last executing test programs: 7.393452514s ago: executing program 1 (id=1024): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000008000000000000001000000940000000fad413ec50000000f00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='netlink_extack\x00', r0}, 0x10) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=@ipv4_newaddr={0x18, 0x14, 0x509, 0x0, 0x25dfdbfd}, 0x18}}, 0x0) 7.268162496s ago: executing program 1 (id=1027): socket$netlink(0x10, 0x3, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000480), 0x1a1040, 0x0) ioctl$AUTOFS_IOC_FAIL(r3, 0x4c80, 0x7000000) getsockname$packet(0xffffffffffffffff, 0x0, &(0x7f0000000200)) bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=ANY=[], 0x50) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x18) 6.137262742s ago: executing program 1 (id=1040): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, 0x0, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000004c0)={0x6c, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x34, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast2=0xe0000001}, {0x8, 0x2, @dev}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x4}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x2}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}]}, 0x6c}}, 0x0) 6.035016003s ago: executing program 1 (id=1043): bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], 0x0, 0x0, 0x3b, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x2, 0x0, 0x0, 0x286ca06bbee933dc, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) pipe2$9p(&(0x7f0000000300), 0x80) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000380)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]}) close_range(r4, 0xffffffffffffffff, 0x0) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) 5.422915152s ago: executing program 4 (id=1051): socket$netlink(0x10, 0x3, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000480), 0x1a1040, 0x0) ioctl$AUTOFS_IOC_FAIL(r3, 0x4c80, 0x7000000) getsockname$packet(0xffffffffffffffff, 0x0, &(0x7f0000000200)) bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=ANY=[], 0x50) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x18) 2.79867242s ago: executing program 4 (id=1065): gettid() timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r0 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f00000002c0), 0x0) read$qrtrtun(r0, 0x0, 0xeffd) 2.734535041s ago: executing program 1 (id=1066): bpf$PROG_LOAD(0x5, &(0x7f0000001b40)={0x1c, 0x20000000000000bb, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x22, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020097b1af8ff00000000bfa100000000000007010000b8ffffffb702000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x92}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r0}, 0x10) r1 = getpid() process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) 2.687473722s ago: executing program 2 (id=1068): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket(0x10, 0x3, 0x0) syz_genetlink_get_family_id$ethtool(&(0x7f0000000200), r2) getsockname$packet(r2, &(0x7f00000002c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14) sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000400)=@newqdisc={0x38, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_clsact={0xb}, @TCA_EGRESS_BLOCK={0x8, 0xe, 0x5}]}, 0x38}}, 0x4000800) sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000380)=@delchain={0x24, 0x64, 0xf31, 0xfffffffb, 0x0, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xfff3, 0xffff}, {0xa, 0x1b}}}, 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x4000) 2.544358804s ago: executing program 2 (id=1070): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x6, 0x4, 0x7fdf, 0x1}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f00000001c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfe}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = dup2(r1, r0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sys_enter\x00', r2}, 0x10) creat(&(0x7f0000000080)='./file0/file1\x00', 0x90) unlink(&(0x7f0000000100)='./file0/file1\x00') 2.466628684s ago: executing program 2 (id=1071): r0 = socket(0x10, 0x803, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, 0x0) r2 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2b, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0x7}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0) r4 = socket(0x400000000010, 0x3, 0x0) r5 = socket$unix(0x1, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r4, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)=@newtfilter={0x94, 0x2c, 0xd27, 0x70bd25, 0x25dfdbfd, {0x0, 0x0, 0x0, r6, {0x5, 0xfff3}, {}, {0x7}}, [@filter_kind_options=@f_matchall={{0xd}, {0x58, 0x2, [@TCA_MATCHALL_ACT={0x54, 0x2, [@m_skbedit={0x50, 0x1, 0x0, 0x0, {{0xc}, {0x24, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_QUEUE_MAPPING={0x6, 0x4, 0x6fe2}, @TCA_SKBEDIT_PARMS={0x18, 0x2, {0xb380, 0x4, 0x0, 0xd87, 0x6}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x2, 0x3}}}}]}]}}, @TCA_RATE={0x6, 0x5, {0xab, 0x8e}}]}, 0x94}, 0x1, 0x0, 0x0, 0x10}, 0x0) 2.031255231s ago: executing program 2 (id=1076): socket$netlink(0x10, 0x3, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000480), 0x1a1040, 0x0) ioctl$AUTOFS_IOC_FAIL(r3, 0x4c80, 0x7000000) getsockname$packet(0xffffffffffffffff, 0x0, &(0x7f0000000200)) bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=ANY=[], 0x50) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x18) 1.962909992s ago: executing program 1 (id=1077): bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], 0x0, 0x0, 0x3b, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x2, 0x0, 0x0, 0x286ca06bbee933dc, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) pipe2$9p(&(0x7f0000000300), 0x80) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000380)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]}) close_range(r4, 0xffffffffffffffff, 0x0) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) 1.832765904s ago: executing program 4 (id=1079): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000001380)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000080850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0xf2cccc7fae7881b8, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sys_enter\x00', r0}, 0x10) rename(0x0, 0x0) 1.559899018s ago: executing program 4 (id=1081): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x8e7}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00'}, 0x10) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'lo\x00'}) socket$unix(0x1, 0x1, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) chmod(0x0, 0x180) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000240)='./file0\x00', 0x0, &(0x7f0000000440)=ANY=[@ANYRES64=0x0, @ANYRESHEX, @ANYRESDEC=0x0], 0x3, 0x1cc, &(0x7f0000000700)="$eJzs271qU2EYB/DntElM65AOTuJwRqfS9gpapIIYEJQMCoJiG5AeKSQQqIPt5uBNeDEOrnoljhmEI8lJGlNSaBOSQPP7LXnIOf/3k3y8gbx79Onk6LTdfNv8GdUkibX9SKObxFasxdBFAAB3STfP40+e5/m9i9j4HnmeL3tEAMC8dfO8NKx9/gPAanj1+s3zg3r98GWaViOyr51Gp1E8FtcPmvExsjiOnajF3+h9QRgo6qfP6oc7ad9WfMvOB/nzTmN9PL8btdianN8t8ul4vhyb/+f3ohYPJuf3JuYr8bhymS9HRC1+f4jTyOIoetlR/stumj55Ub+Sv9+/DwAAAO6C7fRS//xeifHz+/b2+PXR+bjIHyQ3/n3gyvm6FA9Ly507AKyq9tnnk/dZdtyaoqgO2pgyfrPi12bRyRy7aLXPNgZTmaWd4ZJm5YjoPbN/2/UpT7Up67dKVXoDuuaejfluZas0xx2cXCQz7uksxY+IWHinMxfV4Yot6A0IWJrRq3/ZIwEAAAAAAAAAAAAAAK6ziP8V9fpJlj1RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFbKvwAAAP//lUZxDg==") openat$dir(0xffffffffffffff9c, &(0x7f00000002c0)='./file0\x00', 0x189800, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) r2 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000340)={'veth0_to_hsr\x00', 0x0}) r4 = socket$nl_route(0x10, 0x3, 0x0) bind$packet(r2, &(0x7f0000000080)={0x11, 0x4, r3, 0x1, 0x6, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x3e}}, 0x14) sendmsg$nl_route_sched(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000780)=@getchain={0x24, 0x11, 0x1, 0xf0bd30, 0x25dfdbff, {0x0, 0x0, 0x0, r3, {0xd}, {0xfff1, 0xfff2}, {0x0, 0xe}}}, 0x24}, 0x1, 0x0, 0x0, 0x20004810}, 0x40000) 1.181156233s ago: executing program 0 (id=1084): socket$inet6_sctp(0xa, 0x5, 0x84) r0 = socket$inet(0x2, 0x5, 0x0) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) bind$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, 0x14) getsockopt$inet_sctp6_SCTP_MAX_BURST(r1, 0x84, 0x83, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f00000004c0)=0x8) setsockopt$inet_sctp_SCTP_CONTEXT(r0, 0x84, 0x11, &(0x7f0000000140)={r2, 0xffff}, 0x8) 1.074969685s ago: executing program 3 (id=1085): bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000aac020000060a0b040000000000000000020000003c020480380201800a0001006d6174636800000028020280080002400000000114020300d67a8527f76ec1d39e537c4c3060c6a405106c72848aa8bcb429b3a20d532452032d5f166334739d1719a5778bd4f724ee4ca57f2527aeeb0c75755d68fc6fa55f4825682ee95e581039823e5963beedcf65b8b005623d90772b8b6ebd2498b0aff725a3eabb6c99cb2edfe10b9c33be8a971e08401bc0807e75a2ff376b7934473bc1f02bb512b77414daf260c9c7d4e1f0758b56ec5823892af310e6252fcfb1d9dbad362baa26f43f12f831fd221926d6536eeff641db46920ae0e48f3ff5de599714ba6510ce479d4116a519792281736f39c9fc0e10ef557392c43389271cebcf36543fcf6f83bf74b93ee4eb5e8c82e35bb4784cc1ed0ad291b16e8368487589f7590bf5896f340a36555a1cf69736da230a809176dbdfba3d47efb9a6932e5503d277532b7d4e6f7c7373a298e5843a9f74d5fd07fbc6ad22bc644ba9b3c94ec3c8f0b9321b16e5826b1f058f781760a5d4b6a8880202b41689139c37cd51f65a92d883f8901add03b650c9ec182fb565a4d657ebba9d6a5eb426b22d5933b72362e6ec327fb679aa8034b8b3b6680ad138be47652a3e77981187d2921cebfc1639aa280e3d38dba9b1af49ceded79c78a2d656b3a3e946e17e6257def6679f70f11aa01a2d906aecf4dbc7d1a332a8932ed719ce7eecb5450f494f944b3f6b637502ddba609c6e45dcfad1db7c7dda3e2c8d5ddcf27132985442e9b8df16f96c82e72e3e2491856d07756b9f08000100627066000900010073797a30000000000900020073797a3200000000440005800800024000000002080001"], 0x2d4}}, 0x4048010) 1.020164006s ago: executing program 4 (id=1086): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10) r2 = syz_io_uring_setup(0x49a, &(0x7f0000000400)={0x0, 0x79af, 0x3180, 0x8000, 0x400246}, &(0x7f0000000340)=0x0, &(0x7f00000006c0)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4) syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_MSG_RING={0x28, 0x0, 0x0, r2, 0x1, 0x0, 0x0, 0x2}) io_uring_enter(r2, 0x4c6e, 0xc67a, 0xc, 0x0, 0x0) io_uring_enter(r2, 0x627, 0x4c1, 0x3, 0x0, 0x0) 999.157316ms ago: executing program 0 (id=1087): r0 = socket(0x10, 0x803, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r2 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, 0x0) sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2b, 0xffffffff, {0x0, 0x0, 0x0, 0x0, {0x0, 0x7}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0) r3 = socket(0x400000000010, 0x3, 0x0) r4 = socket$unix(0x1, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r3, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)=@newtfilter={0x94, 0x2c, 0xd27, 0x70bd25, 0x25dfdbfd, {0x0, 0x0, 0x0, r5, {0x5, 0xfff3}, {}, {0x7}}, [@filter_kind_options=@f_matchall={{0xd}, {0x58, 0x2, [@TCA_MATCHALL_ACT={0x54, 0x2, [@m_skbedit={0x50, 0x1, 0x0, 0x0, {{0xc}, {0x24, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_QUEUE_MAPPING={0x6, 0x4, 0x6fe2}, @TCA_SKBEDIT_PARMS={0x18, 0x2, {0xb380, 0x4, 0x0, 0xd87, 0x6}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x2, 0x3}}}}]}]}}, @TCA_RATE={0x6, 0x5, {0xab, 0x8e}}]}, 0x94}, 0x1, 0x0, 0x0, 0x10}, 0x0) 941.212096ms ago: executing program 3 (id=1088): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009c0000000b"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000280)='kmem_cache_free\x00', r1, 0x0, 0x200000000000006}, 0x18) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) r2 = socket(0x1e, 0x4, 0x0) setsockopt$packet_tx_ring(r2, 0x10f, 0x87, &(0x7f0000000140)=@req3={0x7813, 0x3, 0x0, 0x81, 0x1ff, 0x1, 0x1}, 0x1c) recvmmsg$unix(r2, &(0x7f0000004400)=[{{0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000004c0)=""/53, 0x35}], 0x1}}], 0x1, 0x0, 0x0) sendmmsg(r2, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x101d0}], 0x1}}], 0x400000000000181, 0x9200000000000000) 779.467609ms ago: executing program 4 (id=1089): gettid() timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r0 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f00000002c0), 0x0) read$qrtrtun(r0, 0x0, 0xeffd) 778.454479ms ago: executing program 0 (id=1090): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x11, 0x8, &(0x7f0000000200)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0ff5b14104fe62cc60e413905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf2364149215108333719acd97cfa107d40224edc5465a93df8513a32ec450bebc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe511195418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4929330142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da8c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000dd11e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15f2a169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f000010000000000000905ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400bee3dfc8fb24f67c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341b74abaa7c95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb232bbdb9dc33cbd7643866fde41f94290c2a5ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595270fb4021428ce970275d13b78100788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f76dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d2e959efc71f665c4d75cf2458e3322c9062ece84c99a061997a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99f0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d164118e4cbe02400000000ff0700000000cc9d8046c216c1f895778cb25122a2a998de44aeadea2a40da8daccf080842a4867217373934bbd42dcb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcd62981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba495aea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b60000000000001700d6d5210d7560eb92d6a97a27602b81f76386f1535b1fad6ec9a31137abf9a404abde7750898b1bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294059323e7a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd704e4214de5946932d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505466ac96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a428f1da1fc8df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1785eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba891cea599b079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be2f5656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b70ebc660309e1e245b0fd78f9743af932cd6db49a47613808bad959719c0000000000378a921c7f7f6933c2e24c7e800003c9e8095e02985f28de0bbc76d58dd92606b1ef6486c85fa3e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6968d12418a4d2a0d086d8438d415d713acebc5b014e61a543a5a391f03daca80f08f0e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e112645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4cba6e6390a9f302c6eb2df7766411bef0ebb5000000000006065d6735eb7a00e127c000000000000000000000000000000a1c3da144589dcaddb71cf9374843e23f992a237a9040747e0434a8a643990b4059a98411ce867d1af7e8ea89f49e6f564d4dce8a7d6939a9214a7f39e83bd247e03a09dba000000000000000000000000aaf033d47249c8444bc13844cbf1be617d82b269e5ea0c0d525603c0ec543ea581f63893ae414a6683e941fdbdff03cfc5f8744583c0aa766a65321f907927a59d75b47f06895e8471ebc2840ce5bd054df223fb09b9c739ad64cfcfd2d498b0f11056f6c40874cb977c99b6bc1a8732198a17e610082b7ce0365f271b11d4b4a3d4c7d0bb273f406ecd4b26c93151c30f5a269991402d109becb1b9bafcb2b47e940000000000e540d8b0db3774effb7469a21f96e2594b2973ebf7a1bd9ace2ed4d6eb1735f85885be5be74dc2ea5d7d499bd28271b98f187f5879b16b409a04d78175cc8d0f707c822805d7011ed4b22419186dd2b22aadf15828db2ca19d79e1bf2f7989237ee5cb2e1eb7b2bfc92d3aa95a26f060935c4fee8b2d7d0bf3c6d82d04329164bd4ee0b8060183f36762b0440d9082d7c8b06e4c2024f77e1018758d28e7ee290f32a48bfc2aa10b3dba9bff00d2410f3477a8e0df689c880dc9a677cfaa16603527c06625a3363744cea5f2d350224cc0fea76c72ca08507235c67346722f20690fde0790f040f5fd3eff75f9b291cc5e9c686ebaadbe756c6fa039ff441e427ed12578d5cb041ebf729cfaa575cc852fbdb54e60435e6d62b9d270433b220ed9ff1ff042b8d3d866231c460765"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x1f) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='kfree\x00', r0}, 0x10) r1 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x20, &(0x7f0000000300)={@mcast2, 0x0, 0x0, 0xff, 0x3, 0x600}, 0x21) 506.661563ms ago: executing program 3 (id=1091): openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) socket$kcm(0x2, 0xa, 0x2) ioctl$sock_inet6_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f0000001180)={@ipv4={'\x00', '\xff\xff', @multicast2}, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x1, 0x0}}, @mcast2, 0x4, 0x1, 0x0, 0x500, 0x1, 0x4050000}) ioctl$TUNSETOFFLOAD(0xffffffffffffffff, 0xc004743e, 0x110e22fff6) r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x3, &(0x7f0000000240)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3}}, &(0x7f00000001c0)='syzkaller\x00'}, 0x80) r1 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'syz_tun\x00', 0x0}) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000000c0)={r0, r2}, 0x10) syz_emit_ethernet(0x36, &(0x7f0000000140)=ANY=[], 0x0) 505.731223ms ago: executing program 0 (id=1101): r0 = socket(0x10, 0x803, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r2 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, 0x0) sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2b, 0xffffffff, {0x0, 0x0, 0x0, 0x0, {0x0, 0x7}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0) r3 = socket(0x400000000010, 0x3, 0x0) r4 = socket$unix(0x1, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r3, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)=@newtfilter={0x94, 0x2c, 0xd27, 0x70bd25, 0x25dfdbfd, {0x0, 0x0, 0x0, r5, {0x5, 0xfff3}, {}, {0x7}}, [@filter_kind_options=@f_matchall={{0xd}, {0x58, 0x2, [@TCA_MATCHALL_ACT={0x54, 0x2, [@m_skbedit={0x50, 0x1, 0x0, 0x0, {{0xc}, {0x24, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_QUEUE_MAPPING={0x6, 0x4, 0x6fe2}, @TCA_SKBEDIT_PARMS={0x18, 0x2, {0xb380, 0x4, 0x0, 0xd87, 0x6}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x2, 0x3}}}}]}]}}, @TCA_RATE={0x6, 0x5, {0xab, 0x8e}}]}, 0x94}, 0x1, 0x0, 0x0, 0x10}, 0x0) 309.567836ms ago: executing program 3 (id=1092): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) bpf$BPF_PROG_DETACH(0x9, &(0x7f00000072c0)={@map, 0xffffffffffffffff, 0x36, 0x10}, 0x20) 283.346666ms ago: executing program 0 (id=1093): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, 0x0, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000004c0)={0x50, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x34, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast2=0xe0000001}, {0x8, 0x2, @dev}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x4}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x2}]}, @CTA_TIMEOUT={0x8}]}, 0x50}}, 0x0) 197.663887ms ago: executing program 2 (id=1094): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x6, 0x4, 0x7fdf, 0x1}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f00000001c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfe}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = dup2(r1, r0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sys_enter\x00', r2}, 0x10) creat(&(0x7f0000000080)='./file0/file1\x00', 0x90) unlink(&(0x7f0000000100)='./file0/file1\x00') 156.977688ms ago: executing program 3 (id=1095): syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x80800) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000440)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x94) connect$inet(0xffffffffffffffff, 0x0, 0x0) sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x40004, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) socket$nl_netfilter(0x10, 0x3, 0xc) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_ADD(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000580)={0x50, 0x9, 0x6, 0x201, 0x0, 0x0, {0x3}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x28, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @broadcast}}, @IPSET_ATTR_IP2={0xc, 0x14, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @remote}}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @rand_addr=0x64010101}}]}]}, 0x50}, 0x1, 0x0, 0x0, 0xd24f4d5778621d46}, 0x4) 156.048978ms ago: executing program 0 (id=1096): syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000980)='./file0\x00', 0x0, &(0x7f0000000100)={[{@journal_dev={'journal_dev', 0x3d, 0x2d353}}, {@nobh}]}, 0x1, 0x519, &(0x7f00000009c0)="$eJzs3cFvI1cZAPBvJvE2u5tiFxAqlSgVLcpWsHbS0DZCCMoFTpWA5b6ExImi2HEUO2UTVZCK/wAhgcSJExck/gCkqgfEGVWqBBfEAQECIdjCAQnoII/HJevYSaBJnI1/P+mt35sZz/e9ifw8M56dCWBiPRURL0XEVEQ8GxHlYnpalDjole5yb99/daVbksiyO39JIimm9dfVbU9HxM3ibTMR8ZUvRnw9ORq3vbe/udxo1HeKdq3T3K619/ZvbzSX1+vr9a3FxYUXll5cen5pPiu8p35W+pUffeGzr3/yG7+9+6db3+ym9ZkPRSkG+nGWel0v5duir7uNds4j2BhMFf0pjTsRAABOpbuP//6I+Fi+/1+OqXxvbsDUODIDAAAAzkr2udn4VxKRAQAAAFdWGhGzkaTV4lqA2UjTa8W5gQ/GjbTRanc+sdba3VrtzouoRCld22jU54trhStRSrrtheIa2377uYH2YkQ8FhHfLV/P29WVVmN1zOc+AAAAYFLcHDj+/3s5zesnG/L/BAAAAIDLqzKyAQAAAFwVDvkBAADg6hs8/n99THkAAAAA5+JLL7/cLVn/+derr+ztbrZeub1ab29Wm7sr1ZXWznZ1vdVaz+/Z1zxpfY1Wa/tTsbV7r9aptzu19t7+3WZrd6tzd+OBR2ADAAAAF+ixj77xqyQiDj59PS9R3AcQ4AG/H3cCwFmaGncCwNi4izdMrlK/cm28eQDjk5ww38U7AADw8Jv78NHf//unAkpjzQw4b671AYDJ4/d/mFwlVwDCREsj4n296iOjlhn5+/8vThslyyLeLB+e4vwiAABcrNm8JGm1OA6YjTStViMejUgrUUrWNhr1+eL44Jfl0iPd9kL+zuTEa4YBAAAAAAAAAAAAAAAAAAAAAAAAgJ4sSyIDAAAArrSI9I9Jfjf/iLnyM7OD5weuJf8oxx+Kxg/ufO/ecqezs9Cd/tf8WV7XIqLz/TulfPpzIx8fBgAAAJy15GDkrN5xevG6cKFZAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAB3r7/6kq/XGTcP38+IirD4k/HTP46E6WIuPG3JKYPvS+JiKkziH/wWkQ8Pix+Eu9kWVYpshgW//o5x6/km2Z4/DQibp5BfJhkb3THn5eGff7SeCp/Hf75my7KezV6/EuLyI/n49yw8efRI2trDo3xxFs/qY2M/1rEE9PDx5/++JuMiP/0kbX9M8uyozG+9tX9/VHxsx9GzA39/kkeiFXrNLdr7b392xvN5fX6en1rcXHhhaUXl55fmq+tbTTqxb9DY3znIz9957j+3xgS/ze/7o2/x/X/mVErHfDvt+7d/0CvWhoW/9bTQ79/Z2JE/LT47vt4Ue/On+vXD3r1w5788ZtPHtf/1RHb/6S//61T9v/ZL3/7d6dcFAC4AO29/c3lRqO+c0xl5hTLPIyVn81cijT+x0r2rd5f7rLk8/9Wunur/53S79UlSOxQJbuwWFNxSbr8bmWswxIAAHAOfv7uTv+4MwEAAAAAAAAAAAAAAAAAAIDJdRG3ExuMeTCergIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHOs/AQAA//9GB9/T") r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000013000000000000000900000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000fc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r1}, 0x10) lchown(&(0x7f0000000000)='./cgroup/cgroup.procs\x00', 0x0, 0xee01) 54.33535ms ago: executing program 2 (id=1097): bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r0}, 0x10) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'lo\x00'}) socket$unix(0x1, 0x1, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) chmod(0x0, 0x180) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000240)='./file0\x00', 0x0, &(0x7f0000000440)=ANY=[@ANYRES64=0x0, @ANYRESHEX, @ANYRESDEC=0x0], 0x3, 0x1cc, &(0x7f0000000700)="$eJzs271qU2EYB/DntElM65AOTuJwRqfS9gpapIIYEJQMCoJiG5AeKSQQqIPt5uBNeDEOrnoljhmEI8lJGlNSaBOSQPP7LXnIOf/3k3y8gbx79Onk6LTdfNv8GdUkibX9SKObxFasxdBFAAB3STfP40+e5/m9i9j4HnmeL3tEAMC8dfO8NKx9/gPAanj1+s3zg3r98GWaViOyr51Gp1E8FtcPmvExsjiOnajF3+h9QRgo6qfP6oc7ad9WfMvOB/nzTmN9PL8btdianN8t8ul4vhyb/+f3ohYPJuf3JuYr8bhymS9HRC1+f4jTyOIoetlR/stumj55Ub+Sv9+/DwAAAO6C7fRS//xeifHz+/b2+PXR+bjIHyQ3/n3gyvm6FA9Ly507AKyq9tnnk/dZdtyaoqgO2pgyfrPi12bRyRy7aLXPNgZTmaWd4ZJm5YjoPbN/2/UpT7Up67dKVXoDuuaejfluZas0xx2cXCQz7uksxY+IWHinMxfV4Yot6A0IWJrRq3/ZIwEAAAAAAAAAAAAAAK6ziP8V9fpJlj1RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFbKvwAAAP//lUZxDg==") openat$dir(0xffffffffffffff9c, &(0x7f00000002c0)='./file0\x00', 0x189800, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) r2 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000340)={'veth0_to_hsr\x00', 0x0}) r4 = socket$nl_route(0x10, 0x3, 0x0) bind$packet(r2, &(0x7f0000000080)={0x11, 0x4, r3, 0x1, 0x6, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x3e}}, 0x14) sendmsg$nl_route_sched(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000780)=@getchain={0x24, 0x11, 0x1, 0xf0bd30, 0x25dfdbff, {0x0, 0x0, 0x0, r3, {0xd}, {0xfff1, 0xfff2}, {0x0, 0xe}}}, 0x24}, 0x1, 0x0, 0x0, 0x20004810}, 0x40000) 0s ago: executing program 3 (id=1098): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008f00850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x18) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000c80)={'ip6gre0\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f0000001200)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000001240)=@newqdisc={0x45c, 0x24, 0x4ee4e6a52ff56541, 0x70bd28, 0x4000000, {0x0, 0x0, 0x0, r2, {0x0, 0x1}, {0xffff, 0xffff}, {0xc}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_RTAB={0x404, 0x2, [0x7, 0x0, 0x1fc, 0x0, 0xfffffc80, 0x0, 0x6, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x9, 0x20, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1, 0x3f, 0x0, 0x0, 0x2, 0xffffffff, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x1000, 0xfffffffc, 0x0, 0x0, 0x0, 0x9, 0x0, 0x4000, 0x0, 0x0, 0xfffffffe, 0x6, 0x0, 0x0, 0x272, 0xb, 0x0, 0x1, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x2, 0xfffffffe, 0x0, 0x80007, 0x4, 0x0, 0x0, 0x0, 0x2, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0xfffffffc, 0x3, 0x0, 0x0, 0x0, 0xb97, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x3, 0x5e, 0xfffffffc, 0x8, 0x0, 0x0, 0x1, 0x3, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0, 0xffff8000, 0x0, 0xffffffff, 0x1, 0x0, 0x9, 0x0, 0x0, 0x4, 0x6, 0x9, 0x0, 0x0, 0x0, 0x0, 0x40000002, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x5, 0x0, 0x0, 0x100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x7, 0x0, 0x0, 0xffffffff, 0xffff, 0x0, 0x0, 0xb3c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800000, 0x0, 0x0, 0x0, 0x9, 0x1, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x2, 0x0, 0x0, 0x0, 0x400, 0x0, 0x0, 0xd79, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x4, 0x7, 0x100, 0x0, 0x8, 0xfffffffd, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x6, 0x8, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe6]}, @TCA_TBF_PARMS={0x28, 0x1, {{0x1, 0x0, 0x0, 0x0, 0x0, 0x5f}, {0xff, 0x2, 0x0, 0x0, 0x19, 0x40000000}, 0x0, 0x7f}}]}}]}, 0x45c}, 0x1, 0x0, 0x0, 0x8000}, 0x0) kernel console output (not intermixed with test programs): _do_update_inode:5254: inode #16: comm syz.2.197: corrupted inode contents [ 106.394860][ T5041] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #16: comm syz.2.197: mark_inode_dirty error [ 106.416731][ T5044] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check. [ 106.438992][ T5041] EXT4-fs error (device loop2): ext4_do_update_inode:5254: inode #16: comm syz.2.197: corrupted inode contents [ 106.465241][ T5041] EXT4-fs error (device loop2) in ext4_orphan_del:305: Corrupt filesystem [ 106.487534][ T5041] EXT4-fs error (device loop2): ext4_do_update_inode:5254: inode #16: comm syz.2.197: corrupted inode contents [ 106.529957][ T5041] EXT4-fs error (device loop2): ext4_truncate:4312: inode #16: comm syz.2.197: mark_inode_dirty error [ 106.569099][ T5041] EXT4-fs error (device loop2) in ext4_process_orphan:347: Corrupt filesystem [ 106.591068][ T5041] EXT4-fs (loop2): 1 truncate cleaned up [ 106.630167][ T4385] EXT4-fs error (device loop2): ext4_release_dquot:6850: comm kworker/u4:8: Failed to release dquot type 1 [ 106.658400][ T5041] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 106.850962][ T4266] EXT4-fs (loop2): unmounting filesystem. [ 107.155168][ T5058] loop0: detected capacity change from 0 to 128 [ 107.203986][ T5058] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 107.353242][ T5061] loop3: detected capacity change from 0 to 512 [ 107.361195][ T5061] EXT4-fs: Ignoring removed mblk_io_submit option [ 107.367710][ T5061] EXT4-fs: Ignoring removed bh option [ 107.377643][ T5061] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 107.389146][ T5061] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 107.494585][ T5061] EXT4-fs (loop3): 1 truncate cleaned up [ 107.500406][ T5061] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 108.741509][ T5079] netlink: 'syz.2.208': attribute type 3 has an invalid length. [ 108.821640][ T5079] loop2: detected capacity change from 0 to 512 [ 108.849425][ T5079] journal_path: Lookup failure for './bus' [ 108.865322][ T5079] EXT4-fs: error: could not find journal device path [ 109.006048][ T5079] netem: incorrect gi model size [ 109.015058][ T5079] netem: change failed [ 109.293718][ T5096] loop1: detected capacity change from 0 to 128 [ 109.315441][ T5096] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 109.939413][ T4268] EXT4-fs (loop3): unmounting filesystem. [ 111.262419][ T5121] loop1: detected capacity change from 0 to 128 [ 111.294239][ T5121] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 111.305002][ T5123] netlink: 'syz.2.227': attribute type 3 has an invalid length. [ 111.330595][ T27] kauditd_printk_skb: 87 callbacks suppressed [ 111.330606][ T27] audit: type=1326 audit(1751785113.619:711): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5122 comm="syz.2.227" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8ecf8e929 code=0x7ffc0000 [ 111.403084][ T5123] loop2: detected capacity change from 0 to 512 [ 111.442652][ T5123] journal_path: Lookup failure for './bus' [ 111.449332][ T5123] EXT4-fs: error: could not find journal device path [ 111.457740][ T27] audit: type=1804 audit(1751785113.649:712): pid=5121 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.228" name="/newroot/36/file0/bus" dev="loop1" ino=1048605 res=1 errno=0 [ 111.511092][ T5123] netem: incorrect gi model size [ 111.516509][ T5123] netem: change failed [ 111.549462][ T27] audit: type=1800 audit(1751785113.649:713): pid=5121 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.228" name="bus" dev="loop1" ino=1048605 res=0 errno=0 [ 111.662442][ T27] audit: type=1326 audit(1751785113.649:714): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5122 comm="syz.2.227" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fe8ecf8e929 code=0x7ffc0000 [ 111.776346][ T27] audit: type=1326 audit(1751785113.649:715): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5122 comm="syz.2.227" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8ecf8e929 code=0x7ffc0000 [ 111.970021][ T27] audit: type=1326 audit(1751785113.659:716): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5122 comm="syz.2.227" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe8ecf8e929 code=0x7ffc0000 [ 111.996494][ T27] audit: type=1326 audit(1751785113.659:717): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5122 comm="syz.2.227" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8ecf8e929 code=0x7ffc0000 [ 112.038212][ T27] audit: type=1326 audit(1751785113.659:718): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5122 comm="syz.2.227" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe8ecf8e929 code=0x7ffc0000 [ 112.068556][ T5142] syz.2.236[5142] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 112.068652][ T5142] syz.2.236[5142] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 112.080983][ T27] audit: type=1326 audit(1751785113.659:719): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5122 comm="syz.2.227" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8ecf8e929 code=0x7ffc0000 [ 112.166590][ T27] audit: type=1326 audit(1751785113.659:720): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5122 comm="syz.2.227" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe8ecf8e929 code=0x7ffc0000 [ 112.424776][ T5157] loop2: detected capacity change from 0 to 128 [ 112.497514][ T5155] loop3: detected capacity change from 0 to 512 [ 112.504577][ T5155] EXT4-fs: Ignoring removed mblk_io_submit option [ 112.511102][ T5155] EXT4-fs: Ignoring removed bh option [ 112.523084][ T5155] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 112.534669][ T5155] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 112.584242][ T5157] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 112.637689][ T5155] EXT4-fs (loop3): 1 truncate cleaned up [ 112.644172][ T5155] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 112.878025][ T5163] netlink: 4 bytes leftover after parsing attributes in process `syz.4.243'. [ 112.915670][ T5163] netlink: 4 bytes leftover after parsing attributes in process `syz.4.243'. [ 113.016812][ T5167] netlink: 'syz.1.245': attribute type 3 has an invalid length. [ 113.060234][ T4268] EXT4-fs (loop3): unmounting filesystem. [ 113.100369][ T5167] loop1: detected capacity change from 0 to 512 [ 113.118499][ T5167] journal_path: Lookup failure for './bus' [ 113.137112][ T5167] EXT4-fs: error: could not find journal device path [ 113.156817][ T5167] netem: incorrect gi model size [ 113.178064][ T5148] loop0: detected capacity change from 0 to 512 [ 113.189832][ T5167] netem: change failed [ 113.288195][ T4400] blk_print_req_error: 23 callbacks suppressed [ 113.288209][ T4400] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 113.353119][ T5179] loop4: detected capacity change from 0 to 128 [ 113.446542][ T5182] netlink: 72 bytes leftover after parsing attributes in process `syz.1.250'. [ 113.510757][ T5182] netlink: 72 bytes leftover after parsing attributes in process `syz.1.250'. [ 113.566391][ T5188] netlink: 4 bytes leftover after parsing attributes in process `syz.4.248'. [ 113.857335][ T5195] loop2: detected capacity change from 0 to 128 [ 113.889921][ T5195] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 114.155050][ T5206] loop0: detected capacity change from 0 to 512 [ 114.219539][ T5206] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 114.251080][ T5206] ext4 filesystem being mounted at /50/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 114.421144][ T4269] EXT4-fs (loop0): unmounting filesystem. [ 114.663956][ T5215] loop2: detected capacity change from 0 to 512 [ 114.671026][ T5215] EXT4-fs: Ignoring removed mblk_io_submit option [ 114.677456][ T5215] EXT4-fs: Ignoring removed bh option [ 114.686618][ T5215] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 114.698639][ T5215] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 114.816100][ T5215] EXT4-fs (loop2): 1 truncate cleaned up [ 114.823229][ T5215] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 114.863240][ T5220] netlink: 'syz.0.261': attribute type 3 has an invalid length. [ 114.929462][ T5223] loop1: detected capacity change from 0 to 736 [ 114.943609][ T5220] loop0: detected capacity change from 0 to 512 [ 114.964070][ T5220] journal_path: Lookup failure for './bus' [ 115.009366][ T5220] EXT4-fs: error: could not find journal device path [ 115.080057][ T5220] netem: incorrect gi model size [ 115.085107][ T5220] netem: change failed [ 115.199776][ T4402] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 115.222635][ T5229] loop4: detected capacity change from 0 to 128 [ 115.286950][ T5229] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 115.467453][ T4266] EXT4-fs (loop2): unmounting filesystem. [ 115.476791][ T5233] loop0: detected capacity change from 0 to 128 [ 115.658081][ T5239] netlink: 4 bytes leftover after parsing attributes in process `syz.0.269'. [ 116.190423][ T5262] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(4) [ 116.197174][ T5262] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 116.216306][ T5264] netlink: 'syz.4.280': attribute type 3 has an invalid length. [ 116.274266][ T5264] loop4: detected capacity change from 0 to 512 [ 116.312095][ T5262] vhci_hcd vhci_hcd.0: Device attached [ 116.332023][ T5264] journal_path: Lookup failure for './bus' [ 116.354386][ T5264] EXT4-fs: error: could not find journal device path [ 116.392824][ T27] kauditd_printk_skb: 204 callbacks suppressed [ 116.392836][ T27] audit: type=1326 audit(1751785118.679:925): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5263 comm="syz.4.280" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f2a4ff8d290 code=0x7ffc0000 [ 116.432860][ T5264] netem: incorrect gi model size [ 116.437822][ T5264] netem: change failed [ 116.450606][ T5265] vhci_hcd: connection closed [ 116.452170][ T4354] vhci_hcd: stop threads [ 116.503787][ T4354] vhci_hcd: release socket [ 116.520665][ T27] audit: type=1326 audit(1751785118.679:926): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5263 comm="syz.4.280" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f2a4ff8e52b code=0x7ffc0000 [ 116.524882][ T4354] vhci_hcd: disconnect device [ 116.689898][ T5276] syz.4.284[5276] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 116.689987][ T5276] syz.4.284[5276] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 116.732953][ T27] audit: type=1326 audit(1751785118.679:927): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5263 comm="syz.4.280" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f2a4ff8d58a code=0x7ffc0000 [ 116.764849][ T5273] loop0: detected capacity change from 0 to 512 [ 116.781931][ T5279] atomic_op ffff88801e670998 conn xmit_atomic 0000000000000000 [ 116.820094][ T5281] syz.1.286[5281] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 116.820182][ T5281] syz.1.286[5281] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 116.845438][ T27] audit: type=1326 audit(1751785118.679:928): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5263 comm="syz.4.280" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a4ff8e929 code=0x7ffc0000 [ 116.865051][ T5273] EXT4-fs: Ignoring removed mblk_io_submit option [ 116.889464][ T27] audit: type=1326 audit(1751785118.679:929): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5263 comm="syz.4.280" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a4ff8e929 code=0x7ffc0000 [ 116.965855][ T27] audit: type=1326 audit(1751785118.719:930): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5263 comm="syz.4.280" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2a4ff8e929 code=0x7ffc0000 [ 117.038131][ T27] audit: type=1326 audit(1751785118.719:931): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5263 comm="syz.4.280" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a4ff8e929 code=0x7ffc0000 [ 117.061025][ T5273] EXT4-fs: Ignoring removed bh option [ 117.075011][ T5273] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 117.142004][ T5290] loop3: detected capacity change from 0 to 128 [ 117.158949][ T27] audit: type=1326 audit(1751785118.719:932): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5263 comm="syz.4.280" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f2a4ff8e929 code=0x7ffc0000 [ 117.212991][ T5295] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(4) [ 117.219536][ T5295] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 117.261671][ T5300] netlink: 4 bytes leftover after parsing attributes in process `syz.3.289'. [ 117.282443][ T5273] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 117.309269][ T27] audit: type=1326 audit(1751785118.719:933): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5263 comm="syz.4.280" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a4ff8e929 code=0x7ffc0000 [ 117.312781][ T5295] vhci_hcd vhci_hcd.0: Device attached [ 117.412941][ T27] audit: type=1326 audit(1751785118.719:934): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5263 comm="syz.4.280" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f2a4ff8e929 code=0x7ffc0000 [ 117.436260][ T5273] EXT4-fs (loop0): 1 truncate cleaned up [ 117.476041][ T5273] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 117.507523][ T5296] vhci_hcd: connection closed [ 117.508275][ T11] vhci_hcd: stop threads [ 117.533220][ T11] vhci_hcd: release socket [ 117.544453][ T11] vhci_hcd: disconnect device [ 117.589761][ T4927] usb 41-1: new low-speed USB device number 2 using vhci_hcd [ 117.603582][ T4927] usb 41-1: enqueue for inactive port 0 [ 117.710750][ T4927] vhci_hcd: vhci_device speed not set [ 117.881029][ T5314] loop3: detected capacity change from 0 to 512 [ 117.940543][ T5314] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 117.955026][ T5314] ext4 filesystem being mounted at /46/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 118.078501][ T5314] EXT4-fs error (device loop3): ext4_do_update_inode:5254: inode #2: comm syz.3.293: corrupted inode contents [ 118.180872][ T5314] EXT4-fs error (device loop3): ext4_dirty_inode:6119: inode #2: comm syz.3.293: mark_inode_dirty error [ 118.236771][ T5314] EXT4-fs error (device loop3): ext4_do_update_inode:5254: inode #2: comm syz.3.293: corrupted inode contents [ 118.269824][ T5314] EXT4-fs error (device loop3): __ext4_ext_dirty:202: inode #2: comm syz.3.293: mark_inode_dirty error [ 118.329892][ T5323] netlink: 'syz.2.295': attribute type 3 has an invalid length. [ 118.397989][ T5323] loop2: detected capacity change from 0 to 512 [ 118.424584][ T5323] journal_path: Lookup failure for './bus' [ 118.425180][ T4268] EXT4-fs (loop3): unmounting filesystem. [ 118.437365][ T5328] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.297'. [ 118.439823][ T5323] EXT4-fs: error: could not find journal device path [ 118.464937][ T4269] EXT4-fs (loop0): unmounting filesystem. [ 118.536539][ T5325] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.297'. [ 118.589462][ T5323] netem: incorrect gi model size [ 118.614754][ T5323] netem: change failed [ 118.635271][ T5333] syz.3.299[5333] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 118.635363][ T5333] syz.3.299[5333] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 118.708532][ T5334] loop4: detected capacity change from 0 to 1024 [ 118.780411][ T5334] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 118.919631][ T5334] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters [ 118.940331][ T5334] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28 [ 118.953775][ T5334] EXT4-fs (loop4): This should not happen!! Data will be lost [ 118.953775][ T5334] [ 118.980657][ T5334] EXT4-fs (loop4): Total free blocks count 0 [ 118.999526][ T5334] EXT4-fs (loop4): Free/Dirty block details [ 119.013782][ T5350] loop3: detected capacity change from 0 to 128 [ 119.034423][ T5334] EXT4-fs (loop4): free_blocks=68451041280 [ 119.049832][ T5334] EXT4-fs (loop4): dirty_blocks=80 [ 119.065163][ T5334] EXT4-fs (loop4): Block reservation details [ 119.079930][ T5334] EXT4-fs (loop4): i_reserved_data_blocks=5 [ 119.205377][ T5354] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(4) [ 119.211938][ T5354] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 119.251138][ T4446] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 4 with max blocks 64 with error 28 [ 119.319198][ T5361] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 119.326919][ T5354] vhci_hcd vhci_hcd.0: Device attached [ 119.348330][ T5355] vhci_hcd: connection closed [ 119.349207][ T4446] vhci_hcd: stop threads [ 119.358479][ T4446] vhci_hcd: release socket [ 119.377399][ T4446] vhci_hcd: disconnect device [ 119.813931][ T5370] netlink: 'syz.3.315': attribute type 3 has an invalid length. [ 119.856533][ T5370] loop3: detected capacity change from 0 to 512 [ 119.884997][ T5370] journal_path: Lookup failure for './bus' [ 119.899287][ T5370] EXT4-fs: error: could not find journal device path [ 119.920952][ T5370] netem: incorrect gi model size [ 119.925981][ T5370] netem: change failed [ 120.175381][ T5373] loop4: detected capacity change from 0 to 512 [ 120.297898][ T5373] EXT4-fs: Ignoring removed mblk_io_submit option [ 120.392067][ T5373] EXT4-fs: Ignoring removed bh option [ 120.479341][ T5373] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 120.543306][ T5390] loop2: detected capacity change from 0 to 128 [ 120.606475][ T5373] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 121.035325][ T5373] EXT4-fs (loop4): 1 truncate cleaned up [ 121.065731][ T5373] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 121.519224][ T5400] loop0: detected capacity change from 0 to 1024 [ 121.624166][ T5400] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 121.708635][ T27] kauditd_printk_skb: 116 callbacks suppressed [ 121.708648][ T27] audit: type=1326 audit(1751785123.989:1051): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5405 comm="syz.3.326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e07d8e929 code=0x7ffc0000 [ 121.757747][ T5400] EXT4-fs (loop0): re-mounted. Quota mode: none. [ 121.870464][ T27] audit: type=1326 audit(1751785124.029:1052): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5405 comm="syz.3.326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7f3e07d8e929 code=0x7ffc0000 [ 121.875559][ T5400] EXT4-fs error (device loop0): mb_free_blocks:1815: group 0, inode 18: block 257:freeing already freed block (bit 16); block bitmap corrupt. [ 121.953109][ T27] audit: type=1800 audit(1751785124.029:1053): pid=5400 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.324" name="bus" dev="loop0" ino=18 res=0 errno=0 [ 121.964347][ T5409] netlink: 'syz.2.327': attribute type 3 has an invalid length. [ 122.025877][ T27] audit: type=1326 audit(1751785124.069:1054): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5405 comm="syz.3.326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e07d8e929 code=0x7ffc0000 [ 122.036775][ T5409] loop2: detected capacity change from 0 to 512 [ 122.090691][ T5409] journal_path: Lookup failure for './bus' [ 122.110066][ T27] audit: type=1326 audit(1751785124.109:1055): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5405 comm="syz.3.326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=247 compat=0 ip=0x7f3e07d8e929 code=0x7ffc0000 [ 122.126944][ T5409] EXT4-fs: error: could not find journal device path [ 122.158201][ T5409] netem: incorrect gi model size [ 122.189895][ T27] audit: type=1326 audit(1751785124.109:1056): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5405 comm="syz.3.326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e07d8e929 code=0x7ffc0000 [ 122.191599][ T5409] netem: change failed [ 122.269536][ T4269] EXT4-fs (loop0): unmounting filesystem. [ 122.271806][ T27] audit: type=1326 audit(1751785124.109:1057): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5405 comm="syz.3.326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e07d8e929 code=0x7ffc0000 [ 122.331870][ T5412] netlink: 'syz.3.329': attribute type 13 has an invalid length. [ 122.346920][ T27] audit: type=1326 audit(1751785124.119:1058): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5407 comm="syz.3.326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f3e07dc11e5 code=0x7ffc0000 [ 122.408052][ T27] audit: type=1326 audit(1751785124.269:1059): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5407 comm="syz.3.326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=60 compat=0 ip=0x7f3e07d8e929 code=0x7ffc0000 [ 122.466121][ T27] audit: type=1326 audit(1751785124.299:1060): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5408 comm="syz.2.327" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8ecf8e929 code=0x7ffc0000 [ 122.516106][ T5412] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 122.533850][ T5414] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(4) [ 122.540393][ T5414] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 122.557719][ T5421] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 122.590397][ T5414] vhci_hcd vhci_hcd.0: Device attached [ 122.597696][ T5412] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 122.632923][ T5417] vhci_hcd: connection closed [ 122.633776][ T4384] vhci_hcd: stop threads [ 122.681547][ T4384] vhci_hcd: release socket [ 122.699853][ T4384] vhci_hcd: disconnect device [ 122.826694][ T4267] EXT4-fs (loop4): unmounting filesystem. [ 122.898148][ T4375] vhci_hcd: vhci_device speed not set [ 123.913362][ T5445] loop4: detected capacity change from 0 to 1024 [ 123.938042][ T5443] loop1: detected capacity change from 0 to 1024 [ 123.951145][ T5445] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 124.097834][ T5450] netlink: 'syz.0.341': attribute type 3 has an invalid length. [ 124.128015][ T5445] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 124.149908][ T5443] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 124.231082][ T5450] loop0: detected capacity change from 0 to 512 [ 124.240067][ T5443] EXT4-fs (loop1): re-mounted. Quota mode: none. [ 124.271731][ T5450] journal_path: Lookup failure for './bus' [ 124.309383][ T5443] EXT4-fs error (device loop1): mb_free_blocks:1815: group 0, inode 18: block 257:freeing already freed block (bit 16); block bitmap corrupt. [ 124.339531][ T5450] EXT4-fs: error: could not find journal device path [ 124.352073][ T4267] EXT4-fs (loop4): unmounting filesystem. [ 124.444373][ T5450] netem: incorrect gi model size [ 124.468301][ T5450] netem: change failed [ 124.555931][ T4265] EXT4-fs (loop1): unmounting filesystem. [ 124.917784][ T5467] loop4: detected capacity change from 0 to 512 [ 124.939129][ T5467] EXT4-fs: Ignoring removed mblk_io_submit option [ 124.961993][ T5467] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 125.044599][ T5467] EXT4-fs warning (device loop4): ext4_expand_extra_isize_ea:2818: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 125.097491][ T5472] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(4) [ 125.100421][ T5467] EXT4-fs (loop4): 1 truncate cleaned up [ 125.104033][ T5472] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 125.109655][ T5467] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 125.129830][ T5472] vhci_hcd vhci_hcd.0: Device attached [ 125.374426][ T5473] vhci_hcd: connection closed [ 125.375663][ T4449] vhci_hcd: stop threads [ 125.469410][ T4339] usb 39-1: new low-speed USB device number 3 using vhci_hcd [ 125.516646][ T4449] vhci_hcd: release socket [ 125.564364][ T4449] vhci_hcd: disconnect device [ 125.859288][ T5467] netlink: 32 bytes leftover after parsing attributes in process `syz.4.348'. [ 125.886503][ T5479] loop1: detected capacity change from 0 to 512 [ 125.931300][ T5479] EXT4-fs: Ignoring removed mblk_io_submit option [ 125.983609][ T5479] EXT4-fs: Ignoring removed bh option [ 126.010410][ T4267] EXT4-fs (loop4): unmounting filesystem. [ 126.012012][ T5479] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 126.159168][ T5479] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 127.490207][ T5498] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 127.611221][ T5479] EXT4-fs (loop1): 1 truncate cleaned up [ 127.646190][ T5479] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 127.774306][ T5509] netlink: 'syz.0.357': attribute type 3 has an invalid length. [ 127.804254][ T27] kauditd_printk_skb: 62 callbacks suppressed [ 127.804266][ T27] audit: type=1326 audit(1751785130.089:1123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5508 comm="syz.0.357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42c038e929 code=0x7ffc0000 [ 127.858642][ T5511] loop3: detected capacity change from 0 to 1024 [ 127.875434][ T5509] loop0: detected capacity change from 0 to 512 [ 127.903559][ T5509] journal_path: Lookup failure for './bus' [ 127.909397][ T5509] EXT4-fs: error: could not find journal device path [ 127.926128][ T5511] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 127.966417][ T27] audit: type=1326 audit(1751785130.129:1124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5508 comm="syz.0.357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f42c038e929 code=0x7ffc0000 [ 128.008577][ T5517] netlink: 12 bytes leftover after parsing attributes in process `syz.4.359'. [ 128.083084][ T5520] EXT4-fs (loop3): re-mounted. Quota mode: none. [ 128.110029][ T27] audit: type=1326 audit(1751785130.129:1125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5508 comm="syz.0.357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42c038e929 code=0x7ffc0000 [ 128.111845][ T5511] EXT4-fs error (device loop3): mb_free_blocks:1815: group 0, inode 18: block 257:freeing already freed block (bit 16); block bitmap corrupt. [ 128.154617][ T5517] 8021q: adding VLAN 0 to HW filter on device bond1 [ 128.177933][ T5509] netem: incorrect gi model size [ 128.189169][ T5509] netem: change failed [ 128.228749][ T27] audit: type=1326 audit(1751785130.129:1126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5508 comm="syz.0.357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f42c038e929 code=0x7ffc0000 [ 128.293992][ T4265] EXT4-fs (loop1): unmounting filesystem. [ 128.362819][ T27] audit: type=1326 audit(1751785130.129:1127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5508 comm="syz.0.357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42c038e929 code=0x7ffc0000 [ 128.433181][ T5525] loop2: detected capacity change from 0 to 128 [ 128.497954][ T4268] EXT4-fs (loop3): unmounting filesystem. [ 128.503988][ T27] audit: type=1326 audit(1751785130.129:1128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5508 comm="syz.0.357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f42c038e929 code=0x7ffc0000 [ 128.527595][ T5525] netlink: 4 bytes leftover after parsing attributes in process `syz.2.363'. [ 128.579131][ T27] audit: type=1326 audit(1751785130.129:1129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5508 comm="syz.0.357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42c038e929 code=0x7ffc0000 [ 128.601780][ T27] audit: type=1326 audit(1751785130.129:1130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5508 comm="syz.0.357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f42c038e929 code=0x7ffc0000 [ 128.627159][ T27] audit: type=1326 audit(1751785130.129:1131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5508 comm="syz.0.357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42c038e929 code=0x7ffc0000 [ 128.649986][ T27] audit: type=1326 audit(1751785130.129:1132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5508 comm="syz.0.357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f42c038e929 code=0x7ffc0000 [ 129.632651][ T5547] netlink: 'syz.0.369': attribute type 1 has an invalid length. [ 129.712295][ T5547] 8021q: adding VLAN 0 to HW filter on device bond1 [ 129.746264][ T5550] bond1: (slave veth3): Enslaving as an active interface with a down link [ 129.760510][ T5547] 8021q: adding VLAN 0 to HW filter on device batadv1 [ 129.767607][ T5547] bond1: (slave batadv1): dev_set_mac_address on slave failed! ALB mode requires that the base driver support setting the hw address also when the network device's interface is open [ 129.850551][ T5556] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 129.864329][ T5550] netlink: 8 bytes leftover after parsing attributes in process `syz.0.369'. [ 129.950569][ T5554] loop2: detected capacity change from 0 to 512 [ 129.957640][ T5554] EXT4-fs: Ignoring removed mblk_io_submit option [ 129.964285][ T5554] EXT4-fs: Ignoring removed bh option [ 129.975147][ T5554] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 129.986596][ T5554] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 130.016995][ T5554] EXT4-fs (loop2): 1 truncate cleaned up [ 130.022880][ T5554] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 130.075684][ T5562] loop4: detected capacity change from 0 to 512 [ 130.125840][ T5562] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 130.126887][ T4266] EXT4-fs (loop2): unmounting filesystem. [ 130.196523][ T5562] EXT4-fs error (device loop4): ext4_ext_check_inode:520: inode #4: comm syz.4.373: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0) [ 130.286019][ T5562] EXT4-fs (loop4): Remounting filesystem read-only [ 130.314514][ T5562] EXT4-fs error (device loop4): ext4_quota_enable:7025: comm syz.4.373: Bad quota inode: 4, type: 1 [ 130.333007][ T5568] netlink: 'syz.1.375': attribute type 3 has an invalid length. [ 130.345074][ T5562] EXT4-fs (loop4): Remounting filesystem read-only [ 130.374243][ T5562] EXT4-fs warning (device loop4): ext4_enable_quotas:7066: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 130.397087][ T5568] loop1: detected capacity change from 0 to 512 [ 130.409486][ T5568] journal_path: Lookup failure for './bus' [ 130.421854][ T5568] EXT4-fs: error: could not find journal device path [ 130.440242][ T5568] netem: incorrect gi model size [ 130.458970][ T5562] EXT4-fs (loop4): mount failed [ 130.466267][ T5568] netem: change failed [ 130.651001][ T4339] vhci_hcd: vhci_device speed not set [ 130.673444][ T5572] netlink: 48 bytes leftover after parsing attributes in process `syz.2.377'. [ 130.800744][ T5575] device gretap0 left promiscuous mode [ 130.812901][ T5575] bridge0: port 3(gretap0) entered disabled state [ 130.849503][ T5575] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 130.858992][ T5575] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 130.867332][ T5575] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 130.881825][ T5575] device bridge_slave_0 left promiscuous mode [ 130.888046][ T5575] bridge0: port 1(bridge_slave_0) entered disabled state [ 130.977386][ T5575] device bridge_slave_1 left promiscuous mode [ 130.998611][ T5575] bridge0: port 2(bridge_slave_1) entered disabled state [ 131.025691][ T5575] bond0: (slave bond_slave_0): Releasing backup interface [ 131.043498][ T5575] bond0: (slave bond_slave_1): Releasing backup interface [ 131.125683][ T5575] team0: Port device team_slave_0 removed [ 131.159400][ T5594] loop3: detected capacity change from 0 to 512 [ 131.172001][ T5594] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 131.183662][ T5575] team0: Port device team_slave_1 removed [ 131.197912][ T5575] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 131.207684][ T5594] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a802e01c, mo2=0002] [ 131.215074][ T5575] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 131.228558][ T5594] System zones: 1-12 [ 131.234416][ T5594] EXT4-fs (loop3): orphan cleanup on readonly fs [ 131.246576][ T5594] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.384: bg 0: block 361: padding at end of block bitmap is not set [ 131.255492][ T5575] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 131.268624][ T5575] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 131.272233][ T5594] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6170: Corrupt filesystem [ 131.296294][ T5575] bond1: (slave veth3): Releasing active interface [ 131.313701][ T5594] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #11: comm syz.3.384: invalid indirect mapped block 12 (level 1) [ 131.368216][ T5594] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #11: comm syz.3.384: invalid indirect mapped block 2 (level 2) [ 131.403689][ T5590] Zero length message leads to an empty skb [ 131.435855][ T5594] EXT4-fs (loop3): 1 truncate cleaned up [ 131.462553][ T5594] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 131.545461][ T5589] EXT4-fs (loop3): ext4_remount: Checksum for group 0 failed (17031!=33349) [ 131.616124][ T5607] netlink: 'syz.0.391': attribute type 3 has an invalid length. [ 131.641064][ T5607] loop0: detected capacity change from 0 to 512 [ 131.655589][ T4268] EXT4-fs (loop3): unmounting filesystem. [ 131.663257][ T5607] journal_path: Lookup failure for './bus' [ 131.678713][ T5607] EXT4-fs: error: could not find journal device path [ 131.811688][ T5607] netem: incorrect gi model size [ 131.816672][ T5607] netem: change failed [ 131.925177][ T5613] netlink: 48 bytes leftover after parsing attributes in process `syz.4.393'. [ 132.507230][ T5634] sg_write: data in/out 2012/14 bytes for SCSI command 0x0-- guessing data in; [ 132.507230][ T5634] program syz.1.401 not setting count and/or reply_len properly [ 132.590353][ T1273] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.596711][ T1273] ieee802154 phy1 wpan1: encryption failed: -22 [ 132.655019][ T14] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 133.474684][ T27] kauditd_printk_skb: 173 callbacks suppressed [ 133.474698][ T27] audit: type=1326 audit(1751785135.759:1306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5644 comm="syz.1.407" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64ebd8e929 code=0x7ffc0000 [ 133.564287][ T14] usb 3-1: unable to read config index 0 descriptor/start: -61 [ 133.572168][ T14] usb 3-1: can't read configurations, error -61 [ 133.589840][ T5643] netlink: 'syz.0.406': attribute type 3 has an invalid length. [ 133.633272][ T27] audit: type=1326 audit(1751785135.799:1307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5644 comm="syz.1.407" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f64ebd8e929 code=0x7ffc0000 [ 133.638912][ T5646] loop0: detected capacity change from 0 to 512 [ 133.706726][ T5648] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(4) [ 133.713273][ T5648] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 133.719765][ T14] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 133.735919][ T5648] vhci_hcd vhci_hcd.0: Device attached [ 133.768436][ T27] audit: type=1326 audit(1751785135.799:1308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5644 comm="syz.1.407" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64ebd8e929 code=0x7ffc0000 [ 133.819973][ T5646] journal_path: Lookup failure for './bus' [ 133.840558][ T5646] EXT4-fs: error: could not find journal device path [ 133.857463][ T5649] vhci_hcd: connection closed [ 133.883698][ T41] vhci_hcd: stop threads [ 133.900887][ T27] audit: type=1326 audit(1751785135.799:1309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5644 comm="syz.1.407" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64ebd8e929 code=0x7ffc0000 [ 133.932349][ T27] audit: type=1326 audit(1751785135.799:1310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5644 comm="syz.1.407" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f64ebd8e929 code=0x7ffc0000 [ 133.937074][ T14] usb 3-1: unable to read config index 0 descriptor/start: -61 [ 133.955773][ T5643] netem: incorrect gi model size [ 133.968104][ T41] vhci_hcd: release socket [ 133.972681][ T41] vhci_hcd: disconnect device [ 133.994744][ T14] usb 3-1: can't read configurations, error -61 [ 134.001186][ T5643] netem: change failed [ 134.013993][ T14] usb usb3-port1: attempt power cycle [ 134.029763][ T4256] usb 41-1: new low-speed USB device number 3 using vhci_hcd [ 134.040139][ T27] audit: type=1326 audit(1751785135.799:1311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5644 comm="syz.1.407" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64ebd8e929 code=0x7ffc0000 [ 134.063215][ T4256] usb 41-1: enqueue for inactive port 0 [ 134.064461][ T27] audit: type=1326 audit(1751785135.799:1312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5644 comm="syz.1.407" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64ebd8e929 code=0x7ffc0000 [ 134.157941][ T27] audit: type=1326 audit(1751785135.799:1313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5644 comm="syz.1.407" exe="/root/syz-executor" sig=0 arch=c000003e syscall=218 compat=0 ip=0x7f64ebd8e929 code=0x7ffc0000 [ 134.188920][ T27] audit: type=1326 audit(1751785135.799:1314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5644 comm="syz.1.407" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64ebd8e929 code=0x7ffc0000 [ 134.216292][ T4256] vhci_hcd: vhci_device speed not set [ 134.250580][ T27] audit: type=1326 audit(1751785135.799:1315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5644 comm="syz.1.407" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64ebd8e929 code=0x7ffc0000 [ 134.447232][ T5666] loop1: detected capacity change from 0 to 128 [ 134.509831][ T14] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 134.548229][ T14] usb 3-1: unable to read config index 0 descriptor/start: -61 [ 134.558244][ T14] usb 3-1: can't read configurations, error -61 [ 134.588712][ T5666] netlink: 4 bytes leftover after parsing attributes in process `syz.1.414'. [ 134.720159][ T14] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 134.771202][ T14] usb 3-1: unable to read config index 0 descriptor/start: -61 [ 134.785557][ T14] usb 3-1: can't read configurations, error -61 [ 134.803803][ T14] usb usb3-port1: unable to enumerate USB device [ 134.941186][ T5680] device veth1_to_bond entered promiscuous mode [ 134.961419][ T5680] device veth1_to_bond left promiscuous mode [ 136.267567][ T5698] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(4) [ 136.274123][ T5698] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 136.321224][ T5698] vhci_hcd vhci_hcd.0: Device attached [ 136.409770][ T5699] vhci_hcd: connection closed [ 136.411916][ T71] vhci_hcd: stop threads [ 136.429471][ T71] vhci_hcd: release socket [ 136.448480][ T5707] netlink: 'syz.4.427': attribute type 1 has an invalid length. [ 136.464755][ T71] vhci_hcd: disconnect device [ 136.478218][ T5707] 8021q: adding VLAN 0 to HW filter on device bond2 [ 136.563489][ T5710] bridge0: port 1(gretap0) entered blocking state [ 136.570313][ T5710] bridge0: port 1(gretap0) entered disabled state [ 136.584975][ T5710] device gretap0 entered promiscuous mode [ 136.593736][ T5710] bridge0: port 1(gretap0) entered blocking state [ 136.600260][ T5710] bridge0: port 1(gretap0) entered forwarding state [ 137.160234][ T129] vhci_hcd: vhci_device speed not set [ 137.243427][ T5707] bond2: (slave veth3): Enslaving as an active interface with a down link [ 137.333583][ T5707] 8021q: adding VLAN 0 to HW filter on device batadv1 [ 137.341712][ T5707] bond2: (slave batadv1): dev_set_mac_address on slave failed! ALB mode requires that the base driver support setting the hw address also when the network device's interface is open [ 137.370753][ T5715] loop2: detected capacity change from 0 to 128 [ 137.441036][ T5719] netlink: 8 bytes leftover after parsing attributes in process `syz.4.427'. [ 137.461031][ T5720] netlink: 4 bytes leftover after parsing attributes in process `syz.2.430'. [ 137.638781][ T5722] loop1: detected capacity change from 0 to 8192 [ 137.731632][ T5722] netlink: 'syz.1.431': attribute type 8 has an invalid length. [ 138.705432][ T27] kauditd_printk_skb: 52 callbacks suppressed [ 138.705537][ T27] audit: type=1326 audit(1751785140.989:1368): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5740 comm="syz.4.438" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a4ff8e929 code=0x7ffc0000 [ 139.143037][ T27] audit: type=1326 audit(1751785141.139:1369): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5740 comm="syz.4.438" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a4ff8e929 code=0x7ffc0000 [ 139.183891][ T5748] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(4) [ 139.190441][ T5748] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 139.221619][ T5752] loop0: detected capacity change from 0 to 512 [ 139.233293][ T5748] vhci_hcd vhci_hcd.0: Device attached [ 139.262470][ T5749] vhci_hcd: connection closed [ 139.262707][ T4350] vhci_hcd: stop threads [ 139.272119][ T4350] vhci_hcd: release socket [ 139.276554][ T4350] vhci_hcd: disconnect device [ 139.282045][ T27] audit: type=1326 audit(1751785141.139:1370): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5740 comm="syz.4.438" exe="/root/syz-executor" sig=0 arch=c000003e syscall=158 compat=0 ip=0x7f2a4ff8e929 code=0x7ffc0000 [ 139.455571][ T27] audit: type=1326 audit(1751785141.139:1371): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5740 comm="syz.4.438" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a4ff8e929 code=0x7ffc0000 [ 139.525182][ T5752] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 139.559881][ T5752] ext4 filesystem being mounted at /88/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 139.627809][ T5766] loop2: detected capacity change from 0 to 512 [ 139.664550][ T5766] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 139.736091][ T4269] EXT4-fs (loop0): unmounting filesystem. [ 139.753322][ T5766] EXT4-fs error (device loop2): ext4_ext_check_inode:520: inode #4: comm syz.2.444: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0) [ 139.782155][ T5766] EXT4-fs (loop2): Remounting filesystem read-only [ 139.788820][ T5766] EXT4-fs error (device loop2): ext4_quota_enable:7025: comm syz.2.444: Bad quota inode: 4, type: 1 [ 139.805342][ T5766] EXT4-fs (loop2): Remounting filesystem read-only [ 139.816809][ T5770] loop3: detected capacity change from 0 to 128 [ 139.875178][ T5766] EXT4-fs warning (device loop2): ext4_enable_quotas:7066: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 139.960954][ T5766] EXT4-fs (loop2): mount failed [ 139.969660][ T5778] netlink: 4 bytes leftover after parsing attributes in process `syz.3.446'. [ 140.117417][ T5782] netlink: 'syz.1.451': attribute type 3 has an invalid length. [ 140.136594][ T27] audit: type=1326 audit(1751785142.419:1372): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5781 comm="syz.1.451" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64ebd8e929 code=0x7ffc0000 [ 140.257404][ T5782] loop1: detected capacity change from 0 to 512 [ 140.265096][ T27] audit: type=1326 audit(1751785142.449:1373): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5781 comm="syz.1.451" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f64ebd8e929 code=0x7ffc0000 [ 140.286483][ T5782] journal_path: Lookup failure for './bus' [ 140.317679][ T27] audit: type=1326 audit(1751785142.449:1374): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5781 comm="syz.1.451" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64ebd8e929 code=0x7ffc0000 [ 140.341989][ T5782] EXT4-fs: error: could not find journal device path [ 140.454759][ T5782] netem: incorrect gi model size [ 140.486303][ T27] audit: type=1326 audit(1751785142.449:1375): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5781 comm="syz.1.451" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f64ebd8e929 code=0x7ffc0000 [ 140.509435][ T5782] netem: change failed [ 140.569221][ T27] audit: type=1326 audit(1751785142.449:1376): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5781 comm="syz.1.451" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64ebd8e929 code=0x7ffc0000 [ 141.087485][ T27] audit: type=1326 audit(1751785142.449:1377): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5781 comm="syz.1.451" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f64ebd8e929 code=0x7ffc0000 [ 141.302616][ T5799] loop3: detected capacity change from 0 to 128 [ 141.356485][ T5799] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 141.649384][ T5810] loop1: detected capacity change from 0 to 512 [ 141.657259][ T51] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 141.680509][ T5810] EXT4-fs: Ignoring removed nomblk_io_submit option [ 141.759835][ T5810] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 141.882480][ T5810] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters [ 141.958178][ T5810] EXT4-fs (loop1): 1 truncate cleaned up [ 141.963976][ T5810] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 142.358920][ T5825] netlink: 'syz.0.469': attribute type 3 has an invalid length. [ 142.497130][ T4265] EXT4-fs (loop1): unmounting filesystem. [ 142.805677][ T5825] loop0: detected capacity change from 0 to 512 [ 142.850409][ T5825] journal_path: Lookup failure for './bus' [ 142.856269][ T5825] EXT4-fs: error: could not find journal device path [ 142.897451][ T5825] netem: incorrect gi model size [ 142.920528][ T5825] netem: change failed [ 142.961247][ T5833] netlink: 8 bytes leftover after parsing attributes in process `syz.2.472'. [ 142.980037][ T5833] netlink: 4 bytes leftover after parsing attributes in process `syz.2.472'. [ 143.118081][ T5838] loop1: detected capacity change from 0 to 128 [ 143.185825][ T5838] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 143.327815][ T4569] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 143.941057][ T5852] loop2: detected capacity change from 0 to 512 [ 143.948034][ T5852] EXT4-fs: Ignoring removed mblk_io_submit option [ 143.954578][ T5852] EXT4-fs: Ignoring removed bh option [ 143.988243][ T5852] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 143.999891][ T5852] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 144.040703][ T5852] EXT4-fs (loop2): 1 truncate cleaned up [ 144.046480][ T5852] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 144.262674][ T4266] EXT4-fs (loop2): unmounting filesystem. [ 144.536745][ T5878] loop4: detected capacity change from 0 to 512 [ 144.638334][ T5878] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 144.684417][ T5888] netlink: 48 bytes leftover after parsing attributes in process `syz.1.488'. [ 144.700377][ T5878] ext4 filesystem being mounted at /105/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 144.971401][ T5896] loop0: detected capacity change from 0 to 256 [ 144.997808][ T5896] FAT-fs (loop0): bogus number of FAT sectors [ 145.005845][ T5896] FAT-fs (loop0): Can't find a valid FAT filesystem [ 145.036063][ T5878] netlink: 24 bytes leftover after parsing attributes in process `syz.4.486'. [ 145.308496][ T4267] EXT4-fs (loop4): unmounting filesystem. [ 145.879628][ T5907] netlink: 'syz.4.494': attribute type 1 has an invalid length. [ 146.099484][ T5907] 8021q: adding VLAN 0 to HW filter on device bond3 [ 146.178585][ T5913] bond3: (slave veth7): Enslaving as an active interface with a down link [ 146.246631][ T5907] 8021q: adding VLAN 0 to HW filter on device batadv1 [ 146.264258][ T5907] bond3: (slave batadv1): dev_set_mac_address on slave failed! ALB mode requires that the base driver support setting the hw address also when the network device's interface is open [ 146.305133][ T27] kauditd_printk_skb: 56 callbacks suppressed [ 146.305146][ T27] audit: type=1326 audit(1751785148.589:1434): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5911 comm="syz.1.496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64ebd8e929 code=0x7ffc0000 [ 146.371872][ T27] audit: type=1326 audit(1751785148.629:1435): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5911 comm="syz.1.496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f64ebd8e929 code=0x7ffc0000 [ 146.437123][ T27] audit: type=1326 audit(1751785148.629:1436): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5911 comm="syz.1.496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64ebd8e929 code=0x7ffc0000 [ 146.515962][ T27] audit: type=1326 audit(1751785148.629:1437): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5911 comm="syz.1.496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64ebd8e929 code=0x7ffc0000 [ 146.694778][ T5929] Bluetooth: MGMT ver 1.22 [ 146.793017][ T5932] netlink: 48 bytes leftover after parsing attributes in process `syz.0.503'. [ 146.830831][ T5935] loop3: detected capacity change from 0 to 512 [ 146.848554][ T5937] netlink: 'syz.4.506': attribute type 1 has an invalid length. [ 146.873739][ T5935] EXT4-fs error (device loop3): ext4_orphan_get:1400: inode #15: comm syz.3.505: casefold flag without casefold feature [ 146.900066][ T5935] EXT4-fs error (device loop3): ext4_orphan_get:1405: comm syz.3.505: couldn't read orphan inode 15 (err -117) [ 146.905008][ T5937] 8021q: adding VLAN 0 to HW filter on device bond4 [ 146.920640][ T5935] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 146.969181][ T27] audit: type=1800 audit(1751785149.249:1438): pid=5935 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.505" name="file2" dev="loop3" ino=18 res=0 errno=0 [ 147.038392][ T5941] bond4: (slave veth9): Enslaving as an active interface with a down link [ 147.079338][ T4268] EXT4-fs (loop3): unmounting filesystem. [ 147.095275][ T5937] 8021q: adding VLAN 0 to HW filter on device batadv1 [ 147.137430][ T5937] bond4: (slave batadv1): dev_set_mac_address on slave failed! ALB mode requires that the base driver support setting the hw address also when the network device's interface is open [ 147.260064][ T27] audit: type=1326 audit(1751785149.509:1439): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5948 comm="syz.0.509" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42c038e929 code=0x7ffc0000 [ 147.329527][ T27] audit: type=1326 audit(1751785149.509:1440): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5948 comm="syz.0.509" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f42c038e929 code=0x7ffc0000 [ 147.360703][ T27] audit: type=1326 audit(1751785149.519:1441): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5948 comm="syz.0.509" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42c038e929 code=0x7ffc0000 [ 147.384028][ T27] audit: type=1326 audit(1751785149.519:1442): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5948 comm="syz.0.509" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f42c038e929 code=0x7ffc0000 [ 147.406463][ T27] audit: type=1326 audit(1751785149.519:1443): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5948 comm="syz.0.509" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42c038e929 code=0x7ffc0000 [ 147.515342][ T5951] loop3: detected capacity change from 0 to 512 [ 147.522435][ T5951] EXT4-fs: Ignoring removed mblk_io_submit option [ 147.528879][ T5951] EXT4-fs: Ignoring removed bh option [ 147.534955][ T5951] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 147.546341][ T5951] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 147.563875][ T5951] EXT4-fs (loop3): 1 truncate cleaned up [ 147.569566][ T5951] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 147.936802][ T5975] loop4: detected capacity change from 0 to 128 [ 148.116186][ T4268] EXT4-fs (loop3): unmounting filesystem. [ 148.124699][ T5975] netlink: 4 bytes leftover after parsing attributes in process `syz.4.520'. [ 148.131648][ T5981] loop2: detected capacity change from 0 to 512 [ 148.142128][ T5981] journal_path: Lookup failure for './file0/../file0' [ 148.148922][ T5981] EXT4-fs: error: could not find journal device path [ 148.300084][ T5988] Invalid ELF header magic: != ELF [ 148.406357][ T5994] netlink: 12 bytes leftover after parsing attributes in process `syz.2.523'. [ 150.251737][ T6015] loop1: detected capacity change from 0 to 512 [ 150.258657][ T6015] EXT4-fs: Ignoring removed mblk_io_submit option [ 150.265198][ T6015] EXT4-fs: Ignoring removed bh option [ 150.272634][ T6015] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 150.284025][ T6015] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 150.308098][ T6020] netlink: 'syz.4.537': attribute type 1 has an invalid length. [ 150.319678][ T6017] loop3: detected capacity change from 0 to 128 [ 150.325587][ T6015] EXT4-fs (loop1): 1 truncate cleaned up [ 150.331998][ T6015] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 150.397625][ T6020] 8021q: adding VLAN 0 to HW filter on device bond5 [ 150.491491][ T6025] bond5: (slave veth11): Enslaving as an active interface with a down link [ 150.528801][ T6028] netlink: 4 bytes leftover after parsing attributes in process `syz.3.536'. [ 150.608427][ T6033] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(4) [ 150.614991][ T6033] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 150.628343][ T6033] vhci_hcd vhci_hcd.0: Device attached [ 150.643035][ T6034] vhci_hcd: cannot find the pending unlink 2 [ 150.649068][ T6034] vhci_hcd: connection closed [ 150.649306][ T4476] vhci_hcd: stop threads [ 150.661535][ T4476] vhci_hcd: release socket [ 150.669349][ T4476] vhci_hcd: disconnect device [ 150.877689][ T4265] EXT4-fs (loop1): unmounting filesystem. [ 151.239082][ T6063] loop0: detected capacity change from 0 to 128 [ 151.322177][ T27] kauditd_printk_skb: 68 callbacks suppressed [ 151.322190][ T27] audit: type=1326 audit(1751785153.609:1512): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6056 comm="syz.1.551" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64ebd8e929 code=0x7ffc0000 [ 151.353595][ T6069] netlink: 4 bytes leftover after parsing attributes in process `syz.0.554'. [ 151.386946][ T27] audit: type=1326 audit(1751785153.649:1513): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6056 comm="syz.1.551" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f64ebd8e929 code=0x7ffc0000 [ 151.459912][ T27] audit: type=1326 audit(1751785153.649:1514): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6056 comm="syz.1.551" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64ebd8e929 code=0x7ffc0000 [ 151.607965][ T27] audit: type=1326 audit(1751785153.649:1515): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6056 comm="syz.1.551" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64ebd8e929 code=0x7ffc0000 [ 151.751344][ T6076] netlink: 48 bytes leftover after parsing attributes in process `syz.0.558'. [ 151.784494][ T6079] netlink: 48 bytes leftover after parsing attributes in process `syz.3.559'. [ 152.299439][ T6092] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(4) [ 152.305990][ T6092] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 152.349887][ T6092] vhci_hcd vhci_hcd.0: Device attached [ 152.360828][ T6096] vhci_hcd: connection closed [ 152.361022][ T41] vhci_hcd: stop threads [ 152.388411][ T41] vhci_hcd: release socket [ 152.392906][ T41] vhci_hcd: disconnect device [ 152.642664][ T6104] loop4: detected capacity change from 0 to 128 [ 152.740241][ T6108] netlink: 4 bytes leftover after parsing attributes in process `syz.4.569'. [ 152.853382][ T6113] netlink: 48 bytes leftover after parsing attributes in process `syz.3.572'. [ 152.871356][ T6115] loop1: detected capacity change from 0 to 512 [ 152.925207][ T6115] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 152.939903][ T6115] ext4 filesystem being mounted at /106/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 153.182067][ T6129] netlink: 'syz.0.576': attribute type 3 has an invalid length. [ 153.222263][ T27] audit: type=1326 audit(1751785155.509:1516): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6124 comm="syz.0.576" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42c038e929 code=0x7ffc0000 [ 153.691259][ T27] audit: type=1326 audit(1751785155.659:1517): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6124 comm="syz.0.576" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f42c038e929 code=0x7ffc0000 [ 153.748806][ T27] audit: type=1326 audit(1751785155.669:1518): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6124 comm="syz.0.576" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42c038e929 code=0x7ffc0000 [ 153.771068][ C0] vkms_vblank_simulate: vblank timer overrun [ 153.798919][ T27] audit: type=1326 audit(1751785155.699:1519): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6124 comm="syz.0.576" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f42c038e929 code=0x7ffc0000 [ 153.821174][ C0] vkms_vblank_simulate: vblank timer overrun [ 153.918252][ T6129] loop0: detected capacity change from 0 to 512 [ 153.954203][ T6129] journal_path: Lookup failure for './bus' [ 153.993422][ T6129] EXT4-fs: error: could not find journal device path [ 154.079095][ T6129] netem: incorrect gi model size [ 154.089150][ T6129] netem: change failed [ 154.109231][ T27] audit: type=1326 audit(1751785155.709:1520): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6124 comm="syz.0.576" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42c038e929 code=0x7ffc0000 [ 154.132487][ T27] audit: type=1326 audit(1751785155.719:1521): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6124 comm="syz.0.576" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f42c038e929 code=0x7ffc0000 [ 154.154715][ C0] vkms_vblank_simulate: vblank timer overrun [ 154.189495][ T6115] netlink: 24 bytes leftover after parsing attributes in process `syz.1.571'. [ 154.423424][ T6150] netlink: 48 bytes leftover after parsing attributes in process `syz.3.584'. [ 154.445223][ T6152] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(4) [ 154.451769][ T6152] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 154.470745][ T6152] vhci_hcd vhci_hcd.0: Device attached [ 154.508682][ T6153] vhci_hcd: connection closed [ 154.508990][ T4350] vhci_hcd: stop threads [ 154.528200][ T4350] vhci_hcd: release socket [ 154.538323][ T4350] vhci_hcd: disconnect device [ 154.551418][ T4265] EXT4-fs (loop1): unmounting filesystem. [ 154.695979][ T6163] netlink: 4 bytes leftover after parsing attributes in process `syz.3.586'. [ 155.055038][ T6169] netlink: 'syz.3.589': attribute type 1 has an invalid length. [ 155.159585][ T6169] 8021q: adding VLAN 0 to HW filter on device bond1 [ 155.212408][ T6172] bond1: (slave batadv1): Error -99 calling set_mac_address [ 156.511666][ T6183] netlink: 'syz.0.593': attribute type 3 has an invalid length. [ 156.541895][ T27] kauditd_printk_skb: 48 callbacks suppressed [ 156.541909][ T27] audit: type=1326 audit(1751785158.829:1570): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6182 comm="syz.0.593" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42c038e929 code=0x7ffc0000 [ 156.575382][ T6183] loop0: detected capacity change from 0 to 512 [ 156.601664][ T6183] journal_path: Lookup failure for './bus' [ 156.607511][ T6183] EXT4-fs: error: could not find journal device path [ 156.639959][ T27] audit: type=1326 audit(1751785158.829:1571): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6182 comm="syz.0.593" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f42c038e929 code=0x7ffc0000 [ 156.666853][ T6189] netlink: 48 bytes leftover after parsing attributes in process `syz.1.596'. [ 156.667072][ T27] audit: type=1326 audit(1751785158.829:1572): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6182 comm="syz.0.593" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42c038e929 code=0x7ffc0000 [ 156.722613][ T6183] netem: incorrect gi model size [ 156.727580][ T6183] netem: change failed [ 156.749847][ T6187] netlink: 'syz.3.595': attribute type 1 has an invalid length. [ 156.757586][ T27] audit: type=1326 audit(1751785158.829:1573): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6182 comm="syz.0.593" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f42c038e929 code=0x7ffc0000 [ 156.823654][ T6187] 8021q: adding VLAN 0 to HW filter on device bond2 [ 156.836434][ T27] audit: type=1326 audit(1751785158.829:1574): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6182 comm="syz.0.593" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42c038e929 code=0x7ffc0000 [ 156.905521][ T27] audit: type=1326 audit(1751785158.829:1575): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6182 comm="syz.0.593" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f42c038e929 code=0x7ffc0000 [ 156.933293][ T27] audit: type=1326 audit(1751785158.829:1576): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6182 comm="syz.0.593" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42c038e929 code=0x7ffc0000 [ 156.961507][ T27] audit: type=1326 audit(1751785158.829:1577): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6182 comm="syz.0.593" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f42c038e929 code=0x7ffc0000 [ 157.004009][ T27] audit: type=1326 audit(1751785158.829:1578): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6182 comm="syz.0.593" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42c038e929 code=0x7ffc0000 [ 157.007473][ T6192] bond2: (slave veth3): Enslaving as an active interface with a down link [ 157.058922][ T27] audit: type=1326 audit(1751785158.829:1579): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6182 comm="syz.0.593" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f42c038e929 code=0x7ffc0000 [ 157.097806][ T6200] loop1: detected capacity change from 0 to 512 [ 157.105325][ T6200] EXT4-fs: Ignoring removed mblk_io_submit option [ 157.111692][ T6199] netlink: 24 bytes leftover after parsing attributes in process `syz.2.598'. [ 157.111772][ T6200] EXT4-fs: Ignoring removed bh option [ 157.144388][ T6207] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(4) [ 157.150917][ T6207] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 157.158581][ T6200] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 157.165571][ T6206] netlink: 4 bytes leftover after parsing attributes in process `syz.0.600'. [ 157.170036][ T6200] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 157.191813][ T6207] vhci_hcd vhci_hcd.0: Device attached [ 157.200053][ T6208] vhci_hcd: connection closed [ 157.219296][ T4385] vhci_hcd: stop threads [ 157.237365][ T4385] vhci_hcd: release socket [ 157.242217][ T4385] vhci_hcd: disconnect device [ 157.246430][ T6200] EXT4-fs (loop1): 1 truncate cleaned up [ 157.253811][ T6200] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 159.922925][ T4265] EXT4-fs (loop1): unmounting filesystem. [ 160.283201][ T6237] loop2: detected capacity change from 0 to 2048 [ 160.356384][ T6237] EXT4-fs (loop2): failed to initialize system zone (-117) [ 160.376714][ T6237] EXT4-fs (loop2): mount failed [ 160.554256][ T6252] netlink: 'syz.4.613': attribute type 1 has an invalid length. [ 160.747158][ T6252] 8021q: adding VLAN 0 to HW filter on device bond6 [ 160.996376][ T6260] bond6: (slave veth13): Enslaving as an active interface with a down link [ 161.211891][ T6270] netlink: 4 bytes leftover after parsing attributes in process `syz.1.615'. [ 161.248606][ T6272] netlink: 32 bytes leftover after parsing attributes in process `syz.4.617'. [ 161.342755][ T6274] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 161.399494][ T6277] syz.4.617[6277] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 161.399590][ T6277] syz.4.617[6277] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 161.432238][ T6277] netlink: 4 bytes leftover after parsing attributes in process `syz.4.617'. [ 161.575266][ T6274] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 161.761154][ T6285] netlink: 8 bytes leftover after parsing attributes in process `syz.3.618'. [ 161.770097][ T6285] netlink: 20 bytes leftover after parsing attributes in process `syz.3.618'. [ 162.063611][ T6274] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 162.294242][ T6287] netlink: 48 bytes leftover after parsing attributes in process `syz.1.619'. [ 162.463682][ T6274] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 162.593178][ T6274] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 162.621592][ T6274] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 162.642497][ T6274] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 162.669494][ T6274] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 162.842021][ T27] kauditd_printk_skb: 46 callbacks suppressed [ 162.842036][ T27] audit: type=1107 audit(1751785165.129:1626): pid=6306 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='' [ 163.139839][ T6317] loop2: detected capacity change from 0 to 128 [ 163.218478][ T6317] netlink: 4 bytes leftover after parsing attributes in process `syz.2.630'. [ 163.487037][ T6325] netlink: 48 bytes leftover after parsing attributes in process `syz.4.634'. [ 163.535091][ T27] audit: type=1326 audit(1751785165.819:1627): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6326 comm="syz.3.635" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e07d8e929 code=0x7ffc0000 [ 163.616557][ T27] audit: type=1326 audit(1751785165.859:1628): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6326 comm="syz.3.635" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e07d8e929 code=0x7ffc0000 [ 163.679182][ T27] audit: type=1326 audit(1751785165.869:1629): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6326 comm="syz.3.635" exe="/root/syz-executor" sig=0 arch=c000003e syscall=431 compat=0 ip=0x7f3e07d8e929 code=0x7ffc0000 [ 163.728312][ T27] audit: type=1326 audit(1751785165.869:1630): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6326 comm="syz.3.635" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e07d8e929 code=0x7ffc0000 [ 163.777836][ T6335] netlink: 8 bytes leftover after parsing attributes in process `syz.3.640'. [ 163.793467][ T27] audit: type=1326 audit(1751785165.869:1631): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6326 comm="syz.3.635" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e07d8e929 code=0x7ffc0000 [ 163.820889][ T27] audit: type=1326 audit(1751785165.879:1632): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6326 comm="syz.3.635" exe="/root/syz-executor" sig=0 arch=c000003e syscall=432 compat=0 ip=0x7f3e07d8e929 code=0x7ffc0000 [ 163.829438][ T6337] netlink: 32 bytes leftover after parsing attributes in process `syz.0.639'. [ 163.848961][ T27] audit: type=1326 audit(1751785165.879:1633): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6326 comm="syz.3.635" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e07d8e929 code=0x7ffc0000 [ 163.924674][ T27] audit: type=1326 audit(1751785165.879:1634): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6326 comm="syz.3.635" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e07d8e929 code=0x7ffc0000 [ 163.985919][ T27] audit: type=1326 audit(1751785165.879:1635): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6326 comm="syz.3.635" exe="/root/syz-executor" sig=0 arch=c000003e syscall=266 compat=0 ip=0x7f3e07d8e929 code=0x7ffc0000 [ 164.084303][ T6349] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(4) [ 164.090855][ T6349] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 164.142736][ T6354] syz.0.639[6354] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 164.142836][ T6354] syz.0.639[6354] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 164.149967][ T6349] vhci_hcd vhci_hcd.0: Device attached [ 164.176483][ T6342] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 164.281905][ T6350] vhci_hcd: connection closed [ 164.282213][ T71] vhci_hcd: stop threads [ 164.299114][ T71] vhci_hcd: release socket [ 164.310235][ T71] vhci_hcd: disconnect device [ 164.548490][ T6342] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 164.686003][ T6342] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 164.729776][ T4339] vhci_hcd: vhci_device speed not set [ 164.842907][ T6342] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 164.874608][ T6373] loop1: detected capacity change from 0 to 128 [ 164.958184][ T6342] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 164.981257][ T6342] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 165.005071][ T6342] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 165.024459][ T6342] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 165.240696][ T6385] bridge0: port 3(gretap0) entered blocking state [ 165.247642][ T6385] bridge0: port 3(gretap0) entered disabled state [ 165.278691][ T6385] device gretap0 entered promiscuous mode [ 165.309914][ T6385] bridge0: port 3(gretap0) entered blocking state [ 165.316452][ T6385] bridge0: port 3(gretap0) entered forwarding state [ 166.067661][ T6410] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(4) [ 166.074225][ T6410] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 166.103366][ T6410] vhci_hcd vhci_hcd.0: Device attached [ 166.121312][ T6411] vhci_hcd: connection closed [ 166.121506][ T71] vhci_hcd: stop threads [ 166.169813][ T71] vhci_hcd: release socket [ 166.174266][ T71] vhci_hcd: disconnect device [ 166.231000][ T6420] netlink: 'syz.1.664': attribute type 3 has an invalid length. [ 166.253848][ T6420] loop1: detected capacity change from 0 to 512 [ 166.261522][ T6420] journal_path: Lookup failure for './bus' [ 166.267359][ T6420] EXT4-fs: error: could not find journal device path [ 166.316184][ T6420] netem: incorrect gi model size [ 166.321316][ T6420] netem: change failed [ 166.905580][ T6430] loop2: detected capacity change from 0 to 2048 [ 166.935647][ T6430] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 166.954747][ T6430] ext4 filesystem being mounted at /144/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 167.128186][ T4266] EXT4-fs (loop2): unmounting filesystem. [ 167.310290][ T6451] __nla_validate_parse: 7 callbacks suppressed [ 167.310305][ T6451] netlink: 48 bytes leftover after parsing attributes in process `syz.3.674'. [ 167.882299][ T6463] netlink: 8 bytes leftover after parsing attributes in process `syz.2.676'. [ 167.891274][ T6463] netlink: 20 bytes leftover after parsing attributes in process `syz.2.676'. [ 168.937020][ T27] kauditd_printk_skb: 78 callbacks suppressed [ 168.937034][ T27] audit: type=1326 audit(1751785171.219:1714): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6462 comm="syz.1.679" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64ebd8e929 code=0x7ffc0000 [ 169.156423][ T27] audit: type=1326 audit(1751785171.219:1715): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6462 comm="syz.1.679" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64ebd8e929 code=0x7ffc0000 [ 169.266851][ T27] audit: type=1326 audit(1751785171.219:1716): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6462 comm="syz.1.679" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f64ebd8e929 code=0x7ffc0000 [ 169.289297][ T27] audit: type=1326 audit(1751785171.219:1717): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6462 comm="syz.1.679" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64ebd8e929 code=0x7ffc0000 [ 169.312347][ T27] audit: type=1326 audit(1751785171.219:1718): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6462 comm="syz.1.679" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64ebd8e929 code=0x7ffc0000 [ 169.397563][ T6485] syz.2.686[6485] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 169.397653][ T6485] syz.2.686[6485] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 169.403904][ T6486] netlink: 48 bytes leftover after parsing attributes in process `syz.1.687'. [ 169.499042][ T6485] loop2: detected capacity change from 0 to 1024 [ 169.538336][ T6485] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 169.559831][ T6485] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 169.595162][ T6485] JBD2: no valid journal superblock found [ 169.609952][ T6485] EXT4-fs (loop2): error loading journal [ 169.647323][ T6492] netlink: 'syz.3.690': attribute type 1 has an invalid length. [ 169.727859][ T6492] 8021q: adding VLAN 0 to HW filter on device bond3 [ 169.810192][ T6496] bond3: (slave veth5): Enslaving as an active interface with a down link [ 169.995482][ T6503] loop1: detected capacity change from 0 to 2048 [ 170.027188][ T6503] EXT4-fs error (device loop1): __ext4_fill_super:5402: inode #2: comm syz.1.694: iget: bad extended attribute block 281474976710655 [ 170.046316][ T6503] EXT4-fs (loop1): get root inode failed [ 170.052194][ T6503] EXT4-fs (loop1): mount failed [ 170.315979][ T6510] netlink: 'syz.1.696': attribute type 3 has an invalid length. [ 170.357171][ T27] audit: type=1326 audit(1751785172.639:1719): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6509 comm="syz.1.696" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64ebd8e929 code=0x7ffc0000 [ 170.388370][ T6510] loop1: detected capacity change from 0 to 512 [ 170.396098][ T27] audit: type=1326 audit(1751785172.639:1720): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6509 comm="syz.1.696" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f64ebd8e929 code=0x7ffc0000 [ 170.453638][ T6510] journal_path: Lookup failure for './bus' [ 170.459554][ T6510] EXT4-fs: error: could not find journal device path [ 170.460343][ T27] audit: type=1326 audit(1751785172.639:1721): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6509 comm="syz.1.696" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64ebd8e929 code=0x7ffc0000 [ 170.527345][ T27] audit: type=1326 audit(1751785172.639:1722): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6509 comm="syz.1.696" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f64ebd8e929 code=0x7ffc0000 [ 170.576134][ T27] audit: type=1326 audit(1751785172.639:1723): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6509 comm="syz.1.696" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64ebd8e929 code=0x7ffc0000 [ 170.581567][ T6510] netem: incorrect gi model size [ 170.639839][ T6510] netem: change failed [ 170.947596][ T6525] netlink: 'syz.2.702': attribute type 21 has an invalid length. [ 170.979613][ T6525] netlink: 'syz.2.702': attribute type 1 has an invalid length. [ 170.993683][ T6525] netlink: 144 bytes leftover after parsing attributes in process `syz.2.702'. [ 171.098047][ T6527] serio: Serial port ptm0 [ 171.158999][ T6531] loop2: detected capacity change from 0 to 512 [ 171.185760][ T6531] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 171.227212][ T6531] EXT4-fs (loop2): 1 truncate cleaned up [ 171.233107][ T6531] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 171.369295][ T6427] Set syz1 is full, maxelem 65536 reached [ 171.749321][ T6547] netlink: 'syz.4.710': attribute type 3 has an invalid length. [ 171.770729][ T6547] loop4: detected capacity change from 0 to 512 [ 171.778137][ T6547] journal_path: Lookup failure for './bus' [ 171.784023][ T6547] EXT4-fs: error: could not find journal device path [ 171.835048][ T6547] netem: incorrect gi model size [ 171.854364][ T6547] netem: change failed [ 172.015136][ T6555] netlink: 4 bytes leftover after parsing attributes in process `syz.4.713'. [ 172.034497][ T4266] EXT4-fs (loop2): unmounting filesystem. [ 172.196466][ T6562] loop4: detected capacity change from 0 to 1024 [ 172.208442][ T6562] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 172.226834][ T6562] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 172.245952][ T6562] JBD2: no valid journal superblock found [ 172.252126][ T6562] EXT4-fs (loop4): error loading journal [ 172.425956][ T6570] loop2: detected capacity change from 0 to 256 [ 172.511532][ T6570] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000804) [ 172.530064][ T6570] FAT-fs (loop2): Filesystem has been set read-only [ 172.723501][ T6580] netlink: 'syz.4.724': attribute type 3 has an invalid length. [ 172.753976][ T6580] loop4: detected capacity change from 0 to 512 [ 172.768341][ T6580] journal_path: Lookup failure for './bus' [ 172.774625][ T6580] EXT4-fs: error: could not find journal device path [ 172.844680][ T6580] netem: incorrect gi model size [ 172.855238][ T6580] netem: change failed [ 173.035147][ T6587] loop0: detected capacity change from 0 to 128 [ 173.057521][ T6587] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 173.079410][ T6587] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 173.660502][ T6597] xt_hashlimit: max too large, truncated to 1048576 [ 174.028468][ T6608] netlink: 'syz.3.733': attribute type 1 has an invalid length. [ 174.123194][ T6608] 8021q: adding VLAN 0 to HW filter on device bond4 [ 174.140267][ T6612] netlink: 24 bytes leftover after parsing attributes in process `syz.0.735'. [ 174.211989][ T6614] bond4: (slave erspan0): making interface the new active one [ 174.238071][ T6614] bond4: (slave erspan0): Enslaving as an active interface with an up link [ 174.253547][ T71] IPv6: ADDRCONF(NETDEV_CHANGE): bond4: link becomes ready [ 174.357523][ T6623] netlink: 'syz.1.737': attribute type 3 has an invalid length. [ 174.368044][ T6614] syz.3.733 (6614) used greatest stack depth: 20384 bytes left [ 174.489902][ T27] kauditd_printk_skb: 221 callbacks suppressed [ 174.489917][ T27] audit: type=1326 audit(1751785176.749:1945): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6621 comm="syz.1.737" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64ebd8e929 code=0x7ffc0000 [ 174.512524][ T6623] loop1: detected capacity change from 0 to 512 [ 174.525764][ T6623] journal_path: Lookup failure for './bus' [ 174.531636][ T6623] EXT4-fs: error: could not find journal device path [ 174.540215][ T27] audit: type=1326 audit(1751785176.749:1946): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6621 comm="syz.1.737" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f64ebd8e929 code=0x7ffc0000 [ 174.611014][ T27] audit: type=1326 audit(1751785176.749:1947): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6621 comm="syz.1.737" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64ebd8e929 code=0x7ffc0000 [ 174.648936][ T27] audit: type=1326 audit(1751785176.749:1948): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6621 comm="syz.1.737" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f64ebd8e929 code=0x7ffc0000 [ 174.672389][ T27] audit: type=1326 audit(1751785176.749:1949): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6621 comm="syz.1.737" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64ebd8e929 code=0x7ffc0000 [ 174.696296][ T27] audit: type=1326 audit(1751785176.749:1950): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6621 comm="syz.1.737" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f64ebd8e929 code=0x7ffc0000 [ 174.726498][ T6633] usb usb9: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 174.726555][ T6623] netem: incorrect gi model size [ 174.734768][ T6633] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 174.746532][ T6623] netem: change failed [ 174.751100][ T27] audit: type=1326 audit(1751785176.749:1951): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6621 comm="syz.1.737" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64ebd8e929 code=0x7ffc0000 [ 174.814120][ T27] audit: type=1326 audit(1751785176.749:1952): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6621 comm="syz.1.737" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f64ebd8e929 code=0x7ffc0000 [ 174.870429][ T27] audit: type=1326 audit(1751785176.749:1953): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6621 comm="syz.1.737" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64ebd8e929 code=0x7ffc0000 [ 174.934505][ T27] audit: type=1326 audit(1751785176.749:1954): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6621 comm="syz.1.737" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f64ebd8e929 code=0x7ffc0000 [ 175.147781][ T6650] netlink: 24 bytes leftover after parsing attributes in process `syz.4.749'. [ 175.373469][ T6658] bridge0: port 3(gretap0) entered blocking state [ 175.380054][ T6658] bridge0: port 3(gretap0) entered disabled state [ 175.387484][ T6658] device gretap0 entered promiscuous mode [ 175.393676][ T6658] bridge0: port 3(gretap0) entered blocking state [ 175.400202][ T6658] bridge0: port 3(gretap0) entered forwarding state [ 175.603277][ T6673] netlink: 'syz.2.757': attribute type 3 has an invalid length. [ 175.664712][ T6673] netem: incorrect gi model size [ 175.669903][ T6673] netem: change failed [ 176.501152][ T6698] netlink: 24 bytes leftover after parsing attributes in process `syz.4.766'. [ 176.789797][ T6706] netlink: 'syz.2.771': attribute type 3 has an invalid length. [ 176.835405][ T6706] netem: incorrect gi model size [ 176.849912][ T6706] netem: change failed [ 176.973893][ T6714] nfs4: Bad value for 'source' [ 176.991199][ T6711] device bond7 entered promiscuous mode [ 177.003326][ T6716] netlink: 75 bytes leftover after parsing attributes in process `syz.2.774'. [ 177.047475][ T6711] 8021q: adding VLAN 0 to HW filter on device bond7 [ 177.455307][ T6711] bond7 (unregistering): Released all slaves [ 177.942955][ T6726] loop3: detected capacity change from 0 to 512 [ 177.952002][ T6726] EXT4-fs: Ignoring removed mblk_io_submit option [ 177.958494][ T6726] EXT4-fs: Ignoring removed bh option [ 178.042099][ T6726] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 178.053536][ T6726] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 178.217785][ T6726] EXT4-fs (loop3): 1 truncate cleaned up [ 178.223705][ T6726] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 178.494172][ T4268] EXT4-fs (loop3): unmounting filesystem. [ 178.601139][ T6739] netlink: 48 bytes leftover after parsing attributes in process `syz.0.783'. [ 178.671905][ T6745] netlink: 'syz.2.785': attribute type 1 has an invalid length. [ 178.750467][ T6745] 8021q: adding VLAN 0 to HW filter on device bond1 [ 178.807395][ T6751] program syz.0.788 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 178.964753][ T6753] loop3: detected capacity change from 0 to 1024 [ 178.992025][ T6753] EXT4-fs: Ignoring removed nobh option [ 178.998285][ T6753] EXT4-fs: Ignoring removed bh option [ 179.024696][ T6753] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 179.075751][ T6760] syz.2.790[6760] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 179.075837][ T6760] syz.2.790[6760] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 179.162737][ T6753] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 179.446511][ T6760] infiniband syz!: set active [ 179.469798][ T6760] infiniband syz!: added team_slave_0 [ 179.560563][ T4268] EXT4-fs (loop3): unmounting filesystem. [ 179.564827][ T6760] RDS/IB: syz!: added [ 179.576372][ T6760] smc: adding ib device syz! with port count 1 [ 179.582791][ T6760] smc: ib device syz! port 1 has pnetid [ 179.726521][ T27] kauditd_printk_skb: 144 callbacks suppressed [ 179.726534][ T27] audit: type=1326 audit(1751785182.009:2099): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6770 comm="syz.3.792" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e07d8e929 code=0x7ffc0000 [ 179.817981][ T27] audit: type=1326 audit(1751785182.049:2100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6770 comm="syz.3.792" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e07d8e929 code=0x7ffc0000 [ 179.887959][ T27] audit: type=1326 audit(1751785182.049:2101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6770 comm="syz.3.792" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f3e07d8e929 code=0x7ffc0000 [ 179.980689][ T27] audit: type=1326 audit(1751785182.049:2102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6770 comm="syz.3.792" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e07d8e929 code=0x7ffc0000 [ 180.126917][ T27] audit: type=1326 audit(1751785182.049:2103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6770 comm="syz.3.792" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e07d8e929 code=0x7ffc0000 [ 180.335307][ T27] audit: type=1326 audit(1751785182.049:2104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6770 comm="syz.3.792" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f3e07d8e929 code=0x7ffc0000 [ 180.525898][ T27] audit: type=1326 audit(1751785182.049:2105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6770 comm="syz.3.792" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e07d8e929 code=0x7ffc0000 [ 180.675761][ T6779] loop4: detected capacity change from 0 to 512 [ 180.685362][ T6779] EXT4-fs: Ignoring removed mblk_io_submit option [ 180.691881][ T6779] EXT4-fs: Ignoring removed bh option [ 180.735813][ T6779] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 180.747356][ T6779] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 180.790030][ T4282] Bluetooth: hci4: command 0x0406 tx timeout [ 180.796941][ T4280] Bluetooth: hci1: command 0x0406 tx timeout [ 180.803578][ T4280] Bluetooth: hci0: command 0x0406 tx timeout [ 180.811300][ T4282] Bluetooth: hci2: command 0x0406 tx timeout [ 180.817824][ T4282] Bluetooth: hci3: command 0x0406 tx timeout [ 180.876818][ T6779] EXT4-fs (loop4): 1 truncate cleaned up [ 180.882667][ T6779] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 180.985210][ T27] audit: type=1326 audit(1751785182.049:2106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6770 comm="syz.3.792" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e07d8e929 code=0x7ffc0000 [ 181.111005][ T27] audit: type=1326 audit(1751785182.049:2107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6770 comm="syz.3.792" exe="/root/syz-executor" sig=0 arch=c000003e syscall=223 compat=0 ip=0x7f3e07d8e929 code=0x7ffc0000 [ 181.134126][ T27] audit: type=1326 audit(1751785182.049:2108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6770 comm="syz.3.792" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f3e07d858e7 code=0x7ffc0000 [ 181.148871][ T4267] EXT4-fs (loop4): unmounting filesystem. [ 181.313438][ T6785] loop3: detected capacity change from 0 to 2048 [ 181.420489][ T6785] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 181.459633][ T6785] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4128793 free clusters [ 181.690799][ T4268] EXT4-fs (loop3): unmounting filesystem. [ 181.754191][ T6789] netlink: 48 bytes leftover after parsing attributes in process `syz.2.798'. [ 181.913680][ T129] kernel write not supported for file /406/loginuid (pid: 129 comm: kworker/1:2) [ 182.327706][ T6801] netlink: 'syz.4.801': attribute type 1 has an invalid length. [ 182.740364][ T6801] 8021q: adding VLAN 0 to HW filter on device bond7 [ 182.745319][ T6700] Set syz1 is full, maxelem 65536 reached [ 182.845974][ T6808] loop3: detected capacity change from 0 to 512 [ 182.887394][ T6808] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 182.966953][ T6808] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 183.040792][ T6808] ext4 filesystem being mounted at /162/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 183.067967][ T6825] netlink: 4 bytes leftover after parsing attributes in process `syz.2.805'. [ 183.146651][ T4268] EXT4-fs (loop3): unmounting filesystem. [ 183.375849][ T6838] netlink: 'syz.0.812': attribute type 3 has an invalid length. [ 183.426934][ T6838] loop0: detected capacity change from 0 to 512 [ 183.446125][ T6838] journal_path: Lookup failure for './bus' [ 183.457233][ T6838] EXT4-fs: error: could not find journal device path [ 183.505698][ T6838] netem: incorrect gi model size [ 183.515040][ T6838] netem: change failed [ 183.610650][ T6851] netlink: 60 bytes leftover after parsing attributes in process `syz.1.818'. [ 183.806117][ T6862] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.822'. [ 183.832147][ T6857] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.822'. [ 183.904501][ T6866] netlink: 4 bytes leftover after parsing attributes in process `syz.2.825'. [ 184.057306][ T6873] syz.0.828[6873] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 184.057405][ T6873] syz.0.828[6873] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 184.256813][ T6882] netlink: 'syz.0.832': attribute type 3 has an invalid length. [ 184.366605][ T6882] loop0: detected capacity change from 0 to 512 [ 184.371792][ T6885] loop1: detected capacity change from 0 to 512 [ 184.390435][ T6885] EXT4-fs (loop1): revision level too high, forcing read-only mode [ 184.399543][ T6885] EXT4-fs (loop1): orphan cleanup on readonly fs [ 184.419056][ T6885] EXT4-fs warning (device loop1): ext4_enable_quotas:7066: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 184.434802][ T6882] journal_path: Lookup failure for './bus' [ 184.447040][ T6885] EXT4-fs (loop1): Cannot turn on quotas: error -22 [ 184.459086][ T6885] EXT4-fs error (device loop1): ext4_orphan_get:1400: inode #16: comm syz.1.834: iget: immutable or append flags not allowed on symlinks [ 184.469483][ T6882] EXT4-fs: error: could not find journal device path [ 184.483935][ T6885] EXT4-fs error (device loop1): ext4_orphan_get:1405: comm syz.1.834: couldn't read orphan inode 16 (err -117) [ 184.507123][ T6885] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 184.597428][ T4265] EXT4-fs (loop1): unmounting filesystem. [ 184.604639][ T6882] netem: incorrect gi model size [ 184.609591][ T6882] netem: change failed [ 185.290568][ T6909] loop0: detected capacity change from 0 to 128 [ 185.423616][ T6908] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 185.514458][ T6911] netlink: 4 bytes leftover after parsing attributes in process `syz.0.842'. [ 185.751485][ T6908] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 185.959886][ T27] kauditd_printk_skb: 157 callbacks suppressed [ 185.959900][ T27] audit: type=1326 audit(1751785188.239:2266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6921 comm="syz.1.847" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64ebd8e929 code=0x7ffc0000 [ 185.994416][ T6908] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 186.099457][ T27] audit: type=1326 audit(1751785188.249:2267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6921 comm="syz.1.847" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f64ebd8e929 code=0x7ffc0000 [ 186.141305][ T27] audit: type=1326 audit(1751785188.249:2268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6921 comm="syz.1.847" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64ebd8e929 code=0x7ffc0000 [ 186.176673][ T6908] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 186.192063][ T27] audit: type=1326 audit(1751785188.249:2269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6921 comm="syz.1.847" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64ebd8e929 code=0x7ffc0000 [ 186.236927][ T27] audit: type=1326 audit(1751785188.249:2270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6921 comm="syz.1.847" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f64ebd8e929 code=0x7ffc0000 [ 186.320034][ T27] audit: type=1326 audit(1751785188.249:2271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6921 comm="syz.1.847" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64ebd8e929 code=0x7ffc0000 [ 186.353960][ T6908] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 186.377381][ T27] audit: type=1326 audit(1751785188.249:2272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6921 comm="syz.1.847" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64ebd8e929 code=0x7ffc0000 [ 186.416185][ T6908] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 186.425861][ T27] audit: type=1326 audit(1751785188.249:2273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6921 comm="syz.1.847" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f64ebd8e929 code=0x7ffc0000 [ 186.476453][ T6908] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 186.490401][ T27] audit: type=1326 audit(1751785188.249:2274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6921 comm="syz.1.847" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64ebd8e929 code=0x7ffc0000 [ 186.532236][ T6908] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 186.554520][ T27] audit: type=1326 audit(1751785188.249:2275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6921 comm="syz.1.847" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64ebd8e929 code=0x7ffc0000 [ 186.954049][ T6945] loop0: detected capacity change from 0 to 128 [ 187.034923][ T6951] netlink: 4 bytes leftover after parsing attributes in process `syz.0.857'. [ 187.283266][ T6955] netlink: 64 bytes leftover after parsing attributes in process `syz.1.861'. [ 187.398200][ T6962] loop4: detected capacity change from 0 to 164 [ 187.423376][ T6962] Unable to read rock-ridge attributes [ 187.646233][ T6969] netlink: 'syz.4.867': attribute type 1 has an invalid length. [ 187.713722][ T6969] 8021q: adding VLAN 0 to HW filter on device bond8 [ 187.771244][ T6971] device bond1 entered promiscuous mode [ 187.788368][ T6971] 8021q: adding VLAN 0 to HW filter on device bond1 [ 188.072233][ T6971] bond1 (unregistering): Released all slaves [ 188.092410][ T6978] netlink: 24 bytes leftover after parsing attributes in process `syz.2.868'. [ 188.513819][ T6999] netlink: 4 bytes leftover after parsing attributes in process `syz.2.875'. [ 188.987419][ T6883] Set syz1 is full, maxelem 65536 reached [ 189.079216][ T7013] netlink: 24 bytes leftover after parsing attributes in process `syz.2.883'. [ 189.163157][ T7017] ieee802154 phy0 wpan0: encryption failed: -22 [ 189.285759][ T7022] netlink: 24 bytes leftover after parsing attributes in process `syz.2.896'. [ 190.049337][ T7025] loop1: detected capacity change from 0 to 512 [ 190.057016][ T7025] EXT4-fs: Ignoring removed mblk_io_submit option [ 190.063494][ T7025] EXT4-fs: Ignoring removed bh option [ 190.087828][ T7025] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 190.099198][ T7025] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 190.201384][ T7025] EXT4-fs (loop1): 1 truncate cleaned up [ 190.207116][ T7025] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 190.436439][ T4265] EXT4-fs (loop1): unmounting filesystem. [ 190.482247][ T7043] netlink: 12 bytes leftover after parsing attributes in process `syz.2.894'. [ 190.504425][ T7042] loop0: detected capacity change from 0 to 128 [ 190.522020][ T7043] 8021q: adding VLAN 0 to HW filter on device bond2 [ 190.592062][ T7048] loop1: detected capacity change from 0 to 128 [ 190.634147][ T7048] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 190.669250][ T7049] netlink: 4 bytes leftover after parsing attributes in process `syz.0.892'. [ 190.987578][ T7056] netlink: 24 bytes leftover after parsing attributes in process `syz.1.898'. [ 192.751940][ T7093] loop1: detected capacity change from 0 to 128 [ 192.880052][ T7099] netlink: 4 bytes leftover after parsing attributes in process `syz.1.910'. [ 192.939298][ T7101] netlink: 24 bytes leftover after parsing attributes in process `syz.4.913'. [ 193.750059][ T27] kauditd_printk_skb: 34 callbacks suppressed [ 193.750178][ T27] audit: type=1326 audit(1751785195.899:2310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7109 comm="syz.2.918" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8ecf8e929 code=0x7ffc0000 [ 193.938975][ T27] audit: type=1326 audit(1751785196.069:2311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7109 comm="syz.2.918" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8ecf8e929 code=0x7ffc0000 [ 193.998595][ T27] audit: type=1326 audit(1751785196.079:2312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7109 comm="syz.2.918" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fe8ecf8e929 code=0x7ffc0000 [ 194.051345][ T1273] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.201288][ T27] audit: type=1326 audit(1751785196.089:2313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7109 comm="syz.2.918" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8ecf8e929 code=0x7ffc0000 [ 194.281948][ T27] audit: type=1326 audit(1751785196.089:2314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7109 comm="syz.2.918" exe="/root/syz-executor" sig=0 arch=c000003e syscall=213 compat=0 ip=0x7fe8ecf8e929 code=0x7ffc0000 [ 194.315267][ T7116] loop1: detected capacity change from 0 to 8192 [ 194.339927][ T27] audit: type=1326 audit(1751785196.099:2315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7109 comm="syz.2.918" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8ecf8e929 code=0x7ffc0000 [ 194.457496][ T27] audit: type=1326 audit(1751785196.139:2316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7109 comm="syz.2.918" exe="/root/syz-executor" sig=0 arch=c000003e syscall=233 compat=0 ip=0x7fe8ecf8e929 code=0x7ffc0000 [ 194.549777][ T27] audit: type=1326 audit(1751785196.139:2317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7109 comm="syz.2.918" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8ecf8e929 code=0x7ffc0000 [ 194.640119][ T27] audit: type=1326 audit(1751785196.269:2318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7094 comm="syz.3.912" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e07d8e929 code=0x7ffc0000 [ 194.667483][ T7134] loop4: detected capacity change from 0 to 128 [ 194.729919][ T27] audit: type=1326 audit(1751785196.269:2319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7094 comm="syz.3.912" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e07d8e929 code=0x7ffc0000 [ 194.760978][ T7134] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 194.871525][ T7139] netlink: 4 bytes leftover after parsing attributes in process `syz.2.927'. [ 194.901159][ T7141] netlink: 24 bytes leftover after parsing attributes in process `syz.1.928'. [ 195.036788][ T7146] netlink: 'syz.4.929': attribute type 3 has an invalid length. [ 195.102508][ T7146] loop4: detected capacity change from 0 to 512 [ 195.130263][ T7146] journal_path: Lookup failure for './bus' [ 195.136110][ T7146] EXT4-fs: error: could not find journal device path [ 195.245808][ T7146] netem: incorrect gi model size [ 195.265074][ T7146] netem: change failed [ 196.206989][ T7164] syz.1.936[7164] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 196.207082][ T7164] syz.1.936[7164] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 196.241180][ T7169] netlink: 'syz.3.938': attribute type 1 has an invalid length. [ 196.280839][ T7169] 8021q: adding VLAN 0 to HW filter on device bond5 [ 196.331220][ T7169] bond5: (slave batadv1): Error -99 calling set_mac_address [ 196.804934][ T7188] netlink: 'syz.3.943': attribute type 3 has an invalid length. [ 196.819266][ T7186] loop4: detected capacity change from 0 to 1024 [ 196.855720][ T7186] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 196.869389][ T7188] loop3: detected capacity change from 0 to 512 [ 196.871030][ T7186] ext4 filesystem being mounted at /198/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 196.876873][ T7188] journal_path: Lookup failure for './bus' [ 196.892235][ T7188] EXT4-fs: error: could not find journal device path [ 196.950573][ T7188] netem: incorrect gi model size [ 196.955642][ T7188] netem: change failed [ 196.978479][ T7197] loop1: detected capacity change from 0 to 164 [ 196.990544][ T4267] EXT4-fs (loop4): unmounting filesystem. [ 197.331059][ T7209] netlink: 'syz.2.951': attribute type 1 has an invalid length. [ 197.378444][ T7209] netlink: 80 bytes leftover after parsing attributes in process `syz.2.951'. [ 198.139183][ T7211] loop1: detected capacity change from 0 to 512 [ 198.146847][ T7211] EXT4-fs: Ignoring removed mblk_io_submit option [ 198.153346][ T7211] EXT4-fs: Ignoring removed bh option [ 198.159229][ T7211] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 198.170747][ T7211] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 198.190828][ T7211] EXT4-fs (loop1): 1 truncate cleaned up [ 198.196515][ T7211] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 198.901209][ T4265] EXT4-fs (loop1): unmounting filesystem. [ 199.093344][ T7226] netlink: 'syz.4.954': attribute type 1 has an invalid length. [ 199.232173][ T27] kauditd_printk_skb: 106 callbacks suppressed [ 199.232187][ T27] audit: type=1326 audit(1751785201.519:2426): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7202 comm="syz.3.949" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e07d8e929 code=0x7ffc0000 [ 199.308497][ T27] audit: type=1326 audit(1751785201.579:2427): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7202 comm="syz.3.949" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3e07d8e929 code=0x7ffc0000 [ 199.325748][ T7226] 8021q: adding VLAN 0 to HW filter on device bond9 [ 199.359767][ T27] audit: type=1326 audit(1751785201.579:2428): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7202 comm="syz.3.949" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e07d8e929 code=0x7ffc0000 [ 199.415780][ T27] audit: type=1326 audit(1751785201.579:2429): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7202 comm="syz.3.949" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e07d8e929 code=0x7ffc0000 [ 199.510753][ T27] audit: type=1326 audit(1751785201.799:2430): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7248 comm="syz.0.959" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42c038e929 code=0x7ffc0000 [ 199.582288][ T27] audit: type=1326 audit(1751785201.819:2431): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7248 comm="syz.0.959" exe="/root/syz-executor" sig=0 arch=c000003e syscall=294 compat=0 ip=0x7f42c038e929 code=0x7ffc0000 [ 199.653136][ T27] audit: type=1326 audit(1751785201.819:2432): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7248 comm="syz.0.959" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42c038e929 code=0x7ffc0000 [ 199.681277][ T7251] netlink: 'syz.2.960': attribute type 3 has an invalid length. [ 199.711480][ T27] audit: type=1326 audit(1751785201.979:2433): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7250 comm="syz.2.960" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8ecf8e929 code=0x7ffc0000 [ 199.753143][ T7251] netem: incorrect gi model size [ 199.762627][ T7251] netem: change failed [ 199.767269][ T27] audit: type=1326 audit(1751785201.989:2434): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7250 comm="syz.2.960" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fe8ecf8e929 code=0x7ffc0000 [ 199.863671][ T27] audit: type=1326 audit(1751785201.989:2435): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7250 comm="syz.2.960" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8ecf8e929 code=0x7ffc0000 [ 201.333237][ T7266] loop0: detected capacity change from 0 to 512 [ 201.340195][ T7266] EXT4-fs: Ignoring removed mblk_io_submit option [ 201.346627][ T7266] EXT4-fs: Ignoring removed bh option [ 201.380266][ T7266] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 201.391723][ T7266] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 201.708989][ T7266] EXT4-fs (loop0): 1 truncate cleaned up [ 201.714824][ T7266] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 201.996786][ T4269] EXT4-fs (loop0): unmounting filesystem. [ 203.178705][ T7312] netlink: 'syz.2.977': attribute type 1 has an invalid length. [ 203.336814][ T7312] 8021q: adding VLAN 0 to HW filter on device bond3 [ 204.056061][ T7323] loop1: detected capacity change from 0 to 512 [ 204.095980][ T7323] EXT4-fs: Ignoring removed mblk_io_submit option [ 204.102480][ T7323] EXT4-fs: Ignoring removed bh option [ 204.116620][ T7323] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 204.127954][ T7323] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 204.222864][ T7323] EXT4-fs (loop1): 1 truncate cleaned up [ 204.228551][ T7323] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 204.277993][ T7329] netlink: 'syz.0.982': attribute type 3 has an invalid length. [ 204.310261][ T27] kauditd_printk_skb: 41 callbacks suppressed [ 204.310273][ T27] audit: type=1326 audit(1751785206.599:2477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7328 comm="syz.0.982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42c038e929 code=0x7ffc0000 [ 204.460320][ T4265] EXT4-fs (loop1): unmounting filesystem. [ 204.498034][ T27] audit: type=1326 audit(1751785206.629:2478): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7328 comm="syz.0.982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f42c038e929 code=0x7ffc0000 [ 204.530052][ T27] audit: type=1326 audit(1751785206.629:2479): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7328 comm="syz.0.982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42c038e929 code=0x7ffc0000 [ 204.559989][ T7329] loop0: detected capacity change from 0 to 512 [ 204.568515][ T7329] journal_path: Lookup failure for './bus' [ 204.576535][ T7329] EXT4-fs: error: could not find journal device path [ 204.630405][ T27] audit: type=1326 audit(1751785206.629:2480): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7328 comm="syz.0.982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f42c038e929 code=0x7ffc0000 [ 204.701048][ T7329] netem: incorrect gi model size [ 204.704998][ T27] audit: type=1326 audit(1751785206.629:2481): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7328 comm="syz.0.982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42c038e929 code=0x7ffc0000 [ 204.719802][ T7329] netem: change failed [ 204.773538][ T27] audit: type=1326 audit(1751785206.629:2482): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7328 comm="syz.0.982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f42c038e929 code=0x7ffc0000 [ 204.838229][ T7346] loop1: detected capacity change from 0 to 128 [ 204.855650][ T27] audit: type=1326 audit(1751785206.629:2483): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7328 comm="syz.0.982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42c038e929 code=0x7ffc0000 [ 204.898220][ T27] audit: type=1326 audit(1751785206.629:2484): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7328 comm="syz.0.982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f42c038e929 code=0x7ffc0000 [ 204.945441][ T27] audit: type=1326 audit(1751785206.729:2485): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7328 comm="syz.0.982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42c038e929 code=0x7ffc0000 [ 204.995475][ T7353] netlink: 4 bytes leftover after parsing attributes in process `syz.1.987'. [ 205.119991][ T27] audit: type=1326 audit(1751785206.729:2486): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7328 comm="syz.0.982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42c038e929 code=0x7ffc0000 [ 205.498598][ T7365] netlink: 256 bytes leftover after parsing attributes in process `syz.3.993'. [ 205.730444][ T7376] netlink: 'syz.3.999': attribute type 3 has an invalid length. [ 205.808435][ T7376] loop3: detected capacity change from 0 to 512 [ 205.833370][ T7376] journal_path: Lookup failure for './bus' [ 205.843648][ T7376] EXT4-fs: error: could not find journal device path [ 206.101629][ T7382] loop1: detected capacity change from 0 to 512 [ 206.110481][ T7382] EXT4-fs: Ignoring removed mblk_io_submit option [ 206.116954][ T7382] EXT4-fs: Ignoring removed bh option [ 206.142429][ T7382] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 206.153904][ T7382] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 206.227843][ T7382] EXT4-fs (loop1): 1 truncate cleaned up [ 206.234483][ T7382] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 206.992530][ T7400] loop0: detected capacity change from 0 to 128 [ 207.030382][ T4265] EXT4-fs (loop1): unmounting filesystem. [ 207.125343][ T7400] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1007'. [ 207.413849][ T7419] netlink: 'syz.2.1013': attribute type 3 has an invalid length. [ 207.531574][ T7419] netem: incorrect gi model size [ 207.554432][ T7419] netem: change failed [ 208.024449][ T7437] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 208.213176][ T7443] loop3: detected capacity change from 0 to 1024 [ 208.248384][ T7445] loop0: detected capacity change from 0 to 128 [ 208.256493][ T7445] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 208.281170][ T7443] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 208.308308][ T7443] ext4 filesystem being mounted at /187/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 208.400028][ T7454] netlink: 'syz.0.1026': attribute type 3 has an invalid length. [ 208.409335][ T4268] EXT4-fs (loop3): unmounting filesystem. [ 208.427148][ T7454] loop0: detected capacity change from 0 to 512 [ 208.434767][ T7454] journal_path: Lookup failure for './bus' [ 208.440677][ T7454] EXT4-fs: error: could not find journal device path [ 208.501127][ T7454] netem: incorrect gi model size [ 208.506247][ T7454] netem: change failed [ 208.679833][ T7459] loop3: detected capacity change from 0 to 512 [ 208.785970][ T7464] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 209.263380][ T7475] netlink: 'syz.2.1034': attribute type 13 has an invalid length. [ 209.401121][ T7477] loop0: detected capacity change from 0 to 128 [ 209.442052][ T7477] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 209.536503][ T7488] netlink: 'syz.4.1041': attribute type 3 has an invalid length. [ 209.560579][ T27] kauditd_printk_skb: 188 callbacks suppressed [ 209.560592][ T27] audit: type=1326 audit(1751785211.849:2675): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7486 comm="syz.4.1041" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a4ff8e929 code=0x7ffc0000 [ 209.580505][ T7488] loop4: detected capacity change from 0 to 512 [ 209.632194][ T7488] journal_path: Lookup failure for './bus' [ 209.636265][ T27] audit: type=1326 audit(1751785211.849:2676): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7486 comm="syz.4.1041" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f2a4ff8e929 code=0x7ffc0000 [ 209.648201][ T7488] EXT4-fs: error: could not find journal device path [ 209.703679][ T27] audit: type=1326 audit(1751785211.849:2677): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7486 comm="syz.4.1041" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a4ff8e929 code=0x7ffc0000 [ 209.770221][ T27] audit: type=1326 audit(1751785211.849:2678): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7486 comm="syz.4.1041" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2a4ff8e929 code=0x7ffc0000 [ 209.794414][ T7488] netem: incorrect gi model size [ 209.799373][ T7488] netem: change failed [ 209.842734][ T27] audit: type=1326 audit(1751785211.849:2679): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7486 comm="syz.4.1041" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a4ff8e929 code=0x7ffc0000 [ 209.891734][ T27] audit: type=1326 audit(1751785211.849:2680): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7486 comm="syz.4.1041" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2a4ff8e929 code=0x7ffc0000 [ 209.938776][ T27] audit: type=1326 audit(1751785211.849:2681): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7486 comm="syz.4.1041" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a4ff8e929 code=0x7ffc0000 [ 210.002355][ T27] audit: type=1326 audit(1751785211.849:2682): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7486 comm="syz.4.1041" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2a4ff8e929 code=0x7ffc0000 [ 210.054540][ T27] audit: type=1326 audit(1751785211.849:2683): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7486 comm="syz.4.1041" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a4ff8e929 code=0x7ffc0000 [ 210.095457][ T7504] device bridge0 entered promiscuous mode [ 210.101996][ T7504] device macsec1 entered promiscuous mode [ 210.107809][ T27] audit: type=1326 audit(1751785211.849:2684): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7486 comm="syz.4.1041" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2a4ff8e929 code=0x7ffc0000 [ 210.131874][ T7504] bridge0: port 4(macsec1) entered blocking state [ 210.138526][ T7504] bridge0: port 4(macsec1) entered disabled state [ 210.158514][ T7504] device bridge0 left promiscuous mode [ 210.503009][ T7518] loop3: detected capacity change from 0 to 1024 [ 210.510654][ T7518] EXT4-fs: Ignoring removed bh option [ 210.524188][ T7518] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 210.761904][ T7518] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 211.932614][ T7533] netlink: 'syz.0.1058': attribute type 3 has an invalid length. [ 212.032197][ T7533] loop0: detected capacity change from 0 to 512 [ 212.062568][ T7533] journal_path: Lookup failure for './bus' [ 212.068424][ T7533] EXT4-fs: error: could not find journal device path [ 212.392147][ T7533] netem: incorrect gi model size [ 212.397114][ T7533] netem: change failed [ 212.525220][ T4268] EXT4-fs (loop3): unmounting filesystem. [ 212.644690][ T7540] loop3: detected capacity change from 0 to 256 [ 212.656985][ T129] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 212.686633][ T129] hid-generic 0000:0000:0000.0001: hidraw0: HID v0.00 Device [syz1] on syz0 [ 213.213358][ T7565] xt_hashlimit: max too large, truncated to 1048576 [ 213.562609][ T7574] loop3: detected capacity change from 0 to 128 [ 213.595990][ T7574] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100) [ 213.636424][ T7574] FAT-fs (loop3): Filesystem has been set read-only [ 213.657916][ T7574] syz.3.1074: attempt to access beyond end of device [ 213.657916][ T7574] loop3: rw=524288, sector=2065, nr_sectors = 8 limit=128 [ 213.736946][ T7574] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100) [ 213.778469][ T7574] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100) [ 213.801956][ T7574] syz.3.1074: attempt to access beyond end of device [ 213.801956][ T7574] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 213.839905][ T7574] syz.3.1074: attempt to access beyond end of device [ 213.839905][ T7574] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 213.909931][ T7574] syz.3.1074: attempt to access beyond end of device [ 213.909931][ T7574] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 213.944045][ T7574] syz.3.1074: attempt to access beyond end of device [ 213.944045][ T7574] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 213.980177][ T7574] syz.3.1074: attempt to access beyond end of device [ 213.980177][ T7574] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 214.030197][ T7574] syz.3.1074: attempt to access beyond end of device [ 214.030197][ T7574] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 214.079679][ T7574] syz.3.1074: attempt to access beyond end of device [ 214.079679][ T7574] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 214.107453][ T7592] loop4: detected capacity change from 0 to 128 [ 214.158103][ T7574] syz.3.1074: attempt to access beyond end of device [ 214.158103][ T7574] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 214.203122][ T7596] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1081'. [ 214.230901][ T7574] syz.3.1074: attempt to access beyond end of device [ 214.230901][ T7574] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 214.740517][ T27] kauditd_printk_skb: 106 callbacks suppressed [ 214.740531][ T27] audit: type=1326 audit(1751785217.029:2791): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7610 comm="syz.3.1088" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e07d8e929 code=0x7ffc0000 [ 214.829763][ T27] audit: type=1326 audit(1751785217.029:2792): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7610 comm="syz.3.1088" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e07d8e929 code=0x7ffc0000 [ 214.910460][ T27] audit: type=1326 audit(1751785217.049:2793): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7610 comm="syz.3.1088" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f3e07d8e929 code=0x7ffc0000 [ 214.983442][ T27] audit: type=1326 audit(1751785217.049:2794): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7610 comm="syz.3.1088" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e07d8e929 code=0x7ffc0000 [ 215.050822][ T27] audit: type=1326 audit(1751785217.059:2795): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7610 comm="syz.3.1088" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e07d8e929 code=0x7ffc0000 [ 215.117637][ T27] audit: type=1326 audit(1751785217.059:2796): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7610 comm="syz.3.1088" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f3e07d8e929 code=0x7ffc0000 [ 215.176606][ T27] audit: type=1326 audit(1751785217.059:2797): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7610 comm="syz.3.1088" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e07d8e929 code=0x7ffc0000 [ 215.215160][ T27] audit: type=1326 audit(1751785217.059:2798): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7610 comm="syz.3.1088" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e07d8e929 code=0x7ffc0000 [ 215.238047][ T27] audit: type=1326 audit(1751785217.059:2799): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7610 comm="syz.3.1088" exe="/root/syz-executor" sig=0 arch=c000003e syscall=299 compat=0 ip=0x7f3e07d8e929 code=0x7ffc0000 [ 215.305774][ T27] audit: type=1326 audit(1751785217.109:2800): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7610 comm="syz.3.1088" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e07d8e929 code=0x7ffc0000 [ 215.514039][ T7629] loop0: detected capacity change from 0 to 512 [ 215.560630][ T7629] EXT4-fs: Ignoring removed nobh option [ 215.602490][ T7629] [ 215.604848][ T7629] ====================================================== [ 215.611863][ T7629] WARNING: possible circular locking dependency detected [ 215.618895][ T7629] 6.1.142-syzkaller #0 Not tainted [ 215.624004][ T7629] ------------------------------------------------------ [ 215.631021][ T7629] syz.0.1096/7629 is trying to acquire lock: [ 215.637002][ T7629] ffff8880529234b0 (&ei->i_data_sem/2){++++}-{3:3}, at: ext4_map_blocks+0x316/0x1b60 [ 215.646525][ T7629] [ 215.646525][ T7629] but task is already holding lock: [ 215.653885][ T7629] ffff888070d74208 (&s->s_dquot.dqio_sem){++++}-{3:3}, at: v2_write_dquot+0x12b/0x190 [ 215.663468][ T7629] [ 215.663468][ T7629] which lock already depends on the new lock. [ 215.663468][ T7629] [ 215.673866][ T7629] [ 215.673866][ T7629] the existing dependency chain (in reverse order) is: [ 215.682873][ T7629] [ 215.682873][ T7629] -> #2 (&s->s_dquot.dqio_sem){++++}-{3:3}: [ 215.690943][ T7629] down_read+0x42/0x2d0 [ 215.695616][ T7629] v2_read_dquot+0x4a/0x110 [ 215.700633][ T7629] dquot_acquire+0x152/0x520 [ 215.705732][ T7629] ext4_acquire_dquot+0x2d9/0x4a0 [ 215.711268][ T7629] dqget+0x778/0xeb0 [ 215.715671][ T7629] __dquot_initialize+0x3b6/0xcb0 [ 215.721198][ T7629] ext4_process_orphan+0x54/0x300 [ 215.726725][ T7629] ext4_orphan_cleanup+0xbd3/0x1400 [ 215.732427][ T7629] ext4_fill_super+0x7b78/0x8110 [ 215.737869][ T7629] get_tree_bdev+0x3f1/0x610 [ 215.742963][ T7629] vfs_get_tree+0x88/0x270 [ 215.747885][ T7629] do_new_mount+0x24a/0xa40 [ 215.752897][ T7629] __se_sys_mount+0x2d6/0x3c0 [ 215.758081][ T7629] do_syscall_64+0x4c/0xa0 [ 215.763008][ T7629] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 215.769412][ T7629] [ 215.769412][ T7629] -> #1 (&dquot->dq_lock){+.+.}-{3:3}: [ 215.777045][ T7629] __mutex_lock+0x120/0xaf0 [ 215.782060][ T7629] dquot_commit+0x5a/0x410 [ 215.786982][ T7629] ext4_write_dquot+0x1f0/0x360 [ 215.792338][ T7629] mark_all_dquot_dirty+0xf9/0x400 [ 215.797954][ T7629] __dquot_free_space+0x7ec/0xbc0 [ 215.803484][ T7629] ext4_free_blocks+0x1bab/0x2640 [ 215.809014][ T7629] ext4_ext_remove_space+0x1f0d/0x4490 [ 215.814980][ T7629] ext4_ext_truncate+0x211/0x370 [ 215.820423][ T7629] ext4_truncate+0xa0b/0x1230 [ 215.825602][ T7629] ext4_process_orphan+0x1cb/0x300 [ 215.831221][ T7629] ext4_orphan_cleanup+0xbd3/0x1400 [ 215.836917][ T7629] ext4_fill_super+0x7b78/0x8110 [ 215.842357][ T7629] get_tree_bdev+0x3f1/0x610 [ 215.847454][ T7629] vfs_get_tree+0x88/0x270 [ 215.852375][ T7629] do_new_mount+0x24a/0xa40 [ 215.857382][ T7629] __se_sys_mount+0x2d6/0x3c0 [ 215.862563][ T7629] do_syscall_64+0x4c/0xa0 [ 215.867483][ T7629] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 215.873885][ T7629] [ 215.873885][ T7629] -> #0 (&ei->i_data_sem/2){++++}-{3:3}: [ 215.881690][ T7629] __lock_acquire+0x2cf8/0x7c50 [ 215.887048][ T7629] lock_acquire+0x1b4/0x490 [ 215.892060][ T7629] down_read+0x42/0x2d0 [ 215.896723][ T7629] ext4_map_blocks+0x316/0x1b60 [ 215.902079][ T7629] ext4_getblk+0x1ab/0x6d0 [ 215.906998][ T7629] ext4_bread+0x26/0x170 [ 215.911744][ T7629] ext4_quota_write+0x230/0x570 [ 215.917099][ T7629] get_free_dqblk+0x312/0x660 [ 215.922280][ T7629] do_insert_tree+0x22b/0x1040 [ 215.927547][ T7629] do_insert_tree+0x9eb/0x1040 [ 215.932816][ T7629] do_insert_tree+0x9eb/0x1040 [ 215.938086][ T7629] do_insert_tree+0x9eb/0x1040 [ 215.943356][ T7629] qtree_write_dquot+0x48d/0x5b0 [ 215.948798][ T7629] v2_write_dquot+0x108/0x190 [ 215.953979][ T7629] dquot_acquire+0x2d5/0x520 [ 215.959073][ T7629] ext4_acquire_dquot+0x2d9/0x4a0 [ 215.964601][ T7629] dqget+0x778/0xeb0 [ 215.969002][ T7629] __dquot_initialize+0x3b6/0xcb0 [ 215.974536][ T7629] ext4_process_orphan+0x54/0x300 [ 215.980060][ T7629] ext4_orphan_cleanup+0xbd3/0x1400 [ 215.985757][ T7629] ext4_fill_super+0x7b78/0x8110 [ 215.991204][ T7629] get_tree_bdev+0x3f1/0x610 [ 215.996296][ T7629] vfs_get_tree+0x88/0x270 [ 216.001215][ T7629] do_new_mount+0x24a/0xa40 [ 216.006225][ T7629] __se_sys_mount+0x2d6/0x3c0 [ 216.011414][ T7629] do_syscall_64+0x4c/0xa0 [ 216.016342][ T7629] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 216.022745][ T7629] [ 216.022745][ T7629] other info that might help us debug this: [ 216.022745][ T7629] [ 216.032956][ T7629] Chain exists of: [ 216.032956][ T7629] &ei->i_data_sem/2 --> &dquot->dq_lock --> &s->s_dquot.dqio_sem [ 216.032956][ T7629] [ 216.046596][ T7629] Possible unsafe locking scenario: [ 216.046596][ T7629] [ 216.054031][ T7629] CPU0 CPU1 [ 216.059375][ T7629] ---- ---- [ 216.064720][ T7629] lock(&s->s_dquot.dqio_sem); [ 216.069553][ T7629] lock(&dquot->dq_lock); [ 216.076471][ T7629] lock(&s->s_dquot.dqio_sem); [ 216.083823][ T7629] lock(&ei->i_data_sem/2); [ 216.088399][ T7629] [ 216.088399][ T7629] *** DEADLOCK *** [ 216.088399][ T7629] [ 216.096520][ T7629] 3 locks held by syz.0.1096/7629: [ 216.101608][ T7629] #0: ffff888070d740e0 (&type->s_umount_key#27/1){+.+.}-{3:3}, at: alloc_super+0x1fa/0x930 [ 216.111694][ T7629] #1: ffff888052942ea8 (&dquot->dq_lock){+.+.}-{3:3}, at: dquot_acquire+0x63/0x520 [ 216.121072][ T7629] #2: ffff888070d74208 (&s->s_dquot.dqio_sem){++++}-{3:3}, at: v2_write_dquot+0x12b/0x190 [ 216.131057][ T7629] [ 216.131057][ T7629] stack backtrace: [ 216.136957][ T7629] CPU: 1 PID: 7629 Comm: syz.0.1096 Not tainted 6.1.142-syzkaller #0 [ 216.145021][ T7629] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 216.155068][ T7629] Call Trace: [ 216.158336][ T7629] [ 216.161260][ T7629] dump_stack_lvl+0x168/0x22e [ 216.165934][ T7629] ? load_image+0x3b0/0x3b0 [ 216.170436][ T7629] ? show_regs_print_info+0x12/0x12 [ 216.175629][ T7629] ? print_circular_bug+0x12b/0x1a0 [ 216.180817][ T7629] check_noncircular+0x274/0x310 [ 216.185744][ T7629] ? add_chain_block+0x940/0x940 [ 216.190668][ T7629] ? lockdep_lock+0xdc/0x1e0 [ 216.195250][ T7629] ? mark_lock+0x94/0x320 [ 216.199575][ T7629] ? _find_first_zero_bit+0xcf/0x100 [ 216.204848][ T7629] __lock_acquire+0x2cf8/0x7c50 [ 216.209693][ T7629] ? _raw_spin_unlock_irqrestore+0xaa/0x100 [ 216.215578][ T7629] ? _raw_spin_unlock+0x40/0x40 [ 216.220413][ T7629] ? verify_lock_unused+0x140/0x140 [ 216.225602][ T7629] ? stack_trace_save+0x98/0xe0 [ 216.230447][ T7629] lock_acquire+0x1b4/0x490 [ 216.234937][ T7629] ? ext4_map_blocks+0x316/0x1b60 [ 216.239949][ T7629] ? preempt_count_add+0x8d/0x190 [ 216.244959][ T7629] ? __might_sleep+0xd0/0xd0 [ 216.249539][ T7629] ? read_lock_is_recursive+0x10/0x10 [ 216.254902][ T7629] ? rcu_is_watching+0x11/0xa0 [ 216.259659][ T7629] down_read+0x42/0x2d0 [ 216.263806][ T7629] ? ext4_map_blocks+0x316/0x1b60 [ 216.268814][ T7629] ext4_map_blocks+0x316/0x1b60 [ 216.273662][ T7629] ? ext4_issue_zeroout+0x250/0x250 [ 216.278843][ T7629] ? kasan_set_track+0x60/0x70 [ 216.283593][ T7629] ? kasan_set_track+0x4b/0x70 [ 216.288341][ T7629] ? __kasan_kmalloc+0x8e/0xa0 [ 216.293096][ T7629] ? __kmalloc+0xb0/0x240 [ 216.297406][ T7629] ? get_free_dqblk+0x45/0x660 [ 216.302157][ T7629] ? do_insert_tree+0x22b/0x1040 [ 216.307077][ T7629] ? do_insert_tree+0x9eb/0x1040 [ 216.311999][ T7629] ? do_insert_tree+0x9eb/0x1040 [ 216.316920][ T7629] ? qtree_write_dquot+0x48d/0x5b0 [ 216.322019][ T7629] ? v2_write_dquot+0x108/0x190 [ 216.326864][ T7629] ext4_getblk+0x1ab/0x6d0 [ 216.331276][ T7629] ? vfs_get_tree+0x88/0x270 [ 216.335847][ T7629] ? do_new_mount+0x24a/0xa40 [ 216.340506][ T7629] ? __se_sys_mount+0x2d6/0x3c0 [ 216.345343][ T7629] ? ext4_get_block_unwritten+0x100/0x100 [ 216.351050][ T7629] ext4_bread+0x26/0x170 [ 216.355277][ T7629] ext4_quota_write+0x230/0x570 [ 216.360120][ T7629] ? ext4_quota_read+0x380/0x380 [ 216.365040][ T7629] ? rcu_is_watching+0x11/0xa0 [ 216.369790][ T7629] ? get_free_dqblk+0x45/0x660 [ 216.374539][ T7629] ? __kmalloc+0xe1/0x240 [ 216.378852][ T7629] get_free_dqblk+0x312/0x660 [ 216.383515][ T7629] ? ext4_quota_read+0x380/0x380 [ 216.388436][ T7629] do_insert_tree+0x22b/0x1040 [ 216.393185][ T7629] ? get_free_dqblk+0x45e/0x660 [ 216.398024][ T7629] do_insert_tree+0x9eb/0x1040 [ 216.402777][ T7629] do_insert_tree+0x9eb/0x1040 [ 216.407532][ T7629] do_insert_tree+0x9eb/0x1040 [ 216.412286][ T7629] qtree_write_dquot+0x48d/0x5b0 [ 216.417213][ T7629] ? qtree_entry_unused+0xe0/0xe0 [ 216.422230][ T7629] ? rwsem_write_trylock+0x12f/0x1b0 [ 216.427500][ T7629] ? trace_contention_end+0x5f/0x170 [ 216.432769][ T7629] ? preempt_count_add+0x8d/0x190 [ 216.437778][ T7629] v2_write_dquot+0x108/0x190 [ 216.442440][ T7629] dquot_acquire+0x2d5/0x520 [ 216.447013][ T7629] ext4_acquire_dquot+0x2d9/0x4a0 [ 216.452027][ T7629] dqget+0x778/0xeb0 [ 216.455907][ T7629] __dquot_initialize+0x3b6/0xcb0 [ 216.460918][ T7629] ? dquot_initialize+0x20/0x20 [ 216.465752][ T7629] ? ext4_get_projid+0x140/0x140 [ 216.470678][ T7629] ext4_process_orphan+0x54/0x300 [ 216.475685][ T7629] ext4_orphan_cleanup+0xbd3/0x1400 [ 216.480868][ T7629] ? ext4_orphan_del+0xb90/0xb90 [ 216.485788][ T7629] ? errseq_check_and_advance+0x62/0x120 [ 216.491409][ T7629] ext4_fill_super+0x7b78/0x8110 [ 216.496341][ T7629] ? ext4_parse_test_dummy_encryption+0xb0/0xb0 [ 216.502564][ T7629] ? snprintf+0xd7/0x120 [ 216.506796][ T7629] ? preempt_count_add+0x8d/0x190 [ 216.511804][ T7629] ? set_blocksize+0x1d3/0x350 [ 216.516555][ T7629] ? sb_set_blocksize+0xa5/0xe0 [ 216.521391][ T7629] get_tree_bdev+0x3f1/0x610 [ 216.525972][ T7629] ? ext4_parse_test_dummy_encryption+0xb0/0xb0 [ 216.532196][ T7629] vfs_get_tree+0x88/0x270 [ 216.536600][ T7629] do_new_mount+0x24a/0xa40 [ 216.541088][ T7629] __se_sys_mount+0x2d6/0x3c0 [ 216.545760][ T7629] ? __x64_sys_mount+0xc0/0xc0 [ 216.550507][ T7629] ? lockdep_hardirqs_on+0x94/0x140 [ 216.555693][ T7629] ? __x64_sys_mount+0x1c/0xc0 [ 216.560445][ T7629] do_syscall_64+0x4c/0xa0 [ 216.564846][ T7629] ? clear_bhb_loop+0x60/0xb0 [ 216.569506][ T7629] ? clear_bhb_loop+0x60/0xb0 [ 216.574168][ T7629] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 216.580050][ T7629] RIP: 0033:0x7f42c03900ca [ 216.584461][ T7629] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 216.604059][ T7629] RSP: 002b:00007f42c110de68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 216.612457][ T7629] RAX: ffffffffffffffda RBX: 00007f42c110def0 RCX: 00007f42c03900ca [ 216.620413][ T7629] RDX: 00002000000000c0 RSI: 0000200000000980 RDI: 00007f42c110deb0 [ 216.628366][ T7629] RBP: 00002000000000c0 R08: 00007f42c110def0 R09: 0000000000000000 [ 216.636318][ T7629] R10: 0000000000000000 R11: 0000000000000246 R12: 0000200000000980 [ 216.644272][ T7629] R13: 00007f42c110deb0 R14: 0000000000000519 R15: 0000200000000100 [ 216.652232][ T7629] [ 216.659755][ T7640] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1097'. [ 216.686110][ T7629] EXT4-fs error (device loop0): ext4_do_update_inode:5254: inode #3: comm syz.0.1096: corrupted inode contents [ 216.702568][ T7639] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) ! [ 216.711757][ T7629] EXT4-fs error (device loop0): ext4_dirty_inode:6119: inode #3: comm syz.0.1096: mark_inode_dirty error [ 216.728483][ T7629] EXT4-fs error (device loop0): ext4_do_update_inode:5254: inode #3: comm syz.0.1096: corrupted inode contents [ 216.745495][ T7629] EXT4-fs error (device loop0): __ext4_ext_dirty:202: inode #3: comm syz.0.1096: mark_inode_dirty error [ 216.757634][ T7629] EXT4-fs error (device loop0): ext4_acquire_dquot:6814: comm syz.0.1096: Failed to acquire dquot type 0 [ 216.770862][ T7629] EXT4-fs error (device loop0): ext4_do_update_inode:5254: inode #16: comm syz.0.1096: corrupted inode contents [ 216.784052][ T7629] EXT4-fs error (device loop0): ext4_dirty_inode:6119: inode #16: comm syz.0.1096: mark_inode_dirty error [ 216.795580][ T7629] EXT4-fs error (device loop0): ext4_do_update_inode:5254: inode #16: comm syz.0.1096: corrupted inode contents [ 216.807606][ T7629] EXT4-fs error (device loop0): __ext4_ext_dirty:202: inode #16: comm syz.0.1096: mark_inode_dirty error [ 216.819048][ T7629] EXT4-fs error (device loop0): ext4_do_update_inode:5254: inode #16: comm syz.0.1096: corrupted inode contents [ 216.831043][ T7629] EXT4-fs error (device loop0) in ext4_orphan_del:305: Corrupt filesystem [ 216.839865][ T7629] EXT4-fs error (device loop0): ext4_do_update_inode:5254: inode #16: comm syz.0.1096: corrupted inode contents [ 216.852015][ T7629] EXT4-fs error (device loop0): ext4_truncate:4312: inode #16: comm syz.0.1096: mark_inode_dirty error [ 216.863398][ T7629] EXT4-fs error (device loop0) in ext4_process_orphan:347: Corrupt filesystem [ 216.873925][ T7629] EXT4-fs (loop0): 1 truncate cleaned up [ 216.879551][ T7629] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 216.888817][ T7629] ext4 filesystem being mounted at /214/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 216.914477][ T4269] EXT4-fs (loop0): unmounting filesystem.