last executing test programs: 12.746522908s ago: executing program 4 (id=3656): syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000280)='./file1\x00', 0x2, &(0x7f0000000380)={[{@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x4}}, {@usrjquota}, {@lazytime}, {@jqfmt_vfsv0}, {@usrquota}, {@noload}, {@nodiscard}, {@barrier_val}, {@nombcache}, {@nodiscard}]}, 0x45, 0x7b9, &(0x7f0000000680)="$eJzs3c9rHNcdAPDvrFY/7VYqFFr3JCi0BuNV5ap2C4Wq9FAKNRiSUwixxWotHK20RrsylhCJTQjkEkhCbsnF5/y8hFzz45BL8n8EGyeRTRxyCAqzP6SVtCtrbWnXjj8fGOu9nTfz3nfe7JtnzWg3gCfWePpPJuJYRLyWRIzWX08ior+aykZM18rdW1/Lp0sSGxtPfZtUy9xdX8tH0zapI/XM7yPis5cjTmR211teWZ2fKRYLS/X8RGXh8kR5ZfXkpYWZucJcYfH05NTUqTN/O3P6ocIbbs58/9Xq0Vuv//fP70//+NLvPnj18ySm42h9XXMcB2U8xuvHpD89hNv856Ar65mPXthHoaYzIHuYjaFDacf01XvlWIxG3179M9zNlgEAh+XFiNhop6/tGgDgsZbUrv//6nU7AIBuafwe4O76Wr6x9PY3Et11+98RMTRUz9Xub9bS2fo9u6HqfdCRu8m2OyNJRIwdQP3jEfH2x8+9my5xSPchAVq5dj0iLoyN7x7/kx3PLDzb8b7/0vrluebM+I6Vxj/onk/S+c/fW83/Mpvzn2gx/xls8d59EPd//2duHkA1baXzv382Pdt2ryn+urG+eu5X1Tlff3LxUrGQjm2/jojj0T+Y5if3qOP4nZ/utFvXPP/77o3n30nrT39ulcjczA5u32Z2pjLzMDE3u3094g/ZVvGn4/9gtf+TNvPfc/X0wH3q+N8/Xnmr3bo0/jTexrI7/sO1cSPiTy37P9ksk+z5fOJE9XSYaJwULXw4HSPt6h/PbvV/uqT1N/4v0A1p/4/sHf9Y0vy8Znnfu958WuzLG6OftivUfP63jr/1+T+QPF1NN869qzOVytJkxEDy/92vn9ratpFvlE/jP/7H1u//xvjX4vx/Jt3/hX0eiOytb9578PgPVxr/bEf933Eihu7N97Wrf3/9P7Vtm/2Mf/tt4IMeNwAAAAAAAAAAAAAAAAAAAAAAAADoRCYijkaSyW2mM5lcrvYd3r+NkUyxVK6cuFhaXpyN6ndlj0V/pvFRl6NNn4c6Wf88/Eb+1I78XyPiNxHx5uBwNZ/Ll4qzvQ4eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOqOtPn+/9TXgzsK9/WihQDAoRhyYQeAJ02Szfa6CQBAtw11VHr40NoBAHRPZ9d/AOCXwPUfAJ4897n+7/wzAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOjUubNn02Xjh/W1fJqfvbKyPF+6cnK2UJ7PLSznc/nS0uXcXKk0Vyzk8qWFtju6VvtRLJUuT8Xi8tWJSqFcmSivrJ5fKC0vVs5fWpiZK5wv9HctMgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADYv/LK6vxMsVhYkuhJYv6LWj88Ku2R6CwR12r996i05+ASMbA1Sgz3ZnACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeAz8HAAA//8b5R9J") mkdir(&(0x7f0000000140)='./control\x00', 0x0) rmdir(0x0) 11.96971914s ago: executing program 4 (id=3659): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000080000000c"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18010000000000000000000000080021850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f00000003c0)='kfree\x00', r1}, 0x18) socket$inet(0x2, 0x3, 0x3) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000340)='kfree\x00', r2}, 0x10) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000380)) fsopen(&(0x7f0000000100)='configfs\x00', 0x0) r3 = socket$kcm(0xa, 0x6, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000007c0)='memory.events\x00', 0x26e1, 0x0) setsockopt$sock_attach_bpf(r3, 0x10d, 0xb, &(0x7f0000000000)=r4, 0x4) 11.206617632s ago: executing program 4 (id=3664): syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000280)='./file0\x00', 0x88a, &(0x7f0000000340)={[{@minixdf}, {@usrjquota, 0x22}, {@errors_continue}, {@noload}, {@data_err_ignore}, {@grpjquota, 0x22}, {@block_validity}, {@jqfmt_vfsold}, {@noblock_validity}]}, 0xfe, 0x44e, &(0x7f0000000900)="$eJzs3M1vG0UbAPDHdpw0bfMmbykfDS0ECiLiI2nSD3rgUgQSB5CQ4FDEKSRpFeo2qAkSrSIIHMIRVeKOOCLxF3ChXBBwQuIKd4QUoVwonIzW3k3dxE7ixIlL/ftJm8x4xpp5dnfs8azXAXSsoeRPLuJgRPwaEf3V7J0Vhqr/bq0sTP69sjCZi3L5jT9zlXp/rSxMZlWz5x2oZsrlDdpdejtiolSavprmR+cvvzc6d+36czOXJy5OX5y+Mn727KmTx7rPjJ9uSZx9SV8HP5w9euSVt268Nnn+xjs/fp3092BaXhtHqwxV925dT7a6sTbrq0nnutrYEZpSiIjkcBUr478/CtG7WtYfL3/S1s4Bu6pczpd7GhcvloF7WDJRBzpR9kaffP7Ntj2aetwVls/F6jrGrXSrlnRFPq1TTD8j7YahiDi/+M8XyRa7tA4BAFDr5rmIeLbe/C8fD9TU+196bWggIv4fEYci4r6IOBwR90dU6j4YEQ812f7aKyTr5z/l/m0FtkXJ/O+F9NrWnfO/bPYXA4U011eJv5i7MFOaPpHuk+Eo9iT5sQ3a+O6lXz5rVFY7/0u2pP1sLpj244+uNQt0UxPzEzuJudbyxxGDXfXiz63OeZP58ZGIGNxmGzNPf3W0Udnm8W+gBZPy8pcRT1WP/2KsiT+Ta3h9cuz5M+OnR/dFafrEaHZWrPfTz0uvN2p/R/G3wPLNcuyve/6vxj+Q2xcxd+36pcr12rnm21j67dOGn2m2e/53596spLvTxz6YmJ+/OhbRnXt1/ePjt5+b5bP6yfk/fLz++D8Ut/fEwxGRnMTHIuKRiHg07ftjEfF4RBzfIP4fXnzi3ebj32BVvoWS+Kc2O/5Re/ybTxQuff9N8/FnkuN/qpIaTh/ZyuvfVju4k30HAAAA/xX5ynfgc/mR1XQ+PzJS/Q7/4difL83OzT9zYfb9K1PV78oPRDGfrXT116yHjqVrw1l+fE3+ZLpu/Hmht5IfmZwtTbU7eOhwBxqM/8TvhXb3Dth17teCzmX8Q+cy/qFzGf/QuYx/6Fz1xv9HbegHsPc2ef/v3at+AHvP/B86l/EPncv4h47U8N74/I5u+ZdoU+Lb7p39VsPWE5G/S0K+ZxLFqFvUteUfs9hmoqduUbtfmQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFrj3wAAAP//j57jFA==") syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000100)='.\x00', 0x20064, &(0x7f00000001c0)=ANY=[], 0x1, 0x0, &(0x7f0000000000)) socket$nl_netfilter(0x10, 0x3, 0xc) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={0x0}, 0x18) r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000002c00)=@raw={'raw\x00', 0x3c1, 0x3, 0x1398, 0x11b8, 0xc8, 0x8, 0x0, 0x5803, 0x12c8, 0x2e8, 0x2e8, 0x12c8, 0x2e8, 0x3, 0x0, {[{{@uncond, 0x0, 0x1198, 0x11b8, 0x0, {0x0, 0x2000000000000}, [@common=@unspec=@string={{0xc0}, {0x0, 0x0, 'bm\x00', "cfcaf80c672f61cd17ae5119b5135c2aee68d23a465cd431e1ecef50c3234e082555f67222476147864fa03182f5df11d8c348cbd06dc8de1dcbde7d4e252c3394fed47bf78c70f607b0178fa5ea335019ac07a602061c96baebc989f1f35a214e67262c1fe4b124e0f7323a587d2a1fcfe36bbf12eca0a7b66c60c527bac2b5", 0x2, 0x3}}, @common=@unspec=@cgroup1={{0x1030}, {0x0, 0x0, 0x0, 0x0, './cgroup.cpu/syz1\x00'}}]}, @unspec=@NOTRACK={0x20}}, {{@uncond, 0x0, 0xa8, 0x110}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz1\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x13f8) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f000000c280)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a24000000000a01010000000000000009050000000900010073797a30000000000400060070000000030a01030000000000000000050000000900010073797a30000000001c0008800c00024000000000000000000c000140"], 0xd0}}, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x1, &(0x7f0000000140)={0x2, &(0x7f00000000c0)=[{0x5, 0x6, 0x2, 0x1847e26c}, {0xc6ff, 0x6, 0x9, 0x9}]}) openat(0xffffffffffffff9c, 0x0, 0x480, 0x0) munmap(&(0x7f0000002000/0x1000)=nil, 0x1000) openat(0xffffffffffffff9c, 0x0, 0x1c1002, 0x0) io_setup(0x7d, &(0x7f0000000600)) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x5, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x4, &(0x7f0000000180)=ANY=[], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r1 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) futex_waitv(&(0x7f0000001080)=[{0x3, &(0x7f0000001040)=0x3, 0x82}], 0x1, 0x0, &(0x7f0000001100)={0x77359400}, 0x1) r2 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r2, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f00000027c0)={0x2, 0x3, 0x0, 0x2, 0x18, 0x0, 0x0, 0x0, [@sadb_key={0xa, 0x8, 0x208, 0x0, "5b12314b18a441ba13dfdfdbc2955eb93f10496d371f112095f53333e150d5a2654eea729549048c05aa2811107901b33dd66575ef2cdc4c4fc8edd69577137027"}, @sadb_address={0x5, 0x6, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @private2}}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0x2}, @sadb_address={0x5, 0x5, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @mcast1}}]}, 0xc0}, 0x1, 0x7}, 0x0) 7.988675259s ago: executing program 3 (id=3676): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000300)={0x0, 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a01020000000000000000020000000900020073797a310000000008000440000000000900010073797a3000000000080003400000000a14000000110001"], 0x64}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000001080)={&(0x7f0000001100)=ANY=[@ANYBLOB="140000001000010000000000000000000020000a3c000000120a09080000000000000000020000000900020073797a310000000008000440000000000900010073797a3000000000080003400000000a"], 0x64}}, 0x4040080) 7.214751047s ago: executing program 3 (id=3678): bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, 0x0, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0, 0x0, 0xfffffffffffffffe}, 0x18) r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000000)={0xffffffffffffffff}, 0x111, 0x4}}, 0x20) write$RDMA_USER_CM_CMD_LISTEN(r1, &(0x7f0000000040)={0x7, 0x8, 0xfa00, {r2, 0x1}}, 0x10) write$RDMA_USER_CM_CMD_DESTROY_ID(r1, &(0x7f0000000380)={0x1, 0x10, 0xfa00, {&(0x7f0000000300), r2}}, 0x18) 6.754162474s ago: executing program 3 (id=3679): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000940)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r1}, 0x10) r2 = fsopen(&(0x7f0000000100)='ramfs\x00', 0x1) fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0) r3 = fsmount(r2, 0x0, 0x0) symlinkat(&(0x7f0000000000)='.\x00', r3, &(0x7f0000000140)='./file0\x00') openat(r3, &(0x7f00000000c0)='./file0\x00', 0x515a02, 0x52abe154ad664f66) 5.745511361s ago: executing program 3 (id=3681): r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000340)={0x1f, 0xffff, 0x3}, 0x6) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x3) 5.209257097s ago: executing program 4 (id=3682): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48) r1 = add_key$keyring(&(0x7f0000000280), &(0x7f00000002c0)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffff8) request_key(&(0x7f0000000180)='trusted\x00', &(0x7f0000000200)={'syz', 0x2}, &(0x7f0000000240)='\x00', r1) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000400)="6303199ff92dcd46f1c8af049e8f6ccfdbcef5df6c63f6996240fc50015908b6", &(0x7f0000000580)="12c9bdce462740b7589bf975981c07bafccff3de3fab57f2b49ddb1b1e2a5102250513f347dde74e04cfa17fa31dd0bff413e472830b8229344abcb7b481da3642473279246e7d9e657dee2b25ebfec1c997f0a302751ec0c44ddcbff8cebf8aab2d1f14d3c5e42245d6b2c8150fb3bd6f3851fa883b068101ac5805804bda3633ab38e59dda45d04f1a9551a91697c9eda5633d5478c9dd1ef8d0549e6ebed792a491d10a57f666c0da95d71edf98b50f1b87cdb341", 0x10000005, r2}, 0x38) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r3, 0x0, 0x2}, 0x18) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, &(0x7f0000000380)}) statx(0xffffffffffffffff, 0x0, 0x4000, 0x8, 0x0) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r0}, 0x38) bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94) socket(0x10, 0x3, 0x0) ioperm(0x0, 0x7fff, 0x15f9) r4 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r4, 0x107, 0xf, &(0x7f0000006ffc)=0x4000000000000200, 0xe50fb6c50bc849c9) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000380)={'geneve1\x00', 0x0}) bind$packet(r4, &(0x7f0000000080)={0x11, 0x0, r5, 0x1, 0x0, 0x6, @broadcast}, 0x14) socket$inet6_udp(0xa, 0x2, 0x0) r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r7 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) ioctl$SG_IO(r7, 0x2285, &(0x7f0000000040)={0x53, 0xfffffffe, 0x3, 0x0, @buffer={0x2, 0x0, 0x0}, &(0x7f0000000380)="259374", 0x0, 0x0, 0x0, 0x0, 0x0}) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r2}, &(0x7f00000001c0), &(0x7f0000000300)=r7}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x20000000000000f4, &(0x7f0000000440)=ANY=[@ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ff"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r8 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_SEC_PARAMS(r6, &(0x7f0000000b80)={0x0, 0x0, &(0x7f0000000b40)={&(0x7f0000000480)=ANY=[@ANYBLOB='H\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="010029bd7000000000001505000008000300", @ANYRES32, @ANYRESOCT], 0x48}}, 0x0) sendto$inet6(r4, &(0x7f0000000280)="0503092c8f0b480301020d00c52cf7c25975e010b02f0800eb2b2ff0dac8897c6b118777faffffff3066100cb600c5471d130a66321a54e7df305f80a88161b6fd8f24286a57c3feffff", 0xfc13, 0x800, 0x0, 0x2f) 4.643583095s ago: executing program 1 (id=3685): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000080000000c"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18010000000000000000000000080021850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000030000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f00000003c0)='kfree\x00', r1}, 0x18) socket$inet(0x2, 0x3, 0x3) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000340)='kfree\x00', r2}, 0x10) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000380)) fsopen(&(0x7f0000000100)='configfs\x00', 0x0) r3 = socket$kcm(0xa, 0x6, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000007c0)='memory.events\x00', 0x26e1, 0x0) setsockopt$sock_attach_bpf(r3, 0x10d, 0xb, &(0x7f0000000000)=r4, 0x4) 4.114836153s ago: executing program 2 (id=3686): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={0x0, r0}, 0x18) r1 = gettid() r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x2000) read(r2, &(0x7f0000000200)=""/209, 0x128) ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r2, 0x4040534e, &(0x7f0000000080)={0x335, @time={0x80, 0xff}}) ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000180)={0x3, 0x2, 0xc, 0xcbd, 0x40, 0x1}) tkill(r1, 0x7) 4.114408114s ago: executing program 1 (id=3687): ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000340)={'bridge0\x00'}) getsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x3f, &(0x7f0000000540), 0x0) r0 = socket$inet6_sctp(0xa, 0x5, 0x84) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x0) getsockopt$inet_sctp6_SCTP_MAX_BURST(r1, 0x84, 0x83, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000300)=0x8) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r0, 0x84, 0x7c, &(0x7f00000004c0)={r2, 0x1, 0xffff}, 0x8) socket$nl_route(0x10, 0x3, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_GET_NEXT_KEY(0x2, 0x0, 0x0) r3 = syz_io_uring_setup(0x112, &(0x7f0000000140)={0x0, 0x24089, 0x80, 0x3}, &(0x7f0000000240)=0x0, &(0x7f0000000400)) syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) io_uring_register$IORING_REGISTER_PERSONALITY(r3, 0x9, 0x0, 0x0) io_setup(0x8, &(0x7f0000004200)=0x0) r6 = syz_open_procfs(0x0, &(0x7f0000000280)='stack\x00') timer_create(0x0, &(0x7f0000000680)={0x0, 0x21, 0x0, @thr={0x0, 0x0}}, 0x0) clock_nanosleep(0x5, 0x0, &(0x7f00000000c0)={0x0, 0x3938700}, 0x0) sched_setscheduler(0x0, 0x0, 0x0) r7 = socket$inet6_mptcp(0xa, 0x1, 0x106) connect$inet6(r7, 0x0, 0x0) ioprio_set$uid(0x3, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x3000000, &(0x7f00000006c0), 0x1, 0x52b, &(0x7f0000000700)="$eJzs3e9rJGcdAPDvzGavubvU3arIWbAttnJX9XYvjW2jSFtB9FVBre/PmGxCyCYbspt6CUVT/AMEERX8A3wj+AcI0j9BhIK+FxVF9KovtSOzO6v5sZuEyyabbj4feLLPM8/MfJ9nyM7Oj4eZAK6sZyLitYgoRcTzEVEppqdFir1eyud77+Fbi3lKIsve+HsSSTGtv668PBURN4vFpiPiG1+N+HZyNG57Z3dtodlsbBXlemd9s97e2b27ur6w0lhpbMzNzb40//L8i/P3ssKZ+lmNiFe+/Ocf/+DnX3nl15/9zh/u//XOd/NmffFjvXZHxOKZAgzRW3e5uy368m20dR7BxiTvT7k07lYAAHAa+TH+hyPik93j/0qUukdzAAAAwCTJXp2JfycR2XClOLYaAAAAuOzSiJiJJK0VYwFmIk1rtd4Y3o/GjbTZanc+s9za3ljK6yKqUU6XV5uNe8VY4WqUk7w8W4yx7ZdfOFSei4gnIuJHlevdcm2x1Vwa98UPAAAAuCJuPn3w/P9flbSbBwAAACZMdWgBAAAAmBRO+QEAAGDyOf8HAACAifa111/PU9Z/j/fSmzvba6037y412mu19e3F2mJra7O20mqtdJ/Zt37S+pqt1ubnYmP7Qb3TaHfq7Z3d++ut7Y3O/dUDr8AGAAAALtATT7/z+yQi9r5wvZuieA4gwAF/GncDgFEqjbsBwNhMjbsBwNiUT5zDHgImXXJC/dHBO71rhfGb82kPAAAwerc/fvT+/7Wi7uRrA8AHmbE+AHD1uLsHV1f5UUcA3hp1S4Bx+VDv47Fh9UMf3jH8/v/qjSLTu8aQZY/eOgAAYBRmuilJa8Vx+kykaa0W8Xj3tQDlZHm12bhXnB/8rlJ+LC/PdpdMThwzDAAAAAAAAAAAAAAAAAAAAAAAAAD0ZFkSGQAAADDRItK/JN2n+Ufcrjw3c/DqwKG3fv3sjZ88WOh0tmYjriX/qOSTrkVE56fF9BcyrwQAAACAS6B3nl58zo67NQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABMmvcevrXYTxcZ929fiojqoPhTMd39nI5yRNz4ZxJT+5ZLIqI0gvh7b0fErUHxk3g/y7Jq0YpB8a+fc/xqd9MMjp9GxM0RxIer7J18//PaoO9fGs90Pwd//6aKdFbD93/p//Z/pSH7n8cPlYd58t1f1ofGfzviyanB+59+/KQX/0CIvPDsKfv4rW/u7g6s2LfKQfH3x6p31jfr7Z3du6vrCyuNlcbG3NzsS/Mvz784f6++vNpsFH8HhvnhJ371/nH9vzEkfvVg/49s/+dO1fss/vPug4cf6RXKg+LfeXbw7++t+HSln98fPy1++z5V5PO23O7n93r5/Z76xW+fOq7/S0P6P31C/++cqv/x+ee//v0/Dqw5sjUAgIvQ3tldW2g2G1vHZKZPMc8FZ169HM0YYSYuRzPGlcm+1/t/PNt6zrj4kUx2lsWnYgTNuHbke1qKffPkx+GnXmESsZev65T/kAAAwIT5/0H/cXeQAAAAAAAAAAAAAAAAAAAAgPP0iI8lm46IIVUHnk/WzRyOuTeergIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHOu/AQAA//+/RcuG") quotactl$Q_GETINFO(0xffffffff80000500, &(0x7f0000000180)=@loop={'/dev/loop', 0x0}, 0x0, 0x0) pread64(r6, &(0x7f00000002c0)=""/269, 0x10d, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x0, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x21, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0xd4) alarm(0x5) io_pgetevents(r5, 0x3, 0x3, &(0x7f0000000440)=[{}, {}, {}], &(0x7f00000004c0)={0x0, 0x3938700}, 0x0) 3.631975267s ago: executing program 4 (id=3689): bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0, 0x0, 0xfffffffffffffffe}, 0x18) r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000000)={0xffffffffffffffff}, 0x111, 0x4}}, 0x20) write$RDMA_USER_CM_CMD_LISTEN(r1, &(0x7f0000000040)={0x7, 0x8, 0xfa00, {r2, 0x1}}, 0x10) write$RDMA_USER_CM_CMD_DESTROY_ID(r1, &(0x7f0000000380)={0x1, 0x10, 0xfa00, {&(0x7f0000000300), r2}}, 0x18) 3.352962353s ago: executing program 2 (id=3690): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x0, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, @void, @value}, 0x94) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt(r0, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8) setsockopt$inet_sctp6_SCTP_AUTH_KEY(r0, 0x84, 0x17, &(0x7f0000000380)=ANY=[@ANYRES32=0x0, @ANYBLOB="01"], 0x9) setsockopt$inet_sctp6_SCTP_AUTH_DELETE_KEY(r0, 0x84, 0x19, &(0x7f0000000340)={0x0, 0x1}, 0x8) 3.327688739s ago: executing program 0 (id=3691): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000940)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff0000", @ANYRES32=r0, @ANYBLOB], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r1}, 0x10) r2 = fsopen(&(0x7f0000000100)='ramfs\x00', 0x1) fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0) r3 = fsmount(r2, 0x0, 0x0) symlinkat(&(0x7f0000000000)='.\x00', r3, &(0x7f0000000140)='./file0\x00') openat(r3, &(0x7f00000000c0)='./file0\x00', 0x515a02, 0x52abe154ad664f66) 3.019873749s ago: executing program 4 (id=3692): syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000280)='./file0\x00', 0x88a, &(0x7f0000000340)={[{@minixdf}, {@usrjquota, 0x22}, {@errors_continue}, {@noload}, {@data_err_ignore}, {@grpjquota, 0x22}, {@block_validity}, {@jqfmt_vfsold}, {@noblock_validity}]}, 0xfe, 0x44e, &(0x7f0000000900)="$eJzs3M1vG0UbAPDHdpw0bfMmbykfDS0ECiLiI2nSD3rgUgQSB5CQ4FDEKSRpFeo2qAkSrSIIHMIRVeKOOCLxF3ChXBBwQuIKd4QUoVwonIzW3k3dxE7ixIlL/ftJm8x4xpp5dnfs8azXAXSsoeRPLuJgRPwaEf3V7J0Vhqr/bq0sTP69sjCZi3L5jT9zlXp/rSxMZlWz5x2oZsrlDdpdejtiolSavprmR+cvvzc6d+36czOXJy5OX5y+Mn727KmTx7rPjJ9uSZx9SV8HP5w9euSVt268Nnn+xjs/fp3092BaXhtHqwxV925dT7a6sTbrq0nnutrYEZpSiIjkcBUr478/CtG7WtYfL3/S1s4Bu6pczpd7GhcvloF7WDJRBzpR9kaffP7Ntj2aetwVls/F6jrGrXSrlnRFPq1TTD8j7YahiDi/+M8XyRa7tA4BAFDr5rmIeLbe/C8fD9TU+196bWggIv4fEYci4r6IOBwR90dU6j4YEQ812f7aKyTr5z/l/m0FtkXJ/O+F9NrWnfO/bPYXA4U011eJv5i7MFOaPpHuk+Eo9iT5sQ3a+O6lXz5rVFY7/0u2pP1sLpj244+uNQt0UxPzEzuJudbyxxGDXfXiz63OeZP58ZGIGNxmGzNPf3W0Udnm8W+gBZPy8pcRT1WP/2KsiT+Ta3h9cuz5M+OnR/dFafrEaHZWrPfTz0uvN2p/R/G3wPLNcuyve/6vxj+Q2xcxd+36pcr12rnm21j67dOGn2m2e/53596spLvTxz6YmJ+/OhbRnXt1/ePjt5+b5bP6yfk/fLz++D8Ut/fEwxGRnMTHIuKRiHg07ftjEfF4RBzfIP4fXnzi3ebj32BVvoWS+Kc2O/5Re/ybTxQuff9N8/FnkuN/qpIaTh/ZyuvfVju4k30HAAAA/xX5ynfgc/mR1XQ+PzJS/Q7/4difL83OzT9zYfb9K1PV78oPRDGfrXT116yHjqVrw1l+fE3+ZLpu/Hmht5IfmZwtTbU7eOhwBxqM/8TvhXb3Dth17teCzmX8Q+cy/qFzGf/QuYx/6Fz1xv9HbegHsPc2ef/v3at+AHvP/B86l/EPncv4h47U8N74/I5u+ZdoU+Lb7p39VsPWE5G/S0K+ZxLFqFvUteUfs9hmoqduUbtfmQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFrj3wAAAP//j57jFA==") syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000100)='.\x00', 0x20064, &(0x7f00000001c0)=ANY=[], 0x1, 0x0, &(0x7f0000000000)) socket$nl_netfilter(0x10, 0x3, 0xc) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={0x0}, 0x18) r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000002c00)=@raw={'raw\x00', 0x3c1, 0x3, 0x1398, 0x11b8, 0xc8, 0x8, 0x0, 0x5803, 0x12c8, 0x2e8, 0x2e8, 0x12c8, 0x2e8, 0x3, 0x0, {[{{@uncond, 0x0, 0x1198, 0x11b8, 0x0, {0x0, 0x2000000000000}, [@common=@unspec=@string={{0xc0}, {0x0, 0x0, 'bm\x00', "cfcaf80c672f61cd17ae5119b5135c2aee68d23a465cd431e1ecef50c3234e082555f67222476147864fa03182f5df11d8c348cbd06dc8de1dcbde7d4e252c3394fed47bf78c70f607b0178fa5ea335019ac07a602061c96baebc989f1f35a214e67262c1fe4b124e0f7323a587d2a1fcfe36bbf12eca0a7b66c60c527bac2b5", 0x2, 0x3}}, @common=@unspec=@cgroup1={{0x1030}, {0x0, 0x0, 0x0, 0x0, './cgroup.cpu/syz1\x00'}}]}, @unspec=@NOTRACK={0x20}}, {{@uncond, 0x0, 0xa8, 0x110}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz1\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x13f8) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f000000c280)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a24000000000a01010000000000000009050000000900010073797a30000000000400060070000000030a01030000000000000000050000000900010073797a30000000001c0008800c00024000000000000000000c0001400000000000000000"], 0xd0}}, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x1, &(0x7f0000000140)={0x2, &(0x7f00000000c0)=[{0x5, 0x6, 0x2, 0x1847e26c}, {0xc6ff, 0x6, 0x9, 0x9}]}) openat(0xffffffffffffff9c, 0x0, 0x480, 0x0) munmap(&(0x7f0000002000/0x1000)=nil, 0x1000) openat(0xffffffffffffff9c, 0x0, 0x1c1002, 0x0) io_setup(0x7d, &(0x7f0000000600)) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x5, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x4, &(0x7f0000000180)=ANY=[], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r1 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) futex_waitv(&(0x7f0000001080)=[{0x3, &(0x7f0000001040)=0x3, 0x82}], 0x1, 0x0, &(0x7f0000001100)={0x77359400}, 0x1) r2 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r2, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f00000027c0)={0x2, 0x3, 0x0, 0x2, 0x18, 0x0, 0x0, 0x0, [@sadb_key={0xa, 0x8, 0x208, 0x0, "5b12314b18a441ba13dfdfdbc2955eb93f10496d371f112095f53333e150d5a2654eea729549048c05aa2811107901b33dd66575ef2cdc4c4fc8edd69577137027"}, @sadb_address={0x5, 0x6, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @private2}}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0x2}, @sadb_address={0x5, 0x5, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @mcast1}}]}, 0xc0}, 0x1, 0x7}, 0x0) 2.801245643s ago: executing program 2 (id=3693): io_uring_setup(0x6b66, &(0x7f0000000280)={0x0, 0xffbffffc, 0x10000, 0x1, 0x3bd}) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba7a32}) readv(r0, &(0x7f0000000100)=[{&(0x7f00000001c0)=""/227, 0xe3}], 0x1) 2.75548811s ago: executing program 1 (id=3694): syz_mount_image$ext4(&(0x7f00000001c0)='ext4\x00', &(0x7f00000005c0)='./file1\x00', 0x1018ed8, &(0x7f0000000080)={[{@mblk_io_submit}]}, 0x7, 0x644, &(0x7f00000006c0)="$eJzs3c9rHG0dAPDvzCZ5kzS+6SsiNigGPLQgTZNarHqxrQd7KFiwBxEPDU1SQ7c/SFKwtdAEPCgoiHgt0ov/gHfp3ZsI6s2zUEUqFrR0ZWZnm81mN7ttsrtJ5vOBzT7zzLN5nm9mn8wzM/vsBFBas9mPNOJUxNubScR007qpqK+cLcq9+teTW9kjiVrtu/9MIinyGuWT4vlEsTAeEX+8EvHpyu561x89vrNYrdU9jTi3cffBufVHj8+u3l28vXx7+d7C+a9duDj/9YULC00N/XAniuer177z+V/85IdfXflT9WwSl+LG6I+XoiWOgzIbs/G2CLE5fyQiLmaJNn+Xo+YYhFBqleL9OBoRn43pqORLddOx+vOhNg7oq1olora3pFsB4KjSvaGsGuOAxrF9b8fBN/o8Khmcl5frB0C74x8pTjmM58dGk6+SpiOj+rmNkwdQf1bHmyfjz948mXkWO85DvH63dUYOoJ5ONrci4nPt4k/ytp3MI83iT3cc6ycRMR8RY0X7vrWPNiRN6X6ch9lLj/FXsvibt0MaEZeK5yz/ygfW33paa9DxA1BOLy4XO/LNbGl7/5eNPRrjn9ge/zxtvG5q/5dkcsPe/3Ue/zX29+P5uCdtGYdlY5br7X/laGvG33529Ved6q+P/2aeNR5Z/Y2x4CC83IqYaYn/p1mwxfgniz9pM/7Nity81Fsd3/7zP652Wjfs+GvPI063Pf7ZHpVmqT2uT55bWa0uz9d/tq3j93/4wW871d8+/o/6EGl72faf7BB/0/ZPW1+X/U0etP+VW60Zv7v+/G6n+qe6bv/072NJ/XhzrMj50dbGxtpCxFhyrShS5C9ubKyd3zveepnXtfx5oR7/mS+17/873v8tUU00/mX24MH37rzqtO5D3v9NF5Pf1npsQydZ/Evdt/+u/p/l/bLHOv7z/Ydf6LSuffzJvmICAAAAAACAskrza7BJOvcunaZzc/X5sp+JybR6f33jyyv3H95bijiTfx5yNI00yT8yMl1fTlZWq8sLxedhG8vnW5a/EhGfRMSvKxP58tyt+9WlYQcPAAAAAAAAAAAAAAAAAAAAh8SJYv5/4z7V/67U5/8DJdH9BnO77v8AHBP9vMEkcLjl/X+vXfzHg2sLMFj2/1Be+j+Ul/4P5aX/Q3np/1Be+j+Ul/4P5aX/AwAAAMCx9MkXX/w1iYjNb0zkj8xYsc6kXzjeRt+rdKVv7QAGT4+G8np36d9gH0qnp/H/f4svB+x/c4AhSNpl5oOD2t6d/0XbV27b2n/bAAAAAAAAAAAAAIC606c6z/9/v7nBwFFj2h+U1z7m//vqADjifPU/lJdjfKDLLP4Y77Si2/x/AAAAAAAAAAAAAODATOWPJJ0r5gJPRZrOzUV8KiJOxmiyslpdno+IjyPiL5XRj7LlhWE3GgAAAAAAAAAAAAAAAAAAAI6Z9UeP7yxWq8trzYn/7co53onGXVC7F671UGbPxDfjPV8VyeD/LBMRMfSN0rfESFNOErGZbflD0bC19TgczcgTQ/7HBAAAAAAAAAAAAAAAAAAAJdQ097i9md8MuEUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMHjb9//vkliarL+gp8I7E8OOEQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4mv4fAAD//6AzO/k=") quotactl$Q_SETQUOTA(0xffffffff80000800, &(0x7f0000002540)=@loop={'/dev/loop', 0x0}, 0x0, 0x0) mount(0x0, &(0x7f0000000000)='.\x00', 0x0, 0x2012024, 0x0) 2.69330099s ago: executing program 0 (id=3695): r0 = socket$tipc(0x1e, 0x2, 0x0) r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r1}, 0x4) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kmem_cache_free\x00', r2}, 0x10) sendmsg$tipc(r0, &(0x7f0000000540)={&(0x7f00000001c0)=@name={0x1e, 0x2, 0x0, {{0x42}, 0x2}}, 0x10, 0x0}, 0x10) 2.049251332s ago: executing program 0 (id=3696): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000080), r0) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000140)={'wpan0\x00', 0x0}) sendmsg$NL802154_CMD_DEL_SEC_DEVKEY(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000480)=ANY=[@ANYBLOB='D\x00\x00', @ANYRES16=r1, @ANYBLOB="010025bd7000fb5bdf251e00000008000300", @ANYRES32=r2, @ANYBLOB='(\x00/'], 0x44}, 0x1, 0x0, 0x0, 0x40c4}, 0x40800) 1.786101932s ago: executing program 1 (id=3697): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000080000000c"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18010000000000000000000000080021850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000030000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f00000003c0)='kfree\x00', r1}, 0x18) socket$inet(0x2, 0x3, 0x3) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000340)='kfree\x00', r2}, 0x10) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000380)) fsopen(&(0x7f0000000100)='configfs\x00', 0x0) r3 = socket$kcm(0xa, 0x6, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000007c0)='memory.events\x00', 0x26e1, 0x0) setsockopt$sock_attach_bpf(r3, 0x10d, 0xb, &(0x7f0000000000)=r4, 0x4) 1.620356155s ago: executing program 0 (id=3698): pipe(&(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) vmsplice(r1, &(0x7f0000000340)=[{&(0x7f0000000100)="4e05d1f2000000000000000016b4d7f06dc94555", 0x14}], 0x1, 0xe) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0xa, &(0x7f0000000080)=@framed={{0x18, 0x5}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_fd, @generic={0x6e}, @initr0, @exit]}, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r2 = socket$inet(0x2, 0x3, 0x7f) bind$inet(r2, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10) setsockopt$inet_int(r2, 0x0, 0x3, &(0x7f0000000080)=0xfffffffa, 0x4) connect$inet(r2, &(0x7f0000000040)={0x2, 0x0, @multicast1}, 0x10) splice(r0, 0x0, r2, 0x0, 0x8000, 0x0) 1.370892714s ago: executing program 2 (id=3699): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48) r1 = add_key$keyring(&(0x7f0000000280), &(0x7f00000002c0)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffff8) request_key(&(0x7f0000000180)='trusted\x00', &(0x7f0000000200)={'syz', 0x2}, &(0x7f0000000240)='\x00', r1) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000400)="6303199ff92dcd46f1c8af049e8f6ccfdbcef5df6c63f6996240fc50015908b6", &(0x7f0000000580)="12c9bdce462740b7589bf975981c07bafccff3de3fab57f2b49ddb1b1e2a5102250513f347dde74e04cfa17fa31dd0bff413e472830b8229344abcb7b481da3642473279246e7d9e657dee2b25ebfec1c997f0a302751ec0c44ddcbff8cebf8aab2d1f14d3c5e42245d6b2c8150fb3bd6f3851fa883b068101ac5805804bda3633ab38e59dda45d04f1a9551a91697c9eda5633d5478c9dd1ef8d0549e6ebed792a491d10a57f666c0da95d71edf98b50f1b87cdb34194", 0x10000005, r2}, 0x38) r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r3, 0x0, 0x2}, 0x18) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, &(0x7f0000000380)}) statx(0xffffffffffffffff, 0x0, 0x4000, 0x8, 0x0) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r0}, 0x38) bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94) socket(0x10, 0x3, 0x0) ioperm(0x0, 0x7fff, 0x15f9) r4 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r4, 0x107, 0xf, &(0x7f0000006ffc)=0x4000000000000200, 0xe50fb6c50bc849c9) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000380)={'geneve1\x00', 0x0}) bind$packet(r4, &(0x7f0000000080)={0x11, 0x0, r5, 0x1, 0x0, 0x6, @broadcast}, 0x14) socket$inet6_udp(0xa, 0x2, 0x0) r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r7 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) ioctl$SG_IO(r7, 0x2285, &(0x7f0000000040)={0x53, 0xfffffffe, 0x3, 0x0, @buffer={0x2, 0x0, 0x0}, &(0x7f0000000380)="259374", 0x0, 0x0, 0x0, 0x0, 0x0}) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r2}, &(0x7f00000001c0), &(0x7f0000000300)=r7}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x20000000000000f4, &(0x7f0000000440)=ANY=[@ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ff"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r8 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_SEC_PARAMS(r6, &(0x7f0000000b80)={0x0, 0x0, &(0x7f0000000b40)={&(0x7f0000000480)=ANY=[@ANYBLOB='H\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="010029bd7000000000001505000008000300", @ANYRES32, @ANYRESOCT], 0x48}}, 0x0) sendto$inet6(r4, &(0x7f0000000280)="0503092c8f0b480301020d00c52cf7c25975e010b02f0800eb2b2ff0dac8897c6b118777faffffff3066100cb600c5471d130a66321a54e7df305f80a88161b6fd8f24286a57c3feffff", 0xfc13, 0x800, 0x0, 0x2f) 1.280653511s ago: executing program 3 (id=3700): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={0x0, r0}, 0x18) r1 = gettid() r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x2000) read(r2, &(0x7f0000000200)=""/209, 0x128) ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r2, 0x4040534e, &(0x7f0000000080)={0x335, @time={0x80, 0xff}}) ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000180)={0x3, 0x2, 0xc, 0xcbd, 0x40, 0x1}) tkill(r1, 0x7) 1.187490542s ago: executing program 1 (id=3701): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r1}, 0x10) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f000000c280)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a24000000000a01010000000000000009050000000900010073797a30000000000400060070000000030a01030000000000000000050000000900010073797a30000000001c0008800c00024000000000000000000c00014000000000000000000900030073797a3200000000280004800800024000000000080001"], 0xd0}}, 0x0) 978.543387ms ago: executing program 0 (id=3702): bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0, 0x0, 0xfffffffffffffffe}, 0x18) r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000000)={0xffffffffffffffff}, 0x111, 0x4}}, 0x20) write$RDMA_USER_CM_CMD_LISTEN(r1, &(0x7f0000000040)={0x7, 0x8, 0xfa00, {r2, 0x1}}, 0x10) write$RDMA_USER_CM_CMD_DESTROY_ID(r1, &(0x7f0000000380)={0x1, 0x10, 0xfa00, {&(0x7f0000000300), r2}}, 0x18) 621.631574ms ago: executing program 2 (id=3703): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x0, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00'}, 0x10) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt(r0, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8) setsockopt$inet_sctp6_SCTP_AUTH_KEY(r0, 0x84, 0x17, &(0x7f0000000380)=ANY=[@ANYRES32=0x0, @ANYBLOB="01"], 0x9) setsockopt$inet_sctp6_SCTP_AUTH_DELETE_KEY(r0, 0x84, 0x19, &(0x7f0000000340)={0x0, 0x1}, 0x8) 482.945416ms ago: executing program 3 (id=3704): ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000340)={'bridge0\x00'}) getsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x3f, &(0x7f0000000540), 0x0) r0 = socket$inet6_sctp(0xa, 0x5, 0x84) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x0) getsockopt$inet_sctp6_SCTP_MAX_BURST(r1, 0x84, 0x83, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000300)=0x8) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r0, 0x84, 0x7c, &(0x7f00000004c0)={r2, 0x1, 0xffff}, 0x8) socket$nl_route(0x10, 0x3, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_GET_NEXT_KEY(0x2, 0x0, 0x0) r3 = syz_io_uring_setup(0x112, &(0x7f0000000140)={0x0, 0x24089, 0x80, 0x3}, &(0x7f0000000240)=0x0, &(0x7f0000000400)) syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) io_uring_register$IORING_REGISTER_PERSONALITY(r3, 0x9, 0x0, 0x0) io_setup(0x8, &(0x7f0000004200)=0x0) r6 = syz_open_procfs(0x0, &(0x7f0000000280)='stack\x00') timer_create(0x0, &(0x7f0000000680)={0x0, 0x21, 0x0, @thr={0x0, 0x0}}, 0x0) clock_nanosleep(0x5, 0x0, &(0x7f00000000c0)={0x0, 0x3938700}, 0x0) sched_setscheduler(0x0, 0x0, 0x0) r7 = socket$inet6_mptcp(0xa, 0x1, 0x106) connect$inet6(r7, 0x0, 0x0) ioprio_set$uid(0x3, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x3000000, &(0x7f00000006c0), 0x1, 0x52b, &(0x7f0000000700)="$eJzs3e9rJGcdAPDvzGavubvU3arIWbAttnJX9XYvjW2jSFtB9FVBre/PmGxCyCYbspt6CUVT/AMEERX8A3wj+AcI0j9BhIK+FxVF9KovtSOzO6v5sZuEyyabbj4feLLPM8/MfJ9nyM7Oj4eZAK6sZyLitYgoRcTzEVEppqdFir1eyud77+Fbi3lKIsve+HsSSTGtv668PBURN4vFpiPiG1+N+HZyNG57Z3dtodlsbBXlemd9s97e2b27ur6w0lhpbMzNzb40//L8i/P3ssKZ+lmNiFe+/Ocf/+DnX3nl15/9zh/u//XOd/NmffFjvXZHxOKZAgzRW3e5uy368m20dR7BxiTvT7k07lYAAHAa+TH+hyPik93j/0qUukdzAAAAwCTJXp2JfycR2XClOLYaAAAAuOzSiJiJJK0VYwFmIk1rtd4Y3o/GjbTZanc+s9za3ljK6yKqUU6XV5uNe8VY4WqUk7w8W4yx7ZdfOFSei4gnIuJHlevdcm2x1Vwa98UPAAAAuCJuPn3w/P9flbSbBwAAACZMdWgBAAAAmBRO+QEAAGDyOf8HAACAifa111/PU9Z/j/fSmzvba6037y412mu19e3F2mJra7O20mqtdJ/Zt37S+pqt1ubnYmP7Qb3TaHfq7Z3d++ut7Y3O/dUDr8AGAAAALtATT7/z+yQi9r5wvZuieA4gwAF/GncDgFEqjbsBwNhMjbsBwNiUT5zDHgImXXJC/dHBO71rhfGb82kPAAAwerc/fvT+/7Wi7uRrA8AHmbE+AHD1uLsHV1f5UUcA3hp1S4Bx+VDv47Fh9UMf3jH8/v/qjSLTu8aQZY/eOgAAYBRmuilJa8Vx+kykaa0W8Xj3tQDlZHm12bhXnB/8rlJ+LC/PdpdMThwzDAAAAAAAAAAAAAAAAAAAAAAAAAD0ZFkSGQAAADDRItK/JN2n+Ufcrjw3c/DqwKG3fv3sjZ88WOh0tmYjriX/qOSTrkVE56fF9BcyrwQAAACAS6B3nl58zo67NQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABMmvcevrXYTxcZ929fiojqoPhTMd39nI5yRNz4ZxJT+5ZLIqI0gvh7b0fErUHxk3g/y7Jq0YpB8a+fc/xqd9MMjp9GxM0RxIer7J18//PaoO9fGs90Pwd//6aKdFbD93/p//Z/pSH7n8cPlYd58t1f1ofGfzviyanB+59+/KQX/0CIvPDsKfv4rW/u7g6s2LfKQfH3x6p31jfr7Z3du6vrCyuNlcbG3NzsS/Mvz784f6++vNpsFH8HhvnhJ371/nH9vzEkfvVg/49s/+dO1fss/vPug4cf6RXKg+LfeXbw7++t+HSln98fPy1++z5V5PO23O7n93r5/Z76xW+fOq7/S0P6P31C/++cqv/x+ee//v0/Dqw5sjUAgIvQ3tldW2g2G1vHZKZPMc8FZ169HM0YYSYuRzPGlcm+1/t/PNt6zrj4kUx2lsWnYgTNuHbke1qKffPkx+GnXmESsZev65T/kAAAwIT5/0H/cXeQAAAAAAAAAAAAAAAAAAAAgPP0iI8lm46IIVUHnk/WzRyOuTeergIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHOu/AQAA//+/RcuG") quotactl$Q_GETINFO(0xffffffff80000500, &(0x7f0000000180)=@loop={'/dev/loop', 0x0}, 0x0, 0x0) pread64(r6, &(0x7f00000002c0)=""/269, 0x10d, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x0, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x21, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0xd4) alarm(0x5) io_pgetevents(r5, 0x3, 0x3, &(0x7f0000000440)=[{}, {}, {}], &(0x7f00000004c0)={0x0, 0x3938700}, 0x0) 407.589126ms ago: executing program 0 (id=3705): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000940)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff0000", @ANYRES32=r0, @ANYBLOB], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r1}, 0x10) r2 = fsopen(&(0x7f0000000100)='ramfs\x00', 0x1) fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0) r3 = fsmount(r2, 0x0, 0x0) symlinkat(&(0x7f0000000000)='.\x00', r3, &(0x7f0000000140)='./file0\x00') openat(r3, &(0x7f00000000c0)='./file0\x00', 0x515a02, 0x52abe154ad664f66) 346.348418ms ago: executing program 1 (id=3706): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0x50, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0, r1}, 0x18) syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_SETSEL(0xffffffffffffffff, 0x4b65, 0x0) r2 = syz_io_uring_setup(0x110, &(0x7f0000000340)={0x0, 0x810c, 0x8, 0x40000, 0x100000f0}, &(0x7f0000000400)=0x0, &(0x7f0000000040)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) syz_io_uring_submit(r3, r4, &(0x7f0000000440)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r5, 0x0, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, &(0x7f0000002480)=ANY=[@ANYBLOB='8\x00'], 0x348}, 0x0, 0x800, 0x1}) io_uring_enter(r2, 0x8aa, 0x0, 0x0, 0x0, 0x0) 0s ago: executing program 2 (id=3707): syz_mount_image$ext4(&(0x7f00000001c0)='ext4\x00', &(0x7f00000005c0)='./file1\x00', 0x1018ed8, &(0x7f0000000080)={[{@mblk_io_submit}]}, 0x7, 0x644, &(0x7f00000006c0)="$eJzs3c9rHG0dAPDvzCZ5kzS+6SsiNigGPLQgTZNarHqxrQd7KFiwBxEPDU1SQ7c/SFKwtdAEPCgoiHgt0ov/gHfp3ZsI6s2zUEUqFrR0ZWZnm81mN7ttsrtJ5vOBzT7zzLN5nm9mn8wzM/vsBFBas9mPNOJUxNubScR007qpqK+cLcq9+teTW9kjiVrtu/9MIinyGuWT4vlEsTAeEX+8EvHpyu561x89vrNYrdU9jTi3cffBufVHj8+u3l28vXx7+d7C+a9duDj/9YULC00N/XAniuer177z+V/85IdfXflT9WwSl+LG6I+XoiWOgzIbs/G2CLE5fyQiLmaJNn+Xo+YYhFBqleL9OBoRn43pqORLddOx+vOhNg7oq1olora3pFsB4KjSvaGsGuOAxrF9b8fBN/o8Khmcl5frB0C74x8pTjmM58dGk6+SpiOj+rmNkwdQf1bHmyfjz948mXkWO85DvH63dUYOoJ5ONrci4nPt4k/ytp3MI83iT3cc6ycRMR8RY0X7vrWPNiRN6X6ch9lLj/FXsvibt0MaEZeK5yz/ygfW33paa9DxA1BOLy4XO/LNbGl7/5eNPRrjn9ge/zxtvG5q/5dkcsPe/3Ue/zX29+P5uCdtGYdlY5br7X/laGvG33529Ved6q+P/2aeNR5Z/Y2x4CC83IqYaYn/p1mwxfgniz9pM/7Nity81Fsd3/7zP652Wjfs+GvPI063Pf7ZHpVmqT2uT55bWa0uz9d/tq3j93/4wW871d8+/o/6EGl72faf7BB/0/ZPW1+X/U0etP+VW60Zv7v+/G6n+qe6bv/072NJ/XhzrMj50dbGxtpCxFhyrShS5C9ubKyd3zveepnXtfx5oR7/mS+17/873v8tUU00/mX24MH37rzqtO5D3v9NF5Pf1npsQydZ/Evdt/+u/p/l/bLHOv7z/Ydf6LSuffzJvmICAAAAAACAskrza7BJOvcunaZzc/X5sp+JybR6f33jyyv3H95bijiTfx5yNI00yT8yMl1fTlZWq8sLxedhG8vnW5a/EhGfRMSvKxP58tyt+9WlYQcPAAAAAAAAAAAAAAAAAAAAh8SJYv5/4z7V/67U5/8DJdH9BnO77v8AHBP9vMEkcLjl/X+vXfzHg2sLMFj2/1Be+j+Ul/4P5aX/Q3np/1Be+j+Ul/4P5aX/AwAAAMCx9MkXX/w1iYjNb0zkj8xYsc6kXzjeRt+rdKVv7QAGT4+G8np36d9gH0qnp/H/f4svB+x/c4AhSNpl5oOD2t6d/0XbV27b2n/bAAAAAAAAAAAAAIC606c6z/9/v7nBwFFj2h+U1z7m//vqADjifPU/lJdjfKDLLP4Y77Si2/x/AAAAAAAAAAAAAODATOWPJJ0r5gJPRZrOzUV8KiJOxmiyslpdno+IjyPiL5XRj7LlhWE3GgAAAAAAAAAAAAAAAAAAAI6Z9UeP7yxWq8trzYn/7co53onGXVC7F671UGbPxDfjPV8VyeD/LBMRMfSN0rfESFNOErGZbflD0bC19TgczcgTQ/7HBAAAAAAAAAAAAAAAAAAAJdQ097i9md8MuEUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMHjb9//vkliarL+gp8I7E8OOEQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4mv4fAAD//6AzO/k=") quotactl$Q_SETQUOTA(0xffffffff80000800, &(0x7f0000002540)=@loop={'/dev/loop', 0x0}, 0x0, 0x0) mount(0x0, &(0x7f0000000000)='.\x00', 0x0, 0x2012024, 0x0) kernel console output (not intermixed with test programs): loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 894.908292][ T5793] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 896.532480][ T3692] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 896.541316][ T3692] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 896.767233][ T74] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 896.775622][ T74] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 897.975519][T13962] loop1: detected capacity change from 0 to 512 [ 898.085800][T13962] EXT4-fs error (device loop1): __ext4_iget:4984: inode #16: block 127754: comm syz.1.2935: invalid block [ 898.174056][T13962] EXT4-fs error (device loop1): ext4_orphan_get:1394: comm syz.1.2935: couldn't read orphan inode 16 (err -117) [ 898.257058][T13962] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 898.328492][T13962] ext4 filesystem being mounted at /0/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 898.922575][T13973] loop4: detected capacity change from 0 to 1024 [ 898.942182][T13691] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 899.036495][T13973] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 899.048163][T13973] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 899.157594][T13973] JBD2: no valid journal superblock found [ 899.163642][T13973] EXT4-fs (loop4): Could not load journal inode [ 899.580183][ T5789] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 899.594436][ T5789] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 899.605843][ T5789] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 899.629117][ T5789] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 899.642331][ T5789] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 899.652018][ T5789] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 900.235713][ T1282] ieee802154 phy0 wpan0: encryption failed: -22 [ 900.242732][ T1282] ieee802154 phy1 wpan1: encryption failed: -22 [ 900.293201][T13977] usb usb1: usbfs: interface 0 claimed by hub while 'syz.1.3019' sets config #0 [ 901.598982][T14000] loop4: detected capacity change from 0 to 512 [ 901.678361][T13979] chnl_net:caif_netlink_parms(): no params data found [ 901.727876][ T5789] Bluetooth: hci2: command tx timeout [ 901.824570][T14000] EXT4-fs error (device loop4): __ext4_iget:4984: inode #16: block 127754: comm syz.4.3028: invalid block [ 901.849646][T14000] EXT4-fs error (device loop4): ext4_orphan_get:1394: comm syz.4.3028: couldn't read orphan inode 16 (err -117) [ 901.889610][T14000] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 901.920211][T14000] ext4 filesystem being mounted at /599/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 901.977090][ T29] kauditd_printk_skb: 40 callbacks suppressed [ 901.977165][ T29] audit: type=1326 audit(1740378674.906:7311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13999 comm="syz.4.3028" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f6f579 code=0x7ffc0000 [ 902.007167][ T29] audit: type=1326 audit(1740378674.906:7312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13999 comm="syz.4.3028" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f6f579 code=0x7ffc0000 [ 902.030134][ T29] audit: type=1326 audit(1740378674.946:7313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13999 comm="syz.4.3028" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f6f579 code=0x7ffc0000 [ 902.055832][ T29] audit: type=1326 audit(1740378674.946:7314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13999 comm="syz.4.3028" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f6f579 code=0x7ffc0000 [ 902.079441][ T29] audit: type=1326 audit(1740378674.956:7315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13999 comm="syz.4.3028" exe="/root/syz-executor" sig=0 arch=40000003 syscall=27 compat=1 ip=0xf7f6f579 code=0x7ffc0000 [ 902.102228][ T29] audit: type=1326 audit(1740378674.956:7316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13999 comm="syz.4.3028" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f6f579 code=0x7ffc0000 [ 902.125058][ T29] audit: type=1326 audit(1740378674.956:7317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13999 comm="syz.4.3028" exe="/root/syz-executor" sig=0 arch=40000003 syscall=385 compat=1 ip=0xf7f6f579 code=0x7ffc0000 [ 902.153701][ T29] audit: type=1326 audit(1740378675.016:7318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13999 comm="syz.4.3028" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f6f579 code=0x7ffc0000 [ 902.183733][ T29] audit: type=1326 audit(1740378675.016:7319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13999 comm="syz.4.3028" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f6f579 code=0x7ffc0000 [ 902.406658][T14015] loop1: detected capacity change from 0 to 1024 [ 902.506268][ T3692] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 902.530474][T14015] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 902.550367][T14015] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 902.613478][T14015] JBD2: no valid journal superblock found [ 902.620344][T14015] EXT4-fs (loop1): Could not load journal inode [ 902.652785][ T3692] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 902.735438][ T5793] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 902.836613][ T3692] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 902.928046][ T3692] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 902.947052][T13979] bridge0: port 1(bridge_slave_0) entered blocking state [ 902.955843][T13979] bridge0: port 1(bridge_slave_0) entered disabled state [ 902.965108][T13979] bridge_slave_0: entered allmulticast mode [ 902.983367][T13979] bridge_slave_0: entered promiscuous mode [ 902.999782][T13979] bridge0: port 2(bridge_slave_1) entered blocking state [ 903.010018][T13979] bridge0: port 2(bridge_slave_1) entered disabled state [ 903.021339][T13979] bridge_slave_1: entered allmulticast mode [ 903.034208][T13979] bridge_slave_1: entered promiscuous mode [ 903.440371][T13979] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 903.837709][ T5789] Bluetooth: hci2: command tx timeout [ 903.906557][ T3692] bond0 (unregistering): Released all slaves [ 903.943732][T13979] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 904.254157][T13979] team0: Port device team_slave_0 added [ 904.425390][T13979] team0: Port device team_slave_1 added [ 904.498707][T14029] usb usb1: usbfs: interface 0 claimed by hub while 'syz.1.3038' sets config #0 [ 904.566033][T14029] usb usb1: usbfs: interface 0 claimed by hub while 'syz.1.3038' sets config #1 [ 904.803078][T13979] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 904.811536][T13979] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 904.848083][T13979] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 904.926558][T13979] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 904.934874][T13979] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 904.961745][T13979] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 905.208846][ T3692] hsr_slave_0: left promiscuous mode [ 905.249803][ T3692] hsr_slave_1: left promiscuous mode [ 905.485363][ T3692] veth0_macvtap: left promiscuous mode [ 905.491511][ T3692] veth1_vlan: left promiscuous mode [ 905.497170][ T3692] veth0_vlan: left promiscuous mode [ 905.904040][ T5789] Bluetooth: hci2: command tx timeout [ 905.980820][T14041] loop4: detected capacity change from 0 to 512 [ 906.155916][T14041] EXT4-fs error (device loop4): __ext4_iget:4984: inode #16: block 127754: comm syz.4.3043: invalid block [ 906.226089][T14041] EXT4-fs error (device loop4): ext4_orphan_get:1394: comm syz.4.3043: couldn't read orphan inode 16 (err -117) [ 906.320327][T14041] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 906.438198][ T3821] smc: removing ib device syz! [ 906.494798][T14046] loop2: detected capacity change from 0 to 1024 [ 906.596373][T14046] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 906.607811][T14041] ext4 filesystem being mounted at /603/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 906.620334][T14046] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 906.748121][ T29] audit: type=1326 audit(1740378679.586:7320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14039 comm="syz.4.3043" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f6f579 code=0x7ffc0000 [ 906.818022][T14046] JBD2: no valid journal superblock found [ 906.824076][T14046] EXT4-fs (loop2): Could not load journal inode [ 907.136576][T13979] hsr_slave_0: entered promiscuous mode [ 907.147945][T13979] hsr_slave_1: entered promiscuous mode [ 907.156846][T13979] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 907.164820][T13979] Cannot create hsr debugfs directory [ 907.724572][ T5793] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 907.978415][ T5789] Bluetooth: hci2: command tx timeout [ 909.262486][ T3692] IPVS: stop unused estimator thread 0... [ 909.425644][T14057] usb usb1: usbfs: interface 0 claimed by hub while 'syz.1.3050' sets config #0 [ 909.450095][T14057] usb usb1: usbfs: interface 0 claimed by hub while 'syz.1.3050' sets config #1 [ 909.736642][T14060] syz.4.3051 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 910.381481][T13979] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 910.509517][T13979] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 910.568609][T14071] loop0: detected capacity change from 0 to 512 [ 910.594153][T13979] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 910.681670][T13979] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 910.710047][T14071] EXT4-fs error (device loop0): __ext4_iget:4984: inode #16: block 127754: comm syz.0.3056: invalid block [ 910.795004][T14071] EXT4-fs error (device loop0): ext4_orphan_get:1394: comm syz.0.3056: couldn't read orphan inode 16 (err -117) [ 910.831467][T14071] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 910.986393][T14071] ext4 filesystem being mounted at /621/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 911.098211][ T29] kauditd_printk_skb: 7 callbacks suppressed [ 911.098291][ T29] audit: type=1326 audit(1740378684.016:7328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14069 comm="syz.0.3056" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748d579 code=0x7ffc0000 [ 911.129201][ T29] audit: type=1326 audit(1740378684.026:7329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14069 comm="syz.0.3056" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748d579 code=0x7ffc0000 [ 911.152411][ T29] audit: type=1326 audit(1740378684.036:7330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14069 comm="syz.0.3056" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf748d579 code=0x7ffc0000 [ 911.178039][ T29] audit: type=1326 audit(1740378684.036:7331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14069 comm="syz.0.3056" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748d579 code=0x7ffc0000 [ 911.200868][ T29] audit: type=1326 audit(1740378684.036:7332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14069 comm="syz.0.3056" exe="/root/syz-executor" sig=0 arch=40000003 syscall=27 compat=1 ip=0xf748d579 code=0x7ffc0000 [ 911.224356][ T29] audit: type=1326 audit(1740378684.036:7333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14069 comm="syz.0.3056" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748d579 code=0x7ffc0000 [ 911.248043][ T29] audit: type=1326 audit(1740378684.036:7334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14069 comm="syz.0.3056" exe="/root/syz-executor" sig=0 arch=40000003 syscall=385 compat=1 ip=0xf748d579 code=0x7ffc0000 [ 911.272751][ T29] audit: type=1326 audit(1740378684.106:7335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14069 comm="syz.0.3056" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748d579 code=0x7ffc0000 [ 911.296105][ T29] audit: type=1326 audit(1740378684.106:7336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14069 comm="syz.0.3056" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748d579 code=0x7ffc0000 [ 911.610171][ T5785] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 912.196544][T13979] 8021q: adding VLAN 0 to HW filter on device bond0 [ 912.362087][T13979] 8021q: adding VLAN 0 to HW filter on device team0 [ 912.479893][ T74] bridge0: port 1(bridge_slave_0) entered blocking state [ 912.487955][ T74] bridge0: port 1(bridge_slave_0) entered forwarding state [ 912.578083][ T74] bridge0: port 2(bridge_slave_1) entered blocking state [ 912.585834][ T74] bridge0: port 2(bridge_slave_1) entered forwarding state [ 914.353249][T14112] loop2: detected capacity change from 0 to 512 [ 914.519633][T14112] EXT4-fs error (device loop2): __ext4_iget:4984: inode #16: block 127754: comm syz.2.3069: invalid block [ 914.609158][T14112] EXT4-fs error (device loop2): ext4_orphan_get:1394: comm syz.2.3069: couldn't read orphan inode 16 (err -117) [ 914.634261][T14112] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 914.719545][T14112] ext4 filesystem being mounted at /620/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 914.807552][ T29] audit: type=1326 audit(1740378687.726:7337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14111 comm="syz.2.3069" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73cd579 code=0x7ffc0000 [ 914.813861][T13979] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 915.330239][ T5783] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 915.353305][T13979] veth0_vlan: entered promiscuous mode [ 915.481573][T13979] veth1_vlan: entered promiscuous mode [ 915.763946][T14126] loop0: detected capacity change from 0 to 512 [ 915.840748][T14126] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 915.907749][T13979] veth0_macvtap: entered promiscuous mode [ 916.033109][T14126] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #16: comm syz.0.3074: invalid indirect mapped block 4294967295 (level 0) [ 916.105962][T14126] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #16: comm syz.0.3074: invalid indirect mapped block 4294967295 (level 1) [ 916.123176][T13979] veth1_macvtap: entered promiscuous mode [ 916.153919][T14126] EXT4-fs (loop0): 1 orphan inode deleted [ 916.160981][T14126] EXT4-fs (loop0): 1 truncate cleaned up [ 916.168775][T14126] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 916.521570][T13979] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 916.532551][T13979] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 916.542949][T13979] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 916.554106][T13979] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 916.564481][T13979] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 916.575540][T13979] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 916.593208][T13979] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 916.735515][ T5785] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 916.839448][T13979] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 916.859138][T13979] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 916.871582][T13979] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 916.882693][T13979] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 916.893006][T13979] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 916.905713][T13979] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 916.921731][T13979] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 917.059993][T13979] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 917.069760][T13979] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 917.079460][T13979] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 917.091913][T13979] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 917.949313][T14147] loop0: detected capacity change from 0 to 164 [ 917.996879][T14147] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 918.070821][T14147] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 918.848409][T14158] usb usb1: usbfs: interface 0 claimed by hub while 'syz.0.3085' sets config #0 [ 918.861066][T14158] usb usb1: usbfs: interface 0 claimed by hub while 'syz.0.3085' sets config #1 [ 919.273486][T14162] loop1: detected capacity change from 0 to 2048 [ 919.441243][T14162] EXT4-fs (loop1): warning: checktime reached, running e2fsck is recommended [ 919.484317][T14162] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 919.498647][T14162] ext4 filesystem being mounted at /21/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 919.638442][ T29] kauditd_printk_skb: 8 callbacks suppressed [ 919.638516][ T29] audit: type=1800 audit(1740378692.566:7346): pid=14162 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.3087" name="file1" dev="loop1" ino=15 res=0 errno=0 [ 919.913698][T13691] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 921.440626][T14195] usb usb1: usbfs: interface 0 claimed by hub while 'syz.2.3097' sets config #0 [ 921.452120][T14195] usb usb1: usbfs: interface 0 claimed by hub while 'syz.2.3097' sets config #1 [ 922.171520][T14201] loop1: detected capacity change from 0 to 2048 [ 922.348800][T14201] EXT4-fs (loop1): warning: checktime reached, running e2fsck is recommended [ 922.364927][T14201] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 922.378878][T14201] ext4 filesystem being mounted at /24/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 922.502021][ T29] audit: type=1800 audit(1740378695.436:7347): pid=14201 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.3099" name="file1" dev="loop1" ino=15 res=0 errno=0 [ 922.775222][T13691] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 922.805630][ T4486] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 922.813953][ T4486] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 922.932650][T14213] netlink: 40 bytes leftover after parsing attributes in process `syz.4.3103'. [ 923.058260][ T3692] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 923.066341][ T3692] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 925.066907][T13692] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 925.096731][T13692] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 925.107706][T13692] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 925.152622][T13692] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 925.167204][T13692] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 925.183844][T13692] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 926.326756][T14253] siw: device registration error -23 [ 926.408895][T14239] chnl_net:caif_netlink_parms(): no params data found [ 926.722823][T14259] netlink: 40 bytes leftover after parsing attributes in process `syz.0.3120'. [ 926.765643][T14257] loop3: detected capacity change from 0 to 512 [ 927.259757][ T5787] Bluetooth: hci4: command tx timeout [ 928.000693][ T4486] bond0: (slave netdevsim3): Releasing backup interface [ 928.037552][ T4486] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 928.111779][T14239] bridge0: port 1(bridge_slave_0) entered blocking state [ 928.119999][T14239] bridge0: port 1(bridge_slave_0) entered disabled state [ 928.128007][T14239] bridge_slave_0: entered allmulticast mode [ 928.137222][T14239] bridge_slave_0: entered promiscuous mode [ 928.204041][ T4486] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 928.273716][T14239] bridge0: port 2(bridge_slave_1) entered blocking state [ 928.281618][T14239] bridge0: port 2(bridge_slave_1) entered disabled state [ 928.289607][T14239] bridge_slave_1: entered allmulticast mode [ 928.299106][T14239] bridge_slave_1: entered promiscuous mode [ 928.401928][ T4486] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 928.606623][ T4486] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 928.823161][T14239] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 928.845345][T14279] loop3: detected capacity change from 0 to 512 [ 928.968452][T14279] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 928.970208][T14239] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 929.087530][T14279] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #16: comm syz.3.3128: invalid indirect mapped block 4294967295 (level 0) [ 929.113852][T14279] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #16: comm syz.3.3128: invalid indirect mapped block 4294967295 (level 1) [ 929.152884][T14279] EXT4-fs (loop3): 1 orphan inode deleted [ 929.159013][T14279] EXT4-fs (loop3): 1 truncate cleaned up [ 929.166849][T14279] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 929.200652][ T4486] bridge_slave_1: left allmulticast mode [ 929.206589][ T4486] bridge_slave_1: left promiscuous mode [ 929.213351][ T4486] bridge0: port 2(bridge_slave_1) entered disabled state [ 929.263446][ T4486] bridge_slave_0: left allmulticast mode [ 929.269644][ T4486] bridge_slave_0: left promiscuous mode [ 929.276259][ T4486] bridge0: port 1(bridge_slave_0) entered disabled state [ 929.327942][ T5787] Bluetooth: hci4: command tx timeout [ 929.789999][T13979] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 929.898971][ T4486] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 929.972446][ T4486] bond0 (unregistering): Released all slaves [ 930.031010][T14289] netlink: 40 bytes leftover after parsing attributes in process `syz.0.3131'. [ 930.185122][T14239] team0: Port device team_slave_0 added [ 930.246990][T14239] team0: Port device team_slave_1 added [ 930.296093][ T4486] IPVS: stopping master sync thread 10664 ... [ 930.532986][T14239] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 930.540410][T14239] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 930.566795][T14239] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 930.703234][T14239] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 930.711306][T14239] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 930.740599][T14239] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 931.056393][T14291] infiniband syz2: set active [ 931.061850][T14291] infiniband syz2: added veth0_to_bond [ 931.311503][T14291] RDS/IB: syz2: added [ 931.315792][T14291] smc: adding ib device syz2 with port count 1 [ 931.322559][T14291] smc: ib device syz2 port 1 has pnetid [ 931.343909][ T4486] hsr_slave_0: left promiscuous mode [ 931.355271][ T4486] hsr_slave_1: left promiscuous mode [ 931.370197][ T4486] veth1_macvtap: left promiscuous mode [ 931.376048][ T4486] veth0_macvtap: left promiscuous mode [ 931.382859][ T4486] veth1_vlan: left promiscuous mode [ 931.388707][ T4486] veth0_vlan: left promiscuous mode [ 931.414989][ T5787] Bluetooth: hci4: command tx timeout [ 931.789896][ T4486] pim6reg (unregistering): left allmulticast mode [ 932.329360][ T4486] team0 (unregistering): Port device team_slave_1 removed [ 932.352838][ T4486] team0 (unregistering): Port device team_slave_0 removed [ 933.444671][T14239] hsr_slave_0: entered promiscuous mode [ 933.455132][T14239] hsr_slave_1: entered promiscuous mode [ 933.464279][T14239] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 933.472234][T14239] Cannot create hsr debugfs directory [ 933.502799][ T4486] IPVS: stop unused estimator thread 0... [ 933.599973][ T5787] Bluetooth: hci4: command tx timeout [ 934.484087][T14313] loop0: detected capacity change from 0 to 512 [ 934.499380][T14315] loop4: detected capacity change from 0 to 512 [ 934.521136][T14315] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 934.576560][T14313] EXT4-fs (loop0): external journal device major/minor numbers have changed [ 934.803361][T14315] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #16: comm syz.4.3141: invalid indirect mapped block 4294967295 (level 0) [ 934.842774][T14315] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #16: comm syz.4.3141: invalid indirect mapped block 4294967295 (level 1) [ 934.906612][T14315] EXT4-fs (loop4): 1 orphan inode deleted [ 934.912748][T14315] EXT4-fs (loop4): 1 truncate cleaned up [ 934.925000][T14315] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 935.176990][T14313] EXT4-fs (loop0): failed to open journal device unknown-block(0,3) -6 [ 935.415959][ T5793] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 935.971963][T14239] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 936.026114][T14321] 9pnet_fd: Insufficient options for proto=fd [ 936.131755][T14239] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 936.170763][T14324] netlink: 40 bytes leftover after parsing attributes in process `syz.4.3143'. [ 936.260776][T14239] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 936.350101][T14239] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 937.186147][T14336] loop3: detected capacity change from 0 to 128 [ 937.236393][T14336] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 937.281291][T14336] ext4 filesystem being mounted at /7/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 937.576067][T14239] 8021q: adding VLAN 0 to HW filter on device bond0 [ 937.763077][T14239] 8021q: adding VLAN 0 to HW filter on device team0 [ 937.896079][ T3821] bridge0: port 1(bridge_slave_0) entered blocking state [ 937.903899][ T3821] bridge0: port 1(bridge_slave_0) entered forwarding state [ 938.002892][ T3821] bridge0: port 2(bridge_slave_1) entered blocking state [ 938.010709][ T3821] bridge0: port 2(bridge_slave_1) entered forwarding state [ 938.047640][T13979] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 938.642021][T14355] netlink: 40 bytes leftover after parsing attributes in process `syz.1.3157'. [ 938.720015][T14354] 9pnet_fd: Insufficient options for proto=fd [ 939.112815][T14359] loop4: detected capacity change from 0 to 512 [ 939.290313][T14359] EXT4-fs error (device loop4): __ext4_iget:4984: inode #16: block 127754: comm syz.4.3158: invalid block [ 939.359177][T14359] EXT4-fs error (device loop4): ext4_orphan_get:1394: comm syz.4.3158: couldn't read orphan inode 16 (err -117) [ 939.377051][T14359] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 939.392089][T14359] ext4 filesystem being mounted at /627/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 939.507782][ T29] audit: type=1326 audit(1740378712.426:7348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14358 comm="syz.4.3158" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f6f579 code=0x7ffc0000 [ 939.532923][ T29] audit: type=1326 audit(1740378712.426:7349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14358 comm="syz.4.3158" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f6f579 code=0x7ffc0000 [ 939.556299][ T29] audit: type=1326 audit(1740378712.426:7350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14358 comm="syz.4.3158" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f6f579 code=0x7ffc0000 [ 939.578882][ T29] audit: type=1326 audit(1740378712.426:7351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14358 comm="syz.4.3158" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f6f579 code=0x7ffc0000 [ 939.601570][ T29] audit: type=1326 audit(1740378712.486:7352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14358 comm="syz.4.3158" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f6f579 code=0x7ffc0000 [ 939.624225][ T29] audit: type=1326 audit(1740378712.516:7353): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14358 comm="syz.4.3158" exe="/root/syz-executor" sig=0 arch=40000003 syscall=27 compat=1 ip=0xf7f6f579 code=0x7ffc0000 [ 939.648811][ T29] audit: type=1326 audit(1740378712.516:7354): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14358 comm="syz.4.3158" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f6f579 code=0x7ffc0000 [ 939.672271][ T29] audit: type=1326 audit(1740378712.516:7355): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14358 comm="syz.4.3158" exe="/root/syz-executor" sig=0 arch=40000003 syscall=385 compat=1 ip=0xf7f6f579 code=0x7ffc0000 [ 939.694912][ T29] audit: type=1326 audit(1740378712.586:7356): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14358 comm="syz.4.3158" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f6f579 code=0x7ffc0000 [ 939.717617][ T29] audit: type=1326 audit(1740378712.586:7357): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14358 comm="syz.4.3158" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f6f579 code=0x7ffc0000 [ 939.868580][T14239] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 940.203087][ T5793] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 940.508003][T14239] veth0_vlan: entered promiscuous mode [ 940.596946][T14239] veth1_vlan: entered promiscuous mode [ 940.939413][T14239] veth0_macvtap: entered promiscuous mode [ 941.018828][T14239] veth1_macvtap: entered promiscuous mode [ 941.258520][T14239] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 941.278572][T14239] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 941.288881][T14239] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 941.299784][T14239] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 941.310290][T14239] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 941.321161][T14239] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 941.331458][T14239] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 941.342325][T14239] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 941.358001][T14239] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 941.449002][T14239] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 941.460117][T14239] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 941.470310][T14239] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 941.486244][T14239] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 941.498296][T14239] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 941.509159][T14239] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 941.519368][T14239] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 941.530278][T14239] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 941.545195][T14239] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 941.724191][T14239] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 941.733482][T14239] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 941.742761][T14239] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 941.752012][T14239] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 941.828199][T14385] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies. [ 942.338495][T14389] netlink: 40 bytes leftover after parsing attributes in process `syz.4.3169'. [ 942.632041][T14392] 9pnet_fd: Insufficient options for proto=fd [ 943.002886][T14397] loop4: detected capacity change from 0 to 512 [ 943.137953][T14397] EXT4-fs error (device loop4): __ext4_iget:4984: inode #16: block 127754: comm syz.4.3172: invalid block [ 943.242191][T14397] EXT4-fs error (device loop4): ext4_orphan_get:1394: comm syz.4.3172: couldn't read orphan inode 16 (err -117) [ 943.322870][T14397] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 943.387815][T14397] ext4 filesystem being mounted at /631/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 943.985870][ T5793] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 944.077170][T14412] bridge_slave_0: left allmulticast mode [ 944.083424][T14412] bridge_slave_0: left promiscuous mode [ 944.090755][T14412] bridge0: port 1(bridge_slave_0) entered disabled state [ 944.159189][T14412] bridge_slave_1: left allmulticast mode [ 944.165251][T14412] bridge_slave_1: left promiscuous mode [ 944.172422][T14412] bridge0: port 2(bridge_slave_1) entered disabled state [ 944.285994][T14412] bond0: (slave bond_slave_0): Releasing backup interface [ 944.380880][T14412] bond0: (slave bond_slave_1): Releasing backup interface [ 944.482636][T14412] team0: Port device team_slave_0 removed [ 944.594195][T14412] team0: Port device team_slave_1 removed [ 944.605530][T14412] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 944.614201][T14412] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 944.778102][T14412] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 944.785955][T14412] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 945.172672][T14422] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3180'. [ 945.182737][T14422] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 945.190763][T14422] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 945.252965][T14422] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 945.260959][T14422] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 946.175282][T14432] loop4: detected capacity change from 0 to 512 [ 946.267719][T14432] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 946.397654][T14432] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #16: comm syz.4.3183: invalid indirect mapped block 4294967295 (level 0) [ 946.487938][T14432] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #16: comm syz.4.3183: invalid indirect mapped block 4294967295 (level 1) [ 946.586426][T14432] EXT4-fs (loop4): 1 orphan inode deleted [ 946.597865][T14432] EXT4-fs (loop4): 1 truncate cleaned up [ 946.605587][T14432] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 947.015157][ T5793] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 948.192154][T14450] loop3: detected capacity change from 0 to 512 [ 948.295662][ T4801] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 948.304421][ T4801] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 948.402355][T14450] EXT4-fs error (device loop3): __ext4_iget:4984: inode #16: block 127754: comm syz.3.3187: invalid block [ 948.448619][T14450] EXT4-fs error (device loop3): ext4_orphan_get:1394: comm syz.3.3187: couldn't read orphan inode 16 (err -117) [ 948.493870][T14450] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 948.586975][ T74] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 948.595649][ T74] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 948.606855][T14450] ext4 filesystem being mounted at /19/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 948.691897][ T29] kauditd_printk_skb: 8 callbacks suppressed [ 948.691975][ T29] audit: type=1326 audit(1740378721.626:7366): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14449 comm="syz.3.3187" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73cd579 code=0x7ffc0000 [ 948.810650][ T29] audit: type=1326 audit(1740378721.676:7367): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14449 comm="syz.3.3187" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf73cd579 code=0x7ffc0000 [ 948.833930][ T29] audit: type=1326 audit(1740378721.676:7368): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14449 comm="syz.3.3187" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73cd579 code=0x7ffc0000 [ 948.862140][ T29] audit: type=1326 audit(1740378721.696:7369): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14449 comm="syz.3.3187" exe="/root/syz-executor" sig=0 arch=40000003 syscall=27 compat=1 ip=0xf73cd579 code=0x7ffc0000 [ 948.886410][ T29] audit: type=1326 audit(1740378721.696:7370): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14449 comm="syz.3.3187" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73cd579 code=0x7ffc0000 [ 948.909244][ T29] audit: type=1326 audit(1740378721.696:7371): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14449 comm="syz.3.3187" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73cd579 code=0x7ffc0000 [ 948.931867][ T29] audit: type=1326 audit(1740378721.696:7372): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14449 comm="syz.3.3187" exe="/root/syz-executor" sig=0 arch=40000003 syscall=385 compat=1 ip=0xf73cd579 code=0x7ffc0000 [ 948.958683][ T29] audit: type=1326 audit(1740378721.776:7373): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14449 comm="syz.3.3187" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73cd579 code=0x7ffc0000 [ 948.982719][ T29] audit: type=1326 audit(1740378721.776:7374): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14449 comm="syz.3.3187" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73cd579 code=0x7ffc0000 [ 949.288452][T14461] loop4: detected capacity change from 0 to 164 [ 949.346373][T14461] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 949.387953][T14461] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 949.401958][T13979] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 949.860351][T14465] loop1: detected capacity change from 0 to 128 [ 949.946279][T14465] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 950.098331][T14465] ext4 filesystem being mounted at /36/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 950.192310][T14469] usb usb1: usbfs: interface 0 claimed by hub while 'syz.2.3110' sets config #0 [ 950.248339][T14469] usb usb1: usbfs: interface 0 claimed by hub while 'syz.2.3110' sets config #1 [ 950.672469][ T5789] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 950.678462][T13691] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 950.685080][ T5789] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 950.704267][ T5789] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 950.717937][ T5789] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 950.788416][ T5789] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 950.803609][ T5789] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 951.458707][ T29] audit: type=1326 audit(1740378724.306:7375): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14489 comm="syz.1.3198" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f27579 code=0x7ffc0000 [ 952.587766][T14498] loop2: detected capacity change from 0 to 512 [ 952.666527][ T13] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 952.785523][T14498] EXT4-fs error (device loop2): __ext4_iget:4984: inode #16: block 127754: comm syz.2.3202: invalid block [ 952.847567][ T5789] Bluetooth: hci0: command tx timeout [ 952.884668][T14498] EXT4-fs error (device loop2): ext4_orphan_get:1394: comm syz.2.3202: couldn't read orphan inode 16 (err -117) [ 952.891871][ T13] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 952.948256][T14498] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 953.004307][T14498] ext4 filesystem being mounted at /3/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 953.096555][ T13] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 953.299346][T14501] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm ext4lazyinit: bg 0: block 282: padding at end of block bitmap is not set [ 953.344775][ T13] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 953.475387][T14239] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 953.713985][T14479] chnl_net:caif_netlink_parms(): no params data found [ 953.733090][T14510] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3205'. [ 953.742903][T14510] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 953.750811][T14510] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 953.820827][T14510] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 953.828877][T14510] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 953.982655][ T13] batadv1: left allmulticast mode [ 953.988437][ T13] batadv1: left promiscuous mode [ 953.994599][ T13] bridge0: port 3(batadv1) entered disabled state [ 954.042165][T14512] usb usb1: usbfs: interface 0 claimed by hub while 'syz.2.3206' sets config #0 [ 954.055574][ T13] bridge_slave_1: left allmulticast mode [ 954.061879][ T13] bridge_slave_1: left promiscuous mode [ 954.074308][ T13] bridge0: port 2(bridge_slave_1) entered disabled state [ 954.083480][T14512] usb usb1: usbfs: interface 0 claimed by hub while 'syz.2.3206' sets config #1 [ 954.148175][ T13] bridge_slave_0: left allmulticast mode [ 954.154070][ T13] bridge_slave_0: left promiscuous mode [ 954.162179][ T13] bridge0: port 1(bridge_slave_0) entered disabled state [ 954.614040][ T13] batman_adv: batadv0: Removing interface: geneve1 [ 954.824012][T14519] loop2: detected capacity change from 0 to 128 [ 954.839887][ T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 954.861418][ T13] bond0 (unregistering): Released all slaves [ 954.930521][T14519] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 954.943896][ T5789] Bluetooth: hci0: command tx timeout [ 954.978720][T14519] ext4 filesystem being mounted at /5/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 955.539535][T14239] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 956.020925][ T13] hsr_slave_0: left promiscuous mode [ 956.058935][ T13] hsr_slave_1: left promiscuous mode [ 956.067047][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 956.075053][ T13] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 956.175975][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 956.186533][ T13] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 956.224330][ T13] veth1_macvtap: left promiscuous mode [ 956.230575][ T13] veth0_macvtap: left promiscuous mode [ 956.236606][ T13] veth1_vlan: left promiscuous mode [ 956.242318][ T13] veth0_vlan: left promiscuous mode [ 956.557022][ T29] kauditd_printk_skb: 46 callbacks suppressed [ 956.557103][ T29] audit: type=1326 audit(1740378729.486:7422): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14533 comm="syz.2.3212" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc6579 code=0x7ffc0000 [ 956.683458][ T29] audit: type=1326 audit(1740378729.576:7423): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14533 comm="syz.2.3212" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc6579 code=0x7ffc0000 [ 956.882295][T14534] netlink: 44 bytes leftover after parsing attributes in process `syz.2.3212'. [ 957.019430][ T5789] Bluetooth: hci0: command tx timeout [ 957.132145][ T29] audit: type=1326 audit(1740378729.956:7424): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14533 comm="syz.2.3212" exe="/root/syz-executor" sig=0 arch=40000003 syscall=369 compat=1 ip=0xf7fc6579 code=0x7ffc0000 [ 957.158299][ T29] audit: type=1326 audit(1740378729.996:7425): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14533 comm="syz.2.3212" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc6579 code=0x7ffc0000 [ 957.183287][ T29] audit: type=1326 audit(1740378730.006:7426): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14533 comm="syz.2.3212" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc6579 code=0x7ffc0000 [ 957.258791][ T13] team0 (unregistering): Port device team_slave_1 removed [ 957.289450][ T13] team0 (unregistering): Port device team_slave_0 removed [ 957.872538][T14479] bridge0: port 1(bridge_slave_0) entered blocking state [ 957.881061][T14479] bridge0: port 1(bridge_slave_0) entered disabled state [ 957.888987][T14479] bridge_slave_0: entered allmulticast mode [ 957.898099][T14479] bridge_slave_0: entered promiscuous mode [ 957.917031][T14543] loop1: detected capacity change from 0 to 512 [ 957.933027][T14479] bridge0: port 2(bridge_slave_1) entered blocking state [ 957.948097][T14479] bridge0: port 2(bridge_slave_1) entered disabled state [ 957.957223][T14479] bridge_slave_1: entered allmulticast mode [ 957.974406][T14479] bridge_slave_1: entered promiscuous mode [ 958.221483][T14479] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 958.249294][T14543] EXT4-fs error (device loop1): __ext4_iget:4984: inode #16: block 127754: comm syz.1.3215: invalid block [ 958.298155][T14543] EXT4-fs error (device loop1): ext4_orphan_get:1394: comm syz.1.3215: couldn't read orphan inode 16 (err -117) [ 958.439585][T14479] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 958.461901][T14543] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 958.498171][T14543] ext4 filesystem being mounted at /43/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 958.536894][ T29] audit: type=1326 audit(1740378731.466:7427): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14542 comm="syz.1.3215" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f27579 code=0x7ffc0000 [ 958.560785][ T29] audit: type=1326 audit(1740378731.466:7428): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14542 comm="syz.1.3215" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f27579 code=0x7ffc0000 [ 958.586672][ T29] audit: type=1326 audit(1740378731.466:7429): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14542 comm="syz.1.3215" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f27579 code=0x7ffc0000 [ 958.610411][ T29] audit: type=1326 audit(1740378731.466:7430): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14542 comm="syz.1.3215" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f27579 code=0x7ffc0000 [ 958.633051][ T29] audit: type=1326 audit(1740378731.466:7431): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14542 comm="syz.1.3215" exe="/root/syz-executor" sig=0 arch=40000003 syscall=27 compat=1 ip=0xf7f27579 code=0x7ffc0000 [ 958.743733][ T13] IPVS: stop unused estimator thread 0... [ 958.789825][T14479] team0: Port device team_slave_0 added [ 958.879865][T14479] team0: Port device team_slave_1 added [ 959.110309][ T5789] Bluetooth: hci0: command tx timeout [ 959.141807][T13691] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 959.205286][T14479] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 959.212624][T14479] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 959.239304][T14479] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 959.261198][T14479] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 959.270037][T14479] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 959.301566][T14479] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 959.535715][T14479] hsr_slave_0: entered promiscuous mode [ 959.546223][T14479] hsr_slave_1: entered promiscuous mode [ 959.555093][T14479] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 959.563171][T14479] Cannot create hsr debugfs directory [ 959.769167][T14558] usb usb1: usbfs: interface 0 claimed by hub while 'syz.1.3217' sets config #0 [ 959.809862][T14558] usb usb1: usbfs: interface 0 claimed by hub while 'syz.1.3217' sets config #1 [ 960.075609][T14564] loop3: detected capacity change from 0 to 128 [ 960.189371][T14564] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 960.258171][T14564] ext4 filesystem being mounted at /27/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 960.464196][T14569] loop5: detected capacity change from 0 to 7 [ 960.506706][T14569] buffer_io_error: 18 callbacks suppressed [ 960.506783][T14569] Buffer I/O error on dev loop5, logical block 0, async page read [ 960.524831][T14569] Buffer I/O error on dev loop5, logical block 0, async page read [ 960.534129][T14569] Buffer I/O error on dev loop5, logical block 0, async page read [ 960.542591][T14569] Buffer I/O error on dev loop5, logical block 0, async page read [ 960.550973][T14569] Buffer I/O error on dev loop5, logical block 0, async page read [ 960.559388][T14569] Buffer I/O error on dev loop5, logical block 0, async page read [ 960.567766][T14569] Buffer I/O error on dev loop5, logical block 0, async page read [ 960.575837][T14569] ldm_validate_partition_table(): Disk read failed. [ 960.582938][T14569] Buffer I/O error on dev loop5, logical block 0, async page read [ 960.591348][T14569] Buffer I/O error on dev loop5, logical block 0, async page read [ 960.599776][T14569] Buffer I/O error on dev loop5, logical block 0, async page read [ 960.608186][T14569] Dev loop5: unable to read RDB block 0 [ 960.614268][T14569] loop5: unable to read partition table [ 960.632826][T14569] loop5: partition table beyond EOD, truncated [ 960.639553][T14569] loop_reread_partitions: partition scan of loop5 (被xڬdƤݡ [ 960.639553][T14569] ) failed (rc=-5) [ 960.654161][T13979] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 960.865650][T14479] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 960.900783][T14479] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 960.966609][T14479] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 960.996911][T14479] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 961.338938][T14581] loop1: detected capacity change from 0 to 512 [ 961.414261][T14581] EXT4-fs error (device loop1): __ext4_iget:4984: inode #16: block 127754: comm syz.1.3226: invalid block [ 961.514357][T14581] EXT4-fs error (device loop1): ext4_orphan_get:1394: comm syz.1.3226: couldn't read orphan inode 16 (err -117) [ 961.607949][ T29] kauditd_printk_skb: 67 callbacks suppressed [ 961.608026][ T29] audit: type=1326 audit(1740378734.506:7499): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14578 comm="syz.3.3225" exe="/root/syz-executor" sig=0 arch=40000003 syscall=369 compat=1 ip=0xf73cd579 code=0x7ffc0000 [ 961.641336][T14581] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 961.690676][ T1282] ieee802154 phy0 wpan0: encryption failed: -22 [ 961.697937][ T1282] ieee802154 phy1 wpan1: encryption failed: -22 [ 961.705084][ T29] audit: type=1326 audit(1740378734.636:7500): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14578 comm="syz.3.3225" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73cd579 code=0x7ffc0000 [ 961.728748][ T29] audit: type=1326 audit(1740378734.636:7501): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14578 comm="syz.3.3225" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73cd579 code=0x7ffc0000 [ 961.788916][T14581] ext4 filesystem being mounted at /46/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 961.921195][ T29] audit: type=1326 audit(1740378734.796:7502): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14580 comm="syz.1.3226" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f27579 code=0x7ffc0000 [ 961.944043][ T29] audit: type=1326 audit(1740378734.796:7503): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14580 comm="syz.1.3226" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f27579 code=0x7ffc0000 [ 961.971077][ T29] audit: type=1326 audit(1740378734.796:7504): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14580 comm="syz.1.3226" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f27579 code=0x7ffc0000 [ 961.995042][ T29] audit: type=1326 audit(1740378734.796:7505): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14580 comm="syz.1.3226" exe="/root/syz-executor" sig=0 arch=40000003 syscall=27 compat=1 ip=0xf7f27579 code=0x7ffc0000 [ 962.017725][ T29] audit: type=1326 audit(1740378734.796:7506): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14580 comm="syz.1.3226" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f27579 code=0x7ffc0000 [ 962.040436][ T29] audit: type=1326 audit(1740378734.796:7507): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14580 comm="syz.1.3226" exe="/root/syz-executor" sig=0 arch=40000003 syscall=385 compat=1 ip=0xf7f27579 code=0x7ffc0000 [ 962.088089][T14479] 8021q: adding VLAN 0 to HW filter on device bond0 [ 962.150237][T14479] 8021q: adding VLAN 0 to HW filter on device team0 [ 962.209600][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 962.217497][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 962.346813][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 962.354616][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 962.422300][T13691] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 963.302143][T14598] 9pnet_virtio: no channels available for device .. [ 963.576273][T14601] usb usb1: usbfs: interface 0 claimed by hub while 'syz.3.3232' sets config #0 [ 963.649429][T14601] usb usb1: usbfs: interface 0 claimed by hub while 'syz.3.3232' sets config #1 [ 963.962912][T14607] loop2: detected capacity change from 0 to 128 [ 963.965686][T14608] loop5: detected capacity change from 0 to 7 [ 963.993759][T14608] ldm_validate_partition_table(): Disk read failed. [ 964.009013][T14608] Dev loop5: unable to read RDB block 0 [ 964.015147][T14608] loop5: unable to read partition table [ 964.045237][T14607] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 964.109142][T14608] loop5: partition table beyond EOD, truncated [ 964.115845][T14608] loop_reread_partitions: partition scan of loop5 (被xڬdƤݡ [ 964.115845][T14608] ) failed (rc=-5) [ 964.118167][T14607] ext4 filesystem being mounted at /12/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 964.191622][T14479] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 964.570109][T14479] veth0_vlan: entered promiscuous mode [ 964.582429][T14239] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 964.698428][T14479] veth1_vlan: entered promiscuous mode [ 964.956350][T14479] veth0_macvtap: entered promiscuous mode [ 965.001144][T14479] veth1_macvtap: entered promiscuous mode [ 965.019018][T14618] loop3: detected capacity change from 0 to 512 [ 965.082259][ T29] audit: type=1326 audit(1740378738.006:7508): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14620 comm="syz.2.3238" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc6579 code=0x7ffc0000 [ 965.193631][T14479] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 965.205025][T14479] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 965.220663][T14479] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 965.257585][T14479] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 965.268585][T14479] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 965.283623][T14479] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 965.314747][T14618] EXT4-fs error (device loop3): __ext4_iget:4984: inode #16: block 127754: comm syz.3.3239: invalid block [ 965.431123][T14618] EXT4-fs error (device loop3): ext4_orphan_get:1394: comm syz.3.3239: couldn't read orphan inode 16 (err -117) [ 965.446736][T14479] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 965.446926][T14479] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 965.447097][T14479] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 965.447427][T14479] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 965.554469][T14618] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 965.641117][T14618] ext4 filesystem being mounted at /32/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 966.168323][T14632] loop2: detected capacity change from 0 to 164 [ 966.225423][T14610] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm ext4lazyinit: bg 0: block 282: padding at end of block bitmap is not set [ 966.279276][T14632] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 966.311305][T13979] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 966.389016][T14632] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 966.731247][T14638] 9pnet_virtio: no channels available for device .. [ 967.087185][T14644] usb usb1: usbfs: interface 0 claimed by hub while 'syz.1.3245' sets config #0 [ 967.158408][T14644] usb usb1: usbfs: interface 0 claimed by hub while 'syz.1.3245' sets config #1 [ 967.656931][ T29] kauditd_printk_skb: 74 callbacks suppressed [ 967.657013][ T29] audit: type=1326 audit(1740378740.586:7583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14646 comm="syz.3.3246" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73cd579 code=0x7ffc0000 [ 967.787482][ T29] audit: type=1326 audit(1740378740.646:7584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14646 comm="syz.3.3246" exe="/root/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf73cd579 code=0x7ffc0000 [ 967.816852][ T29] audit: type=1326 audit(1740378740.646:7585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14646 comm="syz.3.3246" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73cd579 code=0x7ffc0000 [ 967.843984][ T29] audit: type=1326 audit(1740378740.656:7586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14646 comm="syz.3.3246" exe="/root/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf73cd579 code=0x7ffc0000 [ 967.869089][ T29] audit: type=1326 audit(1740378740.656:7587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14646 comm="syz.3.3246" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73cd579 code=0x7ffc0000 [ 967.894751][ T29] audit: type=1326 audit(1740378740.656:7588): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14646 comm="syz.3.3246" exe="/root/syz-executor" sig=0 arch=40000003 syscall=231 compat=1 ip=0xf73cd579 code=0x7ffc0000 [ 967.920142][ T29] audit: type=1326 audit(1740378740.656:7589): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14646 comm="syz.3.3246" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73cd579 code=0x7ffc0000 [ 967.943817][ T29] audit: type=1326 audit(1740378740.656:7590): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14646 comm="syz.3.3246" exe="/root/syz-executor" sig=0 arch=40000003 syscall=55 compat=1 ip=0xf73cd579 code=0x7ffc0000 [ 967.966979][ T29] audit: type=1326 audit(1740378740.656:7591): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14646 comm="syz.3.3246" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73cd579 code=0x7ffc0000 [ 967.989810][ T29] audit: type=1326 audit(1740378740.676:7592): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14646 comm="syz.3.3246" exe="/root/syz-executor" sig=0 arch=40000003 syscall=345 compat=1 ip=0xf73cd579 code=0x7ffc0000 [ 968.131016][T14654] loop1: detected capacity change from 0 to 128 [ 968.256600][T14654] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 968.313568][T14654] ext4 filesystem being mounted at /54/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 968.751164][T13691] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 969.300007][T14669] netlink: 44 bytes leftover after parsing attributes in process `syz.3.3250'. [ 969.393603][T14672] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3251'. [ 969.637894][T14678] loop4: detected capacity change from 0 to 164 [ 969.684227][T14678] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 969.716284][T14678] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 970.024807][T14680] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3254'. [ 970.171000][T14683] 9pnet_virtio: no channels available for device .. [ 970.652888][T14688] usb usb1: usbfs: interface 0 claimed by hub while 'syz.2.3257' sets config #0 [ 970.719147][T14688] usb usb1: usbfs: interface 0 claimed by hub while 'syz.2.3257' sets config #1 [ 970.985261][T14695] loop4: detected capacity change from 0 to 128 [ 971.099898][T14695] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 971.156974][T14695] ext4 filesystem being mounted at /647/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 971.344222][ T3692] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 971.352515][ T3692] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 971.512102][ T1038] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 971.521096][ T1038] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 971.724662][ T5793] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 972.214807][T14715] loop1: detected capacity change from 0 to 164 [ 972.267490][T14715] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 972.306617][T14715] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 972.531404][T14712] netlink: 44 bytes leftover after parsing attributes in process `syz.4.3264'. [ 972.676054][T14719] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3267'. [ 972.697530][ T29] kauditd_printk_skb: 155 callbacks suppressed [ 972.697720][ T29] audit: type=1326 audit(1740378745.626:7748): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14710 comm="syz.4.3264" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f6f579 code=0x7ffc0000 [ 972.842849][ T29] audit: type=1326 audit(1740378745.716:7749): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14710 comm="syz.4.3264" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f6f579 code=0x7ffc0000 [ 973.757936][T14727] usb usb1: usbfs: interface 0 claimed by hub while 'syz.1.3271' sets config #0 [ 973.778567][T14727] usb usb1: usbfs: interface 0 claimed by hub while 'syz.1.3271' sets config #1 [ 974.405499][T14732] loop3: detected capacity change from 0 to 128 [ 974.486111][ T5787] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 974.498468][ T5787] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 974.519863][ T5787] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 974.534560][ T5787] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 974.545751][T14732] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 974.546684][ T5787] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 974.574401][ T5787] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 974.725921][T14732] ext4 filesystem being mounted at /41/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 975.190820][ T29] audit: type=1800 audit(1740378748.116:7750): pid=14742 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.3273" name="file1" dev="loop3" ino=12 res=0 errno=0 [ 975.540652][T13979] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 976.045309][T14749] loop1: detected capacity change from 0 to 164 [ 976.136642][T14749] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 976.173771][T14749] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 976.196091][T14734] chnl_net:caif_netlink_parms(): no params data found [ 976.609450][ T5787] Bluetooth: hci1: command tx timeout [ 976.765041][ T66] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 976.873011][ T29] audit: type=1326 audit(1740378749.796:7751): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14755 comm="syz.3.3280" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73cd579 code=0x7ffc0000 [ 976.895974][ T29] audit: type=1326 audit(1740378749.816:7752): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14755 comm="syz.3.3280" exe="/root/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf73cd579 code=0x7ffc0000 [ 976.922805][ T29] audit: type=1326 audit(1740378749.816:7753): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14755 comm="syz.3.3280" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73cd579 code=0x7ffc0000 [ 976.946894][ T29] audit: type=1326 audit(1740378749.826:7754): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14755 comm="syz.3.3280" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf73cd579 code=0x7ffc0000 [ 976.969733][ T29] audit: type=1326 audit(1740378749.846:7755): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14755 comm="syz.3.3280" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73cd579 code=0x7ffc0000 [ 976.992738][ T29] audit: type=1326 audit(1740378749.846:7756): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14755 comm="syz.3.3280" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf73cd579 code=0x7ffc0000 [ 977.059334][ T66] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 977.269434][ T66] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 977.466316][ T66] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 977.488770][ T29] audit: type=1326 audit(1740378750.156:7757): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14755 comm="syz.3.3280" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73cd579 code=0x7ffc0000 [ 977.934646][T14734] bridge0: port 1(bridge_slave_0) entered blocking state [ 977.942617][T14734] bridge0: port 1(bridge_slave_0) entered disabled state [ 977.950685][T14734] bridge_slave_0: entered allmulticast mode [ 977.959829][T14734] bridge_slave_0: entered promiscuous mode [ 978.069864][T14734] bridge0: port 2(bridge_slave_1) entered blocking state [ 978.077831][T14734] bridge0: port 2(bridge_slave_1) entered disabled state [ 978.085659][T14734] bridge_slave_1: entered allmulticast mode [ 978.095092][T14734] bridge_slave_1: entered promiscuous mode [ 978.162918][ T66] bridge_slave_1: left allmulticast mode [ 978.168935][ T66] bridge_slave_1: left promiscuous mode [ 978.175635][ T66] bridge0: port 2(bridge_slave_1) entered disabled state [ 978.254730][ T66] bridge_slave_0: left allmulticast mode [ 978.260969][ T66] bridge_slave_0: left promiscuous mode [ 978.267794][ T66] bridge0: port 1(bridge_slave_0) entered disabled state [ 978.578083][T14772] usb usb1: usbfs: interface 0 claimed by hub while 'syz.1.3283' sets config #0 [ 978.625086][T14772] usb usb1: usbfs: interface 0 claimed by hub while 'syz.1.3283' sets config #1 [ 978.679716][T14777] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3282'. [ 978.697966][ T5787] Bluetooth: hci1: command tx timeout [ 979.021737][ T66] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 979.052634][ T66] bond0 (unregistering): Released all slaves [ 980.190716][T14734] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 980.335559][T14734] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 980.772508][ T5787] Bluetooth: hci1: command tx timeout [ 980.831449][T14734] team0: Port device team_slave_0 added [ 980.988083][ T66] hsr_slave_0: left promiscuous mode [ 981.009268][ T66] hsr_slave_1: left promiscuous mode [ 981.073790][T14806] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3289'. [ 981.158622][ T66] veth1_macvtap: left promiscuous mode [ 981.164455][ T66] veth0_macvtap: left promiscuous mode [ 981.170610][ T66] veth1_vlan: left promiscuous mode [ 981.176181][ T66] veth0_vlan: left promiscuous mode [ 981.711645][T14813] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3292'. [ 981.934896][ T66] team0 (unregistering): Port device team_slave_1 removed [ 981.979845][ T66] team0 (unregistering): Port device team_slave_0 removed [ 982.276649][T14734] team0: Port device team_slave_1 added [ 982.313811][T14806] veth0_macvtap: left promiscuous mode [ 982.475306][T14817] usb usb1: usbfs: interface 0 claimed by hub while 'syz.2.3294' sets config #0 [ 982.492972][T14817] usb usb1: usbfs: interface 0 claimed by hub while 'syz.2.3294' sets config #1 [ 982.815757][T14734] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 982.823123][T14734] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 982.854390][T14734] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 982.876030][ T5787] Bluetooth: hci1: command tx timeout [ 982.922938][T14734] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 982.931104][T14734] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 982.960476][T14734] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 983.189070][T14734] hsr_slave_0: entered promiscuous mode [ 983.199564][T14734] hsr_slave_1: entered promiscuous mode [ 983.208400][T14734] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 983.216235][T14734] Cannot create hsr debugfs directory [ 984.731018][T14848] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3303'. [ 984.822336][T14734] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 984.853605][T14734] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 984.905230][T14734] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 984.964350][T14734] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 985.318674][T14853] usb usb1: usbfs: interface 0 claimed by hub while 'syz.3.3305' sets config #0 [ 985.331016][T14853] usb usb1: usbfs: interface 0 claimed by hub while 'syz.3.3305' sets config #1 [ 985.992289][T14734] 8021q: adding VLAN 0 to HW filter on device bond0 [ 986.382433][T14734] 8021q: adding VLAN 0 to HW filter on device team0 [ 986.434639][ T74] bridge0: port 1(bridge_slave_0) entered blocking state [ 986.435148][ T74] bridge0: port 1(bridge_slave_0) entered forwarding state [ 986.488548][ T4486] bridge0: port 2(bridge_slave_1) entered blocking state [ 986.489033][ T4486] bridge0: port 2(bridge_slave_1) entered forwarding state [ 987.933994][T14881] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3315'. [ 988.509442][T14734] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 988.653916][T14888] usb usb1: usbfs: interface 0 claimed by hub while 'syz.1.3317' sets config #0 [ 988.727049][T14888] usb usb1: usbfs: interface 0 claimed by hub while 'syz.1.3317' sets config #1 [ 989.403863][T14901] netlink: 52 bytes leftover after parsing attributes in process `syz.1.3321'. [ 990.693282][T14915] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3326'. [ 990.884579][T14734] veth0_vlan: entered promiscuous mode [ 990.981702][T14734] veth1_vlan: entered promiscuous mode [ 991.215399][T14734] veth0_macvtap: entered promiscuous mode [ 991.284268][T14734] veth1_macvtap: entered promiscuous mode [ 991.458461][T14734] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 991.469841][T14734] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 991.480020][T14734] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 991.492766][T14734] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 991.509214][T14734] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 991.588422][T14925] usb usb1: usbfs: interface 0 claimed by hub while 'syz.3.3330' sets config #0 [ 991.602237][T14925] usb usb1: usbfs: interface 0 claimed by hub while 'syz.3.3330' sets config #1 [ 991.707983][T14734] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 991.718878][T14734] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 991.730898][T14734] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 991.742190][T14734] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 991.762999][T14734] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 992.000917][T14734] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 992.010820][T14734] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 992.019938][T14734] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 992.029062][T14734] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 992.552090][T14936] loop2: detected capacity change from 0 to 1024 [ 992.659857][T14936] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a040c018, mo2=0002] [ 992.716099][T14936] System zones: 0-1, 3-12 [ 992.750774][T14936] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 992.810519][T14944] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3336'. [ 993.105930][T14239] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 994.451396][T14963] usb usb1: usbfs: interface 0 claimed by hub while 'syz.0.3341' sets config #0 [ 994.487033][T14963] usb usb1: usbfs: interface 0 claimed by hub while 'syz.0.3341' sets config #1 [ 995.934549][T14984] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3348'. [ 996.510203][T14992] $H: renamed from bond0 (while UP) [ 996.542221][T14992] $H: entered promiscuous mode [ 996.547809][T14992] bond_slave_0: entered promiscuous mode [ 996.554963][T14992] bond_slave_1: entered promiscuous mode [ 997.071341][T14998] usb usb1: usbfs: interface 0 claimed by hub while 'syz.0.3353' sets config #0 [ 997.110195][T14998] usb usb1: usbfs: interface 0 claimed by hub while 'syz.0.3353' sets config #1 [ 997.950740][ T3760] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 997.959333][ T3760] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 998.098486][ T66] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 998.110448][ T66] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 998.440724][T15016] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3359'. [ 998.796556][T15020] vlan2: entered allmulticast mode [ 999.567765][ T5789] Bluetooth: hci5: command 0x0406 tx timeout [ 1000.939729][T15050] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3371'. [ 1000.974447][T15050] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3371'. [ 1001.390833][T15055] random: crng reseeded on system resumption [ 1002.330513][T15076] loop1: detected capacity change from 0 to 764 [ 1003.150495][ T29] kauditd_printk_skb: 4 callbacks suppressed [ 1003.150576][ T29] audit: type=1326 audit(1740378776.076:7762): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15085 comm="syz.4.3387" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73fd579 code=0x7ffc0000 [ 1003.367556][ T29] audit: type=1326 audit(1740378776.136:7763): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15085 comm="syz.4.3387" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73fd579 code=0x7ffc0000 [ 1003.390631][ T29] audit: type=1326 audit(1740378776.166:7764): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15085 comm="syz.4.3387" exe="/root/syz-executor" sig=0 arch=40000003 syscall=103 compat=1 ip=0xf73fd579 code=0x7ffc0000 [ 1003.516396][ T29] audit: type=1326 audit(1740378776.376:7765): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15085 comm="syz.4.3387" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73fd579 code=0x7ffc0000 [ 1003.542413][ T29] audit: type=1326 audit(1740378776.376:7766): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15085 comm="syz.4.3387" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73fd579 code=0x7ffc0000 [ 1004.013341][T15096] netlink: 36 bytes leftover after parsing attributes in process `syz.0.3391'. [ 1004.160836][ T29] audit: type=1326 audit(1740378777.086:7767): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15098 comm="syz.4.3392" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73fd579 code=0x7ffc0000 [ 1004.183902][ T29] audit: type=1326 audit(1740378777.086:7768): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15098 comm="syz.4.3392" exe="/root/syz-executor" sig=0 arch=40000003 syscall=110 compat=1 ip=0xf73fd579 code=0x7ffc0000 [ 1004.209468][ T29] audit: type=1326 audit(1740378777.096:7769): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15098 comm="syz.4.3392" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73fd579 code=0x7ffc0000 [ 1004.253433][ T29] audit: type=1326 audit(1740378777.096:7770): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15098 comm="syz.4.3392" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73fd579 code=0x7ffc0000 [ 1005.902292][T15116] loop0: detected capacity change from 0 to 2048 [ 1006.046152][T15116] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1006.392866][T15128] usb usb1: usbfs: interface 0 claimed by hub while 'syz.4.3403' sets config #0 [ 1006.464247][T15129] usb usb1: usbfs: interface 0 claimed by hub while 'syz.4.3403' sets config #1 [ 1006.528360][T14479] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1008.325294][T15142] loop0: detected capacity change from 0 to 164 [ 1008.364129][T15142] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 1008.384747][T15142] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 1009.410308][T15154] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3416'. [ 1009.458903][T15154] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3416'. [ 1009.659437][T15156] loop3: detected capacity change from 0 to 2048 [ 1009.799007][T15156] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1010.016414][T15163] loop4: detected capacity change from 0 to 128 [ 1010.138264][T15163] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 1010.158488][T15163] ext4 filesystem being mounted at /16/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 1010.276739][T13979] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1010.322216][T15163] EXT4-fs (loop4): re-mounted 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w. Quota mode: none. [ 1010.585378][T14734] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 1010.755803][T15172] loop3: detected capacity change from 0 to 164 [ 1010.883103][T15172] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 1010.930970][T15172] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 1011.487969][T15183] netlink: 'syz.4.3427': attribute type 75 has an invalid length. [ 1012.872070][T15194] loop4: detected capacity change from 0 to 2048 [ 1012.997670][T15194] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1013.608211][T14734] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1013.637826][T15202] loop0: detected capacity change from 0 to 512 [ 1013.663407][T15202] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 1014.047633][T15202] EXT4-fs error (device loop0): ext4_get_branch:178: inode #11: block 4294967295: comm syz.0.3419: invalid block [ 1014.102802][T15202] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #11: comm syz.0.3419: invalid indirect mapped block 4294967295 (level 1) [ 1014.164007][T15202] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #11: comm syz.0.3419: invalid indirect mapped block 4294967295 (level 1) [ 1014.318472][T15202] EXT4-fs (loop0): 2 truncates cleaned up [ 1014.326164][T15202] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1014.683738][T15211] dccp_invalid_packet: P.Data Offset(172) too large [ 1014.860768][T15213] loop4: detected capacity change from 0 to 164 [ 1014.886597][T15213] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 1014.937961][T15213] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 1015.247665][T15204] EXT4-fs error (device loop0): ext4_validate_block_bitmap:432: comm ext4lazyinit: bg 0: block 5: invalid block bitmap [ 1015.399473][T15216] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 1016.981296][T14479] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1017.031329][T15226] usb usb1: usbfs: interface 0 claimed by hub while 'syz.1.3443' sets config #0 [ 1017.076717][T15226] usb usb1: usbfs: interface 0 claimed by hub while 'syz.1.3443' sets config #1 [ 1017.521858][T15230] loop4: detected capacity change from 0 to 2048 [ 1017.605226][T15230] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1017.671726][T15236] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3446'. [ 1017.994682][T14734] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1018.467981][T15243] loop0: detected capacity change from 0 to 164 [ 1018.549012][T15244] usb usb1: check_ctrlrecip: process 15244 (syz.4.3449) requesting ep 01 but needs 81 [ 1018.549296][T15243] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 1018.596812][T15243] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 1019.264875][T15252] loop1: detected capacity change from 0 to 128 [ 1019.682988][T15252] syz.1.3455: attempt to access beyond end of device [ 1019.682988][T15252] loop1: rw=2049, sector=129, nr_sectors = 912 limit=128 [ 1019.926904][T15263] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3458'. [ 1020.826552][T15270] loop1: detected capacity change from 0 to 2048 [ 1021.052855][T15270] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1021.107807][T15275] loop4: detected capacity change from 0 to 164 [ 1021.154937][T15275] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 1021.190711][T15275] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 1021.257624][T15278] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3464'. [ 1021.493632][T13691] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1021.855297][ T29] audit: type=1326 audit(1740378794.786:7771): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15281 comm="syz.2.3467" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc6579 code=0x7ffc0000 [ 1021.973798][ T29] audit: type=1326 audit(1740378794.816:7772): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15281 comm="syz.2.3467" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7fc6579 code=0x7ffc0000 [ 1021.996758][ T29] audit: type=1326 audit(1740378794.816:7773): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15281 comm="syz.2.3467" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc6579 code=0x7ffc0000 [ 1022.019524][ T29] audit: type=1326 audit(1740378794.816:7774): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15281 comm="syz.2.3467" exe="/root/syz-executor" sig=0 arch=40000003 syscall=402 compat=1 ip=0xf7fc6579 code=0x7ffc0000 [ 1022.042322][ T29] audit: type=1326 audit(1740378794.816:7775): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15281 comm="syz.2.3467" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc6579 code=0x7ffc0000 [ 1022.068234][ T29] audit: type=1326 audit(1740378794.826:7776): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15281 comm="syz.2.3467" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc6579 code=0x7ffc0000 [ 1022.560984][T15293] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3470'. [ 1023.131406][ T1282] ieee802154 phy0 wpan0: encryption failed: -22 [ 1023.138493][ T1282] ieee802154 phy1 wpan1: encryption failed: -22 [ 1023.449287][T15304] loop0: detected capacity change from 0 to 164 [ 1023.515094][T15304] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 1023.539769][T15304] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 1023.927725][T15308] loop4: detected capacity change from 0 to 2048 [ 1024.042595][T15308] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1024.523177][T14734] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1025.169046][ T5789] Bluetooth: hci2: command 0x0406 tx timeout [ 1026.189988][T15335] loop3: detected capacity change from 0 to 164 [ 1026.235696][T15335] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 1027.519676][T15343] loop3: detected capacity change from 0 to 512 [ 1027.549467][T15343] EXT4-fs (loop3): can't mount with both data=journal and dax [ 1027.776656][T15345] loop4: detected capacity change from 0 to 2048 [ 1027.941742][T15345] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1028.012215][T15353] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3495'. [ 1028.344246][T14734] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1028.493076][T15357] loop3: detected capacity change from 0 to 1024 [ 1028.600173][T15357] EXT4-fs: Ignoring removed mblk_io_submit option [ 1028.693052][T15357] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 1028.773220][T15357] EXT4-fs error (device loop3): ext4_ext_check_inode:524: inode #11: comm syz.3.3496: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512) [ 1028.835103][T15357] EXT4-fs error (device loop3): ext4_orphan_get:1394: comm syz.3.3496: couldn't read orphan inode 11 (err -117) [ 1028.863296][T15357] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1028.961364][T15357] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:483: comm syz.3.3496: Invalid block bitmap block 0 in block_group 0 [ 1029.018357][T15357] Quota error (device loop3): write_blk: dquota write failed [ 1029.032109][T15357] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota [ 1029.044976][T15357] EXT4-fs error (device loop3): ext4_acquire_dquot:6927: comm syz.3.3496: Failed to acquire dquot type 0 [ 1029.115490][T15364] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback. [ 1029.390070][T13979] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1031.315115][T15392] loop0: detected capacity change from 0 to 1024 [ 1031.334991][T15392] EXT4-fs: Ignoring removed mblk_io_submit option [ 1031.347107][T15392] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 1031.434725][T15392] EXT4-fs error (device loop0): ext4_ext_check_inode:524: inode #11: comm syz.0.3512: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512) [ 1031.467456][T15392] EXT4-fs error (device loop0): ext4_orphan_get:1394: comm syz.0.3512: couldn't read orphan inode 11 (err -117) [ 1031.537748][T15392] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1031.659699][T15392] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:483: comm syz.0.3512: Invalid block bitmap block 0 in block_group 0 [ 1031.712357][T15392] Quota error (device loop0): write_blk: dquota write failed [ 1031.721165][T15392] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota [ 1031.731642][T15392] EXT4-fs error (device loop0): ext4_acquire_dquot:6927: comm syz.0.3512: Failed to acquire dquot type 0 [ 1032.139853][T14479] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1033.166953][ T29] audit: type=1326 audit(1740378806.096:7777): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15412 comm="syz.4.3522" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73fd579 code=0x7ffc0000 [ 1033.190160][ T29] audit: type=1326 audit(1740378806.096:7778): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15412 comm="syz.4.3522" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73fd579 code=0x7ffc0000 [ 1033.313979][ T29] audit: type=1326 audit(1740378806.166:7779): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15412 comm="syz.4.3522" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf73fd579 code=0x7ffc0000 [ 1033.342315][ T29] audit: type=1326 audit(1740378806.176:7780): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15412 comm="syz.4.3522" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73fd579 code=0x7ffc0000 [ 1033.368812][ T29] audit: type=1326 audit(1740378806.186:7781): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15412 comm="syz.4.3522" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf73fd579 code=0x7ffc0000 [ 1033.391714][ T29] audit: type=1326 audit(1740378806.186:7782): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15412 comm="syz.4.3522" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73fd579 code=0x7ffc0000 [ 1033.597030][T15419] loop3: detected capacity change from 0 to 512 [ 1033.791787][T15419] EXT4-fs (loop3): 1 orphan inode deleted [ 1033.800053][T15419] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1033.829840][ T1038] EXT4-fs error (device loop3): ext4_release_dquot:6950: comm kworker/u8:6: Failed to release dquot type 1 [ 1033.898842][T15419] ext4 filesystem being mounted at /80/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 1034.252639][T13979] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1034.363715][T15428] loop1: detected capacity change from 0 to 1024 [ 1034.419530][T15428] EXT4-fs: Ignoring removed mblk_io_submit option [ 1034.468795][T15428] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 1034.550736][T15428] EXT4-fs error (device loop1): ext4_ext_check_inode:524: inode #11: comm syz.1.3528: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512) [ 1034.650292][T15428] EXT4-fs error (device loop1): ext4_orphan_get:1394: comm syz.1.3528: couldn't read orphan inode 11 (err -117) [ 1034.718508][T15428] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1034.865587][T15428] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:483: comm syz.1.3528: Invalid block bitmap block 0 in block_group 0 [ 1034.923955][T15428] __quota_error: 3 callbacks suppressed [ 1034.924032][T15428] Quota error (device loop1): write_blk: dquota write failed [ 1034.938738][T15428] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota [ 1034.949326][T15428] EXT4-fs error (device loop1): ext4_acquire_dquot:6927: comm syz.1.3528: Failed to acquire dquot type 0 [ 1035.230423][T15441] tipc: Started in network mode [ 1035.235546][T15441] tipc: Node identity 7, cluster identity 4711 [ 1035.242149][T15441] tipc: Node number set to 7 [ 1035.285500][T13691] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1037.317629][T15473] loop2: detected capacity change from 0 to 1024 [ 1037.351826][T15473] EXT4-fs: Ignoring removed mblk_io_submit option [ 1037.382677][T15473] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 1037.456006][T15473] EXT4-fs error (device loop2): ext4_ext_check_inode:524: inode #11: comm syz.2.3546: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512) [ 1037.478844][T15473] EXT4-fs error (device loop2): ext4_orphan_get:1394: comm syz.2.3546: couldn't read orphan inode 11 (err -117) [ 1037.496518][T15475] loop4: detected capacity change from 0 to 2048 [ 1037.576804][T15473] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1037.601691][T15475] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1037.718792][T15473] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:483: comm syz.2.3546: Invalid block bitmap block 0 in block_group 0 [ 1037.760144][T15473] Quota error (device loop2): write_blk: dquota write failed [ 1037.768216][T15473] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota [ 1037.778769][T15473] EXT4-fs error (device loop2): ext4_acquire_dquot:6927: comm syz.2.3546: Failed to acquire dquot type 0 [ 1038.050316][T14734] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1038.168093][T14239] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1038.678226][T15480] loop1: detected capacity change from 0 to 8192 [ 1038.827562][ T29] audit: type=1800 audit(1740378811.756:7785): pid=15480 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.3548" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0 [ 1039.961620][T15507] netlink: 40 bytes leftover after parsing attributes in process `syz.2.3561'. [ 1042.145971][T15538] netlink: 40 bytes leftover after parsing attributes in process `syz.0.3574'. [ 1047.099415][T15597] loop3: detected capacity change from 0 to 512 [ 1047.245128][T15597] EXT4-fs error (device loop3): ext4_orphan_get:1389: inode #15: comm syz.3.3600: iget: bad extended attribute block 1 [ 1047.318720][T15597] EXT4-fs error (device loop3): ext4_orphan_get:1394: comm syz.3.3600: couldn't read orphan inode 15 (err -117) [ 1047.404218][T15597] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1047.431249][T15603] netlink: 'syz.2.3603': attribute type 3 has an invalid length. [ 1047.618408][T15597] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 7934 vs 220 free clusters [ 1047.921773][T13979] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1048.623053][ T29] audit: type=1326 audit(1740378821.536:7786): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15616 comm="syz.2.3610" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc6579 code=0x7ffc0000 [ 1048.728702][ T29] audit: type=1326 audit(1740378821.586:7787): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15616 comm="syz.2.3610" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7fc6579 code=0x7ffc0000 [ 1048.752102][ T29] audit: type=1326 audit(1740378821.586:7788): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15616 comm="syz.2.3610" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc6579 code=0x7ffc0000 [ 1048.776159][ T29] audit: type=1326 audit(1740378821.586:7789): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15616 comm="syz.2.3610" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc6579 code=0x7ffc0000 [ 1048.801738][ T29] audit: type=1326 audit(1740378821.606:7790): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15616 comm="syz.2.3610" exe="/root/syz-executor" sig=0 arch=40000003 syscall=286 compat=1 ip=0xf7fc6579 code=0x7ffc0000 [ 1048.825946][ T29] audit: type=1326 audit(1740378821.606:7791): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15616 comm="syz.2.3610" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc6579 code=0x7ffc0000 [ 1048.852274][ T29] audit: type=1326 audit(1740378821.606:7792): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15616 comm="syz.2.3610" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc6579 code=0x7ffc0000 [ 1048.874927][ T29] audit: type=1326 audit(1740378821.606:7793): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15616 comm="syz.2.3610" exe="/root/syz-executor" sig=0 arch=40000003 syscall=287 compat=1 ip=0xf7fc6579 code=0x7ffc0000 [ 1048.900396][ T29] audit: type=1326 audit(1740378821.606:7794): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15616 comm="syz.2.3610" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc6579 code=0x7ffc0000 [ 1048.924331][ T29] audit: type=1326 audit(1740378821.606:7795): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15616 comm="syz.2.3610" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc6579 code=0x7ffc0000 [ 1049.166037][T15617] netlink: 44 bytes leftover after parsing attributes in process `syz.2.3610'. [ 1050.770129][ T5789] Bluetooth: hci4: command 0x0406 tx timeout [ 1051.125765][T15654] loop1: detected capacity change from 0 to 1024 [ 1051.135425][T15654] EXT4-fs: Ignoring removed mblk_io_submit option [ 1051.177902][T15654] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 1051.268429][T15654] EXT4-fs error (device loop1): ext4_ext_check_inode:524: inode #11: comm syz.1.3628: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512) [ 1051.385830][T15654] EXT4-fs error (device loop1): ext4_orphan_get:1394: comm syz.1.3628: couldn't read orphan inode 11 (err -117) [ 1051.419982][T15654] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1051.539695][T15654] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback. [ 1051.853933][T13691] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1052.084485][T15667] loop2: detected capacity change from 0 to 128 [ 1052.191010][T15667] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 1052.239873][T15667] ext4 filesystem being mounted at /79/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1052.453153][T15675] loop3: detected capacity change from 0 to 512 [ 1052.555850][T15675] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -2 [ 1052.564926][T15675] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -2 [ 1052.612612][T15675] EXT4-fs (loop3): 1 truncate cleaned up [ 1052.620596][T15675] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1052.621254][T15678] loop1: detected capacity change from 0 to 2048 [ 1052.667535][T14239] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 1052.710128][T15678] EXT4-fs (loop1): warning: checktime reached, running e2fsck is recommended [ 1052.754228][T15678] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1052.767048][T15678] ext4 filesystem being mounted at /151/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 1052.829465][T15675] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback. [ 1052.938749][T15678] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.3633: bg 0: block 345: padding at end of block bitmap is not set [ 1052.996878][T15678] netlink: 392 bytes leftover after parsing attributes in process `syz.1.3633'. [ 1053.347899][T15684] netlink: 44 bytes leftover after parsing attributes in process `syz.2.3636'. [ 1053.449154][T13691] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1053.972424][T15690] loop1: detected capacity change from 0 to 512 [ 1054.055857][T15690] EXT4-fs error (device loop1): __ext4_iget:4984: inode #16: block 127754: comm syz.1.3638: invalid block [ 1054.087595][T15690] EXT4-fs error (device loop1): ext4_orphan_get:1394: comm syz.1.3638: couldn't read orphan inode 16 (err -117) [ 1054.112099][T15690] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1054.231808][T15690] ext4 filesystem being mounted at /152/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 1054.309738][ T29] kauditd_printk_skb: 145 callbacks suppressed [ 1054.309812][ T29] audit: type=1326 audit(1740378827.246:7941): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15689 comm="syz.1.3638" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f27579 code=0x7ffc0000 [ 1054.343243][ T29] audit: type=1326 audit(1740378827.246:7942): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15689 comm="syz.1.3638" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f27579 code=0x7ffc0000 [ 1054.367437][ T29] audit: type=1326 audit(1740378827.246:7943): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15689 comm="syz.1.3638" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f27579 code=0x7ffc0000 [ 1054.390015][ T29] audit: type=1326 audit(1740378827.276:7944): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15689 comm="syz.1.3638" exe="/root/syz-executor" sig=0 arch=40000003 syscall=27 compat=1 ip=0xf7f27579 code=0x7ffc0000 [ 1054.412551][ T29] audit: type=1326 audit(1740378827.276:7945): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15689 comm="syz.1.3638" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f27579 code=0x7ffc0000 [ 1054.439265][ T29] audit: type=1326 audit(1740378827.276:7946): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15689 comm="syz.1.3638" exe="/root/syz-executor" sig=0 arch=40000003 syscall=385 compat=1 ip=0xf7f27579 code=0x7ffc0000 [ 1054.463750][ T29] audit: type=1326 audit(1740378827.346:7947): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15689 comm="syz.1.3638" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f27579 code=0x7ffc0000 [ 1054.487679][ T29] audit: type=1326 audit(1740378827.346:7948): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15689 comm="syz.1.3638" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f27579 code=0x7ffc0000 [ 1054.530184][T15694] loop2: detected capacity change from 0 to 2048 [ 1054.765677][T15694] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1054.919844][T13691] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1055.181797][T14239] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1055.635106][T15713] loop2: detected capacity change from 0 to 1024 [ 1055.670048][T15713] EXT4-fs: Ignoring removed mblk_io_submit option [ 1055.712224][T15713] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 1055.783760][T15715] loop0: detected capacity change from 0 to 1024 [ 1055.798084][T15715] EXT4-fs: Ignoring removed mblk_io_submit option [ 1055.817894][T15713] EXT4-fs error (device loop2): ext4_ext_check_inode:524: inode #11: comm syz.2.3646: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512) [ 1055.826001][T15715] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 1055.882049][T15713] EXT4-fs error (device loop2): ext4_orphan_get:1394: comm syz.2.3646: couldn't read orphan inode 11 (err -117) [ 1055.888505][T15715] EXT4-fs error (device loop0): ext4_ext_check_inode:524: inode #11: comm syz.0.3647: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512) [ 1055.941790][T15715] EXT4-fs error (device loop0): ext4_orphan_get:1394: comm syz.0.3647: couldn't read orphan inode 11 (err -117) [ 1055.966559][T15715] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1055.974579][T15713] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1056.054646][T15713] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback. [ 1056.093509][T15715] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback. [ 1056.143257][T15719] hub 1-0:1.0: USB hub found [ 1056.190340][T15719] hub 1-0:1.0: 1 port detected [ 1056.390147][T14239] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1056.413916][T14479] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1056.462022][ T29] audit: type=1326 audit(1740378829.376:7949): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15722 comm="syz.1.3650" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f27579 code=0x7ffc0000 [ 1056.489580][ T29] audit: type=1326 audit(1740378829.396:7950): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15722 comm="syz.1.3650" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f27579 code=0x7ffc0000 [ 1056.692375][T15669] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 227 vs 220 free clusters [ 1056.801979][T15723] netlink: 44 bytes leftover after parsing attributes in process `syz.1.3650'. [ 1056.993272][T13979] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1057.691455][T15736] loop0: detected capacity change from 0 to 512 [ 1057.735280][T15734] loop4: detected capacity change from 0 to 2048 [ 1057.863480][T15736] EXT4-fs error (device loop0): __ext4_iget:4984: inode #16: block 127754: comm syz.0.3655: invalid block [ 1057.910359][T15736] EXT4-fs error (device loop0): ext4_orphan_get:1394: comm syz.0.3655: couldn't read orphan inode 16 (err -117) [ 1057.923495][T15734] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1057.969154][T15736] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1058.053411][T15736] ext4 filesystem being mounted at /100/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 1058.063158][T14734] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1058.548856][T14479] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1058.869892][T15754] loop1: detected capacity change from 0 to 1024 [ 1058.889631][T15754] EXT4-fs: Ignoring removed mblk_io_submit option [ 1058.924115][T15754] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 1058.963404][T15757] loop0: detected capacity change from 0 to 1024 [ 1058.992576][T15754] EXT4-fs error (device loop1): ext4_ext_check_inode:524: inode #11: comm syz.1.3661: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512) [ 1059.020867][T15758] usb usb1: usbfs: interface 0 claimed by hub while 'syz.3.3663' sets config #0 [ 1059.036669][T15758] usb usb1: usbfs: interface 0 claimed by hub while 'syz.3.3663' sets config #1 [ 1059.046851][T15757] EXT4-fs: Ignoring removed mblk_io_submit option [ 1059.081258][T15754] EXT4-fs error (device loop1): ext4_orphan_get:1394: comm syz.1.3661: couldn't read orphan inode 11 (err -117) [ 1059.093624][T15757] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 1059.129343][T15754] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1059.160096][T15761] loop4: detected capacity change from 0 to 512 [ 1059.182072][T15757] EXT4-fs error (device loop0): ext4_ext_check_inode:524: inode #11: comm syz.0.3662: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512) [ 1059.227325][T15754] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback. [ 1059.240043][T15761] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -2 [ 1059.240283][T15761] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -2 [ 1059.255238][T15761] EXT4-fs (loop4): 1 truncate cleaned up [ 1059.264823][T15757] EXT4-fs error (device loop0): ext4_orphan_get:1394: comm syz.0.3662: couldn't read orphan inode 11 (err -117) [ 1059.266806][T15761] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1059.284551][T15757] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1059.391426][T15757] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback. [ 1059.402704][T15761] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback. [ 1059.468597][ T29] kauditd_printk_skb: 72 callbacks suppressed [ 1059.468716][ T29] audit: type=1326 audit(1740378832.406:8023): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15759 comm="syz.4.3664" exe="/root/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf73fd579 code=0x0 [ 1059.637661][T13691] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1059.671199][T14479] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1060.104461][ T29] audit: type=1326 audit(1740378833.036:8024): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15768 comm="syz.0.3667" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f96579 code=0x7ffc0000 [ 1060.127778][ T29] audit: type=1326 audit(1740378833.036:8025): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15768 comm="syz.0.3667" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f96579 code=0x7ffc0000 [ 1060.150862][ T29] audit: type=1326 audit(1740378833.066:8026): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15768 comm="syz.0.3667" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f96579 code=0x7ffc0000 [ 1060.176735][ T29] audit: type=1326 audit(1740378833.066:8027): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15768 comm="syz.0.3667" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f96579 code=0x7ffc0000 [ 1060.200463][ T29] audit: type=1326 audit(1740378833.066:8028): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15768 comm="syz.0.3667" exe="/root/syz-executor" sig=0 arch=40000003 syscall=286 compat=1 ip=0xf7f96579 code=0x7ffc0000 [ 1060.223428][ T29] audit: type=1326 audit(1740378833.066:8029): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15768 comm="syz.0.3667" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f96579 code=0x7ffc0000 [ 1060.246029][ T29] audit: type=1326 audit(1740378833.066:8030): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15768 comm="syz.0.3667" exe="/root/syz-executor" sig=0 arch=40000003 syscall=287 compat=1 ip=0xf7f96579 code=0x7ffc0000 [ 1060.271623][ T29] audit: type=1326 audit(1740378833.066:8031): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15768 comm="syz.0.3667" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f96579 code=0x7ffc0000 [ 1060.296167][ T29] audit: type=1326 audit(1740378833.066:8032): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15768 comm="syz.0.3667" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f96579 code=0x7ffc0000 [ 1060.608852][T15770] netlink: 44 bytes leftover after parsing attributes in process `syz.0.3667'. [ 1061.105702][T15777] pim6reg1: entered promiscuous mode [ 1061.111577][T15777] pim6reg1: entered allmulticast mode [ 1061.253850][T15777] bond1: entered promiscuous mode [ 1061.259953][T15777] bond1: entered allmulticast mode [ 1061.267108][T15777] 8021q: adding VLAN 0 to HW filter on device bond1 [ 1061.320003][T15777] bond1 (unregistering): Released all slaves [ 1061.641586][T15784] loop0: detected capacity change from 0 to 512 [ 1061.709705][T15788] loop2: detected capacity change from 0 to 1024 [ 1061.739419][T15784] EXT4-fs error (device loop0): __ext4_iget:4984: inode #16: block 127754: comm syz.0.3672: invalid block [ 1061.741266][T15788] EXT4-fs: Ignoring removed orlov option [ 1061.758215][T15788] EXT4-fs: Ignoring removed nomblk_io_submit option [ 1061.770631][T15784] EXT4-fs error (device loop0): ext4_orphan_get:1394: comm syz.0.3672: couldn't read orphan inode 16 (err -117) [ 1061.818366][T15784] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1061.849976][T15784] ext4 filesystem being mounted at /103/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 1061.950304][T15788] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1062.599437][T14479] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1062.616222][T15802] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3675'. [ 1062.724027][T15741] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 227 vs 220 free clusters [ 1063.685624][T14239] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1063.896139][T15806] loop0: detected capacity change from 0 to 1024 [ 1063.972399][T15806] EXT4-fs: Ignoring removed mblk_io_submit option [ 1064.073944][T15806] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 1064.241288][T15806] EXT4-fs error (device loop0): ext4_ext_check_inode:524: inode #11: comm syz.0.3677: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512) [ 1064.417806][T15806] EXT4-fs error (device loop0): ext4_orphan_get:1394: comm syz.0.3677: couldn't read orphan inode 11 (err -117) [ 1064.522263][T15806] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1064.725210][T15806] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback. [ 1064.825888][T14734] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1065.300160][T14479] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1065.430282][ T29] kauditd_printk_skb: 64 callbacks suppressed [ 1065.430353][ T29] audit: type=1326 audit(1740378838.366:8097): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15814 comm="syz.4.3682" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73fd579 code=0x7ffc0000 [ 1065.459501][ T29] audit: type=1326 audit(1740378838.366:8098): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15814 comm="syz.4.3682" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf73fd579 code=0x7ffc0000 [ 1065.486343][ T29] audit: type=1326 audit(1740378838.366:8099): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15814 comm="syz.4.3682" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73fd579 code=0x7ffc0000 [ 1065.510346][ T29] audit: type=1326 audit(1740378838.376:8100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15814 comm="syz.4.3682" exe="/root/syz-executor" sig=0 arch=40000003 syscall=286 compat=1 ip=0xf73fd579 code=0x7ffc0000 [ 1065.533059][ T29] audit: type=1326 audit(1740378838.376:8101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15814 comm="syz.4.3682" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73fd579 code=0x7ffc0000 [ 1065.555709][ T29] audit: type=1326 audit(1740378838.376:8102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15814 comm="syz.4.3682" exe="/root/syz-executor" sig=0 arch=40000003 syscall=287 compat=1 ip=0xf73fd579 code=0x7ffc0000 [ 1065.578407][ T29] audit: type=1326 audit(1740378838.376:8103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15814 comm="syz.4.3682" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73fd579 code=0x7ffc0000 [ 1065.605158][ T29] audit: type=1326 audit(1740378838.376:8104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15814 comm="syz.4.3682" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf73fd579 code=0x7ffc0000 [ 1065.629142][ T29] audit: type=1326 audit(1740378838.376:8105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15814 comm="syz.4.3682" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73fd579 code=0x7ffc0000 [ 1065.652785][ T29] audit: type=1326 audit(1740378838.406:8106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15814 comm="syz.4.3682" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf73fd579 code=0x7ffc0000 [ 1066.387762][ C1] vcan0: j1939_tp_rxtimer: 0xffff888013479400: rx timeout, send abort [ 1066.435201][T15828] loop1: detected capacity change from 0 to 512 [ 1066.486010][T15832] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3688'. [ 1066.620522][T15828] EXT4-fs error (device loop1): __ext4_iget:4984: inode #16: block 127754: comm syz.1.3687: invalid block [ 1066.677738][T15828] EXT4-fs error (device loop1): ext4_orphan_get:1394: comm syz.1.3687: couldn't read orphan inode 16 (err -117) [ 1066.735971][T15828] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1066.820406][T15828] ext4 filesystem being mounted at /163/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 1066.896437][ C1] vcan0: j1939_tp_rxtimer: 0xffff888013479400: abort rx timeout. Force session deactivation [ 1067.236536][T13691] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1067.395570][T15843] loop4: detected capacity change from 0 to 512 [ 1067.493722][T15843] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -2 [ 1067.502860][T15843] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -2 [ 1067.562062][T15843] EXT4-fs (loop4): 1 truncate cleaned up [ 1067.569955][T15843] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1067.610245][T15843] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback. [ 1067.653784][T15835] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 227 vs 220 free clusters [ 1067.696013][T15851] loop1: detected capacity change from 0 to 1024 [ 1067.764287][T15851] EXT4-fs: Ignoring removed mblk_io_submit option [ 1067.798402][T15851] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 1067.883979][T15851] EXT4-fs error (device loop1): ext4_ext_check_inode:524: inode #11: comm syz.1.3694: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512) [ 1067.948185][T15851] EXT4-fs error (device loop1): ext4_orphan_get:1394: comm syz.1.3694: couldn't read orphan inode 11 (err -117) [ 1067.965976][T15851] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1068.000385][T15851] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback. [ 1068.278528][T13691] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1069.022112][T15861] netlink: 44 bytes leftover after parsing attributes in process `syz.2.3699'. [ 1069.250782][T15866] netlink: 20 bytes leftover after parsing attributes in process `syz.1.3701'. [ 1069.901876][T15874] loop3: detected capacity change from 0 to 512 [ 1069.975493][T15874] EXT4-fs error (device loop3): __ext4_iget:4984: inode #16: block 127754: comm syz.3.3704: invalid block [ 1070.029966][T15874] EXT4-fs error (device loop3): ext4_orphan_get:1394: comm syz.3.3704: couldn't read orphan inode 16 (err -117) [ 1070.059310][T15879] ===================================================== [ 1070.066751][T15879] BUG: KMSAN: uninit-value in cmsghdr_from_user_compat_to_kern+0x568/0x10d0 [ 1070.077337][T15879] cmsghdr_from_user_compat_to_kern+0x568/0x10d0 [ 1070.083926][T15879] ____sys_sendmsg+0x22c/0xda0 [ 1070.092848][T15879] __sys_sendmsg_sock+0x42/0x60 [ 1070.099775][T15879] io_sendmsg+0x36a/0xe30 [ 1070.104333][T15879] io_issue_sqe+0x394/0x1fb0 [ 1070.109399][T15879] io_submit_sqes+0x11c3/0x2ff0 [ 1070.114487][T15879] __se_sys_io_uring_enter+0x41d/0x4da0 [ 1070.120433][T15879] __ia32_sys_io_uring_enter+0x11d/0x1a0 [ 1070.126301][T15879] ia32_sys_call+0xd59/0x4180 [ 1070.131434][T15879] __do_fast_syscall_32+0xb0/0x110 [ 1070.136757][T15879] do_fast_syscall_32+0x38/0x80 [ 1070.142046][T15879] do_SYSENTER_32+0x1f/0x30 [ 1070.146747][T15879] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1070.155057][T15879] [ 1070.158007][T15879] Uninit was stored to memory at: [ 1070.163272][T15879] io_sendmsg+0x694/0xe30 [ 1070.167976][T15879] io_issue_sqe+0x394/0x1fb0 [ 1070.172776][T15879] io_submit_sqes+0x11c3/0x2ff0 [ 1070.177995][T15879] __se_sys_io_uring_enter+0x41d/0x4da0 [ 1070.183816][T15879] __ia32_sys_io_uring_enter+0x11d/0x1a0 [ 1070.193713][T15879] ia32_sys_call+0xd59/0x4180 [ 1070.199796][T15879] __do_fast_syscall_32+0xb0/0x110 [ 1070.205136][T15879] do_fast_syscall_32+0x38/0x80 [ 1070.209694][T15874] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1070.210437][T15879] do_SYSENTER_32+0x1f/0x30 [ 1070.227916][T15879] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1070.234506][T15879] [ 1070.237432][T15879] Uninit was created at: [ 1070.241972][T15879] __alloc_frozen_pages_noprof+0x9a7/0xe00 [ 1070.248201][T15879] alloc_pages_mpol+0x4cd/0x890 [ 1070.253293][T15879] alloc_frozen_pages_noprof+0x1bf/0x1e0 [ 1070.255682][T15874] ext4 filesystem being mounted at /119/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 1070.259279][T15879] allocate_slab+0x23a/0x1110 [ 1070.274793][T15879] ___slab_alloc+0x1287/0x3540 [ 1070.279987][T15879] kmem_cache_alloc_bulk_noprof+0x486/0x1330 [ 1070.286186][T15879] __io_alloc_req_refill+0x84/0x5b0 [ 1070.295468][T15879] io_submit_sqes+0x90f/0x2ff0 [ 1070.301647][T15879] __se_sys_io_uring_enter+0x41d/0x4da0 [ 1070.307571][T15879] __ia32_sys_io_uring_enter+0x11d/0x1a0 [ 1070.313454][T15879] ia32_sys_call+0xd59/0x4180 [ 1070.318549][T15879] __do_fast_syscall_32+0xb0/0x110 [ 1070.323882][T15879] do_fast_syscall_32+0x38/0x80 [ 1070.329111][T15879] do_SYSENTER_32+0x1f/0x30 [ 1070.333817][T15879] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1070.340684][T15879] [ 1070.343162][T15879] CPU: 0 UID: 0 PID: 15879 Comm: syz.1.3706 Not tainted 6.14.0-rc4-syzkaller #0 [ 1070.352552][T15879] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 1070.362951][T15879] ===================================================== [ 1070.370320][T15879] Disabling lock debugging due to kernel taint [ 1070.376667][T15879] Kernel panic - not syncing: kmsan.panic set ... [ 1070.383260][T15879] CPU: 0 UID: 0 PID: 15879 Comm: syz.1.3706 Tainted: G B 6.14.0-rc4-syzkaller #0 [ 1070.393989][T15879] Tainted: [B]=BAD_PAGE [ 1070.398281][T15879] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 1070.408518][T15879] Call Trace: [ 1070.411930][T15879] [ 1070.414968][T15879] dump_stack_lvl+0x216/0x2d0 [ 1070.419819][T15879] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 1070.425846][T15879] dump_stack+0x1e/0x24 [ 1070.430163][T15879] panic+0x4e2/0xcf0 [ 1070.434279][T15879] ? kmsan_get_metadata+0xc1/0x1c0 [ 1070.440085][T15879] kmsan_report+0x2c7/0x2d0 [ 1070.444808][T15879] ? kmsan_get_metadata+0xc0/0x1c0 [ 1070.450118][T15879] ? __msan_warning+0x95/0x120 [ 1070.455083][T15879] ? cmsghdr_from_user_compat_to_kern+0x568/0x10d0 [ 1070.461801][T15879] ? ____sys_sendmsg+0x22c/0xda0 [ 1070.466899][T15879] ? __sys_sendmsg_sock+0x42/0x60 [ 1070.472078][T15879] ? io_sendmsg+0x36a/0xe30 [ 1070.476785][T15879] ? io_issue_sqe+0x394/0x1fb0 [ 1070.481752][T15879] ? io_submit_sqes+0x11c3/0x2ff0 [ 1070.486994][T15879] ? __se_sys_io_uring_enter+0x41d/0x4da0 [ 1070.492948][T15879] ? __ia32_sys_io_uring_enter+0x11d/0x1a0 [ 1070.499011][T15879] ? ia32_sys_call+0xd59/0x4180 [ 1070.504085][T15879] ? __do_fast_syscall_32+0xb0/0x110 [ 1070.509668][T15879] ? do_fast_syscall_32+0x38/0x80 [ 1070.514877][T15879] ? do_SYSENTER_32+0x1f/0x30 [ 1070.519741][T15879] ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1070.526467][T15879] ? kernel_text_address+0x129/0x1b0 [ 1070.531972][T15879] ? kmsan_get_metadata+0x13e/0x1c0 [ 1070.537384][T15879] ? kmsan_internal_set_shadow_origin+0x69/0x100 [ 1070.543999][T15879] ? kmsan_get_metadata+0x13e/0x1c0 [ 1070.549407][T15879] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 1070.555655][T15879] ? _raw_spin_unlock_irqrestore+0x3f/0x60 [ 1070.561728][T15879] ? kmsan_get_metadata+0x13e/0x1c0 [ 1070.567172][T15879] ? kmsan_internal_set_shadow_origin+0x69/0x100 [ 1070.573753][T15879] ? kmsan_get_metadata+0x13e/0x1c0 [ 1070.579167][T15879] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 1070.585183][T15879] __msan_warning+0x95/0x120 [ 1070.589970][T15879] cmsghdr_from_user_compat_to_kern+0x568/0x10d0 [ 1070.596634][T15879] ? _raw_spin_unlock_irqrestore+0x3f/0x60 [ 1070.602690][T15879] ? stack_depot_save_flags+0x6db/0x750 [ 1070.608465][T15879] ? kmsan_internal_set_shadow_origin+0x69/0x100 [ 1070.615014][T15879] ? kmsan_get_metadata+0x13e/0x1c0 [ 1070.620448][T15879] ____sys_sendmsg+0x22c/0xda0 [ 1070.625377][T15879] ? __fget_files+0x42b/0x500 [ 1070.630295][T15879] ? kmsan_get_metadata+0xc0/0x1c0 [ 1070.635642][T15879] __sys_sendmsg_sock+0x42/0x60 [ 1070.640692][T15879] io_sendmsg+0x36a/0xe30 [ 1070.645241][T15879] ? __pfx_io_sendmsg+0x10/0x10 [ 1070.650289][T15879] io_issue_sqe+0x394/0x1fb0 [ 1070.655176][T15879] io_submit_sqes+0x11c3/0x2ff0 [ 1070.660261][T15879] ? kmsan_get_metadata+0xc0/0x1c0 [ 1070.665670][T15879] ? kmsan_internal_set_shadow_origin+0x69/0x100 [ 1070.672207][T15879] __se_sys_io_uring_enter+0x41d/0x4da0 [ 1070.677989][T15879] ? finish_task_switch+0x1c8/0x8f0 [ 1070.683400][T15879] ? do_futex+0x380/0x4a0 [ 1070.687901][T15879] ? kmsan_get_metadata+0x13e/0x1c0 [ 1070.693387][T15879] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 1070.699505][T15879] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 1070.705566][T15879] __ia32_sys_io_uring_enter+0x11d/0x1a0 [ 1070.711445][T15879] ia32_sys_call+0xd59/0x4180 [ 1070.716325][T15879] __do_fast_syscall_32+0xb0/0x110 [ 1070.721634][T15879] ? irqentry_exit+0x16/0x60 [ 1070.726392][T15879] do_fast_syscall_32+0x38/0x80 [ 1070.731477][T15879] do_SYSENTER_32+0x1f/0x30 [ 1070.736157][T15879] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1070.742727][T15879] RIP: 0023:0xf7f27579 [ 1070.746929][T15879] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 1070.766729][T15879] RSP: 002b:00000000f504655c EFLAGS: 00000206 ORIG_RAX: 00000000000001aa [ 1070.775322][T15879] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000000008aa [ 1070.783437][T15879] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 1070.791575][T15879] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1070.799677][T15879] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 1070.807783][T15879] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1070.815909][T15879] [ 1070.819385][T15879] Kernel Offset: disabled [ 1070.823815][T15879] Rebooting in 86400 seconds..