecf8f749 code=0x7ffc0000 [ 638.387380][ T28] audit: type=1326 audit(638.048:6387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19150 comm=77DEA305FF07 exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7feeecf8f749 code=0x7ffc0000 [ 638.494177][T19155] EXT4-fs error (device loop1): ext4_get_journal_inode:5800: inode #5: comm syz.1.5341: unexpected bad inode w/o EXT4_IGET_BAD [ 638.525026][T19155] EXT4-fs (loop1): no journal found [ 638.534598][T19155] EXT4-fs (loop1): can't get journal size [ 638.560515][T19155] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=8800e11c, mo2=0102] [ 638.592133][T19155] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 638.644225][T19167] syz.4.5346[19167] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 638.644373][T19167] syz.4.5346[19167] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 638.859286][T18130] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 639.204740][T19189] [ 639.207152][T19189] ====================================================== [ 639.214201][T19189] WARNING: possible circular locking dependency detected [ 639.221258][T19189] syzkaller #0 Not tainted [ 639.225694][T19189] ------------------------------------------------------ [ 639.232743][T19189] syz.1.5351/19189 is trying to acquire lock: [ 639.238824][T19189] ffff8880b8f29370 (krc.lock){..-.}-{2:2}, at: kvfree_call_rcu+0x15a/0x780 [ 639.247497][T19189] [ 639.247497][T19189] but task is already holding lock: [ 639.254879][T19189] ffff8880b8f29598 (&base->lock){-.-.}-{2:2}, at: lock_timer_base+0x123/0x270 [ 639.263805][T19189] [ 639.263805][T19189] which lock already depends on the new lock. [ 639.263805][T19189] [ 639.274219][T19189] [ 639.274219][T19189] the existing dependency chain (in reverse order) is: [ 639.283241][T19189] [ 639.283241][T19189] -> #1 (&base->lock){-.-.}-{2:2}: [ 639.290574][T19189] _raw_spin_lock_irqsave+0xa8/0xf0 [ 639.296343][T19189] lock_timer_base+0x123/0x270 [ 639.301657][T19189] __mod_timer+0xf9/0xdb0 [ 639.306558][T19189] queue_delayed_work_on+0x12a/0x1e0 [ 639.312386][T19189] kvfree_call_rcu+0x541/0x780 [ 639.317691][T19189] rtnl_register_internal+0x486/0x590 [ 639.323612][T19189] rtnl_register+0x32/0x70 [ 639.328675][T19189] ip_rt_init+0x2ec/0x390 [ 639.333555][T19189] ip_init+0xe/0x20 [ 639.337913][T19189] inet_init+0x2c1/0x3e0 [ 639.342723][T19189] do_one_initcall+0x1fd/0x750 [ 639.348043][T19189] do_initcall_level+0x137/0x1f0 [ 639.353569][T19189] do_initcalls+0x69/0xd0 [ 639.358443][T19189] kernel_init_freeable+0x3d2/0x570 [ 639.364184][T19189] kernel_init+0x1d/0x1c0 [ 639.369071][T19189] ret_from_fork+0x48/0x80 [ 639.374047][T19189] ret_from_fork_asm+0x11/0x20 [ 639.379351][T19189] [ 639.379351][T19189] -> #0 (krc.lock){..-.}-{2:2}: [ 639.386415][T19189] __lock_acquire+0x2ddb/0x7c80 [ 639.391807][T19189] lock_acquire+0x197/0x410 [ 639.396845][T19189] _raw_spin_lock+0x2e/0x40 [ 639.401883][T19189] kvfree_call_rcu+0x15a/0x780 [ 639.407183][T19189] trie_delete_elem+0x535/0x6a0 [ 639.412575][T19189] bpf_prog_41385012b43a9f2e+0x48/0x4c [ 639.418563][T19189] bpf_trace_run3+0x1e7/0x400 [ 639.423802][T19189] __bpf_trace_timer_start+0x14a/0x1b0 [ 639.429801][T19189] __traceiter_timer_start+0x77/0xc0 [ 639.435636][T19189] enqueue_timer+0x398/0x530 [ 639.440758][T19189] __mod_timer+0x977/0xdb0 [ 639.445713][T19189] sk_reset_timer+0x23/0xc0 [ 639.450750][T19189] tipc_sk_finish_conn+0x154/0x7e0 [ 639.456485][T19189] tipc_socketpair+0x254/0x470 [ 639.461823][T19189] __sys_socketpair+0x2b0/0x550 [ 639.467218][T19189] __x64_sys_socketpair+0x9b/0xb0 [ 639.472785][T19189] do_syscall_64+0x55/0xb0 [ 639.477776][T19189] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 639.484204][T19189] [ 639.484204][T19189] other info that might help us debug this: [ 639.484204][T19189] [ 639.494436][T19189] Possible unsafe locking scenario: [ 639.494436][T19189] [ 639.501920][T19189] CPU0 CPU1 [ 639.507374][T19189] ---- ---- [ 639.512743][T19189] lock(&base->lock); [ 639.516837][T19189] lock(krc.lock); [ 639.523176][T19189] lock(&base->lock); [ 639.529776][T19189] lock(krc.lock); [ 639.533599][T19189] [ 639.533599][T19189] *** DEADLOCK *** [ 639.533599][T19189] [ 639.541749][T19189] 2 locks held by syz.1.5351/19189: [ 639.546955][T19189] #0: ffff8880b8f29598 (&base->lock){-.-.}-{2:2}, at: lock_timer_base+0x123/0x270 [ 639.556301][T19189] #1: ffffffff8cd2ff20 (rcu_read_lock){....}-{1:2}, at: bpf_trace_run3+0xf4/0x400 [ 639.565633][T19189] [ 639.565633][T19189] stack backtrace: [ 639.571525][T19189] CPU: 1 PID: 19189 Comm: syz.1.5351 Not tainted syzkaller #0 [ 639.578990][T19189] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 639.589067][T19189] Call Trace: [ 639.592361][T19189] [ 639.595306][T19189] dump_stack_lvl+0x16c/0x230 [ 639.600004][T19189] ? load_image+0x3b0/0x3b0 [ 639.604526][T19189] ? show_regs_print_info+0x20/0x20 [ 639.609744][T19189] ? print_circular_bug+0x12b/0x1a0 [ 639.614962][T19189] check_noncircular+0x2bd/0x3c0 [ 639.619922][T19189] ? print_deadlock_bug+0x5d0/0x5d0 [ 639.625133][T19189] ? lockdep_lock+0xe0/0x220 [ 639.629740][T19189] ? _find_first_zero_bit+0xd3/0x100 [ 639.635057][T19189] __lock_acquire+0x2ddb/0x7c80 [ 639.639935][T19189] ? stack_trace_snprint+0xf0/0xf0 [ 639.645072][T19189] ? __stack_depot_save+0x560/0x630 [ 639.650281][T19189] ? verify_lock_unused+0x140/0x140 [ 639.655585][T19189] ? kasan_save_stack+0x4d/0x60 [ 639.660451][T19189] ? kasan_save_stack+0x3e/0x60 [ 639.665321][T19189] ? __kasan_record_aux_stack+0xaf/0xc0 [ 639.670884][T19189] ? kvfree_call_rcu+0xee/0x780 [ 639.675751][T19189] ? trie_delete_elem+0x535/0x6a0 [ 639.680792][T19189] ? bpf_prog_41385012b43a9f2e+0x48/0x4c [ 639.686433][T19189] ? bpf_trace_run3+0x1e7/0x400 [ 639.691293][T19189] ? __bpf_trace_timer_start+0x14a/0x1b0 [ 639.696950][T19189] ? __traceiter_timer_start+0x77/0xc0 [ 639.702429][T19189] ? enqueue_timer+0x398/0x530 [ 639.707205][T19189] ? __mod_timer+0x977/0xdb0 [ 639.711813][T19189] ? sk_reset_timer+0x23/0xc0 [ 639.716504][T19189] ? tipc_sk_finish_conn+0x154/0x7e0 [ 639.721820][T19189] ? tipc_socketpair+0x254/0x470 [ 639.726770][T19189] ? __sys_socketpair+0x2b0/0x550 [ 639.731817][T19189] ? __x64_sys_socketpair+0x9b/0xb0 [ 639.737037][T19189] ? do_syscall_64+0x55/0xb0 [ 639.741654][T19189] ? entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 639.747835][T19189] lock_acquire+0x197/0x410 [ 639.752355][T19189] ? kvfree_call_rcu+0x15a/0x780 [ 639.757328][T19189] ? read_lock_is_recursive+0x20/0x20 [ 639.762720][T19189] ? __phys_addr+0xba/0x170 [ 639.767245][T19189] _raw_spin_lock+0x2e/0x40 [ 639.771761][T19189] ? kvfree_call_rcu+0x15a/0x780 [ 639.776719][T19189] kvfree_call_rcu+0x15a/0x780 [ 639.781503][T19189] ? call_rcu+0x930/0x930 [ 639.785852][T19189] ? _raw_spin_unlock_irqrestore+0xae/0x110 [ 639.791766][T19189] ? _raw_spin_unlock+0x40/0x40 [ 639.796637][T19189] trie_delete_elem+0x535/0x6a0 [ 639.801578][T19189] bpf_prog_41385012b43a9f2e+0x48/0x4c [ 639.807055][T19189] bpf_trace_run3+0x1e7/0x400 [ 639.811746][T19189] ? bpf_trace_run3+0xf4/0x400 [ 639.816521][T19189] ? bpf_trace_run2+0x3c0/0x3c0 [ 639.821472][T19189] ? __bpf_trace_timer_start+0x133/0x1b0 [ 639.827129][T19189] __bpf_trace_timer_start+0x14a/0x1b0 [ 639.832612][T19189] ? debug_object_activate+0x2f7/0x4b0 [ 639.838088][T19189] ? __bpf_trace_timer_class+0x100/0x100 [ 639.843742][T19189] ? __rwlock_init+0x150/0x150 [ 639.848528][T19189] ? _raw_spin_unlock_irqrestore+0xae/0x110 [ 639.854437][T19189] ? _raw_spin_unlock+0x40/0x40 [ 639.859298][T19189] ? _raw_spin_lock_irqsave+0xb4/0xf0 [ 639.864685][T19189] ? _raw_spin_lock+0x40/0x40 [ 639.869374][T19189] ? __bpf_trace_timer_class+0x100/0x100 [ 639.875033][T19189] __traceiter_timer_start+0x77/0xc0 [ 639.880340][T19189] enqueue_timer+0x398/0x530 [ 639.884941][T19189] __mod_timer+0x977/0xdb0 [ 639.889383][T19189] sk_reset_timer+0x23/0xc0 [ 639.893907][T19189] tipc_sk_finish_conn+0x154/0x7e0 [ 639.899040][T19189] tipc_socketpair+0x254/0x470 [ 639.903819][T19189] __sys_socketpair+0x2b0/0x550 [ 639.908696][T19189] __x64_sys_socketpair+0x9b/0xb0 [ 639.913746][T19189] do_syscall_64+0x55/0xb0 [ 639.918214][T19189] ? clear_bhb_loop+0x40/0x90 [ 639.922905][T19189] ? clear_bhb_loop+0x40/0x90 [ 639.927607][T19189] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 639.933528][T19189] RIP: 0033:0x7f6f3e58f749 [ 639.937968][T19189] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 639.957596][T19189] RSP: 002b:00007f6f3f51b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000035 [ 639.966039][T19189] RAX: ffffffffffffffda RBX: 00007f6f3e7e5fa0 RCX: 00007f6f3e58f749 [ 639.974037][T19189] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 000000000000001e [ 639.982025][T19189] RBP: 00007f6f3e613f91 R08: 0000000000000000 R09: 0000000000000000 [ 639.990012][T19189] R10: 00002000000010c0 R11: 0000000000000246 R12: 0000000000000000 [ 639.997999][T19189] R13: 00007f6f3e7e6038 R14: 00007f6f3e7e5fa0 R15: 00007ffef8f88e18 [ 640.005996][T19189]