last executing test programs: 57.394293297s ago: executing program 4 (id=1765): r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10) r1 = io_uring_setup(0x60f7, &(0x7f0000000a40)={0x0, 0x0, 0x2, 0xfffffffc, 0x3bd}) r2 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301) ioctl$USBDEVFS_REAPURB(r2, 0x4004550c, 0x0) close_range(r1, 0xffffffffffffffff, 0x0) 57.220669477s ago: executing program 4 (id=1769): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) close(r0) r1 = socket$inet6_mptcp(0xa, 0x1, 0x106) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x200}, 0x1c) listen(r1, 0x0) r2 = socket$inet_mptcp(0x2, 0x1, 0x106) connect$inet(r2, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10) r3 = accept(r1, 0x0, 0x0) sendmsg$TEAM_CMD_OPTIONS_SET(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000200)=ANY=[], 0xfffffdef}, 0x1, 0x0, 0x0, 0x2400c840}, 0x0) recvfrom(r2, &(0x7f0000000280)=""/90, 0xfffffffffffffe4a, 0x500, 0x0, 0x0) 55.454357753s ago: executing program 4 (id=1783): r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_int(r0, 0x107, 0x14, &(0x7f0000000000)=0x930d, 0x4) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'geneve1\x00', 0x0}) ioctl$sock_SIOCDELRT(r0, 0x890c, &(0x7f0000000800)={0x0, @hci={0x1f, 0x4, 0x1}, @sco, @ethernet={0x7, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x22}}, 0x0, 0x0, 0x0, 0x0, 0xfffd, 0x0, 0x3f80000, 0x3, 0x5}) sendto$packet(r0, 0x0, 0x0, 0x44, &(0x7f0000000140)={0x11, 0x0, r1, 0x1, 0xb}, 0x14) 55.246538693s ago: executing program 4 (id=1785): syz_read_part_table(0x613, &(0x7f0000000c40)="$eJzs3D9olHcYB/DvJbmcUUg6OLnUOHQSiuJohirJVbEQTqUQHOw/RJopQuCkhynJ0GZQzCAdu0jhOmicjBmcFIXORRwswg0uBbtI7ZArd3mbXGgtLY2U0s9nuOe94+H5/h5419+F/7S+lIundqVb3v7wT/vbI5vPczndHJ841m6326eSUs6knNHy8HKSgWydmn1JBnvmXP965+qXP71bbj4++eKts/cW+zZmVvJGkl29zRn6o6NU/t6mvA43xu6PzC/MVC93vlQbrbX3k5vPx2srJxaXlo+Xj37c+f1S8qDoX38xhnIh9VzMp/lg4C9Hfb75WNqSP9fJr4+df1RttL5qPj2wtqfaf/vc4Zd7V6/cPZjMdiIm033ZNw3+w8V78ucXfjtPozU7enVqqXFk/63d1w7V7zysPev/ub2uE7lNoQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvDY3Oh8LM9XL9bHzj6qN1hfff/fezefjtZUTi0vLxwePPin6HhR1oKgXUs/FlJNMZzqfZOZ3k/tfFTlV6s0fuz8yv5H/y87k6YG1PdXm7XOHX06sXrl7sNtVymSn9G3X1q/Kb7RmR69OLTWO7L+1+9qh+p2HtWfFGtOVfNRdN0ll+48BAAAAAAAAAAAAAAAAAADA/9z4xLG9k+/UTiWlnNkxPJwfP+vesm9Xhr5N9+b9un1FfVJJhpNc37H+XwDNxydfDJ69t/hDcSl+LpXMJdn1zcrp5M2NnEtbY8ubk/k3/RoAAP//426Ogw==") creat(&(0x7f0000000040)='./bus\x00', 0x0) mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f00000002c0)='./bus\x00', 0x0, 0x1000, 0x0) r0 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) pwritev2(r0, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x78c00}], 0x1, 0x1200, 0x0, 0x3) 54.823819302s ago: executing program 4 (id=1789): socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)) r0 = socket$inet_smc(0x2b, 0x1, 0x0) bind$inet(r0, &(0x7f0000000140)={0x2, 0x4e22, @multicast2}, 0x10) setsockopt$SO_BINDTODEVICE_wg(r0, 0x1, 0x19, &(0x7f0000000100)='wg0\x00', 0x4) r1 = socket$inet_smc(0x2b, 0x1, 0x0) bind$inet(r1, &(0x7f0000000140)={0x2, 0x4e22, @multicast2}, 0x10) connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10) r2 = socket$nl_sock_diag(0x10, 0x3, 0x4) sendmsg$TCPDIAG_GETSOCK(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000340)=ANY=[@ANYBLOB="4c0000001200010300000000fd08000000000000000200"/46, @ANYRESOCT=r1], 0x4c}}, 0x0) 54.481980901s ago: executing program 4 (id=1794): bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) mknod(0x0, 0x8001420, 0x0) open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000780)={[{@errors_remount}, {@resuid}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@resgid}, {@block_validity}, {@quota}]}, 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV") 54.25063807s ago: executing program 32 (id=1794): bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) mknod(0x0, 0x8001420, 0x0) open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000780)={[{@errors_remount}, {@resuid}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@resgid}, {@block_validity}, {@quota}]}, 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV") 3.298205778s ago: executing program 3 (id=2317): openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x441, 0x0) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10) write$P9_RVERSION(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b00000800395032303030"], 0x15) r3 = dup(r1) mount$9p_fd(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r3}}) 2.874400556s ago: executing program 3 (id=2319): sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0) sendmsg$key(0xffffffffffffffff, 0x0, 0x0) memfd_create(&(0x7f0000000100)=';e\x00\x00\xa4\xd8\xe0\x9c\x7f9\x8aZ]3N\xbb\xe1^\x9c\xe1\x9b6s$0Y\xf8\x90\x00\x00\x00\x00\xd2~l\xf6\x12\xde\xdd\xd5\x1d\x96\xb0a\xad\xcd\x16\xd8G\xae\xd9DZm\xabO\xad\x11%\x7f`@\x16c\xc0\xb6\x1f\xe3\x00\x1a_\xc7\xbf\xa7T\xbe\x13\x8b\xb3r\x8fL\xe6\xba\xe7\x18\xb4$BIj\xa3\xc9\xc6|\x9b\x88\xddPx\x02I\xde\xe8\xcd\x02\xc1\xedc2\x06\xcbM\xfb\x13jZ\x96\xeej\x9b\xe4XjN\xb9>\xdf3U\r \x8dh8T/h)\x90\xff\x8d\xd9\x89\xab\xf8P\xacYtk\xa3\xed\xfa*8\x13\b\xce\xf8z\xed\xadnz\x96\xa3\x9a9R\xd9]\xe11We\xfe3\xe06\x1a^\x04^\xef\xa3\x0fU\x9b1\xc6J\x83\x9d[\\a\xfd\xdc\xa1\xcd\xbe\x9b\xc5z7\xe8VP\x89\x16MK`\xe5\x137\b\x00\x00\x00\xd5\x01\xea\x98\xe6Z\x95j\xe3\x0ek>\x14\x80\rXS\xce\xf9\x0e\x89\xc4\xc6\x1bOm4Lla\r\xce\x17\xb5r&\xf3\x96\xbc\xc39\xa7\x95\xd9F\x17', 0x0) r0 = socket(0x80000000000000a, 0x2, 0x0) setsockopt$inet6_group_source_req(r0, 0x29, 0x2e, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @remote}}}, 0x108) r1 = socket(0x80000000000000a, 0x2, 0x0) setsockopt$inet6_group_source_req(r1, 0x29, 0x2e, &(0x7f0000000340)={0x1, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @empty}}}, 0x108) setsockopt$inet6_group_source_req(r1, 0x29, 0x2e, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @loopback}}}, 0x108) setsockopt$inet6_group_source_req(r1, 0x29, 0x2e, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}}}, 0x108) r2 = socket(0x80000000000000a, 0x2, 0x0) setsockopt$inet6_group_source_req(r2, 0x29, 0x2e, &(0x7f0000000080)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}}}, 0x108) 2.809649907s ago: executing program 3 (id=2320): socket(0xa, 0x2400000001, 0x0) r0 = socket$packet(0x11, 0x2, 0x300) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)) socket(0x28, 0x5, 0x0) socket(0x28, 0x5, 0x0) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) pselect6(0x40, &(0x7f00000001c0)={0x0, 0x3000}, 0x0, &(0x7f00000002c0)={0x3ff}, 0x0, 0x0) setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x1000, 0x3a, 0x1000, 0x3a}, 0x1c) 2.045543755s ago: executing program 2 (id=2337): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c) mmap(&(0x7f0000000000/0x2000)=nil, 0x30000, 0x2, 0x11, r0, 0x0) setsockopt$packet_rx_ring(r0, 0x107, 0x5, 0x0, 0x0) r1 = openat$tun(0xffffffffffffff9c, 0x0, 0x40241, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) r2 = socket$kcm(0x2, 0x3, 0x2) ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @broadcast}) write$tun(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="0800000e000012000000000002004500002800", @ANYRES32=0x41424344, @ANYRES32=0x41424344], 0x36) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000580)=ANY=[@ANYBLOB, @ANYRES32=0x0, @ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffffffffffff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001c", @ANYRES32=0x0, @ANYBLOB='\x00\x00'], 0xc4}}, 0x0) 1.982712835s ago: executing program 0 (id=2339): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) syz_emit_ethernet(0x3a, &(0x7f00000004c0)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x3, 0x0, 0x2c, 0x0, 0x0, 0x0, 0x4, 0x0, @empty, @multicast1}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0) 1.817818245s ago: executing program 3 (id=2342): sched_setscheduler(0x0, 0x1, 0x0) sched_setscheduler(0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) socket$netlink(0x10, 0x3, 0x0) creat(&(0x7f00000003c0)='./bus\x00', 0x0) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14103e, 0xb0) r2 = open(&(0x7f00000004c0)='./bus\x00', 0x143042, 0x0) ftruncate(r2, 0x2008002) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x7ffffe, 0x11, r1, 0x0) r3 = gettid() process_vm_writev(r3, &(0x7f0000c22000)=[{&(0x7f000034afa4)=""/1, 0x1f80}], 0x2b, &(0x7f0000c22fa0)=[{&(0x7f0000000080)=""/1, 0x2034afa5}], 0x1, 0x0) 1.817625365s ago: executing program 0 (id=2343): bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000180), 0x0, 0x105}, 0x38) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) r0 = epoll_create1(0x0) r1 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000000)={0xe000202b}) 1.787984344s ago: executing program 1 (id=2344): socket$nl_netfilter(0x10, 0x3, 0xc) socket$nl_netfilter(0x10, 0x3, 0xc) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, 0x0, 0x0) getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) newfstatat(0xffffffffffffff9c, 0x0, 0x0, 0x400) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_COALESCE_GET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000300)={0x2c, r1, 0x1, 0x0, 0x0, {0x1c}, [@HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netdevsim0\x00'}]}]}, 0x2c}}, 0x0) 1.779587674s ago: executing program 2 (id=2345): openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000100)='mm_lru_insertion\x00', r1}, 0x10) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0) write$cgroup_type(r2, &(0x7f0000000180), 0x40010) 1.654018084s ago: executing program 1 (id=2347): mknodat$null(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x103) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @local, 0xb}, 0x1c) syncfs(r0) r2 = socket$netlink(0x10, 0x3, 0x2) ioctl$sock_SIOCGIFVLAN_DEL_VLAN_CMD(r2, 0x8982, &(0x7f0000000000)={0x1, 'vlan1\x00', {}, 0xfe01}) 1.510148654s ago: executing program 2 (id=2348): syz_open_procfs(0x0, &(0x7f0000000000)='net/rt_acct\x00') r0 = getpid() r1 = syz_pidfd_open(r0, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2000000, 0x0, 0x0, 0x0, &(0x7f0000000000)) mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000), 0x0, 0x0) mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) mount$bind(0x0, &(0x7f0000000280)='./file0/../file0\x00', 0x0, 0x1adc51, 0x0) setns(r1, 0x8020000) mount_setattr(0xffffffffffffff9c, &(0x7f0000000180)='.\x00', 0x8800, &(0x7f0000001dc0)={0xf, 0x84, 0x40000}, 0x20) 1.481291724s ago: executing program 0 (id=2349): symlink(0x0, 0x0) lchown(0x0, 0xee00, 0x0) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x21c91c, &(0x7f0000000a80)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x200}}, {@noblock_validity}, {@mblk_io_submit}, {@nodiscard}, {@noinit_itable}, {@abort}, {@nouid32}, {@errors_remount}, {@resgid={'resgid', 0x3d, 0xee00}, 0x32}]}, 0x1c, 0x4e2, &(0x7f0000000540)="$eJzs3d9rW9cdAPDvla0sP5zZYXvIAsvCkmGHLZIdL4nZQ5bB2J4C27L3zLNlYyxbxpKT2ITNoX9AoZS20Kc+9aXQP6BQ8ieUQqB9L21pKW3SPhTaRkVXUuI4UuwQWUrtzweufc7Rlb7fI6Gje64OVwHsWSci4mRE3K9Wq6cjYrDRnmlsl2qV9fp+9+7enKptSVSrV75MIpJ6W22XkQ2Peah+l9gfEf/6e8R/k8fjllfX5ieLxcJyo56vLCzly6trZ+YWJmcLs4XF8fGx8xMXJs5NjHaknwMRcfGvn77y4pt/u/juH65/dPXzkf8ljfaIh/3otHrXs+lz0dQfEcs7EaxH+tMeAgDwU9A8zv9tRJyOwehLj+YAAACA3aT654H4PomoAgAAALtWJl0Dm2RyjXUAA5HJ5HL1Nby/jIOZYqlc+f1MaWVxur5WdiiymZm5YmG0sVZ4KLJJrT6Wlh/Wz26qj0fEkYh4efBAWs9NlYrTvT75AQAAAHvEoU3z/28G6/P/Db7rWXIAAABA5wz1OgEAAABgx5n/AwAAwO5n/g8AAAC72j8uX65t1ebvX09fW12ZL107M10oz+cWVqZyU6XlpdxsqTSbXrNvYavHK5ZKS3+MxZUb+UqhXMmXV9euLpRWFitX5x75CWwAAACgi4785vaHSUSs/+lAutXs63VSQFf0P83On+xcHkD39fU6AaBnnurzH9hVsr1OAOi5ZIvb2y7eea/zuQAAADtj+Fetv//v2/LcwHqmSykCO8T5P9i7fP8Pe9dgrxMAeiYbfWEiD3vbVpcAffbv/6vVp0oIAADouIF0SzK5iPQ8wEBkMrlcxOF0TpBNZuaKhdGI+HlEfDCY/VmtPpbeM9lyzTAAAAAAAAAAAAAAAAAAAAAAAAAAUFetJlEFAAAAdrWIzGdJejX/iOHBUwObzw/sS75NfyJ0X0Rcf/3KqzcmK5XlsVr7Vw/aK6812s/24gwGAAAAsFlznt6cxwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAJ927e3OquXUz7hd/iYihVvH7Y3/6f39kI+Lg10n0b7hfEhF9HYi/fisijraKn9TSiqFGFq3iH+hx/EMdiA972e3a+HOp1fsvEyfS/63ff+fTEerZtR//Mg/Gv74W8Wtth7cZ49idt/Nt49+KONbfevxpxk/ajD8ntxn/P/9eW2t3W/WNiOGWnz/JI7HylYWlfHl17czcwuRsYbawOD4+dn7iwsS5idH8zFyx0PjbMsZLv37n/pP6f7BN/KEt+n9qm/3/4c6Nu7+oF7Ot4o+cbP36H20TP9N4/X/XKNduH26W1+vljY6/9f7xJ/V/uk3/t3r9R7bZ/9P/fOHjbe4KAHRBeXVtfrJYLCzv6cIzPRu1w6LnohfPZ6H2vD4HabQs/H8HHrl2ZN7rfnWi0NNhCQAA2AGPz4EBAAAAAAAAAAAAAAAAAACAbuvG5cQ2X/R4Pf3biavnAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB0zo8BAAD//zDq0hY=") 1.405342083s ago: executing program 5 (id=2350): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180000000000000600000000000000008500000007000000c5000000a000020095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='netlink_extack\x00', r0}, 0x10) ftruncate(0xffffffffffffffff, 0x6432) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f00000018c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000580)=@bridge_delneigh={0x1c, 0x1e, 0x1, 0x0, 0x0, {0x7}}, 0x1c}}, 0x0) 1.287746633s ago: executing program 1 (id=2351): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff"], 0x15) r2 = dup(r1) mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f00000002c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}}) write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18) write$FUSE_DIRENTPLUS(r2, &(0x7f0000000540)=ANY=[@ANYBLOB="a8"], 0xa8) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}}) fchmodat(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x1ff) 1.287070003s ago: executing program 2 (id=2352): bind$netlink(0xffffffffffffffff, &(0x7f0000177ff4)={0x10, 0x0, 0x1}, 0xc) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r0}, 0x10) prlimit64(0x0, 0xe, 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5) getpid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000840)='./file0\x00', 0x801, &(0x7f0000000080), 0x64, 0x518, &(0x7f0000000200)="$eJzs3c9vG1kdAPDvOHa3adNNFjjASiwLuyitoHayYXcjDssiITitBCz3EhIniuLEUezsNlFFU/EHICEESJzgwgWJPwAJVeLCESFVgjMIEAhBCwcO0EG2J2l+jBO3uHEafz7SZN57M+Pve45mPG/maSaAofVyRLwdEQ/TNL0WEeNZeSGbYqcztdZ7cP/WfGtKIk3f/XsSSVa2+1lJNr+cbXYxIr76pYhvJEfjNra2V+ZqtepGlq80V9crja3t68urc0vVperazMz0G7Nvzr4+O9WXdl6JiLe+8OfvffsnX3zrF59+/w83/nr1m61qjWXL97fjMRWPW9hpeqn9XezfYOMJg51FxXYLM6N5a4wcKbnzlOsEAEC+1jn+ByLiExFxLcZj5PjTWQAAAOAZlH5uLP6TRKT5LnQpBwAAAJ4hhfYY2KRQzsYCjEWhUC53xvB+KC4VavVG81OL9c21hc5Y2YkoFRaXa9WpbKzwRJSSVn66nX6Uf+1QfiYiXoiI746PtvPl+XptYdAXPwAAAGBIXD7U///XeKf/DwAAAJwzE4OuAAAAAPDU6f8DAADA+af/DwAAAOfal995pzWlu++/Xnhva3Ol/t71hWpjpby6OV+er2+sl5fq9aX2M/tWT/q8Wr2+/plY27xZaVYbzUpja/vGan1zrXlj+cArsAEAAIBT9MLH7v4uiYidz462p5YLvW3a42rAWVXcSyXZPGe3/v3znfmfTqlSwKkYGXQFgIEpDroCwMCUBl0BYOCSg9kj3YKug3d+nc0/3v86AQAA/TX5ke73/wvHbrlz/GLgzLMTw/By/x+GV/v+f68jeZ0swLlScgYAQ2/f/f/0ds7yE+//nyhNH79WAABAP421p6RQzi7vjUWhUC5HXGm/FqCULC7XqlMR8XxE/Ha89FwrP93eMjk8ZhgAAAAAAAAAAAAAAAAAAAAAAAAA6CJNk0gBAACAcy2i8Jfkl51n+U+Ovzp2+PrAheTf45G9IvT9H777/ZtzzebGdKv8H3vlzR9k5a8N4goGAAAADIXHeoH/bj99tx8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP304P6t+d3pNOP+7fMRMZEXvxgX2/OLUYqIS/9MorhvuyQiRvoQf7T158N58ZNWtfZC5sUf7UP8nTvHxo+J7FvIi3+5D/FhmN1tHX/eztv/CvFye56//xUjDuSfVPfjX+wd/0a67P9Xeozx4r2fVbrGvxPxYjH/+LMbP+kS/5Ue43/9a9vb3ZalP4qYzP39SQ7EqjRX1yuNre3ry6tzS9Wl6trMzPQbs2/Ovj47VVlcrlWzv/FcTozvfPTnD49r/6Uu8SdOaP+rPbb/v/du3v9gJ1nKi3/1lZz4v/pxtsbR+IXst++TWbq1fHI3vdNJ7/fST3/z0nHtX+jS/pP+/1d7bP+1r3zrjz2uCgCcgsbW9spcrVbdOLeJVi/9DFRD4gwmbvf1A9M0TVv71P/xOUmcha+lnRj0kQkAAOi3Ryf9g64JAAAAAAAAAAAAAAAAAAAADK/TeJzY4Zg7e6mkH4/QBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADoi/8FAAD//z742t0=") llistxattr(&(0x7f0000000140)='./file1\x00', 0x0, 0x0) 1.141932943s ago: executing program 5 (id=2353): syz_mount_image$ext4(0x0, &(0x7f0000000440)='./file0\x00', 0x29c500a, 0x0, 0x4, 0x0, &(0x7f0000000000)) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, &(0x7f00000002c0)=ANY=[@ANYBLOB="1500000065ffff"], 0x15) r2 = dup(r1) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x2, 0x2, 0x1000, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000300)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[], [], 0x6b}}) 1.089228293s ago: executing program 1 (id=2354): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x2000040, &(0x7f0000000340)={[{@errors_remount}, {@nodiscard}, {@noquota}, {@init_itable}, {@stripe={'stripe', 0x3d, 0x79}}, {@resgid}, {@sysvgroups}, {@delalloc}, {@usrquota}]}, 0x10, 0x4dc, &(0x7f0000000d80)="$eJzs3d9rHFsdAPDvTLK3v3JNrvpwveBtsZW0aHeTxrbBh1pB7FPBWt9rTDYhZJMN2U3bhCIpviuIqOCTT74I/gGC9E8QoaDvUkURbfXBB3VlZ2drG3eTlG52LsnnA9M5M2d3v9/TsGfmzBx2Aji2zkXEzYgYiYhLETGe70/z5Va7/k7ndS+eP5pvL0m0Wnf/mkSS7+t+VpKvz0TETkScjIiv34r4VvL/cRtb2ytztVp1I9+uNFfXK42t7cvLq3NL1aXq2szM9LXZ67NXZ6cG0s6JiLjxlT/+8Hs/++qNX33+we/v/fnit9tpjeX1r7ZjkDpNL2X/F12jEbFxGMEKMJKvS33qvzsyxGQAANhX+xz/4xHxmez8fzxGsrNTAAAA4ChpfWks/pVEtAAAAIAjK83mwCZpOZ8LMBZpWi535vB+Mk6ntXqj+bnF+ubaQmeu7ESU0sXlWnUqnys8EaWkvT2dz7Htbl/ZtT0TEe9FxA/GT2Xb5fl6baHoix8AAABwTJzZNf7/x3g2/j9RdF4AAADAgE0UnQAAAABw6Iz/AQAA4Ogz/gcAAIAj7Wu3b7eXVvf51wv3tzZX6vcvL1QbK+XVzfnyfH1jvbxUry9lv9m3ut/n1er19S/E2ubDSrPaaFYaW9v3Vuuba817y689AhsAAAAYovfOPvldEhE7XzyVLW3vFJ0UMBTJPvXZQ0Ke5Rt/GEJCwNCMFJ0AUJjRohMAClMqOgGgcPtdB+g7eefXg88FAAA4HJOf6n//37UBONrSohMAAIbO/X84vkqvzwC8WlwmQFE+tk/929//b7XeKCEAAGDgxrIlScv5vcCxSNNyOeLd7LEApWRxuVadyscHvx0vnWhvT2fvTPadMwwAAAAAAAAAAAAAAAAAAAAAAAAAdLRaSbQAAACAIy0i/VOS/Zp/xOT4hbHd1wfeSf45nq0j4sFP7v7o4VyzuTHd3v+3l/ubP873XyniCgYAAACwW3ec3h3HAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAgvXj+aL67DDPuX74cERM94589ma1ORikiTv89idFX3pdExMgA4u88joj3e8VP2mnFRHSy6BX/VIHx04g4M4D4cJw9afc/N3t9/9I4l617f/9G8+Vt9e//0uj2fyN9+p93Dxjjg6e/qPSN/zjig9He/U83ftIn/vkDxv/mN7a3+9W1fhox2fP4k7wWq9JcXa80trYvL6/OLVWXqmszM9PXZq/PXp2dqiwu16r5vz1jfP/Tv/zPXu0/3Sf+xD7tv3DA9v/76cPnn+gUS73iXzzf+/j7fp/4aX7s+2xebtdPdss7nfKrPvz5bz7cq/0Lfdr/8u/f40DbjnnxgO2/dOc7zw74UgBgCBpb2ytztVp1460Kg/qcNyykUUBQhUMqnPhopKHQKezVayTD66AAAICB+d9Jf9GZAAAAAAAAAAAAAAAAAAAAwPE1jJ8T2x1zp5imAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADs6b8BAAD///JI2KQ=") rseq(&(0x7f00000004c0), 0x20, 0x0, 0x0) clock_nanosleep(0x2, 0x0, 0x0, 0x0) r0 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)=0x0) timer_settime(r1, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0) r2 = socket(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r2, 0x0, 0x8884) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) waitid(0x0, 0x0, 0x0, 0x4, 0x0) syz_clone(0x800000, &(0x7f0000000040), 0x0, 0x0, &(0x7f0000000280), &(0x7f00000002c0)) 1.087950803s ago: executing program 5 (id=2355): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c) mmap(&(0x7f0000000000/0x2000)=nil, 0x30000, 0x2, 0x11, r0, 0x0) setsockopt$packet_rx_ring(r0, 0x107, 0x5, 0x0, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, 0x0) r2 = socket$kcm(0x2, 0x3, 0x2) ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @broadcast}) write$tun(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="0800000e000012000000000002004500002800", @ANYRES32=0x41424344, @ANYRES32=0x41424344], 0x36) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000580)=ANY=[@ANYBLOB, @ANYRES32=0x0, @ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffffffffffff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001c", @ANYRES32=0x0, @ANYBLOB='\x00\x00'], 0xc4}}, 0x0) 827.673952ms ago: executing program 5 (id=2356): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) open(&(0x7f0000000080)='./file0\x00', 0x1c1c41, 0x6) write$P9_RVERSION(r1, &(0x7f00000002c0)=ANY=[@ANYBLOB="1500000065ffff018000000800395032303030"], 0x15) r2 = dup(r1) write$P9_RLERRORu(r2, &(0x7f0000000300)=ANY=[@ANYBLOB, @ANYBLOB='N'], 0x53) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000080)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[], [], 0x6b}}) 609.790002ms ago: executing program 5 (id=2357): syz_mount_image$ext4(0x0, &(0x7f00000000c0)='./file0\x00', 0x1210000, 0x0, 0x0, 0x0, 0x0) listxattr(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) 511.494151ms ago: executing program 0 (id=2358): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$IPVS_CMD_SET_CONFIG(r0, &(0x7f00000015c0)={0x0, 0x0, &(0x7f0000001580)={&(0x7f0000000000)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000"], 0x24}}, 0x0) 497.524262ms ago: executing program 5 (id=2359): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$can_j1939(0x1d, 0x2, 0x7) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000380)={'vcan0\x00', 0x0}) bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="1600000000000000040000000100000000000000eb6fabf35ab7e8645840d78adbf6f1f694f0571ebc03dfdb2daf34da412de35bff103c4487d53c3b34dae4f2b3765baacab1f905a64d3ad5d76c25860281c45f67edc54265c39767ae6f50292b63a85eea26ffdfa8f7edc5bd3ce6fa6a86f0", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/21], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) set_mempolicy(0x4005, &(0x7f0000000080)=0x7e, 0x9) syz_clone(0x40000000, 0x0, 0x0, 0x0, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) syz_io_uring_setup(0x239, 0x0, &(0x7f0000000180)=0x0, &(0x7f00000001c0)=0x0) syz_io_uring_submit(r4, r5, &(0x7f0000000040)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, 0x14a8}, 0x0, 0x41, 0x1}) r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000800000006"], 0x48) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r7}, 0x10) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000180)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}) io_uring_enter(0xffffffffffffffff, 0x5e45, 0x0, 0x0, 0x0, 0x0) r8 = socket$can_j1939(0x1d, 0x2, 0x7) bind$can_j1939(r8, &(0x7f0000000080)={0x1d, r3, 0x0, {0x0, 0x0, 0x4}}, 0x18) sendmsg$can_j1939(r8, &(0x7f0000000300)={&(0x7f0000000200)={0x1d, r3, 0x0, {0x1, 0xff, 0x3}, 0x2}, 0x18, &(0x7f0000000280)={&(0x7f00000003c0)="e6644b4c6ed14e8d7ab5dab1", 0xc}, 0x1, 0x0, 0x0, 0x4000080}, 0x20046044) sendmsg$can_j1939(r8, &(0x7f00000001c0)={&(0x7f0000000040), 0x18, &(0x7f0000000180)={&(0x7f00000000c0)="92", 0x1a000}}, 0xee) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000000)={'vcan0\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000140)=@newtfilter={0x24, 0x11, 0x1, 0x74bd2b, 0x0, {0x0, 0x0, 0x74, r9, {0x6, 0x4}, {0x0, 0x4}, {0xa}}}, 0x24}, 0x1, 0xf0ffffffffffff}, 0x0) 368.027541ms ago: executing program 0 (id=2360): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r0}, 0x10) bpf$TOKEN_CREATE(0x24, &(0x7f0000000180)={0x0, r0}, 0x8) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) r1 = getpid() r2 = gettid() r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0) read(r3, &(0x7f0000000200)=""/209, 0x128) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000300)={0xa, 0x0, 0x1, 'queue1\x00'}) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_CLIENT(r3, 0x404c534a, &(0x7f0000000400)) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f00000000c0)={0x2d2, 0x101, 0x1, 'queue1\x00', 0x7ff}) tkill(r2, 0x7) setreuid(0xee00, 0x0) r4 = syz_pidfd_open(r1, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r5) setns(r4, 0x24020000) syz_clone3(&(0x7f00000008c0)={0x14860000, 0x0, 0x0, 0x0, {0x28}, 0x0, 0x0, 0x0, 0x0}, 0x58) bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="17000000000000000400", @ANYRES32=0x1, @ANYBLOB="0000000000fffe00"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/10], 0x48) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) r6 = creat(&(0x7f00000000c0)='./file0\x00', 0xd4) dup2(r6, r6) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) sendto$inet6(0xffffffffffffffff, &(0x7f0000000180)="1a", 0x34000, 0x0, &(0x7f0000000480)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) 282.217541ms ago: executing program 1 (id=2361): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0) mq_timedreceive(r0, 0x0, 0x0, 0x0, 0x0) 281.939781ms ago: executing program 2 (id=2362): syz_open_procfs(0x0, &(0x7f0000000000)='net/rt_acct\x00') r0 = getpid() r1 = syz_pidfd_open(r0, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2000000, 0x0, 0x0, 0x0, &(0x7f0000000000)) mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000), 0x0, 0x0) mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) mount$bind(0x0, &(0x7f0000000280)='./file0/../file0\x00', 0x0, 0x1adc51, 0x0) setns(r1, 0x8020000) mount_setattr(0xffffffffffffff9c, &(0x7f0000000180)='.\x00', 0x8800, &(0x7f0000001dc0)={0xf, 0x84, 0x40000}, 0x20) 272.177451ms ago: executing program 3 (id=2363): socket$inet6_tcp(0xa, 0x1, 0x0) process_madvise(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103) r0 = syz_io_uring_setup(0xe42, &(0x7f0000000140)={0x0, 0x2119, 0x400}, &(0x7f0000000240)=0x0, &(0x7f00000001c0)=0x0) pipe2$9p(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r4, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004"], 0x15) r5 = dup(r4) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="0100bd0000000000040000e12640000000000000"], 0x50) write$RDMA_USER_CM_CMD_SET_OPTION(r5, &(0x7f00000000c0)={0xe, 0x18, 0xfa00, @id_tos={0x0}}, 0x20) write$binfmt_elf64(r5, 0x0, 0x7c8) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB, @ANYRESHEX=r3, @ANYBLOB=',wfdno=', @ANYRESHEX=r5]) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000040)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f00000004c0)={0x0, 0x0, 0x32}, &(0x7f0000000500)='./file0\x00', 0x18}) io_uring_enter(r0, 0x47f6, 0x0, 0x0, 0x0, 0x0) 147.922151ms ago: executing program 2 (id=2364): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000480)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cf84ded40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c86e00f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec231fed44da4928b30142ba11de6c5d50b83bae6134022beb5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a3c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978c3906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895012f1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c3405000000000000003871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d37261774cc5a3bf6b466cb72812da518ff602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d50a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a31b16ac5fb73fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953f88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a5fe1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9d66ebbc8bab4ea81232fbef665f6212f875b2a00000000000000aceb111b66a500ca52fd8f848088c67ee65dfdcc4c580e9bc18c1699dca07d019bf1bf9dd3da480d6c155d7e60674ce88ab5ae07a9d16e22792d99986b531ab4e592ab5925da779e700cf20309a2137877690dc5c07956fc82d7b3bb46d3138041af18508938c9be4e5d0a98073463a5cff6c146d020743da474cb81677a6f389f0e00c33b70b7f8bab95435c27167f365a29fb09cbf35bf192f6a65616fa2ad9a6c7ca3a3ecd96aaecd993e8badb40e7eb8a22b0015e70c885cd519e28448168c6d914265998bff74ea1b0e651a6cae9419096248a0e41573827ad60fafce6e6540734c1f23f75337d836c31497e8112969a039d65aa297e2b046b5f4d11116a89f9f65693d4dc3e70fbfe0b2044fdb3f87e887d1daae8e38a0c19f668f776e19a02bb2449ee4384f6536879c85d7e41bc0276ee2b125d41ff358323311703ec01d64a573bdeb75bdcc87d01de38365ab9222713d2d1640a742d62fefb5403b2ed9969c32a0841e8c36b0107bb888eb14ac62e6d4bdfaeb9ee7436b97bf3825a19d6c8997ce285edf1d277ed703f560460417bfe702af833e83c5b987befb6d1fcf765ab7ea537d9dafb622a1ba8686cb9b1c63b84470364942e90d1cf856cead864f5e38c83b9ed86cc5725a20299ce512b16500"/4078], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x2e) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='sys_enter\x00', r0}, 0x10) renameat2(0xffffffffffffff9c, 0x0, 0xffffffffffffff9c, 0x0, 0x0) 31.266471ms ago: executing program 1 (id=2365): bpf$PROG_LOAD(0x5, 0x0, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000001c0)={0x1, &(0x7f0000000200)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) truncate(&(0x7f0000000080)='./file1\x00', 0xfe0) 30.560071ms ago: executing program 0 (id=2366): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c) mmap(&(0x7f0000000000/0x2000)=nil, 0x30000, 0x2, 0x11, r0, 0x0) setsockopt$packet_rx_ring(r0, 0x107, 0x5, 0x0, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, 0x0) r2 = socket$kcm(0x2, 0x3, 0x2) ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @broadcast}) write$tun(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="0800000e000012000000000002004500002800", @ANYRES32=0x41424344, @ANYRES32=0x41424344], 0x36) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000580)=ANY=[@ANYBLOB, @ANYRES32=0x0, @ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffffffffffff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001c", @ANYRES32=0x0, @ANYBLOB='\x00\x00'], 0xc4}}, 0x0) 0s ago: executing program 3 (id=2367): syz_mount_image$fuse(0x0, &(0x7f0000000040)='./file0\x00', 0x69, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15) r2 = dup(r1) write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18) write$FUSE_DIRENTPLUS(r2, &(0x7f0000002100)=ANY=[@ANYBLOB="b0"], 0xb0) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b7030000000000f7850000002d00000095"], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10) write$FUSE_DIRENTPLUS(r2, &(0x7f0000000140)=ANY=[@ANYBLOB="10000000000000"], 0x10) mount$9p_fd(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000500)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@posixacl}]}}) kernel console output (not intermixed with test programs): ined pid=7796 comm="syz.3.1257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22b7b85d29 code=0x7ffc0000 [ 230.220847][ T26] audit: type=1326 audit(1737070950.267:1015): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7796 comm="syz.3.1257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=227 compat=0 ip=0x7f22b7b85d29 code=0x7ffc0000 [ 230.245564][ T26] audit: type=1326 audit(229.501:1016): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7796 comm="syz.3.1257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22b7b85d29 code=0x7ffc0000 [ 230.267512][ T26] audit: type=1326 audit(229.501:1017): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7796 comm="syz.3.1257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22b7b85d29 code=0x7ffc0000 [ 230.304209][ T7820] loop1: detected capacity change from 0 to 1024 [ 230.314245][ T26] audit: type=1326 audit(229.501:1018): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7796 comm="syz.3.1257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f22b7b85d29 code=0x7ffc0000 [ 230.366508][ T7821] loop0: detected capacity change from 0 to 2048 [ 230.381930][ T7820] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 230.467014][ T7821] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 230.492504][ T7837] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1270'. [ 230.771290][ T4258] EXT4-fs (loop1): unmounting filesystem. [ 230.904361][ T7857] netlink: 'syz.2.1276': attribute type 5 has an invalid length. [ 231.136919][ T4252] EXT4-fs (loop0): unmounting filesystem. [ 231.320497][ T7871] loop4: detected capacity change from 0 to 512 [ 231.332631][ T7871] EXT4-fs: Ignoring removed i_version option [ 231.371723][ T7871] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 231.471775][ T7871] EXT4-fs (loop4): 1 truncate cleaned up [ 231.477554][ T7871] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 231.874981][ T7877] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1282'. [ 231.983322][ T4251] EXT4-fs (loop4): unmounting filesystem. [ 232.180360][ T7891] loop1: detected capacity change from 0 to 164 [ 232.215235][ T7891] Unable to read rock-ridge attributes [ 232.240439][ T7888] loop4: detected capacity change from 0 to 8192 [ 232.255933][ T7891] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 232.275427][ T7891] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 232.295055][ T7891] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 232.323887][ T7891] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 232.556831][ T7900] loop3: detected capacity change from 0 to 8192 [ 232.642935][ T7906] loop0: detected capacity change from 0 to 2048 [ 232.725465][ T7906] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 232.736863][ T7915] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1295'. [ 232.867974][ T4252] EXT4-fs (loop0): unmounting filesystem. [ 233.210372][ T7926] rdma_rxe: rxe_register_device failed with error -23 [ 233.217738][ T7926] rdma_rxe: failed to add lo [ 233.920914][ T26] kauditd_printk_skb: 49 callbacks suppressed [ 233.920930][ T26] audit: type=1326 audit(233.946:1068): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7920 comm="syz.3.1298" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22b7b85d29 code=0x7fc00000 [ 234.508580][ T26] audit: type=1326 audit(234.536:1069): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7954 comm="syz.1.1309" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6da9185d29 code=0x7ffc0000 [ 234.537310][ T7957] loop4: detected capacity change from 0 to 512 [ 234.553375][ T26] audit: type=1326 audit(234.536:1070): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7954 comm="syz.1.1309" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6da9185d29 code=0x7ffc0000 [ 234.584367][ T26] audit: type=1326 audit(234.536:1071): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7954 comm="syz.1.1309" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6da9185d29 code=0x7ffc0000 [ 234.621518][ T26] audit: type=1326 audit(234.536:1072): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7954 comm="syz.1.1309" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6da9185d29 code=0x7ffc0000 [ 234.654450][ T7957] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 234.727260][ T26] audit: type=1326 audit(234.536:1073): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7954 comm="syz.1.1309" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f6da9184690 code=0x7ffc0000 [ 234.765362][ T4251] EXT4-fs (loop4): unmounting filesystem. [ 234.782336][ T26] audit: type=1326 audit(234.536:1074): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7954 comm="syz.1.1309" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6da9185d29 code=0x7ffc0000 [ 234.805168][ T7961] loop0: detected capacity change from 0 to 8192 [ 234.870425][ T7962] syz.3.1306[7962] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 234.870521][ T7962] syz.3.1306[7962] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 234.872969][ T26] audit: type=1326 audit(234.536:1075): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7954 comm="syz.1.1309" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6da9185d29 code=0x7ffc0000 [ 235.005781][ T26] audit: type=1326 audit(234.536:1076): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7954 comm="syz.1.1309" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6da9185d29 code=0x7ffc0000 [ 235.079908][ T26] audit: type=1326 audit(234.536:1077): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7954 comm="syz.1.1309" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6da9185d29 code=0x7ffc0000 [ 235.152770][ T7962] batadv0 speed is unknown, defaulting to 1000 [ 235.266951][ T7962] lo speed is unknown, defaulting to 1000 [ 235.380774][ T7979] netlink: 84 bytes leftover after parsing attributes in process `syz.3.1306'. [ 236.196332][ T7999] loop0: detected capacity change from 0 to 512 [ 236.246176][ T8002] 9pnet_fd: Insufficient options for proto=fd [ 236.271826][ T7999] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 236.425674][ T4252] EXT4-fs (loop0): unmounting filesystem. [ 236.948538][ T8025] loop4: detected capacity change from 0 to 8192 [ 237.377347][ T8041] loop1: detected capacity change from 0 to 512 [ 237.734639][ T8035] rdma_rxe: already configured on lo [ 237.765602][ T8035] siw: device registration error -23 [ 238.078095][ T8041] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 238.400799][ T4258] EXT4-fs (loop1): unmounting filesystem. [ 239.205615][ T8064] loop1: detected capacity change from 0 to 128 [ 239.232423][ T8060] batadv0 speed is unknown, defaulting to 1000 [ 239.239774][ T8060] lo speed is unknown, defaulting to 1000 [ 239.851540][ T8075] rdma_rxe: rxe_register_device failed with error -23 [ 239.858441][ T8075] rdma_rxe: failed to add lo [ 240.283369][ T26] kauditd_printk_skb: 91 callbacks suppressed [ 240.283383][ T26] audit: type=1326 audit(240.316:1169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8068 comm="syz.0.1349" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee7e785d29 code=0x7fc00000 [ 240.343777][ T8080] loop4: detected capacity change from 0 to 512 [ 240.404970][ T8080] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 240.762667][ T4251] EXT4-fs (loop4): unmounting filesystem. [ 240.853176][ T8092] loop1: detected capacity change from 0 to 1764 [ 241.276478][ T26] audit: type=1326 audit(241.306:1170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8107 comm="syz.2.1364" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8356585d29 code=0x7ffc0000 [ 241.335801][ T26] audit: type=1326 audit(241.306:1171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8107 comm="syz.2.1364" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8356585d29 code=0x7ffc0000 [ 241.381927][ T26] audit: type=1326 audit(241.306:1172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8107 comm="syz.2.1364" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8356585d29 code=0x7ffc0000 [ 241.426803][ T26] audit: type=1326 audit(241.306:1173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8107 comm="syz.2.1364" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8356585d29 code=0x7ffc0000 [ 241.479970][ T26] audit: type=1326 audit(241.306:1174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8107 comm="syz.2.1364" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8356585d29 code=0x7ffc0000 [ 241.525490][ T26] audit: type=1326 audit(241.336:1175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8107 comm="syz.2.1364" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8356585d29 code=0x7ffc0000 [ 241.568193][ T26] audit: type=1326 audit(241.346:1176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8107 comm="syz.2.1364" exe="/root/syz-executor" sig=0 arch=c000003e syscall=187 compat=0 ip=0x7f8356585d29 code=0x7ffc0000 [ 241.614504][ T26] audit: type=1326 audit(241.346:1177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8107 comm="syz.2.1364" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8356585d29 code=0x7ffc0000 [ 241.641018][ T26] audit: type=1326 audit(241.346:1178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8107 comm="syz.2.1364" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8356585d29 code=0x7ffc0000 [ 242.123472][ T4299] hid-generic 0000:0000:0000.0001: unknown main item tag 0x1 [ 242.147300][ T4299] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 242.155283][ T4299] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 242.162801][ T4299] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 242.170356][ T4299] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 242.178200][ T4299] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 242.187051][ T4299] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 242.199725][ T4299] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 242.200888][ T8141] syz.2.1372[8141] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 242.215005][ T4299] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 242.237121][ T4299] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 242.240581][ T8141] syz.2.1372[8141] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 242.244846][ T4299] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 242.248719][ T8142] loop0: detected capacity change from 0 to 512 [ 242.256278][ T4299] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 242.298388][ T4299] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 242.308517][ T8142] EXT4-fs: Ignoring removed oldalloc option [ 242.310700][ T4299] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 242.320584][ T8144] loop4: detected capacity change from 0 to 512 [ 242.339590][ T4299] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 242.353733][ T4299] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 242.353906][ T8142] EXT4-fs error (device loop0): ext4_xattr_inode_iget:400: comm syz.0.1379: Parent and EA inode have the same ino 15 [ 242.361310][ T4299] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 242.381461][ T4299] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 242.388368][ T8144] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 242.389263][ T4299] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 242.405488][ T4299] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 242.412979][ T4299] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 242.420377][ T4299] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 242.430469][ T8142] EXT4-fs error (device loop0): ext4_xattr_inode_iget:400: comm syz.0.1379: Parent and EA inode have the same ino 15 [ 242.431844][ T4299] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 242.450643][ T4299] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 242.458110][ T4299] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 242.465808][ T4299] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 242.473571][ T4299] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 242.481051][ T4299] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 242.489025][ T4299] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 242.496815][ T4299] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 242.499476][ T8142] EXT4-fs (loop0): 1 orphan inode deleted [ 242.504422][ T4299] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 242.518763][ T4299] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 242.527190][ T4299] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 242.534695][ T4299] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 242.537032][ T8142] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 242.542101][ T4299] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 242.542124][ T4299] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 242.542145][ T4299] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 242.560577][ T8141] batadv0 speed is unknown, defaulting to 1000 [ 242.581596][ T4299] hid-generic 0000:0000:0000.0001: hidraw0: HID v0.00 Device [syz0] on syz1 [ 242.603520][ T8141] lo speed is unknown, defaulting to 1000 [ 242.663842][ T4252] EXT4-fs (loop0): unmounting filesystem. [ 242.683764][ T4251] EXT4-fs (loop4): unmounting filesystem. [ 242.928578][ T8164] netlink: 84 bytes leftover after parsing attributes in process `syz.2.1372'. [ 243.219949][ T8176] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(4) [ 243.226508][ T8176] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 243.264617][ T8176] vhci_hcd vhci_hcd.0: Device attached [ 243.291798][ T8181] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1389'. [ 243.308389][ T8177] vhci_hcd: connection closed [ 243.309664][ T4475] vhci_hcd: stop threads [ 243.319573][ T4475] vhci_hcd: release socket [ 243.326658][ T8180] batadv0 speed is unknown, defaulting to 1000 [ 243.347707][ T4475] vhci_hcd: disconnect device [ 243.411102][ T8187] netlink: 96 bytes leftover after parsing attributes in process `syz.1.1391'. [ 243.634958][ T8180] lo speed is unknown, defaulting to 1000 [ 244.165156][ T8189] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1392'. [ 244.497435][ T8201] loop1: detected capacity change from 0 to 128 [ 244.546952][ T8201] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 245.212166][ T8217] netlink: 96 bytes leftover after parsing attributes in process `syz.4.1403'. [ 245.938932][ T4258] EXT4-fs (loop1): unmounting filesystem. [ 246.183599][ T8224] sg_write: data in/out 209152/1 bytes for SCSI command 0xf2-- guessing data in; [ 246.183599][ T8224] program syz.3.1406 not setting count and/or reply_len properly [ 246.266024][ T8229] xt_hashlimit: size too large, truncated to 1048576 [ 247.326654][ T8238] bridge0: port 3(ipvlan2) entered blocking state [ 247.347514][ T8238] bridge0: port 3(ipvlan2) entered disabled state [ 247.441834][ T8244] loop4: detected capacity change from 0 to 128 [ 247.622604][ T8244] syz.4.1414: attempt to access beyond end of device [ 247.622604][ T8244] loop4: rw=0, sector=121, nr_sectors = 120 limit=128 [ 247.776652][ T8252] loop3: detected capacity change from 0 to 512 [ 247.819899][ T26] kauditd_printk_skb: 17 callbacks suppressed [ 247.819913][ T26] audit: type=1326 audit(247.846:1196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8254 comm="syz.2.1419" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8356585d29 code=0x7ffc0000 [ 247.823283][ T8252] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 247.836350][ T26] audit: type=1326 audit(247.846:1197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8254 comm="syz.2.1419" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8356585d29 code=0x7ffc0000 [ 247.931240][ T26] audit: type=1326 audit(247.856:1198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8254 comm="syz.2.1419" exe="/root/syz-executor" sig=0 arch=c000003e syscall=88 compat=0 ip=0x7f8356585d29 code=0x7ffc0000 [ 247.954258][ T26] audit: type=1326 audit(247.856:1199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8254 comm="syz.2.1419" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8356585d29 code=0x7ffc0000 [ 247.976122][ T26] audit: type=1326 audit(247.856:1200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8254 comm="syz.2.1419" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8356585d29 code=0x7ffc0000 [ 248.428180][ T4261] EXT4-fs (loop3): unmounting filesystem. [ 248.428542][ T4308] kworker/u4:5: attempt to access beyond end of device [ 248.428542][ T4308] loop4: rw=1, sector=241, nr_sectors = 800 limit=128 [ 248.537282][ T8268] netlink: 'syz.3.1422': attribute type 3 has an invalid length. [ 248.982127][ T8283] loop0: detected capacity change from 0 to 512 [ 249.018644][ T8288] loop3: detected capacity change from 0 to 512 [ 249.031516][ T8283] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 249.094388][ T8288] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 249.198070][ T4252] EXT4-fs (loop0): unmounting filesystem. [ 249.267254][ T4261] EXT4-fs (loop3): unmounting filesystem. [ 249.358504][ T8297] loop3: detected capacity change from 0 to 512 [ 249.366724][ T8297] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 249.394544][ T8299] loop0: detected capacity change from 0 to 128 [ 249.405893][ T8297] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a802c028, mo2=0002] [ 249.428751][ T8297] System zones: 0-2, 18-18, 34-35 [ 249.440239][ T26] audit: type=1800 audit(249.466:1201): pid=8299 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1433" name="file2" dev="loop0" ino=1048619 res=0 errno=0 [ 249.475306][ T8297] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 249.549455][ T8297] EXT4-fs error (device loop3): ext4_readdir:260: inode #2: block 3: comm syz.3.1434: path /269/file0: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=514, rec_len=0, size=2048 fake=0 [ 249.639163][ T8297] EXT4-fs (loop3): Remounting filesystem read-only [ 249.656775][ T8297] EXT4-fs error (device loop3): ext4_readdir:260: inode #2: block 12: comm syz.3.1434: path /269/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5066064, rec_len=1, size=2048 fake=0 [ 249.713726][ T8304] netlink: 64 bytes leftover after parsing attributes in process `syz.0.1435'. [ 249.763886][ T8297] EXT4-fs (loop3): Remounting filesystem read-only [ 249.770810][ T8297] EXT4-fs error (device loop3): ext4_readdir:260: inode #2: block 13: comm syz.3.1434: path /269/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653246737, rec_len=1, size=2048 fake=0 [ 249.795235][ T8297] EXT4-fs (loop3): Remounting filesystem read-only [ 249.805349][ T8297] EXT4-fs error (device loop3): ext4_readdir:260: inode #2: block 14: comm syz.3.1434: path /269/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0 [ 249.839464][ T8297] EXT4-fs (loop3): Remounting filesystem read-only [ 249.849615][ T8297] EXT4-fs error (device loop3): ext4_readdir:260: inode #2: block 15: comm syz.3.1434: path /269/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5, rec_len=0, size=2048 fake=0 [ 249.886268][ T8297] EXT4-fs (loop3): Remounting filesystem read-only [ 249.923507][ T8297] EXT4-fs error (device loop3): ext4_readdir:260: inode #2: block 16: comm syz.3.1434: path /269/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653245223, rec_len=1, size=2048 fake=0 [ 249.983894][ T8297] EXT4-fs (loop3): Remounting filesystem read-only [ 249.990484][ T8297] EXT4-fs error (device loop3): ext4_readdir:260: inode #2: block 17: comm syz.3.1434: path /269/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0 [ 250.038874][ T8297] EXT4-fs (loop3): Remounting filesystem read-only [ 250.045643][ T8297] EXT4-fs error (device loop3): ext4_map_blocks:634: inode #2: block 18: comm syz.3.1434: lblock 23 mapped to illegal pblock 18 (length 1) [ 250.064759][ T8297] EXT4-fs (loop3): Remounting filesystem read-only [ 250.074568][ T8297] EXT4-fs error (device loop3): ext4_readdir:260: inode #2: block 19: comm syz.3.1434: path /269/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5, rec_len=0, size=2048 fake=0 [ 250.113964][ T8297] EXT4-fs (loop3): Remounting filesystem read-only [ 250.141356][ T8297] EXT4-fs error (device loop3): ext4_readdir:260: inode #2: block 20: comm syz.3.1434: path /269/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=2048 fake=0 [ 250.295608][ T8316] batadv0 speed is unknown, defaulting to 1000 [ 250.323442][ T8316] lo speed is unknown, defaulting to 1000 [ 250.370985][ T8321] loop4: detected capacity change from 0 to 512 [ 250.455464][ T8321] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 250.477519][ T8324] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1443'. [ 250.534573][ T8319] batadv0 speed is unknown, defaulting to 1000 [ 250.573889][ T8319] lo speed is unknown, defaulting to 1000 [ 250.744399][ T4251] EXT4-fs (loop4): unmounting filesystem. [ 250.763660][ T8328] netlink: 'syz.3.1446': attribute type 11 has an invalid length. [ 250.859911][ T8331] 9pnet: Unknown protocol version 9p20\++} [ 250.888184][ T8330] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1447'. [ 251.492579][ T8354] netem: change failed [ 251.619204][ T8358] loop1: detected capacity change from 0 to 512 [ 251.637231][ T8358] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 251.677869][ C0] vcan0: j1939_tp_rxtimer: 0xffff888059216c00: rx timeout, send abort [ 251.689923][ C0] vcan0: j1939_xtp_rx_abort_one: 0xffff888059216c00: 0x3ff01: (3) A timeout occurred and this is the connection abort to close the session. [ 251.754099][ T8356] syz.0.1455[8356] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 251.754200][ T8356] syz.0.1455[8356] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 251.794970][ T8356] batadv0 speed is unknown, defaulting to 1000 [ 251.814172][ T8356] lo speed is unknown, defaulting to 1000 [ 252.071096][ T8356] netlink: 84 bytes leftover after parsing attributes in process `syz.0.1455'. [ 252.197872][ T8366] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1458'. [ 252.214431][ T8366] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1458'. [ 252.418818][ T8371] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 252.427669][ T8371] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 252.437948][ T8371] device bridge_slave_0 left promiscuous mode [ 252.447098][ T8371] bridge0: port 1(bridge_slave_0) entered disabled state [ 252.465338][ T8371] device bridge_slave_1 left promiscuous mode [ 252.471993][ T8371] bridge0: port 2(bridge_slave_1) entered disabled state [ 252.485180][ T8371] bond0: (slave bond_slave_0): Releasing backup interface [ 252.501814][ T8371] bond0: (slave bond_slave_1): Releasing backup interface [ 252.548168][ T8371] infiniband syz!: set down [ 252.555084][ T8371] team0: Port device team_slave_0 removed [ 252.576604][ T8371] team0: Port device team_slave_1 removed [ 252.603845][ T8371] syz.3.1460 (8371) used greatest stack depth: 18944 bytes left [ 253.375544][ T8387] netlink: 96 bytes leftover after parsing attributes in process `syz.3.1467'. [ 253.503798][ C0] vcan0: j1939_tp_rxtimer: 0xffff888056d05000: rx timeout, send abort [ 254.012066][ C0] vcan0: j1939_tp_rxtimer: 0xffff888056d05000: abort rx timeout. Force session deactivation [ 254.060162][ T4258] EXT4-fs (loop1): unmounting filesystem. [ 254.127351][ T26] audit: type=1326 audit(254.152:1202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8394 comm="syz.3.1473" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22b7b85d29 code=0x7ffc0000 [ 254.139269][ T8391] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1469'. [ 254.192684][ T26] audit: type=1326 audit(254.152:1203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8394 comm="syz.3.1473" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22b7b85d29 code=0x7ffc0000 [ 254.233377][ T8391] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1469'. [ 254.315787][ T26] audit: type=1326 audit(254.152:1204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8394 comm="syz.3.1473" exe="/root/syz-executor" sig=0 arch=c000003e syscall=264 compat=0 ip=0x7f22b7b85d29 code=0x7ffc0000 [ 254.338213][ T26] audit: type=1326 audit(254.152:1205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8394 comm="syz.3.1473" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22b7b85d29 code=0x7ffc0000 [ 254.360136][ T26] audit: type=1326 audit(254.152:1206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8394 comm="syz.3.1473" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22b7b85d29 code=0x7ffc0000 [ 254.401182][ T26] audit: type=1326 audit(254.152:1207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8394 comm="syz.3.1473" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f22b7b85d29 code=0x7ffc0000 [ 254.918483][ T26] audit: type=1326 audit(254.152:1208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8394 comm="syz.3.1473" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22b7b85d29 code=0x7ffc0000 [ 255.133818][ T26] audit: type=1326 audit(254.152:1209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8394 comm="syz.3.1473" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22b7b85d29 code=0x7ffc0000 [ 255.179766][ T26] audit: type=1326 audit(254.152:1210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8394 comm="syz.3.1473" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7f22b7b85d29 code=0x7ffc0000 [ 255.194436][ T8403] batadv0 speed is unknown, defaulting to 1000 [ 255.208608][ T8403] lo speed is unknown, defaulting to 1000 [ 255.247443][ T26] audit: type=1326 audit(254.152:1211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8394 comm="syz.3.1473" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22b7b85d29 code=0x7ffc0000 [ 255.574396][ T1276] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.580742][ T1276] ieee802154 phy1 wpan1: encryption failed: -22 [ 255.687082][ T8419] syz.4.1478[8419] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 255.687499][ T8419] syz.4.1478[8419] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 255.939331][ T8421] netlink: 84 bytes leftover after parsing attributes in process `syz.4.1478'. [ 256.339713][ T8419] batadv0 speed is unknown, defaulting to 1000 [ 256.346786][ T8419] lo speed is unknown, defaulting to 1000 [ 256.727783][ T8431] loop0: detected capacity change from 0 to 512 [ 256.763697][ T8431] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 257.041769][ T8431] EXT4-fs (loop0): 1 truncate cleaned up [ 257.047630][ T8431] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 257.142196][ T8448] netlink: 240 bytes leftover after parsing attributes in process `syz.3.1487'. [ 257.526820][ T4252] EXT4-fs (loop0): unmounting filesystem. [ 258.898747][ T8495] loop1: detected capacity change from 0 to 512 [ 259.044909][ T8495] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 259.121469][ T8505] loop0: detected capacity change from 0 to 512 [ 259.134958][ T8507] 9pnet: Unknown protocol version 9p20\++} [ 259.169895][ T8505] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 259.209299][ T4258] EXT4-fs (loop1): unmounting filesystem. [ 259.264868][ T26] kauditd_printk_skb: 208 callbacks suppressed [ 259.264882][ T26] audit: type=1326 audit(259.292:1420): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8513 comm="syz.4.1508" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff6f1985d29 code=0x7ffc0000 [ 259.304560][ T26] audit: type=1326 audit(259.302:1421): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8513 comm="syz.4.1508" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff6f1985d29 code=0x7ffc0000 [ 259.328862][ T26] audit: type=1326 audit(259.332:1422): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8513 comm="syz.4.1508" exe="/root/syz-executor" sig=0 arch=c000003e syscall=68 compat=0 ip=0x7ff6f1985d29 code=0x7ffc0000 [ 259.358607][ T26] audit: type=1326 audit(259.332:1423): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8513 comm="syz.4.1508" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff6f1985d29 code=0x7ffc0000 [ 259.380604][ T26] audit: type=1326 audit(259.332:1424): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8513 comm="syz.4.1508" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff6f1985d29 code=0x7ffc0000 [ 259.429161][ T26] audit: type=1326 audit(259.352:1425): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8513 comm="syz.4.1508" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff6f1985d29 code=0x7ffc0000 [ 259.453376][ T26] audit: type=1326 audit(259.352:1426): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8513 comm="syz.4.1508" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff6f1985d29 code=0x7ffc0000 [ 259.475795][ T8522] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1510'. [ 259.483016][ T26] audit: type=1326 audit(259.352:1427): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8513 comm="syz.4.1508" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff6f1985d29 code=0x7ffc0000 [ 259.509149][ T26] audit: type=1326 audit(259.382:1428): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8513 comm="syz.4.1508" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff6f1985d29 code=0x7ffc0000 [ 259.531253][ T26] audit: type=1326 audit(259.382:1429): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8513 comm="syz.4.1508" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff6f1985d29 code=0x7ffc0000 [ 259.580281][ T8524] loop1: detected capacity change from 0 to 512 [ 259.598560][ T8524] EXT4-fs (loop1): orphan cleanup on readonly fs [ 259.609939][ T8524] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.1511: bg 0: block 248: padding at end of block bitmap is not set [ 259.628386][ T8524] EXT4-fs error (device loop1): ext4_acquire_dquot:6794: comm syz.1.1511: Failed to acquire dquot type 1 [ 259.644108][ T8524] EXT4-fs (loop1): 1 truncate cleaned up [ 259.652423][ T8524] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 259.683969][ T8524] xt_hashlimit: max too large, truncated to 1048576 [ 259.705360][ T8524] EXT4-fs error (device loop1): ext4_lookup:1862: inode #2: comm syz.1.1511: deleted inode referenced: 12 [ 259.850638][ T4258] EXT4-fs (loop1): unmounting filesystem. [ 260.074291][ T4252] EXT4-fs (loop0): unmounting filesystem. [ 260.490984][ T8555] loop0: detected capacity change from 0 to 512 [ 260.493780][ T8556] loop1: detected capacity change from 0 to 512 [ 260.516467][ T8555] EXT4-fs (loop0): orphan cleanup on readonly fs [ 260.529582][ T8555] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz.0.1526: bg 0: block 248: padding at end of block bitmap is not set [ 260.544926][ T8555] EXT4-fs error (device loop0): ext4_acquire_dquot:6794: comm syz.0.1526: Failed to acquire dquot type 1 [ 260.595765][ T8556] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 260.604586][ T8555] EXT4-fs (loop0): 1 truncate cleaned up [ 260.610712][ T8555] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 260.667607][ T8555] xt_hashlimit: max too large, truncated to 1048576 [ 260.679483][ T8556] EXT4-fs error (device loop1): ext4_do_update_inode:5224: inode #2: comm syz.1.1525: corrupted inode contents [ 260.712739][ T8555] EXT4-fs error (device loop0): ext4_lookup:1862: inode #2: comm syz.0.1526: deleted inode referenced: 12 [ 260.772936][ T8556] EXT4-fs error (device loop1): ext4_dirty_inode:6089: inode #2: comm syz.1.1525: mark_inode_dirty error [ 260.792067][ T8566] loop3: detected capacity change from 0 to 512 [ 260.808901][ T8556] EXT4-fs error (device loop1): ext4_do_update_inode:5224: inode #2: comm syz.1.1525: corrupted inode contents [ 260.838746][ T8566] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 260.929652][ T4252] EXT4-fs (loop0): unmounting filesystem. [ 261.064552][ T4258] EXT4-fs (loop1): unmounting filesystem. [ 261.119095][ T8574] loop0: detected capacity change from 0 to 128 [ 261.506580][ T4335] kernel write not supported for file bpf-prog (pid: 4335 comm: kworker/0:8) [ 261.579273][ T8592] syz.2.1533[8592] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 261.579688][ T8592] syz.2.1533[8592] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 261.772162][ T8592] batadv0 speed is unknown, defaulting to 1000 [ 261.795312][ T8592] lo speed is unknown, defaulting to 1000 [ 263.001722][ T8594] netlink: 84 bytes leftover after parsing attributes in process `syz.2.1533'. [ 263.535481][ T4261] EXT4-fs (loop3): unmounting filesystem. [ 263.603699][ T8600] loop4: detected capacity change from 0 to 512 [ 263.640546][ T8600] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 263.673979][ T8600] EXT4-fs (loop4): 1 truncate cleaned up [ 263.679667][ T8600] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 263.961581][ T4251] EXT4-fs (loop4): unmounting filesystem. [ 264.036433][ T8611] netlink: 240 bytes leftover after parsing attributes in process `syz.4.1542'. [ 264.107196][ T8614] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1540'. [ 264.131185][ T8614] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1540'. [ 264.432941][ T8624] rdma_rxe: rxe_register_device failed with error -23 [ 264.440228][ T8624] rdma_rxe: failed to add lo [ 265.340278][ T8634] netlink: 96 bytes leftover after parsing attributes in process `syz.3.1548'. [ 265.640566][ T8632] batadv0 speed is unknown, defaulting to 1000 [ 265.686924][ T8632] lo speed is unknown, defaulting to 1000 [ 267.014261][ T8678] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1564'. [ 267.282307][ T8686] netlink: 96 bytes leftover after parsing attributes in process `syz.1.1563'. [ 268.040846][ T8688] batadv0 speed is unknown, defaulting to 1000 [ 268.049143][ T8688] lo speed is unknown, defaulting to 1000 [ 268.151858][ T8694] batman_adv: batadv0: Adding interface: dummy0 [ 268.158312][ T8694] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 268.214710][ T8700] sd 0:0:1:0: device reset [ 268.249944][ T8694] batman_adv: batadv0: Interface activated: dummy0 [ 268.306931][ T8703] batadv0: mtu less than device minimum [ 268.332047][ T8703] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 268.344918][ T8703] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 268.357157][ T8703] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 268.369494][ T8703] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 268.381815][ T8703] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 268.394174][ T8703] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 268.406319][ T8703] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 268.418503][ T8703] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 268.430827][ T8703] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 268.639752][ T8712] IPv6: Can't replace route, no match found [ 269.180860][ T8729] netlink: 96 bytes leftover after parsing attributes in process `syz.1.1581'. [ 269.990431][ T26] kauditd_printk_skb: 77 callbacks suppressed [ 269.990446][ T26] audit: type=1326 audit(270.012:1503): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8732 comm="syz.1.1583" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6da9185d29 code=0x7ffc0000 [ 270.099395][ T26] audit: type=1326 audit(270.082:1504): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8732 comm="syz.1.1583" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6da9185d29 code=0x7ffc0000 [ 270.141751][ T8735] loop3: detected capacity change from 0 to 1024 [ 270.161345][ T26] audit: type=1326 audit(270.082:1505): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8732 comm="syz.1.1583" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6da9185d29 code=0x7ffc0000 [ 270.197744][ T26] audit: type=1326 audit(270.082:1506): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8732 comm="syz.1.1583" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6da9185d29 code=0x7ffc0000 [ 270.225556][ T8735] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 270.227347][ T26] audit: type=1326 audit(270.082:1507): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8732 comm="syz.1.1583" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6da9185d29 code=0x7ffc0000 [ 270.258035][ T26] audit: type=1326 audit(270.082:1508): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8732 comm="syz.1.1583" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6da9185d29 code=0x7ffc0000 [ 270.280100][ T26] audit: type=1326 audit(270.082:1509): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8732 comm="syz.1.1583" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6da9185d29 code=0x7ffc0000 [ 270.303807][ T26] audit: type=1326 audit(270.092:1510): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8732 comm="syz.1.1583" exe="/root/syz-executor" sig=0 arch=c000003e syscall=150 compat=0 ip=0x7f6da9185d29 code=0x7ffc0000 [ 270.325744][ T26] audit: type=1326 audit(270.092:1511): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8732 comm="syz.1.1583" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6da9185d29 code=0x7ffc0000 [ 270.349365][ T8746] loop1: detected capacity change from 0 to 128 [ 270.396189][ T11] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm kworker/u4:1: bg 0: block 393: padding at end of block bitmap is not set [ 270.423883][ T8748] netlink: 56 bytes leftover after parsing attributes in process `syz.4.1588'. [ 270.441946][ T8748] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1588'. [ 270.442268][ T11] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 131075 with max blocks 1 with error 117 [ 270.498647][ T11] EXT4-fs (loop3): This should not happen!! Data will be lost [ 270.498647][ T11] [ 270.529070][ T4261] EXT4-fs (loop3): unmounting filesystem. [ 270.655205][ T8759] loop4: detected capacity change from 0 to 128 [ 270.667612][ T26] audit: type=1326 audit(270.692:1512): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8761 comm="syz.2.1593" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8356585d29 code=0x7ffc0000 [ 270.899090][ T8773] netlink: 'syz.1.1597': attribute type 27 has an invalid length. [ 271.116016][ T8781] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1600'. [ 271.244406][ T8789] loop0: detected capacity change from 0 to 128 [ 271.393668][ T8773] bridge0: port 2(bridge_slave_1) entered disabled state [ 271.402022][ T8773] bridge0: port 1(bridge_slave_0) entered disabled state [ 271.455198][ T8795] loop0: detected capacity change from 0 to 128 [ 272.009524][ T8773] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 272.018875][ T8773] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 272.027809][ T8773] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 272.036770][ T8773] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 272.110182][ T8771] batadv0 speed is unknown, defaulting to 1000 [ 272.149623][ T8771] lo speed is unknown, defaulting to 1000 [ 272.376789][ T8811] netlink: 'syz.1.1611': attribute type 13 has an invalid length. [ 272.694578][ T8822] syz.3.1610[8822] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 272.695005][ T8822] syz.3.1610[8822] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 272.892712][ T8822] batadv0 speed is unknown, defaulting to 1000 [ 272.915932][ T8822] lo speed is unknown, defaulting to 1000 [ 273.549443][ T8824] netlink: 84 bytes leftover after parsing attributes in process `syz.3.1610'. [ 273.868628][ T8825] loop0: detected capacity change from 0 to 128 [ 274.107613][ T8829] loop1: detected capacity change from 0 to 128 [ 274.245644][ T8833] netlink: 'syz.0.1619': attribute type 21 has an invalid length. [ 274.282809][ T8833] netlink: 'syz.0.1619': attribute type 1 has an invalid length. [ 274.310219][ T8833] netlink: 144 bytes leftover after parsing attributes in process `syz.0.1619'. [ 274.434637][ T8838] syz.1.1617: attempt to access beyond end of device [ 274.434637][ T8838] loop1: rw=2049, sector=145, nr_sectors = 400 limit=128 [ 274.965535][ T8851] netlink: 'syz.4.1624': attribute type 13 has an invalid length. [ 274.977063][ T11] kworker/u4:1: attempt to access beyond end of device [ 274.977063][ T11] loop1: rw=1, sector=545, nr_sectors = 496 limit=128 [ 274.996330][ T8853] netlink: 'syz.2.1625': attribute type 4 has an invalid length. [ 275.047296][ T8853] infiniband sz1: set down [ 275.087050][ T4296] lo speed is unknown, defaulting to 1000 [ 275.101956][ T4296] lo speed is unknown, defaulting to 1000 [ 275.552627][ T8882] syz.4.1631[8882] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 275.553108][ T8882] syz.4.1631[8882] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 275.824375][ T8884] netlink: 84 bytes leftover after parsing attributes in process `syz.4.1631'. [ 276.241578][ T8882] batadv0 speed is unknown, defaulting to 1000 [ 276.248638][ T8882] lo speed is unknown, defaulting to 1000 [ 276.682304][ T8891] netlink: 'syz.2.1637': attribute type 13 has an invalid length. [ 276.741140][ T26] kauditd_printk_skb: 70 callbacks suppressed [ 276.741154][ T26] audit: type=1326 audit(276.752:1583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8892 comm="syz.0.1638" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee7e785d29 code=0x7ffc0000 [ 276.880737][ T26] audit: type=1326 audit(276.802:1584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8892 comm="syz.0.1638" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fee7e785d29 code=0x7ffc0000 [ 276.995553][ T8896] loop1: detected capacity change from 0 to 512 [ 277.009664][ T26] audit: type=1326 audit(276.802:1585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8892 comm="syz.0.1638" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee7e785d29 code=0x7ffc0000 [ 277.089247][ T8896] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.1639: bg 0: block 248: padding at end of block bitmap is not set [ 277.115669][ T26] audit: type=1326 audit(276.802:1586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8892 comm="syz.0.1638" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee7e785d29 code=0x7ffc0000 [ 277.163619][ T8896] Quota error (device loop1): write_blk: dquota write failed [ 277.181301][ T8896] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota [ 277.200560][ T26] audit: type=1326 audit(276.802:1587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8892 comm="syz.0.1638" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fee7e785d29 code=0x7ffc0000 [ 277.229982][ T8896] EXT4-fs error (device loop1): ext4_acquire_dquot:6794: comm syz.1.1639: Failed to acquire dquot type 1 [ 277.272186][ T8896] EXT4-fs (loop1): 1 truncate cleaned up [ 277.281346][ T26] audit: type=1326 audit(276.802:1588): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8892 comm="syz.0.1638" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee7e785d29 code=0x7ffc0000 [ 277.309823][ T8896] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 277.342204][ T26] audit: type=1326 audit(276.802:1589): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8892 comm="syz.0.1638" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee7e785d29 code=0x7ffc0000 [ 277.364040][ T26] audit: type=1326 audit(276.802:1590): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8892 comm="syz.0.1638" exe="/root/syz-executor" sig=0 arch=c000003e syscall=89 compat=0 ip=0x7fee7e785d29 code=0x7ffc0000 [ 277.435084][ T4258] EXT4-fs (loop1): unmounting filesystem. [ 277.707936][ T8914] loop4: detected capacity change from 0 to 128 [ 278.297424][ T8934] loop1: detected capacity change from 0 to 764 [ 278.309216][ T8934] isofs: isofs_export_get_parent(): child directory not normalized! [ 278.730488][ T8944] syz.1.1653[8944] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 278.730597][ T8944] syz.1.1653[8944] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 278.785759][ T8944] batadv0 speed is unknown, defaulting to 1000 [ 278.804292][ T8944] lo speed is unknown, defaulting to 1000 [ 279.079638][ T8944] netlink: 84 bytes leftover after parsing attributes in process `syz.1.1653'. [ 279.806605][ T8966] loop3: detected capacity change from 0 to 1024 [ 279.833749][ T8966] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 279.977655][ T8966] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 280.002765][ T8966] EXT4-fs error (device loop3): ext4_xattr_inode_iget:404: inode #11: comm syz.3.1662: missing EA_INODE flag [ 280.022825][ T8966] EXT4-fs (loop3): Remounting filesystem read-only [ 280.030144][ T8966] EXT4-fs error (device loop3): ext4_xattr_inode_iget:409: comm syz.3.1662: error while reading EA inode 11 err=-117 [ 280.048225][ T8966] EXT4-fs (loop3): Remounting filesystem read-only [ 280.106200][ T4261] EXT4-fs (loop3): unmounting filesystem. [ 280.646809][ T8987] atomic_op ffff8881456a7198 conn xmit_atomic 0000000000000000 [ 280.787871][ T8992] 9pnet_fd: Insufficient options for proto=fd [ 280.872991][ T8996] syz.0.1672[8996] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 280.873083][ T8996] syz.0.1672[8996] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 281.108410][ T9014] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1678'. [ 281.400411][ T9022] syz.0.1677[9022] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 281.400857][ T9022] syz.0.1677[9022] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 281.679472][ T9024] netlink: 84 bytes leftover after parsing attributes in process `syz.0.1677'. [ 282.080355][ T9022] batadv0 speed is unknown, defaulting to 1000 [ 282.087931][ T9022] lo speed is unknown, defaulting to 1000 [ 282.337672][ T9007] batadv0 speed is unknown, defaulting to 1000 [ 282.362026][ T9007] lo speed is unknown, defaulting to 1000 [ 283.718713][ T9034] netlink: 96 bytes leftover after parsing attributes in process `syz.3.1685'. [ 284.068080][ T9037] 9pnet_fd: Insufficient options for proto=fd [ 284.313837][ T9044] Invalid ELF header magic: != ELF [ 284.440605][ T9050] netlink: 240 bytes leftover after parsing attributes in process `syz.2.1691'. [ 286.128708][ T9067] batadv0 speed is unknown, defaulting to 1000 [ 286.135838][ T9067] lo speed is unknown, defaulting to 1000 [ 287.203380][ T9071] syz.4.1697[9071] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 287.203825][ T9071] syz.4.1697[9071] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 287.541888][ T9071] batadv0 speed is unknown, defaulting to 1000 [ 287.565740][ T9071] lo speed is unknown, defaulting to 1000 [ 288.740269][ T9079] netlink: 84 bytes leftover after parsing attributes in process `syz.4.1697'. [ 289.181151][ T26] kauditd_printk_skb: 41 callbacks suppressed [ 289.181168][ T26] audit: type=1326 audit(289.162:1632): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9081 comm="syz.1.1702" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6da9185d29 code=0x7ffc0000 [ 289.234440][ T26] audit: type=1326 audit(289.182:1633): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9081 comm="syz.1.1702" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6da9185d29 code=0x7ffc0000 [ 289.271137][ T26] audit: type=1326 audit(289.182:1634): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9081 comm="syz.1.1702" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6da9185d29 code=0x7ffc0000 [ 289.348841][ T26] audit: type=1326 audit(289.182:1635): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9081 comm="syz.1.1702" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6da9185d29 code=0x7ffc0000 [ 289.472248][ T26] audit: type=1326 audit(289.182:1636): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9081 comm="syz.1.1702" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6da9185d29 code=0x7ffc0000 [ 289.510425][ T26] audit: type=1326 audit(289.182:1637): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9081 comm="syz.1.1702" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6da9185d29 code=0x7ffc0000 [ 289.541140][ T26] audit: type=1326 audit(289.182:1638): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9081 comm="syz.1.1702" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6da9185d29 code=0x7ffc0000 [ 289.611295][ T26] audit: type=1326 audit(289.182:1639): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9081 comm="syz.1.1702" exe="/root/syz-executor" sig=0 arch=c000003e syscall=253 compat=0 ip=0x7f6da9185d29 code=0x7ffc0000 [ 289.634997][ T9096] netlink: 240 bytes leftover after parsing attributes in process `syz.1.1706'. [ 289.701315][ T26] audit: type=1326 audit(289.182:1640): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9081 comm="syz.1.1702" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6da9185d29 code=0x7ffc0000 [ 289.702848][ T9098] netlink: 'syz.4.1710': attribute type 10 has an invalid length. [ 289.768767][ T26] audit: type=1326 audit(289.182:1641): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9081 comm="syz.1.1702" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6da9185d29 code=0x7ffc0000 [ 289.791387][ T9098] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1710'. [ 289.828469][ T9098] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 289.851435][ T9098] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 289.860308][ T9098] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 289.876925][ T9098] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 289.901513][ T9098] team0: Port device geneve0 added [ 290.007573][ T9111] loop0: detected capacity change from 0 to 512 [ 290.025105][ T9109] 9pnet_fd: Insufficient options for proto=fd [ 290.080934][ T9111] EXT4-fs (loop0): revision level too high, forcing read-only mode [ 290.109128][ T9111] EXT4-fs (loop0): orphan cleanup on readonly fs [ 290.146794][ T9111] EXT4-fs warning (device loop0): ext4_enable_quotas:7029: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 290.242769][ T9118] batadv0 speed is unknown, defaulting to 1000 [ 290.256257][ T9111] EXT4-fs (loop0): Cannot turn on quotas: error -117 [ 290.264448][ T9118] lo speed is unknown, defaulting to 1000 [ 290.275770][ T9111] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz.0.1713: bg 0: block 40: padding at end of block bitmap is not set [ 290.303774][ T9111] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6170: Corrupt filesystem [ 290.339815][ T9111] EXT4-fs (loop0): 1 truncate cleaned up [ 290.349157][ T9111] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 290.364288][ T9120] syz.3.1715[9120] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 290.364377][ T9120] syz.3.1715[9120] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 290.405674][ T9120] batadv0 speed is unknown, defaulting to 1000 [ 290.485158][ T9123] netlink: 84 bytes leftover after parsing attributes in process `syz.3.1715'. [ 290.736922][ T9120] lo speed is unknown, defaulting to 1000 [ 290.851787][ T4252] EXT4-fs (loop0): unmounting filesystem. [ 291.092169][ T9143] netlink: 240 bytes leftover after parsing attributes in process `syz.0.1722'. [ 291.429081][ T9148] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1726'. [ 291.588604][ T9150] rdma_rxe: rxe_register_device failed with error -23 [ 291.595921][ T9150] rdma_rxe: failed to add lo [ 292.537124][ T9162] syz.2.1732[9162] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 292.537217][ T9162] syz.2.1732[9162] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 292.630949][ T9164] 9pnet_fd: Insufficient options for proto=fd [ 292.840606][ T9172] netlink: 240 bytes leftover after parsing attributes in process `syz.1.1735'. [ 293.474315][ T9187] rdma_rxe: rxe_register_device failed with error -23 [ 293.481885][ T9187] rdma_rxe: failed to add lo [ 294.114603][ T9189] netlink: 132 bytes leftover after parsing attributes in process `syz.0.1743'. [ 294.443408][ T26] kauditd_printk_skb: 47 callbacks suppressed [ 294.443424][ T26] audit: type=1326 audit(294.472:1688): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9202 comm="syz.4.1749" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff6f1985d29 code=0x7ffc0000 [ 294.521856][ T26] audit: type=1326 audit(294.472:1689): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9202 comm="syz.4.1749" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff6f1985d29 code=0x7ffc0000 [ 294.537591][ T9207] netlink: 240 bytes leftover after parsing attributes in process `syz.2.1748'. [ 294.595664][ T26] audit: type=1326 audit(294.472:1690): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9202 comm="syz.4.1749" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff6f1985d29 code=0x7ffc0000 [ 294.678807][ T26] audit: type=1326 audit(294.482:1691): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9202 comm="syz.4.1749" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff6f1985d29 code=0x7ffc0000 [ 294.738505][ T26] audit: type=1326 audit(294.522:1692): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9202 comm="syz.4.1749" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff6f1985d29 code=0x7ffc0000 [ 294.790995][ T26] audit: type=1326 audit(294.532:1693): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9202 comm="syz.4.1749" exe="/root/syz-executor" sig=0 arch=c000003e syscall=89 compat=0 ip=0x7ff6f1985d29 code=0x7ffc0000 [ 294.858911][ T26] audit: type=1326 audit(294.532:1694): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9202 comm="syz.4.1749" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff6f1985d29 code=0x7ffc0000 [ 294.943178][ T26] audit: type=1326 audit(294.532:1695): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9202 comm="syz.4.1749" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff6f1985d29 code=0x7ffc0000 [ 294.981385][ T26] audit: type=1326 audit(294.532:1696): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9202 comm="syz.4.1749" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff6f1985d29 code=0x7ffc0000 [ 295.061414][ T26] audit: type=1326 audit(294.532:1697): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9202 comm="syz.4.1749" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff6f1985d29 code=0x7ffc0000 [ 295.274011][ T9222] loop4: detected capacity change from 0 to 764 [ 295.304303][ T9222] rock: directory entry would overflow storage [ 295.311036][ T9222] rock: sig=0x4f50, size=4, remaining=3 [ 295.331334][ T9222] iso9660: Corrupted directory entry in block 6 of inode 1792 [ 295.731436][ T9238] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1764'. [ 295.956113][ C0] net_ratelimit: 10 callbacks suppressed [ 295.956131][ C0] TCP: request_sock_subflow_v4: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. [ 296.108545][ T9259] netlink: 'syz.1.1772': attribute type 7 has an invalid length. [ 296.548846][ T9276] loop0: detected capacity change from 0 to 128 [ 296.908313][ T9282] loop3: detected capacity change from 0 to 512 [ 296.941795][ T9282] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 296.966249][ T9281] syz.1.1777[9281] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 296.966346][ T9281] syz.1.1777[9281] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 297.006605][ T9281] batadv0 speed is unknown, defaulting to 1000 [ 297.025016][ T9281] lo speed is unknown, defaulting to 1000 [ 297.100797][ T9284] netlink: 84 bytes leftover after parsing attributes in process `syz.1.1777'. [ 297.179917][ T9282] EXT4-fs (loop3): 1 truncate cleaned up [ 297.200465][ T9282] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 297.464575][ T9291] loop0: detected capacity change from 0 to 1024 [ 297.494594][ T9291] EXT4-fs: inline encryption not supported [ 297.500426][ T9291] EXT4-fs: Ignoring removed i_version option [ 297.527714][ T9291] EXT4-fs: Ignoring removed nomblk_io_submit option [ 297.559942][ T9291] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 297.600227][ T9291] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 297.742584][ T9291] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 21 with max blocks 44 with error 28 [ 297.768950][ T4261] EXT4-fs (loop3): unmounting filesystem. [ 297.791457][ T9291] EXT4-fs (loop0): This should not happen!! Data will be lost [ 297.791457][ T9291] [ 297.811314][ T9291] EXT4-fs (loop0): Total free blocks count 0 [ 297.841182][ T9291] EXT4-fs (loop0): Free/Dirty block details [ 297.847182][ T9291] EXT4-fs (loop0): free_blocks=0 [ 297.891423][ T9291] EXT4-fs (loop0): dirty_blocks=0 [ 297.896558][ T9291] EXT4-fs (loop0): Block reservation details [ 297.914163][ T9291] EXT4-fs (loop0): i_reserved_data_blocks=0 [ 298.022334][ T9299] loop4: detected capacity change from 0 to 2048 [ 298.044458][ T4252] EXT4-fs (loop0): unmounting filesystem. [ 298.084854][ T9299] loop4: p1 < > p4 [ 298.092141][ T9299] loop4: p4 size 8388608 extends beyond EOD, truncated [ 298.411560][ T9310] netlink: 76 bytes leftover after parsing attributes in process `syz.3.1790'. [ 298.421852][ T9311] netlink: 240 bytes leftover after parsing attributes in process `syz.0.1788'. [ 298.584627][ T9317] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1792'. [ 298.629189][ T6130] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 298.743557][ T6130] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 298.874200][ T6130] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 298.987368][ T6130] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 299.201258][ T9330] IPVS: lc: UDP 224.0.0.2:0 - no destination available [ 299.338804][ T4269] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 299.348529][ T4268] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 299.358810][ T4268] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 299.367963][ T4268] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 299.377080][ T6130] tipc: Disabling bearer [ 299.378062][ T4269] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 299.394115][ T9340] netlink: 240 bytes leftover after parsing attributes in process `syz.3.1802'. [ 299.408173][ T6130] tipc: Left network mode [ 299.408226][ T4269] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 299.519780][ T9337] batadv0 speed is unknown, defaulting to 1000 [ 299.530110][ T9342] loop0: detected capacity change from 0 to 8192 [ 299.671290][ T9337] lo speed is unknown, defaulting to 1000 [ 300.094649][ T26] kauditd_printk_skb: 57 callbacks suppressed [ 300.094666][ T26] audit: type=1326 audit(300.112:1755): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9355 comm="syz.0.1807" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee7e785d29 code=0x7ffc0000 [ 300.151550][ T26] audit: type=1326 audit(300.112:1756): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9355 comm="syz.0.1807" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee7e785d29 code=0x7ffc0000 [ 300.201384][ T26] audit: type=1326 audit(300.112:1757): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9355 comm="syz.0.1807" exe="/root/syz-executor" sig=0 arch=c000003e syscall=305 compat=0 ip=0x7fee7e785d29 code=0x7ffc0000 [ 300.264000][ T26] audit: type=1326 audit(300.112:1758): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9355 comm="syz.0.1807" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee7e785d29 code=0x7ffc0000 [ 300.330136][ T26] audit: type=1326 audit(300.112:1759): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9355 comm="syz.0.1807" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee7e785d29 code=0x7ffc0000 [ 300.540847][ T9337] chnl_net:caif_netlink_parms(): no params data found [ 300.927207][ T9373] loop3: detected capacity change from 0 to 512 [ 300.965861][ T9373] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 301.067892][ T9373] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 301.287774][ T9337] bridge0: port 1(bridge_slave_0) entered blocking state [ 301.346445][ T9337] bridge0: port 1(bridge_slave_0) entered disabled state [ 301.385766][ T9337] device bridge_slave_0 entered promiscuous mode [ 301.423036][ T9337] bridge0: port 2(bridge_slave_1) entered blocking state [ 301.551676][ T4253] Bluetooth: hci0: command 0x0409 tx timeout [ 302.134424][ T9337] bridge0: port 2(bridge_slave_1) entered disabled state [ 302.198190][ T9337] device bridge_slave_1 entered promiscuous mode [ 302.233136][ T4261] EXT4-fs (loop3): unmounting filesystem. [ 302.379477][ T9337] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 302.421763][ T9337] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 302.436863][ T6130] device hsr_slave_0 left promiscuous mode [ 302.452273][ T6130] device hsr_slave_1 left promiscuous mode [ 302.459110][ T6130] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 302.478235][ T6130] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 302.482819][ T9397] loop0: detected capacity change from 0 to 1024 [ 302.492699][ T9397] EXT4-fs: inline encryption not supported [ 302.499376][ T9397] EXT4-fs: Ignoring removed i_version option [ 302.499929][ T6130] device bridge_slave_1 left promiscuous mode [ 302.505686][ T9397] EXT4-fs: Ignoring removed nomblk_io_submit option [ 302.519720][ T9397] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 302.523795][ T6130] bridge0: port 2(bridge_slave_1) entered disabled state [ 302.541787][ T6130] device bridge_slave_0 left promiscuous mode [ 302.548791][ T6130] bridge0: port 1(bridge_slave_0) entered disabled state [ 302.567238][ T9397] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 302.609277][ T6130] team0 (unregistering): Port device geneve0 removed [ 302.705892][ T4252] EXT4-fs (loop0): unmounting filesystem. [ 303.114410][ T6130] team0 (unregistering): Port device team_slave_1 removed [ 303.177450][ T6130] team0 (unregistering): Port device team_slave_0 removed [ 303.236945][ T6130] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 303.333854][ T6130] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 303.364201][ T9430] loop3: detected capacity change from 0 to 512 [ 303.565961][ T4269] Bluetooth: hci0: command 0x041b tx timeout [ 303.569770][ T9437] 9pnet: Unknown protocol version 9p20\++} [ 303.839386][ T26] audit: type=1326 audit(303.862:1760): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9442 comm="syz.0.1839" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee7e785d29 code=0x7ffc0000 [ 303.897091][ T26] audit: type=1326 audit(303.862:1761): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9442 comm="syz.0.1839" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee7e785d29 code=0x7ffc0000 [ 303.924439][ T26] audit: type=1326 audit(303.902:1762): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9442 comm="syz.0.1839" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fee7e785d29 code=0x7ffc0000 [ 303.947426][ T26] audit: type=1326 audit(303.902:1763): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9442 comm="syz.0.1839" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee7e785d29 code=0x7ffc0000 [ 303.969715][ T26] audit: type=1326 audit(303.902:1764): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9442 comm="syz.0.1839" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fee7e785d29 code=0x7ffc0000 [ 304.080559][ T6130] bond0 (unregistering): Released all slaves [ 304.226047][ T9337] team0: Port device team_slave_0 added [ 304.254685][ T9337] team0: Port device team_slave_1 added [ 304.340206][ T9337] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 304.384869][ T9337] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 304.444803][ T9461] syz.0.1846[9461] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 304.444905][ T9461] syz.0.1846[9461] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 304.456665][ T9337] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 304.503418][ T9337] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 304.510469][ T9337] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 304.536988][ T9337] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 305.484998][ T9461] team0 (unregistering): Port device team_slave_0 removed [ 305.502165][ T9461] team0 (unregistering): Port device team_slave_1 removed [ 305.525996][ T9469] batadv0 speed is unknown, defaulting to 1000 [ 305.540029][ T9469] batadv0 speed is unknown, defaulting to 1000 [ 305.548354][ T9469] batadv0 speed is unknown, defaulting to 1000 [ 305.557578][ T9337] device hsr_slave_0 entered promiscuous mode [ 305.562185][ T9469] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98 [ 305.576553][ T9337] device hsr_slave_1 entered promiscuous mode [ 305.583576][ T9337] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 305.594594][ T9337] Cannot create hsr debugfs directory [ 305.600208][ T9469] batadv0 speed is unknown, defaulting to 1000 [ 305.610747][ T9469] batadv0 speed is unknown, defaulting to 1000 [ 305.626241][ T9469] batadv0 speed is unknown, defaulting to 1000 [ 305.639044][ T9469] batadv0 speed is unknown, defaulting to 1000 [ 305.646654][ T9469] batadv0 speed is unknown, defaulting to 1000 [ 305.654143][ T4269] Bluetooth: hci0: command 0x040f tx timeout [ 305.844991][ T26] kauditd_printk_skb: 26 callbacks suppressed [ 305.845006][ T26] audit: type=1326 audit(305.872:1791): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9479 comm="syz.1.1853" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6da9185d29 code=0x7ffc0000 [ 305.859020][ T9478] 9pnet_fd: Insufficient options for proto=fd [ 305.889857][ T9482] x_tables: ip_tables: bpf.1 match: invalid size 528 (kernel) != (user) 544 [ 305.895153][ T9337] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 305.917654][ T9337] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 305.926756][ T26] audit: type=1326 audit(305.912:1792): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9479 comm="syz.1.1853" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6da9185d29 code=0x7ffc0000 [ 305.964583][ T9337] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 305.974341][ T9337] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 306.001471][ T26] audit: type=1326 audit(305.912:1793): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9479 comm="syz.1.1853" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6da9185d29 code=0x7ffc0000 [ 306.073109][ T26] audit: type=1326 audit(305.912:1794): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9479 comm="syz.1.1853" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6da9185d29 code=0x7ffc0000 [ 306.147275][ T26] audit: type=1326 audit(305.912:1795): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9479 comm="syz.1.1853" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6da9185d29 code=0x7ffc0000 [ 306.200831][ T9337] 8021q: adding VLAN 0 to HW filter on device bond0 [ 306.223601][ T26] audit: type=1326 audit(305.922:1796): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9479 comm="syz.1.1853" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6da9185d29 code=0x7ffc0000 [ 306.252424][ T6028] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 306.274806][ T26] audit: type=1326 audit(305.932:1797): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9479 comm="syz.1.1853" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6da9185d29 code=0x7ffc0000 [ 306.281838][ T6028] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 306.300200][ T26] audit: type=1326 audit(305.932:1798): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9479 comm="syz.1.1853" exe="/root/syz-executor" sig=0 arch=c000003e syscall=89 compat=0 ip=0x7f6da9185d29 code=0x7ffc0000 [ 306.327587][ T26] audit: type=1326 audit(305.932:1799): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9479 comm="syz.1.1853" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6da9185d29 code=0x7ffc0000 [ 306.353402][ T9337] 8021q: adding VLAN 0 to HW filter on device team0 [ 306.375794][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 306.377541][ T26] audit: type=1326 audit(305.932:1800): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9479 comm="syz.1.1853" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6da9185d29 code=0x7ffc0000 [ 306.409237][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 306.436925][ T56] bridge0: port 1(bridge_slave_0) entered blocking state [ 306.444092][ T56] bridge0: port 1(bridge_slave_0) entered forwarding state [ 306.483573][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 306.510521][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 306.529858][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 306.551049][ T56] bridge0: port 2(bridge_slave_1) entered blocking state [ 306.558188][ T56] bridge0: port 2(bridge_slave_1) entered forwarding state [ 306.683417][ T9512] 9pnet_fd: Insufficient options for proto=fd [ 306.723947][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 306.734817][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 306.755023][ T4477] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 306.788256][ T4477] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 306.866752][ T9517] rdma_rxe: rxe_register_device failed with error -23 [ 306.874332][ T9517] rdma_rxe: failed to add lo [ 307.478018][ T4477] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 307.487169][ T4477] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 307.495872][ T4477] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 307.504373][ T4477] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 307.518529][ T4477] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 307.608618][ T9337] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 307.645887][ T9337] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 307.663360][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 307.679063][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 307.721346][ T4269] Bluetooth: hci0: command 0x0419 tx timeout [ 307.778751][ T9534] loop0: detected capacity change from 0 to 128 [ 307.945215][ T9541] 9pnet_fd: Insufficient options for proto=fd [ 308.050788][ T9547] netlink: 'syz.1.1877': attribute type 13 has an invalid length. [ 308.089369][ T9547] netlink: 'syz.1.1877': attribute type 58 has an invalid length. [ 308.114376][ T9550] loop0: detected capacity change from 0 to 2048 [ 308.118911][ T9547] netlink: 152 bytes leftover after parsing attributes in process `syz.1.1877'. [ 308.155648][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 308.175074][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 308.202087][ T9550] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 308.217656][ T9337] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 308.327500][ T9559] loop3: detected capacity change from 0 to 2048 [ 308.370999][ T9560] 9pnet: Could not find request transport: fd0x0000000000000006 [ 308.406968][ T9559] loop3: p1 < > p3 p4 < > [ 308.429580][ T9559] loop3: p3 start 4284289 is beyond EOD, truncated [ 308.480999][ T9569] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1882'. [ 308.520756][ T9572] IPVS: sync thread started: state = BACKUP, mcast_ifn = vcan0, syncid = 0, id = 0 [ 308.818813][ T6130] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 308.838262][ T6130] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 308.876049][ T6130] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 308.892517][ T6130] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 308.902877][ T9337] device veth0_vlan entered promiscuous mode [ 308.911423][ T6130] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 308.932772][ T6130] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 308.946030][ T9337] device veth1_vlan entered promiscuous mode [ 308.979191][ T6130] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 308.991265][ T6130] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 308.999524][ T6130] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 309.011441][ T6130] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 309.022264][ T9337] device veth0_macvtap entered promiscuous mode [ 309.035021][ T9337] device veth1_macvtap entered promiscuous mode [ 309.058625][ T9337] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 309.076753][ T9337] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 309.088612][ T9337] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 309.099031][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 309.108187][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 309.118757][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 309.134189][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 309.155873][ T9337] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 309.167144][ T9337] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 309.184737][ T9337] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 309.202678][ T6130] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 309.214202][ T6130] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 309.225191][ T9337] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 309.241360][ T9337] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 309.250179][ T9337] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 309.272130][ T9337] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 309.378813][ T6130] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 309.394275][ T6130] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 309.429643][ T4308] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 309.448467][ T4308] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 309.463930][ T4308] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 309.485689][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 310.073572][ T9612] loop5: detected capacity change from 0 to 128 [ 310.923691][ T9555] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm ext4lazyinit: bg 0: block 345: padding at end of block bitmap is not set [ 311.417417][ T9589] Can't find ip_set type hasT:ip,port [ 311.490899][ T6130] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 2048 with error 28 [ 311.525889][ T6130] EXT4-fs (loop0): This should not happen!! Data will be lost [ 311.525889][ T6130] [ 311.542147][ T9633] devtmpfs: Too few inodes for current use [ 311.544542][ T6130] EXT4-fs (loop0): Total free blocks count 0 [ 311.554767][ T6130] EXT4-fs (loop0): Free/Dirty block details [ 311.560894][ T6130] EXT4-fs (loop0): free_blocks=0 [ 311.566517][ T6130] EXT4-fs (loop0): dirty_blocks=2048 [ 311.574741][ T9633] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1903'. [ 311.581107][ T6130] EXT4-fs (loop0): Block reservation details [ 311.589743][ T6130] EXT4-fs (loop0): i_reserved_data_blocks=128 [ 311.608299][ T9633] device bridge_slave_1 left promiscuous mode [ 311.625147][ T9633] bridge0: port 2(bridge_slave_1) entered disabled state [ 311.673011][ T9633] device bridge_slave_0 left promiscuous mode [ 311.701450][ T9633] bridge0: port 1(bridge_slave_0) entered disabled state [ 311.782584][ T4252] EXT4-fs (loop0): unmounting filesystem. [ 312.004794][ T9653] netlink: 76 bytes leftover after parsing attributes in process `syz.5.1909'. [ 312.085827][ T9651] lo speed is unknown, defaulting to 1000 [ 312.103412][ T9660] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1902'. [ 312.144998][ T9665] netlink: 240 bytes leftover after parsing attributes in process `syz.1.1910'. [ 312.193830][ T9666] device bridge0 entered promiscuous mode [ 312.213537][ T9666] device macvlan2 entered promiscuous mode [ 312.235864][ T9666] bridge0: port 1(macvlan2) entered blocking state [ 312.270163][ T9666] bridge0: port 1(macvlan2) entered disabled state [ 312.308269][ T9666] device bridge0 left promiscuous mode [ 312.620323][ T9651] batadv0 speed is unknown, defaulting to 1000 [ 312.809086][ T9698] 9pnet_fd: Insufficient options for proto=fd [ 312.974913][ T9705] netlink: 76 bytes leftover after parsing attributes in process `syz.2.1923'. [ 313.100203][ T26] kauditd_printk_skb: 110 callbacks suppressed [ 313.100219][ T26] audit: type=1326 audit(313.122:1911): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9710 comm="syz.5.1926" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff913d85d29 code=0x7ffc0000 [ 313.151209][ T26] audit: type=1326 audit(313.162:1912): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9710 comm="syz.5.1926" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff913d85d29 code=0x7ffc0000 [ 313.164710][ T9713] netlink: 240 bytes leftover after parsing attributes in process `syz.2.1925'. [ 313.177236][ T26] audit: type=1326 audit(313.162:1913): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9710 comm="syz.5.1926" exe="/root/syz-executor" sig=0 arch=c000003e syscall=273 compat=0 ip=0x7ff913d85d29 code=0x7ffc0000 [ 313.229132][ T26] audit: type=1326 audit(313.162:1914): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9710 comm="syz.5.1926" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff913d85d29 code=0x7ffc0000 [ 313.339675][ T9718] device bridge0 entered promiscuous mode [ 313.349195][ T9718] device macvlan2 entered promiscuous mode [ 313.356485][ T9718] bridge0: port 3(macvlan2) entered blocking state [ 313.363331][ T9718] bridge0: port 3(macvlan2) entered disabled state [ 313.379207][ T9718] device bridge0 left promiscuous mode [ 313.968620][ T9737] netlink: 76 bytes leftover after parsing attributes in process `syz.2.1935'. [ 314.077100][ T9740] rdma_rxe: rxe_register_device failed with error -23 [ 314.084641][ T9740] rdma_rxe: failed to add lo [ 314.811030][ T9742] lo speed is unknown, defaulting to 1000 [ 314.892962][ T9749] netlink: 240 bytes leftover after parsing attributes in process `syz.2.1938'. [ 315.128672][ T9759] loop0: detected capacity change from 0 to 1024 [ 315.281436][ T9759] EXT4-fs: Ignoring removed orlov option [ 315.291338][ T9759] EXT4-fs (loop0): Test dummy encryption mode enabled [ 315.308652][ T9759] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 315.355151][ T9742] batadv0 speed is unknown, defaulting to 1000 [ 315.425816][ T9778] device syzkaller0 entered promiscuous mode [ 315.948812][ T4252] EXT4-fs (loop0): unmounting filesystem. [ 316.056310][ T9786] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1951'. [ 316.120561][ T9789] netlink: 240 bytes leftover after parsing attributes in process `syz.3.1952'. [ 316.250482][ T26] audit: type=1326 audit(316.272:1915): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9793 comm="syz.3.1955" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22b7b85d29 code=0x7ffc0000 [ 316.318785][ T26] audit: type=1326 audit(316.272:1916): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9793 comm="syz.3.1955" exe="/root/syz-executor" sig=0 arch=c000003e syscall=276 compat=0 ip=0x7f22b7b85d29 code=0x7ffc0000 [ 316.359547][ T9782] loop5: detected capacity change from 0 to 65536 [ 316.381336][ T26] audit: type=1326 audit(316.272:1917): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9793 comm="syz.3.1955" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22b7b85d29 code=0x7ffc0000 [ 316.403995][ T9796] loop0: detected capacity change from 0 to 764 [ 316.420917][ T26] audit: type=1326 audit(316.272:1918): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9793 comm="syz.3.1955" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f22b7b85d29 code=0x7ffc0000 [ 316.481119][ T26] audit: type=1326 audit(316.272:1919): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9793 comm="syz.3.1955" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22b7b85d29 code=0x7ffc0000 [ 316.502173][ T9796] rock: directory entry would overflow storage [ 316.515980][ T26] audit: type=1326 audit(316.272:1920): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9793 comm="syz.3.1955" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f22b7b85d29 code=0x7ffc0000 [ 316.517595][ T9796] rock: sig=0x4f50, size=4, remaining=3 [ 316.554298][ T9796] iso9660: Corrupted directory entry in block 6 of inode 1792 [ 316.577895][ T9782] XFS (loop5): Mounting V5 Filesystem [ 316.735464][ T9782] XFS (loop5): Ending clean mount [ 316.889340][ T9794] loop3: detected capacity change from 0 to 32768 [ 316.898289][ T9794] XFS: ikeep mount option is deprecated. [ 316.999263][ T9794] XFS (loop3): Mounting V5 Filesystem [ 317.006857][ T1276] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.006974][ T1276] ieee802154 phy1 wpan1: encryption failed: -22 [ 317.076653][ T9337] XFS (loop5): Unmounting Filesystem [ 317.134336][ T9794] XFS (loop3): Ending clean mount [ 317.210029][ T9794] XFS (loop3): Quotacheck needed: Please wait. [ 317.268363][ T9823] loop0: detected capacity change from 0 to 1024 [ 317.333444][ T9823] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 317.355912][ T9794] XFS (loop3): Quotacheck: Done. [ 317.459360][ T4252] EXT4-fs (loop0): unmounting filesystem. [ 317.604502][ T9830] xt_hashlimit: size too large, truncated to 1048576 [ 317.626072][ T4261] XFS (loop3): Unmounting Filesystem [ 317.668511][ T9828] loop5: detected capacity change from 0 to 8192 [ 319.141886][ T9844] netlink: 240 bytes leftover after parsing attributes in process `syz.3.1965'. [ 319.276675][ T26] kauditd_printk_skb: 43 callbacks suppressed [ 319.276691][ T26] audit: type=1326 audit(319.302:1964): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9845 comm="syz.5.1967" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff913d85d29 code=0x7ffc0000 [ 319.351259][ T26] audit: type=1326 audit(319.302:1965): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9845 comm="syz.5.1967" exe="/root/syz-executor" sig=0 arch=c000003e syscall=238 compat=0 ip=0x7ff913d85d29 code=0x7ffc0000 [ 319.431564][ T26] audit: type=1326 audit(319.302:1966): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9845 comm="syz.5.1967" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff913d85d29 code=0x7ffc0000 [ 319.461149][ T26] audit: type=1326 audit(319.302:1967): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9845 comm="syz.5.1967" exe="/root/syz-executor" sig=0 arch=c000003e syscall=30 compat=0 ip=0x7ff913d85d29 code=0x7ffc0000 [ 319.511486][ T26] audit: type=1326 audit(319.302:1968): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9845 comm="syz.5.1967" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff913d85d29 code=0x7ffc0000 [ 319.533983][ T26] audit: type=1326 audit(319.312:1969): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9845 comm="syz.5.1967" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff913d85d29 code=0x7ffc0000 [ 320.271215][ T9861] netem: change failed [ 320.426424][ T9866] syz.5.1975[9866] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 320.426519][ T9866] syz.5.1975[9866] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 320.584642][ T9865] loop3: detected capacity change from 0 to 8192 [ 320.777404][ T9881] lo speed is unknown, defaulting to 1000 [ 320.813986][ T9884] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1981'. [ 320.861326][ T9884] netlink: 20 bytes leftover after parsing attributes in process `syz.5.1981'. [ 320.907749][ C0] IPv4: Oversized IP packet from 172.20.20.24 [ 321.355664][ T9904] loop1: detected capacity change from 0 to 4096 [ 321.471149][ T9904] ntfs: (device loop1): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel. [ 322.059281][ T9904] ntfs: volume version 3.1. [ 322.222831][ T9881] batadv0 speed is unknown, defaulting to 1000 [ 322.548755][ T9914] rdma_rxe: already configured on lo [ 323.177254][ T9917] netlink: 'syz.0.1992': attribute type 5 has an invalid length. [ 323.222161][ T9893] loop3: detected capacity change from 0 to 32768 [ 323.229243][ T9893] XFS: ikeep mount option is deprecated. [ 323.409557][ T9893] XFS (loop3): Mounting V5 Filesystem [ 323.511393][ T9926] loop0: detected capacity change from 0 to 8192 [ 323.520099][ T9932] 9pnet_fd: Insufficient options for proto=fd [ 323.539405][ T9934] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1994'. [ 323.551278][ T9934] netlink: 20 bytes leftover after parsing attributes in process `syz.5.1994'. [ 323.560829][ T9930] lo speed is unknown, defaulting to 1000 [ 323.643429][ T9893] XFS (loop3): Ending clean mount [ 323.657912][ C1] IPv4: Oversized IP packet from 172.20.20.24 [ 323.715050][ T9893] XFS (loop3): Quotacheck needed: Please wait. [ 323.784982][ T9893] XFS (loop3): Quotacheck: Done. [ 323.959609][ T4261] XFS (loop3): Unmounting Filesystem [ 324.050205][ T9930] batadv0 speed is unknown, defaulting to 1000 [ 324.080505][ T26] audit: type=1326 audit(324.102:1970): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9948 comm="syz.0.2001" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee7e785d29 code=0x7ffc0000 [ 324.160354][ T26] audit: type=1326 audit(324.102:1971): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9948 comm="syz.0.2001" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee7e785d29 code=0x7ffc0000 [ 324.223174][ T26] audit: type=1326 audit(324.132:1972): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9948 comm="syz.0.2001" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fee7e785d29 code=0x7ffc0000 [ 324.314883][ T26] audit: type=1326 audit(324.132:1973): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9948 comm="syz.0.2001" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee7e785d29 code=0x7ffc0000 [ 324.392088][ T26] audit: type=1326 audit(324.132:1974): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9948 comm="syz.0.2001" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee7e785d29 code=0x7ffc0000 [ 324.461245][ T9958] xt_hashlimit: max too large, truncated to 1048576 [ 324.470926][ T26] audit: type=1326 audit(324.132:1975): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9948 comm="syz.0.2001" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fee7e785d29 code=0x7ffc0000 [ 324.523517][ T9958] 9pnet_fd: p9_fd_create_tcp (9958): problem connecting socket to 127.0.0.1 [ 324.551356][ T26] audit: type=1326 audit(324.132:1976): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9948 comm="syz.0.2001" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee7e785d29 code=0x7ffc0000 [ 324.618578][ T26] audit: type=1326 audit(324.132:1977): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9948 comm="syz.0.2001" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee7e785d29 code=0x7ffc0000 [ 324.661746][ T26] audit: type=1326 audit(324.152:1978): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9948 comm="syz.0.2001" exe="/root/syz-executor" sig=0 arch=c000003e syscall=155 compat=0 ip=0x7fee7e785d29 code=0x7ffc0000 [ 324.703067][ T26] audit: type=1326 audit(324.152:1979): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9948 comm="syz.0.2001" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee7e785d29 code=0x7ffc0000 [ 324.726146][ T26] audit: type=1326 audit(324.152:1980): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9948 comm="syz.0.2001" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee7e785d29 code=0x7ffc0000 [ 324.758004][ T9945] loop1: detected capacity change from 0 to 32768 [ 324.813945][ T9945] XFS (loop1): Mounting V5 Filesystem [ 324.886431][ T9945] XFS (loop1): Ending clean mount [ 324.909099][ T9984] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2010'. [ 324.938475][ T9984] device bridge_slave_1 left promiscuous mode [ 324.945751][ T9984] bridge0: port 2(bridge_slave_1) entered disabled state [ 324.974236][ T9984] device bridge_slave_0 left promiscuous mode [ 324.987533][ T9984] bridge0: port 1(bridge_slave_0) entered disabled state [ 325.034753][ T4258] XFS (loop1): Unmounting Filesystem [ 325.041687][ T9988] netlink: 240 bytes leftover after parsing attributes in process `syz.5.2012'. [ 325.260452][ T9998] Process accounting resumed [ 325.558524][T10017] loop0: detected capacity change from 0 to 128 [ 325.625385][T10021] netlink: 240 bytes leftover after parsing attributes in process `syz.2.2025'. [ 325.745473][T10028] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2029'. [ 325.866275][T10025] lo speed is unknown, defaulting to 1000 [ 327.122172][T10025] batadv0 speed is unknown, defaulting to 1000 [ 327.791155][ T8476] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 328.054528][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 328.071107][ T0] NOHZ tick-stop error: local softirq work is pending, handler #82!!! [ 328.079417][ T0] NOHZ tick-stop error: local softirq work is pending, handler #82!!! [ 328.087730][ T0] NOHZ tick-stop error: local softirq work is pending, handler #82!!! [ 328.096039][ T0] NOHZ tick-stop error: local softirq work is pending, handler #182!!! [ 328.104442][ T0] NOHZ tick-stop error: local softirq work is pending, handler #182!!! [ 328.112835][ T0] NOHZ tick-stop error: local softirq work is pending, handler #182!!! [ 328.121159][ T0] NOHZ tick-stop error: local softirq work is pending, handler #182!!! [ 328.129537][ T0] NOHZ tick-stop error: local softirq work is pending, handler #182!!! [ 328.137959][ T0] NOHZ tick-stop error: local softirq work is pending, handler #182!!! [ 328.669389][ T8476] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 328.711207][ T8476] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 328.720978][ T8476] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 328.763723][ T8476] usb 6-1: New USB device found, idVendor=20d6, idProduct=cb17, bcdDevice= 0.00 [ 328.793832][ T8476] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 328.844283][ T8476] usb 6-1: config 0 descriptor?? [ 328.918614][T10093] netlink: 240 bytes leftover after parsing attributes in process `syz.1.2054'. [ 329.068185][T10062] loop5: detected capacity change from 0 to 128 [ 329.085597][T10100] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2057'. [ 330.100386][T10109] bridge0: port 1(gretap0) entered blocking state [ 330.108905][T10109] bridge0: port 1(gretap0) entered disabled state [ 330.117115][T10109] device gretap0 entered promiscuous mode [ 330.125266][T10111] device gretap0 left promiscuous mode [ 330.133191][T10111] bridge0: port 1(gretap0) entered disabled state [ 330.230990][ T26] audit: type=1326 audit(330.252:1981): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10118 comm="syz.2.2064" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8356585d29 code=0x7ffc0000 [ 330.295610][ T26] audit: type=1326 audit(330.292:1982): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10118 comm="syz.2.2064" exe="/root/syz-executor" sig=0 arch=c000003e syscall=238 compat=0 ip=0x7f8356585d29 code=0x7ffc0000 [ 330.339944][ T26] audit: type=1326 audit(330.292:1983): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10118 comm="syz.2.2064" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8356585d29 code=0x7ffc0000 [ 330.379685][T10127] loop1: detected capacity change from 0 to 512 [ 330.384339][ T26] audit: type=1326 audit(330.292:1984): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10118 comm="syz.2.2064" exe="/root/syz-executor" sig=0 arch=c000003e syscall=30 compat=0 ip=0x7f8356585d29 code=0x7ffc0000 [ 330.426972][T10127] EXT4-fs error (device loop1): ext4_xattr_inode_iget:404: comm syz.1.2067: inode #1: comm syz.1.2067: iget: illegal inode # [ 330.443516][ T26] audit: type=1326 audit(330.292:1985): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10118 comm="syz.2.2064" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8356585d29 code=0x7ffc0000 [ 330.461665][T10127] EXT4-fs error (device loop1): ext4_xattr_inode_iget:409: comm syz.1.2067: error while reading EA inode 1 err=-117 [ 330.478088][T10135] netlink: 240 bytes leftover after parsing attributes in process `syz.2.2068'. [ 330.486859][T10127] EXT4-fs error (device loop1): ext4_xattr_inode_iget:404: comm syz.1.2067: inode #1: comm syz.1.2067: iget: illegal inode # [ 330.501738][T10127] EXT4-fs error (device loop1): ext4_xattr_inode_iget:409: comm syz.1.2067: error while reading EA inode 1 err=-117 [ 330.521489][T10127] EXT4-fs (loop1): 1 orphan inode deleted [ 330.530327][T10127] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 330.667641][ T4258] EXT4-fs (loop1): unmounting filesystem. [ 330.755596][T10146] device bridge_slave_0 entered promiscuous mode [ 331.041511][T10162] loop3: detected capacity change from 0 to 1024 [ 331.061941][T10162] EXT4-fs: Ignoring removed i_version option [ 331.093106][T10162] EXT4-fs: Ignoring removed bh option [ 331.099392][ T8476] usbhid 6-1:0.0: can't add hid device: -71 [ 331.106237][ T8476] usbhid: probe of 6-1:0.0 failed with error -71 [ 331.120264][ T8476] usb 6-1: USB disconnect, device number 2 [ 331.159443][T10162] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 331.191194][ T26] audit: type=1326 audit(331.212:1986): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10170 comm="syz.5.2084" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff913d85d29 code=0x7ffc0000 [ 331.254643][ T26] audit: type=1326 audit(331.212:1987): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10170 comm="syz.5.2084" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff913d85d29 code=0x7ffc0000 [ 331.355372][ T26] audit: type=1326 audit(331.242:1988): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10170 comm="syz.5.2084" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff913d85d29 code=0x7ffc0000 [ 331.409793][ T26] audit: type=1326 audit(331.252:1989): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10170 comm="syz.5.2084" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff913d85d29 code=0x7ffc0000 [ 331.473916][ T26] audit: type=1326 audit(331.252:1990): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10170 comm="syz.5.2084" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff913d85d29 code=0x7ffc0000 [ 331.789606][T10187] loop5: detected capacity change from 0 to 1024 [ 331.818694][T10187] EXT4-fs: inline encryption not supported [ 331.831545][T10187] EXT4-fs: Ignoring removed i_version option [ 331.846581][T10187] EXT4-fs: Ignoring removed nomblk_io_submit option [ 331.863746][T10187] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 331.893532][T10187] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 331.969256][ T9337] EXT4-fs (loop5): unmounting filesystem. [ 332.113534][T10198] autofs4:pid:10198:autofs_fill_super: called with bogus options [ 332.139227][ T4261] EXT4-fs (loop3): unmounting filesystem. [ 332.299323][T10211] loop0: detected capacity change from 0 to 764 [ 332.414897][T10218] loop3: detected capacity change from 0 to 1024 [ 332.451748][T10218] EXT4-fs: inline encryption not supported [ 332.457812][T10218] EXT4-fs: Ignoring removed i_version option [ 332.513420][T10218] EXT4-fs: Ignoring removed nomblk_io_submit option [ 332.532175][T10219] lo speed is unknown, defaulting to 1000 [ 332.540856][T10218] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 332.671639][T10229] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2105'. [ 332.689789][T10218] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 333.435836][ T4261] EXT4-fs (loop3): unmounting filesystem. [ 333.575460][T10238] loop1: detected capacity change from 0 to 1024 [ 333.610928][T10238] EXT4-fs: Ignoring removed i_version option [ 333.622177][T10244] loop3: detected capacity change from 0 to 512 [ 333.642018][T10244] EXT4-fs: Ignoring removed nomblk_io_submit option [ 333.643317][T10238] EXT4-fs: Ignoring removed bh option [ 333.648684][T10244] EXT4-fs: Ignoring removed mblk_io_submit option [ 333.697070][T10246] netlink: 3 bytes leftover after parsing attributes in process `syz.0.2114'. [ 333.723870][T10244] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -2 [ 333.733679][T10238] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 333.751315][T10244] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -2 [ 333.759628][T10246] 0ªX¹¦À: renamed from caif0 [ 333.777223][T10244] EXT4-fs (loop3): 1 truncate cleaned up [ 333.786098][T10246] A link change request failed with some changes committed already. Interface 60ªX¹¦À may have been left with an inconsistent configuration, please check. [ 333.811234][T10244] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 333.831282][T10219] batadv0 speed is unknown, defaulting to 1000 [ 333.850263][T10244] EXT4-fs error (device loop3): ext4_map_blocks:634: inode #2: block 4: comm syz.3.2112: lblock 0 mapped to illegal pblock 4 (length 1) [ 333.883682][T10244] EXT4-fs (loop3): Remounting filesystem read-only [ 333.918739][T10254] device syzkaller1 entered promiscuous mode [ 333.932388][T10254] PF_CAN: dropped non conform CAN XL skbuff: dev type 65534, len 40 [ 333.969955][ T4261] EXT4-fs (loop3): unmounting filesystem. [ 333.980272][T10257] loop0: detected capacity change from 0 to 764 [ 334.200002][T10263] netlink: 240 bytes leftover after parsing attributes in process `syz.3.2120'. [ 335.275667][T10274] lo speed is unknown, defaulting to 1000 [ 335.428300][ T4258] EXT4-fs (loop1): unmounting filesystem. [ 335.666052][T10285] loop0: detected capacity change from 0 to 764 [ 335.893974][T10274] batadv0 speed is unknown, defaulting to 1000 [ 335.981583][T10291] netlink: 240 bytes leftover after parsing attributes in process `syz.5.2132'. [ 336.158367][ T26] kauditd_printk_skb: 15 callbacks suppressed [ 336.158383][ T26] audit: type=1326 audit(336.182:2006): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10296 comm="syz.5.2136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff913d85d29 code=0x7ffc0000 [ 336.222596][ T26] audit: type=1326 audit(336.222:2007): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10296 comm="syz.5.2136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff913d85d29 code=0x7ffc0000 [ 336.270387][ T26] audit: type=1326 audit(336.222:2008): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10296 comm="syz.5.2136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff913d85d29 code=0x7ffc0000 [ 336.331180][ T26] audit: type=1326 audit(336.222:2009): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10296 comm="syz.5.2136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff913d85d29 code=0x7ffc0000 [ 336.360921][ T26] audit: type=1326 audit(336.222:2010): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10296 comm="syz.5.2136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff913d85d29 code=0x7ffc0000 [ 336.393413][ T26] audit: type=1326 audit(336.222:2011): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10296 comm="syz.5.2136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff913d85d29 code=0x7ffc0000 [ 336.442246][ T26] audit: type=1326 audit(336.222:2012): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10296 comm="syz.5.2136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff913d85d29 code=0x7ffc0000 [ 336.541271][ T26] audit: type=1326 audit(336.222:2013): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10296 comm="syz.5.2136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7ff913d85d29 code=0x7ffc0000 [ 336.563834][ T26] audit: type=1326 audit(336.222:2014): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10296 comm="syz.5.2136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff913d85d29 code=0x7ffc0000 [ 336.599840][ T26] audit: type=1326 audit(336.222:2015): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10296 comm="syz.5.2136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff913d85d29 code=0x7ffc0000 [ 338.315893][T10324] loop3: detected capacity change from 0 to 2048 [ 338.374888][T10324] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found [ 338.401169][T10324] UDF-fs: Scanning with blocksize 512 failed [ 338.441431][T10324] UDF-fs: error (device loop3): udf_process_sequence: Primary Volume Descriptor not found! [ 338.468807][T10324] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 338.543121][T10336] loop1: detected capacity change from 0 to 1024 [ 338.559786][T10338] 9pnet_fd: Insufficient options for proto=fd [ 338.699089][T10287] loop0: detected capacity change from 0 to 65536 [ 338.720045][T10336] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 338.814097][T10331] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.2148: bg 0: block 393: padding at end of block bitmap is not set [ 338.901252][T10331] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 29 with error 117 [ 338.925000][T10331] EXT4-fs (loop1): This should not happen!! Data will be lost [ 338.925000][T10331] [ 339.670093][ T6130] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 48 with max blocks 20 with error 117 [ 339.713549][ T6130] EXT4-fs (loop1): This should not happen!! Data will be lost [ 339.713549][ T6130] [ 339.755644][ T4258] EXT4-fs (loop1): unmounting filesystem. [ 339.987646][T10361] lo speed is unknown, defaulting to 1000 [ 340.251933][T10372] 9pnet_fd: Insufficient options for proto=fd [ 340.978155][T10386] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2170'. [ 341.092667][T10393] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2170'. [ 341.128864][T10361] batadv0 speed is unknown, defaulting to 1000 [ 341.209321][ T26] kauditd_printk_skb: 32 callbacks suppressed [ 341.209337][ T26] audit: type=1326 audit(341.232:2048): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10396 comm="syz.2.2173" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8356585d29 code=0x7ffc0000 [ 341.247553][ T26] audit: type=1326 audit(341.232:2049): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10396 comm="syz.2.2173" exe="/root/syz-executor" sig=0 arch=c000003e syscall=138 compat=0 ip=0x7f8356585d29 code=0x7ffc0000 [ 341.280457][ T26] audit: type=1326 audit(341.232:2050): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10396 comm="syz.2.2173" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8356585d29 code=0x7ffc0000 [ 341.389023][T10404] loop1: detected capacity change from 0 to 1024 [ 341.398094][T10404] EXT4-fs: inline encryption not supported [ 341.417035][T10404] EXT4-fs: Ignoring removed i_version option [ 341.423179][T10404] EXT4-fs: Ignoring removed nomblk_io_submit option [ 341.443766][T10404] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 341.494025][T10404] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 341.505144][ T26] audit: type=1326 audit(341.532:2051): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10411 comm="syz.2.2178" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8356585d29 code=0x7ffc0000 [ 341.527815][ T26] audit: type=1326 audit(341.532:2052): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10411 comm="syz.2.2178" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8356585d29 code=0x7ffc0000 [ 341.550132][ T26] audit: type=1326 audit(341.532:2053): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10411 comm="syz.2.2178" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8356585d29 code=0x7ffc0000 [ 341.578448][ T26] audit: type=1326 audit(341.532:2054): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10411 comm="syz.2.2178" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8356585d29 code=0x7ffc0000 [ 341.601179][ T26] audit: type=1326 audit(341.532:2055): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10411 comm="syz.2.2178" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8356585d29 code=0x7ffc0000 [ 341.624102][ T26] audit: type=1326 audit(341.532:2056): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10411 comm="syz.2.2178" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8356585d29 code=0x7ffc0000 [ 341.651616][ T26] audit: type=1326 audit(341.532:2057): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10411 comm="syz.2.2178" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8356585d29 code=0x7ffc0000 [ 341.692642][ T4258] EXT4-fs (loop1): unmounting filesystem. [ 341.789954][T10425] loop3: detected capacity change from 0 to 1024 [ 341.819010][T10425] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 341.915028][T10425] EXT4-fs error (device loop3): ext4_expand_extra_isize_ea:2739: inode #12: comm syz.3.2185: corrupted in-inode xattr [ 341.979372][T10435] lo speed is unknown, defaulting to 1000 [ 342.032336][ T4261] EXT4-fs (loop3): unmounting filesystem. [ 342.095017][T10442] Process accounting resumed [ 342.252730][T10447] syz.0.2192[10447] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 342.252857][T10447] syz.0.2192[10447] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 342.340350][T10449] loop3: detected capacity change from 0 to 1024 [ 342.392010][T10449] EXT4-fs: inline encryption not supported [ 342.398914][T10449] EXT4-fs: Ignoring removed i_version option [ 342.410752][T10449] EXT4-fs: Ignoring removed nomblk_io_submit option [ 342.420229][T10449] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 342.448087][T10435] batadv0 speed is unknown, defaulting to 1000 [ 342.462802][T10449] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 342.568710][ T4261] EXT4-fs (loop3): unmounting filesystem. [ 342.727056][T10468] loop3: detected capacity change from 0 to 128 [ 343.026015][T10480] loop1: detected capacity change from 0 to 2048 [ 343.104375][T10480] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 343.136448][T10493] loop5: detected capacity change from 0 to 2048 [ 343.139256][T10494] loop0: detected capacity change from 0 to 764 [ 343.144148][T10493] EXT4-fs: Ignoring removed mblk_io_submit option [ 343.191664][T10493] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback. [ 343.206325][ T4258] EXT4-fs (loop1): unmounting filesystem. [ 343.385373][T10507] device syzkaller1 entered promiscuous mode [ 343.424879][ T9337] EXT4-fs (loop5): unmounting filesystem. [ 343.465609][T10509] syz.0.2215[10509] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 343.465705][T10509] syz.0.2215[10509] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 343.563789][T10515] loop5: detected capacity change from 0 to 512 [ 343.613141][T10515] UDF-fs: warning (device loop5): udf_load_vrs: No VRS found [ 343.620866][T10515] UDF-fs: Scanning with blocksize 512 failed [ 343.630214][T10515] UDF-fs: warning (device loop5): udf_load_vrs: No VRS found [ 343.649578][T10515] UDF-fs: Scanning with blocksize 1024 failed [ 343.674261][T10515] UDF-fs: warning (device loop5): udf_load_vrs: No VRS found [ 343.697530][T10515] UDF-fs: Scanning with blocksize 2048 failed [ 343.721724][T10515] UDF-fs: error (device loop5): udf_read_tagged: read failed, block=256, location=256 [ 343.775625][T10515] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 344.104350][T10544] overlayfs: statfs failed on './file0' [ 344.443581][T10546] loop0: detected capacity change from 0 to 32768 [ 344.479688][T10546] XFS (loop0): Mounting V5 Filesystem [ 344.589880][T10546] XFS (loop0): Ending clean mount [ 344.693373][ T4252] XFS (loop0): Unmounting Filesystem [ 345.134225][T10551] loop5: detected capacity change from 0 to 65536 [ 345.192702][T10551] XFS (loop5): Mounting V5 Filesystem [ 345.205724][T10591] loop0: detected capacity change from 0 to 128 [ 345.234485][T10551] XFS (loop5): Ending clean mount [ 345.369228][ T9337] XFS (loop5): Unmounting Filesystem [ 345.375829][T10601] 9pnet: p9_errstr2errno: server reported unknown error [ 346.121932][T10616] fuse: Bad value for 'fd' [ 346.342176][T10630] 9pnet: p9_errstr2errno: server reported unknown error [ 346.374684][T10637] devpts: called with bogus options [ 346.417150][ T26] kauditd_printk_skb: 89 callbacks suppressed [ 346.417165][ T26] audit: type=1326 audit(346.442:2147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10633 comm="syz.1.2260" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6da9185d29 code=0x7ffc0000 [ 346.460513][T10637] loop5: detected capacity change from 0 to 2048 [ 346.481796][ T26] audit: type=1326 audit(346.442:2148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10633 comm="syz.1.2260" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6da9185d29 code=0x7ffc0000 [ 346.505635][ T26] audit: type=1326 audit(346.442:2149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10633 comm="syz.1.2260" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6da9185d29 code=0x7ffc0000 [ 346.528103][ T26] audit: type=1326 audit(346.442:2150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10633 comm="syz.1.2260" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f6da9185d29 code=0x7ffc0000 [ 346.556419][T10637] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 346.565678][ T26] audit: type=1326 audit(346.442:2151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10633 comm="syz.1.2260" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6da9185d29 code=0x7ffc0000 [ 346.572446][T10647] Process accounting resumed [ 346.588381][ T26] audit: type=1326 audit(346.442:2152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10633 comm="syz.1.2260" exe="/root/syz-executor" sig=0 arch=c000003e syscall=33 compat=0 ip=0x7f6da9185d29 code=0x7ffc0000 [ 346.614655][T10637] UDF-fs: error (device loop5): udf_read_inode: (ino 1376) failed !bh [ 346.628213][T10637] UDF-fs: error (device loop5): udf_fill_super: Error in udf_iget, block=64, partition=0 [ 346.643671][ T26] audit: type=1326 audit(346.442:2153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10633 comm="syz.1.2260" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6da9185d29 code=0x7ffc0000 [ 346.671468][ T26] audit: type=1326 audit(346.442:2154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10633 comm="syz.1.2260" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6da9185d29 code=0x7ffc0000 [ 346.840249][T10662] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2270'. [ 346.850833][T10662] netlink: 'syz.5.2270': attribute type 25 has an invalid length. [ 346.873967][T10662] netdevsim netdevsim5 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 346.883501][T10662] netdevsim netdevsim5 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 346.892292][T10662] netdevsim netdevsim5 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 346.901189][T10662] netdevsim netdevsim5 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 347.372726][T10681] loop3: detected capacity change from 0 to 2048 [ 347.432899][T10681] loop3: p2 < > p3 p4 < > [ 347.438481][T10681] loop3: p3 start 4278191616 is beyond EOD, truncated [ 347.610940][T10694] loop3: detected capacity change from 0 to 128 [ 348.368532][T10720] loop5: detected capacity change from 0 to 4096 [ 348.395652][T10720] ntfs: (device loop5): check_mft_mirror(): $MFT and $MFTMirr (record 1) do not match. Run ntfsfix or chkdsk. [ 348.423489][T10720] ntfs: (device loop5): load_system_files(): $MFTMirr does not match $MFT. Mounting read-only. Run ntfsfix and/or chkdsk. [ 348.459112][T10720] ntfs: volume version 3.1. [ 348.840583][T10737] lo speed is unknown, defaulting to 1000 [ 349.016604][T10746] Process accounting resumed [ 349.398731][T10737] batadv0 speed is unknown, defaulting to 1000 [ 349.537122][T10742] loop3: detected capacity change from 0 to 32768 [ 349.648494][T10742] XFS (loop3): Mounting V5 Filesystem [ 349.715110][T10742] XFS (loop3): Ending clean mount [ 349.806478][ T4261] XFS (loop3): Unmounting Filesystem [ 351.459312][ T26] kauditd_printk_skb: 133 callbacks suppressed [ 351.459327][ T26] audit: type=1326 audit(351.482:2274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10842 comm="syz.0.2343" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee7e785d29 code=0x7ffc0000 [ 351.536678][ T26] audit: type=1326 audit(351.492:2275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10847 comm="syz.0.2343" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fee7e7b85e5 code=0x7ffc0000 [ 351.559795][ T26] audit: type=1326 audit(351.522:2276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10842 comm="syz.0.2343" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee7e785d29 code=0x7ffc0000 [ 351.591244][ T26] audit: type=1326 audit(351.522:2277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10842 comm="syz.0.2343" exe="/root/syz-executor" sig=0 arch=c000003e syscall=233 compat=0 ip=0x7fee7e785d29 code=0x7ffc0000 [ 351.633071][ T26] audit: type=1326 audit(351.522:2278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10842 comm="syz.0.2343" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee7e785d29 code=0x7ffc0000 [ 351.699150][ T26] audit: type=1326 audit(351.522:2279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10842 comm="syz.0.2343" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee7e785d29 code=0x7ffc0000 [ 351.725693][T10855] loop0: detected capacity change from 0 to 512 [ 351.734361][T10855] EXT4-fs: Ignoring removed mblk_io_submit option [ 351.741256][ T26] audit: type=1326 audit(351.652:2280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10847 comm="syz.0.2343" exe="/root/syz-executor" sig=0 arch=c000003e syscall=60 compat=0 ip=0x7fee7e785d29 code=0x7ffc0000 [ 351.781942][T10855] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended [ 351.845291][T10855] Quota error (device loop0): do_check_range: Getting dqdh_next_free 15 out of range 0-5 [ 351.887605][T10855] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota [ 351.906551][T10855] EXT4-fs error (device loop0): ext4_acquire_dquot:6794: comm syz.0.2349: Failed to acquire dquot type 1 [ 351.928163][T10855] EXT4-fs (loop0): Remounting filesystem read-only [ 351.946272][T10855] EXT4-fs error (device loop0): mb_free_blocks:1815: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt. [ 351.972929][T10855] EXT4-fs (loop0): Remounting filesystem read-only [ 351.986627][T10855] EXT4-fs error (device loop0): ext4_do_update_inode:5224: inode #12: comm syz.0.2349: corrupted inode contents [ 352.033744][T10855] EXT4-fs (loop0): Remounting filesystem read-only [ 352.052998][T10855] EXT4-fs error (device loop0): ext4_dirty_inode:6089: inode #12: comm syz.0.2349: mark_inode_dirty error [ 352.080523][T10855] EXT4-fs (loop0): Remounting filesystem read-only [ 352.087655][T10855] EXT4-fs error (device loop0): ext4_do_update_inode:5224: inode #12: comm syz.0.2349: corrupted inode contents [ 352.108153][T10872] loop1: detected capacity change from 0 to 512 [ 352.119007][T10855] EXT4-fs (loop0): Remounting filesystem read-only [ 352.135147][T10855] EXT4-fs error (device loop0): __ext4_ext_dirty:202: inode #12: comm syz.0.2349: mark_inode_dirty error [ 352.147526][T10855] EXT4-fs (loop0): Remounting filesystem read-only [ 352.156617][T10855] EXT4-fs error (device loop0): ext4_do_update_inode:5224: inode #12: comm syz.0.2349: corrupted inode contents [ 352.173088][T10872] Quota error (device loop1): find_tree_dqentry: Cycle in quota tree detected: block 1 index 0 [ 352.190537][T10872] EXT4-fs error (device loop1): ext4_acquire_dquot:6794: comm syz.1.2354: Failed to acquire dquot type 0 [ 352.202882][T10855] EXT4-fs (loop0): Remounting filesystem read-only [ 352.209483][T10855] EXT4-fs error (device loop0) in ext4_orphan_del:305: Corrupt filesystem [ 352.212578][T10872] EXT4-fs (loop1): Remounting filesystem read-only [ 352.230572][T10872] EXT4-fs error (device loop1): ext4_acquire_dquot:6794: comm syz.1.2354: Failed to acquire dquot type 0 [ 352.232764][T10855] EXT4-fs (loop0): Remounting filesystem read-only [ 352.248559][T10855] EXT4-fs error (device loop0): ext4_do_update_inode:5224: inode #12: comm syz.0.2349: corrupted inode contents [ 352.249285][T10872] EXT4-fs (loop1): Remounting filesystem read-only [ 352.274617][T10872] EXT4-fs error (device loop1): ext4_acquire_dquot:6794: comm syz.1.2354: Failed to acquire dquot type 0 [ 352.286114][T10855] EXT4-fs (loop0): Remounting filesystem read-only [ 352.286133][T10855] EXT4-fs error (device loop0): ext4_truncate:4311: inode #12: comm syz.0.2349: mark_inode_dirty error [ 352.293145][T10855] EXT4-fs (loop0): Remounting filesystem read-only [ 352.316711][T10855] EXT4-fs error (device loop0) in ext4_process_orphan:347: Corrupt filesystem [ 352.327922][T10872] EXT4-fs (loop1): Remounting filesystem read-only [ 352.337472][T10872] EXT4-fs (loop1): 1 orphan inode deleted [ 352.344173][T10872] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 352.349838][T10855] EXT4-fs (loop0): Remounting filesystem read-only [ 352.374316][T10855] EXT4-fs (loop0): 1 truncate cleaned up [ 352.409082][T10855] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 352.548680][T10883] EXT4-fs error (device loop1): ext4_acquire_dquot:6794: comm syz.1.2354: Failed to acquire dquot type 0 [ 352.551222][ T4252] EXT4-fs (loop0): unmounting filesystem. [ 352.570237][T10883] EXT4-fs (loop1): Remounting filesystem read-only [ 352.794643][ T4258] EXT4-fs (loop1): unmounting filesystem. [ 352.909323][T10889] lo speed is unknown, defaulting to 1000 [ 352.919822][T10887] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2359'. [ 353.140258][T10910] device syzkaller1 entered promiscuous mode [ 353.167705][T10912] ------------[ cut here ]------------ [ 353.174106][T10912] WARNING: CPU: 0 PID: 10912 at mm/page_alloc.c:5581 __alloc_pages+0x3b7/0x770 [ 353.183585][T10912] Modules linked in: [ 353.187502][T10912] CPU: 0 PID: 10912 Comm: syz.3.2367 Not tainted 6.1.124-syzkaller #0 [ 353.195868][T10912] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 353.205975][T10912] RIP: 0010:__alloc_pages+0x3b7/0x770 [ 353.211409][T10912] Code: fc ff df 0f 85 fa 00 00 00 44 89 e9 81 e1 7f ff ff ff a9 00 00 04 00 41 0f 44 cd 41 89 cd e9 ea 00 00 00 c6 05 ac 6b b0 0c 01 <0f> 0b 41 83 fc 0a 0f 86 1e fd ff ff 45 31 e4 48 c7 44 24 20 0e 36 [ 353.231119][T10912] RSP: 0018:ffffc90004f4f9e0 EFLAGS: 00010246 [ 353.237214][T10912] RAX: 0000000000000000 RBX: dffffc0000000000 RCX: 0000000000000000 [ 353.245245][T10912] RDX: 0000000000000028 RSI: 0000000000000000 RDI: ffffc90004f4fa68 [ 353.253273][T10912] RBP: ffffc90004f4fb00 R08: dffffc0000000000 R09: ffffc90004f4fa40 [ 353.261309][T10912] R10: 0000000000000000 R11: dffffc0000000001 R12: 0000000000000033 [ 353.269304][T10912] R13: 0000000000040d40 R14: 1ffff920009e9f44 R15: 1ffff920009e9f40 [ 353.270798][T10915] overlayfs: failed to clone upperpath [ 353.277322][T10912] FS: 00007f22b88ee6c0(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000 [ 353.277380][T10912] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 353.277397][T10912] CR2: fffffffff7000000 CR3: 000000004355b000 CR4: 00000000003506f0 [ 353.277415][T10912] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 353.277427][T10912] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 353.277440][T10912] Call Trace: [ 353.277448][T10912] [ 353.277456][T10912] ? __warn+0x15a/0x520 [ 353.277480][T10912] ? __alloc_pages+0x3b7/0x770 [ 353.277505][T10912] ? report_bug+0x2af/0x500 [ 353.277524][T10912] ? __alloc_pages+0x3b7/0x770 [ 353.277549][T10912] ? handle_bug+0x3d/0x70 [ 353.277566][T10912] ? exc_invalid_op+0x16/0x40 [ 353.277583][T10912] ? asm_exc_invalid_op+0x16/0x20 [ 353.277616][T10912] ? __alloc_pages+0x3b7/0x770 [ 353.277638][T10912] ? zone_statistics+0x160/0x160 [ 353.371013][T10912] ? p9_fid_get+0xa0/0xa0 [ 353.375410][T10912] ? lockdep_hardirqs_on_prepare+0x438/0x7a0 [ 353.381454][T10912] ? print_irqtrace_events+0x210/0x210 [ 353.386945][T10912] __kmalloc_large_node+0x91/0x1d0 [ 353.392127][T10912] ? __v9fs_get_acl+0x40/0x110 [ 353.396915][T10912] __kmalloc+0x118/0x230 [ 353.401223][T10912] __v9fs_get_acl+0x40/0x110 [ 353.405841][T10912] v9fs_get_acl+0x93/0x280 [ 353.410282][T10912] v9fs_mount+0x954/0xc30 [ 353.414674][T10912] ? xfs_fs_commit_blocks+0x7b0/0x7b0 [ 353.418210][T10889] batadv0 speed is unknown, defaulting to 1000 [ 353.420062][T10912] legacy_get_tree+0xeb/0x180 [ 353.420092][T10912] ? xfs_fs_commit_blocks+0x7b0/0x7b0 [ 353.420118][T10912] vfs_get_tree+0x88/0x270 [ 353.440787][T10912] do_new_mount+0x2ba/0xb40 [ 353.445347][T10912] ? ns_capable+0x85/0xe0 [ 353.449701][T10912] ? do_move_mount_old+0x160/0x160 [ 353.454884][T10912] __se_sys_mount+0x2d5/0x3c0 [ 353.459586][T10912] ? __x64_sys_mount+0xc0/0xc0 [ 353.464408][T10912] ? syscall_enter_from_user_mode+0x2e/0x230 [ 353.470408][T10912] ? lockdep_hardirqs_on+0x94/0x130 [ 353.475663][T10912] ? __x64_sys_mount+0x1c/0xc0 [ 353.480449][T10912] do_syscall_64+0x3b/0xb0 [ 353.484922][T10912] ? clear_bhb_loop+0x45/0xa0 [ 353.489612][T10912] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 353.495561][T10912] RIP: 0033:0x7f22b7b85d29 [ 353.499999][T10912] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 353.519672][T10912] RSP: 002b:00007f22b88ee038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 353.528138][T10912] RAX: ffffffffffffffda RBX: 00007f22b7d75fa0 RCX: 00007f22b7b85d29 [ 353.536156][T10912] RDX: 0000000020000b80 RSI: 00000000200003c0 RDI: 0000000000000000 [ 353.544173][T10912] RBP: 00007f22b7c01b08 R08: 0000000020000500 R09: 0000000000000000 [ 353.552184][T10912] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 353.560165][T10912] R13: 0000000000000000 R14: 00007f22b7d75fa0 R15: 00007ffedbf634d8 [ 353.568200][T10912] [ 353.571260][T10912] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 353.578545][T10912] CPU: 0 PID: 10912 Comm: syz.3.2367 Not tainted 6.1.124-syzkaller #0 [ 353.586689][T10912] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 353.596757][T10912] Call Trace: [ 353.600045][T10912] [ 353.602986][T10912] dump_stack_lvl+0x1e3/0x2cb [ 353.607691][T10912] ? nf_tcp_handle_invalid+0x642/0x642 [ 353.613174][T10912] ? panic+0x764/0x764 [ 353.617252][T10912] ? vscnprintf+0x59/0x80 [ 353.621571][T10912] panic+0x318/0x764 [ 353.625450][T10912] ? __warn+0x169/0x520 [ 353.629595][T10912] ? memcpy_page_flushcache+0xfc/0xfc [ 353.634979][T10912] __warn+0x348/0x520 [ 353.638968][T10912] ? __alloc_pages+0x3b7/0x770 [ 353.643726][T10912] report_bug+0x2af/0x500 [ 353.648049][T10912] ? __alloc_pages+0x3b7/0x770 [ 353.652820][T10912] handle_bug+0x3d/0x70 [ 353.656962][T10912] exc_invalid_op+0x16/0x40 [ 353.661450][T10912] asm_exc_invalid_op+0x16/0x20 [ 353.666287][T10912] RIP: 0010:__alloc_pages+0x3b7/0x770 [ 353.671644][T10912] Code: fc ff df 0f 85 fa 00 00 00 44 89 e9 81 e1 7f ff ff ff a9 00 00 04 00 41 0f 44 cd 41 89 cd e9 ea 00 00 00 c6 05 ac 6b b0 0c 01 <0f> 0b 41 83 fc 0a 0f 86 1e fd ff ff 45 31 e4 48 c7 44 24 20 0e 36 [ 353.691242][T10912] RSP: 0018:ffffc90004f4f9e0 EFLAGS: 00010246 [ 353.697326][T10912] RAX: 0000000000000000 RBX: dffffc0000000000 RCX: 0000000000000000 [ 353.705297][T10912] RDX: 0000000000000028 RSI: 0000000000000000 RDI: ffffc90004f4fa68 [ 353.713253][T10912] RBP: ffffc90004f4fb00 R08: dffffc0000000000 R09: ffffc90004f4fa40 [ 353.721209][T10912] R10: 0000000000000000 R11: dffffc0000000001 R12: 0000000000000033 [ 353.729169][T10912] R13: 0000000000040d40 R14: 1ffff920009e9f44 R15: 1ffff920009e9f40 [ 353.737134][T10912] ? zone_statistics+0x160/0x160 [ 353.742064][T10912] ? p9_fid_get+0xa0/0xa0 [ 353.746378][T10912] ? lockdep_hardirqs_on_prepare+0x438/0x7a0 [ 353.752355][T10912] ? print_irqtrace_events+0x210/0x210 [ 353.757822][T10912] __kmalloc_large_node+0x91/0x1d0 [ 353.762921][T10912] ? __v9fs_get_acl+0x40/0x110 [ 353.767671][T10912] __kmalloc+0x118/0x230 [ 353.771901][T10912] __v9fs_get_acl+0x40/0x110 [ 353.776481][T10912] v9fs_get_acl+0x93/0x280 [ 353.780889][T10912] v9fs_mount+0x954/0xc30 [ 353.785218][T10912] ? xfs_fs_commit_blocks+0x7b0/0x7b0 [ 353.790601][T10912] legacy_get_tree+0xeb/0x180 [ 353.795267][T10912] ? xfs_fs_commit_blocks+0x7b0/0x7b0 [ 353.800627][T10912] vfs_get_tree+0x88/0x270 [ 353.805035][T10912] do_new_mount+0x2ba/0xb40 [ 353.809524][T10912] ? ns_capable+0x85/0xe0 [ 353.813840][T10912] ? do_move_mount_old+0x160/0x160 [ 353.818941][T10912] __se_sys_mount+0x2d5/0x3c0 [ 353.823610][T10912] ? __x64_sys_mount+0xc0/0xc0 [ 353.828387][T10912] ? syscall_enter_from_user_mode+0x2e/0x230 [ 353.834352][T10912] ? lockdep_hardirqs_on+0x94/0x130 [ 353.839538][T10912] ? __x64_sys_mount+0x1c/0xc0 [ 353.844293][T10912] do_syscall_64+0x3b/0xb0 [ 353.848694][T10912] ? clear_bhb_loop+0x45/0xa0 [ 353.853353][T10912] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 353.859231][T10912] RIP: 0033:0x7f22b7b85d29 [ 353.863644][T10912] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 353.883241][T10912] RSP: 002b:00007f22b88ee038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 353.891682][T10912] RAX: ffffffffffffffda RBX: 00007f22b7d75fa0 RCX: 00007f22b7b85d29 [ 353.899637][T10912] RDX: 0000000020000b80 RSI: 00000000200003c0 RDI: 0000000000000000 [ 353.907595][T10912] RBP: 00007f22b7c01b08 R08: 0000000020000500 R09: 0000000000000000 [ 353.915554][T10912] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 353.923520][T10912] R13: 0000000000000000 R14: 00007f22b7d75fa0 R15: 00007ffedbf634d8 [ 353.931501][T10912] [ 353.934804][T10912] Kernel Offset: disabled [ 353.939187][T10912] Rebooting in 86400 seconds..