last executing test programs: 13.751416555s ago: executing program 1 (id=849): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r1) 13.243378089s ago: executing program 1 (id=852): bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x1b, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x7a, 0x0, 0x0, 0x41000, 0x44, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94) bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000020"], 0x50) bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001000000000000000640000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000e0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe}, 0x94) prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x28}, 0x94) r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000080)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x64}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xb68, 0xf5ffffff, &(0x7f0000000000)='%', 0x0, 0xd01, 0xbe02, 0x0, 0x0, 0x0, 0x0, 0x2, 0x31}, 0x48) 12.038095117s ago: executing program 1 (id=857): bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[], 0x50) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000040)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000300)='afs_cell\x00', 0xffffffffffffffff, 0x0, 0x34}, 0x18) r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10) prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00') syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x3000010, &(0x7f0000000340)={[{@errors_remount}, {@nodioread_nolock}]}, 0x1, 0x512, &(0x7f0000000380)="$eJzs3d9rY1kdAPDvvW1mOzNdk1WRdcF1cVc6i07Sbt3dIqLriz4tqOv7WNu0lCZNadJ1Whbt4H8ggoJPPvki+AcIwzz4B8jAgL6ID6KiiM7og6DOlSQ3TidN2rrTNp3m84HTnHPvzf2ec0NO7o/TewMYWy9FxFsRMRERr0ZEMZ+e5in2uqm93IP77y21UxJZ9s5fk0jyab11tdcxGRFX87dNRcTXvhzxzeRg3ObO7vpirVbdysuVVn2z0tzZvb5WX1ytrlY35ufn3lh4c+H1hdks90TtLPUyP/nS529/+lu/u/Hna99uV+tzH4lC9LXjJHWbXuhsi572Nto6jWAj0PvMC6OuCAAAx9Lex/9gRHyis/9fjInO3lyfiVHUDAAAADgp2Rem499JRAYAAABcWGlETEeSlvOxANORppfycwMfjitprdFsfWqlsb2x3J4XUYpCurJWq87mY4VLUUja5bl8jG2v/FpfeT4inouI7xcvd8rlpUZtecTnPgAAAGBcXO07/v9HMe3kjzbg/wQAAACA86s0tAAAAABcFA75AQAA4OLrP/6/PaJ6AAAAAKfiK2+/3U5Z7/nXy+/ubK833r2+XG2ul+vbS+WlxtZmebXRWO3cs69+1PpqjcbmZ2Jj+2alVW22Ks2d3Rv1xvZG68baY4/ABgAAAM7Qcx+/8+skIvY+e7mTIr8PIMBj/jDqCgAnaWLUFQBGxl28YXwVRl0BYOSSI+YbvAMAAE+/mY8evP7fe/6/cwNwsRnrAwDjx/V/GF8FIwBhrKUR8YFu9plhywy9/v/L40bJsoi7xf1TnF8EAICzNd1JSVrOjwOmI03L5YhnI9JSFJKVtVp1Nj8++FWx8Ey7PNd5Z3LkmGEAAAAAAAAAAAAAAAAAAAAAAAAAoCvLksgAAACACy0i/VPSuZt/xEzxlen+8wOXkn8W44954Ufv/ODmYqu1Ndee/rfOs7wuRUTrh/n014Y+PgwAAAA4acne0Fnd4/T8de5MawUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAGHhw/72lXjrLuH/5YkSUBsWfjKnO61QUIuLK35OY3Pe+JCImTiD+3q2IeH5Q/CQeZllWymvRHz+NiMunHL/U2TTD4189gfgwzu60+5+3Bn3/0nip8zr4+zeZpyc1vP9L88jPd/q5Qf3fswfWVh8Y44V7P6sMjX8r4oXJwf1Pr/9NhsR/+cDa/pVl2cEY3/j67u6w+NmPI2YG/v4kj8WqtOqblebO7vW1+uJqdbW6MT8/98bCmwuvL8xWVtZq1fzvwBjf+9jPHx7W/isD4v/2N93+97D2vzJspX3+c+/m/Q91s4VB8a+9PPD3dyqGxE/z375P5vn2/Jlefq+b3+/Fn9598bD2Lw/Z/kd9/teO2f5Xv/rd3x9zUQDgDDR3dtcXa7Xq1iGZqWMs8zRmfjF1Lqrxf2ay73Q/ufNSn/ebae+tPprSa9U5qNi+THZmsSbinDT5f5mRdksAAMApeLTTP+qaAAAAAAAAAAAAAAAAAAAAwPg6i9uJ9cfcG01TAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAO9d8AAAD//yLg4A8=") syz_clone(0x41aa1000, 0x0, 0x0, 0x0, 0x0, 0x0) socket$netlink(0x10, 0x3, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc) socket$nl_route(0x10, 0x3, 0x0) 10.428842076s ago: executing program 3 (id=865): bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) syz_mount_image$iso9660(&(0x7f0000000040), &(0x7f0000000240)='./file0\x00', 0x2, &(0x7f0000000280)=ANY=[], 0x3, 0x58f, &(0x7f0000000800)="$eJzs3c9v2+Ydx/EPXbt2NSAbtiEIAid9mmyAA7gqJTcOjJ446pHMViIFkmrtUxE0cmFE7opkAxZftlyyDdj+iF5333XYfdf9G8V6GnbTQFKy5ehXfjiRE7xfQvI8Ir/k86Us6Ava4kMBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA5fs11K46aQdjZM9P5tThqjS/WslR0Bm6daWaMKznZP62t6Uqx6MrPT1dfzv67ofXi2brWsmZNxz+6/JNPfra8NNx+RsKvxcNHx/fv9nrdB4tOZEEaNgySKGh5DWuCJDI770narSemHjRtsp+ktmX82HppFJsN/5ap7OxsGVvejzpho+Y17XDhnQ+rrrttPi23rRcnUfjRp+XE3w2azSBs5DHZ6izmTvZG/CxITWq9ljEHh73u1rwks6DKswRV5wVV3Wq1UqlWK9u3d27fcd3lsQXuKUeu62osYvFvWizWOX+CAy9uaVD/1VSgUB3tyUx8+KopVqTWlPUDw/r/y4/szHFH639e5ftav3K6+qry+n+9eHZ9Wv2fksuMx0q2o+fe6unHu8N9PNQjHeu+7qqnnrp6cBqzeS4jXfBHQ1ahAiWKFKglL19iBkuMdrStbbn6UruqK5FRXYGaskq0r0SpbP6O8hVrVZ5SRYpltCFft2RUUX91R1sysiprX5E6CtVQTV6+lwMd5q/71owcT4IqM4K+GL7zqjOCnqv+50Y3+Rf1H9R/XCT9Yf1/2juLyAYAAAAAALwKTv7b9+z8f0XXpBVH9aBp3UWnBQAAAAAAzlH+l//1rMm/GXdNDuf/AAAAAAC8bZz8GjtHUknvF73h5VKDXwL0f7zoHAEAAAAAwMvJ//5/PWtKWe99OU+f/wMAAAAAgDfdn6bNsf9PqT+YFnDV+cd/FMcrzuP23i+cIy9b5h0NJggcmycwrV91Lg12kjfby4Nnvl13BrNfnkyC+f2gOZg3179zDgnoL/qgiPngXtHeG64pRinVg6Yt+1Hzk4o879JSavfS335z+Dvlh//nsHXJ+eHgsNctf/Xr3r08l8fZXh4fDV6psXkUZ+TyG10rYq5NPuKV/EKMwbglR9m47ujxLxWbLz3HmE90o4i5USra0tnjX8vGrJSnHX2RxaqklzryJ7pZxNzcuFk0E7KozsmiWx19/V/otXiGLLZmZbF62OtuvWQWALAoB7OrUO6ds3X3BT7lXk91f6KNImbjav7Bunx1wie6O6+uuBPq+trJ8MvDLPq/n5LF38bugTStxmbj/vVk3Eo+7nfZBt9NrapJs+po7dv/9vtH3+ryw0fHHx4e3f26+3X3m2p1a9v92HVvV7WSH8agofYAACaYf4+duRHOx3POqn968pWCsr6S/tfv39NmfrVB/o2DiXst5dv8kH8NYXPOWWtp5A4vm3PO6k5jq88Ru/UafhIAALw+N+bU4en13xnexc/ZnHPeXRr5SuHm6Nnxuxo7Ox6t5QAA4NWw8fdOKf2jE8dB+8vKzk7FS3etiSP/MxMHtYY1QZja2N/1woY17ThKIz9qZp3Pg5pNTNJpt6M4NfUoNu0oCfbyO7+bwa3fE9vywjTwk3bTeok1fhSmnp+aWpD4pt35VTNIdm2cb5y0rR/UA99Lgyg0SdSJfVs2JrF2JDCo2TAN6kHWDU07DlpevG8+j5qdljU1m/hx0E6jYofDsYKwHsWtfLflRb/YAABcEA8fHd+/2+t1Hww7zvLTS166s+hjBAAAZ1GlAQAAAAAAAAAAAAAAAAAAAAC4+M7tIr+3qrP6Kvb8hV5Fqu9Jmh3z75I0uqTff9Yhli7Cz+JMZzjp9IyYv09YJekPi0/+zepM+rQYm48awBvs/wEAAP//j/NUaA==") 9.94340923s ago: executing program 3 (id=866): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b703000000060000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000100)='ext4_es_lookup_extent_exit\x00', r0, 0x0, 0xfffffffffffffffe}, 0x18) syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f0000000080)={[{@i_version}, {@nogrpid}, {@bh}]}, 0x1, 0x51d, &(0x7f0000000200)="$eJzs3c9vHFcdAPDvTLK2k7h1WnoABG1oCwFFWceb1qp6gHJCCFVC9AhSauyNZXnXa3nXpTaRcM9ckajECY78AZx74s4FwY1LOSDxwwLVSBwGzezY2di79uaHvZb385FG89688X7fizPvzbxd7wtgbN2IiJ2ImIiI9yNipjyelFu8093y8z7bfbC4t/tgMYkse++fSVGeH4uen8ldK19zKiJ+8J2IHydH47a3tlcXGo36Rpmf7TTXZ9tb27dXmgvL9eX6Wq02Pzd/5627b9YeozVTx5a+0pwoU1/+9A873/hpXq3p8khvO56lbtMrB3FylyPie6cRbAQule2ZGHVFeCJpRLwYEa8W1/9MXCp+mwDARZZlM5HN9OYBgIsuLebAkrRazgVMR5pWq905vJfiatpotTu37rc215a6c2XXo5LeX2nU75RzhdejkuT5uSL9MF87lL8bES9ExC8mrxT56mKrsTTKGx8AGGPXDo3//5nsjv8AwAV3/MdmAICLyPgPAOPH+A8A48f4DwDjpzv+X3ncH8uy7GenUR0A4Ax4/geA8WP8B4Cx8v133823bK/8/uulD7Y2V1sf3F6qt1erzc3F6mJrY7263GotF9/Z0zzp9Rqt1vrcG7H54fVvrrc7s+2t7XvN1uZa517xvd736pXirJ0zaBkAMMgLr3zy5yQfkd++UmzRs5ZDZaQ1A05bOuoKACNzadQVAEbGal8wvh4+4z/2hwBMD8AF0WeJ3kdM9fsDoSzLstOrEnDKbn7B/D+Mq575f58ChjFz0vx/sTawNwnhQjL/D+Mry5Jh1/yPYU8EAM63Y+b4r5/lfQgwOgPe/3+x3P+2fHPgR0uHz/j4NGsFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA59v++r/Vcpnf6UjTajXiuWIBoEpyf6VRvxMRz0fEnyYrk3l+bsR1BgCeVvq3pFz/6+bM69OPFL187SA5ERE/+dV7v/xwodPZ+GPERPKvyf3jnY/L47UTg02dRgsAgOPtj9PFvudB/rPdB4v721nW5+/f7t4V5HH3didi7yD+5bhc7KeiEhFX/52U+a6kZ+7iaex8FBGf79f+JKaLOZDuLcvh+Hns5840fvpI/LRcoDkt/y0+9wzqAuPmk7z/eaff9ZfGjWLf//qfKnqop1f2f/lLLe4VfeDD+Pv936UB/d+NYWO88fvvdlNXjpZ9FPHFyxH7sfd6+p/9+MmA+K8PGf8vX3r51UFl2a8jbkb/+L2xZjvN9dn21vbtlebCcn25vlarzc/N33nr7pu12WKOenbwaPCPt289P6gsb//VAfGnTmj/V4ds/2/+9/4Pv3JM/K+/1i9+Gi8dEz8fE782ZPyFq78b+Nydx1862v5kmN//rSHjf/rX7SPLhgMAo9Pe2l5daDTqGxIS5z+R/5c9B9Xom/jWWcWaiP5FP3+te00fKsqyJ4o1qMd4FrNuwHlwcNFHxH9HXRkAAAAAAAAAAAAAAKCvs/iLpVG3EQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIvr/wEAAP//Rb3T2A==") 8.736960453s ago: executing program 3 (id=868): rt_sigqueueinfo(0xffffffffffffffff, 0x3d, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000000)={0x1f, 0xffffffffffffffff, 0x4}, 0x6) write$bt_hci(r0, &(0x7f00000002c0)=ANY=[], 0x138) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) getpid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000000)='sched_switch\x00', r4}, 0x10) syz_clone(0x41200100, 0x0, 0x0, 0x0, 0x0, 0x0) 4.586676486s ago: executing program 4 (id=876): socket$inet6(0x10, 0x3, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x48) ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = socket(0x28, 0x5, 0x0) bind$vsock_stream(r0, &(0x7f0000000040)={0x28, 0x0, 0x0, @local}, 0x10) r1 = socket(0x28, 0x5, 0x0) connect$vsock_stream(r1, 0x0, 0x0) write$binfmt_elf64(r1, 0x0, 0x40000) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000640)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="180100000100a7d9000000000020b200850000007b00"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000340)='kfree\x00', r2, 0x0, 0x2}, 0x18) sendmsg$IPSET_CMD_DESTROY(0xffffffffffffffff, 0x0, 0x8d0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$batadv(&(0x7f0000000400), 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r3, 0x8933, &(0x7f0000000440)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_SET_MESH(r3, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000000000000000f000000050030000000000005002f000000000008000300", @ANYRES32=r5], 0x2c}}, 0x4000000) 4.28081384s ago: executing program 2 (id=877): r0 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000280)=[@in={0x2, 0x4e21, @loopback}], 0x10) setsockopt$inet_sctp_SCTP_INITMSG(r0, 0x84, 0x2, &(0x7f0000000200)={0x200, 0xb46f, 0x2, 0x27c7}, 0x8) sendmsg$inet_sctp(r0, &(0x7f0000000700)={&(0x7f0000000340)=@in={0x2, 0x4e21, @loopback}, 0x10, &(0x7f0000000080)=[{&(0x7f0000000000)="fd", 0x1}], 0x1, 0x0, 0x0, 0x8008854}, 0x240008b1) r1 = dup(r0) write$RDMA_USER_CM_CMD_CREATE_ID(r1, 0x0, 0x0) setsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f0000000100)={0x0, 0x0, 0x20}, 0xc) write$RDMA_USER_CM_CMD_RESOLVE_ROUTE(r1, &(0x7f0000000180)={0x4, 0xffffff95, 0xfa00, {0xffffffffffffffff, 0x4}}, 0x29fdf) 4.037838255s ago: executing program 0 (id=878): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000140)=ANY=[@ANYBLOB="18010000000000100000000000000000850000007d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kmem_cache_free\x00', r0}, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000540), 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f00000000c0)={'batadv_slave_0\x00', 0x0}) sendmsg$ETHTOOL_MSG_STRSET_GET(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f00000009c0)={&(0x7f0000000800)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="1500000000000000000001000000100002800c00018008000100030000000c00018008000100", @ANYRES32=r3], 0x30}}, 0x0) 4.008031637s ago: executing program 4 (id=879): bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x1b, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x7a, 0x0, 0x0, 0x41000, 0x44, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94) bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000020"], 0x50) bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001000000000000000640000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000e0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe}, 0x94) prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x28}, 0x94) r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000080)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x64}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xb68, 0xf5ffffff, &(0x7f0000000000)='%', 0x0, 0xd01, 0xbe02, 0x0, 0x0, 0x0, 0x0, 0x2, 0x31}, 0x48) 3.540542616s ago: executing program 0 (id=880): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_deliver\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) syz_open_procfs$namespace(0x0, 0xffffffffffffffff) 3.097332185s ago: executing program 0 (id=881): r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x4, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) r2 = socket$igmp(0x2, 0x3, 0x2) setsockopt$MRT_INIT(r2, 0x0, 0xc8, &(0x7f0000000000), 0x4) setsockopt$inet_int(r2, 0x0, 0x5, &(0x7f0000000080)=0x6, 0x4) 3.006695179s ago: executing program 2 (id=882): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x3, 0x3, &(0x7f0000000380)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0xa, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x94) bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000140)=ANY=[@ANYRES32=0x1, @ANYRES32=r0, @ANYBLOB], 0x20) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000820004000000000000000c00850000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x65) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x18) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000140)=ANY=[], 0x20) 2.760636849s ago: executing program 4 (id=883): r0 = socket$inet(0x2, 0x801, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x10) sendto$inet(r0, 0x0, 0xe803, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x3c}}, 0x10) sendmmsg(r0, &(0x7f0000001680)=[{{0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000140)="87f1", 0x2}], 0x1}}], 0x1, 0x1) sendto$inet(r0, &(0x7f00000001c0), 0xfffffffffffffe58, 0x2000c094, 0x0, 0xffffffe6) pipe2(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) splice(r0, 0x0, r1, 0x0, 0x7ffff000, 0x0) 2.456521836s ago: executing program 0 (id=884): socket$unix(0x1, 0x2, 0x0) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68) r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$can_j1939(0x1d, 0x2, 0x7) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f00000000c0)={'vcan0\x00', 0x0}) bind$can_j1939(r1, 0x0, 0x0) socket$nl_sock_diag(0x10, 0x3, 0x4) r3 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TIOCMIWAIT(r3, 0x545c, 0x0) ioctl$TIOCVHANGUP(r3, 0x5437, 0x8000000) syz_io_uring_setup(0x45c3, 0x0, 0x0, &(0x7f0000000580)) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f0000000000)=[{0x6, 0x84, 0x7, 0x7ffc0001}]}) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) bpf$PROG_LOAD(0x5, 0x0, 0x0) r5 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000a00)=ANY=[@ANYBLOB="540100001800010029bd70004951ea642460c9ff9015fddbdf251d0100001e010600feff0300ff71ec6d721744cc5200080000f8cfcad402006511ec028c7028564a9ce83afe1cc93e15e556c2baed7f897fe841c155a2b2a4b9f3052995cdf66a9c7922ff0300005b6c67281f1519cd7c32c2bf7563b9ae9c7a2aea5823bb2a7440a71e28452575505da99ea128d37616896be8764a2c78edbad5bde7a5e405bdc893770338925f824bd24689c0d11a5560fc3aaa9ad0d7766d8ea8d3bf1006e3df494e2f373148ecb4adafdd39874e9808b118301f1e76054a64c6d243523f5de7b347e6b740e105d090b3bcd4cbed5f1cfe93cff41a9630802f96defe9e8ea850529827c5e301953a8abaafa1f121e590f74e28233f4129d458ec5d42c3ef0619022c0000000000000000000000000000000000035c8d586b2a88d818b56d2a5e15c8a95d2917229ae5b2ea0000080005000209f50215000400030000a00005000009000000000000000100004d7b1a22e65b85e9f479380a360f495f8768d6c09e6e0fcbf927d56a4c8ca74da3a63c98310a54bdaba520c45cde98805bff98748e7a0b9da6dc558a1d76b05600308439ddc50427d5e6270ef781b6dac02b5e77d7889e8c21875af7e79c6a70d9fa60fcbab039d15eb1c14353052aed8e258567e8037257e0cf584f0491515481512b5dd5b152f22cb74b4fc914d2addc328f021ccd"], 0x154}}, 0x40000) r6 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_mreq(r6, 0x29, 0x1b, &(0x7f0000000100)={@remote}, 0x14) setsockopt$inet6_mreq(r6, 0x29, 0x1b, &(0x7f0000000480)={@dev={0xfe, 0x80, '\x00', 0x30}}, 0x14) close(r6) socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_ADD(r4, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000740)=ANY=[@ANYBLOB="44000000090605000000000000000000010000050900020073797a30000006000500010007000000080009400000000114000880100007800a001100b4"], 0x44}, 0x1, 0x0, 0x0, 0x8000}, 0x44000) sendmsg$IPSET_CMD_DESTROY(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000280)=ANY=[@ANYBLOB="28000000030605000000000000000000000000000500010007"], 0x28}, 0x1, 0x0, 0x0, 0x80}, 0x20000010) pause() setsockopt$sock_int(r1, 0x1, 0x6, &(0x7f0000000040)=0x1, 0x4) sendmsg$inet(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000007c0)=[{&(0x7f0000000540)="81b641f1f3843704b6", 0x9}], 0x1}, 0x4048081) sendmsg$nl_route_sched(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000780)=@newtfilter={0x24, 0x11, 0x1, 0x70bd30, 0x25dfdbec, {0x0, 0x0, 0x74, r2, {0xfff3, 0xfff2}, {0xfff1, 0x9}, {0x2, 0xb}}}, 0x24}, 0x1, 0xf0ffffffffffff, 0x0, 0x48040}, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0) io_uring_setup(0x7, 0x0) syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) 2.456116406s ago: executing program 2 (id=885): r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) r1 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$TIOCSTI(r1, 0x5412, &(0x7f00000000c0)=0xb) ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000100)=0xff) ioctl$TCSETSW2(r1, 0x402c542c, &(0x7f0000000040)={0xfffffff8, 0x401, 0xfffffffd, 0xc4cf, 0x7, "0441920887e87fcb367800000000080100", 0x4, 0x200}) ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000140)=0x8) r2 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r2, 0x10e, 0xc, &(0x7f0000000040)={0x9, 0xffffffff, 0x4e, 0x567}, 0x13) sendmsg$nl_generic(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000003680)=ANY=[@ANYBLOB="180000041600010a00000000010000000200000004002280"], 0x18}}, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r3}, 0x10) setgroups(0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48) r4 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000100)='kmem_cache_free\x00', r4}, 0x18) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r5 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDSIGACCEPT(r5, 0x5607, 0x2c) r6 = syz_open_dev$tty1(0xc, 0x4, 0x1) r7 = dup(r6) ioctl$TIOCL_SETVESABLANK(r7, 0x560e, &(0x7f0000000140)) ioctl$VT_ACTIVATE(0xffffffffffffffff, 0x5606, 0x4) ioctl$TIOCL_BLANKSCREEN(r7, 0x541c, &(0x7f0000000040)) write$UHID_CREATE(r0, &(0x7f0000000780)={0x0, {'syz0\x00', 'syz0\x00', 'syz1\x00', &(0x7f00000000c0)=""/43, 0x2b, 0x0, 0x0, 0x0, 0x800}}, 0x120) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00'}, 0x10) 2.390347072s ago: executing program 1 (id=886): r0 = socket$inet6(0xa, 0x2, 0x3a) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x4, 0x6, @mcast2, 0x6}, 0x1c) sendto$inet6(r0, &(0x7f0000000080)="800037bbfa9ba1ce", 0xffd8, 0x0, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f00000004c0), 0x800, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1], 0x0}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x4d, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) kexec_load(0x0, 0x1, &(0x7f0000000140)=[{0x0, 0x3e00, 0x116094000, 0x41000000}], 0x0) syz_io_uring_setup(0xbd9, &(0x7f0000000640)={0x0, 0xe826, 0x800, 0x1, 0x3c3}, &(0x7f0000000dc0)=0x0, &(0x7f0000000000)) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) prctl$PR_SET_NAME(0xf, &(0x7f0000000980)='\xff\x00\x00\x00\x00\x00\x000`\x14\x99\x06\xc0\x7fs\x00\t\x14\x17\xc3\xf5\xc9\v\x85\xe7\x00\x00\x18\x88\x06\x94\x98\xa9\xe7\x1c\x8a\x89\xdc\xcc\xf7L\xbd%\xc3!\x0e\x91S\xb2~8\"\xe2\xed\xbf\x12\x1a\\6p\'p\xef\x1a\n\x99\x12\xe8\'\x1c\x97M\xa5N\xd9\xbeV&\x1c2K?\x95\xd9\"\xbe\x050+\xca\xea\'\xe9)\xfe\xeb\x9c\xb5\xa0F`\xe4D\x10F\x831\xec\\v\xf0\xab_M\b\x03\xc3\n\x89\x01E`\xd35Q2\xecZz\xdc\x065p\x1c\x8f\x9b\x99IGXO\x00\x00\v\xed\xb0\xc5\xd4\xc7,\x1a\xb3}CMOO\x8a\xa8kh\x7f\x05c\xfc\xebb\xc8\xa2\xa9\xbf\xb3\x9b\xafE\xbd\xc5\xdc\xde\xbe_') bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000000)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r5 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x62181) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r5, 0xc08c5332, &(0x7f0000000280)={0x1, 0x66c, 0x0, 'queue1\x00'}) write$sndseq(r5, &(0x7f00000004c0)=[{0x82, 0x77, 0x19, 0x0, @tick, {0x4}, {0x0, 0x6e}, @raw32={[0x0, 0x1]}}, {0x5, 0x2d, 0xc, 0xfe, @tick=0x8e, {0xd, 0xd}, {0xff, 0x4f}, @addr={0x36, 0xc1}}, {0x8, 0x2, 0x8, 0x6, @tick=0x400, {0x4, 0x4}, {0x5, 0x9}, @connect={{0x70, 0x6}, {0x1, 0x1}}}], 0x54) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000180)='kfree\x00', r2, 0x0, 0x2}, 0x18) r6 = syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000340)={[{@max_batch_time={'max_batch_time', 0x3d, 0x4}}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6d}}, {@user_xattr}, {@errors_remount}, {@nombcache}, {@data_journal}]}, 0x1, 0x44a, &(0x7f0000000d80)="$eJzs3M9vFFUcAPDvzLb8xlaCP/ihVtFI/NHSgsjBi0aNB01M9IDH2haCLNTQmgghisbg0ZB4V48m/gWe9GLUk4lXvRpDQkwvoKc1szvT7i67pVu2u+h+PsnAezNv877fnXm7b+axBDCwxrI/kogdEfFbRIzUqo0Nxmp/3Vi6OPP30sWZJCqVN/5Kqu2uL12cKZoWr9teVIYi0k+S2Nei34XzF05Pl8tz5/L6xOKZdycWzl94+tSZ6ZNzJ+fOTh07duTw5LNHp57pSp5ZXtf3fjC/f88rb115beb4lbd/+iYp8m/Ko0vGVjv4WKXS5e76a2ddORnqYyB0pFQbpjFcHf8jUYqVkzcSL33c1+CADVWpVCr3tj98qQL8jyXR7wiA/ii+6LP732Lr0dTjjnDt+doNUJb3jXyrHRmKNG8z3HR/201jEXH80j9fZFtszHMIAIAG32Xzn6dazf/SqH8udFe+hjIaEXdHxK6IOBoRuyPinohq2/si4v4O+29eJLl5/pNeXVdia5TN/57L17Ya53/F7C9GS3ltZzX/4eTEqfLcofw9ORjDm7P65Cp9fP/ir5+1O1Y//8u2rP9iLpjHcXVoc+NrZqcXp28n53rXPorYO9Qq/2R5JSCJiD0RsXedfZx64uv97Y7dOv9VdGGdqfJVxOO1838pmvIvJKuvT05sifLcoYniqrjZz79cfr1d/7eVfxdk539by+t/Of/RpH69dqHzPi7//mnbe5r1Xv+bkjcb9r0/vbh4bjJiU/JqLej6/VNN7aZW2mf5HzyQ5//yHxF1439XrLwT+yIiu4gfiIgHI+KhPPaHI+KRiDiwSv4/vvDoO3XVtLP8N1aW/2xH53+lsCma97QulE7/8G1Dp6Od5J+d/yPV0sF8z1o+/9YS1/quZgAAAPjvSSNiRyTp+HI5TcfHa/+Gf3dsS8vzC4tPnph/7+xs7TcCozGcFk+6Ruqeh07mt/VFfaqpfjh/bvx5aWu1Pj4zX57td/Iw4La3Gf+ZP0v9jg7YcH6vBYPL+IfBZfzD4GoY/1v6FwfQey2+/7f2Iw6g91rN/z/sQxxA7zWNf8t+MEA8/4PBZfzD4FrX+P+y+3EAPbWwNW79I/muFor/zKGnnSp0vRDpHRGGwgYV+vzBBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0CX/BgAA//+GKuJ2") r7 = syz_open_dev$tty20(0xc, 0x4, 0x1) r8 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYRES64=r6], 0x48) r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000006c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r9, 0x0, 0x4008}, 0x18) memfd_secret(0x80000) ioctl$VT_RESIZE(r7, 0x5609, &(0x7f0000000100)={0x9, 0x1ff, 0x4}) ioctl$VT_DISALLOCATE(r7, 0x5608) r10 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) getsockopt$netlink(r10, 0x10e, 0x3, &(0x7f0000000400)=""/113, &(0x7f0000000240)=0x71) lsetxattr$trusted_overlay_upper(&(0x7f0000000100)='./file1\x00', &(0x7f00000000c0), &(0x7f0000000080)=ANY=[], 0xfe37, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10) syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) 2.125913546s ago: executing program 4 (id=887): r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, r0}, 0x18) syz_mount_image$iso9660(&(0x7f0000000040), &(0x7f0000000240)='./file0\x00', 0x2, &(0x7f0000000280)=ANY=[], 0x3, 0x58f, &(0x7f0000000800)="$eJzs3c9v2+Ydx/EPXbt2NSAbtiEIAid9mmyAA7gqJTcOjJ446pHMViIFkmrtUxE0cmFE7opkAxZftlyyDdj+iF5333XYfdf9G8V6GnbTQFKy5ehXfjiRE7xfQvI8Ir/k86Us6Ava4kMBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA5fs11K46aQdjZM9P5tThqjS/WslR0Bm6daWaMKznZP62t6Uqx6MrPT1dfzv67ofXi2brWsmZNxz+6/JNPfra8NNx+RsKvxcNHx/fv9nrdB4tOZEEaNgySKGh5DWuCJDI770narSemHjRtsp+ktmX82HppFJsN/5ap7OxsGVvejzpho+Y17XDhnQ+rrrttPi23rRcnUfjRp+XE3w2azSBs5DHZ6izmTvZG/CxITWq9ljEHh73u1rwks6DKswRV5wVV3Wq1UqlWK9u3d27fcd3lsQXuKUeu62osYvFvWizWOX+CAy9uaVD/1VSgUB3tyUx8+KopVqTWlPUDw/r/y4/szHFH639e5ftav3K6+qry+n+9eHZ9Wv2fksuMx0q2o+fe6unHu8N9PNQjHeu+7qqnnrp6cBqzeS4jXfBHQ1ahAiWKFKglL19iBkuMdrStbbn6UruqK5FRXYGaskq0r0SpbP6O8hVrVZ5SRYpltCFft2RUUX91R1sysiprX5E6CtVQTV6+lwMd5q/71owcT4IqM4K+GL7zqjOCnqv+50Y3+Rf1H9R/XCT9Yf1/2juLyAYAAAAAALwKTv7b9+z8f0XXpBVH9aBp3UWnBQAAAAAAzlH+l//1rMm/GXdNDuf/AAAAAAC8bZz8GjtHUknvF73h5VKDXwL0f7zoHAEAAAAAwMvJ//5/PWtKWe99OU+f/wMAAAAAgDfdn6bNsf9PqT+YFnDV+cd/FMcrzuP23i+cIy9b5h0NJggcmycwrV91Lg12kjfby4Nnvl13BrNfnkyC+f2gOZg3179zDgnoL/qgiPngXtHeG64pRinVg6Yt+1Hzk4o879JSavfS335z+Dvlh//nsHXJ+eHgsNctf/Xr3r08l8fZXh4fDV6psXkUZ+TyG10rYq5NPuKV/EKMwbglR9m47ujxLxWbLz3HmE90o4i5USra0tnjX8vGrJSnHX2RxaqklzryJ7pZxNzcuFk0E7KozsmiWx19/V/otXiGLLZmZbF62OtuvWQWALAoB7OrUO6ds3X3BT7lXk91f6KNImbjav7Bunx1wie6O6+uuBPq+trJ8MvDLPq/n5LF38bugTStxmbj/vVk3Eo+7nfZBt9NrapJs+po7dv/9vtH3+ryw0fHHx4e3f26+3X3m2p1a9v92HVvV7WSH8agofYAACaYf4+duRHOx3POqn968pWCsr6S/tfv39NmfrVB/o2DiXst5dv8kH8NYXPOWWtp5A4vm3PO6k5jq88Ru/UafhIAALw+N+bU4en13xnexc/ZnHPeXRr5SuHm6Nnxuxo7Ox6t5QAA4NWw8fdOKf2jE8dB+8vKzk7FS3etiSP/MxMHtYY1QZja2N/1woY17ThKIz9qZp3Pg5pNTNJpt6M4NfUoNu0oCfbyO7+bwa3fE9vywjTwk3bTeok1fhSmnp+aWpD4pt35VTNIdm2cb5y0rR/UA99Lgyg0SdSJfVs2JrF2JDCo2TAN6kHWDU07DlpevG8+j5qdljU1m/hx0E6jYofDsYKwHsWtfLflRb/YAABcEA8fHd+/2+t1Hww7zvLTS166s+hjBAAAZ1GlAQAAAAAAAAAAAAAAAAAAAAC4+M7tIr+3qrP6Kvb8hV5Fqu9Jmh3z75I0uqTff9Yhli7Cz+JMZzjp9IyYv09YJekPi0/+zepM+rQYm48awBvs/wEAAP//j/NUaA==") 1.33291706s ago: executing program 3 (id=888): r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r1) 1.213374533s ago: executing program 1 (id=889): socket$inet6(0x10, 0x3, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x48) ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = socket(0x28, 0x5, 0x0) bind$vsock_stream(r0, &(0x7f0000000040)={0x28, 0x0, 0x0, @local}, 0x10) r1 = socket(0x28, 0x5, 0x0) connect$vsock_stream(r1, 0x0, 0x0) write$binfmt_elf64(r1, 0x0, 0x40000) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000640)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="180100000100a7d9000000000020b200850000007b000000"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000340)='kfree\x00', r2, 0x0, 0x2}, 0x18) sendmsg$IPSET_CMD_DESTROY(0xffffffffffffffff, 0x0, 0x8d0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$batadv(&(0x7f0000000400), 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r3, 0x8933, &(0x7f0000000440)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_SET_MESH(r3, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000000000000000f000000050030000000000005002f000000000008000300", @ANYRES32=r5], 0x2c}}, 0x4000000) 1.204594363s ago: executing program 0 (id=890): r0 = syz_open_dev$sg(&(0x7f0000000280), 0x0, 0x8842) ioctl$SCSI_IOCTL_SEND_COMMAND(r0, 0x1, &(0x7f00000000c0)=ANY=[]) 1.076742422s ago: executing program 2 (id=891): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_deliver\x00', r1}, 0x10) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={0x0, r2}, 0x18) syz_open_procfs$namespace(0x0, 0xffffffffffffffff) 998.553659ms ago: executing program 4 (id=892): r0 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000280)=[@in={0x2, 0x4e21, @loopback}], 0x10) setsockopt$inet_sctp_SCTP_INITMSG(r0, 0x84, 0x2, &(0x7f0000000200)={0x200, 0xb46f, 0x2, 0x27c7}, 0x8) sendmsg$inet_sctp(r0, &(0x7f0000000700)={&(0x7f0000000340)=@in={0x2, 0x4e21, @loopback}, 0x10, &(0x7f0000000080)=[{&(0x7f0000000000)="fd", 0x1}], 0x1, 0x0, 0x0, 0x8008854}, 0x240008b1) r1 = dup(r0) write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f00000001c0)={0x0, 0x18, 0xfa00, {0x0, 0x0, 0x106, 0x5}}, 0x20) setsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, 0x0, 0x0) write$RDMA_USER_CM_CMD_RESOLVE_ROUTE(r1, &(0x7f0000000180)={0x4, 0xffffff95, 0xfa00, {0xffffffffffffffff, 0x4}}, 0x29fdf) 729.725204ms ago: executing program 0 (id=893): bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x1b, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x7a, 0x0, 0x0, 0x41000, 0x44, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94) bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000020"], 0x50) bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001000000000000000640000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000e0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000100)='kmem_cache_free\x00'}, 0x18) prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x28}, 0x94) r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000080)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x64}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xb68, 0xf5ffffff, &(0x7f0000000000)='%', 0x0, 0xd01, 0xbe02, 0x0, 0x0, 0x0, 0x0, 0x2, 0x31}, 0x48) 707.348795ms ago: executing program 3 (id=894): r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x4, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) r2 = socket$igmp(0x2, 0x3, 0x2) setsockopt$MRT_INIT(r2, 0x0, 0xc8, &(0x7f0000000000), 0x4) setsockopt$inet_int(r2, 0x0, 0x5, &(0x7f0000000080)=0x6, 0x4) 692.798344ms ago: executing program 1 (id=895): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=@base={0x7, 0x4, 0x100, 0x4}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x9, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000070000850000001b000000b700000000000000850000000700000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = socket$rds(0x15, 0x5, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000180000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000f0850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) set_mempolicy(0x1, &(0x7f00000004c0)=0x3, 0x2) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r2, 0x0, 0x97}, 0x18) bind$rds(r1, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10) sendmsg$rds(r1, &(0x7f0000000080)={&(0x7f0000000180)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0}, 0x0) sendmsg$rds(r1, &(0x7f0000000680)={&(0x7f00000000c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0}, 0x0) setsockopt$RDS_CANCEL_SENT_TO(r1, 0x114, 0x1, &(0x7f0000000100)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000000)={'syztnl0\x00', &(0x7f0000000080)={'ip6gre0\x00', 0x0, 0x6, 0x11, 0x7, 0x9142, 0x1, @empty, @local, 0x8000, 0x80, 0x3ff, 0x1}}) r4 = dup2(r0, r0) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0200000004000800000007800000800000000000", @ANYRES32=r0, @ANYBLOB="8000"/20, @ANYRES32=r3, @ANYRES32=r4, @ANYBLOB="04000000010000000300"/28], 0x50) r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1c, 0x0, 0x0, 0x8000}, 0xfdc1) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=@framed={{}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r5}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r5}, &(0x7f0000000000), &(0x7f0000000040)=r6}, 0x20) r7 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/bus/input/devices\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0xffffffff80000001, r7, &(0x7f00000000c0)={0x30000000}) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$snapshot(0xffffffffffffff9c, &(0x7f0000002040), 0xc2001, 0x0) ptrace(0x10, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) timer_create(0x0, &(0x7f0000000180)={0x0, 0x21, 0x800000000004}, &(0x7f0000bbdffc)=0x0) timer_settime(r8, 0x1, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r9 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000200), 0x100) readv(r9, &(0x7f0000000300)=[{&(0x7f0000000000)=""/47, 0x2f}], 0x1) 659.375122ms ago: executing program 2 (id=896): bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x3, 0x3, &(0x7f0000000380)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0xa, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x94) bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000140)=ANY=[@ANYRES32=0x1, @ANYBLOB='.'], 0x20) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000820004000000000000000c00850000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x65) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x18) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000140)=ANY=[], 0x20) 540.31397ms ago: executing program 4 (id=897): r0 = socket$inet6(0xa, 0x80002, 0x0) unshare(0x6c000200) r1 = msgget$private(0x0, 0x0) msgsnd(r1, &(0x7f0000000480)=ANY=[@ANYRESDEC], 0x2000, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) setsockopt$inet6_udp_int(r0, 0x11, 0x67, &(0x7f0000000040)=0x91, 0x4) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e2a, 0xffffffff, @mcast2, 0x9}, 0x1c) r2 = socket$nl_route(0x10, 0x3, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000880)={&(0x7f00000005c0)=ANY=[@ANYBLOB="9feb01001800000000000000300000003000000002000000000086dd214af9fdcbfd0000010000000300000000010006000000000000000b00feffffff00000000000009020000000000", @ANYRES16=r1, @ANYRES64=r2, @ANYRES32=r0], 0x0, 0x7a, 0x0, 0x20001}, 0x28) r3 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r3, 0x107, 0x8, &(0x7f0000000000)=0x23a, 0x4) r4 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ipvs(&(0x7f0000000500), r4) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000a80)=ANY=[], &(0x7f0000000100)='GPL\x00'}, 0x94) r5 = syz_io_uring_setup(0x5c6, &(0x7f0000000140)={0x0, 0x1001, 0x0, 0x8}, &(0x7f00000001c0)=0x0, &(0x7f0000000580)=0x0) r8 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000100000a20000000000a01040000000000000000010080030900010073797a30000000002c000000030a01010000000000000000010000000900010073797a30000000000900f90002007a32000000006c000000060a01040000000000000000100001800b000100736f636b65740000300001800c000100626974776973650020000280080003400000000408000140000000140800024000000012040005800900010073797a3000000000ff0000001100010000000000000000000700000a"], 0xe0}}, 0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000080)=0xfffffff8, 0x0, 0x4) syz_io_uring_submit(r6, r7, &(0x7f00000004c0)=@IORING_OP_TIMEOUT={0xb, 0x18, 0x0, 0x0, 0x4, &(0x7f0000000280)={0x0, 0x989680}, 0x1, 0x40, 0x1}) io_uring_enter(r5, 0x6e2, 0x3900, 0x1, 0x0, 0xe00) pause() bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0a00000001010000ff7f0000cc"], 0x50) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', 0xffffffffffffffff, 0x0, 0x2}, 0x18) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="01000000120000007f00000001"], 0x48) 92.386106ms ago: executing program 3 (id=898): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x6, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="18020000fdffffff0000000000000000850000002c00000095"], &(0x7f0000000040)='GPL\x00', 0x5}, 0x94) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'syz_tun\x00', 0x0}) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r1, r2}, 0x10) syz_emit_ethernet(0xfdef, &(0x7f0000000240)=ANY=[], 0x0) 0s ago: executing program 2 (id=899): r0 = socket$inet6(0xa, 0x2, 0x3a) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x4, 0x6, @mcast2, 0x6}, 0x1c) sendto$inet6(r0, &(0x7f0000000080)="800037bbfa9ba1ce", 0xffd8, 0x0, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f00000004c0), 0x800, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1], 0x0}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x4d, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) kexec_load(0x0, 0x1, &(0x7f0000000140)=[{0x0, 0x3e00, 0x116094000, 0x41000000}], 0x0) syz_io_uring_setup(0xbd9, &(0x7f0000000640)={0x0, 0xe826, 0x800, 0x1, 0x3c3}, &(0x7f0000000dc0)=0x0, &(0x7f0000000000)) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) prctl$PR_SET_NAME(0xf, &(0x7f0000000980)='\xff\x00\x00\x00\x00\x00\x000`\x14\x99\x06\xc0\x7fs\x00\t\x14\x17\xc3\xf5\xc9\v\x85\xe7\x00\x00\x18\x88\x06\x94\x98\xa9\xe7\x1c\x8a\x89\xdc\xcc\xf7L\xbd%\xc3!\x0e\x91S\xb2~8\"\xe2\xed\xbf\x12\x1a\\6p\'p\xef\x1a\n\x99\x12\xe8\'\x1c\x97M\xa5N\xd9\xbeV&\x1c2K?\x95\xd9\"\xbe\x050+\xca\xea\'\xe9)\xfe\xeb\x9c\xb5\xa0F`\xe4D\x10F\x831\xec\\v\xf0\xab_M\b\x03\xc3\n\x89\x01E`\xd35Q2\xecZz\xdc\x065p\x1c\x8f\x9b\x99IGXO\x00\x00\v\xed\xb0\xc5\xd4\xc7,\x1a\xb3}CMOO\x8a\xa8kh\x7f\x05c\xfc\xebb\xc8\xa2\xa9\xbf\xb3\x9b\xafE\xbd\xc5\xdc\xde\xbe_') bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000000)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r5 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x62181) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r5, 0xc08c5332, &(0x7f0000000280)={0x1, 0x66c, 0x0, 'queue1\x00'}) write$sndseq(r5, &(0x7f00000004c0)=[{0x82, 0x77, 0x19, 0x0, @tick, {0x4}, {0x0, 0x6e}, @raw32={[0x0, 0x1]}}, {0x5, 0x2d, 0xc, 0xfe, @tick=0x8e, {0xd, 0xd}, {0xff, 0x4f}, @addr={0x36, 0xc1}}, {0x8, 0x2, 0x8, 0x6, @tick=0x400, {0x4, 0x4}, {0x5, 0x9}, @connect={{0x70, 0x6}, {0x1, 0x1}}}], 0x54) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000180)='kfree\x00', r2, 0x0, 0x2}, 0x18) r6 = syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000340)={[{@max_batch_time={'max_batch_time', 0x3d, 0x4}}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6d}}, {@user_xattr}, {@errors_remount}, {@nombcache}, {@data_journal}]}, 0x1, 0x44a, &(0x7f0000000d80)="$eJzs3M9vFFUcAPDvzLb8xlaCP/ihVtFI/NHSgsjBi0aNB01M9IDH2haCLNTQmgghisbg0ZB4V48m/gWe9GLUk4lXvRpDQkwvoKc1szvT7i67pVu2u+h+PsnAezNv877fnXm7b+axBDCwxrI/kogdEfFbRIzUqo0Nxmp/3Vi6OPP30sWZJCqVN/5Kqu2uL12cKZoWr9teVIYi0k+S2Nei34XzF05Pl8tz5/L6xOKZdycWzl94+tSZ6ZNzJ+fOTh07duTw5LNHp57pSp5ZXtf3fjC/f88rb115beb4lbd/+iYp8m/Ko0vGVjv4WKXS5e76a2ddORnqYyB0pFQbpjFcHf8jUYqVkzcSL33c1+CADVWpVCr3tj98qQL8jyXR7wiA/ii+6LP732Lr0dTjjnDt+doNUJb3jXyrHRmKNG8z3HR/201jEXH80j9fZFtszHMIAIAG32Xzn6dazf/SqH8udFe+hjIaEXdHxK6IOBoRuyPinohq2/si4v4O+29eJLl5/pNeXVdia5TN/57L17Ya53/F7C9GS3ltZzX/4eTEqfLcofw9ORjDm7P65Cp9fP/ir5+1O1Y//8u2rP9iLpjHcXVoc+NrZqcXp28n53rXPorYO9Qq/2R5JSCJiD0RsXedfZx64uv97Y7dOv9VdGGdqfJVxOO1838pmvIvJKuvT05sifLcoYniqrjZz79cfr1d/7eVfxdk539by+t/Of/RpH69dqHzPi7//mnbe5r1Xv+bkjcb9r0/vbh4bjJiU/JqLej6/VNN7aZW2mf5HzyQ5//yHxF1439XrLwT+yIiu4gfiIgHI+KhPPaHI+KRiDiwSv4/vvDoO3XVtLP8N1aW/2xH53+lsCma97QulE7/8G1Dp6Od5J+d/yPV0sF8z1o+/9YS1/quZgAAAPjvSSNiRyTp+HI5TcfHa/+Gf3dsS8vzC4tPnph/7+xs7TcCozGcFk+6Ruqeh07mt/VFfaqpfjh/bvx5aWu1Pj4zX57td/Iw4La3Gf+ZP0v9jg7YcH6vBYPL+IfBZfzD4GoY/1v6FwfQey2+/7f2Iw6g91rN/z/sQxxA7zWNf8t+MEA8/4PBZfzD4FrX+P+y+3EAPbWwNW79I/muFor/zKGnnSp0vRDpHRGGwgYV+vzBBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0CX/BgAA//+GKuJ2") r7 = syz_open_dev$tty20(0xc, 0x4, 0x1) r8 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYRES64=r6], 0x48) r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000006c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r9, 0x0, 0x4008}, 0x18) memfd_secret(0x80000) ioctl$VT_RESIZE(r7, 0x5609, &(0x7f0000000100)={0x9, 0x1ff, 0x4}) ioctl$VT_DISALLOCATE(r7, 0x5608) r10 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) getsockopt$netlink(r10, 0x10e, 0x3, &(0x7f0000000400)=""/113, &(0x7f0000000240)=0x71) lsetxattr$trusted_overlay_upper(&(0x7f0000000100)='./file1\x00', &(0x7f00000000c0), &(0x7f0000000080)=ANY=[], 0xfe37, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10) syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) kernel console output (not intermixed with test programs): em being mounted at /3/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 230.273562][ T6017] EXT4-fs warning (device loop2): ext4_dirblock_csum_verify:375: inode #2: comm syz.2.11: No space for directory leaf checksum. Please run e2fsck -D. [ 230.321620][ T6017] EXT4-fs error (device loop2): __ext4_find_entry:1626: inode #2: comm syz.2.11: checksumming directory block 0 [ 230.596295][ T6020] sch_fq: defrate 0 ignored. [ 230.671706][ T6018] netlink: 4 bytes leftover after parsing attributes in process `syz.2.11'. [ 230.707151][ T6017] EXT4-fs warning (device loop2): ext4_dirblock_csum_verify:375: inode #2: comm syz.2.11: No space for directory leaf checksum. Please run e2fsck -D. [ 230.723058][ T6017] EXT4-fs error (device loop2): __ext4_find_entry:1626: inode #2: comm syz.2.11: checksumming directory block 0 [ 230.792389][ T6018] team0: Port device team_slave_1 removed [ 231.127190][ T6026] team0: No ports can be present during mode change [ 231.431850][ T5810] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 231.749119][ T5806] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 232.328816][ T6031] loop0: detected capacity change from 0 to 512 [ 232.374949][ T6038] loop3: detected capacity change from 0 to 512 [ 232.393924][ T6031] ======================================================= [ 232.393924][ T6031] WARNING: The mand mount option has been deprecated and [ 232.393924][ T6031] and is ignored by this kernel. Remove the mand [ 232.393924][ T6031] option from the mount to silence this warning. [ 232.393924][ T6031] ======================================================= [ 232.469918][ T6038] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 232.574907][ T6031] EXT4-fs warning (device loop0): ext4_xattr_inode_get:560: inode #11: comm syz.0.14: EA inode hash validation failed [ 232.591020][ T6031] EXT4-fs warning (device loop0): ext4_expand_extra_isize_ea:2853: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 232.606496][ T6031] EXT4-fs error (device loop0): ext4_do_update_inode:5632: inode #15: comm syz.0.14: corrupted inode contents [ 232.621993][ T6031] EXT4-fs error (device loop0): ext4_dirty_inode:6517: inode #15: comm syz.0.14: mark_inode_dirty error [ 232.656291][ T6038] EXT4-fs (loop3): 1 orphan inode deleted [ 232.660392][ T6031] EXT4-fs error (device loop0): ext4_do_update_inode:5632: inode #15: comm syz.0.14: corrupted inode contents [ 232.662622][ T6038] EXT4-fs (loop3): 1 truncate cleaned up [ 232.682613][ T6038] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 232.734971][ T6031] EXT4-fs error (device loop0): ext4_xattr_delete_inode:2996: inode #15: comm syz.0.14: mark_inode_dirty error [ 232.804963][ T6031] EXT4-fs error (device loop0): ext4_xattr_delete_inode:2999: inode #15: comm syz.0.14: mark inode dirty (error -117) [ 232.911874][ T6031] EXT4-fs warning (device loop0): ext4_evict_inode:274: xattr delete (err -117) [ 232.921769][ T6031] EXT4-fs (loop0): 1 orphan inode deleted [ 232.930467][ T6031] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 233.458220][ T5810] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 233.892617][ T5803] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 234.263797][ T6056] loop9: detected capacity change from 0 to 7 [ 234.272416][ T6056] Buffer I/O error on dev loop9, logical block 0, async page read [ 234.280895][ T6056] Buffer I/O error on dev loop9, logical block 0, async page read [ 234.289327][ T6056] Buffer I/O error on dev loop9, logical block 0, async page read [ 234.297772][ T6056] Buffer I/O error on dev loop9, logical block 0, async page read [ 234.306171][ T6056] Buffer I/O error on dev loop9, logical block 0, async page read [ 234.314731][ T6056] Buffer I/O error on dev loop9, logical block 0, async page read [ 234.322937][ T6056] Buffer I/O error on dev loop9, logical block 0, async page read [ 234.342660][ T6056] ldm_validate_partition_table(): Disk read failed. [ 234.352638][ T6056] Buffer I/O error on dev loop9, logical block 0, async page read [ 234.361054][ T6056] Buffer I/O error on dev loop9, logical block 0, async page read [ 234.369478][ T6056] Buffer I/O error on dev loop9, logical block 0, async page read [ 234.377946][ T6056] Dev loop9: unable to read RDB block 0 [ 234.384471][ T6056] loop9: unable to read partition table [ 234.472267][ T6056] loop9: partition table beyond EOD, truncated [ 234.483569][ T6056] loop_reread_partitions: partition scan of loop9 (被xڬdGݡ [ 234.483569][ T6056] ) failed (rc=-5) [ 234.799612][ T1287] ieee802154 phy0 wpan0: encryption failed: -22 [ 234.806613][ T1287] ieee802154 phy1 wpan1: encryption failed: -22 [ 234.881165][ T6059] loop0: detected capacity change from 0 to 512 [ 234.968652][ T6059] EXT4-fs error (device loop0): ext4_orphan_get:1392: inode #15: comm syz.0.24: inode has both inline data and extents flags [ 235.122517][ T6059] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.24: couldn't read orphan inode 15 (err -117) [ 235.225976][ T6059] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 235.526162][ T6066] IPv6: Can't replace route, no match found [ 235.900875][ T6071] capability: warning: `syz.4.29' uses deprecated v2 capabilities in a way that may be insecure [ 236.300886][ T5803] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 237.486705][ T6086] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in; [ 237.486705][ T6086] program syz.1.35 not setting count and/or reply_len properly [ 238.433070][ T6098] loop0: detected capacity change from 0 to 128 [ 238.703728][ T6098] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 238.763919][ T6098] ext4 filesystem being mounted at /7/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 239.193853][ T6092] loop3: detected capacity change from 0 to 8192 [ 239.212195][ T6103] netlink: 'syz.2.41': attribute type 39 has an invalid length. [ 239.245291][ T6103] bridge0: port 1(bridge_slave_0) entered disabled state [ 239.293644][ T6103] bridge_slave_0 (unregistering): left allmulticast mode [ 239.302376][ T6103] bridge_slave_0 (unregistering): left promiscuous mode [ 239.310036][ T6103] bridge0: port 1(bridge_slave_0) entered disabled state [ 239.412939][ T30] audit: type=1326 audit(1763025396.987:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6090 comm="syz.3.37" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f03539 code=0x7ffc0000 [ 239.514512][ T30] audit: type=1326 audit(1763025397.027:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6090 comm="syz.3.37" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f03539 code=0x7ffc0000 [ 239.536915][ T30] audit: type=1326 audit(1763025397.027:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6090 comm="syz.3.37" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f03539 code=0x7ffc0000 [ 239.560848][ T30] audit: type=1326 audit(1763025397.027:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6090 comm="syz.3.37" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f03539 code=0x7ffc0000 [ 239.584251][ T30] audit: type=1326 audit(1763025397.047:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6090 comm="syz.3.37" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f03539 code=0x7ffc0000 [ 239.606854][ T30] audit: type=1326 audit(1763025397.047:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6090 comm="syz.3.37" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f03539 code=0x7ffc0000 [ 239.629122][ T30] audit: type=1326 audit(1763025397.067:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6090 comm="syz.3.37" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f03539 code=0x7ffc0000 [ 239.652776][ T30] audit: type=1326 audit(1763025397.067:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6090 comm="syz.3.37" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f03539 code=0x7ffc0000 [ 239.675789][ T30] audit: type=1326 audit(1763025397.077:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6090 comm="syz.3.37" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f03539 code=0x7ffc0000 [ 239.698048][ T30] audit: type=1326 audit(1763025397.077:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6090 comm="syz.3.37" exe="/root/syz-executor" sig=0 arch=40000003 syscall=108 compat=1 ip=0xf7f03539 code=0x7ffc0000 [ 241.258876][ T6122] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 242.546703][ T6134] netlink: 4 bytes leftover after parsing attributes in process `syz.1.54'. [ 242.665690][ T5803] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 244.168355][ T6154] tipc: Started in network mode [ 244.173584][ T6154] tipc: Node identity 767c0b18266f, cluster identity 4711 [ 244.182314][ T6154] tipc: Enabled bearer , priority 0 [ 244.220939][ T6156] syzkaller0: entered promiscuous mode [ 244.227441][ T6156] syzkaller0: entered allmulticast mode [ 244.311925][ T6154] Zero length message leads to an empty skb [ 244.326932][ T6154] tipc: Resetting bearer [ 244.339682][ T6153] tipc: Resetting bearer [ 244.404992][ T6153] tipc: Disabling bearer [ 245.248450][ T6163] loop2: detected capacity change from 0 to 512 [ 245.353223][ T6163] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 245.461102][ T6163] EXT4-fs (loop2): 1 orphan inode deleted [ 245.467763][ T6163] EXT4-fs (loop2): 1 truncate cleaned up [ 245.476340][ T6163] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 246.009775][ T5806] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 248.630297][ T6199] loop1: detected capacity change from 0 to 512 [ 248.690860][ T6199] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 248.797722][ T6199] EXT4-fs (loop1): 1 orphan inode deleted [ 248.803834][ T6199] EXT4-fs (loop1): 1 truncate cleaned up [ 248.867865][ T30] kauditd_printk_skb: 2 callbacks suppressed [ 248.867969][ T30] audit: type=1326 audit(1763025406.457:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6200 comm="syz.3.80" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f03539 code=0x7ffc0000 [ 248.934495][ T30] audit: type=1326 audit(1763025406.487:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6200 comm="syz.3.80" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f03539 code=0x7ffc0000 [ 248.957058][ T30] audit: type=1326 audit(1763025406.487:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6200 comm="syz.3.80" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f03539 code=0x7ffc0000 [ 248.981374][ T30] audit: type=1326 audit(1763025406.487:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6200 comm="syz.3.80" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f03539 code=0x7ffc0000 [ 249.004830][ T30] audit: type=1326 audit(1763025406.497:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6200 comm="syz.3.80" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f03539 code=0x7ffc0000 [ 249.027281][ T30] audit: type=1326 audit(1763025406.497:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6200 comm="syz.3.80" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f03539 code=0x7ffc0000 [ 249.049592][ T30] audit: type=1326 audit(1763025406.497:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6200 comm="syz.3.80" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f03539 code=0x7ffc0000 [ 249.059134][ T6199] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 249.073547][ T30] audit: type=1326 audit(1763025406.497:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6200 comm="syz.3.80" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f03539 code=0x7ffc0000 [ 249.073843][ T30] audit: type=1326 audit(1763025406.507:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6200 comm="syz.3.80" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f03539 code=0x7ffc0000 [ 249.074870][ T30] audit: type=1326 audit(1763025406.507:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6200 comm="syz.3.80" exe="/root/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf7f03539 code=0x7ffc0000 [ 249.735014][ T5811] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 251.718020][ T6229] netlink: 24 bytes leftover after parsing attributes in process `syz.2.91'. [ 254.138918][ T6257] 9pnet_fd: Insufficient options for proto=fd [ 254.177153][ T6260] loop4: detected capacity change from 0 to 128 [ 254.424650][ T30] kauditd_printk_skb: 4 callbacks suppressed [ 254.424736][ T30] audit: type=1800 audit(1763025411.977:29): pid=6260 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.104" name="bus" dev="loop4" ino=1048605 res=0 errno=0 [ 256.612446][ T6283] pim6reg: entered allmulticast mode [ 256.693101][ T30] audit: type=1326 audit(1763025414.267:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6282 comm="syz.0.112" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f76539 code=0x7ffc0000 [ 256.817213][ T30] audit: type=1326 audit(1763025414.317:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6282 comm="syz.0.112" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f76539 code=0x7ffc0000 [ 256.839740][ T30] audit: type=1326 audit(1763025414.317:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6282 comm="syz.0.112" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f76539 code=0x7ffc0000 [ 256.940735][ T6286] pim6reg: left allmulticast mode [ 256.994523][ T30] audit: type=1326 audit(1763025414.477:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6282 comm="syz.0.112" exe="/root/syz-executor" sig=0 arch=40000003 syscall=349 compat=1 ip=0xf7f76539 code=0x7ffc0000 [ 257.017013][ T30] audit: type=1326 audit(1763025414.477:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6282 comm="syz.0.112" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f76539 code=0x7ffc0000 [ 257.040423][ T30] audit: type=1326 audit(1763025414.527:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6282 comm="syz.0.112" exe="/root/syz-executor" sig=0 arch=40000003 syscall=366 compat=1 ip=0xf7f76539 code=0x7ffc0000 [ 257.140993][ T30] audit: type=1326 audit(1763025414.677:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6287 comm="syz.4.114" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01539 code=0x7ffc0000 [ 257.170565][ T30] audit: type=1326 audit(1763025414.677:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6287 comm="syz.4.114" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01539 code=0x7ffc0000 [ 257.286677][ T6286] loop0: detected capacity change from 0 to 128 [ 257.397614][ T30] audit: type=1326 audit(1763025414.787:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6282 comm="syz.0.112" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f76539 code=0x7ffc0000 [ 257.437809][ T6286] vfat: Unknown parameter 'u' [ 258.563266][ T6299] 9pnet_fd: Insufficient options for proto=fd [ 259.147505][ T6305] tipc: Started in network mode [ 259.152800][ T6305] tipc: Node identity fee49a164951, cluster identity 4711 [ 259.161676][ T6305] tipc: Enabled bearer , priority 0 [ 259.248093][ T6306] syzkaller0: entered promiscuous mode [ 259.253940][ T6306] syzkaller0: entered allmulticast mode [ 259.305238][ T6305] tipc: Resetting bearer [ 259.420210][ T6305] tipc: Disabling bearer [ 260.420902][ T6322] netlink: 8 bytes leftover after parsing attributes in process `syz.1.127'. [ 261.203725][ T6329] 9pnet_fd: Insufficient options for proto=fd [ 261.681756][ T6335] loop0: detected capacity change from 0 to 1024 [ 261.757812][ T6335] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 261.989228][ T30] kauditd_printk_skb: 19 callbacks suppressed [ 261.989315][ T30] audit: type=1800 audit(1763025419.557:58): pid=6335 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.133" name="bus" dev="loop0" ino=18 res=0 errno=0 [ 262.016313][ T30] audit: type=1804 audit(1763025419.587:59): pid=6335 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.133" name="/newroot/21/bus/bus" dev="loop0" ino=18 res=1 errno=0 [ 262.606306][ T6346] lo speed is unknown, defaulting to 1000 [ 262.612417][ T6346] lo speed is unknown, defaulting to 1000 [ 262.620036][ T6346] lo speed is unknown, defaulting to 1000 [ 262.641003][ T6346] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 262.693231][ T6346] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98 [ 262.873171][ T5803] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 263.066781][ T6346] lo speed is unknown, defaulting to 1000 [ 263.075988][ T6346] lo speed is unknown, defaulting to 1000 [ 263.085403][ T6346] lo speed is unknown, defaulting to 1000 [ 263.095515][ T6346] lo speed is unknown, defaulting to 1000 [ 263.117253][ T6346] lo speed is unknown, defaulting to 1000 [ 264.781662][ T6376] netlink: 204 bytes leftover after parsing attributes in process `syz.3.148'. [ 265.719812][ T6384] loop0: detected capacity change from 0 to 512 [ 265.824863][ T6384] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x61000000 (sector = 1) [ 266.608612][ T3596] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x61000000 (sector = 1) [ 271.514811][ T6460] IPv6: Can't replace route, no match found [ 272.297053][ T6470] tipc: Enabled bearer , priority 0 [ 272.319483][ T6470] syzkaller0: entered promiscuous mode [ 272.325429][ T6470] syzkaller0: entered allmulticast mode [ 272.460255][ T6469] tipc: Resetting bearer [ 272.512251][ T6469] tipc: Disabling bearer [ 273.328021][ T6480] netlink: 24 bytes leftover after parsing attributes in process `syz.1.194'. [ 274.070717][ T6489] netlink: 'syz.3.198': attribute type 10 has an invalid length. [ 274.079019][ T6489] netlink: 40 bytes leftover after parsing attributes in process `syz.3.198'. [ 274.093728][ T6489] batman_adv: batadv0: Adding interface: vlan0 [ 274.100287][ T6489] batman_adv: batadv0: The MTU of interface vlan0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 274.126025][ T6489] batman_adv: batadv0: Interface activated: vlan0 [ 274.368969][ T30] audit: type=1326 audit(1763025431.937:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6492 comm="syz.0.201" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f76539 code=0x7ffc0000 [ 274.391807][ T30] audit: type=1326 audit(1763025431.957:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6492 comm="syz.0.201" exe="/root/syz-executor" sig=0 arch=40000003 syscall=277 compat=1 ip=0xf7f76539 code=0x7ffc0000 [ 274.414573][ T30] audit: type=1326 audit(1763025431.957:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6492 comm="syz.0.201" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f76539 code=0x7ffc0000 [ 274.879152][ T6500] loop2: detected capacity change from 0 to 512 [ 275.107832][ T6500] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.203: bg 0: block 248: padding at end of block bitmap is not set [ 275.184666][ T6500] Quota error (device loop2): write_blk: dquota write failed [ 275.194233][ T6500] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota [ 275.204725][ T6500] EXT4-fs error (device loop2): ext4_acquire_dquot:6945: comm syz.2.203: Failed to acquire dquot type 1 [ 275.272185][ T6508] loop5: detected capacity change from 0 to 423 [ 275.292499][ T6500] EXT4-fs (loop2): 1 truncate cleaned up [ 275.301257][ T6500] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 275.315002][ T6500] ext4 filesystem being mounted at /43/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 275.371557][ T6506] tipc: Started in network mode [ 275.377444][ T6506] tipc: Node identity 4a9183c5380c, cluster identity 4711 [ 275.389451][ T6506] tipc: Enabled bearer , priority 0 [ 275.420024][ T6510] loop5: detected capacity change from 423 to 887 [ 275.486683][ T6506] syzkaller0: entered promiscuous mode [ 275.495923][ T6506] syzkaller0: entered allmulticast mode [ 275.732692][ T6506] tipc: Resetting bearer [ 275.807289][ T6506] tipc: Disabling bearer [ 275.931661][ T6500] syz.2.203 (6500) used greatest stack depth: 3096 bytes left [ 276.049754][ T5806] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 276.069046][ T4001] Quota error (device loop2): do_check_range: Getting block 0 out of range 1-5 [ 276.078862][ T4001] EXT4-fs error (device loop2): ext4_release_dquot:6981: comm kworker/u8:18: Failed to release dquot type 1 [ 277.046044][ T30] audit: type=1326 audit(1763025434.627:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6521 comm="syz.1.211" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f31539 code=0x7ffc0000 [ 277.069088][ T30] audit: type=1326 audit(1763025434.627:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6521 comm="syz.1.211" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f31539 code=0x7ffc0000 [ 277.204402][ T30] audit: type=1326 audit(1763025434.687:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6521 comm="syz.1.211" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f31539 code=0x7ffc0000 [ 277.226980][ T30] audit: type=1326 audit(1763025434.687:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6521 comm="syz.1.211" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f31539 code=0x7ffc0000 [ 277.578286][ T6528] netlink: 4 bytes leftover after parsing attributes in process `syz.0.210'. [ 277.665382][ T6528] netlink: 32 bytes leftover after parsing attributes in process `syz.0.210'. [ 278.038613][ T6539] loop2: detected capacity change from 0 to 128 [ 278.275735][ T6541] syz.2.216: attempt to access beyond end of device [ 278.275735][ T6541] loop2: rw=2049, sector=145, nr_sectors = 16 limit=128 [ 278.294917][ T6541] syz.2.216: attempt to access beyond end of device [ 278.294917][ T6541] loop2: rw=2049, sector=169, nr_sectors = 8 limit=128 [ 278.308990][ T6541] syz.2.216: attempt to access beyond end of device [ 278.308990][ T6541] loop2: rw=2049, sector=185, nr_sectors = 8 limit=128 [ 278.422257][ T6541] syz.2.216: attempt to access beyond end of device [ 278.422257][ T6541] loop2: rw=2049, sector=201, nr_sectors = 8 limit=128 [ 278.883421][ T6546] loop1: detected capacity change from 0 to 128 [ 279.353717][ T6552] tipc: Started in network mode [ 279.359636][ T6552] tipc: Node identity 52c190568c12, cluster identity 4711 [ 279.368126][ T6552] tipc: Enabled bearer , priority 0 [ 279.459892][ T1104] kworker/u8:5: attempt to access beyond end of device [ 279.459892][ T1104] loop2: rw=1, sector=208, nr_sectors = 1 limit=128 [ 279.473823][ T1104] buffer_io_error: 9 callbacks suppressed [ 279.473925][ T1104] Buffer I/O error on dev loop2, logical block 208, lost async page write [ 279.492379][ T1104] kworker/u8:5: attempt to access beyond end of device [ 279.492379][ T1104] loop2: rw=1, sector=217, nr_sectors = 8 limit=128 [ 279.507291][ T1104] kworker/u8:5: attempt to access beyond end of device [ 279.507291][ T1104] loop2: rw=1, sector=233, nr_sectors = 8 limit=128 [ 279.521376][ T1104] kworker/u8:5: attempt to access beyond end of device [ 279.521376][ T1104] loop2: rw=1, sector=249, nr_sectors = 8 limit=128 [ 279.535465][ T1104] kworker/u8:5: attempt to access beyond end of device [ 279.535465][ T1104] loop2: rw=1, sector=265, nr_sectors = 8 limit=128 [ 279.549444][ T1104] kworker/u8:5: attempt to access beyond end of device [ 279.549444][ T1104] loop2: rw=1, sector=281, nr_sectors = 8 limit=128 [ 279.601839][ T6552] tipc: Disabling bearer [ 280.857791][ T6566] loop2: detected capacity change from 0 to 512 [ 280.932865][ T6566] EXT4-fs: Invalid want_extra_isize 109 [ 282.426126][ T6586] loop0: detected capacity change from 0 to 512 [ 282.645930][ T6586] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.232: bg 0: block 248: padding at end of block bitmap is not set [ 282.691812][ T6586] __quota_error: 35 callbacks suppressed [ 282.691901][ T6586] Quota error (device loop0): write_blk: dquota write failed [ 282.706209][ T6586] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota [ 282.716677][ T6586] EXT4-fs error (device loop0): ext4_acquire_dquot:6945: comm syz.0.232: Failed to acquire dquot type 1 [ 282.732913][ T6586] EXT4-fs (loop0): 1 truncate cleaned up [ 282.741528][ T6586] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 282.755995][ T6586] ext4 filesystem being mounted at /38/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 283.091991][ T6594] loop4: detected capacity change from 0 to 128 [ 283.401914][ T30] audit: type=1800 audit(1763025440.987:102): pid=6594 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.233" name="bus" dev="loop4" ino=1048609 res=0 errno=0 [ 283.459996][ T5803] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 283.471775][ T4001] Quota error (device loop0): do_check_range: Getting block 0 out of range 1-5 [ 283.489691][ T4001] EXT4-fs error (device loop0): ext4_release_dquot:6981: comm kworker/u8:18: Failed to release dquot type 1 [ 285.192468][ T6614] loop0: detected capacity change from 0 to 512 [ 285.249334][ T6614] EXT4-fs: Invalid want_extra_isize 109 [ 286.646901][ T6632] lo speed is unknown, defaulting to 1000 [ 286.661975][ T6632] lo speed is unknown, defaulting to 1000 [ 286.671663][ T6632] lo speed is unknown, defaulting to 1000 [ 286.730665][ T6632] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98 [ 286.870405][ T6633] syz.1.249 (6633): /proc/6629/oom_adj is deprecated, please use /proc/6629/oom_score_adj instead. [ 286.911080][ T6632] lo speed is unknown, defaulting to 1000 [ 286.920265][ T6632] lo speed is unknown, defaulting to 1000 [ 286.929456][ T6632] lo speed is unknown, defaulting to 1000 [ 286.938847][ T6632] lo speed is unknown, defaulting to 1000 [ 286.948169][ T6632] lo speed is unknown, defaulting to 1000 [ 287.536008][ T6632] netdevsim netdevsim2: loading /lib/firmware/. failed with error -22 [ 287.544734][ T6632] netdevsim netdevsim2: Direct firmware load for . failed with error -22 [ 287.553413][ T6632] netdevsim netdevsim2: Falling back to sysfs fallback for: . [ 288.375333][ T6652] netlink: 8 bytes leftover after parsing attributes in process `syz.0.256'. [ 291.042438][ T6678] can0: slcan on ptm0. [ 291.184489][ T6682] can0 (unregistered): slcan off ptm0. [ 291.192276][ T6682] Falling back ldisc for ptm0. [ 291.524842][ T6687] netlink: 8 bytes leftover after parsing attributes in process `syz.1.271'. [ 294.053337][ T6717] loop2: detected capacity change from 0 to 128 [ 294.274761][ T30] audit: type=1800 audit(1763025451.857:103): pid=6717 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.286" name="bus" dev="loop2" ino=1048610 res=0 errno=0 [ 296.232001][ T1287] ieee802154 phy0 wpan0: encryption failed: -22 [ 296.241278][ T1287] ieee802154 phy1 wpan1: encryption failed: -22 [ 297.065987][ T6756] loop4: detected capacity change from 0 to 128 [ 297.226640][ T30] audit: type=1800 audit(1763025454.817:104): pid=6756 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.300" name="bus" dev="loop4" ino=1048611 res=0 errno=0 [ 298.308339][ T6774] loop3: detected capacity change from 0 to 128 [ 298.357891][ T6772] loop4: detected capacity change from 0 to 1024 [ 298.406481][ T6772] EXT4-fs: Ignoring removed nobh option [ 298.429568][ T6774] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 298.535747][ T6774] ext4 filesystem being mounted at /61/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 298.628809][ T6772] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 298.668579][ T6774] EXT4-fs warning (device loop3): ext4_dirblock_csum_verify:375: inode #2: comm syz.3.309: No space for directory leaf checksum. Please run e2fsck -D. [ 298.684409][ T6774] EXT4-fs error (device loop3): __ext4_find_entry:1626: inode #2: comm syz.3.309: checksumming directory block 0 [ 298.816239][ T6774] EXT4-fs warning (device loop3): ext4_dirblock_csum_verify:375: inode #2: comm syz.3.309: No space for directory leaf checksum. Please run e2fsck -D. [ 298.835279][ T6774] EXT4-fs error (device loop3): __ext4_find_entry:1626: inode #2: comm syz.3.309: checksumming directory block 0 [ 299.319286][ T5799] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 299.401854][ T5810] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 301.460798][ T6811] loop0: detected capacity change from 0 to 512 [ 301.777067][ T6811] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.325: bg 0: block 248: padding at end of block bitmap is not set [ 301.860460][ T6811] Quota error (device loop0): write_blk: dquota write failed [ 301.868768][ T6811] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota [ 301.879414][ T6811] EXT4-fs error (device loop0): ext4_acquire_dquot:6945: comm syz.0.325: Failed to acquire dquot type 1 [ 301.929765][ T6820] loop3: detected capacity change from 0 to 128 [ 301.961576][ T6811] EXT4-fs (loop0): 1 truncate cleaned up [ 301.992604][ T6811] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 302.006513][ T6811] ext4 filesystem being mounted at /56/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 302.008953][ T6820] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 302.101961][ T6820] ext4 filesystem being mounted at /64/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 302.236597][ T6820] EXT4-fs warning (device loop3): ext4_dirblock_csum_verify:375: inode #2: comm syz.3.327: No space for directory leaf checksum. Please run e2fsck -D. [ 302.252902][ T6820] EXT4-fs error (device loop3): __ext4_find_entry:1626: inode #2: comm syz.3.327: checksumming directory block 0 [ 302.381384][ T6820] EXT4-fs warning (device loop3): ext4_dirblock_csum_verify:375: inode #2: comm syz.3.327: No space for directory leaf checksum. Please run e2fsck -D. [ 302.397746][ T6820] EXT4-fs error (device loop3): __ext4_find_entry:1626: inode #2: comm syz.3.327: checksumming directory block 0 [ 302.561970][ T5803] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 302.877754][ T5810] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 304.520813][ T6847] loop1: detected capacity change from 0 to 512 [ 304.671343][ T6847] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.340: bg 0: block 248: padding at end of block bitmap is not set [ 304.825939][ T6847] Quota error (device loop1): write_blk: dquota write failed [ 304.834542][ T6847] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota [ 304.845530][ T6847] EXT4-fs error (device loop1): ext4_acquire_dquot:6945: comm syz.1.340: Failed to acquire dquot type 1 [ 304.960470][ T6847] EXT4-fs (loop1): 1 truncate cleaned up [ 304.969673][ T6847] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 304.985921][ T6847] ext4 filesystem being mounted at /75/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 305.436685][ T6860] loop3: detected capacity change from 0 to 128 [ 305.545147][ T5811] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 305.682450][ T6860] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 305.759343][ T6865] loop0: detected capacity change from 0 to 1024 [ 305.785149][ T6860] ext4 filesystem being mounted at /67/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 305.855134][ T6860] EXT4-fs warning (device loop3): ext4_dirblock_csum_verify:375: inode #2: comm syz.3.344: No space for directory leaf checksum. Please run e2fsck -D. [ 305.856496][ T6865] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 305.871151][ T6860] EXT4-fs error (device loop3): __ext4_find_entry:1626: inode #2: comm syz.3.344: checksumming directory block 0 [ 306.018371][ T6860] EXT4-fs warning (device loop3): ext4_dirblock_csum_verify:375: inode #2: comm syz.3.344: No space for directory leaf checksum. Please run e2fsck -D. [ 306.034356][ T6860] EXT4-fs error (device loop3): __ext4_find_entry:1626: inode #2: comm syz.3.344: checksumming directory block 0 [ 306.337620][ T5803] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 306.705404][ T5810] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 307.581055][ T6884] loop2: detected capacity change from 0 to 256 [ 307.767342][ T30] audit: type=1800 audit(1763025465.337:105): pid=6884 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.353" name="file1" dev="loop2" ino=1048612 res=0 errno=0 [ 307.823330][ T6884] FAT-fs (loop2): error, corrupted file size (i_pos 196, 2097152) [ 307.831884][ T6884] FAT-fs (loop2): Filesystem has been set read-only [ 307.839836][ T6884] FAT-fs (loop2): error, corrupted file size (i_pos 196, 2097152) [ 308.500358][ T6896] loop4: detected capacity change from 0 to 512 [ 308.873842][ T6896] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.357: bg 0: block 248: padding at end of block bitmap is not set [ 308.933230][ T6896] Quota error (device loop4): write_blk: dquota write failed [ 308.946218][ T6896] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota [ 308.956889][ T6896] EXT4-fs error (device loop4): ext4_acquire_dquot:6945: comm syz.4.357: Failed to acquire dquot type 1 [ 309.026539][ T6896] EXT4-fs (loop4): 1 truncate cleaned up [ 309.035256][ T6896] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 309.048521][ T6896] ext4 filesystem being mounted at /72/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 309.682022][ T5799] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 309.716544][ T6908] netlink: 204 bytes leftover after parsing attributes in process `syz.1.361'. [ 311.169992][ T6926] Driver unsupported XDP return value 0 on prog (id 133) dev N/A, expect packet loss! [ 311.864911][ T30] audit: type=1326 audit(1763025469.407:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6932 comm="syz.2.372" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ad539 code=0x7ffc0000 [ 311.887768][ T30] audit: type=1326 audit(1763025469.407:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6932 comm="syz.2.372" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ad539 code=0x7ffc0000 [ 312.244661][ T30] audit: type=1326 audit(1763025469.517:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6932 comm="syz.2.372" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf70ad539 code=0x7ffc0000 [ 312.278932][ T30] audit: type=1326 audit(1763025469.517:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6932 comm="syz.2.372" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ad539 code=0x7ffc0000 [ 312.306153][ T30] audit: type=1326 audit(1763025469.517:110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6932 comm="syz.2.372" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ad539 code=0x7ffc0000 [ 312.329100][ T30] audit: type=1326 audit(1763025469.567:111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6932 comm="syz.2.372" exe="/root/syz-executor" sig=0 arch=40000003 syscall=356 compat=1 ip=0xf70ad539 code=0x7ffc0000 [ 312.351483][ T30] audit: type=1326 audit(1763025469.567:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6932 comm="syz.2.372" exe="/root/syz-executor" sig=0 arch=40000003 syscall=192 compat=1 ip=0xf70ad539 code=0x7ffc0000 [ 312.699843][ T6933] loop2: detected capacity change from 0 to 4096 [ 312.787716][ T30] kauditd_printk_skb: 6 callbacks suppressed [ 312.787799][ T30] audit: type=1326 audit(1763025470.367:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6932 comm="syz.2.372" exe="/root/syz-executor" sig=0 arch=40000003 syscall=296 compat=1 ip=0xf70ad539 code=0x7ffc0000 [ 312.859898][ T6939] netlink: 204 bytes leftover after parsing attributes in process `syz.3.375'. [ 312.899140][ T30] audit: type=1326 audit(1763025470.417:120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6932 comm="syz.2.372" exe="/root/syz-executor" sig=0 arch=40000003 syscall=21 compat=1 ip=0xf70ad539 code=0x7ffc0000 [ 312.998721][ T6933] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 313.217640][ T6933] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 313.301423][ T30] audit: type=1326 audit(1763025470.857:121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6932 comm="syz.2.372" exe="/root/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf70ad539 code=0x7ffc0000 [ 313.324518][ T30] audit: type=1326 audit(1763025470.857:122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6932 comm="syz.2.372" exe="/root/syz-executor" sig=0 arch=40000003 syscall=12 compat=1 ip=0xf70ad539 code=0x7ffc0000 [ 313.348213][ T30] audit: type=1326 audit(1763025470.857:123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6932 comm="syz.2.372" exe="/root/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf70ad539 code=0x7ffc0000 [ 313.370657][ T30] audit: type=1326 audit(1763025470.857:124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6932 comm="syz.2.372" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ad539 code=0x7ffc0000 [ 313.714928][ T30] audit: type=1326 audit(1763025471.037:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6932 comm="syz.2.372" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf70ad539 code=0x7ffc0000 [ 313.737411][ T30] audit: type=1326 audit(1763025471.037:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6932 comm="syz.2.372" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ad539 code=0x7ffc0000 [ 313.759916][ T30] audit: type=1326 audit(1763025471.037:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6932 comm="syz.2.372" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf70ad539 code=0x7ffc0000 [ 313.782200][ T30] audit: type=1326 audit(1763025471.047:128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6932 comm="syz.2.372" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ad539 code=0x7ffc0000 [ 314.037380][ T5806] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 316.428805][ T6978] loop4: detected capacity change from 0 to 512 [ 316.659340][ T6978] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.391: bg 0: block 248: padding at end of block bitmap is not set [ 316.721638][ T6978] EXT4-fs error (device loop4): ext4_acquire_dquot:6945: comm syz.4.391: Failed to acquire dquot type 1 [ 316.843065][ T6978] EXT4-fs (loop4): 1 truncate cleaned up [ 316.986234][ T6978] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 316.999691][ T6978] ext4 filesystem being mounted at /79/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 317.445836][ T6991] netlink: 204 bytes leftover after parsing attributes in process `syz.1.395'. [ 317.616031][ T5799] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 317.626829][ T1104] EXT4-fs error (device loop4): ext4_release_dquot:6981: comm kworker/u8:5: Failed to release dquot type 1 [ 319.046426][ T7006] netlink: 168 bytes leftover after parsing attributes in process `syz.1.403'. [ 319.172128][ T7012] loop0: detected capacity change from 0 to 128 [ 319.385379][ T30] kauditd_printk_skb: 18 callbacks suppressed [ 319.385465][ T30] audit: type=1800 audit(1763025476.957:144): pid=7012 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.405" name="bus" dev="loop0" ino=1048613 res=0 errno=0 [ 320.455220][ T7028] netlink: 204 bytes leftover after parsing attributes in process `syz.1.410'. [ 320.615765][ T7030] loop0: detected capacity change from 0 to 512 [ 320.904310][ T7030] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.409: bg 0: block 248: padding at end of block bitmap is not set [ 320.966214][ T7030] Quota error (device loop0): write_blk: dquota write failed [ 320.974620][ T7030] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota [ 320.985167][ T7030] EXT4-fs error (device loop0): ext4_acquire_dquot:6945: comm syz.0.409: Failed to acquire dquot type 1 [ 321.076918][ T7030] EXT4-fs (loop0): 1 truncate cleaned up [ 321.085626][ T7030] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 321.102455][ T7030] ext4 filesystem being mounted at /74/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 321.623389][ T5803] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 321.644858][ T1109] Quota error (device loop0): do_check_range: Getting block 0 out of range 1-5 [ 321.655670][ T1109] EXT4-fs error (device loop0): ext4_release_dquot:6981: comm kworker/u8:6: Failed to release dquot type 1 [ 322.427009][ T7051] loop0: detected capacity change from 0 to 128 [ 322.525911][ T7049] loop1: detected capacity change from 0 to 512 [ 322.567427][ T7049] EXT4-fs: Invalid want_extra_isize 109 [ 322.600736][ T30] audit: type=1800 audit(1763025480.157:145): pid=7051 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.419" name="bus" dev="loop0" ino=1048614 res=0 errno=0 [ 322.710760][ T7053] loop3: detected capacity change from 0 to 2048 [ 322.824886][ T7053] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 322.840175][ T7053] ext4 filesystem being mounted at /82/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 322.965826][ T7053] EXT4-fs error (device loop3): __ext4_new_inode:1073: comm syz.3.420: reserved inode found cleared - inode=1 [ 323.448278][ T5810] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 323.681829][ T7066] netlink: 204 bytes leftover after parsing attributes in process `syz.2.425'. [ 324.537390][ T7075] loop2: detected capacity change from 0 to 512 [ 324.700970][ T7075] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.429: bg 0: block 248: padding at end of block bitmap is not set [ 324.834973][ T7075] Quota error (device loop2): write_blk: dquota write failed [ 324.843081][ T7075] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota [ 324.864426][ T7075] EXT4-fs error (device loop2): ext4_acquire_dquot:6945: comm syz.2.429: Failed to acquire dquot type 1 [ 325.103195][ T7075] EXT4-fs (loop2): 1 truncate cleaned up [ 325.111919][ T7075] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 325.125654][ T7075] ext4 filesystem being mounted at /89/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 325.689246][ T5806] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 325.689973][ T1109] Quota error (device loop2): do_check_range: Getting block 0 out of range 1-5 [ 325.690242][ T1109] EXT4-fs error (device loop2): ext4_release_dquot:6981: comm kworker/u8:6: Failed to release dquot type 1 [ 325.960957][ T7093] loop4: detected capacity change from 0 to 128 [ 326.112232][ T30] audit: type=1800 audit(1763025483.687:146): pid=7093 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.434" name="bus" dev="loop4" ino=1048615 res=0 errno=0 [ 327.157911][ T7107] netlink: 204 bytes leftover after parsing attributes in process `syz.3.439'. [ 327.320934][ T7102] loop4: detected capacity change from 0 to 512 [ 327.391114][ T7102] EXT4-fs: Invalid want_extra_isize 109 [ 329.006532][ T7105] Bluetooth: hci1: command 0x0406 tx timeout [ 329.013444][ T7103] Bluetooth: hci2: command 0x0406 tx timeout [ 329.020879][ T7103] Bluetooth: hci3: command 0x0406 tx timeout [ 329.027520][ T7101] Bluetooth: hci4: command 0x0406 tx timeout [ 329.059492][ T7130] loop2: detected capacity change from 0 to 128 [ 329.080447][ T7125] loop4: detected capacity change from 0 to 512 [ 329.088372][ T50] Bluetooth: hci0: command 0x0406 tx timeout [ 329.090796][ T7129] netlink: 44 bytes leftover after parsing attributes in process `syz.3.448'. [ 329.215020][ T30] audit: type=1800 audit(1763025486.797:147): pid=7130 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.447" name="bus" dev="loop2" ino=1048616 res=0 errno=0 [ 329.385058][ T7125] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.445: bg 0: block 248: padding at end of block bitmap is not set [ 329.391789][ T7125] Quota error (device loop4): write_blk: dquota write failed [ 329.392311][ T7125] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota [ 329.392543][ T7125] EXT4-fs error (device loop4): ext4_acquire_dquot:6945: comm syz.4.445: Failed to acquire dquot type 1 [ 329.433829][ T7125] EXT4-fs (loop4): 1 truncate cleaned up [ 329.438061][ T7125] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 329.438507][ T7125] ext4 filesystem being mounted at /89/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 330.158333][ T7136] loop0: detected capacity change from 0 to 512 [ 330.269928][ T5799] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 330.288875][ T4368] Quota error (device loop4): do_check_range: Getting block 0 out of range 1-5 [ 330.289179][ T4368] EXT4-fs error (device loop4): ext4_release_dquot:6981: comm kworker/u8:26: Failed to release dquot type 1 [ 330.441371][ T7136] EXT4-fs warning (device loop0): ext4_xattr_inode_get:560: inode #11: comm syz.0.449: EA inode hash validation failed [ 330.442613][ T7136] EXT4-fs error (device loop0): ext4_do_update_inode:5632: inode #15: comm syz.0.449: corrupted inode contents [ 330.528276][ T7136] EXT4-fs error (device loop0): ext4_dirty_inode:6517: inode #15: comm syz.0.449: mark_inode_dirty error [ 330.542451][ T7136] EXT4-fs error (device loop0): ext4_do_update_inode:5632: inode #15: comm syz.0.449: corrupted inode contents [ 330.611066][ T7136] EXT4-fs error (device loop0): ext4_xattr_delete_inode:2996: inode #15: comm syz.0.449: mark_inode_dirty error [ 330.631504][ T7136] EXT4-fs error (device loop0): ext4_xattr_delete_inode:2999: inode #15: comm syz.0.449: mark inode dirty (error -117) [ 330.633497][ T7136] EXT4-fs warning (device loop0): ext4_evict_inode:274: xattr delete (err -117) [ 330.633805][ T7136] EXT4-fs (loop0): 1 orphan inode deleted [ 330.636803][ T7136] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 330.772998][ T7147] loop1: detected capacity change from 0 to 512 [ 330.820383][ T7147] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem [ 330.828930][ T7147] EXT4-fs (loop1): invalid journal inode [ 330.829100][ T7147] EXT4-fs (loop1): can't get journal size [ 330.986176][ T7147] EXT4-fs (loop1): 1 truncate cleaned up [ 330.988606][ T7147] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 331.528801][ T5811] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 332.022103][ T5803] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 332.958632][ T7165] netlink: 28 bytes leftover after parsing attributes in process `syz.1.458'. [ 333.184239][ T7172] loop3: detected capacity change from 0 to 128 [ 333.355421][ T30] audit: type=1800 audit(1763025490.927:148): pid=7172 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.461" name="bus" dev="loop3" ino=1048617 res=0 errno=0 [ 333.907932][ T7177] loop1: detected capacity change from 0 to 164 [ 334.000087][ T7177] Unable to read rock-ridge attributes [ 334.045560][ T7177] Unable to read rock-ridge attributes [ 335.657309][ T7185] loop1: detected capacity change from 0 to 512 [ 335.858337][ T7185] EXT4-fs warning (device loop1): ext4_xattr_inode_get:560: inode #11: comm syz.1.467: EA inode hash validation failed [ 335.873570][ T7185] EXT4-fs error (device loop1): ext4_do_update_inode:5632: inode #15: comm syz.1.467: corrupted inode contents [ 335.975069][ T7185] EXT4-fs error (device loop1): ext4_dirty_inode:6517: inode #15: comm syz.1.467: mark_inode_dirty error [ 336.057894][ T7185] EXT4-fs error (device loop1): ext4_do_update_inode:5632: inode #15: comm syz.1.467: corrupted inode contents [ 336.082247][ T7185] EXT4-fs error (device loop1): ext4_xattr_delete_inode:2996: inode #15: comm syz.1.467: mark_inode_dirty error [ 336.114768][ T7185] EXT4-fs error (device loop1): ext4_xattr_delete_inode:2999: inode #15: comm syz.1.467: mark inode dirty (error -117) [ 336.175085][ T7185] EXT4-fs warning (device loop1): ext4_evict_inode:274: xattr delete (err -117) [ 336.184950][ T7185] EXT4-fs (loop1): 1 orphan inode deleted [ 336.193222][ T7185] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 336.473278][ T7209] loop0: detected capacity change from 0 to 128 [ 336.509359][ T7208] loop2: detected capacity change from 0 to 512 [ 336.656408][ T30] audit: type=1800 audit(1763025494.237:149): pid=7209 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.476" name="bus" dev="loop0" ino=1048618 res=0 errno=0 [ 336.664844][ T5811] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 336.801053][ T7208] Quota error (device loop2): find_tree_dqentry: Cycle in quota tree detected: block 3 index 0 [ 336.812830][ T7208] Quota error (device loop2): qtree_read_dquot: Can't read quota structure for id 0 [ 336.822699][ T7208] EXT4-fs error (device loop2): ext4_acquire_dquot:6945: comm syz.2.477: Failed to acquire dquot type 1 [ 336.921352][ T7208] EXT4-fs (loop2): 1 truncate cleaned up [ 336.932827][ T7208] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 336.946953][ T7208] ext4 filesystem being mounted at /100/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 337.021971][ T30] audit: type=1326 audit(1763025494.567:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7214 comm="syz.3.480" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f03539 code=0x7ffc0000 [ 337.051457][ T30] audit: type=1326 audit(1763025494.607:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7214 comm="syz.3.480" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f03539 code=0x7ffc0000 [ 337.076284][ T30] audit: type=1326 audit(1763025494.607:152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7214 comm="syz.3.480" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f03539 code=0x7ffc0000 [ 337.100143][ T30] audit: type=1326 audit(1763025494.607:153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7214 comm="syz.3.480" exe="/root/syz-executor" sig=0 arch=40000003 syscall=275 compat=1 ip=0xf7f03539 code=0x7ffc0000 [ 337.122893][ T30] audit: type=1326 audit(1763025494.607:154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7214 comm="syz.3.480" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f03539 code=0x7ffc0000 [ 337.151867][ T30] audit: type=1326 audit(1763025494.607:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7214 comm="syz.3.480" exe="/root/syz-executor" sig=0 arch=40000003 syscall=436 compat=1 ip=0xf7f03539 code=0x7ffc0000 [ 337.193592][ T30] audit: type=1326 audit(1763025494.607:156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7214 comm="syz.3.480" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f03539 code=0x7ffc0000 [ 337.401038][ T5806] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 338.336606][ T7231] syzkaller0: entered promiscuous mode [ 338.342525][ T7231] syzkaller0: entered allmulticast mode [ 338.479739][ T7231] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 339.064372][ T7246] syz.1.492 uses obsolete (PF_INET,SOCK_PACKET) [ 339.298593][ T7239] loop2: detected capacity change from 0 to 512 [ 339.443459][ T7239] EXT4-fs warning (device loop2): ext4_xattr_inode_get:560: inode #11: comm syz.2.489: EA inode hash validation failed [ 339.445414][ T7239] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #15: comm syz.2.489: corrupted inode contents [ 339.570167][ T7239] EXT4-fs error (device loop2): ext4_dirty_inode:6517: inode #15: comm syz.2.489: mark_inode_dirty error [ 339.613765][ T7239] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #15: comm syz.2.489: corrupted inode contents [ 339.697660][ T7253] netlink: 256 bytes leftover after parsing attributes in process `syz.0.494'. [ 339.697765][ T7253] ksmbd: Unknown IPC event: 3, ignore. [ 339.745580][ T7239] EXT4-fs error (device loop2): ext4_xattr_delete_inode:2996: inode #15: comm syz.2.489: mark_inode_dirty error [ 339.757179][ T7239] EXT4-fs error (device loop2): ext4_xattr_delete_inode:2999: inode #15: comm syz.2.489: mark inode dirty (error -117) [ 339.835537][ T7249] loop3: detected capacity change from 0 to 4096 [ 339.854763][ T7239] EXT4-fs warning (device loop2): ext4_evict_inode:274: xattr delete (err -117) [ 339.870843][ T7239] EXT4-fs (loop2): 1 orphan inode deleted [ 339.873157][ T7239] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 339.962899][ T7249] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 339.995096][ T7249] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 340.407083][ T5810] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 340.554564][ T5806] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 340.983747][ T7270] loop3: detected capacity change from 0 to 128 [ 341.098312][ T7270] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 341.175375][ T7270] ext4 filesystem being mounted at /99/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 341.206086][ T7270] EXT4-fs warning (device loop3): ext4_dirblock_csum_verify:375: inode #2: comm syz.3.500: No space for directory leaf checksum. Please run e2fsck -D. [ 341.221755][ T7270] EXT4-fs error (device loop3): __ext4_find_entry:1626: inode #2: comm syz.3.500: checksumming directory block 0 [ 341.367249][ T7270] EXT4-fs warning (device loop3): ext4_dirblock_csum_verify:375: inode #2: comm syz.3.500: No space for directory leaf checksum. Please run e2fsck -D. [ 341.383010][ T7270] EXT4-fs error (device loop3): __ext4_find_entry:1626: inode #2: comm syz.3.500: checksumming directory block 0 [ 341.869072][ T5810] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 341.927868][ T7287] syz.2.506 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 342.150635][ T7287] netlink: 'syz.2.506': attribute type 13 has an invalid length. [ 342.961747][ T7287] bridge0: port 2(bridge_slave_1) entered disabled state [ 343.242349][ T7287] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 343.273886][ T7287] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 345.872242][ T7327] loop0: detected capacity change from 0 to 512 [ 345.950523][ T5852] lo speed is unknown, defaulting to 1000 [ 345.950650][ T5852] syz0: Port: 1 Link DOWN [ 346.155219][ T1136] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 346.158812][ T1136] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 346.159059][ T1136] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 346.159287][ T1136] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 346.849517][ T7327] EXT4-fs warning (device loop0): ext4_xattr_inode_get:560: inode #11: comm syz.0.512: EA inode hash validation failed [ 346.850892][ T7327] EXT4-fs error (device loop0): ext4_do_update_inode:5632: inode #15: comm syz.0.512: corrupted inode contents [ 346.854678][ T7327] EXT4-fs error (device loop0): ext4_dirty_inode:6517: inode #15: comm syz.0.512: mark_inode_dirty error [ 346.857504][ T7327] EXT4-fs error (device loop0): ext4_do_update_inode:5632: inode #15: comm syz.0.512: corrupted inode contents [ 346.994845][ T7327] EXT4-fs error (device loop0): ext4_xattr_delete_inode:2996: inode #15: comm syz.0.512: mark_inode_dirty error [ 347.046352][ T7327] EXT4-fs error (device loop0): ext4_xattr_delete_inode:2999: inode #15: comm syz.0.512: mark inode dirty (error -117) [ 347.048894][ T7327] EXT4-fs warning (device loop0): ext4_evict_inode:274: xattr delete (err -117) [ 347.049218][ T7327] EXT4-fs (loop0): 1 orphan inode deleted [ 347.051499][ T7327] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 349.352672][ T5803] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 350.747624][ T7294] Set syz1 is full, maxelem 65536 reached [ 351.299996][ T7299] hid-generic 0000:0000:0000.0001: unknown main item tag 0x1 [ 351.308003][ T7299] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 351.316101][ T7299] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 351.323804][ T7299] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 351.331812][ T7299] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 351.339884][ T7299] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 351.347894][ T7299] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 351.356079][ T7299] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 351.363784][ T7299] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 351.372812][ T7299] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 351.415517][ T7367] loop3: detected capacity change from 0 to 512 [ 351.438096][ T7367] EXT4-fs: Invalid want_extra_isize 109 [ 351.487910][ T7299] hid-generic 0000:0000:0000.0001: hidraw0: HID v8.00 Device [syz0] on syz0 [ 351.859895][ T7378] netlink: 'syz.2.526': attribute type 13 has an invalid length. [ 353.132974][ T7389] loop0: detected capacity change from 0 to 512 [ 353.410011][ T7389] EXT4-fs warning (device loop0): ext4_xattr_inode_get:560: inode #11: comm syz.0.528: EA inode hash validation failed [ 353.411308][ T7389] EXT4-fs error (device loop0): ext4_do_update_inode:5632: inode #15: comm syz.0.528: corrupted inode contents [ 353.497009][ T7389] EXT4-fs error (device loop0): ext4_dirty_inode:6517: inode #15: comm syz.0.528: mark_inode_dirty error [ 353.535490][ T7389] EXT4-fs error (device loop0): ext4_do_update_inode:5632: inode #15: comm syz.0.528: corrupted inode contents [ 353.544691][ T7389] EXT4-fs error (device loop0): ext4_xattr_delete_inode:2996: inode #15: comm syz.0.528: mark_inode_dirty error [ 353.584900][ T7389] EXT4-fs error (device loop0): ext4_xattr_delete_inode:2999: inode #15: comm syz.0.528: mark inode dirty (error -117) [ 353.614397][ T7389] EXT4-fs warning (device loop0): ext4_evict_inode:274: xattr delete (err -117) [ 353.614822][ T7389] EXT4-fs (loop0): 1 orphan inode deleted [ 353.617074][ T7389] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 353.768881][ T7412] loop3: detected capacity change from 0 to 128 [ 353.886640][ T30] kauditd_printk_skb: 39 callbacks suppressed [ 353.886722][ T30] audit: type=1804 audit(1763025511.477:196): pid=7412 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.536" name="/newroot/103/file0/file1" dev="loop3" ino=1048619 res=1 errno=0 [ 354.482327][ T5803] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 354.842706][ T7421] netlink: 'syz.2.540': attribute type 13 has an invalid length. [ 354.925491][ T7422] loop4: detected capacity change from 0 to 512 [ 354.950298][ T7422] EXT4-fs: Invalid want_extra_isize 109 [ 357.230387][ T7452] syzkaller0: entered promiscuous mode [ 357.230513][ T7452] syzkaller0: entered allmulticast mode [ 357.365683][ T7447] loop3: detected capacity change from 0 to 512 [ 357.604544][ T7447] EXT4-fs warning (device loop3): ext4_xattr_inode_get:560: inode #11: comm syz.3.548: EA inode hash validation failed [ 357.606075][ T7447] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #15: comm syz.3.548: corrupted inode contents [ 357.612537][ T7447] EXT4-fs error (device loop3): ext4_dirty_inode:6517: inode #15: comm syz.3.548: mark_inode_dirty error [ 357.641883][ T7447] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #15: comm syz.3.548: corrupted inode contents [ 357.720197][ T1287] ieee802154 phy0 wpan0: encryption failed: -22 [ 357.720530][ T1287] ieee802154 phy1 wpan1: encryption failed: -22 [ 357.773316][ T7447] EXT4-fs error (device loop3): ext4_xattr_delete_inode:2996: inode #15: comm syz.3.548: mark_inode_dirty error [ 357.776916][ T7447] EXT4-fs error (device loop3): ext4_xattr_delete_inode:2999: inode #15: comm syz.3.548: mark inode dirty (error -117) [ 357.781228][ T7447] EXT4-fs warning (device loop3): ext4_evict_inode:274: xattr delete (err -117) [ 357.781544][ T7447] EXT4-fs (loop3): 1 orphan inode deleted [ 357.783924][ T7447] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 358.624364][ T7469] loop1: detected capacity change from 0 to 512 [ 358.668741][ T7469] EXT4-fs: Invalid want_extra_isize 109 [ 358.969841][ T5810] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 359.483054][ T30] audit: type=1326 audit(1763025517.067:197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7480 comm="syz.3.559" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f03539 code=0x7ffc0000 [ 359.554444][ T30] audit: type=1326 audit(1763025517.107:198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7480 comm="syz.3.559" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f03539 code=0x7ffc0000 [ 359.578342][ T30] audit: type=1326 audit(1763025517.107:199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7480 comm="syz.3.559" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f03539 code=0x7ffc0000 [ 359.601192][ T30] audit: type=1326 audit(1763025517.107:200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7480 comm="syz.3.559" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f03539 code=0x7ffc0000 [ 359.623702][ T30] audit: type=1326 audit(1763025517.107:201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7480 comm="syz.3.559" exe="/root/syz-executor" sig=0 arch=40000003 syscall=356 compat=1 ip=0xf7f03539 code=0x7ffc0000 [ 359.646643][ T30] audit: type=1326 audit(1763025517.107:202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7480 comm="syz.3.559" exe="/root/syz-executor" sig=0 arch=40000003 syscall=192 compat=1 ip=0xf7f03539 code=0x7ffc0000 [ 359.734393][ T30] audit: type=1326 audit(1763025517.297:203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7480 comm="syz.3.559" exe="/root/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf7f03539 code=0x7ffc0000 [ 360.056668][ T30] audit: type=1326 audit(1763025517.637:204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7480 comm="syz.3.559" exe="/root/syz-executor" sig=0 arch=40000003 syscall=91 compat=1 ip=0xf7f03539 code=0x7ffc0000 [ 360.090900][ T7481] loop3: detected capacity change from 0 to 4096 [ 360.125074][ T7485] loop1: detected capacity change from 0 to 128 [ 360.135548][ T7481] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 360.142766][ T30] audit: type=1326 audit(1763025517.677:205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7480 comm="syz.3.559" exe="/root/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7f03539 code=0x7ffc0000 [ 360.167342][ T30] audit: type=1326 audit(1763025517.677:206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7480 comm="syz.3.559" exe="/root/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f03539 code=0x7ffc0000 [ 360.248991][ T7481] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 360.286609][ T7485] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 360.312880][ T7485] ext4 filesystem being mounted at /117/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 360.360885][ T7485] EXT4-fs warning (device loop1): ext4_dirblock_csum_verify:375: inode #2: comm syz.1.563: No space for directory leaf checksum. Please run e2fsck -D. [ 360.377564][ T7485] EXT4-fs error (device loop1): __ext4_find_entry:1626: inode #2: comm syz.1.563: checksumming directory block 0 [ 360.655797][ T5811] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 360.761804][ T5810] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 361.083071][ T7492] loop1: detected capacity change from 0 to 128 [ 361.232883][ T7494] syzkaller0: entered promiscuous mode [ 361.238866][ T7494] syzkaller0: entered allmulticast mode [ 361.265941][ T4001] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 361.807466][ T7496] syzkaller0: entered promiscuous mode [ 361.814861][ T7496] syzkaller0: entered allmulticast mode [ 362.603267][ T7507] loop1: detected capacity change from 0 to 512 [ 362.751211][ T7507] EXT4-fs: Invalid want_extra_isize 109 [ 363.020789][ T7505] loop3: detected capacity change from 0 to 512 [ 363.074773][ T7505] EXT4-fs warning (device loop3): ext4_xattr_inode_get:560: inode #11: comm syz.3.569: EA inode hash validation failed [ 363.076037][ T7505] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #15: comm syz.3.569: corrupted inode contents [ 363.095614][ T7505] EXT4-fs error (device loop3): ext4_dirty_inode:6517: inode #15: comm syz.3.569: mark_inode_dirty error [ 363.175061][ T7505] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #15: comm syz.3.569: corrupted inode contents [ 363.177825][ T7505] EXT4-fs error (device loop3): ext4_xattr_delete_inode:2996: inode #15: comm syz.3.569: mark_inode_dirty error [ 363.184470][ T7505] EXT4-fs error (device loop3): ext4_xattr_delete_inode:2999: inode #15: comm syz.3.569: mark inode dirty (error -117) [ 363.195419][ T7505] EXT4-fs warning (device loop3): ext4_evict_inode:274: xattr delete (err -117) [ 363.195744][ T7505] EXT4-fs (loop3): 1 orphan inode deleted [ 363.198307][ T7505] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 363.847659][ T5810] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 364.230437][ T7523] loop3: detected capacity change from 0 to 128 [ 364.316102][ T7523] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 364.334564][ T7523] ext4 filesystem being mounted at /111/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 364.369415][ T7523] EXT4-fs warning (device loop3): ext4_dirblock_csum_verify:375: inode #2: comm syz.3.575: No space for directory leaf checksum. Please run e2fsck -D. [ 364.391695][ T7523] EXT4-fs error (device loop3): __ext4_find_entry:1626: inode #2: comm syz.3.575: checksumming directory block 0 [ 364.572378][ T5810] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 364.688705][ T30] kauditd_printk_skb: 36 callbacks suppressed [ 364.688788][ T30] audit: type=1326 audit(1763025522.277:243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7522 comm="syz.4.576" exe="/root/syz-executor" sig=0 arch=40000003 syscall=91 compat=1 ip=0xf7f01539 code=0x7ffc0000 [ 364.730762][ T7524] loop4: detected capacity change from 0 to 4096 [ 364.766827][ T7524] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 364.793788][ T30] audit: type=1326 audit(1763025522.307:244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7522 comm="syz.4.576" exe="/root/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7f01539 code=0x7ffc0000 [ 364.816507][ T30] audit: type=1326 audit(1763025522.317:245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7522 comm="syz.4.576" exe="/root/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f01539 code=0x7ffc0000 [ 364.838805][ T30] audit: type=1326 audit(1763025522.327:246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7522 comm="syz.4.576" exe="/root/syz-executor" sig=0 arch=40000003 syscall=6 compat=1 ip=0xf7f01539 code=0x7ffc0000 [ 364.861090][ T30] audit: type=1326 audit(1763025522.327:247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7522 comm="syz.4.576" exe="/root/syz-executor" sig=0 arch=40000003 syscall=6 compat=1 ip=0xf7f01539 code=0x7ffc0000 [ 364.889351][ T30] audit: type=1326 audit(1763025522.337:248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7522 comm="syz.4.576" exe="/root/syz-executor" sig=0 arch=40000003 syscall=296 compat=1 ip=0xf7f01539 code=0x7ffc0000 [ 364.914212][ T30] audit: type=1326 audit(1763025522.337:249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7522 comm="syz.4.576" exe="/root/syz-executor" sig=0 arch=40000003 syscall=21 compat=1 ip=0xf7f01539 code=0x7ffc0000 [ 365.011182][ T7524] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 365.080997][ T7530] loop3: detected capacity change from 0 to 128 [ 365.149213][ T30] audit: type=1326 audit(1763025522.687:250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7522 comm="syz.4.576" exe="/root/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7f01539 code=0x7ffc0000 [ 365.172021][ T30] audit: type=1326 audit(1763025522.687:251): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7522 comm="syz.4.576" exe="/root/syz-executor" sig=0 arch=40000003 syscall=12 compat=1 ip=0xf7f01539 code=0x7ffc0000 [ 365.200154][ T30] audit: type=1326 audit(1763025522.687:252): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7522 comm="syz.4.576" exe="/root/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7f01539 code=0x7ffc0000 [ 365.417137][ T5799] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 365.551115][ T7533] syzkaller0: entered promiscuous mode [ 365.557289][ T7533] syzkaller0: entered allmulticast mode [ 367.121011][ T7553] loop2: detected capacity change from 0 to 128 [ 367.163374][ T7547] loop3: detected capacity change from 0 to 512 [ 367.207836][ T7553] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 367.218183][ T7553] ext4 filesystem being mounted at /117/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 367.389897][ T7558] EXT4-fs warning (device loop2): ext4_dirblock_csum_verify:375: inode #2: comm syz.2.588: No space for directory leaf checksum. Please run e2fsck -D. [ 367.406401][ T7558] EXT4-fs error (device loop2): __ext4_find_entry:1626: inode #2: comm syz.2.588: checksumming directory block 0 [ 367.468946][ T7547] EXT4-fs warning (device loop3): ext4_xattr_inode_get:560: inode #11: comm syz.3.585: EA inode hash validation failed [ 367.470583][ T7547] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #15: comm syz.3.585: corrupted inode contents [ 367.481166][ T7547] EXT4-fs error (device loop3): ext4_dirty_inode:6517: inode #15: comm syz.3.585: mark_inode_dirty error [ 367.587720][ T7547] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #15: comm syz.3.585: corrupted inode contents [ 367.590067][ T7547] EXT4-fs error (device loop3): ext4_xattr_delete_inode:2996: inode #15: comm syz.3.585: mark_inode_dirty error [ 367.593890][ T7547] EXT4-fs error (device loop3): ext4_xattr_delete_inode:2999: inode #15: comm syz.3.585: mark inode dirty (error -117) [ 367.631003][ T7547] EXT4-fs warning (device loop3): ext4_evict_inode:274: xattr delete (err -117) [ 367.631324][ T7547] EXT4-fs (loop3): 1 orphan inode deleted [ 367.633571][ T7547] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 367.768159][ T5806] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 368.132279][ T7563] loop1: detected capacity change from 0 to 128 [ 368.240781][ T5810] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 368.558891][ T7565] loop2: detected capacity change from 0 to 4096 [ 368.643860][ T7565] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 368.707671][ T7569] syzkaller0: entered promiscuous mode [ 368.713383][ T7569] syzkaller0: entered allmulticast mode [ 368.760329][ T7565] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 369.201584][ T5806] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 369.858181][ T30] kauditd_printk_skb: 52 callbacks suppressed [ 369.858264][ T30] audit: type=1326 audit(1763025527.447:305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7583 comm="syz.3.600" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f03539 code=0x7ffc0000 [ 369.890538][ T30] audit: type=1326 audit(1763025527.447:306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7583 comm="syz.3.600" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f03539 code=0x7ffc0000 [ 370.032126][ T30] audit: type=1326 audit(1763025527.527:307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7583 comm="syz.3.600" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f03539 code=0x7ffc0000 [ 370.054773][ T30] audit: type=1326 audit(1763025527.527:308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7583 comm="syz.3.600" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f03539 code=0x7ffc0000 [ 370.077336][ T30] audit: type=1326 audit(1763025527.527:309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7583 comm="syz.3.600" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f03539 code=0x7ffc0000 [ 370.099850][ T30] audit: type=1326 audit(1763025527.547:310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7583 comm="syz.3.600" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f03539 code=0x7ffc0000 [ 370.123165][ T30] audit: type=1326 audit(1763025527.547:311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7583 comm="syz.3.600" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f03539 code=0x7ffc0000 [ 370.145882][ T30] audit: type=1326 audit(1763025527.577:312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7583 comm="syz.3.600" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f03539 code=0x7ffc0000 [ 370.168912][ T30] audit: type=1326 audit(1763025527.577:313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7583 comm="syz.3.600" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f03539 code=0x7ffc0000 [ 370.191523][ T30] audit: type=1326 audit(1763025527.577:314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7583 comm="syz.3.600" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f03539 code=0x7ffc0000 [ 370.331857][ T7586] loop4: detected capacity change from 0 to 128 [ 370.559265][ T7594] loop3: detected capacity change from 0 to 128 [ 371.246238][ T7604] syzkaller0: entered promiscuous mode [ 371.252047][ T7604] syzkaller0: entered allmulticast mode [ 371.502944][ T7601] loop1: detected capacity change from 0 to 4096 [ 371.594204][ T7601] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 371.691542][ T7601] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 372.140223][ T5811] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 372.285432][ T7625] loop3: detected capacity change from 0 to 128 [ 372.960618][ T7635] loop3: detected capacity change from 0 to 128 [ 373.756757][ T7647] syzkaller0: entered promiscuous mode [ 373.762502][ T7647] syzkaller0: entered allmulticast mode [ 374.143652][ T7649] loop0: detected capacity change from 0 to 1024 [ 374.175713][ T7649] EXT4-fs: inline encryption not supported [ 374.276515][ T7649] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 374.664542][ T7653] loop3: detected capacity change from 0 to 4096 [ 374.738888][ T7653] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 374.752568][ T5803] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 374.793137][ T7662] loop1: detected capacity change from 0 to 128 [ 374.814515][ T7653] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 374.896203][ T30] kauditd_printk_skb: 61 callbacks suppressed [ 374.896287][ T30] audit: type=1326 audit(1763025532.487:376): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7652 comm="syz.3.627" exe="/root/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7f03539 code=0x7ffc0000 [ 374.936826][ T30] audit: type=1326 audit(1763025532.517:377): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7652 comm="syz.3.627" exe="/root/syz-executor" sig=0 arch=40000003 syscall=12 compat=1 ip=0xf7f03539 code=0x7ffc0000 [ 374.960136][ T30] audit: type=1326 audit(1763025532.517:378): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7652 comm="syz.3.627" exe="/root/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7f03539 code=0x7ffc0000 [ 374.982624][ T30] audit: type=1326 audit(1763025532.527:379): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7652 comm="syz.3.627" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f03539 code=0x7ffc0000 [ 375.005331][ T30] audit: type=1326 audit(1763025532.527:380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7652 comm="syz.3.627" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f03539 code=0x7ffc0000 [ 375.222185][ T30] audit: type=1326 audit(1763025532.617:381): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7652 comm="syz.3.627" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f03539 code=0x7ffc0000 [ 375.246077][ T30] audit: type=1326 audit(1763025532.627:382): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7652 comm="syz.3.627" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f03539 code=0x7ffc0000 [ 375.269038][ T30] audit: type=1326 audit(1763025532.627:383): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7652 comm="syz.3.627" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f03539 code=0x7ffc0000 [ 375.291558][ T30] audit: type=1326 audit(1763025532.637:384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7652 comm="syz.3.627" exe="/root/syz-executor" sig=0 arch=40000003 syscall=103 compat=1 ip=0xf7f03539 code=0x7ffc0000 [ 375.314146][ T30] audit: type=1326 audit(1763025532.637:385): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7652 comm="syz.3.627" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f03539 code=0x7ffc0000 [ 375.439469][ T5810] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 375.986012][ T7677] random: crng reseeded on system resumption [ 376.485463][ T7331] hid_parser_main: 28 callbacks suppressed [ 376.485587][ T7331] hid-generic 0000:0000:0000.0002: unknown main item tag 0x1 [ 376.499940][ T7331] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 376.508024][ T7331] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 376.515822][ T7331] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 376.523511][ T7331] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 376.531621][ T7331] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 376.539579][ T7331] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 376.547374][ T7331] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 376.555128][ T7331] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 376.570646][ T7331] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 376.758527][ T7331] hid-generic 0000:0000:0000.0002: hidraw0: HID v8.00 Device [syz0] on syz0 [ 377.497403][ T7702] loop2: detected capacity change from 0 to 128 [ 377.754259][ T7704] loop3: detected capacity change from 0 to 512 [ 377.778256][ T7704] EXT4-fs: Ignoring removed i_version option [ 377.784825][ T7704] EXT4-fs: Ignoring removed bh option [ 377.952353][ T7704] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 378.028580][ T7704] ext4 filesystem being mounted at /127/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 378.857451][ T5810] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 379.090022][ T7723] loop4: detected capacity change from 0 to 164 [ 379.689784][ T7737] loop2: detected capacity change from 0 to 128 [ 380.053885][ T7731] loop3: detected capacity change from 0 to 512 [ 380.147267][ T7742] UHID_CREATE from different security context by process 323 (syz.4.658), this is not allowed. [ 380.236316][ T7731] EXT4-fs warning (device loop3): ext4_xattr_inode_get:560: inode #11: comm syz.3.654: EA inode hash validation failed [ 380.237773][ T7731] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #15: comm syz.3.654: corrupted inode contents [ 380.251499][ T7731] EXT4-fs error (device loop3): ext4_dirty_inode:6517: inode #15: comm syz.3.654: mark_inode_dirty error [ 380.268705][ T7731] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #15: comm syz.3.654: corrupted inode contents [ 380.317839][ T7731] EXT4-fs error (device loop3): ext4_xattr_delete_inode:2996: inode #15: comm syz.3.654: mark_inode_dirty error [ 380.341801][ T7731] EXT4-fs error (device loop3): ext4_xattr_delete_inode:2999: inode #15: comm syz.3.654: mark inode dirty (error -117) [ 380.365299][ T7731] EXT4-fs warning (device loop3): ext4_evict_inode:274: xattr delete (err -117) [ 380.365644][ T7731] EXT4-fs (loop3): 1 orphan inode deleted [ 380.368292][ T7731] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 380.378425][ T7748] loop2: detected capacity change from 0 to 4096 [ 380.458587][ T7748] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 380.620059][ T30] kauditd_printk_skb: 6 callbacks suppressed [ 380.620146][ T30] audit: type=1800 audit(1763025538.207:392): pid=7748 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.659" name="file1" dev="loop2" ino=15 res=0 errno=0 [ 380.852786][ T5806] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 381.222017][ T5810] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 381.701151][ T7765] loop4: detected capacity change from 0 to 128 [ 381.731354][ T7765] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 381.748367][ T7765] ext4 filesystem being mounted at /142/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 381.826068][ T7765] EXT4-fs warning (device loop4): ext4_dirblock_csum_verify:375: inode #2: comm syz.4.666: No space for directory leaf checksum. Please run e2fsck -D. [ 381.841829][ T7765] EXT4-fs error (device loop4): __ext4_find_entry:1626: inode #2: comm syz.4.666: checksumming directory block 0 [ 381.850149][ T7763] syzkaller0: entered promiscuous mode [ 381.859916][ T7763] syzkaller0: entered allmulticast mode [ 382.174302][ T5799] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 382.438084][ T7777] loop3: detected capacity change from 0 to 128 [ 382.788952][ T7331] hid_parser_main: 28 callbacks suppressed [ 382.789211][ T7331] hid-generic 0000:0000:0000.0003: unknown main item tag 0x1 [ 382.811978][ T7331] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 382.822127][ T7331] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 382.832804][ T7331] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 382.840745][ T7331] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 382.848661][ T7331] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 382.857055][ T7331] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 382.864939][ T7331] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 382.872656][ T7331] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 382.880511][ T7331] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 382.921766][ T7331] hid-generic 0000:0000:0000.0003: hidraw0: HID v8.00 Device [syz0] on syz0 [ 384.408663][ T7797] loop4: detected capacity change from 0 to 512 [ 384.550944][ T7808] loop1: detected capacity change from 0 to 512 [ 384.553580][ T7808] EXT4-fs: Ignoring removed i_version option [ 384.553723][ T7808] EXT4-fs: Ignoring removed bh option [ 384.676855][ T7808] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 384.701008][ T7808] ext4 filesystem being mounted at /144/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 384.703799][ T7797] EXT4-fs warning (device loop4): ext4_xattr_inode_get:560: inode #11: comm syz.4.675: EA inode hash validation failed [ 384.705392][ T7797] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #15: comm syz.4.675: corrupted inode contents [ 384.710906][ T7797] EXT4-fs error (device loop4): ext4_dirty_inode:6517: inode #15: comm syz.4.675: mark_inode_dirty error [ 384.733681][ T7813] loop2: detected capacity change from 0 to 128 [ 384.756388][ T7797] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #15: comm syz.4.675: corrupted inode contents [ 384.772718][ T7797] EXT4-fs error (device loop4): ext4_xattr_delete_inode:2996: inode #15: comm syz.4.675: mark_inode_dirty error [ 384.779739][ T7797] EXT4-fs error (device loop4): ext4_xattr_delete_inode:2999: inode #15: comm syz.4.675: mark inode dirty (error -117) [ 384.817142][ T7797] EXT4-fs warning (device loop4): ext4_evict_inode:274: xattr delete (err -117) [ 384.898704][ T7797] EXT4-fs (loop4): 1 orphan inode deleted [ 384.901315][ T7797] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 384.939278][ T7813] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 384.940666][ T7813] ext4 filesystem being mounted at /134/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 385.103793][ T7813] EXT4-fs warning (device loop2): ext4_dirblock_csum_verify:375: inode #2: comm syz.2.680: No space for directory leaf checksum. Please run e2fsck -D. [ 385.104167][ T7813] EXT4-fs error (device loop2): __ext4_find_entry:1626: inode #2: comm syz.2.680: checksumming directory block 0 [ 385.362471][ T7818] loop3: detected capacity change from 0 to 512 [ 385.396902][ T7818] EXT4-fs: Invalid want_extra_isize 109 [ 385.438457][ T5806] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 385.701447][ T5811] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 385.746629][ T5799] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 386.010341][ T7823] syzkaller0: entered promiscuous mode [ 386.016234][ T7823] syzkaller0: entered allmulticast mode [ 386.749935][ T7834] 9pnet_fd: Insufficient options for proto=fd [ 387.140982][ T7845] netlink: 'syz.2.690': attribute type 13 has an invalid length. [ 387.403810][ T7849] netlink: 12 bytes leftover after parsing attributes in process `syz.4.694'. [ 387.414896][ T7849] netlink: 12 bytes leftover after parsing attributes in process `syz.4.694'. [ 387.937154][ T7853] syzkaller0: entered promiscuous mode [ 387.942876][ T7853] syzkaller0: entered allmulticast mode [ 388.210502][ T7857] loop4: detected capacity change from 0 to 512 [ 388.247354][ T7857] EXT4-fs: Invalid want_extra_isize 109 [ 389.414447][ T7878] netlink: 'syz.0.706': attribute type 13 has an invalid length. [ 389.810033][ T7878] bridge0: port 2(bridge_slave_1) entered disabled state [ 389.820220][ T7878] bridge0: port 1(bridge_slave_0) entered disabled state [ 390.209564][ T7878] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 390.241933][ T7878] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 390.984265][ T7898] loop1: detected capacity change from 0 to 512 [ 391.007951][ T7898] EXT4-fs: Invalid want_extra_isize 109 [ 391.198780][ T4368] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 391.237981][ T4368] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 391.264799][ T1104] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 391.309003][ T1104] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 391.865316][ T7904] syzkaller0: entered promiscuous mode [ 391.871035][ T7904] syzkaller0: entered allmulticast mode [ 392.191366][ T7911] loop3: detected capacity change from 0 to 4096 [ 392.245230][ T7911] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 392.308536][ T30] audit: type=1800 audit(1763025549.897:393): pid=7911 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.722" name="file1" dev="loop3" ino=15 res=0 errno=0 [ 392.919275][ T7925] netlink: 8 bytes leftover after parsing attributes in process `syz.0.727'. [ 392.988524][ T5810] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 393.570444][ T7934] loop2: detected capacity change from 0 to 512 [ 393.580585][ T7932] netlink: 'syz.0.730': attribute type 13 has an invalid length. [ 393.591471][ T7934] EXT4-fs: Invalid want_extra_isize 109 [ 394.234626][ T30] audit: type=1326 audit(1763025551.817:394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7943 comm="syz.2.737" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf70ad539 code=0x0 [ 394.386752][ T7947] syzkaller0: entered promiscuous mode [ 394.392487][ T7947] syzkaller0: entered allmulticast mode [ 395.021683][ T7957] netlink: 8 bytes leftover after parsing attributes in process `syz.3.740'. [ 395.517760][ T7965] netlink: 'syz.3.744': attribute type 13 has an invalid length. [ 395.891206][ T7965] bridge0: port 2(bridge_slave_1) entered disabled state [ 395.901392][ T7965] bridge0: port 1(bridge_slave_0) entered disabled state [ 396.253809][ T7965] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 396.292897][ T7965] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 396.439338][ T7965] batman_adv: batadv0: Interface deactivated: vlan0 [ 396.681439][ T7976] loop1: detected capacity change from 0 to 512 [ 396.705868][ T7976] EXT4-fs: Invalid want_extra_isize 109 [ 397.811693][ T7331] lo speed is unknown, defaulting to 1000 [ 397.817933][ T7331] syz2: Port: 1 Link DOWN [ 397.985989][ T4368] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 397.997146][ T4368] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 398.077191][ T30] audit: type=1326 audit(1763025555.617:395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7990 comm="syz.1.753" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f31539 code=0x0 [ 398.156622][ T4368] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 398.282129][ T7996] netlink: 8 bytes leftover after parsing attributes in process `syz.4.754'. [ 398.309974][ T4368] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 399.632582][ T8007] random: crng reseeded on system resumption [ 400.080338][ T30] audit: type=1326 audit(1763025557.347:396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8001 comm="syz.1.757" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f31539 code=0x7ffc0000 [ 400.103061][ T30] audit: type=1326 audit(1763025557.397:397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8001 comm="syz.1.757" exe="/root/syz-executor" sig=0 arch=40000003 syscall=224 compat=1 ip=0xf7f31539 code=0x7ffc0000 [ 400.129005][ T30] audit: type=1326 audit(1763025557.407:398): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8001 comm="syz.1.757" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f31539 code=0x7ffc0000 [ 400.153230][ T30] audit: type=1326 audit(1763025557.407:399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8001 comm="syz.1.757" exe="/root/syz-executor" sig=0 arch=40000003 syscall=259 compat=1 ip=0xf7f31539 code=0x7ffc0000 [ 400.177614][ T30] audit: type=1326 audit(1763025557.407:400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8001 comm="syz.1.757" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f31539 code=0x7ffc0000 [ 400.200494][ T30] audit: type=1326 audit(1763025557.417:401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8001 comm="syz.1.757" exe="/root/syz-executor" sig=0 arch=40000003 syscall=260 compat=1 ip=0xf7f31539 code=0x7ffc0000 [ 400.226569][ T30] audit: type=1326 audit(1763025557.417:402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8001 comm="syz.1.757" exe="/root/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7f31539 code=0x7ffc0000 [ 400.250280][ T30] audit: type=1326 audit(1763025557.437:403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8001 comm="syz.1.757" exe="/root/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf7f31567 code=0x7ffc0000 [ 400.273153][ T30] audit: type=1326 audit(1763025557.437:404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8001 comm="syz.1.757" exe="/root/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7f31539 code=0x7ffc0000 [ 401.748776][ T8019] loop0: detected capacity change from 0 to 512 [ 401.979926][ T8024] loop1: detected capacity change from 0 to 512 [ 402.091934][ T8024] EXT4-fs: Ignoring removed i_version option [ 402.099046][ T8024] EXT4-fs: Ignoring removed bh option [ 402.478609][ T8019] EXT4-fs: Invalid want_extra_isize 109 [ 402.564654][ T8024] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 402.588244][ T8024] ext4 filesystem being mounted at /161/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 402.866245][ T8034] netlink: 'syz.3.766': attribute type 13 has an invalid length. [ 402.962854][ T5811] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 403.056252][ T7984] Set syz1 is full, maxelem 65536 reached [ 403.316434][ T30] kauditd_printk_skb: 20 callbacks suppressed [ 403.316530][ T30] audit: type=1326 audit(1763025560.887:425): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8035 comm="syz.0.767" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f76539 code=0x0 [ 403.402178][ T8038] netlink: 8 bytes leftover after parsing attributes in process `syz.1.768'. [ 403.615282][ T8041] 9pnet_fd: Insufficient options for proto=fd [ 403.724690][ T30] audit: type=1326 audit(1763025561.297:426): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8040 comm="syz.4.769" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01539 code=0x7ffc0000 [ 403.747919][ T30] audit: type=1326 audit(1763025561.307:427): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8040 comm="syz.4.769" exe="/root/syz-executor" sig=0 arch=40000003 syscall=62 compat=1 ip=0xf7f01539 code=0x7ffc0000 [ 403.771055][ T30] audit: type=1326 audit(1763025561.307:428): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8040 comm="syz.4.769" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01539 code=0x7ffc0000 [ 403.847449][ T30] audit: type=1326 audit(1763025561.387:429): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8040 comm="syz.4.769" exe="/root/syz-executor" sig=0 arch=40000003 syscall=63 compat=1 ip=0xf7f01539 code=0x7ffc0000 [ 403.870421][ T30] audit: type=1326 audit(1763025561.387:430): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8040 comm="syz.4.769" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01539 code=0x7ffc0000 [ 403.893047][ T30] audit: type=1326 audit(1763025561.387:431): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8040 comm="syz.4.769" exe="/root/syz-executor" sig=0 arch=40000003 syscall=224 compat=1 ip=0xf7f01539 code=0x7ffc0000 [ 403.919059][ T30] audit: type=1326 audit(1763025561.387:432): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8040 comm="syz.4.769" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01539 code=0x7ffc0000 [ 403.942616][ T30] audit: type=1326 audit(1763025561.387:433): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8040 comm="syz.4.769" exe="/root/syz-executor" sig=0 arch=40000003 syscall=360 compat=1 ip=0xf7f01539 code=0x7ffc0000 [ 403.965045][ T30] audit: type=1326 audit(1763025561.397:434): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8040 comm="syz.4.769" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01539 code=0x7ffc0000 [ 404.047640][ T8048] random: crng reseeded on system resumption [ 404.601420][ T8057] loop1: detected capacity change from 0 to 128 [ 404.652798][ T8057] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback. [ 404.671201][ T8057] ext4 filesystem being mounted at /164/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 404.753574][ T8055] loop0: detected capacity change from 0 to 512 [ 404.778317][ T8055] EXT4-fs: Invalid want_extra_isize 109 [ 405.077611][ T8062] loop4: detected capacity change from 0 to 512 [ 405.089511][ T8062] EXT4-fs: Invalid want_extra_isize 109 [ 405.433654][ T8066] loop3: detected capacity change from 0 to 512 [ 405.477152][ T8066] EXT4-fs: Ignoring removed i_version option [ 405.483466][ T8066] EXT4-fs: Ignoring removed bh option [ 405.587074][ T8066] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 405.624769][ T8066] ext4 filesystem being mounted at /151/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 405.790052][ T5811] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 406.017933][ T5810] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 406.207468][ T8075] loop4: detected capacity change from 0 to 512 [ 406.211241][ T8076] netlink: 'syz.1.781': attribute type 13 has an invalid length. [ 406.320520][ T8075] EXT4-fs warning (device loop4): ext4_xattr_inode_get:560: inode #11: comm syz.4.780: EA inode hash validation failed [ 406.321809][ T8075] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #15: comm syz.4.780: corrupted inode contents [ 406.370352][ T8075] EXT4-fs error (device loop4): ext4_dirty_inode:6517: inode #15: comm syz.4.780: mark_inode_dirty error [ 406.372016][ T8075] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #15: comm syz.4.780: corrupted inode contents [ 406.373603][ T8075] EXT4-fs error (device loop4): ext4_xattr_delete_inode:2996: inode #15: comm syz.4.780: mark_inode_dirty error [ 406.382074][ T8075] EXT4-fs error (device loop4): ext4_xattr_delete_inode:2999: inode #15: comm syz.4.780: mark inode dirty (error -117) [ 406.383831][ T8075] EXT4-fs warning (device loop4): ext4_evict_inode:274: xattr delete (err -117) [ 406.384458][ T8075] EXT4-fs (loop4): 1 orphan inode deleted [ 406.386843][ T8075] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 406.579900][ T8081] netlink: 8 bytes leftover after parsing attributes in process `syz.3.782'. [ 406.709301][ T8076] bridge0: port 2(bridge_slave_1) entered disabled state [ 406.712382][ T8076] bridge0: port 1(bridge_slave_0) entered disabled state [ 407.117537][ T8076] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 407.158921][ T8076] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 407.436975][ T5799] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 407.955094][ T4368] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 408.012023][ T4368] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 408.036479][ T4368] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 408.074546][ T8091] random: crng reseeded on system resumption [ 408.106350][ T4368] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 408.328496][ T30] kauditd_printk_skb: 69 callbacks suppressed [ 408.328579][ T30] audit: type=1326 audit(1763025565.917:504): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8090 comm="syz.4.786" exe="/root/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf7f01567 code=0x7ffc0000 [ 408.357584][ T30] audit: type=1326 audit(1763025565.917:505): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8090 comm="syz.4.786" exe="/root/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7f01539 code=0x7ffc0000 [ 408.701044][ T8099] loop1: detected capacity change from 0 to 512 [ 408.736956][ T8099] EXT4-fs: Invalid want_extra_isize 109 [ 408.982198][ T8103] loop3: detected capacity change from 0 to 512 [ 408.999180][ T58] Bluetooth: hci5: Frame reassembly failed (-84) [ 409.071021][ T30] audit: type=1326 audit(1763025566.657:506): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8100 comm="syz.0.790" exe="/root/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f76539 code=0x0 [ 409.071148][ T8103] EXT4-fs warning (device loop3): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 409.105476][ T8103] EXT4-fs warning (device loop3): dx_probe:849: Enable large directory feature to access it [ 409.116071][ T8103] EXT4-fs warning (device loop3): dx_probe:934: inode #2: comm syz.3.791: Corrupt directory, running e2fsck is recommended [ 409.279029][ T8103] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -117 [ 409.290057][ T8103] EXT4-fs error (device loop3): ext4_iget_extra_inode:5075: inode #15: comm syz.3.791: corrupted in-inode xattr: invalid ea_ino [ 409.306092][ T8103] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.791: couldn't read orphan inode 15 (err -117) [ 409.368698][ T8103] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 409.505896][ T8103] EXT4-fs warning (device loop3): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 409.518273][ T8103] EXT4-fs warning (device loop3): dx_probe:849: Enable large directory feature to access it [ 409.528770][ T8103] EXT4-fs warning (device loop3): dx_probe:934: inode #2: comm syz.3.791: Corrupt directory, running e2fsck is recommended [ 409.618110][ T8103] EXT4-fs error (device loop3): ext4_readdir:264: inode #2: block 3: comm syz.3.791: path /155/file0: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=4294967295, rec_len=17, size=1024 fake=0 [ 409.708675][ T8103] EXT4-fs error (device loop3): ext4_readdir:264: inode #2: block 64: comm syz.3.791: path /155/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0 [ 410.547252][ T5810] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 411.011785][ T5807] Bluetooth: hci5: command 0x1003 tx timeout [ 411.012026][ T50] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 411.087228][ T8122] loop1: detected capacity change from 0 to 512 [ 411.377950][ T8122] EXT4-fs warning (device loop1): ext4_xattr_inode_get:560: inode #11: comm syz.1.796: EA inode hash validation failed [ 411.379277][ T8122] EXT4-fs error (device loop1): ext4_do_update_inode:5632: inode #15: comm syz.1.796: corrupted inode contents [ 411.473121][ T8122] EXT4-fs error (device loop1): ext4_dirty_inode:6517: inode #15: comm syz.1.796: mark_inode_dirty error [ 411.547199][ T8122] EXT4-fs error (device loop1): ext4_do_update_inode:5632: inode #15: comm syz.1.796: corrupted inode contents [ 411.608946][ T8122] EXT4-fs error (device loop1): ext4_xattr_delete_inode:2996: inode #15: comm syz.1.796: mark_inode_dirty error [ 411.611617][ T8122] EXT4-fs error (device loop1): ext4_xattr_delete_inode:2999: inode #15: comm syz.1.796: mark inode dirty (error -117) [ 411.615154][ T8122] EXT4-fs warning (device loop1): ext4_evict_inode:274: xattr delete (err -117) [ 411.615481][ T8122] EXT4-fs (loop1): 1 orphan inode deleted [ 411.617772][ T8122] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 412.203450][ T8132] netlink: 'syz.0.799': attribute type 13 has an invalid length. [ 412.719972][ T5811] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 413.547381][ T8143] loop0: detected capacity change from 0 to 512 [ 413.791965][ T8143] EXT4-fs: Invalid want_extra_isize 109 [ 413.932738][ T30] audit: type=1326 audit(1763025571.517:507): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8139 comm="syz.1.802" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f31539 code=0x7ffc0000 [ 413.971133][ T30] audit: type=1326 audit(1763025571.547:508): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8139 comm="syz.1.802" exe="/root/syz-executor" sig=0 arch=40000003 syscall=224 compat=1 ip=0xf7f31539 code=0x7ffc0000 [ 413.994139][ T30] audit: type=1326 audit(1763025571.547:509): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8139 comm="syz.1.802" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f31539 code=0x7ffc0000 [ 414.016800][ T30] audit: type=1326 audit(1763025571.547:510): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8139 comm="syz.1.802" exe="/root/syz-executor" sig=0 arch=40000003 syscall=259 compat=1 ip=0xf7f31539 code=0x7ffc0000 [ 414.041206][ T30] audit: type=1326 audit(1763025571.547:511): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8139 comm="syz.1.802" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f31539 code=0x7ffc0000 [ 414.064226][ T30] audit: type=1326 audit(1763025571.547:512): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8139 comm="syz.1.802" exe="/root/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7f31539 code=0x7ffc0000 [ 414.093331][ T30] audit: type=1326 audit(1763025571.557:513): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8139 comm="syz.1.802" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f31539 code=0x7ffc0000 [ 414.116549][ T30] audit: type=1326 audit(1763025571.557:514): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8139 comm="syz.1.802" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f31539 code=0x7ffc0000 [ 414.140706][ T30] audit: type=1326 audit(1763025571.557:515): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8139 comm="syz.1.802" exe="/root/syz-executor" sig=0 arch=40000003 syscall=145 compat=1 ip=0xf7f31539 code=0x7ffc0000 [ 415.231972][ T1104] Bluetooth: hci5: Frame reassembly failed (-84) [ 415.410761][ T30] audit: type=1326 audit(1763025572.987:516): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8147 comm="syz.2.809" exe="/root/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf70ad539 code=0x0 [ 415.510142][ T8107] Set syz1 is full, maxelem 65536 reached [ 415.682637][ T7296] kernel write not supported for file bpf-prog (pid: 7296 comm: kworker/1:7) [ 416.434876][ T8165] netlink: 72 bytes leftover after parsing attributes in process `syz.1.813'. [ 416.604989][ T8166] loop3: detected capacity change from 0 to 512 [ 416.668033][ T8171] netlink: 'syz.0.814': attribute type 13 has an invalid length. [ 416.718391][ T8166] EXT4-fs warning (device loop3): ext4_xattr_inode_get:560: inode #11: comm syz.3.812: EA inode hash validation failed [ 416.737769][ T8166] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #15: comm syz.3.812: corrupted inode contents [ 416.785673][ T8166] EXT4-fs error (device loop3): ext4_dirty_inode:6517: inode #15: comm syz.3.812: mark_inode_dirty error [ 416.787542][ T8166] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #15: comm syz.3.812: corrupted inode contents [ 416.789199][ T8166] EXT4-fs error (device loop3): ext4_xattr_delete_inode:2996: inode #15: comm syz.3.812: mark_inode_dirty error [ 416.794441][ T8166] EXT4-fs error (device loop3): ext4_xattr_delete_inode:2999: inode #15: comm syz.3.812: mark inode dirty (error -117) [ 416.796142][ T8166] EXT4-fs warning (device loop3): ext4_evict_inode:274: xattr delete (err -117) [ 416.796471][ T8166] EXT4-fs (loop3): 1 orphan inode deleted [ 416.798904][ T8166] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 416.946928][ T8175] loop1: detected capacity change from 0 to 512 [ 416.953559][ T8175] EXT4-fs: Invalid want_extra_isize 109 [ 417.203622][ T8179] random: crng reseeded on system resumption [ 417.246227][ T5807] Bluetooth: hci5: command 0x1003 tx timeout [ 417.253163][ T50] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 417.421799][ T5810] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 418.010993][ T8190] loop1: detected capacity change from 0 to 2048 [ 418.052438][ T7296] hid_parser_main: 28 callbacks suppressed [ 418.052543][ T7296] hid-generic 0000:0000:0000.0004: unknown main item tag 0x1 [ 418.068859][ T7296] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 418.077031][ T7296] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 418.085070][ T7296] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 418.092845][ T7296] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 418.100801][ T7296] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 418.108716][ T7296] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 418.116653][ T7296] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 418.124534][ T7296] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 418.126550][ T8190] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 418.132270][ T7296] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 418.253257][ T7296] hid-generic 0000:0000:0000.0004: hidraw0: HID v8.00 Device [syz0] on syz0 [ 418.385335][ T8198] GUP no longer grows the stack in syz.2.825 (8198): 80004000-8000a000 (80002000) [ 418.395389][ T8198] CPU: 1 UID: 0 PID: 8198 Comm: syz.2.825 Not tainted syzkaller #0 PREEMPT(none) [ 418.395548][ T8198] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 418.395658][ T8198] Call Trace: [ 418.395727][ T8198] [ 418.395784][ T8198] __dump_stack+0x26/0x30 [ 418.395981][ T8198] dump_stack_lvl+0x1df/0x270 [ 418.396182][ T8198] dump_stack+0x1e/0x25 [ 418.396359][ T8198] __get_user_pages+0x49e9/0x5e00 [ 418.396611][ T8198] ? get_user_pages_remote+0x31/0x13a0 [ 418.396839][ T8198] ? filter_irq_stacks+0x49/0x190 [ 418.397133][ T8198] get_user_pages_remote+0x468/0x13a0 [ 418.397356][ T8198] ? kmsan_get_metadata+0xfb/0x160 [ 418.397548][ T8198] ? access_remote_vm+0x4e/0x70 [ 418.397692][ T8198] __access_remote_vm+0x2f8/0xff0 [ 418.397876][ T8198] access_remote_vm+0x4e/0x70 [ 418.398025][ T8198] proc_pid_cmdline_read+0xa75/0x19e0 [ 418.398283][ T8198] ? __pfx_proc_pid_cmdline_read+0x10/0x10 [ 418.398477][ T8198] vfs_readv+0x931/0xf30 [ 418.398700][ T8198] ? kmsan_get_metadata+0xfb/0x160 [ 418.398865][ T8198] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 418.399053][ T8198] __ia32_compat_sys_preadv+0x2da/0x540 [ 418.399262][ T8198] ia32_sys_call+0x28d3/0x4310 [ 418.399479][ T8198] __do_fast_syscall_32+0xb0/0x150 [ 418.399693][ T8198] ? irqentry_exit_to_user_mode+0x7f/0xa0 [ 418.399898][ T8198] do_fast_syscall_32+0x38/0x80 [ 418.400116][ T8198] do_SYSENTER_32+0x1f/0x30 [ 418.400324][ T8198] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 418.400528][ T8198] RIP: 0023:0xf70ad539 [ 418.400651][ T8198] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 418.400792][ T8198] RSP: 002b:00000000f549d55c EFLAGS: 00000206 ORIG_RAX: 000000000000014d [ 418.400941][ T8198] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000040 [ 418.401048][ T8198] RDX: 0000000000000001 RSI: 0000000000000300 RDI: 0000000000000000 [ 418.401148][ T8198] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 418.401241][ T8198] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 418.401335][ T8198] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 418.401470][ T8198] [ 418.693707][ T5811] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 419.122282][ T1287] ieee802154 phy0 wpan0: encryption failed: -22 [ 419.129438][ T1287] ieee802154 phy1 wpan1: encryption failed: -22 [ 419.337932][ T8205] loop2: detected capacity change from 0 to 512 [ 419.397057][ T8205] EXT4-fs: Invalid want_extra_isize 109 [ 419.459400][ T8210] loop0: detected capacity change from 0 to 512 [ 419.555832][ T8210] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 419.574255][ T8210] ext4 filesystem being mounted at /154/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 419.785068][ T8215] loop3: detected capacity change from 0 to 512 [ 419.837706][ T8215] EXT4-fs: Invalid want_extra_isize 109 [ 420.025204][ T5803] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 420.420604][ T8228] random: crng reseeded on system resumption [ 420.473125][ T30] kauditd_printk_skb: 9 callbacks suppressed [ 420.473211][ T30] audit: type=1326 audit(1763025578.057:526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8223 comm="syz.0.836" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f76539 code=0x7ffc0000 [ 420.504964][ T30] audit: type=1326 audit(1763025578.057:527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8223 comm="syz.0.836" exe="/root/syz-executor" sig=0 arch=40000003 syscall=224 compat=1 ip=0xf7f76539 code=0x7ffc0000 [ 420.527536][ T30] audit: type=1326 audit(1763025578.057:528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8223 comm="syz.0.836" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f76539 code=0x7ffc0000 [ 420.623102][ T30] audit: type=1326 audit(1763025578.147:529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8223 comm="syz.0.836" exe="/root/syz-executor" sig=0 arch=40000003 syscall=259 compat=1 ip=0xf7f76539 code=0x7ffc0000 [ 420.645790][ T30] audit: type=1326 audit(1763025578.147:530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8223 comm="syz.0.836" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f76539 code=0x7ffc0000 [ 420.668409][ T30] audit: type=1326 audit(1763025578.147:531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8223 comm="syz.0.836" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f76539 code=0x7ffc0000 [ 420.691390][ T30] audit: type=1326 audit(1763025578.147:532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8223 comm="syz.0.836" exe="/root/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7f76539 code=0x7ffc0000 [ 420.716742][ T30] audit: type=1326 audit(1763025578.147:533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8223 comm="syz.0.836" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f76539 code=0x7ffc0000 [ 420.739278][ T30] audit: type=1326 audit(1763025578.147:534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8223 comm="syz.0.836" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f76539 code=0x7ffc0000 [ 420.761868][ T30] audit: type=1326 audit(1763025578.167:535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8223 comm="syz.0.836" exe="/root/syz-executor" sig=0 arch=40000003 syscall=145 compat=1 ip=0xf7f76539 code=0x7ffc0000 [ 421.385063][ T7308] hid-generic 0000:0000:0000.0005: hidraw0: HID v8.00 Device [syz0] on syz0 [ 422.551374][ T8250] loop1: detected capacity change from 0 to 512 [ 422.573181][ T8250] EXT4-fs: Invalid want_extra_isize 109 [ 422.895406][ T8226] netlink: 8 bytes leftover after parsing attributes in process `syz.2.835'. [ 423.585680][ T8263] random: crng reseeded on system resumption [ 423.824931][ T8268] 9pnet_virtio: no channels available for device syz [ 424.894703][ T7308] hid_parser_main: 66 callbacks suppressed [ 424.894816][ T7308] hid-generic 0000:0000:0000.0006: unknown main item tag 0x1 [ 424.908583][ T7308] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 424.916686][ T7308] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 424.924547][ T7308] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 424.932347][ T7308] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 424.940260][ T7308] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 424.948149][ T7308] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 424.956018][ T7308] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 424.963724][ T7308] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 424.971521][ T7308] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 425.055706][ T7308] hid-generic 0000:0000:0000.0006: hidraw0: HID v8.00 Device [syz0] on syz0 [ 426.413741][ T8293] netlink: 4 bytes leftover after parsing attributes in process `syz.0.863'. [ 426.423068][ T8293] netlink: 4 bytes leftover after parsing attributes in process `syz.0.863'. [ 426.435000][ T8293] netlink: 4 bytes leftover after parsing attributes in process `syz.0.863'. [ 426.520849][ T8297] loop3: detected capacity change from 0 to 164 [ 427.072371][ T8301] loop3: detected capacity change from 0 to 512 [ 427.097517][ T8301] EXT4-fs: Ignoring removed i_version option [ 427.103869][ T8301] EXT4-fs: Ignoring removed bh option [ 427.238134][ T8301] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 427.317631][ T8301] ext4 filesystem being mounted at /171/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 427.344971][ T8303] lo speed is unknown, defaulting to 1000 [ 427.353829][ T8303] lo speed is unknown, defaulting to 1000 [ 427.856685][ T5810] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 428.537903][ T8314] lo speed is unknown, defaulting to 1000 [ 428.546933][ T8314] lo speed is unknown, defaulting to 1000 [ 431.310620][ T7308] hid_parser_main: 28 callbacks suppressed [ 431.310731][ T7308] hid-generic 0000:0000:0000.0007: unknown main item tag 0x1 [ 431.324896][ T7308] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 431.332604][ T7308] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 431.340400][ T7308] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 431.350536][ T7308] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 431.359000][ T7308] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 431.366855][ T7308] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 431.375163][ T7308] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 431.382834][ T7308] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 431.390803][ T7308] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 431.504832][ T7308] hid-generic 0000:0000:0000.0007: hidraw0: HID v8.00 Device [syz0] on syz0 [ 431.716308][ T8328] loop4: detected capacity change from 0 to 512 [ 431.743326][ T8328] EXT4-fs: Invalid want_extra_isize 109 [ 434.632215][ T30] kauditd_printk_skb: 2 callbacks suppressed [ 434.632301][ T30] audit: type=1326 audit(1763025592.217:538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8354 comm="syz.0.884" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f76539 code=0x7ffc0000 [ 434.638637][ T30] audit: type=1326 audit(1763025592.227:539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8354 comm="syz.0.884" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f76539 code=0x7ffc0000 [ 434.640177][ T30] audit: type=1326 audit(1763025592.227:540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8354 comm="syz.0.884" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f76539 code=0x7ffc0000 [ 434.664265][ T30] audit: type=1326 audit(1763025592.247:541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8354 comm="syz.0.884" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f76539 code=0x7ffc0000 [ 434.664538][ T30] audit: type=1326 audit(1763025592.247:542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8354 comm="syz.0.884" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f76539 code=0x7ffc0000 [ 434.665644][ T30] audit: type=1326 audit(1763025592.257:543): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8354 comm="syz.0.884" exe="/root/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7f76539 code=0x7ffc0000 [ 434.666819][ T30] audit: type=1326 audit(1763025592.257:544): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8354 comm="syz.0.884" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f76539 code=0x7ffc0000 [ 434.667934][ T30] audit: type=1326 audit(1763025592.257:545): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8354 comm="syz.0.884" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f76539 code=0x7ffc0000 [ 434.702609][ T30] audit: type=1326 audit(1763025592.287:546): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8354 comm="syz.0.884" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f76539 code=0x7ffc0000 [ 434.702887][ T30] audit: type=1326 audit(1763025592.287:547): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8354 comm="syz.0.884" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f76539 code=0x7ffc0000 [ 434.798707][ T8359] netlink: 12 bytes leftover after parsing attributes in process `syz.0.884'. [ 434.887347][ T7296] hid-generic 0000:0000:0000.0008: hidraw0: HID v8.00 Device [syz0] on syz0 [ 434.907766][ T8363] netlink: 4 bytes leftover after parsing attributes in process `syz.0.884'. [ 435.227044][ T8367] loop4: detected capacity change from 0 to 164 [ 435.747437][ T8372] program syz.0.890 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 436.465834][ T8387] random: crng reseeded on system resumption [ 436.504235][ T8388] lo speed is unknown, defaulting to 1000 [ 436.513185][ T8388] lo speed is unknown, defaulting to 1000 [ 436.910873][ T8394] ===================================================== [ 436.918445][ T8394] BUG: KMSAN: uninit-value in bpf_prog_run_generic_xdp+0x1a5a/0x2000 [ 436.927044][ T8394] bpf_prog_run_generic_xdp+0x1a5a/0x2000 [ 436.933186][ T8394] do_xdp_generic+0xd52/0x1690 [ 436.938349][ T8394] tun_get_user+0x45c0/0x6d70 [ 436.943410][ T8394] tun_chr_write_iter+0x3e9/0x5c0 [ 436.948809][ T8394] vfs_write+0xbe2/0x15d0 [ 436.953302][ T8394] __ia32_sys_write+0x1f9/0x4d0 [ 436.958588][ T8394] ia32_sys_call+0x35bc/0x4310 [ 436.963347][ T8390] netlink: 16 bytes leftover after parsing attributes in process `syz.4.897'. [ 436.963602][ T8394] __do_fast_syscall_32+0xb0/0x150 [ 436.978001][ T8394] do_fast_syscall_32+0x38/0x80 [ 436.983106][ T8394] do_SYSENTER_32+0x1f/0x30 [ 436.988010][ T8394] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 436.994734][ T8394] [ 436.997163][ T8394] Uninit was stored to memory at: [ 437.002732][ T8394] pskb_expand_head+0x310/0x1610 [ 437.008090][ T8394] do_xdp_generic+0xa79/0x1690 [ 437.013094][ T8394] tun_get_user+0x45c0/0x6d70 [ 437.018172][ T8394] tun_chr_write_iter+0x3e9/0x5c0 [ 437.023443][ T8394] vfs_write+0xbe2/0x15d0 [ 437.028109][ T8394] __ia32_sys_write+0x1f9/0x4d0 [ 437.033148][ T8394] ia32_sys_call+0x35bc/0x4310 [ 437.038341][ T8394] __do_fast_syscall_32+0xb0/0x150 [ 437.043722][ T8394] do_fast_syscall_32+0x38/0x80 [ 437.048961][ T8394] do_SYSENTER_32+0x1f/0x30 [ 437.053714][ T8394] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 437.060450][ T8394] [ 437.062879][ T8394] Uninit was created at: [ 437.067611][ T8394] __kmalloc_node_track_caller_noprof+0xb4b/0x1ba0 [ 437.074523][ T8394] kmalloc_reserve+0x22f/0x4b0 [ 437.079520][ T8394] __alloc_skb+0x347/0x7d0 [ 437.084343][ T8394] alloc_skb_with_frags+0xc5/0xa60 [ 437.089704][ T8394] sock_alloc_send_pskb+0xacc/0xc60 [ 437.095333][ T8394] tun_get_user+0x1142/0x6d70 [ 437.100244][ T8394] tun_chr_write_iter+0x3e9/0x5c0 [ 437.105669][ T8394] vfs_write+0xbe2/0x15d0 [ 437.110177][ T8394] __ia32_sys_write+0x1f9/0x4d0 [ 437.115379][ T8394] ia32_sys_call+0x35bc/0x4310 [ 437.120405][ T8394] __do_fast_syscall_32+0xb0/0x150 [ 437.125949][ T8394] do_fast_syscall_32+0x38/0x80 [ 437.131042][ T8394] do_SYSENTER_32+0x1f/0x30 [ 437.135970][ T8394] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 437.142540][ T8394] [ 437.145153][ T8394] CPU: 1 UID: 0 PID: 8394 Comm: syz.3.898 Not tainted syzkaller #0 PREEMPT(none) [ 437.154896][ T8394] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 437.165393][ T8394] ===================================================== [ 437.172494][ T8394] Disabling lock debugging due to kernel taint [ 437.178997][ T8394] Kernel panic - not syncing: kmsan.panic set ... [ 437.185615][ T8394] CPU: 1 UID: 0 PID: 8394 Comm: syz.3.898 Tainted: G B syzkaller #0 PREEMPT(none) [ 437.196631][ T8394] Tainted: [B]=BAD_PAGE [ 437.200910][ T8394] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 437.211123][ T8394] Call Trace: [ 437.214513][ T8394] [ 437.217552][ T8394] __dump_stack+0x26/0x30 [ 437.222090][ T8394] dump_stack_lvl+0x53/0x270 [ 437.226898][ T8394] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 437.232916][ T8394] dump_stack+0x1e/0x25 [ 437.237275][ T8394] vpanic+0x435/0xd30 [ 437.241481][ T8394] panic+0x15d/0x160 [ 437.245615][ T8394] kmsan_report+0x31c/0x320 [ 437.250290][ T8394] ? __msan_warning+0x1b/0x30 [ 437.255131][ T8394] ? bpf_prog_run_generic_xdp+0x1a5a/0x2000 [ 437.261262][ T8394] ? do_xdp_generic+0xd52/0x1690 [ 437.266427][ T8394] ? tun_get_user+0x45c0/0x6d70 [ 437.271481][ T8394] ? tun_chr_write_iter+0x3e9/0x5c0 [ 437.276859][ T8394] ? vfs_write+0xbe2/0x15d0 [ 437.281503][ T8394] ? __ia32_sys_write+0x1f9/0x4d0 [ 437.286700][ T8394] ? ia32_sys_call+0x35bc/0x4310 [ 437.291856][ T8394] ? __do_fast_syscall_32+0xb0/0x150 [ 437.297358][ T8394] ? do_fast_syscall_32+0x38/0x80 [ 437.302591][ T8394] ? do_SYSENTER_32+0x1f/0x30 [ 437.307495][ T8394] ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 437.314201][ T8394] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 437.320266][ T8394] ? ___bpf_prog_run+0xea65/0xeba0 [ 437.325598][ T8394] ? __bpf_prog_run32+0xc2/0xf0 [ 437.330615][ T8394] ? kmsan_get_metadata+0xfb/0x160 [ 437.336003][ T8394] __msan_warning+0x1b/0x30 [ 437.340700][ T8394] bpf_prog_run_generic_xdp+0x1a5a/0x2000 [ 437.346715][ T8394] do_xdp_generic+0xd52/0x1690 [ 437.351691][ T8394] ? tun_get_user+0x40b1/0x6d70 [ 437.356735][ T8394] ? filter_irq_stacks+0x49/0x190 [ 437.361998][ T8394] ? kmsan_get_metadata+0xfb/0x160 [ 437.367309][ T8394] ? tun_get_user+0x453f/0x6d70 [ 437.372367][ T8394] tun_get_user+0x45c0/0x6d70 [ 437.377464][ T8394] ? stack_depot_save_flags+0x35/0x7b0 [ 437.383110][ T8394] ? kmsan_get_metadata+0xfb/0x160 [ 437.388424][ T8394] ? kmsan_get_metadata+0xfb/0x160 [ 437.393717][ T8394] ? kmsan_internal_set_shadow_origin+0x7a/0x110 [ 437.400295][ T8394] ? kmsan_internal_unpoison_memory+0x14/0x20 [ 437.406672][ T8394] tun_chr_write_iter+0x3e9/0x5c0 [ 437.411922][ T8394] vfs_write+0xbe2/0x15d0 [ 437.416478][ T8394] ? __pfx_tun_chr_write_iter+0x10/0x10 [ 437.422278][ T8394] __ia32_sys_write+0x1f9/0x4d0 [ 437.427329][ T8394] ia32_sys_call+0x35bc/0x4310 [ 437.432334][ T8394] __do_fast_syscall_32+0xb0/0x150 [ 437.437707][ T8394] do_fast_syscall_32+0x38/0x80 [ 437.442806][ T8394] do_SYSENTER_32+0x1f/0x30 [ 437.447514][ T8394] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 437.454052][ T8394] RIP: 0023:0xf7f03539 [ 437.458241][ T8394] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 437.478029][ T8394] RSP: 002b:00000000f53f6520 EFLAGS: 00000206 ORIG_RAX: 0000000000000004 [ 437.486624][ T8394] RAX: ffffffffffffffda RBX: 00000000000000c8 RCX: 0000000080000240 [ 437.494751][ T8394] RDX: 000000000000fdef RSI: 00000000f7396ff4 RDI: 0000000000000000 [ 437.502851][ T8394] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 437.510946][ T8394] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 437.519040][ T8394] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 437.527172][ T8394] [ 437.530742][ T8394] Kernel Offset: disabled [ 437.535158][ T8394] Rebooting in 86400 seconds..