last executing test programs: 43.797478993s ago: executing program 3 (id=2183): r0 = socket$tipc(0x1e, 0x5, 0x0) bind$tipc(r0, &(0x7f00000000c0)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10) r1 = socket$tipc(0x1e, 0x5, 0x0) bind$tipc(r1, &(0x7f0000000080)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x200, 0xfffffffd}}, 0x10) r2 = socket$tipc(0x1e, 0x2, 0x0) setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000100)={0x42, 0x2}, 0x10) bind$tipc(r0, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x2, 0x200004}}, 0x10) bind$tipc(r0, &(0x7f0000000440)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x2, 0x3}}, 0x10) close(0x3) 43.490835107s ago: executing program 3 (id=2184): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) inotify_add_watch(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x820) socket$nl_netfilter(0x10, 0x3, 0xc) 43.262917667s ago: executing program 3 (id=2187): bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000240)={0x1, &(0x7f0000000200)=[{0x6, 0xff, 0x7, 0x7fc00002}]}) r0 = socket$packet(0x11, 0x3, 0x300) fsync(r0) setresgid(0xee00, 0xee01, 0x0) r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000480)='task\x00') fchdir(r2) mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0) syz_open_procfs(r1, &(0x7f00000000c0)='fdinfo/4\x00') 42.112142207s ago: executing program 3 (id=2195): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xa1) r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000002c0)=0x20) mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0) mknodat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1/file2\x00', 0x81c0, 0x0) renameat2(0xffffffffffffff9c, &(0x7f0000000480)='./file1/file2\x00', 0xffffffffffffff9c, &(0x7f00000004c0)='./file0\x00', 0x2) 42.028441401s ago: executing program 3 (id=2196): sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a0300000000000000000007000004090001"], 0xe4}, 0x1, 0x0, 0x0, 0x8001}, 0x20050840) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)=ANY=[@ANYBLOB="3400000011000500040000000000000007000000", @ANYRES32=r2, @ANYBLOB="000000000a00000014001a8010000480"], 0x34}}, 0x0) 41.385066949s ago: executing program 3 (id=2201): syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000000c0)='./file1\x00', 0x0, &(0x7f0000000100), 0xff, 0x4a1, &(0x7f00000004c0)="$eJzs3MtvVFUYAPDvTh+8aUVEQdAqGomPlhZUFi7UaOJCExNd4LK2BZGBGloTIY0WY3BpSNwblyb+Be7cGHVhTNxq4tKQEG1MKK5q7gum02mZlpYpnd8vmc45c1/nu+eemXPv6b0BtK2+9E8SsT0ifo+Injw7f4a+/G12Zmrk+szUSBJzc2/9nWTzXZuZGilnLZfbVmQOVSIqnyXxYrJwuxPnL5werlbHzhX5gckzHwxMnL/wzKkzwyfHTo6dHTp27OiRweefG3p2VeJM47q27+Px/Xtfe+fyGyPHL7/707dpsfYcyKfXxnFL1xsE1EBfutf+mcvUT3t8GWW/G+yoSSedLSwIy9IREWl1dWXtvyc64mbl9cSrn7a0cMCaSn+bNi0+eXoO2MCSaHUJgNYof+jT89/ydYe6HuvC1Zciuov07MzUyOyN+DujUnzetYbb74uI49P/fZW+YrnXIQAAViDr2zzdqP9XiT3Zez7WsbMYQ+mNiHsiYldE3BsRuyPivohs3vujOx7IF57raXL7fXX5hf2fypWGZV4laf/vhZq+32xN/MVbb0eR25HF35WcOFUdO1zsk0PRtSnNDy6xje9f+e2LxabV9v/SV7r9si9YFOBKZ90FutHhyeHV2glXL0bs62wUf3JjJCA9AvZGxL7lrXpnmTj15Df7F5vp1vEvYRXGmea+jngir//pqIu/lCw9PjmwOapjhwfKo2Khn3+99GaR7K6fdlvxr4K0/rfOP/6LKReL955/k3y8tiuq1bFzE8vfxqU/Pl/0nGalx3938nY2Zv3Le/lnHw1PTp4bjOhOXs/y5Y7OPh+6uWyZL+dP4z90sHH731Usk8b/YESkB/GBiHgoIh4uyv5IRDwaEQeXiP/Hlx97f4n4k0iipfU/2vD7L4nYnCV6k9rx+hUkOk7/8N1iI+bN1f/RmM6+a3PZ998tNFvA29+DAAAAsP5VImJ7JJX+PN23PSqV/v78f/h3x9ZKdXxi8qkT4x+eHc3vEeiNrkp5paun5nroYDJdrDHPDxXXisvpR4rrxl92bMny/SPj1dEWxw7tbtv89h9l+0/91dHq0gFrzv1a0L7q23+lReUA7rxmfv+dC8DG1KD9b2lFOYA7z/k/tK9G7f+Turz+P2xMC9v/nw0eWQdsRPr/0L60f2hf2j+0pWbv4i+fp7DihwDMS5Q3C6x8PZubvsN//SX61mTNZQ2tZeG3xM1PorJqa55eB5WyzhNpi1nJ4rGz+WdhzE80eFgNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAXej/AAAA//+q8eIl") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x91) pwrite64(r0, &(0x7f0000000280)="3285d1", 0x3, 0xe7c) ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0x40305829, &(0x7f0000000000)={0x17c04, r0, 0x6, 0x100000000, 0x6, 0x2d1}) 41.075781192s ago: executing program 32 (id=2201): syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000000c0)='./file1\x00', 0x0, &(0x7f0000000100), 0xff, 0x4a1, &(0x7f00000004c0)="$eJzs3MtvVFUYAPDvTh+8aUVEQdAqGomPlhZUFi7UaOJCExNd4LK2BZGBGloTIY0WY3BpSNwblyb+Be7cGHVhTNxq4tKQEG1MKK5q7gum02mZlpYpnd8vmc45c1/nu+eemXPv6b0BtK2+9E8SsT0ifo+Injw7f4a+/G12Zmrk+szUSBJzc2/9nWTzXZuZGilnLZfbVmQOVSIqnyXxYrJwuxPnL5werlbHzhX5gckzHwxMnL/wzKkzwyfHTo6dHTp27OiRweefG3p2VeJM47q27+Px/Xtfe+fyGyPHL7/707dpsfYcyKfXxnFL1xsE1EBfutf+mcvUT3t8GWW/G+yoSSedLSwIy9IREWl1dWXtvyc64mbl9cSrn7a0cMCaSn+bNi0+eXoO2MCSaHUJgNYof+jT89/ydYe6HuvC1Zciuov07MzUyOyN+DujUnzetYbb74uI49P/fZW+YrnXIQAAViDr2zzdqP9XiT3Zez7WsbMYQ+mNiHsiYldE3BsRuyPivohs3vujOx7IF57raXL7fXX5hf2fypWGZV4laf/vhZq+32xN/MVbb0eR25HF35WcOFUdO1zsk0PRtSnNDy6xje9f+e2LxabV9v/SV7r9si9YFOBKZ90FutHhyeHV2glXL0bs62wUf3JjJCA9AvZGxL7lrXpnmTj15Df7F5vp1vEvYRXGmea+jngir//pqIu/lCw9PjmwOapjhwfKo2Khn3+99GaR7K6fdlvxr4K0/rfOP/6LKReL955/k3y8tiuq1bFzE8vfxqU/Pl/0nGalx3938nY2Zv3Le/lnHw1PTp4bjOhOXs/y5Y7OPh+6uWyZL+dP4z90sHH731Usk8b/YESkB/GBiHgoIh4uyv5IRDwaEQeXiP/Hlx97f4n4k0iipfU/2vD7L4nYnCV6k9rx+hUkOk7/8N1iI+bN1f/RmM6+a3PZ998tNFvA29+DAAAAsP5VImJ7JJX+PN23PSqV/v78f/h3x9ZKdXxi8qkT4x+eHc3vEeiNrkp5paun5nroYDJdrDHPDxXXisvpR4rrxl92bMny/SPj1dEWxw7tbtv89h9l+0/91dHq0gFrzv1a0L7q23+lReUA7rxmfv+dC8DG1KD9b2lFOYA7z/k/tK9G7f+Turz+P2xMC9v/nw0eWQdsRPr/0L60f2hf2j+0pWbv4i+fp7DihwDMS5Q3C6x8PZubvsN//SX61mTNZQ2tZeG3xM1PorJqa55eB5WyzhNpi1nJ4rGz+WdhzE80eFgNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAXej/AAAA//+q8eIl") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x91) pwrite64(r0, &(0x7f0000000280)="3285d1", 0x3, 0xe7c) ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0x40305829, &(0x7f0000000000)={0x17c04, r0, 0x6, 0x100000000, 0x6, 0x2d1}) 19.834888182s ago: executing program 2 (id=2336): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) socket$unix(0x1, 0x1, 0x0) sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd26, 0xffffffff, {0x0, 0x0, 0x0, 0x0, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x8, 0x4}}]}}]}, 0x48}}, 0x20040084) sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000540)={&(0x7f00000008c0)=@newqdisc={0x8c, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xfffffdfc, {0x0, 0x0, 0x0, 0x0, {0xffff}, {0xffff, 0xffff}, {0x2, 0x1}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x5c, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x4, [0xc, 0x5, 0x0, 0xf, 0x10, 0x2, 0x4, 0x2, 0xf, 0x6, 0x3, 0x7, 0x8, 0x4, 0x10, 0x4], 0x3, [0xb, 0x3, 0x1, 0x2002, 0x1, 0x4, 0x2, 0xd06, 0xff05, 0x2, 0xb, 0x3, 0x5, 0x2, 0xd, 0x100], [0xfff1, 0x5, 0xffff, 0xfff5, 0x4, 0x8, 0x1, 0x9, 0x5, 0x2, 0xc, 0x42, 0xfffc, 0x3, 0x1]}}]}}]}, 0x8c}, 0x1, 0x0, 0x0, 0x400dc}, 0x0) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) close(r3) socket$nl_generic(0x10, 0x3, 0x10) ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast}) r4 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) r6 = socket$packet(0x11, 0x3, 0x300) sendto$packet(r6, &(0x7f00000005c0)="ba", 0x1, 0x40, &(0x7f00000001c0)={0x11, 0x8100, r5, 0x1, 0xd8, 0x6, @multicast}, 0x14) 19.478729757s ago: executing program 2 (id=2340): r0 = syz_open_dev$loop(&(0x7f0000000000), 0x75f, 0xa382) pwritev(r0, &(0x7f00000000c0)=[{&(0x7f0000000180)="ec", 0x1}], 0x1, 0x800000, 0x80) 19.278999036s ago: executing program 2 (id=2343): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x3ffffd, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) r2 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000040), 0x401, 0x0) ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r2, 0xc0189374, &(0x7f0000000240)={{0x1, 0x1, 0x1018, 0xffffffffffffffff, {0x29}}, './file0\x00'}) 19.140250573s ago: executing program 2 (id=2347): syz_mount_image$iso9660(&(0x7f0000000540), &(0x7f00000001c0)='./file1\x00', 0x14004, &(0x7f00000005c0)=ANY=[@ANYRES32=0x0], 0x4, 0x70a, &(0x7f00000232c0)="$eJzs3V+P21gZBvDnJJkkk0JVAapWVbdzOmWlqRhSJ7NNFRUkjHOSMSRxZHtgRkJaFTqDRs0UaItEc9PODX+k5Qtwtzdc8CFW4oKr/RZwBdIKhIR2BUJGPraTTOJkJm3a2aXPb7Qb5/j18etjr896xj4GERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERQVgNw6gItO3uzq6czWq4Tif5ksXU/Ki2FdyMJm7OW+dKuF5AhP+gWMRbUfFbXxmFXA7/tY6r0berKIYfRQwuXL5098u5TLL8nIRfBBat8PHTwYN7/f7+ozPEZrFw9ecJmTMEtVTX9hy7Y7aUtD1H1ms149Z205NNu628Pc9XHWm5KuM7rtywbspKvb4lVXnP2em2GmZbJYV3vl41jJr8TiHa0QDKnrVtt9t2t6VjwtlhzB35/g+iAGV2pDw47O9vjeXzLK2Nw6BKSvKZ8eAwqHra5laNarVSqVYrtdv123cMIzdVYISEMYSpiKUftHSeMvHxusAiyzt5E72kjNX4j/FnAbRRRBc72IVM/bHQgAsHnRnzY0n//84tNXe94/1/0suvjGZfge7/r0Xfrs3q/2fkIiH1AmlzxIzyxX5WdEYSj/EUAzzAPfTRxz4eLaFuCbn20jXkjbgll5LPzJ8WFLqw4cGBjQ5MtPBFyLhEoo4aajDwHrbRhAeJJmy0oeBhDx58qPCIyoeZKpjw4cCFxAYs3IREBXXUsQUJhTL24GAHXbTQgIlPgiA4wKFu9604n+cpW40kqDJjIwrIJcfdPqpztnZW///DZ9HScf9vsP9/U0XHQSH6+GheDNFnQBBf/y9o7dVkQ0RERERERESvgtC/fRf6r/JvAwjQtNvKOBFTOLfsiIiIiIiIiGgZBIICrkJEd+XjbYjp638iIiIiIiIi+nwT+hk7AaCkb+oXo8elzvJLgOxrSJGIiIiIiIiIXpJ+8v9aHgj0Xf5rEAtd/xMRERERERHR58Cvx8bYz2XjMXaD5M/6GQBrfymID/9egLsijnu7XxVHZjjHPIpjpu4A8JtXxMV4oF79kQegv1nqqojXJoF/Jb99CH18kD7W//MgIoRwJxLIZ8crmJGACNdcy8Xf8D6uR4tcj8eZvz/IQM+JRhQuNe22KltO+24Fpnkx46td/+cPD38BuMPtPDjs75d/9JP+fZ3LcVh0fBRW+uxEOpn0xhjl8kSPt6CfuUgb3XgVzWSVv+l2SkKv10i2PwvzKDO+onk7oLYKRFv5S6xH+2w9iGJLg+GI+wJY04M/VMp6l53YendFjLKoTG552o6YseVFncWNKObGxo3oI2mTsJ6MKH4tC1TLk/sgTHQsi+p4Fqe3hfjHRPvPzwKiGLbFVpjFH8OKJtri+x9GC2/1dpPhMc6SxdRRQER0Xg5GvZAexHxqjP2ke0hOamfvd5AD4rPcjN59tJYg7j+S3v3J74Koh8oCufhvE+lrSfoVhGf0DaHryUcDuueupJzRjfKnQRCYF4sYP6P/NwiSDTIW6N2OgyCYPKP/YfQOpDjtqSz+HQTB3YruSX470at+EC7wwcz1eu1qFkUU8OTop/gkmb3/4/2H1epWzXjXMG5XsaL/VyH+yIJ9DxERTTn9HTs6IjMnQryL61Ed1+//7Z1o6kSP96X4lgLtFtDHfWwmrxBYS6+1hAN885/RbQib0VUrsF6KPksDefnS3fCqdhh7KHL6DS+bM6/qdGcZxerbG6rD2OS9Q5NXgKPYrVe8F4iIiF6v9Rn9MHCi/8fJ/r94ov/fxEYUsXEl9bq7NHZL4WZydTy8pB9cOE6NrZye/LeW3BhERERvCOV+LEr+r4Tr2r33KvV6xfS3lXQd67vStRstJe2ur1xr2+y2lOy5ju9YTlv2XBTsVeVJb6fXc1xfNh1X9hzP3tVvfpfxq9891TG7vm15vbYyPSUtp+ubli8btmfJ3s6327a3rVy9sNdTlt20LdO3na70nB3XUmUpPaXGAu2G6vp20w4nu7Ln2h3T3ZPfc9o7HSUbyrNcu+c7UYXJuuxu03E7utoygoVfdEhERPT/6PHTwYN7/f7+o8mJ1fDSPCo5xoyY6Yl8SoUcI4iIiOgzZtRdL7BQ8RUmREREREREREREREREREREREREREREREREU05/pG/BiZW0hwWBYcnPLsYleI7RI4ZT9Qi8bD6fun/SA/u9yOKZYYkAcIalkkciBg8+mhO8OixJmn885niRDHEJeOH2+esXgAu6BFFJbokHwPTzo0s/xtImvnEQteisGD0zdVZhuC9yy//PIZx4+PvpWSJs+SAIgvmLF062Yf7sx3MOwKP8nF2wesrx87rPRET0uv0vAAD//ySOL9Y=") r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000500000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r1}, 0x10) chown(&(0x7f0000000040)='./file1\x00', 0x0, 0x0) 18.883589904s ago: executing program 2 (id=2349): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) socket$unix(0x1, 0x1, 0x0) sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd26, 0xffffffff, {0x0, 0x0, 0x0, 0x0, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x8, 0x4}}]}}]}, 0x48}}, 0x20040084) sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000540)={&(0x7f00000008c0)=@newqdisc={0x8c, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xfffffdfc, {0x0, 0x0, 0x0, 0x0, {0xffff}, {0xffff, 0xffff}, {0x2, 0x1}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x5c, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x4, [0xc, 0x5, 0x0, 0xf, 0x10, 0x2, 0x4, 0x2, 0xf, 0x6, 0x3, 0x7, 0x8, 0x4, 0x10, 0x4], 0x3, [0xb, 0x3, 0x1, 0x2002, 0x1, 0x4, 0x2, 0xd06, 0xff05, 0x2, 0xb, 0x3, 0x5, 0x2, 0xd, 0x100], [0xfff1, 0x5, 0xffff, 0xfff5, 0x4, 0x8, 0x1, 0x9, 0x5, 0x2, 0xc, 0x42, 0xfffc, 0x3, 0x1]}}]}}]}, 0x8c}, 0x1, 0x0, 0x0, 0x400dc}, 0x0) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) close(r3) socket$nl_generic(0x10, 0x3, 0x10) ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast}) r4 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) r6 = socket$packet(0x11, 0x3, 0x300) sendto$packet(r6, &(0x7f00000005c0)="ba", 0x1, 0x40, &(0x7f00000001c0)={0x11, 0x8100, r5, 0x1, 0xd8, 0x6, @multicast}, 0x14) 18.623381705s ago: executing program 2 (id=2353): bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x94) r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='sys_enter\x00', r0}, 0x18) io_setup(0x2, &(0x7f0000000200)=0x0) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0x2, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x10}, 0x50) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000200)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10) r4 = eventfd2(0x0, 0x0) io_getevents(r1, 0x2, 0x2, &(0x7f0000001340)=[{}, {}], 0x0) io_submit(r1, 0x1, &(0x7f0000000140)=[&(0x7f0000000000)={0x1802, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x3, r4}]) 13.046028909s ago: executing program 0 (id=2381): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd26, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x8, 0x4}}]}}]}, 0x48}}, 0x20040084) sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000540)={&(0x7f00000008c0)=@newqdisc={0x8c, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xfffffdfc, {0x0, 0x0, 0x0, r3, {0xffff}, {0xffff, 0xffff}, {0x2, 0x1}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x5c, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x4, [0xc, 0x5, 0x0, 0xf, 0x10, 0x2, 0x4, 0x2, 0xf, 0x6, 0x3, 0x7, 0x8, 0x4, 0x10, 0x4], 0x3, [0xb, 0x3, 0x1, 0x2002, 0x1, 0x4, 0x2, 0xd06, 0xff05, 0x2, 0xb, 0x3, 0x5, 0x2, 0xd, 0x100], [0xfff1, 0x5, 0xffff, 0xfff5, 0x4, 0x8, 0x1, 0x9, 0x5, 0x2, 0xc, 0x42, 0xfffc, 0x3, 0x1]}}]}}]}, 0x8c}, 0x1, 0x0, 0x0, 0x400dc}, 0x0) r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) close(r4) socket$nl_generic(0x10, 0x3, 0x10) ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast}) r5 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) r7 = socket$packet(0x11, 0x3, 0x300) sendto$packet(r7, &(0x7f00000005c0)="ba", 0x1, 0x40, &(0x7f00000001c0)={0x11, 0x8100, r6, 0x1, 0xd8, 0x6, @multicast}, 0x14) 12.382865538s ago: executing program 0 (id=2383): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8d}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x0, 0x2, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x3, 0x0, 0x0, 0x40f00, 0x60, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffff9}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='tlb_flush\x00', r1}, 0x10) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000) mremap(&(0x7f0000000000/0x9000)=nil, 0x600002, 0x600002, 0x7, &(0x7f0000a00000/0x600000)=nil) 11.20614951s ago: executing program 0 (id=2389): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000a00)={{0x14}, [@NFT_MSG_NEWRULE={0x58, 0x6, 0xa, 0x409, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x2c, 0x4, 0x0, 0x1, [{0x28, 0x1, 0x0, 0x1, @range={{0xa}, @val={0x18, 0x2, 0x0, 0x1, [@NFTA_RANGE_SREG={0x8, 0x1, 0x1, 0x0, 0xe}, @NFTA_RANGE_OP={0x8, 0x2, 0x1, 0x0, 0x3}, @NFTA_RANGE_FROM_DATA={0x4}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x80}}, 0x0) 11.002669639s ago: executing program 0 (id=2390): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd26, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x8, 0x4}}]}}]}, 0x48}}, 0x20040084) sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000540)={&(0x7f00000008c0)=@newqdisc={0x8c, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xfffffdfc, {0x0, 0x0, 0x0, r3, {0xffff}, {0xffff, 0xffff}, {0x2, 0x1}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x5c, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x4, [0xc, 0x5, 0x0, 0xf, 0x10, 0x2, 0x4, 0x2, 0xf, 0x6, 0x3, 0x7, 0x8, 0x4, 0x10, 0x4], 0x3, [0xb, 0x3, 0x1, 0x2002, 0x1, 0x4, 0x2, 0xd06, 0xff05, 0x2, 0xb, 0x3, 0x5, 0x2, 0xd, 0x100], [0xfff1, 0x5, 0xffff, 0xfff5, 0x4, 0x8, 0x1, 0x9, 0x5, 0x2, 0xc, 0x42, 0xfffc, 0x3, 0x1]}}]}}]}, 0x8c}, 0x1, 0x0, 0x0, 0x400dc}, 0x0) r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) close(r4) socket$nl_generic(0x10, 0x3, 0x10) ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast}) r5 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) r7 = socket$packet(0x11, 0x3, 0x300) sendto$packet(r7, &(0x7f00000005c0)="ba", 0x1, 0x40, &(0x7f00000001c0)={0x11, 0x8100, r6, 0x1, 0xd8, 0x6, @multicast}, 0x14) 10.411024994s ago: executing program 0 (id=2394): socket$packet(0x11, 0x3, 0x300) setresgid(0xee00, 0xee01, 0x0) r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000480)='task\x00') fchdir(r1) mount(0x0, &(0x7f0000000080)='.\x00', 0x0, 0x0, 0x0) syz_open_procfs(r0, &(0x7f00000000c0)='fdinfo/4\x00') 9.967820744s ago: executing program 0 (id=2395): syz_open_dev$tty1(0xc, 0x4, 0x2) syz_io_uring_setup(0x4ea0, &(0x7f0000000480)={0x0, 0x8981, 0x400, 0x0, 0x2f0}, 0x0, 0x0) r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000010100008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000001dc0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x2d) r2 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r2, 0x29, 0x20, &(0x7f0000000180)={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x800, 0x0, 0x0, 0x2, 0x0, 0x7}, 0x20) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8) r3 = getpid() sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_clone(0x40000080, 0x0, 0x0, 0x0, 0x0, 0x0) r6 = socket$rds(0x15, 0x5, 0x0) bind$rds(r6, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10) r7 = epoll_create1(0x80000) r8 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/pm_debug_messages', 0x24481, 0x10) epoll_ctl$EPOLL_CTL_ADD(r7, 0x1, r8, &(0x7f00000000c0)={0xe000001a}) finit_module(r8, 0x0, 0x3) 4.897850976s ago: executing program 4 (id=2408): bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000040)={0x0, 0xf0, &(0x7f00000044c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="5c00000002060108000000000000000000000000050005000a000000050001000700000005000400000000000900020073797a310000000016000300686173683a6e65742c706f72742c6e657400"/92], 0x5c}}, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_ADD(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000780)=ANY=[@ANYBLOB="74000000090601020000000000000000030000000900020073797a310000000005000100070000004c0007801800018014000240fe8000000000000000000000000000aa1800148014000240fc000000000000000000000000000000060004404e1f0000050007008400000006000540"], 0x74}, 0x1, 0x0, 0x0, 0x10040003}, 0x0) sendmsg$NBD_CMD_STATUS(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x44}, 0x40000) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r0, 0x0, 0x5}, 0x18) syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1800403, &(0x7f0000000940), 0x2, 0x5ad, &(0x7f0000000180)="$eJzs3c1vVFUbAPDnzkwLpe9rKzEqLkyjIZAoLS1g8GMBe0LwY+fGSgtBho/QGi2aWBLcmBg3LkhcuRD/CyW6dWXiwoUbV4akGsNGY3TMnbkzDO1MOy0dbu39/ZLbOeeeOz3nQp85Z+49ZyaAwhpLf5Qi9kTE5SRipK2sElnhWOO4O7+/fzrdkqjVXv0tiSTb1zw+yR6Hsyf/PRLx/TdJ7C6vrHdu4er56Wp19kqWn5i/cHlibuHqgXMXps/Onp29OPXc1NEjh48cnTx4X+dXakufuP7WOyMfnXz9i8/+Sia//OlkEsfi1zONsvbz2CxjMRZ/1GofLN+f/rse3ezKclJu/Z3clSzfwZZVyWJkMCIei5Eot/1vjsSHL+faOKCvaklEDSioRPxDQTXHAc339r29Dy71eVQCPAhLx9OfAx3iv9K4NhijMRARe5c9r8MlvQ1J6/ju25PX0y36dB0O6Gzx2o4stTz+k3psjsbOem7XndI913nTEcCp7DHd/8oG6x9blhf/8OAsXouIxzuN/9eO/zfa4v/NDdYv/gEAAAAAAGDz3DoeEc92uv9Xyu7N7Yyn6vf/ksb9vx/urhA8tgn1r33/r3R7E6oBOlg6HvFSx/m/rTm+o+Us9//GbMDkzLnq7MGIeCgi9sfAjjQ/uUodBz7efaNbWfv8v3RL62/OBczacbuy497nzEzPT9/POQMNS9cinqh0n/+T9v9Je/+fSV8PLvdYx+69N091K1s7/oF+qX0esa9j/5+0jklW/3yOifp4YKI5Kljpyfc++apb/eIf8pP2/7tWj//RpP3zeubW9/sHI+LQQqXWrXyj4//B5LVy8/en3p2en78yGTGYnFi5f2p9bYbtqhkPzXhJ43//06tf/2uN/9vicCgiFnus89F/hn/uVqb/h/yk8T+zrv5//Ympm6Nfd6u/t/7/cL1P35/tcf0PVtdrgObdTgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4LypFxP8iKY230qXS+HjEcEQ8ErtK1Utz88+cufT2xZm0rP79/6XmN/2ONPJJ8/v/R9vyU8vyhyLi4Yj4tDxUz4+fvlSdyfvkAQAAAAAAAAAAAAAAAAAAYIsY7rL+P/VLOe/WAX1XyR7FOxRPJe8GALkR/1Bc4h+KS/xDcYl/KK4Nxr/bBbAN6P+hqAZ6O2xnv9sB5EH/DwAAAAAA28qtF5+/kUTE4gtD9S01mJW1bgwO5dU6oJ9KeTcAyI05vFBcpv5AcfU4+RfYxpJW6s9ap/Lus/+T/jQIAAAAAAAAAAAAAFhh355bP665/h/Ylqz/h+Ky/h+Ky/p/KC7v8YG1VvFb/w8AAAAAAAAAAAAA+ZtbuHp+ulqdvSIhsdUSAxGxBZqRQ2Iw//DM+YUJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABo+TcAAP//Swsk/Q==") 4.364233299s ago: executing program 1 (id=2409): bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x94) r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='sys_enter\x00', r0}, 0x18) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) io_setup(0x2, &(0x7f0000000200)=0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8) getpid() mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00'}, 0x10) r3 = eventfd2(0x0, 0x0) io_submit(r2, 0x1, &(0x7f00000006c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0}]) io_getevents(r2, 0x2, 0x2, &(0x7f0000001340)=[{}, {}], 0x0) io_submit(r2, 0x1, &(0x7f0000000140)=[&(0x7f0000000000)={0x1802, 0x0, 0x0, 0x5, 0x0, r1, 0x0, 0x0, 0x0, 0x0, 0x3, r3}]) 3.251058678s ago: executing program 1 (id=2410): socket$packet(0x11, 0x3, 0x300) setresgid(0xee00, 0xee01, 0x0) r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000480)='task\x00') fchdir(r1) mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0) syz_open_procfs(r0, 0x0) 3.047707577s ago: executing program 1 (id=2411): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r1}, 0x10) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$SO_TIMESTAMPING(r2, 0x1, 0x25, &(0x7f0000000000)=0x166, 0x4) sendmmsg$inet(r2, &(0x7f0000003240)=[{{&(0x7f0000000100)={0x2, 0x4e23, @empty}, 0x10, &(0x7f00000016c0)=[{&(0x7f0000001540)="94", 0xffe3}], 0x1}}], 0x1, 0x4000800) mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0) recvfrom(r2, &(0x7f0000000200)=""/131, 0xf92e58a67d38802c, 0x2101, 0x0, 0x0) 2.882926734s ago: executing program 4 (id=2412): r0 = socket(0xa, 0x80805, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x25, &(0x7f00000000c0)={0x0, @in={{0x2, 0x4e1b, @broadcast}}, 0xfff9, 0x4}, 0x90) 2.882640944s ago: executing program 1 (id=2413): bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x94) bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) io_setup(0x2, &(0x7f0000000200)=0x0) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0x2, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x10}, 0x50) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000200)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10) r4 = eventfd2(0x0, 0x0) io_getevents(r1, 0x2, 0x2, &(0x7f0000001340)=[{}, {}], 0x0) io_submit(r1, 0x1, &(0x7f0000000140)=[&(0x7f0000000000)={0x1802, 0x0, 0x0, 0x5, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x3, r4}]) 2.779245818s ago: executing program 4 (id=2414): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000000)='kmem_cache_free\x00', r4}, 0x18) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'syz_tun\x00', 0x0}) r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x6, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18020000390000000000000000000000850000004100000085000000a000000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x20, '\x00', 0x0, @fallback=0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r6, r5, 0x25, 0x0, @void}, 0x10) syz_emit_ethernet(0x11ed, &(0x7f0000000900)=ANY=[], 0x0) 1.804342991s ago: executing program 1 (id=2415): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x18, 0x4, &(0x7f00000003c0)=ANY=[@ANYBLOB="1801000000000800000000005e002200850000006d00000095"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x10) r1 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000140)={'syz_tun\x00', 0x0}) r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x6, 0x4, &(0x7f00000006c0)=ANY=[@ANYBLOB="18020000000000000000000000000000850000001700000095"], &(0x7f00000005c0)='GPL\x00'}, 0x94) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000000c0)={r3, r2, 0x25, 0x0, @void}, 0x10) syz_emit_ethernet(0xfdef, &(0x7f0000000a40)=ANY=[], 0x0) 1.15895531s ago: executing program 1 (id=2416): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd26, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x8, 0x4}}]}}]}, 0x48}}, 0x20040084) sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000540)={&(0x7f00000008c0)=@newqdisc={0x8c, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xfffffdfc, {0x0, 0x0, 0x0, r3, {0xffff}, {0xffff, 0xffff}, {0x2, 0x1}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x5c, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x4, [0xc, 0x5, 0x0, 0xf, 0x10, 0x2, 0x4, 0x2, 0xf, 0x6, 0x3, 0x7, 0x8, 0x4, 0x10, 0x4], 0x3, [0xb, 0x3, 0x1, 0x2002, 0x1, 0x4, 0x2, 0xd06, 0xff05, 0x2, 0xb, 0x3, 0x5, 0x2, 0xd, 0x100], [0xfff1, 0x5, 0xffff, 0xfff5, 0x4, 0x8, 0x1, 0x9, 0x5, 0x2, 0xc, 0x42, 0xfffc, 0x3, 0x1]}}]}}]}, 0x8c}, 0x1, 0x0, 0x0, 0x400dc}, 0x0) r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) close(r4) socket$nl_generic(0x10, 0x3, 0x10) ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast}) r5 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) r7 = socket$packet(0x11, 0x3, 0x300) sendto$packet(r7, &(0x7f00000005c0)="ba", 0x1, 0x40, &(0x7f00000001c0)={0x11, 0x8100, r6, 0x1, 0xd8, 0x6, @multicast}, 0x14) 1.15877402s ago: executing program 4 (id=2417): bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x94) r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='sys_enter\x00', r0}, 0x18) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) io_setup(0x2, &(0x7f0000000200)=0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8) getpid() mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00'}, 0x10) r3 = eventfd2(0x0, 0x0) io_submit(r2, 0x1, &(0x7f00000006c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0}]) io_getevents(r2, 0x2, 0x2, &(0x7f0000001340)=[{}, {}], 0x0) io_submit(r2, 0x1, &(0x7f0000000140)=[&(0x7f0000000000)={0x1802, 0x0, 0x0, 0x5, 0x0, r1, 0x0, 0x0, 0x0, 0x0, 0x3, r3}]) 134.214195ms ago: executing program 4 (id=2418): socket$packet(0x11, 0x3, 0x300) setresgid(0xee00, 0xee01, 0x0) r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000480)='task\x00') fchdir(r1) mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0) syz_open_procfs(r0, 0x0) 0s ago: executing program 4 (id=2419): bind$inet6(0xffffffffffffffff, 0x0, 0x0) socket$inet_mptcp(0x2, 0x1, 0x106) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800700, &(0x7f00000007c0)={[{@nodioread_nolock}, {@errors_remount}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5a}}, {@nouid32}, {@resgid}, {@acl}, {@init_itable_val={'init_itable', 0x3d, 0x3}}]}, 0x1, 0x46f, &(0x7f0000000bc0)="$eJzs281rHOUfAPDvTF7a/vqS/Gp9aa0aLUJQTJq0ag9eFAWRioIe6jEm2xK6baSJYmuxqYgnQQp6Fo+if4E3EUQ9CV49eZJC0V7aeorM7Ey62WYTazaZ2P18YLPPM/PszvebeXv2eXYD6FpD2Z8kYkdE/BoRA43q0gZDjafrV89P3rh6fjKJhYXX/kjydteunp8sm5av215UhtOI9MOk2MhSs2fPnZyo12tnivro3Km3RmfPnnvinVMTJ2onaqfHjxw5fGjs6afGn+xInlle1/a9P7N/74tvXHp58tilN3/8Oot3R7G+OY9OGcoS/3Mh17ru0U5vrGI7m8pJb4WBcFt6IiLbXX35+T8QPXFz5w3ECx9UGhywrrJ705b2q+cXgDtYElVHAFSjvNFnn3/LxwZ1PTaFK882PgBleV8vHo01vZEWbfpaPt920lBEHJv/6/PsEes0DgEA0Ozjyc+O9kfEeze+einrewwsrknjnvz5t/zvrmIOZTAi/h8RuyPirojYExF3R+Rt742I+9YYz639n/TyGt9yRVn/75libmtp/6/s/cVgT1HbmefflxyfrtcOFv+T4ejbktXHVtjGt8//8km7dc39v+yRbb/sCxZxXO5tGaCbmpibyDulHXDlYsS+3uXyTxZnApKI2BsR+27vrXeVhenHvtzfrtHq+a+gA/NMC19k6c1n+c9HS/6lpHl+cvqW+cnRrVGvHRwtj4pb/fTzR6+22/6a8u+AK7XGc9P+b20ymDTP1852dvv/8vhP+5PX83nm/mLZuxNzc2fGIvqTo3l9yfLxm68t62X77PgfPrD8+b+7eE2W//0RkR3ED0TEgxHxUBH7wxHxSEQcWCHHH55bPf9IK9r/FyOmlr3+LR7/Lfv/9gs9J7//pt32/9n+P5yXhosl+fVvFcuFk10uWgNcy/8OAAAA/ivS/DvwSTqyWE7TkZHGd/j3xP/S+szs3OPHZ94+PdX4rvxg9KXlSNdAMR5an67XxpL54h0b46PjxVhxOV56qBg3/rRnW14fmZypT1WcO3S77W3O/8zvPVVHB6yzbcsuHe/f8ECACrTOo6dLqxdeCRcDuFP5vTZ0r1XO/3Sj4gA2nvs/dK/lzv8LLXVzAXBncv+H7uX8hy6Vfld1BECF3P+hK63ld/3rWNi6OcKoprBZd0peiCgL6aaIR2GdClVfmQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADrj7wAAAP//KFzmgQ==") kernel console output (not intermixed with test programs): a5b65a09. [ 514.513470][T10221] loop0: detected capacity change from 0 to 1024 [ 514.542040][T10221] EXT4-fs: Ignoring removed orlov option [ 514.560398][T10221] EXT4-fs (loop0): Test dummy encryption mode enabled [ 514.620438][T10221] EXT4-fs (loop0): can't mount with journal_checksum, fs mounted w/o journal [ 515.106224][T10229] overlayfs: missing 'lowerdir' [ 515.701632][T10232] loop0: detected capacity change from 0 to 128 [ 515.776114][T10232] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 515.805157][T10232] ext4 filesystem being mounted at /305/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 516.726348][ T5800] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 517.014701][T10249] loop3: detected capacity change from 0 to 128 [ 517.078947][T10249] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 517.127365][T10249] ext4 filesystem being mounted at /302/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 518.138070][ T5799] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 518.775035][T10266] Invalid ELF header type: 25773 != 1 [ 518.796473][T10266] loop3: detected capacity change from 0 to 128 [ 519.351044][T10266] syz.3.1350 (10266) used greatest stack depth: 20136 bytes left [ 520.152038][T10274] overlay: Unknown parameter '/' [ 523.663912][T10300] Invalid ELF header type: 25773 != 1 [ 524.716181][T10306] overlay: Unknown parameter '/' [ 525.967596][T10313] loop3: detected capacity change from 0 to 1024 [ 526.019563][T10313] EXT4-fs: Ignoring removed orlov option [ 526.070304][T10313] EXT4-fs (loop3): Test dummy encryption mode enabled [ 526.089890][T10313] EXT4-fs (loop3): can't mount with journal_checksum, fs mounted w/o journal [ 526.535185][T10321] loop3: detected capacity change from 0 to 1024 [ 526.559324][T10323] netlink: 48 bytes leftover after parsing attributes in process `syz.0.1369'. [ 526.789840][T10321] hfsplus: catalog searching failed [ 526.820191][T10329] loop0: detected capacity change from 0 to 512 [ 526.916829][ T34] hfsplus: bad catalog file entry [ 526.924316][ T34] hfsplus: b-tree write err: -5, ino 3 [ 527.021472][T10329] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 527.040689][T10329] ext4 filesystem being mounted at /310/file2 supports timestamps until 2038-01-19 (0x7fffffff) [ 527.172679][T10336] overlay: Unknown parameter '/' [ 527.559968][ T5800] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 528.171230][T10346] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present [ 528.611425][T10351] Invalid ELF header type: 25773 != 1 [ 528.634893][T10351] loop0: detected capacity change from 0 to 128 [ 529.799244][T10356] loop0: detected capacity change from 0 to 1024 [ 529.807747][T10356] EXT4-fs: Ignoring removed orlov option [ 529.814798][T10356] EXT4-fs (loop0): Test dummy encryption mode enabled [ 529.836136][T10356] EXT4-fs (loop0): can't mount with journal_checksum, fs mounted w/o journal [ 531.140740][T10366] loop0: detected capacity change from 0 to 1024 [ 531.197216][T10368] loop3: detected capacity change from 0 to 512 [ 531.358026][T10368] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 531.382112][T10368] ext4 filesystem being mounted at /308/file2 supports timestamps until 2038-01-19 (0x7fffffff) [ 531.421640][T10366] hfsplus: catalog searching failed [ 531.489982][ T2980] hfsplus: bad catalog file entry [ 531.528292][ T2980] hfsplus: b-tree write err: -5, ino 3 [ 531.736257][ T5799] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 532.547038][T10384] Invalid ELF header type: 25773 != 1 [ 533.429273][T10393] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present [ 533.652556][T10394] loop0: detected capacity change from 0 to 1024 [ 533.730144][T10396] Invalid ELF header type: 25773 != 1 [ 534.419403][T10394] EXT4-fs: Ignoring removed orlov option [ 534.507050][T10394] EXT4-fs (loop0): Test dummy encryption mode enabled [ 534.565033][T10394] EXT4-fs (loop0): can't mount with journal_checksum, fs mounted w/o journal [ 536.931703][T10418] Invalid ELF header type: 25773 != 1 [ 537.712897][T10427] overlayfs: failed to clone lowerpath [ 539.214333][T10440] Invalid ELF header type: 25773 != 1 [ 539.694485][T10439] loop0: detected capacity change from 0 to 1024 [ 540.037337][T10439] EXT4-fs: Ignoring removed orlov option [ 540.056586][T10439] EXT4-fs (loop0): Test dummy encryption mode enabled [ 540.079788][T10439] EXT4-fs (loop0): can't mount with journal_checksum, fs mounted w/o journal [ 540.576770][T10449] xt_hashlimit: max too large, truncated to 1048576 [ 540.585531][T10449] No such timeout policy "syz1" [ 541.930418][T10456] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present [ 542.282255][T10458] Invalid ELF header type: 25773 != 1 [ 544.263814][T10472] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present [ 544.809681][T10476] loop3: detected capacity change from 0 to 128 [ 545.811820][T10479] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present [ 546.109183][T10483] Invalid ELF header type: 25773 != 1 [ 546.782269][T10482] loop3: detected capacity change from 0 to 1024 [ 546.852868][T10482] EXT4-fs: Ignoring removed orlov option [ 546.890381][T10482] EXT4-fs (loop3): Test dummy encryption mode enabled [ 546.904235][T10482] EXT4-fs (loop3): can't mount with journal_checksum, fs mounted w/o journal [ 547.397173][T10489] xt_hashlimit: max too large, truncated to 1048576 [ 547.404188][T10489] No such timeout policy "syz1" [ 549.324823][T10505] loop0: detected capacity change from 0 to 512 [ 549.381721][T10505] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 549.394761][T10505] ext4 filesystem being mounted at /324/file2 supports timestamps until 2038-01-19 (0x7fffffff) [ 549.706269][ T28] audit: type=1800 audit(1764095378.008:3): pid=10505 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1422" name="file1" dev="loop0" ino=15 res=0 errno=0 [ 550.084125][ T5800] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 552.379781][T10543] xt_hashlimit: max too large, truncated to 1048576 [ 552.386702][T10543] No such timeout policy "syz1" [ 553.934899][T10550] loop0: detected capacity change from 0 to 1024 [ 553.953288][T10551] /dev/nullb0: Can't lookup blockdev [ 553.973924][T10550] EXT4-fs: Ignoring removed orlov option [ 554.031185][T10550] EXT4-fs (loop0): Test dummy encryption mode enabled [ 554.198598][T10550] EXT4-fs (loop0): can't mount with journal_checksum, fs mounted w/o journal [ 554.447549][T10558] loop0: detected capacity change from 0 to 1024 [ 554.475630][T10558] EXT4-fs: Ignoring removed orlov option [ 554.741650][T10558] EXT4-fs (loop0): Test dummy encryption mode enabled [ 554.749696][T10558] EXT4-fs (loop0): can't mount with journal_checksum, fs mounted w/o journal [ 556.332067][T10577] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present [ 556.653117][T10579] loop3: detected capacity change from 0 to 128 [ 557.496171][T10585] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present [ 557.813061][T10588] loop3: detected capacity change from 0 to 128 [ 558.510932][T10588] syz.3.1445 (10588) used greatest stack depth: 19848 bytes left [ 558.830257][T10598] loop3: detected capacity change from 0 to 1024 [ 558.866446][T10598] EXT4-fs: Ignoring removed orlov option [ 558.901104][T10598] EXT4-fs (loop3): Test dummy encryption mode enabled [ 558.931183][T10598] EXT4-fs (loop3): can't mount with journal_checksum, fs mounted w/o journal [ 563.265278][ T1287] ieee802154 phy0 wpan0: encryption failed: -22 [ 563.291510][ T1287] ieee802154 phy1 wpan1: encryption failed: -22 [ 565.374362][T10657] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present [ 565.620931][T10661] loop0: detected capacity change from 0 to 128 [ 570.235265][T10705] ntfs3: nullb0: Primary boot signature is not NTFS. [ 570.242425][T10705] ntfs3: nullb0: try to read out of volume at offset 0x3e7ffffe00 [ 571.496031][T10716] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present [ 571.742738][T10717] Invalid ELF header type: 25773 != 1 [ 571.751966][T10717] loop3: detected capacity change from 0 to 128 [ 573.401368][T10734] /dev/nullb0: Can't lookup blockdev [ 573.873070][T10738] loop0: detected capacity change from 0 to 1024 [ 573.892117][T10738] EXT4-fs: Ignoring removed orlov option [ 573.958818][T10738] EXT4-fs (loop0): Test dummy encryption mode enabled [ 574.296377][T10738] EXT4-fs (loop0): can't mount with journal_checksum, fs mounted w/o journal [ 574.354107][T10744] /dev/nullb0: Can't lookup blockdev [ 574.391118][T10305] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 575.417120][T10757] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present [ 575.653384][T10761] Invalid ELF header type: 25773 != 1 [ 575.661821][T10761] loop0: detected capacity change from 0 to 128 [ 576.313660][T10771] loop0: detected capacity change from 0 to 128 [ 576.326819][T10771] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 576.357201][T10771] ext4 filesystem being mounted at /340/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 577.804316][T10780] /dev/nullb0: Can't lookup blockdev [ 578.037976][T10782] loop3: detected capacity change from 0 to 1024 [ 578.048879][T10782] EXT4-fs: Ignoring removed orlov option [ 578.060209][T10782] EXT4-fs (loop3): Test dummy encryption mode enabled [ 578.072409][T10782] EXT4-fs (loop3): can't mount with journal_checksum, fs mounted w/o journal [ 580.458743][T10805] Invalid ELF header type: 25773 != 1 [ 581.163591][ T5800] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 586.118603][T10861] /dev/nullb0: Can't lookup blockdev [ 586.335379][T10864] loop3: detected capacity change from 0 to 1024 [ 586.366386][T10864] EXT4-fs: Ignoring removed orlov option [ 586.396341][T10864] EXT4-fs (loop3): Test dummy encryption mode enabled [ 586.418343][T10864] EXT4-fs (loop3): can't mount with journal_checksum, fs mounted w/o journal [ 586.953185][T10867] loop0: detected capacity change from 0 to 2048 [ 587.111545][T10867] EXT4-fs: Ignoring removed i_version option [ 587.770306][T10867] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 587.793053][T10867] ext4 filesystem being mounted at /347/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 587.972019][T10867] fs-verity: sha512 using implementation "sha512-avx2" [ 588.020239][T10867] EXT4-fs error (device loop0): ext4_validate_block_bitmap:439: comm syz.0.1533: bg 0: block 321: padding at end of block bitmap is not set [ 588.064897][T10867] fs-verity (loop0, inode 13): ext4_end_enable_verity() failed with err -117 [ 588.122184][ T5800] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 592.156409][T10916] ntfs3: nullb0: Primary boot signature is not NTFS. [ 592.171211][T10916] ntfs3: nullb0: try to read out of volume at offset 0x3e7ffffe00 [ 592.752979][T10922] loop3: detected capacity change from 0 to 2048 [ 592.774838][T10922] EXT4-fs: Ignoring removed i_version option [ 592.842748][T10922] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 592.924922][T10922] ext4 filesystem being mounted at /343/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 593.029883][T10922] EXT4-fs error (device loop3): ext4_validate_block_bitmap:439: comm syz.3.1549: bg 0: block 321: padding at end of block bitmap is not set [ 593.658594][T10925] EXT4-fs error (device loop3): ext4_validate_block_bitmap:439: comm ext4lazyinit: bg 0: block 321: padding at end of block bitmap is not set [ 594.120883][T10922] fs-verity (loop3, inode 13): ext4_end_enable_verity() failed with err -117 [ 594.499463][ T5799] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 596.923128][T10957] /dev/nullb0: Can't lookup blockdev [ 597.125434][T10961] /dev/nullb0: Can't lookup blockdev [ 598.322653][T10972] loop0: detected capacity change from 0 to 1024 [ 598.353529][T10972] EXT4-fs: Ignoring removed orlov option [ 598.383853][T10972] EXT4-fs (loop0): Test dummy encryption mode enabled [ 598.400028][T10972] EXT4-fs (loop0): can't mount with journal_checksum, fs mounted w/o journal [ 603.920136][T11027] loop0: detected capacity change from 0 to 512 [ 603.934214][T11027] EXT4-fs: quotafile must be on filesystem root [ 604.439294][T10305] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 608.838043][T11069] loop0: detected capacity change from 0 to 128 [ 609.175400][T11077] loop3: detected capacity change from 0 to 512 [ 609.188838][T11077] EXT4-fs: quotafile must be on filesystem root [ 609.757402][T11069] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 609.898240][T11069] ext4 filesystem being mounted at /360/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 611.018763][ T5800] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 611.934575][T11098] loop0: detected capacity change from 0 to 512 [ 611.942091][T11098] ext4: Unknown parameter 'seclabel' [ 612.099744][T10305] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 612.682336][T11088] Bluetooth: hci3: command 0x0406 tx timeout [ 614.753325][T11123] loop3: detected capacity change from 0 to 128 [ 614.865409][T11123] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 614.891921][T11123] ext4 filesystem being mounted at /357/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 615.540426][T11133] /dev/nullb0: Can't lookup blockdev [ 616.656450][ T5799] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 616.752475][T11141] loop0: detected capacity change from 0 to 128 [ 616.927772][T11141] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 617.068040][T11141] ext4 filesystem being mounted at /365/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 617.248358][T11150] loop3: detected capacity change from 0 to 512 [ 617.255799][T11150] ext4: Unknown parameter 'seclabel' [ 617.318366][T11088] Bluetooth: hci3: command 0x0406 tx timeout [ 617.905476][T10314] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 619.117935][ T5800] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 619.378606][T11158] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 619.836097][T11166] loop0: detected capacity change from 0 to 512 [ 619.948887][T11166] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 619.970054][T11166] ext4 filesystem being mounted at /366/file2 supports timestamps until 2038-01-19 (0x7fffffff) [ 620.216984][ T28] audit: type=1800 audit(1764095448.518:4): pid=11166 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1622" name="file1" dev="loop0" ino=15 res=0 errno=0 [ 620.281910][ T5800] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 620.575078][T11175] loop0: detected capacity change from 0 to 1024 [ 620.637036][T11175] EXT4-fs: Ignoring removed orlov option [ 620.654471][T11175] EXT4-fs (loop0): Test dummy encryption mode enabled [ 620.697722][T11175] EXT4-fs (loop0): can't mount with journal_checksum, fs mounted w/o journal [ 621.664958][T11182] loop0: detected capacity change from 0 to 128 [ 621.709271][T11182] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 621.958396][T11182] ext4 filesystem being mounted at /368/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 623.300895][ T5800] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 624.411923][T11197] ntfs3: nullb0: Primary boot signature is not NTFS. [ 624.432098][T11197] ntfs3: nullb0: try to read out of volume at offset 0x3e7ffffe00 [ 624.748845][ T1287] ieee802154 phy0 wpan0: encryption failed: -22 [ 624.762283][T11204] Invalid ELF header type: 25773 != 1 [ 625.093232][ T1287] ieee802154 phy1 wpan1: encryption failed: -22 [ 629.027272][T11224] loop3: detected capacity change from 0 to 128 [ 629.135185][T11224] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 629.209301][T11224] ext4 filesystem being mounted at /361/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 630.209888][ T5799] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 631.562447][T11252] loop3: detected capacity change from 0 to 512 [ 632.309991][T11254] loop0: detected capacity change from 0 to 1024 [ 632.319616][T11254] EXT4-fs: Ignoring removed orlov option [ 632.327102][T11254] EXT4-fs (loop0): Test dummy encryption mode enabled [ 632.354258][T11254] EXT4-fs (loop0): can't mount with journal_checksum, fs mounted w/o journal [ 632.472450][T11252] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 632.490201][T11252] ext4 filesystem being mounted at /363/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 632.549522][T11258] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present [ 632.721653][T11261] netlink: 57 bytes leftover after parsing attributes in process `syz.1.1645'. [ 632.835190][T11262] Invalid ELF header type: 25773 != 1 [ 632.857764][T11262] loop0: detected capacity change from 0 to 128 [ 632.950137][T11252] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1215: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters [ 633.437901][T11262] syz.0.1644 (11262) used greatest stack depth: 19560 bytes left [ 633.749788][ T5799] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 634.239700][T11276] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1654'. [ 634.259250][T11276] x_tables: (null)_tables: SNAT target: only valid in nat table, not syz0 [ 634.515021][T11284] netlink: 'syz.2.1658': attribute type 1 has an invalid length. [ 635.227539][T11302] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1666'. [ 635.236902][T11302] x_tables: (null)_tables: SNAT target: only valid in nat table, not syz0 [ 635.871681][T11317] loop0: detected capacity change from 0 to 1024 [ 635.881241][T11317] EXT4-fs: Ignoring removed nomblk_io_submit option [ 635.910050][T11317] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 635.921559][T11317] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 636.018585][T11317] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 636.571918][ T5800] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 636.575132][T11330] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1675'. [ 636.778263][ T28] audit: type=1326 audit(1764095465.078:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11337 comm="syz.2.1679" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f694cd8f749 code=0x7ffc0000 [ 636.815257][T11335] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1678'. [ 636.860219][ T28] audit: type=1326 audit(1764095465.088:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11337 comm="syz.2.1679" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f694cd8f749 code=0x7ffc0000 [ 636.867848][T11335] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1678'. [ 636.925252][ T28] audit: type=1326 audit(1764095465.088:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11337 comm="syz.2.1679" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f694cd8f749 code=0x7ffc0000 [ 636.959408][ T28] audit: type=1326 audit(1764095465.088:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11337 comm="syz.2.1679" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f694cd8f749 code=0x7ffc0000 [ 637.020960][ T28] audit: type=1326 audit(1764095465.088:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11337 comm="syz.2.1679" exe="/root/syz-executor" sig=0 arch=c000003e syscall=83 compat=0 ip=0x7f694cd8f749 code=0x7ffc0000 [ 637.062671][T11335] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1678'. [ 637.078171][T11335] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1678'. [ 637.090490][ T28] audit: type=1326 audit(1764095465.088:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11337 comm="syz.2.1679" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f694cd8f749 code=0x7ffc0000 [ 637.093332][T11339] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1679'. [ 637.158223][ T28] audit: type=1326 audit(1764095465.088:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11337 comm="syz.2.1679" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f694cd8f749 code=0x7ffc0000 [ 637.197117][ T28] audit: type=1326 audit(1764095465.088:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11337 comm="syz.2.1679" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7f694cd8f749 code=0x7ffc0000 [ 637.252382][ T28] audit: type=1326 audit(1764095465.088:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11337 comm="syz.2.1679" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f694cd8f749 code=0x7ffc0000 [ 637.287447][ T28] audit: type=1326 audit(1764095465.088:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11337 comm="syz.2.1679" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f694cd8f749 code=0x7ffc0000 [ 637.398779][T11335] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1678'. [ 638.492102][T11369] IPv6: NLM_F_CREATE should be specified when creating new route [ 638.528015][T11371] loop3: detected capacity change from 0 to 512 [ 638.592891][T11371] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 638.657746][T11371] ext4 filesystem being mounted at /376/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 639.018979][ T5799] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 639.375007][T11384] loop3: detected capacity change from 0 to 512 [ 639.433336][T11384] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 639.491222][T11384] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 639.559585][T11384] ext4 filesystem being mounted at /378/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 640.253577][ T5799] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 640.939007][ T1195] IPVS: starting estimator thread 0... [ 641.028449][T11422] IPVS: using max 18 ests per chain, 43200 per kthread [ 642.162097][T11430] syz.0.1712 uses obsolete (PF_INET,SOCK_PACKET) [ 642.707323][T11433] tipc: Started in network mode [ 642.714849][T11433] tipc: Node identity ac14140f, cluster identity 4711 [ 642.726356][ T28] kauditd_printk_skb: 62 callbacks suppressed [ 642.726372][ T28] audit: type=1326 audit(1764095471.028:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11436 comm="syz.1.1714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22ea98f749 code=0x7ffc0000 [ 642.732110][T11433] tipc: New replicast peer: 255.255.255.83 [ 642.756880][ T28] audit: type=1326 audit(1764095471.038:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11436 comm="syz.1.1714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22ea98f749 code=0x7ffc0000 [ 642.783720][T11433] tipc: Enabled bearer , priority 10 [ 642.805432][ T28] audit: type=1326 audit(1764095471.038:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11436 comm="syz.1.1714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f22ea98f749 code=0x7ffc0000 [ 642.846921][T11439] loop0: detected capacity change from 0 to 512 [ 642.863714][ T28] audit: type=1326 audit(1764095471.038:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11436 comm=77DEA305FF07 exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22ea98f749 code=0x7ffc0000 [ 642.917852][ T28] audit: type=1326 audit(1764095471.038:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11436 comm=77DEA305FF07 exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22ea98f749 code=0x7ffc0000 [ 642.993366][T11439] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 643.005483][ T28] audit: type=1326 audit(1764095471.038:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11436 comm=77DEA305FF07 exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f22ea98f749 code=0x7ffc0000 [ 643.028922][ T28] audit: type=1326 audit(1764095471.038:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11436 comm=77DEA305FF07 exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22ea98f749 code=0x7ffc0000 [ 643.053516][ T28] audit: type=1326 audit(1764095471.038:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11436 comm=77DEA305FF07 exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f22ea98f749 code=0x7ffc0000 [ 643.075965][ T28] audit: type=1326 audit(1764095471.108:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11436 comm=77DEA305FF07 exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22ea98f749 code=0x7ffc0000 [ 643.098252][T11439] ext4 filesystem being mounted at /386/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 643.115375][ T28] audit: type=1326 audit(1764095471.108:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11436 comm=77DEA305FF07 exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22ea98f749 code=0x7ffc0000 [ 643.293713][ T5800] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 643.475127][T11460] loop0: detected capacity change from 0 to 512 [ 643.509197][T11460] EXT4-fs: Ignoring removed bh option [ 643.598504][T11460] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 643.657520][T11460] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended [ 643.700851][T11460] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem [ 643.744834][T11460] EXT4-fs (loop0): warning: mounting unchecked fs, running e2fsck is recommended [ 643.778218][T11460] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006] [ 643.790082][T11460] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 643.804982][ T5848] tipc: Node number set to 2886997007 [ 643.862155][T11460] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 643.973807][ T5800] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 643.983222][T11478] netlink: 'syz.3.1729': attribute type 4 has an invalid length. [ 644.161161][T11483] loop0: detected capacity change from 0 to 512 [ 644.217465][T11483] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 644.242637][T11484] loop3: detected capacity change from 0 to 512 [ 644.254830][T11483] ext4 filesystem being mounted at /388/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 644.273620][T11484] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 644.344534][T11484] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 644.400220][T11484] ext4 filesystem being mounted at /387/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 644.564533][ T5800] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 644.690367][ T5799] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 644.911780][T11498] syzkaller0: entered promiscuous mode [ 644.917587][T11498] syzkaller0: entered allmulticast mode [ 645.316039][T11508] loop0: detected capacity change from 0 to 512 [ 645.355345][T11508] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 645.386723][T11508] ext4 filesystem being mounted at /390/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 645.563828][ T5800] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 646.413447][T11549] syzkaller0: entered promiscuous mode [ 646.425562][T11549] syzkaller0: entered allmulticast mode [ 648.357680][T11572] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 648.421834][T11573] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 648.775056][T11575] loop3: detected capacity change from 0 to 512 [ 648.845463][T11575] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 648.845594][T11575] ext4 filesystem being mounted at /391/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 649.069211][ T5799] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 649.432400][T11587] loop3: detected capacity change from 0 to 512 [ 649.664936][T11587] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 649.802075][T11587] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 650.143781][T11587] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4031: comm syz.3.1756: Allocating blocks 41-42 which overlap fs metadata [ 650.245857][T11587] __quota_error: 43 callbacks suppressed [ 650.245877][T11587] Quota error (device loop3): write_blk: dquota write failed [ 650.311010][T11587] Quota error (device loop3): find_free_dqentry: Can't write quota data block 5 [ 650.358625][T11587] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4031: comm syz.3.1756: Allocating blocks 41-42 which overlap fs metadata [ 650.424961][T11587] Quota error (device loop3): write_blk: dquota write failed [ 650.435884][T11587] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota [ 650.482677][T11587] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.1756: Failed to acquire dquot type 1 [ 650.505068][T11587] EXT4-fs error (device loop3): mb_free_blocks:1938: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt. [ 650.576695][T11587] EXT4-fs error (device loop3): ext4_do_update_inode:5244: inode #12: comm syz.3.1756: corrupted inode contents [ 650.617349][T11587] EXT4-fs error (device loop3): ext4_dirty_inode:6120: inode #12: comm syz.3.1756: mark_inode_dirty error [ 650.697822][T11587] EXT4-fs error (device loop3): ext4_do_update_inode:5244: inode #12: comm syz.3.1756: corrupted inode contents [ 650.714478][T11587] EXT4-fs error (device loop3): __ext4_ext_dirty:202: inode #12: comm syz.3.1756: mark_inode_dirty error [ 650.743764][T11587] EXT4-fs error (device loop3): ext4_do_update_inode:5244: inode #12: comm syz.3.1756: corrupted inode contents [ 650.797909][T11587] EXT4-fs error (device loop3) in ext4_orphan_del:301: Corrupt filesystem [ 650.846071][T11587] EXT4-fs error (device loop3): ext4_do_update_inode:5244: inode #12: comm syz.3.1756: corrupted inode contents [ 650.914260][T11587] EXT4-fs error (device loop3): ext4_truncate:4294: inode #12: comm syz.3.1756: mark_inode_dirty error [ 650.977052][T11587] EXT4-fs error (device loop3) in ext4_process_orphan:343: Corrupt filesystem [ 651.033441][T11587] EXT4-fs (loop3): 1 truncate cleaned up [ 651.056130][T11587] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 651.426829][ T5799] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 651.541502][T11606] loop0: detected capacity change from 0 to 512 [ 651.664476][T11606] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 651.729723][T11606] ext4 filesystem being mounted at /401/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 651.770209][T11616] syz.3.1768[11616] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 651.770361][T11616] syz.3.1768[11616] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 651.851391][ T28] audit: type=1326 audit(1764095480.158:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11615 comm="syz.3.1768" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3fb5b8f749 code=0x7ffc0000 [ 651.921061][T11616] __nla_validate_parse: 1 callbacks suppressed [ 651.921079][T11616] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1768'. [ 651.942920][ T28] audit: type=1326 audit(1764095480.188:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11615 comm="syz.3.1768" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3fb5b8f749 code=0x7ffc0000 [ 651.979932][T11616] bridge_slave_1: left allmulticast mode [ 651.986124][T11616] bridge_slave_1: left promiscuous mode [ 651.991844][ T5800] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 652.001963][ T28] audit: type=1326 audit(1764095480.188:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11615 comm="syz.3.1768" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3fb5b8f749 code=0x7ffc0000 [ 652.024726][ T28] audit: type=1326 audit(1764095480.188:133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11615 comm="syz.3.1768" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3fb5b8f749 code=0x7ffc0000 [ 652.027158][T11616] bridge0: port 2(bridge_slave_1) entered disabled state [ 652.047876][ T28] audit: type=1326 audit(1764095480.188:134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11615 comm="syz.3.1768" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3fb5b8f749 code=0x7ffc0000 [ 652.094513][T11616] bridge_slave_0: left allmulticast mode [ 652.100852][ T28] audit: type=1326 audit(1764095480.188:135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11615 comm="syz.3.1768" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3fb5b8f749 code=0x7ffc0000 [ 652.113774][T11616] bridge_slave_0: left promiscuous mode [ 652.143076][T11616] bridge0: port 1(bridge_slave_0) entered disabled state [ 652.281484][T11623] tipc: Started in network mode [ 652.286452][T11623] tipc: Node identity ac14140f, cluster identity 4711 [ 652.294500][T11623] tipc: New replicast peer: 255.255.255.83 [ 652.303818][T11623] tipc: Enabled bearer , priority 10 [ 652.565079][T11639] IPVS: sh: FWM 3 0x00000003 - no destination available [ 652.578897][ C0] IPVS: sh: FWM 3 0x00000003 - no destination available [ 652.702373][T11644] loop0: detected capacity change from 0 to 512 [ 652.736665][T11644] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 652.755342][T11644] ext4 filesystem being mounted at /404/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 652.853017][T11650] loop3: detected capacity change from 0 to 128 [ 652.876525][ T5800] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 653.038697][T11655] loop0: detected capacity change from 0 to 512 [ 653.047193][T11655] EXT4-fs: Ignoring removed oldalloc option [ 653.112239][T11655] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 653.126795][T11655] ext4 filesystem being mounted at /405/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 653.203879][ T5800] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 653.418283][ T5865] tipc: Node number set to 2886997007 [ 653.530548][T11673] loop0: detected capacity change from 0 to 512 [ 653.585089][T11673] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 653.605835][T11673] ext4 filesystem being mounted at /407/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 653.726162][ T5800] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 653.773104][T11678] syzkaller1: entered promiscuous mode [ 653.801861][T11678] syzkaller1: entered allmulticast mode [ 654.263303][T11691] loop3: detected capacity change from 0 to 128 [ 655.266070][T11706] loop3: detected capacity change from 0 to 512 [ 655.280306][T11706] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 655.350287][T11706] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 655.428981][T11706] ext4 filesystem being mounted at /404/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 655.797847][ T5799] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 655.859552][T11720] usb usb1: usbfs: interface 0 claimed by hub while 'syz.0.1808' sets config #0 [ 655.897758][T11720] usb usb1: usbfs: interface 0 claimed by hub while 'syz.0.1808' sets config #1 [ 655.945876][T11724] sd 0:0:1:0: device reset [ 655.960787][T11724] loop3: detected capacity change from 0 to 128 [ 656.168220][ T28] kauditd_printk_skb: 176 callbacks suppressed [ 656.168238][ T28] audit: type=1326 audit(1764095484.468:312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11719 comm="syz.0.1808" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fab0998f749 code=0x7ffc0000 [ 656.270305][T11720] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1808'. [ 656.596353][ T28] audit: type=1326 audit(1764095484.468:313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11719 comm="syz.0.1808" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fab0998f749 code=0x7ffc0000 [ 656.619654][ C1] vkms_vblank_simulate: vblank timer overrun [ 656.879643][ T28] audit: type=1326 audit(1764095484.468:314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11719 comm="syz.0.1808" exe="/root/syz-executor" sig=0 arch=c000003e syscall=36 compat=0 ip=0x7fab0998f749 code=0x7ffc0000 [ 656.902371][ T28] audit: type=1326 audit(1764095484.468:315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11719 comm="syz.0.1808" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fab0998f749 code=0x7ffc0000 [ 656.925969][ T28] audit: type=1326 audit(1764095484.468:316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11719 comm="syz.0.1808" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fab0998f749 code=0x7ffc0000 [ 656.958160][ T28] audit: type=1326 audit(1764095484.468:317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11719 comm="syz.0.1808" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fab0998f749 code=0x7ffc0000 [ 657.017336][ T28] audit: type=1326 audit(1764095484.468:318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11719 comm="syz.0.1808" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fab0998f749 code=0x7ffc0000 [ 657.116527][ T28] audit: type=1326 audit(1764095484.468:319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11719 comm="syz.0.1808" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fab0998f749 code=0x7ffc0000 [ 657.192468][ T28] audit: type=1326 audit(1764095484.468:320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11719 comm="syz.0.1808" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fab0998f749 code=0x7ffc0000 [ 657.221949][T11736] loop0: detected capacity change from 0 to 512 [ 657.238256][ T28] audit: type=1326 audit(1764095484.468:321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11719 comm="syz.0.1808" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fab09991667 code=0x7ffc0000 [ 657.316575][T11736] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 657.354752][T11736] ext4 filesystem being mounted at /412/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 657.585507][ T5800] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 658.750795][T11770] loop0: detected capacity change from 0 to 512 [ 658.770985][T11770] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 658.982013][T11770] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 658.989443][T11782] loop3: detected capacity change from 0 to 512 [ 659.016815][T11770] ext4 filesystem being mounted at /414/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 659.066598][T11782] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 659.153692][T11782] ext4 filesystem being mounted at /410/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 659.173584][ T5800] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 659.375454][ T5799] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 659.533961][T11800] loop5: detected capacity change from 0 to 7 [ 659.563372][T11323] Dev loop5: unable to read RDB block 7 [ 659.574334][T11323] loop5: unable to read partition table [ 659.586951][T11323] loop5: partition table beyond EOD, truncated [ 659.604365][T11800] Dev loop5: unable to read RDB block 7 [ 659.616624][T11800] loop5: unable to read partition table [ 659.625507][T11800] loop5: partition table beyond EOD, truncated [ 659.635122][T11800] loop_reread_partitions: partition scan of loop5 (þ被xü—ŸÑà– ) failed (rc=-5) [ 660.977320][T11823] loop3: detected capacity change from 0 to 512 [ 661.049563][T11823] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 661.089313][T11823] ext4 filesystem being mounted at /413/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 661.202666][T11834] netlink: 'syz.1.1851': attribute type 7 has an invalid length. [ 661.291548][ T5799] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 661.565930][T11846] syzkaller0: entered promiscuous mode [ 661.584282][T11846] syzkaller0: entered allmulticast mode [ 662.972917][T11878] syzkaller0: entered promiscuous mode [ 662.988835][T11878] syzkaller0: entered allmulticast mode [ 669.206144][T11950] loop3: detected capacity change from 0 to 128 [ 669.259787][T11950] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 669.300553][T11950] ext4 filesystem being mounted at /422/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 669.512865][ T5799] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 670.750148][T11976] loop3: detected capacity change from 0 to 512 [ 670.883077][T11976] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 670.891840][T11976] EXT4-fs (loop3): orphan cleanup on readonly fs [ 670.923551][T11976] EXT4-fs error (device loop3): ext4_do_update_inode:5244: inode #16: comm syz.3.1904: corrupted inode contents [ 670.943491][T11976] EXT4-fs (loop3): Remounting filesystem read-only [ 670.951456][T11976] EXT4-fs (loop3): 1 truncate cleaned up [ 670.958242][ T2980] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 670.969378][ T2980] __quota_error: 14 callbacks suppressed [ 670.969394][ T2980] Quota error (device loop3): write_blk: dquota write failed [ 670.982597][T11980] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(3) [ 670.982721][ T2980] Quota error (device loop3): remove_free_dqentry: Can't write block (5) with free entries [ 670.989601][T11980] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 671.008713][ T2980] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 671.019595][ T2980] Quota error (device loop3): write_blk: dquota write failed [ 671.027021][ T2980] Quota error (device loop3): free_dqentry: Can't move quota data block (5) to free list [ 671.037065][ T2980] EXT4-fs (loop3): Quota write (off=8, len=24) cancelled because transaction is not started [ 671.047409][ T2980] Quota error (device loop3): v2_write_file_info: Can't write info structure [ 671.057007][ T2980] Quota error (device loop3): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 671.069925][T11976] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 671.079910][T11980] vhci_hcd vhci_hcd.0: Device attached [ 671.120967][T11982] vhci_hcd: connection closed [ 671.124535][ T34] vhci_hcd: stop threads [ 671.136279][ T34] vhci_hcd: release socket [ 671.149429][ T34] vhci_hcd: disconnect device [ 671.370909][ T5799] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 671.531791][ T28] audit: type=1107 audit(1764095499.838:336): pid=11992 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='' [ 671.701575][T11997] pim6reg1: entered promiscuous mode [ 671.722619][T11997] pim6reg1: entered allmulticast mode [ 673.584964][T12027] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1924'. [ 674.002661][T12039] netlink: 416 bytes leftover after parsing attributes in process `syz.2.1929'. [ 674.154332][T12043] netlink: 'syz.2.1931': attribute type 5 has an invalid length. [ 674.171242][T12043] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 674.180774][T12043] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 674.189586][T12043] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 674.198407][T12043] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 674.211196][T12043] batman_adv: batadv0: Adding interface: vxlan0 [ 674.217653][T12043] batman_adv: batadv0: The MTU of interface vxlan0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 674.243737][T12043] batman_adv: batadv0: Interface activated: vxlan0 [ 674.305624][T12045] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1932'. [ 674.538906][T12052] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING [ 675.001232][T12071] syz.1.1943[12071] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 675.001437][T12071] syz.1.1943[12071] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 675.027554][ T28] audit: type=1326 audit(1764095503.328:337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12070 comm="syz.1.1943" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22ea98f749 code=0x7ffc0000 [ 675.126972][ T28] audit: type=1326 audit(1764095503.328:338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12070 comm="syz.1.1943" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22ea98f749 code=0x7ffc0000 [ 675.176455][ T28] audit: type=1326 audit(1764095503.328:339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12070 comm="syz.1.1943" exe="/root/syz-executor" sig=0 arch=c000003e syscall=278 compat=0 ip=0x7f22ea98f749 code=0x7ffc0000 [ 676.196877][T12087] syz.2.1949[12087] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 676.197067][T12087] syz.2.1949[12087] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 676.610221][T12097] serio: Serial port ttyS3 [ 677.002340][T12091] lo: Caught tx_queue_len zero misconfig [ 677.009505][T12109] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 677.021192][T12091] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1950'. [ 677.027974][T12109] syz.3.1958[12109] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 677.037413][T12091] netem: change failed [ 677.037515][T12109] syz.3.1958[12109] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 677.290475][T12116] netlink: 'syz.3.1961': attribute type 1 has an invalid length. [ 677.332223][T12116] bond1: entered promiscuous mode [ 677.338530][T12116] 8021q: adding VLAN 0 to HW filter on device bond1 [ 678.026729][T12120] 8021q: adding VLAN 0 to HW filter on device bond1 [ 678.040687][T12120] bond1: (slave wireguard0): The slave device specified does not support setting the MAC address [ 678.068598][T12120] bond1: (slave wireguard0): Setting fail_over_mac to active for active-backup mode [ 678.216044][T12120] bond1: (slave wireguard0): making interface the new active one [ 678.275622][T12120] wireguard0: entered promiscuous mode [ 678.306363][T12120] bond1: (slave wireguard0): Enslaving as an active interface with an up link [ 678.338682][ T28] kauditd_printk_skb: 2 callbacks suppressed [ 678.338698][ T28] audit: type=1326 audit(1764095506.638:342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12131 comm="syz.0.1964" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fab0998f749 code=0x7ffc0000 [ 678.386937][T12116] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 678.394763][T12116] IPv6: NLM_F_CREATE should be set when creating new route [ 678.402086][T12116] IPv6: NLM_F_CREATE should be set when creating new route [ 678.406243][ T28] audit: type=1326 audit(1764095506.638:343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12131 comm="syz.0.1964" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fab0998f749 code=0x7ffc0000 [ 678.474998][ T28] audit: type=1326 audit(1764095506.638:344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12131 comm="syz.0.1964" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fab0998f749 code=0x7ffc0000 [ 678.553088][ T28] audit: type=1326 audit(1764095506.638:345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12131 comm="syz.0.1964" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fab0998f749 code=0x7ffc0000 [ 678.581389][T12138] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1968'. [ 678.591881][T12138] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1968'. [ 678.606722][ T28] audit: type=1326 audit(1764095506.638:346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12131 comm="syz.0.1964" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fab0998f749 code=0x7ffc0000 [ 678.644720][ T28] audit: type=1326 audit(1764095506.638:347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12131 comm="syz.0.1964" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fab0998f749 code=0x7ffc0000 [ 678.685845][ T28] audit: type=1326 audit(1764095506.638:348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12131 comm="syz.0.1964" exe="/root/syz-executor" sig=0 arch=c000003e syscall=158 compat=0 ip=0x7fab0998f749 code=0x7ffc0000 [ 678.738207][ T28] audit: type=1326 audit(1764095506.638:349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12131 comm="syz.0.1964" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fab0998f749 code=0x7ffc0000 [ 678.817398][ T28] audit: type=1326 audit(1764095506.638:350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12131 comm="syz.0.1964" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fab0998f749 code=0x7ffc0000 [ 679.006231][ T28] audit: type=1326 audit(1764095506.808:351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12135 comm="syz.1.1967" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22ea98f749 code=0x7ffc0000 [ 681.666820][T12221] loop3: detected capacity change from 0 to 512 [ 681.711806][T12221] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 681.799243][T12221] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 681.833390][T12221] ext4 filesystem being mounted at /442/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 681.860228][T12223] capability: warning: `syz.0.1983' uses deprecated v2 capabilities in a way that may be insecure [ 682.102242][ T5799] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 682.900174][T12238] loop3: detected capacity change from 0 to 512 [ 683.120891][T12238] EXT4-fs error (device loop3): ext4_orphan_get:1399: inode #15: comm syz.3.1987: inode has both inline data and extents flags [ 683.140636][T12238] EXT4-fs error (device loop3): ext4_orphan_get:1404: comm syz.3.1987: couldn't read orphan inode 15 (err -117) [ 683.157440][T12238] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 683.333277][ T5799] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 683.389449][T12244] netlink: 'syz.1.1989': attribute type 1 has an invalid length. [ 683.464785][T12250] loop3: detected capacity change from 0 to 1024 [ 683.550207][T12244] bond1: entered promiscuous mode [ 683.579072][T12244] 8021q: adding VLAN 0 to HW filter on device bond1 [ 683.619431][T12257] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1993'. [ 683.774696][T12251] 8021q: adding VLAN 0 to HW filter on device bond1 [ 683.788957][T12251] bond1: (slave wireguard0): The slave device specified does not support setting the MAC address [ 683.832419][T12261] loop3: detected capacity change from 0 to 512 [ 683.845929][T12251] bond1: (slave wireguard0): Setting fail_over_mac to active for active-backup mode [ 683.866497][T12251] bond1: (slave wireguard0): making interface the new active one [ 683.902427][T12251] wireguard0: entered promiscuous mode [ 683.911101][T12261] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 683.940339][T12261] ext4 filesystem being mounted at /447/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 683.951285][T12251] bond1: (slave wireguard0): Enslaving as an active interface with an up link [ 683.974081][T12253] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 683.981511][T12253] IPv6: NLM_F_CREATE should be set when creating new route [ 683.988817][T12253] IPv6: NLM_F_CREATE should be set when creating new route [ 684.209994][ T5799] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 686.142276][ T1287] ieee802154 phy0 wpan0: encryption failed: -22 [ 686.156532][ T1287] ieee802154 phy1 wpan1: encryption failed: -22 [ 687.987350][T12336] loop3: detected capacity change from 0 to 512 [ 688.029448][T12339] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2024'. [ 688.044275][T12336] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 688.047557][T12339] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 688.065039][T12339] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 688.073971][T12339] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 688.081903][T12339] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 688.109376][T12336] ext4 filesystem being mounted at /454/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 688.230429][ T5799] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 689.674661][T12371] loop3: detected capacity change from 0 to 512 [ 689.722803][T12371] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 689.816402][T12371] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 689.832774][T12371] ext4 filesystem being mounted at /456/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 690.002626][T12372] syz.1.2033 (12372) used greatest stack depth: 17960 bytes left [ 690.117607][ T5799] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 690.266946][T12384] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2036'. [ 690.351371][T12387] loop3: detected capacity change from 0 to 512 [ 690.439714][T12387] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 690.501286][T12387] ext4 filesystem being mounted at /457/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 690.690114][ T5799] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 693.001739][T12414] loop3: detected capacity change from 0 to 4096 [ 693.053765][T12414] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 693.285625][T12423] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2046'. [ 693.308138][T12423] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 693.315720][T12423] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 693.369508][T12423] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 693.376995][T12423] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 693.763462][ T5799] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 693.941695][T12448] loop3: detected capacity change from 0 to 512 [ 693.958988][ T28] kauditd_printk_skb: 2 callbacks suppressed [ 693.959004][ T28] audit: type=1326 audit(1764095522.268:354): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12446 comm="syz.1.2055" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22ea98f749 code=0x7ffc0000 [ 694.018286][T12448] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 694.035610][ T28] audit: type=1326 audit(1764095522.268:355): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12446 comm="syz.1.2055" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22ea98f749 code=0x7ffc0000 [ 694.120137][ T28] audit: type=1326 audit(1764095522.268:356): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12446 comm="syz.1.2055" exe="/root/syz-executor" sig=0 arch=c000003e syscall=104 compat=0 ip=0x7f22ea98f749 code=0x7ffc0000 [ 694.167783][T12448] EXT4-fs warning (device loop3): ext4_expand_extra_isize_ea:2872: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 694.207522][T12448] EXT4-fs (loop3): 1 truncate cleaned up [ 694.236672][ T28] audit: type=1326 audit(1764095522.268:357): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12446 comm="syz.1.2055" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22ea98f749 code=0x7ffc0000 [ 694.269592][T12448] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 694.320404][ T28] audit: type=1326 audit(1764095522.268:358): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12446 comm="syz.1.2055" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22ea98f749 code=0x7ffc0000 [ 695.061854][T12460] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2065'. [ 695.111026][ T5799] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 696.578333][ T28] audit: type=1326 audit(1764095524.878:359): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12483 comm="syz.2.2064" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f694cd8f749 code=0x7ffc0000 [ 696.640640][ T28] audit: type=1326 audit(1764095524.878:360): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12483 comm="syz.2.2064" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f694cd8f749 code=0x7ffc0000 [ 696.729761][ T28] audit: type=1326 audit(1764095524.948:361): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12483 comm="syz.2.2064" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f694cd8f749 code=0x7ffc0000 [ 696.798211][ T28] audit: type=1326 audit(1764095524.948:362): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12483 comm="syz.2.2064" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f694cd8f749 code=0x7ffc0000 [ 696.861795][ T28] audit: type=1326 audit(1764095524.948:363): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12483 comm="syz.2.2064" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f694cd8f749 code=0x7ffc0000 [ 697.027939][T12488] sch_tbf: burst 19872 is lower than device lo mtu (11337746) ! [ 697.161064][ T51] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 697.351478][ T51] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 697.362256][ T51] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 697.381087][ T51] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 697.397111][ T51] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 697.407876][ T51] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 698.171088][T12503] syz.0.2070 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 698.315764][T12503] macvlan1: entered promiscuous mode [ 698.334777][T12503] ipvlan0: entered promiscuous mode [ 698.432200][T12503] ipvlan0: left promiscuous mode [ 698.455936][T12503] macvlan1: left promiscuous mode [ 699.354878][T12498] chnl_net:caif_netlink_parms(): no params data found [ 699.517576][ T51] Bluetooth: hci4: command tx timeout [ 699.628175][ T28] kauditd_printk_skb: 13 callbacks suppressed [ 699.628196][ T28] audit: type=1326 audit(1764095527.898:377): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12523 comm="syz.0.2075" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fab0998f749 code=0x7ffc0000 [ 699.690548][ T28] audit: type=1326 audit(1764095527.898:378): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12523 comm="syz.0.2075" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fab0998f749 code=0x7ffc0000 [ 699.713770][ T28] audit: type=1326 audit(1764095527.898:379): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12523 comm="syz.0.2075" exe="/root/syz-executor" sig=0 arch=c000003e syscall=299 compat=0 ip=0x7fab0998f749 code=0x7ffc0000 [ 699.758140][ T28] audit: type=1326 audit(1764095527.898:380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12523 comm="syz.0.2075" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fab0998f749 code=0x7ffc0000 [ 699.814342][ T28] audit: type=1326 audit(1764095527.898:381): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12523 comm="syz.0.2075" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fab0998f749 code=0x7ffc0000 [ 699.939440][T12529] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2079'. [ 700.974538][T12498] bridge0: port 1(bridge_slave_0) entered blocking state [ 701.000135][T12498] bridge0: port 1(bridge_slave_0) entered disabled state [ 701.007453][T12498] bridge_slave_0: entered allmulticast mode [ 701.038401][T12498] bridge_slave_0: entered promiscuous mode [ 701.060977][T12498] bridge0: port 2(bridge_slave_1) entered blocking state [ 701.065049][T12544] loop3: detected capacity change from 0 to 512 [ 701.079535][T12498] bridge0: port 2(bridge_slave_1) entered disabled state [ 701.098547][T12544] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 701.100280][T12498] bridge_slave_1: entered allmulticast mode [ 701.127515][T12498] bridge_slave_1: entered promiscuous mode [ 701.137659][T12544] EXT4-fs (loop3): 1 truncate cleaned up [ 701.179092][T12544] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 701.299176][T12498] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 701.321111][T12498] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 701.386010][ T5799] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 701.588363][ T51] Bluetooth: hci4: command tx timeout [ 701.595237][T12498] team0: Port device team_slave_0 added [ 701.666919][T12551] loop3: detected capacity change from 0 to 512 [ 701.691689][T12551] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 701.718508][T12498] team0: Port device team_slave_1 added [ 701.795617][T12551] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 701.858554][T12551] ext4 filesystem being mounted at /469/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 701.931224][T12498] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 701.962044][T12498] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 702.016179][ T5799] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 702.040764][T12498] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 702.070497][T12498] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 702.077588][T12498] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 702.126917][T12498] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 702.374450][T12498] hsr_slave_0: entered promiscuous mode [ 702.416563][T12498] hsr_slave_1: entered promiscuous mode [ 702.450575][T12498] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 702.468184][T12498] Cannot create hsr debugfs directory [ 703.658209][ T51] Bluetooth: hci4: command tx timeout [ 703.786913][T12498] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 703.927133][T12563] netlink: 56 bytes leftover after parsing attributes in process `syz.3.2087'. [ 703.941118][T12563] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2087'. [ 704.056605][T12498] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 704.286573][T12498] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 704.591654][T12569] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2090'. [ 704.702023][T12498] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 704.823248][T12574] syz.2.2091[12574] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 704.823504][T12574] syz.2.2091[12574] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 705.005897][ T28] audit: type=1326 audit(1764095533.308:382): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12577 comm="syz.2.2093" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f694cd8f749 code=0x7ffc0000 [ 705.029142][T12498] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 705.075996][T12498] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 705.088216][ T28] audit: type=1326 audit(1764095533.348:383): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12577 comm="syz.2.2093" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f694cd8f749 code=0x7ffc0000 [ 705.122150][T12498] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 705.135229][ T28] audit: type=1326 audit(1764095533.348:384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12577 comm="syz.2.2093" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f694cd8f749 code=0x7ffc0000 [ 705.181775][T12498] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 705.238093][ T28] audit: type=1326 audit(1764095533.348:385): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12577 comm="syz.2.2093" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f694cd8f749 code=0x7ffc0000 [ 705.289634][ T28] audit: type=1326 audit(1764095533.348:386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12577 comm="syz.2.2093" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f694cd8f749 code=0x7ffc0000 [ 705.383884][ T28] audit: type=1326 audit(1764095533.348:387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12577 comm="syz.2.2093" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f694cd8f749 code=0x7ffc0000 [ 705.437578][ T28] audit: type=1326 audit(1764095533.348:388): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12577 comm="syz.2.2093" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f694cd8f749 code=0x7ffc0000 [ 705.534781][ T28] audit: type=1326 audit(1764095533.348:389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12577 comm="syz.2.2093" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f694cd8f749 code=0x7ffc0000 [ 705.781489][ T51] Bluetooth: hci4: command tx timeout [ 706.140998][ T28] audit: type=1326 audit(1764095533.348:390): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12577 comm="syz.2.2093" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f694cd8f749 code=0x7ffc0000 [ 706.213765][ T28] audit: type=1326 audit(1764095533.348:391): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12577 comm="syz.2.2093" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f694cd8f749 code=0x7ffc0000 [ 706.244970][T12591] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2095'. [ 706.468585][T12591] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2095'. [ 706.610838][T12498] 8021q: adding VLAN 0 to HW filter on device bond0 [ 706.685903][T12498] 8021q: adding VLAN 0 to HW filter on device team0 [ 706.723818][T12215] bridge0: port 1(bridge_slave_0) entered blocking state [ 706.731071][T12215] bridge0: port 1(bridge_slave_0) entered forwarding state [ 706.792557][T12215] bridge0: port 2(bridge_slave_1) entered blocking state [ 706.799776][T12215] bridge0: port 2(bridge_slave_1) entered forwarding state [ 706.997419][T12605] netlink: 124 bytes leftover after parsing attributes in process `syz.3.2101'. [ 707.035111][T12605] loop3: detected capacity change from 0 to 1024 [ 707.106011][T12605] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 707.933730][ T5799] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 708.195115][T12498] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 708.307203][T12498] veth0_vlan: entered promiscuous mode [ 708.339538][T12498] veth1_vlan: entered promiscuous mode [ 708.372037][T12498] veth0_macvtap: entered promiscuous mode [ 708.400942][T12498] veth1_macvtap: entered promiscuous mode [ 708.493644][T12498] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 708.540138][T12498] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 708.551783][T12498] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 708.565348][T12498] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 708.595614][T12498] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 708.650900][T12498] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 708.669816][T12498] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 708.690626][T12498] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 708.724287][T12498] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 708.762450][T12498] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 708.784143][T12498] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 708.796687][T12498] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 708.818009][T12498] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 708.827151][T12498] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 709.015234][T12215] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 709.050816][T12215] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 709.126987][T12637] loop3: detected capacity change from 0 to 164 [ 709.157320][ T2980] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 709.173811][T12637] Unable to read rock-ridge attributes [ 709.188114][ T2980] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 711.076894][T12654] netlink: 'syz.2.2115': attribute type 2 has an invalid length. [ 711.118617][T12654] netlink: 'syz.2.2115': attribute type 1 has an invalid length. [ 711.126424][T12654] netlink: 'syz.2.2115': attribute type 2 has an invalid length. [ 711.150929][T12654] netlink: 32 bytes leftover after parsing attributes in process `syz.2.2115'. [ 711.238362][T12656] tipc: Started in network mode [ 711.258441][T12656] tipc: Node identity 9ef250d9484b, cluster identity 4711 [ 711.265881][T12656] tipc: Enabled bearer , priority 0 [ 711.300156][T12656] tipc: Disabling bearer [ 712.694437][T12677] loop1: detected capacity change from 0 to 512 [ 712.745143][T12677] ext2: Unknown parameter 'audit' [ 712.823347][T11939] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 712.897830][T12677] mmap: syz.1.2125 (12677) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 713.191870][T12685] pim6reg: entered allmulticast mode [ 713.220231][T12685] pim6reg: left allmulticast mode [ 716.137243][T12712] loop3: detected capacity change from 0 to 1024 [ 716.157334][T12712] EXT4-fs: Ignoring removed mblk_io_submit option [ 716.167553][T12712] ext4: Unknown parameter 'noacl' [ 716.390875][T12718] netlink: 'syz.0.2143': attribute type 1 has an invalid length. [ 718.816825][T12757] loop3: detected capacity change from 0 to 128 [ 719.454084][ T28] kauditd_printk_skb: 17 callbacks suppressed [ 719.454101][ T28] audit: type=1326 audit(1764095547.758:409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12766 comm="syz.1.2162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa52c38f749 code=0x7ffc0000 [ 719.535034][ T28] audit: type=1326 audit(1764095547.758:410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12766 comm="syz.1.2162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=81 compat=0 ip=0x7fa52c38f749 code=0x7ffc0000 [ 719.579778][ T28] audit: type=1326 audit(1764095547.758:411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12766 comm="syz.1.2162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa52c38f749 code=0x7ffc0000 [ 719.639360][ T28] audit: type=1326 audit(1764095547.768:412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12766 comm="syz.1.2162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa52c38f749 code=0x7ffc0000 [ 721.061058][T12794] loop3: detected capacity change from 0 to 512 [ 721.107207][T12794] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 721.216263][T12794] ext4 filesystem being mounted at /500/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 721.251731][T12794] EXT4-fs error (device loop3): ext4_do_update_inode:5244: inode #2: comm syz.3.2172: corrupted inode contents [ 721.282066][T12794] EXT4-fs error (device loop3): ext4_dirty_inode:6120: inode #2: comm syz.3.2172: mark_inode_dirty error [ 721.319450][T12794] EXT4-fs error (device loop3): ext4_do_update_inode:5244: inode #2: comm syz.3.2172: corrupted inode contents [ 721.445865][ T5799] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 721.485629][T12778] syz.0.2167: vmalloc error: size 536870912, failed to allocated page array size 1048576, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=syz0,mems_allowed=0-1 [ 721.507345][T12778] CPU: 1 PID: 12778 Comm: syz.0.2167 Not tainted syzkaller #0 [ 721.514883][T12778] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 721.525012][T12778] Call Trace: [ 721.528325][T12778] [ 721.531294][T12778] dump_stack_lvl+0x16c/0x230 [ 721.536027][T12778] ? show_regs_print_info+0x20/0x20 [ 721.541284][T12778] ? load_image+0x3b0/0x3b0 [ 721.545842][T12778] ? cpuset_print_current_mems_allowed+0x1f/0x360 [ 721.552305][T12778] ? cpuset_print_current_mems_allowed+0x2e3/0x360 [ 721.558857][T12778] warn_alloc+0x210/0x300 [ 721.563245][T12778] ? zone_watermark_ok_safe+0x230/0x230 [ 721.568856][T12778] ? _raw_spin_unlock+0x28/0x40 [ 721.573760][T12778] __vmalloc_node_range+0x662/0x1320 [ 721.579208][T12778] ? __asan_memset+0x22/0x40 [ 721.583885][T12778] ? free_vm_area+0x50/0x50 [ 721.588435][T12778] ? kvmalloc_node+0x70/0x180 [ 721.593165][T12778] ? rcu_is_watching+0x15/0xb0 [ 721.597971][T12778] ? kvmalloc_node+0x70/0x180 [ 721.602689][T12778] ? trace_kmalloc+0x1f/0xa0 [ 721.607324][T12778] kvmalloc_node+0x13f/0x180 [ 721.611954][T12778] ? translate_table+0x19c/0x2020 [ 721.617027][T12778] translate_table+0x19c/0x2020 [ 721.621947][T12778] ? ip6t_register_table+0x7b0/0x7b0 [ 721.627278][T12778] ? __might_fault+0xaa/0x120 [ 721.632005][T12778] ? __lock_acquire+0x7c80/0x7c80 [ 721.637073][T12778] ? __virt_addr_valid+0x18c/0x540 [ 721.642242][T12778] ? __might_fault+0xaa/0x120 [ 721.646978][T12778] ? __might_fault+0xc6/0x120 [ 721.651712][T12778] ? __might_fault+0xaa/0x120 [ 721.656443][T12778] do_ip6t_set_ctl+0x969/0xcd0 [ 721.661280][T12778] ? ip6t_unregister_table_exit+0x230/0x230 [ 721.667219][T12778] ? __lock_acquire+0x7c80/0x7c80 [ 721.672285][T12778] ? rcu_is_watching+0x15/0xb0 [ 721.677123][T12778] ? trace_contention_end+0x39/0xe0 [ 721.682399][T12778] ? __mutex_unlock_slowpath+0x1a2/0x6a0 [ 721.688100][T12778] ? mutex_unlock+0x10/0x10 [ 721.692663][T12778] ? __might_sleep+0xe0/0xe0 [ 721.697314][T12778] ? mutex_lock_nested+0x20/0x20 [ 721.702321][T12778] nf_setsockopt+0x263/0x280 [ 721.706940][T12778] ? sock_common_recvmsg+0x1b0/0x1b0 [ 721.712260][T12778] smc_setsockopt+0x229/0xab0 [ 721.716971][T12778] ? smc_shutdown+0x9b0/0x9b0 [ 721.721669][T12778] ? __fget_files+0x28/0x4d0 [ 721.726284][T12778] ? bpf_lsm_socket_setsockopt+0x9/0x10 [ 721.731861][T12778] ? security_socket_setsockopt+0x7e/0xa0 [ 721.737594][T12778] ? smc_shutdown+0x9b0/0x9b0 [ 721.742295][T12778] do_sock_setsockopt+0x175/0x1a0 [ 721.747340][T12778] ? __fdget+0x180/0x210 [ 721.751603][T12778] __x64_sys_setsockopt+0x184/0x200 [ 721.756839][T12778] do_syscall_64+0x55/0xb0 [ 721.761276][T12778] ? clear_bhb_loop+0x40/0x90 [ 721.765968][T12778] ? clear_bhb_loop+0x40/0x90 [ 721.770669][T12778] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 721.776583][T12778] RIP: 0033:0x7fab0998f749 [ 721.781022][T12778] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 721.800652][T12778] RSP: 002b:00007fab0a7b7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 721.809096][T12778] RAX: ffffffffffffffda RBX: 00007fab09be5fa0 RCX: 00007fab0998f749 [ 721.817082][T12778] RDX: 0000000000000040 RSI: 0000000000000029 RDI: 0000000000000003 [ 721.825150][T12778] RBP: 00007fab09a13f91 R08: 0000000000000330 R09: 0000000000000000 [ 721.833135][T12778] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000 [ 721.841113][T12778] R13: 00007fab09be6038 R14: 00007fab09be5fa0 R15: 00007ffc311b2458 [ 721.849113][T12778] [ 721.863331][T12778] Mem-Info: [ 721.897842][T12778] active_anon:25061 inactive_anon:0 isolated_anon:0 [ 721.897842][T12778] active_file:13700 inactive_file:40148 isolated_file:0 [ 721.897842][T12778] unevictable:768 dirty:89 writeback:0 [ 721.897842][T12778] slab_reclaimable:10574 slab_unreclaimable:101009 [ 721.897842][T12778] mapped:24379 shmem:21151 pagetables:529 [ 721.897842][T12778] sec_pagetables:0 bounce:0 [ 721.897842][T12778] kernel_misc_reclaimable:0 [ 721.897842][T12778] free:1308965 free_pcp:10882 free_cma:0 [ 721.995593][T12778] Node 0 active_anon:88644kB inactive_anon:0kB active_file:54800kB inactive_file:160392kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:97516kB dirty:356kB writeback:0kB shmem:71668kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:12244kB pagetables:2016kB sec_pagetables:0kB all_unreclaimable? no [ 722.028926][T12778] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no [ 722.060825][T12778] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 722.097846][T12778] lowmem_reserve[]: 0 2525 2526 2526 2526 [ 722.105079][T12778] Node 0 DMA32 free:1349188kB boost:0kB min:34676kB low:43344kB high:52012kB reserved_highatomic:0KB active_anon:88596kB inactive_anon:0kB active_file:54800kB inactive_file:159076kB unevictable:1536kB writepending:356kB present:3129332kB managed:2589596kB mlocked:0kB bounce:0kB free_pcp:15952kB local_pcp:14080kB free_cma:0kB [ 722.178129][T12778] lowmem_reserve[]: 0 0 1 1 1 [ 722.182951][T12778] Node 0 Normal free:8kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB active_anon:48kB inactive_anon:0kB active_file:0kB inactive_file:1316kB unevictable:0kB writepending:0kB present:1048576kB managed:1384kB mlocked:0kB bounce:0kB free_pcp:12kB local_pcp:0kB free_cma:0kB [ 722.233048][T12778] lowmem_reserve[]: 0 0 0 0 0 [ 722.237908][T12778] Node 1 Normal free:3886852kB boost:0kB min:55208kB low:69008kB high:82808kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB writepending:0kB present:4194304kB managed:4117312kB mlocked:0kB bounce:0kB free_pcp:23360kB local_pcp:12128kB free_cma:0kB [ 722.292180][T12778] lowmem_reserve[]: 0 0 0 0 0 [ 722.297007][T12778] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 722.388295][T12778] Node 0 DMA32: 154*4kB (ME) 89*8kB (ME) 462*16kB (ME) 454*32kB (ME) 247*64kB (UME) 154*128kB (UME) 61*256kB (UME) 32*512kB (M) 27*1024kB (UM) 13*2048kB (UME) 294*4096kB (M) = 1349264kB [ 722.437739][T12778] Node 0 Normal: 0*4kB 1*8kB (M) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB [ 722.490866][T12778] Node 1 Normal: 255*4kB (UME) 49*8kB (UME) 44*16kB (UME) 70*32kB (UME) 26*64kB (UME) 7*128kB (UME) 2*256kB (UM) 1*512kB (E) 0*1024kB 2*2048kB (UE) 946*4096kB (M) = 3886852kB [ 722.531527][T12778] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 722.542951][T12778] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 722.552475][T12778] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 722.562491][T12778] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 722.571877][T12778] 74945 total pagecache pages [ 722.576603][T12778] 0 pages in swap cache [ 722.580942][T12778] Free swap = 124704kB [ 722.585126][T12778] Total swap = 124996kB [ 722.589358][T12778] 2097051 pages RAM [ 722.593194][T12778] 0 pages HighMem/MovableOnly [ 722.597898][T12778] 416138 pages reserved [ 722.602168][T12778] 0 pages cma reserved [ 722.830451][T12809] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2177'. [ 722.858807][T12809] netlink: 108 bytes leftover after parsing attributes in process `syz.1.2177'. [ 722.915027][T12809] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2177'. [ 723.124411][T12809] netlink: 108 bytes leftover after parsing attributes in process `syz.1.2177'. [ 723.150651][T12809] netlink: 84 bytes leftover after parsing attributes in process `syz.1.2177'. [ 723.360402][T12813] loop3: detected capacity change from 0 to 512 [ 723.428731][T12813] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 723.458384][T12813] ext4 filesystem being mounted at /503/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 723.645399][ T5799] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 724.023936][ T28] audit: type=1326 audit(1764095552.328:413): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12831 comm="syz.3.2184" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3fb5b8f749 code=0x7ffc0000 [ 724.078167][ T28] audit: type=1326 audit(1764095552.328:414): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12831 comm="syz.3.2184" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3fb5b8f749 code=0x7ffc0000 [ 724.114708][ T28] audit: type=1326 audit(1764095552.358:415): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12831 comm="syz.3.2184" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3fb5b8f749 code=0x7ffc0000 [ 724.177240][ T28] audit: type=1326 audit(1764095552.368:416): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12831 comm="syz.3.2184" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3fb5b8f749 code=0x7ffc0000 [ 724.204088][ T28] audit: type=1326 audit(1764095552.368:417): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12831 comm="syz.3.2184" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3fb5b8f749 code=0x7ffc0000 [ 724.242175][ T28] audit: type=1326 audit(1764095552.368:418): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12831 comm="syz.3.2184" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3fb5b8f749 code=0x7ffc0000 [ 724.445227][T12836] Set syz1 is full, maxelem 65536 reached [ 724.834589][T12848] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2190'. [ 725.828967][ T28] kauditd_printk_skb: 5 callbacks suppressed [ 725.828983][ T28] audit: type=1326 audit(1764095554.138:424): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12868 comm="syz.0.2199" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fab0998f749 code=0x7ffc0000 [ 725.861020][ T28] audit: type=1326 audit(1764095554.138:425): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12868 comm="syz.0.2199" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fab0998f749 code=0x7ffc0000 [ 725.886857][ T28] audit: type=1326 audit(1764095554.138:426): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12868 comm="syz.0.2199" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fab0998f749 code=0x7ffc0000 [ 725.913652][ T28] audit: type=1326 audit(1764095554.138:427): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12868 comm="syz.0.2199" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fab0998f749 code=0x7ffc0000 [ 725.936479][ T28] audit: type=1326 audit(1764095554.138:428): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12868 comm="syz.0.2199" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fab0998f749 code=0x7ffc0000 [ 725.988176][ T28] audit: type=1326 audit(1764095554.138:429): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12868 comm="syz.0.2199" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fab0998f749 code=0x7ffc0000 [ 726.048292][ T28] audit: type=1326 audit(1764095554.168:430): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12868 comm="syz.0.2199" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fab0998f749 code=0x7ffc0000 [ 726.119107][ T28] audit: type=1326 audit(1764095554.168:431): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12868 comm="syz.0.2199" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fab0998f749 code=0x7ffc0000 [ 726.242203][ T28] audit: type=1326 audit(1764095554.188:432): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12868 comm="syz.0.2199" exe="/root/syz-executor" sig=0 arch=c000003e syscall=322 compat=0 ip=0x7fab0998f749 code=0x7ffc0000 [ 726.309687][ T28] audit: type=1326 audit(1764095554.188:433): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12868 comm="syz.0.2199" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fab0998f749 code=0x7ffc0000 [ 727.093431][T11088] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 727.104978][T11088] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 727.114362][T11088] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 727.143392][T11088] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 727.152571][T11088] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 727.160566][T11088] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 728.243426][T12899] chnl_net:caif_netlink_parms(): no params data found [ 728.503688][T12899] bridge0: port 1(bridge_slave_0) entered blocking state [ 728.511627][T12899] bridge0: port 1(bridge_slave_0) entered disabled state [ 728.519054][T12899] bridge_slave_0: entered allmulticast mode [ 728.526693][T12899] bridge_slave_0: entered promiscuous mode [ 728.536817][T12899] bridge0: port 2(bridge_slave_1) entered blocking state [ 728.545281][T12899] bridge0: port 2(bridge_slave_1) entered disabled state [ 728.556218][T12899] bridge_slave_1: entered allmulticast mode [ 728.563872][T12899] bridge_slave_1: entered promiscuous mode [ 728.628330][T12899] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 728.639269][T12936] sch_tbf: peakrate 7 is lower than or equals to rate 6829859379779001161 ! [ 728.681666][T12899] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 728.797256][T12899] team0: Port device team_slave_0 added [ 728.814001][T12899] team0: Port device team_slave_1 added [ 728.869836][T12899] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 728.876966][T12899] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 728.905979][T12899] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 728.935820][T12899] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 728.973595][T12899] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 729.056638][T12899] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 729.122726][T12899] hsr_slave_0: entered promiscuous mode [ 729.131318][T12899] hsr_slave_1: entered promiscuous mode [ 729.138491][T12899] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 729.146206][T12899] Cannot create hsr debugfs directory [ 729.259819][T11088] Bluetooth: hci0: command tx timeout [ 729.461086][T12899] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 729.494583][T12899] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 729.507943][T12899] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 729.526459][T12899] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 729.697386][T12899] 8021q: adding VLAN 0 to HW filter on device bond0 [ 729.733590][T12899] 8021q: adding VLAN 0 to HW filter on device team0 [ 729.765142][T12212] bridge0: port 1(bridge_slave_0) entered blocking state [ 729.772439][T12212] bridge0: port 1(bridge_slave_0) entered forwarding state [ 729.804336][T12212] bridge0: port 2(bridge_slave_1) entered blocking state [ 729.811588][T12212] bridge0: port 2(bridge_slave_1) entered forwarding state [ 730.021140][T12899] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 730.651988][T12899] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 731.200752][T12899] veth0_vlan: entered promiscuous mode [ 731.227827][T12899] veth1_vlan: entered promiscuous mode [ 731.305941][T12899] veth0_macvtap: entered promiscuous mode [ 731.321344][T12899] veth1_macvtap: entered promiscuous mode [ 731.339164][T11088] Bluetooth: hci0: command tx timeout [ 731.356812][T12899] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 731.375159][T12899] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 731.393320][T12899] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 731.410911][T12899] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 731.425752][T12899] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 731.436576][T12899] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 731.453516][T12899] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 731.635335][T12899] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 731.645984][T12899] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 731.656088][T12899] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 731.666636][T12899] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 731.676891][T12899] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 731.687551][T12899] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 731.711458][T12899] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 731.752223][T12899] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 731.762413][T12899] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 731.787967][T12899] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 731.797232][T12899] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 731.861984][T12999] syzkaller0: entered promiscuous mode [ 731.867680][T12999] syzkaller0: entered allmulticast mode [ 732.087349][T12205] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 732.157707][T12205] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 732.284452][T13006] sch_tbf: burst 22 is lower than device lo mtu (65550) ! [ 732.367970][ T2980] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 732.430236][ T2980] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 732.567515][T13010] ip6gre1: entered allmulticast mode [ 732.639535][T13008] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2240'. [ 732.703009][T13015] loop4: detected capacity change from 0 to 512 [ 732.782631][T13015] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 732.802831][T13015] ext4 filesystem being mounted at /0/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 732.901978][T13025] C: renamed from team_slave_0 (while UP) [ 732.917618][T13025] netlink: 152 bytes leftover after parsing attributes in process `syz.0.2245'. [ 732.923986][T12899] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 733.142472][T13030] syzkaller0: entered promiscuous mode [ 733.150773][T13030] syzkaller0: entered allmulticast mode [ 733.420896][T11088] Bluetooth: hci0: command tx timeout [ 733.593091][ T28] kauditd_printk_skb: 10 callbacks suppressed [ 733.593109][ T28] audit: type=1326 audit(1764095561.898:444): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13038 comm="syz.2.2250" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f694cd8f749 code=0x7ffc0000 [ 733.623063][ T28] audit: type=1326 audit(1764095561.898:445): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13038 comm="syz.2.2250" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f694cd8f749 code=0x7ffc0000 [ 733.647738][ T28] audit: type=1326 audit(1764095561.908:446): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13038 comm="syz.2.2250" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f694cd8f749 code=0x7ffc0000 [ 733.675075][ T28] audit: type=1326 audit(1764095561.908:447): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13038 comm="syz.2.2250" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f694cd8f749 code=0x7ffc0000 [ 733.706283][ T28] audit: type=1326 audit(1764095561.908:448): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13038 comm="syz.2.2250" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f694cd8f749 code=0x7ffc0000 [ 733.730011][ T28] audit: type=1326 audit(1764095561.908:449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13038 comm="syz.2.2250" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f694cd8f749 code=0x7ffc0000 [ 733.753430][ T28] audit: type=1326 audit(1764095561.958:450): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13038 comm="syz.2.2250" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f694cd8f749 code=0x7ffc0000 [ 733.777238][ T28] audit: type=1326 audit(1764095561.958:451): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13038 comm="syz.2.2250" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f694cd8f749 code=0x7ffc0000 [ 733.801976][ T28] audit: type=1326 audit(1764095561.998:452): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13038 comm="syz.2.2250" exe="/root/syz-executor" sig=0 arch=c000003e syscall=237 compat=0 ip=0x7f694cd8f749 code=0x7ffc0000 [ 733.827496][ T28] audit: type=1326 audit(1764095562.008:453): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13038 comm="syz.2.2250" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f694cd8f749 code=0x7ffc0000 [ 734.077566][T13048] loop1: detected capacity change from 0 to 512 [ 734.171814][T13048] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 734.226645][T13048] ext4 filesystem being mounted at /38/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 734.446756][T12498] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 734.458969][T13056] syzkaller0: entered promiscuous mode [ 734.470712][T13056] syzkaller0: entered allmulticast mode [ 734.667159][T13071] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2260'. [ 735.365373][T13085] loop1: detected capacity change from 0 to 512 [ 735.471350][T13085] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 735.487321][T13085] ext4 filesystem being mounted at /43/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 735.509516][T11088] Bluetooth: hci0: command tx timeout [ 735.613596][T12498] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 737.779285][T13116] netlink: 300 bytes leftover after parsing attributes in process `syz.0.2280'. [ 737.855394][T13078] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2265'. [ 738.192218][T13131] loop4: detected capacity change from 0 to 512 [ 738.291044][T13131] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 738.318444][T13131] ext4 filesystem being mounted at /5/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 738.552537][T12899] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 738.700541][T13147] loop4: detected capacity change from 0 to 512 [ 738.715995][T13147] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 738.752671][T13147] EXT4-fs (loop4): group descriptors corrupted! [ 739.396596][T13165] xt_hashlimit: max too large, truncated to 1048576 [ 739.552899][ T28] kauditd_printk_skb: 49 callbacks suppressed [ 739.552918][ T28] audit: type=1326 audit(1764095567.848:503): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13166 comm="syz.2.2297" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f694cd8f749 code=0x7ffc0000 [ 739.604710][T13170] loop1: detected capacity change from 0 to 512 [ 739.643739][ T28] audit: type=1326 audit(1764095567.848:504): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13166 comm="syz.2.2297" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f694cd8f749 code=0x7ffc0000 [ 739.710027][ T28] audit: type=1326 audit(1764095567.898:505): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13166 comm="syz.2.2297" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f694cd8f749 code=0x7ffc0000 [ 739.750355][T13170] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 739.763680][T13170] ext4 filesystem being mounted at /51/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 739.789065][ T28] audit: type=1326 audit(1764095567.898:506): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13166 comm="syz.2.2297" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f694cd8f749 code=0x7ffc0000 [ 739.812386][ T28] audit: type=1326 audit(1764095567.898:507): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13166 comm="syz.2.2297" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f694cd8f749 code=0x7ffc0000 [ 739.836294][ T28] audit: type=1326 audit(1764095567.898:508): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13166 comm="syz.2.2297" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f694cd8f749 code=0x7ffc0000 [ 739.858948][ T28] audit: type=1326 audit(1764095567.908:509): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13166 comm="syz.2.2297" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f694cd8f749 code=0x7ffc0000 [ 739.955641][ T28] audit: type=1326 audit(1764095567.908:510): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13166 comm="syz.2.2297" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f694cd8f749 code=0x7ffc0000 [ 740.013475][ T28] audit: type=1326 audit(1764095567.908:511): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13166 comm="syz.2.2297" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f694cd8f749 code=0x7ffc0000 [ 740.044379][T12498] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 740.044400][ T28] audit: type=1326 audit(1764095567.918:512): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13166 comm="syz.2.2297" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f694cd8f749 code=0x7ffc0000 [ 740.216599][T13183] loop1: detected capacity change from 0 to 1024 [ 740.260832][T13183] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 740.308499][T13183] EXT4-fs error (device loop1): ext4_map_blocks:718: inode #3: block 1: comm syz.1.2301: lblock 1 mapped to illegal pblock 1 (length 1) [ 740.340030][T13183] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.2301: Failed to acquire dquot type 0 [ 740.361782][T13183] EXT4-fs error (device loop1): ext4_free_blocks:6676: comm syz.1.2301: Freeing blocks not in datazone - block = 0, count = 4096 [ 740.454127][T13183] EXT4-fs error (device loop1): ext4_read_inode_bitmap:140: comm syz.1.2301: Invalid inode bitmap blk 0 in block_group 0 [ 740.505498][T13183] EXT4-fs error (device loop1) in ext4_free_inode:363: Corrupt filesystem [ 740.514400][T12214] EXT4-fs error (device loop1): ext4_map_blocks:608: inode #3: block 1: comm kworker/u4:32: lblock 1 mapped to illegal pblock 1 (length 1) [ 740.530141][T13183] EXT4-fs (loop1): 1 orphan inode deleted [ 740.541349][T13183] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 740.560540][T12214] EXT4-fs error (device loop1): ext4_release_dquot:6969: comm kworker/u4:32: Failed to release dquot type 0 [ 740.729516][T12498] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 741.041349][T13198] netlink: 'syz.0.2306': attribute type 10 has an invalid length. [ 741.067999][T13198] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2306'. [ 741.186094][T13198] team0: Port device geneve0 added [ 741.541533][T13209] loop4: detected capacity change from 0 to 512 [ 741.613699][T13209] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 741.672600][T13209] ext4 filesystem being mounted at /8/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 741.866389][T12899] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 741.954042][T13216] netdevsim netdevsim2 netdevsim0: entered promiscuous mode [ 741.982439][T13216] netdevsim netdevsim2 netdevsim0: entered allmulticast mode [ 742.050865][T13218] wg1 speed is unknown, defaulting to 1000 [ 742.068316][T13218] wg1 speed is unknown, defaulting to 1000 [ 742.083093][T13220] syzkaller1: entered promiscuous mode [ 742.107827][T13220] syzkaller1: entered allmulticast mode [ 742.127571][T13218] wg1 speed is unknown, defaulting to 1000 [ 742.179704][T13218] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 742.215839][T13223] loop1: detected capacity change from 0 to 512 [ 742.266194][T13218] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98 [ 742.287093][T13223] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 742.330225][T13223] ext4 filesystem being mounted at /55/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 742.555521][T13218] wg1 speed is unknown, defaulting to 1000 [ 742.590164][T13218] wg1 speed is unknown, defaulting to 1000 [ 742.597172][T12498] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 742.597804][T13218] wg1 speed is unknown, defaulting to 1000 [ 742.628168][T13218] wg1 speed is unknown, defaulting to 1000 [ 742.749781][T13227] syzkaller0: entered promiscuous mode [ 742.772023][T13227] syzkaller0: entered allmulticast mode [ 742.803181][T13218] wg1 speed is unknown, defaulting to 1000 [ 742.824022][T13218] wg1 speed is unknown, defaulting to 1000 [ 742.958438][T13235] netlink: 'syz.1.2316': attribute type 1 has an invalid length. [ 743.178339][T13240] loop1: detected capacity change from 0 to 512 [ 743.253223][T13240] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 743.292133][T13240] ext4 filesystem being mounted at /58/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 743.413646][T12498] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 743.815281][T13250] loop1: detected capacity change from 0 to 512 [ 743.822870][T13250] ext4: Unknown parameter 'seclabel' [ 743.887179][T12906] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 745.242364][T13262] loop1: detected capacity change from 0 to 2048 [ 745.327077][T13262] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 745.361031][T13262] ext4 filesystem being mounted at /63/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 746.638962][T13234] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2317'. [ 746.649383][T13254] netlink: 'syz.2.2323': attribute type 10 has an invalid length. [ 746.659115][T13254] batadv0: entered allmulticast mode [ 746.683658][T13254] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 746.715716][T13254] bond0: (slave batadv0): Enslaving as an active interface with an up link [ 746.734832][T13255] netlink: 'syz.2.2323': attribute type 10 has an invalid length. [ 746.743178][T13255] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2323'. [ 746.752644][T13255] batadv0: entered promiscuous mode [ 746.759925][T13255] bond0: (slave batadv0): Releasing backup interface [ 746.779641][ T28] kauditd_printk_skb: 41 callbacks suppressed [ 746.779657][ T28] audit: type=1326 audit(1764095575.088:551): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13267 comm="syz.0.2327" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fab0998f749 code=0x7ffc0000 [ 746.780266][T13255] bridge0: port 3(batadv0) entered blocking state [ 746.789144][T13255] bridge0: port 3(batadv0) entered disabled state [ 746.872575][ T28] audit: type=1326 audit(1764095575.088:552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13267 comm="syz.0.2327" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fab0998f749 code=0x7ffc0000 [ 746.931185][ T28] audit: type=1326 audit(1764095575.118:553): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13267 comm="syz.0.2327" exe="/root/syz-executor" sig=0 arch=c000003e syscall=7 compat=0 ip=0x7fab0998f749 code=0x7ffc0000 [ 746.945985][T13270] loop4: detected capacity change from 0 to 512 [ 746.978680][ T28] audit: type=1326 audit(1764095575.118:554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13267 comm="syz.0.2327" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fab0998f749 code=0x7ffc0000 [ 747.008096][ T28] audit: type=1326 audit(1764095575.118:555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13267 comm="syz.0.2327" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fab0998f749 code=0x7ffc0000 [ 747.031866][ T2950] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled [ 747.042265][ T2950] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled [ 747.063046][T12498] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 747.095458][T13270] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 747.125760][T13270] ext4 filesystem being mounted at /11/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 747.385345][T12899] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 747.454636][T13284] IPv6: Can't replace route, no match found [ 747.592718][ T1287] ieee802154 phy0 wpan0: encryption failed: -22 [ 747.599456][ T1287] ieee802154 phy1 wpan1: encryption failed: -22 [ 747.650203][T13288] loop1: detected capacity change from 0 to 1024 [ 747.746774][T13288] EXT4-fs (loop1): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 747.795797][T13288] ext4 filesystem being mounted at /66/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 747.841453][T13288] EXT4-fs error (device loop1): ext4_free_blocks:6676: comm syz.1.2335: Freeing blocks not in datazone - block = 0, count = 16 [ 747.931872][T12498] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 749.455032][T13354] syzkaller0: entered promiscuous mode [ 749.464246][T13354] syzkaller0: entered allmulticast mode [ 750.621630][T13363] cgroup2: Unknown parameter 'memory_hugetlb_accounting' [ 750.791133][ T51] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 750.810593][ T51] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 750.835650][ T51] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 750.852104][ T51] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 750.860377][ T51] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 750.867829][ T51] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 752.953151][T11088] Bluetooth: hci1: command tx timeout [ 753.533016][T13385] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(3) [ 753.539632][T13385] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 753.572648][T13385] vhci_hcd vhci_hcd.0: Device attached [ 753.605139][T13364] wg1 speed is unknown, defaulting to 1000 [ 753.622544][T13386] vhci_hcd: connection closed [ 753.629036][T12213] vhci_hcd: stop threads [ 753.638095][T13390] usb usb6: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 753.655846][T12213] vhci_hcd: release socket [ 753.665995][T12213] vhci_hcd: disconnect device [ 753.885574][T12212] netdevsim netdevsim2 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 753.900995][T12212] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 753.968686][T13396] can0: slcan on ptm0. [ 754.027294][T12212] netdevsim netdevsim2 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 754.043122][T12212] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 754.106335][T13402] syz.0.2378[13402] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 754.106476][T13402] syz.0.2378[13402] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 754.153342][T12212] netdevsim netdevsim2 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 754.175511][T12212] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 754.189668][T13399] can0 (unregistered): slcan off ptm0. [ 754.368568][T13406] loop1: detected capacity change from 0 to 512 [ 754.384527][T12212] netdevsim netdevsim2 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 754.413556][T12212] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 754.440818][T13406] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 754.499644][T13406] ext4 filesystem being mounted at /75/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 754.586792][T13406] EXT4-fs error (device loop1): ext4_add_entry:2486: inode #12: comm syz.1.2380: Directory hole found for htree leaf block 0 [ 754.639752][T13406] EXT4-fs (loop1): Remounting filesystem read-only [ 754.777480][T12498] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 754.787962][ T2980] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 754.793749][T13364] chnl_net:caif_netlink_parms(): no params data found [ 754.826721][ T2980] Quota error (device loop1): write_blk: dquota write failed [ 754.860537][ T2980] Quota error (device loop1): free_dqentry: Can't write quota data block 5 [ 755.019394][T11088] Bluetooth: hci1: command tx timeout [ 755.030704][T12212] tipc: Disabling bearer [ 755.067968][T12212] tipc: Left network mode [ 755.260698][ T28] audit: type=1326 audit(1764095583.528:556): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13435 comm="syz.1.2384" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa52c38f749 code=0x7ffc0000 [ 755.333707][ T28] audit: type=1326 audit(1764095583.528:557): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13435 comm="syz.1.2384" exe="/root/syz-executor" sig=0 arch=c000003e syscall=111 compat=0 ip=0x7fa52c38f749 code=0x7ffc0000 [ 755.410054][ T28] audit: type=1326 audit(1764095583.528:558): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13435 comm="syz.1.2384" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa52c38f749 code=0x7ffc0000 [ 755.509525][ T28] audit: type=1326 audit(1764095583.528:559): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13435 comm="syz.1.2384" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa52c38f749 code=0x7ffc0000 [ 755.598413][ T28] audit: type=1326 audit(1764095583.528:560): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13435 comm="syz.1.2384" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa52c38f749 code=0x7ffc0000 [ 755.627747][ T28] audit: type=1326 audit(1764095583.528:561): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13435 comm="syz.1.2384" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fa52c38f749 code=0x7ffc0000 [ 755.705778][ T28] audit: type=1326 audit(1764095583.528:562): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13435 comm="syz.1.2384" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa52c38f749 code=0x7ffc0000 [ 755.731629][T13364] bridge0: port 1(bridge_slave_0) entered blocking state [ 755.764794][T13364] bridge0: port 1(bridge_slave_0) entered disabled state [ 755.768169][ T28] audit: type=1326 audit(1764095583.528:563): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13435 comm="syz.1.2384" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa52c38f749 code=0x7ffc0000 [ 755.804576][T13364] bridge_slave_0: entered allmulticast mode [ 755.836952][T13364] bridge_slave_0: entered promiscuous mode [ 755.984158][T13364] bridge0: port 2(bridge_slave_1) entered blocking state [ 756.003324][T13364] bridge0: port 2(bridge_slave_1) entered disabled state [ 756.023218][T13451] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2387'. [ 756.038900][T13364] bridge_slave_1: entered allmulticast mode [ 756.050136][T13364] bridge_slave_1: entered promiscuous mode [ 756.446544][T13364] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 756.547970][T13364] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 756.829308][T13481] random: crng reseeded on system resumption [ 756.830073][T13364] team0: Port device team_slave_0 added [ 756.987519][T13484] loop4: detected capacity change from 0 to 1024 [ 757.037138][T13364] team0: Port device team_slave_1 added [ 757.087408][T13484] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 757.108340][T11088] Bluetooth: hci1: command tx timeout [ 757.313613][T13364] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 757.335388][T13364] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 757.383599][T13364] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 757.480144][T13364] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 757.505572][T13364] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 757.537062][T12899] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 757.576394][T13364] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 758.590266][T13505] wg1 speed is unknown, defaulting to 1000 [ 758.967868][T13364] hsr_slave_0: entered promiscuous mode [ 758.984934][T13364] hsr_slave_1: entered promiscuous mode [ 758.994312][T13364] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 759.005983][T13364] Cannot create hsr debugfs directory [ 759.178740][T11088] Bluetooth: hci1: command tx timeout [ 759.365299][T13516] syzkaller0: entered promiscuous mode [ 759.377438][T13516] syzkaller0: entered allmulticast mode [ 760.137878][T13540] tmpfs: Bad value for 'mpol' [ 761.655009][ T28] kauditd_printk_skb: 22 callbacks suppressed [ 761.655026][ T28] audit: type=1326 audit(1764095589.968:586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13549 comm="syz.4.2407" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f333298f749 code=0x0 [ 762.568919][T13553] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2408'. [ 762.691705][T13554] loop4: detected capacity change from 0 to 1024 [ 762.727156][T13554] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 762.747753][T13554] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 762.818471][T13554] JBD2: no valid journal superblock found [ 762.824359][T13554] EXT4-fs (loop4): Could not load journal inode [ 763.125884][T12212] hsr_slave_0: left promiscuous mode [ 763.166814][T12212] hsr_slave_1: left promiscuous mode [ 763.197463][T12212] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 763.221766][T12212] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 763.247186][T12212] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 763.283638][T12212] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 763.324403][T12212] batman_adv: batadv0: Interface deactivated: vxlan0 [ 763.348221][T12212] batman_adv: batadv0: Removing interface: vxlan0 [ 763.383451][T12212] bridge0: port 3(batadv0) entered disabled state [ 763.439503][T12212] bridge_slave_1: left allmulticast mode [ 763.445237][T12212] bridge_slave_1: left promiscuous mode [ 763.475633][T12212] bridge0: port 2(bridge_slave_1) entered disabled state [ 763.514718][T12212] bridge_slave_0: left allmulticast mode [ 763.528593][T12212] bridge_slave_0: left promiscuous mode [ 763.544636][T12212] bridge0: port 1(bridge_slave_0) entered disabled state [ 763.685873][T12212] veth1_macvtap: left promiscuous mode [ 763.692486][T12212] veth0_macvtap: left promiscuous mode [ 763.712214][T12212] veth1_vlan: left promiscuous mode [ 763.738885][T12212] veth0_vlan: left promiscuous mode [ 765.148631][T12212] team0 (unregistering): Port device team_slave_1 removed [ 765.209775][T12212] team0 (unregistering): Port device team_slave_0 removed [ 765.269746][T12212] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 765.327073][T12212] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 766.051097][T12212] bond0 (unregistering): Released all slaves [ 766.151166][T10642] wg1 speed is unknown, defaulting to 1000 [ 766.592187][T13581] syzkaller0: entered promiscuous mode [ 766.608140][T13581] syzkaller0: entered allmulticast mode [ 767.505968][T13600] loop4: detected capacity change from 0 to 512 [ 767.698707][T13600] ------------[ cut here ]------------ [ 767.704629][T13600] EA inode 11 i_nlink=2 [ 767.705305][T13600] WARNING: CPU: 0 PID: 13600 at fs/ext4/xattr.c:1075 ext4_xattr_inode_update_ref+0x4fb/0x550 [ 767.720573][T13600] Modules linked in: [ 767.724612][T13600] CPU: 0 PID: 13600 Comm: syz.4.2419 Not tainted syzkaller #0 [ 767.732239][T13600] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 767.742460][T13600] RIP: 0010:ext4_xattr_inode_update_ref+0x4fb/0x550 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 767.749292][T13600] Code: 8d 7e 50 4c 89 f8 48 c1 e8 03 42 80 3c 20 00 74 08 4c 89 ff e8 06 2c 9a ff 49 8b 37 48 c7 c7 e0 c6 be 8a 89 da e8 a5 39 0d ff <0f> 0b 4c 8b 74 24 08 4c 8b 7c 24 10 e9 b9 fe ff ff e8 4f 59 2c 08 [ 767.769092][T13600] RSP: 0018:ffffc900049af1c0 EFLAGS: 00010246 [ 767.775328][T13600] RAX: 72c0e78323840c00 RBX: 0000000000000002 RCX: 0000000000080000 [ 767.783472][T13600] RDX: ffffc9000ce2a000 RSI: 000000000002bef1 RDI: 000000000002bef2 [ 767.791624][T13600] RBP: ffffc900049af2b8 R08: ffff8880b8e28c13 R09: 1ffff110171c5182 [ 767.800647][T13600] R10: dffffc0000000000 R11: ffffed10171c5183 R12: dffffc0000000000 [ 767.808858][T13600] R13: ffff888077ddcaa8 R14: ffff888077ddc8b0 R15: ffff888077ddc900 [ 767.816900][T13600] FS: 00007f33337a66c0(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000 [ 767.826513][T13600] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 767.833338][T13600] CR2: 0000000000000000 CR3: 0000000065bff000 CR4: 00000000003506f0 [ 767.841512][T13600] Call Trace: [ 767.844846][T13600] [ 767.847867][T13600] ? ext4_xattr_list_entries+0x3d0/0x3d0 [ 767.853656][T13600] ? ext4_xattr_inode_iget+0x3df/0x600 [ 767.859266][T13600] ext4_xattr_set_entry+0xcda/0x1e90 [ 767.864646][T13600] ext4_xattr_ibody_set+0x254/0x6a0 [ 767.870050][T13600] ext4_expand_extra_isize_ea+0x113a/0x19e0 [ 767.876050][T13600] __ext4_expand_extra_isize+0x306/0x400 [ 767.881844][T13600] __ext4_mark_inode_dirty+0x45d/0x6e0 [ 767.887379][T13600] ext4_evict_inode+0x7ed/0xea0 [ 767.892382][T13600] ? _raw_spin_unlock+0x28/0x40 [ 767.897407][T13600] ? ext4_inode_is_fast_symlink+0x390/0x390 [ 767.903661][T13600] ? do_raw_spin_unlock+0x121/0x230 [ 767.909006][T13600] ? ext4_inode_is_fast_symlink+0x390/0x390 [ 767.914967][T13600] evict+0x486/0x870 [ 767.919001][T13600] ? __lock_acquire+0x7c80/0x7c80 [ 767.924608][T13600] ? proc_nr_inodes+0x230/0x230 [ 767.929792][T13600] ? do_raw_spin_unlock+0x121/0x230 [ 767.935068][T13600] ? _raw_spin_unlock+0x28/0x40 [ 767.940068][T13600] ? iput+0x70a/0x920 [ 767.944108][T13600] ext4_orphan_cleanup+0xbd4/0x1400 [ 767.949447][T13600] ? ext4_orphan_del+0xba0/0xba0 [ 767.954473][T13600] ? ext4_register_li_request+0x183/0x940 [ 767.960356][T13600] ? errseq_check_and_advance+0x66/0x120 [ 767.966812][T13600] ext4_fill_super+0x5de4/0x66c0 [ 767.972001][T13600] ? ext4_parse_test_dummy_encryption+0xb0/0xb0 [ 767.978374][T13600] ? __might_sleep+0xe0/0xe0 [ 767.983027][T13600] ? read_lock_is_recursive+0x20/0x20 [ 767.988560][T13600] ? snprintf+0xdb/0x120 [ 767.992913][T13600] ? vscnprintf+0x80/0x80 [ 767.997294][T13600] ? down_write+0x162/0x1f0 [ 768.001984][T13600] ? down_read_killable+0x340/0x340 [ 768.007251][T13600] ? setup_bdev_super+0x56b/0x660 [ 768.012433][T13600] get_tree_bdev+0x3e4/0x510 [ 768.017082][T13600] ? vfs_parse_fs_string+0x160/0x160 [ 768.022576][T13600] ? ext4_parse_test_dummy_encryption+0xb0/0xb0 [ 768.029486][T13600] ? setup_bdev_super+0x660/0x660 [ 768.034575][T13600] ? apparmor_capable+0x137/0x1a0 [ 768.039875][T13600] ? bpf_lsm_capable+0x9/0x10 [ 768.044633][T13600] ? security_capable+0x89/0xb0 [ 768.049697][T13600] vfs_get_tree+0x8c/0x280 [ 768.054182][T13600] do_new_mount+0x24b/0xa40 [ 768.059310][T13600] __se_sys_mount+0x2da/0x3c0 [ 768.064036][T13600] ? __x64_sys_mount+0xc0/0xc0 [ 768.068923][T13600] ? lockdep_hardirqs_on+0x98/0x150 [ 768.074191][T13600] ? __x64_sys_mount+0x20/0xc0 [ 768.079102][T13600] do_syscall_64+0x55/0xb0 [ 768.083585][T13600] ? clear_bhb_loop+0x40/0x90 [ 768.088458][T13600] ? clear_bhb_loop+0x40/0x90 [ 768.093202][T13600] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 768.099240][T13600] RIP: 0033:0x7f3332990eea [ 768.103699][T13600] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 768.123424][T13600] RSP: 002b:00007f33337a5e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 768.132564][T13600] RAX: ffffffffffffffda RBX: 00007f33337a5ef0 RCX: 00007f3332990eea [ 768.140829][T13600] RDX: 0000200000000180 RSI: 00002000000001c0 RDI: 00007f33337a5eb0 [ 768.148949][T13600] RBP: 0000200000000180 R08: 00007f33337a5ef0 R09: 0000000000800700 [ 768.156958][T13600] R10: 0000000000800700 R11: 0000000000000246 R12: 00002000000001c0 [ 768.165040][T13600] R13: 00007f33337a5eb0 R14: 000000000000046f R15: 000000000000002c [ 768.173110][T13600] [ 768.176140][T13600] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 768.183451][T13600] CPU: 0 PID: 13600 Comm: syz.4.2419 Not tainted syzkaller #0 [ 768.191020][T13600] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 768.201079][T13600] Call Trace: [ 768.204366][T13600] [ 768.207301][T13600] dump_stack_lvl+0x16c/0x230 [ 768.211994][T13600] ? show_regs_print_info+0x20/0x20 [ 768.217200][T13600] ? load_image+0x3b0/0x3b0 [ 768.221714][T13600] panic+0x2c0/0x710 [ 768.225616][T13600] ? bpf_jit_dump+0xd0/0xd0 [ 768.230162][T13600] __warn+0x2e0/0x470 [ 768.234176][T13600] ? ext4_xattr_inode_update_ref+0x4fb/0x550 [ 768.240185][T13600] ? ext4_xattr_inode_update_ref+0x4fb/0x550 [ 768.246185][T13600] report_bug+0x2be/0x4f0 [ 768.250540][T13600] ? ext4_xattr_inode_update_ref+0x4fb/0x550 [ 768.256537][T13600] ? ext4_xattr_inode_update_ref+0x4fb/0x550 [ 768.262545][T13600] ? ext4_xattr_inode_update_ref+0x4fd/0x550 [ 768.268574][T13600] handle_bug+0xcf/0x120 [ 768.272840][T13600] exc_invalid_op+0x1a/0x50 [ 768.277381][T13600] asm_exc_invalid_op+0x1a/0x20 [ 768.282245][T13600] RIP: 0010:ext4_xattr_inode_update_ref+0x4fb/0x550 [ 768.288869][T13600] Code: 8d 7e 50 4c 89 f8 48 c1 e8 03 42 80 3c 20 00 74 08 4c 89 ff e8 06 2c 9a ff 49 8b 37 48 c7 c7 e0 c6 be 8a 89 da e8 a5 39 0d ff <0f> 0b 4c 8b 74 24 08 4c 8b 7c 24 10 e9 b9 fe ff ff e8 4f 59 2c 08 [ 768.308501][T13600] RSP: 0018:ffffc900049af1c0 EFLAGS: 00010246 [ 768.314584][T13600] RAX: 72c0e78323840c00 RBX: 0000000000000002 RCX: 0000000000080000 [ 768.322571][T13600] RDX: ffffc9000ce2a000 RSI: 000000000002bef1 RDI: 000000000002bef2 [ 768.330560][T13600] RBP: ffffc900049af2b8 R08: ffff8880b8e28c13 R09: 1ffff110171c5182 [ 768.338556][T13600] R10: dffffc0000000000 R11: ffffed10171c5183 R12: dffffc0000000000 [ 768.346542][T13600] R13: ffff888077ddcaa8 R14: ffff888077ddc8b0 R15: ffff888077ddc900 [ 768.354552][T13600] ? ext4_xattr_list_entries+0x3d0/0x3d0 [ 768.360216][T13600] ? ext4_xattr_inode_iget+0x3df/0x600 [ 768.365700][T13600] ext4_xattr_set_entry+0xcda/0x1e90 [ 768.371030][T13600] ext4_xattr_ibody_set+0x254/0x6a0 [ 768.376273][T13600] ext4_expand_extra_isize_ea+0x113a/0x19e0 [ 768.382212][T13600] __ext4_expand_extra_isize+0x306/0x400 [ 768.387879][T13600] __ext4_mark_inode_dirty+0x45d/0x6e0 [ 768.393376][T13600] ext4_evict_inode+0x7ed/0xea0 [ 768.398245][T13600] ? _raw_spin_unlock+0x28/0x40 [ 768.403141][T13600] ? ext4_inode_is_fast_symlink+0x390/0x390 [ 768.409057][T13600] ? do_raw_spin_unlock+0x121/0x230 [ 768.414280][T13600] ? ext4_inode_is_fast_symlink+0x390/0x390 [ 768.420187][T13600] evict+0x486/0x870 [ 768.424122][T13600] ? __lock_acquire+0x7c80/0x7c80 [ 768.429186][T13600] ? proc_nr_inodes+0x230/0x230 [ 768.434053][T13600] ? do_raw_spin_unlock+0x121/0x230 [ 768.439313][T13600] ? _raw_spin_unlock+0x28/0x40 [ 768.444220][T13600] ? iput+0x70a/0x920 [ 768.448220][T13600] ext4_orphan_cleanup+0xbd4/0x1400 [ 768.453473][T13600] ? ext4_orphan_del+0xba0/0xba0 [ 768.458429][T13600] ? ext4_register_li_request+0x183/0x940 [ 768.464209][T13600] ? errseq_check_and_advance+0x66/0x120 [ 768.469918][T13600] ext4_fill_super+0x5de4/0x66c0 [ 768.474911][T13600] ? ext4_parse_test_dummy_encryption+0xb0/0xb0 [ 768.481178][T13600] ? __might_sleep+0xe0/0xe0 [ 768.485814][T13600] ? read_lock_is_recursive+0x20/0x20 [ 768.491242][T13600] ? snprintf+0xdb/0x120 [ 768.495528][T13600] ? vscnprintf+0x80/0x80 [ 768.499886][T13600] ? down_write+0x162/0x1f0 [ 768.504438][T13600] ? down_read_killable+0x340/0x340 [ 768.509656][T13600] ? setup_bdev_super+0x56b/0x660 [ 768.514694][T13600] get_tree_bdev+0x3e4/0x510 [ 768.519327][T13600] ? vfs_parse_fs_string+0x160/0x160 [ 768.524628][T13600] ? ext4_parse_test_dummy_encryption+0xb0/0xb0 [ 768.530896][T13600] ? setup_bdev_super+0x660/0x660 [ 768.535933][T13600] ? apparmor_capable+0x137/0x1a0 [ 768.540983][T13600] ? bpf_lsm_capable+0x9/0x10 [ 768.545679][T13600] ? security_capable+0x89/0xb0 [ 768.550549][T13600] vfs_get_tree+0x8c/0x280 [ 768.554996][T13600] do_new_mount+0x24b/0xa40 [ 768.559530][T13600] __se_sys_mount+0x2da/0x3c0 [ 768.564233][T13600] ? __x64_sys_mount+0xc0/0xc0 [ 768.569014][T13600] ? lockdep_hardirqs_on+0x98/0x150 [ 768.574234][T13600] ? __x64_sys_mount+0x20/0xc0 [ 768.579013][T13600] do_syscall_64+0x55/0xb0 [ 768.583449][T13600] ? clear_bhb_loop+0x40/0x90 [ 768.588151][T13600] ? clear_bhb_loop+0x40/0x90 [ 768.592932][T13600] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 768.598846][T13600] RIP: 0033:0x7f3332990eea [ 768.603292][T13600] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 768.622936][T13600] RSP: 002b:00007f33337a5e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 768.631463][T13600] RAX: ffffffffffffffda RBX: 00007f33337a5ef0 RCX: 00007f3332990eea [ 768.639477][T13600] RDX: 0000200000000180 RSI: 00002000000001c0 RDI: 00007f33337a5eb0 [ 768.647466][T13600] RBP: 0000200000000180 R08: 00007f33337a5ef0 R09: 0000000000800700 [ 768.655448][T13600] R10: 0000000000800700 R11: 0000000000000246 R12: 00002000000001c0 [ 768.663428][T13600] R13: 00007f33337a5eb0 R14: 000000000000046f R15: 000000000000002c [ 768.671439][T13600] [ 768.674749][T13600] Kernel Offset: disabled [ 768.679198][T13600] Rebooting in 86400 seconds..