last executing test programs: 13.704270975s ago: executing program 1 (id=1106): unshare(0x22020400) bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1}, 0x48) bpf$MAP_CREATE(0x0, &(0x7f0000000340)=@base={0xd, 0x6, 0x4, 0x1, 0x1, 0xffffffffffffffff, 0xfffffffc}, 0x63) 13.02438881s ago: executing program 1 (id=1110): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000700000000000000000000850000002300000095"], &(0x7f00000001c0)='GPL\x00', 0x4}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) r1 = socket$kcm(0x10, 0x100000000002, 0x4) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0xe, &(0x7f0000001100)=ANY=[@ANYBLOB="b7020000b96871dfbfa30000000000000703000000feffff7a0af0fff8ffff1971a4f0ff00000000b7060000080000001e6400000000000045040400010000001704000001000a00b7040000000100006a0af2fe0000004f850000001a000000b7000000000000009500000000000000455781a5feee5e1ce784909b849d5550adf200000000000000b61d69f2ffdaa10350e11cb97c8ad51bcda0c4ee6d9674c77404ceb9971e43405d62de53a9a53608c10556e5734eb84049761451ce2e2d9f8004e26f7fcc059c06220002595f6dba87b81d1106fb026cce67a66afd9ac3d09e29a9d542ca9d85a5c9c88474895c679838def0a83a733dc6a39b63a5ed69d32394c53361d7480884bd6fee53f5b2e7b91c61ced1ebad000000000000e8122a793c080a882add4e1179bd4a44f2fcb6d753a78845d8363e0401861abebe428ba953df4aece69311687f4122073a236c3ad198e3f3a532efa04137d452ff47d2638da3261c8362bb7c7824be6195a66d2e17e122040e11e3bd4a69fc6e8d9f7043e09b9e10dc7777bfae5884e4ba1e9cc4a2bbe99e30810400000000000000d63d716c0975e1ce4a655362e7062ff6ab3934555c01840219829472adefa06d3482c7b2711b98eabdca89b77efd13e6dba4a431ce47911834118093b6cabaa17a57727474e1785ee234835088445aa4a9b677d3d342640e328504aea02a2d727e62b7f097a02dbf8fe1d704765de7482040b2fc3000000000000000008947baeaaf954aff687deaa2f804924600273ee26d8115cbca081a14cba24788779291745083fccdddc90d7af35c048d46362ea0d8d79c79ddca066da478c197d4a550470557bc99cca336bd88cd28a5ee651627e3a6fbf6ea53b95ddb64c69c7d8d2f4baddc239828760459564124bad68209d2a1d16ad085886c017679cfcda8b10700ac1e2bcc5ede5b5687aa418abfa29acd7339e73b2cd185c9eb5fb34fccd20ffa155b16c0c309ed6f6663677df37de0ec0d0f548b273940be5d1fe0bae14d1a76bf741330dacd9cc19c0163bcc93059e8d2d120ea257bba458ecd989cb3581a3f270ad48255ac0dad4923e3e357e4e90583ce8d43ec65ed491d87a51d7c13f665dcf772e3ead71112008b16b0ea821f70aee1ccbd71c5a1c21e87d5b7b73d356337dbcf3456ff6cd0d6b98a258e3509a7d15b9dcae4d0d750ffa07909c955e718585b2456308beda2fa03bb9bcf03cdff31ee4b1665b987829c0f0872c006c6e4ed666fe23b343aae943923eedbdb0e7abee90e3da7b98b7d07d2d4816201ad1737798635b0a3ebd3aed120e4500c16e6c9dc729f009db49c6b8b19613e4d792cb4ff5106419291d4222980b49ddb9527ce785822d8f4e2bc30a96767f500b9e26e3b12854da63083320d8bfe49d85e0842803dc59d6375bce2b8a93caf39c0ba767880bbb9bf9407e6a6c0f9a43d1ab51dabf9423b482e848fbe1653ff0c6161fa43543546ce17a42e6cddadaf0767d84407478ffe2d0b567d81201efc81e800d4c0874235ff5cd7f5f0ee71cc2b0193bfc9290627ceaeb0b02931a817688f3a51fa2861e70cbab50a5d434ed8d8841694dba46f3d5a95ae86e4d471684ccf427b2ba53a157b2a7cf7a4c10051bb77822190a14c2ab1f271a7cf9c240b99"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000340), 0xfffffffffffffe19, 0x0, 0xffffffffffffffff, 0x54}, 0x42) setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000000040)=r2, 0x4) sendmsg$kcm(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000200)="39000000140081ae00002c000500015601618575e285af0180000000171300883795c04a31ba377a1b2cc32b38d3740000ffffffffffffffff", 0x39}], 0x1, 0x0, 0x0, 0xc00e}, 0x0) 12.465031976s ago: executing program 1 (id=1114): getsockname$packet(0xffffffffffffffff, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) r2 = socket$inet6_mptcp(0xa, 0x1, 0x106) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x3c}}, 0x0) connect$inet6(r2, &(0x7f0000000180)={0xa, 0x4001, 0x3, @dev={0xfe, 0x80, '\x00', 0x1c}, 0xd}, 0x1c) recvmmsg(r2, &(0x7f00000002c0), 0x220, 0x100, 0x0) sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={0x0, 0x4c}, 0x1, 0x0, 0x0, 0x4040000}, 0x800) getsockopt$inet6_mptcp_buf(r2, 0x11c, 0x2, &(0x7f0000000280)=""/140, 0x0) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_ADD(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={0x0}, 0x1, 0x0, 0x0, 0xd24f4d5778621d46}, 0x4) r4 = socket$caif_seqpacket(0x25, 0x5, 0x0) sendmsg$inet(r4, 0x0, 0x94) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_LIST(r5, 0x0, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x18) bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x18, 0xc, 0x0, &(0x7f00000007c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[], 0x50) syz_usb_connect(0x0, 0x2d, &(0x7f0000000080)=ANY=[@ANYBLOB="120100009ac0b620110f211066865578ac010902"], 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 10.184459538s ago: executing program 1 (id=1131): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) r1 = socket$inet_sctp(0x2, 0x1, 0x84) sendmsg$ETHTOOL_MSG_LINKMODES_SET(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=ANY=[], 0x40}}, 0x0) getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000040)=0x8) setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x85, &(0x7f0000000000)={r2, @in={{0x2, 0x4e24, @empty}}, 0x27c0}, 0x90) 9.892998615s ago: executing program 1 (id=1132): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x4, 0x5}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b708000000feffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1, 0x0, 0xfffffffffffffffc}, 0x18) r2 = socket$nl_audit(0x10, 0x3, 0x9) sendmsg$AUDIT_USER_AVC(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[@ANYBLOB="14000000530464"], 0x14}, 0x1, 0x0, 0x0, 0x24000841}, 0x4008840) 9.744187178s ago: executing program 1 (id=1133): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000540)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f0000000480), 0x400034f, 0x2, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="0100000004000000e27f000001"], 0x50) bind$rxrpc(0xffffffffffffffff, 0x0, 0x0) r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f0000000480)={0x0, 0x18, 0xfa00, {0x0, &(0x7f00000002c0)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_RESOLVE_IP(r3, &(0x7f0000000100)={0x3, 0x40, 0xfa00, {{0xa, 0x4e24, 0xffffffff, @empty, 0x2561}, {0xa, 0x4e23, 0x0, @private2}, r4}}, 0x48) 8.156958202s ago: executing program 0 (id=1146): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70300001d000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18) r2 = syz_io_uring_setup(0x32b8, &(0x7f0000000140)={0x0, 0x70ba, 0x1000, 0x48003, 0x1c2}, &(0x7f0000000040)=0x0, &(0x7f0000000680)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_RENAMEAT={0x23, 0x4, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000380)='./file0\x00', 0xffffffffffffffff, 0x0, 0x1}) io_uring_enter(r2, 0x10007b0f, 0x96f0, 0x20, 0x0, 0x0) 5.797592511s ago: executing program 4 (id=1156): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) mbind(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x2, &(0x7f0000000000)=0x5, 0x5, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000040)={0x0, 0x1c, &(0x7f0000000080)=[@in6={0xa, 0x0, 0x0, @rand_addr=' \x01\x00'}]}, &(0x7f0000000180)=0x10) r1 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0xd, &(0x7f0000000000)=@assoc_value, &(0x7f0000000200)=0x8) getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, 0x0, &(0x7f00000001c0)) 5.410787016s ago: executing program 5 (id=1157): unshare(0x2040400) r0 = socket$inet_sctp(0x2, 0x5, 0x84) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000000)=@broute={'broute\x00', 0x20, 0x0, 0x90, [0x800000000000, 0x0, 0x0, 0x751, 0x7, 0x200000000080], 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000200000000000000000000000000000000000000000000000000fcffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff"]}, 0x104) 5.032777243s ago: executing program 5 (id=1160): bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x8, 0x1}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f0000000740)=@framed, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000004bc311ec8500000075000000a70000000800000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000000c0)='percpu_alloc_percpu\x00', r0}, 0x10) syz_io_uring_setup(0x111, &(0x7f0000000340)={0x0, 0x11, 0x2, 0x4}, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) 4.682970862s ago: executing program 4 (id=1162): r0 = socket(0x400000000010, 0x3, 0x0) r1 = socket(0x400000000010, 0x3, 0x0) r2 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000060c0)=@newtfilter={0x34, 0x2c, 0xd27, 0x70bd24, 0x25dfdbfc, {0x0, 0x0, 0x0, r3, {0x0, 0xfff3}, {}, {0x7, 0x2}}, [@filter_kind_options=@f_cgroup={{0xb}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x8859}, 0x20004804) sendmsg$nl_route_sched(r0, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000006100)=@delchain={0x24, 0x65, 0x1, 0x70bd2b, 0x25dfdbff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff3}, {}, {0xb}}}, 0x24}, 0x1, 0x0, 0x0, 0x8848}, 0x20004804) 4.608875298s ago: executing program 0 (id=1163): r0 = syz_mount_image$vfat(&(0x7f0000001200), &(0x7f0000001240)='./bus\x00', 0x0, &(0x7f0000002480)=ANY=[], 0x1, 0x11f4, &(0x7f0000001280)="$eJzs3M+LG2UYB/DHbWvr1v2h1moL0he96GXo7sGLgiyyBWlAaRuhFYSpO9GQMQmZsBARV09e/TvEozdBvOllL/4N3vbisQdxxMTapsRDqXTa8Plc8pD3/cLzkjDwDvPO0ZvffNrrVFknH8fKE2/FyjAi3UqRYiVu+zJee+PnX166ev3G5Z1Wa/dKSpd2rm29nlJav/DjB59/9/JP49Pvf7/+w8k43Pzw6Pft3w7PHp47+vPaJ90qdavUH4xTnm4OBuP8ZlmkvW7Vy1J6ryzyqkjdflWM5sY75WA4nKS8v7e2OhwVVZXy/iT1ikkaD9J4NEn5x3m3n7IsS2urwYNof3urruuIuj4RT0Zd1/VTsRqn4+lYi/XYiM14Jp6N5+JMPB9n44V4Mc5NZzXdNwAAAAAAAAAAAAAAAAAAACyXBzr/f6Hh5gEAAAAAAAAAAAAAAAAAAGBJXL1+4/JOq7V7JaVTEeXX++399uxzNr7TiW6UUcTF2Ig/Ynr6f2ZWX3qntXsxTW3GV+XBP/mD/fax+fzW9HUCC/Nbs3yaz5+M1bvz27ERZxbntxfmT8Wrr9yVz2Ijfv0oBlHGXvydvZP/Yiult99t3ZM/P50HAAAAyyBL/1q4f8+y/xqf5e/j/sA9++vjcf54s2snopp81svLshg1XtzuaPbNQUQ8Io0tcXHi0Wjj/y2Ozf2Rmu/nMS2auybx8Nz50ZvuBAAAAAAAAAAAgPvxMB4nbHqNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/MUOHAsAAAAACPO3TqNjAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4KgAA//86R81g") mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) mkdirat(0xffffffffffffffff, &(0x7f0000000180)='./bus\x00', 0x0) io_uring_register$IORING_REGISTER_RESTRICTIONS(0xffffffffffffffff, 0xb, &(0x7f00000002c0)=[@ioring_restriction_sqe_flags_allowed={0x2, 0xa}, @ioring_restriction_sqe_flags_allowed={0x2, 0x2}, @ioring_restriction_register_op={0x0, 0xb}, @ioring_restriction_register_op={0x0, 0x4}, @ioring_restriction_sqe_flags_required={0x3, 0xa}], 0x5) syz_genetlink_get_family_id$batadv(&(0x7f0000000040), 0xffffffffffffffff) bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000000000000000000fa00000018000000", @ANYRES32, @ANYRESHEX=r0], 0x0, 0x0, 0xffffff8e, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xaa02948b040f0ee2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0) ioctl$SNDRV_TIMER_IOCTL_TREAD_OLD(r1, 0x40045402, &(0x7f0000000140)=0x1) read(r1, &(0x7f0000000040)=""/46, 0x2e) ioctl$SNDRV_TIMER_IOCTL_SELECT(r1, 0x40345410, &(0x7f00000083c0)={{0x1}}) ioctl$SNDRV_TIMER_IOCTL_PARAMS(r1, 0x40505412, &(0x7f00000000c0)={0x7, 0x9dc5, 0x0, 0x0, 0xf}) ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r1, 0x54a2) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$NL80211_CMD_START_AP(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="050026bd7000000000000f00000008000300", @ANYRES32=0x0, @ANYBLOB="30000e0080000000ffffffffffff0802110000000802110000000000020000259dab6c71df0cab8ee18a"], 0x4c}}, 0x20000014) renameat2(0xffffffffffffffff, &(0x7f0000000380)='./file0\x00', 0xffffffffffffffff, &(0x7f0000000200)='./bus/file0\x00', 0x0) 3.992626244s ago: executing program 5 (id=1166): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) sendmsg$nl_route(r1, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0) getsockname$packet(r1, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[@ANYBLOB="400000001000390400"/20, @ANYRES32=r2, @ANYBLOB="01980000000000002000128008000100677265001400028008000100", @ANYRES32=r2], 0x40}, 0x1, 0x0, 0x0, 0x4014}, 0x4c094) r4 = socket(0x10, 0x3, 0x0) getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route_sched(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x44, 0x24, 0x5820a61ca228659, 0x0, 0xfffffffe, {0x0, 0x0, 0x0, r5, {0x0, 0x9}, {0xffff, 0xffff}, {0x5, 0x7}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_USC={0x10, 0x3, {0x6, 0x2}}}}]}, 0x79}}, 0x800) sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000001540)=@newtfilter={0x68, 0x28, 0xd27, 0x1004001, 0x25dfdbfd, {0x0, 0x0, 0x0, r5, {0xffff, 0x9}, {}, {0x2, 0xb}}, [@filter_kind_options=@f_cgroup={{0xb}, {0x38, 0x2, [@TCA_CGROUP_ACT={0x34, 0x1, [@m_sample={0x30, 0x215, 0x0, 0x0, {{0xb}, {0x4}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x2, 0x3}}}}]}]}}]}, 0x68}, 0x1, 0x0, 0x0, 0x8810}, 0x404c0c0) r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x5, 0x0, 0x0, 0x0, 0x25}, 0x94) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x23) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r7}, 0x10) sendmsg$nl_route_sched(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)=@delchain={0x24, 0x11, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {}, {0x0, 0x1}}}, 0x24}}, 0x10) 3.890556686s ago: executing program 4 (id=1168): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = socket(0x400000000010, 0x3, 0x0) r2 = socket$inet_sctp(0x2, 0x5, 0x84) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2c, 0x25dddbfd, {0x0, 0x0, 0x0, r3, {0x0, 0xffff}, {0xffff, 0xffff}, {0x1, 0xd}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0) sendmsg$nl_route_sched(r1, 0x0, 0x800) 3.772722703s ago: executing program 0 (id=1170): bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x11, 0x4, &(0x7f00000000c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffff7fe}, [@call={0x85, 0x0, 0x0, 0xd2}]}, &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x472}, 0x94) 3.664779402s ago: executing program 3 (id=1171): syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x0, &(0x7f0000000540), 0x1, 0x4a3, &(0x7f0000000580)="$eJzs3c1rXOUaAPBnZpo0SXNvP+7l0vbCbaEXej9oJh9IE3XjSl0UxIIbhRqTaayZZEJmUpvQRaq7LlyIoiAu3PsXuLEriyCudS8upKI1ggrCyDkzk+Zr4qBpBnJ+Pzid95z3dJ73zfC8nHnPOXMCyKyzyT+5iMGI+DwijjZWN+9wtvGydv/mVLLkol6//F0u3S9Zb+3a+n9HImI1Ivoi4tknI17KbY9bXV6ZnSyXS4vN9WJtbqFYXV65cG1ucqY0U5ofGb84MTE+PDY6sWd9vf3GK7cvffR074c/vX7v7puffJw0a7BZt7Efe6nR9Z44vmHboYh4/GEE64JCsz/93W4If0jy+f0tIs6l+X80CumnCWRBvV6v/1o/3K56tQ4cWPn0GDiXH4qIRjmfHxpqHMP/PQby5Uq19v+rlaX56cax8rHoyV+9Vi4NN78rHIueXLI+kpYfrI9uWR+LSI+B3yr0p+tDU5Xy9P4OdcAWR7bk/4+FRv4DGeErP2SX/Ifskv+QXfIfskv+Q3bJf8gu+Q/ZJf8hu+Q/ZJf8h+yS/5BJz1y6lCz11v3v09eXl2Yr1y9Ml6qzQ3NLU0NTlcWFoZlKZSa9Z2fu996vXKksjDwSSzeKtVK1Vqwur1yZqyzN166k9/VfKfXsS6+AThw/c+fLXESsPtqfLoneZp1chYOtXs9Ft+9BBrqj0O0BCOgaU3+QXb7jAzv8RO8mfe0qFva+LcD+yHe7AUDXnD/l/B9klfl/yC7z/5BdjvEB8/+QPeb/IbsG2zz/6y8bnt01HBF/jYgvCj2HW8/6Ag6C/De55vH/+aP/Htxa25v7OT1F0BsRr753+Z0bk7Xa4kiy/fv17bV3m9tHu9F+oFOtPG3lMQCQXWv3b061lv2M++0TjYsQtsc/1Jyb7EvPUQ6s5TZdq5Dbo2sXVm9FxMmd4ueazztvnPkYWCtsi3+i+ZprvEXa3kPpc9P3J/6pDfH/tSH+6T/9V4FsuJOMP8M75V8+zelYz7/N48/gHl070X78y6+Pf4U249+ZDmO8/P5rX7eNfyvi9I7xW/H60lhb4ydtO99h/HsvPPePdnX1Dxrvs1P8lqRUrM0tFKvLKxfS35GbKc2PjF+cmBgfHhudKKZz1MXWTPV2j5387O5u/R9oE3+3/ifb/tth/3/556fPn90l/n/O7fz5n9glfn9E/K/D+D+MfvViu7ok/nSb/ud3iZ9sG+swfvXtpw53uCsAsA+qyyuzk+VyaVFBQUFhvdDtkQl42B4kfbdbAgAAAAAAAAAAAHRqPy4n7nYfAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOgt8CAAD//1kn1ls=") bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48) socket$kcm(0x10, 0x2, 0x4) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) fchdir(0xffffffffffffffff) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, 0x0) r0 = gettid() timer_create(0x0, &(0x7f0000000240)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f00000001c0)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r1 = syz_io_uring_setup(0x131, &(0x7f0000000340)={0x0, 0x5cb1, 0x2, 0x2, 0xffffbffd}, &(0x7f0000000140)=0x0, &(0x7f0000000000)) syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0x200, 0x0, 0x4) io_uring_enter(r1, 0x1e76, 0xf728, 0xd, 0x0, 0x0) 3.300917806s ago: executing program 0 (id=1173): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], &(0x7f00000001c0)='GPL\x00'}, 0x94) fsopen(0x0, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x48) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r1 = getpid() sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0) mount$9p_fd(0x0, 0x0, 0x0, 0x490e7, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000580)='sched_switch\x00', r0}, 0x10) openat$nci(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) 3.113825182s ago: executing program 3 (id=1174): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xf, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x20, 0x3, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @netfilter=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r2, 0x0, 0x14, 0x0, &(0x7f0000000080)="f6f4e9a10000502468da5eb1c6b2feff8833c000", 0x0, 0x86, 0x0, 0x31, 0x0, &(0x7f00000001c0)="daf9e846ab156efc71b59652333536dbfd26a6d0546366e36eb77dd0aaa2dbe567d168904cf0d5bce1771889c98ffc0abf", 0x0}, 0x50) 3.099626107s ago: executing program 5 (id=1175): bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48) socket$kcm(0x10, 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x6c, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000300)='kfree\x00', r0}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, 0x0, 0x0) connect$inet(0xffffffffffffffff, &(0x7f0000000280)={0x2, 0x0, @dev}, 0x10) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000740), 0x1, r1}, 0x38) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x67, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='kfree\x00', r2, 0x0, 0x2}, 0x18) bpf$PROG_LOAD(0x5, 0x0, 0x0) r3 = socket(0x10, 0x803, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'team_slave_1\x00', 0x0}) sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xffe0, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x1}}}]}, 0x38}}, 0x0) sendmsg$nl_route_sched(r3, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001300)=@newtfilter={0xf8, 0x2c, 0xd2b, 0x70bd2b, 0x35dfdbfb, {0x0, 0x0, 0x0, r4, {0xf}, {}, {0x7, 0xfff3}}, [@filter_kind_options=@f_u32={{0x8}, {0xcc, 0x2, [@TCA_U32_SEL={0x24, 0x5, {0x1, 0x1, 0x3, 0x1, 0x4, 0x102, 0x6, 0x7ffffffa, [{0x200, 0x500, 0x3, 0x6}]}}, @TCA_U32_SEL={0xa4, 0x5, {0x10, 0x9, 0x6, 0x10da, 0xa760, 0x0, 0x10, 0x100, [{0x1, 0xfffffffb, 0x100, 0x3ff}, {0x9, 0x7, 0x40, 0x80}, {0x6, 0x7fff, 0x9, 0x7}, {0x3, 0x80, 0x1, 0x6}, {0x9, 0x10, 0x5, 0x5}, {0xac, 0xfffff08a, 0x8, 0x3}, {0x40, 0x80000001, 0xfffffffe, 0xffffffff}, {0x1, 0x5, 0x5127, 0x800}, {0xaa4, 0x406, 0x2, 0x127c}]}}]}}]}, 0xf8}}, 0x24040084) 2.896834262s ago: executing program 2 (id=1176): socket$inet6_tcp(0xa, 0x1, 0x0) socket$inet6_mptcp(0xa, 0x1, 0x106) bpf$MAP_CREATE(0x0, 0x0, 0x48) r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000100)='./mnt\x00', 0x2000c16, &(0x7f0000000040)={[{@nobh}, {@usrjquota}]}, 0xff, 0x240, &(0x7f00000002c0)="$eJzs3T1oO2UcB/DvXRL/tg1SdRHEFxARLZS6CS51UShIKSKCChURF6UVaotb6+TioLNKJ5ciblZH6VJcFMGpaoe6CFocLA46RJJrpbYRX1Jz4n0+cLm75J77Pcfd97kQOBKgsaaTzCdpJZlJ0klSnN/gzmqaPl3dnthfTnq9x34oBttV65WzdlNJtpI8kGSvLPJCO9nYferop4NH7nl9vXP3u7tPToz1IE8dHx0+evLO4msfLNy/8dkX3y0WmU/3d8d19Yoh77WL5KZ/o9h/RNGuuwf8FUuvvP9lP/c3J7lrkP9OylQn74216/Y6ue/tP2r75vef3zrOvgJXr9fr9O+BWz2gccok3RTlbJJquSxnZ6vv8F+1JssXV9dennl+dX3lubpHKuCqdJPDhz+69uHUhfx/26ryD/xPVT9KHT6+tPN1f+GkVXeHgLG4rZr17/8zz2zeG/mHxpF/aC75h+aSf2gu+Yfmkn9oLvmH5pJ/aC75h+aSf2iu8/kHAJqld63uJ5CButQ9/gAAAAAAAAAAAAAAAAAAAJdtT+wvn03jqvnJW8nxQ0naw+q3Bv9HnFw/eJ38sehv9puiajaSp+8YcQcjeq/mp69v+Kbe+p/eXm/9zZVk69Ukc+325euvOL3+/rkb/+TzzrMjFvibigvrDz4x3voX/bJTb/2Fg+Tj/vgzN2z8KXPLYD58/On2z9+I9V/6ecQdAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDa/BgAA//8YZW08") syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000680)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x804071, 0x0, 0x0, 0x0, &(0x7f0000000140)) r1 = creat(&(0x7f00000000c0)='./bus\x00', 0x182) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32, @ANYBLOB="0000000000000000b707000008000000850000006900000095"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0xfe80, &(0x7f00000005c0)=[{&(0x7f0000000940)="2e00000010008188e6b62aa73772cc9f1ba1f8482e0000005e140602000000000e000a001000000002800000128c", 0x2e}], 0x1}, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x181242, 0x0) write$binfmt_script(r3, &(0x7f0000000b80)={'#! ', './file0'}, 0xb) fallocate(r1, 0x0, 0xbf5, 0x2000402) ioctl$EXT4_IOC_MOVE_EXT(r3, 0xc028660f, &(0x7f0000000040)={0xc, r1, 0x0, 0x0, 0x0, 0xfffffffffdffffff}) 1.689051001s ago: executing program 0 (id=1177): mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x300000c, 0x50032, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94) r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000740), 0x1, r0}, 0x38) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='kfree\x00', r1, 0x0, 0x2}, 0x18) r2 = gettid() process_vm_writev(r2, &(0x7f0000000000)=[{0x0}], 0x1, &(0x7f0000121000), 0x0, 0x0) r3 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r3, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000100)={0x2, 0x3, 0x0, 0x3, 0xc, 0x0, 0x700, 0x0, [@sadb_key={0x2, 0x9, 0x18, 0x0, "01d787"}, @sadb_address={0x3, 0x6, 0x33, 0x0, 0x0, @in={0x2, 0x2, @private}}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0x2, 0xd}, @sadb_address={0x3, 0x5, 0x0, 0x0, 0x0, @in={0x2, 0x0, @dev}}]}, 0x60}, 0x1, 0x7}, 0x0) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x4c, 0x2, 0x6, 0x301, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:net,net\x00'}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4000}, 0x4000) r5 = gettid() process_vm_writev(r5, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, 0x0, 0x0, 0x0) r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000600000027"], 0x48) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r8 = accept(r3, 0x0, &(0x7f0000000200)) bind$inet6(r8, &(0x7f0000000380)={0xa, 0x4e24, 0xb, @private0, 0x7}, 0x1c) r9 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0xa802, 0x0) ioctl$SIOCSIFHWADDR(r9, 0x8914, &(0x7f00000000c0)={'syzkaller0\x00', @broadcast}) socket$netlink(0x10, 0x3, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r7}, 0x10) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0xfffff000) 1.686943054s ago: executing program 4 (id=1178): syz_init_net_socket$llc(0x1a, 0x1, 0x0) syz_emit_ethernet(0x42, &(0x7f00000003c0)=ANY=[@ANYBLOB="ffffffffffffaaaaaaaaaabb080046000034000000000001900100000000000000aa07037f00080090787f000001450000000000000000000000ac1414aae0000001"], 0x0) r0 = socket$kcm(0x29, 0x2, 0x0) r1 = openat2(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)={0x1, 0x101, 0x10}, 0x18) syz_genetlink_get_family_id$tipc2(0x0, r1) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xb, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x20, '\x00', 0x0, @fallback=0x3f, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r2}, 0x10) setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, 0x0, 0x0) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) readahead(r3, 0x4, 0x7f) openat$ptp0(0xffffffffffffff9c, &(0x7f0000000240), 0x200, 0x0) close_range(r2, r0, 0x0) r5 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_fanout(r5, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4) r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000200), 0xffffffffffffffff) r8 = gettid() r9 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[], 0x48) r10 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r9, @ANYBLOB="0000000000000000b707000008000000850000006900000095"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r10}, 0x10) r11 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$IP6T_SO_SET_REPLACE(r11, 0x29, 0x40, &(0x7f0000000600)=@raw={'raw\x00', 0x8, 0x3, 0x4c0, 0x0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x3f0, 0xffffffff, 0xffffffff, 0x3f0, 0xffffffff, 0xb, 0x0, {[{{@ipv6={@dev={0xfe, 0x80, '\x00', 0x1a}, @dev={0xfe, 0x80, '\x00', 0x28}, [0xffffff00, 0xffffff00, 0x0, 0xff000000], [0xff, 0x0, 0x9f19fd7a5e924fa7, 0xff], 'macvtap0\x00', 'bridge0\x00', {0xff}, {0xff}, 0x2b, 0x7, 0x5, 0x10}, 0x0, 0x1a0, 0x1c0, 0x60030000, {0x0, 0xff000000}, [@common=@inet=@recent0={{0xf8}, {0x81, 0x0, 0x24, 0x0, 'syz1\x00'}}]}, @unspec=@TRACE={0x20}}, {{@uncond, 0x0, 0x1c8, 0x230, 0x0, {}, [@common=@inet=@recent0={{0xf8}, {0x0, 0x0, 0x1, 0x0, 'syz0\x00'}}, @common=@inet=@tcpmss={{0x28}, {0x39d3, 0x9, 0x1}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, 'netbios-ns\x00', 'syz0\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x520) sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)={0x24, r7, 0x1, 0x70bd28, 0x25dfdbff, {}, [@NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x1}, @NL802154_ATTR_PID={0x8, 0x1c, r8}]}, 0x24}, 0x1, 0x0, 0x0, 0x20000040}, 0x4000000) capset(&(0x7f0000000380)={0x20080522}, 0x0) clock_adjtime(0x0, &(0x7f0000000000)={0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x3b9ac9ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'xfrm0\x00'}) sendmsg$NFT_BATCH(r4, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x24040089}, 0x20008000) r12 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000e8ffff05850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a00)={&(0x7f0000000d00)='sched_switch\x00', r12}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000000140)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_skb}, 0x94) 1.686117772s ago: executing program 5 (id=1179): bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x8, 0x1}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f0000000740)=@framed, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000004bc311ec8500000075000000a70000000800000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000000c0)='percpu_alloc_percpu\x00', r0}, 0x10) syz_io_uring_setup(0x111, &(0x7f0000000340)={0x0, 0x11, 0x2, 0x4}, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) 1.483308017s ago: executing program 3 (id=1180): r0 = socket$l2tp6(0xa, 0x2, 0x73) connect$l2tp6(r0, &(0x7f0000000f40)={0xa, 0x0, 0x0, @private0={0xfc, 0x0, '\x00', 0x21}, 0xfffffffd}, 0x20) 1.345046729s ago: executing program 2 (id=1181): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB="640000000206010200000000000000000000000015000300686173683a69702c706f72742c6e6574000000000900020073797a320000000005000400000000001400078008001240000000000500150022000000050005000200000005000100"], 0x64}}, 0x0) sendmsg$IPSET_CMD_DESTROY(r0, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000640)={0x1c, 0x3, 0x6, 0x401, 0x0, 0x0, {0x7, 0x0, 0x2}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x800}, 0x10) 1.298066835s ago: executing program 0 (id=1182): syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000002c0)='./file0\x00', 0x10, &(0x7f0000000600), 0x1, 0x59d, &(0x7f0000001100)="$eJzs3c9vFGUfAPDvs7stlAItb97kfZGDTUiERG1pwWiMiRDx5sEfJJ5IrG0hhAUaWhNBjJDgf6B/gIk3E2M8EmOIevHqzcSriSESA714WzO7s2WB3f7cMsh8PsnQ55mnk+8zu3z7zDw7MxtAaY1l/1Qi9kbEfIoY6WirRd441vq9u3euzCzduTKTotF4568UKV/X/v2U/xzON94eEb/8kOI/1YfjLly6fHa6Xp+7mNcnFs/NTyxcuvz8mXPTp+dOz52fmnxx8oUjh6eOHOrLfu6KiJ/Gj9eun3pt3zczX+755LuvbqQ4Gjvz9s796JexGFt+TTplr+tL/Q5WkGq+P51vcaoV2CHWpf3+DUTE/2IkqnHvzRuJT98qtHPAlmqkiAZQUkn+Q0m1jwOy89/2UuwRCfCo3D7WmgC4m1pze0vL+V9rzQ3G9ubcwI6lFJ3TOiki+jEzl8WYfyaNZEts0Twc0N3VaxHx/27jf2rm5mhzFj/L/8p9+V+JiDfzn9n6tzcYf+yBuvyHR2cz+f9eR/6/v8H48h8AAAAAAAD65+axiHiu2+d/leXrf6LL9T/DEXG0D/FX//yvcqsPYYAubh+LeCUi2tf+LXXkf260mtd2Na8HGEinztTnDkXE7og4GAPbsvrkCjHG9v080LOt4/q/bMnit68FzPtxq7bt/m1mpxenN7PPQMvtaxFP1brlf1oe/1OX8T8b++fXGKNx/NUfe7Wtnv/AVml8EXGg6/h/78kVaeXnc0w0jwcm2kcFD/vo5I1ve8WX/1CcbPzfsXL+j6bO5/UsrD/Gx3/+ton87378P5hONB85M5iv+3B6cfHiZMRgeuPh9VPr7zM8idr50M6XLP8P7u9+/r/S8f9QRFxdY8wT379+vVeb8R+KM3QtYnZd4//6C/vf/fzvXvHXNv4faY7pB/M15v9gZWtN0KL7CQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/RpWI2BmpMr5crlTGxyOGI+K/saNSv7Cw+OypCx+cn83amt//X2l/0+9Iq57a3/8/2lGfeqB+OCL2RMRn1aFmfXzmQn226J0HAAAAAAAAAAAAAAAAAACAx8Rwj/v/M39Ui+4dsOVqRXcAKIz8h/KS/1Be8h/KS/5Decl/KC/5D+Ul/6G85D+UV7Xx9cmi+wAAAAAAAPTNnqdv/poi4urLQ80lM5i3DRTaM2CrHS26A0BhPOIHysulf1Beq53jmwOAJ19apX37hrcEAAAAAAAAAAAAAPrlwF73/0NZVYruAFCY3vf/ezIAPOnc/w/l5RwfcP8/AAAAAAAAAAAAADz+Fi5dPjtdr89d3Ghh2+Y2V1BYa+H33a3/s49Lf9ZfiNSHjHtEhaL/MgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG3/BAAA//9r5fVk") r0 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) mount$bind(0x0, &(0x7f0000000100)='.\x00', 0x0, 0x21, 0x0) write$binfmt_register(r0, &(0x7f0000000140)={0x3a, 'syz3', 0x3a, 'E', 0x3a, 0x2007, 0x3a, '\r', 0x3a, '\x84\xa3\xea\xd6O\x89|\xeb\x80\xf0\xe96\xf4`&\xd4E\xe7L\x82n;H\xd8\xdf\x9a, \\E\xd4\xab\x1ed', 0x3a, './file2', 0x3a, [0x46]}, 0x4b) syz_mount_image$msdos(&(0x7f0000000f40), &(0x7f0000000f00)='.\x00', 0x1258438, &(0x7f0000000f80)=ANY=[], 0xb, 0x0, &(0x7f0000000000)) socket$nl_audit(0x10, 0x3, 0x9) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000740)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000080850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x28, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000300)='kmem_cache_free\x00', r1}, 0x10) openat(0xffffffffffffffff, 0x0, 0x6a1c2, 0x50) ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(0xffffffffffffffff, 0xc0a85320, &(0x7f00000003c0)={{0x80}, 'port0\x00', 0x511e3659902368a, 0x20001, 0x7, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x4}) r2 = socket$xdp(0x2c, 0x3, 0x0) getsockopt$XDP_STATISTICS(r2, 0x11b, 0x7, 0xffffffffffffffff, &(0x7f0000000080)=0x20) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = socket$rds(0x15, 0x5, 0x0) bind$rds(r4, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10) sendmsg$rds(r4, &(0x7f0000000080)={&(0x7f0000000180)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0}, 0x0) sendmsg$rds(r4, &(0x7f0000000680)={&(0x7f00000000c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0}, 0x0) setsockopt$RDS_CANCEL_SENT_TO(r4, 0x114, 0x1, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10) syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0) sendmsg$TIPC_NL_KEY_SET(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000600)=ANY=[], 0x54}}, 0x0) 1.084041102s ago: executing program 4 (id=1183): mremap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x4000, 0x0, &(0x7f0000001000/0x4000)=nil) 961.035509ms ago: executing program 3 (id=1184): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={0x0, 0xc4}}, 0x20050890) 739.9683ms ago: executing program 4 (id=1185): munmap(&(0x7f0000001000/0x3000)=nil, 0x3000) pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) io_setup(0x3ff, &(0x7f0000000500)=0x0) io_getevents(r1, 0x4, 0x4, &(0x7f00000019c0)=[{}, {}, {}, {}], 0x0) io_submit(r1, 0x1, &(0x7f0000000300)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0}]) 577.833756ms ago: executing program 3 (id=1186): syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x0, &(0x7f0000000540), 0x1, 0x4a3, &(0x7f0000000580)="$eJzs3c1rXOUaAPBnZpo0SXNvP+7l0vbCbaEXej9oJh9IE3XjSl0UxIIbhRqTaayZZEJmUpvQRaq7LlyIoiAu3PsXuLEriyCudS8upKI1ggrCyDkzk+Zr4qBpBnJ+Pzid95z3dJ73zfC8nHnPOXMCyKyzyT+5iMGI+DwijjZWN+9wtvGydv/mVLLkol6//F0u3S9Zb+3a+n9HImI1Ivoi4tknI17KbY9bXV6ZnSyXS4vN9WJtbqFYXV65cG1ucqY0U5ofGb84MTE+PDY6sWd9vf3GK7cvffR074c/vX7v7puffJw0a7BZt7Efe6nR9Z44vmHboYh4/GEE64JCsz/93W4If0jy+f0tIs6l+X80CumnCWRBvV6v/1o/3K56tQ4cWPn0GDiXH4qIRjmfHxpqHMP/PQby5Uq19v+rlaX56cax8rHoyV+9Vi4NN78rHIueXLI+kpYfrI9uWR+LSI+B3yr0p+tDU5Xy9P4OdcAWR7bk/4+FRv4DGeErP2SX/Ifskv+QXfIfskv+Q3bJf8gu+Q/ZJf8hu+Q/ZJf8h+yS/5BJz1y6lCz11v3v09eXl2Yr1y9Ml6qzQ3NLU0NTlcWFoZlKZSa9Z2fu996vXKksjDwSSzeKtVK1Vqwur1yZqyzN166k9/VfKfXsS6+AThw/c+fLXESsPtqfLoneZp1chYOtXs9Ft+9BBrqj0O0BCOgaU3+QXb7jAzv8RO8mfe0qFva+LcD+yHe7AUDXnD/l/B9klfl/yC7z/5BdjvEB8/+QPeb/IbsG2zz/6y8bnt01HBF/jYgvCj2HW8/6Ag6C/De55vH/+aP/Htxa25v7OT1F0BsRr753+Z0bk7Xa4kiy/fv17bV3m9tHu9F+oFOtPG3lMQCQXWv3b061lv2M++0TjYsQtsc/1Jyb7EvPUQ6s5TZdq5Dbo2sXVm9FxMmd4ueazztvnPkYWCtsi3+i+ZprvEXa3kPpc9P3J/6pDfH/tSH+6T/9V4FsuJOMP8M75V8+zelYz7/N48/gHl070X78y6+Pf4U249+ZDmO8/P5rX7eNfyvi9I7xW/H60lhb4ydtO99h/HsvPPePdnX1Dxrvs1P8lqRUrM0tFKvLKxfS35GbKc2PjF+cmBgfHhudKKZz1MXWTPV2j5387O5u/R9oE3+3/ifb/tth/3/556fPn90l/n/O7fz5n9glfn9E/K/D+D+MfvViu7ok/nSb/ud3iZ9sG+swfvXtpw53uCsAsA+qyyuzk+VyaVFBQUFhvdDtkQl42B4kfbdbAgAAAAAAAAAAAHRqPy4n7nYfAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOgt8CAAD//1kn1ls=") bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48) socket$kcm(0x10, 0x2, 0x4) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) fchdir(0xffffffffffffffff) r0 = gettid() timer_create(0x0, &(0x7f0000000240)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f00000001c0)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r1 = syz_io_uring_setup(0x131, &(0x7f0000000340)={0x0, 0x5cb1, 0x2, 0x2, 0xffffbffd}, &(0x7f0000000140)=0x0, &(0x7f0000000000)) syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0x200, 0x0, 0x4) io_uring_enter(r1, 0x1e76, 0xf728, 0xd, 0x0, 0x0) 512.873194ms ago: executing program 2 (id=1187): capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000340)={0x200000, 0x200000, 0x0, 0x0, 0x5989}) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000001140)={@map=0x1, 0x2f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) 468.362267ms ago: executing program 5 (id=1188): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000080000000c"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000480)={{r0}, &(0x7f0000000600), &(0x7f0000000800)}, 0x20) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x41, &(0x7f0000000080), 0x67, 0x52b, &(0x7f0000000a00)="$eJzs3V9rLGcZAPBnNrvHk3NymlS90IK12krOQc9u0tg2eFEriF4V1HpfY7IJIZtsyG7ak1BMDn4AQUQFr/TGG8EPIEjBGy9FKOi1oqKInuqFF9qR2Z1Nc5L913aTTZPfDybzvjPvzPO8G2Z2ZmeYCeDKeiIiXoiIt9I0vRMR0/n0Qj7EYXvI2r354LXlbEgiTV/6RxJJPq2zriQf38wXux4RX/tyxDeT03Ebe/sbS7VadSevV5qb25XG3v7d9c2ltepadWthYf7ZxecWn1mcG0k/b0XE81/8y/e/89MvPf/Lz7z6x5f/dvtbWVpT+fzj/XiHiv1mtrtean0WxxfYeZfBLqJiq4e5yW4tJk5NuX/GOQEA0F12jP/BiPhkRNyJ6ZjofzgLAAAAvA+ln5+K/yYRaXfXekwHAAAA3kcKrXtgk0I5vxdgKgqFcrl9D++H40ahVm80P71a391aad8rOxOlwup6rTqX3ys8E6Ukq8+3ym/Xnz5RX4iIRyPie9OTrXp5uV5bGfePHwAAAHBF3Dxx/v/v6fb5f8fBOJMDAAAARmdm3AkAAAAAZ27Y8/8bZ5wHAAAAcHZc/wcAAIBL7SsvvpgNaef91yuv7O1u1F+5u1JtbJQ3d5fLy/Wd7fJavb7Wembf5qD11er17c/G1u69SrPaaFYae9djs7671Xx5/aFXYAMAAADn6NGPv/77JCIOPzfZGjLXhlt0yGbARVU8KiX5uMtm/YdH2uM/n1NSwLmYGHcCwNgUx50AMDalcScAjF0yYH7Pm3d+k48/Mdp8AACA0Zv9aO/r/4W+Sx72nw1ceDZiuLpc/4erq3X9f9g7eR0swKVSGnQE0HebPxhxNsA4vOfr/wOl6TtKCAAAGLmp1pAUysVOvVAolyNutV4LUEpW12vVuYh4JCJ+N136QFafb7VMBp4zAAAAAAAAAAAAAAAAAAAAAAAAAABtaZpECgAAAFxqEYW/Jr9qP8t/dvqpqZO/D1xL/jMd+StCX/3RSz+4t9Rs7sxn0/95NL35w3z60+P4BQMAAACuhAEv8H9Y5zy9cx4PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKP05oPXljvDecb9+xciYqZb/GJcb42vRykibvwrieKx5ZKImBhB/Mnsz0e6xU+ytI5Cdos/OYL4h/f7xo/D/FPoFv/mCOLDVfZ6tv95odv2V4gnWuPu218x4qH6u9V7/xdH+7+JHtv/rSFjPPbGzys949+PeKx4Kv5BFqETP+kR/8kh43/j6/v7vealP46Y7fr9k3SaZHvIqDQ3tyuNvf2765tLa9W16tbCwvyzi88tPrM4V1ldr1Xzv11jfPdjv3irX/9v9Ig/M6D/T51a27WuMf73xr0HH2oXS93i336yS/xf/yRvcTp+If/u+1RezubPdsqH7fJxj//st4/36/9Kj/4P+v/f7rXSE+589dt/GrIpAHAOGnv7G0u1WnXn0hays/QhG2dHZxciZ4XzKRyMdIVpmqbZNvUe1pPERfhYWoVx75kAAIBRe/ugf9yZAAAAAAAAAAAAAAAAAAAAwNV1Ho8TOxnz8KiUjOIR2gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAI/H/AAAA///s19ky") r2 = fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0) r3 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0) write$binfmt_register(r3, &(0x7f0000000440)={0x3a, 'syz1', 0x3a, 'M', 0x3a, 0x0, 0x3a, 'usrjquota=', 0x3a, '', 0x3a, './file2', 0x3a, [0x46]}, 0x32) fsconfig$FSCONFIG_CMD_RECONFIGURE(r2, 0x7, 0x0, 0x0, 0x0) 241.008181ms ago: executing program 2 (id=1189): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xa6}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10) r2 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f00000000c0)="d800000018008103e00312ba0d8105040a600300ff0f040b067c55a1bc000900b80006990700000015000500fef32702d3001500030001400200000901ac040098007f6f94007100a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4b11602b2a10c11ce1b14d6d930dfe1d9d322fe04000000730d7a5025ccca262f3d40fad95667e04adcdf634c1f215ce3bb9ad809d5e1cace81ed0b66bce0b42a9ecbee5de6ccd40dd6e4edef3d93452a92307f00000e970300"/216, 0xd8}], 0x1}, 0x48002) 216.597289ms ago: executing program 2 (id=1190): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = socket(0x400000000010, 0x3, 0x0) r2 = socket$inet_sctp(0x2, 0x5, 0x84) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2c, 0x25dddbfd, {0x0, 0x0, 0x0, r3, {0x0, 0xffff}, {0xffff, 0xffff}, {0x1, 0xd}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0) sendmsg$nl_route_sched(r1, 0x0, 0x800) 15.475224ms ago: executing program 2 (id=1191): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1801000000000000000000004b84ffec850000006d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x20, 0x7ffc0002}]}) execveat(0xffffffffffffff9c, 0x0, 0x0, 0x0, 0x0) 0s ago: executing program 3 (id=1192): r0 = socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_PORT_GET(r0, &(0x7f0000001940)={0x0, 0x0, &(0x7f0000001900)={&(0x7f0000000080)=ANY=[@ANYBLOB="60000000051401002dbd7000fbdbdf"], 0x60}, 0x1, 0x0, 0x0, 0x20000000}, 0x40080) kernel console output (not intermixed with test programs): ve_1) entered blocking state [ 96.640121][ T4304] bridge0: port 2(bridge_slave_1) entered forwarding state [ 96.649172][ T5841] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 96.662618][ T5841] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 96.677690][ T5841] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 96.688954][ T5841] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 96.738008][ T5839] 8021q: adding VLAN 0 to HW filter on device team0 [ 96.753570][ T5846] 8021q: adding VLAN 0 to HW filter on device bond0 [ 96.823121][ T49] bridge0: port 1(bridge_slave_0) entered blocking state [ 96.830299][ T49] bridge0: port 1(bridge_slave_0) entered forwarding state [ 96.872860][ T5846] 8021q: adding VLAN 0 to HW filter on device team0 [ 96.902817][ T49] bridge0: port 2(bridge_slave_1) entered blocking state [ 96.909984][ T49] bridge0: port 2(bridge_slave_1) entered forwarding state [ 96.921139][ T49] bridge0: port 1(bridge_slave_0) entered blocking state [ 96.928241][ T49] bridge0: port 1(bridge_slave_0) entered forwarding state [ 96.945589][ T2985] bridge0: port 2(bridge_slave_1) entered blocking state [ 96.952729][ T2985] bridge0: port 2(bridge_slave_1) entered forwarding state [ 96.988178][ T5856] 8021q: adding VLAN 0 to HW filter on device bond0 [ 97.109686][ T5856] 8021q: adding VLAN 0 to HW filter on device team0 [ 97.192180][ T49] bridge0: port 1(bridge_slave_0) entered blocking state [ 97.199345][ T49] bridge0: port 1(bridge_slave_0) entered forwarding state [ 97.207217][ T5852] Bluetooth: hci1: command tx timeout [ 97.210813][ T5847] Bluetooth: hci0: command tx timeout [ 97.213182][ T5852] Bluetooth: hci3: command tx timeout [ 97.222949][ T5847] Bluetooth: hci2: command tx timeout [ 97.224011][ T5852] Bluetooth: hci4: command tx timeout [ 97.236916][ T49] bridge0: port 2(bridge_slave_1) entered blocking state [ 97.244091][ T49] bridge0: port 2(bridge_slave_1) entered forwarding state [ 97.280178][ T5852] Bluetooth: hci5: command tx timeout [ 97.338009][ T5844] 8021q: adding VLAN 0 to HW filter on device bond0 [ 97.424055][ T5841] 8021q: adding VLAN 0 to HW filter on device bond0 [ 97.456907][ T5844] 8021q: adding VLAN 0 to HW filter on device team0 [ 97.517333][ T2985] bridge0: port 1(bridge_slave_0) entered blocking state [ 97.524573][ T2985] bridge0: port 1(bridge_slave_0) entered forwarding state [ 97.577809][ T2985] bridge0: port 2(bridge_slave_1) entered blocking state [ 97.584988][ T2985] bridge0: port 2(bridge_slave_1) entered forwarding state [ 97.615047][ T5841] 8021q: adding VLAN 0 to HW filter on device team0 [ 97.658828][ T75] bridge0: port 1(bridge_slave_0) entered blocking state [ 97.666021][ T75] bridge0: port 1(bridge_slave_0) entered forwarding state [ 97.731230][ T5853] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 97.744612][ T75] bridge0: port 2(bridge_slave_1) entered blocking state [ 97.751786][ T75] bridge0: port 2(bridge_slave_1) entered forwarding state [ 98.054450][ T5846] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 98.086241][ T5839] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 98.123890][ T5841] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 98.163414][ T5853] veth0_vlan: entered promiscuous mode [ 98.255135][ T5856] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 98.333707][ T5853] veth1_vlan: entered promiscuous mode [ 98.422121][ T5839] veth0_vlan: entered promiscuous mode [ 98.506314][ T5839] veth1_vlan: entered promiscuous mode [ 98.602444][ T5844] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 98.644754][ T5853] veth0_macvtap: entered promiscuous mode [ 98.675077][ T5856] veth0_vlan: entered promiscuous mode [ 98.696539][ T5853] veth1_macvtap: entered promiscuous mode [ 98.753519][ T5839] veth0_macvtap: entered promiscuous mode [ 98.768014][ T5856] veth1_vlan: entered promiscuous mode [ 98.795299][ T5841] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 98.805909][ T5839] veth1_macvtap: entered promiscuous mode [ 98.827964][ T5853] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 98.883456][ T5853] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 98.926872][ T5839] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 98.946937][ T5853] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.956623][ T5853] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.965890][ T5853] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.975759][ T5853] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.008353][ T5839] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 99.036706][ T5856] veth0_macvtap: entered promiscuous mode [ 99.055879][ T5844] veth0_vlan: entered promiscuous mode [ 99.075383][ T5839] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.085680][ T5839] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.095501][ T5839] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.104477][ T5839] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.124003][ T5856] veth1_macvtap: entered promiscuous mode [ 99.159371][ T5844] veth1_vlan: entered promiscuous mode [ 99.175530][ T5846] veth0_vlan: entered promiscuous mode [ 99.216427][ T5856] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 99.242663][ T5856] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 99.283745][ T5852] Bluetooth: hci2: command tx timeout [ 99.283813][ T5159] Bluetooth: hci3: command tx timeout [ 99.289166][ T5852] Bluetooth: hci0: command tx timeout [ 99.295141][ T5847] Bluetooth: hci1: command tx timeout [ 99.301921][ T5852] Bluetooth: hci4: command tx timeout [ 99.314828][ T5856] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.324806][ T5856] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.333838][ T5856] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.342917][ T5856] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.359241][ T5846] veth1_vlan: entered promiscuous mode [ 99.373080][ T5852] Bluetooth: hci5: command tx timeout [ 99.488820][ T5844] veth0_macvtap: entered promiscuous mode [ 99.547731][ T5846] veth0_macvtap: entered promiscuous mode [ 99.564623][ T5841] veth0_vlan: entered promiscuous mode [ 99.585470][ T5844] veth1_macvtap: entered promiscuous mode [ 99.587352][ T4304] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 99.610464][ T5844] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 99.611967][ T4304] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 99.619897][ T5846] veth1_macvtap: entered promiscuous mode [ 99.681335][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 99.689201][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 99.712270][ T5844] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 99.728879][ T5844] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.738391][ T5844] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.747889][ T5844] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.757395][ T5844] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.785779][ T5841] veth1_vlan: entered promiscuous mode [ 99.812340][ T5846] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 99.820249][ T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 99.828278][ T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 99.901129][ T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 99.903985][ T5846] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 99.908960][ T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 99.942418][ T5846] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.951397][ T5846] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.960705][ T5846] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.969404][ T5846] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.001088][ T4304] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 100.009100][ T4304] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 100.032460][ T5853] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 100.119351][ T5841] veth0_macvtap: entered promiscuous mode [ 100.131868][ T4304] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 100.158349][ T4304] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 100.224372][ T5841] veth1_macvtap: entered promiscuous mode [ 100.323469][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 100.352497][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 100.420345][ T5994] x_tables: ip6_tables: tcpmss match: only valid for protocol 6 [ 100.431958][ T5841] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 100.504116][ T5841] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 100.567460][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 100.579690][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 100.645300][ T5841] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.677179][ T5841] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.701556][ T5841] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.716941][ T5841] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.902608][ T6004] Zero length message leads to an empty skb [ 100.951841][ T6004] hub 6-0:1.0: USB hub found [ 100.963532][ T6004] hub 6-0:1.0: 1 port detected [ 101.571597][ T6004] lo speed is unknown, defaulting to 1000 [ 101.578256][ T6004] lo speed is unknown, defaulting to 1000 [ 101.614451][ T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 101.635698][ T6004] lo speed is unknown, defaulting to 1000 [ 101.647823][ T6004] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 101.665804][ T6004] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98 [ 101.674143][ T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 101.738220][ T6004] lo speed is unknown, defaulting to 1000 [ 101.746470][ T6004] lo speed is unknown, defaulting to 1000 [ 101.754198][ T6004] lo speed is unknown, defaulting to 1000 [ 101.762379][ T6004] lo speed is unknown, defaulting to 1000 [ 101.772353][ T6004] lo speed is unknown, defaulting to 1000 [ 101.787615][ T6011] syz.1.2 uses obsolete (PF_INET,SOCK_PACKET) [ 101.839365][ T6004] lo speed is unknown, defaulting to 1000 [ 101.847611][ T6004] lo speed is unknown, defaulting to 1000 [ 101.964787][ T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 101.994699][ T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 102.458713][ T6024] loop5: detected capacity change from 0 to 736 [ 102.603646][ T6028] sctp: [Deprecated]: syz.1.14 (pid 6028) Use of int in max_burst socket option. [ 102.603646][ T6028] Use struct sctp_assoc_value instead [ 102.654470][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 102.730203][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 102.754304][ T6024] rock: directory entry would overflow storage [ 102.785516][ T6024] rock: sig=0x3b10, size=4, remaining=3 [ 102.891769][ T6024] netlink: 'syz.5.6': attribute type 27 has an invalid length. [ 102.916560][ T1332] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 102.954293][ T1332] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 103.097501][ T6037] x_tables: ip6_tables: tcpmss match: only valid for protocol 6 [ 103.137888][ T6024] bridge0: port 2(bridge_slave_1) entered disabled state [ 103.146288][ T6024] bridge0: port 1(bridge_slave_0) entered disabled state [ 103.480920][ T6049] xt_CT: You must specify a L4 protocol and not use inversions on it [ 104.245034][ T6024] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 104.271017][ T6024] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 104.347802][ T6024] netdevsim netdevsim5 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 104.358468][ T6024] netdevsim netdevsim5 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 104.368358][ T6024] netdevsim netdevsim5 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 104.377805][ T6024] netdevsim netdevsim5 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 104.463362][ T6042] syz_tun: entered allmulticast mode [ 104.613854][ T6042] syz_tun: left allmulticast mode [ 104.801338][ T6054] netlink: 24 bytes leftover after parsing attributes in process `syz.1.21'. [ 105.190753][ T6067] capability: warning: `syz.1.26' uses 32-bit capabilities (legacy support in use) [ 105.256141][ T6069] loop3: detected capacity change from 0 to 1024 [ 105.400860][ T6069] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 105.654949][ T5856] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 105.996485][ T6085] x_tables: ip6_tables: tcpmss match: only valid for protocol 6 [ 106.479922][ T6100] xt_CT: You must specify a L4 protocol and not use inversions on it [ 106.865052][ T6099] tipc: Started in network mode [ 106.870128][ T6099] tipc: Node identity ac14140f, cluster identity 4711 [ 106.877334][ T6099] tipc: New replicast peer: 255.255.255.255 [ 106.884386][ T6099] tipc: Enabled bearer , priority 10 [ 107.216101][ T6110] netlink: 24 bytes leftover after parsing attributes in process `syz.5.39'. [ 107.362048][ T6115] loop1: detected capacity change from 0 to 512 [ 107.400317][ T6115] EXT4-fs: Ignoring removed orlov option [ 107.430070][ T6115] EXT4-fs: Ignoring removed nomblk_io_submit option [ 107.481954][ T6115] EXT4-fs error (device loop1): ext4_init_orphan_info:585: comm syz.1.42: inode #0: comm syz.1.42: iget: illegal inode # [ 107.550634][ T6115] EXT4-fs (loop1): Remounting filesystem read-only [ 107.557172][ T6115] EXT4-fs (loop1): get orphan inode failed [ 107.604331][ T6115] EXT4-fs (loop1): mount failed [ 107.664235][ T6124] loop5: detected capacity change from 0 to 512 [ 107.751878][ T6124] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 107.785687][ T6124] ext4 filesystem being mounted at /4/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 108.000690][ T24] tipc: Node number set to 2886997007 [ 108.011622][ T5846] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 108.470555][ T6138] netlink: 40 bytes leftover after parsing attributes in process `syz.2.51'. [ 108.708686][ T6123] netlink: 8 bytes leftover after parsing attributes in process `syz.3.45'. [ 109.058839][ T6153] netlink: 24 bytes leftover after parsing attributes in process `syz.2.56'. [ 109.587375][ T6154] xt_CT: You must specify a L4 protocol and not use inversions on it [ 109.600289][ T6152] tipc: Enabling of bearer rejected, already enabled [ 109.779052][ T6164] loop0: detected capacity change from 0 to 512 [ 109.917482][ T6164] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -2 [ 109.940625][ T6164] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #13: comm syz.0.59: invalid indirect mapped block 2683928664 (level 1) [ 110.015037][ T6164] EXT4-fs (loop0): Remounting filesystem read-only [ 110.038425][ T6164] EXT4-fs (loop0): 1 truncate cleaned up [ 110.060049][ T6164] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 110.339766][ T6175] veth0_vlan: entered allmulticast mode [ 110.391763][ T6175] veth0_vlan: left promiscuous mode [ 110.392770][ T5839] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 110.397493][ T6175] veth0_vlan: entered promiscuous mode [ 111.100164][ T30] audit: type=1326 audit(1752881204.256:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6181 comm="syz.3.70" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9474b8e9a9 code=0x7ffc0000 [ 111.314472][ T6196] netlink: 24 bytes leftover after parsing attributes in process `syz.1.73'. [ 111.503467][ T30] audit: type=1326 audit(1752881204.256:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6181 comm="syz.3.70" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9474b8e9a9 code=0x7ffc0000 [ 111.618070][ T30] audit: type=1326 audit(1752881204.266:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6181 comm="syz.3.70" exe="/root/syz-executor" sig=0 arch=c000003e syscall=287 compat=0 ip=0x7f9474b8e9a9 code=0x7ffc0000 [ 111.817087][ T30] audit: type=1326 audit(1752881204.266:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6181 comm="syz.3.70" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9474b8e9a9 code=0x7ffc0000 [ 111.949883][ T30] audit: type=1326 audit(1752881204.266:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6181 comm="syz.3.70" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9474b8e9a9 code=0x7ffc0000 [ 112.033400][ T6210] netlink: 8 bytes leftover after parsing attributes in process `syz.3.77'. [ 112.705598][ T6231] netlink: 60 bytes leftover after parsing attributes in process `syz.5.85'. [ 112.820941][ T6233] loop4: detected capacity change from 0 to 1024 [ 112.979164][ T6233] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 114.447093][ T6247] netlink: 8 bytes leftover after parsing attributes in process `syz.0.75'. [ 114.683365][ T6246] loop5: detected capacity change from 0 to 128 [ 116.361783][ T6233] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 49 with max blocks 1 with error 28 [ 116.410921][ T6254] loop2: detected capacity change from 0 to 736 [ 116.514560][ T6233] EXT4-fs (loop4): This should not happen!! Data will be lost [ 116.514560][ T6233] [ 116.544965][ T6233] EXT4-fs (loop4): Total free blocks count 0 [ 116.604536][ T6259] netlink: 24 bytes leftover after parsing attributes in process `syz.0.90'. [ 116.642608][ T6258] netlink: 4 bytes leftover after parsing attributes in process `syz.3.91'. [ 116.692747][ T6233] EXT4-fs (loop4): Free/Dirty block details [ 116.733032][ T6254] rock: directory entry would overflow storage [ 116.739225][ T6254] rock: sig=0x3b10, size=4, remaining=3 [ 116.756040][ T6233] EXT4-fs (loop4): free_blocks=0 [ 116.834695][ T6233] EXT4-fs (loop4): dirty_blocks=0 [ 116.880771][ T6254] syz_tun: entered allmulticast mode [ 116.886040][ T6233] EXT4-fs (loop4): Block reservation details [ 116.895922][ T6254] syz_tun: left allmulticast mode [ 116.925811][ T6233] EXT4-fs (loop4): i_reserved_data_blocks=0 [ 117.398963][ T6271] loop5: detected capacity change from 0 to 1024 [ 117.641740][ T6271] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 118.071141][ T6271] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 49 with max blocks 1 with error 28 [ 118.084328][ T6271] EXT4-fs (loop5): This should not happen!! Data will be lost [ 118.084328][ T6271] [ 118.094043][ T6271] EXT4-fs (loop5): Total free blocks count 0 [ 118.100090][ T6271] EXT4-fs (loop5): Free/Dirty block details [ 118.106021][ T6271] EXT4-fs (loop5): free_blocks=0 [ 118.111027][ T6271] EXT4-fs (loop5): dirty_blocks=0 [ 118.116157][ T6271] EXT4-fs (loop5): Block reservation details [ 118.122206][ T6271] EXT4-fs (loop5): i_reserved_data_blocks=0 [ 118.150549][ T6270] netlink: 8 bytes leftover after parsing attributes in process `syz.0.94'. [ 118.224799][ T6279] netlink: 156 bytes leftover after parsing attributes in process `syz.2.95'. [ 118.263710][ T6279] netlink: 32 bytes leftover after parsing attributes in process `syz.2.95'. [ 119.552408][ T5846] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 119.607513][ T6302] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 119.715475][ T6303] loop0: detected capacity change from 0 to 128 [ 120.398816][ T6313] netlink: 4 bytes leftover after parsing attributes in process `syz.1.108'. [ 120.591172][ T6318] netlink: 156 bytes leftover after parsing attributes in process `syz.3.110'. [ 120.642993][ T6318] netlink: 32 bytes leftover after parsing attributes in process `syz.3.110'. [ 121.555903][ T6335] loop3: detected capacity change from 0 to 1024 [ 121.571522][ T6335] EXT4-fs: quotafile must be on filesystem root [ 121.709964][ T6337] netlink: 'syz.5.118': attribute type 13 has an invalid length. [ 121.750481][ T6335] loop3: detected capacity change from 0 to 512 [ 121.773537][ T6335] EXT4-fs: Ignoring removed mblk_io_submit option [ 121.792978][ T6335] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 121.855990][ T6335] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 121.968704][ T6337] 8021q: adding VLAN 0 to HW filter on device bond0 [ 121.977918][ T6337] 8021q: adding VLAN 0 to HW filter on device team0 [ 122.014892][ T6335] EXT4-fs (loop3): 1 truncate cleaned up [ 122.065730][ T6337] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 122.092109][ T6335] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 122.161825][ T30] audit: type=1800 audit(1752881215.426:7): pid=6335 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.117" name="file1" dev="loop3" ino=15 res=0 errno=0 [ 122.309016][ T5856] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 122.578456][ T6345] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 122.865904][ T6343] netlink: 28 bytes leftover after parsing attributes in process `syz.5.122'. [ 122.875411][ T6343] netem: change failed [ 123.518243][ T6369] loop2: detected capacity change from 0 to 512 [ 123.533229][ T6368] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 123.540576][ T6368] IPv6: NLM_F_CREATE should be set when creating new route [ 123.602184][ T6369] EXT4-fs: Ignoring removed orlov option [ 123.608253][ T6369] EXT4-fs: Ignoring removed nomblk_io_submit option [ 123.721372][ T6369] EXT4-fs error (device loop2): ext4_init_orphan_info:585: comm syz.2.127: inode #0: comm syz.2.127: iget: illegal inode # [ 123.800391][ T6369] EXT4-fs (loop2): Remounting filesystem read-only [ 123.806943][ T6369] EXT4-fs (loop2): get orphan inode failed [ 123.880233][ T6369] EXT4-fs (loop2): mount failed [ 124.051712][ T6383] netlink: 8 bytes leftover after parsing attributes in process `syz.5.134'. [ 124.484787][ T6389] ======================================================= [ 124.484787][ T6389] WARNING: The mand mount option has been deprecated and [ 124.484787][ T6389] and is ignored by this kernel. Remove the mand [ 124.484787][ T6389] option from the mount to silence this warning. [ 124.484787][ T6389] ======================================================= [ 124.877582][ T6395] netlink: 24 bytes leftover after parsing attributes in process `syz.3.138'. [ 125.158658][ T5841] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 127.044591][ T6387] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 127.087774][ T6383] syz.5.134 (6383) used greatest stack depth: 17992 bytes left [ 127.475764][ T6412] sd 0:0:1:0: device reset [ 127.722198][ T6419] netlink: 156 bytes leftover after parsing attributes in process `syz.5.146'. [ 127.756443][ T6419] netlink: 24 bytes leftover after parsing attributes in process `syz.5.146'. [ 127.979535][ T6427] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 128.138487][ T6431] netlink: 28 bytes leftover after parsing attributes in process `syz.5.150'. [ 128.150002][ T6431] netlink: 28 bytes leftover after parsing attributes in process `syz.5.150'. [ 128.210539][ T6431] dummy0: entered promiscuous mode [ 128.242740][ T6431] team0: entered promiscuous mode [ 128.260474][ T6431] team_slave_0: entered promiscuous mode [ 128.278027][ T6431] team_slave_1: entered promiscuous mode [ 128.305647][ T6431] hsr1: Slave B (team0) is not up; please bring it up to get a fully working HSR network [ 128.775651][ T6446] loop4: detected capacity change from 0 to 1024 [ 129.696642][ T6445] loop0: detected capacity change from 0 to 8192 [ 129.765202][ T6446] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 129.915073][ T6446] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 49 with max blocks 1 with error 28 [ 130.010022][ T6446] EXT4-fs (loop4): This should not happen!! Data will be lost [ 130.010022][ T6446] [ 130.020491][ T6446] EXT4-fs (loop4): Total free blocks count 0 [ 130.027215][ T6446] EXT4-fs (loop4): Free/Dirty block details [ 130.044110][ T6446] EXT4-fs (loop4): free_blocks=0 [ 130.049332][ T6446] EXT4-fs (loop4): dirty_blocks=0 [ 130.056710][ T6446] EXT4-fs (loop4): Block reservation details [ 130.068794][ T6446] EXT4-fs (loop4): i_reserved_data_blocks=0 [ 130.100859][ T6467] netlink: 'syz.0.159': attribute type 4 has an invalid length. [ 130.108814][ T6467] netlink: 3657 bytes leftover after parsing attributes in process `syz.0.159'. [ 131.020080][ T6456] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 131.426050][ T30] audit: type=1326 audit(1752881224.686:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6472 comm="syz.3.162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9474b8e9a9 code=0x7ffc0000 [ 131.455688][ T6473] netlink: 48 bytes leftover after parsing attributes in process `syz.3.162'. [ 131.671572][ T30] audit: type=1326 audit(1752881224.686:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6472 comm="syz.3.162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f9474b8d310 code=0x7ffc0000 [ 131.806029][ T30] audit: type=1326 audit(1752881224.686:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6472 comm="syz.3.162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9474b8e9a9 code=0x7ffc0000 [ 131.881344][ T30] audit: type=1326 audit(1752881224.686:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6472 comm="syz.3.162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f9474b8e9a9 code=0x7ffc0000 [ 131.904000][ T30] audit: type=1326 audit(1752881224.686:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6472 comm="syz.3.162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9474b8e9a9 code=0x7ffc0000 [ 131.926283][ T30] audit: type=1326 audit(1752881224.686:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6472 comm="syz.3.162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f9474b8e9a9 code=0x7ffc0000 [ 131.949068][ T30] audit: type=1326 audit(1752881224.686:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6472 comm="syz.3.162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9474b8e9a9 code=0x7ffc0000 [ 132.160372][ T1294] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.495693][ T30] audit: type=1326 audit(1752881224.716:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6472 comm="syz.3.162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f9474b8e9a9 code=0x7ffc0000 [ 132.644759][ T30] audit: type=1326 audit(1752881224.716:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6472 comm="syz.3.162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9474b8e9a9 code=0x7ffc0000 [ 132.731512][ T6491] loop5: detected capacity change from 0 to 256 [ 132.758931][ T30] audit: type=1326 audit(1752881224.716:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6472 comm="syz.3.162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f9474b8e9a9 code=0x7ffc0000 [ 132.781658][ T6491] vfat: Unknown parameter '€' [ 134.111972][ T5159] Bluetooth: hci6: command 0x1003 tx timeout [ 134.118244][ T5852] Bluetooth: hci6: Opcode 0x1003 failed: -110 [ 135.288873][ T6513] netlink: 'syz.2.175': attribute type 4 has an invalid length. [ 135.324936][ T6513] netlink: 3657 bytes leftover after parsing attributes in process `syz.2.175'. [ 135.530613][ T6518] random: crng reseeded on system resumption [ 135.810870][ T6524] loop3: detected capacity change from 0 to 2048 [ 135.873541][ T6524] loop3: p1 < > p4 [ 135.887770][ T6524] loop3: p4 size 8388608 extends beyond EOD, truncated [ 136.299073][ T6094] udevd[6094]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory [ 136.304547][ T6009] udevd[6009]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory [ 136.439259][ T6094] udevd[6094]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory [ 136.448368][ T6009] udevd[6009]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory [ 137.237601][ T5841] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 137.584828][ T6540] loop4: detected capacity change from 0 to 8192 [ 137.967478][ T6538] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 139.045534][ T6577] netlink: 'syz.0.200': attribute type 4 has an invalid length. [ 139.086917][ T6577] netlink: 3657 bytes leftover after parsing attributes in process `syz.0.200'. [ 139.404326][ T6581] loop3: detected capacity change from 0 to 1024 [ 139.589986][ T6581] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 139.810116][ T6581] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 49 with max blocks 1 with error 28 [ 139.822566][ T6581] EXT4-fs (loop3): This should not happen!! Data will be lost [ 139.822566][ T6581] [ 139.832354][ T6581] EXT4-fs (loop3): Total free blocks count 0 [ 139.838403][ T6581] EXT4-fs (loop3): Free/Dirty block details [ 139.844432][ T6581] EXT4-fs (loop3): free_blocks=0 [ 139.849441][ T6581] EXT4-fs (loop3): dirty_blocks=0 [ 139.854573][ T6581] EXT4-fs (loop3): Block reservation details [ 139.860648][ T6581] EXT4-fs (loop3): i_reserved_data_blocks=0 [ 141.293141][ T6595] netlink: 32 bytes leftover after parsing attributes in process `syz.0.204'. [ 141.693296][ T30] kauditd_printk_skb: 6 callbacks suppressed [ 141.693316][ T30] audit: type=1326 audit(1752881234.956:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6600 comm="syz.2.207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe04b18e9a9 code=0x7ffc0000 [ 141.912331][ T30] audit: type=1326 audit(1752881234.956:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6600 comm="syz.2.207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe04b18e9a9 code=0x7ffc0000 [ 141.936451][ T5856] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 141.946991][ T30] audit: type=1326 audit(1752881234.996:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6600 comm="syz.2.207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=293 compat=0 ip=0x7fe04b18e9a9 code=0x7ffc0000 [ 141.977952][ T6609] pim6reg1: entered promiscuous mode [ 141.978109][ T6610] loop0: detected capacity change from 0 to 512 [ 141.991321][ T6610] ext4: Unknown parameter 'nouser_xattr' [ 141.997841][ T30] audit: type=1326 audit(1752881234.996:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6600 comm="syz.2.207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe04b18e9a9 code=0x7ffc0000 [ 142.006219][ T6609] pim6reg1: entered allmulticast mode [ 142.052414][ T30] audit: type=1326 audit(1752881234.996:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6600 comm="syz.2.207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7fe04b18e9a9 code=0x7ffc0000 [ 142.085450][ T30] audit: type=1326 audit(1752881234.996:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6600 comm="syz.2.207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe04b18e9a9 code=0x7ffc0000 [ 142.138513][ T30] audit: type=1326 audit(1752881235.006:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6600 comm="syz.2.207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7fe04b18e9a9 code=0x7ffc0000 [ 142.173472][ T30] audit: type=1326 audit(1752881235.006:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6600 comm="syz.2.207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe04b18e9a9 code=0x7ffc0000 [ 142.200021][ T30] audit: type=1326 audit(1752881235.006:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6600 comm="syz.2.207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=223 compat=0 ip=0x7fe04b18e9a9 code=0x7ffc0000 [ 142.266071][ T30] audit: type=1326 audit(1752881235.006:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6600 comm="syz.2.207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe04b18e9a9 code=0x7ffc0000 [ 143.106077][ T36] nci: nci_rf_intf_activated_ntf_packet: unsupported rf_interface 0xea [ 143.116113][ T6633] loop3: detected capacity change from 0 to 8192 [ 143.514867][ T6648] netlink: 32 bytes leftover after parsing attributes in process `syz.2.222'. [ 144.329048][ T6665] veth0: entered promiscuous mode [ 144.345056][ T6665] netlink: 4 bytes leftover after parsing attributes in process `syz.2.229'. [ 145.116300][ T6665] veth0 (unregistering): left promiscuous mode [ 145.123771][ T6687] netlink: 32 bytes leftover after parsing attributes in process `syz.1.237'. [ 145.833252][ T6709] loop2: detected capacity change from 0 to 256 [ 145.859233][ T6709] vfat: Unknown parameter '€' [ 145.870098][ T6710] netlink: 8 bytes leftover after parsing attributes in process `syz.3.247'. [ 146.305891][ T6717] netlink: 20 bytes leftover after parsing attributes in process `syz.0.246'. [ 148.048180][ T6740] loop2: detected capacity change from 0 to 512 [ 148.092062][ T6740] EXT4-fs (loop2): revision level too high, forcing read-only mode [ 148.112736][ T6740] EXT4-fs (loop2): orphan cleanup on readonly fs [ 148.183873][ T6740] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #16: comm syz.2.254: corrupted inode contents [ 148.201620][ T6740] EXT4-fs (loop2): Remounting filesystem read-only [ 148.211239][ T6740] EXT4-fs (loop2): 1 truncate cleaned up [ 148.245724][ T75] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 148.277598][ T75] __quota_error: 95 callbacks suppressed [ 148.277618][ T75] Quota error (device loop2): write_blk: dquota write failed [ 148.319811][ T75] Quota error (device loop2): remove_free_dqentry: Can't write block (5) with free entries [ 148.339814][ T75] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 148.362756][ T75] Quota error (device loop2): write_blk: dquota write failed [ 148.379805][ T75] Quota error (device loop2): free_dqentry: Can't move quota data block (5) to free list [ 148.399904][ T75] EXT4-fs (loop2): Quota write (off=8, len=24) cancelled because transaction is not started [ 148.419801][ T75] Quota error (device loop2): v2_write_file_info: Can't write info structure [ 148.432621][ T75] Quota error (device loop2): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 148.444337][ T6740] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 148.507718][ T5853] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 149.042787][ T6717] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 149.052010][ T6717] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 149.060763][ T6717] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 149.069460][ T6717] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 149.087900][ T6717] vxlan0: entered promiscuous mode [ 149.361004][ T5852] Bluetooth: hci6: Opcode 0x1003 failed: -110 [ 149.553321][ T6755] netlink: 'syz.5.261': attribute type 4 has an invalid length. [ 149.619885][ T6755] netlink: 3657 bytes leftover after parsing attributes in process `syz.5.261'. [ 149.690211][ T6762] loop0: detected capacity change from 0 to 256 [ 149.698781][ T6762] vfat: Unknown parameter '€' [ 149.772228][ T5932] IPVS: starting estimator thread 0... [ 149.800101][ T6764] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 149.899967][ T6768] IPVS: using max 23 ests per chain, 55200 per kthread [ 150.008787][ T6776] netlink: 8 bytes leftover after parsing attributes in process `syz.5.268'. [ 150.538780][ T6795] x_tables: ip6_tables: tcpmss match: only valid for protocol 6 [ 150.813583][ T6806] netlink: 'syz.1.280': attribute type 4 has an invalid length. [ 150.846369][ T6806] netlink: 3657 bytes leftover after parsing attributes in process `syz.1.280'. [ 151.826024][ T6818] loop4: detected capacity change from 0 to 1024 [ 151.848115][ T6818] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 151.866228][ T6818] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 151.880332][ T6818] JBD2: no valid journal superblock found [ 151.886157][ T6818] EXT4-fs (loop4): Could not load journal inode [ 151.987689][ T6818] loop4: detected capacity change from 0 to 1024 [ 152.029947][ T6818] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 152.055508][ T30] audit: type=1800 audit(1752881246.317:129): pid=6818 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.284" name="file1" dev="loop4" ino=15 res=0 errno=0 [ 152.397130][ T6818] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4113: comm syz.4.284: Allocating blocks 497-513 which overlap fs metadata [ 152.636948][ T6817] EXT4-fs (loop4): pa ffff88807de4d488: logic 32, phys. 161, len 22 [ 152.645683][ T6817] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 1 [ 153.536272][ T6845] sd 0:0:1:0: device reset [ 153.824543][ T6852] netlink: 'syz.5.298': attribute type 4 has an invalid length. [ 153.908260][ T6852] netlink: 3657 bytes leftover after parsing attributes in process `syz.5.298'. [ 154.693877][ T6857] x_tables: ip6_tables: tcpmss match: only valid for protocol 6 [ 154.728610][ T6822] infiniband syz2: set active [ 154.741704][ T6822] infiniband syz2: added veth0_to_bond [ 154.753887][ T6861] loop1: detected capacity change from 0 to 256 [ 154.778209][ T6822] syz2: rxe_create_cq: returned err = -12 [ 154.813569][ T6822] infiniband syz2: Couldn't create ib_mad CQ [ 154.821203][ T6864] netlink: 24 bytes leftover after parsing attributes in process `syz.5.303'. [ 154.840602][ T30] audit: type=1800 audit(1752881250.100:130): pid=6861 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.301" name="file1" dev="loop1" ino=1048609 res=0 errno=0 [ 154.850632][ T6822] infiniband syz2: Couldn't open port 1 [ 155.042409][ T6822] RDS/IB: syz2: added [ 155.072564][ T6822] smc: adding ib device syz2 with port count 1 [ 155.111595][ T6822] smc: ib device syz2 port 1 has pnetid [ 156.908453][ T6904] x_tables: ip6_tables: tcpmss match: only valid for protocol 6 [ 158.039714][ T6918] syzkaller1: entered promiscuous mode [ 158.045448][ T6918] syzkaller1: entered allmulticast mode [ 159.828500][ T6956] netlink: 24 bytes leftover after parsing attributes in process `syz.1.336'. [ 159.958251][ T6958] netlink: 24 bytes leftover after parsing attributes in process `syz.0.337'. [ 160.324717][ T6971] serio: Serial port ptm0 [ 160.433949][ T6967] syzkaller1: entered promiscuous mode [ 160.433976][ T6967] syzkaller1: entered allmulticast mode [ 160.453105][ T6976] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 161.310953][ T6993] netlink: 'syz.1.351': attribute type 4 has an invalid length. [ 161.318630][ T6993] netlink: 3657 bytes leftover after parsing attributes in process `syz.1.351'. [ 161.531052][ T6997] netlink: 24 bytes leftover after parsing attributes in process `syz.2.353'. [ 161.660594][ T7001] mmap: syz.3.355 (7001) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 161.754461][ T7001] loop3: detected capacity change from 0 to 512 [ 161.784876][ T7005] netlink: 24 bytes leftover after parsing attributes in process `syz.2.356'. [ 161.845818][ T7001] EXT4-fs (loop3): failed to initialize system zone (-117) [ 161.870796][ T7001] EXT4-fs (loop3): mount failed [ 162.932099][ T7033] netlink: 60 bytes leftover after parsing attributes in process `syz.2.368'. [ 162.969231][ T7033] netlink: 24 bytes leftover after parsing attributes in process `syz.2.368'. [ 163.065875][ T7036] netlink: 24 bytes leftover after parsing attributes in process `syz.1.369'. [ 165.209449][ T7117] veth1_to_bond: entered allmulticast mode [ 165.241234][ T6975] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 165.291094][ T7117] veth1_to_bond: left allmulticast mode [ 165.315086][ T5841] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 165.323555][ T7125] netlink: 8 bytes leftover after parsing attributes in process `syz.2.392'. [ 166.745645][ T7145] loop0: detected capacity change from 0 to 512 [ 166.752417][ T7138] loop2: detected capacity change from 0 to 512 [ 166.772228][ T7138] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 166.786551][ T7145] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 166.897267][ T7138] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #11: comm syz.2.398: invalid indirect mapped block 4294967295 (level 1) [ 166.924229][ T7138] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #11: comm syz.2.398: invalid indirect mapped block 4294967295 (level 1) [ 166.924754][ T7145] EXT4-fs error (device loop0): ext4_get_branch:178: inode #11: block 4294967295: comm syz.0.400: invalid block [ 166.925621][ T7138] EXT4-fs (loop2): 2 truncates cleaned up [ 166.927602][ T7138] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 166.943671][ T7145] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #11: comm syz.0.400: invalid indirect mapped block 4294967295 (level 1) [ 166.949835][ T7145] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #11: comm syz.0.400: invalid indirect mapped block 4294967295 (level 1) [ 166.958038][ T7155] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 166.963309][ T7145] EXT4-fs (loop0): 2 truncates cleaned up [ 166.964315][ T5924] IPVS: starting estimator thread 0... [ 166.983332][ T7138] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 166.990205][ T7145] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 167.052212][ T7162] IPVS: using max 24 ests per chain, 57600 per kthread [ 167.197820][ T7144] netlink: 12 bytes leftover after parsing attributes in process `syz.2.398'. [ 167.214560][ T5839] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 167.676585][ T7174] netlink: 8 bytes leftover after parsing attributes in process `syz.1.408'. [ 167.730795][ T7178] netlink: 92 bytes leftover after parsing attributes in process `syz.4.410'. [ 170.227669][ T7210] siw: device registration error -23 [ 170.310671][ T7212] loop4: detected capacity change from 0 to 512 [ 170.341892][ T7212] ext4: Unknown parameter 'nouser_xattr' [ 170.374918][ T7204] loop1: detected capacity change from 0 to 8192 [ 170.388379][ T7210] lo speed is unknown, defaulting to 1000 [ 170.568071][ T7217] tipc: Started in network mode [ 170.573212][ T7217] tipc: Node identity ac14140f, cluster identity 4711 [ 170.582714][ T7217] tipc: New replicast peer: 255.255.255.255 [ 170.590674][ T7217] tipc: Enabled bearer , priority 10 [ 170.608894][ T7217] xt_CT: You must specify a L4 protocol and not use inversions on it [ 171.063328][ T30] audit: type=1800 audit(1752881267.321:131): pid=7218 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.418" name="file1" dev="loop1" ino=1048611 res=0 errno=0 [ 171.219906][ T5159] Bluetooth: hci6: Opcode 0x1003 failed: -110 [ 171.467727][ T7223] smc: net device bond0 applied user defined pnetid SYZ0 [ 171.497180][ T7223] smc: net device bond0 erased user defined pnetid SYZ0 [ 171.599054][ T7225] loop3: detected capacity change from 0 to 1024 [ 171.651660][ T7225] EXT4-fs: inline encryption not supported [ 171.657611][ T7225] EXT4-fs: Ignoring removed bh option [ 171.713459][ T5924] tipc: Node number set to 2886997007 [ 171.821832][ T7225] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 171.960343][ T7233] netlink: 8 bytes leftover after parsing attributes in process `syz.1.427'. [ 171.970366][ T7234] netlink: 28 bytes leftover after parsing attributes in process `syz.5.426'. [ 172.270191][ T5856] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 172.317947][ T7240] loop5: detected capacity change from 0 to 512 [ 172.349045][ T7240] EXT4-fs: Ignoring removed orlov option [ 172.396052][ T7240] EXT4-fs: Ignoring removed nomblk_io_submit option [ 172.459482][ T7240] EXT4-fs error (device loop5): ext4_init_orphan_info:585: comm syz.5.428: inode #0: comm syz.5.428: iget: illegal inode # [ 172.587871][ T7248] netlink: 4 bytes leftover after parsing attributes in process `syz.1.432'. [ 172.602544][ T7240] EXT4-fs (loop5): Remounting filesystem read-only [ 172.609075][ T7240] EXT4-fs (loop5): get orphan inode failed [ 172.655327][ T7240] EXT4-fs (loop5): mount failed [ 173.000365][ T7248] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 173.025254][ T7248] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 173.825656][ T7248] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 173.869362][ T7248] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 173.947765][ T7255] netlink: 12 bytes leftover after parsing attributes in process `syz.2.434'. [ 174.298321][ T7261] tipc: Started in network mode [ 174.303486][ T7261] tipc: Node identity ac14140f, cluster identity 4711 [ 174.313176][ T7261] tipc: New replicast peer: 255.255.255.255 [ 174.321846][ T7261] tipc: Enabled bearer , priority 10 [ 174.340187][ T7261] xt_CT: You must specify a L4 protocol and not use inversions on it [ 175.209967][ T30] audit: type=1326 audit(1752881271.441:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7271 comm="syz.4.441" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2fe078e9a9 code=0x7ffc0000 [ 175.359984][ T5924] tipc: Node number set to 2886997007 [ 175.365796][ T30] audit: type=1326 audit(1752881271.441:133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7271 comm="syz.4.441" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2fe078e9a9 code=0x7ffc0000 [ 175.388847][ T30] audit: type=1326 audit(1752881271.461:134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7271 comm="syz.4.441" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2fe078e9a9 code=0x7ffc0000 [ 175.417294][ T30] audit: type=1326 audit(1752881271.501:135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7271 comm="syz.4.441" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2fe078e9a9 code=0x7ffc0000 [ 175.886641][ T30] audit: type=1326 audit(1752881271.501:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7271 comm="syz.4.441" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2fe078e9a9 code=0x7ffc0000 [ 176.179836][ T30] audit: type=1326 audit(1752881271.501:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7271 comm="syz.4.441" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2fe078e9a9 code=0x7ffc0000 [ 176.202198][ T30] audit: type=1326 audit(1752881271.501:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7271 comm="syz.4.441" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2fe078e9a9 code=0x7ffc0000 [ 176.225781][ T30] audit: type=1326 audit(1752881271.531:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7271 comm="syz.4.441" exe="/root/syz-executor" sig=0 arch=c000003e syscall=459 compat=0 ip=0x7f2fe078e9a9 code=0x7ffc0000 [ 176.254277][ T30] audit: type=1326 audit(1752881271.531:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7271 comm="syz.4.441" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2fe078e9a9 code=0x7ffc0000 [ 176.593666][ T7290] loop1: detected capacity change from 0 to 512 [ 176.623263][ T7290] ext4: Unknown parameter 'nouser_xattr' [ 177.471233][ T7302] loop5: detected capacity change from 0 to 512 [ 177.518385][ T7302] EXT4-fs: Ignoring removed orlov option [ 177.544514][ T7302] EXT4-fs: Ignoring removed nomblk_io_submit option [ 177.816242][ T7302] EXT4-fs error (device loop5): ext4_init_orphan_info:585: comm syz.5.450: inode #0: comm syz.5.450: iget: illegal inode # [ 177.893595][ T7302] EXT4-fs (loop5): Remounting filesystem read-only [ 177.949975][ T7302] EXT4-fs (loop5): get orphan inode failed [ 177.957129][ T7302] EXT4-fs (loop5): mount failed [ 179.251479][ T7313] tipc: Started in network mode [ 179.256391][ T7313] tipc: Node identity ac14140f, cluster identity 4711 [ 179.263442][ T7313] tipc: New replicast peer: 255.255.255.255 [ 179.270117][ T7313] tipc: Enabled bearer , priority 10 [ 179.277623][ T7313] xt_CT: You must specify a L4 protocol and not use inversions on it [ 180.046405][ T7322] netlink: 'syz.0.457': attribute type 4 has an invalid length. [ 180.158846][ T7322] netlink: 3657 bytes leftover after parsing attributes in process `syz.0.457'. [ 180.638281][ T5848] tipc: Node number set to 2886997007 [ 180.667222][ T7320] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 182.118598][ T7339] loop0: detected capacity change from 0 to 1024 [ 182.324163][ T5159] Bluetooth: hci6: Opcode 0x1003 failed: -110 [ 182.674391][ T7339] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 182.817538][ T7342] netlink: 60 bytes leftover after parsing attributes in process `syz.5.462'. [ 182.829215][ T7339] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 49 with max blocks 1 with error 28 [ 182.841738][ T7339] EXT4-fs (loop0): This should not happen!! Data will be lost [ 182.841738][ T7339] [ 182.851707][ T7339] EXT4-fs (loop0): Total free blocks count 0 [ 182.857759][ T7339] EXT4-fs (loop0): Free/Dirty block details [ 182.863767][ T7339] EXT4-fs (loop0): free_blocks=0 [ 182.868805][ T7339] EXT4-fs (loop0): dirty_blocks=0 [ 182.875060][ T7339] EXT4-fs (loop0): Block reservation details [ 182.882275][ T7339] EXT4-fs (loop0): i_reserved_data_blocks=0 [ 183.072401][ T7342] netlink: 8 bytes leftover after parsing attributes in process `syz.5.462'. [ 183.257397][ T7350] loop2: detected capacity change from 0 to 1024 [ 183.311601][ T7350] EXT4-fs: Ignoring removed bh option [ 183.358797][ T7350] EXT4-fs: inline encryption not supported [ 183.391196][ T7350] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 183.464070][ T7350] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce018, mo2=0000] [ 183.519167][ T7350] EXT4-fs error (device loop2): ext4_map_blocks:780: inode #3: block 2: comm syz.2.465: lblock 2 mapped to illegal pblock 2 (length 1) [ 183.704593][ T7350] Quota error (device loop2): qtree_write_dquot: dquota write failed [ 184.609893][ T7350] EXT4-fs error (device loop2): ext4_map_blocks:780: inode #3: block 48: comm syz.2.465: lblock 0 mapped to illegal pblock 48 (length 1) [ 184.808092][ T7350] Quota error (device loop2): v2_write_file_info: Can't write info structure [ 184.880473][ T7350] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.465: Failed to acquire dquot type 0 [ 184.950416][ T7350] EXT4-fs error (device loop2) in ext4_reserve_inode_write:6255: Corrupt filesystem [ 185.036404][ T5839] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 185.040807][ T7350] EXT4-fs error (device loop2): ext4_evict_inode:254: inode #11: comm syz.2.465: mark_inode_dirty error [ 185.099324][ T7350] EXT4-fs warning (device loop2): ext4_evict_inode:257: couldn't mark inode dirty (err -117) [ 185.148324][ T7350] EXT4-fs (loop2): 1 orphan inode deleted [ 185.171324][ T7118] EXT4-fs error (device loop2): ext4_map_blocks:780: inode #3: block 1: comm kworker/u8:41: lblock 1 mapped to illegal pblock 1 (length 1) [ 185.207059][ T7350] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 185.223431][ T7118] Quota error (device loop2): remove_tree: Can't read quota data block 1 [ 185.259526][ T7118] EXT4-fs error (device loop2): ext4_release_dquot:6969: comm kworker/u8:41: Failed to release dquot type 0 [ 185.340358][ T30] audit: type=1107 audit(1752881281.591:141): pid=7368 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='' [ 185.373415][ T7350] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 185.585855][ T5853] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 185.684439][ T7375] netlink: 'syz.0.473': attribute type 4 has an invalid length. [ 185.709894][ T7375] netlink: 3657 bytes leftover after parsing attributes in process `syz.0.473'. [ 186.363068][ T5848] IPVS: starting estimator thread 0... [ 186.375887][ T7387] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 186.470035][ T7391] IPVS: using max 23 ests per chain, 55200 per kthread [ 186.906750][ T7396] netlink: 60 bytes leftover after parsing attributes in process `syz.0.480'. [ 186.931655][ T7396] netlink: 8 bytes leftover after parsing attributes in process `syz.0.480'. [ 187.151591][ T30] audit: type=1326 audit(1752881283.371:142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7400 comm="syz.2.482" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe04b18e9a9 code=0x0 [ 188.420162][ T7424] sd 0:0:1:0: device reset [ 189.642680][ T7445] loop3: detected capacity change from 0 to 512 [ 189.661477][ T7445] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 189.709265][ T7445] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.495: invalid indirect mapped block 4294967295 (level 1) [ 189.733274][ T7445] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.495: invalid indirect mapped block 4294967295 (level 1) [ 189.751412][ T7445] EXT4-fs (loop3): 2 truncates cleaned up [ 189.759542][ T7445] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 190.252217][ T7450] netlink: 60 bytes leftover after parsing attributes in process `syz.0.496'. [ 190.273032][ T5856] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 190.291321][ T7450] netlink: 8 bytes leftover after parsing attributes in process `syz.0.496'. [ 190.538462][ T7460] loop4: detected capacity change from 0 to 512 [ 190.588237][ T7460] EXT4-fs: Ignoring removed orlov option [ 190.631520][ T7460] EXT4-fs: Ignoring removed nomblk_io_submit option [ 190.737997][ T7460] EXT4-fs error (device loop4): ext4_init_orphan_info:585: comm syz.4.498: inode #0: comm syz.4.498: iget: illegal inode # [ 190.796627][ T7460] EXT4-fs (loop4): Remounting filesystem read-only [ 190.818376][ T7460] EXT4-fs (loop4): get orphan inode failed [ 190.828802][ T7460] EXT4-fs (loop4): mount failed [ 191.797523][ T30] audit: type=1326 audit(1752881288.051:143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7476 comm="syz.3.506" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9474b8e9a9 code=0x7ffc0000 [ 191.850104][ T30] audit: type=1326 audit(1752881288.051:144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7476 comm="syz.3.506" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9474b8e9a9 code=0x7ffc0000 [ 191.877742][ T30] audit: type=1326 audit(1752881288.051:145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7476 comm="syz.3.506" exe="/root/syz-executor" sig=0 arch=c000003e syscall=322 compat=0 ip=0x7f9474b8e9a9 code=0x7ffc0000 [ 191.987612][ T30] audit: type=1326 audit(1752881288.051:146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7476 comm="syz.3.506" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9474b8e9a9 code=0x7ffc0000 [ 192.110305][ T30] audit: type=1326 audit(1752881288.051:147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7476 comm="syz.3.506" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9474b8e9a9 code=0x7ffc0000 [ 192.233328][ T30] audit: type=1326 audit(1752881288.081:148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7476 comm="syz.3.506" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9474b8e9a9 code=0x7ffc0000 [ 192.354596][ T30] audit: type=1326 audit(1752881288.081:149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7476 comm="syz.3.506" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9474b8e9a9 code=0x7ffc0000 [ 192.459242][ T30] audit: type=1326 audit(1752881288.081:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7476 comm="syz.3.506" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9474b8e9a9 code=0x7ffc0000 [ 192.572688][ T30] audit: type=1326 audit(1752881288.081:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7476 comm="syz.3.506" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9474b8e9a9 code=0x7ffc0000 [ 192.660183][ T30] audit: type=1326 audit(1752881288.081:152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7476 comm="syz.3.506" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9474b8e9a9 code=0x7ffc0000 [ 192.683448][ T7502] loop5: detected capacity change from 0 to 1024 [ 192.748169][ T7502] EXT4-fs: Ignoring removed orlov option [ 192.776574][ T7502] EXT4-fs: Ignoring removed nomblk_io_submit option [ 192.869884][ T7502] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 192.979685][ T7509] loop1: detected capacity change from 0 to 1024 [ 193.037243][ T7509] EXT4-fs: Ignoring removed bh option [ 193.060426][ T7502] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 193.100104][ T7509] EXT4-fs: inline encryption not supported [ 193.135613][ T7509] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 193.452208][ T7515] xt_CT: You must specify a L4 protocol and not use inversions on it [ 193.524692][ T1294] ieee802154 phy0 wpan0: encryption failed: -22 [ 193.573618][ T7509] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce018, mo2=0000] [ 193.877847][ T7509] EXT4-fs error (device loop1): ext4_map_blocks:780: inode #3: block 2: comm syz.1.515: lblock 2 mapped to illegal pblock 2 (length 1) [ 193.898884][ T7509] EXT4-fs error (device loop1): ext4_map_blocks:780: inode #3: block 48: comm syz.1.515: lblock 0 mapped to illegal pblock 48 (length 1) [ 193.914401][ T7509] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.515: Failed to acquire dquot type 0 [ 193.926385][ T7509] EXT4-fs error (device loop1) in ext4_reserve_inode_write:6255: Corrupt filesystem [ 193.950218][ T7509] EXT4-fs error (device loop1): ext4_evict_inode:254: inode #11: comm syz.1.515: mark_inode_dirty error [ 194.081615][ T7509] EXT4-fs warning (device loop1): ext4_evict_inode:257: couldn't mark inode dirty (err -117) [ 194.106490][ T7509] EXT4-fs (loop1): 1 orphan inode deleted [ 194.122203][ T7108] EXT4-fs error (device loop1): ext4_map_blocks:780: inode #3: block 1: comm kworker/u8:35: lblock 1 mapped to illegal pblock 1 (length 1) [ 194.153487][ T7509] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 194.194259][ T7108] EXT4-fs error (device loop1): ext4_release_dquot:6969: comm kworker/u8:35: Failed to release dquot type 0 [ 194.313882][ T7509] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 194.404368][ T5844] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 194.453687][ T5846] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 194.930491][ T7526] netlink: 16 bytes leftover after parsing attributes in process `syz.5.519'. [ 196.255535][ T7514] tipc: Started in network mode [ 196.261256][ T7514] tipc: Node identity ac14140f, cluster identity 4711 [ 196.268305][ T7514] tipc: New replicast peer: 255.255.255.255 [ 196.275565][ T7514] tipc: Enabled bearer , priority 10 [ 196.470931][ T7536] syzkaller1: entered promiscuous mode [ 196.476440][ T7536] syzkaller1: entered allmulticast mode [ 197.131867][ T7559] loop2: detected capacity change from 0 to 1024 [ 197.152671][ T7559] EXT4-fs: Ignoring removed bh option [ 197.158118][ T7559] EXT4-fs: inline encryption not supported [ 197.184678][ T7559] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 197.265639][ T7559] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce018, mo2=0000] [ 197.298981][ T7559] EXT4-fs error (device loop2): ext4_map_blocks:780: inode #3: block 2: comm syz.2.529: lblock 2 mapped to illegal pblock 2 (length 1) [ 197.325696][ T7559] __quota_error: 39 callbacks suppressed [ 197.325715][ T7559] Quota error (device loop2): qtree_write_dquot: dquota write failed [ 197.341344][ T7559] EXT4-fs error (device loop2): ext4_map_blocks:780: inode #3: block 48: comm syz.2.529: lblock 0 mapped to illegal pblock 48 (length 1) [ 197.360553][ T7565] x_tables: ip6_tables: tcpmss match: only valid for protocol 6 [ 197.374726][ T7559] Quota error (device loop2): v2_write_file_info: Can't write info structure [ 197.409909][ T5848] tipc: Node number set to 2886997007 [ 197.430112][ T7559] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.529: Failed to acquire dquot type 0 [ 197.470033][ T7559] EXT4-fs error (device loop2) in ext4_reserve_inode_write:6255: Corrupt filesystem [ 197.503227][ T7559] EXT4-fs error (device loop2): ext4_evict_inode:254: inode #11: comm syz.2.529: mark_inode_dirty error [ 197.721990][ T7562] syzkaller1: entered promiscuous mode [ 197.727713][ T7562] syzkaller1: entered allmulticast mode [ 197.734165][ T7559] EXT4-fs warning (device loop2): ext4_evict_inode:257: couldn't mark inode dirty (err -117) [ 197.770147][ T7559] EXT4-fs (loop2): 1 orphan inode deleted [ 197.790083][ T7121] EXT4-fs error (device loop2): ext4_map_blocks:780: inode #3: block 1: comm kworker/u8:44: lblock 1 mapped to illegal pblock 1 (length 1) [ 197.895484][ T7559] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 198.591357][ T7121] Quota error (device loop2): remove_tree: Can't read quota data block 1 [ 198.600118][ T7121] EXT4-fs error (device loop2): ext4_release_dquot:6969: comm kworker/u8:44: Failed to release dquot type 0 [ 198.633453][ T7559] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 198.901976][ T5853] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 200.331761][ T7627] loop5: detected capacity change from 0 to 512 [ 200.401736][ T7627] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 200.442400][ T7627] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #11: comm syz.5.550: invalid indirect mapped block 4294967295 (level 1) [ 200.507315][ T7627] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #11: comm syz.5.550: invalid indirect mapped block 4294967295 (level 1) [ 200.547750][ T7627] EXT4-fs (loop5): 2 truncates cleaned up [ 200.556193][ T7627] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 200.941422][ T7639] loop1: detected capacity change from 0 to 8192 [ 201.607520][ T7602] syzkaller1: entered promiscuous mode [ 201.619126][ T7602] syzkaller1: entered allmulticast mode [ 201.676478][ T7624] syzkaller1: entered promiscuous mode [ 201.691070][ T7624] syzkaller1: entered allmulticast mode [ 201.755834][ T5846] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 201.786542][ T7647] loop4: detected capacity change from 0 to 512 [ 201.838243][ T7647] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 201.899676][ T7647] EXT4-fs error (device loop4): ext4_get_branch:178: inode #11: block 4294967295: comm syz.4.556: invalid block [ 201.955271][ T7652] netlink: 36 bytes leftover after parsing attributes in process `syz.2.558'. [ 201.967952][ T7652] netlink: 12 bytes leftover after parsing attributes in process `syz.2.558'. [ 201.974594][ T7651] loop5: detected capacity change from 0 to 128 [ 201.978455][ T7647] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.556: invalid indirect mapped block 4294967295 (level 1) [ 202.015872][ T7647] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.556: invalid indirect mapped block 4294967295 (level 1) [ 202.082477][ T7651] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 202.114461][ T7651] ext4 filesystem being mounted at /94/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 202.150324][ T7647] EXT4-fs (loop4): 2 truncates cleaned up [ 202.192558][ T7647] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 202.277980][ T30] audit: type=1800 audit(1752881299.533:189): pid=7651 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.557" name="file1" dev="loop5" ino=12 res=0 errno=0 [ 202.414110][ T30] audit: type=1326 audit(1752881299.653:190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7646 comm="syz.4.556" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2fe078e9a9 code=0x7ffc0000 [ 202.481296][ T30] audit: type=1326 audit(1752881299.653:191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7646 comm="syz.4.556" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7f2fe078e9a9 code=0x7ffc0000 [ 202.537146][ T5841] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 202.618681][ T30] audit: type=1326 audit(1752881299.653:192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7646 comm="syz.4.556" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2fe078e9a9 code=0x7ffc0000 [ 202.767457][ T30] audit: type=1326 audit(1752881299.653:193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7646 comm="syz.4.556" exe="/root/syz-executor" sig=0 arch=c000003e syscall=37 compat=0 ip=0x7f2fe078e9a9 code=0x7ffc0000 [ 202.863342][ T30] audit: type=1326 audit(1752881299.653:194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7646 comm="syz.4.556" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2fe078e9a9 code=0x7ffc0000 [ 202.886518][ T30] audit: type=1326 audit(1752881299.663:195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7646 comm="syz.4.556" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2fe078e9a9 code=0x7ffc0000 [ 202.919836][ T30] audit: type=1326 audit(1752881299.663:196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7646 comm="syz.4.556" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2fe078e9a9 code=0x7ffc0000 [ 203.655862][ T5846] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 203.758488][ T7677] loop3: detected capacity change from 0 to 1024 [ 203.802315][ T7677] EXT4-fs: Ignoring removed bh option [ 203.807782][ T7677] EXT4-fs: inline encryption not supported [ 203.829189][ T7677] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 204.136499][ T7677] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce018, mo2=0000] [ 204.984298][ T7677] EXT4-fs error (device loop3): ext4_map_blocks:780: inode #3: block 2: comm syz.3.570: lblock 2 mapped to illegal pblock 2 (length 1) [ 205.029250][ T7677] Quota error (device loop3): qtree_write_dquot: dquota write failed [ 205.068516][ T7677] EXT4-fs error (device loop3): ext4_map_blocks:780: inode #3: block 48: comm syz.3.570: lblock 0 mapped to illegal pblock 48 (length 1) [ 205.142185][ T7677] Quota error (device loop3): v2_write_file_info: Can't write info structure [ 205.158882][ T7677] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.570: Failed to acquire dquot type 0 [ 205.200156][ T7701] x_tables: ip6_tables: tcpmss match: only valid for protocol 6 [ 205.214197][ T7677] EXT4-fs error (device loop3) in ext4_reserve_inode_write:6255: Corrupt filesystem [ 205.284264][ T7677] EXT4-fs error (device loop3): ext4_evict_inode:254: inode #11: comm syz.3.570: mark_inode_dirty error [ 205.369361][ T7677] EXT4-fs warning (device loop3): ext4_evict_inode:257: couldn't mark inode dirty (err -117) [ 205.439233][ T7677] EXT4-fs (loop3): 1 orphan inode deleted [ 205.455941][ T7085] EXT4-fs error (device loop3): ext4_map_blocks:780: inode #3: block 1: comm kworker/u8:15: lblock 1 mapped to illegal pblock 1 (length 1) [ 205.495303][ T7677] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 205.535352][ T7085] Quota error (device loop3): remove_tree: Can't read quota data block 1 [ 205.562777][ T7085] EXT4-fs error (device loop3): ext4_release_dquot:6969: comm kworker/u8:15: Failed to release dquot type 0 [ 205.609274][ T7677] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 205.780530][ T5856] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 205.905898][ T7713] Driver unsupported XDP return value 0 on prog (id 245) dev N/A, expect packet loss! [ 206.150070][ T7725] loop4: detected capacity change from 0 to 512 [ 206.174984][ T7725] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 206.272447][ T7729] netlink: 96 bytes leftover after parsing attributes in process `syz.1.586'. [ 206.289262][ T7725] EXT4-fs error (device loop4): ext4_get_branch:178: inode #11: block 4294967295: comm syz.4.585: invalid block [ 206.375904][ T7725] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.585: invalid indirect mapped block 4294967295 (level 1) [ 206.600249][ T7725] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.585: invalid indirect mapped block 4294967295 (level 1) [ 206.687749][ T7725] EXT4-fs (loop4): 2 truncates cleaned up [ 206.698651][ T7727] loop5: detected capacity change from 0 to 8192 [ 206.861026][ T7725] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 207.620340][ T30] audit: type=1326 audit(1752881305.877:197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7724 comm="syz.4.585" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2fe078e9a9 code=0x7ffc0000 [ 207.696753][ T7742] loop0: detected capacity change from 0 to 1024 [ 207.745472][ T30] audit: type=1326 audit(1752881305.877:198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7724 comm="syz.4.585" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7f2fe078e9a9 code=0x7ffc0000 [ 207.778857][ T7748] netlink: 596 bytes leftover after parsing attributes in process `syz.3.592'. [ 207.872792][ T30] audit: type=1326 audit(1752881305.877:199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7724 comm="syz.4.585" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2fe078e9a9 code=0x7ffc0000 [ 207.915909][ T5841] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 207.932372][ T7742] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 207.964555][ T30] audit: type=1326 audit(1752881305.877:200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7724 comm="syz.4.585" exe="/root/syz-executor" sig=0 arch=c000003e syscall=37 compat=0 ip=0x7f2fe078e9a9 code=0x7ffc0000 [ 208.072444][ T30] audit: type=1326 audit(1752881305.877:201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7724 comm="syz.4.585" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2fe078e9a9 code=0x7ffc0000 [ 208.136069][ T7754] x_tables: ip6_tables: tcpmss match: only valid for protocol 6 [ 208.189660][ T7742] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 49 with max blocks 1 with error 28 [ 208.202668][ T30] audit: type=1326 audit(1752881305.877:202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7724 comm="syz.4.585" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2fe078e9a9 code=0x7ffc0000 [ 208.287389][ T7757] loop3: detected capacity change from 0 to 512 [ 208.318199][ T30] audit: type=1326 audit(1752881305.877:203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7724 comm="syz.4.585" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2fe078e9a9 code=0x7ffc0000 [ 208.410267][ T7742] EXT4-fs (loop0): This should not happen!! Data will be lost [ 208.410267][ T7742] [ 208.451516][ T30] audit: type=1326 audit(1752881305.917:204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7724 comm="syz.4.585" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2fe078e9a9 code=0x7ffc0000 [ 208.480526][ T7742] EXT4-fs (loop0): Total free blocks count 0 [ 208.520315][ T7742] EXT4-fs (loop0): Free/Dirty block details [ 208.584866][ T7742] EXT4-fs (loop0): free_blocks=0 [ 208.584893][ T7742] EXT4-fs (loop0): dirty_blocks=0 [ 208.584910][ T7742] EXT4-fs (loop0): Block reservation details [ 208.584927][ T7742] EXT4-fs (loop0): i_reserved_data_blocks=0 [ 208.630162][ T7757] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.596: bg 0: block 248: padding at end of block bitmap is not set [ 208.631316][ T7757] Quota error (device loop3): write_blk: dquota write failed [ 208.631429][ T7757] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota [ 208.631483][ T7757] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.596: Failed to acquire dquot type 1 [ 208.649583][ T7757] EXT4-fs (loop3): 1 truncate cleaned up [ 208.651558][ T7757] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 208.651671][ T7757] ext4 filesystem being mounted at /122/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 208.849668][ T5856] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 208.869500][ T7774] netlink: 28 bytes leftover after parsing attributes in process `syz.2.600'. [ 208.986527][ T7772] bond1: (slave gretap1): Enslaving as an active interface with an up link [ 208.988926][ T7774] 8021q: adding VLAN 0 to HW filter on device bond1 [ 209.538100][ T6050] nci: nci_rf_intf_activated_ntf_packet: unsupported rf_interface 0xea [ 209.779996][ T7789] loop5: detected capacity change from 0 to 8192 [ 211.912946][ T7822] sd 0:0:1:0: device reset [ 212.276501][ T7825] loop2: detected capacity change from 0 to 512 [ 212.413546][ T7825] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 212.533658][ T7825] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #11: comm syz.2.621: invalid indirect mapped block 4294967295 (level 1) [ 212.680296][ T7825] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #11: comm syz.2.621: invalid indirect mapped block 4294967295 (level 1) [ 212.818304][ T7825] EXT4-fs (loop2): 2 truncates cleaned up [ 212.871998][ T7825] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 213.297570][ T5853] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 213.489386][ T7840] syzkaller1: entered promiscuous mode [ 213.529608][ T7840] syzkaller1: entered allmulticast mode [ 215.068403][ T7865] loop5: detected capacity change from 0 to 512 [ 215.098000][ T7865] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 215.147658][ T7865] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #11: comm syz.5.637: invalid indirect mapped block 4294967295 (level 1) [ 215.237823][ T7865] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #11: comm syz.5.637: invalid indirect mapped block 4294967295 (level 1) [ 215.284321][ T7865] EXT4-fs (loop5): 2 truncates cleaned up [ 215.351825][ T7865] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 215.365714][ T7873] netlink: 24 bytes leftover after parsing attributes in process `syz.4.641'. [ 215.417081][ T7865] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 215.441956][ T7875] loop3: detected capacity change from 0 to 512 [ 215.464613][ T7875] ext4: Unknown parameter 'nouser_xattr' [ 215.524495][ T7865] netlink: 12 bytes leftover after parsing attributes in process `syz.5.637'. [ 215.685523][ T7879] netlink: 12 bytes leftover after parsing attributes in process `syz.3.640'. [ 215.824705][ T7882] netlink: 8 bytes leftover after parsing attributes in process `syz.2.642'. [ 215.901475][ T7882] netlink: 4 bytes leftover after parsing attributes in process `syz.2.642'. [ 216.080675][ T51] Bluetooth: hci1: command 0x0406 tx timeout [ 216.087535][ T5865] Bluetooth: hci4: command 0x0406 tx timeout [ 216.093781][ T5865] Bluetooth: hci5: command 0x0406 tx timeout [ 216.100493][ T51] Bluetooth: hci2: command 0x0406 tx timeout [ 216.106972][ T5865] Bluetooth: hci3: command 0x0406 tx timeout [ 216.120525][ T7888] loop5: detected capacity change from 0 to 1024 [ 216.307993][ T7888] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 216.330122][ T7888] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 216.453883][ T7888] JBD2: no valid journal superblock found [ 216.488910][ T7888] EXT4-fs (loop5): Could not load journal inode [ 217.109732][ T5839] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 217.448578][ T7912] syzkaller1: entered promiscuous mode [ 217.461461][ T7912] syzkaller1: entered allmulticast mode [ 218.083870][ T7926] netlink: 60 bytes leftover after parsing attributes in process `syz.4.660'. [ 218.168259][ T7932] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 218.660180][ T7940] loop1: detected capacity change from 0 to 512 [ 218.755958][ T7940] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 218.806160][ T7945] loop4: detected capacity change from 0 to 512 [ 218.864179][ T7936] loop2: detected capacity change from 0 to 1024 [ 218.865569][ T7940] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #11: comm syz.1.667: invalid indirect mapped block 4294967295 (level 1) [ 219.181688][ T7940] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #11: comm syz.1.667: invalid indirect mapped block 4294967295 (level 1) [ 219.261181][ T7945] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 219.326443][ T7936] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 219.614069][ T7945] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.669: invalid indirect mapped block 4294967295 (level 1) [ 219.642275][ T7940] EXT4-fs (loop1): 2 truncates cleaned up [ 219.662112][ T7936] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 49 with max blocks 1 with error 28 [ 219.674463][ T7936] EXT4-fs (loop2): This should not happen!! Data will be lost [ 219.674463][ T7936] [ 219.682064][ T7945] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.669: invalid indirect mapped block 4294967295 (level 1) [ 219.684232][ T7936] EXT4-fs (loop2): Total free blocks count 0 [ 219.698755][ T7945] EXT4-fs (loop4): 2 truncates cleaned up [ 219.704280][ T7936] EXT4-fs (loop2): Free/Dirty block details [ 219.713049][ T7945] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 219.715870][ T7936] EXT4-fs (loop2): free_blocks=0 [ 219.733416][ T7936] EXT4-fs (loop2): dirty_blocks=0 [ 219.739237][ T7936] EXT4-fs (loop2): Block reservation details [ 219.745544][ T7936] EXT4-fs (loop2): i_reserved_data_blocks=0 [ 219.815407][ T7940] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 219.943064][ T5841] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 220.048895][ T30] kauditd_printk_skb: 1 callbacks suppressed [ 220.048915][ T30] audit: type=1326 audit(1752881319.300:206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7939 comm="syz.1.667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0bf758e9a9 code=0x7ffc0000 [ 220.158862][ T30] audit: type=1326 audit(1752881319.300:207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7939 comm="syz.1.667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0bf758e9a9 code=0x7ffc0000 [ 220.223996][ T30] audit: type=1326 audit(1752881319.300:208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7939 comm="syz.1.667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7f0bf758e9a9 code=0x7ffc0000 [ 220.278449][ T5844] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 220.310337][ T30] audit: type=1326 audit(1752881319.300:209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7939 comm="syz.1.667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0bf758e9a9 code=0x7ffc0000 [ 220.366823][ T30] audit: type=1326 audit(1752881319.300:210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7939 comm="syz.1.667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0bf758e9a9 code=0x7ffc0000 [ 220.404022][ T30] audit: type=1326 audit(1752881319.300:211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7939 comm="syz.1.667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=37 compat=0 ip=0x7f0bf758e9a9 code=0x7ffc0000 [ 220.486610][ T30] audit: type=1326 audit(1752881319.300:212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7939 comm="syz.1.667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0bf758e9a9 code=0x7ffc0000 [ 220.573843][ T30] audit: type=1326 audit(1752881319.300:213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7939 comm="syz.1.667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0bf758e9a9 code=0x7ffc0000 [ 220.664725][ T30] audit: type=1326 audit(1752881319.300:214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7939 comm="syz.1.667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0bf758e9a9 code=0x7ffc0000 [ 220.787752][ T30] audit: type=1326 audit(1752881319.300:215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7939 comm="syz.1.667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0bf758e9a9 code=0x7ffc0000 [ 220.824714][ T7970] netdevsim netdevsim0 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 220.847559][ T7970] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 221.115550][ T7970] netdevsim netdevsim0 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 221.140345][ T7970] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 221.349127][ T7970] netdevsim netdevsim0 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 221.389887][ T7970] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 221.390699][ T7988] loop5: detected capacity change from 0 to 512 [ 221.427442][ T7990] netlink: 4 bytes leftover after parsing attributes in process `syz.1.684'. [ 221.436222][ T7988] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 221.462545][ T7988] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #11: comm syz.5.685: invalid indirect mapped block 4294967295 (level 1) [ 221.494514][ T7990] netlink: 32 bytes leftover after parsing attributes in process `syz.1.684'. [ 221.596298][ T7988] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #11: comm syz.5.685: invalid indirect mapped block 4294967295 (level 1) [ 221.642506][ T7988] EXT4-fs (loop5): 2 truncates cleaned up [ 221.665852][ T7990] loop1: detected capacity change from 0 to 256 [ 221.670601][ T7988] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 221.691346][ T7970] netdevsim netdevsim0 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 221.728458][ T7970] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 221.897663][ T5846] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 221.945718][ T7970] netdevsim netdevsim0 eth0: set [0, 0] type 1 family 0 port 8472 - 0 [ 221.986421][ T7970] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 222.066980][ T7970] netdevsim netdevsim0 eth1: set [0, 0] type 1 family 0 port 8472 - 0 [ 222.093394][ T7994] loop3: detected capacity change from 0 to 512 [ 222.112334][ T7970] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 222.131359][ T7994] ext4: Unknown parameter 'nouser_xattr' [ 222.223473][ T7970] netdevsim netdevsim0 eth2: set [0, 0] type 1 family 0 port 8472 - 0 [ 222.269839][ T7970] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 222.323009][ T7998] netlink: 12 bytes leftover after parsing attributes in process `syz.3.687'. [ 222.346258][ T7970] netdevsim netdevsim0 eth3: set [0, 0] type 1 family 0 port 8472 - 0 [ 222.355918][ T7970] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 222.554145][ T8002] loop1: detected capacity change from 0 to 512 [ 222.629482][ T8002] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 222.908073][ T8002] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #11: comm syz.1.688: invalid indirect mapped block 4294967295 (level 1) [ 222.933517][ T8002] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #11: comm syz.1.688: invalid indirect mapped block 4294967295 (level 1) [ 222.985517][ T8002] EXT4-fs (loop1): 2 truncates cleaned up [ 222.994610][ T8002] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 223.253669][ T5844] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 223.809306][ T6032] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 223.891127][ T6032] hid-generic 0000:0000:0000.0001: hidraw0: HID v0.00 Device [syz1] on syz0 [ 223.997465][ T8023] loop4: detected capacity change from 0 to 1024 [ 224.032615][ T8027] loop5: detected capacity change from 0 to 512 [ 224.090477][ T8027] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 224.127597][ T8023] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 224.210605][ T8027] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #11: comm syz.5.699: invalid indirect mapped block 4294967295 (level 1) [ 224.330605][ T8033] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4113: comm syz.4.698: Allocating blocks 481-513 which overlap fs metadata [ 224.357533][ T8027] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #11: comm syz.5.699: invalid indirect mapped block 4294967295 (level 1) [ 224.446404][ T8027] EXT4-fs (loop5): 2 truncates cleaned up [ 224.464542][ T8027] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 224.723540][ T5846] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 224.774963][ T5841] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 225.080536][ T8048] syzkaller1: entered promiscuous mode [ 225.106760][ T8048] syzkaller1: entered allmulticast mode [ 225.256121][ T8051] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 225.916376][ T8068] loop0: detected capacity change from 0 to 512 [ 225.953673][ T8068] EXT4-fs: Ignoring removed i_version option [ 226.013265][ T8068] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 226.106212][ T8068] EXT4-fs warning (device loop0): ext4_expand_extra_isize_ea:2848: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 226.144603][ T8068] EXT4-fs (loop0): 1 truncate cleaned up [ 226.215766][ T8074] loop1: detected capacity change from 0 to 512 [ 226.247112][ T8068] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 226.271319][ T8074] ext4: Unknown parameter 'nouser_xattr' [ 226.470313][ T8077] netlink: 12 bytes leftover after parsing attributes in process `syz.1.716'. [ 226.558581][ T5839] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 226.558716][ T8079] loop3: detected capacity change from 0 to 512 [ 226.659000][ T8079] /dev/loop3: Can't open blockdev [ 228.214971][ T5848] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 228.230511][ T8090] syzkaller1: entered promiscuous mode [ 228.276602][ T8090] syzkaller1: entered allmulticast mode [ 228.299876][ T5848] hid-generic 0000:0000:0000.0002: hidraw0: HID v0.00 Device [syz1] on syz0 [ 229.062463][ T8096] netlink: 24 bytes leftover after parsing attributes in process `syz.5.723'. [ 231.324616][ T5853] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 231.346917][ T8118] program syz.3.732 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 231.406851][ T8115] syzkaller0: entered promiscuous mode [ 231.432663][ T8115] syzkaller0: entered allmulticast mode [ 231.942738][ T8133] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 231.950317][ T5932] IPVS: starting estimator thread 0... [ 232.039990][ T8139] IPVS: using max 24 ests per chain, 57600 per kthread [ 232.423964][ T6031] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 232.472772][ T6031] hid-generic 0000:0000:0000.0003: hidraw0: HID v0.00 Device [syz1] on syz0 [ 232.640087][ T5866] Bluetooth: hci6: Opcode 0x1003 failed: -110 [ 232.646629][ T5852] Bluetooth: hci6: command 0x1003 tx timeout [ 234.343358][ T8185] netlink: 4 bytes leftover after parsing attributes in process `syz.3.758'. [ 234.376756][ T8185] openvswitch: netlink: Flow key attr not present in new flow. [ 234.817991][ T8193] loop1: detected capacity change from 0 to 2048 [ 234.917472][ T7166] loop1: p1 < > p4 [ 234.945065][ T7166] loop1: p4 size 8388608 extends beyond EOD, truncated [ 235.002937][ T8193] loop1: p1 < > p4 [ 235.024355][ T8193] loop1: p4 size 8388608 extends beyond EOD, truncated [ 235.408169][ T6094] udevd[6094]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory [ 235.412776][ T7166] udevd[7166]: inotify_add_watch(7, /dev/loop1p4, 10) failed: No such file or directory [ 235.517009][ T6094] udevd[6094]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory [ 235.524237][ T7166] udevd[7166]: inotify_add_watch(7, /dev/loop1p4, 10) failed: No such file or directory [ 237.609174][ T8252] loop4: detected capacity change from 0 to 512 [ 237.808941][ T8252] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 237.822771][ T8252] ext4 filesystem being mounted at /101/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 239.487398][ T5841] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 239.943532][ T8269] loop2: detected capacity change from 0 to 1024 [ 239.992741][ T8269] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 240.014889][ T8269] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 49 with max blocks 1 with error 28 [ 240.027318][ T8269] EXT4-fs (loop2): This should not happen!! Data will be lost [ 240.027318][ T8269] [ 240.037860][ T8269] EXT4-fs (loop2): Total free blocks count 0 [ 240.043905][ T8269] EXT4-fs (loop2): Free/Dirty block details [ 240.049838][ T8269] EXT4-fs (loop2): free_blocks=0 [ 240.054785][ T8269] EXT4-fs (loop2): dirty_blocks=0 [ 240.059869][ T8269] EXT4-fs (loop2): Block reservation details [ 240.065922][ T8269] EXT4-fs (loop2): i_reserved_data_blocks=0 [ 240.178256][ T8281] loop3: detected capacity change from 0 to 2048 [ 240.256625][ T5853] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 240.266693][ T8281] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 240.344408][ T8285] netlink: 12 bytes leftover after parsing attributes in process `+}[@'. [ 240.465091][ T5856] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 240.574195][ T8290] netlink: 20 bytes leftover after parsing attributes in process `syz.4.796'. [ 240.682988][ T8290] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 240.692103][ T8290] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 240.700922][ T8290] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 240.709636][ T8290] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 240.767402][ T8296] loop3: detected capacity change from 0 to 512 [ 240.802160][ T8296] ext4: Unknown parameter 'nouser_xattr' [ 240.820100][ T8290] netdevsim netdevsim4 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 240.829634][ T8290] netdevsim netdevsim4 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 240.839058][ T8290] netdevsim netdevsim4 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 240.848136][ T8290] netdevsim netdevsim4 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 240.912825][ T8292] loop2: detected capacity change from 0 to 8192 [ 240.970078][ T8292] syz.2.794: attempt to access beyond end of device [ 240.970078][ T8292] loop2: rw=0, sector=57847, nr_sectors = 1 limit=8192 [ 241.056573][ T8303] netlink: 12 bytes leftover after parsing attributes in process `syz.3.797'. [ 241.080399][ T8292] Buffer I/O error on dev loop2, logical block 57847, async page read [ 241.180047][ T8292] syz.2.794: attempt to access beyond end of device [ 241.180047][ T8292] loop2: rw=0, sector=57847, nr_sectors = 1 limit=8192 [ 241.229339][ T8292] Buffer I/O error on dev loop2, logical block 57847, async page read [ 241.239114][ T30] kauditd_printk_skb: 18 callbacks suppressed [ 241.239131][ T30] audit: type=1800 audit(1752881340.500:234): pid=8292 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.794" name="file2" dev="loop2" ino=1048614 res=0 errno=0 [ 242.138044][ T8318] netlink: 12 bytes leftover after parsing attributes in process `syz.1.805'. [ 242.607455][ T8330] netlink: 16402 bytes leftover after parsing attributes in process `syz.4.808'. [ 242.626208][ T8326] netlink: 16402 bytes leftover after parsing attributes in process `syz.4.808'. [ 242.629955][ T8328] loop2: detected capacity change from 0 to 256 [ 243.475844][ T8348] loop2: detected capacity change from 0 to 736 [ 243.716161][ T8348] rock: directory entry would overflow storage [ 243.729169][ T8348] rock: sig=0x3b10, size=4, remaining=3 [ 243.767163][ T8348] netlink: 'syz.2.818': attribute type 27 has an invalid length. [ 244.734255][ T8348] bridge0: port 2(bridge_slave_1) entered disabled state [ 244.742670][ T8348] bridge0: port 1(bridge_slave_0) entered disabled state [ 245.260454][ T8375] xt_CT: You must specify a L4 protocol and not use inversions on it [ 245.857204][ T8348] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 245.877392][ T8348] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 245.923962][ T8348] veth0_vlan: left allmulticast mode [ 246.086987][ T8348] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 246.109356][ T8348] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 246.136406][ T8348] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 246.151195][ T8348] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 246.386695][ T8353] syz_tun: entered allmulticast mode [ 246.400224][ T8354] syz_tun: left allmulticast mode [ 246.416466][ T6032] lo speed is unknown, defaulting to 1000 [ 246.424089][ T6032] ˆ: Port: 1 Link DOWN [ 247.315702][ T8417] netlink: 4 bytes leftover after parsing attributes in process `syz.3.844'. [ 247.348899][ T8411] loop0: detected capacity change from 0 to 8192 [ 247.486077][ T8421] loop2: detected capacity change from 0 to 512 [ 247.543359][ T8421] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 247.589045][ T8421] EXT4-fs error (device loop2): ext4_get_branch:178: inode #11: block 4294967295: comm syz.2.845: invalid block [ 247.694137][ T8428] loop4: detected capacity change from 0 to 512 [ 247.710123][ T8421] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #11: comm syz.2.845: invalid indirect mapped block 4294967295 (level 1) [ 247.757652][ T8421] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #11: comm syz.2.845: invalid indirect mapped block 4294967295 (level 1) [ 247.902869][ T8428] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 247.977998][ T8428] ext4 filesystem being mounted at /115/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 247.989535][ T8421] EXT4-fs (loop2): 2 truncates cleaned up [ 248.004705][ T8435] netlink: 28 bytes leftover after parsing attributes in process `syz.0.849'. [ 248.022323][ T8421] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 248.184271][ T5841] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 248.244854][ T30] audit: type=1326 audit(1752881347.460:235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8418 comm="syz.2.845" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe04b18e9a9 code=0x7ffc0000 [ 248.285616][ T30] audit: type=1326 audit(1752881347.460:236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8418 comm="syz.2.845" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7fe04b18e9a9 code=0x7ffc0000 [ 248.376206][ T5853] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 248.390164][ T30] audit: type=1326 audit(1752881347.460:237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8418 comm="syz.2.845" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe04b18e9a9 code=0x7ffc0000 [ 248.413685][ T30] audit: type=1326 audit(1752881347.460:238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8418 comm="syz.2.845" exe="/root/syz-executor" sig=0 arch=c000003e syscall=37 compat=0 ip=0x7fe04b18e9a9 code=0x7ffc0000 [ 248.497659][ T30] audit: type=1326 audit(1752881347.460:239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8418 comm="syz.2.845" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe04b18e9a9 code=0x7ffc0000 [ 248.552426][ T8445] x_tables: ip6_tables: tcpmss match: only valid for protocol 6 [ 248.575882][ T30] audit: type=1326 audit(1752881347.460:240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8418 comm="syz.2.845" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe04b18e9a9 code=0x7ffc0000 [ 248.745042][ T30] audit: type=1326 audit(1752881347.460:241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8418 comm="syz.2.845" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe04b18e9a9 code=0x7ffc0000 [ 248.826605][ T8450] loop2: detected capacity change from 0 to 1024 [ 248.846391][ T30] audit: type=1326 audit(1752881347.460:242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8418 comm="syz.2.845" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe04b18e9a9 code=0x7ffc0000 [ 248.993668][ T8454] lo speed is unknown, defaulting to 1000 [ 249.042247][ T8450] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 249.245986][ T8466] loop3: detected capacity change from 0 to 1024 [ 249.290936][ T30] audit: type=1800 audit(1752881349.431:243): pid=8450 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.854" name="file1" dev="loop2" ino=15 res=0 errno=0 [ 249.387089][ T8466] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 249.431704][ T8466] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 49 with max blocks 1 with error 28 [ 249.444116][ T8466] EXT4-fs (loop3): This should not happen!! Data will be lost [ 249.444116][ T8466] [ 249.454165][ T8466] EXT4-fs (loop3): Total free blocks count 0 [ 249.460197][ T8466] EXT4-fs (loop3): Free/Dirty block details [ 249.466106][ T8466] EXT4-fs (loop3): free_blocks=0 [ 249.471093][ T8466] EXT4-fs (loop3): dirty_blocks=0 [ 249.476145][ T8466] EXT4-fs (loop3): Block reservation details [ 249.482300][ T8466] EXT4-fs (loop3): i_reserved_data_blocks=0 [ 249.582188][ T30] audit: type=1804 audit(1752881349.481:244): pid=8465 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.854" name="/newroot/140/file1/file1" dev="loop2" ino=15 res=1 errno=0 [ 250.601732][ T5853] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 251.048570][ T5856] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 251.698729][ T8501] xt_CT: You must specify a L4 protocol and not use inversions on it [ 252.603138][ T8507] netlink: 28 bytes leftover after parsing attributes in process `syz.1.874'. [ 254.377419][ T8540] netlink: 4 bytes leftover after parsing attributes in process `syz.5.887'. [ 254.601529][ T8543] netlink: 4 bytes leftover after parsing attributes in process `syz.5.887'. [ 255.141983][ T8550] netlink: 4 bytes leftover after parsing attributes in process `syz.1.890'. [ 255.235134][ T8553] netlink: 4 bytes leftover after parsing attributes in process `syz.1.890'. [ 255.443474][ T8557] xt_CT: You must specify a L4 protocol and not use inversions on it [ 256.674611][ T8573] netlink: 28 bytes leftover after parsing attributes in process `syz.0.900'. [ 257.303162][ T8602] process 'syz.3.913' launched './file1' with NULL argv: empty string added [ 257.749395][ T5932] IPVS: starting estimator thread 0... [ 257.774591][ T8628] loop2: detected capacity change from 0 to 128 [ 257.783581][ T8623] netlink: 28 bytes leftover after parsing attributes in process `syz.4.920'. [ 257.880534][ T8626] IPVS: using max 24 ests per chain, 57600 per kthread [ 257.918177][ T30] kauditd_printk_skb: 1 callbacks suppressed [ 257.918197][ T30] audit: type=1800 audit(1752881358.171:246): pid=8628 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.926" name="bus" dev="loop2" ino=1048616 res=0 errno=0 [ 257.959934][ T8632] hub 6-0:1.0: USB hub found [ 258.015742][ T30] audit: type=1800 audit(1752881358.201:247): pid=8628 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.926" name="bus" dev="loop2" ino=1048616 res=0 errno=0 [ 258.027896][ T8632] hub 6-0:1.0: 1 port detected [ 258.125941][ T8635] syz.2.926: attempt to access beyond end of device [ 258.125941][ T8635] loop2: rw=0, sector=121, nr_sectors = 896 limit=128 [ 258.397836][ T7082] kworker/u8:12: attempt to access beyond end of device [ 258.397836][ T7082] loop2: rw=1, sector=145, nr_sectors = 896 limit=128 [ 258.463807][ T8644] syzkaller0: entered promiscuous mode [ 258.480813][ T8644] syzkaller0: entered allmulticast mode [ 258.777190][ T8666] netlink: 8 bytes leftover after parsing attributes in process `syz.2.941'. [ 261.546756][ T8676] vlan2: entered promiscuous mode [ 261.840733][ T8698] siw: device registration error -23 [ 261.890618][ T8698] lo speed is unknown, defaulting to 1000 [ 262.507584][ T8713] netlink: 5 bytes leftover after parsing attributes in process `syz.1.961'. [ 262.627940][ T8709] loop2: detected capacity change from 0 to 8192 [ 262.715661][ T8709] syz.2.959: attempt to access beyond end of device [ 262.715661][ T8709] loop2: rw=0, sector=57847, nr_sectors = 1 limit=8192 [ 262.771053][ T8709] Buffer I/O error on dev loop2, logical block 57847, async page read [ 262.784601][ T8709] syz.2.959: attempt to access beyond end of device [ 262.784601][ T8709] loop2: rw=0, sector=57847, nr_sectors = 1 limit=8192 [ 262.885958][ T8709] Buffer I/O error on dev loop2, logical block 57847, async page read [ 262.974212][ T30] audit: type=1800 audit(1752881363.231:248): pid=8709 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.959" name="file2" dev="loop2" ino=1048617 res=0 errno=0 [ 263.054760][ T8725] netlink: 16 bytes leftover after parsing attributes in process `syz.4.956'. [ 264.861058][ T8744] random: crng reseeded on system resumption [ 266.683370][ T8758] syzkaller0: entered promiscuous mode [ 266.703895][ T8758] syzkaller0: entered allmulticast mode [ 266.772917][ T8774] lo speed is unknown, defaulting to 1000 [ 268.834846][ T8802] lo speed is unknown, defaulting to 1000 [ 268.955403][ T8796] loop4: detected capacity change from 0 to 512 [ 269.284147][ T8796] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 269.298058][ T8796] ext4 filesystem being mounted at /125/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 269.313130][ T30] audit: type=1326 audit(1752881369.571:249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8795 comm="syz.2.986" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe04b18e9a9 code=0x7ffc0000 [ 269.363355][ T30] audit: type=1326 audit(1752881369.611:250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8795 comm="syz.2.986" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe04b18e9a9 code=0x7ffc0000 [ 269.534026][ T30] audit: type=1326 audit(1752881369.611:251): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8795 comm="syz.2.986" exe="/root/syz-executor" sig=0 arch=c000003e syscall=206 compat=0 ip=0x7fe04b18e9a9 code=0x7ffc0000 [ 269.664273][ T30] audit: type=1326 audit(1752881369.611:252): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8795 comm="syz.2.986" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe04b18e9a9 code=0x7ffc0000 [ 269.773670][ T30] audit: type=1326 audit(1752881369.611:253): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8795 comm="syz.2.986" exe="/root/syz-executor" sig=0 arch=c000003e syscall=208 compat=0 ip=0x7fe04b18e9a9 code=0x7ffc0000 [ 269.800346][ T30] audit: type=1326 audit(1752881369.751:254): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8795 comm="syz.2.986" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe04b18e9a9 code=0x7ffc0000 [ 269.946831][ T30] audit: type=1326 audit(1752881369.751:255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8795 comm="syz.2.986" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe04b18e9a9 code=0x7ffc0000 [ 270.055225][ T8822] netlink: 28 bytes leftover after parsing attributes in process `syz.3.991'. [ 270.138421][ T30] audit: type=1326 audit(1752881369.771:256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8795 comm="syz.2.986" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fe04b18e9a9 code=0x7ffc0000 [ 270.555097][ T5841] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 272.041674][ T8866] random: crng reseeded on system resumption [ 272.434919][ T8869] loop2: detected capacity change from 0 to 512 [ 272.615186][ T8869] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 272.698223][ T8869] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #11: comm syz.2.1007: invalid indirect mapped block 4294967295 (level 1) [ 272.756009][ T8869] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #11: comm syz.2.1007: invalid indirect mapped block 4294967295 (level 1) [ 272.830337][ T8869] EXT4-fs (loop2): 2 truncates cleaned up [ 272.864057][ T8869] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 272.968655][ T8869] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 273.080528][ T8869] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1007'. [ 274.032662][ T8906] xt_CT: You must specify a L4 protocol and not use inversions on it [ 274.396929][ T8905] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1020'. [ 274.616139][ T8909] loop3: detected capacity change from 0 to 1024 [ 275.038893][ T8909] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 275.400478][ T8909] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 49 with max blocks 1 with error 28 [ 275.412903][ T8909] EXT4-fs (loop3): This should not happen!! Data will be lost [ 275.412903][ T8909] [ 275.422655][ T8909] EXT4-fs (loop3): Total free blocks count 0 [ 275.428645][ T8909] EXT4-fs (loop3): Free/Dirty block details [ 275.434617][ T8909] EXT4-fs (loop3): free_blocks=0 [ 275.439815][ T8909] EXT4-fs (loop3): dirty_blocks=0 [ 275.444849][ T8909] EXT4-fs (loop3): Block reservation details [ 275.451282][ T8909] EXT4-fs (loop3): i_reserved_data_blocks=0 [ 276.821717][ T8937] loop1: detected capacity change from 0 to 512 [ 276.883053][ T8937] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 276.996715][ T5856] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 277.014346][ T8937] EXT4-fs error (device loop1): ext4_get_branch:178: inode #11: block 4294967295: comm syz.1.1031: invalid block [ 277.041688][ T8937] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #11: comm syz.1.1031: invalid indirect mapped block 4294967295 (level 1) [ 277.148630][ T8937] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #11: comm syz.1.1031: invalid indirect mapped block 4294967295 (level 1) [ 277.256419][ T8942] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1032'. [ 277.271002][ T8937] EXT4-fs (loop1): 2 truncates cleaned up [ 277.300295][ T8937] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 277.527553][ T8937] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 277.785694][ T8955] xt_CT: You must specify a L4 protocol and not use inversions on it [ 278.321502][ T8937] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1031'. [ 278.589284][ T8963] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1040'. [ 279.495040][ T8980] loop0: detected capacity change from 0 to 1024 [ 279.916769][ T8980] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 280.137456][ T8980] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 49 with max blocks 1 with error 28 [ 280.150101][ T8980] EXT4-fs (loop0): This should not happen!! Data will be lost [ 280.150101][ T8980] [ 280.160002][ T8980] EXT4-fs (loop0): Total free blocks count 0 [ 280.166046][ T8980] EXT4-fs (loop0): Free/Dirty block details [ 280.172180][ T8980] EXT4-fs (loop0): free_blocks=0 [ 280.177607][ T8980] EXT4-fs (loop0): dirty_blocks=0 [ 280.183064][ T8980] EXT4-fs (loop0): Block reservation details [ 280.189198][ T8980] EXT4-fs (loop0): i_reserved_data_blocks=0 [ 280.429135][ T8990] syz.1.1050 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 280.558812][ T8987] x_tables: ip6_tables: tcpmss match: only valid for protocol 6 [ 280.797226][ T8988] syzkaller0: entered promiscuous mode [ 280.852761][ T8988] syzkaller0: entered allmulticast mode [ 281.082137][ T8996] loop2: detected capacity change from 0 to 2048 [ 281.587100][ T5839] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 281.628595][ T9003] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1056'. [ 281.861048][ T9009] futex_wake_op: syz.1.1059 tries to shift op by -1; fix this program [ 282.268818][ T9015] loop2: detected capacity change from 0 to 512 [ 282.283671][ T9015] EXT4-fs: Ignoring removed nomblk_io_submit option [ 282.314468][ T9015] EXT4-fs (loop2): Test dummy encryption mode enabled [ 282.321431][ T9015] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 282.394054][ T9015] EXT4-fs (loop2): 1 truncate cleaned up [ 282.413103][ T9015] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 284.367126][ T9027] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1062'. [ 286.047513][ T9041] syzkaller1: entered promiscuous mode [ 286.094240][ T9055] siw: device registration error -23 [ 286.099903][ T9041] syzkaller1: entered allmulticast mode [ 286.276470][ T9058] x_tables: ip6_tables: tcpmss match: only valid for protocol 6 [ 286.315951][ T9055] lo speed is unknown, defaulting to 1000 [ 286.574958][ T5853] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 286.682579][ T9069] loop4: detected capacity change from 0 to 512 [ 286.739677][ T9069] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 286.765606][ T9069] ext4 filesystem being mounted at /138/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 287.618395][ T5841] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 287.667338][ T9088] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1085'. [ 287.785628][ T9091] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1086'. [ 288.068060][ T9105] loop4: detected capacity change from 0 to 512 [ 288.118642][ T9105] EXT4-fs (loop4): orphan cleanup on readonly fs [ 288.132739][ T9105] Quota error (device loop4): find_tree_dqentry: Cycle in quota tree detected: block 2 index 0 [ 288.150333][ T9105] Quota error (device loop4): qtree_read_dquot: Can't read quota structure for id 0 [ 288.189108][ T9105] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.1087: Failed to acquire dquot type 1 [ 288.253075][ T9105] EXT4-fs (loop4): 1 truncate cleaned up [ 288.316206][ T9105] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 288.413134][ T9100] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000. [ 288.458147][ T9113] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1091'. [ 288.608587][ T5841] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 288.844722][ T9110] lo speed is unknown, defaulting to 1000 [ 288.970135][ T9119] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1093'. [ 288.971841][ T9120] random: crng reseeded on system resumption [ 289.031522][ T9124] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1093'. [ 289.128417][ T9122] netdevsim netdevsim0 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 289.160032][ T9122] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 289.267072][ T9119] 8021q: adding VLAN 0 to HW filter on device bond1 [ 289.596255][ T9124] bond1 (unregistering): Released all slaves [ 289.709084][ T9131] netlink: 'syz.3.1096': attribute type 6 has an invalid length. [ 289.730822][ T9122] netdevsim netdevsim0 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 289.749970][ T9122] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 289.913647][ T9122] netdevsim netdevsim0 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 289.937520][ T9122] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 290.013764][ T9138] loop3: detected capacity change from 0 to 512 [ 290.111145][ T9138] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 290.177286][ T9138] ext4 filesystem being mounted at /213/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 290.236682][ T9122] netdevsim netdevsim0 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 290.260166][ T9122] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 291.253225][ T5856] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 291.273968][ T9152] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1101'. [ 291.405867][ T9122] netdevsim netdevsim0 eth0: set [0, 0] type 1 family 0 port 8472 - 0 [ 291.462009][ T9154] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1102'. [ 291.470277][ T9122] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 292.488059][ T9122] netdevsim netdevsim0 eth1: set [0, 0] type 1 family 0 port 8472 - 0 [ 292.592686][ T9122] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 292.919539][ T9122] netdevsim netdevsim0 eth2: set [0, 0] type 1 family 0 port 8472 - 0 [ 292.979883][ T9122] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 293.382265][ T9122] netdevsim netdevsim0 eth3: set [0, 0] type 1 family 0 port 8472 - 0 [ 293.490153][ T9122] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 293.943083][ T9184] loop4: detected capacity change from 0 to 512 [ 294.015265][ T9184] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 294.031554][ T9184] ext4 filesystem being mounted at /145/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 294.310765][ T9199] netlink: 4 bytes leftover after parsing attributes in process `wg1'. [ 294.320696][ T6032] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 294.484435][ T6032] usb 2-1: Using ep0 maxpacket: 32 [ 294.512167][ T6032] usb 2-1: config 0 has no interfaces? [ 294.548022][ T6032] usb 2-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 294.571009][ T6032] usb 2-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 294.601161][ T6032] usb 2-1: Product: syz [ 294.615579][ T6032] usb 2-1: Manufacturer: syz [ 294.635190][ T6032] usb 2-1: SerialNumber: syz [ 294.679486][ T6032] usb 2-1: config 0 descriptor?? [ 294.853271][ T5841] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 294.911073][ T9209] loop3: detected capacity change from 0 to 8192 [ 294.935456][ T5965] usb 2-1: USB disconnect, device number 2 [ 295.564861][ T9228] random: crng reseeded on system resumption [ 296.465946][ T30] audit: type=1107 audit(1752881397.724:257): pid=9234 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='' [ 298.314413][ T9264] loop4: detected capacity change from 0 to 8192 [ 298.474934][ T9273] netlink: 14 bytes leftover after parsing attributes in process `syz.2.1148'. [ 299.494329][ T9282] random: crng reseeded on system resumption [ 299.862445][ T9273] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 299.946441][ T9273] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 300.032654][ T9273] bond0 (unregistering): Released all slaves [ 300.258758][ T9290] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1153'. [ 300.556166][ T9287] bond1: (slave gretap1): Enslaving as an active interface with an up link [ 300.717855][ T9293] loop2: detected capacity change from 0 to 512 [ 300.845003][ T9293] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 300.945396][ T9293] ext4 filesystem being mounted at /190/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 301.135973][ T5853] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 302.195345][ T9336] loop0: detected capacity change from 0 to 8192 [ 302.440395][ T9347] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1166'. [ 302.701265][ T9347] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1166'. [ 302.831123][ T9361] loop3: detected capacity change from 0 to 512 [ 302.927900][ T9361] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 302.964727][ T9361] ext4 filesystem being mounted at /228/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 303.207208][ T5856] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 303.879448][ T9374] loop2: detected capacity change from 0 to 128 [ 304.094483][ T9374] EXT4-fs: Ignoring removed nobh option [ 304.314176][ T9374] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 304.485968][ T9374] ext4 filesystem being mounted at /196/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 304.895242][ T9389] x_tables: ip6_tables: tcpmss match: only valid for protocol 6 [ 304.963270][ T5853] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 305.408661][ T9397] loop0: detected capacity change from 0 to 1024 [ 305.493183][ T9397] Quota error (device loop0): do_check_range: Getting block 64 out of range 1-5 [ 305.519936][ T9397] Quota error (device loop0): qtree_read_dquot: Can't read quota structure for id 0 [ 305.538360][ T9397] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.1182: Failed to acquire dquot type 0 [ 305.698526][ T9397] EXT4-fs error (device loop0): mb_free_blocks:1948: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt. [ 305.739816][ T9397] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #13: comm syz.0.1182: corrupted inode contents [ 305.821830][ T9397] EXT4-fs error (device loop0): ext4_dirty_inode:6459: inode #13: comm syz.0.1182: mark_inode_dirty error [ 305.836306][ T9408] loop3: detected capacity change from 0 to 512 [ 305.904515][ T9397] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #13: comm syz.0.1182: corrupted inode contents [ 305.915703][ T9413] capability: warning: `syz.2.1187' uses deprecated v2 capabilities in a way that may be insecure [ 305.960954][ T9397] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #13: comm syz.0.1182: mark_inode_dirty error [ 305.979356][ T9412] loop5: detected capacity change from 0 to 512 [ 305.988427][ T9408] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 306.053248][ T9397] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #13: comm syz.0.1182: corrupted inode contents [ 306.082678][ T9408] ext4 filesystem being mounted at /232/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 306.106479][ T9412] EXT4-fs (loop5): orphan cleanup on readonly fs [ 306.136990][ T9397] EXT4-fs error (device loop0) in ext4_orphan_del:305: Corrupt filesystem [ 306.152077][ T9412] EXT4-fs error (device loop5): ext4_orphan_get:1419: comm syz.5.1188: bad orphan inode 13 [ 306.168563][ T9397] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #13: comm syz.0.1182: corrupted inode contents [ 306.217269][ T9412] ext4_test_bit(bit=12, block=18) = 1 [ 306.263550][ T9397] EXT4-fs error (device loop0): ext4_truncate:4597: inode #13: comm syz.0.1182: mark_inode_dirty error [ 306.281523][ T9412] is_bad_inode(inode)=0 [ 306.295363][ T9412] NEXT_ORPHAN(inode)=2130706432 [ 306.296939][ T5856] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 306.302241][ T9412] max_ino=32 [ 306.317114][ T9397] EXT4-fs error (device loop0) in ext4_process_orphan:347: Corrupt filesystem [ 306.347918][ T9412] i_nlink=1 [ 306.357268][ T9412] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 306.378745][ T9397] EXT4-fs (loop0): 1 truncate cleaned up [ 306.398292][ T9397] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 306.422011][ T30] audit: type=1326 audit(1752881408.681:258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9422 comm="syz.2.1191" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe04b18e9a9 code=0x7ffc0000 [ 306.499008][ T9412] EXT4-fs (loop5): warning: mounting fs with errors, running e2fsck is recommended [ 306.520259][ T30] audit: type=1326 audit(1752881408.681:259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9422 comm="syz.2.1191" exe="/root/syz-executor" sig=0 arch=c000003e syscall=322 compat=0 ip=0x7fe04b18e9a9 code=0x7ffc0000 [ 306.576183][ T9426] ------------[ cut here ]------------ [ 306.576188][ T9397] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 306.590392][ T9426] WARNING: CPU: 0 PID: 9426 at fs/ext4/ext4_jbd2.c:76 ext4_journal_check_start+0x24f/0x2b0 [ 306.600691][ T9426] Modules linked in: [ 306.604695][ T9426] CPU: 0 UID: 0 PID: 9426 Comm: syz.0.1182 Not tainted 6.16.0-rc6-syzkaller-00205-gd786aba32000 #0 PREEMPT(full) [ 306.617040][ T9426] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 306.627212][ T9426] RIP: 0010:ext4_journal_check_start+0x24f/0x2b0 [ 306.634262][ T9426] Code: 5b 41 5c 41 5d 41 5e 41 5f 5d e9 67 2f a5 fe cc e8 46 17 55 ff 41 bf fb ff ff ff eb e0 e8 39 17 55 ff eb d3 e8 32 17 55 ff 90 <0f> 0b 90 eb c8 e8 27 17 55 ff 90 0f 0b 90 43 80 7c 25 00 00 0f 85 [ 306.653972][ T9426] RSP: 0018:ffffc9001e86f398 EFLAGS: 00010283 [ 306.660679][ T9426] RAX: ffffffff826b11be RBX: ffff88804d840000 RCX: 0000000000080000 [ 306.668673][ T9426] RDX: ffffc9000d149000 RSI: 000000000000075c RDI: 000000000000075d [ 306.677712][ T9426] RBP: 0000000000000364 R08: ffff88803162e387 R09: 1ffff110062c5c70 [ 306.686508][ T9426] R10: dffffc0000000000 R11: ffffed10062c5c71 R12: dffffc0000000000 [ 306.694531][ T9426] R13: 1ffff11009b080c8 R14: ffff88804d840640 R15: 0000000000000001 [ 306.702821][ T9426] FS: 00007fb9f73d66c0(0000) GS:ffff888125c23000(0000) knlGS:0000000000000000 [ 306.712008][ T9426] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 306.718617][ T9426] CR2: 00007fb9f73d5f98 CR3: 000000004874c000 CR4: 0000000000350ef0 [ 306.726674][ T9426] Call Trace: [ 306.730023][ T9426] [ 306.732980][ T9426] __ext4_journal_start_sb+0x16b/0x5c0 [ 306.738482][ T9426] ext4_file_open+0x72c/0xa40 [ 306.743636][ T9426] ? __pfx_ext4_file_open+0x10/0x10 [ 306.748885][ T9426] ? tomoyo_file_open+0x14a/0x220 [ 306.750889][ T9425] netlink: 80 bytes leftover after parsing attributes in process `syz.3.1192'. [ 306.754364][ T9426] ? srso_alias_return_thunk+0x5/0xfbef5 [ 306.768956][ T9426] ? __pfx_ext4_file_open+0x10/0x10 [ 306.775083][ T9426] do_dentry_open+0xdf3/0x1970 [ 306.780648][ T9426] vfs_open+0x3b/0x340 [ 306.784746][ T9426] ? path_openat+0x2ecd/0x3830 [ 306.789552][ T9426] path_openat+0x2ee5/0x3830 [ 306.794307][ T9426] ? __pfx_path_openat+0x10/0x10 [ 306.799533][ T9426] do_filp_open+0x1fa/0x410 [ 306.804318][ T9426] ? __pfx_do_filp_open+0x10/0x10 [ 306.809505][ T9426] ? do_open_execat+0x93/0x540 [ 306.814350][ T9426] do_open_execat+0x135/0x540 [ 306.819057][ T9426] ? __pfx_do_open_execat+0x10/0x10 [ 306.824356][ T9426] ? getname_kernel+0x146/0x2f0 [ 306.829233][ T9426] ? srso_alias_return_thunk+0x5/0xfbef5 [ 306.834967][ T9426] ? getname_kernel+0x20e/0x2f0 [ 306.839983][ T9426] open_exec+0x40/0x60 [ 306.844097][ T9426] bm_register_write+0x2d1/0x1750 [ 306.849171][ T9426] ? __pfx_bm_register_write+0x10/0x10 [ 306.854715][ T9426] ? srso_alias_return_thunk+0x5/0xfbef5 [ 306.860438][ T9426] ? __pfx_bm_register_write+0x10/0x10 [ 306.865953][ T9426] vfs_write+0x27e/0xa90 [ 306.866480][ T9412] EXT4-fs warning (device loop5): ext4_multi_mount_protect:398: Unable to create kmmpd thread for loop5. [ 306.870314][ T9426] ? __pfx_vfs_write+0x10/0x10 [ 306.870358][ T9426] ? __fget_files+0x2a/0x420 [ 306.870389][ T9426] ? srso_alias_return_thunk+0x5/0xfbef5 [ 306.870422][ T9426] ? __fget_files+0x3a0/0x420 [ 306.870446][ T9426] ? __fget_files+0x2a/0x420 [ 306.870477][ T9426] ? srso_alias_return_thunk+0x5/0xfbef5 [ 306.913796][ T9426] ksys_write+0x145/0x250 [ 306.918163][ T9426] ? __pfx_ksys_write+0x10/0x10 [ 306.923105][ T9426] ? srso_alias_return_thunk+0x5/0xfbef5 [ 306.928771][ T9426] ? do_syscall_64+0xbe/0x3b0 [ 306.933545][ T9426] do_syscall_64+0xfa/0x3b0 [ 306.938085][ T9426] ? lockdep_hardirqs_on+0x9c/0x150 [ 306.943360][ T9426] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 306.949449][ T9426] ? srso_alias_return_thunk+0x5/0xfbef5 [ 306.955152][ T9426] ? exc_page_fault+0x9f/0xf0 [ 306.959893][ T9426] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 306.965815][ T9426] RIP: 0033:0x7fb9f758e9a9 [ 306.970291][ T9426] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 306.990913][ T9426] RSP: 002b:00007fb9f73d6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 307.000160][ T9426] RAX: ffffffffffffffda RBX: 00007fb9f77b6080 RCX: 00007fb9f758e9a9 [ 307.008413][ T9426] RDX: 000000000000004b RSI: 0000200000000140 RDI: 0000000000000004 [ 307.016659][ T9426] RBP: 00007fb9f7610ca1 R08: 0000000000000000 R09: 0000000000000000 [ 307.024721][ T9426] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 307.032748][ T9426] R13: 0000000000000001 R14: 00007fb9f77b6080 R15: 00007fffa2bb8478 [ 307.040810][ T9426] [ 307.043851][ T9426] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 307.051143][ T9426] CPU: 0 UID: 0 PID: 9426 Comm: syz.0.1182 Not tainted 6.16.0-rc6-syzkaller-00205-gd786aba32000 #0 PREEMPT(full) [ 307.063141][ T9426] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 307.073215][ T9426] Call Trace: [ 307.076508][ T9426] [ 307.079450][ T9426] dump_stack_lvl+0x99/0x250 [ 307.084076][ T9426] ? __asan_memcpy+0x40/0x70 [ 307.088692][ T9426] ? __pfx_dump_stack_lvl+0x10/0x10 [ 307.093913][ T9426] ? __pfx__printk+0x10/0x10 [ 307.098529][ T9426] ? srso_alias_return_thunk+0x5/0xfbef5 [ 307.104176][ T9426] panic+0x2db/0x790 [ 307.108132][ T9426] ? srso_alias_return_thunk+0x5/0xfbef5 [ 307.113814][ T9426] ? __pfx_panic+0x10/0x10 [ 307.118263][ T9426] __warn+0x31b/0x4b0 [ 307.122258][ T9426] ? ext4_journal_check_start+0x24f/0x2b0 [ 307.127999][ T9426] ? ext4_journal_check_start+0x24f/0x2b0 [ 307.133728][ T9426] report_bug+0x2be/0x4f0 [ 307.138059][ T9426] ? ext4_journal_check_start+0x24f/0x2b0 [ 307.143796][ T9426] ? ext4_journal_check_start+0x24f/0x2b0 [ 307.149525][ T9426] ? ext4_journal_check_start+0x251/0x2b0 [ 307.155258][ T9426] handle_bug+0x84/0x160 [ 307.159510][ T9426] exc_invalid_op+0x1a/0x50 [ 307.164024][ T9426] asm_exc_invalid_op+0x1a/0x20 [ 307.168878][ T9426] RIP: 0010:ext4_journal_check_start+0x24f/0x2b0 [ 307.175220][ T9426] Code: 5b 41 5c 41 5d 41 5e 41 5f 5d e9 67 2f a5 fe cc e8 46 17 55 ff 41 bf fb ff ff ff eb e0 e8 39 17 55 ff eb d3 e8 32 17 55 ff 90 <0f> 0b 90 eb c8 e8 27 17 55 ff 90 0f 0b 90 43 80 7c 25 00 00 0f 85 [ 307.194832][ T9426] RSP: 0018:ffffc9001e86f398 EFLAGS: 00010283 [ 307.200907][ T9426] RAX: ffffffff826b11be RBX: ffff88804d840000 RCX: 0000000000080000 [ 307.208877][ T9426] RDX: ffffc9000d149000 RSI: 000000000000075c RDI: 000000000000075d [ 307.216936][ T9426] RBP: 0000000000000364 R08: ffff88803162e387 R09: 1ffff110062c5c70 [ 307.224908][ T9426] R10: dffffc0000000000 R11: ffffed10062c5c71 R12: dffffc0000000000 [ 307.232878][ T9426] R13: 1ffff11009b080c8 R14: ffff88804d840640 R15: 0000000000000001 [ 307.240861][ T9426] ? ext4_journal_check_start+0x24e/0x2b0 [ 307.246605][ T9426] ? ext4_journal_check_start+0x24e/0x2b0 [ 307.252344][ T9426] __ext4_journal_start_sb+0x16b/0x5c0 [ 307.257818][ T9426] ext4_file_open+0x72c/0xa40 [ 307.262517][ T9426] ? __pfx_ext4_file_open+0x10/0x10 [ 307.267731][ T9426] ? tomoyo_file_open+0x14a/0x220 [ 307.272768][ T9426] ? srso_alias_return_thunk+0x5/0xfbef5 [ 307.278413][ T9426] ? __pfx_ext4_file_open+0x10/0x10 [ 307.283619][ T9426] do_dentry_open+0xdf3/0x1970 [ 307.288403][ T9426] vfs_open+0x3b/0x340 [ 307.292474][ T9426] ? path_openat+0x2ecd/0x3830 [ 307.297259][ T9426] path_openat+0x2ee5/0x3830 [ 307.301893][ T9426] ? __pfx_path_openat+0x10/0x10 [ 307.306861][ T9426] do_filp_open+0x1fa/0x410 [ 307.311375][ T9426] ? __pfx_do_filp_open+0x10/0x10 [ 307.316441][ T9426] ? do_open_execat+0x93/0x540 [ 307.321219][ T9426] do_open_execat+0x135/0x540 [ 307.325903][ T9426] ? __pfx_do_open_execat+0x10/0x10 [ 307.331111][ T9426] ? getname_kernel+0x146/0x2f0 [ 307.335981][ T9426] ? srso_alias_return_thunk+0x5/0xfbef5 [ 307.341616][ T9426] ? getname_kernel+0x20e/0x2f0 [ 307.346468][ T9426] open_exec+0x40/0x60 [ 307.350544][ T9426] bm_register_write+0x2d1/0x1750 [ 307.355590][ T9426] ? __pfx_bm_register_write+0x10/0x10 [ 307.361071][ T9426] ? srso_alias_return_thunk+0x5/0xfbef5 [ 307.366710][ T9426] ? __pfx_bm_register_write+0x10/0x10 [ 307.372183][ T9426] vfs_write+0x27e/0xa90 [ 307.376447][ T9426] ? __pfx_vfs_write+0x10/0x10 [ 307.381223][ T9426] ? __fget_files+0x2a/0x420 [ 307.385816][ T9426] ? srso_alias_return_thunk+0x5/0xfbef5 [ 307.391455][ T9426] ? __fget_files+0x3a0/0x420 [ 307.396130][ T9426] ? __fget_files+0x2a/0x420 [ 307.400724][ T9426] ? srso_alias_return_thunk+0x5/0xfbef5 [ 307.406366][ T9426] ksys_write+0x145/0x250 [ 307.410729][ T9426] ? __pfx_ksys_write+0x10/0x10 [ 307.415585][ T9426] ? srso_alias_return_thunk+0x5/0xfbef5 [ 307.421231][ T9426] ? do_syscall_64+0xbe/0x3b0 [ 307.425917][ T9426] do_syscall_64+0xfa/0x3b0 [ 307.430423][ T9426] ? lockdep_hardirqs_on+0x9c/0x150 [ 307.435623][ T9426] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 307.441685][ T9426] ? srso_alias_return_thunk+0x5/0xfbef5 [ 307.447324][ T9426] ? exc_page_fault+0x9f/0xf0 [ 307.452005][ T9426] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 307.457896][ T9426] RIP: 0033:0x7fb9f758e9a9 [ 307.462312][ T9426] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 307.481919][ T9426] RSP: 002b:00007fb9f73d6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 307.490343][ T9426] RAX: ffffffffffffffda RBX: 00007fb9f77b6080 RCX: 00007fb9f758e9a9 [ 307.498315][ T9426] RDX: 000000000000004b RSI: 0000200000000140 RDI: 0000000000000004 [ 307.506287][ T9426] RBP: 00007fb9f7610ca1 R08: 0000000000000000 R09: 0000000000000000 [ 307.514257][ T9426] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 307.522226][ T9426] R13: 0000000000000001 R14: 00007fb9f77b6080 R15: 00007fffa2bb8478 [ 307.530219][ T9426] [ 307.533442][ T9426] Kernel Offset: disabled [ 307.537764][ T9426] Rebooting in 86400 seconds..