last executing test programs: 7.95071335s ago: executing program 3 (id=2661): r0 = socket$nl_route(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r2 = dup(r1) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r3 = getpid() sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r6 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r7}, 0x10) timer_create(0x2, 0x0, 0x0) unshare(0x40020000) getsockname$packet(r2, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000001540)=0x14) sendmsg$nl_route_sched(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000780)=@newtaction={0x68, 0x30, 0x301, 0x0, 0x20000, {0x0, 0x0, 0x1300}, [{0x54, 0x1, [@m_mirred={0x50, 0x1, 0x0, 0x0, {{0xb}, {0x24, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{}, 0x1, r8}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x68}, 0x1, 0x0, 0x0, 0x8040}, 0x0) 7.804677969s ago: executing program 2 (id=2664): syz_mount_image$msdos(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, &(0x7f0000000340)=ANY=[@ANYRES8=0x0, @ANYRESDEC], 0x1, 0x140, &(0x7f00000003c0)="$eJzs27Fq21AUBuDj2m3ddvFcOgi6dDJtn6CluFAqaEnwkEwJOFnsYIgXJZMfJS8YCJ683ZAo2Imxhwy2IPq+RT/8CO4dpMMV6OjT2XAwnpyO/8+i3WhE60dkMW9EJ15FM0rTAABeknlKcZNSSm+n8e4qUkpVrwgA2DbzHwDqx/wHgPox/wGgfvYPDv/+zPPeXpa1I66nRb/ol9ey//0n733N7nWWd82Kot9c9N/KPnvav473D/33tf2b+PK57O+6X//ylf5DDLa/fQAAAKiFbraw9nzf7W7qy/To+8DK+b0VH1s72wYA8AyTi8vh8Wh0ci4IgrAIVb+ZgG1bPvRVrwQAAAAAAAAAAAAAANhkF78TVb1HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAWHUbAAD//0DvUik=") prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000180)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000017850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x3, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00'}, 0x10) r5 = socket$rds(0x15, 0x5, 0x0) r6 = socket$netlink(0x10, 0x3, 0x0) r7 = socket(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x14}}, 0x0) getsockname$packet(r7, &(0x7f00000002c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14) sendmsg$nl_route(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="480000001000050700000086d7c0d6c878f064eb", @ANYRES32=r8, @ANYBLOB], 0x48}}, 0x0) sendmsg$nl_route_sched(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000900)=@newqdisc={0x30, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r8, {0x0, 0x2}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_ingress={0xc}]}, 0x30}}, 0x4c080) sendmsg$rds(r5, &(0x7f0000000400)={&(0x7f0000000000)={0x2, 0x400, @remote}, 0x10, 0x0, 0x0, &(0x7f0000000540)=[@cswp={0x58, 0x114, 0x7, {{0xfc, 0x2}, 0x0, 0x0, 0x4, 0x7fffffffffffffff, 0x3e, 0x4, 0x30, 0x1}}], 0x58, 0x4010}, 0x0) 6.734382516s ago: executing program 2 (id=2669): sched_setscheduler(0x0, 0x2, &(0x7f0000000400)=0x3) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000cc0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc0200000000000000ae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fc40848228567ffb400000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df2624f56da648d28ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71400fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada10eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff00000000000f000000ef0000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18aba6b16455a66c3b84b138efc20a546d3d5227e23b03f2a834391ade2ff3e93ee296c4082ee73e7c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0847a1ff2f7fc3c2b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f05c7f0be31491eb8c9ff68236c8600040000000000000000000066e034c81c3cab64e4fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f224baf1221c15fa12313ffbfa7c2730309f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca205081173bd03c4754fc4674812daab482fd390a1c903b5d28a1eb247b5837d7603b92495d5c569f6433c3fca5206cb0000003fdbbd3892c52c2e7612e05de32322e980a3d69931e2c9312dd517c96f2ee90362476ed853c4c9b7d4ebf13cbaa795860e92a3d7d004f2c491db38eb769f094d5d48b262cc35c40682138cf13a49aa9f27abec00"], &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002) r2 = getpid() r3 = syz_pidfd_open(r2, 0x0) setns(r3, 0x24020000) syz_clone(0xd5ba2180, 0x0, 0x0, 0x0, 0x0, 0x0) 3.345900743s ago: executing program 2 (id=2685): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000005600)='sys_enter\x00', r0}, 0x10) r1 = memfd_secret(0x0) fchmod(r1, 0x26) 3.191168542s ago: executing program 2 (id=2687): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x32}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) getsockname$packet(r2, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x28a) sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="3800000010000507000000000004000000000000", @ANYBLOB="00000016010000001800120008000100736974000c0002000800030036"], 0x38}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000003c0)=ANY=[@ANYBLOB="6c000000100039042cbd7000eaffffff000003e4", @ANYRES32=r3, @ANYBLOB="83000200cb1507004c00128008000100736974004000028008000300ac1e0101060011004e24000006000d3f0900000008000c8643cda60014000b"], 0x6c}, 0x1, 0x0, 0x0, 0x8000}, 0x4000040) 3.069665512s ago: executing program 2 (id=2690): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="0200000004000000020000000c0000000014"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000001280)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001700000000000000ff000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008002010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10) mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x300000c, 0x50032, 0xffffffffffffffff, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00008, 0x0, 0x50032, 0xffffffffffffffff, 0x0) 2.65067208s ago: executing program 0 (id=2696): r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x6) capset(&(0x7f0000000040)={0x19971634, r0}, &(0x7f00000000c0)={0x8, 0x9, 0x1ff, 0x9, 0x2, 0xb}) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000200180000000000000000000850000007b00000095"], &(0x7f00000001c0)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000640)='kfree\x00', r2, 0x0, 0x200}, 0x18) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r1}, &(0x7f0000000000), &(0x7f00000003c0)=r2}, 0x20) r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r3, 0xc0a85320, &(0x7f0000001400)={{0x80}, 'port0\x00', 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}) ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r3, 0x40505330, &(0x7f0000000340)={0x800000, 0x0, 0xffffffff, 0x0, 0x3, 0x6}) write(0xffffffffffffffff, &(0x7f0000000040)="1400000052004f030e789e7e27286d000a4149f3", 0x14) recvmmsg(0xffffffffffffffff, &(0x7f0000005c80)=[{{0x0, 0x0, 0x0}}], 0x344, 0x10122, 0x0) r4 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000000c0), 0xe2981) mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r4, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r4, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {}, {}, @raw32={[0x2600, 0x0, 0x2000]}}], 0xffc8) 2.589721759s ago: executing program 2 (id=2697): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000005600)='sys_enter\x00', r0}, 0x10) r1 = memfd_secret(0x0) fchmod(r1, 0x26) 2.58084119s ago: executing program 3 (id=2698): bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) r1 = socket$kcm(0x2, 0x3, 0x2) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @broadcast}) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000b40)=ANY=[@ANYBLOB="2800000010005fba0000", @ANYRES32=0x0, @ANYBLOB="80000200e180000008001b"], 0x28}}, 0x0) write$tun(r0, &(0x7f0000003040)={@val={0x8, 0x800}, @val={0x0, 0x3, 0x0, 0x1}, @ipv4=@tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x89, 0x0, @rand_addr=0x3fc, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}, 0x36) 2.297780529s ago: executing program 0 (id=2701): shutdown(0xffffffffffffffff, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x4e24, @private=0xa010100}]}, &(0x7f0000000440)=0x10) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, &(0x7f0000001a80)={r0, 0x2}, 0x8) 2.295333609s ago: executing program 4 (id=2703): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000202300800000000000000000850000007b00000095"], &(0x7f00000001c0)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r1, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6) write$binfmt_misc(r1, &(0x7f0000001280), 0x6) 2.158226848s ago: executing program 0 (id=2704): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000500000002"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='mem_disconnect\x00', r2}, 0x10) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='mem_disconnect\x00', r3}, 0x10) syz_usb_connect(0x0, 0x0, 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) socket$can_raw(0x1d, 0x3, 0x1) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cgroup.stat\x00', 0x275a, 0x0) write$UHID_CREATE2(r4, &(0x7f0000000480)=ANY=[@ANYRES32=r4], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r4, 0x0) r5 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_GETKMSGREDIRECT(r5, 0x541c, &(0x7f0000000000)) 2.099094578s ago: executing program 4 (id=2705): setxattr$trusted_overlay_upper(&(0x7f0000000300)='./file0\x00', &(0x7f0000000240), &(0x7f0000000380)=ANY=[@ANYRESOCT, @ANYRES64], 0xff27, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000580)='kmem_cache_free\x00', r0}, 0x10) syz_emit_ethernet(0x3e, &(0x7f0000000280)={@link_local, @broadcast, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "010100", 0x8, 0x11, 0x0, @rand_addr=' \x01\x00', @mcast2, {[], {0x0, 0x4e22, 0x8}}}}}}, 0x0) r1 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000), 0x44000, 0x0) sendmsg$MPTCP_PM_CMD_SUBFLOW_DESTROY(r1, &(0x7f00000001c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000100)={&(0x7f00000004c0)={0x2c, 0x0, 0x300, 0x70bd2b, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x7}, @MPTCP_PM_ATTR_TOKEN={0x8}, @MPTCP_PM_ATTR_LOC_ID={0x5, 0x5, 0x6}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40000c0}, 0x4000010) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00', r2}, 0x10) memfd_create(&(0x7f00000001c0)='\x00\xc76\xbe\x91\x8d\x182)!\x9a%\xd9\x19\x17\xb0\xed|\xb3\xc2\x017h\xe9kL\xa2\xd28\xd6\x06\a\x0e\xfc\xfe\x12\x8f&\x13\xae%@T\xa3\xb0>\\\xec\xa9\xf9Q@6A\x10\x8cn|\x00\x00\x00\x00\x00\x00\x00\x00\xeb0\xdd\xe8\x87\x05=\xfb\x8b$\xdcQ\xee\xc5\x1f\x8bQ\xf7fo\"i\xa1hk\x1d\xf5z\xc1\x7f\xa4\\]\xc4\xbe3\xf9\xa8\t?:\xd8\xda\x84\xeepI[\x1c\x00\x00\x00\x00\xf9v\x00\x00\x00\x00\x00T\xb6\xbe\x0f~\xc0\x92\xe9O{\xa8\x81(\x01\x14\xfc\x83\xf9\xfb\x05\x94Tr@Lq]\xf9\x15zj\x87\xc4\x8e\xe8/\xb9-&R\x8e\xb2\xb3bBx\x1e1\x18\x8f2\xf7]#\xed,\xc7\x03\x00\x00\x00\xa3\xee\xcb\xaf\xb3\xe3\'}\x18\xe8O\xa8#K\xb6\xe4R$\xaa\x00U\x92\xd2\x99\xb80xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) r5 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r5, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000980)=@gettclass={0x24, 0x2a, 0x10d, 0x70bd2a, 0x0, {0x0, 0x0, 0x0, r4, {0x81ff}}}, 0x24}}, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='kfree\x00'}, 0x10) r6 = socket$netlink(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_NEWLINK(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000300)={0x38, 0x1403, 0x1, 0x700, 0x0, "", [{{0x9, 0x2, 'syz2\x00'}, {0x8, 0x41, 'rxe\x00'}, {0x14, 0x33, 'sit0\x00'}}]}, 0x38}}, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x0, &(0x7f0000000040)}) r7 = socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)={0x54, r8, 0x1, 0x0, 0xfffffffd, {0x3}, [@TIPC_NLA_BEARER={0x40, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xf}}}, {0x14, 0x2, @in={0x2, 0x0, @broadcast}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}]}]}, 0x54}}, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) r9 = socket$netlink(0x10, 0x3, 0xf) bind$netlink(r9, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) r10 = syz_io_uring_setup(0x7279, &(0x7f00000002c0)={0x0, 0x79e7, 0x13100, 0x3, 0x400}, &(0x7f0000000000)=0x0, &(0x7f00000001c0)=0x0) syz_io_uring_submit(r11, r12, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3}) io_uring_enter(r10, 0x2def, 0x0, 0x0, 0x0, 0x0) 1.943432047s ago: executing program 3 (id=2707): bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00"], 0x0, 0x2, 0x0, 0x0, 0x1e00, 0x64, '\x00', 0x0, @fallback=0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, @void, @value}, 0x94) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f0000000180)={0x1000003, 0x0, 0x4, 0x722}, 0x10) write(r1, 0x0, 0x0) syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_DEBUG_GET(0xffffffffffffffff, &(0x7f0000000cc0)={0x0, 0x0, 0x0}, 0x0) bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x48) r2 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r2, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10) connect$inet(r2, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10) sendmmsg(r2, &(0x7f0000007fc0), 0x800001d, 0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$IP_VS_SO_SET_ADD(r3, 0x0, 0x482, &(0x7f0000000040)={0x100000011, @multicast2, 0x0, 0x0, 'wrr\x00', 0x1b, 0xfffffff7, 0x4000069}, 0x2c) open(0x0, 0x8e040, 0x0) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000093850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0, r4}, 0x18) r5 = socket$inet6_udplite(0xa, 0x2, 0x88) sendmsg$DEVLINK_CMD_TRAP_POLICER_SET(r0, 0x0, 0x4000080) setsockopt$inet6_opts(r5, 0x29, 0x40, &(0x7f0000000680)=ANY=[@ANYBLOB="000a00000000000007301fffffbf00000000102dcc00001100000000000000000000000000000000000000000720000000000600000000000000000000000000000000000200feffff07000000000000000047d7a9"], 0x60) 1.910295487s ago: executing program 1 (id=2708): socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000340)={&(0x7f0000000000)='.', 0x0, 0x0, 0x0, 0x400001}, 0x38) ioctl$SIOCSIFHWADDR(r0, 0x8946, &(0x7f0000000900)={'netdevsim0\x00', @random='\x00\x00\x00 \x00'}) 1.905946067s ago: executing program 4 (id=2709): r0 = socket$nl_route(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000000c0)) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r5}, 0x10) timer_create(0x2, 0x0, 0x0) unshare(0x40020000) getsockname$packet(0xffffffffffffffff, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000001540)=0x14) sendmsg$nl_route_sched(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000780)=@newtaction={0x68, 0x30, 0x301, 0x0, 0x20000, {0x0, 0x0, 0x1300}, [{0x54, 0x1, [@m_mirred={0x50, 0x1, 0x0, 0x0, {{0xb}, {0x24, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{}, 0x1, r6}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x68}, 0x1, 0x0, 0x0, 0x8040}, 0x0) 1.608715286s ago: executing program 1 (id=2710): socket$nl_generic(0x10, 0x3, 0x10) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0xc, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={0x0, r0}, 0x18) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) utimes(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)={{}, {0x0, 0xea60}}) syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, 0x0, 0x0, 0x4) socket$rds(0x15, 0x5, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r4}, 0x10) ioctl$TUNSETOFFLOAD(0xffffffffffffffff, 0xc004743e, 0x20001418) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'veth1_macvtap\x00', 0x0}) socket$netlink(0x10, 0x3, 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f00000002c0)='./file0\x00') fcntl$setlease(0xffffffffffffffff, 0x400, 0x1) link(&(0x7f0000000200)='./file1\x00', &(0x7f0000000300)='./bus\x00') sendmsg$nl_route(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000000)=ANY=[@ANYBLOB="200000001100010029bd7000fedbdf2500000000", @ANYRES32=r5, @ANYBLOB], 0x20}, 0x1, 0x0, 0x0, 0x80}, 0x0) r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0xe, &(0x7f0000000bc0)=ANY=[@ANYBLOB="b702000000000000bfa300000000000007030000f0ffffff7a0af0ff0000000079a4f0ff00000000b706000000000081ad64020000000000450404000100ff0f1704000001130a00b7050000010000006a0af2fe0000000085000000a3000000b700000000000000950000000000000000e154cd8445974b26c933f7ffffffffe4fbffffff55bb2007ee51050512b5b42128aa090a79507df79f298129daa7a6b2f91af50342115e17392ac627c87881c000006146001e04aeacea799a22a216798b5adc43eb27d53319d0ad229e5752548300000000dbc2777df150b7cdd77b85b941092314fd085f028f2ed1a4535550614e09d6378198a6097a670838337af2abd55a87ac0394b2f92ffab7d153d62058d0a413b2173619ccf55520f22c9ca8b6712f3024b7041b1df65b3e1b9bf115646d14ce53d13d0ccacda1ef0900094fa737c28b99938512c816fdcceaede3faedc51d29a47fc813a2ec00f4c7a53ac271fefc583eec8912c37562d6d7f4ea6bf97f2f33e2ea2e534300bcb3fdc4b4861004eefbda7f54f82a804da4f85db47a4a69bf9bc5fa96ee293fbd165a5a68488e40b030166565a097b1b44b451de7368ca69f6f8db03d4b7745fef1d04ec633dee254a6d491b849a5a787e814c4fd21a18986252a70f8f92eb6f0e8c7db4bf23242a18159f09943b1b0452d1b72183aacf4a84f9130b775dd4e9e3070756f97ad791fa99dac06b57479321a0574fb30ff0000001989328c8ddc20ea011bf5742e0e0d4334db8b20ce3f9f16cb7fc20fb4791ec85821d0c48fb657c29b309c73f0977e7cde65a82b94c461d7962b0d2277a84af326f37f3e2c25a61ec45c3af97a8f17da954aff3fc8c108755f75ca13fb7c8bbd8b6e7dac1aba4b2059ba4b923a1188dd61dc7de058a4dfa7e85a8bdf1d41a2d8bd044d66f47cc180f82c5f573c6d294d3665016ac59dda0fde4745db06753a7ac74a2d32f7528751313694bf5700b20ef0c248ddd3da32396a614cacad4ae52066bb5d4045c958549b7dcb98a6273b8c651e24d9f679e4fbe948dfb4cc4a389469608241730459f0123fd39206000000000000eb55dad46de56ef907b059b90b8aa49afb9a79ae5498f6589880ed6eea7f9c670012be05e7de0940313c5870786554df26236ebced9390cb6941b8375d936a7d2120eca291963eb2d537d8ee4de5c183c960119451c31539b22809e1d7f0cda06a9fa87d64cb77872a2cd8a104e16bb1a2bacf13464ca03aff14a9aa4bd9530243ff98df3347f0e399d1b9f27e3c33269c0e153b28b2d4410572bc45b9d3fa02208d304d455c36300000000022320178b00cc6ed7966130b547dbf8b497af002000000cd1d00000020000000ef19349ee7f31abc11c800000000000000000000000928ee53595a779d243a48cea769470424d28804c04b2c4324ab7f4a5c81921f0128dfd70b438af60b060000000000000056642b49b745f3bf2cf7908b6d7d748308eea09fc361b4735efbf3411718d6ee7aebf9ef679dbfae9fb4a79f8a836804ed3a000000002a12043408cd60b687dcff91af19010000000000000000456f7d2a42bd13da202274f20675eb781925441578e93046aaddea8ec4ca37f71c2710a7ea8ae0dc214e1cc275b26adfa892e6de92000000000000000000ddff004cff9ec7ffff35e62f4eeee50e5bafecea4d4134f9d006c8d6883eca5c9c58c9e93311ab5009c68c73de2f04f15d005387577f480000ea65559eb00e76e9d0ada201bcbb5c252b28a60ca770663da451790cc36000906d5a9fad98c308e39bd5ffb6151d79c1cee1cd103c1962f4759286db3633be3f00000015762e5f5a3a0bc33fdbe28a5ffc83f2b485185cc92fe7f791e8f6429309d6adab4b7e508e5bf024ed8f8a005f2bbf96c89739f5cf1e750d50517a59a3ad09e8802e8f4f535447cc0fc9d5f99a73145dfcedad69da9cd4375c624600e78f4458542b14f29611f95d4a31838eeb20c20bb82aa31771cd379ec83554cea5e6539db7384e1f58d81f2f2653c4d9818708e27c89b552d7fcd116bce9c764c714c9402c21d181aac59efb28d4f91652f6750b6ec962802c0320f8059195729d60c534ee8e8ff0755b67fe4c25edb85bcff24c757aa8090000000000008c420eb4304f66e3a37aaf000000c42a570f0e1dd5fd545470f862f8c3c14fa9ecd1e877b0d8ca84c044859e85e6158f9184bc61a9a284db80e4636c25b96174327d82761c26e329555f9290af4100000000000000749efd040000000000000034137f5ab0d534b8d63e4ca3b671f2de1cdf519192c6b59a601fd419adc16e2055b85058f793484305d7a175979d54000004408996ec5db6a4d15b71ee855a47bc00edf5e9020c09ab004321610b857e8717764b633b21cb32f0e03280e09758bd445ab91d20baca005452b79d7b574a247f1d2fe45b3c4e93da3d51de647c10dd49944dc87c92332af00f191b66b6a6f732a91f0e2e9120be61e58c79d497247d278888901d442ad7f8536605a644e9e3d769db497c3960dfde12182334caee994adc38a436367a54b9e182b78e9a0ceb9a2c4f63902c1ad1a7c5a08d0920a23c2a86abbdf357849a651733e57f31019876026888c8ccb85c86b4f8ffffff7f000000002c331fca0e541b7ca211c28ed61c525708a13d115b43f8b1894c8fa8a14dc4810f61ae96c18cc7130000000000002100000000000000000001000027c9a46157a3609b6fd9843ee19ec647249a9375de5858818f3c4a4fa6ce46f4d42b07199de8b99231ace58c77819ee214e49666c464d35ca9b5143ed3b3dc8c17a23692759ccf5a205311b7ab22532697b861dfb54609fd88e6043bd52ae84c1bb0c8a6c769f952283a1f4e3842edb3d42c68a27ef6a1296dfff4a979369b0e8ebc62887aa46e820a74f91381dcc198e353047db70686d147357024eb3cb94f1e89cb5ba0a56aa046b4dc521a3d9356b4b8b5917c4c860495b240e80063bde261fd000000000072716bc8e139c49b91c76bea3858f7ca208d31330d89069f96f66e2e7748a2ff93060ff073b3a113e47edf0672fda649e8ca5095f2a161bf60b876f7d116d2b0976cf2ec447c030931651dd315003b7a6a5433a2bb3c035fc6846abe389b25c988f0bbb889560ae99ec4b227eda2e63a1c31a2c2bd48a822cbe92b6524e0cd8020ecaa34e19e7141d5e221509342bfe7d294d1eb3de6a50ca0301f89c2ee62714ee5f72d8805dd1bfbd081f6a5d1f1289dfe14cb9194e26a44fac273461fc5c0e0a33db7f2d43ea8086cf059f40fa2640b6bfb74dd35f5a31059c01517cf4b6641fce9a24b96767b837ca037a1199735c375c705c798e0e208e4a5259d0bfa526b462af45a6eab34000000000000000000000000c4426344ec1a3366515dee221e747f55d7dd02534bc503b9b28277c253e410986bef2111a99cc448d652929f8a67a6a1d3f00dcad91aff42961f8f3b555d9e8aade3f85714a1d3ef29acd4d49b62339c10c2ec0dac4728288e78980c1184d8223edbccbf9258b7374e79a1f8bf3fb73c8c6dbb7bbdfc399847a11921f97eba0ea14c4fed9a71eedb97c02461792e3a49dac16c60c3fcaab222025d78963c3ac899fa8b63f58a30212c9b2d7fe751e2046b78f86e22861b6504c667350244dd6d9189a8b9c45f8aaff9db694811ca86ed978f23eed7459c0382074170cf1e25b0e9ba3d1cc309353eea4cd8ab96bafda393276bdd8d32ead8db9e1b54d2d3d50e2815268fc1a6ec566981bc8ca2a4583f3d40e8173d3d0f4f25cfe6cc1897449ba5f26a9d66ac73e6f5c401376f23a314e0b9ff997d22f3e34b7524642c248aa813edaa626f000000000000000000000000000000005519fe545110a9c01d6f0da7b0731b19ae17b64d6eb1a47675aea60371f629ed3446beb20bf2bab80e451b4139dc6c87e6b395edc142e24b596f636f8c248beeb268dbbf120b26693f73a6362e7c6bff6b08514763f6fbe6c914baf7e25ac7e8d36babeb6c58d012cf7b1ffbe996204af87412b9b21da1dfb01aa5a4ff142deb3bd70d11cf71752bdb33f1dfb6ef107ef3cb0016b2b6dcffb0be5a95d56172098ebf6075cc048f94350e2adb108eabccfae942bbca66ea83139ab4062963be6d549907b17d95b248201322cd8cc6540b6e369c7ebd9b98ec3dab43e84ecf9e66be246847b40feadfebcbb566d4e243bd8f279db0c7f5320ca6bf5cea49671ca89eedbb79028af6d459d6fe81071e700136fdb9234ce00d6ce181421dc659fc73ad25cdf97e5a6f4e5e05394e70fdf1ef4b41c376ba0222a87d8d5609f535a6a6fbbd60fc633064a94c252ac127b7467ec036ed883e252cb8727208712e4296f106c6527ff939552e23c2140c00"/3143], &(0x7f0000000b80)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffedf, 0x10, &(0x7f0000000040), 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000700)={r6, 0x31, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4e, 0x0, 0x0, 0xfffffffffffffe9a, 0x0, 0x0, 0x0, 0x0}}, 0x10) syz_emit_ethernet(0x66, &(0x7f0000000680)={@local, @empty, @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "fca33f", 0x30, 0x67, 0x0, @dev, @local, {[@fragment={0x21}, @srh={0x3a, 0x4, 0x4, 0x2, 0x5, 0x38, 0x101, [@mcast2, @mcast2]}]}}}}}, 0x0) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000004c0)={r7}, 0x4) 1.607956026s ago: executing program 3 (id=2711): r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x6) capset(&(0x7f0000000040)={0x19971634, r0}, &(0x7f00000000c0)={0x8, 0x9, 0x1ff, 0x9, 0x2, 0xb}) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000200180000000000000000000850000007b00000095"], &(0x7f00000001c0)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000640)='kfree\x00', r2, 0x0, 0x200}, 0x18) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r1}, &(0x7f0000000000), &(0x7f00000003c0)=r2}, 0x20) r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r3, 0xc0a85320, &(0x7f0000001400)={{0x80}, 'port0\x00', 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}) r4 = socket(0x10, 0x3, 0x0) write(r4, &(0x7f0000000040)="1400000052004f030e789e7e27286d000a4149f3", 0x14) recvmmsg(r4, &(0x7f0000005c80)=[{{0x0, 0x0, 0x0}}], 0x344, 0x10122, 0x0) r5 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000000c0), 0xe2981) mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r5, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r5, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {}, {}, @raw32={[0x2600, 0x0, 0x2000]}}], 0xffc8) 780.580193ms ago: executing program 0 (id=2712): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x10) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010600000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff1b000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a01020000000000000000020000000900020073797a310000000008000440000000000900010073797a3000000000080003400000000a14000000110001"], 0x64}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001000010000000000000000000020000a3c000000120a09080000000000000000020000000900020073797a310000000008000440000000000900010073797a3000000000080003400000000a"], 0x64}}, 0x0) 600.336882ms ago: executing program 1 (id=2713): socket$unix(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r1, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0) recvmsg$unix(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0), 0x100}, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$nl_route(r2, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x1c}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB, @ANYRES32=r3, @ANYBLOB="01000000002200001c0012000c000100626f6e64000000000c0002000800010006"], 0x3c}}, 0x0) r4 = socket$netlink(0x10, 0x3, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000280)=0x14) sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000800)={&(0x7f0000000180)=ANY=[@ANYBLOB="2c00000010000100000000000000000053000000", @ANYRES32=r5, @ANYBLOB="efdd0e4af11f02000a0001"], 0x2c}}, 0x0) 504.939782ms ago: executing program 4 (id=2714): write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000040)={0xffffffffffffffff}, 0x2}}, 0x20) write$RDMA_USER_CM_CMD_RESOLVE_IP(0xffffffffffffffff, &(0x7f0000000340)={0x3, 0x40, 0xfa00, {{0xa, 0x4e20, 0x8, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x1}, {0xa, 0x4e23, 0x7f, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x5}, r0, 0x1}}, 0x48) write$RDMA_USER_CM_CMD_RESOLVE_IP(0xffffffffffffffff, &(0x7f0000000200)={0x3, 0x40, 0xfa00, {{0xa, 0xfffd, 0x0, @empty, 0x4}, {0xa, 0x0, 0x0, @empty, 0xfffffffc}, r0}}, 0x48) r1 = dup2(0xffffffffffffffff, 0xffffffffffffffff) write$RDMA_USER_CM_CMD_JOIN_MCAST(r1, &(0x7f00000008c0)={0x16, 0x98, 0xfa00, {0x0, 0x2, r0, 0x10, 0x0, @in={0x2, 0x4e22, @loopback}}}, 0xa0) 443.762032ms ago: executing program 4 (id=2715): r0 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x201, 0x2) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1000002, 0x10812, r0, 0x0) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) 396.757761ms ago: executing program 0 (id=2716): bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) r1 = socket$kcm(0x2, 0x3, 0x2) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @broadcast}) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000b40)=ANY=[@ANYBLOB="2800000010005fba00000000000000", @ANYRES32=0x0, @ANYBLOB="80000200e180000008001b"], 0x28}}, 0x0) write$tun(r0, &(0x7f0000003040)={@val={0x8, 0x800}, @val={0x0, 0x3, 0x0, 0x1}, @ipv4=@tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x89, 0x0, @rand_addr=0x3fc, @multicast2=0xe0000001}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}, 0x36) 395.909051ms ago: executing program 1 (id=2717): r0 = socket(0x10, 0x803, 0x0) sendto(r0, &(0x7f00000000c0)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0x80, &(0x7f0000000380)=[{&(0x7f0000000140)=""/110, 0x6e}, {0x0}, {&(0x7f0000000fc0)=""/4096, 0x1000}, {&(0x7f0000000400)=""/106, 0x6a}, {&(0x7f0000000740)=""/73, 0x49}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f00000007c0)=""/154, 0x9a}, {&(0x7f0000000100)=""/16, 0x10}], 0x8, &(0x7f0000000600)=""/191, 0xbf}}], 0x1, 0x2, &(0x7f0000003700)={0x77359400}) recvmsg(r0, &(0x7f0000000700)={0x0, 0x0, 0x0, 0x0, &(0x7f00000006c0)=""/59, 0x3b}, 0x0) 364.317621ms ago: executing program 3 (id=2718): setxattr$trusted_overlay_upper(&(0x7f0000000300)='./file0\x00', &(0x7f0000000240), &(0x7f0000000380)=ANY=[@ANYRESOCT, @ANYRES64], 0xff27, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000580)='kmem_cache_free\x00', r0}, 0x10) syz_emit_ethernet(0x3e, &(0x7f0000000280)={@link_local, @broadcast, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "010100", 0x8, 0x11, 0x0, @rand_addr=' \x01\x00', @mcast2, {[], {0x0, 0x4e22, 0x8}}}}}}, 0x0) r1 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000), 0x44000, 0x0) sendmsg$MPTCP_PM_CMD_SUBFLOW_DESTROY(r1, &(0x7f00000001c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000100)={&(0x7f00000004c0)={0x2c, 0x0, 0x300, 0x70bd2b, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x7}, @MPTCP_PM_ATTR_TOKEN={0x8}, @MPTCP_PM_ATTR_LOC_ID={0x5, 0x5, 0x6}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40000c0}, 0x4000010) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00', r2}, 0x10) memfd_create(&(0x7f00000001c0)='\x00\xc76\xbe\x91\x8d\x182)!\x9a%\xd9\x19\x17\xb0\xed|\xb3\xc2\x017h\xe9kL\xa2\xd28\xd6\x06\a\x0e\xfc\xfe\x12\x8f&\x13\xae%@T\xa3\xb0>\\\xec\xa9\xf9Q@6A\x10\x8cn|\x00\x00\x00\x00\x00\x00\x00\x00\xeb0\xdd\xe8\x87\x05=\xfb\x8b$\xdcQ\xee\xc5\x1f\x8bQ\xf7fo\"i\xa1hk\x1d\xf5z\xc1\x7f\xa4\\]\xc4\xbe3\xf9\xa8\t?:\xd8\xda\x84\xeepI[\x1c\x00\x00\x00\x00\xf9v\x00\x00\x00\x00\x00T\xb6\xbe\x0f~\xc0\x92\xe9O{\xa8\x81(\x01\x14\xfc\x83\xf9\xfb\x05\x94Tr@Lq]\xf9\x15zj\x87\xc4\x8e\xe8/\xb9-&R\x8e\xb2\xb3bBx\x1e1\x18\x8f2\xf7]#\xed,\xc7\x03\x00\x00\x00\xa3\xee\xcb\xaf\xb3\xe3\'}\x18\xe8O\xa8#K\xb6\xe4R$\xaa\x00U\x92\xd2\x99\xb80xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) r5 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r5, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000980)=@gettclass={0x24, 0x2a, 0x10d, 0x70bd2a, 0x0, {0x0, 0x0, 0x0, r4, {0x81ff}}}, 0x24}}, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='kfree\x00'}, 0x10) r6 = socket$netlink(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_NEWLINK(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000300)={0x38, 0x1403, 0x1, 0x700, 0x0, "", [{{0x9, 0x2, 'syz2\x00'}, {0x8, 0x41, 'rxe\x00'}, {0x14, 0x33, 'sit0\x00'}}]}, 0x38}}, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x0, &(0x7f0000000040)}) r7 = socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)={0x54, r8, 0x1, 0x0, 0xfffffffd, {0x3}, [@TIPC_NLA_BEARER={0x40, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xf}}}, {0x14, 0x2, @in={0x2, 0x0, @broadcast}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}]}]}, 0x54}}, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) r9 = socket$netlink(0x10, 0x3, 0xf) bind$netlink(r9, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) r10 = syz_io_uring_setup(0x7279, &(0x7f00000002c0)={0x0, 0x79e7, 0x13100, 0x3, 0x400}, &(0x7f0000000000)=0x0, &(0x7f00000001c0)=0x0) syz_io_uring_submit(r11, r12, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3}) io_uring_enter(r10, 0x2def, 0x0, 0x0, 0x0, 0x0) 234.666561ms ago: executing program 1 (id=2719): request_key(&(0x7f00000000c0)='ceph\x00', &(0x7f0000000100)={'syz', 0x0}, &(0x7f0000000140)='stat\x00', 0xfffffffffffffffe) 127.36781ms ago: executing program 4 (id=2720): bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00"], 0x0, 0x2, 0x0, 0x0, 0x1e00, 0x64, '\x00', 0x0, @fallback=0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, @void, @value}, 0x94) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f0000000180)={0x1000003, 0x0, 0x4, 0x722}, 0x10) write(r1, 0x0, 0x0) syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_DEBUG_GET(0xffffffffffffffff, &(0x7f0000000cc0)={0x0, 0x0, 0x0}, 0x0) bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x48) r2 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r2, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10) connect$inet(r2, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10) sendmmsg(r2, &(0x7f0000007fc0), 0x800001d, 0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$IP_VS_SO_SET_ADD(r3, 0x0, 0x482, &(0x7f0000000040)={0x100000011, @multicast2, 0x0, 0x0, 'wrr\x00', 0x1b, 0xfffffff7, 0x4000069}, 0x2c) open(0x0, 0x8e040, 0x0) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000093850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0, r4}, 0x18) r5 = socket$inet6_udplite(0xa, 0x2, 0x88) sendmsg$DEVLINK_CMD_TRAP_POLICER_SET(r0, 0x0, 0x4000080) setsockopt$inet6_opts(r5, 0x29, 0x40, &(0x7f0000000680)=ANY=[@ANYBLOB="000a00000000000007301fffffbf00000000102dcc00001100000000000000000000000000000000000000000720000000000600000000000000000000000000000000000200feffff07000000000000000047d7a9"], 0x60) 87.58905ms ago: executing program 1 (id=2721): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) mkdir(&(0x7f0000000000)='./control\x00', 0x0) mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000100)='sysfs\x00', 0x0, 0x0) mount$bind(&(0x7f0000000480)='./file0\x00', &(0x7f00000004c0)='./control\x00', 0x0, 0x2000, 0x0) 70.22351ms ago: executing program 0 (id=2722): socket$nl_generic(0x10, 0x3, 0x10) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0xc, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000580)='sched_switch\x00', r0}, 0x10) bpf$PROG_LOAD(0x5, 0x0, 0x0) utimes(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)={{}, {0x0, 0xea60}}) syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, 0x0, 0x0, 0x4) socket$rds(0x15, 0x5, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r4}, 0x10) ioctl$TUNSETOFFLOAD(0xffffffffffffffff, 0xc004743e, 0x20001418) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'veth1_macvtap\x00', 0x0}) socket$netlink(0x10, 0x3, 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f00000002c0)='./file0\x00') fcntl$setlease(0xffffffffffffffff, 0x400, 0x1) link(&(0x7f0000000200)='./file1\x00', &(0x7f0000000300)='./bus\x00') sendmsg$nl_route(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000000)=ANY=[@ANYBLOB="200000001100010029bd7000fedbdf2500000000", @ANYRES32=r5, @ANYBLOB], 0x20}, 0x1, 0x0, 0x0, 0x80}, 0x0) r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0xe, &(0x7f0000000bc0)=ANY=[@ANYBLOB="b702000000000000bfa300000000000007030000f0ffffff7a0af0ff0000000079a4f0ff00000000b706000000000081ad64020000000000450404000100ff0f1704000001130a00b7050000010000006a0af2fe0000000085000000a3000000b700000000000000950000000000000000e154cd8445974b26c933f7ffffffffe4fbffffff55bb2007ee51050512b5b42128aa090a79507df79f298129daa7a6b2f91af50342115e17392ac627c87881c000006146001e04aeacea799a22a216798b5adc43eb27d53319d0ad229e5752548300000000dbc2777df150b7cdd77b85b941092314fd085f028f2ed1a4535550614e09d6378198a6097a670838337af2abd55a87ac0394b2f92ffab7d153d62058d0a413b2173619ccf55520f22c9ca8b6712f3024b7041b1df65b3e1b9bf115646d14ce53d13d0ccacda1ef0900094fa737c28b99938512c816fdcceaede3faedc51d29a47fc813a2ec00f4c7a53ac271fefc583eec8912c37562d6d7f4ea6bf97f2f33e2ea2e534300bcb3fdc4b4861004eefbda7f54f82a804da4f85db47a4a69bf9bc5fa96ee293fbd165a5a68488e40b030166565a097b1b44b451de7368ca69f6f8db03d4b7745fef1d04ec633dee254a6d491b849a5a787e814c4fd21a18986252a70f8f92eb6f0e8c7db4bf23242a18159f09943b1b0452d1b72183aacf4a84f9130b775dd4e9e3070756f97ad791fa99dac06b57479321a0574fb30ff0000001989328c8ddc20ea011bf5742e0e0d4334db8b20ce3f9f16cb7fc20fb4791ec85821d0c48fb657c29b309c73f0977e7cde65a82b94c461d7962b0d2277a84af326f37f3e2c25a61ec45c3af97a8f17da954aff3fc8c108755f75ca13fb7c8bbd8b6e7dac1aba4b2059ba4b923a1188dd61dc7de058a4dfa7e85a8bdf1d41a2d8bd044d66f47cc180f82c5f573c6d294d3665016ac59dda0fde4745db06753a7ac74a2d32f7528751313694bf5700b20ef0c248ddd3da32396a614cacad4ae52066bb5d4045c958549b7dcb98a6273b8c651e24d9f679e4fbe948dfb4cc4a389469608241730459f0123fd39206000000000000eb55dad46de56ef907b059b90b8aa49afb9a79ae5498f6589880ed6eea7f9c670012be05e7de0940313c5870786554df26236ebced9390cb6941b8375d936a7d2120eca291963eb2d537d8ee4de5c183c960119451c31539b22809e1d7f0cda06a9fa87d64cb77872a2cd8a104e16bb1a2bacf13464ca03aff14a9aa4bd9530243ff98df3347f0e399d1b9f27e3c33269c0e153b28b2d4410572bc45b9d3fa02208d304d455c36300000000022320178b00cc6ed7966130b547dbf8b497af002000000cd1d00000020000000ef19349ee7f31abc11c800000000000000000000000928ee53595a779d243a48cea769470424d28804c04b2c4324ab7f4a5c81921f0128dfd70b438af60b060000000000000056642b49b745f3bf2cf7908b6d7d748308eea09fc361b4735efbf3411718d6ee7aebf9ef679dbfae9fb4a79f8a836804ed3a000000002a12043408cd60b687dcff91af19010000000000000000456f7d2a42bd13da202274f20675eb781925441578e93046aaddea8ec4ca37f71c2710a7ea8ae0dc214e1cc275b26adfa892e6de92000000000000000000ddff004cff9ec7ffff35e62f4eeee50e5bafecea4d4134f9d006c8d6883eca5c9c58c9e93311ab5009c68c73de2f04f15d005387577f480000ea65559eb00e76e9d0ada201bcbb5c252b28a60ca770663da451790cc36000906d5a9fad98c308e39bd5ffb6151d79c1cee1cd103c1962f4759286db3633be3f00000015762e5f5a3a0bc33fdbe28a5ffc83f2b485185cc92fe7f791e8f6429309d6adab4b7e508e5bf024ed8f8a005f2bbf96c89739f5cf1e750d50517a59a3ad09e8802e8f4f535447cc0fc9d5f99a73145dfcedad69da9cd4375c624600e78f4458542b14f29611f95d4a31838eeb20c20bb82aa31771cd379ec83554cea5e6539db7384e1f58d81f2f2653c4d9818708e27c89b552d7fcd116bce9c764c714c9402c21d181aac59efb28d4f91652f6750b6ec962802c0320f8059195729d60c534ee8e8ff0755b67fe4c25edb85bcff24c757aa8090000000000008c420eb4304f66e3a37aaf000000c42a570f0e1dd5fd545470f862f8c3c14fa9ecd1e877b0d8ca84c044859e85e6158f9184bc61a9a284db80e4636c25b96174327d82761c26e329555f9290af4100000000000000749efd040000000000000034137f5ab0d534b8d63e4ca3b671f2de1cdf519192c6b59a601fd419adc16e2055b85058f793484305d7a175979d54000004408996ec5db6a4d15b71ee855a47bc00edf5e9020c09ab004321610b857e8717764b633b21cb32f0e03280e09758bd445ab91d20baca005452b79d7b574a247f1d2fe45b3c4e93da3d51de647c10dd49944dc87c92332af00f191b66b6a6f732a91f0e2e9120be61e58c79d497247d278888901d442ad7f8536605a644e9e3d769db497c3960dfde12182334caee994adc38a436367a54b9e182b78e9a0ceb9a2c4f63902c1ad1a7c5a08d0920a23c2a86abbdf357849a651733e57f31019876026888c8ccb85c86b4f8ffffff7f000000002c331fca0e541b7ca211c28ed61c525708a13d115b43f8b1894c8fa8a14dc4810f61ae96c18cc7130000000000002100000000000000000001000027c9a46157a3609b6fd9843ee19ec647249a9375de5858818f3c4a4fa6ce46f4d42b07199de8b99231ace58c77819ee214e49666c464d35ca9b5143ed3b3dc8c17a23692759ccf5a205311b7ab22532697b861dfb54609fd88e6043bd52ae84c1bb0c8a6c769f952283a1f4e3842edb3d42c68a27ef6a1296dfff4a979369b0e8ebc62887aa46e820a74f91381dcc198e353047db70686d147357024eb3cb94f1e89cb5ba0a56aa046b4dc521a3d9356b4b8b5917c4c860495b240e80063bde261fd000000000072716bc8e139c49b91c76bea3858f7ca208d31330d89069f96f66e2e7748a2ff93060ff073b3a113e47edf0672fda649e8ca5095f2a161bf60b876f7d116d2b0976cf2ec447c030931651dd315003b7a6a5433a2bb3c035fc6846abe389b25c988f0bbb889560ae99ec4b227eda2e63a1c31a2c2bd48a822cbe92b6524e0cd8020ecaa34e19e7141d5e221509342bfe7d294d1eb3de6a50ca0301f89c2ee62714ee5f72d8805dd1bfbd081f6a5d1f1289dfe14cb9194e26a44fac273461fc5c0e0a33db7f2d43ea8086cf059f40fa2640b6bfb74dd35f5a31059c01517cf4b6641fce9a24b96767b837ca037a1199735c375c705c798e0e208e4a5259d0bfa526b462af45a6eab34000000000000000000000000c4426344ec1a3366515dee221e747f55d7dd02534bc503b9b28277c253e410986bef2111a99cc448d652929f8a67a6a1d3f00dcad91aff42961f8f3b555d9e8aade3f85714a1d3ef29acd4d49b62339c10c2ec0dac4728288e78980c1184d8223edbccbf9258b7374e79a1f8bf3fb73c8c6dbb7bbdfc399847a11921f97eba0ea14c4fed9a71eedb97c02461792e3a49dac16c60c3fcaab222025d78963c3ac899fa8b63f58a30212c9b2d7fe751e2046b78f86e22861b6504c667350244dd6d9189a8b9c45f8aaff9db694811ca86ed978f23eed7459c0382074170cf1e25b0e9ba3d1cc309353eea4cd8ab96bafda393276bdd8d32ead8db9e1b54d2d3d50e2815268fc1a6ec566981bc8ca2a4583f3d40e8173d3d0f4f25cfe6cc1897449ba5f26a9d66ac73e6f5c401376f23a314e0b9ff997d22f3e34b7524642c248aa813edaa626f000000000000000000000000000000005519fe545110a9c01d6f0da7b0731b19ae17b64d6eb1a47675aea60371f629ed3446beb20bf2bab80e451b4139dc6c87e6b395edc142e24b596f636f8c248beeb268dbbf120b26693f73a6362e7c6bff6b08514763f6fbe6c914baf7e25ac7e8d36babeb6c58d012cf7b1ffbe996204af87412b9b21da1dfb01aa5a4ff142deb3bd70d11cf71752bdb33f1dfb6ef107ef3cb0016b2b6dcffb0be5a95d56172098ebf6075cc048f94350e2adb108eabccfae942bbca66ea83139ab4062963be6d549907b17d95b248201322cd8cc6540b6e369c7ebd9b98ec3dab43e84ecf9e66be246847b40feadfebcbb566d4e243bd8f279db0c7f5320ca6bf5cea49671ca89eedbb79028af6d459d6fe81071e700136fdb9234ce00d6ce181421dc659fc73ad25cdf97e5a6f4e5e05394e70fdf1ef4b41c376ba0222a87d8d5609f535a6a6fbbd60fc633064a94c252ac127b7467ec036ed883e252cb8727208712e4296f106c6527ff939552e23c2140c00"/3143], &(0x7f0000000b80)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffedf, 0x10, &(0x7f0000000040), 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000700)={r6, 0x31, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4e, 0x0, 0x0, 0xfffffffffffffe9a, 0x0, 0x0, 0x0, 0x0}}, 0x10) syz_emit_ethernet(0x66, &(0x7f0000000680)={@local, @empty, @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "fca33f", 0x30, 0x67, 0x0, @dev, @local, {[@fragment={0x21}, @srh={0x3a, 0x4, 0x4, 0x2, 0x5, 0x38, 0x101, [@mcast2, @mcast2]}]}}}}}, 0x0) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000004c0)={r7}, 0x4) 0s ago: executing program 3 (id=2723): r0 = socket$nl_route(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000000c0)) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r5}, 0x10) timer_create(0x2, 0x0, 0x0) unshare(0x40020000) getsockname$packet(0xffffffffffffffff, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000001540)=0x14) sendmsg$nl_route_sched(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000780)=@newtaction={0x68, 0x30, 0x301, 0x0, 0x20000, {0x0, 0x0, 0x1300}, [{0x54, 0x1, [@m_mirred={0x50, 0x1, 0x0, 0x0, {{0xb}, {0x24, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{}, 0x1, r6}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x68}, 0x1, 0x0, 0x0, 0x8040}, 0x0) kernel console output (not intermixed with test programs): d length. [ 250.114309][ T8447] loop1: detected capacity change from 0 to 128 [ 250.129688][ T26] audit: type=1326 audit(1734599798.849:3140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8430 comm="syz.3.1451" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f88dd387c47 code=0x7ffc0000 [ 250.206692][ T26] audit: type=1326 audit(1734599798.849:3141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8430 comm="syz.3.1451" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7f88dd387bbc code=0x7ffc0000 [ 250.291925][ T26] audit: type=1326 audit(1734599798.849:3142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8430 comm="syz.3.1451" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f88dd387af4 code=0x7ffc0000 [ 250.364947][ T26] audit: type=1326 audit(1734599798.849:3143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8430 comm="syz.3.1451" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f88dd387af4 code=0x7ffc0000 [ 250.456174][ T26] audit: type=1326 audit(1734599798.849:3144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8430 comm="syz.3.1451" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f88dd38498a code=0x7ffc0000 [ 250.518955][ T26] audit: type=1326 audit(1734599798.849:3145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8430 comm="syz.3.1451" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f88dd385d29 code=0x7ffc0000 [ 250.589046][ T26] audit: type=1326 audit(1734599798.849:3146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8430 comm="syz.3.1451" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f88dd385d29 code=0x7ffc0000 [ 250.620438][ T8461] loop3: detected capacity change from 0 to 512 [ 250.670853][ T8461] EXT4-fs error (device loop3): ext4_orphan_get:1400: inode #15: comm syz.3.1462: casefold flag without casefold feature [ 250.708955][ T8461] EXT4-fs error (device loop3): ext4_orphan_get:1405: comm syz.3.1462: couldn't read orphan inode 15 (err -117) [ 250.756114][ T8461] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 250.872766][ T4252] EXT4-fs (loop3): unmounting filesystem. [ 251.004558][ T8473] loop3: detected capacity change from 0 to 128 [ 251.240805][ T8480] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1466'. [ 251.251067][ T8480] IPVS: Error connecting to the multicast addr [ 251.335064][ T8481] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1464'. [ 251.537499][ T8479] rdma_rxe: already configured on lo [ 252.064620][ T8486] rdma_rxe: rxe_register_device failed with error -23 [ 252.105725][ T8486] rdma_rxe: failed to add sit0 [ 252.151606][ T8486] tipc: Enabling of bearer rejected, already enabled [ 252.340343][ T8497] lo speed is unknown, defaulting to 1000 [ 252.530144][ T8505] loop2: detected capacity change from 0 to 512 [ 252.582784][ T8505] EXT4-fs error (device loop2): ext4_orphan_get:1400: inode #15: comm syz.2.1474: casefold flag without casefold feature [ 252.625862][ T8505] EXT4-fs error (device loop2): ext4_orphan_get:1405: comm syz.2.1474: couldn't read orphan inode 15 (err -117) [ 252.663722][ T8497] sit0 speed is unknown, defaulting to 1000 [ 252.667285][ T8510] loop7: detected capacity change from 0 to 16384 [ 252.683147][ T8505] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 252.841093][ T4260] EXT4-fs (loop2): unmounting filesystem. [ 252.860950][ T8513] IPVS: wrr: UDP 224.0.0.2:0 - no destination available [ 253.026094][ T8511] loop7: detected capacity change from 16384 to 16383 [ 253.160253][ T8523] rdma_rxe: rxe_register_device failed with error -23 [ 253.177785][ T8525] netlink: 'syz.4.1481': attribute type 4 has an invalid length. [ 253.190930][ T8523] rdma_rxe: failed to add lo [ 253.386711][ T8531] loop4: detected capacity change from 0 to 2048 [ 253.485270][ T8531] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 253.650104][ T8544] EXT4-fs error (device loop4): ext4_ext_precache:627: inode #2: comm syz.4.1484: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 5(5) [ 253.822039][ T4253] EXT4-fs (loop4): unmounting filesystem. [ 253.884662][ T8551] loop3: detected capacity change from 0 to 128 [ 253.891421][ T8549] loop1: detected capacity change from 0 to 512 [ 253.915420][ T8553] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1491'. [ 253.928000][ T8549] EXT4-fs error (device loop1): ext4_orphan_get:1400: inode #15: comm syz.1.1489: casefold flag without casefold feature [ 253.983416][ T8549] EXT4-fs error (device loop1): ext4_orphan_get:1405: comm syz.1.1489: couldn't read orphan inode 15 (err -117) [ 254.034925][ T8549] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 254.101878][ T8556] IPVS: wrr: UDP 224.0.0.2:0 - no destination available [ 254.179169][ T4251] EXT4-fs (loop1): unmounting filesystem. [ 254.323951][ T8564] netlink: 'syz.4.1495': attribute type 4 has an invalid length. [ 254.404387][ T8560] lo speed is unknown, defaulting to 1000 [ 255.094599][ T8560] sit0 speed is unknown, defaulting to 1000 [ 255.322167][ T8585] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1502'. [ 255.474438][ T8589] loop7: detected capacity change from 0 to 16384 [ 255.578562][ T1265] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.584961][ T1265] ieee802154 phy1 wpan1: encryption failed: -22 [ 255.587655][ T8566] rdma_rxe: rxe_register_device failed with error -23 [ 255.630141][ T8593] loop3: detected capacity change from 0 to 512 [ 255.635689][ T8566] rdma_rxe: failed to add lo [ 255.672336][ T8593] EXT4-fs error (device loop3): ext4_orphan_get:1400: inode #15: comm syz.3.1505: casefold flag without casefold feature [ 255.698914][ T8593] EXT4-fs error (device loop3): ext4_orphan_get:1405: comm syz.3.1505: couldn't read orphan inode 15 (err -117) [ 255.725514][ T8591] loop7: detected capacity change from 16384 to 16383 [ 255.733414][ T8593] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 255.881773][ T8599] IPVS: wrr: UDP 224.0.0.2:0 - no destination available [ 256.018659][ T4252] EXT4-fs (loop3): unmounting filesystem. [ 256.273406][ T8607] netlink: 'syz.3.1507': attribute type 4 has an invalid length. [ 256.602924][ T8615] loop4: detected capacity change from 0 to 128 [ 256.804337][ T8623] loop1: detected capacity change from 0 to 512 [ 256.830974][ T8623] EXT4-fs error (device loop1): ext4_orphan_get:1400: inode #15: comm syz.1.1517: casefold flag without casefold feature [ 256.848863][ T8623] EXT4-fs error (device loop1): ext4_orphan_get:1405: comm syz.1.1517: couldn't read orphan inode 15 (err -117) [ 256.870226][ T8623] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 256.951043][ T4251] EXT4-fs (loop1): unmounting filesystem. [ 256.978445][ T8630] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1521'. [ 257.063926][ T8632] netlink: 'syz.2.1522': attribute type 4 has an invalid length. [ 257.218830][ T8641] loop2: detected capacity change from 0 to 128 [ 257.269238][ T8644] loop7: detected capacity change from 0 to 16384 [ 257.475607][ T26] kauditd_printk_skb: 41 callbacks suppressed [ 257.475625][ T26] audit: type=1800 audit(1734599806.389:3188): pid=8646 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1513" name="bus" dev="loop4" ino=1048631 res=0 errno=0 [ 257.654931][ T8648] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1525'. [ 258.335964][ T8650] loop7: detected capacity change from 16384 to 16383 [ 258.451809][ T8662] loop2: detected capacity change from 0 to 512 [ 258.517802][ T8662] EXT4-fs error (device loop2): ext4_orphan_get:1400: inode #15: comm syz.2.1531: casefold flag without casefold feature [ 258.541029][ T8662] EXT4-fs error (device loop2): ext4_orphan_get:1405: comm syz.2.1531: couldn't read orphan inode 15 (err -117) [ 258.544150][ T8668] rdma_rxe: rxe_register_device failed with error -23 [ 258.553473][ T8662] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 258.604239][ T8668] rdma_rxe: failed to add sit0 [ 258.686161][ T26] audit: type=1326 audit(1734599807.629:3189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8667 comm="syz.4.1532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3cfdb85d29 code=0x7ffc0000 [ 258.728553][ T26] audit: type=1326 audit(1734599807.629:3190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8667 comm="syz.4.1532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3cfdb85d29 code=0x7ffc0000 [ 258.757094][ T8668] tipc: Enabling of bearer rejected, already enabled [ 258.771050][ T8664] lo speed is unknown, defaulting to 1000 [ 258.803088][ T4260] EXT4-fs (loop2): unmounting filesystem. [ 258.813185][ T26] audit: type=1326 audit(1734599807.649:3191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8667 comm="syz.4.1532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f3cfdb85d29 code=0x7ffc0000 [ 258.905492][ T26] audit: type=1326 audit(1734599807.649:3192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8667 comm="syz.4.1532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3cfdb85d29 code=0x7ffc0000 [ 258.926880][ T8675] netlink: 'syz.3.1534': attribute type 3 has an invalid length. [ 258.960776][ T8676] netlink: 'syz.2.1536': attribute type 4 has an invalid length. [ 258.972601][ T26] audit: type=1326 audit(1734599807.649:3193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8667 comm="syz.4.1532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f3cfdb87c47 code=0x7ffc0000 [ 258.979992][ T8675] netlink: 132 bytes leftover after parsing attributes in process `syz.3.1534'. [ 259.051812][ T26] audit: type=1326 audit(1734599807.649:3194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8667 comm="syz.4.1532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7f3cfdb87bbc code=0x7ffc0000 [ 259.139459][ T26] audit: type=1326 audit(1734599807.649:3195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8667 comm="syz.4.1532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f3cfdb87af4 code=0x7ffc0000 [ 259.227521][ T26] audit: type=1326 audit(1734599807.649:3196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8667 comm="syz.4.1532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f3cfdb87af4 code=0x7ffc0000 [ 259.295494][ T26] audit: type=1326 audit(1734599807.649:3197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8667 comm="syz.4.1532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f3cfdb8498a code=0x7ffc0000 [ 259.390678][ T8689] loop1: detected capacity change from 0 to 128 [ 259.437235][ T8664] sit0 speed is unknown, defaulting to 1000 [ 259.802816][ T8701] loop2: detected capacity change from 0 to 256 [ 259.974852][ T8695] siw: device registration error -23 [ 260.152021][ T8705] loop7: detected capacity change from 0 to 16384 [ 260.215910][ T8709] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 32 prio class 2 [ 260.368347][ T8711] netlink: 'syz.2.1549': attribute type 4 has an invalid length. [ 260.565347][ T8714] netdevsim netdevsim2: loading /lib/firmware/. failed with error -22 [ 260.588814][ T8714] netdevsim netdevsim2: Direct firmware load for . failed with error -22 [ 260.606130][ T8714] netdevsim netdevsim2: Falling back to sysfs fallback for: . [ 260.645507][ T8705] loop7: detected capacity change from 16384 to 16383 [ 261.056957][ T8721] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1553'. [ 261.107485][ T8723] IPVS: sync thread started: state = BACKUP, mcast_ifn = vcan0, syncid = 0, id = 0 [ 261.293237][ T8725] netlink: 'syz.4.1554': attribute type 10 has an invalid length. [ 261.562459][ T8727] netlink: 100 bytes leftover after parsing attributes in process `syz.4.1555'. [ 261.905610][ T4296] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 261.920975][ T8741] loop4: detected capacity change from 0 to 128 [ 261.937326][ T8743] loop3: detected capacity change from 0 to 128 [ 263.437140][ T8749] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1563'. [ 263.682567][ T26] kauditd_printk_skb: 34 callbacks suppressed [ 263.682603][ T26] audit: type=1326 audit(1734599812.619:3232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8744 comm="syz.0.1564" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc371185d29 code=0x7ffc0000 [ 263.808327][ T4296] usb 3-1: New USB device found, idVendor=045e, idProduct=00f4, bcdDevice=d5.51 [ 263.818214][ T4296] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 263.836581][ T4296] usb 3-1: config 0 descriptor?? [ 263.887355][ T4296] gspca_main: gspca_sn9c20x-2.14.0 probing 045e:00f4 [ 263.975035][ T8758] IPVS: wrr: UDP 224.0.0.2:0 - no destination available [ 264.104341][ T4296] gspca_sn9c20x: Write register 1000 failed -71 [ 264.113138][ T4296] gspca_sn9c20x: Device initialization failed [ 264.133417][ T4296] gspca_sn9c20x: probe of 3-1:0.0 failed with error -71 [ 264.147658][ T26] audit: type=1326 audit(1734599813.089:3233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8764 comm="syz.3.1570" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f88dd385d29 code=0x7ffc0000 [ 264.181913][ T4296] usb 3-1: USB disconnect, device number 6 [ 264.196700][ T8767] rdma_rxe: rxe_register_device failed with error -23 [ 264.210897][ T26] audit: type=1326 audit(1734599813.089:3234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8764 comm="syz.3.1570" exe="/root/syz-executor" sig=0 arch=c000003e syscall=220 compat=0 ip=0x7f88dd385d29 code=0x7ffc0000 [ 264.213890][ T8767] rdma_rxe: failed to add lo [ 264.274451][ T26] audit: type=1326 audit(1734599813.089:3235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8764 comm="syz.3.1570" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f88dd385d29 code=0x7ffc0000 [ 264.325522][ T26] audit: type=1326 audit(1734599813.109:3236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8764 comm="syz.3.1570" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f88dd385d29 code=0x7ffc0000 [ 264.494685][ T26] audit: type=1326 audit(1734599813.429:3237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8782 comm="syz.0.1577" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc371185d29 code=0x7ffc0000 [ 264.534573][ T8783] Process accounting resumed [ 264.544836][ T8783] kernel write not supported for file /asound/timers (pid: 8783 comm: syz.0.1577) [ 264.559198][ T26] audit: type=1326 audit(1734599813.459:3238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8782 comm="syz.0.1577" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc371185d29 code=0x7ffc0000 [ 264.610502][ T26] audit: type=1326 audit(1734599813.459:3239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8782 comm="syz.0.1577" exe="/root/syz-executor" sig=0 arch=c000003e syscall=29 compat=0 ip=0x7fc371185d29 code=0x7ffc0000 [ 264.664510][ T8786] loop4: detected capacity change from 0 to 128 [ 264.688669][ T26] audit: type=1326 audit(1734599813.459:3240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8782 comm="syz.0.1577" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc371185d29 code=0x7ffc0000 [ 264.894089][ T26] audit: type=1326 audit(1734599813.459:3241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8782 comm="syz.0.1577" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc371185d29 code=0x7ffc0000 [ 265.001529][ T8795] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1578'. [ 265.466545][ T8792] IPVS: wrr: UDP 224.0.0.2:0 - no destination available [ 265.931548][ T8808] rdma_rxe: already configured on lo [ 266.060243][ T8812] loop7: detected capacity change from 0 to 16384 [ 266.315661][ T8817] loop7: detected capacity change from 16384 to 16383 [ 266.545568][ T4296] usb 3-1: new high-speed USB device number 7 using dummy_hcd [ 266.737234][ T4296] usb 3-1: New USB device found, idVendor=045e, idProduct=00f4, bcdDevice=d5.51 [ 266.766835][ T4296] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 266.786379][ T4296] usb 3-1: config 0 descriptor?? [ 266.804087][ T4296] gspca_main: gspca_sn9c20x-2.14.0 probing 045e:00f4 [ 267.010329][ T4296] gspca_sn9c20x: Write register 1000 failed -71 [ 267.025621][ T4296] gspca_sn9c20x: Device initialization failed [ 267.041996][ T4296] gspca_sn9c20x: probe of 3-1:0.0 failed with error -71 [ 267.071652][ T4296] usb 3-1: USB disconnect, device number 7 [ 267.241688][ T8847] loop3: detected capacity change from 0 to 128 [ 267.266618][ T8845] lo speed is unknown, defaulting to 1000 [ 267.354968][ T8845] sit0 speed is unknown, defaulting to 1000 [ 268.248165][ T8854] loop4: detected capacity change from 0 to 512 [ 268.331032][ T8854] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e842c11c, mo2=0002] [ 268.367006][ T8854] System zones: 0-2, 18-18, 34-34 [ 268.421857][ T8854] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.1601: bg 0: block 248: padding at end of block bitmap is not set [ 268.471566][ T8854] EXT4-fs error (device loop4): ext4_acquire_dquot:6794: comm syz.4.1601: Failed to acquire dquot type 1 [ 268.531274][ T8854] EXT4-fs (loop4): 1 truncate cleaned up [ 268.547427][ T8854] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 268.569237][ T8854] ext4 filesystem being mounted at /322/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 268.846617][ T8854] syz.4.1601 (8854) used greatest stack depth: 18712 bytes left [ 268.938658][ T4253] EXT4-fs (loop4): unmounting filesystem. [ 268.986252][ T8890] netlink: 'syz.2.1614': attribute type 1 has an invalid length. [ 269.012213][ T26] kauditd_printk_skb: 16 callbacks suppressed [ 269.012228][ T26] audit: type=1326 audit(1734599817.949:3256): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=unconfined pid=8888 comm="syz.1.1615" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ae8185d29 code=0x7ffc0000 [ 269.142193][ T26] audit: type=1326 audit(1734599817.949:3257): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=unconfined pid=8888 comm="syz.1.1615" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ae8185d29 code=0x7ffc0000 [ 269.235289][ T26] audit: type=1326 audit(1734599817.949:3258): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=unconfined pid=8888 comm="syz.1.1615" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3ae8185d29 code=0x7ffc0000 [ 269.298961][ T26] audit: type=1326 audit(1734599817.949:3259): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=unconfined pid=8888 comm="syz.1.1615" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ae8185d29 code=0x7ffc0000 [ 269.352430][ T26] audit: type=1326 audit(1734599817.949:3260): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=unconfined pid=8888 comm="syz.1.1615" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ae8185d29 code=0x7ffc0000 [ 269.389914][ T26] audit: type=1326 audit(1734599817.949:3261): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=unconfined pid=8888 comm="syz.1.1615" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3ae8185d29 code=0x7ffc0000 [ 269.418757][ T26] audit: type=1326 audit(1734599817.989:3262): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=unconfined pid=8888 comm="syz.1.1615" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ae8185d29 code=0x7ffc0000 [ 269.425604][ T7594] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 269.453734][ T26] audit: type=1326 audit(1734599818.009:3263): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=unconfined pid=8888 comm="syz.1.1615" exe="/root/syz-executor" sig=0 arch=c000003e syscall=252 compat=0 ip=0x7f3ae8185d29 code=0x7ffc0000 [ 269.481930][ T26] audit: type=1326 audit(1734599818.009:3264): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=unconfined pid=8888 comm="syz.1.1615" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ae8185d29 code=0x7ffc0000 [ 269.529679][ T26] audit: type=1326 audit(1734599818.009:3265): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=unconfined pid=8888 comm="syz.1.1615" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ae8185d29 code=0x7ffc0000 [ 269.657394][ T7594] usb 5-1: New USB device found, idVendor=045e, idProduct=00f4, bcdDevice=d5.51 [ 269.669282][ T8914] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1625'. [ 269.683021][ T7594] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 269.699876][ T7594] usb 5-1: config 0 descriptor?? [ 269.714071][ T8916] netlink: 'syz.0.1627': attribute type 4 has an invalid length. [ 269.728244][ T7594] gspca_main: gspca_sn9c20x-2.14.0 probing 045e:00f4 [ 269.924746][ T7594] gspca_sn9c20x: Write register 1000 failed -71 [ 269.933768][ T7594] gspca_sn9c20x: Device initialization failed [ 269.944733][ T8927] loop3: detected capacity change from 0 to 256 [ 269.952816][ T7594] gspca_sn9c20x: probe of 5-1:0.0 failed with error -71 [ 269.976796][ T7594] usb 5-1: USB disconnect, device number 5 [ 270.342693][ T8944] device batadv0 entered promiscuous mode [ 270.370321][ T8944] device netdevsim0 entered promiscuous mode [ 270.396628][ T8944] hsr1: Slave A (batadv0) is not up; please bring it up to get a fully working HSR network [ 270.415362][ T8944] hsr1: Slave B (netdevsim0) is not up; please bring it up to get a fully working HSR network [ 270.428507][ T8947] netlink: 'syz.1.1640': attribute type 4 has an invalid length. [ 270.759014][ T8960] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1645'. [ 270.804107][ T8958] lo speed is unknown, defaulting to 1000 [ 270.892542][ T8958] sit0 speed is unknown, defaulting to 1000 [ 271.204660][ T8982] netlink: 'syz.0.1655': attribute type 4 has an invalid length. [ 271.255252][ T8984] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1656'. [ 271.375065][ T8988] IPVS: wrr: UDP 224.0.0.2:0 - no destination available [ 271.445510][ T7594] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 271.637355][ T7594] usb 4-1: New USB device found, idVendor=045e, idProduct=00f4, bcdDevice=d5.51 [ 271.653909][ T7594] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 271.670808][ T7594] usb 4-1: config 0 descriptor?? [ 271.677252][ T8996] loop2: detected capacity change from 0 to 1024 [ 271.690306][ T7594] gspca_main: gspca_sn9c20x-2.14.0 probing 045e:00f4 [ 271.703502][ T8998] device syzkaller1 entered promiscuous mode [ 271.714381][ T8996] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 271.857388][ T4260] EXT4-fs (loop2): unmounting filesystem. [ 271.883595][ T9007] serio: Serial port ptm0 [ 271.890647][ T7594] gspca_sn9c20x: Write register 1000 failed -71 [ 271.909639][ T7594] gspca_sn9c20x: Device initialization failed [ 271.917301][ T7594] gspca_sn9c20x: probe of 4-1:0.0 failed with error -71 [ 271.950616][ T7594] usb 4-1: USB disconnect, device number 5 [ 271.995062][ T9012] netlink: 'syz.2.1668': attribute type 4 has an invalid length. [ 272.070453][ T9016] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1670'. [ 272.191175][ T9026] IPVS: wrr: UDP 224.0.0.2:0 - no destination available [ 272.222111][ T9030] netlink: 'syz.4.1675': attribute type 1 has an invalid length. [ 272.407982][ T9040] device syzkaller1 entered promiscuous mode [ 272.757453][ T9056] loop3: detected capacity change from 0 to 128 [ 272.980765][ T9062] IPVS: wrr: UDP 224.0.0.2:0 - no destination available [ 273.159310][ T9066] loop4: detected capacity change from 0 to 256 [ 273.228071][ T9066] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 196) [ 273.251364][ T9066] FAT-fs (loop4): Filesystem has been set read-only [ 273.270957][ T9066] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 196) [ 273.307567][ T9066] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 196) [ 273.325547][ T9066] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 196) [ 273.354483][ T9066] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 196) [ 273.381475][ T9066] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 196) [ 273.408925][ T9066] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 196) [ 273.428924][ T9066] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 196) [ 273.449009][ T9066] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 196) [ 273.486755][ T9066] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 196) [ 273.590869][ T9074] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1693'. [ 273.772209][ T9077] device syzkaller1 entered promiscuous mode [ 273.795064][ T9079] loop4: detected capacity change from 0 to 1024 [ 273.830775][ T9079] EXT4-fs: Ignoring removed nomblk_io_submit option [ 273.860930][ T9079] ext4: Unknown parameter 'smackfshat' [ 273.940119][ T9079] netlink: 'syz.4.1694': attribute type 4 has an invalid length. [ 274.192996][ T9090] netlink: 'syz.4.1700': attribute type 1 has an invalid length. [ 274.325071][ T9091] lo speed is unknown, defaulting to 1000 [ 274.574462][ T9091] sit0 speed is unknown, defaulting to 1000 [ 274.648286][ T9109] device syzkaller1 entered promiscuous mode [ 274.762930][ T9114] device syzkaller0 entered promiscuous mode [ 275.072480][ T9125] loop4: detected capacity change from 0 to 128 [ 275.430883][ T26] kauditd_printk_skb: 29 callbacks suppressed [ 275.430898][ T26] audit: type=1800 audit(1734599824.369:3295): pid=9131 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1715" name="bus" dev="loop4" ino=1048639 res=0 errno=0 [ 277.201350][ T9156] netlink: 'syz.1.1725': attribute type 1 has an invalid length. [ 277.220167][ T9155] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1728'. [ 277.294474][ T9160] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready [ 277.330226][ T9160] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready [ 277.425753][ T9160] infiniband syz2: set active [ 277.443070][ T9160] infiniband syz2: set active [ 277.457304][ T9160] infiniband syz2: set active [ 277.473312][ T26] audit: type=1326 audit(1734599826.409:3296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9170 comm="syz.2.1732" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feed4385d29 code=0x7ffc0000 [ 277.493594][ T9160] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 277.515970][ T9160] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 277.533309][ T26] audit: type=1326 audit(1734599826.439:3297): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9170 comm="syz.2.1732" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feed4385d29 code=0x7ffc0000 [ 277.536222][ T9160] bridge0: port 3(bond0) entered blocking state [ 277.562045][ T9160] bridge0: port 3(bond0) entered forwarding state [ 277.595258][ T9160] 8021q: adding VLAN 0 to HW filter on device bond0 [ 277.621085][ T9160] 8021q: adding VLAN 0 to HW filter on device team0 [ 277.622128][ T26] audit: type=1326 audit(1734599826.439:3298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9170 comm="syz.2.1732" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7feed4385d29 code=0x7ffc0000 [ 277.653713][ T9160] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 277.682880][ T26] audit: type=1326 audit(1734599826.439:3299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9170 comm="syz.2.1732" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feed4385d29 code=0x7ffc0000 [ 277.719470][ T3518] sit0 speed is unknown, defaulting to 1000 [ 277.719543][ T4409] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 277.750159][ T8051] sit0 speed is unknown, defaulting to 1000 [ 277.755131][ T26] audit: type=1326 audit(1734599826.439:3300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9170 comm="syz.2.1732" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feed4385d29 code=0x7ffc0000 [ 277.786299][ T7597] sit0 speed is unknown, defaulting to 1000 [ 277.792485][ T3518] sit0 speed is unknown, defaulting to 1000 [ 277.799642][ T26] audit: type=1326 audit(1734599826.439:3301): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9170 comm="syz.2.1732" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7feed4385d29 code=0x7ffc0000 [ 277.893096][ T26] audit: type=1326 audit(1734599826.439:3302): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9170 comm="syz.2.1732" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feed4385d29 code=0x7ffc0000 [ 277.942902][ T26] audit: type=1326 audit(1734599826.439:3303): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9170 comm="syz.2.1732" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feed4385d29 code=0x7ffc0000 [ 277.996169][ T26] audit: type=1326 audit(1734599826.439:3304): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9170 comm="syz.2.1732" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7feed4385d29 code=0x7ffc0000 [ 278.170151][ T9196] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1742'. [ 278.397155][ T9208] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 278.792402][ T9226] netlink: 'syz.3.1755': attribute type 1 has an invalid length. [ 279.319257][ T9240] loop7: detected capacity change from 0 to 16384 [ 279.340124][ T9242] netlink: 'syz.0.1761': attribute type 4 has an invalid length. [ 279.555589][ T9243] loop7: detected capacity change from 16384 to 16383 [ 280.466006][ T9272] netlink: 'syz.0.1772': attribute type 4 has an invalid length. [ 280.804601][ T9284] loop3: detected capacity change from 0 to 128 [ 281.014350][ T26] kauditd_printk_skb: 8 callbacks suppressed [ 281.014364][ T26] audit: type=1800 audit(1734599829.949:3313): pid=9284 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1777" name="bus" dev="loop3" ino=1048640 res=0 errno=0 [ 281.215153][ T9290] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1779'. [ 281.264141][ T9290] mmap: syz.4.1779 (9290) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 281.818089][ T9319] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1790'. [ 282.346169][ T26] audit: type=1326 audit(1734599831.289:3314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9347 comm="syz.2.1803" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feed4385d29 code=0x7ffc0000 [ 282.399725][ T26] audit: type=1326 audit(1734599831.289:3315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9347 comm="syz.2.1803" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feed4385d29 code=0x7ffc0000 [ 282.485871][ T26] audit: type=1326 audit(1734599831.309:3316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9347 comm="syz.2.1803" exe="/root/syz-executor" sig=0 arch=c000003e syscall=237 compat=0 ip=0x7feed4385d29 code=0x7ffc0000 [ 282.539926][ T26] audit: type=1326 audit(1734599831.309:3317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9347 comm="syz.2.1803" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feed4385d29 code=0x7ffc0000 [ 282.560171][ T9357] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1807'. [ 282.562279][ C0] vkms_vblank_simulate: vblank timer overrun [ 282.665619][ T26] audit: type=1326 audit(1734599831.309:3318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9347 comm="syz.2.1803" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feed4385d29 code=0x7ffc0000 [ 282.735661][ T7597] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 282.967730][ T7597] usb 1-1: New USB device found, idVendor=045e, idProduct=00f4, bcdDevice=d5.51 [ 282.999791][ T7597] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 283.027533][ T7597] usb 1-1: config 0 descriptor?? [ 283.042572][ T7597] gspca_main: gspca_sn9c20x-2.14.0 probing 045e:00f4 [ 283.125271][ T9381] loop2: detected capacity change from 0 to 512 [ 283.143662][ T9381] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 283.162858][ T9381] EXT4-fs (loop2): orphan cleanup on readonly fs [ 283.170698][ T9381] EXT4-fs (loop2): 1 truncate cleaned up [ 283.176486][ T9381] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 283.227100][ T4260] EXT4-fs (loop2): unmounting filesystem. [ 283.256781][ T7597] gspca_sn9c20x: Write register 1000 failed -71 [ 283.263073][ T7597] gspca_sn9c20x: Device initialization failed [ 283.275151][ T7597] gspca_sn9c20x: probe of 1-1:0.0 failed with error -71 [ 283.305649][ T7597] usb 1-1: USB disconnect, device number 4 [ 283.347027][ T9390] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1822'. [ 283.482358][ T9397] loop3: detected capacity change from 0 to 128 [ 283.870887][ T9409] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1825'. [ 284.667845][ T26] audit: type=1326 audit(1734599833.609:3319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9422 comm="syz.1.1831" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ae8185d29 code=0x7ffc0000 [ 284.720794][ T26] audit: type=1326 audit(1734599833.609:3320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9422 comm="syz.1.1831" exe="/root/syz-executor" sig=0 arch=c000003e syscall=272 compat=0 ip=0x7f3ae8185d29 code=0x7ffc0000 [ 284.748905][ T26] audit: type=1326 audit(1734599833.609:3321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9422 comm="syz.1.1831" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ae8185d29 code=0x7ffc0000 [ 284.775753][ T26] audit: type=1326 audit(1734599833.609:3322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9422 comm="syz.1.1831" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ae8185d29 code=0x7ffc0000 [ 284.881364][ T9436] netlink: 16402 bytes leftover after parsing attributes in process `syz.4.1836'. [ 284.910538][ T9430] netlink: 16402 bytes leftover after parsing attributes in process `syz.4.1836'. [ 285.134818][ T9450] rdma_rxe: rxe_register_device failed with error -23 [ 285.146601][ T9450] rdma_rxe: failed to add sit0 [ 285.164165][ T9450] tipc: Enabling of bearer rejected, already enabled [ 285.295507][ T7594] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 285.487057][ T7594] usb 1-1: New USB device found, idVendor=045e, idProduct=00f4, bcdDevice=d5.51 [ 285.506131][ T7594] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 285.531685][ T7594] usb 1-1: config 0 descriptor?? [ 285.545898][ T7594] gspca_main: gspca_sn9c20x-2.14.0 probing 045e:00f4 [ 285.663719][ T9481] rdma_rxe: already configured on sit0 [ 285.674430][ T9481] tipc: Enabling of bearer rejected, already enabled [ 285.756934][ T7594] gspca_sn9c20x: Write register 1000 failed -71 [ 285.763247][ T7594] gspca_sn9c20x: Device initialization failed [ 285.800286][ T7594] gspca_sn9c20x: probe of 1-1:0.0 failed with error -71 [ 285.835363][ T7594] usb 1-1: USB disconnect, device number 5 [ 286.180260][ T9505] netlink: 'syz.3.1865': attribute type 1 has an invalid length. [ 286.336507][ T9518] rdma_rxe: rxe_register_device failed with error -23 [ 286.367805][ T9518] rdma_rxe: failed to add sit0 [ 286.400100][ T26] kauditd_printk_skb: 54 callbacks suppressed [ 286.400114][ T26] audit: type=1326 audit(1734599835.339:3377): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9517 comm="syz.0.1870" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc371185d29 code=0x7ffc0000 [ 286.409151][ T9518] tipc: Enabling of bearer rejected, already enabled [ 286.450395][ T9520] loop3: detected capacity change from 0 to 512 [ 286.471175][ T26] audit: type=1326 audit(1734599835.339:3378): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9517 comm="syz.0.1870" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fc371185d29 code=0x7ffc0000 [ 286.501031][ T9520] EXT4-fs error (device loop3): ext4_orphan_get:1400: inode #15: comm syz.3.1871: casefold flag without casefold feature [ 286.520383][ T9520] EXT4-fs error (device loop3): ext4_orphan_get:1405: comm syz.3.1871: couldn't read orphan inode 15 (err -117) [ 286.561463][ T9520] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 286.597774][ T26] audit: type=1326 audit(1734599835.339:3379): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9517 comm="syz.0.1870" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc371185d29 code=0x7ffc0000 [ 286.620595][ T26] audit: type=1326 audit(1734599835.339:3380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9517 comm="syz.0.1870" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fc371187c47 code=0x7ffc0000 [ 286.643728][ T26] audit: type=1326 audit(1734599835.339:3381): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9517 comm="syz.0.1870" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7fc371187bbc code=0x7ffc0000 [ 286.666350][ T26] audit: type=1326 audit(1734599835.339:3382): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9517 comm="syz.0.1870" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7fc371187af4 code=0x7ffc0000 [ 286.707794][ T4252] EXT4-fs (loop3): unmounting filesystem. [ 286.713708][ T26] audit: type=1326 audit(1734599835.339:3383): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9517 comm="syz.0.1870" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7fc371187af4 code=0x7ffc0000 [ 286.780108][ T26] audit: type=1326 audit(1734599835.339:3384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9517 comm="syz.0.1870" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fc37118498a code=0x7ffc0000 [ 286.849253][ T26] audit: type=1326 audit(1734599835.339:3385): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9517 comm="syz.0.1870" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc371185d29 code=0x7ffc0000 [ 286.877704][ T26] audit: type=1326 audit(1734599835.349:3386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9517 comm="syz.0.1870" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fc371185d29 code=0x7ffc0000 [ 286.959522][ T9533] loop2: detected capacity change from 0 to 2048 [ 286.979304][ T9533] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 287.032944][ T9531] lo speed is unknown, defaulting to 1000 [ 287.115871][ T9533] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 287.121581][ T9531] sit0 speed is unknown, defaulting to 1000 [ 287.201305][ T9533] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 8 with error 28 [ 287.250290][ T9533] EXT4-fs (loop2): This should not happen!! Data will be lost [ 287.250290][ T9533] [ 287.260421][ T9533] EXT4-fs (loop2): Total free blocks count 0 [ 287.335514][ T9533] EXT4-fs (loop2): Free/Dirty block details [ 287.342402][ T9533] EXT4-fs (loop2): free_blocks=2415919104 [ 287.414509][ T9533] EXT4-fs (loop2): dirty_blocks=16 [ 287.428725][ T9533] EXT4-fs (loop2): Block reservation details [ 287.445720][ T9533] EXT4-fs (loop2): i_reserved_data_blocks=1 [ 287.503766][ T9542] netlink: 44 bytes leftover after parsing attributes in process `syz.3.1879'. [ 287.543403][ T9546] x_tables: duplicate underflow at hook 1 [ 287.579752][ T9546] debugfs: Directory 'ttyS3' with parent 'caif_serial' already present! [ 287.610015][ T4260] EXT4-fs (loop2): unmounting filesystem. [ 287.798740][ T7594] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 287.872006][ T9562] netlink: 'syz.2.1882': attribute type 4 has an invalid length. [ 287.881118][ T9553] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 287.891594][ T9553] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 287.989719][ T7594] usb 1-1: New USB device found, idVendor=045e, idProduct=00f4, bcdDevice=d5.51 [ 288.004648][ T7594] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 288.026343][ T7594] usb 1-1: config 0 descriptor?? [ 288.034549][ T7594] gspca_main: gspca_sn9c20x-2.14.0 probing 045e:00f4 [ 288.080675][ T9568] rdma_rxe: already configured on sit0 [ 288.082093][ T9570] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1886'. [ 288.401688][ T9568] tipc: Enabling of bearer rejected, already enabled [ 288.412781][ T7594] gspca_sn9c20x: Write register 1000 failed -71 [ 288.425485][ T7594] gspca_sn9c20x: Device initialization failed [ 288.438125][ T7594] gspca_sn9c20x: probe of 1-1:0.0 failed with error -71 [ 288.458728][ T7594] usb 1-1: USB disconnect, device number 6 [ 288.604042][ T9574] team0 (unregistering): Port device team_slave_0 removed [ 288.627899][ T9577] netlink: 'syz.1.1887': attribute type 1 has an invalid length. [ 288.898140][ T9592] netlink: 'syz.2.1893': attribute type 4 has an invalid length. [ 289.067554][ T9601] loop1: detected capacity change from 0 to 128 [ 289.392627][ T9609] lo speed is unknown, defaulting to 1000 [ 289.506321][ T9609] sit0 speed is unknown, defaulting to 1000 [ 290.755509][ T3894] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 290.779980][ T9645] loop3: detected capacity change from 0 to 512 [ 290.846398][ T9651] loop1: detected capacity change from 0 to 128 [ 290.863801][ T9645] EXT4-fs error (device loop3): ext4_xattr_inode_iget:404: comm syz.3.1913: inode #1: comm syz.3.1913: iget: illegal inode # [ 290.890775][ T9652] siw: device registration error -23 [ 290.906334][ T9651] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 290.920074][ T9651] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 290.920329][ T9645] EXT4-fs error (device loop3): ext4_xattr_inode_iget:409: comm syz.3.1913: error while reading EA inode 1 err=-117 [ 290.949342][ T9651] xt_hashlimit: size too large, truncated to 1048576 [ 290.960830][ T9645] EXT4-fs error (device loop3): ext4_xattr_inode_iget:404: comm syz.3.1913: inode #1: comm syz.3.1913: iget: illegal inode # [ 290.981020][ T9645] EXT4-fs error (device loop3): ext4_xattr_inode_iget:409: comm syz.3.1913: error while reading EA inode 1 err=-117 [ 291.013263][ T3894] usb 1-1: New USB device found, idVendor=045e, idProduct=00f4, bcdDevice=d5.51 [ 291.024631][ T3894] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 291.042492][ T9645] EXT4-fs (loop3): 1 orphan inode deleted [ 291.070774][ T3894] usb 1-1: config 0 descriptor?? [ 291.079371][ T9645] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 291.115194][ T3894] gspca_main: gspca_sn9c20x-2.14.0 probing 045e:00f4 [ 291.311729][ T3894] gspca_sn9c20x: Write register 1000 failed -71 [ 291.325247][ T3894] gspca_sn9c20x: Device initialization failed [ 291.342125][ T3894] gspca_sn9c20x: probe of 1-1:0.0 failed with error -71 [ 291.356269][ T3894] usb 1-1: USB disconnect, device number 7 [ 292.093560][ T26] kauditd_printk_skb: 31 callbacks suppressed [ 292.093574][ T26] audit: type=1326 audit(1734599841.029:3418): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9670 comm="syz.2.1924" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feed4385d29 code=0x7ffc0000 [ 292.162934][ T26] audit: type=1326 audit(1734599841.029:3419): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9670 comm="syz.2.1924" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feed4385d29 code=0x7ffc0000 [ 292.235477][ T26] audit: type=1326 audit(1734599841.029:3420): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9670 comm="syz.2.1924" exe="/root/syz-executor" sig=0 arch=c000003e syscall=237 compat=0 ip=0x7feed4385d29 code=0x7ffc0000 [ 292.285480][ T26] audit: type=1326 audit(1734599841.029:3421): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9670 comm="syz.2.1924" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feed4385d29 code=0x7ffc0000 [ 292.338370][ T26] audit: type=1326 audit(1734599841.029:3422): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9670 comm="syz.2.1924" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feed4385d29 code=0x7ffc0000 [ 292.401351][ T26] audit: type=1800 audit(1734599841.329:3423): pid=9680 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1927" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0 [ 293.416728][ T4252] EXT4-fs (loop3): unmounting filesystem. [ 293.554998][ T9686] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1928'. [ 293.803786][ T9693] netlink: 84 bytes leftover after parsing attributes in process `syz.3.1932'. [ 293.833246][ T9693] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1932'. [ 293.865618][ T9693] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1932'. [ 294.042623][ T9701] rdma_rxe: already configured on sit0 [ 294.073017][ T26] audit: type=1326 audit(1734599843.009:3424): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9702 comm="syz.0.1936" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc371185d29 code=0x7ffc0000 [ 294.080712][ T9701] tipc: Enabling of bearer rejected, already enabled [ 294.138113][ T26] audit: type=1326 audit(1734599843.009:3425): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9702 comm="syz.0.1936" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc371185d29 code=0x7ffc0000 [ 294.209865][ T26] audit: type=1326 audit(1734599843.009:3426): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9700 comm="syz.3.1935" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f88dd385d29 code=0x7ffc0000 [ 294.269552][ T9715] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1940'. [ 294.355501][ T26] audit: type=1326 audit(1734599843.009:3427): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9700 comm="syz.3.1935" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f88dd385d29 code=0x7ffc0000 [ 294.493045][ T9724] IPVS: wrr: UDP 224.0.0.2:0 - no destination available [ 294.642829][ T9731] loop2: detected capacity change from 0 to 128 [ 294.998076][ T9739] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1946'. [ 295.753408][ T9744] rdma_rxe: rxe_register_device failed with error -23 [ 295.779962][ T9744] rdma_rxe: failed to add sit0 [ 295.794421][ T9749] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1952'. [ 295.832201][ T9744] tipc: Enabling of bearer rejected, already enabled [ 295.871798][ T9751] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1951'. [ 296.099071][ T9758] netlink: 'syz.2.1955': attribute type 1 has an invalid length. [ 296.575244][ T9780] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1963'. [ 296.871080][ T9786] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1962'. [ 297.545615][ T26] kauditd_printk_skb: 55 callbacks suppressed [ 297.545631][ T26] audit: type=1326 audit(1734599846.479:3483): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9788 comm="syz.2.1965" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feed4385d29 code=0x7ffc0000 [ 297.644719][ T26] audit: type=1326 audit(1734599846.479:3484): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9788 comm="syz.2.1965" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feed4385d29 code=0x7ffc0000 [ 297.729808][ T26] audit: type=1326 audit(1734599846.529:3485): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9788 comm="syz.2.1965" exe="/root/syz-executor" sig=0 arch=c000003e syscall=158 compat=0 ip=0x7feed4385d29 code=0x7ffc0000 [ 297.780250][ T9796] loop2: detected capacity change from 0 to 164 [ 297.815971][ T26] audit: type=1326 audit(1734599846.529:3486): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9788 comm="syz.2.1965" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feed4385d29 code=0x7ffc0000 [ 297.854003][ T26] audit: type=1326 audit(1734599846.529:3487): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9788 comm="syz.2.1965" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feed4385d29 code=0x7ffc0000 [ 297.909752][ T26] audit: type=1326 audit(1734599846.529:3488): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9788 comm="syz.2.1965" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7feed4385d29 code=0x7ffc0000 [ 297.987406][ T26] audit: type=1326 audit(1734599846.529:3489): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9788 comm="syz.2.1965" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feed4385d29 code=0x7ffc0000 [ 298.037658][ T9802] serio: Serial port ptm0 [ 298.042625][ T26] audit: type=1326 audit(1734599846.529:3490): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9788 comm="syz.2.1965" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feed4385d29 code=0x7ffc0000 [ 298.145758][ T26] audit: type=1326 audit(1734599846.539:3491): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9788 comm="syz.2.1965" exe="/root/syz-executor" sig=0 arch=c000003e syscall=141 compat=0 ip=0x7feed4385d29 code=0x7ffc0000 [ 298.217815][ T26] audit: type=1326 audit(1734599846.539:3492): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9788 comm="syz.2.1965" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feed4385d29 code=0x7ffc0000 [ 298.249587][ T9812] rdma_rxe: rxe_register_device failed with error -23 [ 298.264803][ T9814] loop4: detected capacity change from 0 to 256 [ 298.265642][ T9812] rdma_rxe: failed to add sit0 [ 298.304699][ T9812] tipc: Enabling of bearer rejected, already enabled [ 298.346596][ T9814] 0ªX¹¦À: renamed from caif0 [ 298.385611][ T9814] A link change request failed with some changes committed already. Interface 60ªX¹¦À may have been left with an inconsistent configuration, please check. [ 298.390029][ T9818] IPVS: wrr: UDP 224.0.0.2:0 - no destination available [ 298.464512][ T9823] loop1: detected capacity change from 0 to 128 [ 298.493035][ T9823] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 298.525219][ T9823] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 298.569489][ T9823] xt_hashlimit: size too large, truncated to 1048576 [ 298.611203][ T9829] loop3: detected capacity change from 0 to 128 [ 298.655994][ T9833] x_tables: duplicate underflow at hook 1 [ 298.908021][ T9841] rdma_op ffff888079ecc9f0 conn xmit_rdma 0000000000000000 [ 300.416094][ T9840] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 300.455673][ T9840] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 300.862722][ T9854] lo speed is unknown, defaulting to 1000 [ 301.322878][ T9854] sit0 speed is unknown, defaulting to 1000 [ 302.068894][ T9875] loop2: detected capacity change from 0 to 128 [ 302.284661][ T9881] device syzkaller1 entered promiscuous mode [ 302.408742][ T9886] syz.0.2003[9886] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 302.408837][ T9886] syz.0.2003[9886] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 302.465205][ T9890] IPVS: wrr: UDP 224.0.0.2:0 - no destination available [ 304.593296][ T9928] IPVS: wrr: UDP 224.0.0.2:0 - no destination available [ 305.008005][ T9940] device syzkaller1 entered promiscuous mode [ 305.114276][ T26] kauditd_printk_skb: 41 callbacks suppressed [ 305.114291][ T26] audit: type=1326 audit(1734599854.049:3534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9941 comm="syz.4.2015" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f3cfdb85d29 code=0x0 [ 305.169020][ T9945] __nla_validate_parse: 1 callbacks suppressed [ 305.169038][ T9945] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2015'. [ 305.236753][ T9945] netlink: 44 bytes leftover after parsing attributes in process `syz.4.2015'. [ 305.289917][ T9945] bridge1: the hash_elasticity option has been deprecated and is always 16 [ 305.318784][ T9946] lo speed is unknown, defaulting to 1000 [ 305.489741][ T26] audit: type=1326 audit(1734599854.419:3535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9953 comm="syz.3.2019" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f88dd385d29 code=0x0 [ 305.662479][ T9946] sit0 speed is unknown, defaulting to 1000 [ 305.662538][ T9955] lo speed is unknown, defaulting to 1000 [ 305.825365][ T9966] loop2: detected capacity change from 0 to 128 [ 305.907634][ T26] audit: type=1326 audit(1734599854.849:3536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9967 comm="syz.0.2024" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc371185d29 code=0x7ffc0000 [ 305.960370][ T9969] syz.2.2023: attempt to access beyond end of device [ 305.960370][ T9969] loop2: rw=2049, sector=145, nr_sectors = 264 limit=128 [ 305.965792][ T26] audit: type=1326 audit(1734599854.849:3537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9967 comm="syz.0.2024" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc371185d29 code=0x7ffc0000 [ 306.021823][ T9955] sit0 speed is unknown, defaulting to 1000 [ 306.076178][ T26] audit: type=1326 audit(1734599854.869:3538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9967 comm="syz.0.2024" exe="/root/syz-executor" sig=0 arch=c000003e syscall=237 compat=0 ip=0x7fc371185d29 code=0x7ffc0000 [ 306.135799][ T26] audit: type=1326 audit(1734599854.869:3539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9967 comm="syz.0.2024" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc371185d29 code=0x7ffc0000 [ 306.196127][ T26] audit: type=1326 audit(1734599854.869:3540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9967 comm="syz.0.2024" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc371185d29 code=0x7ffc0000 [ 306.254455][ T9976] device syzkaller1 entered promiscuous mode [ 306.330010][ T9981] loop4: detected capacity change from 0 to 128 [ 306.644689][ T26] audit: type=1800 audit(1734599855.579:3541): pid=9991 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.2029" name="bus" dev="loop4" ino=1048645 res=0 errno=0 [ 307.301163][ T31] kworker/u4:2: attempt to access beyond end of device [ 307.301163][ T31] loop2: rw=1, sector=177, nr_sectors = 1 limit=128 [ 307.380318][ T31] Buffer I/O error on dev loop2, logical block 177, lost async page write [ 307.456116][ T9996] loop4: detected capacity change from 0 to 2048 [ 307.504023][ T9996] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 307.596977][ T4253] EXT4-fs (loop4): unmounting filesystem. [ 307.706944][ T26] audit: type=1326 audit(1734599856.649:3542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10008 comm="syz.4.2036" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3cfdb85d29 code=0x7ffc0000 [ 307.781839][ T26] audit: type=1326 audit(1734599856.649:3543): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10008 comm="syz.4.2036" exe="/root/syz-executor" sig=0 arch=c000003e syscall=237 compat=0 ip=0x7f3cfdb85d29 code=0x7ffc0000 [ 307.817116][ T9999] lo speed is unknown, defaulting to 1000 [ 307.880758][T10014] loop2: detected capacity change from 0 to 1024 [ 308.015828][T10014] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 308.065130][T10027] device syzkaller1 entered promiscuous mode [ 308.098691][T10014] EXT4-fs error (device loop2): __ext4_remount:6610: comm syz.2.2039: Abort forced by user [ 308.105473][T10030] loop4: detected capacity change from 0 to 128 [ 308.145205][T10014] EXT4-fs (loop2): Remounting filesystem read-only [ 308.225941][T10014] EXT4-fs (loop2): re-mounted. Quota mode: none. [ 308.472143][ T4260] EXT4-fs (loop2): unmounting filesystem. [ 308.993152][ T9999] sit0 speed is unknown, defaulting to 1000 [ 309.225686][T10041] ptrace attach of "./syz-executor exec"[10043] was attempted by "./syz-executor exec"[10041] [ 310.040187][T10067] loop2: detected capacity change from 0 to 128 [ 310.219443][T10072] ALSA: seq fatal error: cannot create timer (-22) [ 310.425693][ T26] kauditd_printk_skb: 11 callbacks suppressed [ 310.425783][ T26] audit: type=1800 audit(1734599859.309:3555): pid=10078 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.2057" name="bus" dev="loop2" ino=1048647 res=0 errno=0 [ 311.214267][ T3894] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 311.260205][T10092] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.2064'. [ 311.292997][T10091] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.2064'. [ 311.407808][ T3894] usb 5-1: New USB device found, idVendor=045e, idProduct=00f4, bcdDevice=d5.51 [ 311.426437][ T3894] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 311.453474][ T3894] usb 5-1: config 0 descriptor?? [ 311.473262][ T3894] gspca_main: gspca_sn9c20x-2.14.0 probing 045e:00f4 [ 311.676544][ T3894] gspca_sn9c20x: Write register 1000 failed -71 [ 311.682835][ T3894] gspca_sn9c20x: Device initialization failed [ 311.696816][ T3894] gspca_sn9c20x: probe of 5-1:0.0 failed with error -71 [ 311.705168][ T3894] usb 5-1: USB disconnect, device number 6 [ 311.776743][T10110] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2069'. [ 312.419978][T10116] loop3: detected capacity change from 0 to 512 [ 312.469858][T10116] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 312.492370][T10117] nfs4: Bad value for 'source' [ 312.542595][T10116] EXT4-fs (loop3): 1 truncate cleaned up [ 312.548397][T10116] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 312.621967][T10122] rdma_rxe: rxe_register_device failed with error -23 [ 312.662400][T10122] rdma_rxe: failed to add lo [ 312.726701][ T4252] EXT4-fs (loop3): unmounting filesystem. [ 312.952025][T10137] 9pnet: p9_errstr2errno: server reported unknown error [ 313.042955][T10143] loop3: detected capacity change from 0 to 128 [ 313.229962][T10149] 9pnet_fd: Insufficient options for proto=fd [ 313.386377][T10152] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2085'. [ 314.816847][ T26] audit: type=1326 audit(1734599863.759:3556): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10184 comm="syz.2.2099" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feed4385d29 code=0x7ffc0000 [ 314.875297][ T26] audit: type=1326 audit(1734599863.759:3557): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10184 comm="syz.2.2099" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feed4385d29 code=0x7ffc0000 [ 314.940280][ T26] audit: type=1326 audit(1734599863.779:3558): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10184 comm="syz.2.2099" exe="/root/syz-executor" sig=0 arch=c000003e syscall=294 compat=0 ip=0x7feed4385d29 code=0x7ffc0000 [ 315.005306][ T26] audit: type=1326 audit(1734599863.779:3559): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10184 comm="syz.2.2099" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feed4385d29 code=0x7ffc0000 [ 315.053591][T10187] loop2: detected capacity change from 0 to 512 [ 315.060903][T10187] journal_path: Lookup failure for './bus' [ 315.067173][ T26] audit: type=1326 audit(1734599863.779:3560): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10184 comm="syz.2.2099" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feed4385d29 code=0x7ffc0000 [ 315.090760][T10187] EXT4-fs: error: could not find journal device path [ 315.104028][ T26] audit: type=1326 audit(1734599863.789:3561): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10184 comm="syz.2.2099" exe="/root/syz-executor" sig=0 arch=c000003e syscall=254 compat=0 ip=0x7feed4385d29 code=0x7ffc0000 [ 315.178624][ T26] audit: type=1326 audit(1734599863.789:3562): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10184 comm="syz.2.2099" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feed4385d29 code=0x7ffc0000 [ 315.247413][ T26] audit: type=1326 audit(1734599863.789:3563): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10184 comm="syz.2.2099" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feed4385d29 code=0x7ffc0000 [ 315.313850][ T26] audit: type=1326 audit(1734599863.789:3564): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10184 comm="syz.2.2099" exe="/root/syz-executor" sig=0 arch=c000003e syscall=32 compat=0 ip=0x7feed4385d29 code=0x7ffc0000 [ 315.596805][T10198] loop3: detected capacity change from 0 to 1024 [ 315.637248][T10198] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 315.755806][T10202] rdma_rxe: already configured on lo [ 315.833915][ T4252] EXT4-fs (loop3): unmounting filesystem. [ 316.098929][ T26] kauditd_printk_skb: 5 callbacks suppressed [ 316.098946][ T26] audit: type=1800 audit(1734599865.039:3570): pid=10210 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.2109" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0 [ 316.337844][T10212] lo speed is unknown, defaulting to 1000 [ 316.566545][T10221] loop2: detected capacity change from 0 to 512 [ 316.831316][T10221] EXT4-fs error (device loop2): ext4_xattr_inode_iget:404: comm syz.2.2111: inode #1: comm syz.2.2111: iget: illegal inode # [ 316.846152][T10221] EXT4-fs error (device loop2): ext4_xattr_inode_iget:409: comm syz.2.2111: error while reading EA inode 1 err=-117 [ 316.861259][T10221] EXT4-fs error (device loop2): ext4_xattr_inode_iget:404: comm syz.2.2111: inode #1: comm syz.2.2111: iget: illegal inode # [ 316.878219][T10221] EXT4-fs error (device loop2): ext4_xattr_inode_iget:409: comm syz.2.2111: error while reading EA inode 1 err=-117 [ 316.894537][T10221] EXT4-fs (loop2): 1 orphan inode deleted [ 316.900465][T10221] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 317.131330][ T1265] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.142366][ T1265] ieee802154 phy1 wpan1: encryption failed: -22 [ 317.883518][T10232] netlink: 268 bytes leftover after parsing attributes in process `syz.0.2115'. [ 317.953858][T10232] unsupported nla_type 65024 [ 318.104346][T10212] sit0 speed is unknown, defaulting to 1000 [ 318.390700][T10238] 9pnet_fd: Insufficient options for proto=fd [ 318.474465][T10240] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2119'. [ 318.512163][ T4260] EXT4-fs (loop2): unmounting filesystem. [ 318.536318][T10240] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2119'. [ 318.671991][ T26] audit: type=1800 audit(1734599867.609:3571): pid=10245 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.2122" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0 [ 318.854912][T10215] device syzkaller1 entered promiscuous mode [ 318.899721][T10254] netlink: 268 bytes leftover after parsing attributes in process `syz.2.2125'. [ 318.925351][T10256] rdma_rxe: rxe_register_device failed with error -23 [ 318.932532][T10256] rdma_rxe: failed to add lo [ 319.183404][T10268] IPVS: wrr: UDP 224.0.0.2:0 - no destination available [ 319.386544][T10274] netlink: 'syz.0.2132': attribute type 1 has an invalid length. [ 319.490378][T10274] 8021q: adding VLAN 0 to HW filter on device bond4 [ 319.512772][T10277] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2133'. [ 319.537618][T10278] device vlan2 entered promiscuous mode [ 319.543977][T10278] device bond4 entered promiscuous mode [ 319.575377][T10278] device bond4 left promiscuous mode [ 319.581572][T10286] rdma_rxe: already configured on sit0 [ 319.614272][ T26] audit: type=1326 audit(1734599868.549:3572): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10283 comm="syz.3.2136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f88dd385d29 code=0x7ffc0000 [ 319.641641][T10285] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2133'. [ 319.650720][ T26] audit: type=1326 audit(1734599868.549:3573): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10283 comm="syz.3.2136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f88dd385d29 code=0x7ffc0000 [ 319.706154][T10284] tipc: Enabling of bearer rejected, already enabled [ 319.728575][ T26] audit: type=1326 audit(1734599868.579:3574): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10283 comm="syz.3.2136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f88dd385d29 code=0x7ffc0000 [ 319.816019][ T26] audit: type=1326 audit(1734599868.579:3575): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10283 comm="syz.3.2136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f88dd387c47 code=0x7ffc0000 [ 319.892595][ T26] audit: type=1326 audit(1734599868.579:3576): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10283 comm="syz.3.2136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7f88dd387bbc code=0x7ffc0000 [ 319.900931][T10291] loop1: detected capacity change from 0 to 1024 [ 319.927519][T10292] rdma_rxe: already configured on lo [ 319.935593][ T26] audit: type=1326 audit(1734599868.579:3577): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10283 comm="syz.3.2136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f88dd387af4 code=0x7ffc0000 [ 320.004178][T10291] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 320.031084][T10291] EXT4-fs error (device loop1): ext4_expand_extra_isize_ea:2739: inode #12: comm syz.1.2138: corrupted in-inode xattr [ 320.055744][ T26] audit: type=1326 audit(1734599868.579:3578): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10283 comm="syz.3.2136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f88dd387af4 code=0x7ffc0000 [ 320.078345][ T26] audit: type=1326 audit(1734599868.579:3579): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10283 comm="syz.3.2136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f88dd38498a code=0x7ffc0000 [ 320.104082][T10298] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2140'. [ 320.127411][T10304] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING [ 320.155822][T10298] netlink: 'syz.3.2140': attribute type 19 has an invalid length. [ 320.169916][T10298] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2140'. [ 320.176140][ T4251] EXT4-fs (loop1): unmounting filesystem. [ 320.309810][T10309] IPVS: wrr: UDP 224.0.0.2:0 - no destination available [ 320.335663][T10311] IPVS: sync thread started: state = BACKUP, mcast_ifn = hsr0, syncid = 0, id = 0 [ 320.637556][T10327] 9pnet_fd: Insufficient options for proto=fd [ 320.725020][T10331] rdma_rxe: rxe_register_device failed with error -23 [ 320.732423][T10331] rdma_rxe: failed to add lo [ 320.848124][T10336] loop4: detected capacity change from 0 to 764 [ 320.887284][T10336] Symlink component flag not implemented [ 320.898463][T10336] Symlink component flag not implemented [ 320.904619][T10336] Symlink component flag not implemented (129) [ 320.916012][T10336] Symlink component flag not implemented (6) [ 321.091945][T10341] lo speed is unknown, defaulting to 1000 [ 321.589677][T10341] sit0 speed is unknown, defaulting to 1000 [ 322.670184][T10383] loop3: detected capacity change from 0 to 512 [ 322.733937][T10381] loop2: detected capacity change from 0 to 2048 [ 322.755254][T10383] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 322.815276][T10383] ext4 filesystem being mounted at /390/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 322.856444][T10381] loop2: p3 < > p4 < > [ 322.860758][T10381] loop2: partition table partially beyond EOD, truncated [ 322.902954][T10381] loop2: p3 start 4284289 is beyond EOD, truncated [ 323.041245][T10383] EXT4-fs error (device loop3): ext4_get_first_dir_block:3591: inode #12: block 32: comm syz.3.2174: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0 [ 323.088804][T10383] EXT4-fs error (device loop3): ext4_get_first_dir_block:3594: inode #12: comm syz.3.2174: directory missing '.' [ 323.212697][ T4252] EXT4-fs (loop3): unmounting filesystem. [ 324.842343][T10414] loop2: detected capacity change from 0 to 164 [ 324.851362][T10414] rock: corrupted directory entry. extent=28, offset=0, size=16777216 [ 324.889560][T10416] loop4: detected capacity change from 0 to 512 [ 324.908762][T10414] rock: corrupted directory entry. extent=28, offset=0, size=16777216 [ 324.923033][T10414] syz.2.2184[10414] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 324.923134][T10414] syz.2.2184[10414] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 325.003363][T10416] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 325.023965][T10416] ext4 filesystem being mounted at /426/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 325.182497][ T4253] EXT4-fs (loop4): unmounting filesystem. [ 325.254224][T10425] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2187'. [ 325.285153][T10425] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2187'. [ 325.739332][T10439] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2193'. [ 325.791128][ T26] kauditd_printk_skb: 16 callbacks suppressed [ 325.791144][ T26] audit: type=1326 audit(1734599874.729:3596): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10438 comm="syz.4.2192" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3cfdb85d29 code=0x7ffc0000 [ 325.888508][ T26] audit: type=1326 audit(1734599874.729:3597): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10438 comm="syz.4.2192" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3cfdb85d29 code=0x7ffc0000 [ 325.911907][ T26] audit: type=1326 audit(1734599874.729:3598): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10438 comm="syz.4.2192" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3cfdb85d29 code=0x7ffc0000 [ 325.935167][ T26] audit: type=1326 audit(1734599874.729:3599): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10438 comm="syz.4.2192" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3cfdb85d29 code=0x7ffc0000 [ 326.069573][ T26] audit: type=1326 audit(1734599874.729:3600): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10438 comm="syz.4.2192" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3cfdb85d29 code=0x7ffc0000 [ 326.487970][T10331] Set syz1 is full, maxelem 65536 reached [ 326.586158][ T26] audit: type=1326 audit(1734599874.729:3601): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10438 comm="syz.4.2192" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f3cfdb85d29 code=0x7ffc0000 [ 326.615707][ T26] audit: type=1326 audit(1734599874.729:3602): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10438 comm="syz.4.2192" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3cfdb85d29 code=0x7ffc0000 [ 326.685577][ T26] audit: type=1326 audit(1734599874.729:3603): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10438 comm="syz.4.2192" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3cfdb85d29 code=0x7ffc0000 [ 326.798408][T10454] loop1: detected capacity change from 0 to 128 [ 326.805849][ T26] audit: type=1326 audit(1734599874.729:3604): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10438 comm="syz.4.2192" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3cfdb85d29 code=0x7ffc0000 [ 326.863533][ T26] audit: type=1326 audit(1734599874.729:3605): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10438 comm="syz.4.2192" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3cfdb85d29 code=0x7ffc0000 [ 326.926408][T10463] netlink: 36 bytes leftover after parsing attributes in process `syz.4.2202'. [ 327.129237][T10470] rdma_rxe: rxe_register_device failed with error -23 [ 327.277584][T10470] rdma_rxe: failed to add sit0 [ 327.567663][T10472] tipc: Enabling of bearer rejected, already enabled [ 327.759930][T10477] loop3: detected capacity change from 0 to 128 [ 327.971121][T10481] loop4: detected capacity change from 0 to 1024 [ 328.029956][T10481] EXT4-fs (loop4): INFO: recovery required on readonly filesystem [ 328.053289][T10481] EXT4-fs (loop4): write access will be enabled during recovery [ 328.166721][T10481] JBD2: no valid journal superblock found [ 328.218460][T10481] EXT4-fs (loop4): error loading journal [ 328.958001][T10502] loop2: detected capacity change from 0 to 512 [ 328.991886][T10502] EXT4-fs error (device loop2): ext4_xattr_inode_iget:404: comm syz.2.2216: inode #1: comm syz.2.2216: iget: illegal inode # [ 329.022142][T10502] EXT4-fs error (device loop2): ext4_xattr_inode_iget:409: comm syz.2.2216: error while reading EA inode 1 err=-117 [ 329.064879][T10502] EXT4-fs error (device loop2): ext4_xattr_inode_iget:404: comm syz.2.2216: inode #1: comm syz.2.2216: iget: illegal inode # [ 329.082955][T10506] netlink: 'syz.1.2217': attribute type 1 has an invalid length. [ 329.093157][T10502] EXT4-fs error (device loop2): ext4_xattr_inode_iget:409: comm syz.2.2216: error while reading EA inode 1 err=-117 [ 329.114477][T10502] EXT4-fs (loop2): 1 orphan inode deleted [ 329.138384][T10502] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 329.157367][T10506] 8021q: adding VLAN 0 to HW filter on device bond5 [ 329.177945][T10502] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #13: comm syz.2.2216: invalid indirect mapped block 234881024 (level 0) [ 329.224559][ T4260] EXT4-fs (loop2): unmounting filesystem. [ 329.287967][T10514] rdma_rxe: rxe_register_device failed with error -23 [ 329.309014][T10514] rdma_rxe: failed to add sit0 [ 329.325707][T10514] tipc: Enabling of bearer rejected, already enabled [ 329.410601][T10523] loop1: detected capacity change from 0 to 512 [ 329.418522][T10523] EXT4-fs: Ignoring removed nomblk_io_submit option [ 329.430664][T10523] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended [ 329.455279][T10523] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a85ec028, mo2=0002] [ 329.465747][T10523] System zones: 0-2, 18-18, 34-34 [ 329.478496][T10523] EXT4-fs warning (device loop1): ext4_update_dynamic_rev:1086: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 329.498361][T10523] EXT4-fs (loop1): 1 truncate cleaned up [ 329.504051][T10523] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 330.509635][T10537] lo speed is unknown, defaulting to 1000 [ 330.519723][T10538] ALSA: seq fatal error: cannot create timer (-19) [ 330.588278][ T4251] EXT4-fs (loop1): unmounting filesystem. [ 330.590680][T10537] sit0 speed is unknown, defaulting to 1000 [ 330.972497][ T26] kauditd_printk_skb: 94 callbacks suppressed [ 330.972512][ T26] audit: type=1326 audit(1734599879.909:3700): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10548 comm="syz.4.2235" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3cfdb85d29 code=0x7ffc0000 [ 331.059797][T10553] rdma_rxe: rxe_register_device failed with error -23 [ 331.076982][T10553] rdma_rxe: failed to add sit0 [ 331.077265][ T26] audit: type=1326 audit(1734599879.969:3701): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10548 comm="syz.4.2235" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f3cfdb85d29 code=0x7ffc0000 [ 331.123169][ T26] audit: type=1326 audit(1734599879.969:3702): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10548 comm="syz.4.2235" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3cfdb85d29 code=0x7ffc0000 [ 331.152734][ T26] audit: type=1326 audit(1734599879.969:3703): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10548 comm="syz.4.2235" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3cfdb85d29 code=0x7ffc0000 [ 331.183001][T10553] tipc: Enabling of bearer rejected, already enabled [ 331.192073][ T26] audit: type=1326 audit(1734599879.969:3704): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10548 comm="syz.4.2235" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7f3cfdb85d29 code=0x7ffc0000 [ 331.267295][ T26] audit: type=1326 audit(1734599879.969:3705): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10548 comm="syz.4.2235" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3cfdb85d29 code=0x7ffc0000 [ 331.331521][ T26] audit: type=1326 audit(1734599879.969:3706): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10548 comm="syz.4.2235" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f3cfdb85d29 code=0x7ffc0000 [ 331.409664][ T26] audit: type=1326 audit(1734599879.969:3707): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10548 comm="syz.4.2235" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3cfdb85d29 code=0x7ffc0000 [ 331.454329][T10569] device syzkaller1 entered promiscuous mode [ 331.473963][T10569] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2240'. [ 331.484976][ T26] audit: type=1326 audit(1734599879.969:3708): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10548 comm="syz.4.2235" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7f3cfdb85d29 code=0x7ffc0000 [ 331.565028][ T26] audit: type=1326 audit(1734599879.969:3709): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10548 comm="syz.4.2235" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3cfdb85d29 code=0x7ffc0000 [ 332.024108][T10582] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2248'. [ 332.065044][T10582] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2248'. [ 332.109972][T10588] netlink: 32 bytes leftover after parsing attributes in process `syz.1.2251'. [ 332.287198][T10593] x_tables: duplicate underflow at hook 1 [ 332.303384][T10594] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for ip6gretap1 [ 332.390064][T10593] debugfs: Directory 'ttyS3' with parent 'caif_serial' already present! [ 332.416456][T10596] device syzkaller1 entered promiscuous mode [ 332.440668][T10596] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2255'. [ 332.561436][T10601] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 332.586044][T10601] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 332.944890][T10608] loop4: detected capacity change from 0 to 256 [ 333.202366][T10617] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2263'. [ 333.369392][T10630] device syzkaller1 entered promiscuous mode [ 333.377755][T10630] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2269'. [ 333.473753][T10632] loop2: detected capacity change from 0 to 1024 [ 333.488825][T10632] EXT4-fs: Ignoring removed nobh option [ 333.535899][T10632] EXT4-fs: Ignoring removed bh option [ 333.585586][T10632] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 333.711918][T10637] loop4: detected capacity change from 0 to 512 [ 333.853945][T10637] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 333.863455][T10637] ext4 filesystem being mounted at /444/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 333.938966][T10632] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 334.690150][ T4260] EXT4-fs (loop2): unmounting filesystem. [ 335.344728][T10656] tun0: tun_chr_ioctl cmd 2147767520 [ 335.708631][ T4253] EXT4-fs (loop4): unmounting filesystem. [ 335.868719][T10666] loop3: detected capacity change from 0 to 512 [ 335.976146][T10666] EXT4-fs error (device loop3): ext4_xattr_inode_iget:404: comm syz.3.2280: inode #1: comm syz.3.2280: iget: illegal inode # [ 335.991713][T10666] EXT4-fs error (device loop3): ext4_xattr_inode_iget:409: comm syz.3.2280: error while reading EA inode 1 err=-117 [ 336.007856][T10666] EXT4-fs error (device loop3): ext4_xattr_inode_iget:404: comm syz.3.2280: inode #1: comm syz.3.2280: iget: illegal inode # [ 336.029579][T10666] EXT4-fs error (device loop3): ext4_xattr_inode_iget:409: comm syz.3.2280: error while reading EA inode 1 err=-117 [ 336.046186][T10666] EXT4-fs (loop3): 1 orphan inode deleted [ 336.052049][T10666] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 336.482149][T10672] device syzkaller1 entered promiscuous mode [ 336.521915][T10672] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2281'. [ 337.308526][ T4252] EXT4-fs (loop3): unmounting filesystem. [ 337.770459][T10696] x_tables: ip6_tables: SYNPROXY target: used from hooks PREROUTING, but only usable from INPUT/FORWARD [ 338.377859][T10700] loop2: detected capacity change from 0 to 512 [ 338.504263][T10700] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 338.553270][T10700] ext4 filesystem being mounted at /514/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 338.732550][T10709] loop3: detected capacity change from 0 to 512 [ 338.779728][ T4260] EXT4-fs (loop2): unmounting filesystem. [ 338.794612][T10709] EXT4-fs error (device loop3): ext4_xattr_inode_iget:404: comm syz.3.2298: inode #1: comm syz.3.2298: iget: illegal inode # [ 338.814238][T10712] device syzkaller1 entered promiscuous mode [ 338.868582][T10709] EXT4-fs error (device loop3): ext4_xattr_inode_iget:409: comm syz.3.2298: error while reading EA inode 1 err=-117 [ 338.922374][T10709] EXT4-fs error (device loop3): ext4_xattr_inode_iget:404: comm syz.3.2298: inode #1: comm syz.3.2298: iget: illegal inode # [ 338.952741][T10715] loop2: detected capacity change from 0 to 512 [ 338.964604][T10709] EXT4-fs error (device loop3): ext4_xattr_inode_iget:409: comm syz.3.2298: error while reading EA inode 1 err=-117 [ 338.985949][T10715] EXT4-fs error (device loop2): ext4_orphan_get:1400: inode #15: comm syz.2.2301: casefold flag without casefold feature [ 339.003861][T10709] EXT4-fs (loop3): 1 orphan inode deleted [ 339.025617][T10709] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 339.034980][T10715] EXT4-fs error (device loop2): ext4_orphan_get:1405: comm syz.2.2301: couldn't read orphan inode 15 (err -117) [ 339.080612][T10715] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 339.148632][ T4252] EXT4-fs (loop3): unmounting filesystem. [ 339.238921][ T4260] EXT4-fs (loop2): unmounting filesystem. [ 339.357481][T10720] lo speed is unknown, defaulting to 1000 [ 339.400610][T10723] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready [ 339.454156][T10723] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready [ 339.493541][T10724] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING [ 339.681356][T10732] netlink: 'syz.3.2303': attribute type 1 has an invalid length. [ 339.699312][T10723] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 339.720771][T10723] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 339.744816][T10723] 8021q: adding VLAN 0 to HW filter on device bond0 [ 339.770042][T10723] 8021q: adding VLAN 0 to HW filter on device team0 [ 339.808801][T10723] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 339.852034][T10720] sit0 speed is unknown, defaulting to 1000 [ 339.871011][T10742] device syzkaller1 entered promiscuous mode [ 340.009586][T10746] netlink: 'syz.2.2315': attribute type 10 has an invalid length. [ 340.036381][T10746] bond0: (slave bridge0): Enslaving as an active interface with an up link [ 340.053384][ T26] kauditd_printk_skb: 69 callbacks suppressed [ 340.053408][ T26] audit: type=1326 audit(1734599888.989:3779): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10748 comm="syz.4.2316" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3cfdb85d29 code=0x7ffc0000 [ 340.120267][ T26] audit: type=1326 audit(1734599889.029:3780): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10748 comm="syz.4.2316" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3cfdb85d29 code=0x7ffc0000 [ 340.188060][ T26] audit: type=1326 audit(1734599889.029:3781): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10748 comm="syz.4.2316" exe="/root/syz-executor" sig=0 arch=c000003e syscall=152 compat=0 ip=0x7f3cfdb85d29 code=0x7ffc0000 [ 340.211465][T10724] siw: device registration error -23 [ 340.223472][ T26] audit: type=1326 audit(1734599889.029:3782): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10748 comm="syz.4.2316" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3cfdb85d29 code=0x7ffc0000 [ 340.247163][ T26] audit: type=1326 audit(1734599889.029:3783): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10748 comm="syz.4.2316" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3cfdb85d29 code=0x7ffc0000 [ 340.390873][T10762] x_tables: ip6_tables: socket match: used from hooks OUTPUT, but only valid from PREROUTING/INPUT [ 340.449273][T10765] loop3: detected capacity change from 0 to 1024 [ 340.473398][T10765] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 340.478407][T10761] lo speed is unknown, defaulting to 1000 [ 340.485149][T10765] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 340.505236][T10765] JBD2: no valid journal superblock found [ 340.511631][T10765] EXT4-fs (loop3): error loading journal [ 340.669339][T10761] sit0 speed is unknown, defaulting to 1000 [ 340.678397][T10773] netlink: 40 bytes leftover after parsing attributes in process `syz.4.2326'. [ 340.821631][ T26] audit: type=1326 audit(1734599889.759:3784): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10776 comm="syz.3.2328" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f88dd385d29 code=0x7ffc0000 [ 340.896842][ T26] audit: type=1326 audit(1734599889.759:3785): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10776 comm="syz.3.2328" exe="/root/syz-executor" sig=0 arch=c000003e syscall=139 compat=0 ip=0x7f88dd385d29 code=0x7ffc0000 [ 340.959432][T10779] netlink: 'syz.3.2330': attribute type 1 has an invalid length. [ 340.971957][ T26] audit: type=1326 audit(1734599889.759:3786): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10776 comm="syz.3.2328" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f88dd385d29 code=0x7ffc0000 [ 340.984683][T10783] syz.2.2331[10783] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 341.007313][T10783] syz.2.2331[10783] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 341.092093][ T26] audit: type=1326 audit(1734599890.029:3787): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10786 comm="syz.4.2332" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3cfdb85d29 code=0x7ffc0000 [ 341.132321][T10779] 8021q: adding VLAN 0 to HW filter on device bond9 [ 341.171558][ T26] audit: type=1326 audit(1734599890.049:3788): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10786 comm="syz.4.2332" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3cfdb85d29 code=0x7ffc0000 [ 341.196730][T10783] 9pnet_fd: Insufficient options for proto=fd [ 341.390492][T10795] usb usb7: usbfs: process 10795 (syz.2.2334) did not claim interface 0 before use [ 341.772476][T10815] rdma_rxe: rxe_register_device failed with error -23 [ 341.782594][T10813] netlink: 'syz.2.2343': attribute type 1 has an invalid length. [ 341.802192][T10815] rdma_rxe: failed to add sit0 [ 341.833494][T10813] 8021q: adding VLAN 0 to HW filter on device bond9 [ 341.857773][T10815] tipc: Enabling of bearer rejected, already enabled [ 342.013640][T10827] usb usb7: usbfs: process 10827 (syz.0.2348) did not claim interface 0 before use [ 342.250814][T10840] loop4: detected capacity change from 0 to 128 [ 343.324667][T10860] rdma_rxe: rxe_register_device failed with error -23 [ 343.350339][T10866] ebt_among: dst integrity fail: 10d [ 343.373006][T10860] rdma_rxe: failed to add sit0 [ 343.415367][T10860] tipc: Enabling of bearer rejected, already enabled [ 343.573609][T10878] IPVS: wrr: UDP 224.0.0.2:0 - no destination available [ 343.721677][T10889] loop1: detected capacity change from 0 to 256 [ 343.864228][T10898] loop1: detected capacity change from 0 to 128 [ 343.909863][T10898] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 343.920360][T10898] ext4 filesystem being mounted at /480/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 344.022570][ T4251] EXT4-fs (loop1): unmounting filesystem. [ 344.031573][T10908] netlink: 'syz.4.2381': attribute type 10 has an invalid length. [ 344.042419][T10908] bond0: (slave bridge0): Enslaving as an active interface with an up link [ 344.094516][T10910] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2383'. [ 344.111687][T10912] rdma_rxe: rxe_register_device failed with error -23 [ 344.114053][T10910] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 344.123255][T10912] rdma_rxe: failed to add sit0 [ 344.131543][T10910] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 344.143189][T10912] tipc: Enabling of bearer rejected, already enabled [ 344.274171][T10921] IPVS: wrr: UDP 224.0.0.2:0 - no destination available [ 344.693533][T10942] loop3: detected capacity change from 0 to 128 [ 344.757947][T10945] rdma_rxe: rxe_register_device failed with error -23 [ 344.795334][T10945] rdma_rxe: failed to add sit0 [ 344.815982][T10945] tipc: Enabling of bearer rejected, already enabled [ 344.952231][T10953] IPVS: wrr: UDP 224.0.0.2:0 - no destination available [ 345.171266][T10967] loop4: detected capacity change from 0 to 512 [ 345.196912][T10967] EXT4-fs: Ignoring removed orlov option [ 345.205513][T10967] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 345.230545][T10967] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 345.295648][T10967] EXT4-fs (loop4): 1 orphan inode deleted [ 345.301420][T10967] EXT4-fs (loop4): 1 truncate cleaned up [ 345.315799][T10967] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 345.370776][ T4253] EXT4-fs (loop4): unmounting filesystem. [ 345.432918][T10984] rdma_rxe: already configured on sit0 [ 345.454813][T10984] tipc: Enabling of bearer rejected, already enabled [ 345.455957][ T26] kauditd_printk_skb: 372 callbacks suppressed [ 345.455971][ T26] audit: type=1326 audit(1734599894.389:4161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10983 comm="syz.3.2413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f88dd385d29 code=0x7ffc0000 [ 345.559228][ T26] audit: type=1326 audit(1734599894.389:4162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10983 comm="syz.3.2413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f88dd385d29 code=0x7ffc0000 [ 345.584027][T10992] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2417'. [ 345.597610][ T26] audit: type=1326 audit(1734599894.389:4163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10983 comm="syz.3.2413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f88dd385d29 code=0x7ffc0000 [ 345.615140][T10992] IPVS: Error joining to the multicast group [ 345.663566][ T26] audit: type=1326 audit(1734599894.389:4164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10983 comm="syz.3.2413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f88dd387c47 code=0x7ffc0000 [ 345.710699][ T26] audit: type=1326 audit(1734599894.389:4165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10983 comm="syz.3.2413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7f88dd387bbc code=0x7ffc0000 [ 345.758393][T11000] IPVS: wrr: UDP 224.0.0.2:0 - no destination available [ 345.766091][ T26] audit: type=1326 audit(1734599894.389:4166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10983 comm="syz.3.2413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f88dd387af4 code=0x7ffc0000 [ 345.809997][ T26] audit: type=1326 audit(1734599894.389:4167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10983 comm="syz.3.2413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f88dd387af4 code=0x7ffc0000 [ 345.872045][ T26] audit: type=1326 audit(1734599894.389:4168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10983 comm="syz.3.2413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f88dd38498a code=0x7ffc0000 [ 345.899471][ T26] audit: type=1326 audit(1734599894.389:4169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10983 comm="syz.3.2413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f88dd385d29 code=0x7ffc0000 [ 345.981583][ T26] audit: type=1326 audit(1734599894.389:4170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10983 comm="syz.3.2413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f88dd385d29 code=0x7ffc0000 [ 346.012272][T11017] loop4: detected capacity change from 0 to 2048 [ 346.097802][T11017] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 346.158701][T11022] tipc: Enabling of bearer rejected, already enabled [ 346.341096][ T4253] EXT4-fs (loop4): unmounting filesystem. [ 346.403138][T11031] lo speed is unknown, defaulting to 1000 [ 346.410968][T11033] netlink: 'syz.0.2432': attribute type 24 has an invalid length. [ 346.559706][T11043] IPVS: wrr: UDP 224.0.0.2:0 - no destination available [ 346.685232][T11031] sit0 speed is unknown, defaulting to 1000 [ 346.714694][T11047] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.2437'. [ 346.725976][T11046] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.2437'. [ 346.932725][T11056] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2440'. [ 347.024767][T11060] loop2: detected capacity change from 0 to 1024 [ 347.083860][T11060] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 347.113344][T11060] hub 9-0:1.0: USB hub found [ 347.126464][T11060] hub 9-0:1.0: 1 port detected [ 347.195155][ T4260] EXT4-fs (loop2): unmounting filesystem. [ 347.641278][T11086] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.2450'. [ 347.659438][T11080] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.2450'. [ 347.708707][T11089] tipc: Enabling of bearer rejected, already enabled [ 347.861624][T11096] loop3: detected capacity change from 0 to 512 [ 347.900488][T11096] EXT4-fs error (device loop3): ext4_orphan_get:1400: inode #15: comm syz.3.2456: casefold flag without casefold feature [ 348.076030][T11096] EXT4-fs error (device loop3): ext4_orphan_get:1405: comm syz.3.2456: couldn't read orphan inode 15 (err -117) [ 348.109742][T11096] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 348.228061][ T4252] EXT4-fs (loop3): unmounting filesystem. [ 348.253484][T11114] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2460'. [ 348.353405][T11123] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.2465'. [ 348.389315][T11116] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.2465'. [ 348.698847][T11143] device wireguard1 entered promiscuous mode [ 348.737659][T11146] loop3: detected capacity change from 0 to 512 [ 348.789422][T11146] EXT4-fs error (device loop3): ext4_orphan_get:1400: inode #15: comm syz.3.2475: casefold flag without casefold feature [ 348.825813][T11146] EXT4-fs error (device loop3): ext4_orphan_get:1405: comm syz.3.2475: couldn't read orphan inode 15 (err -117) [ 348.856424][T11146] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 348.912174][ T4252] EXT4-fs (loop3): unmounting filesystem. [ 349.190974][T11170] loop2: detected capacity change from 0 to 164 [ 349.212893][T11172] __nla_validate_parse: 3 callbacks suppressed [ 349.212909][T11172] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.2482'. [ 349.229300][T11170] Unable to read rock-ridge attributes [ 349.237156][T11166] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.2482'. [ 349.247549][T11170] Unable to read rock-ridge attributes [ 349.362088][T11175] syz.3.2487[11175] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 349.362186][T11175] syz.3.2487[11175] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 349.411885][T11177] device syzkaller1 entered promiscuous mode [ 350.028879][T11193] netlink: 100 bytes leftover after parsing attributes in process `syz.3.2495'. [ 350.515579][T11202] x_tables: ip6_tables: SYNPROXY target: used from hooks PREROUTING, but only usable from INPUT/FORWARD [ 350.565318][T11208] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.2499'. [ 350.595337][T11204] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.2499'. [ 350.853084][T11214] loop3: detected capacity change from 0 to 512 [ 351.026285][T11214] EXT4-fs error (device loop3): ext4_xattr_inode_iget:404: comm syz.3.2500: inode #1: comm syz.3.2500: iget: illegal inode # [ 351.043232][T11214] EXT4-fs error (device loop3): ext4_xattr_inode_iget:409: comm syz.3.2500: error while reading EA inode 1 err=-117 [ 351.058428][T11214] EXT4-fs error (device loop3): ext4_xattr_inode_iget:404: comm syz.3.2500: inode #1: comm syz.3.2500: iget: illegal inode # [ 351.073643][T11214] EXT4-fs error (device loop3): ext4_xattr_inode_iget:409: comm syz.3.2500: error while reading EA inode 1 err=-117 [ 351.090352][T11214] EXT4-fs (loop3): 1 orphan inode deleted [ 351.096455][T11214] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 351.465651][ T26] kauditd_printk_skb: 75 callbacks suppressed [ 351.465671][ T26] audit: type=1326 audit(1734599900.379:4246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11216 comm="syz.0.2503" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc371185d29 code=0x7ffc0000 [ 351.620129][ T26] audit: type=1326 audit(1734599900.379:4247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11216 comm="syz.0.2503" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc371185d29 code=0x7ffc0000 [ 351.675595][T11222] device syzkaller1 entered promiscuous mode [ 351.716358][T11222] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2506'. [ 351.764242][ T26] audit: type=1326 audit(1734599900.389:4248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11216 comm="syz.0.2503" exe="/root/syz-executor" sig=0 arch=c000003e syscall=143 compat=0 ip=0x7fc371185d29 code=0x7ffc0000 [ 351.911825][ T26] audit: type=1326 audit(1734599900.389:4249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11216 comm="syz.0.2503" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc371185d29 code=0x7ffc0000 [ 352.062976][T11233] loop2: detected capacity change from 0 to 128 [ 352.074836][ T26] audit: type=1326 audit(1734599900.389:4250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11216 comm="syz.0.2503" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc371185d29 code=0x7ffc0000 [ 352.806607][ T4252] EXT4-fs (loop3): unmounting filesystem. [ 353.051351][T11246] netlink: 16402 bytes leftover after parsing attributes in process `syz.4.2514'. [ 353.085716][T11243] netlink: 16402 bytes leftover after parsing attributes in process `syz.4.2514'. [ 353.236039][T11253] loop1: detected capacity change from 0 to 512 [ 353.324736][T11253] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 353.366877][T11253] ext4 filesystem being mounted at /511/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 353.537140][ T26] audit: type=1800 audit(1734599902.479:4251): pid=11271 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2516" name="bus" dev="loop1" ino=18 res=0 errno=0 [ 353.544396][T11253] EXT4-fs error (device loop1): ext4_xattr_delete_inode:2925: inode #15: comm syz.1.2516: corrupted xattr block 85 [ 353.557986][ T3518] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 353.684901][T11253] EXT4-fs warning (device loop1): ext4_evict_inode:299: xattr delete (err -117) [ 353.782150][T11282] loop4: detected capacity change from 0 to 128 [ 353.800591][ T3518] usb 1-1: New USB device found, idVendor=045e, idProduct=00f4, bcdDevice=d5.51 [ 353.823844][ T3518] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 353.995545][ T3518] usb 1-1: config 0 descriptor?? [ 354.007215][ T3518] gspca_main: gspca_sn9c20x-2.14.0 probing 045e:00f4 [ 354.041163][ T26] audit: type=1326 audit(1734599902.979:4252): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11284 comm="syz.2.2530" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feed4385d29 code=0x7ffc0000 [ 354.181519][ T26] audit: type=1326 audit(1734599902.979:4253): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11284 comm="syz.2.2530" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7feed4385d29 code=0x7ffc0000 [ 354.516110][ T3518] gspca_sn9c20x: Write register 1000 failed -110 [ 354.531046][ T3518] gspca_sn9c20x: Device initialization failed [ 354.685999][ T3518] gspca_sn9c20x: probe of 1-1:0.0 failed with error -110 [ 354.694007][T11289] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.2531'. [ 354.719618][ T26] audit: type=1326 audit(1734599902.979:4254): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11284 comm="syz.2.2530" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feed4385d29 code=0x7ffc0000 [ 354.757671][ T3518] usb 1-1: USB disconnect, device number 8 [ 354.779444][ T26] audit: type=1326 audit(1734599902.979:4255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11284 comm="syz.2.2530" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7feed4385d29 code=0x7ffc0000 [ 355.091545][T11297] loop3: detected capacity change from 0 to 8192 [ 355.130004][T11297] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 355.737127][ T4251] EXT4-fs (loop1): unmounting filesystem. [ 355.825023][T11318] netlink: 'syz.3.2543': attribute type 1 has an invalid length. [ 355.902200][T11325] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.2544'. [ 355.922173][T11321] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.2544'. [ 356.419811][T11346] tipc: Enabling of bearer rejected, already enabled [ 356.569543][T11348] loop3: detected capacity change from 0 to 512 [ 356.762614][T11348] EXT4-fs error (device loop3): ext4_xattr_inode_iget:404: comm syz.3.2552: inode #1: comm syz.3.2552: iget: illegal inode # [ 356.779719][T11348] EXT4-fs error (device loop3): ext4_xattr_inode_iget:409: comm syz.3.2552: error while reading EA inode 1 err=-117 [ 356.793931][T11348] EXT4-fs error (device loop3): ext4_xattr_inode_iget:404: comm syz.3.2552: inode #1: comm syz.3.2552: iget: illegal inode # [ 356.809291][T11348] EXT4-fs error (device loop3): ext4_xattr_inode_iget:409: comm syz.3.2552: error while reading EA inode 1 err=-117 [ 356.827250][T11348] EXT4-fs (loop3): 1 orphan inode deleted [ 356.833107][T11348] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 359.534510][T11359] loop2: detected capacity change from 0 to 512 [ 359.704450][T11359] EXT4-fs error (device loop2): ext4_xattr_inode_iget:404: comm syz.2.2558: inode #1: comm syz.2.2558: iget: illegal inode # [ 359.719190][T11359] EXT4-fs error (device loop2): ext4_xattr_inode_iget:409: comm syz.2.2558: error while reading EA inode 1 err=-117 [ 359.733360][T11359] EXT4-fs error (device loop2): ext4_xattr_inode_iget:404: comm syz.2.2558: inode #1: comm syz.2.2558: iget: illegal inode # [ 359.748012][T11359] EXT4-fs error (device loop2): ext4_xattr_inode_iget:409: comm syz.2.2558: error while reading EA inode 1 err=-117 [ 359.762554][T11359] EXT4-fs (loop2): 1 orphan inode deleted [ 359.768533][T11359] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 359.892596][ T4252] EXT4-fs (loop3): unmounting filesystem. [ 360.089751][T11364] usb usb7: usbfs: process 11364 (syz.4.2560) did not claim interface 0 before use [ 360.378601][T11368] loop4: detected capacity change from 0 to 512 [ 360.394012][T11370] loop1: detected capacity change from 0 to 512 [ 360.434738][T11370] EXT4-fs error (device loop1): ext4_orphan_get:1400: inode #15: comm syz.1.2563: iget: bad extended attribute block 1 [ 360.447598][T11368] EXT4-fs error (device loop4): ext4_orphan_get:1400: inode #15: comm syz.4.2562: iget: bad extended attribute block 1 [ 360.468773][ T26] kauditd_printk_skb: 37 callbacks suppressed [ 360.468787][ T26] audit: type=1326 audit(1734599909.409:4293): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11373 comm="syz.0.2564" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fc371185d29 code=0x0 [ 360.521836][T11370] EXT4-fs error (device loop1): ext4_orphan_get:1405: comm syz.1.2563: couldn't read orphan inode 15 (err -117) [ 360.534018][T11368] EXT4-fs error (device loop4): ext4_orphan_get:1405: comm syz.4.2562: couldn't read orphan inode 15 (err -117) [ 360.554132][T11377] netlink: 'syz.3.2559': attribute type 1 has an invalid length. [ 360.562978][T11370] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 360.576297][T11368] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 360.619275][T11370] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 7969 vs 220 free clusters [ 360.647227][T11368] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 7934 vs 220 free clusters [ 360.838884][ T4253] EXT4-fs (loop4): unmounting filesystem. [ 360.850092][ T4251] EXT4-fs (loop1): unmounting filesystem. [ 361.001776][T11385] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2568'. [ 361.017972][T11385] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2568'. [ 361.037451][T11385] netlink: 2 bytes leftover after parsing attributes in process `syz.3.2568'. [ 361.137786][ T4260] EXT4-fs (loop2): unmounting filesystem. [ 361.160170][T11389] tipc: Enabling of bearer rejected, already enabled [ 361.165013][ T26] audit: type=1326 audit(1734599910.089:4294): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11388 comm="syz.1.2567" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ae8185d29 code=0x7ffc0000 [ 361.298619][ T26] audit: type=1326 audit(1734599910.089:4295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11388 comm="syz.1.2567" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f3ae8185d29 code=0x7ffc0000 [ 361.340409][T11395] bond0: (slave bridge0): Releasing backup interface [ 361.375604][ T26] audit: type=1326 audit(1734599910.089:4296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11388 comm="syz.1.2567" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ae8185d29 code=0x7ffc0000 [ 361.385798][T11395] device bridge_slave_0 left promiscuous mode [ 361.439698][ T26] audit: type=1326 audit(1734599910.089:4297): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11388 comm="syz.1.2567" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f3ae8187c47 code=0x7ffc0000 [ 361.447377][T11395] bridge0: port 1(bridge_slave_0) entered disabled state [ 361.473286][T11403] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2573'. [ 361.534810][ T26] audit: type=1326 audit(1734599910.089:4298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11388 comm="syz.1.2567" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7f3ae8187bbc code=0x7ffc0000 [ 361.558113][T11395] device bridge_slave_1 left promiscuous mode [ 361.572538][T11395] bridge0: port 2(bridge_slave_1) entered disabled state [ 361.588968][ T26] audit: type=1326 audit(1734599910.089:4299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11388 comm="syz.1.2567" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f3ae8187af4 code=0x7ffc0000 [ 361.613855][T11395] bond0: (slave bond_slave_0): Releasing backup interface [ 361.615930][ T26] audit: type=1326 audit(1734599910.089:4300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11388 comm="syz.1.2567" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f3ae8187af4 code=0x7ffc0000 [ 361.645182][T11395] bond0: (slave bond_slave_1): Releasing backup interface [ 361.647955][ T26] audit: type=1326 audit(1734599910.089:4301): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11388 comm="syz.1.2567" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f3ae818498a code=0x7ffc0000 [ 361.676792][ T26] audit: type=1326 audit(1734599910.089:4302): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11388 comm="syz.1.2567" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ae8185d29 code=0x7ffc0000 [ 361.680365][T11395] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 361.713132][T11395] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 361.733405][T11403] netlink: 3 bytes leftover after parsing attributes in process `+}[@'. [ 361.745934][T11403] 0ªX¹¦À: renamed from caif0 [ 361.754596][T11403] A link change request failed with some changes committed already. Interface 60ªX¹¦À may have been left with an inconsistent configuration, please check. [ 361.783600][T11406] netlink: 'syz.1.2575': attribute type 1 has an invalid length. [ 362.096346][T11421] syz.4.2579[11421] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 362.096444][T11421] syz.4.2579[11421] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 362.143165][T11427] loop1: detected capacity change from 0 to 128 [ 362.363639][T11428] lo speed is unknown, defaulting to 1000 [ 362.806585][T11428] sit0 speed is unknown, defaulting to 1000 [ 363.709896][T11445] syz.0.2589[11445] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 363.709992][T11445] syz.0.2589[11445] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 363.732283][T11443] netlink: 'syz.3.2588': attribute type 1 has an invalid length. [ 363.876646][T11455] device vlan0 entered promiscuous mode [ 363.889789][T11455] bridge0: port 1(vlan0) entered blocking state [ 363.896838][T11455] bridge0: port 1(vlan0) entered disabled state [ 364.173106][T11469] syz.1.2599[11469] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 364.173235][T11469] syz.1.2599[11469] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 364.415064][T11479] rdma_rxe: rxe_register_device failed with error -23 [ 364.438326][T11479] rdma_rxe: failed to add sit0 [ 364.447044][T11479] tipc: Enabling of bearer rejected, already enabled [ 365.387540][T11492] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2607'. [ 365.474493][T11496] loop1: detected capacity change from 0 to 128 [ 365.536937][ T26] kauditd_printk_skb: 94 callbacks suppressed [ 365.536951][ T26] audit: type=1800 audit(2000000003.699:4397): pid=11496 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2609" name="file1" dev="loop1" ino=1048650 res=0 errno=0 [ 365.592665][T11504] loop4: detected capacity change from 0 to 512 [ 365.600468][T11504] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 365.617535][T11505] syz.2.2613[11505] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 365.617678][T11505] syz.2.2613[11505] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 365.633217][T11504] EXT4-fs (loop4): 1 truncate cleaned up [ 365.655615][T11504] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 365.733073][T11512] EXT4-fs error (device loop4): mb_free_blocks:1815: group 0, inode 15: block 33:freeing already freed block (bit 32); block bitmap corrupt. [ 365.776525][T11514] rdma_rxe: rxe_register_device failed with error -23 [ 365.787884][T11514] rdma_rxe: failed to add sit0 [ 365.805356][T11514] tipc: Enabling of bearer rejected, already enabled [ 365.819936][T11516] loop7: detected capacity change from 0 to 16384 [ 365.848129][T11512] EXT4-fs (loop4): Remounting filesystem read-only [ 365.928732][ T4253] EXT4-fs (loop4): unmounting filesystem. [ 366.039303][T11525] netlink: 36 bytes leftover after parsing attributes in process `syz.4.2619'. [ 366.110140][T11519] loop7: detected capacity change from 16384 to 16383 [ 366.268268][T11525] netlink: 36 bytes leftover after parsing attributes in process `syz.4.2619'. [ 366.352734][T11525] netlink: 36 bytes leftover after parsing attributes in process `syz.4.2619'. [ 366.674566][T11540] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2622'. [ 367.015067][T11556] loop2: detected capacity change from 0 to 128 [ 367.220138][T11552] lo speed is unknown, defaulting to 1000 [ 367.344100][T11558] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2628'. [ 368.013434][T11561] tipc: Enabling of bearer rejected, already enabled [ 368.271656][T11552] sit0 speed is unknown, defaulting to 1000 [ 368.405913][T11573] device syzkaller1 entered promiscuous mode [ 368.593422][T11560] rdma_rxe: rxe_register_device failed with error -23 [ 368.614033][T11560] rdma_rxe: failed to add sit0 [ 368.655506][ T126] usb 3-1: new high-speed USB device number 8 using dummy_hcd [ 368.675006][T11577] netlink: 32 bytes leftover after parsing attributes in process `syz.4.2637'. [ 368.699856][T11577] netem: unknown loss type 13 [ 368.711084][T11577] netem: change failed [ 368.847030][ T126] usb 3-1: New USB device found, idVendor=045e, idProduct=00f4, bcdDevice=d5.51 [ 368.866342][ T126] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 368.889346][ T126] usb 3-1: config 0 descriptor?? [ 368.907976][ T126] gspca_main: gspca_sn9c20x-2.14.0 probing 045e:00f4 [ 368.942673][T11585] loop4: detected capacity change from 0 to 2048 [ 369.008489][T11585] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 369.127022][ T126] gspca_sn9c20x: Write register 1000 failed -71 [ 369.133586][ T126] gspca_sn9c20x: Device initialization failed [ 369.140511][ T126] gspca_sn9c20x: probe of 3-1:0.0 failed with error -71 [ 369.154501][ T4253] EXT4-fs (loop4): unmounting filesystem. [ 369.228907][T11591] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2642'. [ 369.915064][ T126] usb 3-1: USB disconnect, device number 8 [ 369.956269][T11596] netlink: 16402 bytes leftover after parsing attributes in process `syz.4.2644'. [ 369.973939][T11595] netlink: 16402 bytes leftover after parsing attributes in process `syz.4.2644'. [ 370.148603][T11605] device syzkaller1 entered promiscuous mode [ 370.201983][T11607] rdma_rxe: rxe_register_device failed with error -23 [ 370.210199][T11607] rdma_rxe: failed to add sit0 [ 370.217487][T11607] tipc: Enabling of bearer rejected, already enabled [ 370.596389][T11623] IPVS: wrr: UDP 224.0.0.2:0 - no destination available [ 370.771317][T11635] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2662'. [ 370.932519][T11640] loop2: detected capacity change from 0 to 128 [ 370.965723][T11641] rdma_rxe: rxe_register_device failed with error -23 [ 370.972618][T11641] rdma_rxe: failed to add sit0 [ 370.998224][T11641] tipc: Enabling of bearer rejected, already enabled [ 371.157338][T11646] loop7: detected capacity change from 0 to 16384 [ 371.262659][T11648] __nla_validate_parse: 1 callbacks suppressed [ 371.262697][T11648] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2664'. [ 371.926240][T11652] device syzkaller1 entered promiscuous mode [ 371.982431][T11652] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2667'. [ 372.063053][T11643] lo speed is unknown, defaulting to 1000 [ 372.146058][T11647] loop7: detected capacity change from 16384 to 16383 [ 372.648468][T11659] lo speed is unknown, defaulting to 1000 [ 372.655954][T11643] sit0 speed is unknown, defaulting to 1000 [ 372.726537][T11666] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.2672'. [ 372.777263][T11665] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.2672'. [ 372.990909][T11670] IPVS: wrr: UDP 224.0.0.2:0 - no destination available [ 373.003402][T11673] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2675'. [ 373.015613][T11673] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2675'. [ 373.135113][T11674] loop4: detected capacity change from 0 to 512 [ 373.249055][T11674] EXT4-fs error (device loop4): ext4_xattr_inode_iget:404: comm syz.4.2673: inode #1: comm syz.4.2673: iget: illegal inode # [ 373.266250][T11674] EXT4-fs error (device loop4): ext4_xattr_inode_iget:409: comm syz.4.2673: error while reading EA inode 1 err=-117 [ 373.282016][T11674] EXT4-fs error (device loop4): ext4_xattr_inode_iget:404: comm syz.4.2673: inode #1: comm syz.4.2673: iget: illegal inode # [ 373.297506][T11674] EXT4-fs error (device loop4): ext4_xattr_inode_iget:409: comm syz.4.2673: error while reading EA inode 1 err=-117 [ 373.312425][T11674] EXT4-fs (loop4): 1 orphan inode deleted [ 373.318364][T11674] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 374.082956][T11684] tipc: Enabling of bearer rejected, already enabled [ 374.299895][ T26] audit: type=1326 audit(2000000012.449:4398): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11685 comm="syz.0.2679" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc371185d29 code=0x7ffc0000 [ 374.373116][ T26] audit: type=1326 audit(2000000012.479:4399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11685 comm="syz.0.2679" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc371185d29 code=0x7ffc0000 [ 374.474149][ T26] audit: type=1326 audit(2000000012.479:4400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11685 comm="syz.0.2679" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc371185d29 code=0x7ffc0000 [ 374.564209][ T26] audit: type=1326 audit(2000000012.489:4401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11685 comm="syz.0.2679" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc371185d29 code=0x7ffc0000 [ 374.645258][ T26] audit: type=1326 audit(2000000012.489:4402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11685 comm="syz.0.2679" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc371185d29 code=0x7ffc0000 [ 374.702762][ T26] audit: type=1326 audit(2000000012.489:4403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11685 comm="syz.0.2679" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc371185d29 code=0x7ffc0000 [ 374.758970][ T26] audit: type=1326 audit(2000000012.489:4404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11685 comm="syz.0.2679" exe="/root/syz-executor" sig=0 arch=c000003e syscall=32 compat=0 ip=0x7fc371185d29 code=0x7ffc0000 [ 374.827348][ T4253] EXT4-fs (loop4): unmounting filesystem. [ 374.829494][T11659] sit0 speed is unknown, defaulting to 1000 [ 374.837527][ T26] audit: type=1326 audit(2000000012.489:4405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11685 comm="syz.0.2679" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc371185d29 code=0x7ffc0000 [ 374.912905][ T26] audit: type=1326 audit(2000000012.499:4406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11685 comm="syz.0.2679" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fc371185d29 code=0x7ffc0000 [ 374.963663][T11689] loop4: detected capacity change from 0 to 128 [ 374.970242][ T26] audit: type=1326 audit(2000000012.499:4407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11685 comm="syz.0.2679" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc371185d29 code=0x7ffc0000 [ 375.005547][T11681] rdma_rxe: rxe_register_device failed with error -23 [ 375.012984][T11681] rdma_rxe: failed to add sit0 [ 375.482031][T11703] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2687'. [ 375.511630][T11703] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2687'. [ 375.691483][T11712] rdma_rxe: rxe_register_device failed with error -23 [ 375.723266][T11712] rdma_rxe: failed to add sit0 [ 375.747567][T11712] tipc: Enabling of bearer rejected, already enabled [ 375.775677][T11715] loop4: detected capacity change from 0 to 128 [ 375.948625][T11719] netlink: 'syz.1.2694': attribute type 1 has an invalid length. [ 376.087591][T11719] 8021q: adding VLAN 0 to HW filter on device bond7 [ 376.130212][T11721] device vlan2 entered promiscuous mode [ 376.151267][T11721] device bond7 entered promiscuous mode [ 376.176531][T11721] device bond7 left promiscuous mode [ 376.277708][T11727] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2698'. [ 376.484071][T11732] device syzkaller1 entered promiscuous mode [ 376.610487][T11744] rdma_rxe: rxe_register_device failed with error -23 [ 376.624321][T11744] rdma_rxe: failed to add sit0 [ 376.637658][T11744] tipc: Enabling of bearer rejected, already enabled [ 376.773521][T11749] IPVS: wrr: UDP 224.0.0.2:0 - no destination available [ 377.032021][ T4267] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 377.071062][T11757] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 377.082514][T11757] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 377.109586][T11757] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 377.117978][T11757] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 377.134434][T11757] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 377.429657][ T4265] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 377.442478][ T4265] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 377.452463][ T4265] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 377.464581][ T4265] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 377.474554][ T4265] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 377.484590][ T4265] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 377.830140][T11765] lo speed is unknown, defaulting to 1000 [ 377.919455][T11765] sit0 speed is unknown, defaulting to 1000 [ 377.951575][T11755] lo speed is unknown, defaulting to 1000 [ 378.016748][T11774] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2712'. [ 378.068919][T11775] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2712'. [ 378.344375][T11755] sit0 speed is unknown, defaulting to 1000 [ 378.375237][T11785] device syzkaller1 entered promiscuous mode [ 378.406282][T11785] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2716'. [ 378.416107][T11788] rdma_rxe: already configured on sit0 [ 378.458753][ T1265] ieee802154 phy0 wpan0: encryption failed: -22 [ 378.465123][ T1265] ieee802154 phy1 wpan1: encryption failed: -22 [ 378.493766][T11788] tipc: Enabling of bearer rejected, already enabled [ 378.626816][ T31] tipc: Disabling bearer [ 378.641242][ T31] tipc: Left network mode [ 378.688362][T11794] IPVS: wrr: UDP 224.0.0.2:0 - no destination available [ 378.689956][ T7594] general protection fault, probably for non-canonical address 0xdffffc0000000006: 0000 [#1] PREEMPT SMP KASAN [ 378.707066][ T7594] KASAN: null-ptr-deref in range [0x0000000000000030-0x0000000000000037] [ 378.715501][ T7594] CPU: 0 PID: 7594 Comm: kworker/0:10 Tainted: G W 6.1.120-syzkaller-00773-g52f863f820fd #0 [ 378.726970][ T7594] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 378.737039][ T7594] Workqueue: events cleanup_bearer [ 378.742189][ T7594] RIP: 0010:cleanup_bearer+0x1ed/0x280 [ 378.747677][ T7594] Code: 5d 00 48 83 c3 18 48 89 d8 48 c1 e8 03 42 80 3c 28 00 74 08 48 89 df e8 21 34 88 f7 48 8b 1b 48 83 c3 30 48 89 d8 48 c1 e8 03 <42> 80 3c 28 00 74 08 48 89 df e8 04 34 88 f7 49 83 c7 e8 48 8b 1b [ 378.767311][ T7594] RSP: 0018:ffffc9000584fc10 EFLAGS: 00010206 [ 378.773398][ T7594] RAX: 0000000000000006 RBX: 0000000000000030 RCX: 0000000000000001 [ 378.781388][ T7594] RDX: dffffc0000000000 RSI: ffffffff8b0c0360 RDI: 0000000000000001 [ 378.789373][ T7594] RBP: ffff88802fe0ce08 R08: dffffc0000000000 R09: fffffbfff2249c7b [ 378.797357][ T7594] R10: 0000000000000000 R11: dffffc0000000001 R12: ffff88802fe0ce98 [ 378.805346][ T7594] R13: dffffc0000000000 R14: dffffc0000000000 R15: ffff88802fe0ce18 [ 378.813334][ T7594] FS: 0000000000000000(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000 [ 378.822276][ T7594] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 378.827760][T11755] chnl_net:caif_netlink_parms(): no params data found [ 378.828856][ T7594] CR2: 00007fb0489e6b48 CR3: 000000004d968000 CR4: 00000000003506f0 [ 378.828875][ T7594] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 378.828884][ T7594] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 378.828894][ T7594] Call Trace: [ 378.828899][ T7594] [ 378.865731][ T7594] ? __die_body+0x5e/0xa0 [ 378.870054][ T7594] ? die_addr+0x95/0xc0 [ 378.874198][ T7594] ? exc_general_protection+0x3ae/0x590 [ 378.879735][ T7594] ? asm_exc_general_protection+0x22/0x30 [ 378.885453][ T7594] ? cleanup_bearer+0x1ed/0x280 [ 378.890294][ T7594] ? process_one_work+0x7a9/0x11d0 [ 378.895388][ T7594] process_one_work+0x8a9/0x11d0 [ 378.900356][ T7594] ? worker_detach_from_pool+0x260/0x260 [ 378.905996][ T7594] ? _raw_spin_lock_irqsave+0x120/0x120 [ 378.911549][ T7594] ? kthread_data+0x4e/0xc0 [ 378.916038][ T7594] ? wq_worker_running+0x97/0x190 [ 378.921043][ T7594] worker_thread+0xa47/0x1200 [ 378.925711][ T7594] ? _raw_spin_unlock+0x40/0x40 [ 378.930569][ T7594] kthread+0x28d/0x320 [ 378.934616][ T7594] ? worker_clr_flags+0x190/0x190 [ 378.939632][ T7594] ? kthread_blkcg+0xd0/0xd0 [ 378.944222][ T7594] ret_from_fork+0x1f/0x30 [ 378.948643][ T7594] [ 378.951644][ T7594] Modules linked in: [ 378.957556][ T7594] ---[ end trace 0000000000000000 ]--- [ 378.963125][ T7594] RIP: 0010:cleanup_bearer+0x1ed/0x280 [ 378.968707][ T7594] Code: 5d 00 48 83 c3 18 48 89 d8 48 c1 e8 03 42 80 3c 28 00 74 08 48 89 df e8 21 34 88 f7 48 8b 1b 48 83 c3 30 48 89 d8 48 c1 e8 03 <42> 80 3c 28 00 74 08 48 89 df e8 04 34 88 f7 49 83 c7 e8 48 8b 1b [ 378.988519][ T7594] RSP: 0018:ffffc9000584fc10 EFLAGS: 00010206 [ 378.994669][ T7594] RAX: 0000000000000006 RBX: 0000000000000030 RCX: 0000000000000001 [ 379.002733][ T7594] RDX: dffffc0000000000 RSI: ffffffff8b0c0360 RDI: 0000000000000001 [ 379.010880][ T7594] RBP: ffff88802fe0ce08 R08: dffffc0000000000 R09: fffffbfff2249c7b [ 379.020787][ T7594] R10: 0000000000000000 R11: dffffc0000000001 R12: ffff88802fe0ce98 [ 379.028886][ T7594] R13: dffffc0000000000 R14: dffffc0000000000 R15: ffff88802fe0ce18 [ 379.038633][ T7594] FS: 0000000000000000(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000 [ 379.065443][ T7594] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 379.075481][ T7594] CR2: 00007fb700a07b85 CR3: 0000000027bec000 CR4: 00000000003506f0 [ 379.093674][ T7594] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 379.101766][ T7594] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 379.266980][T11755] bridge0: port 1(bridge_slave_0) entered blocking state [ 379.365181][T11755] bridge0: port 1(bridge_slave_0) entered disabled state [ 379.506963][ T7594] Kernel panic - not syncing: Fatal exception [ 379.513353][ T7594] Kernel Offset: disabled [ 379.517676][ T7594] Rebooting in 86400 seconds..