last executing test programs: 47.009659852s ago: executing program 4 (id=1281): mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x6) syz_mount_image$vfat(&(0x7f0000000240), &(0x7f0000000280)='./file0\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="636865636b3d7374726963742c757466383d312c757466383d302c757466383d312c6e66732c6572726f72733d72656d6f756e742d726f2c73686f72746e616d653d77696e6e742c00043518f9aad8a4f2c1cdb3e993cf0444d9d2d40bb509d4da042c2c85e3650de97db42c38cafa7a9d7503c3c985486cf7fc80515e9bef7e9e56fb346de370b3eb3ecbc59d343c36bf04efc3d68033308b0014b0c677ae5ef2932cc05f566112668fa4f6844dcf823618a2993da771384e8fc12467a56b33e3b00030dbfd82ea2f8ddbeb1d04bac86815ebe0b9d084d63c810deed3cb637e9a737a0edf56b15e74589892dce86962f611a4313120b738dddfd38d20b443570197dc795020ecf541601ef9a5618869febf769dd50261849a47e170ba166b97e76a0261d0dc1fb3e2646595f1c8b490", @ANYRES8, @ANYRESOCT, @ANYRES16=0x0], 0x3, 0x248, &(0x7f0000000880)="$eJzs2k9rXFUYB+D3pqmpielE/EcL4kEX6ubSZO2iQVoQA4o2QhWkt+ZGh1xnwtwhMCJ2Vrr1I7gWl+4E6dJNNn4CF+6yybIL8cp0Uu2UiVKiTrXPs5kXzv3NOYc5czhczsErX368s13n20U/5rIs5i7GMG5lsRJzcccwXn7x6g/Pvn313dfXNzYuvZXS5fUrq2sppbPPff/ep988f7O/9M63Z79biP2V9w8O137ef3r/3MGvVz5q16ldp063n4p0vdvtF9erMm216508pTersqjL1O7UZW+ifbvq7u4OUtHZWl7c7ZV1nYrOIO2Ug9Tvpn5vkIoPi3Yn5XmelheDk9j8+lbTxGFz+lo0TfPoV7F0M5Z/ilZkj6fsiYvZU9eyZ4bZucOmac16qPwj/P4Pt7s29TMR1Rd7m3ub489x+/p2tKOKMi5EK36J0TI5Mq4vv7Zx6UK6bSU+r24c5W/sbZ6azK9GK1am51fH+TSZX4jFiNMRR/m1aMWT0/NrU/Nn4qUX7uo/j1b8+EF0o4qtGGX/yH+2mtKrb2zckz9/+zkAgP+bPP1u6vktz49rH+fv43x4z/lqPs7Pz3buRNSDT3aKqip7MynuvGM69pnHTt7X6PtnMcH5P5uX4mTFQtxXKosYjtbBAzH4Rx6Iv95fFUsz25L4F03ukwAAAAAAAAAAAPxX/O2XB09Nv4ELAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwnN8CAAD//1uOxe4=") r0 = creat(&(0x7f0000000240)='./file1\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6000) io_setup(0x200, &(0x7f0000000140)=0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000540)={0x0, &(0x7f00000000c0)=""/220, 0x0, 0xdc}, 0x20) io_submit(r1, 0x1, &(0x7f0000000540)=[0x0]) 45.632743772s ago: executing program 4 (id=1284): r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x10) sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff94, 0xe8, 0x0, 0x0) clock_gettime(0x0, &(0x7f0000004400)) recvmmsg(r0, &(0x7f0000004200)=[{{0x0, 0x0, &(0x7f0000000440), 0x0, &(0x7f0000000480)=""/7, 0x7}, 0x7}, {{0x0, 0x0, &(0x7f0000000a80)=[{&(0x7f0000000580)=""/119, 0x77}, {0x0}, {&(0x7f00000007c0)=""/119, 0x77}, {&(0x7f0000000840)=""/23, 0x17}, {&(0x7f0000000880)=""/121, 0x79}, {0x0}], 0x6}, 0x5}], 0x2, 0x102, 0x0) 44.482961125s ago: executing program 4 (id=1291): r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000a40)={r0, 0x27, 0xe80, 0x0, &(0x7f0000000900)="80f8ad48cc0500000000000c86dd", 0x0, 0x4000, 0xf2ffffff, 0x0, 0x0, 0x0, 0x0}, 0x50) 43.873850007s ago: executing program 4 (id=1292): mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x100) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0) chroot(&(0x7f0000000100)='./file0\x00') mount(0x0, &(0x7f0000000d40)='./file0\x00', &(0x7f0000000040)='sysfs\x00', 0x40, 0x0) mount$bind(&(0x7f0000000040)='.\x00', &(0x7f00000003c0)='./file0\x00', 0x0, 0x2a05004, 0x0) pivot_root(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)='./file0/../file0\x00') 43.489563161s ago: executing program 4 (id=1294): mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x6) syz_mount_image$vfat(&(0x7f0000000240), &(0x7f0000000280)='./file0\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="636865636b3d7374726963742c757466383d312c757466383d302c757466383d312c6e66732c6572726f72733d72656d6f756e742d726f2c73686f72746e616d653d77696e6e742c00043518f9aad8a4f2c1cdb3e993cf0444d9d2d40bb509d4da042c2c85e3650de97db42c38cafa7a9d7503c3c985486cf7fc80515e9bef7e9e56fb346de370b3eb3ecbc59d343c36bf04efc3d68033308b0014b0c677ae5ef2932cc05f566112668fa4f6844dcf823618a2993da771384e8fc12467a56b33e3b00030dbfd82ea2f8ddbeb1d04bac86815ebe0b9d084d63c810deed3cb637e9a737a0edf56b15e74589892dce86962f611a4313120b738dddfd38d20b443570197dc795020ecf541601ef9a5618869febf769dd50261849a47e170ba166b97e76a0261d0dc1fb3e2646595f1c8b490", @ANYRES8, @ANYRESOCT, @ANYRES16=0x0], 0x3, 0x248, &(0x7f0000000880)="$eJzs2k9rXFUYB+D3pqmpielE/EcL4kEX6ubSZO2iQVoQA4o2QhWkt+ZGh1xnwtwhMCJ2Vrr1I7gWl+4E6dJNNn4CF+6yybIL8cp0Uu2UiVKiTrXPs5kXzv3NOYc5czhczsErX368s13n20U/5rIs5i7GMG5lsRJzcccwXn7x6g/Pvn313dfXNzYuvZXS5fUrq2sppbPPff/ep988f7O/9M63Z79biP2V9w8O137ef3r/3MGvVz5q16ldp063n4p0vdvtF9erMm216508pTersqjL1O7UZW+ifbvq7u4OUtHZWl7c7ZV1nYrOIO2Ug9Tvpn5vkIoPi3Yn5XmelheDk9j8+lbTxGFz+lo0TfPoV7F0M5Z/ilZkj6fsiYvZU9eyZ4bZucOmac16qPwj/P4Pt7s29TMR1Rd7m3ub489x+/p2tKOKMi5EK36J0TI5Mq4vv7Zx6UK6bSU+r24c5W/sbZ6azK9GK1am51fH+TSZX4jFiNMRR/m1aMWT0/NrU/Nn4qUX7uo/j1b8+EF0o4qtGGX/yH+2mtKrb2zckz9/+zkAgP+bPP1u6vktz49rH+fv43x4z/lqPs7Pz3buRNSDT3aKqip7MynuvGM69pnHTt7X6PtnMcH5P5uX4mTFQtxXKosYjtbBAzH4Rx6Iv95fFUsz25L4F03ukwAAAAAAAAAAAPxX/O2XB09Nv4ELAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwnN8CAAD//1uOxe4=") r0 = creat(&(0x7f0000000240)='./file1\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6000) io_setup(0x200, &(0x7f0000000140)=0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000540)={0x0, &(0x7f00000000c0)=""/220, 0x0, 0xdc}, 0x20) io_submit(r1, 0x1, &(0x7f0000000540)=[0x0]) 43.126652633s ago: executing program 4 (id=1297): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0xc0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) r1 = socket(0x10, 0x3, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x5, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1ff}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0x1fffffffffffffcd, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000072"], 0x0, 0x2010000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) syz_genetlink_get_family_id$nl80211(&(0x7f0000000300), r1) mbind(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2) ioctl$LOOP_GET_STATUS(0xffffffffffffffff, 0x4c03, &(0x7f00000005c0)) getgroups(0x4, &(0x7f0000000540)=[0xee01, 0x0, 0x0, 0x0]) rseq(&(0x7f0000000400)={0x0, 0x0, 0x0, 0x4}, 0x20, 0x0, 0x0) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000440)='oom_adj\x00') prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0) read$FUSE(r2, 0x0, 0x0) quotactl$Q_SYNC(0xffffffff80000102, 0x0, 0x0, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFQNL_MSG_CONFIG(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x0) r5 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000240)="1400000016000b63d25a80648c25940121", 0x11}, {&(0x7f0000000280)="e26248", 0x3}], 0x2}, 0x48050) sendmsg$nl_route_sched(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=@newqdisc={0x54, 0x10, 0x1, 0xfffffffc, 0x0, {0x0, 0x0, 0x0, 0x0, {0xffe0}, {0xf}, {0xe}}, [@TCA_RATE={0x6, 0x5, {0x9, 0x1}}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1a, {0x0, 0xf, 0x491, 0x3, 0x0, 0x0, 0x8, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x80}, 0x4000c00) 42.714517861s ago: executing program 32 (id=1297): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0xc0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) r1 = socket(0x10, 0x3, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x5, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1ff}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0x1fffffffffffffcd, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000072"], 0x0, 0x2010000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) syz_genetlink_get_family_id$nl80211(&(0x7f0000000300), r1) mbind(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2) ioctl$LOOP_GET_STATUS(0xffffffffffffffff, 0x4c03, &(0x7f00000005c0)) getgroups(0x4, &(0x7f0000000540)=[0xee01, 0x0, 0x0, 0x0]) rseq(&(0x7f0000000400)={0x0, 0x0, 0x0, 0x4}, 0x20, 0x0, 0x0) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000440)='oom_adj\x00') prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0) read$FUSE(r2, 0x0, 0x0) quotactl$Q_SYNC(0xffffffff80000102, 0x0, 0x0, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFQNL_MSG_CONFIG(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x0) r5 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000240)="1400000016000b63d25a80648c25940121", 0x11}, {&(0x7f0000000280)="e26248", 0x3}], 0x2}, 0x48050) sendmsg$nl_route_sched(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=@newqdisc={0x54, 0x10, 0x1, 0xfffffffc, 0x0, {0x0, 0x0, 0x0, 0x0, {0xffe0}, {0xf}, {0xe}}, [@TCA_RATE={0x6, 0x5, {0x9, 0x1}}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1a, {0x0, 0xf, 0x491, 0x3, 0x0, 0x0, 0x8, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x80}, 0x4000c00) 7.74689359s ago: executing program 0 (id=1410): syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000044, &(0x7f00000003c0), 0x1, 0x55e, &(0x7f0000001bc0)="$eJzs3d9rW+UbAPDnpM1+f7/rYAwVkcIunMyla+uPCV7MS9HhQO9naM/KaLqMJh1rHbhduBtvZAgiDsR7vfdKhv+Af8VAB0NG0QtvKic9abs1adIuWzrz+cDZ3jfnJO95cs7z9n1zTkgAA2s0+6cQ8WJEfJVEHI6IJF83HPnK0dXtlh9en8qWJFZWPv4zaWyX1Zuv1XzewbzyQkT8+kXEycLmdmuLS7PlSiWdz+tj9bkrY7XFpVOX5soz6Ux6eWJy8sybkxPvvP1Wz2J97fzf33509/0zXx5f/uan+0duJ3E2DuXrNsbxBG5srIzGaP6eFOPsYxuOr/7XizZ3haTfO8CODOV5XoysDzgcQ3nWA/99n0fECjCgEvkPA6o5DmjO7Xs0D35uPHhvdQK0Of7h1c9GYl9jbnRgOXlkZpTNd0d60H7Wxs9/3LmdLdG7zyEAOrpxMyJODw9v7v+SvP/budNdbPN4G/o/eHbuZuOf11uNfwpr459oMf452CJ3d6Jz/hfu96CZtrLx37stx79rF61GhvLa/xpjvmJy8VIlzfq2/0fEiSjuzerjW7RxZvneSrt1G8d/2ZK13xwL5vtxf3jvo8+ZLtfLTxLzRg9uRrzUcvybrB3/pMXxz96P8122cSy980q7dZ3jf7pWfoh4teXxX7+ilWx9fXKscT6MNc+Kzf66dey3du33O/7s+B/YOv6RZOP12tr22/h+3z9pu3WPxB/dn/97kk8a5T35Y9fK9fr8eMSe5MPNj0+sP7dZb26fxX/i+Nb93/r5/8va6+yPiE+7jP/W0R9f3tdN/H06/tPbOv7bL9z74LPv2rXfXf/3RqN0In+km/6vw34VY8dnMwAAAAAAAOxehYg4FEmhtFYuFEql1fs7jsaBQqVaq5+8WF24PB2N78qORLHQvNJ9eMP9EOP5/bDN+sRj9cmIOBIRXw/tb9RLU9XKdL+DBwAAAAAAAAAAAAAAAAAAgF3iYJvv/2d+H+r33gFPnZ/8hsHVMf978UtPwK7k7z8MLvkPg0v+w+CS/zC45D8MLvkPg0v+w+CS/wAAAAAAAAAAAAAAAAAAAAAAAAAAANBT58+dy5aV5YfXp7L69NXFhdnq1VPTaW22NLcwVZqqzl8pzVSrM5W0NFWd6/R6lWr1yvhELFwbq6e1+lhtcenCXHXhcv3CpbnyTHohLT6TqAAAAAAAAAAAAAAAAAAAAOD5Ultcmi1XKum8gsKOCsO7YzcUelzod88EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOv+DQAA//8Kozfs") r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x40000, 0x40) mremap(&(0x7f0000000000/0x9000)=nil, 0x600600, 0x200000, 0x3, &(0x7f0000a00000/0x600000)=nil) getdents64(r0, &(0x7f00000002c0)=""/33, 0x21) 7.064232199s ago: executing program 0 (id=1415): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000610000001801000020646c2500000000002020207b1af8ff00"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000a40)={r0, 0x27, 0xe80, 0x0, &(0x7f0000000900)="80f8ad48cc0500000000000c86dd", 0x0, 0x4000, 0xf2ffffff, 0x0, 0x0, 0x0, 0x0}, 0x50) 7.063915159s ago: executing program 1 (id=1416): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_TEST(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000400)=ANY=[], 0x54}, 0x1, 0x0, 0x0, 0x4000}, 0x4800) 6.800408529s ago: executing program 1 (id=1418): r0 = syz_mount_image$vfat(&(0x7f0000000440), &(0x7f0000000380)='./file1\x00', 0x844, &(0x7f0000000bc0)=ANY=[], 0x1, 0x267, &(0x7f0000000740)="$eJzs3b9rVFkUAOAzmcmvbSYsCwvLLjuwLGw1JIHtsyy7bNigYhgkIsGJmUjIhICBgBZJrAQrG0vLdBFBCzv9HwQbG7ERS9NZSJ4kL0xmzEQTMfMk833NPbx7znv33vDeyxRz5/LPiwuzS8tzW1uvY2AgF4Wxq9tJkouh6Il8pNYDADhN3iVJvE1SWY8FAOgM738A6D6Hvf//60nb3rQ5l8XYAICT8eWf/+9OPXlZrY39eYTUpL8Rvpg+/hgBgK9rcuri/9tPfx8cj0d3IhZvrVRWKmmb9v81F/NRj1oMRzHeRyQNafzv+MQ/w6UdgxGVxbW9+rWVSr61fiSKMRRx4czB+pFSqrW+N75rrh+NYvzQ/vqjbev74o/fmurLUYxnV2Ip6jG78y9JU/3qSKn099mJj+r7d/NiI5/p3wcAAAAAAAAAAAAAAAAAAAAAgNOpXGoYard/T7l8WH9af/T9gfb357m9W1+InwpxM9vZAwAAAAAAAAAAAAAAAAAAwLdh+fqNhWq9XrvWCGbOz3/feuRzQa5NV37v/Mc5T9cEOwtzgpf4NSJOehYPN2vPN6YvTWa/mB0M2q/qg8wHNvOJnJ6I2A1+vDdWfbz66s3BnFhvupcL6X1bradtX/PDotThhxMAAAAAAAAAAAAAAAAAAHSZ/a8BH5aRdHZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJCB/d//P3bQ1ziyOZierNH1y0Bzctp5v+W6ufUMJgsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQNf6EAAA//9rIKjm") memfd_create(&(0x7f0000000240)='\x9d#\x00\xe6Z\x00\xafq%\xa5\x83\xa6\xb5\x00\x83y\xf3\xb2\xe6b\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x17?&^\xe1Ob\xe1Y\xd6\xe2\x9f\xd9\xae\xcf>/\x05V%$6\x9fU\x86\xbe\xcbx\x00\x00\x00\x15\x00\x00\x00\xa1\xa2\xe0g\x98\xbf*\xa2c\x12.\xb7\xbe`\'\xcb\xb6\xaf\xdc\xa0D\x93.\xf25\x957\xec\xfb\xe6|\\\xe4h\xfc\x14\x06\xb5\xaa\xe6\x05\xe4\xc3\x90\x91\x98\x15\xec\xdb\xaa\t9\x11\xb4\x84$&0\xdd\x19\x86\x90\xbe\xd7\xdc\n\xcbC\x15\xfcp\x11\xdai\f{a?\xd0\xe1{\x84\xb5\x82q\x19\xacS\x88|\x99\xfd\x9eS\x80\xcb\x14G\xfa\xff\xff\xff\xff\xff\xff\xff\xcd\xf0%\x97!\xba\xe3J\xc2t\x96\xf8\xb1\xd2\x168\xbf`$\xbf\xca\xea\xa3\x83\x8e-k\x12\xdf\xb9q\xb6Pr\xd4\xb5X\\\xdbD\n\x03G\x00\x04\x00\x00\xbc\xac\x18\xba\xce\xb3%QF\x03\b\x9dh\xcb)\xf4f\x12[\xf9\r\t\xef{h\xb0\xc0:\x8f|\x8f\x06\xf8\x83\x87+nM\x11\x1c\xb0*8\v\x1e\xcf\x03\xd3\xe8,?\x87\x84\\/y\xed\x01#?\xab\x1c\x11\x00\xc5\x8d\x82\x9c\xd6B[\xc9\x00\xf5]\x81\xf3\xfd\x06M\xbe\xf9\xba\x9em\xe9\"\x03\x933P\xa3\xcc\x9b\f\xa7\x8f\x91O\xc9\xb9\x10M\x8b\xd0\xc0\xb8L\xbd\x1c4\xb59\x988\tgC\xbc\xe0\xc5\xf4\xe0E%\xd9\xd8w\x00k\x042Y\xdc\xc5\xe59\xa95\xd1m\xd8hCuZYi\x10D\xb9\xe6\xff\x04K%yH\xe5W\xfb\x82\xac\x19,\\D\x91T\xfd\x9c\xb8\x8b\x88\xa5\xcc\x8fI\x00\xf0\xc9%\n\xa7\xd6\x0f:\xb0\xf5?\xc3\x88\x1e\xbb-\xa6\xecA\x92\xaf\xa4Xl\v\xa5\xca\v|\xe2L\xac\x80\xc7\x15\x96fh\x83\x15\xc7\xea\xd5\xe8\x89W\x11\xd7oC\xe4\x06\xa8[O\xe6\x1d=\x87\x93\x0f\x87I\xdf\xb1\xeb\x89\x11.\x01\x00\r`\x1e8\x94\v)\x06B\xf0\xed\x91 )y\xb4\xba\xba\xb7\xbc\xc3\xad\xf1\x92/(A=A\x8b\xa5\xb0\x89\x9e5\x12\xa4\x9a\va\xdf\xf4\xea\xc6\xc7\x10g\x1d\xd5\xb0\xbb\xd2\xfc]fC\x8d\x0f\xa6q\x0f\xef\x90\xfe\x94k\xf1\xb8\xfa\xbbb\xb1\x03\x99\xf7\xfd\'\xae\x906\xe0\xaa\xdbtWWH\xa4L\xb5pe,\xdfN\x0f8\t\xe7X_H\xd4\xe3\xb2,oj\xac\xd7\xbd\xd4\xadW\x1f<\xd0s\xa8\x1f(\x00/ \xe4]@\xf7mA\xe8\xd1\xf4:\xb3\xeb\x81\xb9\x018\x1c\x95%o\x05x\x1a\x90\xf4\x03\xe7\xe9\xa9', 0x6) r1 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40e00, 0x5a, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000012c0)={r2, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x40) mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x20, 0x10012, r1, 0x0) timer_create(0x0, 0x0, &(0x7f0000000300)=0x0) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) timer_settime(r3, 0x1, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r4 = mq_open(0x0, 0x8c2, 0x30, &(0x7f0000000080)={0x6, 0x4, 0x4, 0x9}) mq_timedreceive(r4, 0x0, 0x0, 0x200000000a9b, 0x0) gettid() socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000006b00)) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000340)={{0x1, 0x1, 0x18, r0}, './file1\x00'}) getdents(0xffffffffffffffff, &(0x7f0000001fc0)=""/184, 0xb8) syz_mount_image$msdos(&(0x7f00000000c0), &(0x7f0000000040)='./file0\x00', 0x10000, &(0x7f0000000080)={[{@fat=@dos1xfloppy}, {@nodots}]}, 0x1, 0x21f, &(0x7f0000000100)="$eJzs3DtrW2cYB/BXvqmWsdFUaJe+uEu7iNZzh5biQqmgpa5KL1A4xnIrpEpGR4NUOmjOlM+QMYRkyRYw+QL+FMlmAsZLPOUEW4ovceLcFCnEv9+i5+iv5/A+6HAQr+DsfnX13/pmWtpMOmEqnwtTX4f+wyzLimEqPNEPn9/6bf/K2lw4I8a49Mn2n//fWL7bWfj19tKdfNgp/rW7t3J/58Odj3Yf/fJPLY21NDZbnZjE9Vark6w3qnGjltZLMf7UqCZpNdaaabV9Jt9stLa2ejFpbiwWttrVNI1Jsxfr1V7stGKn3YvJ30mtGUulUlwsBN5E5fpBlutnh/L9kGXZpBfEmB1kWdjz/V9aa7//8cM35fLqzzF+EMKDfrfSrQxeB/l335dXv4hHiidd+91uZfo4/3KQx1On7XYrs6EwzFfO5Yf9c+GzTwf5Yfbtj+Wn8vmw8danBwAAAACA91MpHju/v58bHp7N7xWO9vcHB6f+Hxjs31/bHvbPhI9nxjwMAAAA8Exp77960mhU2xcU0yGEF31m5MVMeM322eFk41vq84tcGGyijPDMWT6Eyc01F4bF/CtcP+9+sXD8Tii+XNf0qJdxc5QXySiKC24ay2O4MQEAACN38qN/0isBAAAAAAAAAAAAAAAAAACAy2scjxOb9IwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABd5HAAA//9eWF7C") 6.578749035s ago: executing program 0 (id=1421): syz_emit_ethernet(0xffffffffffffff83, &(0x7f00000002c0)={@link_local, @random, @val={@val={0x88a8, 0x4, 0x1, 0x3}, {0x8100, 0x7, 0x1, 0x1}}, {@arp={0x806, @generic={0x338, 0x1c, 0x6, 0x0, 0x9, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x29}, "", @multicast, "a13408da6980bf45"}}}}, 0x0) syz_genetlink_get_family_id$mptcp(&(0x7f0000000080), 0xffffffffffffffff) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000006, 0x8031, 0xffffffffffffffff, 0x0) r1 = syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, &(0x7f0000000300)=""/102392, 0x18ff8) r3 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r3, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) r4 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="fc0000001900674c0000000000000000e0000001000000000000000000000000e000000200000000000000000000000000000000000000000a0000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000400000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000044000500000000000000000000000000000000000000000033"], 0xfc}}, 0x0) 5.059632482s ago: executing program 1 (id=1426): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = dup(r0) getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000004900)={0x0, @in6={{0xa, 0x4e24, 0xa, @private0={0xfc, 0x0, '\x00', 0x1}, 0x6}}, 0xc, 0x7}, &(0x7f00000049c0)=0x90) 4.997504989s ago: executing program 0 (id=1427): r0 = syz_open_dev$sg(&(0x7f0000000040), 0x0, 0x103400) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000240)={'\x00', 0xb475, 0x6, 0xfffffffc, 0x40000000, 0xe}) 4.806564251s ago: executing program 1 (id=1429): socket$inet6_tcp(0xa, 0x1, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x1) fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0) ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x401c5820, 0x0) connect$unix(r1, &(0x7f0000000000)=@abs={0x0, 0x0, 0x4e22}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = socket$netlink(0x10, 0x3, 0xa) r5 = dup(r4) r6 = open(&(0x7f0000000140)='./file1\x00', 0x109cc2, 0x5c) ftruncate(r6, 0x200004) sendfile(r5, r6, 0x0, 0x80001d00c0d1) 4.56044391s ago: executing program 5 (id=1430): r0 = socket$rxrpc(0x21, 0x2, 0xa) sendto$rxrpc(r0, 0x0, 0x0, 0x20008841, 0x0, 0x0) 4.185829173s ago: executing program 5 (id=1433): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET_STATS_CPU(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x14, 0x4, 0x1, 0x5, 0x0, 0x0, {0x0, 0x0, 0x1}}, 0x14}, 0x1, 0x0, 0x0, 0x80}, 0x20000000) 3.859982292s ago: executing program 5 (id=1435): r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000000)={0x1, &(0x7f0000000280)=[{0x6, 0xfa, 0x0, 0xe4}]}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) sendmmsg$inet(r0, &(0x7f0000001440)=[{{0x0, 0x0, &(0x7f00000010c0)=[{&(0x7f0000000700)="c87b35043e70167a3e59c95cf2d2470a409aed8df615eda880680920e7ea2e4413084cba0ac21d664201fbe69bf2660ea3918ef0b6727862bbd91dfce9385577a868d3a94cbfd3756c4fc07934e5ae442a225605985c4a8e3de576c99ecd23d425b1f09e6413e8f779e0723e88fc0d8cc981391df5e1f5ba5fa3ca690b472143edac8820850652322d4594f9b4e4e88482356e6e", 0x94}, {&(0x7f0000000300)="c071c346d7762184984cd6fc3bd9904a7df7f6f0cc0d7bf8e1359a106b1f25eb975e8b38ca101a0706ae683586cb", 0x2e}, {&(0x7f00000007c0)="e4e86ea4ab94100940277376", 0xc}], 0x3}}], 0x1, 0x24044000) sendmmsg$inet(r0, &(0x7f0000000b00)=[{{0x0, 0x0, &(0x7f0000001dc0)=[{&(0x7f0000000140)="91f8a9849519de", 0x7}], 0x1}}, {{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000b80)="f77d2b5dd5f7d74f0748cf3d2cf218d644566a14103b1c7dd35fd2951bd022f10f2dc7f4ce0d8ac5f4abaca4b97b706153756913b7dd48248b5bfb10460019248bf238743fa2aeb5bef21ce832db670920dc5e911ef2ad63e849901d1001129dbacbfd4924d7545517fd18b5d29978f32a5b5c81755cb89cc0490958ba3211eb99df5cdbbc0f9c941aaa1495893dada02d8188acd26b5afd7476413f322c8f79de769debb56343f3eded2dca93ed6641e50fe595e1e0dbe84ed0f70abb4ed2dfb6648df7dbbd18fa5533a6b0acc138c81a8acbcb2fb79a7d7857d41bca238e0548c5e955d74bbb106fe965274cbb3a29b895df0b4e028b6d65c115b81328e0b660253f1c9a359dde67917fa232e2f566483ddbb93ff9b103c1cac356c9f0f6ab5fe77ea4610f71ec", 0x128}], 0x1}}], 0x2, 0x2090) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600)=0x68, 0x4) sendto$inet(r0, &(0x7f0000000580)="17", 0x59a, 0x10008095, 0x0, 0x0) 3.589657923s ago: executing program 5 (id=1438): syz_emit_ethernet(0xffffffffffffff83, &(0x7f00000002c0)={@link_local, @random, @val={@val={0x88a8, 0x4, 0x1, 0x3}, {0x8100, 0x7, 0x1, 0x1}}, {@arp={0x806, @generic={0x338, 0x1c, 0x6, 0x0, 0x9, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x29}, "", @multicast, "a13408da6980bf45"}}}}, 0x0) syz_genetlink_get_family_id$mptcp(&(0x7f0000000080), 0xffffffffffffffff) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000006, 0x8031, 0xffffffffffffffff, 0x0) r1 = syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, &(0x7f0000000300)=""/102392, 0x18ff8) r3 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r3, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) r4 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="fc0000001900674c0000000000000000e0000001000000000000000000000000e000000200000000000000000000000000000000000000000a0000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000400000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000044000500000000000000000000000000000000000000000033"], 0xfc}}, 0x0) 3.237695994s ago: executing program 3 (id=1439): r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/udp6\x00') preadv(r0, &(0x7f0000000440)=[{&(0x7f0000000300)=""/106, 0x6a}, {&(0x7f0000000380)=""/180, 0xb4}], 0x2, 0xa3, 0x0) 2.885501905s ago: executing program 3 (id=1440): bpf$MAP_CREATE(0x0, 0x0, 0x0) timer_create(0x0, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000040)='cmdline\x00') read$nci(r0, 0x0, 0x0) syz_genetlink_get_family_id$team(0x0, r0) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x1c, 0x68, 0x5fb9a818fb7378e9, 0x0, 0x0, {}, [@NHA_BLACKHOLE={0x4}]}, 0x1c}}, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x4, &(0x7f00000004c0)=[{0x6, 0x72, 0x0, 0x7fff0000}, {0x3, 0x2, 0x8, 0x34dc}, {0x7ff, 0xd, 0xa5, 0x9}, {0x8, 0x6, 0x7, 0x5}]}) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000040)=ANY=[@ANYBLOB="240000001800dd8d00000000ffffff2502101000fe0400060000002008001e0001000000"], 0x24}, 0x1, 0x0, 0x0, 0x4a044}, 0x4010) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0xfffffffffffffda3, &(0x7f0000000180)={&(0x7f0000000200)=@delnexthop={0x20, 0x69, 0xb, 0x0, 0x0, {}, [{0x8, 0x1, 0x1}]}, 0x20}}, 0x4000000) 1.952273443s ago: executing program 0 (id=1442): socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) read$msr(r0, &(0x7f0000000100)=""/13, 0xd) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000040)={0x3, &(0x7f0000000140)=[{0x20, 0xff, 0x0, 0xfffff038}, {0x28, 0x0, 0x4d, 0xffeff024}, {0x6, 0x0, 0xff}]}, 0x10) sendmmsg(r0, &(0x7f0000001c00), 0x400000000000159, 0x40840) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x44, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xb0615}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @bond={{0x9}, {0x14, 0x2, 0x0, 0x1, [@IFLA_BOND_XMIT_HASH_POLICY={0x5, 0xe, 0x4}, @IFLA_BOND_RESEND_IGMP={0x8, 0xf, 0x10}]}}}]}, 0x44}}, 0x40800) bpf$BPF_BTF_LOAD(0x26, 0x0, 0x0) openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/pm_trace', 0x0, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x181002, 0x0) r3 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x90) fstatfs(r3, 0x0) 1.908910118s ago: executing program 3 (id=1443): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)={0x24, 0x39, 0x107, 0x1, 0x25dfdbfb, {0x4, 0x7c}, [@nested={0x4, 0x8c}, @nested={0xc, 0x1, 0x0, 0x1, [@typed={0x6, 0x16, 0x0, 0x0, @str='\x88\a'}]}]}, 0x24}, 0x1, 0x0, 0x0, 0x24000005}, 0xd014) 1.858700464s ago: executing program 5 (id=1444): r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f0000000400)=ANY=[], 0x8) connect$inet6(r0, &(0x7f00000003c0)={0xa, 0xfffe, 0x3000001, @mcast2, 0x6}, 0x1c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000240)='bridge0\x00', 0x10) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000180)=ANY=[@ANYBLOB="88000000000002"], 0x10) write(r0, &(0x7f00000000c0)="8f2a0a65bd8c002b0304000e0580a7b6070d63e286a5cefe", 0x5ac) 1.620354652s ago: executing program 3 (id=1445): sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={0x0, 0xb4}, 0x1, 0x0, 0x0, 0x4000850}, 0x40) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)=@delchain={0x24, 0x65, 0x400, 0x70bd29, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x509d884560ba1ba6, 0x3}, {}, {0x8, 0x10}}}, 0x24}}, 0x10) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=@newqdisc={0x44, 0x24, 0x4, 0xc0000000, 0x0, {0x0, 0x0, 0x0, 0x0, {0x3, 0x3}, {0xa, 0xe}, {0x0, 0x9}}, [@qdisc_kind_options=@q_fq_pie={{0xb}, {0x14, 0x8002, [@TCA_FQ_PIE_FLOWS={0x8, 0x2, 0xe7e7}, @TCA_FQ_PIE_TARGET={0x8, 0x3, 0x4}]}}]}, 0x44}}, 0x20004015) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0300000000000000280012800a00010076786c616e00"], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840) r0 = socket$netlink(0x10, 0x3, 0x0) sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x0) 1.344783674s ago: executing program 2 (id=1447): syz_mount_image$msdos(&(0x7f00000002c0), &(0x7f0000000280)='./file0\x00', 0x4, &(0x7f0000000080)={[{@nodots}, {@dots}, {@dots}, {@fat=@check_strict}, {}]}, 0x1, 0x237, &(0x7f00000008c0)="$eJzs3c9qE0EcB/CfTdqGXOxZPCx48RTUN1ikgrggRPagJxeql1aE7WX1lMfwGXwkH6On3lbshqSt0UP+OOp+PhD2C18GZi6ZHGayb+9/OD35eP6+/fYlRqMshhGzuIw4ir0YROfO/Ll3lQ/iulmsZbzeMABgG6bTKk89B3arrvNqPyIOf2rKr0kmBAAAAAAAAAAAwMYSnf8HABJy/v//V9d5NZ7/frvJ+X8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgncu2vdv+5pN6fgDA9tn/AaB/7P8A0D/2fwDon1ev37zIi+J4mmWjiItZUzZl9+z6Z8+L40fZlaPlqIumKQeL/nHXZzf7/RjP+ycr+4N4+KDrf3RPXxa3+sM42f3yAQAAAAAAAAAAAAAAAAAA4K8wyRZW3u+fTH7Vd+na/wPcur8/jHvDP7YMAAAAAAAAAAAAAAAAAAAA+Kedf/p8Wp2dvasFQRAWIfU3EwAAAAAAAAAAAAAAAAAA9M/y0m/qmQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAOsv3/28eBrG6Sr1GAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoB++BwAA///yjZMQ") bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000080)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x24, 0x24, 0x2, [@ptr, @fwd={0xd}, @func_proto]}}, 0x0, 0x3e}, 0x28) mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) mount$tmpfs(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x80, 0x0) 1.265346423s ago: executing program 3 (id=1448): r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x80082, 0x0) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') mount$9p_fd(0x0, &(0x7f0000000300)='.\x00', &(0x7f0000000080), 0x218888, &(0x7f0000000240)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r1}}) r3 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r3, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x9007}, 0x4) socket$packet(0x11, 0x3, 0x300) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0) r4 = socket$inet_udp(0x2, 0x2, 0x0) sendmmsg(r4, 0x0, 0x0, 0x0) pselect6(0x40, &(0x7f00000002c0)={0x0, 0x0, 0x3, 0x3, 0x0, 0x80, 0x4, 0x4}, 0x0, &(0x7f00000000c0)={0x3ff, 0x0, 0x7fff, 0x9, 0x0, 0x204, 0x7fffffff}, 0x0, 0x0) capset(&(0x7f0000000c00)={0x19980330}, &(0x7f0000000280)={0x0, 0x3, 0x7, 0x0, 0x10040, 0x8f}) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)=0x2) 1.010717223s ago: executing program 1 (id=1449): r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0) readv(r0, &(0x7f0000000b80)=[{&(0x7f00000008c0)=""/163, 0xa3}], 0x1) 1.009284243s ago: executing program 2 (id=1450): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$fou(&(0x7f00000000c0), r0) sendmsg$FOU_CMD_ADD(r0, &(0x7f0000001d80)={0x0, 0x0, &(0x7f0000001d40)={&(0x7f0000001cc0)={0x1c, r1, 0x1, 0x70bd28, 0x25dfdbfd, {}, [@FOU_ATTR_IFINDEX={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x888c}, 0x20000004) 844.462992ms ago: executing program 0 (id=1451): r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000000)={0x1, &(0x7f0000000280)=[{0x6, 0xfa, 0x0, 0xe4}]}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) sendmmsg$inet(r0, &(0x7f0000001440)=[{{0x0, 0x0, &(0x7f00000010c0)=[{&(0x7f0000000700)="c87b35043e70167a3e59c95cf2d2470a409aed8df615eda880680920e7ea2e4413084cba0ac21d664201fbe69bf2660ea3918ef0b6727862bbd91dfce9385577a868d3a94cbfd3756c4fc07934e5ae442a225605985c4a8e3de576c99ecd23d425b1f09e6413e8f779e0723e88fc0d8cc981391df5e1f5ba5fa3ca690b472143edac8820850652322d4594f9b4e4e88482356e6e", 0x94}, {&(0x7f0000000300)="c071c346d7762184984cd6fc3bd9904a7df7f6f0cc0d7bf8e1359a106b1f25eb975e8b38ca101a0706ae683586cb", 0x2e}, {&(0x7f00000007c0)="e4e86ea4ab94100940277376", 0xc}], 0x3}}], 0x1, 0x24044000) sendmmsg$inet(r0, &(0x7f0000000b00)=[{{0x0, 0x0, &(0x7f0000001dc0)=[{&(0x7f0000000140)="91f8a9849519de", 0x7}, {0x0}], 0x2}}, {{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000b80)="f77d2b5dd5f7d74f0748cf3d2cf218d644566a14103b1c7dd35fd2951bd022f10f2dc7f4ce0d8ac5f4abaca4b97b706153756913b7dd48248b5bfb10460019248bf238743fa2aeb5bef21ce832db670920dc5e911ef2ad63e849901d1001129dbacbfd4924d7545517fd18b5d29978f32a5b5c81755cb89cc0490958ba3211eb99df5cdbbc0f9c941aaa1495893dada02d8188acd26b5afd7476413f322c8f79de769debb56343f3eded2dca93ed6641e50fe595e1e0dbe84ed0f70abb4ed2dfb6648df7dbbd18fa5533a6b0acc138c81a8acbcb2fb79a7d7857d41bca238e0548c5e955d74bbb106fe965274cbb3a29b895df0b4e028b6d65c115b81328e0b660253f1c9a359dde67917fa232e2f566483ddbb93ff9b103c1cac356c9f0f6ab5fe77ea4610f71ec", 0x128}], 0x1}}], 0x2, 0x2090) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600)=0x68, 0x4) sendto$inet(r0, &(0x7f0000000580)="17", 0x59a, 0x10008095, 0x0, 0x0) 759.549282ms ago: executing program 1 (id=1452): r0 = syz_mount_image$vfat(&(0x7f0000000440), &(0x7f0000000380)='./file1\x00', 0x844, &(0x7f0000000bc0)=ANY=[], 0x1, 0x267, &(0x7f0000000740)="$eJzs3b9rVFkUAOAzmcmvbSYsCwvLLjuwLGw1JIHtsyy7bNigYhgkIsGJmUjIhICBgBZJrAQrG0vLdBFBCzv9HwQbG7ERS9NZSJ4kL0xmzEQTMfMk833NPbx7znv33vDeyxRz5/LPiwuzS8tzW1uvY2AgF4Wxq9tJkouh6Il8pNYDADhN3iVJvE1SWY8FAOgM738A6D6Hvf//60nb3rQ5l8XYAICT8eWf/+9OPXlZrY39eYTUpL8Rvpg+/hgBgK9rcuri/9tPfx8cj0d3IhZvrVRWKmmb9v81F/NRj1oMRzHeRyQNafzv+MQ/w6UdgxGVxbW9+rWVSr61fiSKMRRx4czB+pFSqrW+N75rrh+NYvzQ/vqjbev74o/fmurLUYxnV2Ip6jG78y9JU/3qSKn099mJj+r7d/NiI5/p3wcAAAAAAAAAAAAAAAAAAAAAgNOpXGoYard/T7l8WH9af/T9gfb357m9W1+InwpxM9vZAwAAAAAAAAAAAAAAAAAAwLdh+fqNhWq9XrvWCGbOz3/feuRzQa5NV37v/Mc5T9cEOwtzgpf4NSJOehYPN2vPN6YvTWa/mB0M2q/qg8wHNvOJnJ6I2A1+vDdWfbz66s3BnFhvupcL6X1bradtX/PDotThhxMAAAAAAAAAAAAAAAAAAHSZ/a8BH5aRdHZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJCB/d//P3bQ1ziyOZierNH1y0Bzctp5v+W6ufUMJgsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQNf6EAAA//9rIKjm") memfd_create(&(0x7f0000000240)='\x9d#\x00\xe6Z\x00\xafq%\xa5\x83\xa6\xb5\x00\x83y\xf3\xb2\xe6b\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x17?&^\xe1Ob\xe1Y\xd6\xe2\x9f\xd9\xae\xcf>/\x05V%$6\x9fU\x86\xbe\xcbx\x00\x00\x00\x15\x00\x00\x00\xa1\xa2\xe0g\x98\xbf*\xa2c\x12.\xb7\xbe`\'\xcb\xb6\xaf\xdc\xa0D\x93.\xf25\x957\xec\xfb\xe6|\\\xe4h\xfc\x14\x06\xb5\xaa\xe6\x05\xe4\xc3\x90\x91\x98\x15\xec\xdb\xaa\t9\x11\xb4\x84$&0\xdd\x19\x86\x90\xbe\xd7\xdc\n\xcbC\x15\xfcp\x11\xdai\f{a?\xd0\xe1{\x84\xb5\x82q\x19\xacS\x88|\x99\xfd\x9eS\x80\xcb\x14G\xfa\xff\xff\xff\xff\xff\xff\xff\xcd\xf0%\x97!\xba\xe3J\xc2t\x96\xf8\xb1\xd2\x168\xbf`$\xbf\xca\xea\xa3\x83\x8e-k\x12\xdf\xb9q\xb6Pr\xd4\xb5X\\\xdbD\n\x03G\x00\x04\x00\x00\xbc\xac\x18\xba\xce\xb3%QF\x03\b\x9dh\xcb)\xf4f\x12[\xf9\r\t\xef{h\xb0\xc0:\x8f|\x8f\x06\xf8\x83\x87+nM\x11\x1c\xb0*8\v\x1e\xcf\x03\xd3\xe8,?\x87\x84\\/y\xed\x01#?\xab\x1c\x11\x00\xc5\x8d\x82\x9c\xd6B[\xc9\x00\xf5]\x81\xf3\xfd\x06M\xbe\xf9\xba\x9em\xe9\"\x03\x933P\xa3\xcc\x9b\f\xa7\x8f\x91O\xc9\xb9\x10M\x8b\xd0\xc0\xb8L\xbd\x1c4\xb59\x988\tgC\xbc\xe0\xc5\xf4\xe0E%\xd9\xd8w\x00k\x042Y\xdc\xc5\xe59\xa95\xd1m\xd8hCuZYi\x10D\xb9\xe6\xff\x04K%yH\xe5W\xfb\x82\xac\x19,\\D\x91T\xfd\x9c\xb8\x8b\x88\xa5\xcc\x8fI\x00\xf0\xc9%\n\xa7\xd6\x0f:\xb0\xf5?\xc3\x88\x1e\xbb-\xa6\xecA\x92\xaf\xa4Xl\v\xa5\xca\v|\xe2L\xac\x80\xc7\x15\x96fh\x83\x15\xc7\xea\xd5\xe8\x89W\x11\xd7oC\xe4\x06\xa8[O\xe6\x1d=\x87\x93\x0f\x87I\xdf\xb1\xeb\x89\x11.\x01\x00\r`\x1e8\x94\v)\x06B\xf0\xed\x91 )y\xb4\xba\xba\xb7\xbc\xc3\xad\xf1\x92/(A=A\x8b\xa5\xb0\x89\x9e5\x12\xa4\x9a\va\xdf\xf4\xea\xc6\xc7\x10g\x1d\xd5\xb0\xbb\xd2\xfc]fC\x8d\x0f\xa6q\x0f\xef\x90\xfe\x94k\xf1\xb8\xfa\xbbb\xb1\x03\x99\xf7\xfd\'\xae\x906\xe0\xaa\xdbtWWH\xa4L\xb5pe,\xdfN\x0f8\t\xe7X_H\xd4\xe3\xb2,oj\xac\xd7\xbd\xd4\xadW\x1f<\xd0s\xa8\x1f(\x00/ \xe4]@\xf7mA\xe8\xd1\xf4:\xb3\xeb\x81\xb9\x018\x1c\x95%o\x05x\x1a\x90\xf4\x03\xe7\xe9\xa9', 0x6) r1 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40e00, 0x5a, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000012c0)={r2, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x40) mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x20, 0x10012, r1, 0x0) timer_create(0x0, 0x0, &(0x7f0000000300)=0x0) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) timer_settime(r3, 0x1, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r4 = mq_open(0x0, 0x8c2, 0x30, &(0x7f0000000080)={0x6, 0x4, 0x4, 0x9}) mq_timedreceive(r4, 0x0, 0x0, 0x200000000a9b, 0x0) gettid() socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000006b00)) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000340)={{0x1, 0x1, 0x18, r0}, './file1\x00'}) getdents(0xffffffffffffffff, &(0x7f0000001fc0)=""/184, 0xb8) syz_mount_image$msdos(&(0x7f00000000c0), &(0x7f0000000040)='./file0\x00', 0x10000, &(0x7f0000000080)={[{@fat=@dos1xfloppy}, {@nodots}]}, 0x1, 0x21f, &(0x7f0000000100)="$eJzs3DtrW2cYB/BXvqmWsdFUaJe+uEu7iNZzh5biQqmgpa5KL1A4xnIrpEpGR4NUOmjOlM+QMYRkyRYw+QL+FMlmAsZLPOUEW4ovceLcFCnEv9+i5+iv5/A+6HAQr+DsfnX13/pmWtpMOmEqnwtTX4f+wyzLimEqPNEPn9/6bf/K2lw4I8a49Mn2n//fWL7bWfj19tKdfNgp/rW7t3J/58Odj3Yf/fJPLY21NDZbnZjE9Vark6w3qnGjltZLMf7UqCZpNdaaabV9Jt9stLa2ejFpbiwWttrVNI1Jsxfr1V7stGKn3YvJ30mtGUulUlwsBN5E5fpBlutnh/L9kGXZpBfEmB1kWdjz/V9aa7//8cM35fLqzzF+EMKDfrfSrQxeB/l335dXv4hHiidd+91uZfo4/3KQx1On7XYrs6EwzFfO5Yf9c+GzTwf5Yfbtj+Wn8vmw8danBwAAAACA91MpHju/v58bHp7N7xWO9vcHB6f+Hxjs31/bHvbPhI9nxjwMAAAA8Exp77960mhU2xcU0yGEF31m5MVMeM322eFk41vq84tcGGyijPDMWT6Eyc01F4bF/CtcP+9+sXD8Tii+XNf0qJdxc5QXySiKC24ay2O4MQEAACN38qN/0isBAAAAAAAAAAAAAAAAAACAy2scjxOb9IwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABd5HAAA//9eWF7C") 698.819709ms ago: executing program 2 (id=1453): bpf$MAP_CREATE(0x0, 0x0, 0x0) timer_create(0x0, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000040)='cmdline\x00') read$nci(r0, 0x0, 0x0) syz_genetlink_get_family_id$team(0x0, r0) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x1c, 0x68, 0x5fb9a818fb7378e9, 0x0, 0x0, {}, [@NHA_BLACKHOLE={0x4}]}, 0x1c}}, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x4, &(0x7f00000004c0)=[{0x6, 0x72, 0x0, 0x7fff0000}, {0x3, 0x2, 0x8, 0x34dc}, {0x7ff, 0xd, 0xa5, 0x9}, {0x8, 0x6, 0x7, 0x5}]}) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000040)=ANY=[@ANYBLOB="240000001800dd8d00000000ffffff2502101000fe0400060000002008001e0001000000"], 0x24}, 0x1, 0x0, 0x0, 0x4a044}, 0x4010) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0xfffffffffffffda3, &(0x7f0000000180)={&(0x7f0000000200)=@delnexthop={0x20, 0x69, 0xb, 0x0, 0x0, {}, [{0x8, 0x1, 0x1}]}, 0x20}}, 0x4000000) 484.636434ms ago: executing program 2 (id=1454): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) ioprio_set$uid(0x3, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0), 0x1022002, 0x0) r1 = dup(r0) r2 = openat$random(0xffffffffffffff9c, &(0x7f00000000c0), 0x8000, 0x0) sendfile(r0, r2, 0x0, 0x8000fffffffe) ioctl$TIOCVHANGUP(r1, 0x5437, 0x0) socket$kcm(0x10, 0x2, 0x10) bpf$PROG_LOAD(0x5, 0x0, 0x0) 333.948512ms ago: executing program 5 (id=1455): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000340)='./file1\x00', 0x200000, &(0x7f00000005c0)={[{@block_validity}, {}, {@sysvgroups}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@nogrpid}, {@noauto_da_alloc}, {@norecovery}]}, 0x3, 0x566, &(0x7f00000015c0)="$eJzs3V9rW+UfAPDvSdv9//3WwRjqhRR24WQuXVv/TBA2L0WHA72foc3KaLqMJh1rHWy7cDfeyBBEHIgvwHsvh2/AVyHoYMgoeuFN5aQnW9YkTZtlNvN8PnC25znnpN/z5DnPk+/JSUgAuTWR/lOIeDkivkoiDrdsG41s48TGfmuPbsymSxLr65/8kUSSrWvun2T/H8wqL0XEz19EnCy0x62trC6UKpXyUlafrC9enaytrJ66vFiaL8+Xr0zPzJx5a2b63XfeHlhbX7/w17cf3//gzJfH17758cGRu0mci0PZttZ2PINbrZWJmMiek7E4t2nHqQEEGyZJrx06nAPsvpFsnI9FOgccjpFs1AP/fTcjYh3IqcT4h5xq5gHNa/sBXQe/MB6+v3EB1N7+0Y33RmJf49rowFry1JVRer07PoD4aYyffr93N12ix/sQNwcQD6Dp1u2IOD062j7/Jdn817/T23jXb3OMvL3+wG66n+Y/b3TKfwqP85/okP8c7DB2+9F7/BceDCBMV2n+917H/Pfx1DU+ktX+18j5xpJLlyvl0xHx/4g4EWN703q/93Na8790SeM3c8HsOB6M7n36MXOleqnPcG0e3o545Un+m0Tb/L+vketu7v/0+biwzRjHyvde7batd/tbDT4DXv8h4rWO/f/kjlay9f3Jycb5MNk8K9r9eefYL93i76z9g5f2/4Gt2z+etN6vre08xvf7/i5329bv+b8n+bRR3pOtu16q15emIvYkH7Wvn37y2Ga9uX/a/hPHt57/Op3/+yPis222/87R7mnQMPT/3I76f+eFXz/8/Ltu8bfX/282SieyNduZ/7Z7gM/y3AEAAAAAAMCwKUTEoUgKxcflQqFY3Ph8x9E4UKhUa/WTl6rLV+ai8V3Z8RgrNO90H275PMRU9nnYZn16U30mIo5ExNcj+xv14my1MrfbjQcAAAAAAAAAAAAAAAAAAIAhcbDL9/9Tv43s9tEBz52f/Ib86jn+B/FLT8BQ8voP+WX8Q34Z/5Bfxj/kl/EP+WX8Q34Z/5Bfxj8AAAAAAAAAAAAAAAAAAAAAAAAAAAAM1IXz59Nlfe3Rjdm0PndtZXmheu3UXLm2UFxcni3OVpeuFuer1flKuThbXez19yrV6tWp6Vi+Plkv1+qTtZXVi4vV5Sv1i5cXS/Pli+Wxf6VVAAAAAAAAAAAAAAAAAAAA8GKprawulCqV8pJC18LZGIrD6LuQ9Orls9nJ0FeI0d1voMJzKOzyxAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALf4JAAD//5CPL9Y=") r0 = open(&(0x7f0000000200)='./file1\x00', 0x4827e, 0xdc) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27fffff, 0x4002011, r0, 0x9000) fallocate(r0, 0x0, 0x0, 0x8800000) r1 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r1, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f0000000500)=[{0x6, 0x85, 0x7, 0x7ffc0001}]}) fgetxattr(0xffffffffffffffff, 0x0, 0x0, 0x0) connect$inet(r1, &(0x7f0000000480)={0x2, 0x4e23, @multicast2}, 0x10) sendmmsg(r1, &(0x7f0000007fc0), 0x800001d, 0x1c) 190.407938ms ago: executing program 3 (id=1456): r0 = socket$unix(0x1, 0x1, 0x0) r1 = socket$kcm(0x11, 0x3, 0x0) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) close(r2) socket$nl_generic(0x10, 0x3, 0x10) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r4 = socket(0x400000000010, 0x3, 0x0) r5 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xfffffffd, {0x0, 0x0, 0x0, r6, {0x0, 0x1}, {0xffff, 0xffff}, {0xffe0, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0) sendmsg$nl_route_sched(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000400)=@newtfilter={0x5c, 0x2c, 0xd3f, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r6, {0xb, 0xfff3}, {}, {0x7, 0x300}}, [@filter_kind_options=@f_basic={{0xa}, {0x2c, 0x2, [@TCA_BASIC_EMATCHES={0x28, 0x2, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x1}}, @TCA_EMATCH_TREE_LIST={0x1c, 0x2, 0x0, 0x1, [@TCF_EM_CMP={0x18, 0x1, 0x0, 0x0, {{0x2, 0x1, 0x100}, {0x0, 0x8, 0x3, 0x1, 0x4, 0x2, 0x2}}}]}]}]}}]}, 0x5c}, 0x1, 0x0, 0x0, 0x4000814}, 0x0) ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast}) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$kcm(r1, &(0x7f00000000c0)={&(0x7f0000000380)=@xdp={0x2c, 0x7, r7, 0x3e}, 0x80, &(0x7f0000000280)=[{&(0x7f0000000200)="95", 0x1}], 0x1}, 0x0) 190.202679ms ago: executing program 2 (id=1457): socket$nl_route(0x10, 0x3, 0x0) close(0x3) syz_emit_ethernet(0x4e, &(0x7f0000000040)={@local, @link_local={0x17, 0x80, 0xc2, 0x6, 0x5}, @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "182325", 0x18, 0x2c, 0x0, @remote, @local, {[@routing={0x8, 0x2, 0x2, 0x9, 0x0, [@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}]}]}}}}}, 0x0) syz_emit_ethernet(0x96, &(0x7f0000000180)={@local, @link_local={0x17, 0x80, 0xc2, 0x6, 0x5, 0x1}, @void, {@ipv6={0x86dd, @generic={0x0, 0x6, '\x00', 0x60, 0x2c, 0x0, @remote, @local, {[@routing={0x84, 0x2, 0x2, 0x1, 0x0, [@empty]}, @routing={0x88, 0x8, 0x3, 0x6c, 0x0, [@loopback, @private2={0xfc, 0x2, '\x00', 0x1}, @empty, @loopback]}]}}}}}, 0x0) 0s ago: executing program 2 (id=1458): socket$key(0xf, 0x3, 0x2) listxattr(&(0x7f0000000080)='./file0\x00', 0x0, 0x100000) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, 0x0, 0x0) socket$inet6_mptcp(0xa, 0x1, 0x106) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_ADD(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000780)=ANY=[@ANYBLOB="74000000090601020000000000000000030000000900020073797a310000000005000100070000004c0007801800018014000240fe8000000000000000000000000000aa1800148014000240fc000000000000000000000000000000060004404e1f0000050007008400000006"], 0x74}, 0x1, 0x0, 0x0, 0x10040003}, 0x0) kernel console output (not intermixed with test programs): ilesystem without journal. Quota mode: none. [ 171.864708][ T5400] ext4 filesystem being mounted at /60/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 172.066158][ T4282] EXT4-fs (loop2): unmounting filesystem. [ 173.098190][ T5425] loop2: detected capacity change from 0 to 256 [ 175.149801][ T5439] loop0: detected capacity change from 0 to 1024 [ 175.199689][ T5439] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 175.394777][ T5439] ext4 filesystem being mounted at /72/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 175.731652][ T5432] loop2: detected capacity change from 0 to 4096 [ 175.938918][ T5432] ext4: Unknown parameter 'seclabel' [ 176.143128][ T5439] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz.0.350: bg 0: block 112: padding at end of block bitmap is not set [ 176.172600][ T5439] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 21 with max blocks 43 with error 117 [ 176.268139][ T5439] EXT4-fs (loop0): This should not happen!! Data will be lost [ 176.268139][ T5439] [ 176.281845][ T5449] netlink: 12 bytes leftover after parsing attributes in process `syz.3.354'. [ 176.359773][ T4268] EXT4-fs (loop0): unmounting filesystem. [ 176.739092][ T5473] xt_hashlimit: max too large, truncated to 1048576 [ 180.048009][ T5492] loop0: detected capacity change from 0 to 512 [ 180.089358][ T5494] loop2: detected capacity change from 0 to 256 [ 180.100944][ T5492] EXT4-fs (loop0): 1 truncate cleaned up [ 180.130009][ T5499] loop1: detected capacity change from 0 to 256 [ 180.143449][ T5492] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 180.173340][ T5502] netlink: 12 bytes leftover after parsing attributes in process `syz.4.371'. [ 180.282099][ T5499] FAT-fs (loop1): Directory bread(block 64) failed [ 180.379671][ T5499] FAT-fs (loop1): Directory bread(block 65) failed [ 180.387217][ T5499] FAT-fs (loop1): Directory bread(block 66) failed [ 180.403769][ T5499] FAT-fs (loop1): Directory bread(block 67) failed [ 180.410630][ T5499] FAT-fs (loop1): Directory bread(block 68) failed [ 180.431267][ T5492] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz.0.367: bg 0: block 465: padding at end of block bitmap is not set [ 180.464054][ T5499] FAT-fs (loop1): Directory bread(block 69) failed [ 180.481014][ T5499] FAT-fs (loop1): Directory bread(block 70) failed [ 180.483020][ T5506] loop2: detected capacity change from 0 to 4096 [ 180.493766][ T5499] FAT-fs (loop1): Directory bread(block 71) failed [ 180.508639][ T5499] FAT-fs (loop1): Directory bread(block 72) failed [ 180.520307][ T5492] EXT4-fs (loop0): Remounting filesystem read-only [ 180.545029][ T5506] ext4: Unknown parameter 'seclabel' [ 180.553174][ T5499] FAT-fs (loop1): Directory bread(block 73) failed [ 180.821816][ T5494] 9pnet_fd: Insufficient options for proto=fd [ 181.036956][ T5499] syz.1.370: attempt to access beyond end of device [ 181.036956][ T5499] loop1: rw=524288, sector=1736, nr_sectors = 32 limit=256 [ 181.058448][ T4268] EXT4-fs (loop0): unmounting filesystem. [ 181.087973][ T5499] syz.1.370: attempt to access beyond end of device [ 181.087973][ T5499] loop1: rw=0, sector=1736, nr_sectors = 8 limit=256 [ 181.185819][ T27] kauditd_printk_skb: 57 callbacks suppressed [ 181.185836][ T27] audit: type=1800 audit(1771460695.997:70): pid=5499 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.370" name="file0" dev="loop1" ino=1048603 res=0 errno=0 [ 181.270301][ T5499] syz.1.370: attempt to access beyond end of device [ 181.270301][ T5499] loop1: rw=0, sector=1736, nr_sectors = 8 limit=256 [ 181.380995][ T5521] syz.1.370: attempt to access beyond end of device [ 181.380995][ T5521] loop1: rw=0, sector=1736, nr_sectors = 8 limit=256 [ 181.434871][ T5499] syz.1.370: attempt to access beyond end of device [ 181.434871][ T5499] loop1: rw=0, sector=1736, nr_sectors = 8 limit=256 [ 181.528336][ T5526] syz.1.370: attempt to access beyond end of device [ 181.528336][ T5526] loop1: rw=0, sector=1736, nr_sectors = 8 limit=256 [ 181.571933][ T5499] syz.1.370: attempt to access beyond end of device [ 181.571933][ T5499] loop1: rw=0, sector=1736, nr_sectors = 8 limit=256 [ 181.631653][ T5521] syz.1.370: attempt to access beyond end of device [ 181.631653][ T5521] loop1: rw=0, sector=1736, nr_sectors = 8 limit=256 [ 181.925250][ T5526] syz.1.370: attempt to access beyond end of device [ 181.925250][ T5526] loop1: rw=0, sector=1736, nr_sectors = 8 limit=256 [ 181.979436][ T5521] syz.1.370: attempt to access beyond end of device [ 181.979436][ T5521] loop1: rw=0, sector=1736, nr_sectors = 8 limit=256 [ 182.582252][ T5543] netlink: 12 bytes leftover after parsing attributes in process `syz.0.383'. [ 182.649282][ T5540] tipc: Enabled bearer , priority 0 [ 182.666764][ T5540] device syzkaller0 entered promiscuous mode [ 182.816791][ T5540] tipc: Resetting bearer [ 182.929197][ T5539] tipc: Resetting bearer [ 183.106428][ T5539] tipc: Disabling bearer [ 184.163399][ T5561] Driver unsupported XDP return value 0 on prog (id 23) dev N/A, expect packet loss! [ 184.355676][ T5570] loop3: detected capacity change from 0 to 512 [ 184.394096][ T5570] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 184.564729][ T5570] EXT4-fs error (device loop3): ext4_orphan_get:1404: comm syz.3.391: couldn't read orphan inode 26 (err -116) [ 184.594371][ T5583] netlink: 12 bytes leftover after parsing attributes in process `syz.1.396'. [ 184.603453][ T5570] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 184.613027][ T5570] ext4 filesystem being mounted at /86/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 184.760691][ T4270] EXT4-fs (loop3): unmounting filesystem. [ 186.924142][ T5599] loop1: detected capacity change from 0 to 1024 [ 187.039856][ T5599] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 187.244913][ T4269] EXT4-fs (loop1): unmounting filesystem. [ 187.823724][ T5623] loop4: detected capacity change from 0 to 256 [ 188.039493][ T5626] netlink: 12 bytes leftover after parsing attributes in process `syz.0.410'. [ 188.113469][ T5623] loop4: detected capacity change from 0 to 4096 [ 188.124985][ T5623] ext4: Unknown parameter 'seclabel' [ 188.491253][ T5633] 9pnet_fd: Insufficient options for proto=fd [ 191.042565][ T5651] netlink: 'syz.0.419': attribute type 25 has an invalid length. [ 191.098595][ T5653] loop3: detected capacity change from 0 to 1024 [ 191.204756][ T5653] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 191.223986][ T5653] ext4 filesystem being mounted at /92/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 191.280230][ T5653] EXT4-fs error (device loop3): ext4_readdir:263: inode #2: block 16: comm syz.3.421: path /92/file1: bad entry in directory: rec_len is smaller than minimal - offset=876, inode=0, rec_len=0, size=1024 fake=0 [ 191.351083][ T5653] EXT4-fs (loop3): Remounting filesystem read-only [ 191.392288][ T5660] tipc: Enabled bearer , priority 0 [ 191.416188][ T5660] device syzkaller0 entered promiscuous mode [ 191.450905][ T4270] EXT4-fs (loop3): unmounting filesystem. [ 191.477119][ T5660] tipc: Resetting bearer [ 191.519151][ T5664] netlink: 12 bytes leftover after parsing attributes in process `syz.2.424'. [ 191.573038][ T5659] tipc: Resetting bearer [ 191.634993][ T5659] tipc: Disabling bearer [ 193.498592][ T5702] netlink: 12 bytes leftover after parsing attributes in process `syz.4.439'. [ 193.591653][ T5708] capability: warning: `syz.0.441' uses 32-bit capabilities (legacy support in use) [ 193.931711][ T4318] kernel write not supported for file /timer_list (pid: 4318 comm: kworker/0:5) [ 193.935234][ T5717] loop0: detected capacity change from 0 to 256 [ 194.009141][ T5520] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 194.208185][ T5717] loop0: detected capacity change from 0 to 4096 [ 194.231432][ T5520] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 194.253846][ T5520] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 194.264922][ T5717] ext4: Unknown parameter 'seclabel' [ 194.271946][ T5520] Buffer I/O error on dev loop0, logical block 0, async page read [ 194.330520][ T1277] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.339699][ T1277] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.648037][ T5743] 9pnet_fd: Insufficient options for proto=fd [ 194.892389][ T5747] netlink: 12 bytes leftover after parsing attributes in process `syz.3.454'. [ 195.599473][ T5770] tipc: Enabled bearer , priority 0 [ 195.614408][ T5770] device syzkaller0 entered promiscuous mode [ 195.648556][ T5770] tipc: Resetting bearer [ 195.676757][ T5769] tipc: Resetting bearer [ 195.712867][ T5769] tipc: Disabling bearer [ 196.088291][ T5782] netlink: 12 bytes leftover after parsing attributes in process `syz.3.470'. [ 196.393819][ T4285] Bluetooth: hci2: command 0x0406 tx timeout [ 196.400709][ T4285] Bluetooth: hci3: command 0x0406 tx timeout [ 196.406866][ T4281] Bluetooth: hci4: command 0x0406 tx timeout [ 196.406901][ T4284] Bluetooth: hci0: command 0x0406 tx timeout [ 196.412872][ T4281] Bluetooth: hci1: command 0x0406 tx timeout [ 197.491854][ T5820] loop3: detected capacity change from 0 to 128 [ 197.615696][ T5820] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 197.702701][ T5820] ext4 filesystem being mounted at /106/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 198.592485][ T4270] EXT4-fs (loop3): unmounting filesystem. [ 199.190494][ T27] audit: type=1326 audit(1771460713.997:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5848 comm="syz.2.495" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f68ac19c629 code=0x0 [ 199.644728][ T5866] loop3: detected capacity change from 0 to 1024 [ 199.757733][ T5866] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 199.790946][ T5866] EXT4-fs warning (device loop3): ext4_resize_begin:74: won't resize using backup superblock at 1 [ 200.255563][ T4270] EXT4-fs (loop3): unmounting filesystem. [ 200.662330][ T5854] bridge0: port 2(bridge_slave_1) entered disabled state [ 200.670884][ T5854] bridge0: port 1(bridge_slave_0) entered disabled state [ 201.970695][ T5854] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 202.060549][ T5854] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 202.393921][ T4281] Bluetooth: hci5: command 0x1003 tx timeout [ 202.394172][ T4286] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 203.042114][ T5854] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 203.051559][ T5854] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 203.062614][ T5854] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 203.072635][ T5854] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 203.343980][ T5904] tipc: Enabled bearer , priority 0 [ 203.385597][ T5902] tipc: Resetting bearer [ 203.608474][ T5916] netlink: 24 bytes leftover after parsing attributes in process `syz.4.514'. [ 203.744315][ T5905] device syzkaller0 entered promiscuous mode [ 203.763294][ T5905] IPv6: ADDRCONF(NETDEV_CHANGE): syzkaller0: link becomes ready [ 203.832944][ T5919] loop1: detected capacity change from 0 to 512 [ 203.862281][ T5901] tipc: Resetting bearer [ 203.920598][ T5901] tipc: Disabling bearer [ 203.957942][ T5919] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 204.538780][ T4269] EXT4-fs (loop1): unmounting filesystem. [ 204.567342][ T5941] netlink: 'syz.0.524': attribute type 4 has an invalid length. [ 204.584246][ T5941] netlink: 152 bytes leftover after parsing attributes in process `syz.0.524'. [ 204.641152][ T5941] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check. [ 206.242643][ T5973] loop1: detected capacity change from 0 to 512 [ 206.329845][ T5973] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 206.445320][ T5973] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 206.469005][ T5973] ext4 filesystem being mounted at /103/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 206.642439][ T4269] EXT4-fs (loop1): unmounting filesystem. [ 206.875934][ T5987] loop1: detected capacity change from 0 to 1024 [ 206.980771][ T5987] EXT4-fs error (device loop1): ext4_map_blocks:635: inode #3: block 2: comm syz.1.541: lblock 2 mapped to illegal pblock 2 (length 1) [ 207.135185][ T5987] Quota error (device loop1): qtree_write_dquot: dquota write failed [ 207.143356][ T5987] EXT4-fs error (device loop1): ext4_map_blocks:635: inode #3: block 48: comm syz.1.541: lblock 0 mapped to illegal pblock 48 (length 1) [ 207.253449][ T5987] Quota error (device loop1): v2_write_file_info: Can't write info structure [ 207.302635][ T5987] EXT4-fs error (device loop1): ext4_acquire_dquot:6835: comm syz.1.541: Failed to acquire dquot type 0 [ 207.380489][ T5987] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5933: Corrupt filesystem [ 207.422530][ T5987] EXT4-fs error (device loop1): ext4_evict_inode:279: inode #11: comm syz.1.541: mark_inode_dirty error [ 207.459590][ T5992] sp0: Synchronizing with TNC [ 207.484308][ T5987] EXT4-fs warning (device loop1): ext4_evict_inode:282: couldn't mark inode dirty (err -117) [ 207.523073][ T5987] EXT4-fs (loop1): 1 orphan inode deleted [ 207.555936][ T4730] EXT4-fs error (device loop1): ext4_map_blocks:635: inode #3: block 1: comm kworker/u4:15: lblock 1 mapped to illegal pblock 1 (length 1) [ 207.580685][ T5987] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 207.633235][ T4730] Quota error (device loop1): remove_tree: Can't read quota data block 1 [ 207.663888][ T4730] EXT4-fs error (device loop1): ext4_release_dquot:6871: comm kworker/u4:15: Failed to release dquot type 0 [ 207.836989][ T4269] EXT4-fs (loop1): unmounting filesystem. [ 207.856237][ T4269] EXT4-fs error (device loop1): __ext4_get_inode_loc:4513: comm syz-executor: Invalid inode table block 1 in block_group 0 [ 207.921615][ T4269] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5933: Corrupt filesystem [ 207.942196][ T4269] EXT4-fs error (device loop1): ext4_quota_off:7141: inode #3: comm syz-executor: mark_inode_dirty error [ 208.709772][ T6011] loop2: detected capacity change from 0 to 1024 [ 208.744424][ T6011] EXT4-fs: Ignoring removed orlov option [ 208.763783][ T6011] EXT4-fs: Ignoring removed nobh option [ 208.866914][ T6011] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 208.960481][ T6017] loop1: detected capacity change from 0 to 512 [ 208.977170][ T6019] loop3: detected capacity change from 0 to 512 [ 209.103554][ T6017] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended [ 209.143992][ T6017] EXT4-fs (loop1): couldn't mount RDWR because of unsupported optional features (6000000) [ 209.164596][ T6017] EXT4-fs (loop1): couldn't mount as ext2 due to feature incompatibilities [ 209.177694][ T6019] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 209.213618][ T4282] EXT4-fs (loop2): unmounting filesystem. [ 209.274334][ T6019] ext4 filesystem being mounted at /116/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 209.377011][ T27] audit: type=1800 audit(1771460724.187:72): pid=6019 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.556" name="file1" dev="loop3" ino=15 res=0 errno=0 [ 209.595162][ T4270] EXT4-fs (loop3): unmounting filesystem. [ 209.664821][ T6031] tipc: Enabled bearer , priority 0 [ 209.753860][ T6035] device syzkaller0 entered promiscuous mode [ 209.844332][ T6031] tipc: Resetting bearer [ 209.900443][ T6030] tipc: Resetting bearer [ 210.004673][ T6030] tipc: Disabling bearer [ 210.027045][ T6042] loop2: detected capacity change from 0 to 128 [ 211.177199][ T6065] loop2: detected capacity change from 0 to 512 [ 211.241043][ T6065] EXT4-fs: Ignoring removed oldalloc option [ 211.300434][ T6065] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 211.394542][ T6065] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a016c018, mo2=0002] [ 211.451509][ T6065] System zones: 1-12 [ 211.493412][ T6065] EXT4-fs error (device loop2): ext4_iget_extra_inode:4756: inode #11: comm syz.2.572: corrupted in-inode xattr [ 211.516378][ T6065] EXT4-fs error (device loop2): ext4_orphan_get:1404: comm syz.2.572: couldn't read orphan inode 11 (err -117) [ 211.553616][ T6065] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 211.867228][ T4282] EXT4-fs (loop2): unmounting filesystem. [ 213.278010][ T6094] loop1: detected capacity change from 0 to 1024 [ 213.460934][ T6094] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 213.704023][ T6105] loop0: detected capacity change from 0 to 512 [ 213.768814][ T6105] EXT4-fs (loop0): 1 truncate cleaned up [ 213.784495][ T6105] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 213.822044][ T4269] EXT4-fs (loop1): unmounting filesystem. [ 213.831195][ T6108] loop4: detected capacity change from 0 to 1024 [ 213.925213][ T6108] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 213.929155][ T6118] loop1: detected capacity change from 0 to 256 [ 213.975087][ T6118] FAT-fs (loop1): Directory bread(block 64) failed [ 214.006184][ T6108] Set syz1 is full, maxelem 2 reached [ 214.009947][ T6118] FAT-fs (loop1): Directory bread(block 65) failed [ 214.038638][ T6118] FAT-fs (loop1): Directory bread(block 66) failed [ 214.079768][ T4268] EXT4-fs (loop0): unmounting filesystem. [ 214.091540][ T6118] FAT-fs (loop1): Directory bread(block 67) failed [ 214.122497][ T6118] FAT-fs (loop1): Directory bread(block 68) failed [ 214.145057][ T6118] FAT-fs (loop1): Directory bread(block 69) failed [ 214.158870][ T6118] FAT-fs (loop1): Directory bread(block 70) failed [ 214.200294][ T6118] FAT-fs (loop1): Directory bread(block 71) failed [ 214.213443][ T4271] EXT4-fs (loop4): unmounting filesystem. [ 214.246985][ T6118] FAT-fs (loop1): Directory bread(block 72) failed [ 214.285227][ T6118] FAT-fs (loop1): Directory bread(block 73) failed [ 214.446994][ T6118] bio_check_eod: 6 callbacks suppressed [ 214.447012][ T6118] syz.1.589: attempt to access beyond end of device [ 214.447012][ T6118] loop1: rw=524288, sector=1736, nr_sectors = 32 limit=256 [ 214.476996][ T6118] syz.1.589: attempt to access beyond end of device [ 214.476996][ T6118] loop1: rw=0, sector=1736, nr_sectors = 8 limit=256 [ 214.511512][ T27] audit: type=1800 audit(1771460729.317:73): pid=6118 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.589" name="file0" dev="loop1" ino=1048604 res=0 errno=0 [ 214.574305][ T6118] syz.1.589: attempt to access beyond end of device [ 214.574305][ T6118] loop1: rw=0, sector=1736, nr_sectors = 8 limit=256 [ 214.682018][ T6118] syz.1.589: attempt to access beyond end of device [ 214.682018][ T6118] loop1: rw=0, sector=1736, nr_sectors = 8 limit=256 [ 214.773774][ T6118] syz.1.589: attempt to access beyond end of device [ 214.773774][ T6118] loop1: rw=0, sector=1736, nr_sectors = 8 limit=256 [ 215.155666][ T6138] loop1: detected capacity change from 0 to 256 [ 215.186996][ T6138] loop1: detected capacity change from 0 to 256 [ 216.050829][ T6153] loop3: detected capacity change from 0 to 512 [ 217.100931][ T6153] EXT4-fs (loop3): 1 truncate cleaned up [ 217.124322][ T6153] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 217.433565][ T4270] EXT4-fs (loop3): unmounting filesystem. [ 217.758488][ T6169] loop3: detected capacity change from 0 to 256 [ 217.809456][ T6171] netlink: 'syz.4.608': attribute type 1 has an invalid length. [ 217.860188][ T6169] FAT-fs (loop3): Directory bread(block 64) failed [ 217.886203][ T6169] FAT-fs (loop3): Directory bread(block 65) failed [ 217.900935][ T6169] FAT-fs (loop3): Directory bread(block 66) failed [ 217.942107][ T6169] FAT-fs (loop3): Directory bread(block 67) failed [ 217.967961][ T6169] FAT-fs (loop3): Directory bread(block 68) failed [ 217.998417][ T6169] FAT-fs (loop3): Directory bread(block 69) failed [ 218.019565][ T6169] FAT-fs (loop3): Directory bread(block 70) failed [ 218.080894][ T6169] FAT-fs (loop3): Directory bread(block 71) failed [ 218.099851][ T6169] FAT-fs (loop3): Directory bread(block 72) failed [ 218.122777][ T6169] FAT-fs (loop3): Directory bread(block 73) failed [ 218.260172][ T6169] syz.3.607: attempt to access beyond end of device [ 218.260172][ T6169] loop3: rw=524288, sector=1736, nr_sectors = 32 limit=256 [ 218.284295][ T6169] syz.3.607: attempt to access beyond end of device [ 218.284295][ T6169] loop3: rw=0, sector=1736, nr_sectors = 8 limit=256 [ 218.319487][ T27] audit: type=1800 audit(1771460733.127:74): pid=6169 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.607" name="file0" dev="loop3" ino=1048605 res=0 errno=0 [ 218.373576][ T6180] tipc: Enabled bearer , priority 0 [ 218.402444][ T6180] device syzkaller0 entered promiscuous mode [ 218.519611][ T6180] tipc: Resetting bearer [ 218.560289][ T6178] tipc: Resetting bearer [ 218.594514][ T6184] loop1: detected capacity change from 0 to 256 [ 219.447681][ T6178] tipc: Disabling bearer [ 219.478462][ T5520] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 219.518349][ T6184] loop1: detected capacity change from 0 to 256 [ 219.525008][ T5520] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 219.543826][ T5520] Buffer I/O error on dev loop1, logical block 0, async page read [ 219.569578][ T4786] tipc: Node number set to 3199150535 [ 219.851842][ T6195] loop4: detected capacity change from 0 to 512 [ 219.870406][ T6196] loop1: detected capacity change from 0 to 512 [ 219.890754][ T6195] EXT4-fs: Ignoring removed oldalloc option [ 219.937276][ T6195] EXT4-fs (loop4): 1 truncate cleaned up [ 219.950850][ T6195] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 219.984309][ T6196] EXT4-fs (loop1): 1 truncate cleaned up [ 219.990380][ T6196] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 220.166174][ T6194] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.616: bg 0: block 465: padding at end of block bitmap is not set [ 220.231688][ T6194] EXT4-fs (loop1): Remounting filesystem read-only [ 220.294123][ T4271] EXT4-fs (loop4): unmounting filesystem. [ 220.653745][ T6208] syz.0.621 uses obsolete (PF_INET,SOCK_PACKET) [ 220.797708][ T4269] EXT4-fs (loop1): unmounting filesystem. [ 221.059604][ T6217] netlink: 12 bytes leftover after parsing attributes in process `syz.0.624'. [ 221.147588][ T6220] netlink: 8 bytes leftover after parsing attributes in process `syz.0.624'. [ 222.453951][ T6220] netlink: 16 bytes leftover after parsing attributes in process `syz.0.624'. [ 222.463601][ T6223] loop3: detected capacity change from 0 to 256 [ 222.547069][ T5520] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 222.551804][ T6223] loop3: detected capacity change from 0 to 256 [ 222.573893][ T5520] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 222.583092][ T5520] Buffer I/O error on dev loop3, logical block 0, async page read [ 222.937191][ T6232] netlink: 24 bytes leftover after parsing attributes in process `syz.3.630'. [ 223.228072][ T6240] loop3: detected capacity change from 0 to 512 [ 223.312493][ T6240] EXT4-fs (loop3): 1 truncate cleaned up [ 223.359267][ T6240] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 223.439639][ T6239] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.632: bg 0: block 465: padding at end of block bitmap is not set [ 223.512623][ T6239] EXT4-fs (loop3): Remounting filesystem read-only [ 223.653511][ T6247] loop0: detected capacity change from 0 to 1024 [ 223.728564][ T6247] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 223.853783][ T4268] EXT4-fs (loop0): unmounting filesystem. [ 223.980072][ T6255] program syz.0.636 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 224.135683][ T6259] netlink: 12 bytes leftover after parsing attributes in process `syz.4.639'. [ 224.150655][ T4270] EXT4-fs (loop3): unmounting filesystem. [ 224.227127][ T6262] netlink: 8 bytes leftover after parsing attributes in process `syz.4.639'. [ 224.236193][ T6262] netlink: 16 bytes leftover after parsing attributes in process `syz.4.639'. [ 224.287935][ T6265] loop0: detected capacity change from 0 to 256 [ 224.357896][ T5520] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 224.399229][ T6265] loop0: detected capacity change from 0 to 256 [ 224.407587][ T5520] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 225.083113][ T6276] loop4: detected capacity change from 0 to 512 [ 225.430941][ T6276] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 225.450075][ T6276] ext4 filesystem being mounted at /138/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 225.491885][ T6276] EXT4-fs (loop4): re-mounted. Quota mode: writeback. [ 225.549503][ T6284] loop0: detected capacity change from 0 to 1024 [ 225.625961][ T6290] EXT4-fs (loop4): re-mounted. Quota mode: writeback. [ 225.665762][ T6284] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 225.755370][ T4268] EXT4-fs (loop0): unmounting filesystem. [ 225.806622][ T4271] EXT4-fs (loop4): unmounting filesystem. [ 226.004978][ T6301] loop4: detected capacity change from 0 to 512 [ 226.065854][ T6301] EXT4-fs (loop4): 1 truncate cleaned up [ 226.071740][ T6301] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 226.160892][ T6300] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.651: bg 0: block 465: padding at end of block bitmap is not set [ 226.211595][ T6310] netlink: 12 bytes leftover after parsing attributes in process `syz.3.654'. [ 226.273575][ T6313] netlink: 8 bytes leftover after parsing attributes in process `syz.3.654'. [ 226.275155][ T6300] EXT4-fs (loop4): Remounting filesystem read-only [ 226.296647][ T6313] netlink: 16 bytes leftover after parsing attributes in process `syz.3.654'. [ 226.484505][ T6319] loop1: detected capacity change from 0 to 256 [ 226.654259][ T6323] loop3: detected capacity change from 0 to 1024 [ 226.709362][ T6323] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 226.734926][ T6323] ext4 filesystem being mounted at /138/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 226.782064][ T6323] EXT4-fs error (device loop3): ext4_map_blocks:745: inode #15: block 3: comm syz.3.657: lblock 3 mapped to illegal pblock 3 (length 3) [ 226.869603][ T6327] loop1: detected capacity change from 0 to 256 [ 226.885679][ T4271] EXT4-fs (loop4): unmounting filesystem. [ 226.931566][ T6323] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117 [ 226.987414][ T6323] EXT4-fs (loop3): This should not happen!! Data will be lost [ 226.987414][ T6323] [ 227.889894][ T6327] loop1: detected capacity change from 0 to 4096 [ 227.944414][ T6327] ext4: Unknown parameter 'seclabel' [ 228.102627][ T6333] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 228.155195][ T4633] EXT4-fs error (device loop3): ext4_map_blocks:745: inode #15: block 8: comm kworker/u4:13: lblock 8 mapped to illegal pblock 8 (length 8) [ 228.223801][ T6338] 9pnet_fd: Insufficient options for proto=fd [ 228.266052][ T4633] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 8 with error 117 [ 228.290323][ T6340] netlink: 44 bytes leftover after parsing attributes in process `syz.0.661'. [ 228.299728][ T6340] netlink: 12 bytes leftover after parsing attributes in process `syz.0.661'. [ 228.308764][ T6340] netlink: 16 bytes leftover after parsing attributes in process `syz.0.661'. [ 228.317822][ T6340] netlink: 16 bytes leftover after parsing attributes in process `syz.0.661'. [ 228.332869][ T6340] netlink: 4 bytes leftover after parsing attributes in process `syz.0.661'. [ 228.549500][ T4633] EXT4-fs (loop3): This should not happen!! Data will be lost [ 228.549500][ T4633] [ 228.847880][ T4270] EXT4-fs (loop3): unmounting filesystem. [ 229.150568][ T4271] EXT4-fs (loop4): unmounting filesystem. [ 229.499409][ T6348] set_capacity_and_notify: 1 callbacks suppressed [ 229.499425][ T6348] loop4: detected capacity change from 0 to 164 [ 229.583253][ T6348] ISOFS: unable to read i-node block [ 229.595650][ T6348] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet. [ 229.607922][ T6353] netlink: 12 bytes leftover after parsing attributes in process `syz.3.667'. [ 229.737352][ T6357] netlink: 8 bytes leftover after parsing attributes in process `syz.3.667'. [ 229.815945][ T6361] loop0: detected capacity change from 0 to 256 [ 229.915111][ T5520] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 229.928480][ T6361] loop0: detected capacity change from 0 to 256 [ 229.933795][ T5520] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 229.983956][ T5520] Buffer I/O error on dev loop0, logical block 0, async page read [ 230.079548][ T6365] loop3: detected capacity change from 0 to 512 [ 230.194466][ T6367] netlink: 'syz.4.671': attribute type 2 has an invalid length. [ 230.237397][ T6365] EXT4-fs (loop3): 1 truncate cleaned up [ 230.273734][ T6365] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 230.383995][ T6364] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.670: bg 0: block 465: padding at end of block bitmap is not set [ 230.450404][ T6364] EXT4-fs (loop3): Remounting filesystem read-only [ 230.561212][ T6378] loop1: detected capacity change from 0 to 256 [ 231.617640][ T6379] __nla_validate_parse: 4 callbacks suppressed [ 231.617683][ T6379] netlink: 44 bytes leftover after parsing attributes in process `syz.0.674'. [ 231.633025][ T6379] netlink: 12 bytes leftover after parsing attributes in process `syz.0.674'. [ 231.642111][ T6379] netlink: 16 bytes leftover after parsing attributes in process `syz.0.674'. [ 231.651173][ T6379] netlink: 16 bytes leftover after parsing attributes in process `syz.0.674'. [ 232.018655][ T6383] netlink: 4 bytes leftover after parsing attributes in process `syz.0.674'. [ 232.202738][ T4270] EXT4-fs (loop3): unmounting filesystem. [ 232.211505][ T6378] loop1: detected capacity change from 0 to 4096 [ 232.269992][ T6378] ext4: Unknown parameter 'seclabel' [ 232.692842][ T6384] 9pnet_fd: Insufficient options for proto=fd [ 233.588553][ T6401] loop0: detected capacity change from 0 to 256 [ 233.663185][ T4443] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 233.701098][ T6401] loop0: detected capacity change from 0 to 256 [ 233.711105][ T4443] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 233.883151][ T6405] device syzkaller0 entered promiscuous mode [ 233.892560][ T6405] 0: reclassify loop, rule prio 0, protocol 800 [ 234.201187][ T6409] loop4: detected capacity change from 0 to 512 [ 234.264854][ T6409] EXT4-fs (loop4): 1 truncate cleaned up [ 234.270655][ T6409] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 234.472312][ T6408] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.686: bg 0: block 465: padding at end of block bitmap is not set [ 234.485954][ T6425] loop1: detected capacity change from 0 to 256 [ 234.537939][ T6426] netlink: 44 bytes leftover after parsing attributes in process `syz.3.687'. [ 234.546993][ T6426] netlink: 12 bytes leftover after parsing attributes in process `syz.3.687'. [ 234.555986][ T6426] netlink: 16 bytes leftover after parsing attributes in process `syz.3.687'. [ 234.564941][ T6426] netlink: 16 bytes leftover after parsing attributes in process `syz.3.687'. [ 234.579812][ T6426] netlink: 4 bytes leftover after parsing attributes in process `syz.3.687'. [ 235.128524][ T6408] EXT4-fs (loop4): Remounting filesystem read-only [ 235.396472][ T6428] loop1: detected capacity change from 0 to 4096 [ 235.403789][ T6428] ext4: Unknown parameter 'seclabel' [ 235.592319][ T6429] 9pnet_fd: Insufficient options for proto=fd [ 235.655441][ T4271] EXT4-fs (loop4): unmounting filesystem. [ 235.946663][ T27] audit: type=1326 audit(1771460750.757:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6437 comm="syz.3.693" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7ffa05b9c629 code=0x0 [ 236.015196][ T6441] tipc: Cannot configure node identity twice [ 236.018252][ T6440] loop0: detected capacity change from 0 to 256 [ 236.094497][ T5520] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 236.144538][ T6440] loop0: detected capacity change from 0 to 256 [ 236.147376][ T5520] I/O error, dev loop0, sector 24 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 236.491065][ T6447] loop4: detected capacity change from 0 to 8192 [ 236.543519][ T6454] loop0: detected capacity change from 0 to 256 [ 236.723576][ T6457] netlink: 'syz.1.700': attribute type 4 has an invalid length. [ 237.270933][ T6469] tipc: Enabled bearer , priority 0 [ 237.289917][ T6469] device syzkaller0 entered promiscuous mode [ 237.399386][ T6469] tipc: Resetting bearer [ 237.423306][ T6467] tipc: Resetting bearer [ 237.492518][ T6467] tipc: Disabling bearer [ 238.825351][ T6488] loop1: detected capacity change from 0 to 1024 [ 238.906451][ T6488] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 238.928583][ T6488] ext4 filesystem being mounted at /140/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 239.126995][ T4269] EXT4-fs (loop1): unmounting filesystem. [ 239.242014][ T6499] tipc: Enabled bearer , priority 0 [ 239.270958][ T6499] device syzkaller0 entered promiscuous mode [ 239.350425][ T6501] __nla_validate_parse: 2 callbacks suppressed [ 239.350441][ T6501] netlink: 8 bytes leftover after parsing attributes in process `syz.1.715'. [ 239.362864][ T6499] tipc: Resetting bearer [ 239.389676][ T6501] netlink: 12 bytes leftover after parsing attributes in process `syz.1.715'. [ 239.400552][ T6498] tipc: Resetting bearer [ 239.411105][ T6501] netlink: 40 bytes leftover after parsing attributes in process `syz.1.715'. [ 239.432163][ T6501] netlink: 40 bytes leftover after parsing attributes in process `syz.1.715'. [ 239.480015][ T6498] tipc: Disabling bearer [ 240.269078][ T6523] loop1: detected capacity change from 0 to 1024 [ 240.316968][ T6525] loop3: detected capacity change from 0 to 512 [ 240.338442][ T6525] EXT4-fs: Ignoring removed oldalloc option [ 240.355244][ T6523] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 240.398919][ T6525] EXT4-fs (loop3): 1 truncate cleaned up [ 240.442649][ T6525] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 240.669410][ T4269] EXT4-fs (loop1): unmounting filesystem. [ 240.766812][ T4270] EXT4-fs (loop3): unmounting filesystem. [ 240.895794][ T6537] loop3: detected capacity change from 0 to 512 [ 240.902919][ T6537] EXT4-fs: Ignoring removed bh option [ 240.958269][ T6537] EXT4-fs: inline encryption not supported [ 240.981242][ T6537] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 241.054838][ T6537] EXT4-fs warning (device loop3): ext4_update_dynamic_rev:1086: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 241.108279][ T6537] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.728: bg 0: block 248: padding at end of block bitmap is not set [ 241.152435][ T6537] Quota error (device loop3): write_blk: dquota write failed [ 241.213011][ T6537] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota [ 241.224197][ T6537] EXT4-fs error (device loop3): ext4_acquire_dquot:6835: comm syz.3.728: Failed to acquire dquot type 1 [ 241.252105][ T6537] EXT4-fs (loop3): 1 truncate cleaned up [ 241.262480][ T6537] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 241.456341][ T6552] loop1: detected capacity change from 0 to 4096 [ 241.512043][ T6552] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 241.774246][ T4269] EXT4-fs (loop1): unmounting filesystem. [ 241.945012][ T4270] EXT4-fs (loop3): unmounting filesystem. [ 242.097807][ T6563] loop0: detected capacity change from 0 to 512 [ 242.123393][ T6563] EXT4-fs: Ignoring removed oldalloc option [ 242.183600][ T6563] EXT4-fs (loop0): 1 truncate cleaned up [ 242.189431][ T6563] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 242.300257][ T6569] loop2: detected capacity change from 0 to 128 [ 242.470364][ T4268] EXT4-fs (loop0): unmounting filesystem. [ 242.632938][ T6573] tipc: Enabled bearer , priority 0 [ 242.664371][ T6574] device syzkaller0 entered promiscuous mode [ 242.743462][ T6572] tipc: Resetting bearer [ 242.835432][ T6572] tipc: Disabling bearer [ 243.330031][ T6594] loop3: detected capacity change from 0 to 256 [ 243.402639][ T5520] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 243.536340][ T6599] loop3: detected capacity change from 0 to 1024 [ 243.536896][ T5520] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 243.618173][ T6601] loop1: detected capacity change from 0 to 512 [ 243.655348][ T6599] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 243.695072][ T6601] EXT4-fs: Ignoring removed oldalloc option [ 243.949032][ T6601] EXT4-fs (loop1): 1 truncate cleaned up [ 243.967670][ T6601] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 244.119805][ T6614] loop2: detected capacity change from 0 to 512 [ 244.133997][ T6614] EXT4-fs: Ignoring removed orlov option [ 245.432253][ T4269] EXT4-fs (loop1): unmounting filesystem. [ 245.846743][ T6614] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a00dc018, mo2=0002] [ 245.855198][ T6614] System zones: 0-2, 18-18, 34-35 [ 245.867498][ T6614] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 245.876943][ T6614] ext4 filesystem being mounted at /129/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 246.269073][ T4270] EXT4-fs (loop3): unmounting filesystem. [ 246.595266][ T6623] tipc: Enabled bearer , priority 0 [ 246.667779][ T6623] device syzkaller0 entered promiscuous mode [ 246.826347][ T6622] tipc: Resetting bearer [ 247.003185][ T4282] EXT4-fs (loop2): unmounting filesystem. [ 247.003497][ T6622] tipc: Disabling bearer [ 247.092391][ T27] audit: type=1326 audit(1771460761.897:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6627 comm="syz.3.759" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7ffa05b9c629 code=0x0 [ 248.170860][ T6628] bridge0: port 2(bridge_slave_1) entered disabled state [ 248.178453][ T6628] bridge0: port 1(bridge_slave_0) entered disabled state [ 248.843085][ T6628] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 248.950473][ T6676] loop2: detected capacity change from 0 to 512 [ 248.957925][ T6676] EXT4-fs: Ignoring removed orlov option [ 251.763996][ T6676] EXT4-fs warning (device loop2): ext4_multi_mount_protect:404: Unable to create kmmpd thread for loop2. [ 252.642071][ T6628] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 252.651111][ T6628] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 252.673729][ T6628] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 252.700284][ T6628] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 253.726194][ T6652] netlink: 'syz.4.767': attribute type 12 has an invalid length. [ 253.749892][ T6685] tipc: Enabled bearer , priority 0 [ 253.764327][ T6687] device syzkaller0 entered promiscuous mode [ 253.841320][ T6681] tipc: Resetting bearer [ 253.975729][ T6681] tipc: Disabling bearer [ 253.981542][ T6708] loop4: detected capacity change from 0 to 512 [ 254.050201][ T6712] loop2: detected capacity change from 0 to 512 [ 254.100929][ T6710] netlink: 4 bytes leftover after parsing attributes in process `syz.3.778'. [ 254.132188][ T6710] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 254.141703][ T6710] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 254.150775][ T6710] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 254.159687][ T6710] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 254.267912][ T6712] EXT4-fs (loop2): 1 truncate cleaned up [ 254.276462][ T6708] EXT4-fs (loop4): 1 truncate cleaned up [ 254.289672][ T6708] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 254.312531][ T6712] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 254.342200][ T6710] netdevsim netdevsim3 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 254.351374][ T6710] netdevsim netdevsim3 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 254.360450][ T6710] netdevsim netdevsim3 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 254.369330][ T6710] netdevsim netdevsim3 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 254.446424][ T6701] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.776: bg 0: block 465: padding at end of block bitmap is not set [ 254.474430][ T6712] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.777: bg 0: block 465: padding at end of block bitmap is not set [ 254.517288][ T6712] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6181: Corrupt filesystem [ 254.548571][ T6701] EXT4-fs (loop4): Remounting filesystem read-only [ 254.574352][ T6710] netlink: 4 bytes leftover after parsing attributes in process `syz.3.778'. [ 254.606954][ T6710] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 254.615978][ T6710] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 254.624827][ T6710] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 254.633529][ T6710] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 254.662515][ T4282] EXT4-fs (loop2): unmounting filesystem. [ 254.776651][ T6710] netdevsim netdevsim3 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 254.785795][ T6710] netdevsim netdevsim3 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 254.794778][ T6710] netdevsim netdevsim3 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 254.803862][ T6710] netdevsim netdevsim3 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 254.857845][ T4271] EXT4-fs (loop4): unmounting filesystem. [ 255.227907][ T6726] 8021q: adding VLAN 0 to HW filter on device bond4 [ 255.323012][ T6732] loop2: detected capacity change from 0 to 512 [ 255.330331][ T6732] EXT4-fs: Ignoring removed orlov option [ 255.345908][ T6726] bond0: (slave bond4): Enslaving as an active interface with an up link [ 255.767840][ T1277] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.774594][ T1277] ieee802154 phy1 wpan1: encryption failed: -22 [ 256.853960][ T6731] netlink: 14 bytes leftover after parsing attributes in process `syz.4.782'. [ 257.099948][ T6732] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a00dc018, mo2=0002] [ 257.108398][ T6732] System zones: 0-2, 18-18, 34-35 [ 257.746032][ T6732] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 257.755279][ T6732] ext4 filesystem being mounted at /141/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 258.235725][ T4282] EXT4-fs (loop2): unmounting filesystem. [ 258.334453][ T6731] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 258.433973][ T6731] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 258.518884][ T6745] loop2: detected capacity change from 0 to 512 [ 258.529264][ T6731] bond0 (unregistering): (slave bond4): Releasing backup interface [ 258.628868][ T6731] bond0 (unregistering): Released all slaves [ 258.656719][ T6745] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 258.733174][ T6745] ext4 filesystem being mounted at /142/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 258.941223][ T27] audit: type=1326 audit(1771460773.747:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6751 comm="syz.3.788" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7ffa05b9c629 code=0x0 [ 259.036570][ T4282] EXT4-fs (loop2): unmounting filesystem. [ 259.867946][ T6773] loop3: detected capacity change from 0 to 512 [ 259.876603][ T6773] ext4: Unknown parameter 'uid' [ 260.224809][ T6777] netlink: 60 bytes leftover after parsing attributes in process `syz.0.797'. [ 261.367907][ T6779] device bond0 entered promiscuous mode [ 261.449593][ T6779] device bond_slave_0 entered promiscuous mode [ 261.475376][ T6779] device bond_slave_1 entered promiscuous mode [ 261.528527][ T6779] device batadv0 entered promiscuous mode [ 261.570825][ T6779] hsr1: Slave A (bond0) is not up; please bring it up to get a fully working HSR network [ 261.713969][ T6779] hsr1: Slave B (batadv0) is not up; please bring it up to get a fully working HSR network [ 261.797547][ T6779] 8021q: adding VLAN 0 to HW filter on device hsr1 [ 262.350124][ T6795] loop2: detected capacity change from 0 to 128 [ 262.425655][ T6801] netlink: 8 bytes leftover after parsing attributes in process `syz.4.807'. [ 262.442568][ T27] audit: type=1326 audit(1771460777.247:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6797 comm="syz.1.806" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f455d79c629 code=0x0 [ 262.674350][ T6806] loop3: detected capacity change from 0 to 512 [ 262.704165][ T6806] EXT4-fs (loop3): couldn't mount as ext2 due to feature incompatibilities [ 262.751915][ T6808] loop4: detected capacity change from 0 to 128 [ 262.872488][ T6810] syz.4.808: attempt to access beyond end of device [ 262.872488][ T6810] loop4: rw=2049, sector=145, nr_sectors = 224 limit=128 [ 263.255640][ T4544] kworker/u4:10: attempt to access beyond end of device [ 263.255640][ T4544] loop4: rw=1, sector=369, nr_sectors = 672 limit=128 [ 263.336107][ T6798] bridge0: port 2(bridge_slave_1) entered disabled state [ 263.343571][ T6798] bridge0: port 1(bridge_slave_0) entered disabled state [ 265.732012][ T6798] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 265.820141][ T6798] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 266.651147][ T6798] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 266.660166][ T6798] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 266.669992][ T6798] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 266.679584][ T6798] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 267.604943][ T6852] netlink: 20 bytes leftover after parsing attributes in process `syz.0.823'. [ 267.659063][ T6852] netlink: 20 bytes leftover after parsing attributes in process `syz.0.823'. [ 267.700743][ T6857] loop2: detected capacity change from 0 to 1024 [ 267.833010][ T6857] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 268.005832][ T4282] EXT4-fs (loop2): unmounting filesystem. [ 268.189149][ T6872] device syzkaller0 entered promiscuous mode [ 268.232399][ T6872] tipc: Enabled bearer , priority 0 [ 268.324109][ T6871] tipc: Resetting bearer [ 268.337834][ T6874] netlink: 60 bytes leftover after parsing attributes in process `syz.1.832'. [ 268.383192][ T6871] tipc: Disabling bearer [ 268.753580][ T6884] loop2: detected capacity change from 0 to 512 [ 268.790952][ T6884] EXT4-fs: Ignoring removed oldalloc option [ 268.810224][ T6884] EXT4-fs (loop2): 1 truncate cleaned up [ 268.817776][ T6884] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 268.840079][ T27] audit: type=1800 audit(1771460783.647:79): pid=6884 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.836" name="file1" dev="loop2" ino=15 res=0 errno=0 [ 268.870579][ T4282] EXT4-fs (loop2): unmounting filesystem. [ 268.967933][ T6886] loop0: detected capacity change from 0 to 1024 [ 270.412680][ T6886] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 270.480735][ T6886] ext4 filesystem being mounted at /173/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 270.528556][ T6898] loop2: detected capacity change from 0 to 2048 [ 270.615307][ T6898] EXT4-fs: Ignoring removed i_version option [ 270.676184][ T4268] EXT4-fs (loop0): unmounting filesystem. [ 270.690528][ T6898] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 270.785581][ T6898] ext4 filesystem being mounted at /155/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 271.335716][ T6912] loop3: detected capacity change from 0 to 128 [ 271.342837][ T6912] FAT-fs (loop3): Unrecognized mount option "18446744073709551615" or missing value [ 272.411506][ T27] audit: type=1800 audit(1771460787.217:80): pid=6898 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.840" name="file1" dev="loop2" ino=15 res=0 errno=0 [ 273.104716][ T4443] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 273.255114][ T4282] EXT4-fs (loop2): unmounting filesystem. [ 273.698666][ T6929] loop0: detected capacity change from 0 to 512 [ 273.744591][ T6929] EXT4-fs: Ignoring removed oldalloc option [ 273.770187][ T6929] EXT4-fs (loop0): 1 truncate cleaned up [ 273.791395][ T6935] loop1: detected capacity change from 0 to 128 [ 273.863921][ T6929] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 273.931054][ T27] audit: type=1800 audit(1771460788.737:81): pid=6937 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.850" name="file1" dev="loop0" ino=15 res=0 errno=0 [ 274.170447][ T4268] EXT4-fs (loop0): unmounting filesystem. [ 275.629540][ T6938] loop2: detected capacity change from 0 to 8192 [ 275.636007][ T6947] loop1: detected capacity change from 0 to 1024 [ 275.730443][ T6938] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 275.759444][ T6947] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 275.787744][ T6955] netlink: 'syz.0.861': attribute type 1 has an invalid length. [ 275.795577][ T6955] netlink: 'syz.0.861': attribute type 2 has an invalid length. [ 275.810506][ T6947] ext4 filesystem being mounted at /175/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 276.162642][ T4269] EXT4-fs (loop1): unmounting filesystem. [ 276.419076][ T6964] qfq: no options [ 276.837074][ T6970] loop4: detected capacity change from 0 to 512 [ 276.844428][ T6970] EXT4-fs: Ignoring removed orlov option [ 277.937026][ T6969] loop1: detected capacity change from 0 to 512 [ 279.907150][ T6970] EXT4-fs: failed to create workqueue [ 279.912582][ T6970] EXT4-fs (loop4): mount failed [ 279.966190][ T6969] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem [ 280.293735][ T6969] EXT4-fs: failed to create workqueue [ 280.309596][ T6969] EXT4-fs (loop1): mount failed [ 280.611135][ T6980] loop2: detected capacity change from 0 to 512 [ 280.650425][ T6980] EXT4-fs: Ignoring removed oldalloc option [ 280.757273][ T6980] EXT4-fs (loop2): 1 truncate cleaned up [ 280.762992][ T6980] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 281.001450][ T4282] EXT4-fs (loop2): unmounting filesystem. [ 281.453407][ T7001] loop3: detected capacity change from 0 to 1024 [ 281.635417][ T7001] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 281.661655][ T7001] ext4 filesystem being mounted at /174/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 281.770476][ T4270] EXT4-fs (loop3): unmounting filesystem. [ 283.204559][ T7013] netlink: 28 bytes leftover after parsing attributes in process `syz.3.878'. [ 283.254291][ T7013] netlink: 28 bytes leftover after parsing attributes in process `syz.3.878'. [ 283.484395][ T7019] loop3: detected capacity change from 0 to 512 [ 283.522011][ T7019] EXT4-fs: Ignoring removed oldalloc option [ 283.576842][ T7019] EXT4-fs (loop3): 1 truncate cleaned up [ 283.582566][ T7019] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 283.727248][ T4270] EXT4-fs (loop3): unmounting filesystem. [ 284.748768][ T7042] netlink: 60 bytes leftover after parsing attributes in process `syz.0.889'. [ 286.335127][ T7051] loop2: detected capacity change from 0 to 512 [ 286.342374][ T7051] EXT4-fs: Ignoring removed orlov option [ 289.955264][ T7051] EXT4-fs warning (device loop2): ext4_multi_mount_protect:404: Unable to create kmmpd thread for loop2. [ 292.004412][ T7064] loop3: detected capacity change from 0 to 512 [ 292.036970][ T7064] EXT4-fs: Ignoring removed oldalloc option [ 292.153087][ T7064] EXT4-fs (loop3): 1 truncate cleaned up [ 292.233795][ T7064] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 292.300900][ T27] audit: type=1800 audit(1771460807.107:82): pid=7069 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.894" name="file1" dev="loop3" ino=15 res=0 errno=0 [ 292.479322][ T4270] EXT4-fs (loop3): unmounting filesystem. [ 293.019490][ T7084] netlink: 60 bytes leftover after parsing attributes in process `syz.0.902'. [ 295.058791][ T7103] loop3: detected capacity change from 0 to 512 [ 295.114211][ T7103] EXT4-fs: Ignoring removed oldalloc option [ 295.141390][ T7103] EXT4-fs (loop3): 1 truncate cleaned up [ 295.149571][ T7103] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 295.372241][ T4270] EXT4-fs (loop3): unmounting filesystem. [ 296.137405][ T7123] netlink: 60 bytes leftover after parsing attributes in process `syz.3.915'. [ 299.100348][ T7140] loop2: detected capacity change from 0 to 1024 [ 299.220973][ T7140] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 299.474880][ T4282] EXT4-fs (loop2): unmounting filesystem. [ 301.477227][ T7174] loop0: detected capacity change from 0 to 256 [ 301.606891][ T7174] FAT-fs (loop0): Directory bread(block 64) failed [ 301.630971][ T7174] FAT-fs (loop0): Directory bread(block 65) failed [ 301.653465][ T7174] FAT-fs (loop0): Directory bread(block 66) failed [ 301.679755][ T7174] FAT-fs (loop0): Directory bread(block 67) failed [ 301.698087][ T7174] FAT-fs (loop0): Directory bread(block 68) failed [ 301.714158][ T7174] FAT-fs (loop0): Directory bread(block 69) failed [ 301.728715][ T7174] FAT-fs (loop0): Directory bread(block 70) failed [ 301.749133][ T7174] FAT-fs (loop0): Directory bread(block 71) failed [ 301.766174][ T7174] FAT-fs (loop0): Directory bread(block 72) failed [ 301.786328][ T7174] FAT-fs (loop0): Directory bread(block 73) failed [ 301.937907][ T7174] syz.0.917: attempt to access beyond end of device [ 301.937907][ T7174] loop0: rw=524288, sector=1736, nr_sectors = 32 limit=256 [ 301.990237][ T7174] syz.0.917: attempt to access beyond end of device [ 301.990237][ T7174] loop0: rw=0, sector=1736, nr_sectors = 8 limit=256 [ 302.061173][ T27] audit: type=1804 audit(1771460816.867:83): pid=7185 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.917" name="/newroot/189/file1/file0" dev="loop0" ino=1048613 res=1 errno=0 [ 302.062656][ T7185] syz.0.917: attempt to access beyond end of device [ 302.062656][ T7185] loop0: rw=0, sector=1736, nr_sectors = 8 limit=256 [ 302.135067][ T27] audit: type=1800 audit(1771460816.867:84): pid=7174 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.917" name="file0" dev="loop0" ino=1048613 res=0 errno=0 [ 302.290209][ T27] audit: type=1800 audit(1771460817.077:85): pid=7185 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.917" name="file0" dev="loop0" ino=1048613 res=0 errno=0 [ 302.303969][ T7191] loop3: detected capacity change from 0 to 1024 [ 302.437008][ T7191] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 302.615751][ T4270] EXT4-fs (loop3): unmounting filesystem. [ 303.271124][ T7228] loop1: detected capacity change from 0 to 256 [ 303.326212][ T7228] FAT-fs (loop1): Directory bread(block 64) failed [ 303.333907][ T7228] FAT-fs (loop1): Directory bread(block 65) failed [ 303.351345][ T7228] FAT-fs (loop1): Directory bread(block 66) failed [ 303.393029][ T7228] FAT-fs (loop1): Directory bread(block 67) failed [ 303.433168][ T7228] FAT-fs (loop1): Directory bread(block 68) failed [ 303.447462][ T7228] FAT-fs (loop1): Directory bread(block 69) failed [ 303.474664][ T7228] FAT-fs (loop1): Directory bread(block 70) failed [ 303.489500][ T7228] FAT-fs (loop1): Directory bread(block 71) failed [ 303.509209][ T7228] FAT-fs (loop1): Directory bread(block 72) failed [ 303.520654][ T7228] FAT-fs (loop1): Directory bread(block 73) failed [ 303.637385][ T7228] syz.1.950: attempt to access beyond end of device [ 303.637385][ T7228] loop1: rw=524288, sector=1736, nr_sectors = 32 limit=256 [ 303.697213][ T7228] syz.1.950: attempt to access beyond end of device [ 303.697213][ T7228] loop1: rw=0, sector=1736, nr_sectors = 8 limit=256 [ 303.704917][ T7234] loop3: detected capacity change from 0 to 1024 [ 303.738026][ T27] audit: type=1804 audit(1771460818.547:86): pid=7237 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.950" name="/newroot/193/file1/file0" dev="loop1" ino=1048614 res=1 errno=0 [ 303.738241][ T7237] syz.1.950: attempt to access beyond end of device [ 303.738241][ T7237] loop1: rw=0, sector=1736, nr_sectors = 8 limit=256 [ 303.807138][ T27] audit: type=1800 audit(1771460818.547:87): pid=7228 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.950" name="file0" dev="loop1" ino=1048614 res=0 errno=0 [ 303.851589][ T7234] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 303.872473][ T27] audit: type=1800 audit(1771460818.597:88): pid=7237 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.950" name="file0" dev="loop1" ino=1048614 res=0 errno=0 [ 304.140900][ T4270] EXT4-fs (loop3): unmounting filesystem. [ 304.754939][ T7268] loop3: detected capacity change from 0 to 256 [ 304.830396][ T7268] FAT-fs (loop3): Directory bread(block 64) failed [ 304.853026][ T7268] FAT-fs (loop3): Directory bread(block 65) failed [ 304.886475][ T7268] FAT-fs (loop3): Directory bread(block 66) failed [ 304.936603][ T7268] FAT-fs (loop3): Directory bread(block 67) failed [ 304.962550][ T7268] FAT-fs (loop3): Directory bread(block 68) failed [ 304.989330][ T7268] FAT-fs (loop3): Directory bread(block 69) failed [ 304.998208][ T7276] loop1: detected capacity change from 0 to 512 [ 305.004958][ T7268] FAT-fs (loop3): Directory bread(block 70) failed [ 305.023511][ T7278] loop4: detected capacity change from 0 to 1024 [ 305.049576][ T7268] FAT-fs (loop3): Directory bread(block 71) failed [ 305.068480][ T7268] FAT-fs (loop3): Directory bread(block 72) failed [ 305.097406][ T7276] EXT4-fs (loop1): 1 truncate cleaned up [ 305.103284][ T7268] FAT-fs (loop3): Directory bread(block 73) failed [ 305.118816][ T7276] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 305.119577][ T7278] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 305.172594][ T7278] Set syz1 is full, maxelem 2 reached [ 305.252847][ T7268] syz.3.966: attempt to access beyond end of device [ 305.252847][ T7268] loop3: rw=524288, sector=1736, nr_sectors = 32 limit=256 [ 305.290904][ T7275] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.969: bg 0: block 465: padding at end of block bitmap is not set [ 305.313976][ T7268] syz.3.966: attempt to access beyond end of device [ 305.313976][ T7268] loop3: rw=0, sector=1736, nr_sectors = 8 limit=256 [ 305.338100][ T4271] EXT4-fs (loop4): unmounting filesystem. [ 305.348842][ T7275] EXT4-fs (loop1): Remounting filesystem read-only [ 305.370296][ T27] audit: type=1800 audit(1771460820.167:89): pid=7268 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.966" name="file0" dev="loop3" ino=1048615 res=0 errno=0 [ 305.372481][ T7268] syz.3.966: attempt to access beyond end of device [ 305.372481][ T7268] loop3: rw=0, sector=1736, nr_sectors = 8 limit=256 [ 305.418761][ T7268] syz.3.966: attempt to access beyond end of device [ 305.418761][ T7268] loop3: rw=0, sector=1736, nr_sectors = 8 limit=256 [ 305.542360][ T4269] EXT4-fs (loop1): unmounting filesystem. [ 305.839885][ T7296] loop2: detected capacity change from 0 to 256 [ 306.104815][ T7296] loop2: detected capacity change from 0 to 4096 [ 306.152761][ T7296] ext4: Unknown parameter 'seclabel' [ 306.586153][ T7316] loop3: detected capacity change from 0 to 256 [ 306.880386][ T7319] loop0: detected capacity change from 0 to 512 [ 306.965215][ T7316] FAT-fs (loop3): Directory bread(block 64) failed [ 307.010890][ T7316] FAT-fs (loop3): Directory bread(block 65) failed [ 307.071139][ T7319] EXT4-fs (loop0): 1 truncate cleaned up [ 307.109008][ T7319] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 307.134333][ T7316] FAT-fs (loop3): Directory bread(block 66) failed [ 307.140927][ T7316] FAT-fs (loop3): Directory bread(block 67) failed [ 307.184098][ T7316] FAT-fs (loop3): Directory bread(block 68) failed [ 307.190834][ T7316] FAT-fs (loop3): Directory bread(block 69) failed [ 307.222056][ T7318] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz.0.985: bg 0: block 465: padding at end of block bitmap is not set [ 307.242776][ T7316] FAT-fs (loop3): Directory bread(block 70) failed [ 307.292070][ T7316] FAT-fs (loop3): Directory bread(block 71) failed [ 307.300229][ T7316] FAT-fs (loop3): Directory bread(block 72) failed [ 307.309041][ T7318] EXT4-fs (loop0): Remounting filesystem read-only [ 307.316294][ T7316] FAT-fs (loop3): Directory bread(block 73) failed [ 307.410734][ T4268] EXT4-fs (loop0): unmounting filesystem. [ 307.507490][ T7316] bio_check_eod: 12 callbacks suppressed [ 307.507509][ T7316] syz.3.986: attempt to access beyond end of device [ 307.507509][ T7316] loop3: rw=524288, sector=1736, nr_sectors = 32 limit=256 [ 307.544226][ T7316] syz.3.986: attempt to access beyond end of device [ 307.544226][ T7316] loop3: rw=0, sector=1736, nr_sectors = 8 limit=256 [ 307.591251][ T27] audit: type=1800 audit(1771460822.397:90): pid=7316 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.986" name="file0" dev="loop3" ino=1048616 res=0 errno=0 [ 307.640279][ T7316] syz.3.986: attempt to access beyond end of device [ 307.640279][ T7316] loop3: rw=0, sector=1736, nr_sectors = 8 limit=256 [ 307.699619][ T7332] syz.3.986: attempt to access beyond end of device [ 307.699619][ T7332] loop3: rw=0, sector=1736, nr_sectors = 8 limit=256 [ 307.729876][ T7316] syz.3.986: attempt to access beyond end of device [ 307.729876][ T7316] loop3: rw=0, sector=1736, nr_sectors = 8 limit=256 [ 307.767469][ T7332] syz.3.986: attempt to access beyond end of device [ 307.767469][ T7332] loop3: rw=0, sector=1736, nr_sectors = 8 limit=256 [ 307.812720][ T7316] syz.3.986: attempt to access beyond end of device [ 307.812720][ T7316] loop3: rw=0, sector=1736, nr_sectors = 8 limit=256 [ 307.849092][ T7332] syz.3.986: attempt to access beyond end of device [ 307.849092][ T7332] loop3: rw=0, sector=1736, nr_sectors = 8 limit=256 [ 307.898104][ T7337] syz.3.986: attempt to access beyond end of device [ 307.898104][ T7337] loop3: rw=0, sector=1736, nr_sectors = 8 limit=256 [ 307.982271][ T7316] syz.3.986: attempt to access beyond end of device [ 307.982271][ T7316] loop3: rw=0, sector=1736, nr_sectors = 8 limit=256 [ 308.338277][ T27] audit: type=1326 audit(1771460823.147:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7343 comm="syz.4.994" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7ff42459c629 code=0x0 [ 308.382766][ T7356] loop1: detected capacity change from 0 to 256 [ 308.553101][ T7361] loop2: detected capacity change from 0 to 512 [ 308.675439][ T7361] EXT4-fs (loop2): 1 truncate cleaned up [ 308.699845][ T7361] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 308.729026][ T7360] loop1: detected capacity change from 0 to 4096 [ 308.750452][ T7359] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.1000: bg 0: block 465: padding at end of block bitmap is not set [ 308.781936][ T7360] ext4: Unknown parameter 'seclabel' [ 309.365157][ T7359] EXT4-fs (loop2): Remounting filesystem read-only [ 309.751707][ T4282] EXT4-fs (loop2): unmounting filesystem. [ 310.290847][ T7351] bridge0: port 2(bridge_slave_1) entered disabled state [ 310.299079][ T7351] bridge0: port 1(bridge_slave_0) entered disabled state [ 311.057866][ T7351] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 311.116960][ T7351] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 311.620653][ T7351] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 311.631155][ T7351] netdevsim netdevsim4 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 311.641580][ T7351] netdevsim netdevsim4 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 311.651302][ T7351] netdevsim netdevsim4 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 312.199494][ T7398] loop2: detected capacity change from 0 to 256 [ 312.343491][ T7398] FAT-fs (loop2): Directory bread(block 64) failed [ 312.389674][ T7398] FAT-fs (loop2): Directory bread(block 65) failed [ 312.431391][ T7398] FAT-fs (loop2): Directory bread(block 66) failed [ 312.456432][ T7398] FAT-fs (loop2): Directory bread(block 67) failed [ 312.464327][ T7398] FAT-fs (loop2): Directory bread(block 68) failed [ 312.472224][ T7398] FAT-fs (loop2): Directory bread(block 69) failed [ 312.488038][ T7398] FAT-fs (loop2): Directory bread(block 70) failed [ 312.495200][ T7398] FAT-fs (loop2): Directory bread(block 71) failed [ 312.502052][ T7398] FAT-fs (loop2): Directory bread(block 72) failed [ 312.539791][ T7398] FAT-fs (loop2): Directory bread(block 73) failed [ 312.613408][ T7406] loop1: detected capacity change from 0 to 512 [ 312.705214][ T7406] EXT4-fs (loop1): 1 truncate cleaned up [ 312.724043][ T7406] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 312.765602][ T7405] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.1012: bg 0: block 465: padding at end of block bitmap is not set [ 312.789009][ T7398] bio_check_eod: 6 callbacks suppressed [ 312.789026][ T7398] syz.2.1008: attempt to access beyond end of device [ 312.789026][ T7398] loop2: rw=524288, sector=1736, nr_sectors = 32 limit=256 [ 312.812012][ T7405] EXT4-fs (loop1): Remounting filesystem read-only [ 312.923174][ T7398] syz.2.1008: attempt to access beyond end of device [ 312.923174][ T7398] loop2: rw=0, sector=1736, nr_sectors = 8 limit=256 [ 312.971532][ T27] audit: type=1800 audit(1771460827.777:92): pid=7398 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1008" name="file0" dev="loop2" ino=1048617 res=0 errno=0 [ 313.012149][ T4269] EXT4-fs (loop1): unmounting filesystem. [ 313.242099][ T7421] loop0: detected capacity change from 0 to 512 [ 313.254660][ T7421] EXT4-fs: Ignoring removed oldalloc option [ 313.284900][ T7421] EXT4-fs (loop0): 1 truncate cleaned up [ 313.291011][ T7421] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 313.342003][ T4268] EXT4-fs (loop0): unmounting filesystem. [ 313.481883][ T7431] loop0: detected capacity change from 0 to 256 [ 313.527956][ T7433] loop3: detected capacity change from 0 to 256 [ 313.761991][ T7433] loop3: detected capacity change from 0 to 4096 [ 313.789275][ T7433] ext4: Unknown parameter 'seclabel' [ 314.549458][ T7442] loop1: detected capacity change from 0 to 512 [ 314.771708][ T7442] EXT4-fs (loop1): 1 truncate cleaned up [ 314.804158][ T7442] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 314.827777][ T7452] loop2: detected capacity change from 0 to 512 [ 314.835761][ T7452] EXT4-fs: Ignoring removed oldalloc option [ 314.867431][ T7452] EXT4-fs (loop2): 1 truncate cleaned up [ 314.878915][ T7441] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.1026: bg 0: block 465: padding at end of block bitmap is not set [ 314.884098][ T7452] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 314.902573][ T7455] loop0: detected capacity change from 0 to 256 [ 314.914063][ T7441] EXT4-fs (loop1): Remounting filesystem read-only [ 315.020584][ T7455] FAT-fs (loop0): Directory bread(block 64) failed [ 315.027651][ T7455] FAT-fs (loop0): Directory bread(block 65) failed [ 315.046042][ T7455] FAT-fs (loop0): Directory bread(block 66) failed [ 315.053284][ T7455] FAT-fs (loop0): Directory bread(block 67) failed [ 315.060845][ T7455] FAT-fs (loop0): Directory bread(block 68) failed [ 315.068435][ T4269] EXT4-fs (loop1): unmounting filesystem. [ 315.103366][ T7455] FAT-fs (loop0): Directory bread(block 69) failed [ 315.126228][ T7455] FAT-fs (loop0): Directory bread(block 70) failed [ 315.147624][ T7455] FAT-fs (loop0): Directory bread(block 71) failed [ 315.184392][ T7455] FAT-fs (loop0): Directory bread(block 72) failed [ 315.205672][ T7455] FAT-fs (loop0): Directory bread(block 73) failed [ 315.409992][ T4282] EXT4-fs (loop2): unmounting filesystem. [ 315.435767][ T7455] syz.0.1027: attempt to access beyond end of device [ 315.435767][ T7455] loop0: rw=524288, sector=1736, nr_sectors = 32 limit=256 [ 315.457031][ T7455] syz.0.1027: attempt to access beyond end of device [ 315.457031][ T7455] loop0: rw=0, sector=1736, nr_sectors = 8 limit=256 [ 315.498393][ T27] audit: type=1800 audit(1771460830.307:93): pid=7455 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1027" name="file0" dev="loop0" ino=1048618 res=0 errno=0 [ 315.508101][ T7455] syz.0.1027: attempt to access beyond end of device [ 315.508101][ T7455] loop0: rw=0, sector=1736, nr_sectors = 8 limit=256 [ 315.647853][ T7465] syz.0.1027: attempt to access beyond end of device [ 315.647853][ T7465] loop0: rw=0, sector=1736, nr_sectors = 8 limit=256 [ 315.714481][ T7455] syz.0.1027: attempt to access beyond end of device [ 315.714481][ T7455] loop0: rw=0, sector=1736, nr_sectors = 8 limit=256 [ 315.765349][ T7455] syz.0.1027: attempt to access beyond end of device [ 315.765349][ T7455] loop0: rw=0, sector=1736, nr_sectors = 8 limit=256 [ 315.772054][ T7472] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1036'. [ 315.792553][ T7471] sctp: [Deprecated]: syz.1.1035 (pid 7471) Use of int in maxseg socket option. [ 315.792553][ T7471] Use struct sctp_assoc_value instead [ 315.795425][ T7455] syz.0.1027: attempt to access beyond end of device [ 315.795425][ T7455] loop0: rw=0, sector=1736, nr_sectors = 8 limit=256 [ 315.821627][ T7465] syz.0.1027: attempt to access beyond end of device [ 315.821627][ T7465] loop0: rw=0, sector=1736, nr_sectors = 8 limit=256 [ 316.170655][ T7481] loop0: detected capacity change from 0 to 256 [ 316.221095][ T5520] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 316.299215][ T7485] EXT4-fs (loop4): 1 truncate cleaned up [ 316.333848][ T7485] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 316.401437][ T7484] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.1042: bg 0: block 465: padding at end of block bitmap is not set [ 316.485885][ T7484] EXT4-fs (loop4): Remounting filesystem read-only [ 316.518710][ T7481] ext4: Unknown parameter 'seclabel' [ 317.568297][ T1277] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.575588][ T1277] ieee802154 phy1 wpan1: encryption failed: -22 [ 317.619427][ T4271] EXT4-fs (loop4): unmounting filesystem. [ 317.670574][ T7494] set_capacity_and_notify: 2 callbacks suppressed [ 317.670587][ T7494] loop2: detected capacity change from 0 to 512 [ 317.684643][ T7494] EXT4-fs: Ignoring removed oldalloc option [ 317.811692][ T7494] EXT4-fs (loop2): 1 truncate cleaned up [ 317.839857][ T7494] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 317.971372][ T4282] EXT4-fs (loop2): unmounting filesystem. [ 318.255342][ T7503] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1047'. [ 320.485829][ T7523] loop4: detected capacity change from 0 to 512 [ 320.540740][ T7523] EXT4-fs (loop4): 1 truncate cleaned up [ 320.548238][ T7523] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 320.658913][ T7520] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.1055: bg 0: block 465: padding at end of block bitmap is not set [ 320.735511][ T7520] EXT4-fs (loop4): Remounting filesystem read-only [ 320.811953][ T7537] loop0: detected capacity change from 0 to 512 [ 320.821885][ T7536] loop2: detected capacity change from 0 to 256 [ 320.883039][ T7537] EXT4-fs (loop0): 1 truncate cleaned up [ 320.912548][ T7537] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 321.152374][ T7536] loop2: detected capacity change from 0 to 4096 [ 321.168331][ T4268] EXT4-fs (loop0): unmounting filesystem. [ 321.180031][ T7536] ext4: Unknown parameter 'seclabel' [ 322.296589][ T4271] EXT4-fs (loop4): unmounting filesystem. [ 322.438190][ T7542] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1059'. [ 323.789549][ T27] audit: type=1326 audit(1771460838.597:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7552 comm="syz.1.1064" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f455d79c629 code=0x0 [ 324.126270][ T7567] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1062'. [ 324.700509][ T7573] loop2: detected capacity change from 0 to 512 [ 324.748528][ T7573] EXT4-fs (loop2): 1 truncate cleaned up [ 324.761068][ T7573] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 324.951314][ T4282] EXT4-fs (loop2): unmounting filesystem. [ 325.216840][ T7579] loop0: detected capacity change from 0 to 512 [ 325.277388][ T7579] EXT4-fs (loop0): 1 truncate cleaned up [ 325.289392][ T7579] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 325.368018][ T7578] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz.0.1071: bg 0: block 465: padding at end of block bitmap is not set [ 325.477525][ T7578] EXT4-fs (loop0): Remounting filesystem read-only [ 325.678002][ T7585] loop3: detected capacity change from 0 to 512 [ 325.694952][ T7585] EXT4-fs: Ignoring removed oldalloc option [ 325.765731][ T7585] EXT4-fs (loop3): 1 truncate cleaned up [ 325.806627][ T7585] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 326.168921][ T4270] EXT4-fs (loop3): unmounting filesystem. [ 326.210739][ T4268] EXT4-fs (loop0): unmounting filesystem. [ 326.238300][ T7588] loop2: detected capacity change from 0 to 256 [ 326.416384][ T4443] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 326.652083][ T7588] loop2: detected capacity change from 0 to 4096 [ 326.673490][ T7599] loop1: detected capacity change from 0 to 512 [ 326.680261][ T7588] ext4: Unknown parameter 'seclabel' [ 326.890329][ T7599] EXT4-fs (loop1): 1 truncate cleaned up [ 326.901076][ T7599] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 328.168973][ T4269] EXT4-fs (loop1): unmounting filesystem. [ 328.291665][ T7615] loop4: detected capacity change from 0 to 512 [ 328.344922][ T7615] EXT4-fs: Ignoring removed oldalloc option [ 328.382379][ T7620] loop2: detected capacity change from 0 to 512 [ 328.413231][ T7615] EXT4-fs (loop4): 1 truncate cleaned up [ 328.456965][ T7620] EXT4-fs (loop2): 1 truncate cleaned up [ 328.463732][ T7615] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 328.500858][ T7620] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 328.628365][ T4271] EXT4-fs (loop4): unmounting filesystem. [ 328.639087][ T7617] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.1085: bg 0: block 465: padding at end of block bitmap is not set [ 328.759159][ T7617] EXT4-fs (loop2): Remounting filesystem read-only [ 328.799851][ T27] audit: type=1326 audit(1771460843.607:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7624 comm="syz.3.1086" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7ffa05b9c629 code=0x0 [ 329.740462][ T4282] EXT4-fs (loop2): unmounting filesystem. [ 330.395480][ T7646] loop3: detected capacity change from 0 to 512 [ 331.944119][ T7646] EXT4-fs (loop3): 1 truncate cleaned up [ 332.803802][ T7646] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 333.091982][ T4270] EXT4-fs (loop3): unmounting filesystem. [ 333.445613][ T7665] loop0: detected capacity change from 0 to 512 [ 333.453274][ T7665] EXT4-fs: Ignoring removed oldalloc option [ 333.517639][ T7665] EXT4-fs (loop0): 1 truncate cleaned up [ 333.592092][ T7665] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 333.902355][ T4268] EXT4-fs (loop0): unmounting filesystem. [ 334.059924][ T7680] loop0: detected capacity change from 0 to 128 [ 335.950600][ T7699] loop4: detected capacity change from 0 to 512 [ 337.097074][ T7714] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1113'. [ 339.086397][ T7740] loop0: detected capacity change from 0 to 512 [ 339.115145][ T7740] EXT4-fs: Ignoring removed oldalloc option [ 339.164044][ T7740] EXT4-fs (loop0): 1 truncate cleaned up [ 339.186176][ T7740] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 339.575593][ T7746] loop3: detected capacity change from 0 to 1024 [ 339.643494][ T4268] EXT4-fs (loop0): unmounting filesystem. [ 339.757512][ T7751] loop1: detected capacity change from 0 to 128 [ 339.772064][ T7746] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 340.028524][ T4270] EXT4-fs (loop3): unmounting filesystem. [ 342.230366][ T7784] netlink: 52 bytes leftover after parsing attributes in process `syz.3.1133'. [ 342.744525][ T27] audit: type=1326 audit(1771460857.547:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7781 comm="syz.0.1134" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fcfcd39c629 code=0x0 [ 344.070279][ T7788] bridge0: port 2(bridge_slave_1) entered disabled state [ 344.077848][ T7788] bridge0: port 1(bridge_slave_0) entered disabled state [ 344.371343][ T7807] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1140'. [ 346.329855][ T7788] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 346.407050][ T7788] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 346.822891][ T7788] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 346.837294][ T7788] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 346.906815][ T7788] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 346.916180][ T7788] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 347.173797][ T7788] syz.0.1134 (7788) used greatest stack depth: 19800 bytes left [ 347.359401][ T7836] loop0: detected capacity change from 0 to 256 [ 347.412701][ T7834] netlink: 84 bytes leftover after parsing attributes in process `syz.2.1146'. [ 347.601771][ T7842] loop4: detected capacity change from 0 to 512 [ 347.765161][ T7842] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 347.788394][ T7842] ext4 filesystem being mounted at /231/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 348.890912][ T4271] EXT4-fs (loop4): unmounting filesystem. [ 349.352840][ T27] audit: type=1326 audit(1771460864.157:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7866 comm="syz.4.1156" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7ff42459c629 code=0x0 [ 349.561079][ T7878] loop0: detected capacity change from 0 to 256 [ 350.749282][ T7900] loop3: detected capacity change from 0 to 128 [ 351.425548][ T7908] loop1: detected capacity change from 0 to 256 [ 351.517758][ T7908] FAT-fs (loop1): Directory bread(block 64) failed [ 351.550746][ T7908] FAT-fs (loop1): Directory bread(block 65) failed [ 351.577623][ T7908] FAT-fs (loop1): Directory bread(block 66) failed [ 351.598655][ T7910] netlink: 84 bytes leftover after parsing attributes in process `syz.0.1173'. [ 351.618276][ T7908] FAT-fs (loop1): Directory bread(block 67) failed [ 351.636167][ T7908] FAT-fs (loop1): Directory bread(block 68) failed [ 351.659576][ T7908] FAT-fs (loop1): Directory bread(block 69) failed [ 351.683428][ T7908] FAT-fs (loop1): Directory bread(block 70) failed [ 351.700665][ T7908] FAT-fs (loop1): Directory bread(block 71) failed [ 351.710969][ T7908] FAT-fs (loop1): Directory bread(block 72) failed [ 351.721885][ T7908] FAT-fs (loop1): Directory bread(block 73) failed [ 351.820602][ T7908] bio_check_eod: 4 callbacks suppressed [ 351.820620][ T7908] syz.1.1172: attempt to access beyond end of device [ 351.820620][ T7908] loop1: rw=524288, sector=1736, nr_sectors = 32 limit=256 [ 351.882078][ T7908] syz.1.1172: attempt to access beyond end of device [ 351.882078][ T7908] loop1: rw=0, sector=1736, nr_sectors = 8 limit=256 [ 351.910800][ T27] audit: type=1800 audit(1771460866.717:98): pid=7908 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1172" name="file0" dev="loop1" ino=1048621 res=0 errno=0 [ 352.943914][ T7921] netlink: 'syz.3.1175': attribute type 28 has an invalid length. [ 352.962178][ T7921] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1175'. [ 353.348098][ T7940] loop3: detected capacity change from 0 to 256 [ 353.379013][ T7940] FAT-fs (loop3): Directory bread(block 64) failed [ 353.389434][ T7940] FAT-fs (loop3): Directory bread(block 65) failed [ 353.399679][ T7940] FAT-fs (loop3): Directory bread(block 66) failed [ 353.415841][ T7940] FAT-fs (loop3): Directory bread(block 67) failed [ 353.422621][ T7940] FAT-fs (loop3): Directory bread(block 68) failed [ 353.430080][ T7940] FAT-fs (loop3): Directory bread(block 69) failed [ 353.437226][ T7940] FAT-fs (loop3): Directory bread(block 70) failed [ 353.444453][ T7940] FAT-fs (loop3): Directory bread(block 71) failed [ 353.451174][ T7940] FAT-fs (loop3): Directory bread(block 72) failed [ 353.458447][ T7940] FAT-fs (loop3): Directory bread(block 73) failed [ 353.542907][ T7940] syz.3.1184: attempt to access beyond end of device [ 353.542907][ T7940] loop3: rw=524288, sector=1736, nr_sectors = 32 limit=256 [ 353.623164][ T7940] syz.3.1184: attempt to access beyond end of device [ 353.623164][ T7940] loop3: rw=0, sector=1736, nr_sectors = 8 limit=256 [ 353.777606][ T27] audit: type=1800 audit(1771460868.587:99): pid=7940 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1184" name="file0" dev="loop3" ino=1048622 res=0 errno=0 [ 354.198123][ T7960] netlink: 84 bytes leftover after parsing attributes in process `syz.4.1189'. [ 354.486219][ T27] audit: type=1326 audit(1771460869.287:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7963 comm="syz.0.1191" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fcfcd39c629 code=0x0 [ 355.142911][ T7978] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1196'. [ 356.268064][ T7986] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1200'. [ 356.713446][ T7991] netlink: 84 bytes leftover after parsing attributes in process `syz.4.1202'. [ 356.755453][ T7993] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1203'. [ 357.513343][ T8012] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1208'. [ 359.125909][ T8020] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1212'. [ 360.607370][ T8027] loop0: detected capacity change from 0 to 512 [ 360.679211][ T8029] netlink: 84 bytes leftover after parsing attributes in process `syz.1.1216'. [ 360.809194][ T8027] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 360.823939][ T8027] ext4 filesystem being mounted at /248/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 361.226649][ T8039] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1217'. [ 361.289685][ T8039] bridge1: trying to set multicast startup query interval above maximum, setting to 8640000 (86400000ms) [ 361.301378][ T27] audit: type=1326 audit(1771460876.117:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8035 comm="syz.2.1214" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f68ac19c629 code=0x0 [ 361.404443][ T8039] device bridge1 entered promiscuous mode [ 362.067038][ T8049] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1219'. [ 363.714379][ T4268] EXT4-fs (loop0): unmounting filesystem. [ 364.397260][ T8063] loop3: detected capacity change from 0 to 8192 [ 364.406994][ T8063] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 364.649121][ T8079] random: crng reseeded on system resumption [ 366.023939][ T8100] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1231'. [ 367.144045][ T27] audit: type=1326 audit(1771460881.947:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8097 comm="syz.2.1233" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f68ac19c629 code=0x0 [ 368.650522][ T8128] netlink: 84 bytes leftover after parsing attributes in process `syz.2.1240'. [ 369.662009][ T8149] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1245'. [ 371.392766][ T27] audit: type=1326 audit(1771460886.197:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8161 comm="syz.1.1250" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f455d79c629 code=0x0 [ 372.629698][ T8171] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1252'. [ 374.139845][ T8193] loop2: detected capacity change from 0 to 512 [ 374.427811][ T8193] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 374.487867][ T8193] ext4 filesystem being mounted at /240/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 374.719671][ T8199] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1258'. [ 375.338711][ T4282] EXT4-fs (loop2): unmounting filesystem. [ 375.354427][ T8201] loop3: detected capacity change from 0 to 1024 [ 375.362262][ T8201] EXT4-fs: Ignoring removed bh option [ 375.447629][ T8207] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1262'. [ 375.524910][ T8201] EXT4-fs error (device loop3): ext4_map_blocks:635: inode #3: block 2: comm syz.3.1260: lblock 2 mapped to illegal pblock 2 (length 1) [ 376.222490][ T8201] Quota error (device loop3): qtree_write_dquot: dquota write failed [ 376.249586][ T8220] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1263'. [ 376.417035][ T8201] EXT4-fs error (device loop3): ext4_map_blocks:635: inode #3: block 48: comm syz.3.1260: lblock 0 mapped to illegal pblock 48 (length 1) [ 376.566652][ T8201] Quota error (device loop3): v2_write_file_info: Can't write info structure [ 376.773677][ T8201] EXT4-fs error (device loop3): ext4_acquire_dquot:6835: comm syz.3.1260: Failed to acquire dquot type 0 [ 376.787518][ T8201] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5933: Corrupt filesystem [ 376.883520][ T8201] EXT4-fs error (device loop3): ext4_evict_inode:279: inode #11: comm syz.3.1260: mark_inode_dirty error [ 376.963718][ T8201] EXT4-fs warning (device loop3): ext4_evict_inode:282: couldn't mark inode dirty (err -117) [ 377.142441][ T8201] EXT4-fs (loop3): 1 orphan inode deleted [ 377.168120][ T8228] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1270'. [ 377.203016][ T4542] EXT4-fs error (device loop3): ext4_map_blocks:635: inode #3: block 1: comm kworker/u4:9: lblock 1 mapped to illegal pblock 1 (length 1) [ 377.401821][ T8201] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 377.793664][ T4542] Quota error (device loop3): remove_tree: Can't read quota data block 1 [ 377.823919][ T4542] EXT4-fs error (device loop3): ext4_release_dquot:6871: comm kworker/u4:9: Failed to release dquot type 0 [ 377.970234][ T4270] EXT4-fs (loop3): unmounting filesystem. [ 377.984081][ T41] EXT4-fs error (device loop3): ext4_map_blocks:635: inode #3: block 1: comm kworker/u4:2: lblock 1 mapped to illegal pblock 1 (length 1) [ 378.034053][ T41] Quota error (device loop3): remove_tree: Can't read quota data block 1 [ 378.049835][ T8235] loop0: detected capacity change from 0 to 512 [ 378.069239][ T41] EXT4-fs error (device loop3): ext4_release_dquot:6871: comm kworker/u4:2: Failed to release dquot type 0 [ 378.069263][ T27] audit: type=1326 audit(1771460892.877:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8231 comm="syz.1.1272" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f455d79c629 code=0x0 [ 378.132712][ T4270] EXT4-fs error (device loop3): __ext4_get_inode_loc:4513: comm syz-executor: Invalid inode table block 1 in block_group 0 [ 378.195583][ T4270] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5933: Corrupt filesystem [ 378.219010][ T8235] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 378.241010][ T4270] EXT4-fs error (device loop3): ext4_quota_off:7141: inode #3: comm syz-executor: mark_inode_dirty error [ 378.264134][ T8235] ext4 filesystem being mounted at /260/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 378.406175][ T4268] EXT4-fs (loop0): unmounting filesystem. [ 378.636779][ T1277] ieee802154 phy0 wpan0: encryption failed: -22 [ 378.643350][ T1277] ieee802154 phy1 wpan1: encryption failed: -22 [ 379.828125][ T8255] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1279'. [ 381.648245][ T8262] loop4: detected capacity change from 0 to 128 [ 382.678152][ T8280] loop1: detected capacity change from 0 to 256 [ 382.768909][ T8280] FAT-fs (loop1): Directory bread(block 64) failed [ 382.780830][ T8280] FAT-fs (loop1): Directory bread(block 65) failed [ 382.811138][ T8280] FAT-fs (loop1): Directory bread(block 66) failed [ 382.839399][ T8280] FAT-fs (loop1): Directory bread(block 67) failed [ 382.868944][ T8280] FAT-fs (loop1): Directory bread(block 68) failed [ 383.014403][ T8280] FAT-fs (loop1): Directory bread(block 69) failed [ 383.050542][ T8280] FAT-fs (loop1): Directory bread(block 70) failed [ 383.093786][ T8280] FAT-fs (loop1): Directory bread(block 71) failed [ 383.118580][ T8280] FAT-fs (loop1): Directory bread(block 72) failed [ 383.164373][ T8280] FAT-fs (loop1): Directory bread(block 73) failed [ 383.226557][ T8286] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1290'. [ 383.846114][ T8280] syz.1.1289: attempt to access beyond end of device [ 383.846114][ T8280] loop1: rw=524288, sector=1736, nr_sectors = 32 limit=256 [ 383.883782][ T8280] syz.1.1289: attempt to access beyond end of device [ 383.883782][ T8280] loop1: rw=0, sector=1736, nr_sectors = 8 limit=256 [ 383.919945][ T27] audit: type=1800 audit(1771460898.727:105): pid=8280 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1289" name="file0" dev="loop1" ino=1048625 res=0 errno=0 [ 383.943087][ T8280] syz.1.1289: attempt to access beyond end of device [ 383.943087][ T8280] loop1: rw=0, sector=1736, nr_sectors = 4 limit=256 [ 384.047921][ T8280] syz.1.1289: attempt to access beyond end of device [ 384.047921][ T8280] loop1: rw=0, sector=1736, nr_sectors = 4 limit=256 [ 384.131848][ T8280] Buffer I/O error on dev loop1, logical block 434, async page read [ 384.187447][ T8280] syz.1.1289: attempt to access beyond end of device [ 384.187447][ T8280] loop1: rw=0, sector=1740, nr_sectors = 4 limit=256 [ 384.231504][ T8280] Buffer I/O error on dev loop1, logical block 435, async page read [ 384.268442][ T8292] syz.1.1289: attempt to access beyond end of device [ 384.268442][ T8292] loop1: rw=0, sector=1736, nr_sectors = 4 limit=256 [ 384.323745][ T8292] Buffer I/O error on dev loop1, logical block 434, async page read [ 384.348967][ T8292] syz.1.1289: attempt to access beyond end of device [ 384.348967][ T8292] loop1: rw=0, sector=1740, nr_sectors = 4 limit=256 [ 384.403211][ T8292] Buffer I/O error on dev loop1, logical block 435, async page read [ 384.442863][ T8296] syz.1.1289: attempt to access beyond end of device [ 384.442863][ T8296] loop1: rw=0, sector=1736, nr_sectors = 4 limit=256 [ 384.464049][ T8296] Buffer I/O error on dev loop1, logical block 434, async page read [ 384.472147][ T8296] syz.1.1289: attempt to access beyond end of device [ 384.472147][ T8296] loop1: rw=0, sector=1740, nr_sectors = 4 limit=256 [ 384.511056][ T8301] loop6: detected capacity change from 0 to 7 [ 384.580575][ C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 384.589966][ C0] Buffer I/O error on dev loop6, logical block 0, async page read [ 384.608330][ C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 384.617615][ C0] Buffer I/O error on dev loop6, logical block 0, async page read [ 384.633757][ T8296] Buffer I/O error on dev loop1, logical block 435, async page read [ 384.676853][ C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 384.686408][ C0] Buffer I/O error on dev loop6, logical block 0, async page read [ 384.713170][ T8280] syz.1.1289: attempt to access beyond end of device [ 384.713170][ T8280] loop1: rw=0, sector=1736, nr_sectors = 4 limit=256 [ 384.771378][ C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 384.780664][ C0] Buffer I/O error on dev loop6, logical block 0, async page read [ 384.789003][ C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 384.804195][ C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 384.850155][ C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 384.859822][ T8301] ldm_validate_partition_table(): Disk read failed. [ 384.899744][ C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 384.909236][ C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 384.924276][ C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 384.967363][ T8306] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1300'. [ 384.969626][ T8301] Dev loop6: unable to read RDB block 0 [ 385.048330][ T8301] loop6: unable to read partition table [ 385.078896][ T8301] loop6: partition table beyond EOD, truncated [ 385.106490][ T8301] loop_reread_partitions: partition scan of loop6 (gCj̖P=!MX %`搘ȵ4FLQk݊5) failed (rc=-5) [ 385.248792][ T8302] ldm_validate_partition_table(): Disk read failed. [ 385.264432][ T8302] Dev loop6: unable to read RDB block 0 [ 385.270642][ T8302] loop6: unable to read partition table [ 385.297258][ T8302] loop6: partition table beyond EOD, truncated [ 385.368168][ T8311] can0: slcan on ttyS3. [ 385.870106][ T8311] can0 (unregistered): slcan off ttyS3. [ 386.353879][ T4633] tipc: Left network mode [ 386.606456][ T4281] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 386.616945][ T4281] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 386.636348][ T4281] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 386.654399][ T4281] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 386.664378][ T4281] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 386.671691][ T4281] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 386.950568][ T8332] loop1: detected capacity change from 0 to 128 [ 387.320642][ T8338] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1306'. [ 387.922571][ T8342] loop3: detected capacity change from 0 to 256 [ 388.088319][ T8342] FAT-fs (loop3): Directory bread(block 64) failed [ 388.139868][ T8342] FAT-fs (loop3): Directory bread(block 65) failed [ 388.174240][ T8342] FAT-fs (loop3): Directory bread(block 66) failed [ 388.205651][ T8342] FAT-fs (loop3): Directory bread(block 67) failed [ 388.223350][ T8342] FAT-fs (loop3): Directory bread(block 68) failed [ 388.261617][ T8342] FAT-fs (loop3): Directory bread(block 69) failed [ 388.301002][ T8342] FAT-fs (loop3): Directory bread(block 70) failed [ 388.320253][ T8342] FAT-fs (loop3): Directory bread(block 71) failed [ 388.338352][ T8342] FAT-fs (loop3): Directory bread(block 72) failed [ 388.357739][ T8342] FAT-fs (loop3): Directory bread(block 73) failed [ 388.508258][ T27] audit: type=1800 audit(1771460903.317:106): pid=8342 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1310" name="file0" dev="loop3" ino=1048627 res=0 errno=0 [ 388.713874][ T4286] Bluetooth: hci3: command 0x0409 tx timeout [ 388.809688][ T8352] device syzkaller0 entered promiscuous mode [ 389.978383][ T8380] loop3: detected capacity change from 0 to 128 [ 390.793726][ T4286] Bluetooth: hci3: command 0x041b tx timeout [ 391.349326][ T8391] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1321'. [ 392.062991][ T8396] loop1: detected capacity change from 0 to 256 [ 392.063332][ T8395] netlink: 48 bytes leftover after parsing attributes in process `syz.3.1322'. [ 392.171220][ T8396] FAT-fs (loop1): Directory bread(block 64) failed [ 392.190300][ T8396] FAT-fs (loop1): Directory bread(block 65) failed [ 392.234170][ T8396] FAT-fs (loop1): Directory bread(block 66) failed [ 392.240856][ T8396] FAT-fs (loop1): Directory bread(block 67) failed [ 392.292851][ T8396] FAT-fs (loop1): Directory bread(block 68) failed [ 392.332087][ T8396] FAT-fs (loop1): Directory bread(block 69) failed [ 392.354036][ T8396] FAT-fs (loop1): Directory bread(block 70) failed [ 392.390284][ T8396] FAT-fs (loop1): Directory bread(block 71) failed [ 392.423443][ T8396] FAT-fs (loop1): Directory bread(block 72) failed [ 392.430905][ T8396] FAT-fs (loop1): Directory bread(block 73) failed [ 392.577427][ T8396] bio_check_eod: 36 callbacks suppressed [ 392.577446][ T8396] syz.1.1323: attempt to access beyond end of device [ 392.577446][ T8396] loop1: rw=524288, sector=1736, nr_sectors = 32 limit=256 [ 392.658300][ T8396] syz.1.1323: attempt to access beyond end of device [ 392.658300][ T8396] loop1: rw=0, sector=1736, nr_sectors = 8 limit=256 [ 392.700834][ T27] audit: type=1800 audit(1771460907.507:107): pid=8396 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1323" name="file0" dev="loop1" ino=1048629 res=0 errno=0 [ 392.883887][ T4286] Bluetooth: hci3: command 0x040f tx timeout [ 393.371141][ T8418] hub 8-0:1.0: USB hub found [ 393.379353][ T8418] hub 8-0:1.0: 1 port detected [ 394.315975][ T8420] loop1: detected capacity change from 0 to 128 [ 394.954025][ T4286] Bluetooth: hci3: command 0x0419 tx timeout [ 396.227004][ T8432] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1333'. [ 397.778385][ T8439] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1335'. [ 398.633434][ T8323] chnl_net:caif_netlink_parms(): no params data found [ 398.723430][ T8444] loop1: detected capacity change from 0 to 512 [ 398.789611][ T8444] EXT4-fs (loop1): 1 truncate cleaned up [ 398.821984][ T8444] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 398.953823][ T8446] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm ext4lazyinit: bg 0: block 465: padding at end of block bitmap is not set [ 399.004645][ T8446] EXT4-fs (loop1): Remounting filesystem read-only [ 400.860894][ T8452] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1338'. [ 400.874916][ T8457] loop0: detected capacity change from 0 to 512 [ 400.904434][ T8452] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1338'. [ 401.179033][ T8452] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 401.187908][ T8452] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 401.196776][ T8452] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 401.205545][ T8452] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 401.264996][ T8452] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1338'. [ 401.274322][ T8452] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1338'. [ 401.557954][ T4269] EXT4-fs (loop1): unmounting filesystem. [ 401.834970][ T8476] loop1: detected capacity change from 0 to 256 [ 401.926162][ T8476] FAT-fs (loop1): Directory bread(block 64) failed [ 402.024398][ T8478] loop0: detected capacity change from 0 to 512 [ 402.039286][ T8476] FAT-fs (loop1): Directory bread(block 65) failed [ 402.056762][ T8480] loop2: detected capacity change from 0 to 256 [ 402.091151][ T8465] can0: slcan on ttyS3. [ 402.145045][ T8476] FAT-fs (loop1): Directory bread(block 66) failed [ 402.182298][ T4708] blk_print_req_error: 25 callbacks suppressed [ 402.182316][ T4708] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 402.214025][ T8470] can0 (unregistered): slcan off ttyS3. [ 402.272487][ T8476] FAT-fs (loop1): Directory bread(block 67) failed [ 402.298005][ T8476] FAT-fs (loop1): Directory bread(block 68) failed [ 402.402302][ T4633] device hsr_slave_0 left promiscuous mode [ 402.417862][ T8476] FAT-fs (loop1): Directory bread(block 69) failed [ 402.444243][ T8476] FAT-fs (loop1): Directory bread(block 70) failed [ 402.503710][ T8476] FAT-fs (loop1): Directory bread(block 71) failed [ 402.510381][ T8476] FAT-fs (loop1): Directory bread(block 72) failed [ 402.522669][ T4633] device hsr_slave_1 left promiscuous mode [ 402.560557][ T4633] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 402.584712][ T4633] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 402.600321][ T8476] FAT-fs (loop1): Directory bread(block 73) failed [ 402.647016][ T4633] device bridge_slave_1 left promiscuous mode [ 402.679466][ T4633] bridge0: port 2(bridge_slave_1) entered disabled state [ 402.785041][ T8476] syz.1.1342: attempt to access beyond end of device [ 402.785041][ T8476] loop1: rw=524288, sector=1736, nr_sectors = 32 limit=256 [ 402.850035][ T4633] device bridge_slave_0 left promiscuous mode [ 402.890793][ T4633] bridge0: port 1(bridge_slave_0) entered disabled state [ 402.898519][ T8476] syz.1.1342: attempt to access beyond end of device [ 402.898519][ T8476] loop1: rw=0, sector=1736, nr_sectors = 8 limit=256 [ 402.932457][ T27] audit: type=1800 audit(1771460917.737:108): pid=8476 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1342" name="file0" dev="loop1" ino=1048632 res=0 errno=0 [ 402.951342][ T8476] syz.1.1342: attempt to access beyond end of device [ 402.951342][ T8476] loop1: rw=0, sector=1736, nr_sectors = 8 limit=256 [ 403.080556][ T8493] syz.1.1342: attempt to access beyond end of device [ 403.080556][ T8493] loop1: rw=0, sector=1736, nr_sectors = 8 limit=256 [ 403.183100][ T8497] syz.1.1342: attempt to access beyond end of device [ 403.183100][ T8497] loop1: rw=0, sector=1736, nr_sectors = 8 limit=256 [ 403.261800][ T8497] syz.1.1342: attempt to access beyond end of device [ 403.261800][ T8497] loop1: rw=0, sector=1736, nr_sectors = 8 limit=256 [ 403.396797][ T8476] syz.1.1342: attempt to access beyond end of device [ 403.396797][ T8476] loop1: rw=0, sector=1736, nr_sectors = 8 limit=256 [ 403.509453][ T8493] syz.1.1342: attempt to access beyond end of device [ 403.509453][ T8493] loop1: rw=0, sector=1736, nr_sectors = 8 limit=256 [ 403.536161][ T4633] bond4 (unregistering): Released all slaves [ 403.577415][ T4633] bond3 (unregistering): Released all slaves [ 403.605300][ T8493] syz.1.1342: attempt to access beyond end of device [ 403.605300][ T8493] loop1: rw=0, sector=1736, nr_sectors = 8 limit=256 [ 403.675187][ T4633] bond2 (unregistering): Released all slaves [ 403.714603][ T4633] bond1 (unregistering): Released all slaves [ 404.701031][ T8516] loop3: detected capacity change from 0 to 512 [ 404.731733][ T8516] EXT4-fs: Ignoring removed nobh option [ 404.796515][ T8516] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 404.955714][ T8516] EXT4-fs error (device loop3): ext4_orphan_get:1399: inode #15: comm syz.3.1351: iget: bad i_size value: 38620345925642 [ 404.997670][ T8516] EXT4-fs error (device loop3): ext4_orphan_get:1404: comm syz.3.1351: couldn't read orphan inode 15 (err -117) [ 405.084598][ T8516] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 405.125546][ T4633] team0 (unregistering): Port device team_slave_1 removed [ 405.253943][ T4633] team0 (unregistering): Port device team_slave_0 removed [ 405.919846][ T8518] EXT4-fs error (device loop3): ext4_validate_block_bitmap:429: comm ext4lazyinit: bg 0: block 5: invalid block bitmap [ 408.320026][ T8323] bridge0: port 1(bridge_slave_0) entered blocking state [ 408.333984][ T8323] bridge0: port 1(bridge_slave_0) entered disabled state [ 408.354936][ T8323] device bridge_slave_0 entered promiscuous mode [ 408.411275][ T8511] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1359'. [ 408.453910][ T8511] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1359'. [ 408.474748][ T8511] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 408.483691][ T8511] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 408.492395][ T8511] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 408.501312][ T8511] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 408.559648][ T8323] bridge0: port 2(bridge_slave_1) entered blocking state [ 408.568665][ T8323] bridge0: port 2(bridge_slave_1) entered disabled state [ 408.578184][ T8323] device bridge_slave_1 entered promiscuous mode [ 408.613846][ T8511] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1359'. [ 408.622901][ T8511] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1359'. [ 408.635127][ T4270] EXT4-fs (loop3): unmounting filesystem. [ 408.727524][ T8526] loop0: detected capacity change from 0 to 512 [ 408.755571][ T8323] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 408.805668][ T8323] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 408.945952][ T8323] team0: Port device team_slave_0 added [ 408.989166][ T8323] team0: Port device team_slave_1 added [ 409.104302][ T8323] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 409.148264][ T8323] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 409.235856][ T8323] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 409.264927][ T8532] device syzkaller0 entered promiscuous mode [ 409.295130][ T8323] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 409.302188][ T8323] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 409.378090][ T8544] loop3: detected capacity change from 0 to 256 [ 409.380995][ T8323] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 409.469233][ T8544] FAT-fs (loop3): Directory bread(block 64) failed [ 409.511747][ T8544] FAT-fs (loop3): Directory bread(block 65) failed [ 409.548453][ T8544] FAT-fs (loop3): Directory bread(block 66) failed [ 409.585689][ T8553] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1363'. [ 409.600381][ T8544] FAT-fs (loop3): Directory bread(block 67) failed [ 409.620660][ T8544] FAT-fs (loop3): Directory bread(block 68) failed [ 409.653790][ T8544] FAT-fs (loop3): Directory bread(block 69) failed [ 409.660510][ T8544] FAT-fs (loop3): Directory bread(block 70) failed [ 409.704138][ T8544] FAT-fs (loop3): Directory bread(block 71) failed [ 409.710846][ T8544] FAT-fs (loop3): Directory bread(block 72) failed [ 409.772075][ T8544] FAT-fs (loop3): Directory bread(block 73) failed [ 409.786328][ T8323] device hsr_slave_0 entered promiscuous mode [ 409.806664][ T8323] device hsr_slave_1 entered promiscuous mode [ 409.829121][ T8323] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 409.853211][ T8323] Cannot create hsr debugfs directory [ 409.964244][ T8544] syz.3.1362: attempt to access beyond end of device [ 409.964244][ T8544] loop3: rw=524288, sector=1736, nr_sectors = 32 limit=256 [ 410.011447][ T8544] syz.3.1362: attempt to access beyond end of device [ 410.011447][ T8544] loop3: rw=0, sector=1736, nr_sectors = 8 limit=256 [ 410.332542][ T27] audit: type=1800 audit(1771460925.137:109): pid=8544 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1362" name="file0" dev="loop3" ino=1048633 res=0 errno=0 [ 410.369684][ T8544] syz.3.1362: attempt to access beyond end of device [ 410.369684][ T8544] loop3: rw=0, sector=1736, nr_sectors = 8 limit=256 [ 410.468829][ T8563] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1365'. [ 410.518123][ T8563] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1365'. [ 410.576642][ T8564] syz.3.1362: attempt to access beyond end of device [ 410.576642][ T8564] loop3: rw=0, sector=1736, nr_sectors = 8 limit=256 [ 410.909654][ T8544] syz.3.1362: attempt to access beyond end of device [ 410.909654][ T8544] loop3: rw=0, sector=1736, nr_sectors = 8 limit=256 [ 410.982598][ T8563] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 410.991990][ T8563] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 411.000825][ T8563] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 411.009587][ T8563] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 411.108345][ T8567] syz.3.1362: attempt to access beyond end of device [ 411.108345][ T8567] loop3: rw=0, sector=1736, nr_sectors = 8 limit=256 [ 411.214016][ T8544] syz.3.1362: attempt to access beyond end of device [ 411.214016][ T8544] loop3: rw=0, sector=1736, nr_sectors = 8 limit=256 [ 411.227887][ T8567] syz.3.1362: attempt to access beyond end of device [ 411.227887][ T8567] loop3: rw=0, sector=1736, nr_sectors = 8 limit=256 [ 411.243085][ T8544] syz.3.1362: attempt to access beyond end of device [ 411.243085][ T8544] loop3: rw=0, sector=1736, nr_sectors = 8 limit=256 [ 411.256815][ T8564] syz.3.1362: attempt to access beyond end of device [ 411.256815][ T8564] loop3: rw=0, sector=1736, nr_sectors = 8 limit=256 [ 411.283876][ T8563] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1365'. [ 411.292985][ T8563] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1365'. [ 411.470428][ T8579] loop1: detected capacity change from 0 to 512 [ 411.695620][ T8323] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 411.771285][ T8323] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 411.829796][ T8323] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 411.874169][ T8323] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 412.301880][ T8323] 8021q: adding VLAN 0 to HW filter on device bond0 [ 412.345120][ T8604] netlink: 196 bytes leftover after parsing attributes in process `syz.0.1374'. [ 412.390360][ T8323] 8021q: adding VLAN 0 to HW filter on device team0 [ 412.424037][ T4633] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 412.434107][ T4633] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 412.478033][ T4633] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 412.495231][ T8606] loop1: detected capacity change from 0 to 512 [ 412.505223][ T4633] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 412.540411][ T4633] bridge0: port 1(bridge_slave_0) entered blocking state [ 412.547619][ T4633] bridge0: port 1(bridge_slave_0) entered forwarding state [ 412.589884][ T4633] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 412.611565][ T8606] EXT4-fs (loop1): 1 truncate cleaned up [ 412.623718][ T8606] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 412.649803][ T4633] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 412.680623][ T4633] bridge0: port 2(bridge_slave_1) entered blocking state [ 412.687936][ T4633] bridge0: port 2(bridge_slave_1) entered forwarding state [ 412.739560][ T4633] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 412.751254][ T4633] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 412.767922][ T4633] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 412.827269][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 412.858779][ T8605] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.1375: bg 0: block 465: padding at end of block bitmap is not set [ 412.889823][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 412.914958][ T8605] EXT4-fs (loop1): Remounting filesystem read-only [ 412.962016][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 412.985691][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 413.011347][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 413.063111][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 413.100261][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 413.115460][ T8323] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 413.150807][ T8323] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 413.182776][ T8626] loop0: detected capacity change from 0 to 256 [ 413.194487][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 413.221730][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 413.308711][ T8626] FAT-fs (loop0): Directory bread(block 64) failed [ 413.451266][ T8626] FAT-fs (loop0): Directory bread(block 65) failed [ 413.630600][ T8626] FAT-fs (loop0): Directory bread(block 66) failed [ 413.742955][ T8626] FAT-fs (loop0): Directory bread(block 67) failed [ 413.870768][ T8626] FAT-fs (loop0): Directory bread(block 68) failed [ 413.937630][ T4269] EXT4-fs (loop1): unmounting filesystem. [ 413.978815][ T8626] FAT-fs (loop0): Directory bread(block 69) failed [ 414.119985][ T8626] FAT-fs (loop0): Directory bread(block 70) failed [ 414.260661][ T8626] FAT-fs (loop0): Directory bread(block 71) failed [ 414.418152][ T8626] FAT-fs (loop0): Directory bread(block 72) failed [ 415.204987][ T8626] FAT-fs (loop0): Directory bread(block 73) failed [ 416.415919][ T8657] __nla_validate_parse: 4 callbacks suppressed [ 416.415940][ T8657] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1388'. [ 416.481889][ T8657] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1388'. [ 416.520846][ T8657] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1388'. [ 416.552205][ T8657] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1388'. [ 416.784097][ T4633] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 416.791702][ T4633] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 416.847425][ T8323] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 418.533241][ T4633] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 418.584390][ T4633] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 418.617609][ T8708] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1400'. [ 418.629726][ T8708] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1400'. [ 418.647253][ T8709] loop0: detected capacity change from 0 to 512 [ 418.676611][ T8708] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1400'. [ 418.711361][ T8708] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1400'. [ 418.740815][ T4542] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 418.771991][ T4542] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 418.833825][ T8323] device veth0_vlan entered promiscuous mode [ 418.851437][ T4542] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 418.881734][ T4542] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 418.929518][ T8323] device veth1_vlan entered promiscuous mode [ 419.075968][ T5316] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 419.104729][ T5316] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 419.150783][ T5316] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 419.217829][ T5316] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 419.268092][ T8323] device veth0_macvtap entered promiscuous mode [ 419.298122][ T8323] device veth1_macvtap entered promiscuous mode [ 419.368344][ T8323] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 419.387010][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 419.409477][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 419.435163][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 419.469502][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 419.518518][ T8323] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 419.536734][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 419.556895][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 419.588592][ T8323] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 419.614075][ T8323] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 419.633423][ T8323] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 419.670103][ T8323] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 419.908000][ T8735] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1409'. [ 419.928981][ T8734] loop0: detected capacity change from 0 to 1024 [ 419.941675][ T8735] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1409'. [ 419.970261][ T4544] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 419.983636][ T4544] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 420.016214][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 420.179270][ T8734] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 420.194969][ T4542] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 420.202847][ T4542] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 420.273525][ T8748] loop3: detected capacity change from 0 to 512 [ 420.277515][ T4542] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 420.534905][ T4268] EXT4-fs (loop0): unmounting filesystem. [ 420.878094][ T8763] loop1: detected capacity change from 0 to 256 [ 420.906358][ T8764] loop2: detected capacity change from 0 to 512 [ 420.960006][ T8763] FAT-fs (loop1): Directory bread(block 64) failed [ 420.982035][ T8763] FAT-fs (loop1): Directory bread(block 65) failed [ 421.011386][ T8763] FAT-fs (loop1): Directory bread(block 66) failed [ 421.062086][ T8763] FAT-fs (loop1): Directory bread(block 67) failed [ 421.089585][ T8763] FAT-fs (loop1): Directory bread(block 68) failed [ 421.108316][ T8763] FAT-fs (loop1): Directory bread(block 69) failed [ 421.119408][ T8763] FAT-fs (loop1): Directory bread(block 70) failed [ 421.138155][ T8763] FAT-fs (loop1): Directory bread(block 71) failed [ 421.173075][ T8763] FAT-fs (loop1): Directory bread(block 72) failed [ 421.220737][ T8763] FAT-fs (loop1): Directory bread(block 73) failed [ 421.405468][ T8763] bio_check_eod: 2 callbacks suppressed [ 421.405490][ T8763] syz.1.1418: attempt to access beyond end of device [ 421.405490][ T8763] loop1: rw=524288, sector=1736, nr_sectors = 32 limit=256 [ 421.497331][ T8763] syz.1.1418: attempt to access beyond end of device [ 421.497331][ T8763] loop1: rw=0, sector=1736, nr_sectors = 8 limit=256 [ 421.583637][ T27] audit: type=1800 audit(1771460936.377:110): pid=8763 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1418" name="file0" dev="loop1" ino=1048639 res=0 errno=0 [ 421.752196][ T8787] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1421'. [ 422.378721][ T8785] 8021q: adding VLAN 0 to HW filter on device bond3 [ 422.540052][ T8781] loop2: detected capacity change from 0 to 512 [ 422.559807][ T8781] EXT4-fs: Ignoring removed nobh option [ 422.611221][ T8781] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 422.618391][ T8791] loop3: detected capacity change from 0 to 512 [ 422.653188][ T8791] EXT4-fs: Ignoring removed oldalloc option [ 422.691551][ T8781] EXT4-fs error (device loop2): ext4_orphan_get:1399: inode #15: comm syz.2.1423: iget: bad i_size value: 38620345925642 [ 422.730079][ T8791] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 422.824803][ T8781] EXT4-fs error (device loop2): ext4_orphan_get:1404: comm syz.2.1423: couldn't read orphan inode 15 (err -117) [ 422.845967][ T8791] EXT4-fs (loop3): 1 truncate cleaned up [ 422.851679][ T8791] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 422.934417][ T8781] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 423.181939][ T4270] EXT4-fs (loop3): unmounting filesystem. [ 423.318439][ T4282] EXT4-fs (loop2): unmounting filesystem. [ 423.827597][ T8819] loop2: detected capacity change from 0 to 256 [ 424.030345][ T8823] loop3: detected capacity change from 0 to 512 [ 424.046292][ T8819] FAT-fs (loop2): Directory bread(block 64) failed [ 424.053010][ T8819] FAT-fs (loop2): Directory bread(block 65) failed [ 424.132840][ T8819] FAT-fs (loop2): Directory bread(block 66) failed [ 424.183795][ T8819] FAT-fs (loop2): Directory bread(block 67) failed [ 424.208400][ T8819] FAT-fs (loop2): Directory bread(block 68) failed [ 424.228718][ T8819] FAT-fs (loop2): Directory bread(block 69) failed [ 424.268095][ T8819] FAT-fs (loop2): Directory bread(block 70) failed [ 424.303762][ T8819] FAT-fs (loop2): Directory bread(block 71) failed [ 424.348776][ T8819] FAT-fs (loop2): Directory bread(block 72) failed [ 424.394702][ T8819] FAT-fs (loop2): Directory bread(block 73) failed [ 424.565350][ T8819] syz.2.1436: attempt to access beyond end of device [ 424.565350][ T8819] loop2: rw=524288, sector=1736, nr_sectors = 32 limit=256 [ 424.614990][ T8819] syz.2.1436: attempt to access beyond end of device [ 424.614990][ T8819] loop2: rw=0, sector=1736, nr_sectors = 8 limit=256 [ 424.826266][ T8834] netlink: 60 bytes leftover after parsing attributes in process `syz.5.1438'. [ 425.379813][ T27] audit: type=1800 audit(1771460940.187:111): pid=8819 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1436" name="file0" dev="loop2" ino=1048641 res=0 errno=0 [ 425.748763][ T8847] netlink: 'syz.3.1443': attribute type 1 has an invalid length. [ 426.021534][ T8849] 8021q: adding VLAN 0 to HW filter on device bond5 [ 426.050490][ T8854] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1445'. [ 426.081270][ T8854] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1445'. [ 426.104116][ T8854] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1445'. [ 426.143751][ T8854] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1445'. [ 426.338770][ T8860] loop2: detected capacity change from 0 to 512 [ 426.856564][ T8878] loop1: detected capacity change from 0 to 256 [ 426.927824][ T8878] FAT-fs (loop1): Directory bread(block 64) failed [ 426.950785][ T8878] FAT-fs (loop1): Directory bread(block 65) failed [ 427.008417][ T8878] FAT-fs (loop1): Directory bread(block 66) failed [ 427.031416][ T8878] FAT-fs (loop1): Directory bread(block 67) failed [ 427.068912][ T8878] FAT-fs (loop1): Directory bread(block 68) failed [ 427.083910][ T8878] FAT-fs (loop1): Directory bread(block 69) failed [ 427.098662][ T8878] FAT-fs (loop1): Directory bread(block 70) failed [ 427.122186][ T8878] FAT-fs (loop1): Directory bread(block 71) failed [ 427.156644][ T8878] FAT-fs (loop1): Directory bread(block 72) failed [ 427.189284][ T8878] FAT-fs (loop1): Directory bread(block 73) failed [ 427.330529][ T8889] loop5: detected capacity change from 0 to 1024 [ 427.345954][ T8878] syz.1.1452: attempt to access beyond end of device [ 427.345954][ T8878] loop1: rw=524288, sector=1736, nr_sectors = 32 limit=256 [ 427.374962][ T8889] EXT4-fs: Ignoring removed orlov option [ 427.390283][ T8878] syz.1.1452: attempt to access beyond end of device [ 427.390283][ T8878] loop1: rw=0, sector=1736, nr_sectors = 8 limit=256 [ 427.439545][ T27] audit: type=1800 audit(1771460942.247:112): pid=8878 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1452" name="file0" dev="loop1" ino=1048642 res=0 errno=0 [ 427.480192][ T8878] syz.1.1452: attempt to access beyond end of device [ 427.480192][ T8878] loop1: rw=0, sector=1736, nr_sectors = 8 limit=256 [ 427.513906][ T8893] device syzkaller0 entered promiscuous mode [ 427.521305][ T8889] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 427.536301][ T8878] syz.1.1452: attempt to access beyond end of device [ 427.536301][ T8878] loop1: rw=0, sector=1736, nr_sectors = 8 limit=256 [ 427.543124][ T8893] ------------[ cut here ]------------ [ 427.555584][ T8893] WARNING: CPU: 0 PID: 8893 at include/linux/skbuff.h:2844 em_cmp_match+0x56a/0x7b0 [ 427.565063][ T8893] Modules linked in: [ 427.569453][ T8893] CPU: 0 PID: 8893 Comm: syz.3.1456 Not tainted syzkaller #0 [ 427.576945][ T8893] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 427.587621][ T8893] RIP: 0010:em_cmp_match+0x56a/0x7b0 [ 427.593014][ T8893] Code: e8 cb 04 1b f9 39 dd 0f 94 c0 e9 40 fe ff ff e8 5c 03 1b f9 e9 34 fe ff ff e8 52 03 1b f9 0f 0b e9 97 fc ff ff e8 46 03 1b f9 <0f> 0b e9 79 fb ff ff 89 d9 80 e1 07 fe c1 38 c1 0f 8c e5 fa ff ff [ 427.612821][ T8893] RSP: 0018:ffffc900040c7118 EFLAGS: 00010283 [ 427.619073][ T8893] RAX: ffffffff8867706a RBX: ffff888020bd8daa RCX: 0000000000080000 [ 427.619614][ T8894] syz.1.1452: attempt to access beyond end of device [ 427.619614][ T8894] loop1: rw=0, sector=1736, nr_sectors = 8 limit=256 [ 427.627123][ T8893] RDX: ffffc9000e7ba000 RSI: 00000000000003d2 RDI: 00000000000003d3 [ 427.627147][ T8893] RBP: 000000000000ffff R08: ffff888025158000 R09: 0000000000000003 [ 427.627162][ T8893] R10: 0000000000000002 R11: 0000000000000002 R12: 1ffff1100417b1b5 [ 427.627176][ T8893] R13: 1ffff1100f1498b6 R14: ffff888078a4c500 R15: ffff888078a4c5b6 [ 427.627191][ T8893] FS: 00007ffa069706c0(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000 [ 427.627209][ T8893] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 427.627225][ T8893] CR2: 00007fffdcc4cfd8 CR3: 0000000074ff5000 CR4: 00000000003506f0 [ 427.627246][ T8893] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 427.627259][ T8893] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 427.627273][ T8893] Call Trace: [ 427.627281][ T8893] [ 427.627295][ T8893] __tcf_em_tree_match+0x1cb/0x7a0 [ 427.672253][ T27] audit: type=1326 audit(1771460942.477:113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8888 comm="syz.5.1455" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff16fb9c629 code=0x7ffc0000 [ 427.672776][ T8893] ? tcf_em_tree_dump+0x900/0x900 [ 427.710145][ T27] audit: type=1326 audit(1771460942.507:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8888 comm="syz.5.1455" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff16fb9c629 code=0x7ffc0000 [ 427.712936][ T8893] ? rcu_read_lock_held+0x40/0x40 [ 427.712970][ T8893] ? __lock_acquire+0x12f4/0x7d10 [ 427.749393][ T27] audit: type=1326 audit(1771460942.507:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8888 comm="syz.5.1455" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff16fb9c629 code=0x7ffc0000 [ 427.751821][ T8893] basic_classify+0x111/0x2c0 [ 427.751868][ T8893] tcf_classify+0x331/0xbf0 [ 427.783352][ T8878] syz.1.1452: attempt to access beyond end of device [ 427.783352][ T8878] loop1: rw=0, sector=1736, nr_sectors = 8 limit=256 [ 427.784442][ T8893] multiq_enqueue+0xfb/0x4b0 [ 427.784477][ T8893] ? sch_tree_unlock+0x1b0/0x1b0 [ 427.784499][ T8893] ? do_raw_spin_lock+0x128/0x2f0 [ 427.844000][ T8893] ? __rwlock_init+0x140/0x140 [ 427.845864][ T27] audit: type=1326 audit(1771460942.507:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8888 comm="syz.5.1455" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff16fb9c629 code=0x7ffc0000 [ 427.848876][ T8893] dev_qdisc_enqueue+0x4c/0x2b0 [ 427.848921][ T8893] __dev_queue_xmit+0xfdc/0x37f0 [ 427.881150][ T8893] ? __dev_queue_xmit+0x26b/0x37f0 [ 427.886364][ T8893] ? netdev_core_pick_tx+0x340/0x340 [ 427.891819][ T8893] ? packet_parse_headers+0x7b8/0xab0 [ 427.897303][ T8893] ? packet_parse_headers+0x84b/0xab0 [ 427.902735][ T8893] ? __virt_addr_valid+0x188/0x540 [ 427.908044][ T8893] ? __check_object_size+0x500/0xa40 [ 427.909933][ T8894] syz.1.1452: attempt to access beyond end of device [ 427.909933][ T8894] loop1: rw=0, sector=1736, nr_sectors = 8 limit=256 [ 427.913351][ T8893] ? skb_setup_tx_timestamp+0x1f0/0x1f0 [ 427.913384][ T8893] ? skb_copy_datagram_from_iter+0x5a8/0x690 [ 427.938350][ T8893] ? skb_put+0x117/0x210 [ 427.942650][ T8893] packet_sendmsg+0x3bc3/0x4e60 [ 427.947641][ T8893] ? __schedule+0x119d/0x40e0 [ 427.952369][ T8893] ? __might_sleep+0xd0/0xd0 [ 427.957047][ T8893] ? verify_lock_unused+0x140/0x140 [ 427.962303][ T8893] ? aa_sk_perm+0x81f/0x950 [ 427.965878][ T27] audit: type=1326 audit(1771460942.507:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8888 comm="syz.5.1455" exe="/root/syz-executor" sig=0 arch=c000003e syscall=193 compat=0 ip=0x7ff16fb9c629 code=0x7ffc0000 [ 427.966887][ T8893] ? packet_getsockopt+0x9a0/0x9a0 [ 427.994366][ T8893] ? aa_sock_msg_perm+0x94/0x150 [ 427.999155][ T8878] syz.1.1452: attempt to access beyond end of device [ 427.999155][ T8878] loop1: rw=0, sector=1736, nr_sectors = 8 limit=256 [ 427.999327][ T8893] ? bpf_lsm_socket_sendmsg+0x5/0x10 [ 428.017943][ T8893] ? security_socket_sendmsg+0x7c/0xa0 [ 428.023465][ T8893] ? packet_getsockopt+0x9a0/0x9a0 [ 428.028689][ T8893] ____sys_sendmsg+0x5be/0x970 [ 428.033510][ T8893] ? __sys_sendmsg_sock+0x30/0x30 [ 428.036863][ T27] audit: type=1326 audit(1771460942.507:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8888 comm="syz.5.1455" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff16fb9c629 code=0x7ffc0000 [ 428.038697][ T8893] ? __import_iovec+0x315/0x500 [ 428.038735][ T8893] ? import_iovec+0x6f/0xa0 [ 428.070703][ T8893] ___sys_sendmsg+0x2a2/0x360 [ 428.075488][ T8893] ? try_to_wake_up+0x6ae/0x1080 [ 428.078382][ T8894] syz.1.1452: attempt to access beyond end of device [ 428.078382][ T8894] loop1: rw=0, sector=1736, nr_sectors = 8 limit=256 [ 428.080454][ T8893] ? __sys_sendmsg+0x290/0x290 [ 428.080510][ T8893] ? put_user_ifreq+0x81/0xb0 [ 428.103243][ T8893] __se_sys_sendmsg+0x1bb/0x2a0 [ 428.106456][ T8878] syz.1.1452: attempt to access beyond end of device [ 428.106456][ T8878] loop1: rw=0, sector=1736, nr_sectors = 8 limit=256 [ 428.108181][ T8893] ? __x64_sys_sendmsg+0x80/0x80 [ 428.126421][ T8893] ? lockdep_hardirqs_on+0x94/0x140 [ 428.127478][ T27] audit: type=1326 audit(1771460942.507:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8888 comm="syz.5.1455" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff16fb9c629 code=0x7ffc0000 [ 428.131646][ T8893] do_syscall_64+0x4c/0xa0 [ 428.131676][ T8893] ? clear_bhb_loop+0x60/0xb0 [ 428.131700][ T8893] ? clear_bhb_loop+0x60/0xb0 [ 428.131724][ T8893] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 428.131746][ T8893] RIP: 0033:0x7ffa05b9c629 [ 428.131765][ T8893] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 428.131784][ T8893] RSP: 002b:00007ffa06970028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 428.131810][ T8893] RAX: ffffffffffffffda RBX: 00007ffa05e15fa0 RCX: 00007ffa05b9c629 [ 428.131827][ T8893] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000004 [ 428.180208][ T27] audit: type=1326 audit(1771460942.507:120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8888 comm="syz.5.1455" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff16fb9c629 code=0x7ffc0000 [ 428.198031][ T8893] RBP: 00007ffa05c32b39 R08: 0000000000000000 R09: 0000000000000000 [ 428.198051][ T8893] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 428.198066][ T8893] R13: 00007ffa05e16038 R14: 00007ffa05e15fa0 R15: 00007ffd83d362d8 [ 428.198100][ T8893] [ 428.198111][ T8893] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 428.198123][ T8893] CPU: 0 PID: 8893 Comm: syz.3.1456 Not tainted syzkaller #0 [ 428.198142][ T8893] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 428.198153][ T8893] Call Trace: [ 428.198160][ T8893] [ 428.198167][ T8893] dump_stack_lvl+0x188/0x24e [ 428.198199][ T8893] ? memcpy+0x3c/0x60 [ 428.198221][ T8893] ? show_regs_print_info+0x12/0x12 [ 428.198244][ T8893] ? load_image+0x400/0x400 [ 428.198274][ T8893] panic+0x2e5/0x730 [ 428.198297][ T8893] ? bpf_jit_dump+0xd0/0xd0 [ 428.198330][ T8893] __warn+0x2f8/0x4f0 [ 428.198345][ T8893] ? em_cmp_match+0x56a/0x7b0 [ 428.198367][ T8893] ? em_cmp_match+0x56a/0x7b0 [ 428.198386][ T8893] report_bug+0x2ba/0x4f0 [ 428.198408][ T8893] ? em_cmp_match+0x56a/0x7b0 [ 428.198431][ T8893] handle_bug+0x3a/0x70 [ 428.198454][ T8893] exc_invalid_op+0x16/0x40 [ 428.198476][ T8893] asm_exc_invalid_op+0x16/0x20 [ 428.198495][ T8893] RIP: 0010:em_cmp_match+0x56a/0x7b0 [ 428.198515][ T8893] Code: e8 cb 04 1b f9 39 dd 0f 94 c0 e9 40 fe ff ff e8 5c 03 1b f9 e9 34 fe ff ff e8 52 03 1b f9 0f 0b e9 97 fc ff ff e8 46 03 1b f9 <0f> 0b e9 79 fb ff ff 89 d9 80 e1 07 fe c1 38 c1 0f 8c e5 fa ff ff [ 428.198531][ T8893] RSP: 0018:ffffc900040c7118 EFLAGS: 00010283 [ 428.198548][ T8893] RAX: ffffffff8867706a RBX: ffff888020bd8daa RCX: 0000000000080000 [ 428.198561][ T8893] RDX: ffffc9000e7ba000 RSI: 00000000000003d2 RDI: 00000000000003d3 [ 428.198573][ T8893] RBP: 000000000000ffff R08: ffff888025158000 R09: 0000000000000003 [ 428.198585][ T8893] R10: 0000000000000002 R11: 0000000000000002 R12: 1ffff1100417b1b5 [ 428.198596][ T8893] R13: 1ffff1100f1498b6 R14: ffff888078a4c500 R15: ffff888078a4c5b6 [ 428.198617][ T8893] ? em_cmp_match+0x56a/0x7b0 [ 428.198642][ T8893] ? em_cmp_match+0x56a/0x7b0 [ 428.198665][ T8893] __tcf_em_tree_match+0x1cb/0x7a0 [ 428.198693][ T8893] ? tcf_em_tree_dump+0x900/0x900 [ 428.198724][ T8893] ? rcu_read_lock_held+0x40/0x40 [ 428.198744][ T8893] ? __lock_acquire+0x12f4/0x7d10 [ 428.198775][ T8893] basic_classify+0x111/0x2c0 [ 428.198804][ T8893] tcf_classify+0x331/0xbf0 [ 428.198841][ T8893] multiq_enqueue+0xfb/0x4b0 [ 428.198863][ T8893] ? sch_tree_unlock+0x1b0/0x1b0 [ 428.198880][ T8893] ? do_raw_spin_lock+0x128/0x2f0 [ 428.198907][ T8893] ? __rwlock_init+0x140/0x140 [ 428.198927][ T8893] dev_qdisc_enqueue+0x4c/0x2b0 [ 428.198956][ T8893] __dev_queue_xmit+0xfdc/0x37f0 [ 428.198983][ T8893] ? __dev_queue_xmit+0x26b/0x37f0 [ 428.199007][ T8893] ? netdev_core_pick_tx+0x340/0x340 [ 428.199029][ T8893] ? packet_parse_headers+0x7b8/0xab0 [ 428.199049][ T8893] ? packet_parse_headers+0x84b/0xab0 [ 428.199066][ T8893] ? __virt_addr_valid+0x188/0x540 [ 428.199095][ T8893] ? __check_object_size+0x500/0xa40 [ 428.199115][ T8893] ? skb_setup_tx_timestamp+0x1f0/0x1f0 [ 428.199134][ T8893] ? skb_copy_datagram_from_iter+0x5a8/0x690 [ 428.199158][ T8893] ? skb_put+0x117/0x210 [ 428.199186][ T8893] packet_sendmsg+0x3bc3/0x4e60 [ 428.199228][ T8893] ? __schedule+0x119d/0x40e0 [ 428.199250][ T8893] ? __might_sleep+0xd0/0xd0 [ 428.199267][ T8893] ? verify_lock_unused+0x140/0x140 [ 428.199303][ T8893] ? aa_sk_perm+0x81f/0x950 [ 428.199330][ T8893] ? packet_getsockopt+0x9a0/0x9a0 [ 428.199363][ T8893] ? aa_sock_msg_perm+0x94/0x150 [ 428.199383][ T8893] ? bpf_lsm_socket_sendmsg+0x5/0x10 [ 428.199401][ T8893] ? security_socket_sendmsg+0x7c/0xa0 [ 428.199428][ T8893] ? packet_getsockopt+0x9a0/0x9a0 [ 428.199452][ T8893] ____sys_sendmsg+0x5be/0x970 [ 428.199485][ T8893] ? __sys_sendmsg_sock+0x30/0x30 [ 428.199507][ T8893] ? __import_iovec+0x315/0x500 [ 428.199534][ T8893] ? import_iovec+0x6f/0xa0 [ 428.199570][ T8893] ___sys_sendmsg+0x2a2/0x360 [ 428.199595][ T8893] ? try_to_wake_up+0x6ae/0x1080 [ 428.199620][ T8893] ? __sys_sendmsg+0x290/0x290 [ 428.199664][ T8893] ? put_user_ifreq+0x81/0xb0 [ 428.199711][ T8893] __se_sys_sendmsg+0x1bb/0x2a0 [ 428.199738][ T8893] ? __x64_sys_sendmsg+0x80/0x80 [ 428.199777][ T8893] ? lockdep_hardirqs_on+0x94/0x140 [ 428.199797][ T8893] do_syscall_64+0x4c/0xa0 [ 428.199819][ T8893] ? clear_bhb_loop+0x60/0xb0 [ 428.199838][ T8893] ? clear_bhb_loop+0x60/0xb0 [ 428.199859][ T8893] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 428.199878][ T8893] RIP: 0033:0x7ffa05b9c629 [ 428.199901][ T8893] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 428.199915][ T8893] RSP: 002b:00007ffa06970028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 428.199935][ T8893] RAX: ffffffffffffffda RBX: 00007ffa05e15fa0 RCX: 00007ffa05b9c629 [ 428.199948][ T8893] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000004 [ 428.199959][ T8893] RBP: 00007ffa05c32b39 R08: 0000000000000000 R09: 0000000000000000 [ 428.199970][ T8893] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 428.199981][ T8893] R13: 00007ffa05e16038 R14: 00007ffa05e15fa0 R15: 00007ffd83d362d8 [ 428.200008][ T8893] [ 428.206755][ T8893] Kernel Offset: disabled [ 428.754529][ T8893] Rebooting in 86400 seconds..