last executing test programs: 4.363533741s ago: executing program 3 (id=1496): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x40000, 0x0) readv(r2, &(0x7f00000005c0)=[{&(0x7f0000000440)=""/238, 0xee}], 0x1) ioctl$TIOCVHANGUP(r2, 0x5437, 0x0) 4.329871622s ago: executing program 2 (id=1497): syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, 0x0, 0x0, 0x4) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000340)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x9, 0x4, 0x7ffc0002}]}) syz_io_uring_setup(0xbc3, 0x0, 0x0, 0x0) r0 = fsopen(&(0x7f0000000100)='configfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) fsmount(r0, 0x1, 0x5) 4.116087751s ago: executing program 2 (id=1498): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0, 0xffffffffffffffff, 0x0, 0x8}, 0x18) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873f1a103c87f69"], &(0x7f0000000100)='GPL\x00'}, 0x41) prctl$PR_SET_NAME(0xf, &(0x7f0000000280)='+}[@\x00') bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f00000002c0)='kmem_cache_free\x00', r0}, 0x18) r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f00000002c0)='syzkaller\x00'}, 0x80) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xb68, 0x560b0000, &(0x7f0000000000)="259a53f271a76d2688ca4c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48) 3.632043483s ago: executing program 2 (id=1501): r0 = socket(0x10, 0x3, 0x0) connect$netlink(r0, &(0x7f0000000280)=@proc={0x10, 0x0, 0x1}, 0xc) socket$nl_generic(0x10, 0x3, 0x10) r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r2}, 0x10) sendmsg$nl_route_sched(r0, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000001500)=@newtaction={0x18, 0x32, 0x829, 0x0, 0x0, {0x0, 0x0, 0x2}, [{0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x4010}, 0x8084) 3.429064351s ago: executing program 2 (id=1502): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b703000000000000850000007200000095"], &(0x7f0000001480)='GPL\x00', 0x5, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000380)='kfree\x00', r0, 0x0, 0x4804}, 0x18) r1 = socket$inet6(0xa, 0x80003, 0xff) setsockopt$inet6_int(r1, 0x29, 0x16, &(0x7f0000fcb000), 0x4) setsockopt$inet6_int(r1, 0x29, 0x16, &(0x7f0000000040), 0x4) 3.148112773s ago: executing program 2 (id=1504): getrandom(&(0x7f0000000240)=""/286, 0xffffff9a, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x4) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0500000004000000990000000b"], 0x48) getrandom(&(0x7f0000000380)=""/143, 0x8f, 0x1) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="faffffff000000000000000020646c2100000000002020207b1af8ff00ebff00bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000006000000181100000000004000000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48) r3 = creat(&(0x7f0000000480)='./file0\x00', 0x100) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.time_recursive\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x3000005, 0x10012, r4, 0x0) copy_file_range(r4, &(0x7f00000008c0)=0x4, r3, 0x0, 0x8, 0x0) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, r3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a40)={&(0x7f0000000980)='sys_enter\x00', r5}, 0x10) r6 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) r7 = syz_pidfd_open(r6, 0x0) pidfd_send_signal(r7, 0x29, 0x0, 0x0) r8 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r1, 0x0, 0x3}, 0x18) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x300000e, 0x20c44fb6edc09a38, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x1, 0x3279, &(0x7f00000004c0)=0x1) fcntl$setlease(0xffffffffffffffff, 0x400, 0x1) r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x11, 0x5, &(0x7f0000000a80)=ANY=[@ANYRES16=r6, @ANYRES16=r2], &(0x7f0000000080)='GPL\x00', 0x8, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, 0x2, r3}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='kfree\x00', r9}, 0x18) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x300000c, 0x50032, 0xffffffffffffffff, 0x0) timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @thr={&(0x7f0000000640)="372caeaa259bb3cf34fe4cbdadc2326b1cd2860db84add22e12df3a7f0e9c50b0a0ee2e7a0c05a37420da2e0bf69ea634de0589ead31813d15d4cf1a65f56b845f70d7147d8b0eeb2979ccd36539c9bc377490e6a2869ec7ca8a15b3aa76eaf963dc90c0d5005489198c7689f77e7f2db906e6b6b53908fa7229c0506475e3bb15eed1c33d9e02be67c138c26bd8dfe44eca5a1d", 0x0}}, 0x0) mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x0, 0x2010, 0xffffffffffffffff, 0x0) r10 = socket$nl_generic(0x10, 0x3, 0x10) close_range(r10, r8, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000040)={0xfffffffffffffedc, 0x0}) preadv(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0) 3.057766978s ago: executing program 3 (id=1506): syz_mount_image$ext4(&(0x7f00000001c0)='ext4\x00', &(0x7f0000001000)='./bus\x00', 0x0, &(0x7f0000000000)={[{@noquota}, {@errors_remount}, {@barrier_val={'barrier', 0x3d, 0x9}}, {@norecovery}]}, 0xfe, 0x275, &(0x7f0000000980)="$eJzs3T1onHUcB/Dfcy8mMUGiLoL4AiKigRAHQXDRRSEgIYgIKkREnCQRYoJbzsnFwc5tydQllG5NO5YuoUuha9pmSJcODR0aOrTDleeeu3BJLiS515Ln84HL8/zv/m8H9/0/d8PzTwC5NR4RX0ZEMSImIqIcEUlzhfezx3i9uDqyMRdRrX73OKnVy8qZRrvRiKhExOcRpcZry+s/bT/d/Oaj/5bKH15a/3GkX+8vYnjvbGd769vdizP/Xp3+dLlQf26sfmx+H92UtHiulES80YvBXhJJadAz4CRm/75yN839mxHxQS3/5SjUI/v/4is3y/HJhaPannt05+1+zhXovmq1nF4DK1Ugdwq178BJYTIisvNCYXIy+w5/r5jEHwuLf038vrA0/1vL5aPY9wUL6ESS/jZPf4B/fX3o2uiB/D8sZvk/kc96PFOgJ8Yitr6fXbufnu+6ikM+vJMd0vxP/LLyccg/5I78Q37JP+SX/MMZ0GZ25R/yqzn/Q4OeDNBXrv9whpUbJ5WWL8s/5Jf8Q34dyH8f78cFBq05/wBAvlSHBn0HMjAog15/AAAAAAAAAAAAAAAAAACAw1ZHNuYaj36Neet8xM5XEVHaP362H3mx9v+II4Zrf199kqTV9iRZs478/F6HHXTocpfvvp455Uburz3o7vindfvd3vT7z/7ikXvbrcxHVNLKU6XS4c9/Uv/8HevI/l8/pmH515MN0C3JgfIXP3Sv75U22jxf69747ZjejLiRrj9Trda/QrxVO7Zef8aat1hu05/POuwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAvnkRAAD//0x2aeA=") r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f0000000240)=@reiserfs_2={0x8, 0x2, {0xb}}, 0x0) 2.680184643s ago: executing program 3 (id=1511): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94) mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0xb, 0x59032, 0xffffffffffffffff, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r1}, 0x10) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0) 2.415179575s ago: executing program 3 (id=1514): bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[], 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) socket$kcm(0x10, 0x2, 0x10) r0 = socket$kcm(0x2b, 0x1, 0x0) getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(0xffffffffffffffff, 0x6, 0x23, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000280)='kmem_cache_free\x00', 0xffffffffffffffff, 0x0, 0x200000000000006}, 0x18) setsockopt$sock_linger(0xffffffffffffffff, 0x1, 0x3c, &(0x7f00000001c0)={0x200000000000001}, 0x8) sendmsg$inet(r0, &(0x7f0000000240)={&(0x7f00000000c0)={0x2, 0x4001, @dev={0xac, 0x14, 0x14, 0x2d}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x300}, 0x200048cc) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000000040), 0x400000000000284, 0x2, 0x0) sendto$inet6(r1, 0x0, 0x0, 0x40000, &(0x7f0000000300)={0xa, 0x5e20, 0x0, @mcast1}, 0x1c) close(r0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00'}, 0x10) close(0xffffffffffffffff) 2.172169116s ago: executing program 1 (id=1517): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000a00)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x201, 0x0, 0x0, {0x1, 0x0, 0x8003}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x28, 0x3, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}, @NFTA_CHAIN_ID={0x8, 0xb, 0x1, 0x0, 0x3}]}, @NFT_MSG_NEWRULE={0x64, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8, 0xb, 0x1, 0x0, 0x3}, @NFTA_RULE_EXPRESSIONS={0x3c, 0x4, 0x0, 0x1, [{0x38, 0x1, 0x0, 0x1, @bitwise={{0xc}, @val={0x28, 0x2, 0x0, 0x1, [@NFTA_BITWISE_LEN={0x8, 0x3, 0x1, 0x0, 0x4}, @NFTA_BITWISE_SREG={0x8, 0x1, 0x1, 0x0, 0x14}, @NFTA_BITWISE_DREG={0x8, 0x2, 0x1, 0x0, 0x12}, @NFTA_BITWISE_MASK={0x4}, @NFTA_BITWISE_OP={0x8, 0x6, 0x1, 0x0, 0x2}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x7}}}, 0xd4}}, 0x20008000) 2.092709629s ago: executing program 1 (id=1519): bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = syz_io_uring_setup(0x5c6, &(0x7f0000000140)={0x0, 0x1001, 0x0, 0x6, 0xfffffffc}, &(0x7f00000001c0)=0x0, &(0x7f0000000580)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffff8, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000004c0)=@IORING_OP_TIMEOUT={0xb, 0x18, 0x0, 0x0, 0x4, &(0x7f0000000280)={0x0, 0x989680}, 0x1, 0x40, 0x1}) io_uring_enter(r0, 0x6e2, 0x3900, 0x1, 0x0, 0xe00) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]}) socket$packet(0x11, 0xa, 0x300) socket$packet(0x11, 0xa, 0x300) 1.778416972s ago: executing program 1 (id=1522): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="07000000040000000800"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000008c0)=ANY=[@ANYRES32=r0, @ANYBLOB="0000000000000000b70300000088b000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r1}, 0x18) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000004bc311ec8500000075000000a70000000800000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000000c0)='percpu_alloc_percpu\x00', r2}, 0x10) syz_io_uring_setup(0x111, &(0x7f0000000340)={0x0, 0x11, 0x2, 0x4}, 0x0, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x0, &(0x7f0000000040)}) lseek(0xffffffffffffffff, 0x2, 0x4) 1.437355897s ago: executing program 3 (id=1523): r0 = syz_open_procfs(0x0, &(0x7f0000000180)='attr\x00') mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x8) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x18, 0x3, &(0x7f0000000200)=ANY=[@ANYRES32=r0], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='contention_end\x00', r1}, 0x10) r2 = creat(&(0x7f0000000080)='./file0/file1\x00', 0x90) write$cgroup_type(r2, &(0x7f00000009c0), 0xd4ba0ff) prctl$PR_SET_DUMPABLE(0x4, 0x0) unlink(&(0x7f0000000100)='./file0/file1\x00') rename(&(0x7f0000000040)='./file0\x00', &(0x7f0000000140)='./file0/file1\x00') 1.14575123s ago: executing program 0 (id=1525): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000140)={0x1, &(0x7f0000000200)=[{0x6, 0x1, 0x7, 0x7fffffff}]}) 861.959262ms ago: executing program 0 (id=1526): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r1}, 0x10) r2 = socket$netlink(0x10, 0x3, 0xf) r3 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_FILL_RING(r3, 0x11b, 0x5, &(0x7f0000000040)=0x4000, 0x4) close_range(r2, 0xffffffffffffffff, 0x0) 740.288718ms ago: executing program 1 (id=1527): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000a00)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x201, 0x0, 0x0, {0x1, 0x0, 0x8003}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x28, 0x3, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}, @NFTA_CHAIN_ID={0x8, 0xb, 0x1, 0x0, 0x3}]}, @NFT_MSG_NEWRULE={0x64, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8, 0xb, 0x1, 0x0, 0x3}, @NFTA_RULE_EXPRESSIONS={0x3c, 0x4, 0x0, 0x1, [{0x38, 0x1, 0x0, 0x1, @bitwise={{0xc}, @val={0x28, 0x2, 0x0, 0x1, [@NFTA_BITWISE_LEN={0x8, 0x3, 0x1, 0x0, 0x4}, @NFTA_BITWISE_SREG={0x8, 0x1, 0x1, 0x0, 0x14}, @NFTA_BITWISE_DREG={0x8, 0x2, 0x1, 0x0, 0x12}, @NFTA_BITWISE_MASK={0x4}, @NFTA_BITWISE_OP={0x8, 0x6, 0x1, 0x0, 0x2}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x7}}}, 0xd4}}, 0x20008000) 686.95296ms ago: executing program 0 (id=1528): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000500000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000680)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000900)={{r0}, &(0x7f00000008c0), &(0x7f0000000880)=r1}, 0x20) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000400)='virtio_transport_alloc_pkt\x00', r2}, 0x18) r3 = socket$vsock_stream(0x28, 0x1, 0x0) connect$vsock_stream(r3, &(0x7f0000000140)={0x28, 0x0, 0x0, @my=0x1}, 0x10) 630.498312ms ago: executing program 1 (id=1529): r0 = socket$netlink(0x10, 0x3, 0xb) bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x25dfdbfc, 0x2bfffdffd}, 0xc) bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x208, 0xd9}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000300)=ANY=[], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r1}, 0x18) close(r0) 513.257658ms ago: executing program 0 (id=1530): unshare(0x2c020400) r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) r1 = dup(r0) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$devlink(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_RELOAD(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x3c, r3, 0x1, 0x70bd27, 0x25dfdbfb, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_FD={0x8, 0x8a, r1}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4040010}, 0xb0) 412.129962ms ago: executing program 1 (id=1531): bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xb, 0x0, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x5, 0xc, &(0x7f0000000800)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000007b8af8ff00000000bfa200000000000007020080f8ffffffb703000000000000b70400000000000085007e49b71e0000c300000095e90faa9077b6e63b06b2aa6e3cd2e286cd1ec26ef027ef8b1e2dde322bb15427b40a33f19ac78fe8a15bda9adb0e01d6f01786aeb60100b0320ad2e4fe00000000000000000000006d8c1131830507e2a1d43ab74bb6f06dd88ea80a2afc3fafd886850c433c8a3b331ff490029f040c74831ce7ec407270851b21ed1ba73e3b8139c3708a80e3bad4c62fe2d7559efab5188c3f9f7257aa39b5ce9cd6b521dec7cdc5daf99fa8044dbeed0b1f15caf527b53396ae9c58bf46f57a02be112f60abf8ec3fcc47c26d90ade42cbd54f99fb89244924b3b94a19909401874b9fc76f97ffa27fa7297063ca3b499a9363369028f53cefb41fbae8fb148d6b209db82230f8c2ee6aeb32dc23aecd1be3406c1beaee6919584abde2f6b06c8fe8ab7885de0fdd9a29f7e97d1537b0c927ab237b4e90852ac8592"], 0x0, 0x4, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x17) bind$bt_hci(0xffffffffffffffff, &(0x7f0000000000)={0x1f, 0xffff, 0x2}, 0x6) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, 0x0) connect$unix(0xffffffffffffffff, 0x0, 0x0) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x18) r2 = getpid() r3 = syz_pidfd_open(r2, 0x0) setns(r3, 0x24020000) syz_clone3(&(0x7f0000000000)={0x170e4000, 0x0, 0x0, 0x0, {0x22}, 0x0, 0x0, 0x0, &(0x7f00000002c0)=[r2], 0x1}, 0x58) 394.038443ms ago: executing program 0 (id=1532): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000e, 0x20c44fb6edc09a38, 0xffffffffffffffff, 0x0) r0 = memfd_create(&(0x7f0000000000)='\x103q}2\x9a\xce\xaf\x03\xdfy[\xd9\xffR8\xf4\x1c\xe5h\xe4^\xd5\xfd\xa9\r\xac7A\x94\xa0\x00\x00\x00\x90+\xd6\x05\r\x84\x87\x1c\b\xdb\xe2\x00\x00A\x90m\xb6&\xd0\x9d\x00\x00\xc5\xb8,\f\xd4s\xb2\x99/\xc0\x9a\xf2O\xdb\x00\x00\x00\x00\x00\x00\r\x1b\xd3\xff<\x83z\x80\x8fQ|\xf5d\x10\x10\xd7\x01M\x7fML\x18\'\x1a<\xfee7{l\x16}\xa0I\x7f\xb5)l\xbb\x02\xfa\xb7\xb6\xa0]\xda8\xe0~\x1c \x91\t\x8b\xbd\x1f\xb3834d1i\x9b\x94\xa6\\\x0e\xe2\xfa\xe5!\xd3\xcf\xfc\xce\xba\xe2\x9f\x05xgL5\x14Y+\xb3\x1axi)<\xf7\x98\xc1\xba\xf4|\xe7|\xc4\xd7\x03\x00\x00\x00\x04D\x15E^7%8\x94y\x98\xf0l\xa0\'Q%\xd4\xda\xee\x81}\xcc\xfd\xa2\xe3M~x\x96\xe3]\xd70\xa2\x17\xca\xde\x1b\xaa\xe0l\xfc\x85\x8fc\x1c{|e\x8bs\xb0\x85E\xce;p)\xf8\xa6\xaa&QC4V\x81\x04\xcf\xd2\x81\xdc\xdf\xd7<\x9f\x93\x8bX\xd4\xea\xb2\xff\b\x92\xc7\x00\xef\xff\x00\x93\x1f\x92\xa7dcY\x9c\x9e9O-\xfcF\xbb\xbd{:IR\xea\xd8$\xe2\xa0\xc2\x8b\x1a\xead\xb8\xe1:6\x15M\x1d\xdak\x8c\x909\xd8\xb3\x02\xe0\x04\x9c\xc2\x06|\xf0\x0f\xa6Y&r\x9b\xc7\x1d\xe7jDf\x87@\x8fg\x15RJwe\xe2\xdcunu\xff`\xa40\xce\x86B%\xe4k\xff\x8d\x06\x0e\x89\xd9DC\x9fF\x9c[M=\xe0^\xa8\xed)\xe8Z\xe8\x99&\x87\x04\xa4\t\xaa\xd8\xd6\xd5pG\xcb\xc4\x8b\xf7\xb8#\xcb\xd8|\xa5\xa6S\x8b\x8cv\xb7)\x02k\xf3L\x03\xbb\xda\xe1\\\xf1\x8cUj\xd5\xa5\x88GL\xe7_\xfd\x17C=G\x0f\xe9u\x1d\xfeg\xfex\xcd\xaa\xad\x906\xd0sy\xc6T\x93\xae\xd5r\xc8G\xc5\xfdS\xff\x04:`\x1e\xe3;l\xcd&\xd4\xf4\x8eum\x04\x00~\xfa\x05\xd7\xe7X\xc7/\xae5\x93wwT\x13\xbd,\xd6\x16\x84\xcd\xd1\xd8\xe1P_\xbf0\xd8\x8d%Yh\xb5\xb4\"\xf5\x93\xdeh\xce\xa5\xe8\xc8\xec\x88\x89\xf07{\x95\xc9\xd0\xee\xe1\x1d\x80\xcc]-\xc2\xa1\x02ELhI\xd9\xf5\xcfk\x8a&i\xc1\xff9T\x8e\xe2rY\xa3\xd2H9\xfe\x0e\x1e\xac\x0f\xc3\xbd{\xd9\xcc\xbe\xa9\x93\xe0\xa4W\x1cn>\xc1\xf1\x9e\"\x93\x19\x19\x1a\xcc\x7fy\xd2~\x05\x99\xe6\x00o\xca\xe0\xc6\xd4\xf5\xa0\xc8P\xd6;\xf3\xc6~E\xacI\xd4\xe9\xa1|>\x91.K\x81\xa9+\xcf\xff\xcb\xfa\x0f\xe7n\x83H\x12\xac\x80\x16\xf8\x87Q\x97Az\n`\xb6\xe13A\xec\x8d(\\D\xec\xa6\t1\xa0h\xfc\x1f\xdd1@-4\xb4:\xf8\xd5wP \x84m\xe2\xd9\xfcb\xa0\xc3\xc9\xe7W\x86\xd7$\xa4ml\xee\x97[\xb7\xfa', 0x4) mmap(&(0x7f0000200000/0x400000)=nil, 0x400000, 0xb, 0x2012, r0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r1}, 0x10) mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x300000c, 0x50032, 0xffffffffffffffff, 0x0) 96.428206ms ago: executing program 3 (id=1533): mknodat$loop(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x6004, 0x1) syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800718, &(0x7f0000000480)={[{@nodioread_nolock}, {@journal_dev={'journal_dev', 0x3d, 0x40000ff}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5c}}, {@nombcache}, {@resgid}, {@barrier}, {@init_itable_val={'init_itable', 0x3d, 0x8d55}}]}, 0x0, 0x46f, &(0x7f0000001040)="$eJzs281rHOUfAPDvTF7a/vqS/Gp9aa0aLUJQTJq0ag9eFAWRioIe6jEm2xK6baSJYmuxqYgnQQp6Fo+if4E3EUQ9CV49eZJC0V7aeorM7Ey62WYTazaZ2P18YLPPM/PszvebeXv2eXYD6FpD2Z8kYkdE/BoRA43q0gZDjafrV89P3rh6fjKJhYXX/kjydteunp8sm5av215UhtOI9MOk2MhSs2fPnZyo12tnivro3Km3RmfPnnvinVMTJ2onaqfHjxw5fGjs6afGn+xInlle1/a9P7N/74tvXHp58tilN3/8Oot3R7G+OY9OGcoS/3Mh17ru0U5vrGI7m8pJb4WBcFt6IiLbXX35+T8QPXFz5w3ECx9UGhywrrJ705b2q+cXgDtYElVHAFSjvNFnn3/LxwZ1PTaFK882PgBleV8vHo01vZEWbfpaPt920lBEHJv/6/PsEes0DgEA0Ozjyc+O9kfEeze+einrewwsrknjnvz5t/zvrmIOZTAi/h8RuyPirojYExF3R+Rt742I+9YYz639n/TyGt9yRVn/75libmtp/6/s/cVgT1HbmefflxyfrtcOFv+T4ejbktXHVtjGt8//8km7dc39v+yRbb/sCxZxXO5tGaCbmpibyDulHXDlYsS+3uXyTxZnApKI2BsR+27vrXeVhenHvtzfrtHq+a+gA/NMC19k6c1n+c9HS/6lpHl+cvqW+cnRrVGvHRwtj4pb/fTzR6+22/6a8u+AK7XGc9P+b20ymDTP1852dvv/8vhP+5PX83nm/mLZuxNzc2fGIvqTo3l9yfLxm68t62X77PgfPrD8+b+7eE2W//0RkR3ED0TEgxHxUBH7wxHxSEQcWCHHH55bPf9IK9r/FyOmlr3+LR7/Lfv/9gs9J7//pt32/9n+P5yXhosl+fVvFcuFk10uWgNcy/8OAAAA/ivS/DvwSTqyWE7TkZHGd/j3xP/S+szs3OPHZ94+PdX4rvxg9KXlSNdAMR5an67XxpL54h0b46PjxVhxOV56qBg3/rRnW14fmZypT1WcO3S77W3O/8zvPVVHB6yzbcsuHe/f8ECACrTOo6dLqxdeCRcDuFP5vTZ0r1XO/3Sj4gA2nvs/dK/lzv8LLXVzAXBncv+H7uX8hy6Vfld1BECF3P+hK63ld/3rWNi6OcKoprBZd0peiCgL6aaIR2GdClVfmQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADrj7wAAAP//KFzmgQ==") 217.96µs ago: executing program 2 (id=1534): r0 = socket(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000240)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000980)=@newqdisc={0x468, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r1, {0x0, 0xd}, {0xffff, 0xffff}, {0x0, 0xfff2}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x43c, 0x2, [@TCA_TBF_RATE64={0xc, 0x4, 0x5ec888eb7598db49}, @TCA_TBF_PARMS={0x28, 0x1, {{0x3, 0x2, 0x8, 0x4, 0xff, 0x6}, {0x4, 0x0, 0x3, 0xa159, 0x1000, 0x7}, 0x3, 0x8, 0x41e}}, @TCA_TBF_PTAB={0x404, 0x3, [0x104, 0x2, 0xc, 0xfff, 0x0, 0x8ba, 0xa1, 0x4d91, 0x7fffffff, 0x63c4, 0x0, 0x7ffd, 0x400, 0x255, 0x6, 0xc, 0xd81, 0x3, 0xa, 0xa, 0x7, 0x6, 0xc, 0x200, 0xfffffffd, 0x5, 0xb96, 0x7, 0x0, 0xffffffff, 0x200, 0x3, 0x80000001, 0x7c, 0xfffffffc, 0x5, 0x3, 0x2, 0x8, 0x6, 0x1, 0xd, 0x80, 0x400, 0x80, 0x90000010, 0x3800000, 0x0, 0xfffff30b, 0x0, 0xf6, 0x81, 0xfffffffa, 0x80, 0x101, 0x3f, 0xfffffbff, 0x36a5, 0x4, 0x6, 0x200, 0x1ba, 0x9, 0xab, 0x6, 0xfffffff7, 0x6, 0x0, 0x3, 0x1, 0x963, 0x1ff, 0x2, 0xfffffffd, 0x6, 0x5, 0x0, 0x3, 0x0, 0xb09, 0x3ff, 0xa, 0x8000, 0x4, 0x8, 0x1000, 0x101, 0x5, 0x3, 0x6, 0x9, 0x3, 0x1, 0x8762, 0x10008e, 0x80000005, 0xfffff76b, 0x0, 0x4, 0x4275c4e9, 0xb53, 0x5, 0x800, 0x4, 0x955, 0x5, 0x6cdf139e, 0x9, 0x3, 0x5, 0x10001, 0xff, 0x80000001, 0xed2, 0x5, 0xfffffffa, 0x10002, 0x18d0, 0x0, 0x3, 0x9486, 0x80, 0x5, 0x80000000, 0xdb, 0x3, 0x80, 0xffbf7ffc, 0x5, 0x8, 0x7, 0x1, 0x2, 0x8008, 0x2, 0x8, 0x2, 0x81, 0x3, 0x1, 0x6bf, 0x7, 0xea, 0x4, 0xc1, 0x2, 0x40, 0x5, 0x27f, 0x200, 0x7, 0x40, 0x7, 0x4, 0x7, 0xff, 0x400, 0x8, 0x7fffffff, 0xfffffff8, 0x8, 0xfffffff4, 0x8, 0xc, 0x96, 0x6, 0x104, 0x62cc, 0x2, 0x7, 0x2eb7, 0x10001, 0xcbf, 0x10000, 0x101, 0x9, 0xfffffffa, 0x1, 0x8, 0x7, 0x8001, 0xf, 0x5, 0x8, 0x8d, 0xffffffff, 0x2, 0x7, 0x1, 0x61, 0xffffffff, 0x494, 0xb, 0x1, 0x1, 0xd1, 0xd, 0x9, 0x1002, 0xffffffff, 0x6, 0x3, 0xfffffffb, 0xffff, 0xff, 0x5, 0xe, 0x401, 0x2, 0x8cc5, 0x8, 0x159, 0xfffffff7, 0x81, 0x382ae49d, 0x9, 0xffffffff, 0xffff, 0xdf3b, 0x8d, 0x6, 0xfffffef7, 0x89c3, 0x6319da67, 0x5, 0x9, 0x2, 0xfffff801, 0x0, 0x5, 0x5, 0x7, 0x7, 0x7f, 0x7, 0x1, 0x0, 0xffffffff, 0xdfed, 0xb, 0x77, 0x7, 0xff, 0xb331, 0x9, 0x6, 0x9, 0x7, 0x5, 0x400, 0x10001, 0x1, 0x800, 0x6000, 0xfe000000, 0xfffffffd]}]}}]}, 0x468}}, 0x0) 0s ago: executing program 0 (id=1535): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) close(r0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) close(r1) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) sendmsg$NFT_BATCH(r2, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a4c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc080003400000001408000c4000000e45400000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a310000000014000380100000800c00018006000100d103000014000000110001"], 0xb4}}, 0x40) sendmsg$NFT_BATCH(r1, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000002c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSETELEM={0x48, 0xc, 0xa, 0x101, 0x0, 0x0, {0xa, 0x0, 0x6}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x1c, 0x3, 0x0, 0x1, [{0x18, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0xc, 0x1, 0x0, 0x1, [@NFTA_DATA_VALUE={0x6, 0x1, 'X.'}]}, @NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x1}]}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x3}}}, 0x70}, 0x1, 0x0, 0x0, 0x4000850}, 0x40) sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000002c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSETELEM={0x48, 0xc, 0xa, 0x101, 0x0, 0x0, {0xa, 0x0, 0x6}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x1c, 0x3, 0x0, 0x1, [{0x18, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0xc, 0x1, 0x0, 0x1, [@NFTA_DATA_VALUE={0x6, 0x1, "d103"}]}, @NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x1}]}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x70}, 0x1, 0x0, 0x0, 0x4000850}, 0x40) kernel console output (not intermixed with test programs): 94 comm="syz.2.470" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f37aed8f749 code=0x7ffc0000 [ 154.158133][ T27] audit: type=1326 audit(1764454399.480:419): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7194 comm="GPL" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37aed8f749 code=0x7ffc0000 [ 154.187371][ T27] audit: type=1326 audit(1764454399.480:420): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7194 comm="GPL" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37aed8f749 code=0x7ffc0000 [ 155.740288][ T7230] loop1: detected capacity change from 0 to 512 [ 155.779455][ T7230] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 155.927652][ T5793] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 156.351392][ T7249] loop2: detected capacity change from 0 to 512 [ 156.363285][ T7251] loop3: detected capacity change from 0 to 512 [ 156.415373][ T7249] FAT-fs (loop2): Unrecognized mount option "7" or missing value [ 156.461111][ T7251] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 156.491275][ T7255] syzkaller0: tun_chr_ioctl cmd 35108 [ 156.506051][ T7251] ext4 filesystem being mounted at /111/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 156.721828][ T5792] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 156.994148][ T7274] netlink: 12 bytes leftover after parsing attributes in process `syz.1.501'. [ 157.022658][ T7274] netlink: 12 bytes leftover after parsing attributes in process `syz.1.501'. [ 157.046357][ T7276] netlink: 96 bytes leftover after parsing attributes in process `syz.0.500'. [ 157.182973][ T7280] netlink: 24 bytes leftover after parsing attributes in process `syz.2.503'. [ 157.230005][ T7284] macvtap1: entered promiscuous mode [ 157.237888][ T7284] macvtap1: entered allmulticast mode [ 157.248214][ T7284] dummy0: entered promiscuous mode [ 157.254141][ T7284] dummy0: entered allmulticast mode [ 157.281820][ T7284] team0: Device macvtap1 failed to register rx_handler [ 157.298294][ T7284] dummy0: left allmulticast mode [ 157.320509][ T7284] dummy0: left promiscuous mode [ 158.824954][ T1080] nci: nci_add_new_protocol: the target found does not have the desired protocol [ 159.206518][ T7319] netlink: 4 bytes leftover after parsing attributes in process `syz.3.515'. [ 159.234179][ T7319] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 159.244548][ T7319] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 159.265701][ T7319] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 159.284067][ T7319] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 159.624915][ T7325] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING [ 159.797169][ T7333] loop1: detected capacity change from 0 to 512 [ 159.846268][ T7333] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 159.867374][ T7333] ext4 filesystem being mounted at /145/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 160.066033][ T5793] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 160.481306][ T7356] loop1: detected capacity change from 0 to 512 [ 160.493870][ T7356] EXT4-fs (loop1): Cannot use DAX on a filesystem that may contain inline data [ 160.547466][ T7360] loop2: detected capacity change from 0 to 512 [ 160.559989][ T7356] (null): rxe_set_mtu: Set mtu to 1024 [ 160.569724][ T7360] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 160.581198][ T7356] ip6_vti0 speed is unknown, defaulting to 1000 [ 160.592135][ T7356] ip6_vti0 speed is unknown, defaulting to 1000 [ 160.601663][ T7362] loop3: detected capacity change from 0 to 512 [ 160.617479][ T7356] ip6_vti0 speed is unknown, defaulting to 1000 [ 160.638163][ T7360] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 160.643282][ T7362] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 160.666530][ T7362] ext4 filesystem being mounted at /122/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 160.679016][ T7370] syz.0.534[7370] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 160.679189][ T7370] syz.0.534[7370] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 160.688192][ T7360] ext4 filesystem being mounted at /120/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 160.728136][ T7363] loop1: detected capacity change from 0 to 1024 [ 160.778266][ T7363] EXT4-fs: Ignoring removed bh option [ 160.821216][ T7363] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 160.866779][ T7356] infiniband syz2: set active [ 160.873718][ T5882] ip6_vti0 speed is unknown, defaulting to 1000 [ 160.881447][ T7356] infiniband syz2: added ip6_vti0 [ 160.896324][ T5792] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 160.944545][ T7363] EXT4-fs error (device loop1): ext4_map_blocks:608: inode #3: block 2: comm syz.1.530: lblock 2 mapped to illegal pblock 2 (length 1) [ 160.950060][ T5790] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 160.992726][ T7363] __quota_error: 48 callbacks suppressed [ 160.992743][ T7363] Quota error (device loop1): qtree_write_dquot: dquota write failed [ 160.994308][ T27] audit: type=1326 audit(1764454406.520:469): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7373 comm="syz.0.535" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd88d8f749 code=0x7ffc0000 [ 161.010444][ T7363] EXT4-fs error (device loop1): ext4_map_blocks:608: inode #3: block 48: comm syz.1.530: lblock 0 mapped to illegal pblock 48 (length 1) [ 161.081371][ T27] audit: type=1326 audit(1764454406.520:470): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7373 comm="syz.0.535" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd88d8f749 code=0x7ffc0000 [ 161.094092][ T7363] Quota error (device loop1): v2_write_file_info: Can't write info structure [ 161.118476][ T7356] RDS/IB: syz2: added [ 161.123717][ T7356] smc: adding ib device syz2 with port count 1 [ 161.168637][ T27] audit: type=1326 audit(1764454406.520:471): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7373 comm="syz.0.535" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd88d8f749 code=0x7ffc0000 [ 161.177975][ T7363] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.530: Failed to acquire dquot type 0 [ 161.208368][ T7356] smc: ib device syz2 port 1 has pnetid [ 161.219133][ T27] audit: type=1326 audit(1764454406.520:472): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7373 comm="syz.0.535" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd88d8f749 code=0x7ffc0000 [ 161.249116][ T5882] ip6_vti0 speed is unknown, defaulting to 1000 [ 161.269823][ T7356] ip6_vti0 speed is unknown, defaulting to 1000 [ 161.284297][ T27] audit: type=1326 audit(1764454406.520:473): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7373 comm="syz.0.535" exe="/root/syz-executor" sig=0 arch=c000003e syscall=240 compat=0 ip=0x7efd88d8f749 code=0x7ffc0000 [ 161.317910][ T7363] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5916: Corrupt filesystem [ 161.328921][ T7381] netlink: 'syz.3.538': attribute type 21 has an invalid length. [ 161.334153][ T27] audit: type=1326 audit(1764454406.520:474): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7373 comm="syz.0.535" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd88d8f749 code=0x7ffc0000 [ 161.362514][ T7363] EXT4-fs error (device loop1): ext4_evict_inode:252: inode #11: comm syz.1.530: mark_inode_dirty error [ 161.379261][ T7381] netlink: 164 bytes leftover after parsing attributes in process `syz.3.538'. [ 161.388713][ T27] audit: type=1326 audit(1764454406.520:475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7373 comm="syz.0.535" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd88d8f749 code=0x7ffc0000 [ 161.434110][ T7363] EXT4-fs warning (device loop1): ext4_evict_inode:255: couldn't mark inode dirty (err -117) [ 161.444970][ T7363] EXT4-fs (loop1): 1 orphan inode deleted [ 161.452076][ T7363] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 161.464282][ T27] audit: type=1326 audit(1764454406.520:476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7373 comm="syz.0.535" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd88d8f749 code=0x7ffc0000 [ 161.484650][ T171] EXT4-fs error (device loop1): ext4_map_blocks:608: inode #3: block 1: comm kworker/u4:5: lblock 1 mapped to illegal pblock 1 (length 1) [ 161.564061][ T171] EXT4-fs error (device loop1): ext4_release_dquot:6969: comm kworker/u4:5: Failed to release dquot type 0 [ 161.969558][ T7356] ip6_vti0 speed is unknown, defaulting to 1000 [ 162.281933][ T7356] ip6_vti0 speed is unknown, defaulting to 1000 [ 162.693213][ T7356] ip6_vti0 speed is unknown, defaulting to 1000 [ 163.128341][ T7417] netlink: 20 bytes leftover after parsing attributes in process `syz.0.554'. [ 163.255734][ T5793] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 163.289338][ T5793] EXT4-fs error (device loop1): __ext4_get_inode_loc:4489: comm syz-executor: Invalid inode table block 1 in block_group 0 [ 163.311678][ T5793] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5916: Corrupt filesystem [ 163.333503][ T5793] EXT4-fs error (device loop1): ext4_quota_off:7217: inode #3: comm syz-executor: mark_inode_dirty error [ 163.632041][ T7433] loop2: detected capacity change from 0 to 512 [ 163.698240][ T7439] syz.0.564[7439] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 163.698375][ T7439] syz.0.564[7439] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 163.725643][ T7433] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 163.779790][ T7433] ext4 filesystem being mounted at /128/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 163.820142][ T7445] loop1: detected capacity change from 0 to 164 [ 163.916165][ T5790] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 164.006319][ T7451] netlink: 76 bytes leftover after parsing attributes in process `syz.2.569'. [ 164.451107][ T7467] loop3: detected capacity change from 0 to 2048 [ 164.470884][ T7467] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 164.513826][ T7467] ext4 filesystem being mounted at /136/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 164.641033][ T5792] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 164.850284][ T7478] loop1: detected capacity change from 0 to 4096 [ 164.878337][ T7478] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 165.059366][ T7489] netlink: 8 bytes leftover after parsing attributes in process `syz.3.580'. [ 165.214580][ T5793] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 165.518328][ T7500] loop2: detected capacity change from 0 to 128 [ 165.529002][ T7501] loop3: detected capacity change from 0 to 512 [ 165.550797][ T7501] EXT4-fs: Ignoring removed i_version option [ 165.565129][ T7501] EXT4-fs: Ignoring removed bh option [ 165.607095][ T7501] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 165.650578][ T7501] ext4 filesystem being mounted at /143/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 165.900534][ T5792] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 166.400693][ T12] Bluetooth: hci4: Frame reassembly failed (-84) [ 166.995035][ T7546] pim6reg: entered allmulticast mode [ 167.014710][ T7546] pim6reg: left allmulticast mode [ 167.061992][ T7548] loop2: detected capacity change from 0 to 1024 [ 167.073431][ T7548] EXT4-fs: Ignoring removed orlov option [ 167.089805][ T7548] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 167.132990][ T27] kauditd_printk_skb: 70 callbacks suppressed [ 167.133008][ T27] audit: type=1800 audit(1764454412.640:546): pid=7548 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.604" name="bus" dev="loop2" ino=18 res=0 errno=0 [ 167.231930][ T5790] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 167.297917][ T7553] netlink: 16 bytes leftover after parsing attributes in process `syz.3.606'. [ 167.408741][ T7559] loop3: detected capacity change from 0 to 512 [ 167.438333][ T7559] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 167.483564][ T7559] ext4 filesystem being mounted at /147/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 167.531420][ T7566] netlink: 'syz.2.611': attribute type 9 has an invalid length. [ 167.540089][ T7566] netlink: 399 bytes leftover after parsing attributes in process `syz.2.611'. [ 167.611954][ T5792] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 167.630171][ T7569] loop2: detected capacity change from 0 to 512 [ 167.677588][ T7569] EXT4-fs (loop2): 1 orphan inode deleted [ 167.696634][ T7569] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 167.719849][ T171] Quota error (device loop2): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 167.729692][ T7573] loop1: detected capacity change from 0 to 512 [ 167.739876][ T171] EXT4-fs error (device loop2): ext4_release_dquot:6969: comm kworker/u4:5: Failed to release dquot type 1 [ 167.751884][ T7573] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 167.762068][ T7569] ext4 filesystem being mounted at /138/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 167.789210][ T7573] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1215: group 0, block bitmap and bg descriptor inconsistent: 214 vs 220 free clusters [ 167.791182][ T27] audit: type=1800 audit(1764454413.320:547): pid=7569 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.613" name="bus" dev="loop2" ino=16 res=0 errno=0 [ 167.829529][ T7573] EXT4-fs (loop1): 1 truncate cleaned up [ 167.845444][ T7573] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 167.884200][ T5790] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 167.962545][ T5793] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 168.036965][ T7580] loop2: detected capacity change from 0 to 8192 [ 168.077572][ T7584] loop1: detected capacity change from 0 to 512 [ 168.091517][ T7584] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 168.129930][ T7584] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=200ec118, mo2=0002] [ 168.140780][ T7584] System zones: 1-12 [ 168.154766][ T7584] EXT4-fs (loop1): 1 truncate cleaned up [ 168.170262][ T7584] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 168.404465][ T7592] loop2: detected capacity change from 0 to 512 [ 168.462547][ T5793] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 168.475268][ T5800] Bluetooth: hci4: command 0x1003 tx timeout [ 168.482957][ T5804] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 168.778213][ T27] audit: type=1326 audit(1764454414.310:548): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7598 comm="syz.1.625" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c1ff8f749 code=0x7ffc0000 [ 168.837914][ T27] audit: type=1326 audit(1764454414.310:549): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7598 comm="syz.1.625" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c1ff8f749 code=0x7ffc0000 [ 168.892427][ T27] audit: type=1326 audit(1764454414.310:550): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7598 comm="syz.1.625" exe="/root/syz-executor" sig=0 arch=c000003e syscall=22 compat=0 ip=0x7f3c1ff8f749 code=0x7ffc0000 [ 168.941428][ T7601] netlink: 16 bytes leftover after parsing attributes in process `+}[@'. [ 168.957779][ T27] audit: type=1326 audit(1764454414.310:551): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7598 comm="syz.1.625" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c1ff8f749 code=0x7ffc0000 [ 169.017400][ T27] audit: type=1326 audit(1764454414.310:552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7598 comm="syz.1.625" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c1ff8f749 code=0x7ffc0000 [ 169.360814][ T7608] syzkaller0: entered promiscuous mode [ 169.422801][ T7608] syzkaller0: entered allmulticast mode [ 169.556796][ T7611] netlink: 20 bytes leftover after parsing attributes in process `syz.1.629'. [ 170.493064][ T7609] sched: RT throttling activated [ 170.612867][ T7618] loop1: detected capacity change from 0 to 512 [ 170.640226][ T7621] loop3: detected capacity change from 0 to 1024 [ 170.668045][ T7618] EXT4-fs (loop1): 1 orphan inode deleted [ 170.686804][ T49] Bluetooth: hci4: Frame reassembly failed (-84) [ 170.693612][ T171] Quota error (device loop1): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 170.704125][ T27] audit: type=1326 audit(1764454416.220:553): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7626 comm="syz.0.635" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd88d8f749 code=0x7ffc0000 [ 170.733378][ T7618] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 170.740593][ T171] EXT4-fs error (device loop1): ext4_release_dquot:6969: comm kworker/u4:5: Failed to release dquot type 1 [ 170.762369][ T7621] EXT4-fs (loop3): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 170.776296][ T7621] ext4 filesystem being mounted at /154/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 170.789466][ T7618] ext4 filesystem being mounted at /169/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 170.809358][ T7621] EXT4-fs error (device loop3): ext4_validate_block_bitmap:439: comm syz.3.634: bg 0: block 112: padding at end of block bitmap is not set [ 170.834330][ T7621] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 32 with max blocks 1 with error 117 [ 170.854461][ T7621] EXT4-fs (loop3): This should not happen!! Data will be lost [ 170.854461][ T7621] [ 170.964672][ T5792] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 170.981804][ T5793] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 171.258161][ T7639] netlink: 'syz.1.640': attribute type 9 has an invalid length. [ 171.267953][ T7639] netlink: 399 bytes leftover after parsing attributes in process `syz.1.640'. [ 171.412423][ T7643] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 171.710775][ T7650] loop1: detected capacity change from 0 to 1024 [ 171.718566][ T7650] EXT4-fs: Ignoring removed orlov option [ 171.733179][ T7650] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 171.742975][ T7653] syz.0.646[7653] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 171.745878][ T7653] syz.0.646[7653] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 171.764229][ T7653] netlink: 24 bytes leftover after parsing attributes in process `syz.0.646'. [ 171.840303][ T5793] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 172.714095][ T5800] Bluetooth: hci4: command 0x1003 tx timeout [ 172.721876][ T5804] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 173.402648][ T7682] ip6_vti0 speed is unknown, defaulting to 1000 [ 174.412404][ T7702] loop1: detected capacity change from 0 to 512 [ 174.518872][ T7704] netlink: 20 bytes leftover after parsing attributes in process `syz.2.663'. [ 175.365007][ T7702] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 175.414146][ T7702] ext4 filesystem being mounted at /182/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 175.615369][ T7708] syz.2.666[7708] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 175.615512][ T7708] syz.2.666[7708] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 175.636501][ T5793] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 176.112163][ T27] kauditd_printk_skb: 8 callbacks suppressed [ 176.112182][ T27] audit: type=1326 audit(1764454421.640:562): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7717 comm="syz.1.669" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c1ff8f749 code=0x7ffc0000 [ 176.141054][ T27] audit: type=1326 audit(1764454421.640:563): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7717 comm="syz.1.669" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c1ff8f749 code=0x7ffc0000 [ 176.168163][ T27] audit: type=1326 audit(1764454421.640:564): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7717 comm="syz.1.669" exe="/root/syz-executor" sig=0 arch=c000003e syscall=31 compat=0 ip=0x7f3c1ff8f749 code=0x7ffc0000 [ 176.191070][ T27] audit: type=1326 audit(1764454421.640:565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7717 comm="syz.1.669" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c1ff8f749 code=0x7ffc0000 [ 176.214126][ T27] audit: type=1326 audit(1764454421.640:566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7717 comm="syz.1.669" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c1ff8f749 code=0x7ffc0000 [ 176.237123][ T27] audit: type=1326 audit(1764454421.640:567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7717 comm="syz.1.669" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f3c1ff8f749 code=0x7ffc0000 [ 176.262386][ T27] audit: type=1326 audit(1764454421.640:568): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7717 comm="syz.1.669" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c1ff8f749 code=0x7ffc0000 [ 176.287651][ T27] audit: type=1326 audit(1764454421.640:569): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7717 comm="syz.1.669" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c1ff8f749 code=0x7ffc0000 [ 176.839818][ T7741] loop1: detected capacity change from 0 to 512 [ 176.880475][ T7741] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 176.912650][ T7741] ext4 filesystem being mounted at /184/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 176.997177][ T5793] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 177.111360][ T27] audit: type=1326 audit(1764454422.640:570): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7752 comm="syz.2.685" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37aed8f749 code=0x7ffc0000 [ 177.167883][ T7757] syz.1.683: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz1,mems_allowed=0-1 [ 177.173086][ T27] audit: type=1326 audit(1764454422.640:571): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7752 comm="syz.2.685" exe="/root/syz-executor" sig=0 arch=c000003e syscall=187 compat=0 ip=0x7f37aed8f749 code=0x7ffc0000 [ 177.204078][ T7757] CPU: 0 PID: 7757 Comm: syz.1.683 Not tainted syzkaller #0 [ 177.213495][ T7757] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 177.223611][ T7757] Call Trace: [ 177.226943][ T7757] [ 177.229941][ T7757] dump_stack_lvl+0x16c/0x230 [ 177.234684][ T7757] ? show_regs_print_info+0x20/0x20 [ 177.240023][ T7757] ? load_image+0x3b0/0x3b0 [ 177.244579][ T7757] ? cpuset_print_current_mems_allowed+0x1f/0x360 [ 177.251141][ T7757] ? cpuset_print_current_mems_allowed+0x2e3/0x360 [ 177.257706][ T7757] warn_alloc+0x210/0x300 [ 177.262111][ T7757] ? stack_trace_save+0x9c/0xe0 [ 177.267020][ T7757] ? zone_watermark_ok_safe+0x230/0x230 [ 177.272646][ T7757] ? kasan_set_track+0x5f/0x70 [ 177.277466][ T7757] ? kasan_set_track+0x4e/0x70 [ 177.282278][ T7757] ? __kasan_kmalloc+0x8f/0xa0 [ 177.287092][ T7757] ? xsk_init_queue+0xb0/0x110 [ 177.291907][ T7757] ? xsk_setsockopt+0x43c/0x6f0 [ 177.296804][ T7757] ? do_sock_setsockopt+0x175/0x1a0 [ 177.302063][ T7757] ? __x64_sys_setsockopt+0x184/0x200 [ 177.307505][ T7757] __vmalloc_node_range+0x126/0x1320 [ 177.312872][ T7757] ? free_vm_area+0x50/0x50 [ 177.317427][ T7757] vmalloc_user+0x74/0x80 [ 177.321785][ T7757] ? xskq_create+0xbf/0x170 [ 177.326309][ T7757] xskq_create+0xbf/0x170 [ 177.330659][ T7757] xsk_init_queue+0xb0/0x110 [ 177.335273][ T7757] xsk_setsockopt+0x43c/0x6f0 [ 177.339979][ T7757] ? xsk_poll+0x670/0x670 [ 177.344369][ T7757] ? __fget_files+0x28/0x4d0 [ 177.349017][ T7757] ? bpf_lsm_socket_setsockopt+0x9/0x10 [ 177.354604][ T7757] ? security_socket_setsockopt+0x7e/0xa0 [ 177.360364][ T7757] ? xsk_poll+0x670/0x670 [ 177.364740][ T7757] do_sock_setsockopt+0x175/0x1a0 [ 177.369797][ T7757] ? __fdget+0x180/0x210 [ 177.374077][ T7757] __x64_sys_setsockopt+0x184/0x200 [ 177.379352][ T7757] do_syscall_64+0x55/0xb0 [ 177.383797][ T7757] ? clear_bhb_loop+0x40/0x90 [ 177.388500][ T7757] ? clear_bhb_loop+0x40/0x90 [ 177.393212][ T7757] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 177.399149][ T7757] RIP: 0033:0x7f3c1ff8f749 [ 177.403602][ T7757] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 177.423280][ T7757] RSP: 002b:00007f3c20e53038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 177.431731][ T7757] RAX: ffffffffffffffda RBX: 00007f3c201e5fa0 RCX: 00007f3c1ff8f749 [ 177.439728][ T7757] RDX: 0000000000000006 RSI: 000000000000011b RDI: 0000000000000009 [ 177.447731][ T7757] RBP: 00007f3c20013f91 R08: 0000000000000004 R09: 0000000000000000 [ 177.455713][ T7757] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000 [ 177.463699][ T7757] R13: 00007f3c201e6038 R14: 00007f3c201e5fa0 R15: 00007ffc6f51ba08 [ 177.471703][ T7757] [ 177.508772][ T7761] netlink: 'syz.1.683': attribute type 3 has an invalid length. [ 177.518614][ T7761] netlink: 'syz.1.683': attribute type 2 has an invalid length. [ 177.544152][ T7757] Mem-Info: [ 177.547364][ T7757] active_anon:23656 inactive_anon:0 isolated_anon:0 [ 177.547364][ T7757] active_file:10291 inactive_file:40393 isolated_file:0 [ 177.547364][ T7757] unevictable:768 dirty:145 writeback:0 [ 177.547364][ T7757] slab_reclaimable:10870 slab_unreclaimable:91574 [ 177.547364][ T7757] mapped:24268 shmem:20626 pagetables:535 [ 177.547364][ T7757] sec_pagetables:0 bounce:0 [ 177.547364][ T7757] kernel_misc_reclaimable:0 [ 177.547364][ T7757] free:1331436 free_pcp:14142 free_cma:0 [ 177.558188][ T7761] netlink: 'syz.1.683': attribute type 2 has an invalid length. [ 177.637553][ T7757] Node 0 active_anon:94724kB inactive_anon:0kB active_file:41164kB inactive_file:161372kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:97072kB dirty:576kB writeback:0kB shmem:80968kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11296kB pagetables:2140kB sec_pagetables:0kB all_unreclaimable? no [ 177.672370][ T7757] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no [ 177.710440][ T7757] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 177.711305][ T7768] netlink: 28 bytes leftover after parsing attributes in process `syz.3.690'. [ 177.748241][ T7757] lowmem_reserve[]: 0 2525 2526 2526 2526 [ 177.755935][ T7757] Node 0 DMA32 free:1425284kB boost:0kB min:34676kB low:43344kB high:52012kB reserved_highatomic:0KB active_anon:94680kB inactive_anon:0kB active_file:41164kB inactive_file:160052kB unevictable:1536kB writepending:576kB present:3129332kB managed:2589596kB mlocked:0kB bounce:0kB free_pcp:32412kB local_pcp:17884kB free_cma:0kB [ 177.786905][ T7757] lowmem_reserve[]: 0 0 1 1 1 [ 177.791726][ T7757] Node 0 Normal free:12kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB active_anon:44kB inactive_anon:0kB active_file:0kB inactive_file:1320kB unevictable:0kB writepending:0kB present:1048576kB managed:1384kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:8kB free_cma:0kB [ 177.820469][ T7757] lowmem_reserve[]: 0 0 0 0 0 [ 177.828888][ T7757] Node 1 Normal free:3885088kB boost:0kB min:55208kB low:69008kB high:82808kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB writepending:4kB present:4194304kB managed:4117312kB mlocked:0kB bounce:0kB free_pcp:23904kB local_pcp:11744kB free_cma:0kB [ 177.846649][ T7768] netlink: 28 bytes leftover after parsing attributes in process `syz.3.690'. [ 177.859296][ T7757] lowmem_reserve[]: 0 0 0 0 0 [ 177.873570][ T7757] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 177.888122][ T7757] Node 0 DMA32: 863*4kB (U) 373*8kB (UE) 264*16kB (UE) 205*32kB (UME) 183*64kB (UME) 147*128kB (UME) 61*256kB (UME) 26*512kB (UME) 13*1024kB (UM) 4*2048kB (UM) 324*4096kB (UM) = 1425284kB [ 177.909684][ T7757] Node 0 Normal: 1*4kB (M) 1*8kB (M) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 12kB [ 177.927593][ T7757] Node 1 Normal: 284*4kB (UM) 62*8kB (UME) 42*16kB (UME) 71*32kB (UME) 23*64kB (UE) 3*128kB (UM) 1*256kB (E) 1*512kB (M) 1*1024kB (U) 1*2048kB (E) 946*4096kB (M) = 3885088kB [ 177.949447][ T7757] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 177.959458][ T7757] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 177.972566][ T7757] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 177.982598][ T7757] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 177.999286][ T7757] 71310 total pagecache pages [ 178.004498][ T7757] 0 pages in swap cache [ 178.010717][ T7757] Free swap = 124716kB [ 178.019101][ T7757] Total swap = 124996kB [ 178.023328][ T7757] 2097051 pages RAM [ 178.027980][ T7757] 0 pages HighMem/MovableOnly [ 178.028810][ T7768] netlink: 28 bytes leftover after parsing attributes in process `syz.3.690'. [ 178.032686][ T7757] 416138 pages reserved [ 178.032697][ T7757] 0 pages cma reserved [ 178.113142][ T7774] loop1: detected capacity change from 0 to 512 [ 178.134081][ T7774] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 178.148315][ T7774] ext4 filesystem being mounted at /186/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 178.198538][ T5793] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 178.603067][ T7791] loop1: detected capacity change from 0 to 4096 [ 178.624487][ T7795] netlink: 'syz.0.700': attribute type 4 has an invalid length. [ 178.648139][ T7791] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 178.700371][ T7801] loop2: detected capacity change from 0 to 512 [ 178.718015][ T7800] netlink: 'syz.0.700': attribute type 4 has an invalid length. [ 178.777531][ T7801] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 178.792325][ T7801] ext4 filesystem being mounted at /154/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 178.945579][ T7807] syzkaller0: entered promiscuous mode [ 178.952156][ T7807] syzkaller0: entered allmulticast mode [ 178.960262][ T5790] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 179.088324][ T5793] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 179.088332][ T7813] loop2: detected capacity change from 0 to 512 [ 179.089280][ T7813] EXT4-fs: Ignoring removed i_version option [ 179.110205][ T7813] EXT4-fs: Ignoring removed bh option [ 179.149812][ T7813] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 179.193319][ T7813] ext4 filesystem being mounted at /155/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 179.372577][ T5790] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 179.385982][ T7819] loop1: detected capacity change from 0 to 512 [ 179.451940][ T7819] EXT4-fs (loop1): too many log groups per flexible block group [ 179.468509][ T7819] EXT4-fs (loop1): failed to initialize mballoc (-12) [ 179.476823][ T7819] EXT4-fs (loop1): mount failed [ 180.888742][ T7839] loop3: detected capacity change from 0 to 512 [ 180.898214][ T7839] EXT4-fs: Ignoring removed nobh option [ 180.961704][ T7839] EXT4-fs error (device loop3): ext4_do_update_inode:5244: inode #16: comm syz.3.714: corrupted inode contents [ 181.000694][ T7839] EXT4-fs (loop3): Remounting filesystem read-only [ 181.025449][ T7839] EXT4-fs (loop3): 1 truncate cleaned up [ 181.032547][ T7839] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 181.047284][ T42] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 181.072230][ T7839] ext4 filesystem being mounted at /178/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 181.088235][ T42] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 181.120240][ T42] __quota_error: 63 callbacks suppressed [ 181.120258][ T42] Quota error (device loop3): write_blk: dquota write failed [ 181.141841][ T7839] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 181.156103][ T42] Quota error (device loop3): free_dqentry: Can't move quota data block (5) to free list [ 181.166994][ T42] EXT4-fs (loop3): Quota write (off=8, len=24) cancelled because transaction is not started [ 181.177381][ T42] Quota error (device loop3): v2_write_file_info: Can't write info structure [ 181.198377][ T42] Quota error (device loop3): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 181.212866][ T27] audit: type=1326 audit(1764454426.740:633): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7846 comm="syz.1.716" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c1ff8f749 code=0x7ffc0000 [ 181.253445][ T27] audit: type=1326 audit(1764454426.740:634): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7846 comm="syz.1.716" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c1ff8f749 code=0x7ffc0000 [ 181.282695][ T27] audit: type=1326 audit(1764454426.740:635): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7846 comm="syz.1.716" exe="/root/syz-executor" sig=0 arch=c000003e syscall=246 compat=0 ip=0x7f3c1ff8f749 code=0x7ffc0000 [ 181.310754][ T27] audit: type=1326 audit(1764454426.740:636): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7846 comm="syz.1.716" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c1ff8f749 code=0x7ffc0000 [ 181.337031][ T27] audit: type=1326 audit(1764454426.740:637): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7846 comm="syz.1.716" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f3c1ff8f749 code=0x7ffc0000 [ 181.369284][ T27] audit: type=1326 audit(1764454426.740:638): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7846 comm="syz.1.716" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c1ff8f749 code=0x7ffc0000 [ 182.066145][ T7826] $H: renamed from bond0 (while UP) [ 182.080173][ T7826] $H: entered promiscuous mode [ 182.088028][ T7826] bond_slave_0: entered promiscuous mode [ 182.095747][ T7826] bond_slave_1: entered promiscuous mode [ 182.261304][ T7857] : renamed from vlan0 (while UP) [ 182.360045][ T7863] loop2: detected capacity change from 0 to 128 [ 182.392723][ T7863] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100) [ 182.404163][ T7863] FAT-fs (loop2): Filesystem has been set read-only [ 182.417862][ T7863] syz.2.723: attempt to access beyond end of device [ 182.417862][ T7863] loop2: rw=524288, sector=2065, nr_sectors = 8 limit=128 [ 182.432341][ T7863] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100) [ 182.444534][ T7863] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100) [ 182.475608][ T7863] syz.2.723: attempt to access beyond end of device [ 182.475608][ T7863] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 182.521894][ T7868] ip6_vti0 speed is unknown, defaulting to 1000 [ 182.873626][ T7880] siw: device registration error -23 [ 182.887293][ T7879] hub 2-0:1.0: USB hub found [ 182.892942][ T7879] hub 2-0:1.0: 1 port detected [ 183.425680][ T7895] bridge1: entered promiscuous mode [ 183.762456][ T7908] loop2: detected capacity change from 0 to 512 [ 183.770499][ T7908] EXT4-fs: Ignoring removed nobh option [ 183.814599][ T7908] EXT4-fs error (device loop2): ext4_do_update_inode:5244: inode #16: comm syz.2.739: corrupted inode contents [ 183.838262][ T7908] EXT4-fs (loop2): Remounting filesystem read-only [ 183.866619][ T7908] EXT4-fs (loop2): 1 truncate cleaned up [ 183.890184][ T7908] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 183.894302][ T6666] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 183.902985][ T7908] ext4 filesystem being mounted at /163/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 183.935221][ T7908] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 183.945335][ T6666] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 183.957189][ T6666] EXT4-fs (loop2): Quota write (off=8, len=24) cancelled because transaction is not started [ 184.221428][ T7929] syz.1.749[7929] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 184.221607][ T7929] syz.1.749[7929] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 185.131123][ T7966] loop2: detected capacity change from 0 to 1024 [ 185.150566][ T7966] EXT4-fs: inline encryption not supported [ 185.157645][ T7966] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 185.181657][ T7966] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 185.227763][ T5790] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 185.282293][ T7941] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 185.291351][ T7941] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 185.309748][ T7941] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 185.324664][ T7941] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 185.330997][ T7941] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 185.339797][ T7941] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 185.351043][ T7941] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 185.361651][ T7941] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 185.376073][ T7941] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 185.394619][ T7941] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 185.536910][ T7975] syz.1.766[7975] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 185.537050][ T7975] syz.1.766[7975] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 186.554041][ T5804] Bluetooth: hci1: command 0x0c1a tx timeout [ 186.576796][ T28] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 186.705880][ T8007] loop3: detected capacity change from 0 to 512 [ 186.715948][ T8007] EXT4-fs: Ignoring removed nobh option [ 186.744239][ T28] usb 3-1: device descriptor read/64, error -71 [ 186.769679][ T8007] EXT4-fs error (device loop3): ext4_do_update_inode:5244: inode #16: comm syz.3.781: corrupted inode contents [ 186.785591][ T8007] EXT4-fs (loop3): Remounting filesystem read-only [ 186.792693][ T8007] EXT4-fs (loop3): 1 truncate cleaned up [ 186.800974][ T8007] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 186.802785][ T8013] binfmt_misc: register: failed to install interpreter file ./file2 [ 186.815920][ T8007] ext4 filesystem being mounted at /189/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 186.830743][ T12] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 186.852687][ T12] __quota_error: 90 callbacks suppressed [ 186.852706][ T12] Quota error (device loop3): write_blk: dquota write failed [ 186.874667][ T5792] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 186.895286][ T12] Quota error (device loop3): remove_free_dqentry: Can't write block (5) with free entries [ 186.905890][ T12] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 186.917240][ T12] Quota error (device loop3): write_blk: dquota write failed [ 186.924920][ T12] Quota error (device loop3): free_dqentry: Can't move quota data block (5) to free list [ 186.936550][ T12] EXT4-fs (loop3): Quota write (off=8, len=24) cancelled because transaction is not started [ 186.947252][ T12] Quota error (device loop3): v2_write_file_info: Can't write info structure [ 186.956744][ T12] Quota error (device loop3): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 187.015261][ T28] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 187.044613][ T8018] loop3: detected capacity change from 0 to 512 [ 187.052554][ T8018] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 187.072902][ T8018] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #16: comm syz.3.784: invalid indirect mapped block 4294967295 (level 0) [ 187.091294][ T8018] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #16: comm syz.3.784: invalid indirect mapped block 4294967295 (level 1) [ 187.120472][ T8018] EXT4-fs (loop3): 1 orphan inode deleted [ 187.132258][ T8018] EXT4-fs (loop3): 1 truncate cleaned up [ 187.139655][ T8018] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 187.174052][ T28] usb 3-1: device descriptor read/64, error -71 [ 187.183162][ T5792] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 187.294225][ T28] usb usb3-port1: attempt power cycle [ 187.313669][ T8030] loop3: detected capacity change from 0 to 512 [ 187.331324][ T8030] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 187.349524][ T8030] ext4 filesystem being mounted at /192/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 187.360399][ T5804] Bluetooth: hci2: command 0x0c1a tx timeout [ 187.364116][ T5804] Bluetooth: hci3: command 0x0c1a tx timeout [ 187.375691][ T8030] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 187.594887][ T27] audit: type=1326 audit(1764454433.130:723): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8041 comm="syz.0.795" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7efd88d8f749 code=0x0 [ 187.700496][ T27] audit: type=1326 audit(1764454433.230:724): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8041 comm="syz.0.795" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd88d8f749 code=0x7ffc0000 [ 187.723184][ T28] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 187.730887][ T27] audit: type=1326 audit(1764454433.230:725): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8041 comm="syz.0.795" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd88d8f749 code=0x7ffc0000 [ 187.758491][ T27] audit: type=1326 audit(1764454433.230:726): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8041 comm="syz.0.795" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7efd88d8f749 code=0x7ffc0000 [ 187.785517][ T28] usb 3-1: device descriptor read/8, error -71 [ 188.054207][ T28] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 188.065731][ T8055] loop1: detected capacity change from 0 to 512 [ 188.084898][ T28] usb 3-1: device descriptor read/8, error -71 [ 188.093546][ T8055] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 188.106395][ T8055] ext4 filesystem being mounted at /218/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 188.157098][ T5793] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 188.205107][ T28] usb usb3-port1: unable to enumerate USB device [ 188.634120][ T5804] Bluetooth: hci1: command 0x0c1a tx timeout [ 188.788192][ T8071] netlink: 12 bytes leftover after parsing attributes in process `syz.0.805'. [ 189.441197][ T5804] Bluetooth: hci3: command 0x0c1a tx timeout [ 189.447867][ T5804] Bluetooth: hci2: command 0x0c1a tx timeout [ 189.532676][ T8090] syz.2.814[8090] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 189.532829][ T8090] syz.2.814[8090] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 189.555554][ T8090] loop2: detected capacity change from 0 to 512 [ 189.597283][ T8090] EXT4-fs (loop2): revision level too high, forcing read-only mode [ 189.609222][ T8090] EXT4-fs (loop2): orphan cleanup on readonly fs [ 189.622287][ T8090] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.814: Failed to acquire dquot type 1 [ 189.640611][ T8090] EXT4-fs error (device loop2): ext4_validate_block_bitmap:439: comm syz.2.814: bg 0: block 40: padding at end of block bitmap is not set [ 189.659391][ T8090] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6637: Corrupt filesystem [ 189.669920][ T8090] EXT4-fs (loop2): 1 truncate cleaned up [ 189.684993][ T8090] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 189.837259][ T5790] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 189.965625][ T8112] 9pnet_fd: Insufficient options for proto=fd [ 190.363881][ T8129] loop2: detected capacity change from 0 to 128 [ 190.397238][ T8129] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 190.435490][ T8129] ext4 filesystem being mounted at /173/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 190.548349][ T5790] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 190.619442][ T8138] loop2: detected capacity change from 0 to 512 [ 190.641381][ T8138] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 190.662337][ T8138] ext4 filesystem being mounted at /174/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 190.714166][ T5804] Bluetooth: hci1: command 0x0c1a tx timeout [ 190.790596][ T5790] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 191.514294][ T5800] Bluetooth: hci3: command 0x0c1a tx timeout [ 191.520640][ T5804] Bluetooth: hci2: command 0x0c1a tx timeout [ 193.308902][ T8199] netlink: 8 bytes leftover after parsing attributes in process `syz.0.853'. [ 193.396651][ T8204] loop3: detected capacity change from 0 to 128 [ 193.439389][ T8204] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 193.477628][ T8204] ext4 filesystem being mounted at /211/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 193.722420][ T5792] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 193.980700][ T27] kauditd_printk_skb: 120 callbacks suppressed [ 193.980717][ T27] audit: type=1326 audit(1764454439.510:845): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8217 comm="syz.2.869" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37aed8f749 code=0x7ffc0000 [ 194.034013][ T27] audit: type=1326 audit(1764454439.540:846): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8217 comm="syz.2.869" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f37aed8f749 code=0x7ffc0000 [ 194.104346][ T27] audit: type=1326 audit(1764454439.540:847): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8217 comm="syz.2.869" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37aed8f749 code=0x7ffc0000 [ 194.174185][ T27] audit: type=1326 audit(1764454439.540:848): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8217 comm="syz.2.869" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37aed8f749 code=0x7ffc0000 [ 194.201559][ T27] audit: type=1326 audit(1764454439.540:849): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8217 comm="syz.2.869" exe="/root/syz-executor" sig=0 arch=c000003e syscall=31 compat=0 ip=0x7f37aed8f749 code=0x7ffc0000 [ 194.232702][ T27] audit: type=1326 audit(1764454439.540:850): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8217 comm="syz.2.869" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37aed8f749 code=0x7ffc0000 [ 194.274800][ T27] audit: type=1326 audit(1764454439.540:851): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8217 comm="syz.2.869" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37aed8f749 code=0x7ffc0000 [ 194.458340][ T8232] netlink: 12 bytes leftover after parsing attributes in process `syz.3.876'. [ 194.470937][ T8233] loop2: detected capacity change from 0 to 512 [ 194.511402][ T8233] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 194.512642][ T8232] loop3: detected capacity change from 0 to 1024 [ 194.536864][ T8232] ext4: Unknown parameter 'seclabel' [ 194.543027][ T8233] ext4 filesystem being mounted at /188/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 194.568632][ T1286] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.623861][ T5790] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 194.741197][ T8244] netlink: 'syz.2.878': attribute type 1 has an invalid length. [ 194.756548][ T8244] netlink: 224 bytes leftover after parsing attributes in process `syz.2.878'. [ 195.083626][ T8260] loop3: detected capacity change from 0 to 512 [ 195.121340][ T8260] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 195.151836][ T8258] ip6_vti0 speed is unknown, defaulting to 1000 [ 195.161280][ T8260] ext4 filesystem being mounted at /219/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 195.330596][ T5792] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 195.672713][ T8266] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies. [ 195.963625][ T8269] netlink: 16 bytes leftover after parsing attributes in process `syz.2.890'. [ 196.081510][ T8270] loop1: detected capacity change from 0 to 2048 [ 196.260283][ T8276] veth0: entered promiscuous mode [ 196.279357][ T8270] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 196.304887][ T8276] veth0: left promiscuous mode [ 196.440297][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 196.542734][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 196.722400][ T5793] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 196.856396][ T8285] xt_AUDIT: Audit type out of range (valid range: 0..2) [ 196.890361][ T8285] netlink: 40 bytes leftover after parsing attributes in process `syz.2.895'. [ 196.932737][ T8286] loop3: detected capacity change from 0 to 512 [ 196.965823][ T8286] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 196.996214][ T27] audit: type=1107 audit(1764454442.530:852): pid=8284 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='>' [ 197.019229][ T8286] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #16: comm syz.3.887: invalid indirect mapped block 4294967295 (level 0) [ 197.036482][ T8285] loop2: detected capacity change from 0 to 512 [ 197.052714][ T8285] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 197.113114][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 197.124520][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 197.144136][ T8286] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #16: comm syz.3.887: invalid indirect mapped block 4294967295 (level 1) [ 197.144152][ T0] NOHZ tick-stop error: local softirq work is pending, handler #202!!! [ 197.191522][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 197.201409][ T8285] EXT4-fs (loop2): 1 truncate cleaned up [ 197.230073][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 197.239016][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 197.252735][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 197.256010][ T8286] EXT4-fs (loop3): 1 orphan inode deleted [ 197.274359][ T8285] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 197.297304][ T8286] EXT4-fs (loop3): 1 truncate cleaned up [ 197.307207][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 197.312357][ T8286] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 197.347538][ T27] audit: type=1326 audit(1764454442.880:853): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8291 comm="syz.1.896" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c1ff8f749 code=0x7ffc0000 [ 197.372719][ T27] audit: type=1326 audit(1764454442.880:854): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8291 comm="syz.1.896" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c1ff8f749 code=0x7ffc0000 [ 197.564712][ T5790] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 197.849788][ T8303] loop1: detected capacity change from 0 to 512 [ 197.871397][ T8303] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 197.929579][ T8303] ext4 filesystem being mounted at /241/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 197.996770][ T5793] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 198.421999][ T8315] bridge2: entered promiscuous mode [ 198.430008][ T8315] bridge2: entered allmulticast mode [ 198.443608][ T8315] team0: Port device bridge2 added [ 198.610851][ T8319] xt_AUDIT: Audit type out of range (valid range: 0..2) [ 198.639674][ T8319] netlink: 40 bytes leftover after parsing attributes in process `syz.1.906'. [ 198.695395][ T8319] loop1: detected capacity change from 0 to 512 [ 198.722028][ T8319] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 198.851233][ T8319] EXT4-fs (loop1): 1 truncate cleaned up [ 198.858645][ T8319] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 198.929765][ T5793] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 199.037162][ T8327] loop1: detected capacity change from 0 to 8192 [ 199.847706][ T5792] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 200.054306][ T8351] netlink: 16 bytes leftover after parsing attributes in process `syz.2.928'. [ 200.061590][ T8352] xt_AUDIT: Audit type out of range (valid range: 0..2) [ 200.078841][ T8352] netlink: 40 bytes leftover after parsing attributes in process `syz.3.920'. [ 200.103999][ T27] kauditd_printk_skb: 7 callbacks suppressed [ 200.104016][ T27] audit: type=1107 audit(1764454445.630:862): pid=8350 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='>' [ 200.110324][ T8352] loop3: detected capacity change from 0 to 512 [ 200.147044][ T8352] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 200.172330][ T8352] EXT4-fs (loop3): 1 truncate cleaned up [ 200.180251][ T8352] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 200.315435][ T5792] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 200.714389][ T8371] IPv6: Can't replace route, no match found [ 200.898369][ T27] audit: type=1326 audit(1764454446.430:863): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8374 comm="syz.0.931" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd88d8f749 code=0x7ffc0000 [ 200.931603][ T27] audit: type=1326 audit(1764454446.430:864): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8374 comm="syz.0.931" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd88d8f749 code=0x7ffc0000 [ 200.969083][ T27] audit: type=1326 audit(1764454446.430:865): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8374 comm="syz.0.931" exe="/root/syz-executor" sig=0 arch=c000003e syscall=433 compat=0 ip=0x7efd88d8f749 code=0x7ffc0000 [ 201.021471][ T27] audit: type=1326 audit(1764454446.430:866): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8374 comm="syz.0.931" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd88d8f749 code=0x7ffc0000 [ 201.050033][ T27] audit: type=1326 audit(1764454446.430:867): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8374 comm="syz.0.931" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd88d8f749 code=0x7ffc0000 [ 201.321164][ T8390] loop2: detected capacity change from 0 to 512 [ 201.348454][ T8390] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 201.369867][ T8390] ext4 filesystem being mounted at /204/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 201.435071][ T5790] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 201.526837][ T27] audit: type=1326 audit(1764454447.060:868): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8400 comm="syz.2.941" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37aed8f749 code=0x7ffc0000 [ 201.560667][ T8403] syz.0.943[8403] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 201.560815][ T8403] syz.0.943[8403] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 201.579722][ T27] audit: type=1326 audit(1764454447.060:869): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8400 comm="syz.2.941" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37aed8f749 code=0x7ffc0000 [ 201.579779][ T27] audit: type=1326 audit(1764454447.090:870): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8400 comm="syz.2.941" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7f37aed8f749 code=0x7ffc0000 [ 201.579825][ T27] audit: type=1326 audit(1764454447.110:871): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8400 comm="syz.2.941" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37aed8f749 code=0x7ffc0000 [ 201.666858][ T8405] netlink: 4 bytes leftover after parsing attributes in process `syz.0.943'. [ 201.779691][ T8405] team0: Port device team_slave_1 removed [ 202.011374][ T8417] netlink: 12 bytes leftover after parsing attributes in process `syz.2.949'. [ 202.024332][ T8417] bridge_slave_0: default FDB implementation only supports local addresses [ 202.317262][ T8427] netlink: 176 bytes leftover after parsing attributes in process `syz.3.953'. [ 202.858546][ T8438] loop3: detected capacity change from 0 to 512 [ 202.898929][ T8438] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 202.932220][ T8438] EXT4-fs (loop3): orphan cleanup on readonly fs [ 203.002819][ T8438] EXT4-fs error (device loop3): ext4_do_update_inode:5244: inode #16: comm syz.3.957: corrupted inode contents [ 203.078651][ T8438] EXT4-fs (loop3): Remounting filesystem read-only [ 203.124597][ T8438] EXT4-fs (loop3): 1 truncate cleaned up [ 203.135964][ T171] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 203.177586][ T171] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 203.231086][ T171] EXT4-fs (loop3): Quota write (off=8, len=24) cancelled because transaction is not started [ 203.275650][ T8438] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 204.034860][ T8464] loop2: detected capacity change from 0 to 512 [ 204.107932][ T8464] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 204.125307][ T8464] ext4 filesystem being mounted at /220/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 204.292055][ T5790] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 204.501804][ T5792] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 204.635213][ T8479] loop2: detected capacity change from 0 to 2048 [ 205.282057][ T8501] netlink: 12 bytes leftover after parsing attributes in process `syz.2.984'. [ 205.447963][ T8506] loop2: detected capacity change from 0 to 512 [ 205.478831][ T8508] veth0: entered promiscuous mode [ 205.487875][ T8507] veth0: left promiscuous mode [ 205.511238][ T8506] EXT4-fs (loop2): too many log groups per flexible block group [ 205.522095][ T27] kauditd_printk_skb: 9 callbacks suppressed [ 205.522111][ T27] audit: type=1326 audit(1764454451.060:875): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8509 comm="syz.3.989" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f675cf8f749 code=0x7ffc0000 [ 205.570345][ T8506] EXT4-fs (loop2): failed to initialize mballoc (-12) [ 205.598658][ T8506] EXT4-fs (loop2): mount failed [ 205.645668][ T27] audit: type=1326 audit(1764454451.060:876): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8509 comm="syz.3.989" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f675cf8f749 code=0x7ffc0000 [ 205.703794][ T27] audit: type=1326 audit(1764454451.120:877): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8509 comm="syz.3.989" exe="/root/syz-executor" sig=0 arch=c000003e syscall=64 compat=0 ip=0x7f675cf8f749 code=0x7ffc0000 [ 205.759695][ T27] audit: type=1326 audit(1764454451.120:878): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8509 comm="syz.3.989" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f675cf8f749 code=0x7ffc0000 [ 205.856721][ T27] audit: type=1326 audit(1764454451.120:879): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8509 comm="syz.3.989" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f675cf8f749 code=0x7ffc0000 [ 205.920316][ T8525] netlink: 'syz.0.995': attribute type 1 has an invalid length. [ 205.929683][ T8525] netlink: 232 bytes leftover after parsing attributes in process `syz.0.995'. [ 205.931691][ T27] audit: type=1326 audit(1764454451.120:880): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8509 comm="syz.3.989" exe="/root/syz-executor" sig=0 arch=c000003e syscall=65 compat=0 ip=0x7f675cf8f749 code=0x7ffc0000 [ 205.944058][ T8525] NCSI netlink: No device for ifindex 131092 [ 206.014014][ T27] audit: type=1326 audit(1764454451.120:881): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8509 comm="syz.3.989" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f675cf8f749 code=0x7ffc0000 [ 206.067374][ T27] audit: type=1326 audit(1764454451.120:882): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8509 comm="syz.3.989" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f675cf8f749 code=0x7ffc0000 [ 206.148427][ T27] audit: type=1326 audit(1764454451.120:883): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8509 comm="syz.3.989" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f675cf8f749 code=0x7ffc0000 [ 206.199896][ T27] audit: type=1326 audit(1764454451.120:884): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8509 comm="syz.3.989" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f675cf8f749 code=0x7ffc0000 [ 206.268096][ T8537] netlink: 132 bytes leftover after parsing attributes in process `syz.2.1001'. [ 206.483826][ T8547] loop3: detected capacity change from 0 to 512 [ 206.524452][ T8547] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 206.547033][ T8547] ext4 filesystem being mounted at /238/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 206.641000][ T5792] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 206.726779][ T8562] loop3: detected capacity change from 0 to 2048 [ 206.777795][ T8562] Alternate GPT is invalid, using primary GPT. [ 206.784844][ T8562] loop3: p1 p2 p3 [ 206.788633][ T8562] loop3: partition table partially beyond EOD, truncated [ 207.150072][ T8575] loop3: detected capacity change from 0 to 256 [ 207.877564][ T8605] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1028'. [ 207.969292][ T8610] pimreg: entered allmulticast mode [ 207.978489][ T8610] pimreg: left allmulticast mode [ 208.911031][ T8651] loop1: detected capacity change from 0 to 2048 [ 208.945398][ T8651] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 209.054775][ T8660] loop2: detected capacity change from 0 to 2048 [ 209.098440][ T5793] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 209.121380][ T8660] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 209.184493][ T8664] netlink: 'syz.3.1051': attribute type 1 has an invalid length. [ 209.284850][ T5790] EXT4-fs error (device loop2): ext4_validate_block_bitmap:439: comm syz-executor: bg 0: block 234: padding at end of block bitmap is not set [ 209.306182][ T5790] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6637: Corrupt filesystem [ 209.336212][ T8666] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 209.347027][ T8666] bond1: (slave batadv0): making interface the new active one [ 209.357471][ T8666] bond1: (slave batadv0): Enslaving as an active interface with an up link [ 209.366510][ T8669] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1051'. [ 209.386694][ T5790] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 209.408216][ T8669] bond1 (unregistering): (slave batadv0): Releasing active interface [ 209.417377][ T8671] siw: device registration error -23 [ 209.445058][ T8673] loop1: detected capacity change from 0 to 512 [ 209.471966][ T8669] bond1 (unregistering): Released all slaves [ 209.489752][ T8673] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 209.528586][ T8673] ext4 filesystem being mounted at /273/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 209.608712][ T5793] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 210.134614][ T8699] loop1: detected capacity change from 0 to 512 [ 210.174631][ T8699] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 210.187704][ T8699] ext4 filesystem being mounted at /277/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 210.292251][ T5793] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 210.766629][ T8715] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1070'. [ 210.956795][ T8723] loop2: detected capacity change from 0 to 512 [ 211.030842][ T8723] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 211.075921][ T8723] ext4 filesystem being mounted at /245/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 211.249987][ T5790] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 211.387708][ T8746] delete_channel: no stack [ 211.468138][ T8752] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1084'. [ 211.720352][ T27] kauditd_printk_skb: 81 callbacks suppressed [ 211.720369][ T27] audit: type=1326 audit(1764454457.250:966): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8764 comm="syz.2.1089" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37aed8f749 code=0x7ffc0000 [ 211.749239][ T27] audit: type=1326 audit(1764454457.250:967): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8764 comm="syz.2.1089" exe="/root/syz-executor" sig=0 arch=c000003e syscall=428 compat=0 ip=0x7f37aed8f749 code=0x7ffc0000 [ 211.774716][ T27] audit: type=1326 audit(1764454457.250:968): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8764 comm="syz.2.1089" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37aed8f749 code=0x7ffc0000 [ 211.798183][ T27] audit: type=1326 audit(1764454457.250:969): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8764 comm="syz.2.1089" exe="/root/syz-executor" sig=0 arch=c000003e syscall=433 compat=0 ip=0x7f37aed8f749 code=0x7ffc0000 [ 211.874115][ T27] audit: type=1326 audit(1764454457.250:970): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8764 comm="syz.2.1089" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37aed8f749 code=0x7ffc0000 [ 211.913335][ T27] audit: type=1326 audit(1764454457.250:971): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8764 comm="syz.2.1089" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37aed8f749 code=0x7ffc0000 [ 212.464324][ T2178] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 212.637377][ T2178] usb 4-1: device descriptor read/64, error -71 [ 212.918932][ T2178] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 213.094076][ T2178] usb 4-1: device descriptor read/64, error -71 [ 213.214417][ T2178] usb usb4-port1: attempt power cycle [ 213.572088][ T27] audit: type=1326 audit(1764454459.100:972): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8809 comm="syz.1.1111" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c1ff8f749 code=0x7ffc0000 [ 213.619547][ T27] audit: type=1326 audit(1764454459.100:973): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8809 comm="syz.1.1111" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c1ff8f749 code=0x7ffc0000 [ 213.643258][ T2178] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 213.661313][ T27] audit: type=1326 audit(1764454459.130:974): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8809 comm="syz.1.1111" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3c1ff8f749 code=0x7ffc0000 [ 213.690512][ T2178] usb 4-1: device descriptor read/8, error -71 [ 213.696969][ T27] audit: type=1326 audit(1764454459.130:975): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8809 comm="syz.1.1111" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c1ff8f749 code=0x7ffc0000 [ 213.964063][ T2178] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 213.998200][ T2178] usb 4-1: device descriptor read/8, error -71 [ 214.136045][ T2178] usb usb4-port1: unable to enumerate USB device [ 214.554273][ T8834] usb usb8: usbfs: process 8834 (syz.1.1121) did not claim interface 0 before use [ 214.658189][ T8839] loop1: detected capacity change from 0 to 512 [ 214.696959][ T8839] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 214.718177][ T8839] ext4 filesystem being mounted at /295/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 214.821575][ T5793] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 215.374623][ T8861] ip6gre1: entered allmulticast mode [ 216.041508][ T8881] loop2: detected capacity change from 0 to 512 [ 216.088921][ T49] Bluetooth: hci4: Frame reassembly failed (-84) [ 216.860355][ T27] kauditd_printk_skb: 58 callbacks suppressed [ 216.860372][ T27] audit: type=1326 audit(1764454462.390:1034): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8915 comm="syz.0.1156" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd88d8f749 code=0x7ffc0000 [ 216.896414][ T27] audit: type=1326 audit(1764454462.430:1035): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8915 comm="syz.0.1156" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd88d8f749 code=0x7ffc0000 [ 216.947350][ T27] audit: type=1326 audit(1764454462.430:1036): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8915 comm="syz.0.1156" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7efd88d8f749 code=0x7ffc0000 [ 216.973802][ T27] audit: type=1326 audit(1764454462.430:1037): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8915 comm="syz.0.1156" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd88d8f749 code=0x7ffc0000 [ 216.999006][ T27] audit: type=1326 audit(1764454462.430:1038): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8915 comm="syz.0.1156" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd88d8f749 code=0x7ffc0000 [ 217.023543][ T27] audit: type=1326 audit(1764454462.460:1039): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8915 comm="syz.0.1156" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7efd88d8f749 code=0x7ffc0000 [ 217.047568][ T27] audit: type=1326 audit(1764454462.460:1040): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8915 comm="syz.0.1156" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd88d8f749 code=0x7ffc0000 [ 217.070593][ T27] audit: type=1326 audit(1764454462.460:1041): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8915 comm="syz.0.1156" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd88d8f749 code=0x7ffc0000 [ 217.093735][ T27] audit: type=1326 audit(1764454462.460:1042): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8915 comm="syz.0.1156" exe="/root/syz-executor" sig=0 arch=c000003e syscall=32 compat=0 ip=0x7efd88d8f749 code=0x7ffc0000 [ 217.117821][ T27] audit: type=1326 audit(1764454462.460:1043): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8915 comm="syz.0.1156" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd88d8f749 code=0x7ffc0000 [ 217.812266][ T8929] tipc: Started in network mode [ 217.822238][ T8929] tipc: Node identity , cluster identity 4711 [ 217.830282][ T8929] tipc: Failed to set node id, please configure manually [ 217.844760][ T8929] tipc: Enabling of bearer rejected, failed to enable media [ 218.154190][ T5800] Bluetooth: hci4: command 0x1003 tx timeout [ 218.161879][ T5804] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 218.361361][ T8953] usb usb8: usbfs: process 8953 (syz.2.1170) did not claim interface 0 before use [ 218.611463][ T8960] netlink: 'syz.2.1173': attribute type 298 has an invalid length. [ 219.395272][ T8976] netlink: 'syz.0.1180': attribute type 17 has an invalid length. [ 219.444826][ T8976] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 220.352130][ T9000] loop1: detected capacity change from 0 to 8192 [ 220.568964][ T9015] netlink: 'syz.2.1198': attribute type 10 has an invalid length. [ 220.627890][ T9015] team0: Port device dummy0 added [ 220.663852][ T9018] netlink: 'syz.2.1198': attribute type 10 has an invalid length. [ 220.682637][ T9018] team0: Failed to send port change of device dummy0 via netlink (err -105) [ 220.768030][ T9018] team0: Failed to send options change via netlink (err -105) [ 220.784380][ T9018] team0: Failed to send port change of device dummy0 via netlink (err -105) [ 220.808538][ T9018] team0: Port device dummy0 removed [ 220.821795][ T9018] dummy0: entered promiscuous mode [ 220.829494][ T9018] $H: (slave dummy0): Enslaving as an active interface with an up link [ 221.009836][ T9025] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1201'. [ 221.196209][ T9033] loop1: detected capacity change from 0 to 128 [ 221.236176][ T9033] syz.1.1204[9033] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 221.236317][ T9033] syz.1.1204[9033] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 222.410410][ T9083] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1228'. [ 222.965885][ T9107] loop3: detected capacity change from 0 to 128 [ 223.015279][ T9107] FAT-fs (loop3): Directory bread(block 162) failed [ 223.022649][ T9107] FAT-fs (loop3): Directory bread(block 163) failed [ 223.029978][ T9107] FAT-fs (loop3): Directory bread(block 164) failed [ 223.037179][ T9107] FAT-fs (loop3): Directory bread(block 165) failed [ 223.045500][ T9107] FAT-fs (loop3): Directory bread(block 166) failed [ 223.052459][ T9107] FAT-fs (loop3): Directory bread(block 167) failed [ 223.059729][ T9107] FAT-fs (loop3): Directory bread(block 168) failed [ 223.066434][ T9107] FAT-fs (loop3): Directory bread(block 169) failed [ 223.090396][ T27] kauditd_printk_skb: 107 callbacks suppressed [ 223.090414][ T27] audit: type=1326 audit(1764454468.497:1151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9110 comm="syz.0.1241" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd88d8f749 code=0x7ffc0000 [ 223.149471][ T9107] FAT-fs (loop3): Directory bread(block 162) failed [ 223.150191][ T27] audit: type=1326 audit(1764454468.497:1152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9110 comm="syz.0.1241" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd88d8f749 code=0x7ffc0000 [ 223.156935][ T9107] FAT-fs (loop3): Directory bread(block 163) failed [ 223.204895][ T27] audit: type=1326 audit(1764454468.497:1153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9110 comm="syz.0.1241" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7efd88d8f749 code=0x7ffc0000 [ 223.238002][ T27] audit: type=1326 audit(1764454468.497:1154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9110 comm=77DEA305FF07 exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd88d8f749 code=0x7ffc0000 [ 223.261885][ T9107] syz.3.1240: attempt to access beyond end of device [ 223.261885][ T9107] loop3: rw=3, sector=226, nr_sectors = 6 limit=128 [ 223.266397][ T27] audit: type=1326 audit(1764454468.497:1155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9110 comm=77DEA305FF07 exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd88d8f749 code=0x7ffc0000 [ 223.311111][ T9107] syz.3.1240: attempt to access beyond end of device [ 223.311111][ T9107] loop3: rw=2051, sector=232, nr_sectors = 2 limit=128 [ 223.400170][ T27] audit: type=1326 audit(1764454468.497:1156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9110 comm=77DEA305FF07 exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7efd88d8f749 code=0x7ffc0000 [ 223.426199][ T27] audit: type=1326 audit(1764454468.497:1157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9110 comm=77DEA305FF07 exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd88d8f749 code=0x7ffc0000 [ 223.509379][ T27] audit: type=1326 audit(1764454468.506:1158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9110 comm=77DEA305FF07 exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd88d8f749 code=0x7ffc0000 [ 223.564745][ T27] audit: type=1326 audit(1764454468.506:1159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9110 comm=77DEA305FF07 exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7efd88d8f749 code=0x7ffc0000 [ 223.608619][ T27] audit: type=1326 audit(1764454468.506:1160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9110 comm=77DEA305FF07 exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd88d8f749 code=0x7ffc0000 [ 224.004522][ T9143] loop3: detected capacity change from 0 to 512 [ 224.047799][ T9147] loop2: detected capacity change from 0 to 1024 [ 224.063329][ T9143] EXT4-fs error (device loop3): ext4_xattr_inode_iget:444: inode #11: comm syz.3.1258: ea_inode with extended attributes [ 224.080617][ T9143] EXT4-fs error (device loop3): ext4_xattr_inode_iget:449: comm syz.3.1258: error while reading EA inode 11 err=-117 [ 224.082712][ T9147] EXT4-fs (loop2): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 224.094157][ T9143] EXT4-fs (loop3): 1 orphan inode deleted [ 224.112446][ T9143] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 224.123969][ T9151] loop1: detected capacity change from 0 to 512 [ 224.125783][ T9147] ext4 filesystem being mounted at /292/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 224.158892][ T9145] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1259'. [ 224.173417][ T5792] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 224.177098][ T9145] xt_HMARK: spi-set and port-set can't be combined [ 224.200892][ T9151] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 224.215966][ T9147] EXT4-fs error (device loop2): ext4_map_blocks:718: inode #15: block 3: comm syz.2.1260: lblock 3 mapped to illegal pblock 3 (length 3) [ 224.240585][ T9151] ext4 filesystem being mounted at /330/file2 supports timestamps until 2038-01-19 (0x7fffffff) [ 224.261495][ T9147] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117 [ 224.290245][ T9147] EXT4-fs (loop2): This should not happen!! Data will be lost [ 224.290245][ T9147] [ 224.330939][ T9157] EXT4-fs error (device loop2): ext4_map_blocks:608: inode #15: block 3: comm syz.2.1260: lblock 3 mapped to illegal pblock 3 (length 1) [ 224.349588][ T9146] EXT4-fs error (device loop2): ext4_map_blocks:608: inode #15: block 4: comm syz.2.1260: lblock 4 mapped to illegal pblock 4 (length 2) [ 224.366889][ T5793] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 224.400140][ T9157] EXT4-fs error (device loop2): ext4_map_blocks:608: inode #15: block 3: comm syz.2.1260: lblock 3 mapped to illegal pblock 3 (length 1) [ 224.400276][ T9146] EXT4-fs error (device loop2): ext4_map_blocks:608: inode #15: block 4: comm syz.2.1260: lblock 4 mapped to illegal pblock 4 (length 2) [ 224.473142][ T9157] EXT4-fs error (device loop2): ext4_map_blocks:608: inode #15: block 3: comm syz.2.1260: lblock 3 mapped to illegal pblock 3 (length 1) [ 224.493713][ T9146] EXT4-fs error (device loop2): ext4_map_blocks:608: inode #15: block 4: comm syz.2.1260: lblock 4 mapped to illegal pblock 4 (length 2) [ 224.511625][ T9157] EXT4-fs error (device loop2): ext4_map_blocks:608: inode #15: block 3: comm syz.2.1260: lblock 3 mapped to illegal pblock 3 (length 1) [ 224.536395][ T9146] EXT4-fs error (device loop2): ext4_map_blocks:608: inode #15: block 4: comm syz.2.1260: lblock 4 mapped to illegal pblock 4 (length 2) [ 224.577057][ T9157] EXT4-fs error (device loop2): ext4_map_blocks:608: inode #15: block 3: comm syz.2.1260: lblock 3 mapped to illegal pblock 3 (length 1) [ 224.625148][ T9168] netlink: 14 bytes leftover after parsing attributes in process `syz.3.1266'. [ 224.640583][ T9168] hsr_slave_0: left promiscuous mode [ 224.652491][ T9168] hsr_slave_1: left promiscuous mode [ 224.761454][ T9172] loop1: detected capacity change from 0 to 512 [ 224.769925][ T9172] EXT4-fs: Ignoring removed oldalloc option [ 224.776414][ T9172] EXT4-fs: Ignoring removed mblk_io_submit option [ 224.786145][ T9172] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 224.806573][ T9172] EXT4-fs (loop1): orphan cleanup on readonly fs [ 224.818747][ T9172] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.1267: Failed to acquire dquot type 1 [ 224.842131][ T9172] EXT4-fs (loop1): 1 truncate cleaned up [ 224.855910][ T9172] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 224.985151][ T12] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 8 with error 117 [ 225.021679][ T12] EXT4-fs (loop2): This should not happen!! Data will be lost [ 225.021679][ T12] [ 225.050058][ T5790] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 225.693705][ T9191] ip6_vti0 speed is unknown, defaulting to 1000 [ 227.293046][ T5793] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 228.526392][ T27] kauditd_printk_skb: 66 callbacks suppressed [ 228.526410][ T27] audit: type=1326 audit(1764454473.586:1225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9207 comm="syz.1.1281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c1ff8f749 code=0x7ffc0000 [ 228.580144][ T9213] netdevsim netdevsim2: loading /lib/firmware/. failed with error -22 [ 228.589347][ T9213] netdevsim netdevsim2: Direct firmware load for . failed with error -22 [ 228.598351][ T9213] netdevsim netdevsim2: Falling back to sysfs fallback for: . [ 228.599424][ T27] audit: type=1326 audit(1764454473.586:1226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9207 comm="syz.1.1281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c1ff8f749 code=0x7ffc0000 [ 228.630069][ T27] audit: type=1326 audit(1764454473.586:1227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9207 comm="syz.1.1281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f3c1ff8df90 code=0x7ffc0000 [ 228.655882][ T27] audit: type=1326 audit(1764454473.586:1228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9207 comm="syz.1.1281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f3c1ff8df90 code=0x7ffc0000 [ 228.692602][ T27] audit: type=1326 audit(1764454473.586:1229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9207 comm="syz.1.1281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c1ff8f749 code=0x7ffc0000 [ 228.787589][ T27] audit: type=1326 audit(1764454473.586:1230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9207 comm="syz.1.1281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c1ff8f749 code=0x7ffc0000 [ 228.849632][ T27] audit: type=1326 audit(1764454473.596:1231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9207 comm="syz.1.1281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=291 compat=0 ip=0x7f3c1ff8f749 code=0x7ffc0000 [ 228.902761][ T27] audit: type=1326 audit(1764454473.596:1232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9207 comm="syz.1.1281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c1ff8f749 code=0x7ffc0000 [ 228.969126][ T27] audit: type=1326 audit(1764454473.596:1233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9207 comm="syz.1.1281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c1ff8f749 code=0x7ffc0000 [ 229.013515][ T27] audit: type=1326 audit(1764454473.596:1234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9207 comm="syz.1.1281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=233 compat=0 ip=0x7f3c1ff8f749 code=0x7ffc0000 [ 229.054387][ T9220] loop1: detected capacity change from 0 to 8192 [ 229.069746][ T9220] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 229.614642][ T9251] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.1302'. [ 229.825121][ T9262] loop3: detected capacity change from 0 to 512 [ 229.832404][ T9262] EXT4-fs: Ignoring removed nobh option [ 229.858332][ T9262] EXT4-fs error (device loop3): ext4_orphan_get:1399: inode #15: comm syz.3.1307: iget: bad i_size value: 38620345925642 [ 229.874513][ T9262] EXT4-fs error (device loop3): ext4_orphan_get:1404: comm syz.3.1307: couldn't read orphan inode 15 (err -117) [ 229.889995][ T9262] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 229.952986][ T9268] loop9: detected capacity change from 0 to 7 [ 229.973067][ T9269] EXT4-fs error (device loop3): ext4_validate_block_bitmap:430: comm syz.3.1307: bg 0: block 5: invalid block bitmap [ 229.991415][ C1] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 230.000960][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 230.015031][ C1] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 230.024316][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 230.036336][ C1] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 230.045590][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 230.057444][ C1] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 230.066700][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 230.076296][ C1] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 230.085572][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 230.096374][ C0] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 230.105724][ C0] Buffer I/O error on dev loop9, logical block 0, async page read [ 230.107487][ T9269] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 904 with error 28 [ 230.127068][ C1] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 230.136329][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 230.144366][ T9268] ldm_validate_partition_table(): Disk read failed. [ 230.151607][ C1] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 230.158515][ T9269] EXT4-fs (loop3): This should not happen!! Data will be lost [ 230.158515][ T9269] [ 230.160874][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 230.178925][ C0] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 230.188314][ C0] Buffer I/O error on dev loop9, logical block 0, async page read [ 230.196195][ T9269] EXT4-fs (loop3): Total free blocks count 0 [ 230.196217][ T9269] EXT4-fs (loop3): Free/Dirty block details [ 230.215059][ T9269] EXT4-fs (loop3): free_blocks=0 [ 230.220186][ C1] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 230.220223][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 230.243465][ T9268] Dev loop9: unable to read RDB block 0 [ 230.250001][ T9268] loop9: unable to read partition table [ 230.249996][ T9269] EXT4-fs (loop3): dirty_blocks=920 [ 230.250019][ T9269] EXT4-fs (loop3): Block reservation details [ 230.256067][ T9268] loop9: partition table beyond EOD, [ 230.261947][ T9269] EXT4-fs (loop3): i_reserved_data_blocks=920 [ 230.273701][ T9268] truncated [ 230.283735][ T9268] loop_reread_partitions: partition scan of loop9 (被xڬdGݡ [ 230.283735][ T9268] ) failed (rc=-5) [ 230.349440][ T42] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 904 with max blocks 16 with error 28 [ 230.436900][ T9279] tipc: Enabling of bearer rejected, failed to enable media [ 230.670214][ T9288] loop1: detected capacity change from 0 to 1024 [ 230.696601][ T9288] EXT4-fs (loop1): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 230.709750][ T9288] ext4 filesystem being mounted at /345/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 230.760070][ T9288] EXT4-fs error (device loop1): ext4_map_blocks:718: inode #15: block 3: comm syz.1.1318: lblock 3 mapped to illegal pblock 3 (length 3) [ 230.782236][ T9288] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117 [ 230.799990][ T9288] EXT4-fs (loop1): This should not happen!! Data will be lost [ 230.799990][ T9288] [ 230.813364][ T9297] EXT4-fs error (device loop1): ext4_map_blocks:608: inode #15: block 3: comm syz.1.1318: lblock 3 mapped to illegal pblock 3 (length 1) [ 230.833370][ T9297] EXT4-fs error (device loop1): ext4_map_blocks:608: inode #15: block 3: comm syz.1.1318: lblock 3 mapped to illegal pblock 3 (length 1) [ 230.850697][ T9297] EXT4-fs error (device loop1): ext4_map_blocks:608: inode #15: block 3: comm syz.1.1318: lblock 3 mapped to illegal pblock 3 (length 1) [ 230.883227][ T9297] EXT4-fs error (device loop1): ext4_map_blocks:608: inode #15: block 3: comm syz.1.1318: lblock 3 mapped to illegal pblock 3 (length 1) [ 230.885247][ T9287] EXT4-fs error (device loop1): ext4_map_blocks:608: inode #15: block 4: comm syz.1.1318: lblock 4 mapped to illegal pblock 4 (length 2) [ 230.910976][ T9297] EXT4-fs error (device loop1): ext4_map_blocks:608: inode #15: block 3: comm syz.1.1318: lblock 3 mapped to illegal pblock 3 (length 1) [ 230.921575][ T9287] EXT4-fs error (device loop1): ext4_map_blocks:608: inode #15: block 4: comm syz.1.1318: lblock 4 mapped to illegal pblock 4 (length 2) [ 230.948477][ T9287] EXT4-fs error (device loop1): ext4_map_blocks:608: inode #15: block 4: comm syz.1.1318: lblock 4 mapped to illegal pblock 4 (length 2) [ 230.950637][ T9297] EXT4-fs error (device loop1): ext4_map_blocks:608: inode #15: block 3: comm syz.1.1318: lblock 3 mapped to illegal pblock 3 (length 1) [ 231.695845][ T49] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 8 with error 117 [ 231.708775][ T49] EXT4-fs (loop1): This should not happen!! Data will be lost [ 231.708775][ T49] [ 231.744089][ T5793] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 231.796784][ T9320] random: crng reseeded on system resumption [ 231.936673][ T9323] loop1: detected capacity change from 0 to 164 [ 231.995811][ T9323] syz.1.1332: attempt to access beyond end of device [ 231.995811][ T9323] loop1: rw=524288, sector=263328, nr_sectors = 4 limit=164 [ 232.028600][ T9323] syz.1.1332: attempt to access beyond end of device [ 232.028600][ T9323] loop1: rw=0, sector=263328, nr_sectors = 4 limit=164 [ 232.286103][ T9328] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1333'. [ 232.318374][ T9328] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1333'. [ 232.831326][ T9339] loop1: detected capacity change from 0 to 512 [ 232.848983][ T9339] EXT4-fs: Ignoring removed oldalloc option [ 232.866673][ T9339] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 232.916389][ T9339] EXT4-fs (loop1): 1 truncate cleaned up [ 232.932127][ T9339] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 232.946753][ T9341] syz_tun: entered promiscuous mode [ 233.140439][ T9345] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1341'. [ 233.903925][ T9369] wg1 speed is unknown, defaulting to 1000 [ 233.921909][ T9369] wg1 speed is unknown, defaulting to 1000 [ 233.948894][ T9369] wg1 speed is unknown, defaulting to 1000 [ 233.975805][ T9368] loop3: detected capacity change from 0 to 2048 [ 234.222678][ T9369] infiniband syz: RDMA CMA: cma_listen_on_dev, error -98 [ 234.304897][ T9368] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 234.334680][ T9369] wg1 speed is unknown, defaulting to 1000 [ 234.342844][ T9369] wg1 speed is unknown, defaulting to 1000 [ 234.350448][ T9369] wg1 speed is unknown, defaulting to 1000 [ 234.358026][ T9369] wg1 speed is unknown, defaulting to 1000 [ 234.378771][ T9376] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1354'. [ 234.394641][ T9368] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1215: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 234.412590][ T9368] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 34 with error 28 [ 234.439084][ T9368] EXT4-fs (loop3): This should not happen!! Data will be lost [ 234.439084][ T9368] [ 234.459613][ T9368] EXT4-fs (loop3): Total free blocks count 0 [ 234.473685][ T9368] EXT4-fs (loop3): Free/Dirty block details [ 234.480189][ T9376] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1354'. [ 234.489905][ T9368] EXT4-fs (loop3): free_blocks=2415919104 [ 234.502906][ T9368] EXT4-fs (loop3): dirty_blocks=48 [ 234.513063][ T9368] EXT4-fs (loop3): Block reservation details [ 234.519322][ T9368] EXT4-fs (loop3): i_reserved_data_blocks=3 [ 234.564076][ T5792] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 234.713832][ T9376] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1354'. [ 234.889159][ T27] kauditd_printk_skb: 70 callbacks suppressed [ 234.889175][ T27] audit: type=1326 audit(1764454479.545:1305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9388 comm="syz.2.1359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37aed8f749 code=0x7ffc0000 [ 234.900569][ T9387] random: crng reseeded on system resumption [ 234.924735][ T9389] syz.2.1359[9389] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 234.924861][ T9389] syz.2.1359[9389] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 234.957437][ T27] audit: type=1326 audit(1764454479.574:1306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9388 comm="syz.2.1359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37aed8f749 code=0x7ffc0000 [ 235.039164][ T27] audit: type=1326 audit(1764454479.574:1307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9388 comm="syz.2.1359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f37aed8f749 code=0x7ffc0000 [ 235.075998][ T27] audit: type=1326 audit(1764454479.574:1308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9388 comm="syz.2.1359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37aed8f749 code=0x7ffc0000 [ 235.101306][ T27] audit: type=1326 audit(1764454479.574:1309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9388 comm="syz.2.1359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37aed8f749 code=0x7ffc0000 [ 235.129335][ T27] audit: type=1326 audit(1764454479.574:1310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9388 comm="syz.2.1359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f37aed8f749 code=0x7ffc0000 [ 235.199907][ T27] audit: type=1326 audit(1764454479.592:1311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9388 comm="syz.2.1359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37aed8f749 code=0x7ffc0000 [ 235.236229][ T27] audit: type=1326 audit(1764454479.592:1312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9388 comm="syz.2.1359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37aed8f749 code=0x7ffc0000 [ 235.262407][ T27] audit: type=1326 audit(1764454479.592:1313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9388 comm="syz.2.1359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f37aed8f749 code=0x7ffc0000 [ 235.298261][ T27] audit: type=1326 audit(1764454479.592:1314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9388 comm="syz.2.1359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37aed8f749 code=0x7ffc0000 [ 235.897436][ T9406] loop2: detected capacity change from 0 to 4096 [ 235.918844][ T9406] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 235.941532][ T9406] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 236.032609][ T9412] loop3: detected capacity change from 0 to 2048 [ 236.042139][ T5790] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 236.076832][ T9412] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 236.202761][ T9335] syz.1.1337: vmalloc error: size 536870912, failed to allocated page array size 1048576, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=syz1,mems_allowed=0-1 [ 236.222937][ T9335] CPU: 1 PID: 9335 Comm: syz.1.1337 Not tainted syzkaller #0 [ 236.230383][ T9335] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 236.240500][ T9335] Call Trace: [ 236.243824][ T9335] [ 236.246794][ T9335] dump_stack_lvl+0x16c/0x230 [ 236.251528][ T9335] ? show_regs_print_info+0x20/0x20 [ 236.257037][ T9335] ? load_image+0x3b0/0x3b0 [ 236.261606][ T9335] ? cpuset_print_current_mems_allowed+0x1f/0x360 [ 236.268177][ T9335] ? cpuset_print_current_mems_allowed+0x2e3/0x360 [ 236.274827][ T9335] warn_alloc+0x210/0x300 [ 236.279227][ T9335] ? zone_watermark_ok_safe+0x230/0x230 [ 236.285016][ T9335] ? _raw_spin_unlock+0x28/0x40 [ 236.289921][ T9335] ? __kmem_cache_free+0xba/0x1f0 [ 236.295010][ T9335] __vmalloc_node_range+0x662/0x1320 [ 236.300385][ T9335] ? free_vm_area+0x50/0x50 [ 236.304932][ T9335] ? kvmalloc_node+0x70/0x180 [ 236.309658][ T9335] ? rcu_is_watching+0x15/0xb0 [ 236.314500][ T9335] ? kvmalloc_node+0x70/0x180 [ 236.319229][ T9335] ? trace_kmalloc+0x1f/0xa0 [ 236.323621][ T9419] loop2: detected capacity change from 0 to 512 [ 236.324119][ T9335] kvmalloc_node+0x13f/0x180 [ 236.335015][ T9335] ? translate_table+0x19c/0x2020 [ 236.340076][ T9335] translate_table+0x19c/0x2020 [ 236.344962][ T9335] ? ip6t_register_table+0x7b0/0x7b0 [ 236.350266][ T9335] ? __might_fault+0xaa/0x120 [ 236.354960][ T9335] ? __lock_acquire+0x7c80/0x7c80 [ 236.360004][ T9335] ? __virt_addr_valid+0x18c/0x540 [ 236.365139][ T9335] ? __might_fault+0xaa/0x120 [ 236.369828][ T9335] ? __might_fault+0xc6/0x120 [ 236.374517][ T9335] ? __might_fault+0xaa/0x120 [ 236.379216][ T9335] do_ip6t_set_ctl+0x969/0xcd0 [ 236.384005][ T9335] ? ip6t_unregister_table_exit+0x230/0x230 [ 236.389920][ T9335] ? __lock_acquire+0x7c80/0x7c80 [ 236.394958][ T9335] ? rcu_is_watching+0x15/0xb0 [ 236.399745][ T9335] ? trace_contention_end+0x39/0xe0 [ 236.404985][ T9335] ? __mutex_unlock_slowpath+0x1a2/0x6a0 [ 236.410652][ T9335] ? mutex_unlock+0x10/0x10 [ 236.415181][ T9335] ? __might_sleep+0xe0/0xe0 [ 236.419808][ T9335] ? mutex_lock_nested+0x20/0x20 [ 236.424953][ T9335] nf_setsockopt+0x263/0x280 [ 236.429570][ T9335] ? sock_common_recvmsg+0x1b0/0x1b0 [ 236.434882][ T9335] smc_setsockopt+0x229/0xab0 [ 236.439592][ T9335] ? smc_shutdown+0x9b0/0x9b0 [ 236.444294][ T9335] ? __fget_files+0x28/0x4d0 [ 236.448922][ T9335] ? bpf_lsm_socket_setsockopt+0x9/0x10 [ 236.454679][ T9335] ? security_socket_setsockopt+0x7e/0xa0 [ 236.460418][ T9335] ? smc_shutdown+0x9b0/0x9b0 [ 236.465126][ T9335] do_sock_setsockopt+0x175/0x1a0 [ 236.470196][ T9335] ? __fdget+0x180/0x210 [ 236.474463][ T9335] __x64_sys_setsockopt+0x184/0x200 [ 236.479691][ T9335] do_syscall_64+0x55/0xb0 [ 236.484133][ T9335] ? clear_bhb_loop+0x40/0x90 [ 236.488836][ T9335] ? clear_bhb_loop+0x40/0x90 [ 236.493547][ T9335] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 236.499456][ T9335] RIP: 0033:0x7f3c1ff8f749 [ 236.503972][ T9335] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 236.523690][ T9335] RSP: 002b:00007f3c20e53038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 236.532132][ T9335] RAX: ffffffffffffffda RBX: 00007f3c201e5fa0 RCX: 00007f3c1ff8f749 [ 236.540125][ T9335] RDX: 0000000000000040 RSI: 0000000000000029 RDI: 0000000000000005 [ 236.548121][ T9335] RBP: 00007f3c20013f91 R08: 0000000000000330 R09: 0000000000000000 [ 236.556121][ T9335] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000 [ 236.564206][ T9335] R13: 00007f3c201e6038 R14: 00007f3c201e5fa0 R15: 00007ffc6f51ba08 [ 236.572210][ T9335] [ 236.589633][ T9419] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 236.593942][ T9335] Mem-Info: [ 236.614425][ T9335] active_anon:24004 inactive_anon:0 isolated_anon:0 [ 236.614425][ T9335] active_file:10325 inactive_file:40455 isolated_file:0 [ 236.614425][ T9335] unevictable:768 dirty:135 writeback:0 [ 236.614425][ T9335] slab_reclaimable:11027 slab_unreclaimable:91742 [ 236.614425][ T9335] mapped:24318 shmem:20996 pagetables:514 [ 236.614425][ T9335] sec_pagetables:0 bounce:0 [ 236.614425][ T9335] kernel_misc_reclaimable:0 [ 236.614425][ T9335] free:1317114 free_pcp:8072 free_cma:0 [ 236.665803][ T5792] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 236.686507][ T9419] EXT4-fs (loop2): 1 truncate cleaned up [ 236.690098][ T9335] Node 0 active_anon:96016kB inactive_anon:0kB active_file:41300kB inactive_file:161620kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:97272kB dirty:540kB writeback:0kB shmem:82448kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11280kB pagetables:2056kB sec_pagetables:0kB all_unreclaimable? no [ 236.696651][ T9419] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 236.781212][ T9335] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no [ 236.816322][ T9335] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 236.842156][ T5790] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 236.844194][ T9335] lowmem_reserve[]: 0 2525 2526 2526 2526 [ 236.859251][ T9335] Node 0 DMA32 free:1366780kB boost:0kB min:34676kB low:43344kB high:52012kB reserved_highatomic:0KB active_anon:94972kB inactive_anon:0kB active_file:41300kB inactive_file:160300kB unevictable:1536kB writepending:540kB present:3129332kB managed:2589596kB mlocked:0kB bounce:0kB free_pcp:6832kB local_pcp:3312kB free_cma:0kB [ 236.905055][ T9335] lowmem_reserve[]: 0 0 1 1 1 [ 236.919570][ T9335] Node 0 Normal free:12kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB active_anon:44kB inactive_anon:0kB active_file:0kB inactive_file:1320kB unevictable:0kB writepending:0kB present:1048576kB managed:1384kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:0kB free_cma:0kB [ 237.003738][ T9335] lowmem_reserve[]: 0 0 0 0 0 [ 237.009026][ T9335] Node 1 Normal free:3885856kB boost:0kB min:55208kB low:69008kB high:82808kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB writepending:0kB present:4194304kB managed:4117312kB mlocked:0kB bounce:0kB free_pcp:27368kB local_pcp:11752kB free_cma:0kB [ 237.039285][ T9335] lowmem_reserve[]: 0 0 0 0 0 [ 237.044661][ T9335] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 237.062555][ T9335] Node 0 DMA32: 3*4kB (UME) 2*8kB (UE) 68*16kB (UME) 89*32kB (ME) 107*64kB (UME) 54*128kB (UME) 46*256kB (UM) 71*512kB (UME) 38*1024kB (UM) 18*2048kB (UM) 299*4096kB (UM) = 1366332kB [ 237.082547][ T9335] Node 0 Normal: 1*4kB (M) 1*8kB (M) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 12kB [ 237.097643][ T9335] Node 1 Normal: 284*4kB (UM) 62*8kB (UME) 42*16kB (UME) 83*32kB (UME) 29*64kB (UE) 3*128kB (UM) 1*256kB (E) 1*512kB (M) 1*1024kB (U) 1*2048kB (E) 946*4096kB (M) = 3885856kB [ 237.126705][ T9335] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 237.149171][ T9335] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB [ 237.178146][ T9434] loop2: detected capacity change from 0 to 512 [ 237.181225][ T9335] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 237.192447][ T9434] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 237.205916][ T9335] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 237.205944][ T9335] 71525 total pagecache pages [ 237.205953][ T9335] 0 pages in swap cache [ 237.205961][ T9335] Free swap = 124716kB [ 237.205970][ T9335] Total swap = 124996kB [ 237.205979][ T9335] 2097051 pages RAM [ 237.205987][ T9335] 0 pages HighMem/MovableOnly [ 237.205995][ T9335] 416138 pages reserved [ 237.206003][ T9335] 0 pages cma reserved [ 237.525698][ T9442] loop2: detected capacity change from 0 to 2048 [ 237.795090][ T5793] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 237.840348][ T9442] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 237.881603][ T9451] loop3: detected capacity change from 0 to 764 [ 237.939957][ T9451] rock: directory entry would overflow storage [ 237.956937][ T9451] rock: sig=0x4f50, size=4, remaining=3 [ 237.978761][ T9451] iso9660: Corrupted directory entry in block 6 of inode 1792 [ 238.054029][ T5790] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 238.254295][ T9466] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1391'. [ 240.380948][ T9537] netlink: 'syz.0.1422': attribute type 1 has an invalid length. [ 240.389011][ T9537] netlink: 224 bytes leftover after parsing attributes in process `syz.0.1422'. [ 240.969736][ T9553] syz.0.1428[9553] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 240.969894][ T9553] syz.0.1428[9553] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 241.241294][ T9563] loop2: detected capacity change from 0 to 1024 [ 241.299196][ T9563] EXT4-fs (loop2): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 241.378204][ T9563] ext4 filesystem being mounted at /331/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 241.432563][ T27] kauditd_printk_skb: 81 callbacks suppressed [ 241.432581][ T27] audit: type=1326 audit(1764454485.664:1396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9574 comm="syz.1.1438" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c1ff8f749 code=0x7ffc0000 [ 241.467595][ T9563] EXT4-fs error (device loop2): ext4_map_blocks:718: inode #15: comm syz.2.1432: lblock 0 mapped to illegal pblock 0 (length 2) [ 241.529126][ T9563] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 2 with error 117 [ 241.569494][ T27] audit: type=1326 audit(1764454485.664:1397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9574 comm="syz.1.1438" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c1ff8f749 code=0x7ffc0000 [ 241.602784][ T9563] EXT4-fs (loop2): This should not happen!! Data will be lost [ 241.602784][ T9563] [ 241.653781][ T27] audit: type=1326 audit(1764454485.692:1398): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9576 comm="syz.3.1437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f675cf8f749 code=0x7ffc0000 [ 241.655518][ T9579] EXT4-fs error (device loop2): ext4_map_blocks:718: inode #15: block 2: comm syz.2.1432: lblock 2 mapped to illegal pblock 2 (length 3) [ 241.733739][ T27] audit: type=1326 audit(1764454485.692:1399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9576 comm="syz.3.1437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f675cf8f749 code=0x7ffc0000 [ 241.782942][ T27] audit: type=1326 audit(1764454485.692:1400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9576 comm="syz.3.1437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f675cf8f749 code=0x7ffc0000 [ 241.813002][ T9579] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 2 with max blocks 3 with error 117 [ 241.843327][ T27] audit: type=1326 audit(1764454485.692:1401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9576 comm="syz.3.1437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=35 compat=0 ip=0x7f675cf8f749 code=0x7ffc0000 [ 241.869476][ T9579] EXT4-fs (loop2): This should not happen!! Data will be lost [ 241.869476][ T9579] [ 241.875355][ T27] audit: type=1326 audit(1764454485.692:1402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9576 comm="syz.3.1437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f675cf8f749 code=0x7ffc0000 [ 241.923756][ T27] audit: type=1326 audit(1764454485.692:1403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9576 comm="syz.3.1437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f675cf8f749 code=0x7ffc0000 [ 241.993028][ T27] audit: type=1326 audit(1764454485.692:1404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9576 comm="syz.3.1437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f675cf8f749 code=0x7ffc0000 [ 242.022658][ T5790] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 242.037334][ T27] audit: type=1326 audit(1764454485.692:1405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9576 comm="syz.3.1437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f675cf8f749 code=0x7ffc0000 [ 243.587587][ T9618] loop1: detected capacity change from 0 to 128 [ 243.606424][ T9618] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 243.643648][ T9618] ext4 filesystem being mounted at /365/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 243.747322][ T5793] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 243.795335][ T9628] loop3: detected capacity change from 0 to 512 [ 243.807492][ T9628] EXT4-fs (loop3): couldn't mount as ext2 due to feature incompatibilities [ 245.099389][ T9668] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1477'. [ 245.113945][ T9668] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 245.217528][ T9674] loop3: detected capacity change from 0 to 1024 [ 245.233465][ T9674] EXT4-fs: Ignoring removed orlov option [ 245.273135][ T9674] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 245.285799][ T9668] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 245.461569][ T9684] infiniband syz2: set active [ 245.474014][ T9684] bridge_slave_0: left allmulticast mode [ 245.479805][ T9684] bridge_slave_0: left promiscuous mode [ 245.488464][ T9684] bridge0: port 1(bridge_slave_0) entered disabled state [ 245.510707][ T9684] bridge_slave_1: left allmulticast mode [ 245.521029][ T9684] bridge_slave_1: left promiscuous mode [ 245.533498][ T9684] bridge0: port 2(bridge_slave_1) entered disabled state [ 245.553590][ T9684] .`: (slave bond_slave_0): Releasing backup interface [ 245.580272][ T9684] .`: (slave bond_slave_1): Releasing backup interface [ 245.638104][ T9690] ref_ctr increment failed for inode: 0x6ed offset: 0x5 ref_ctr_offset: 0x1000 of mm: 0xffff88807be4f200 [ 245.661451][ T9684] team0: Port device team_slave_0 removed [ 245.703177][ T9684] team0: Port device team_slave_1 removed [ 245.735480][ T9684] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 245.757882][ T9684] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 245.770614][ T9695] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1487'. [ 245.774837][ T9684] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 245.788877][ T9684] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 245.815353][ T9684] team0: Port device bridge2 removed [ 245.836988][ T9686] netlink: 'syz.1.1483': attribute type 10 has an invalid length. [ 245.843523][ T5830] ip6_vti0 speed is unknown, defaulting to 1000 [ 245.849708][ T9686] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1483'. [ 245.868885][ T9686] batman_adv: batadv0: Adding interface: virt_wifi0 [ 245.875621][ T9686] batman_adv: batadv0: The MTU of interface virt_wifi0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 245.905438][ T9686] batman_adv: batadv0: Interface activated: virt_wifi0 [ 245.936587][ T9693] ip6_vti0 speed is unknown, defaulting to 1000 [ 246.075223][ T5792] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 246.296748][ T9693] wg1 speed is unknown, defaulting to 1000 [ 246.514132][ T9714] loop3: detected capacity change from 0 to 512 [ 246.547835][ T9714] EXT4-fs: Ignoring removed nobh option [ 246.786760][ T27] kauditd_printk_skb: 38 callbacks suppressed [ 246.786777][ T27] audit: type=1326 audit(1764454490.669:1444): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9722 comm="syz.2.1497" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37aed8f749 code=0x7ffc0000 [ 246.860758][ T27] audit: type=1326 audit(1764454490.669:1445): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9722 comm="syz.2.1497" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37aed8f749 code=0x7ffc0000 [ 246.936681][ T27] audit: type=1326 audit(1764454490.669:1446): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9722 comm="syz.2.1497" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37aed8f749 code=0x7ffc0000 [ 246.987379][ T27] audit: type=1326 audit(1764454490.669:1447): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9722 comm="syz.2.1497" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37aed8f749 code=0x7ffc0000 [ 247.048780][ T27] audit: type=1326 audit(1764454490.669:1448): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9722 comm="syz.2.1497" exe="/root/syz-executor" sig=0 arch=c000003e syscall=430 compat=0 ip=0x7f37aed8f749 code=0x7ffc0000 [ 247.105288][ T27] audit: type=1326 audit(1764454490.669:1449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9722 comm="syz.2.1497" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37aed8f749 code=0x7ffc0000 [ 247.140736][ T27] audit: type=1326 audit(1764454490.669:1450): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9722 comm="syz.2.1497" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37aed8f749 code=0x7ffc0000 [ 247.165026][ T27] audit: type=1326 audit(1764454490.669:1451): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9722 comm="syz.2.1497" exe="/root/syz-executor" sig=0 arch=c000003e syscall=431 compat=0 ip=0x7f37aed8f749 code=0x7ffc0000 [ 247.197305][ T27] audit: type=1326 audit(1764454490.669:1452): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9722 comm="syz.2.1497" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37aed8f749 code=0x7ffc0000 [ 247.221018][ T27] audit: type=1326 audit(1764454490.669:1453): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9722 comm="syz.2.1497" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37aed8f749 code=0x7ffc0000 [ 247.352357][ T9731] loop9: detected capacity change from 0 to 7 [ 247.359290][ C0] blk_print_req_error: 4 callbacks suppressed [ 247.359309][ C0] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 247.374693][ C0] buffer_io_error: 4 callbacks suppressed [ 247.374709][ C0] Buffer I/O error on dev loop9, logical block 0, async page read [ 247.398063][ C0] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 247.407363][ C0] Buffer I/O error on dev loop9, logical block 0, async page read [ 247.428339][ C0] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 247.437608][ C0] Buffer I/O error on dev loop9, logical block 0, async page read [ 247.446309][ C0] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 247.455602][ C0] Buffer I/O error on dev loop9, logical block 0, async page read [ 247.464197][ C1] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 247.473464][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 247.503297][ C1] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 247.512561][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 247.522379][ C1] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 247.531665][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 247.540043][ T9731] ldm_validate_partition_table(): Disk read failed. [ 247.554268][ C0] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 247.563591][ C0] Buffer I/O error on dev loop9, logical block 0, async page read [ 247.579608][ C0] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 247.588897][ C0] Buffer I/O error on dev loop9, logical block 0, async page read [ 247.604476][ C0] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 247.613763][ C0] Buffer I/O error on dev loop9, logical block 0, async page read [ 247.626560][ T9731] Dev loop9: unable to read RDB block 0 [ 247.659887][ T9731] loop9: unable to read partition table [ 247.666345][ T9731] loop9: partition table beyond EOD, truncated [ 247.673461][ T9731] loop_reread_partitions: partition scan of loop9 (被xڬdGݡ [ 247.673461][ T9731] ) failed (rc=-5) [ 248.081842][ T9747] loop3: detected capacity change from 0 to 128 [ 248.105165][ T9747] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 248.138480][ T9747] ext4 filesystem being mounted at /344/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 248.172423][ T9747] EXT4-fs error (device loop3): htree_dirblock_to_tree:1112: inode #2: block 4: comm syz.3.1506: bad entry in directory: rec_len is smaller than minimal - offset=1012, inode=128, rec_len=9, size=1024 fake=0 [ 248.211699][ T9747] EXT4-fs (loop3): Remounting filesystem read-only [ 248.348538][ T5792] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 248.572027][ T9763] syz.0.1512[9763] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 248.572219][ T9763] syz.0.1512[9763] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 248.733877][ T9773] netlink: 48 bytes leftover after parsing attributes in process `syz.0.1515'. [ 249.157117][ T9788] random: crng reseeded on system resumption [ 251.066483][ T9872] loop3: detected capacity change from 0 to 512 [ 251.146748][ T9872] [ 251.149158][ T9872] ====================================================== [ 251.156208][ T9872] WARNING: possible circular locking dependency detected [ 251.163267][ T9872] syzkaller #0 Not tainted [ 251.167703][ T9872] ------------------------------------------------------ [ 251.174788][ T9872] syz.3.1533/9872 is trying to acquire lock: [ 251.180804][ T9872] ffff88805a67cbd8 (&sbi->s_writepages_rwsem){++++}-{0:0}, at: ext4_writepages+0x170/0x2f0 [ 251.190891][ T9872] [ 251.190891][ T9872] but task is already holding lock: [ 251.198281][ T9872] ffff88805d7328c8 (&ei->xattr_sem){++++}-{3:3}, at: __ext4_mark_inode_dirty+0x3dc/0x6e0 [ 251.208181][ T9872] [ 251.208181][ T9872] which lock already depends on the new lock. [ 251.208181][ T9872] [ 251.218619][ T9872] [ 251.218619][ T9872] the existing dependency chain (in reverse order) is: [ 251.227665][ T9872] [ 251.227665][ T9872] -> #1 (&ei->xattr_sem){++++}-{3:3}: [ 251.235275][ T9872] down_write+0x97/0x1f0 [ 251.240073][ T9872] ext4_destroy_inline_data+0x28/0xe0 [ 251.246035][ T9872] ext4_do_writepages+0x4c2/0x38d0 [ 251.251736][ T9872] ext4_writepages+0x1a8/0x2f0 [ 251.257077][ T9872] do_writepages+0x3a2/0x600 [ 251.262244][ T9872] filemap_fdatawrite_wbc+0x122/0x180 [ 251.268181][ T9872] file_write_and_wait_range+0x171/0x240 [ 251.274370][ T9872] generic_buffers_fsync_noflush+0x6f/0x160 [ 251.280812][ T9872] ext4_sync_file+0x454/0xc10 [ 251.286024][ T9872] ext4_buffered_write_iter+0x2c0/0x350 [ 251.292104][ T9872] ext4_file_write_iter+0x1d9/0x1870 [ 251.297915][ T9872] do_iter_write+0x79a/0xc70 [ 251.303039][ T9872] do_pwritev+0x205/0x340 [ 251.307901][ T9872] do_syscall_64+0x55/0xb0 [ 251.312882][ T9872] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 251.319305][ T9872] [ 251.319305][ T9872] -> #0 (&sbi->s_writepages_rwsem){++++}-{0:0}: [ 251.327771][ T9872] __lock_acquire+0x2ddb/0x7c80 [ 251.333174][ T9872] lock_acquire+0x197/0x410 [ 251.338302][ T9872] percpu_down_read+0x44/0x1a0 [ 251.343619][ T9872] ext4_writepages+0x170/0x2f0 [ 251.348941][ T9872] do_writepages+0x3a2/0x600 [ 251.354094][ T9872] __writeback_single_inode+0x153/0xee0 [ 251.360188][ T9872] writeback_single_inode+0x211/0x720 [ 251.366096][ T9872] write_inode_now+0x161/0x1e0 [ 251.371395][ T9872] iput+0x5b2/0x920 [ 251.375770][ T9872] ext4_xattr_block_set+0x273a/0x32a0 [ 251.381683][ T9872] ext4_expand_extra_isize_ea+0x10ea/0x19e0 [ 251.388115][ T9872] __ext4_expand_extra_isize+0x306/0x400 [ 251.394288][ T9872] __ext4_mark_inode_dirty+0x45d/0x6e0 [ 251.400280][ T9872] ext4_evict_inode+0x7ed/0xea0 [ 251.405676][ T9872] evict+0x486/0x870 [ 251.410108][ T9872] ext4_orphan_cleanup+0xbd4/0x1400 [ 251.415855][ T9872] ext4_fill_super+0x5de4/0x66c0 [ 251.421325][ T9872] get_tree_bdev+0x3e4/0x510 [ 251.426444][ T9872] vfs_get_tree+0x8c/0x280 [ 251.431386][ T9872] do_new_mount+0x24b/0xa40 [ 251.436432][ T9872] __se_sys_mount+0x2da/0x3c0 [ 251.441650][ T9872] do_syscall_64+0x55/0xb0 [ 251.446602][ T9872] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 251.453030][ T9872] [ 251.453030][ T9872] other info that might help us debug this: [ 251.453030][ T9872] [ 251.463281][ T9872] Possible unsafe locking scenario: [ 251.463281][ T9872] [ 251.470756][ T9872] CPU0 CPU1 [ 251.476134][ T9872] ---- ---- [ 251.481516][ T9872] lock(&ei->xattr_sem); [ 251.485859][ T9872] lock(&sbi->s_writepages_rwsem); [ 251.493678][ T9872] lock(&ei->xattr_sem); [ 251.500536][ T9872] rlock(&sbi->s_writepages_rwsem); [ 251.505831][ T9872] [ 251.505831][ T9872] *** DEADLOCK *** [ 251.505831][ T9872] [ 251.514013][ T9872] 3 locks held by syz.3.1533/9872: [ 251.519129][ T9872] #0: ffff88805a67a0e0 (&type->s_umount_key#32){++++}-{3:3}, at: get_tree_bdev+0x344/0x510 [ 251.529256][ T9872] #1: ffff88805a67a608 (sb_internal){.+.+}-{0:0}, at: ext4_evict_inode+0x2b9/0xea0 [ 251.538680][ T9872] #2: ffff88805d7328c8 (&ei->xattr_sem){++++}-{3:3}, at: __ext4_mark_inode_dirty+0x3dc/0x6e0 [ 251.548981][ T9872] [ 251.548981][ T9872] stack backtrace: [ 251.554880][ T9872] CPU: 0 PID: 9872 Comm: syz.3.1533 Not tainted syzkaller #0 [ 251.562264][ T9872] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 251.572337][ T9872] Call Trace: [ 251.575625][ T9872] [ 251.578567][ T9872] dump_stack_lvl+0x16c/0x230 [ 251.583270][ T9872] ? load_image+0x3b0/0x3b0 [ 251.587788][ T9872] ? show_regs_print_info+0x20/0x20 [ 251.593009][ T9872] ? print_circular_bug+0x12b/0x1a0 [ 251.598233][ T9872] check_noncircular+0x2bd/0x3c0 [ 251.603202][ T9872] ? look_up_lock_class+0x75/0x140 [ 251.608326][ T9872] ? print_deadlock_bug+0x5d0/0x5d0 [ 251.613535][ T9872] ? lockdep_lock+0xe0/0x220 [ 251.618148][ T9872] ? _find_first_zero_bit+0xd3/0x100 [ 251.623454][ T9872] __lock_acquire+0x2ddb/0x7c80 [ 251.628326][ T9872] ? mark_lock+0x94/0x320 [ 251.632677][ T9872] ? verify_lock_unused+0x140/0x140 [ 251.637905][ T9872] ? __lock_acquire+0x1334/0x7c80 [ 251.642990][ T9872] lock_acquire+0x197/0x410 [ 251.647519][ T9872] ? ext4_writepages+0x170/0x2f0 [ 251.652483][ T9872] ? cgroup_rstat_updated+0xd7/0x360 [ 251.657795][ T9872] ? __might_sleep+0xe0/0xe0 [ 251.662398][ T9872] ? mark_lock+0x94/0x320 [ 251.666742][ T9872] ? read_lock_is_recursive+0x20/0x20 [ 251.672140][ T9872] ? __lock_acquire+0x1334/0x7c80 [ 251.677177][ T9872] percpu_down_read+0x44/0x1a0 [ 251.681958][ T9872] ? ext4_writepages+0x170/0x2f0 [ 251.686919][ T9872] ext4_writepages+0x170/0x2f0 [ 251.691705][ T9872] ? ext4_read_folio+0x2f0/0x2f0 [ 251.696661][ T9872] ? __rwlock_init+0x150/0x150 [ 251.701437][ T9872] ? do_raw_spin_unlock+0x121/0x230 [ 251.706673][ T9872] ? ext4_read_folio+0x2f0/0x2f0 [ 251.711637][ T9872] do_writepages+0x3a2/0x600 [ 251.716268][ T9872] ? folio_clear_dirty_for_io+0xc30/0xc30 [ 251.722005][ T9872] ? writeback_single_inode+0x206/0x720 [ 251.727583][ T9872] ? __lock_acquire+0x7c80/0x7c80 [ 251.732615][ T9872] ? do_raw_spin_lock+0x121/0x2c0 [ 251.737653][ T9872] __writeback_single_inode+0x153/0xee0 [ 251.743235][ T9872] writeback_single_inode+0x211/0x720 [ 251.748713][ T9872] ? write_inode_now+0x1e0/0x1e0 [ 251.753679][ T9872] write_inode_now+0x161/0x1e0 [ 251.758458][ T9872] ? bdi_split_work_to_wbs+0x890/0x890 [ 251.764025][ T9872] ? do_raw_spin_unlock+0x121/0x230 [ 251.769245][ T9872] iput+0x5b2/0x920 [ 251.773082][ T9872] ext4_xattr_block_set+0x273a/0x32a0 [ 251.778469][ T9872] ? __might_sleep+0xe0/0xe0 [ 251.783090][ T9872] ? xattr_find_entry+0x12b/0x2f0 [ 251.788128][ T9872] ? ext4_xattr_block_find+0x350/0x350 [ 251.793605][ T9872] ? ext4_xattr_block_find+0x2d4/0x350 [ 251.799082][ T9872] ext4_expand_extra_isize_ea+0x10ea/0x19e0 [ 251.805006][ T9872] __ext4_expand_extra_isize+0x306/0x400 [ 251.810693][ T9872] __ext4_mark_inode_dirty+0x45d/0x6e0 [ 251.816172][ T9872] ext4_evict_inode+0x7ed/0xea0 [ 251.821033][ T9872] ? _raw_spin_unlock+0x28/0x40 [ 251.825917][ T9872] ? ext4_inode_is_fast_symlink+0x390/0x390 [ 251.831847][ T9872] ? do_raw_spin_unlock+0x121/0x230 [ 251.837111][ T9872] ? ext4_inode_is_fast_symlink+0x390/0x390 [ 251.843047][ T9872] evict+0x486/0x870 [ 251.846987][ T9872] ? __lock_acquire+0x7c80/0x7c80 [ 251.852042][ T9872] ? proc_nr_inodes+0x230/0x230 [ 251.856951][ T9872] ? do_raw_spin_unlock+0x121/0x230 [ 251.862196][ T9872] ? _raw_spin_unlock+0x28/0x40 [ 251.867086][ T9872] ? iput+0x70a/0x920 [ 251.871192][ T9872] ext4_orphan_cleanup+0xbd4/0x1400 [ 251.876446][ T9872] ? ext4_orphan_del+0xba0/0xba0 [ 251.881438][ T9872] ? ext4_register_li_request+0x183/0x940 [ 251.887227][ T9872] ? errseq_check_and_advance+0x66/0x120 [ 251.892901][ T9872] ext4_fill_super+0x5de4/0x66c0 [ 251.897889][ T9872] ? ext4_parse_test_dummy_encryption+0xb0/0xb0 [ 251.904197][ T9872] ? __might_sleep+0xe0/0xe0 [ 251.908823][ T9872] ? read_lock_is_recursive+0x20/0x20 [ 251.914221][ T9872] ? snprintf+0xdb/0x120 [ 251.918503][ T9872] ? vscnprintf+0x80/0x80 [ 251.922865][ T9872] ? down_write+0x162/0x1f0 [ 251.927408][ T9872] ? down_read_killable+0x340/0x340 [ 251.932637][ T9872] ? setup_bdev_super+0x56b/0x660 [ 251.937680][ T9872] get_tree_bdev+0x3e4/0x510 [ 251.942287][ T9872] ? vfs_parse_fs_string+0x160/0x160 [ 251.947590][ T9872] ? ext4_parse_test_dummy_encryption+0xb0/0xb0 [ 251.953848][ T9872] ? setup_bdev_super+0x660/0x660 [ 251.958887][ T9872] ? apparmor_capable+0x137/0x1a0 [ 251.963923][ T9872] ? bpf_lsm_capable+0x9/0x10 [ 251.968618][ T9872] ? security_capable+0x89/0xb0 [ 251.973519][ T9872] vfs_get_tree+0x8c/0x280 [ 251.977948][ T9872] do_new_mount+0x24b/0xa40 [ 251.982473][ T9872] __se_sys_mount+0x2da/0x3c0 [ 251.987184][ T9872] ? __x64_sys_mount+0xc0/0xc0 [ 251.991990][ T9872] ? lockdep_hardirqs_on+0x98/0x150 [ 251.997201][ T9872] ? __x64_sys_mount+0x20/0xc0 [ 252.001994][ T9872] do_syscall_64+0x55/0xb0 [ 252.006449][ T9872] ? clear_bhb_loop+0x40/0x90 [ 252.011149][ T9872] ? clear_bhb_loop+0x40/0x90 [ 252.015932][ T9872] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 252.021849][ T9872] RIP: 0033:0x7f675cf90eea [ 252.026277][ T9872] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 252.045913][ T9872] RSP: 002b:00007f675de53e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 252.054350][ T9872] RAX: ffffffffffffffda RBX: 00007f675de53ef0 RCX: 00007f675cf90eea [ 252.062335][ T9872] RDX: 0000200000000180 RSI: 00002000000001c0 RDI: 00007f675de53eb0 [ 252.070337][ T9872] RBP: 0000200000000180 R08: 00007f675de53ef0 R09: 0000000000800718 [ 252.078323][ T9872] R10: 0000000000800718 R11: 0000000000000246 R12: 00002000000001c0 [ 252.086337][ T9872] R13: 00007f675de53eb0 R14: 000000000000046f R15: 0000200000000480 [ 252.094343][ T9872] [ 252.148118][ T9872] ------------[ cut here ]------------ [ 252.154034][ T9872] EA inode 11 i_nlink=2 [ 252.154811][ T9872] WARNING: CPU: 0 PID: 9872 at fs/ext4/xattr.c:1075 ext4_xattr_inode_update_ref+0x4fb/0x550 [ 252.169494][ T9872] Modules linked in: [ 252.173618][ T9872] CPU: 0 PID: 9872 Comm: syz.3.1533 Not tainted syzkaller #0 [ 252.181022][ T9872] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 252.191219][ T9872] RIP: 0010:ext4_xattr_inode_update_ref+0x4fb/0x550 [ 252.198001][ T9872] Code: 8d 7e 50 4c 89 f8 48 c1 e8 03 42 80 3c 20 00 74 08 4c 89 ff e8 06 2c 9a ff 49 8b 37 48 c7 c7 e0 c6 be 8a 89 da e8 a5 39 0d ff <0f> 0b 4c 8b 74 24 08 4c 8b 7c 24 10 e9 b9 fe ff ff e8 4f 59 2c 08 [ 252.218902][ T9872] RSP: 0018:ffffc900052bf1c0 EFLAGS: 00010246 [ 252.225032][ T9872] RAX: 1049d5d65a15a400 RBX: 0000000000000002 RCX: 0000000000080000 [ 252.233369][ T9872] RDX: ffffc9000d0ab000 RSI: 000000000007ffff RDI: 0000000000080000 [ 252.241606][ T9872] RBP: ffffc900052bf2b8 R08: ffffc900052bedc7 R09: 1ffff92000a57db8 [ 252.249658][ T9872] R10: dffffc0000000000 R11: fffff52000a57db9 R12: dffffc0000000000 [ 252.257764][ T9872] R13: ffff88805d72caa8 R14: ffff88805d72c8b0 R15: ffff88805d72c900 [ 252.265869][ T9872] FS: 00007f675de546c0(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000 [ 252.274879][ T9872] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 252.281534][ T9872] CR2: 00007f3c20e32d58 CR3: 00000000598f2000 CR4: 00000000003506f0 [ 252.289649][ T9872] Call Trace: [ 252.292988][ T9872] [ 252.295954][ T9872] ? ext4_xattr_list_entries+0x3d0/0x3d0 [ 252.301660][ T9872] ? ext4_xattr_inode_iget+0x3df/0x600 [ 252.307182][ T9872] ext4_xattr_set_entry+0xcda/0x1e90 [ 252.313520][ T9872] ext4_xattr_ibody_set+0x254/0x6a0 [ 252.318794][ T9872] ext4_expand_extra_isize_ea+0x113a/0x19e0 [ 252.324966][ T9872] __ext4_expand_extra_isize+0x306/0x400 [ 252.330678][ T9872] __ext4_mark_inode_dirty+0x45d/0x6e0 [ 252.336250][ T9872] ext4_evict_inode+0x7ed/0xea0 [ 252.341163][ T9872] ? _raw_spin_unlock+0x28/0x40 [ 252.346119][ T9872] ? ext4_inode_is_fast_symlink+0x390/0x390 [ 252.352074][ T9872] ? do_raw_spin_unlock+0x121/0x230 [ 252.357380][ T9872] ? ext4_inode_is_fast_symlink+0x390/0x390 [ 252.363610][ T9872] evict+0x486/0x870 [ 252.367581][ T9872] ? __lock_acquire+0x7c80/0x7c80 [ 252.372665][ T9872] ? proc_nr_inodes+0x230/0x230 [ 252.377601][ T9872] ? do_raw_spin_unlock+0x121/0x230 [ 252.382845][ T9872] ? _raw_spin_unlock+0x28/0x40 [ 252.387799][ T9872] ? iput+0x70a/0x920 [ 252.391826][ T9872] ext4_orphan_cleanup+0xbd4/0x1400 [ 252.397096][ T9872] ? ext4_orphan_del+0xba0/0xba0 [ 252.402126][ T9872] ? ext4_register_li_request+0x183/0x940 [ 252.407945][ T9872] ? errseq_check_and_advance+0x66/0x120 [ 252.413702][ T9872] ext4_fill_super+0x5de4/0x66c0 [ 252.418712][ T9872] ? ext4_parse_test_dummy_encryption+0xb0/0xb0 [ 252.426084][ T9872] ? __might_sleep+0xe0/0xe0 [ 252.430888][ T9872] ? read_lock_is_recursive+0x20/0x20 [ 252.436322][ T9872] ? snprintf+0xdb/0x120 [ 252.439020][ T9879] sch_tbf: peakrate 7 is lower than or equals to rate 6829859379779001161 ! [ 252.440675][ T9872] ? vscnprintf+0x80/0x80 [ 252.440707][ T9872] ? down_write+0x162/0x1f0 [ 252.440727][ T9872] ? down_read_killable+0x340/0x340 [ 252.440750][ T9872] ? setup_bdev_super+0x56b/0x660 [ 252.440773][ T9872] get_tree_bdev+0x3e4/0x510 [ 252.440794][ T9872] ? vfs_parse_fs_string+0x160/0x160 [ 252.440819][ T9872] ? ext4_parse_test_dummy_encryption+0xb0/0xb0 [ 252.440845][ T9872] ? setup_bdev_super+0x660/0x660 [ 252.440865][ T9872] ? apparmor_capable+0x137/0x1a0 [ 252.440887][ T9872] ? bpf_lsm_capable+0x9/0x10 [ 252.499839][ T9872] ? security_capable+0x89/0xb0 [ 252.504749][ T9872] vfs_get_tree+0x8c/0x280 [ 252.509207][ T9872] do_new_mount+0x24b/0xa40 [ 252.513736][ T9872] __se_sys_mount+0x2da/0x3c0 [ 252.518508][ T9872] ? __x64_sys_mount+0xc0/0xc0 [ 252.523316][ T9872] ? lockdep_hardirqs_on+0x98/0x150 [ 252.529541][ T9872] ? __x64_sys_mount+0x20/0xc0 [ 252.534351][ T9872] do_syscall_64+0x55/0xb0 [ 252.538927][ T9872] ? clear_bhb_loop+0x40/0x90 [ 252.543645][ T9872] ? clear_bhb_loop+0x40/0x90 [ 252.548376][ T9872] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 252.554324][ T9872] RIP: 0033:0x7f675cf90eea [ 252.558809][ T9872] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 252.578480][ T9872] RSP: 002b:00007f675de53e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 252.586991][ T9872] RAX: ffffffffffffffda RBX: 00007f675de53ef0 RCX: 00007f675cf90eea [ 252.595028][ T9872] RDX: 0000200000000180 RSI: 00002000000001c0 RDI: 00007f675de53eb0 [ 252.603077][ T9872] RBP: 0000200000000180 R08: 00007f675de53ef0 R09: 0000000000800718 [ 252.611090][ T9872] R10: 0000000000800718 R11: 0000000000000246 R12: 00002000000001c0 [ 252.619175][ T9872] R13: 00007f675de53eb0 R14: 000000000000046f R15: 0000200000000480 [ 252.627234][ T9872] [ 252.630271][ T9872] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 252.637564][ T9872] CPU: 0 PID: 9872 Comm: syz.3.1533 Not tainted syzkaller #0 [ 252.644958][ T9872] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 252.655047][ T9872] Call Trace: [ 252.658357][ T9872] [ 252.661313][ T9872] dump_stack_lvl+0x16c/0x230 [ 252.666009][ T9872] ? show_regs_print_info+0x20/0x20 [ 252.671225][ T9872] ? load_image+0x3b0/0x3b0 [ 252.675770][ T9872] panic+0x2c0/0x710 [ 252.679695][ T9872] ? bpf_jit_dump+0xd0/0xd0 [ 252.684240][ T9872] __warn+0x2e0/0x470 [ 252.688255][ T9872] ? ext4_xattr_inode_update_ref+0x4fb/0x550 [ 252.694275][ T9872] ? ext4_xattr_inode_update_ref+0x4fb/0x550 [ 252.700276][ T9872] report_bug+0x2be/0x4f0 [ 252.704658][ T9872] ? ext4_xattr_inode_update_ref+0x4fb/0x550 [ 252.710673][ T9872] ? ext4_xattr_inode_update_ref+0x4fb/0x550 [ 252.716760][ T9872] ? ext4_xattr_inode_update_ref+0x4fd/0x550 [ 252.722761][ T9872] handle_bug+0xcf/0x120 [ 252.727028][ T9872] exc_invalid_op+0x1a/0x50 [ 252.731571][ T9872] asm_exc_invalid_op+0x1a/0x20 [ 252.736444][ T9872] RIP: 0010:ext4_xattr_inode_update_ref+0x4fb/0x550 [ 252.743062][ T9872] Code: 8d 7e 50 4c 89 f8 48 c1 e8 03 42 80 3c 20 00 74 08 4c 89 ff e8 06 2c 9a ff 49 8b 37 48 c7 c7 e0 c6 be 8a 89 da e8 a5 39 0d ff <0f> 0b 4c 8b 74 24 08 4c 8b 7c 24 10 e9 b9 fe ff ff e8 4f 59 2c 08 [ 252.762723][ T9872] RSP: 0018:ffffc900052bf1c0 EFLAGS: 00010246 [ 252.768826][ T9872] RAX: 1049d5d65a15a400 RBX: 0000000000000002 RCX: 0000000000080000 [ 252.776810][ T9872] RDX: ffffc9000d0ab000 RSI: 000000000007ffff RDI: 0000000000080000 [ 252.784881][ T9872] RBP: ffffc900052bf2b8 R08: ffffc900052bedc7 R09: 1ffff92000a57db8 [ 252.792864][ T9872] R10: dffffc0000000000 R11: fffff52000a57db9 R12: dffffc0000000000 [ 252.800860][ T9872] R13: ffff88805d72caa8 R14: ffff88805d72c8b0 R15: ffff88805d72c900 [ 252.808860][ T9872] ? ext4_xattr_list_entries+0x3d0/0x3d0 [ 252.814516][ T9872] ? ext4_xattr_inode_iget+0x3df/0x600 [ 252.820080][ T9872] ext4_xattr_set_entry+0xcda/0x1e90 [ 252.825481][ T9872] ext4_xattr_ibody_set+0x254/0x6a0 [ 252.830702][ T9872] ext4_expand_extra_isize_ea+0x113a/0x19e0 [ 252.836626][ T9872] __ext4_expand_extra_isize+0x306/0x400 [ 252.842282][ T9872] __ext4_mark_inode_dirty+0x45d/0x6e0 [ 252.847762][ T9872] ext4_evict_inode+0x7ed/0xea0 [ 252.852625][ T9872] ? _raw_spin_unlock+0x28/0x40 [ 252.857527][ T9872] ? ext4_inode_is_fast_symlink+0x390/0x390 [ 252.863435][ T9872] ? do_raw_spin_unlock+0x121/0x230 [ 252.868651][ T9872] ? ext4_inode_is_fast_symlink+0x390/0x390 [ 252.874566][ T9872] evict+0x486/0x870 [ 252.878471][ T9872] ? __lock_acquire+0x7c80/0x7c80 [ 252.883529][ T9872] ? proc_nr_inodes+0x230/0x230 [ 252.888394][ T9872] ? do_raw_spin_unlock+0x121/0x230 [ 252.893610][ T9872] ? _raw_spin_unlock+0x28/0x40 [ 252.898470][ T9872] ? iput+0x70a/0x920 [ 252.902460][ T9872] ext4_orphan_cleanup+0xbd4/0x1400 [ 252.907681][ T9872] ? ext4_orphan_del+0xba0/0xba0 [ 252.912645][ T9872] ? ext4_register_li_request+0x183/0x940 [ 252.918381][ T9872] ? errseq_check_and_advance+0x66/0x120 [ 252.924036][ T9872] ext4_fill_super+0x5de4/0x66c0 [ 252.929176][ T9872] ? ext4_parse_test_dummy_encryption+0xb0/0xb0 [ 252.935466][ T9872] ? __might_sleep+0xe0/0xe0 [ 252.940101][ T9872] ? read_lock_is_recursive+0x20/0x20 [ 252.945484][ T9872] ? snprintf+0xdb/0x120 [ 252.949740][ T9872] ? vscnprintf+0x80/0x80 [ 252.954096][ T9872] ? down_write+0x162/0x1f0 [ 252.958783][ T9872] ? down_read_killable+0x340/0x340 [ 252.964017][ T9872] ? setup_bdev_super+0x56b/0x660 [ 252.969080][ T9872] get_tree_bdev+0x3e4/0x510 [ 252.973682][ T9872] ? vfs_parse_fs_string+0x160/0x160 [ 252.979093][ T9872] ? ext4_parse_test_dummy_encryption+0xb0/0xb0 [ 252.985351][ T9872] ? setup_bdev_super+0x660/0x660 [ 252.990392][ T9872] ? apparmor_capable+0x137/0x1a0 [ 252.995431][ T9872] ? bpf_lsm_capable+0x9/0x10 [ 253.000142][ T9872] ? security_capable+0x89/0xb0 [ 253.005023][ T9872] vfs_get_tree+0x8c/0x280 [ 253.009465][ T9872] do_new_mount+0x24b/0xa40 [ 253.013995][ T9872] __se_sys_mount+0x2da/0x3c0 [ 253.018694][ T9872] ? __x64_sys_mount+0xc0/0xc0 [ 253.023474][ T9872] ? lockdep_hardirqs_on+0x98/0x150 [ 253.028685][ T9872] ? __x64_sys_mount+0x20/0xc0 [ 253.033461][ T9872] do_syscall_64+0x55/0xb0 [ 253.037891][ T9872] ? clear_bhb_loop+0x40/0x90 [ 253.042610][ T9872] ? clear_bhb_loop+0x40/0x90 [ 253.047302][ T9872] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 253.053208][ T9872] RIP: 0033:0x7f675cf90eea [ 253.057643][ T9872] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 253.077260][ T9872] RSP: 002b:00007f675de53e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 253.085696][ T9872] RAX: ffffffffffffffda RBX: 00007f675de53ef0 RCX: 00007f675cf90eea [ 253.093715][ T9872] RDX: 0000200000000180 RSI: 00002000000001c0 RDI: 00007f675de53eb0 [ 253.101783][ T9872] RBP: 0000200000000180 R08: 00007f675de53ef0 R09: 0000000000800718 [ 253.109944][ T9872] R10: 0000000000800718 R11: 0000000000000246 R12: 00002000000001c0 [ 253.117927][ T9872] R13: 00007f675de53eb0 R14: 000000000000046f R15: 0000200000000480 [ 253.125932][ T9872] [ 253.129307][ T9872] Kernel Offset: disabled [ 253.133666][ T9872] Rebooting in 86400 seconds..