last executing test programs: 2m59.408497323s ago: executing program 3 (id=204): sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a58000000160a0302000200000000000002000000090002"], 0x80}}, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001440)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x16, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x3, 0x0, 0x0, 0x41000, 0x1, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10) sendmsg$NFT_BATCH(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a30000000006c000000160a01000000000000000000010000000900010073797a30000000000900020073797a3000000000400003800800014000000000080002400000fbff2b0003801400010067656e6576653000000000000000000014000100776732000000000000000000c6e49c0f5c000000180a0101000b000000000000010000000900020073797a30000000000900010073797a3000000000300003802c000380140001"], 0x110}}, 0x0) 2m59.143230727s ago: executing program 3 (id=206): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b705000008000000850000006900000095"], &(0x7f0000000600)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x2c, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x18) r2 = socket$inet_icmp(0x2, 0x2, 0x1) setsockopt$EBT_SO_SET_ENTRIES(r2, 0x0, 0x80, &(0x7f0000000200)=@nat={'nat\x00', 0x19, 0x0, 0xc0, [0x200000000140, 0x0, 0x0, 0x200000000170, 0x2000000001a0], 0x0, 0x0, &(0x7f0000000140)=ANY=[]}, 0x78) r3 = syz_open_dev$usbfs(&(0x7f0000000000), 0x1ff, 0x402) r4 = dup(r3) socket(0x1d, 0x2, 0x6) tee(r3, r4, 0x6, 0x2) bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x20, 0x4, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00", @ANYBLOB="00120b04d44971a04f55e9c798396979014ba025386ec9b8a22ac46fce699f0a7a87462f"], &(0x7f0000001b80)='syzkaller\x00', 0x3, 0x0, 0x0, 0x41000, 0x30, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ff9}, 0x94) prlimit64(0x0, 0x7, &(0x7f0000000140)={0xa, 0x5}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x8) getpid() mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, 0x0) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x4000) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f00000002c0)='workqueue_queue_work\x00', r4, 0x0, 0x6}, 0x18) r5 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r5, 0x8933, &(0x7f0000000100)={'team0\x00', 0x0}) sendmsg$nl_route(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="200000001100010100"/20, @ANYRES32=r6], 0x20}, 0x1, 0x0, 0x0, 0x80c5}, 0x0) ioctl$USBDEVFS_CONTROL(r4, 0xc0185500, &(0x7f0000000040)={0x23, 0x3, 0x5, 0xfff9, 0x0, 0x3ff, 0x0}) 2m57.753564885s ago: executing program 3 (id=217): bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0x4, &(0x7f0000000240)=ANY=[], &(0x7f0000001b80)='syzkaller\x00', 0x1, 0x0, 0x0, 0x41100, 0x44, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94) r0 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000002100)=ANY=[@ANYBLOB="0300000004000000040000000a"], 0x50) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000680)={0x6, 0x8, &(0x7f0000000540)=@framed={{0x18, 0x0, 0x0, 0x0, 0x88f8}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}}]}, &(0x7f0000000640)='syzkaller\x00', 0x7}, 0x94) 2m57.627677846s ago: executing program 3 (id=218): mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0) mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0) mount$bind(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000280)='./file0/file0\x00', 0x0, 0x1000, 0x0) mount$bind(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x80000, 0x0) mount$9p_unix(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x80000, 0x0) 2m57.48199483s ago: executing program 3 (id=221): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000240)=0x100000001, 0x59) connect$inet6(r0, &(0x7f0000000200)={0xa, 0x4e22, 0xb7, @ipv4={'\x00', '\xff\xff', @local}, 0x3}, 0x1c) bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[], 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000021007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r2}, 0x10) r3 = socket$vsock_stream(0x28, 0x1, 0x0) fgetxattr(r3, 0x0, 0x0, 0x0) setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000040), 0x1e) setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f00000000c0)=@gcm_128={{0x303}, "7cff0000080094cf", "c11d9a1e03550000000000000fd7aab9", ']G\x00', "5e33931677e0f2d7"}, 0x28) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x300000e, 0x20c44fb6edc09a38, 0xffffffffffffffff, 0x0) r4 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={0x0, r4, 0x0, 0xfff}, 0x18) mmap(&(0x7f0000000000/0x400000)=nil, 0x1400000, 0x0, 0xc3072, 0xffffffffffffffff, 0x0) socket$nl_route(0x10, 0x3, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) close(r0) 2m57.051318749s ago: executing program 3 (id=228): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$WG_CMD_SET_DEVICE(0xffffffffffffffff, 0x0, 0x42004) bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0xa, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800"], 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b80)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='kfree\x00', r2, 0x0, 0x4}, 0x18) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000900)=ANY=[@ANYBLOB="140000001000040000000000000000000000000a20000000000a05000000000000000000070000000900010073797a30000000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021940000000c0a01030000000000000000070000000900020073797a31000000000900010073797a3000000000680003806400dec6080003400000000258000b80200001800a00010071756f7461"], 0x118}}, 0x0) 2m56.61135863s ago: executing program 32 (id=228): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$WG_CMD_SET_DEVICE(0xffffffffffffffff, 0x0, 0x42004) bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0xa, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800"], 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b80)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='kfree\x00', r2, 0x0, 0x4}, 0x18) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000900)=ANY=[@ANYBLOB="140000001000040000000000000000000000000a20000000000a05000000000000000000070000000900010073797a30000000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021940000000c0a01030000000000000000070000000900020073797a31000000000900010073797a3000000000680003806400dec6080003400000000258000b80200001800a00010071756f7461"], 0x118}}, 0x0) 2m7.347528473s ago: executing program 2 (id=507): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x13, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000080000000000000000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d0000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r0}, 0x10) epoll_pwait2(0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0) 2m7.067244198s ago: executing program 2 (id=508): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0x2000000000000198, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000800000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x3, 0x0, 0x0, 0x41100, 0x9, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x1e}, 0x94) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x9, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r1}, 0x10) r2 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r3, 0x0, r4, 0x0, 0x7, 0x9) write$P9_RWRITE(r4, &(0x7f0000000040)={0xb}, 0x11000) 2m5.263861485s ago: executing program 2 (id=519): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f0000000000)=[{0x6, 0x85, 0x7, 0x7ffc0001}]}) setfsuid(0x0) 2m4.949994694s ago: executing program 2 (id=524): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000016c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x840e, &(0x7f0000000c80)={[{@noquota}, {@jqfmt_vfsold}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6a}}, {@auto_da_alloc}, {@bsdgroups}, {@quota}]}, 0x3, 0x43a, &(0x7f0000001100)="$eJzs28tvG1UXAPAzfrRfX19CVR59AIGCqHgkTVpKF2xAILEACQkWZRmStCp1G9QEiVYRBITKCqFK7BFLJP4CVrBBwAqJLexRpQpl08LKaOyZxHYcNzFOnOLfT5r23plr3XM8c+07c+MABtZI+k8SsTcifouIoXq1ucFI/b/bSwtTfy0tTCVRrb7xZ1Jrd2tpYSpvmr9uT14pRRQ+SeJwm37nrly9MFmpzFzO6mPzF98dm7ty9ZnzFyfPzZybuTRx+vTJE+PPnZp4tid5pnndOvTB7JGDr7x1/bWpM9ff/umbJM+/JY8eGel08PFqtcfd9de+hnJS6mMgbEixPkyjXBv/Q1GMlZM3FC9/3NfggE1VrVar9619eLEK/Icl0e8IgP7Iv+jT+99826Kpx7Zw84X6DVCa9+1sqx8pRSFrU265v+2lkYg4s/j3l+kWm/McAgCgyXfp/OfpdvO/QjQ+F/p/toYyHBH3RMT+iDgVEQci4t6IWtv7I+KBDfbfukiyev5TuNFVYuuUzv+ez9a2mud/+ewvhotZbV8t/3Jy9nxl5nj2nhyL8s60Pt6hj+9f+vXztY41zv/SLe0/nwtmcdwo7Wx+zfTk/GRziN27+VHEoVK7/JPllYAkIg5GxKEu+zj/5NdH1jp25/w76ME6U/WriCfq538xWvLPJZ3XJ8f+F5WZ42P5VbHaz79ce32t/v9V/j2Qnv/dba//5fyHk8b12rmN93Ht90/XvKfp9vrfkbzZtO/9yfn5y+MRO5JX60E37p9oaTex0j7N/9jR9uN/f6y8E4cjIr2IH4yIhyLi4Sz2RyLi0Yg42iH/H1987J3u899caf7TGzr/K4Ud0bqnfaF44Ydvmzod3kj+6fk/WSsdy/Ysf/51sJ64uruaAQAA4O5TiIi9kRRGl8uFwuho/W/4D8TuQmV2bv6ps7PvXZqu/0ZgOMqF/EnXUMPz0PHstj6vT7TUT2TPjb8o7qrVR6dmK9P9Th4G3J4otR3/qT+K/Y4O2HR+rwWDy/iHwWX8w+Ay/mFwtRn/u/oRB7D12n3/f9iHOICt1zL+LfvBAHH/D4PL+IfBZfzDQJrbFXf+kbyCwqpCFLZFGOssfFbeFmHcRYV+fzIBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD0xj8BAAD//3g65pw=") open(&(0x7f0000000680)='./bus\x00', 0x4001410c2, 0x2e) mount(&(0x7f00000004c0)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0) r0 = open(&(0x7f0000000300)='./file1\x00', 0x14927e, 0x0) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x40, 0x8005, 0x0, 0x0, 0xa, 0x4, "ef359f413bb93852f7d6a4ae6dddfbd1000000000000ff91031905b9aaaaf755a3f6a004000000000001000200", "036c47c6780820d1cbf733970000cf33768bbd9bffbcc2542ded71038259ca171ce1a310ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x204, 0xffffffffffffffff]}) write$binfmt_misc(r0, &(0x7f0000000340)="be", 0x1) 2m4.465999429s ago: executing program 2 (id=530): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r0, &(0x7f0000000240)={0x2, 0x0, @local}, 0x6f) connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10) sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x300) ioctl$FS_IOC_GETFSSYSFSPATH(0xffffffffffffffff, 0x80811501, 0x0) syz_clone(0x41000100, 0x0, 0x0, 0x0, 0x0, 0x0) syz_clone(0x42164000, 0x0, 0x0, 0x0, 0x0, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={0x0, 0xe4}, 0x1, 0x0, 0x0, 0x8001}, 0x20050840) openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)=@newlink={0x30, 0x10, 0x1, 0x70bd25, 0x25dfdbf9, {0x0, 0x0, 0x0, 0x0, 0x48815, 0x3}, [@IFLA_GROUP={0x8}, @IFLA_TXQLEN={0x8, 0xd, 0x3}]}, 0x30}, 0x1, 0x0, 0x0, 0x40801}, 0x4000000) 2m3.983212773s ago: executing program 2 (id=535): bpf$MAP_CREATE(0x0, 0x0, 0x48) syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000480)='./file1\x00', 0x0, &(0x7f0000000540), 0x1, 0x783, &(0x7f0000001000)="$eJzs3c9rHFUcAPDvbJKmSauJIGg9BQQNlG5Mja2Ch4oHESwU9Gy7bLahZpMt2U1pQg4tIngRVDwIeunZH/Xm1R9X/S88SEvVtFjxIJHZH+222U03bXY3kM8HXva9mdm89903P97sDDsB7FkT6Z9MxKGI+DiJGKtPTyJiqJobjDhRW+72+lo+TUlsbLz9Z1Jd5tb6Wj6a3pM6UC88HRE/fRBxOLO53vLK6nyuWCws1ctTlYXzU+WV1SPnFnJzhbnC4rHpmZmjx186fmznYv3719WD1z954/lvT/z7/lNXP/o5iRNxsD6vOY6dMhET9c9kKP0I7/H6TlfWZ0m/G8BDSTfNgdpWHodiLAaquTZGetkyAKBbNgCAPSgxBgCAPabxPcCt9bV8I/X3G4neuvFaROyvxd+4vlmbM1i/Zre/eh109FZyz5WRJCLGd6D+iYj48vt3v05T1PvBtTSgFy5djogz4xOb9//JpnsWtuuFrWZuDFdfJu6bvNeOP9BPP6Tjn5dbjf8yd8Y/0WL8M9xi230YD97+M9d2oJq20vHfq033tt1uir9ufKBeeqw65htKzp4rFtJ92+MRMRlDw2l5urpo65Hb5M3/brarv3n899en732V1p++3l0ic21w+N73zOYquUeNu+HG5YhnBlvFn9zp/6TN+PdUh3W8+cqHX7Sbl8afxttIm+Pvro0rEc+17P+7fZlseX/iVHV1mGqsFC1899vno+3qb+7/NKX1N84FeiHt/9Gt4x9Pmu/XLG+/jl+ujP3Ybt6D42+9/u9L3qnm99WnXcxVKkvTEfuStzZPP3r3vY1yY/k0/slnW2//tWpbr//pOeGZDuMfvP7HNw8ff3el8c9uq/+3n7l6e36gXf2d9f9MNTdZn9LJ/q/TBj7KZwcAAAAAAAAAAAAAAAAAAAAAAAAAncpExMFIMtk7+Uwmm609w/vJGM0US+XK4bOl5cXZqD4rezyGMo2fuhxr+j3U6frv4TfKR+8rvxgRT0TEZ8Mj1XI2XyrO9jt4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKg70Ob5/6nfh/vdOgCga/b3uwEAQM85/gPA3rO94/9I19oBAPSO838A2Hs6Pv6f6W47AIDecf4PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAl506eTJNG/+sr+XT8uyFleX50oUjs4XyfHZhOZ/Nl5bOZ+dKpbliIZsvLbT9R5dqL8VS6fxMLC5fnKoUypWp8srq6YXS8mLl9LmF3FzhdGGoZ5EBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQOfKK6vzuWKxsCSzZWZkdzRj12QGY1c0Q6Zrmea9xEj/dlAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAu9z/AQAA//+MoS4e") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) pwrite64(r0, &(0x7f0000000140)='2', 0x1, 0x8000c61) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) sendfile(r1, r1, 0x0, 0xe3aa6ea) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f00000002c0)='sched_switch\x00', r2}, 0x10) socket$nl_generic(0x10, 0x3, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0) memfd_create(0x0, 0x4) creat(&(0x7f00000003c0)='./file1\x00', 0x11) 2m3.536058755s ago: executing program 33 (id=535): bpf$MAP_CREATE(0x0, 0x0, 0x48) syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000480)='./file1\x00', 0x0, &(0x7f0000000540), 0x1, 0x783, &(0x7f0000001000)="$eJzs3c9rHFUcAPDvbJKmSauJIGg9BQQNlG5Mja2Ch4oHESwU9Gy7bLahZpMt2U1pQg4tIngRVDwIeunZH/Xm1R9X/S88SEvVtFjxIJHZH+222U03bXY3kM8HXva9mdm89903P97sDDsB7FkT6Z9MxKGI+DiJGKtPTyJiqJobjDhRW+72+lo+TUlsbLz9Z1Jd5tb6Wj6a3pM6UC88HRE/fRBxOLO53vLK6nyuWCws1ctTlYXzU+WV1SPnFnJzhbnC4rHpmZmjx186fmznYv3719WD1z954/lvT/z7/lNXP/o5iRNxsD6vOY6dMhET9c9kKP0I7/H6TlfWZ0m/G8BDSTfNgdpWHodiLAaquTZGetkyAKBbNgCAPSgxBgCAPabxPcCt9bV8I/X3G4neuvFaROyvxd+4vlmbM1i/Zre/eh109FZyz5WRJCLGd6D+iYj48vt3v05T1PvBtTSgFy5djogz4xOb9//JpnsWtuuFrWZuDFdfJu6bvNeOP9BPP6Tjn5dbjf8yd8Y/0WL8M9xi230YD97+M9d2oJq20vHfq033tt1uir9ufKBeeqw65htKzp4rFtJ92+MRMRlDw2l5urpo65Hb5M3/brarv3n899en732V1p++3l0ic21w+N73zOYquUeNu+HG5YhnBlvFn9zp/6TN+PdUh3W8+cqHX7Sbl8afxttIm+Pvro0rEc+17P+7fZlseX/iVHV1mGqsFC1899vno+3qb+7/NKX1N84FeiHt/9Gt4x9Pmu/XLG+/jl+ujP3Ybt6D42+9/u9L3qnm99WnXcxVKkvTEfuStzZPP3r3vY1yY/k0/slnW2//tWpbr//pOeGZDuMfvP7HNw8ff3el8c9uq/+3n7l6e36gXf2d9f9MNTdZn9LJ/q/TBj7KZwcAAAAAAAAAAAAAAAAAAAAAAAAAncpExMFIMtk7+Uwmm609w/vJGM0US+XK4bOl5cXZqD4rezyGMo2fuhxr+j3U6frv4TfKR+8rvxgRT0TEZ8Mj1XI2XyrO9jt4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKg70Ob5/6nfh/vdOgCga/b3uwEAQM85/gPA3rO94/9I19oBAPSO838A2Hs6Pv6f6W47AIDecf4PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAl506eTJNG/+sr+XT8uyFleX50oUjs4XyfHZhOZ/Nl5bOZ+dKpbliIZsvLbT9R5dqL8VS6fxMLC5fnKoUypWp8srq6YXS8mLl9LmF3FzhdGGoZ5EBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQOfKK6vzuWKxsCSzZWZkdzRj12QGY1c0Q6Zrmea9xEj/dlAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAu9z/AQAA//+MoS4e") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) pwrite64(r0, &(0x7f0000000140)='2', 0x1, 0x8000c61) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) sendfile(r1, r1, 0x0, 0xe3aa6ea) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f00000002c0)='sched_switch\x00', r2}, 0x10) socket$nl_generic(0x10, 0x3, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0) memfd_create(0x0, 0x4) creat(&(0x7f00000003c0)='./file1\x00', 0x11) 2.613817658s ago: executing program 0 (id=1512): getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f0000000280)={0x0, 0x10, &(0x7f0000000000)=[@in={0x2, 0x4e20, @rand_addr=0x64010101}]}, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000000)={0x2, &(0x7f0000000440)=[{0x20, 0x0, 0x0, 0xfffff00c}, {0x6, 0x0, 0xfe}]}, 0x10) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000540)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x3, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffe}, 0x94) r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000800)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48) 2.101783636s ago: executing program 1 (id=1514): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000600)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000340)) r0 = socket$inet6(0x10, 0x3, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000c40)={0x6, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000fdffffde18000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000380)='neigh_update\x00', r1}, 0x10) sendto$inet6(r0, &(0x7f00000000c0)="900000001c001f4d154a817393278bff0a80a578020000000104740014000100ac1414bb0542d6401051a2d708f37ac8da1a297e0099c5ac0000c5b068d0bf46d323456536016466fcb78dcaaf6c3efed495a46215be0000760700c0c80cefd28581d158ba86c9d2896c6d3bca2d0000000b0015009e49a6560641263da4de1df32c1739d7fbee9aa241731ae9e0b390", 0x90, 0x0, 0x0, 0x0) 1.700901413s ago: executing program 0 (id=1516): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="1b000000000000000000000000800000000008"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000010000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x18) r2 = socket$inet6_udp(0xa, 0x2, 0x0) mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x300000a, 0x12, r2, 0x852ac000) 1.155204813s ago: executing program 5 (id=1517): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000380)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f0000000280)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x1}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='GPL\x00', 0x6, 0x0, 0x0, 0x41000, 0x4, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x18) r2 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001100)=@newsa={0x194, 0x10, 0x1, 0x70bd2b, 0x0, {{@in6=@private1, @in=@private, 0x0, 0xecdf}, {@in=@broadcast, 0x0, 0x32}, @in6=@private1, {0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, {0x0, 0x400800}, {}, 0x0, 0x0, 0xa, 0x4, 0x0, 0x2c}, [@algo_crypt={0x58, 0x2, {{'cbc(aes)\x00'}, 0x80, "e0fad3f10cd3a506627800000000074f"}}, @algo_auth_trunc={0x4c, 0x14, {{'hmac(sha256)\x00'}, 0x0, 0x80}}]}, 0x194}}, 0x4050) 1.061832332s ago: executing program 4 (id=1518): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014fa0000b7030000000008008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000020000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2c, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) creat(&(0x7f0000000140)='./file0\x00', 0x1) mount$9p_rdma(&(0x7f0000000340), &(0x7f0000000380)='./file0\x00', &(0x7f00000003c0), 0x80, &(0x7f0000000580)={'trans=rdma,', {'port', 0x3d, 0x4e23}}) 945.428753ms ago: executing program 4 (id=1519): bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x9, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f00000018010000646c012500000000000000007b1af8ff00000000bfa10000000000000701"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="1802000000000000000000000000020085000000a800000095"], 0x0}, 0x90) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1f, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_BIND_MAP(0xa, &(0x7f00000004c0)={r0}, 0xc) 924.193564ms ago: executing program 1 (id=1520): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x1e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) socket(0x2a, 0x2, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f0000000340)={'netdevsim0\x00', &(0x7f0000000700)=@ethtool_flash={0x33, 0xea6, '.\x00'}}) 849.924411ms ago: executing program 5 (id=1521): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f0000000000)=[{0x6, 0x5, 0x7, 0x7ffc0001}]}) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000009c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020148100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x18) sysinfo(&(0x7f0000000f80)=""/4096) 739.167901ms ago: executing program 5 (id=1522): r0 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000660000000000"], 0x0, 0x7ff, 0x0, 0x0, 0x41100}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x18) write$binfmt_register(r0, &(0x7f0000000040)={0x3a, 'syz2', 0x3a, 'E', 0x3a, 0x7, 0x3a, ')', 0x3a, '', 0x3a, './file0', 0x3a, [0x46]}, 0x29) 724.375003ms ago: executing program 4 (id=1523): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x9, 0x4, 0x1, 0x4}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="60000000010101020000000000000040000000000c0019800800020005000000"], 0x60}}, 0x0) 608.471193ms ago: executing program 0 (id=1524): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020148100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) r1 = memfd_secret(0x80000) fcntl$setlease(r1, 0x400, 0x0) close(r1) 533.73976ms ago: executing program 4 (id=1525): r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002) ioctl$SG_IO(r0, 0x2285, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) write$sndseq(r1, &(0x7f0000000180)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @quote}], 0x38) write$sndseq(r1, &(0x7f0000000200)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0x0, 0x0}}, {0x0, 0x0, 0x0, 0x20, @time, {}, {}, @time=@time}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @control}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @connect}, {0x0, 0x0, 0x0, 0x0, @time, {0xfc}, {}, @raw8={"448cc880fe353ca0f2c2e953"}}, {0x0, 0x0, 0x0, 0x0, @time, {0xfd}, {}, @connect}], 0xc4) write$sndseq(r1, &(0x7f0000000640)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {0x8}, @ext={0x0, 0x0}}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @addr}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @connect}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @raw32}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @connect}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @control={0x6, 0x7fff, 0x8}}, {0x0, 0x0, 0x0, 0x0, @time={0xffffff81}, {}, {}, @time=@time}], 0xc4) write$sndseq(r1, &(0x7f0000002840)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @control}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @addr}], 0x54) write$sndseq(r1, &(0x7f0000000300)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @result}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @queue}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x0, 0x0}}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @time}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @connect}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @control}], 0xc4) write$sndseq(r1, &(0x7f0000000a40)=[{0x0, 0x0, 0x0, 0x0, @tick=0x8}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @quote}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @queue}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @queue}], 0x8c) write$sndseq(r1, &(0x7f0000000f80)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @queue}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @quote}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @quote}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @addr}, {}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @quote}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @quote}], 0xc4) write$sndseq(r1, &(0x7f0000000740)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @time=@time}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @queue}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32}, {}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @result}], 0x8c) 432.8229ms ago: executing program 5 (id=1526): r0 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) sendto$inet6(r0, 0x0, 0x0, 0x2409c8c1, &(0x7f0000000e40)={0xa, 0x4e20, 0x3, @empty, 0x2000}, 0x1c) sendto$inet6(r0, &(0x7f0000000e80)="0d0ad7c36d6617110e434332d6ac582208222cfb7c37ce1148f448455bc37f5f70c92774dcb201629979039d7c8943b207e5bdf9ab8eed9ace110469c51f4f211dd9fad815eb5b273ac04e1edc679bcdf0a0d24482de5454be9003cb80714a95e136bb704ee58e707d1e69b3c3a1c2c37f9c0402e14abdeb32086a49aff25e5c0f0131d59b4783316b9fa2c71c51ce76942d5f519145c9e3bf0d4182b4a62970b2ce81d35a7afc8384b387b8e21f2051d90d92323a710cabe5275d335b64453e75", 0xc1, 0x6d91fb6102d8910c, 0x0, 0x0) sendmmsg$inet6(r0, &(0x7f0000001980)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40000000) recvmmsg(r0, &(0x7f0000000bc0)=[{{0x0, 0x0, &(0x7f0000000080)=[{0x0}, {&(0x7f0000002a80)=""/4096, 0x1000}], 0x2}, 0xacf}], 0x1, 0x0, 0x0) 365.874146ms ago: executing program 1 (id=1527): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r0 = add_key$fscrypt_v1(&(0x7f0000002a00), &(0x7f0000000080)={'fscrypt:', @desc2}, &(0x7f00000007c0)={0x0, "f1a1173fb9462d3589e67197f90be6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0982f8938caa00", 0x28}, 0x48, 0xffffffffffffffff) r1 = add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f0000000080)={'fscrypt:', @desc2}, &(0x7f00000000c0)={0x0, "f1a1173fb9462d3589e67197f90be6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0982f8938caa52dd8d39af14c31ed56ad59300"}, 0x52ba, 0xffffffffffffffff) r2 = add_key$fscrypt_v1(&(0x7f0000000400), &(0x7f0000000440)={'fscrypt:', @desc1}, &(0x7f0000000480)={0x0, "6075ae1e0fe721441705322225930e6c1e3e2a51a92fd796bc34d7cf6e0236805b4377f7ab1a9b01c103a4c6a7ef54e6763fd7264c39ea00c508ba6062696138"}, 0x48, 0xfffffffffffffffe) keyctl$KEYCTL_MOVE(0x4, r2, r1, r1, 0x0) keyctl$KEYCTL_MOVE(0x4, r0, r0, 0x0, 0x0) 365.629316ms ago: executing program 0 (id=1528): r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000014c0)={0x2, 0x0, &(0x7f0000000180)={&(0x7f0000000400)={0x2, 0x18, 0x3, 0x0, 0x7, 0x0, 0x0, 0x0, [@sadb_address={0x5, 0x7, 0x6c, 0x0, 0x0, @in6={0xa, 0x4e20, 0x3, @dev={0xfe, 0x80, '\x00', 0xc}, 0x431b}}]}, 0x38}}, 0x0) 365.199876ms ago: executing program 4 (id=1529): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2}) r1 = socket(0x400000000010, 0x3, 0x0) r2 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}}, 0x80) r4 = socket$nl_route(0x10, 0x3, 0x0) r5 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r4, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000140)=@newqdisc={0x38, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xfffffdfc, {0x0, 0x0, 0x0, r6, {}, {0x5}, {0xfff2, 0x9}}, [@qdisc_kind_options=@q_hhf={{0x8}, {0xc, 0x2, [@TCA_HHF_BACKLOG_LIMIT={0x8, 0x1, 0x80000001}]}}]}, 0x38}, 0x1, 0x0, 0x0, 0x40098}, 0x4000000) 291.651273ms ago: executing program 1 (id=1530): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x1d, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1, 0x0, 0x40000000000000}, 0x18) symlinkat(&(0x7f0000002040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00') rmdir(&(0x7f0000004040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00') 265.825845ms ago: executing program 5 (id=1531): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x41100}, 0x94) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000004c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10) r2 = socket$kcm(0x2, 0x3, 0x2) sendmsg$inet(r2, &(0x7f0000000100)={&(0x7f00000004c0)={0x2, 0x0, @multicast2}, 0x10, 0x0, 0x0, &(0x7f0000003a00)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0x2a}, @multicast1}}}], 0x20}, 0x4) 197.768482ms ago: executing program 0 (id=1532): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0x7, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f00000005c0)='kmem_cache_free\x00', r1}, 0x10) r2 = mq_open(&(0x7f0000000080)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xb8\x93\xc3C\xae\x9dc\xd1T\xdd\x14\xd3\xe1\xbe_$A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\v\x01\xbe\xeb\xbb\x91\x11z\xc2|d\x1b\x04\xd2\xf9yx\xb2\x1b\bLTrw\x88\x9e0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\xcf\xbf\xf5\x80a%\xdcQ\xb3CuT\xcc7\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1J\xec\x926\xb5a0\xa0B\xae|', 0x42, 0x0, 0x0) mq_timedsend(r2, 0x0, 0x0, 0x9, 0x0) mq_timedreceive(r2, &(0x7f0000004600)=""/102381, 0xfffffceb, 0x0, 0x0) 157.450165ms ago: executing program 1 (id=1533): bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r0}, 0x18) r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0) fcntl$setlease(r1, 0x400, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2740, 0x4) 126.368618ms ago: executing program 4 (id=1534): bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_tracing={0x1a, 0xa, &(0x7f0000000940)=@framed={{0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x1}, [@map_idx={0x18, 0x4, 0x5, 0x0, 0x9}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x2}, @ringbuf_query]}, 0x0, 0x2, 0x0, 0x0, 0x40f00, 0x7, '\x00', 0x0, 0x19, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xf475, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x40000000}, 0x94) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) sendmsg$NFT_BATCH(r1, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000380)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSET={0x44, 0x9, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x2}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ID={0x8}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x4}]}, @NFT_MSG_NEWSETELEM={0x40, 0xc, 0xa, 0x5, 0x0, 0x0, {0xa, 0x0, 0x6}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x14, 0x3, 0x0, 0x1, [{0x10, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0xc, 0x1, 0x0, 0x1, [@NFTA_DATA_VALUE={0x6, 0x1, "d103"}]}]}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0xac}, 0x1, 0x0, 0x0, 0x4000850}, 0x40) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_MSG_GETSETELEM(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000880)={0x40, 0xd, 0xa, 0x801, 0x0, 0x0, {0xa, 0x0, 0x1}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x14, 0x3, 0x0, 0x1, [{0x10, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0xc, 0x1, 0x0, 0x1, [@NFTA_DATA_VALUE={0x6, 0x1, "ffd7"}]}]}]}]}, 0x40}, 0x1, 0x0, 0x0, 0x4000805}, 0x8000) mmap(&(0x7f0000000000/0x2000)=nil, 0x30000, 0x2, 0x11, r0, 0x0) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000002c0000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x62, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r4}, 0x10) r5 = io_uring_setup(0xaae, &(0x7f0000000080)={0x0, 0xffffeffa, 0x800, 0x7, 0x2}) io_uring_register$IORING_REGISTER_BUFFERS(r5, 0x0, &(0x7f0000000300)=[{&(0x7f0000007900)=""/4095, 0xfff}], 0x1) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000001780)={&(0x7f00000003c0)=@caif, 0x80, 0x0}, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00'}, 0x10) syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800700, &(0x7f00000007c0)={[{@nodioread_nolock}, {@errors_remount}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5a}}, {@nouid32}, {@resgid}, {@acl}, {@init_itable_val={'init_itable', 0x3d, 0x3}}]}, 0x1, 0x46f, &(0x7f0000000bc0)="$eJzs281rHOUfAPDvTF7a/vqS/Gp9aa0aLUJQTJq0ag9eFAWRioIe6jEm2xK6baSJYmuxqYgnQQp6Fo+if4E3EUQ9CV49eZJC0V7aeorM7Ey62WYTazaZ2P18YLPPM/PszvebeXv2eXYD6FpD2Z8kYkdE/BoRA43q0gZDjafrV89P3rh6fjKJhYXX/kjydteunp8sm5av215UhtOI9MOk2MhSs2fPnZyo12tnivro3Km3RmfPnnvinVMTJ2onaqfHjxw5fGjs6afGn+xInlle1/a9P7N/74tvXHp58tilN3/8Oot3R7G+OY9OGcoS/3Mh17ru0U5vrGI7m8pJb4WBcFt6IiLbXX35+T8QPXFz5w3ECx9UGhywrrJ705b2q+cXgDtYElVHAFSjvNFnn3/LxwZ1PTaFK882PgBleV8vHo01vZEWbfpaPt920lBEHJv/6/PsEes0DgEA0Ozjyc+O9kfEeze+einrewwsrknjnvz5t/zvrmIOZTAi/h8RuyPirojYExF3R+Rt742I+9YYz639n/TyGt9yRVn/75libmtp/6/s/cVgT1HbmefflxyfrtcOFv+T4ejbktXHVtjGt8//8km7dc39v+yRbb/sCxZxXO5tGaCbmpibyDulHXDlYsS+3uXyTxZnApKI2BsR+27vrXeVhenHvtzfrtHq+a+gA/NMC19k6c1n+c9HS/6lpHl+cvqW+cnRrVGvHRwtj4pb/fTzR6+22/6a8u+AK7XGc9P+b20ymDTP1852dvv/8vhP+5PX83nm/mLZuxNzc2fGIvqTo3l9yfLxm68t62X77PgfPrD8+b+7eE2W//0RkR3ED0TEgxHxUBH7wxHxSEQcWCHHH55bPf9IK9r/FyOmlr3+LR7/Lfv/9gs9J7//pt32/9n+P5yXhosl+fVvFcuFk10uWgNcy/8OAAAA/ivS/DvwSTqyWE7TkZHGd/j3xP/S+szs3OPHZ94+PdX4rvxg9KXlSNdAMR5an67XxpL54h0b46PjxVhxOV56qBg3/rRnW14fmZypT1WcO3S77W3O/8zvPVVHB6yzbcsuHe/f8ECACrTOo6dLqxdeCRcDuFP5vTZ0r1XO/3Sj4gA2nvs/dK/lzv8LLXVzAXBncv+H7uX8hy6Vfld1BECF3P+hK63ld/3rWNi6OcKoprBZd0peiCgL6aaIR2GdClVfmQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADrj7wAAAP//KFzmgQ==") 41.872366ms ago: executing program 5 (id=1535): bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x50) bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, 0x0, &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={0x0, r0}, 0x18) unshare(0x22020400) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r1 = socket$qrtr(0x2a, 0x2, 0x0) connect$qrtr(r1, 0x0, 0x0) sendmsg$unix(0xffffffffffffffff, 0x0, 0x20000841) r2 = socket(0x1e, 0x1, 0x0) connect$tipc(r2, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$TIPC_CMD_SHOW_PORTS(r3, 0x0, 0x0) bind$qrtr(r1, 0x0, 0x0) 16.886569ms ago: executing program 1 (id=1536): bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000008b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1}, 0x48) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r1}, 0x10) bpf$MAP_CREATE(0x300000000000000, &(0x7f0000000100)=@base={0x18, 0x4, 0x41, 0x0, 0x1, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x4002, 0x5}, 0x48) r2 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0) fcntl$notify(r2, 0x402, 0x8000001f) open(&(0x7f0000000280)='.\x00', 0x0, 0x0) timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=0x0) fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x47f2, 0x1}) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) timer_settime(r3, 0x1, &(0x7f0000000040)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x2) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x275a, 0x0) ioctl$EXT4_IOC_GETFSUUID(0xffffffffffffffff, 0x8008662c, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) fcntl$lock(r4, 0x6, &(0x7f0000000000)={0x0, 0x0, 0x8}) fcntl$lock(r4, 0x26, &(0x7f0000000080)={0x1, 0x0, 0x2007, 0x1fd}) fcntl$lock(r4, 0x7, &(0x7f0000000140)={0x1, 0x1, 0x7, 0x90}) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00'}, 0x10) 0s ago: executing program 0 (id=1537): r0 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x89a0, &(0x7f0000000040)={'syzkaller0\x00'}) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'syzkaller0\x00', 0x0}) setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000100)={r1, 0x2, 0x6}, 0x10) setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000000)={r1, 0x1, 0x6, @multicast}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x80, 0x4, 0x28}, 0x50) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r2 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r2, 0x89a1, &(0x7f0000000040)={'syzkaller0\x00'}) kernel console output (not intermixed with test programs): op1: detected capacity change from 0 to 128 [ 208.346004][ T27] kauditd_printk_skb: 59 callbacks suppressed [ 208.346022][ T27] audit: type=1326 audit(208.283:1455): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8135 comm="syz.4.748" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff81638f749 code=0x7ffc0000 [ 208.436815][ T27] audit: type=1326 audit(208.283:1456): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8135 comm="syz.4.748" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff81638f749 code=0x7ffc0000 [ 208.522748][ T27] audit: type=1326 audit(208.333:1457): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8135 comm="syz.4.748" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff81638f749 code=0x7ffc0000 [ 208.612230][ T27] audit: type=1326 audit(208.333:1458): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8135 comm="syz.4.748" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff81638f749 code=0x7ffc0000 [ 208.635451][ T27] audit: type=1326 audit(208.333:1459): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8135 comm="syz.4.748" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff81638f749 code=0x7ffc0000 [ 208.669204][ T27] audit: type=1326 audit(208.333:1460): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8135 comm="syz.4.748" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff81638f749 code=0x7ffc0000 [ 208.704376][ T27] audit: type=1326 audit(208.333:1461): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8135 comm="syz.4.748" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff81638f749 code=0x7ffc0000 [ 208.742071][ T27] audit: type=1326 audit(208.333:1462): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8135 comm="syz.4.748" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff81638f749 code=0x7ffc0000 [ 208.797390][ T27] audit: type=1326 audit(208.333:1463): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8135 comm="syz.4.748" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff81638f749 code=0x7ffc0000 [ 208.822631][ T8145] loop1: detected capacity change from 0 to 1024 [ 208.870331][ T8145] EXT4-fs: Ignoring removed orlov option [ 208.876326][ T27] audit: type=1326 audit(208.333:1464): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8135 comm="syz.4.748" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff81638f749 code=0x7ffc0000 [ 208.951549][ T8145] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 209.044468][ T8139] team0 (unregistering): Port device team_slave_0 removed [ 209.084241][ T8139] team0 (unregistering): Port device team_slave_1 removed [ 209.102021][ T8156] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6) [ 209.109113][ T8156] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 209.151901][ T8156] vhci_hcd vhci_hcd.0: Device attached [ 209.308197][ T8164] pimreg3: entered allmulticast mode [ 209.376587][ T23] vhci_hcd: vhci_device speed not set [ 209.404286][ T8164] loop5: detected capacity change from 0 to 512 [ 209.433402][ T8157] vhci_hcd: connection closed [ 209.454024][ T1123] vhci_hcd: stop threads [ 209.465318][ T1123] vhci_hcd: release socket [ 209.467537][ T23] usb 35-1: new full-speed USB device number 2 using vhci_hcd [ 209.473002][ T1123] vhci_hcd: disconnect device [ 209.489176][ T23] usb 35-1: enqueue for inactive port 0 [ 209.576931][ T23] vhci_hcd: vhci_device speed not set [ 209.631227][ T8175] netlink: 40 bytes leftover after parsing attributes in process `syz.4.761'. [ 209.654365][ T8175] ip6gre1: entered promiscuous mode [ 209.660475][ T8175] ip6gre1: entered allmulticast mode [ 210.014870][ T8190] warn_alloc: 5 callbacks suppressed [ 210.014889][ T8190] syz.0.768: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz0,mems_allowed=0-1 [ 210.084578][ T5770] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 210.097941][ T8190] CPU: 1 PID: 8190 Comm: syz.0.768 Not tainted syzkaller #0 [ 210.105310][ T8190] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 210.115431][ T8190] Call Trace: [ 210.115503][ T8190] [ 210.115514][ T8190] dump_stack_lvl+0x16c/0x230 [ 210.115558][ T8190] ? show_regs_print_info+0x20/0x20 [ 210.115593][ T8190] ? load_image+0x3b0/0x3b0 [ 210.115626][ T8190] ? cpuset_print_current_mems_allowed+0x1f/0x360 [ 210.115653][ T8190] ? cpuset_print_current_mems_allowed+0x2e3/0x360 [ 210.115682][ T8190] warn_alloc+0x210/0x300 [ 210.115714][ T8190] ? stack_trace_save+0x9c/0xe0 [ 210.115742][ T8190] ? zone_watermark_ok_safe+0x230/0x230 [ 210.115782][ T8190] ? kasan_set_track+0x5f/0x70 [ 210.115810][ T8190] ? kasan_set_track+0x4e/0x70 [ 210.115830][ T8190] ? __kasan_kmalloc+0x8f/0xa0 [ 210.115852][ T8190] ? xsk_init_queue+0xb0/0x110 [ 210.115878][ T8190] ? xsk_setsockopt+0x43c/0x6f0 [ 210.115904][ T8190] ? do_sock_setsockopt+0x175/0x1a0 [ 210.115924][ T8190] ? __x64_sys_setsockopt+0x184/0x200 [ 210.199172][ T8190] __vmalloc_node_range+0x126/0x1320 [ 210.199243][ T8190] ? free_vm_area+0x50/0x50 [ 210.199282][ T8190] vmalloc_user+0x74/0x80 [ 210.199309][ T8190] ? xskq_create+0xbf/0x170 [ 210.199338][ T8190] xskq_create+0xbf/0x170 [ 210.199369][ T8190] xsk_init_queue+0xb0/0x110 [ 210.199402][ T8190] xsk_setsockopt+0x43c/0x6f0 [ 210.199435][ T8190] ? xsk_poll+0x670/0x670 [ 210.199466][ T8190] ? __fget_files+0x28/0x4d0 [ 210.199507][ T8190] ? bpf_lsm_socket_setsockopt+0x9/0x10 [ 210.199532][ T8190] ? security_socket_setsockopt+0x7e/0xa0 [ 210.199554][ T8190] ? xsk_poll+0x670/0x670 [ 210.199583][ T8190] do_sock_setsockopt+0x175/0x1a0 [ 210.199607][ T8190] ? __fdget+0x180/0x210 [ 210.199636][ T8190] __x64_sys_setsockopt+0x184/0x200 [ 210.199665][ T8190] do_syscall_64+0x55/0xb0 [ 210.199684][ T8190] ? clear_bhb_loop+0x40/0x90 [ 210.199707][ T8190] ? clear_bhb_loop+0x40/0x90 [ 210.199733][ T8190] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 210.199757][ T8190] RIP: 0033:0x7f6435f8f749 [ 210.199774][ T8190] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 210.199799][ T8190] RSP: 002b:00007f64341f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 210.199822][ T8190] RAX: ffffffffffffffda RBX: 00007f64361e5fa0 RCX: 00007f6435f8f749 [ 210.199838][ T8190] RDX: 0000000000000006 RSI: 000000000000011b RDI: 0000000000000003 [ 210.199850][ T8190] RBP: 00007f6436013f91 R08: 0000000000000004 R09: 0000000000000000 [ 210.199863][ T8190] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000 [ 210.199876][ T8190] R13: 00007f64361e6038 R14: 00007f64361e5fa0 R15: 00007ffef3043158 [ 210.199907][ T8190] [ 210.327055][ T8190] Mem-Info: [ 210.327072][ T8190] active_anon:4780 inactive_anon:0 isolated_anon:0 [ 210.327072][ T8190] active_file:10758 inactive_file:39967 isolated_file:0 [ 210.327072][ T8190] unevictable:768 dirty:61 writeback:0 [ 210.327072][ T8190] slab_reclaimable:10824 slab_unreclaimable:94239 [ 210.327072][ T8190] mapped:24948 shmem:1377 pagetables:606 [ 210.327072][ T8190] sec_pagetables:0 bounce:0 [ 210.327072][ T8190] kernel_misc_reclaimable:0 [ 210.327072][ T8190] free:1354660 free_pcp:9253 free_cma:0 [ 210.327132][ T8190] Node 0 active_anon:19120kB inactive_anon:0kB active_file:43032kB inactive_file:159664kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:99792kB dirty:240kB writeback:0kB shmem:3972kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11404kB pagetables:2424kB sec_pagetables:0kB all_unreclaimable? no [ 210.327188][ T8190] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no [ 210.327241][ T8190] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 210.327302][ T8190] lowmem_reserve[]: 0 2525 2526 2526 2526 [ 210.327353][ T8190] Node 0 DMA32 free:1507100kB boost:0kB min:34676kB low:43344kB high:52012kB reserved_highatomic:0KB active_anon:19072kB inactive_anon:0kB active_file:43032kB inactive_file:158348kB unevictable:1536kB writepending:240kB present:3129332kB managed:2589640kB mlocked:0kB bounce:0kB free_pcp:16428kB local_pcp:12860kB free_cma:0kB [ 210.327414][ T8190] lowmem_reserve[]: 0 0 1 1 1 [ 210.327461][ T8190] Node 0 Normal free:16kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB active_anon:48kB inactive_anon:0kB active_file:0kB inactive_file:1316kB unevictable:0kB writepending:0kB present:1048576kB managed:1384kB mlocked:0kB bounce:0kB free_pcp:4kB local_pcp:4kB free_cma:0kB [ 210.327524][ T8190] lowmem_reserve[]: 0 0 0 0 0 [ 210.327572][ T8190] Node 1 Normal free:3896164kB boost:0kB min:55208kB low:69008kB high:82808kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB writepending:4kB present:4194304kB managed:4117312kB mlocked:0kB bounce:0kB free_pcp:20576kB local_pcp:14432kB free_cma:0kB [ 210.327633][ T8190] lowmem_reserve[]: 0 0 0 0 0 [ 210.327679][ T8190] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 210.327835][ T8190] Node 0 DMA32: 2789*4kB (UM) 2601*8kB (UME) 1534*16kB (UME) 1533*32kB (UME) 1180*64kB (UME) 723*128kB (UME) 416*256kB (UME) 253*512kB (UM) 178*1024kB (UM) 8*2048kB (UM) 195*4096kB (UM) = 1507036kB [ 210.328045][ T8190] Node 0 Normal: 0*4kB 0*8kB 1*16kB (M) 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 16kB [ 210.328181][ T8190] Node 1 Normal: 235*4kB (UME) 55*8kB (UME) 38*16kB (UME) 107*32kB (UME) 31*64kB (UME) 9*128kB (UME) 2*256kB (UM) 2*512kB (UE) 1*1024kB (U) 1*2048kB (E) 948*4096kB (M) = 3896164kB [ 210.328386][ T8190] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 210.328404][ T8190] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB [ 210.328422][ T8190] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 210.328439][ T8190] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 210.328456][ T8190] 52097 total pagecache pages [ 210.328464][ T8190] 0 pages in swap cache [ 210.328473][ T8190] Free swap = 124984kB [ 210.328481][ T8190] Total swap = 124996kB [ 210.328490][ T8190] 2097051 pages RAM [ 210.328499][ T8190] 0 pages HighMem/MovableOnly [ 210.328507][ T8190] 416127 pages reserved [ 210.328515][ T8190] 0 pages cma reserved [ 210.646284][ T8196] loop5: detected capacity change from 0 to 8192 [ 210.678007][ T8196] FAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 211.785759][ T8208] netlink: 12 bytes leftover after parsing attributes in process `syz.5.776'. [ 211.880787][ T8218] loop0: detected capacity change from 0 to 512 [ 211.898720][ T8208] : entered promiscuous mode [ 211.911142][ T8218] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 211.926789][ T5778] Bluetooth: hci3: command 0x0406 tx timeout [ 211.965643][ T8218] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a80ec01c, mo2=0003] [ 211.984234][ T8218] System zones: 1-2, 4-12, 8-8 [ 211.993650][ T8218] EXT4-fs error (device loop0): ext4_orphan_get:1399: inode #15: comm syz.0.780: iget: bad i_size value: 38620345925642 [ 212.017259][ T8218] EXT4-fs error (device loop0): ext4_orphan_get:1404: comm syz.0.780: couldn't read orphan inode 15 (err -117) [ 212.045292][ T8222] loop1: detected capacity change from 0 to 512 [ 212.055160][ T8218] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 212.127571][ T8222] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 212.234432][ T8222] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 212.247857][ T8224] EXT4-fs error (device loop0): ext4_validate_block_bitmap:430: comm syz.0.780: bg 0: block 5: invalid block bitmap [ 212.263023][ T8229] loop5: detected capacity change from 0 to 128 [ 212.282556][ T8224] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 504 with error 28 [ 212.311787][ T8224] EXT4-fs (loop0): This should not happen!! Data will be lost [ 212.311787][ T8224] [ 212.323204][ T8224] EXT4-fs (loop0): Total free blocks count 0 [ 212.329577][ T8224] EXT4-fs (loop0): Free/Dirty block details [ 212.335655][ T8224] EXT4-fs (loop0): free_blocks=0 [ 212.340737][ T8224] EXT4-fs (loop0): dirty_blocks=504 [ 212.346175][ T8224] EXT4-fs (loop0): Block reservation details [ 212.352260][ T8224] EXT4-fs (loop0): i_reserved_data_blocks=504 [ 212.573114][ T5783] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 212.863542][ T8243] netlink: 16 bytes leftover after parsing attributes in process `syz.4.787'. [ 213.148213][ T8253] netlink: 28 bytes leftover after parsing attributes in process `syz.4.792'. [ 213.166909][ T8253] netem: change failed [ 213.237000][ T8247] loop0: detected capacity change from 0 to 8192 [ 213.287346][ T8247] syz.0.788: attempt to access beyond end of device [ 213.287346][ T8247] loop0: rw=0, sector=57847, nr_sectors = 1 limit=8192 [ 213.312674][ T8247] Buffer I/O error on dev loop0, logical block 57847, async page read [ 213.328065][ T8247] syz.0.788: attempt to access beyond end of device [ 213.328065][ T8247] loop0: rw=0, sector=57847, nr_sectors = 1 limit=8192 [ 213.350576][ T8247] Buffer I/O error on dev loop0, logical block 57847, async page read [ 213.374888][ T8257] loop4: detected capacity change from 0 to 512 [ 213.385469][ T8258] syz.0.788: attempt to access beyond end of device [ 213.385469][ T8258] loop0: rw=0, sector=57847, nr_sectors = 1 limit=8192 [ 213.407322][ T8257] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 213.422608][ T8258] Buffer I/O error on dev loop0, logical block 57847, async page read [ 213.445777][ T8257] EXT4-fs (loop4): 1 truncate cleaned up [ 213.452757][ T8247] syz.0.788: attempt to access beyond end of device [ 213.452757][ T8247] loop0: rw=0, sector=57847, nr_sectors = 1 limit=8192 [ 213.466412][ T8247] Buffer I/O error on dev loop0, logical block 57847, async page read [ 213.474942][ T8247] syz.0.788: attempt to access beyond end of device [ 213.474942][ T8247] loop0: rw=0, sector=57847, nr_sectors = 1 limit=8192 [ 213.476585][ T8257] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 213.489260][ T8247] Buffer I/O error on dev loop0, logical block 57847, async page read [ 213.510251][ T8247] syz.0.788: attempt to access beyond end of device [ 213.510251][ T8247] loop0: rw=0, sector=57847, nr_sectors = 1 limit=8192 [ 213.529157][ T8247] Buffer I/O error on dev loop0, logical block 57847, async page read [ 213.537767][ T8258] syz.0.788: attempt to access beyond end of device [ 213.537767][ T8258] loop0: rw=0, sector=57847, nr_sectors = 1 limit=8192 [ 213.552165][ T27] kauditd_printk_skb: 180 callbacks suppressed [ 213.552179][ T27] audit: type=1800 audit(213.513:1645): pid=8257 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.794" name="file1" dev="loop4" ino=15 res=0 errno=0 [ 213.596798][ T8258] Buffer I/O error on dev loop0, logical block 57847, async page read [ 213.632498][ T8257] kernel read not supported for file /!selinuxwk1m9ɞ*T#jYmVvm(p-QZ#{ (pid: 8257 comm: syz.4.794) [ 213.687144][ T1300] tipc: Subscription rejected, illegal request [ 213.821990][ T6485] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 214.302780][ T8278] loop4: detected capacity change from 0 to 8192 [ 214.405843][ T8278] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 214.423852][ T27] audit: type=1800 audit(214.373:1646): pid=8278 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.801" name="file1" dev="loop4" ino=1048611 res=0 errno=0 [ 214.448631][ T8278] netlink: 'syz.4.801': attribute type 29 has an invalid length. [ 214.469483][ T8278] netlink: 'syz.4.801': attribute type 29 has an invalid length. [ 214.509528][ T8278] netlink: 596 bytes leftover after parsing attributes in process `syz.4.801'. [ 215.233494][ T8296] loop5: detected capacity change from 0 to 512 [ 215.266200][ T8296] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 215.277243][ T27] audit: type=1326 audit(215.223:1647): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8297 comm="syz.4.810" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff81638f749 code=0x7ffc0000 [ 215.331176][ T27] audit: type=1326 audit(215.253:1648): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8297 comm="syz.4.810" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff81638f749 code=0x7ffc0000 [ 215.365952][ T8296] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 215.385947][ T27] audit: type=1326 audit(215.263:1649): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8297 comm="syz.4.810" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff81638f749 code=0x7ffc0000 [ 215.408012][ T27] audit: type=1326 audit(215.263:1650): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8297 comm="syz.4.810" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff81638f749 code=0x7ffc0000 [ 215.429958][ T27] audit: type=1326 audit(215.263:1651): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8297 comm="syz.4.810" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff81638f749 code=0x7ffc0000 [ 215.453587][ T27] audit: type=1326 audit(215.263:1652): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8297 comm="syz.4.810" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff81638f749 code=0x7ffc0000 [ 215.475503][ T27] audit: type=1326 audit(215.263:1653): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8297 comm="syz.4.810" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff81638f749 code=0x7ffc0000 [ 215.499631][ T27] audit: type=1326 audit(215.263:1654): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8297 comm="syz.4.810" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff81638f749 code=0x7ffc0000 [ 215.749054][ T8305] netlink: 4 bytes leftover after parsing attributes in process `syz.4.811'. [ 215.788813][ T8305] netlink: 12 bytes leftover after parsing attributes in process `syz.4.811'. [ 216.111611][ T7582] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 216.297553][ T8309] loop5: detected capacity change from 0 to 2048 [ 216.320215][ T8309] EXT4-fs: Ignoring removed nobh option [ 216.362309][ T8309] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 216.406283][ T8317] loop4: detected capacity change from 0 to 128 [ 216.418904][ T8317] FAT-fs (loop4): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1) [ 216.549713][ T8320] EXT4-fs error (device loop5): ext4_validate_block_bitmap:439: comm syz.5.813: bg 0: block 345: padding at end of block bitmap is not set [ 216.575819][ T3438] FAT-fs (loop4): error, invalid FAT chain (i_pos 548, last_block 8) [ 216.592644][ T8320] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 396 with error 117 [ 216.622476][ T3438] FAT-fs (loop4): Filesystem has been set read-only [ 216.638376][ T3438] FAT-fs (loop4): error, corrupted file size (i_pos 548, 522) [ 216.666785][ T8320] EXT4-fs (loop5): This should not happen!! Data will be lost [ 216.666785][ T8320] [ 216.759412][ T8323] geneve2: entered promiscuous mode [ 216.764720][ T8323] geneve2: entered allmulticast mode [ 216.959529][ T3438] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 412 with max blocks 1 with error 117 [ 216.995666][ T3438] EXT4-fs (loop5): This should not happen!! Data will be lost [ 216.995666][ T3438] [ 217.036836][ T7582] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 217.085683][ T8331] netlink: 4 bytes leftover after parsing attributes in process `syz.4.823'. [ 217.107934][ T8331] netlink: 24 bytes leftover after parsing attributes in process `syz.4.823'. [ 217.351066][ T5770] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 217.635277][ T8352] syzkaller0: entered allmulticast mode [ 217.647506][ T8352] syzkaller0: entered promiscuous mode [ 217.671645][ T8352] syzkaller0 (unregistering): left promiscuous mode [ 217.687035][ T8352] syzkaller0 (unregistering): left allmulticast mode [ 217.800205][ T8358] netlink: 12 bytes leftover after parsing attributes in process `syz.0.834'. [ 218.162728][ T8379] loop4: detected capacity change from 0 to 128 [ 218.300372][ T8384] loop0: detected capacity change from 0 to 512 [ 218.333307][ T8384] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -2 [ 218.359287][ T8384] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #13: comm syz.0.845: invalid indirect mapped block 8 (level 2) [ 218.409973][ T8384] EXT4-fs (loop0): Remounting filesystem read-only [ 218.429457][ T8379] netlink: 'syz.4.842': attribute type 6 has an invalid length. [ 218.437888][ T8384] EXT4-fs (loop0): 1 truncate cleaned up [ 218.445193][ T8384] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 218.483603][ T8384] netlink: 56 bytes leftover after parsing attributes in process `syz.0.845'. [ 218.558241][ T27] kauditd_printk_skb: 71 callbacks suppressed [ 218.558257][ T27] audit: type=1326 audit(218.513:1726): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8377 comm="syz.4.842" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff81638f749 code=0x7ffc0000 [ 218.633880][ T27] audit: type=1326 audit(218.543:1727): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8377 comm="syz.4.842" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff81638f749 code=0x7ffc0000 [ 218.668562][ T5783] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 218.670185][ T27] audit: type=1326 audit(218.553:1728): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8377 comm="syz.4.842" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff81638f749 code=0x7ffc0000 [ 218.733559][ T27] audit: type=1326 audit(218.563:1729): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8377 comm="syz.4.842" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff81638f749 code=0x7ffc0000 [ 218.782140][ T27] audit: type=1326 audit(218.573:1730): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8377 comm="syz.4.842" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff81638f749 code=0x7ffc0000 [ 218.809667][ T8397] loop1: detected capacity change from 0 to 512 [ 218.857602][ T8397] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 218.868923][ T27] audit: type=1326 audit(218.573:1731): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8394 comm="syz.1.849" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd26d8f749 code=0x7ffc0000 [ 218.900154][ T8397] EXT4-fs (loop1): 1 truncate cleaned up [ 218.913806][ T27] audit: type=1326 audit(218.573:1732): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8394 comm="syz.1.849" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd26d8f749 code=0x7ffc0000 [ 218.943158][ T27] audit: type=1326 audit(218.573:1733): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8394 comm="syz.1.849" exe="/root/syz-executor" sig=0 arch=c000003e syscall=154 compat=0 ip=0x7fdd26d8f749 code=0x7ffc0000 [ 218.962031][ T8397] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 219.007171][ T8397] macvtap1: entered promiscuous mode [ 219.012717][ T8397] macvtap1: entered allmulticast mode [ 219.018807][ T8397] dummy0: entered promiscuous mode [ 219.025310][ T8397] dummy0: entered allmulticast mode [ 219.033461][ T8397] team0: Device macvtap1 failed to register rx_handler [ 219.040248][ T27] audit: type=1326 audit(218.573:1734): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8394 comm="syz.1.849" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd26d8f749 code=0x7ffc0000 [ 219.072441][ T8397] dummy0: left allmulticast mode [ 219.080294][ T8397] dummy0: left promiscuous mode [ 219.111346][ T27] audit: type=1326 audit(218.573:1735): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8394 comm="syz.1.849" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd26d8f749 code=0x7ffc0000 [ 219.194503][ T8402] net_ratelimit: 10 callbacks suppressed [ 219.194514][ T8402] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 219.301168][ T5770] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 219.664761][ T8424] syz.4.862[8424] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 219.664920][ T8424] syz.4.862[8424] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 220.248154][ T8440] kernel read not supported for file /file1 (pid: 8440 comm: syz.1.868) [ 220.343727][ T8414] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 220.358105][ T8414] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 220.390605][ T8414] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 220.396854][ T8414] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 220.440950][ T8414] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 220.480418][ T8414] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 220.500610][ T8414] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 220.529110][ T8414] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 221.253458][ T8438] netdevsim netdevsim1 eth0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 221.266799][ T8438] netdevsim netdevsim1 eth1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 221.282300][ T8438] netdevsim netdevsim1 eth2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 221.292233][ T8438] netdevsim netdevsim1 eth3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 221.365590][ T8438] netdevsim netdevsim1 eth0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 221.374152][ T8438] netdevsim netdevsim1 eth1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 221.383354][ T8438] netdevsim netdevsim1 eth2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 221.391943][ T8438] netdevsim netdevsim1 eth3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 221.421183][ T8479] veth0: entered promiscuous mode [ 221.431969][ T8480] netlink: 4 bytes leftover after parsing attributes in process `syz.0.875'. [ 221.687009][ T51] Bluetooth: hci3: command 0x0406 tx timeout [ 221.892061][ T8500] loop0: detected capacity change from 0 to 512 [ 221.905355][ T8500] journal_path: Lookup failure for './file0' [ 221.913489][ T8500] EXT4-fs: error: could not find journal device path [ 221.951944][ T8502] syzkaller1: entered promiscuous mode [ 221.957830][ T8502] syzkaller1: entered allmulticast mode [ 222.281953][ T8509] netlink: 8 bytes leftover after parsing attributes in process `syz.0.884'. [ 222.397742][ T51] Bluetooth: hci2: command 0x0c1a tx timeout [ 222.557095][ T51] Bluetooth: hci1: command 0x0c1a tx timeout [ 222.758901][ T8531] loop0: detected capacity change from 0 to 8192 [ 222.787189][ T8531] syz.0.894: attempt to access beyond end of device [ 222.787189][ T8531] loop0: rw=0, sector=57847, nr_sectors = 1 limit=8192 [ 222.801524][ T8531] Buffer I/O error on dev loop0, logical block 57847, async page read [ 222.813181][ T8531] syz.0.894: attempt to access beyond end of device [ 222.813181][ T8531] loop0: rw=0, sector=57847, nr_sectors = 1 limit=8192 [ 222.827451][ T8531] Buffer I/O error on dev loop0, logical block 57847, async page read [ 223.243680][ T8549] loop5: detected capacity change from 0 to 1024 [ 223.252928][ T8549] EXT4-fs: Ignoring removed nomblk_io_submit option [ 223.262885][ T8548] loop0: detected capacity change from 0 to 2048 [ 223.284675][ T8549] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 223.288015][ T8548] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 223.347235][ T5783] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 223.382201][ T7582] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 223.567471][ T8560] loop4: detected capacity change from 0 to 4096 [ 223.585543][ T8560] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 223.767014][ T51] Bluetooth: hci3: command 0x0406 tx timeout [ 223.841352][ T6485] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 224.407789][ T27] kauditd_printk_skb: 189 callbacks suppressed [ 224.407804][ T27] audit: type=1326 audit(224.363:1925): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8572 comm="syz.0.910" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6435f8f749 code=0x7ffc0000 [ 224.437474][ T8573] syz.0.910[8573] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 224.437641][ T8573] syz.0.910[8573] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 224.476174][ T8573] netlink: 16 bytes leftover after parsing attributes in process `syz.0.910'. [ 224.496781][ T27] audit: type=1326 audit(224.393:1926): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8572 comm="syz.0.910" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6435f8f749 code=0x7ffc0000 [ 224.497412][ T51] Bluetooth: hci2: command 0x0c1a tx timeout [ 224.519196][ T8573] netlink: 116 bytes leftover after parsing attributes in process `syz.0.910'. [ 224.557992][ T27] audit: type=1326 audit(224.423:1927): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8572 comm="syz.0.910" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6435f8f749 code=0x7ffc0000 [ 224.636711][ T51] Bluetooth: hci1: command 0x0c1a tx timeout [ 224.646793][ T27] audit: type=1326 audit(224.423:1928): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8572 comm="syz.0.910" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6435f8f749 code=0x7ffc0000 [ 224.680920][ T27] audit: type=1326 audit(224.423:1929): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8572 comm="syz.0.910" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6435f8f749 code=0x7ffc0000 [ 224.703014][ T27] audit: type=1326 audit(224.423:1930): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8572 comm="syz.0.910" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6435f8f749 code=0x7ffc0000 [ 224.725240][ T27] audit: type=1326 audit(224.423:1931): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8572 comm="syz.0.910" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f6435f8df90 code=0x7ffc0000 [ 224.748918][ T27] audit: type=1326 audit(224.423:1932): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8572 comm="syz.0.910" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6435f8f749 code=0x7ffc0000 [ 224.770905][ T27] audit: type=1326 audit(224.423:1933): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8572 comm="syz.0.910" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6435f8f749 code=0x7ffc0000 [ 224.806210][ T27] audit: type=1326 audit(224.423:1934): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8572 comm="syz.0.910" exe="/root/syz-executor" sig=0 arch=c000003e syscall=8 compat=0 ip=0x7f6435f8f749 code=0x7ffc0000 [ 225.067467][ T8581] loop4: detected capacity change from 0 to 2048 [ 225.111653][ T8587] loop1: detected capacity change from 0 to 512 [ 225.141653][ T8581] loop4: p2 < > p4 [ 225.147070][ T8581] loop4: p4 size 262144 extends beyond EOD, truncated [ 225.155538][ T8587] EXT4-fs error (device loop1): ext4_get_branch:178: inode #11: block 4294967295: comm syz.1.916: invalid block [ 225.194656][ T8587] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #11: comm syz.1.916: invalid indirect mapped block 4294967295 (level 1) [ 225.228864][ T8587] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #11: comm syz.1.916: invalid indirect mapped block 4294967295 (level 1) [ 225.247485][ T8587] EXT4-fs (loop1): 2 truncates cleaned up [ 225.276595][ T8587] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 225.324969][ T8581] loop4: detected capacity change from 0 to 128 [ 225.383237][ T5770] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 225.701210][ T8603] loop4: detected capacity change from 0 to 512 [ 225.768947][ T8603] EXT4-fs error (device loop4): ext4_xattr_inode_iget:449: comm syz.4.922: error while reading EA inode 32 err=-116 [ 225.830853][ T8603] EXT4-fs (loop4): Remounting filesystem read-only [ 225.863641][ T8603] EXT4-fs warning (device loop4): ext4_evict_inode:255: couldn't mark inode dirty (err -5) [ 225.908921][ T8603] EXT4-fs (loop4): 1 orphan inode deleted [ 225.956614][ T8603] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 225.997892][ T8603] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 226.074507][ T8610] team0: Port device gtp0 added [ 226.278774][ T8613] loop1: detected capacity change from 0 to 164 [ 226.315004][ T8613] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 226.335196][ T8613] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 226.369882][ T8613] rock: directory entry would overflow storage [ 226.388736][ T8613] rock: sig=0x4f50, size=4, remaining=3 [ 226.405476][ T8613] iso9660: Corrupted directory entry in block 4 of inode 1792 [ 226.465811][ T51] Bluetooth: hci2: command 0x0c1a tx timeout [ 226.495979][ T8619] (null): rxe_set_mtu: Set mtu to 1024 [ 226.627346][ T51] Bluetooth: hci1: command 0x0c1a tx timeout [ 226.677139][ T8626] netlink: 272 bytes leftover after parsing attributes in process `syz.5.929'. [ 227.055140][ T8619] infiniband !yz!: set active [ 227.063572][ T8619] infiniband !yz!: added team_slave_0 [ 227.213220][ T8619] RDS/IB: !yz!: added [ 227.218895][ T8619] smc: adding ib device !yz! with port count 1 [ 227.225386][ T8619] smc: ib device !yz! port 1 has pnetid [ 227.467154][ T8643] 9pnet_fd: Insufficient options for proto=fd [ 227.602470][ T8647] loop1: detected capacity change from 0 to 128 [ 227.865914][ T8653] syz_tun: entered allmulticast mode [ 227.913531][ T8652] syz_tun: left allmulticast mode [ 227.937109][ T8655] loop0: detected capacity change from 0 to 164 [ 227.972510][ T8655] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 228.006116][ T8655] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 228.185296][ T8659] loop5: detected capacity change from 0 to 4096 [ 228.197768][ T8659] EXT4-fs: quotafile must be on filesystem root [ 228.293800][ T8659] syz.5.945[8659] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 228.293970][ T8659] syz.5.945[8659] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 228.745444][ T8673] netlink: 8 bytes leftover after parsing attributes in process `syz.5.950'. [ 228.972802][ T8686] loop0: detected capacity change from 0 to 164 [ 229.218650][ T8694] loop1: detected capacity change from 0 to 2048 [ 229.247572][ T8694] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 229.296822][ T8684] netlink: 8 bytes leftover after parsing attributes in process `syz.5.956'. [ 229.525046][ T27] kauditd_printk_skb: 275 callbacks suppressed [ 229.525063][ T27] audit: type=1326 audit(229.721:2210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8706 comm="syz.5.964" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f29f3f8f749 code=0x7ffc0000 [ 229.566847][ T27] audit: type=1326 audit(229.721:2211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8706 comm="syz.5.964" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f29f3f8f749 code=0x7ffc0000 [ 229.597040][ T27] audit: type=1326 audit(229.752:2212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8706 comm="syz.5.964" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f29f3f8f749 code=0x7ffc0000 [ 229.623835][ T27] audit: type=1326 audit(229.763:2213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8706 comm="syz.5.964" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f29f3f8f749 code=0x7ffc0000 [ 229.651889][ T27] audit: type=1326 audit(229.763:2214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8706 comm="syz.5.964" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f29f3f8f749 code=0x7ffc0000 [ 229.680757][ T27] audit: type=1326 audit(229.763:2215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8706 comm="syz.5.964" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f29f3f8df90 code=0x7ffc0000 [ 229.721935][ T8683] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 229.724337][ T27] audit: type=1326 audit(229.763:2216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8706 comm="syz.5.964" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7f29f3f90f77 code=0x7ffc0000 [ 229.749844][ T8683] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 229.775449][ T27] audit: type=1326 audit(229.763:2217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8706 comm="syz.5.964" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f29f3f8f749 code=0x7ffc0000 [ 229.798867][ T8683] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 229.847810][ T5770] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 229.920707][ T27] audit: type=1326 audit(229.763:2218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8706 comm="syz.5.964" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7f29f3f90f77 code=0x7ffc0000 [ 229.965860][ T27] audit: type=1326 audit(229.763:2219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8706 comm="syz.5.964" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f29f3f8e3aa code=0x7ffc0000 [ 230.200663][ T8717] netlink: 12 bytes leftover after parsing attributes in process `syz.4.969'. [ 230.224949][ T8720] loop1: detected capacity change from 0 to 512 [ 230.261885][ T8720] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 230.342364][ T8720] EXT4-fs error (device loop1): ext4_xattr_block_get:600: inode #12: comm syz.1.970: corrupted xattr block 6: invalid header [ 230.445409][ T5770] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 230.470140][ T8728] loop4: detected capacity change from 0 to 256 [ 230.484280][ T8724] 8021q: adding VLAN 0 to HW filter on device bond1 [ 230.566602][ T8728] FAT-fs (loop4): Directory bread(block 64) failed [ 230.585706][ T8728] FAT-fs (loop4): Directory bread(block 65) failed [ 230.612789][ T8728] FAT-fs (loop4): Directory bread(block 66) failed [ 230.620358][ T8728] FAT-fs (loop4): Directory bread(block 67) failed [ 230.627126][ T8728] FAT-fs (loop4): Directory bread(block 68) failed [ 230.649342][ T8728] FAT-fs (loop4): Directory bread(block 69) failed [ 230.666216][ T8728] FAT-fs (loop4): Directory bread(block 70) failed [ 230.672837][ T8728] FAT-fs (loop4): Directory bread(block 71) failed [ 230.686595][ T8730] loop1: detected capacity change from 0 to 1024 [ 230.693314][ T8728] FAT-fs (loop4): Directory bread(block 72) failed [ 230.712971][ T8728] FAT-fs (loop4): Directory bread(block 73) failed [ 230.721587][ T8730] EXT4-fs (loop1): filesystem is read-only [ 230.738136][ T8730] EXT4-fs (loop1): ext4_check_descriptors: Inode table for group 0 overlaps block group descriptors [ 230.776222][ T8730] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (11891!=20869) [ 230.776358][ T8730] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 230.776485][ T8730] EXT4-fs error (device loop1): ext4_get_journal_inode:5800: comm syz.1.973: inode #1: comm syz.1.973: iget: illegal inode # [ 230.776764][ T8730] EXT4-fs (loop1): no journal found [ 230.776780][ T8730] EXT4-fs (loop1): can't get journal size [ 230.778746][ T8730] EXT4-fs error (device loop1): __ext4_fill_super:5497: inode #2: comm syz.1.973: iget: special inode unallocated [ 230.779111][ T8730] EXT4-fs (loop1): get root inode failed [ 230.779127][ T8730] EXT4-fs (loop1): mount failed [ 230.878164][ T8730] netlink: 4 bytes leftover after parsing attributes in process `syz.1.973'. [ 230.894855][ T51] Bluetooth: hci3: command 0x0406 tx timeout [ 231.209372][ T8739] loop4: detected capacity change from 0 to 128 [ 231.247491][ T8739] syz.4.977: attempt to access beyond end of device [ 231.247491][ T8739] loop4: rw=2049, sector=138, nr_sectors = 112 limit=128 [ 231.280728][ T8739] syz.4.977: attempt to access beyond end of device [ 231.280728][ T8739] loop4: rw=0, sector=138, nr_sectors = 2 limit=128 [ 231.300798][ T8738] syz.4.977: attempt to access beyond end of device [ 231.300798][ T8738] loop4: rw=0, sector=138, nr_sectors = 2 limit=128 [ 231.322197][ T8738] Buffer I/O error on dev loop4, logical block 69, async page read [ 231.336269][ T8738] syz.4.977: attempt to access beyond end of device [ 231.336269][ T8738] loop4: rw=0, sector=140, nr_sectors = 2 limit=128 [ 231.350199][ T8738] Buffer I/O error on dev loop4, logical block 70, async page read [ 231.362250][ T8738] syz.4.977: attempt to access beyond end of device [ 231.362250][ T8738] loop4: rw=0, sector=142, nr_sectors = 2 limit=128 [ 231.383487][ T8738] Buffer I/O error on dev loop4, logical block 71, async page read [ 231.393311][ T8738] syz.4.977: attempt to access beyond end of device [ 231.393311][ T8738] loop4: rw=0, sector=144, nr_sectors = 2 limit=128 [ 231.410553][ T8738] Buffer I/O error on dev loop4, logical block 72, async page read [ 231.419060][ T8738] syz.4.977: attempt to access beyond end of device [ 231.419060][ T8738] loop4: rw=0, sector=138, nr_sectors = 2 limit=128 [ 231.442167][ T8738] Buffer I/O error on dev loop4, logical block 69, async page read [ 231.452805][ T8738] syz.4.977: attempt to access beyond end of device [ 231.452805][ T8738] loop4: rw=0, sector=140, nr_sectors = 2 limit=128 [ 231.470128][ T8738] Buffer I/O error on dev loop4, logical block 70, async page read [ 231.481171][ T8738] syz.4.977: attempt to access beyond end of device [ 231.481171][ T8738] loop4: rw=0, sector=142, nr_sectors = 2 limit=128 [ 231.499726][ T8738] Buffer I/O error on dev loop4, logical block 71, async page read [ 231.508278][ T8738] syz.4.977: attempt to access beyond end of device [ 231.508278][ T8738] loop4: rw=0, sector=144, nr_sectors = 2 limit=128 [ 231.525489][ T8738] Buffer I/O error on dev loop4, logical block 72, async page read [ 231.537584][ T8739] Buffer I/O error on dev loop4, logical block 69, async page read [ 231.572574][ T8739] Buffer I/O error on dev loop4, logical block 70, async page read [ 231.613428][ T8743] bridge_slave_0: left allmulticast mode [ 231.638861][ T8743] bridge_slave_0: left promiscuous mode [ 231.655378][ T8743] bridge0: port 1(bridge_slave_0) entered disabled state [ 231.721894][ T8743] bridge_slave_1: left allmulticast mode [ 231.728249][ T51] Bluetooth: hci1: command 0x0c1a tx timeout [ 231.734615][ T51] Bluetooth: hci2: command 0x0c1a tx timeout [ 231.768691][ T8743] bridge_slave_1: left promiscuous mode [ 231.775433][ T8743] bridge0: port 2(bridge_slave_1) entered disabled state [ 231.789438][ T8743] bond0: (slave bond_slave_0): Releasing backup interface [ 231.830653][ T8743] bond0: (slave bond_slave_1): Releasing backup interface [ 231.925004][ T8743] team0: Port device team_slave_0 removed [ 231.957064][ T8743] team0: Port device team_slave_1 removed [ 232.526719][ T8773] netlink: 8 bytes leftover after parsing attributes in process `syz.4.991'. [ 232.551870][ T8773] netlink: 312 bytes leftover after parsing attributes in process `syz.4.991'. [ 232.577536][ T8773] netlink: 8 bytes leftover after parsing attributes in process `syz.4.991'. [ 233.009897][ T8789] netlink: 32 bytes leftover after parsing attributes in process `syz.4.996'. [ 234.662801][ T8815] loop4: detected capacity change from 0 to 128 [ 234.717532][ T8815] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 234.771754][ T8815] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 235.839552][ T8836] netlink: 'syz.1.1016': attribute type 7 has an invalid length. [ 235.875681][ T27] kauditd_printk_skb: 143 callbacks suppressed [ 235.875698][ T27] audit: type=1326 audit(236.387:2363): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8835 comm="syz.1.1016" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd26d8f749 code=0x7ffc0000 [ 235.973153][ T8836] loop1: detected capacity change from 0 to 1024 [ 235.988049][ T27] audit: type=1326 audit(236.429:2364): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8835 comm="syz.1.1016" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fdd26d8f749 code=0x7ffc0000 [ 236.016148][ T27] audit: type=1326 audit(236.429:2365): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8835 comm="syz.1.1016" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fdd26d8f783 code=0x7ffc0000 [ 236.038856][ T27] audit: type=1326 audit(236.439:2366): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8835 comm="syz.1.1016" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fdd26d8e1ff code=0x7ffc0000 [ 236.062205][ T27] audit: type=1326 audit(236.450:2367): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8835 comm="syz.1.1016" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7fdd26d8f7d7 code=0x7ffc0000 [ 236.067072][ T8836] EXT4-fs: inline encryption not supported [ 236.124825][ T27] audit: type=1326 audit(236.450:2368): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8835 comm="syz.1.1016" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fdd26d8df90 code=0x7ffc0000 [ 236.151995][ T8836] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 236.191787][ T27] audit: type=1326 audit(236.450:2369): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8835 comm="syz.1.1016" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fdd26d8f34b code=0x7ffc0000 [ 236.234747][ T8836] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 236.258756][ T27] audit: type=1326 audit(236.544:2370): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8835 comm="syz.1.1016" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fdd26d8e3aa code=0x7ffc0000 [ 236.325741][ T27] audit: type=1326 audit(236.544:2371): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8835 comm="syz.1.1016" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fdd26d8e3aa code=0x7ffc0000 [ 236.350302][ T8836] EXT4-fs (loop1): shut down requested (2) [ 236.390828][ T27] audit: type=1326 audit(236.544:2372): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8835 comm="syz.1.1016" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7fdd26d8de97 code=0x7ffc0000 [ 236.471866][ T5770] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 236.753028][ T8823] netlink: 14 bytes leftover after parsing attributes in process `syz.5.1011'. [ 236.763077][ T8853] loop4: detected capacity change from 0 to 128 [ 236.783421][ T8853] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 237.109590][ T6485] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 238.190308][ T8888] loop4: detected capacity change from 0 to 512 [ 238.215004][ T8888] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 238.264805][ T8888] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 238.452378][ T6485] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 238.518920][ T8892] netlink: 204 bytes leftover after parsing attributes in process `syz.0.1037'. [ 238.528195][ T8824] syz.5.1011: vmalloc error: size 2101248, failed to allocated page array size 4104, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=syz5,mems_allowed=0-1 [ 238.548323][ T8892] netlink: 72 bytes leftover after parsing attributes in process `syz.0.1037'. [ 238.558816][ T8824] CPU: 0 PID: 8824 Comm: syz.5.1011 Not tainted syzkaller #0 [ 238.566260][ T8824] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 238.576356][ T8824] Call Trace: [ 238.579666][ T8824] [ 238.582636][ T8824] dump_stack_lvl+0x16c/0x230 [ 238.587390][ T8824] ? show_regs_print_info+0x20/0x20 [ 238.592624][ T8824] ? load_image+0x3b0/0x3b0 [ 238.597171][ T8824] ? cpuset_print_current_mems_allowed+0x1f/0x360 [ 238.603712][ T8824] ? cpuset_print_current_mems_allowed+0x2e3/0x360 [ 238.610243][ T8824] warn_alloc+0x210/0x300 [ 238.614614][ T8824] ? zone_watermark_ok_safe+0x230/0x230 [ 238.620202][ T8824] ? _raw_spin_unlock+0x28/0x40 [ 238.625094][ T8824] __vmalloc_node_range+0x662/0x1320 [ 238.630440][ T8824] ? free_vm_area+0x50/0x50 [ 238.634985][ T8824] ? _raw_spin_unlock+0x28/0x40 [ 238.639876][ T8824] ? __kasan_kmalloc+0x8f/0xa0 [ 238.644672][ T8824] __vmalloc_node_range+0x568/0x1320 [ 238.649987][ T8824] ? hash_netiface_create+0x361/0xff0 [ 238.655477][ T8824] ? __asan_memset+0x22/0x40 [ 238.660125][ T8824] ? free_vm_area+0x50/0x50 [ 238.664663][ T8824] ? kvmalloc_node+0x70/0x180 [ 238.669374][ T8824] ? rcu_is_watching+0x15/0xb0 [ 238.674174][ T8824] ? kvmalloc_node+0x70/0x180 [ 238.678877][ T8824] ? trace_kmalloc+0x1f/0xa0 [ 238.683506][ T8824] kvmalloc_node+0x13f/0x180 [ 238.688135][ T8824] ? hash_netiface_create+0x361/0xff0 [ 238.693539][ T8824] hash_netiface_create+0x361/0xff0 [ 238.698787][ T8824] ? __lock_acquire+0x7c80/0x7c80 [ 238.703929][ T8824] ? __nla_parse+0x40/0x50 [ 238.708381][ T8824] ? hash_netport6_gc+0x570/0x570 [ 238.713439][ T8824] ip_set_create+0xa87/0x18e0 [ 238.718145][ T8824] ? ip_set_create+0x4b2/0x18e0 [ 238.723058][ T8824] ? ip_set_protocol+0x5d0/0x5d0 [ 238.728039][ T8824] ? trace_contention_end+0x39/0xe0 [ 238.733305][ T8824] nfnetlink_rcv_msg+0xb49/0x1130 [ 238.738464][ T8824] ? entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 238.744560][ T8824] ? nfnetlink_rcv_msg+0x20e/0x1130 [ 238.749814][ T8824] ? nfnetlink_unbind+0x160/0x160 [ 238.754904][ T8824] ? __dev_queue_xmit+0x1a64/0x35a0 [ 238.760138][ T8824] ? __netlink_deliver_tap+0x5ab/0x830 [ 238.765625][ T8824] ? netlink_deliver_tap+0x19c/0x1b0 [ 238.770938][ T8824] ? netlink_unicast+0x72c/0x8d0 [ 238.775910][ T8824] ? netlink_sendmsg+0x8c1/0xbe0 [ 238.780876][ T8824] ? ____sys_sendmsg+0x5bf/0x950 [ 238.785844][ T8824] ? ___sys_sendmsg+0x220/0x290 [ 238.790721][ T8824] ? __se_sys_sendmsg+0x1a5/0x270 [ 238.795774][ T8824] ? do_syscall_64+0x55/0xb0 [ 238.800397][ T8824] netlink_rcv_skb+0x216/0x480 [ 238.805203][ T8824] ? nfnetlink_unbind+0x160/0x160 [ 238.810264][ T8824] ? netlink_ack+0x1110/0x1110 [ 238.815069][ T8824] ? apparmor_capable+0x137/0x1a0 [ 238.820127][ T8824] ? bpf_lsm_capable+0x9/0x10 [ 238.824846][ T8824] ? security_capable+0x89/0xb0 [ 238.829731][ T8824] nfnetlink_rcv+0x274/0x2180 [ 238.834463][ T8824] ? __local_bh_enable_ip+0x12e/0x1c0 [ 238.839867][ T8824] ? lockdep_hardirqs_on+0x98/0x150 [ 238.845100][ T8824] ? __local_bh_enable_ip+0x12e/0x1c0 [ 238.850501][ T8824] ? _local_bh_enable+0xa0/0xa0 [ 238.855383][ T8824] ? __dev_queue_xmit+0x245/0x35a0 [ 238.860571][ T8824] ? nfnetlink_net_exit_batch+0xa0/0xa0 [ 238.866160][ T8824] ? __dev_queue_xmit+0x245/0x35a0 [ 238.871316][ T8824] ? ref_tracker_free+0x634/0x7d0 [ 238.876366][ T8824] ? __copy_skb_header+0xa7/0x550 [ 238.881506][ T8824] ? refcount_inc+0x70/0x70 [ 238.886035][ T8824] ? __skb_clone+0x63/0x790 [ 238.890592][ T8824] ? __skb_clone+0x480/0x790 [ 238.895230][ T8824] ? __netlink_deliver_tap+0x7e8/0x830 [ 238.900730][ T8824] ? netlink_deliver_tap+0x2e/0x1b0 [ 238.905954][ T8824] ? __lock_acquire+0x7c80/0x7c80 [ 238.911051][ T8824] ? netlink_deliver_tap+0x2e/0x1b0 [ 238.916378][ T8824] netlink_unicast+0x751/0x8d0 [ 238.921190][ T8824] netlink_sendmsg+0x8c1/0xbe0 [ 238.925995][ T8824] ? netlink_getsockopt+0x580/0x580 [ 238.931255][ T8824] ? aa_sock_msg_perm+0x94/0x150 [ 238.936264][ T8824] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 238.941583][ T8824] ? security_socket_sendmsg+0x80/0xa0 [ 238.947093][ T8824] ? netlink_getsockopt+0x580/0x580 [ 238.952330][ T8824] ____sys_sendmsg+0x5bf/0x950 [ 238.957131][ T8824] ? __asan_memset+0x22/0x40 [ 238.961753][ T8824] ? __sys_sendmsg_sock+0x30/0x30 [ 238.966803][ T8824] ? __import_iovec+0x5f2/0x860 [ 238.971697][ T8824] ? import_iovec+0x73/0xa0 [ 238.976247][ T8824] ___sys_sendmsg+0x220/0x290 [ 238.980957][ T8824] ? __sys_sendmsg+0x270/0x270 [ 238.985794][ T8824] __se_sys_sendmsg+0x1a5/0x270 [ 238.990683][ T8824] ? __x64_sys_sendmsg+0x80/0x80 [ 238.995665][ T8824] ? lockdep_hardirqs_on+0x98/0x150 [ 239.000985][ T8824] do_syscall_64+0x55/0xb0 [ 239.005427][ T8824] ? clear_bhb_loop+0x40/0x90 [ 239.010141][ T8824] ? clear_bhb_loop+0x40/0x90 [ 239.014851][ T8824] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 239.020806][ T8824] RIP: 0033:0x7f29f3f8f749 [ 239.025418][ T8824] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 239.045053][ T8824] RSP: 002b:00007f29f4dea038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 239.053510][ T8824] RAX: ffffffffffffffda RBX: 00007f29f41e6090 RCX: 00007f29f3f8f749 [ 239.061512][ T8824] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000007 [ 239.069537][ T8824] RBP: 00007f29f4013f91 R08: 0000000000000000 R09: 0000000000000000 [ 239.077710][ T8824] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 239.085715][ T8824] R13: 00007f29f41e6128 R14: 00007f29f41e6090 R15: 00007ffede0b3c38 [ 239.093734][ T8824] [ 239.129426][ T8824] Mem-Info: [ 239.132621][ T8824] active_anon:17581 inactive_anon:0 isolated_anon:0 [ 239.132621][ T8824] active_file:10859 inactive_file:40476 isolated_file:0 [ 239.132621][ T8824] unevictable:768 dirty:34 writeback:0 [ 239.132621][ T8824] slab_reclaimable:10938 slab_unreclaimable:95421 [ 239.132621][ T8824] mapped:35250 shmem:13040 pagetables:681 [ 239.132621][ T8824] sec_pagetables:0 bounce:0 [ 239.132621][ T8824] kernel_misc_reclaimable:0 [ 239.132621][ T8824] free:1307306 free_pcp:6912 free_cma:0 [ 239.177325][ T8892] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1037'. [ 239.216201][ T8824] Node 0 active_anon:70524kB inactive_anon:0kB active_file:43836kB inactive_file:161700kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:141400kB dirty:136kB writeback:0kB shmem:50824kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:12232kB pagetables:2724kB sec_pagetables:0kB all_unreclaimable? no [ 239.297430][ T8824] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no [ 239.330146][ T8824] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 239.372888][ T8824] lowmem_reserve[]: 0 2525 2526 2526 2526 [ 239.378851][ T8824] Node 0 DMA32 free:1314400kB boost:0kB min:34676kB low:43344kB high:52012kB reserved_highatomic:0KB active_anon:71576kB inactive_anon:0kB active_file:44876kB inactive_file:160364kB unevictable:1536kB writepending:132kB present:3129332kB managed:2589640kB mlocked:0kB bounce:0kB free_pcp:8608kB local_pcp:6992kB free_cma:0kB [ 239.425674][ T8824] lowmem_reserve[]: 0 0 1 1 1 [ 239.431399][ T8824] Node 0 Normal free:16kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB active_anon:48kB inactive_anon:0kB active_file:0kB inactive_file:1316kB unevictable:0kB writepending:0kB present:1048576kB managed:1384kB mlocked:0kB bounce:0kB free_pcp:4kB local_pcp:0kB free_cma:0kB [ 239.477423][ T8824] lowmem_reserve[]: 0 0 0 0 0 [ 239.482364][ T8824] Node 1 Normal free:3896676kB boost:0kB min:55208kB low:69008kB high:82808kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB writepending:0kB present:4194304kB managed:4117312kB mlocked:0kB bounce:0kB free_pcp:20064kB local_pcp:5632kB free_cma:0kB [ 239.516973][ T8824] lowmem_reserve[]: 0 0 0 0 0 [ 239.522265][ T8824] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 239.593601][ T8824] Node 0 DMA32: 24*4kB (UE) 9*8kB (UME) 2*16kB (UM) 0*32kB 3*64kB (UE) 645*128kB (UME) 414*256kB (UM) 256*512kB (UME) 180*1024kB (UM) 7*2048kB (M) 193*4096kB (UM) = 1309192kB [ 239.633932][ T8824] Node 0 Normal: 0*4kB 0*8kB 1*16kB (M) 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 16kB [ 239.665582][ T8824] Node 1 Normal: 235*4kB (UME) 55*8kB (UME) 38*16kB (UME) 115*32kB (UME) 33*64kB (UME) 10*128kB (UME) 2*256kB (UM) 2*512kB (UE) 1*1024kB (U) 1*2048kB (E) 948*4096kB (M) = 3896676kB [ 239.699977][ T8824] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 239.712307][ T8824] Node 0 hugepages_total=4 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 239.722688][ T8824] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 239.726438][ T8904] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1042'. [ 239.733119][ T8824] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 239.754478][ T8824] 67191 total pagecache pages [ 239.759340][ T8824] 0 pages in swap cache [ 239.766181][ T8824] Free swap = 124440kB [ 239.791547][ T8824] Total swap = 124996kB [ 239.801492][ T8824] 2097051 pages RAM [ 239.805428][ T8824] 0 pages HighMem/MovableOnly [ 239.821613][ T8824] 416127 pages reserved [ 239.826025][ T8824] 0 pages cma reserved [ 240.167545][ T8912] netlink: 132 bytes leftover after parsing attributes in process `syz.4.1046'. [ 240.247188][ T8914] netlink: 56 bytes leftover after parsing attributes in process `syz.0.1047'. [ 240.492268][ T8918] loop4: detected capacity change from 0 to 2048 [ 241.116716][ T8924] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1051'. [ 241.145605][ T8926] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1052'. [ 241.359517][ T8929] tipc: Started in network mode [ 241.373351][ T8929] tipc: Node identity 766f4cf9a188, cluster identity 4711 [ 241.414174][ T8929] tipc: Enabled bearer , priority 0 [ 241.439339][ T8935] netlink: 'syz.0.1056': attribute type 21 has an invalid length. [ 241.468873][ T8936] syzkaller0: entered promiscuous mode [ 241.474440][ T8936] syzkaller0: entered allmulticast mode [ 241.666876][ T8928] tipc: Resetting bearer [ 241.854747][ T8928] tipc: Disabling bearer [ 242.229849][ T8953] loop4: detected capacity change from 0 to 512 [ 242.315967][ T8953] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 242.324407][ T8953] EXT4-fs (loop4): orphan cleanup on readonly fs [ 242.351171][ T8957] program syz.0.1065 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 242.387660][ T8953] EXT4-fs error (device loop4): ext4_do_update_inode:5244: inode #16: comm syz.4.1064: corrupted inode contents [ 242.433169][ T8953] EXT4-fs (loop4): Remounting filesystem read-only [ 242.460740][ T8953] EXT4-fs (loop4): 1 truncate cleaned up [ 242.499690][ T3438] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 242.529510][ T3438] __quota_error: 325 callbacks suppressed [ 242.529526][ T3438] Quota error (device loop4): write_blk: dquota write failed [ 242.563500][ T3438] Quota error (device loop4): remove_free_dqentry: Can't write block (5) with free entries [ 242.590273][ T3438] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 242.627382][ T3438] Quota error (device loop4): write_blk: dquota write failed [ 242.651884][ T3438] Quota error (device loop4): free_dqentry: Can't move quota data block (5) to free list [ 242.678379][ T3438] EXT4-fs (loop4): Quota write (off=8, len=24) cancelled because transaction is not started [ 242.707591][ T3438] Quota error (device loop4): v2_write_file_info: Can't write info structure [ 242.739662][ T3438] Quota error (device loop4): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 242.762102][ T8965] loop0: detected capacity change from 0 to 512 [ 242.770329][ T8953] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 242.792915][ T8965] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 242.805848][ T8965] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a80ec01c, mo2=0003] [ 242.815374][ T8965] System zones: 1-2, 4-12, 8-8 [ 242.831838][ T8965] EXT4-fs error (device loop0): ext4_orphan_get:1399: inode #15: comm syz.0.1068: iget: bad i_size value: 38620345925642 [ 242.874419][ T8953] tmpfs: Bad value for 'mpol' [ 242.921224][ T8965] EXT4-fs error (device loop0): ext4_orphan_get:1404: comm syz.0.1068: couldn't read orphan inode 15 (err -117) [ 242.978087][ T8965] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 243.013249][ T6485] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 243.104979][ T8968] EXT4-fs error (device loop0): ext4_validate_block_bitmap:430: comm syz.0.1068: bg 0: block 5: invalid block bitmap [ 243.142653][ T8968] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 440 with error 28 [ 243.177830][ T8968] EXT4-fs (loop0): This should not happen!! Data will be lost [ 243.177830][ T8968] [ 243.202243][ T8968] EXT4-fs (loop0): Total free blocks count 0 [ 243.208319][ T8968] EXT4-fs (loop0): Free/Dirty block details [ 243.230789][ T8968] EXT4-fs (loop0): free_blocks=0 [ 243.236095][ T8968] EXT4-fs (loop0): dirty_blocks=440 [ 243.260458][ T8968] EXT4-fs (loop0): Block reservation details [ 243.266759][ T8968] EXT4-fs (loop0): i_reserved_data_blocks=440 [ 243.861379][ T5783] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 244.018265][ T27] audit: type=1326 audit(244.932:2698): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8981 comm="syz.4.1075" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff81638f749 code=0x7ffc0000 [ 244.048757][ T27] audit: type=1326 audit(244.964:2699): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8981 comm="syz.4.1075" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff81638f749 code=0x7ffc0000 [ 244.085564][ T27] audit: type=1326 audit(244.964:2700): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8981 comm="syz.4.1075" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7ff81638f749 code=0x7ffc0000 [ 244.120069][ T27] audit: type=1326 audit(244.964:2701): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8981 comm="syz.4.1075" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff81638f749 code=0x7ffc0000 [ 245.399811][ T9021] netlink: 1028 bytes leftover after parsing attributes in process `syz.5.1093'. [ 245.625648][ T9031] vcan0: tx drop: invalid sa for name 0x0000000000000001 [ 246.369463][ T9062] loop0: detected capacity change from 0 to 1024 [ 246.376774][ T9062] EXT4-fs: Ignoring removed i_version option [ 246.382832][ T9062] ext4: Unknown parameter 'subj_user' [ 246.802557][ T28] usb 2-1: new full-speed USB device number 2 using dummy_hcd [ 246.975438][ T28] usb 2-1: device descriptor read/64, error -71 [ 247.241278][ T28] usb 2-1: new full-speed USB device number 3 using dummy_hcd [ 247.290522][ T9084] syz.5.1120[9084] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 247.290875][ T9084] syz.5.1120[9084] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 247.421934][ T28] usb 2-1: device descriptor read/64, error -71 [ 247.536696][ T28] usb usb2-port1: attempt power cycle [ 247.926460][ T28] usb 2-1: new full-speed USB device number 4 using dummy_hcd [ 247.978239][ T28] usb 2-1: device descriptor read/8, error -71 [ 248.002801][ T9101] netdevsim netdevsim5: Direct firmware load for ./file1 failed with error -2 [ 248.012937][ T9101] netdevsim netdevsim5: Falling back to sysfs fallback for: ./file1 [ 248.252375][ T28] usb 2-1: new full-speed USB device number 5 using dummy_hcd [ 248.312089][ T28] usb 2-1: device descriptor read/8, error -71 [ 248.322066][ T9108] loop0: detected capacity change from 0 to 128 [ 248.379430][ T9108] bio_check_eod: 1032 callbacks suppressed [ 248.379450][ T9108] syz.0.1129: attempt to access beyond end of device [ 248.379450][ T9108] loop0: rw=2049, sector=138, nr_sectors = 112 limit=128 [ 248.417208][ T9108] syz.0.1129: attempt to access beyond end of device [ 248.417208][ T9108] loop0: rw=0, sector=138, nr_sectors = 2 limit=128 [ 248.442618][ T28] usb usb2-port1: unable to enumerate USB device [ 249.047159][ T27] kauditd_printk_skb: 317 callbacks suppressed [ 249.047174][ T27] audit: type=1326 audit(250.213:3019): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9117 comm="syz.0.1133" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6435f8f749 code=0x7ffc0000 [ 249.136317][ T27] audit: type=1326 audit(250.213:3020): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9117 comm="syz.0.1133" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6435f8f749 code=0x7ffc0000 [ 249.211453][ T27] audit: type=1326 audit(250.213:3021): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9117 comm="syz.0.1133" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7f6435f8f749 code=0x7ffc0000 [ 249.267838][ T9124] loop5: detected capacity change from 0 to 164 [ 249.274655][ T27] audit: type=1326 audit(250.213:3022): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9117 comm="syz.0.1133" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6435f8f749 code=0x7ffc0000 [ 249.301784][ T9124] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 249.320285][ T9124] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 249.336579][ T27] audit: type=1326 audit(250.213:3023): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9117 comm="syz.0.1133" exe="/root/syz-executor" sig=0 arch=c000003e syscall=285 compat=0 ip=0x7f6435f8f749 code=0x7ffc0000 [ 249.367234][ T9124] Symlink component flag not implemented [ 249.373070][ T9124] Symlink component flag not implemented [ 249.385988][ T9124] Symlink component flag not implemented (7) [ 249.392104][ T9124] Symlink component flag not implemented (116) [ 249.401313][ T27] audit: type=1326 audit(250.255:3024): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9117 comm="syz.0.1133" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6435f8f749 code=0x7ffc0000 [ 249.453644][ T27] audit: type=1326 audit(250.255:3025): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9117 comm="syz.0.1133" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6435f8f749 code=0x7ffc0000 [ 249.487400][ T27] audit: type=1326 audit(250.255:3026): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9117 comm="syz.0.1133" exe="/root/syz-executor" sig=0 arch=c000003e syscall=326 compat=0 ip=0x7f6435f8f749 code=0x7ffc0000 [ 249.536077][ T27] audit: type=1326 audit(250.255:3027): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9117 comm="syz.0.1133" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6435f8f749 code=0x7ffc0000 [ 249.630817][ T9130] loop5: detected capacity change from 0 to 1024 [ 249.679127][ T9132] loop0: detected capacity change from 0 to 1024 [ 249.695259][ T9130] EXT4-fs: Ignoring removed oldalloc option [ 249.750539][ T9135] netlink: 'syz.1.1141': attribute type 5 has an invalid length. [ 249.763203][ T9132] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 249.775507][ T9135] netdevsim netdevsim1 eth0: set [0, 0] type 1 family 0 port 8472 - 0 [ 249.775593][ T9135] netdevsim netdevsim1 eth1: set [0, 0] type 1 family 0 port 8472 - 0 [ 249.775623][ T9135] netdevsim netdevsim1 eth2: set [0, 0] type 1 family 0 port 8472 - 0 [ 249.775651][ T9135] netdevsim netdevsim1 eth3: set [0, 0] type 1 family 0 port 8472 - 0 [ 249.795080][ T9130] EXT4-fs (loop5): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: writeback. [ 249.825091][ T9135] netdevsim netdevsim1 eth0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 249.833650][ T9135] netdevsim netdevsim1 eth1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 249.842287][ T9135] netdevsim netdevsim1 eth2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 249.850852][ T9135] netdevsim netdevsim1 eth3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 249.880558][ T9130] EXT4-fs error (device loop5): ext4_free_blocks:6676: comm syz.5.1138: Freeing blocks not in datazone - block = 0, count = 16 [ 249.971955][ T5783] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 250.000350][ T27] audit: type=1326 audit(251.210:3028): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9142 comm="syz.4.1142" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff81638f749 code=0x7ffc0000 [ 250.036654][ T7582] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 250.556927][ T9162] netlink: 'syz.1.1150': attribute type 10 has an invalid length. [ 250.565135][ T9162] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1150'. [ 250.591710][ T9162] dummy0: entered promiscuous mode [ 250.681292][ T9162] A link change request failed with some changes committed already. Interface dummy0 may have been left with an inconsistent configuration, please check. [ 251.884833][ T9166] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1151'. [ 252.233719][ T9173] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'filter' [ 253.612587][ T9211] loop1: detected capacity change from 0 to 512 [ 253.644132][ T9211] EXT4-fs: Ignoring removed bh option [ 253.652700][ T9211] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 253.697946][ T9211] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 253.789085][ T9211] EXT4-fs error (device loop1): ext4_lookup:1858: inode #12: comm syz.1.1169: iget: bad i_size value: 2533274857506816 [ 253.882253][ T9211] EXT4-fs error (device loop1): ext4_lookup:1858: inode #12: comm syz.1.1169: iget: bad i_size value: 2533274857506816 [ 253.943159][ T9218] EXT4-fs error (device loop1): ext4_lookup:1858: inode #12: comm syz.1.1169: iget: bad i_size value: 2533274857506816 [ 253.969356][ T27] kauditd_printk_skb: 238 callbacks suppressed [ 253.969374][ T27] audit: type=1326 audit(255.378:3267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9202 comm="syz.5.1167" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f29f3f8f749 code=0x7ffc0000 [ 254.023627][ T9211] EXT4-fs error (device loop1): ext4_lookup:1858: inode #12: comm syz.1.1169: iget: bad i_size value: 2533274857506816 [ 254.063341][ T9222] loop4: detected capacity change from 0 to 128 [ 254.197706][ T5770] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 254.392524][ T9230] random: crng reseeded on system resumption [ 254.439313][ T1280] ieee802154 phy0 wpan0: encryption failed: -22 [ 254.521317][ T9232] loop4: detected capacity change from 0 to 2048 [ 254.568420][ T9232] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 254.638550][ T27] audit: type=1800 audit(256.081:3268): pid=9232 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1178" name="bus" dev="loop4" ino=18 res=0 errno=0 [ 254.753581][ T6485] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 254.804999][ T9240] loop5: detected capacity change from 0 to 512 [ 254.849296][ T9240] EXT4-fs (loop5): mounting ext3 file system using the ext4 subsystem [ 254.898706][ T9240] EXT4-fs (loop5): invalid journal inode [ 254.915482][ T9240] EXT4-fs (loop5): can't get journal size [ 255.000229][ T9242] loop4: detected capacity change from 0 to 1024 [ 255.026595][ T9242] EXT4-fs: Ignoring removed bh option [ 255.044206][ T9242] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 255.109422][ T9242] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 255.134785][ T9240] EXT4-fs (loop5): 1 truncate cleaned up [ 255.144409][ T9240] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 255.240515][ T6485] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 255.314774][ T7582] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 255.485987][ T9252] loop1: detected capacity change from 0 to 1024 [ 255.498586][ T9252] EXT4-fs: Ignoring removed bh option [ 255.517543][ T9252] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 255.560849][ T9252] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 255.654900][ T9252] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4031: comm syz.1.1185: Allocating blocks 385-513 which overlap fs metadata [ 255.660747][ T27] audit: type=1326 audit(257.152:3269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9259 comm="syz.4.1186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff81638f749 code=0x7ffc0000 [ 255.697143][ T27] audit: type=1326 audit(257.152:3270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9259 comm="syz.4.1186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff81638f749 code=0x7ffc0000 [ 255.752962][ T9252] EXT4-fs (loop1): pa ffff88805a938d98: logic 16, phys. 129, len 24 [ 255.757363][ T27] audit: type=1326 audit(257.246:3271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9259 comm="syz.4.1186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=437 compat=0 ip=0x7ff81638f749 code=0x7ffc0000 [ 255.762000][ T9252] EXT4-fs error (device loop1): ext4_mb_release_inode_pa:5372: group 0, free 0, pa_free 8 [ 255.817815][ T27] audit: type=1326 audit(257.246:3272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9259 comm="syz.4.1186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff81638f749 code=0x7ffc0000 [ 255.858828][ T27] audit: type=1326 audit(257.246:3273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9259 comm="syz.4.1186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff81638f749 code=0x7ffc0000 [ 256.011047][ T5770] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 257.889108][ T9270] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1191'. [ 258.159868][ T27] audit: type=1326 audit(259.776:3274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9296 comm="syz.1.1197" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd26d8f749 code=0x7ffc0000 [ 258.233745][ T27] audit: type=1326 audit(259.776:3275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9296 comm="syz.1.1197" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd26d8f749 code=0x7ffc0000 [ 258.290794][ T27] audit: type=1326 audit(259.808:3276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9296 comm="syz.1.1197" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7fdd26d8f749 code=0x7ffc0000 [ 258.337664][ T9303] netdevsim netdevsim5: Firmware load for '/../file0' refused, path contains '..' component [ 258.969779][ T9321] syz.1.1208[9321] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 258.969953][ T9321] syz.1.1208[9321] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 259.024586][ T9318] netlink: 3 bytes leftover after parsing attributes in process `syz.0.1207'. [ 259.048227][ T9318] 0X: renamed from caif0 [ 259.059038][ T9318] 0X: entered allmulticast mode [ 259.065283][ T9318] A link change request failed with some changes committed already. Interface 60X may have been left with an inconsistent configuration, please check. [ 259.222544][ T27] kauditd_printk_skb: 57 callbacks suppressed [ 259.222559][ T27] audit: type=1326 audit(260.889:3334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9323 comm="syz.0.1209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6435f8f749 code=0x7ffc0000 [ 259.294077][ T27] audit: type=1326 audit(260.931:3335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9323 comm="syz.0.1209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f6435f8f749 code=0x7ffc0000 [ 259.353112][ T27] audit: type=1326 audit(260.931:3336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9323 comm="syz.0.1209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6435f8f749 code=0x7ffc0000 [ 259.382253][ T27] audit: type=1326 audit(260.931:3337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9323 comm="syz.0.1209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f6435f8f749 code=0x7ffc0000 [ 259.409452][ T27] audit: type=1326 audit(260.931:3338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9323 comm="syz.0.1209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6435f8f749 code=0x7ffc0000 [ 259.437424][ T27] audit: type=1326 audit(260.931:3339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9323 comm="syz.0.1209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6435f8f749 code=0x7ffc0000 [ 259.463434][ T27] audit: type=1326 audit(260.931:3340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9323 comm="syz.0.1209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=297 compat=0 ip=0x7f6435f8f749 code=0x7ffc0000 [ 259.492295][ T27] audit: type=1326 audit(260.931:3341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9323 comm="syz.0.1209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6435f8f749 code=0x7ffc0000 [ 259.638570][ T27] audit: type=1326 audit(261.330:3342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9327 comm="syz.0.1211" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6435f8f749 code=0x7ffc0000 [ 259.694643][ T27] audit: type=1326 audit(261.330:3343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9327 comm="syz.0.1211" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6435f8f749 code=0x7ffc0000 [ 259.782279][ T9331] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1212'. [ 260.028927][ T9337] netlink: 'syz.5.1215': attribute type 3 has an invalid length. [ 260.057142][ T9339] IPVS: sync thread started: state = BACKUP, mcast_ifn = macvlan0, syncid = 0, id = 0 [ 260.072949][ T9336] IPVS: stopping backup sync thread 9339 ... [ 260.275563][ T9347] loop5: detected capacity change from 0 to 1024 [ 260.305420][ T9347] EXT4-fs: Ignoring removed mblk_io_submit option [ 260.321270][ T9347] EXT4-fs: Ignoring removed nomblk_io_submit option [ 260.374900][ T9347] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 261.016856][ T7582] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 261.415518][ T8455] usb 6-1: new full-speed USB device number 2 using dummy_hcd [ 261.458327][ T9381] syzkaller1: entered promiscuous mode [ 261.484567][ T9381] syzkaller1: entered allmulticast mode [ 261.576974][ T8455] usb 6-1: device descriptor read/64, error -71 [ 261.753615][ T9391] netlink: 9 bytes leftover after parsing attributes in process `syz.1.1236'. [ 261.774867][ T9391] netlink: 9 bytes leftover after parsing attributes in process `syz.1.1236'. [ 261.834305][ T8455] usb 6-1: new full-speed USB device number 3 using dummy_hcd [ 261.997480][ T8455] usb 6-1: device descriptor read/64, error -71 [ 262.111872][ T8455] usb usb6-port1: attempt power cycle [ 262.520137][ T8455] usb 6-1: new full-speed USB device number 4 using dummy_hcd [ 262.564427][ T9422] netlink: 'syz.4.1244': attribute type 10 has an invalid length. [ 262.567990][ T8455] usb 6-1: device descriptor read/8, error -71 [ 262.584717][ T9422] bridge0: port 2(bridge_slave_1) entered disabled state [ 262.592901][ T9422] bridge0: port 1(bridge_slave_0) entered disabled state [ 262.644857][ T9422] bridge0: port 2(bridge_slave_1) entered blocking state [ 262.652176][ T9422] bridge0: port 2(bridge_slave_1) entered forwarding state [ 262.660086][ T9422] bridge0: port 1(bridge_slave_0) entered blocking state [ 262.667337][ T9422] bridge0: port 1(bridge_slave_0) entered forwarding state [ 262.701263][ T9422] bond0: (slave bridge0): Enslaving as an active interface with an up link [ 262.843728][ T8455] usb 6-1: new full-speed USB device number 5 using dummy_hcd [ 262.892820][ T8455] usb 6-1: device descriptor read/8, error -71 [ 263.006203][ T8455] usb usb6-port1: unable to enumerate USB device [ 263.966011][ T9453] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 264.232928][ T9453] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 264.377923][ T5778] Bluetooth: hci4: sending frame failed (-49) [ 264.386239][ T51] Bluetooth: hci4: Opcode 0x1003 failed: -49 [ 264.477442][ T9453] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 264.577725][ T27] kauditd_printk_skb: 420 callbacks suppressed [ 264.577740][ T27] audit: type=1326 audit(266.527:3764): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9454 comm="syz.1.1258" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd26d8f749 code=0x7ffc0000 [ 264.731257][ T27] audit: type=1326 audit(266.527:3765): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9454 comm="syz.1.1258" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd26d8f749 code=0x7ffc0000 [ 264.770272][ T9453] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 264.999290][ T27] audit: type=1326 audit(266.957:3766): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9459 comm="syz.1.1260" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd26d8f749 code=0x7ffc0000 [ 265.086005][ T27] audit: type=1326 audit(266.968:3767): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9459 comm="syz.1.1260" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd26d8f749 code=0x7ffc0000 [ 265.164630][ T9453] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 265.183713][ T27] audit: type=1326 audit(266.989:3768): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9459 comm="syz.1.1260" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdd26d8f749 code=0x7ffc0000 [ 265.249769][ T9453] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 265.271928][ T27] audit: type=1326 audit(266.989:3769): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9459 comm="syz.1.1260" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd26d8f749 code=0x7ffc0000 [ 265.294877][ T27] audit: type=1326 audit(266.989:3770): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9459 comm="syz.1.1260" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd26d8f749 code=0x7ffc0000 [ 265.316926][ T27] audit: type=1326 audit(266.989:3771): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9459 comm="syz.1.1260" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdd26d8f749 code=0x7ffc0000 [ 265.355092][ T9453] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 265.363937][ T27] audit: type=1326 audit(267.010:3772): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9459 comm="syz.1.1260" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd26d8f749 code=0x7ffc0000 [ 265.400757][ T9453] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 265.409310][ T27] audit: type=1326 audit(267.010:3773): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9459 comm="syz.1.1260" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdd26d8f749 code=0x7ffc0000 [ 266.574600][ T9501] bridge0: port 3(batadv1) entered blocking state [ 266.584052][ T9501] bridge0: port 3(batadv1) entered disabled state [ 266.592337][ T9501] batadv1: entered allmulticast mode [ 266.606603][ T9501] batadv1: entered promiscuous mode [ 266.636151][ T9503] loop9: detected capacity change from 0 to 7 [ 266.653068][ C0] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 266.662328][ C0] buffer_io_error: 1030 callbacks suppressed [ 266.662344][ C0] Buffer I/O error on dev loop9, logical block 0, async page read [ 266.682645][ C0] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 266.691966][ C0] Buffer I/O error on dev loop9, logical block 0, async page read [ 266.704275][ C1] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 266.713692][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 266.725485][ C1] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 266.734806][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 266.743105][ C0] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 266.752421][ C0] Buffer I/O error on dev loop9, logical block 0, async page read [ 266.768394][ C0] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 266.777783][ C0] Buffer I/O error on dev loop9, logical block 0, async page read [ 266.786168][ C1] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 266.795510][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 266.803652][ T9503] ldm_validate_partition_table(): Disk read failed. [ 266.832353][ C1] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 266.841682][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 266.863752][ C1] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 266.873081][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 266.883279][ C1] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 266.892600][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 266.901590][ T9503] Dev loop9: unable to read RDB block 0 [ 266.936273][ T9503] loop9: unable to read partition table [ 266.948589][ T9503] loop9: partition table beyond EOD, truncated [ 266.955442][ T9507] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1281'. [ 266.978048][ T9503] loop_reread_partitions: partition scan of loop9 (被xڬdGݡ [ 266.978048][ T9503] ) failed (rc=-5) [ 267.035585][ T62] batman_adv: batadv1: No IGMP Querier present - multicast optimizations disabled [ 267.045614][ T62] batman_adv: batadv1: No MLD Querier present - multicast optimizations disabled [ 267.345486][ T9519] sd 0:0:1:0: device reset [ 267.439467][ T9525] netlink: 'syz.4.1290': attribute type 3 has an invalid length. [ 267.546502][ T9528] loop1: detected capacity change from 0 to 512 [ 267.567804][ T9528] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 267.671948][ T9528] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 267.840250][ T9539] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1294'. [ 267.852185][ T9539] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1294'. [ 268.022736][ T5770] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 268.028128][ T9545] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1296'. [ 268.196260][ T9548] syz.1.1297[9548] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 268.196785][ T9548] syz.1.1297[9548] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 268.320545][ T9554] loop4: detected capacity change from 0 to 512 [ 268.366222][ T9554] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 268.400851][ T9554] EXT4-fs (loop4): 1 truncate cleaned up [ 268.418266][ T9554] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 268.553434][ T6485] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 268.670856][ T9567] netlink: 148 bytes leftover after parsing attributes in process `syz.4.1304'. [ 268.761645][ T9571] loop1: detected capacity change from 0 to 512 [ 268.782715][ T9571] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 268.824654][ T9571] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 268.867848][ T9571] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 269.060091][ T9583] tipc: Can't bind to reserved service type 2 [ 269.156412][ T9585] 9pnet_fd: Insufficient options for proto=fd [ 269.297861][ T9589] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1314'. [ 269.667371][ T9598] capability: warning: `syz.0.1318' uses 32-bit capabilities (legacy support in use) [ 270.025063][ T9578] warn_alloc: 3 callbacks suppressed [ 270.025079][ T9578] syz.4.1308: vmalloc error: size 536870912, failed to allocated page array size 1048576, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=syz4,mems_allowed=0-1 [ 270.121844][ T9578] CPU: 0 PID: 9578 Comm: syz.4.1308 Not tainted syzkaller #0 [ 270.129306][ T9578] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 270.139508][ T9578] Call Trace: [ 270.142824][ T9578] [ 270.145791][ T9578] dump_stack_lvl+0x16c/0x230 [ 270.150542][ T9578] ? show_regs_print_info+0x20/0x20 [ 270.155799][ T9578] ? load_image+0x3b0/0x3b0 [ 270.160364][ T9578] ? cpuset_print_current_mems_allowed+0x1f/0x360 [ 270.166825][ T9578] ? cpuset_print_current_mems_allowed+0x2e3/0x360 [ 270.173382][ T9578] warn_alloc+0x210/0x300 [ 270.177791][ T9578] ? zone_watermark_ok_safe+0x230/0x230 [ 270.183407][ T9578] ? _raw_spin_unlock+0x28/0x40 [ 270.188315][ T9578] __vmalloc_node_range+0x662/0x1320 [ 270.193653][ T9578] ? __asan_memset+0x22/0x40 [ 270.198340][ T9578] ? free_vm_area+0x50/0x50 [ 270.202908][ T9578] ? kvmalloc_node+0x70/0x180 [ 270.207640][ T9578] ? rcu_is_watching+0x15/0xb0 [ 270.212496][ T9578] ? kvmalloc_node+0x70/0x180 [ 270.217226][ T9578] ? trace_kmalloc+0x1f/0xa0 [ 270.221868][ T9578] kvmalloc_node+0x13f/0x180 [ 270.226498][ T9578] ? translate_table+0x19c/0x2020 [ 270.231554][ T9578] translate_table+0x19c/0x2020 [ 270.236455][ T9578] ? ip6t_register_table+0x7b0/0x7b0 [ 270.241863][ T9578] ? __might_fault+0xaa/0x120 [ 270.246565][ T9578] ? __lock_acquire+0x7c80/0x7c80 [ 270.251615][ T9578] ? __virt_addr_valid+0x18c/0x540 [ 270.256763][ T9578] ? __might_fault+0xaa/0x120 [ 270.261466][ T9578] ? __might_fault+0xc6/0x120 [ 270.266163][ T9578] ? __might_fault+0xaa/0x120 [ 270.270877][ T9578] do_ip6t_set_ctl+0x969/0xcd0 [ 270.275692][ T9578] ? ip6t_unregister_table_exit+0x230/0x230 [ 270.281653][ T9578] ? __lock_acquire+0x7c80/0x7c80 [ 270.286734][ T9578] ? rcu_is_watching+0x15/0xb0 [ 270.291579][ T9578] ? trace_contention_end+0x39/0xe0 [ 270.296832][ T9578] ? __mutex_unlock_slowpath+0x1a2/0x6a0 [ 270.302504][ T9578] ? mutex_unlock+0x10/0x10 [ 270.307066][ T9578] ? __might_sleep+0xe0/0xe0 [ 270.311692][ T9578] ? mutex_lock_nested+0x20/0x20 [ 270.316676][ T9578] nf_setsockopt+0x263/0x280 [ 270.321305][ T9578] ? sock_common_recvmsg+0x1b0/0x1b0 [ 270.326632][ T9578] smc_setsockopt+0x229/0xab0 [ 270.331354][ T9578] ? smc_shutdown+0x9b0/0x9b0 [ 270.336058][ T9578] ? __fget_files+0x28/0x4d0 [ 270.340686][ T9578] ? bpf_lsm_socket_setsockopt+0x9/0x10 [ 270.346265][ T9578] ? security_socket_setsockopt+0x7e/0xa0 [ 270.352010][ T9578] ? smc_shutdown+0x9b0/0x9b0 [ 270.356716][ T9578] do_sock_setsockopt+0x175/0x1a0 [ 270.361779][ T9578] ? __fdget+0x180/0x210 [ 270.366066][ T9578] __x64_sys_setsockopt+0x184/0x200 [ 270.371303][ T9578] do_syscall_64+0x55/0xb0 [ 270.375742][ T9578] ? clear_bhb_loop+0x40/0x90 [ 270.380460][ T9578] ? clear_bhb_loop+0x40/0x90 [ 270.385175][ T9578] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 270.391103][ T9578] RIP: 0033:0x7ff81638f749 [ 270.395544][ T9578] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 270.415541][ T9578] RSP: 002b:00007ff8171ca038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 270.423992][ T9578] RAX: ffffffffffffffda RBX: 00007ff8165e5fa0 RCX: 00007ff81638f749 [ 270.432006][ T9578] RDX: 0000000000000040 RSI: 0000000000000029 RDI: 0000000000000003 [ 270.440001][ T9578] RBP: 00007ff816413f91 R08: 0000000000000330 R09: 0000000000000000 [ 270.448003][ T9578] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000 [ 270.456001][ T9578] R13: 00007ff8165e6038 R14: 00007ff8165e5fa0 R15: 00007ffe9d9551c8 [ 270.464010][ T9578] [ 270.543559][ T9578] Mem-Info: [ 270.547202][ T9578] active_anon:4837 inactive_anon:0 isolated_anon:0 [ 270.547202][ T9578] active_file:12293 inactive_file:40484 isolated_file:0 [ 270.547202][ T9578] unevictable:768 dirty:24 writeback:0 [ 270.547202][ T9578] slab_reclaimable:10834 slab_unreclaimable:96725 [ 270.547202][ T9578] mapped:23972 shmem:1374 pagetables:618 [ 270.547202][ T9578] sec_pagetables:0 bounce:0 [ 270.547202][ T9578] kernel_misc_reclaimable:0 [ 270.547202][ T9578] free:1333788 free_pcp:8324 free_cma:0 [ 270.608590][ T9578] Node 0 active_anon:19348kB inactive_anon:0kB active_file:49172kB inactive_file:161732kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:95888kB dirty:92kB writeback:0kB shmem:3960kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:12236kB pagetables:2572kB sec_pagetables:0kB all_unreclaimable? no [ 270.642937][ T9578] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no [ 270.726622][ T9578] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 270.726740][ T9578] lowmem_reserve[]: 0 2525 2526 2526 2526 [ 270.726792][ T9578] Node 0 DMA32 free:1422620kB boost:0kB min:34676kB low:43344kB high:52012kB reserved_highatomic:0KB active_anon:19600kB inactive_anon:0kB active_file:49172kB inactive_file:160416kB unevictable:1536kB writepending:92kB present:3129332kB managed:2589640kB mlocked:0kB bounce:0kB free_pcp:13208kB local_pcp:2236kB free_cma:0kB [ 270.726856][ T9578] lowmem_reserve[]: 0 0 1 1 1 [ 270.726903][ T9578] Node 0 Normal free:16kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB active_anon:48kB inactive_anon:0kB active_file:0kB inactive_file:1316kB unevictable:0kB writepending:0kB present:1048576kB managed:1384kB mlocked:0kB bounce:0kB free_pcp:4kB local_pcp:0kB free_cma:0kB [ 270.726962][ T9578] lowmem_reserve[]: 0 0 0 0 0 [ 270.727010][ T9578] Node 1 Normal free:3896932kB boost:0kB min:55208kB low:69008kB high:82808kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB writepending:4kB present:4194304kB managed:4117312kB mlocked:0kB bounce:0kB free_pcp:19812kB local_pcp:5376kB free_cma:0kB [ 270.727072][ T9578] lowmem_reserve[]: 0 0 0 0 0 [ 270.727119][ T9578] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 270.727277][ T9578] Node 0 DMA32: 27*4kB (ME) 662*8kB (UME) 664*16kB (UME) 542*32kB (UME) 1066*64kB (UME) 718*128kB (UME) 401*256kB (UM) 260*512kB (UME) 184*1024kB (UM) 7*2048kB (UM) 193*4096kB (UM) = 1422556kB [ 270.727495][ T9578] Node 0 Normal: 0*4kB 0*8kB 1*16kB (M) 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 16kB [ 270.727631][ T9578] Node 1 Normal: 235*4kB (UME) 55*8kB (UME) 38*16kB (UME) 119*32kB (UME) 33*64kB (UME) 9*128kB (UME) 3*256kB (UM) 2*512kB (UE) 1*1024kB (U) 1*2048kB (E) 948*4096kB (M) = 3896932kB [ 270.727849][ T9578] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 270.727868][ T9578] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB [ 270.727885][ T9578] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 270.727903][ T9578] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 270.727920][ T9578] 54145 total pagecache pages [ 270.727929][ T9578] 0 pages in swap cache [ 270.727937][ T9578] Free swap = 124440kB [ 270.727946][ T9578] Total swap = 124996kB [ 270.727955][ T9578] 2097051 pages RAM [ 270.727964][ T9578] 0 pages HighMem/MovableOnly [ 270.727972][ T9578] 416127 pages reserved [ 270.727980][ T9578] 0 pages cma reserved [ 270.957551][ T9622] usb usb6: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 271.167469][ T9625] sd 0:0:1:0: device reset [ 271.718831][ T27] kauditd_printk_skb: 269 callbacks suppressed [ 271.718848][ T27] audit: type=1326 audit(274.012:4043): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9628 comm="syz.0.1332" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6435f8f749 code=0x7ffc0000 [ 271.796536][ T27] audit: type=1326 audit(274.012:4044): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9628 comm="syz.0.1332" exe="/root/syz-executor" sig=0 arch=c000003e syscall=206 compat=0 ip=0x7f6435f8f749 code=0x7ffc0000 [ 271.858652][ T27] audit: type=1326 audit(274.012:4045): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9628 comm="syz.0.1332" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6435f8f749 code=0x7ffc0000 [ 271.915393][ T27] audit: type=1326 audit(274.012:4046): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9628 comm="syz.0.1332" exe="/root/syz-executor" sig=0 arch=c000003e syscall=333 compat=0 ip=0x7f6435f8f749 code=0x7ffc0000 [ 271.984345][ T27] audit: type=1326 audit(274.012:4047): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9628 comm="syz.0.1332" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6435f8f749 code=0x7ffc0000 [ 272.030324][ T27] audit: type=1326 audit(274.012:4048): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9628 comm="syz.0.1332" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6435f8f749 code=0x7ffc0000 [ 272.097192][ T27] audit: type=1326 audit(274.012:4049): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9628 comm="syz.0.1332" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6435f8f749 code=0x7ffc0000 [ 272.132589][ T27] audit: type=1326 audit(274.043:4050): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9628 comm="syz.0.1332" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6435f8f749 code=0x7ffc0000 [ 272.183534][ T27] audit: type=1326 audit(274.043:4051): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9628 comm="syz.0.1332" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6435f8f749 code=0x7ffc0000 [ 272.239564][ T27] audit: type=1326 audit(274.043:4052): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9628 comm="syz.0.1332" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6435f8f749 code=0x7ffc0000 [ 272.399388][ T9629] bridge0: port 2(bridge_slave_1) entered disabled state [ 272.407593][ T9629] bridge0: port 1(bridge_slave_0) entered disabled state [ 272.561523][ T9629] 0X: left allmulticast mode [ 273.376672][ T9629] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 273.471520][ T9629] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 273.548207][ T9636] netlink: 14 bytes leftover after parsing attributes in process `syz.1.1335'. [ 274.078139][ T9652] loop4: detected capacity change from 0 to 2048 [ 274.152289][ T9652] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 274.292163][ T6485] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 274.500375][ T9629] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 274.519663][ T9629] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 274.537835][ T9660] loop4: detected capacity change from 0 to 512 [ 274.540283][ T9629] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 274.574300][ T9629] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 274.576676][ T9660] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 274.639120][ T9660] EXT4-fs (loop4): 1 truncate cleaned up [ 274.653611][ T9660] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 274.738118][ T6485] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 275.009340][ T9629] ip6gre1: left promiscuous mode [ 275.014473][ T9629] ip6gre1: left allmulticast mode [ 275.249855][ T9673] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1347'. [ 275.601678][ T9684] loop4: detected capacity change from 0 to 512 [ 276.319440][ T9684] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 276.438684][ T9684] EXT4-fs error (device loop4): ext4_xattr_block_get:600: inode #12: comm syz.4.1353: corrupted xattr block 6: invalid header [ 276.569071][ T6485] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 276.637755][ T27] kauditd_printk_skb: 16 callbacks suppressed [ 276.637772][ T27] audit: type=1326 audit(279.166:4069): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9698 comm="syz.0.1359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6435f8f749 code=0x7ffc0000 [ 276.711435][ T27] audit: type=1326 audit(279.166:4070): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9698 comm="syz.0.1359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f6435f8f749 code=0x7ffc0000 [ 276.761189][ T27] audit: type=1326 audit(279.166:4071): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9698 comm="syz.0.1359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6435f8f749 code=0x7ffc0000 [ 276.827623][ T27] audit: type=1326 audit(279.166:4072): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9698 comm="syz.0.1359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f6435f8f749 code=0x7ffc0000 [ 276.874623][ T27] audit: type=1326 audit(279.166:4073): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9698 comm="syz.0.1359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6435f8f749 code=0x7ffc0000 [ 276.907548][ T27] audit: type=1326 audit(279.177:4074): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9698 comm="syz.0.1359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f6435f8f749 code=0x7ffc0000 [ 276.936455][ T27] audit: type=1326 audit(279.177:4075): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9698 comm="syz.0.1359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6435f8f749 code=0x7ffc0000 [ 276.963144][ T27] audit: type=1326 audit(279.177:4076): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9698 comm="syz.0.1359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6435f8f749 code=0x7ffc0000 [ 276.996893][ T9703] loop4: detected capacity change from 0 to 1024 [ 277.014778][ T9703] EXT4-fs: Ignoring removed nomblk_io_submit option [ 277.018730][ T27] audit: type=1326 audit(279.177:4077): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9698 comm="syz.0.1359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=223 compat=0 ip=0x7f6435f8f749 code=0x7ffc0000 [ 277.044881][ T27] audit: type=1326 audit(279.177:4078): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9698 comm="syz.0.1359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6435f8f749 code=0x7ffc0000 [ 277.099356][ T9703] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 277.188878][ T6485] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 279.416947][ T9737] loop1: detected capacity change from 0 to 512 [ 279.448118][ T9737] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 279.534754][ T9737] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 280.058873][ T5770] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 280.230472][ T9771] support for cryptoloop has been removed. Use dm-crypt instead. [ 280.284547][ T9771] loop4: detected capacity change from 0 to 164 [ 280.325819][ T9767] loop5: detected capacity change from 0 to 2048 [ 280.335342][ T9771] rock: directory entry would overflow storage [ 280.343986][ T9771] rock: sig=0x4543, size=28, remaining=18 [ 280.388133][ T9767] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 280.541890][ T7582] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 281.122437][ T9796] loop4: detected capacity change from 0 to 1024 [ 281.220348][ T9796] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 281.282938][ T6485] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 281.517300][ T27] kauditd_printk_skb: 239 callbacks suppressed [ 281.517317][ T27] audit: type=1326 audit(284.300:4318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9809 comm="syz.5.1403" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f29f3f8f749 code=0x7ffc0000 [ 281.561384][ T27] audit: type=1326 audit(284.331:4319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9809 comm="syz.5.1403" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f29f3f8f749 code=0x7ffc0000 [ 281.628264][ T9814] wireguard0: entered promiscuous mode [ 281.632674][ T27] audit: type=1326 audit(284.331:4320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9809 comm="syz.5.1403" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f29f3f8f749 code=0x7ffc0000 [ 281.656277][ T27] audit: type=1326 audit(284.331:4321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9809 comm="syz.5.1403" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f29f3f8f749 code=0x7ffc0000 [ 281.678860][ T27] audit: type=1326 audit(284.342:4322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9809 comm="syz.5.1403" exe="/root/syz-executor" sig=0 arch=c000003e syscall=116 compat=0 ip=0x7f29f3f8f749 code=0x7ffc0000 [ 281.750633][ T27] audit: type=1326 audit(284.342:4323): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9809 comm="syz.5.1403" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f29f3f8f749 code=0x7ffc0000 [ 281.857778][ T27] audit: type=1326 audit(284.342:4324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9809 comm="syz.5.1403" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f29f3f8f749 code=0x7ffc0000 [ 281.891993][ T27] audit: type=1326 audit(284.352:4325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9809 comm="syz.5.1403" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f29f3f8f749 code=0x7ffc0000 [ 281.915189][ T27] audit: type=1326 audit(284.352:4326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9809 comm="syz.5.1403" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f29f3f8f749 code=0x7ffc0000 [ 281.937437][ T27] audit: type=1326 audit(284.384:4327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9809 comm="syz.5.1403" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f29f3f8f749 code=0x7ffc0000 [ 283.648224][ T9871] loop5: detected capacity change from 0 to 512 [ 283.673406][ T9872] loop1: detected capacity change from 0 to 512 [ 283.687275][ T9872] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 283.728460][ T9872] EXT4-fs error (device loop1): ext4_do_update_inode:5244: inode #3: comm syz.1.1425: corrupted inode contents [ 283.799100][ T9872] EXT4-fs (loop1): Remounting filesystem read-only [ 283.845236][ T9872] EXT4-fs (loop1): 1 truncate cleaned up [ 283.873022][ T9872] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 283.914603][ T9876] netdevsim netdevsim5: Direct firmware load for ./file1 failed with error -2 [ 283.934040][ T9876] netdevsim netdevsim5: Falling back to sysfs fallback for: ./file1 [ 283.955401][ T5770] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 284.268507][ T9884] syzkaller0: entered promiscuous mode [ 284.275417][ T9884] syzkaller0: entered allmulticast mode [ 285.804444][ T9914] loop4: detected capacity change from 0 to 164 [ 285.967151][ T6698] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 286.030835][ T6698] hid-generic 0000:0000:0000.0003: hidraw0: HID v0.00 Device [syz1] on syz0 [ 286.235775][ T9926] loop5: detected capacity change from 0 to 512 [ 286.277412][ T9926] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 286.357190][ T9926] EXT4-fs (loop5): 1 truncate cleaned up [ 286.366005][ T9926] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 286.461824][ T7582] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 286.990620][ T27] kauditd_printk_skb: 107 callbacks suppressed [ 286.990636][ T27] audit: type=1326 audit(290.042:4433): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9947 comm="syz.4.1456" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff81638f749 code=0x7ffc0000 [ 287.071083][ T27] audit: type=1326 audit(290.095:4434): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9947 comm="syz.4.1456" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff81638f749 code=0x7ffc0000 [ 287.403150][ T9960] syz.4.1460[9960] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 287.403305][ T9960] syz.4.1460[9960] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 287.424124][ T9960] !yz!: rxe_newlink: already configured on team_slave_0 [ 287.460922][ T9960] loop4: detected capacity change from 0 to 1024 [ 287.468959][ T9960] EXT4-fs: Ignoring removed nobh option [ 287.475639][ T9960] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 287.486954][ T9960] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869) [ 287.497383][ T9960] EXT4-fs error (device loop4): ext4_get_journal_inode:5800: comm syz.4.1460: inode #4294967295: comm syz.4.1460: iget: illegal inode # [ 287.511736][ T9960] EXT4-fs (loop4): no journal found [ 287.518183][ T9960] EXT4-fs (loop4): can't get journal size [ 287.529190][ T9960] EXT4-fs (loop4): failed to initialize system zone (-22) [ 287.536785][ T9960] EXT4-fs (loop4): mount failed [ 288.193867][ T9966] loop4: detected capacity change from 0 to 512 [ 288.295532][ T9966] EXT4-fs (loop4): 1 orphan inode deleted [ 288.303672][ T9966] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 288.328603][ T9966] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 288.399718][ T9971] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1462'. [ 289.328150][ T9954] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1457'. [ 289.338607][ T9964] netlink: 'syz.4.1460': attribute type 13 has an invalid length. [ 289.474031][ T9973] loop5: detected capacity change from 0 to 1024 [ 289.492269][ T9975] netlink: 9 bytes leftover after parsing attributes in process `syz.1.1464'. [ 289.525817][ T9973] EXT4-fs (loop5): can't mount with journal_async_commit, fs mounted w/o journal [ 289.537646][ T9975] netlink: 9 bytes leftover after parsing attributes in process `syz.1.1464'. [ 290.068168][ T9964] bridge0: port 2(bridge_slave_1) entered disabled state [ 290.075743][ T9964] bridge0: port 1(bridge_slave_0) entered disabled state [ 290.546642][ T9964] infiniband !yz!: set down [ 290.591039][ T9964] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 290.621476][ T9964] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 290.794420][ T9964] netdevsim netdevsim4 eth0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 290.806951][ T9964] netdevsim netdevsim4 eth1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 290.816135][ T9964] netdevsim netdevsim4 eth2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 290.830531][ T9964] netdevsim netdevsim4 eth3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 290.989019][ T9985] Falling back ldisc for ptm0. [ 291.392489][ T27] audit: type=1326 audit(294.661:4435): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10004 comm="syz.1.1472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd26d8f749 code=0x7ffc0000 [ 291.434257][T10006] loop1: detected capacity change from 0 to 164 [ 291.452817][T10005] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1473'. [ 291.466525][ T27] audit: type=1326 audit(294.672:4436): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10004 comm="syz.1.1472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd26d8f749 code=0x7ffc0000 [ 291.499910][T10006] iso9660: Corrupted directory entry in block 2 of inode 1792 [ 291.522871][ T27] audit: type=1326 audit(294.672:4437): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10004 comm="syz.1.1472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdd26d8f749 code=0x7ffc0000 [ 291.555562][ T27] audit: type=1326 audit(294.682:4438): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10004 comm="syz.1.1472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd26d8f749 code=0x7ffc0000 [ 291.581058][ T27] audit: type=1326 audit(294.682:4439): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10004 comm="syz.1.1472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd26d8f749 code=0x7ffc0000 [ 291.597530][T10005] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1473'. [ 291.613777][ T27] audit: type=1326 audit(294.682:4440): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10004 comm="syz.1.1472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fdd26d8df90 code=0x7ffc0000 [ 291.644458][ T27] audit: type=1326 audit(294.682:4441): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10004 comm="syz.1.1472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd26d8f749 code=0x7ffc0000 [ 291.669237][ T27] audit: type=1326 audit(294.682:4442): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10004 comm="syz.1.1472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7fdd26d8f749 code=0x7ffc0000 [ 291.730836][T10015] loop5: detected capacity change from 0 to 512 [ 291.761849][ T27] kauditd_printk_skb: 82 callbacks suppressed [ 291.761865][ T27] audit: type=1326 audit(295.050:4525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10004 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fdd26d865e7 code=0x7ffc0000 [ 291.790818][ T27] audit: type=1326 audit(295.050:4526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10004 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fdd26d2b829 code=0x7ffc0000 [ 291.813643][T10015] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 291.814251][ T27] audit: type=1326 audit(295.050:4527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10004 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd26d8f749 code=0x7ffc0000 [ 291.848456][ T27] audit: type=1326 audit(295.071:4528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10004 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fdd26d865e7 code=0x7ffc0000 [ 291.869962][ T27] audit: type=1326 audit(295.071:4529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10004 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fdd26d2b829 code=0x7ffc0000 [ 291.891382][ T27] audit: type=1326 audit(295.071:4530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10004 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd26d8f749 code=0x7ffc0000 [ 291.913870][ T27] audit: type=1326 audit(295.071:4531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10004 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fdd26d865e7 code=0x7ffc0000 [ 291.943343][ T27] audit: type=1326 audit(295.071:4532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10004 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fdd26d2b829 code=0x7ffc0000 [ 291.976526][ T27] audit: type=1326 audit(295.071:4533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10004 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd26d8f749 code=0x7ffc0000 [ 292.004338][ T27] audit: type=1326 audit(295.071:4534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10004 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fdd26d865e7 code=0x7ffc0000 [ 292.195566][T10024] 9pnet: p9_errstr2errno: server reported unknown error [ 292.355597][ T7582] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 292.475038][T10039] loop5: detected capacity change from 0 to 512 [ 292.570395][T10039] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 294.126166][T10051] vlan2: entered allmulticast mode [ 295.341085][ T7582] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 295.541549][T10061] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1492'. [ 296.880683][T10092] loop5: detected capacity change from 0 to 512 [ 296.923101][T10092] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 297.068117][T10092] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 297.497970][ T51] Bluetooth: hci4: command 0x1003 tx timeout [ 297.507347][ T5778] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 298.080832][T10108] loop1: detected capacity change from 0 to 512 [ 298.118475][T10108] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 298.195356][T10108] EXT4-fs (loop1): 1 truncate cleaned up [ 298.222949][T10108] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 298.395574][ T27] kauditd_printk_skb: 253 callbacks suppressed [ 298.395592][ T27] audit: type=1326 audit(302.010:4787): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10112 comm="syz.4.1513" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff81638f749 code=0x7ffc0000 [ 298.532365][ T27] audit: type=1326 audit(302.010:4788): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10112 comm="syz.4.1513" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff81638f749 code=0x7ffc0000 [ 298.617867][ T27] audit: type=1326 audit(302.010:4789): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10112 comm="syz.4.1513" exe="/root/syz-executor" sig=0 arch=c000003e syscall=442 compat=0 ip=0x7ff81638f749 code=0x7ffc0000 [ 298.688778][T10115] random: crng reseeded on system resumption [ 298.706812][ T5770] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 298.719675][ T27] audit: type=1326 audit(302.010:4790): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10112 comm="syz.4.1513" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff81638f749 code=0x7ffc0000 [ 298.827863][ T27] audit: type=1326 audit(302.010:4791): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10112 comm="syz.4.1513" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff81638f749 code=0x7ffc0000 [ 299.437140][ T7582] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 299.579935][T10122] netlink: 96 bytes leftover after parsing attributes in process `syz.1.1514'. [ 299.760950][ T27] audit: type=1326 audit(303.448:4792): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10126 comm="syz.5.1521" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f29f3f8f749 code=0x7ffc0000 [ 299.822342][ T27] audit: type=1326 audit(303.459:4793): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10126 comm="syz.5.1521" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f29f3f8f749 code=0x7ffc0000 [ 299.894115][ T27] audit: type=1326 audit(303.459:4794): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10126 comm="syz.5.1521" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f29f3f8f749 code=0x7ffc0000 [ 299.938096][ T27] audit: type=1326 audit(303.459:4795): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10126 comm="syz.5.1521" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f29f3f8f749 code=0x7ffc0000 [ 299.967660][T10133] netlink: 64 bytes leftover after parsing attributes in process `syz.4.1523'. [ 299.986749][ T27] audit: type=1326 audit(303.459:4796): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10126 comm="syz.5.1521" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f29f3f8f749 code=0x7ffc0000 [ 300.054302][T10136] binfmt_misc: register: failed to install interpreter file ./file0 [ 300.588238][T10158] loop4: detected capacity change from 0 to 512 [ 300.646482][T10164] syz.1.1536[10164] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 300.646649][T10164] syz.1.1536[10164] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 300.667771][T10158] [ 300.681547][T10158] ====================================================== [ 300.688636][T10158] WARNING: possible circular locking dependency detected [ 300.695716][T10158] syzkaller #0 Not tainted [ 300.700236][T10158] ------------------------------------------------------ [ 300.707281][T10158] syz.4.1534/10158 is trying to acquire lock: [ 300.713365][T10158] ffff88802f9b8bd8 (&sbi->s_writepages_rwsem){++++}-{0:0}, at: ext4_writepages+0x170/0x2f0 [ 300.723533][T10158] [ 300.723533][T10158] but task is already holding lock: [ 300.730922][T10158] ffff88805abceec8 (&ei->xattr_sem){++++}-{3:3}, at: __ext4_mark_inode_dirty+0x3dc/0x6e0 [ 300.740791][T10158] [ 300.740791][T10158] which lock already depends on the new lock. [ 300.740791][T10158] [ 300.751208][T10158] [ 300.751208][T10158] the existing dependency chain (in reverse order) is: [ 300.760243][T10158] [ 300.760243][T10158] -> #1 (&ei->xattr_sem){++++}-{3:3}: [ 300.767843][T10158] down_write+0x97/0x1f0 [ 300.772640][T10158] ext4_destroy_inline_data+0x28/0xe0 [ 300.778571][T10158] ext4_do_writepages+0x4c2/0x38d0 [ 300.784236][T10158] ext4_writepages+0x1a8/0x2f0 [ 300.789589][T10158] do_writepages+0x3a2/0x600 [ 300.794733][T10158] __writeback_single_inode+0x153/0xee0 [ 300.800836][T10158] writeback_sb_inodes+0x77c/0xef0 [ 300.806506][T10158] wb_writeback+0x450/0xba0 [ 300.811554][T10158] wb_workfn+0x3ff/0xe20 [ 300.816431][T10158] process_scheduled_works+0xa45/0x15b0 [ 300.822555][T10158] worker_thread+0xa55/0xfc0 [ 300.827686][T10158] kthread+0x2fa/0x390 [ 300.832380][T10158] ret_from_fork+0x48/0x80 [ 300.837340][T10158] ret_from_fork_asm+0x11/0x20 [ 300.842658][T10158] [ 300.842658][T10158] -> #0 (&sbi->s_writepages_rwsem){++++}-{0:0}: [ 300.851111][T10158] __lock_acquire+0x2ddb/0x7c80 [ 300.856509][T10158] lock_acquire+0x197/0x410 [ 300.861565][T10158] percpu_down_read+0x44/0x1a0 [ 300.866881][T10158] ext4_writepages+0x170/0x2f0 [ 300.872207][T10158] do_writepages+0x3a2/0x600 [ 300.877442][T10158] __writeback_single_inode+0x153/0xee0 [ 300.883542][T10158] writeback_single_inode+0x211/0x720 [ 300.889468][T10158] write_inode_now+0x161/0x1e0 [ 300.894777][T10158] iput+0x5b2/0x920 [ 300.899174][T10158] ext4_xattr_block_set+0x273a/0x32a0 [ 300.905104][T10158] ext4_expand_extra_isize_ea+0x10ea/0x19e0 [ 300.911595][T10158] __ext4_expand_extra_isize+0x306/0x400 [ 300.917868][T10158] __ext4_mark_inode_dirty+0x45d/0x6e0 [ 300.923889][T10158] ext4_evict_inode+0x7ed/0xea0 [ 300.929312][T10158] evict+0x486/0x870 [ 300.933769][T10158] ext4_orphan_cleanup+0xbd4/0x1400 [ 300.939535][T10158] ext4_fill_super+0x5de4/0x66c0 [ 300.945048][T10158] get_tree_bdev+0x3e4/0x510 [ 300.950179][T10158] vfs_get_tree+0x8c/0x280 [ 300.955137][T10158] do_new_mount+0x24b/0xa40 [ 300.960188][T10158] __se_sys_mount+0x2da/0x3c0 [ 300.965492][T10158] do_syscall_64+0x55/0xb0 [ 300.970446][T10158] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 300.976886][T10158] [ 300.976886][T10158] other info that might help us debug this: [ 300.976886][T10158] [ 300.987132][T10158] Possible unsafe locking scenario: [ 300.987132][T10158] [ 300.994600][T10158] CPU0 CPU1 [ 300.999978][T10158] ---- ---- [ 301.005357][T10158] lock(&ei->xattr_sem); [ 301.009712][T10158] lock(&sbi->s_writepages_rwsem); [ 301.017451][T10158] lock(&ei->xattr_sem); [ 301.024665][T10158] rlock(&sbi->s_writepages_rwsem); [ 301.029968][T10158] [ 301.029968][T10158] *** DEADLOCK *** [ 301.029968][T10158] [ 301.038137][T10158] 3 locks held by syz.4.1534/10158: [ 301.043436][T10158] #0: ffff88805c7a80e0 (&type->s_umount_key#32){++++}-{3:3}, at: get_tree_bdev+0x344/0x510 [ 301.053561][T10158] #1: ffff88805c7a8608 (sb_internal){++++}-{0:0}, at: ext4_evict_inode+0x2b9/0xea0 [ 301.062983][T10158] #2: ffff88805abceec8 (&ei->xattr_sem){++++}-{3:3}, at: __ext4_mark_inode_dirty+0x3dc/0x6e0 [ 301.073288][T10158] [ 301.073288][T10158] stack backtrace: [ 301.079189][T10158] CPU: 0 PID: 10158 Comm: syz.4.1534 Not tainted syzkaller #0 [ 301.086665][T10158] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 301.096740][T10158] Call Trace: [ 301.100125][T10158] [ 301.103095][T10158] dump_stack_lvl+0x16c/0x230 [ 301.107807][T10158] ? load_image+0x3b0/0x3b0 [ 301.112339][T10158] ? show_regs_print_info+0x20/0x20 [ 301.117585][T10158] ? print_circular_bug+0x12b/0x1a0 [ 301.122813][T10158] check_noncircular+0x2bd/0x3c0 [ 301.127774][T10158] ? look_up_lock_class+0x75/0x140 [ 301.132912][T10158] ? print_deadlock_bug+0x5d0/0x5d0 [ 301.138144][T10158] ? lockdep_lock+0xe0/0x220 [ 301.142753][T10158] ? _find_first_zero_bit+0xd3/0x100 [ 301.148069][T10158] __lock_acquire+0x2ddb/0x7c80 [ 301.152980][T10158] ? mark_lock+0x94/0x320 [ 301.157343][T10158] ? verify_lock_unused+0x140/0x140 [ 301.162565][T10158] ? __lock_acquire+0x1334/0x7c80 [ 301.167608][T10158] ? verify_lock_unused+0x140/0x140 [ 301.172930][T10158] lock_acquire+0x197/0x410 [ 301.177464][T10158] ? ext4_writepages+0x170/0x2f0 [ 301.182447][T10158] ? __might_sleep+0xe0/0xe0 [ 301.187059][T10158] ? mark_lock+0x94/0x320 [ 301.191433][T10158] ? read_lock_is_recursive+0x20/0x20 [ 301.196831][T10158] ? __lock_acquire+0x1334/0x7c80 [ 301.201882][T10158] percpu_down_read+0x44/0x1a0 [ 301.206673][T10158] ? ext4_writepages+0x170/0x2f0 [ 301.211728][T10158] ext4_writepages+0x170/0x2f0 [ 301.216551][T10158] ? ext4_read_folio+0x2f0/0x2f0 [ 301.221521][T10158] ? __rwlock_init+0x150/0x150 [ 301.226312][T10158] ? _raw_spin_unlock_irqrestore+0x86/0x110 [ 301.232235][T10158] ? do_raw_spin_unlock+0x121/0x230 [ 301.237462][T10158] ? ext4_read_folio+0x2f0/0x2f0 [ 301.242619][T10158] do_writepages+0x3a2/0x600 [ 301.247245][T10158] ? folio_clear_dirty_for_io+0xc30/0xc30 [ 301.252998][T10158] ? writeback_single_inode+0x206/0x720 [ 301.258603][T10158] ? __lock_acquire+0x7c80/0x7c80 [ 301.263651][T10158] ? do_raw_spin_lock+0x121/0x2c0 [ 301.268698][T10158] ? get_tree_bdev+0x3e4/0x510 [ 301.273492][T10158] __writeback_single_inode+0x153/0xee0 [ 301.279071][T10158] writeback_single_inode+0x211/0x720 [ 301.284472][T10158] ? write_inode_now+0x1e0/0x1e0 [ 301.289467][T10158] write_inode_now+0x161/0x1e0 [ 301.294346][T10158] ? bdi_split_work_to_wbs+0x890/0x890 [ 301.299835][T10158] ? do_raw_spin_unlock+0x121/0x230 [ 301.305061][T10158] iput+0x5b2/0x920 [ 301.308893][T10158] ext4_xattr_block_set+0x273a/0x32a0 [ 301.314381][T10158] ? __might_sleep+0xe0/0xe0 [ 301.319089][T10158] ? xattr_find_entry+0x12b/0x2f0 [ 301.324145][T10158] ? ext4_xattr_block_find+0x350/0x350 [ 301.329634][T10158] ? ext4_xattr_block_find+0x2d4/0x350 [ 301.335117][T10158] ext4_expand_extra_isize_ea+0x10ea/0x19e0 [ 301.341055][T10158] __ext4_expand_extra_isize+0x306/0x400 [ 301.346746][T10158] __ext4_mark_inode_dirty+0x45d/0x6e0 [ 301.352236][T10158] ext4_evict_inode+0x7ed/0xea0 [ 301.357130][T10158] ? _raw_spin_unlock+0x28/0x40 [ 301.362030][T10158] ? ext4_inode_is_fast_symlink+0x390/0x390 [ 301.368061][T10158] ? do_raw_spin_unlock+0x121/0x230 [ 301.373733][T10158] ? ext4_inode_is_fast_symlink+0x390/0x390 [ 301.379654][T10158] evict+0x486/0x870 [ 301.383610][T10158] ? __lock_acquire+0x7c80/0x7c80 [ 301.388665][T10158] ? proc_nr_inodes+0x230/0x230 [ 301.393537][T10158] ? do_raw_spin_unlock+0x121/0x230 [ 301.398763][T10158] ? _raw_spin_unlock+0x28/0x40 [ 301.403647][T10158] ? iput+0x70a/0x920 [ 301.407651][T10158] ext4_orphan_cleanup+0xbd4/0x1400 [ 301.412884][T10158] ? ext4_orphan_del+0xba0/0xba0 [ 301.417870][T10158] ? ext4_register_li_request+0x183/0x940 [ 301.423618][T10158] ? errseq_check_and_advance+0x66/0x120 [ 301.429282][T10158] ext4_fill_super+0x5de4/0x66c0 [ 301.434250][T10158] ? ext4_parse_test_dummy_encryption+0xb0/0xb0 [ 301.440520][T10158] ? __might_sleep+0xe0/0xe0 [ 301.445130][T10158] ? read_lock_is_recursive+0x20/0x20 [ 301.450532][T10158] ? snprintf+0xdb/0x120 [ 301.454806][T10158] ? vscnprintf+0x80/0x80 [ 301.459165][T10158] ? down_write+0x162/0x1f0 [ 301.463707][T10158] ? down_read_killable+0x340/0x340 [ 301.468929][T10158] ? setup_bdev_super+0x56b/0x660 [ 301.473973][T10158] get_tree_bdev+0x3e4/0x510 [ 301.478589][T10158] ? vfs_parse_fs_string+0x160/0x160 [ 301.483900][T10158] ? ext4_parse_test_dummy_encryption+0xb0/0xb0 [ 301.490174][T10158] ? setup_bdev_super+0x660/0x660 [ 301.495217][T10158] ? apparmor_capable+0x137/0x1a0 [ 301.500295][T10158] ? bpf_lsm_capable+0x9/0x10 [ 301.505026][T10158] ? security_capable+0x89/0xb0 [ 301.509906][T10158] vfs_get_tree+0x8c/0x280 [ 301.514345][T10158] do_new_mount+0x24b/0xa40 [ 301.518876][T10158] __se_sys_mount+0x2da/0x3c0 [ 301.523579][T10158] ? __x64_sys_mount+0xc0/0xc0 [ 301.528371][T10158] ? lockdep_hardirqs_on+0x98/0x150 [ 301.533591][T10158] ? __x64_sys_mount+0x20/0xc0 [ 301.538382][T10158] do_syscall_64+0x55/0xb0 [ 301.542826][T10158] ? clear_bhb_loop+0x40/0x90 [ 301.547539][T10158] ? clear_bhb_loop+0x40/0x90 [ 301.552520][T10158] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 301.558445][T10158] RIP: 0033:0x7ff816390eea [ 301.562888][T10158] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 301.582742][T10158] RSP: 002b:00007ff8171c9e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 301.591189][T10158] RAX: ffffffffffffffda RBX: 00007ff8171c9ef0 RCX: 00007ff816390eea [ 301.599182][T10158] RDX: 0000200000000180 RSI: 00002000000001c0 RDI: 00007ff8171c9eb0 [ 301.607175][T10158] RBP: 0000200000000180 R08: 00007ff8171c9ef0 R09: 0000000000800700 [ 301.615167][T10158] R10: 0000000000800700 R11: 0000000000000246 R12: 00002000000001c0 [ 301.623252][T10158] R13: 00007ff8171c9eb0 R14: 000000000000046f R15: 000000000000002c [ 301.631349][T10158] [ 301.641160][T10166] syzkaller0: entered allmulticast mode [ 301.663530][T10166] syzkaller0: entered promiscuous mode [ 301.682435][T10158] ------------[ cut here ]------------ [ 301.687966][T10158] EA inode 11 i_nlink=2 [ 301.688278][T10158] WARNING: CPU: 0 PID: 10158 at fs/ext4/xattr.c:1075 ext4_xattr_inode_update_ref+0x4fb/0x550 [ 301.702851][T10158] Modules linked in: [ 301.706830][T10158] CPU: 0 PID: 10158 Comm: syz.4.1534 Not tainted syzkaller #0 [ 301.714409][T10158] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 301.724672][T10158] RIP: 0010:ext4_xattr_inode_update_ref+0x4fb/0x550 [ 301.731365][T10158] Code: 8d 7e 50 4c 89 f8 48 c1 e8 03 42 80 3c 20 00 74 08 4c 89 ff e8 06 2c 9a ff 49 8b 37 48 c7 c7 a0 c6 be 8a 89 da e8 35 3a 0d ff <0f> 0b 4c 8b 74 24 08 4c 8b 7c 24 10 e9 b9 fe ff ff e8 7f a3 24 08 [ 301.751191][T10158] RSP: 0018:ffffc90005bcf1c0 EFLAGS: 00010246 [ 301.757386][T10158] RAX: c9f61329577ced00 RBX: 0000000000000002 RCX: 0000000000080000 [ 301.765710][T10158] RDX: ffffc900050e1000 RSI: 000000000007ffff RDI: 0000000000080000 [ 301.773806][T10158] RBP: ffffc90005bcf2b8 R08: ffffc90005bcedc7 R09: 1ffff92000b79db8 [ 301.781863][T10158] R10: dffffc0000000000 R11: fffff52000b79db9 R12: dffffc0000000000 [ 301.788062][T10168] loop5: detected capacity change from 0 to 1024 [ 301.790010][T10158] R13: ffff88805bdb2ca8 R14: ffff88805bdb2ab0 R15: ffff88805bdb2b00 [ 301.804368][T10158] FS: 00007ff8171ca6c0(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000 [ 301.813372][T10158] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 301.820005][T10158] CR2: 0000200000000058 CR3: 000000006620e000 CR4: 00000000003506f0 [ 301.828087][T10158] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 301.836143][T10158] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 301.844246][T10158] Call Trace: [ 301.847566][T10158] [ 301.848373][T10168] EXT4-fs: Ignoring removed nomblk_io_submit option [ 301.850519][T10158] ? ext4_xattr_list_entries+0x3d0/0x3d0 [ 301.863176][T10158] ? ext4_xattr_inode_iget+0x3df/0x600 [ 301.868697][T10158] ext4_xattr_set_entry+0xcda/0x1e90 [ 301.874125][T10158] ext4_xattr_ibody_set+0x254/0x6a0 [ 301.879382][T10158] ext4_expand_extra_isize_ea+0x113a/0x19e0 [ 301.885394][T10158] __ext4_expand_extra_isize+0x306/0x400 [ 301.891165][T10158] __ext4_mark_inode_dirty+0x45d/0x6e0 [ 301.896684][T10158] ext4_evict_inode+0x7ed/0xea0 [ 301.901631][T10158] ? _raw_spin_unlock+0x28/0x40 [ 301.906546][T10158] ? ext4_inode_is_fast_symlink+0x390/0x390 [ 301.912539][T10158] ? do_raw_spin_unlock+0x121/0x230 [ 301.917845][T10158] ? ext4_inode_is_fast_symlink+0x390/0x390 [ 301.923795][T10158] evict+0x486/0x870 [ 301.927773][T10158] ? __lock_acquire+0x7c80/0x7c80 [ 301.932948][T10158] ? proc_nr_inodes+0x230/0x230 [ 301.937922][T10158] ? do_raw_spin_unlock+0x121/0x230 [ 301.943177][T10158] ? _raw_spin_unlock+0x28/0x40 [ 301.948125][T10158] ? iput+0x70a/0x920 [ 301.952156][T10158] ext4_orphan_cleanup+0xbd4/0x1400 [ 301.957889][T10158] ? ext4_orphan_del+0xba0/0xba0 [ 301.962911][T10158] ? ext4_register_li_request+0x183/0x940 [ 301.968864][T10158] ? errseq_check_and_advance+0x66/0x120 [ 301.974560][T10158] ext4_fill_super+0x5de4/0x66c0 [ 301.979627][T10158] ? ext4_parse_test_dummy_encryption+0xb0/0xb0 [ 301.985979][T10158] ? __might_sleep+0xe0/0xe0 [ 301.990632][T10158] ? read_lock_is_recursive+0x20/0x20 [ 301.996113][T10158] ? snprintf+0xdb/0x120 [ 302.000411][T10158] ? vscnprintf+0x80/0x80 [ 302.004831][T10158] ? down_write+0x162/0x1f0 [ 302.009394][T10158] ? down_read_killable+0x340/0x340 [ 302.014695][T10158] ? setup_bdev_super+0x56b/0x660 [ 302.019857][T10158] get_tree_bdev+0x3e4/0x510 [ 302.024531][T10158] ? vfs_parse_fs_string+0x160/0x160 [ 302.029875][T10158] ? ext4_parse_test_dummy_encryption+0xb0/0xb0 [ 302.036258][T10158] ? setup_bdev_super+0x660/0x660 [ 302.041344][T10158] ? apparmor_capable+0x137/0x1a0 [ 302.046458][T10158] ? bpf_lsm_capable+0x9/0x10 [ 302.051455][T10158] ? security_capable+0x89/0xb0 [ 302.056632][T10158] vfs_get_tree+0x8c/0x280 [ 302.061178][T10158] do_new_mount+0x24b/0xa40 [ 302.065739][T10158] __se_sys_mount+0x2da/0x3c0 [ 302.070591][T10158] ? __x64_sys_mount+0xc0/0xc0 [ 302.075411][T10158] ? lockdep_hardirqs_on+0x98/0x150 [ 302.080704][T10158] ? __x64_sys_mount+0x20/0xc0 [ 302.085515][T10158] do_syscall_64+0x55/0xb0 [ 302.090050][T10158] ? clear_bhb_loop+0x40/0x90 [ 302.094777][T10158] ? clear_bhb_loop+0x40/0x90 [ 302.099559][T10158] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 302.105568][T10158] RIP: 0033:0x7ff816390eea [ 302.110069][T10158] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 302.129789][T10158] RSP: 002b:00007ff8171c9e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 302.138299][T10158] RAX: ffffffffffffffda RBX: 00007ff8171c9ef0 RCX: 00007ff816390eea [ 302.146321][T10158] RDX: 0000200000000180 RSI: 00002000000001c0 RDI: 00007ff8171c9eb0 [ 302.154649][T10158] RBP: 0000200000000180 R08: 00007ff8171c9ef0 R09: 0000000000800700 [ 302.162768][T10158] R10: 0000000000800700 R11: 0000000000000246 R12: 00002000000001c0 [ 302.170838][T10158] R13: 00007ff8171c9eb0 R14: 000000000000046f R15: 000000000000002c [ 302.179034][T10158] [ 302.182098][T10158] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 302.189413][T10158] CPU: 0 PID: 10158 Comm: syz.4.1534 Not tainted syzkaller #0 [ 302.197001][T10158] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 302.207092][T10158] Call Trace: [ 302.210407][T10158] [ 302.213370][T10158] dump_stack_lvl+0x16c/0x230 [ 302.218105][T10158] ? show_regs_print_info+0x20/0x20 [ 302.223367][T10158] ? load_image+0x3b0/0x3b0 [ 302.227924][T10158] panic+0x2c0/0x710 [ 302.231865][T10158] ? bpf_jit_dump+0xd0/0xd0 [ 302.236594][T10158] __warn+0x2e0/0x470 [ 302.240599][T10158] ? ext4_xattr_inode_update_ref+0x4fb/0x550 [ 302.246608][T10158] ? ext4_xattr_inode_update_ref+0x4fb/0x550 [ 302.252615][T10158] report_bug+0x2be/0x4f0 [ 302.256971][T10158] ? ext4_xattr_inode_update_ref+0x4fb/0x550 [ 302.262979][T10158] ? ext4_xattr_inode_update_ref+0x4fb/0x550 [ 302.268981][T10158] ? ext4_xattr_inode_update_ref+0x4fd/0x550 [ 302.274992][T10158] handle_bug+0xcf/0x120 [ 302.279252][T10158] exc_invalid_op+0x1a/0x50 [ 302.283776][T10158] asm_exc_invalid_op+0x1a/0x20 [ 302.288669][T10158] RIP: 0010:ext4_xattr_inode_update_ref+0x4fb/0x550 [ 302.295417][T10158] Code: 8d 7e 50 4c 89 f8 48 c1 e8 03 42 80 3c 20 00 74 08 4c 89 ff e8 06 2c 9a ff 49 8b 37 48 c7 c7 a0 c6 be 8a 89 da e8 35 3a 0d ff <0f> 0b 4c 8b 74 24 08 4c 8b 7c 24 10 e9 b9 fe ff ff e8 7f a3 24 08 [ 302.315043][T10158] RSP: 0018:ffffc90005bcf1c0 EFLAGS: 00010246 [ 302.321157][T10158] RAX: c9f61329577ced00 RBX: 0000000000000002 RCX: 0000000000080000 [ 302.329148][T10158] RDX: ffffc900050e1000 RSI: 000000000007ffff RDI: 0000000000080000 [ 302.337140][T10158] RBP: ffffc90005bcf2b8 R08: ffffc90005bcedc7 R09: 1ffff92000b79db8 [ 302.345132][T10158] R10: dffffc0000000000 R11: fffff52000b79db9 R12: dffffc0000000000 [ 302.353304][T10158] R13: ffff88805bdb2ca8 R14: ffff88805bdb2ab0 R15: ffff88805bdb2b00 [ 302.361408][T10158] ? ext4_xattr_list_entries+0x3d0/0x3d0 [ 302.367077][T10158] ? ext4_xattr_inode_iget+0x3df/0x600 [ 302.372577][T10158] ext4_xattr_set_entry+0xcda/0x1e90 [ 302.377920][T10158] ext4_xattr_ibody_set+0x254/0x6a0 [ 302.383252][T10158] ext4_expand_extra_isize_ea+0x113a/0x19e0 [ 302.389212][T10158] __ext4_expand_extra_isize+0x306/0x400 [ 302.394898][T10158] __ext4_mark_inode_dirty+0x45d/0x6e0 [ 302.400428][T10158] ext4_evict_inode+0x7ed/0xea0 [ 302.405354][T10158] ? _raw_spin_unlock+0x28/0x40 [ 302.410260][T10158] ? ext4_inode_is_fast_symlink+0x390/0x390 [ 302.416191][T10158] ? do_raw_spin_unlock+0x121/0x230 [ 302.421694][T10158] ? ext4_inode_is_fast_symlink+0x390/0x390 [ 302.427789][T10158] evict+0x486/0x870 [ 302.431764][T10158] ? __lock_acquire+0x7c80/0x7c80 [ 302.436815][T10158] ? proc_nr_inodes+0x230/0x230 [ 302.441695][T10158] ? do_raw_spin_unlock+0x121/0x230 [ 302.446929][T10158] ? _raw_spin_unlock+0x28/0x40 [ 302.451801][T10158] ? iput+0x70a/0x920 [ 302.455807][T10158] ext4_orphan_cleanup+0xbd4/0x1400 [ 302.461053][T10158] ? ext4_orphan_del+0xba0/0xba0 [ 302.466023][T10158] ? ext4_register_li_request+0x183/0x940 [ 302.471792][T10158] ? errseq_check_and_advance+0x66/0x120 [ 302.477463][T10158] ext4_fill_super+0x5de4/0x66c0 [ 302.482443][T10158] ? ext4_parse_test_dummy_encryption+0xb0/0xb0 [ 302.488721][T10158] ? __might_sleep+0xe0/0xe0 [ 302.493339][T10158] ? read_lock_is_recursive+0x20/0x20 [ 302.498737][T10158] ? snprintf+0xdb/0x120 [ 302.503183][T10158] ? vscnprintf+0x80/0x80 [ 302.507537][T10158] ? down_write+0x162/0x1f0 [ 302.512073][T10158] ? down_read_killable+0x340/0x340 [ 302.517429][T10158] ? setup_bdev_super+0x56b/0x660 [ 302.522526][T10158] get_tree_bdev+0x3e4/0x510 [ 302.527140][T10158] ? vfs_parse_fs_string+0x160/0x160 [ 302.532451][T10158] ? ext4_parse_test_dummy_encryption+0xb0/0xb0 [ 302.538740][T10158] ? setup_bdev_super+0x660/0x660 [ 302.543800][T10158] ? apparmor_capable+0x137/0x1a0 [ 302.548851][T10158] ? bpf_lsm_capable+0x9/0x10 [ 302.553999][T10158] ? security_capable+0x89/0xb0 [ 302.558879][T10158] vfs_get_tree+0x8c/0x280 [ 302.563314][T10158] do_new_mount+0x24b/0xa40 [ 302.567842][T10158] __se_sys_mount+0x2da/0x3c0 [ 302.572590][T10158] ? __x64_sys_mount+0xc0/0xc0 [ 302.577394][T10158] ? lockdep_hardirqs_on+0x98/0x150 [ 302.582615][T10158] ? __x64_sys_mount+0x20/0xc0 [ 302.587397][T10158] do_syscall_64+0x55/0xb0 [ 302.591830][T10158] ? clear_bhb_loop+0x40/0x90 [ 302.596532][T10158] ? clear_bhb_loop+0x40/0x90 [ 302.601323][T10158] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 302.607242][T10158] RIP: 0033:0x7ff816390eea [ 302.611686][T10158] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 302.631316][T10158] RSP: 002b:00007ff8171c9e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 302.639757][T10158] RAX: ffffffffffffffda RBX: 00007ff8171c9ef0 RCX: 00007ff816390eea [ 302.647787][T10158] RDX: 0000200000000180 RSI: 00002000000001c0 RDI: 00007ff8171c9eb0 [ 302.655958][T10158] RBP: 0000200000000180 R08: 00007ff8171c9ef0 R09: 0000000000800700 [ 302.664300][T10158] R10: 0000000000800700 R11: 0000000000000246 R12: 00002000000001c0 [ 302.672293][T10158] R13: 00007ff8171c9eb0 R14: 000000000000046f R15: 000000000000002c [ 302.680293][T10158] [ 302.683923][T10158] Kernel Offset: disabled [ 302.688261][T10158] Rebooting in 86400 seconds..