last executing test programs: 4.834687851s ago: executing program 4 (id=951): bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, 0x0, &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b0000000000000700000000008000000000", @ANYRES32, @ANYBLOB, @ANYRES32=0x0, @ANYBLOB='\x00'/20], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f00000002c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0}, 0x18) ioctl$USBDEVFS_CONNECTINFO(0xffffffffffffffff, 0x8004550f, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r0}, 0x38) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2d, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10) r2 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'veth0_vlan\x00', 0x0}) sendmsg$nl_route_sched(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=@getchain={0x24, 0x11, 0x43d, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0xfff3, 0x4}, {0x0, 0x1b}}}, 0x24}}, 0x0) 4.234576299s ago: executing program 4 (id=959): syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x2000048, &(0x7f0000000040)={[{@nobarrier}, {@nodioread_nolock}]}, 0x4, 0x4f3, &(0x7f00000012c0)="$eJzs3c9vVEUcAPDvbru0lEJBOahRQUTRELY/gIZwES4aQ0iMxJMHqO3SNN1lm26JtHIoR+8kknjSP8GbBxNOHrx505sXPJigEg018bDmvV3apb+1P9Z2P5/k9b2ZWfY702Vm9g3sTgAt62hEzEbEnoi4FhE99fxM/YgLtSN53ONHt4fnHt0ezkS1euW3TFqe5EXDn0nsqz9nZ0S8/07ER5mlcSvTM+NDxWJhsp7unSpN9FamZ06NZes5A4P9g33nTp8d2LS2Hil99fDtsUsffPP1Sw++n33zk6Ra3Z/uT8sa27GZak3PRXdDXntEXNqKYE3SXv/7w86T9LZnIuJY2v97oi19NQGA3axa7YlqT2MaANjtkvv/7shk8/W1gO7IZvP52hre4ejKFsuVqZM95Zs3RiJdwzoYuez1sWKhr75WeDBymSTdn14vpAeeSt8tnI6IQxFxt2NvWp4fLhdHmvnGBwBa2L5F8/+fHbX5HwDY5TqbXQEAYNuZ/wGg9Zj/AaD1/Iv536cDAWCXcP8PAK3H/A8ArWfN+f/O9tQDANgW712+nBzVudr3Xz/5pu5TI4XKeL50czg/XJ6cyI+Wy6PFQn64Wl3r+Yrl8kT/mflkZXrmaql888bU1bHS0GjhaiG3lY0BANbl0JH7PyaT/uz5vekRDXs5mKthd8s2uwJA07Q1uwJA0/g8D7SuddzjWwaAXW6ZLXqfsuJ/Ebpn81fYqU48b/0fWtVG1v+tHcDO9t/W/9/a9HoA288cDq2rWs3Y8x8AWow1fmBD//4PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALao7PTLZfLoX+GzyM5vPR+yPiIORy1wfKxb6IuJARPzQketI0v3NrjQAsEHZXzL1/b9O9BzvXly6J/NXR3qOiI8/v/LZraGpqcn+JP/3+fype/X8gT3NaAAA0OjC0qzaPF0/N9zIP350e/jJsZ1VfHixtrloEneuftRK2qM9PXdGLiK6/sjU0zXJ+5W2TYg/eycinlto/62GCN3pGkht59PF8ZPY+7cg/sLvf3H87FPxs2lZcs6lv4tnN6Eu0GruX6yNk/W+l3Sxev/LxtH0vHz/70xHqI1Lxr9kLJlbMv5l58e/tiXxM2mfPzqfXr0mD898++6SzGpPrexOxAvty8XPzMfPLD/+5o6vs40/vfjysZXKql9EnFi2/U92pC6lw2zvVGmitzI9c2qsNDRaGC3cGBgY7B/sO3f67EBvukZd+/ndcjF+PX/ywErxk/Z3rRC/c/X2x2vrbP+Xf1/78JVV4r/x6vKv/+FV4idz4uvrjD/UdWHF7buT+CMrtH+N1z9OrjP+g59nRtb5UABgG1SmZ8aHisXC5BoXyXvNtR7jYmdexGzEZj1huigREf+HdrnYyEWzRyZgqy10+mbXBAAAAAAAAAAAAAAAWEllema8Y4s/rdXsNgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALB7/RMAAP//TwTJNg==") setxattr$security_capability(0x0, &(0x7f0000000280), 0x0, 0x0, 0x0) lgetxattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000280)=ANY=[], 0x0, 0x0) 4.119777318s ago: executing program 1 (id=963): socket$nl_route(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x5, 0x0, 0x0, 0x0, 0x61, 0x10, 0x4}, [@ldst={0x3, 0x0, 0x3, 0x1c10a1, 0x0, 0x2c}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) splice(r1, 0x0, r2, 0x0, 0x1, 0x0) vmsplice(r2, &(0x7f00000005c0)=[{&(0x7f0000000180)="04", 0x1}], 0x1, 0x6) socket(0x10, 0x3, 0x0) pselect6(0x40, &(0x7f00000001c0)={0x2, 0x0, 0x3ff, 0xfffffffffffffffd, 0x8, 0x0, 0x1}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x2, 0x9, 0x0, 0xffffffffffffffff, 0x8467, 0x8}, 0x0, 0x0) write(r0, 0x0, 0x0) 3.894730547s ago: executing program 4 (id=965): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000ac0)={0x18, 0x13, &(0x7f00000002c0)=ANY=[@ANYBLOB="1c0000000000000000fc4dffffffff853a", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000000000950000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7020000000000008500000086000000bf91000000000000b7020000000000008500000085000000b7000000000000009500000000000000"], &(0x7f00000003c0)='GPL\x00', 0x9, 0xe6, &(0x7f00000009c0)=""/230, 0x41100, 0x70, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, &(0x7f0000000400)=[{0x2, 0x5, 0x1, 0x1}, {0x0, 0x400001, 0xa, 0x4}, {0x1, 0x3, 0xa, 0xc}], 0x10, 0x8, @void, @value}, 0x94) r2 = socket$nl_generic(0x10, 0x3, 0x10) recvmmsg(r2, &(0x7f00000027c0)=[{{0x0, 0x0, 0x0}, 0x2}], 0x1, 0x100, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000000040), 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000140)) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00'}, 0x10) r3 = socket(0x10, 0x80003, 0x0) write(r3, &(0x7f0000000000)="240000001a005f0214f9f407000904000a000000fe0000000000000008000f00fd000000", 0x85) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000003900)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b07080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf5af51d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa16509945ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a0000000000000000000000000000cf7b6c4ba9bec153d6834bfef080df374703a8ff56a63ec1fe5f2e05a79e3cace7283dd68d41e94420c325fe4dae144fde5ec25a87d625cab20753a77b323fa3783c8b675859b9012647885a242adfee2fe812ecbe5191e0a15142f7349e7627cc39d724e2e34e7a24154f26ae3125b36d0504965295d0453902ac7079b11a3a1e655e482331e3dc35b2e7e4e3ea99064fe5b9c8ae0ca3e5fd653f3286a99d81ce4eba765c38d097391ad4babac38ce5b4344e24a361cd54e5"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x2e) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r4}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0xd, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="850000006c000000760000000000000027000000000004009500000000000000"], &(0x7f0000000040)='syzkaller\x00', 0x4, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xfffffffffffffed8, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x23) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r5, 0x29, 0x40, &(0x7f0000000680)=@raw={'raw\x00', 0x3c1, 0x3, 0x2b8, 0xf0, 0x6c, 0x300, 0x0, 0x0, 0x1e8, 0x2e8, 0x2e8, 0x1e8, 0x2e8, 0x3, 0x0, {[{{@uncond, 0x0, 0xa8, 0xf0}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz1\x00'}}}, {{@ipv6={@local, @local, [], [], 'ip6_vti0\x00', 'veth0\x00'}, 0x0, 0xd0, 0xf8, 0x0, {}, [@common=@unspec=@connlabel={{0x28}, {0x0, 0x5}}]}, @common=@inet=@SET1={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x318) dup2(r0, r3) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x200400a1}, 0x20010084) syz_usb_connect(0x6, 0x24, 0x0, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) r6 = socket$nl_route(0x10, 0x3, 0x0) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) sendmsg$nl_route(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)=ANY=[@ANYBLOB="50000000100003040000000000000000f2000000", @ANYRES32=0x0, @ANYBLOB="00000000000000002800128009000100766c616e000000001800028006000100010000000c000200540a00001800000008000500", @ANYRES32], 0x50}, 0x1, 0xba01}, 0x0) fcntl$getownex(0xffffffffffffffff, 0x5, &(0x7f0000000100)) r7 = socket(0x10, 0x3, 0x0) sendmsg$kcm(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f8480d0000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0) write(r7, &(0x7f0000000000)="2400000011005f0414f9f40700090400810000000d0000000000000008000f0001000000", 0x24) 3.027110253s ago: executing program 1 (id=973): r0 = epoll_create1(0x0) r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/wakeup_count', 0x0, 0x0) r2 = io_uring_setup(0x2391, &(0x7f0000000a40)={0x0, 0x0, 0x2, 0xeffffffe, 0x3bb, 0x0, r1}) close_range(r2, 0xffffffffffffffff, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f00000000c0)={0x60002015}) read$char_usb(r1, &(0x7f0000001980)=""/179, 0xb3) 2.679954972s ago: executing program 1 (id=977): bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) r0 = socket$xdp(0x2c, 0x3, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$devlink(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_RATE_NEW(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000300)={0x34, r2, 0x1, 0x0, 0x0, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}}, 0x0) setsockopt$XDP_TX_RING(r0, 0x11b, 0x3, &(0x7f00000002c0)=0x1000000, 0x4) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000140)='contention_end\x00', r3}, 0x10) 2.170441789s ago: executing program 3 (id=983): socket$nl_route(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x5, 0x0, 0x0, 0x0, 0x61, 0x10, 0x4}, [@ldst={0x3, 0x0, 0x3, 0x1c10a1, 0x0, 0x2c}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) vmsplice(r1, &(0x7f00000005c0)=[{&(0x7f0000000180)="04", 0x1}], 0x1, 0x6) socket(0x10, 0x3, 0x0) pselect6(0x40, &(0x7f00000001c0)={0x2, 0x0, 0x3ff, 0xfffffffffffffffd, 0x8, 0x0, 0x1}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x2, 0x9, 0x0, 0xffffffffffffffff, 0x8467, 0x8}, 0x0, 0x0) write(r0, 0x0, 0x0) 2.011237178s ago: executing program 0 (id=985): unshare(0x20000400) rseq(0x0, 0x0, 0x0, 0x0) r0 = socket(0x2000000000000021, 0x2, 0x10000000000002) connect$rxrpc(r0, &(0x7f0000000140)=@in4={0x21, 0x0, 0x2, 0x10}, 0x24) sendmmsg(r0, &(0x7f0000000180)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)=[{0x18, 0x110, 0x1, '\n'}], 0x18, 0xe000}, 0x5}], 0x1, 0x0) 1.797632248s ago: executing program 0 (id=986): r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x2c41, 0x0) flock(r0, 0x5) r1 = openat(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x0, 0x0) flock(r1, 0x5) r2 = syz_open_procfs(0x0, &(0x7f0000000280)='fdinfo/4\x00') preadv(r2, &(0x7f0000001600)=[{&(0x7f0000000040)=""/35, 0x2b}], 0x1, 0x0, 0x0) 1.796272438s ago: executing program 1 (id=987): r0 = epoll_create1(0x0) r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/wakeup_count', 0x0, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f00000000c0)={0x60002015}) read$char_usb(r1, &(0x7f0000001980)=""/179, 0xb3) 1.600085817s ago: executing program 0 (id=989): openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0xe0c81) r0 = fsopen(&(0x7f0000000100)='configfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x1) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180100002100000000000000000000008500000075000000a50000002300000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00', r2}, 0x10) fchdir(r1) r3 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) getdents(r3, &(0x7f0000001fc0)=""/184, 0x20002078) 1.416332756s ago: executing program 0 (id=991): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x18) r0 = openat$ppp(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$TUNSETOFFLOAD(r0, 0xc004743e, 0x20001400) mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bpf(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180), 0x0, 0x0) chdir(&(0x7f0000000000)='./file0\x00') r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000300)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000000700000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='ext4_es_lookup_extent_enter\x00', r1}, 0x10) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000000c0)=@generic={&(0x7f0000000080)='./file0\x00', r2}, 0x18) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000500)=@generic={&(0x7f00000004c0)='./file0\x00'}, 0x18) ioctl$TUNSETOFFLOAD(r0, 0x4010744d, 0x20000000) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000002c0)=@ipmr_getroute={0x1c, 0x1a, 0x100, 0x70bd29, 0x25dfdbfd, {0x80, 0x4, 0x0, 0xe, 0xff, 0x2, 0x0, 0x0, 0x100}, ["", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x8000}, 0x0) syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000480)='./file1\x00', 0x0, &(0x7f0000000280), 0x1, 0x787, &(0x7f0000001000)="$eJzs3c9rHFUcAPDvbJKmSauJIGg9BQQNlG5Mja2Ch4oHESwU9Gy7bLahZpMt2U1pQg4tIngRVDwIeunZH/Xm1R9X/S88SEvVtFjxIJHZH+222U03bXY3kM8HXva9mdm89903P97sDDsB7FkT6Z9MxKGI+DiJGKtPTyJiqJobjDhRW+72+lo+TUlsbLz9Z1Jd5tb6Wj6a3pM6UC88HRE/fRBxOLO53vLK6nyuWCws1ctTlYXzU+WV1SPnFnJzhbnC4rHpmZmjx186fmznYv3719WD1z954/lvT/z7/lNXP/o5iRNxsD6vOY6dMhET9c9kKP0I7/H6TlfWZ0m/G8BDSTfNgdpWHodiLAaquTZGetkyAKBbNgCAPSgxBgCAPabxPcCt9bV8I/X3G4neuvFaROyvxd+4vlmbM1i/Zre/eh109FZyz5WRJCLGd6D+iYj48vt3v05T1PvBtTSgFy5djogz4xOb9//JpnsWtuuFrWZuDFdfJu6bvNeOP9BPP6Tjn5dbjf8yd8Y/0WL8M9xi230YD97+M9d2oJq20vHfq033tt1uir9ufKBeeqw65htKzp4rFtJ92+MRMRlDw2l5urpo65Hb5M3/brarv3n899en732V1p++3l0ic21w+N73zOYquUeNu+HG5YhnBlvFn9zp/6TN+PdUh3W8+cqHX7Sbl8afxttIm+Pvro0rEc+17P+7fZlseX/iVHV1mGqsFC1899vno+3qb+7/NKX1N84FeiHt/9Gt4x9Pmu/XLG+/jl+ujP3Ybt6D42+9/u9L3qnm99WnXcxVKkvTEfuStzZPP3r3vY1yY/k0/slnW2//tWpbr//pOeGZDuMfvP7HNw8ff3el8c9uq/+3n7l6e36gXf2d9f9MNTdZn9LJ/q/TBj7KZwcAAAAAAAAAAAAAAAAAAAAAAAAAncpExMFIMtk7+Uwmm609w/vJGM0US+XK4bOl5cXZqD4rezyGMo2fuhxr+j3U6frv4TfKR+8rvxgRT0TEZ8Mj1XI2XyrO9jt4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKg70Ob5/6nfh/vdOgCga/b3uwEAQM85/gPA3rO94/9I19oBAPSO838A2Hs6Pv6f6W47AIDecf4PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAl506eTJNG/+sr+XT8uyFleX50oUjs4XyfHZhOZ/Nl5bOZ+dKpbliIZsvLbT9R5dqL8VS6fxMLC5fnKoUypWp8srq6YXS8mLl9LmF3FzhdGGoZ5EBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQOfKK6vzuWKxsCSzZWZkdzRj12QGY1c0Q6Zrmea9xEj/dlAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAu9z/AQAA//+MoS4e") pwritev2(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000080)="ff", 0xabfb}], 0x1, 0x5405, 0x0, 0x0) 1.147291075s ago: executing program 3 (id=993): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b70200000302000085"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r2 = socket$kcm(0x10, 0x2, 0x10) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x46, &(0x7f0000000000)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000001000d40000000000000000000000000a20000000000a03000000000000000000010000000900010073797a3000000000bc000000160a01000000000000000000010000000900010073797a30000000000900020073797a30000000009000038008000240000000007c00038014000100626f6e64300000000000000000000000140001006970766c616e31000000000000000000140001006970766c616e300000000000000000001400010073697430000000000000fbffffffffffffff0100776c616e300000000000000000000000140001006772653000000000000000000000040008000140000000005c000000180a01010000000000000000010000000900020073797a30000000000900010073797a3000000000300003802c0003"], 0x4b0}, 0x1, 0x0, 0x0, 0x44}, 0x0) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0xffffff2d, &(0x7f0000000080)=[{&(0x7f0000000040)="c00e02003c000b05d25a806f8c6394f90124fc600c05000f90c60100053582c137153e370a48018004f01700d1bd", 0x33fe0}], 0x1, 0x0, 0x0, 0x5}, 0x0) connect$pppl2tp(0xffffffffffffffff, 0x0, 0x0) 1.004094264s ago: executing program 2 (id=994): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000b40)=@allocspi={0x154, 0x16, 0x51, 0x70bd28, 0x25dfdbfb, {{{@in6=@dev={0xfe, 0x80, '\x00', 0x40}, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x2, 0x9, 0x4e21, 0x0, 0x0, 0x40, 0x20, 0x33}, {@in6=@dev={0xfe, 0x80, '\x00', 0x3f}, 0x4d4, 0x32}, @in=@loopback, {0x9, 0x6, 0x1a3c, 0x7fff, 0xb, 0x7, 0x5, 0x5}, {0x1, 0x5, 0x6, 0x7}, {0x80, 0x65f, 0x40}, 0x70bd27, 0x3501, 0xa, 0x2, 0x6, 0x4a}, 0x4, 0x7}, [@srcaddr={0x14, 0xd, @in=@multicast1}, @algo_auth={0x48, 0x1, {{'wp256\x00'}}}]}, 0x154}, 0x1, 0x0, 0x0, 0x4040000}, 0x20008854) 927.807394ms ago: executing program 2 (id=995): r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x3) 823.939263ms ago: executing program 3 (id=996): unshare(0x20000400) rseq(0x0, 0x0, 0x0, 0x0) r0 = socket(0x2000000000000021, 0x2, 0x10000000000002) connect$rxrpc(r0, &(0x7f0000000140)=@in4={0x21, 0x0, 0x2, 0x10}, 0x24) sendmmsg(r0, &(0x7f0000000180)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)=[{0x18, 0x110, 0x1, '\n'}], 0x18, 0xe000}, 0x5}], 0x1, 0x0) 823.739293ms ago: executing program 0 (id=997): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000440)=@framed, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) r2 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000240)={'syzkaller1\x00', @link_local}) write$tun(r1, &(0x7f0000000040)={@val={0x800e, 0xcfdc}, @void, @eth={@broadcast, @local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x4, 0x0, @empty, @multicast1}, {0x0, 0x0, 0x14, 0x0, @opaque="6f841fcaf955c253e28c7ab3"}}}}}}, 0x3a) 747.300803ms ago: executing program 2 (id=998): r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000200), 0x800) ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r0, 0x4058534c, &(0x7f0000000180)={0x80, 0x2a, 0x1}) 722.179253ms ago: executing program 1 (id=999): r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$pppl2tp(0xffffffffffffffff, &(0x7f00000002c0)=@pppol2tpin6={0x18, 0x1, {0x0, r0, 0x8, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @rand_addr=' \x01\x00'}}}, 0x32) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$pppl2tp(0x18, 0x1, 0x1) r3 = socket$inet_udp(0x2, 0x2, 0x0) connect$pppl2tp(r2, &(0x7f0000000980)=@pppol2tpin6={0x18, 0x1, {0x0, r3, 0xffff, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @local}}}, 0x32) r4 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$L2TP_CMD_TUNNEL_CREATE(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000400)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="1709000000000000000001000000080009000200000414001f00fe8000000000000000000000000000aa1400200000000000000000000000ffffac1414bb0500070000000000060002000100000008000a"], 0x5c}}, 0x0) 620.284493ms ago: executing program 4 (id=1000): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000080850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kmem_cache_free\x00', r0, 0x0, 0xe86}, 0x18) r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0xa040, 0x1a7) fcntl$setlease(r1, 0x400, 0x0) fsetxattr$trusted_overlay_redirect(r1, &(0x7f0000000040), 0x0, 0x0, 0x0) 486.679282ms ago: executing program 3 (id=1001): r0 = socket$key(0xf, 0x3, 0x2) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2, @void, @value}, 0x94) sendmsg$key(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000480)=ANY=[@ANYBLOB="0213"], 0x10}}, 0x0) 435.938052ms ago: executing program 2 (id=1002): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x6, 0xc, &(0x7f0000000100)=ANY=[@ANYBLOB="18020000feffffff0000000000000000850000004100000018010000756c6c2500000000003c20207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x0, 0x2100, 0x2, &(0x7f0000000100), 0x0, 0x1008, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50) 411.928422ms ago: executing program 1 (id=1003): socket$nl_route(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x5, 0x0, 0x0, 0x0, 0x61, 0x10, 0x4}, [@ldst={0x3, 0x0, 0x3, 0x1c10a1, 0x0, 0x2c}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) vmsplice(r1, &(0x7f00000005c0)=[{&(0x7f0000000180)="04", 0x1}], 0x1, 0x6) socket(0x10, 0x3, 0x0) pselect6(0x40, &(0x7f00000001c0)={0x2, 0x0, 0x3ff, 0xfffffffffffffffd, 0x8, 0x0, 0x1}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x2, 0x9, 0x0, 0xffffffffffffffff, 0x8467, 0x8}, 0x0, 0x0) write(r0, 0x0, 0x0) 317.112621ms ago: executing program 4 (id=1004): r0 = socket$inet6(0xa, 0x2, 0x0) sendmmsg$inet6(r0, &(0x7f0000001080)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x18000, @remote, 0x19}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000140)="56501366ff47fd29ff39cc10d7e7ae240fee90ea7a4c89f1cdfe3f2e0f12891baba90886caf8977d0dcc6338d17d0397c438fe56f4fd24f0d26f089b56063df93af577207606008d7529d7193dd969a7bde4830ccde8d43cf98710ed126a70330d84c9dd89ddfb0305a5641fb304873b69dbe550f65bf4b242061568a1e70f5e3d93d647a43ca2a0b6352f5e64f6c81fa481cd4026145794cced58f1af18d4cf93fd54849ed012191f2654ee88b2496efbb1f4d2307ad5d4bb65a112de02", 0xbe}], 0x1, &(0x7f00000020c0)=ANY=[@ANYBLOB="38020000000000002900000036000000004300000000000004013f040100c910ff010000000000000000000000000001c910fc0000000000000000000000800000000000000040000000000e07010101000000010000000200000000000000000000000000000001000000010000002000000000000000ffffffff00000000ffffffffffffff7f06aeb07c1c192077cc9e7c45705803ad5588ca8b194d23f748fe792cfa3d32221f25d73b8ffe64a4ddda6efcfb7483b588194d29c7a04395d8500965a9a1d07879040c44db1d5d6f618d2ab920f0bf168ddc9acc6a51edd1230760d4ae8bf30f5f82a78e8114849ee8e37364560400000035bfa8197ef2ba99103ee5f5aae28ec5c8e2675db11530f5c466d55f2244d479dc653c854406155eada3eaeb90d39149b8d13bab75a9bd1452c8c76284b9ddfbeff41344e64f1771d78a706e1c5a6d63f1c954e24a1e73f75c26e9f09ec9b606cc3470f11c4842db651926bd2263a4a0a8fe80de8b2f9cb176e51819d5f4d10a5d1f0488d5e46953fbfd750f6137fbebe89a8d462158a87f9622355104b4f68d7a6d3ad85c373ea52a25afad37ffb743a5c361158087904b09fcc806d032bac00ee0e0251fc032446e45a3e12417ff4703526ffc45f71567857777927903799e0ba453334186009d22e38099c67b5350c7e82136bba947a18fb61d36fcba1f9efe3d79485d06252702833dc8ee417f40bb9064878fb89dd75a49135e5df148c4ad1e1d5626b44c8112d822f4c9a05e693fd5ae5595627f8684016b37a2bf6d0040030000000000002900000037000000006500000000000000fb1a63687c244e6df3aecb13d6eb957495b669cc032f6d0a11a5e16eed9937b046c9dc1a61dcf9754b767df4735c3f8c37b4d5cd15a99c5a19cc62c921ad4e90d6e3695ec1891223a53600d5121b5735acafb556e22279975f958ad437c76573e544506e58455772eb11493af933099a5dc7e9e0c8b907e68e23e59d7b94bc774309e2047132758b60955301f277a9032b0bc47e660b243e9e2126733f13ab99055a0999068ada35a38d105a0100000000000000e28695ecae3944413b7764eefde26ed571d857b2cb2dd1b2a4a84c1fec0799cf90f57f7a6d35e2b60cd425b9372ae4a27f453e5d7da2eacd3b98cdb10cec9152d5829c251112e2a59ea0cd280f3d08849b6cd43d25e3dcd62f7c7dee6123a2682daf4aa9a856b31e9204c5c2b80b84dbeec05d93a64a550f1ebc326488cd620c6fe1aa266a0ce5b24be03b5037786e037cc85ed61f362e081fb694e12e54fcb9eb0f86d6d91fd159023a073278f84d6ada8f9aa25ec223d268f3291b25392c941740932bd1a82f40a8fc586db23d2f6240ce883e3c1dc1e0d07fc3aa73a9ac82a1538d129c9e66cb6a8100abe95bc4064581e8c01ce65ba3ea751db5d8c0a1173fe62b2fd2d415042a97ade4d274a466b6c597eed6bf5d7a305ead804c36b9e1c314b26676ed83412417610d3cf4d07e5b24cf3de9c790ae93850e0f8bba047b710cf340c78a80cef5f6665a647681ff5f7b6ecce8ab65e26406b6a6e0e72ff8501c545bffc00f034dc3a5b251390ae68bb61d936dc9a24e6f66c72e7911c51c716dfd4304566fb32e6c2745d232f990d0bbe0ddf9dc58398dda292c07b16da766a37c60bd9993b4f21e64103602000000db47d7990d5a007faccb2f86660079f2e229723bce870aec3f7f4e529c92add713590ce6c0ea1a0499fb76d32636cfd18b6b39fb48f1a6d46f6ae8f45c47ee8260f9531070d170ab92739be0bdf5b76f8a9b93a5e550dfecab79d2e46085a67024b6be883c79ade2873458fda5a7f4eb62b05634356ee3b45723f4cff19c654ad441ff5b8792df7f18d8418351e195151b1b3532e742a6525c86efdb29653f35ce8e0a41c8c6d39f39531e13aeb1172893eeedd83b6afb939f8e6abc5482696aa48918000000000000002900000037"], 0x590}}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000000100)="13cf", 0x2}], 0x1}}, {{0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000340)}], 0x1}}], 0x3, 0x8048001) 247.882851ms ago: executing program 2 (id=1005): r0 = socket(0x10, 0x803, 0x0) getsockname$packet(r0, &(0x7f0000000740)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000700)=0x14) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r1, 0x0, 0x13b1}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @ipip6={{0xb}, {0x18, 0x2, 0x0, 0x1, [@IFLA_IPTUN_REMOTE={0x14, 0x3, @mcast2}]}}}]}, 0x48}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000540)=@newlink={0x3c, 0x10, 0x401, 0x70bd27, 0x25dfdbff, {0x0, 0x0, 0x0, r1, 0x5000, 0x22040}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @ipip6={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_IPTUN_ENCAP_DPORT={0x6, 0x12, 0x4e22}]}}}]}, 0x3c}}, 0x20004090) 247.633551ms ago: executing program 3 (id=1006): bpf$MAP_CREATE(0x0, 0x0, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r0}, 0x0, &(0x7f0000000040)}, 0x20) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) r2 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r2, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)="d80000001c0081064e81f782db44b9040a1d08040e00000000000aa1180002000600142603600e1208000f0000810401a8001605200001400200000803600cfab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef52a98516277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5a074edbb57a5025ccca9e00360db70100000040fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9701", 0xd8}], 0x1, 0x0, 0x0, 0x7400}, 0x0) 196.649081ms ago: executing program 0 (id=1007): bpf$MAP_CREATE(0x0, 0x0, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000340)={[{@nogrpid}, {@resuid}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@jqfmt_vfsv0}, {@nombcache}, {@quota}]}, 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV") lsetxattr$trusted_overlay_upper(&(0x7f0000000100)='./file1\x00', &(0x7f00000000c0), &(0x7f0000000040)=ANY=[], 0xfe37, 0x0) creat(&(0x7f0000000140)='./file2\x00', 0x1ad) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0a000000020000000900000008"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000380)='kfree\x00', r1}, 0x18) unlink(&(0x7f0000000000)='./file1\x00') 81.30363ms ago: executing program 4 (id=1008): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x2004048, &(0x7f0000000440), 0x6, 0x56a, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) pwrite64(r0, &(0x7f00000000c0)='a', 0x200000c1, 0x9000) 39.18166ms ago: executing program 3 (id=1009): r0 = epoll_create1(0x0) r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/wakeup_count', 0x0, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f00000000c0)={0x60002015}) read$char_usb(r1, &(0x7f0000001980)=""/179, 0xb3) 0s ago: executing program 2 (id=1010): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) socket$nl_rdma(0x10, 0x3, 0x14) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000100)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x3}, 0x3}, 0x1c) r0 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r1 = eventfd(0x8800a6) write$eventfd(r1, &(0x7f0000000000)=0xfffffffffffffff7, 0x8) kernel console output (not intermixed with test programs): orcing read-only mode [ 90.830356][ T4501] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e000e118, mo2=0002] [ 90.860162][ T4501] System zones: 0-1, 15-15, 18-18, 34-34 [ 90.871681][ T4501] EXT4-fs (loop1): orphan cleanup on readonly fs [ 90.878260][ T4501] EXT4-fs warning (device loop1): ext4_enable_quotas:7029: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 90.904594][ T4501] EXT4-fs (loop1): Cannot turn on quotas: error -22 [ 90.917409][ T4501] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.65: bg 0: block 40: padding at end of block bitmap is not set [ 90.986034][ T4501] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6170: Corrupt filesystem [ 90.995814][ T4501] EXT4-fs (loop1): 1 truncate cleaned up [ 91.002059][ T4501] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 91.028084][ T4501] EXT4-fs error (device loop1): ext4_encrypted_get_link:46: inode #16: comm syz.1.65: bad symlink. [ 91.082429][ T4251] EXT4-fs (loop1): unmounting filesystem. [ 91.263158][ T4517] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 91.341303][ T4513] device syzkaller0 entered promiscuous mode [ 91.342610][ T4524] capability: warning: `syz.4.74' uses deprecated v2 capabilities in a way that may be insecure [ 91.374877][ T4521] loop3: detected capacity change from 0 to 512 [ 91.382368][ T4521] EXT4-fs: Ignoring removed oldalloc option [ 91.400622][ T4521] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 91.436808][ T4517] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 91.457291][ T4521] EXT4-fs (loop3): 1 truncate cleaned up [ 91.473675][ T4521] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 91.508256][ T4521] EXT4-fs (loop3): unmounting filesystem. [ 91.528678][ T4529] loop0: detected capacity change from 0 to 512 [ 91.536258][ T4529] EXT4-fs: Ignoring removed oldalloc option [ 91.546222][ T4529] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 91.574217][ T4517] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 91.610176][ T4521] support for the xor transformation has been removed. [ 91.619104][ T4529] EXT4-fs (loop0): 1 truncate cleaned up [ 91.684331][ T4529] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 91.717895][ T4517] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 91.875811][ T4532] netlink: 'syz.4.78': attribute type 1 has an invalid length. [ 91.925032][ T4532] netlink: 83992 bytes leftover after parsing attributes in process `syz.4.78'. [ 92.139100][ T4248] EXT4-fs (loop0): unmounting filesystem. [ 92.461623][ T4546] loop2: detected capacity change from 0 to 2048 [ 92.733463][ T4556] loop3: detected capacity change from 0 to 1024 [ 92.785726][ T4556] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 92.993683][ T4263] EXT4-fs (loop3): unmounting filesystem. [ 93.134801][ T4575] tmpfs: Bad value for 'nr_inodes' [ 93.204595][ T4575] loop4: detected capacity change from 0 to 164 [ 93.242556][ T4575] Unable to read rock-ridge attributes [ 93.673721][ T4517] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.722430][ T4517] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.725117][ T4601] loop3: detected capacity change from 0 to 128 [ 93.766916][ T4517] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.828593][ T4586] loop4: detected capacity change from 0 to 512 [ 93.853848][ T4517] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.887064][ T4586] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e842c11c, mo2=0002] [ 93.910041][ T4586] System zones: 0-2, 18-18, 34-34 [ 93.935401][ T4586] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.102: bg 0: block 248: padding at end of block bitmap is not set [ 93.954283][ T4586] __quota_error: 53 callbacks suppressed [ 93.954303][ T4586] Quota error (device loop4): write_blk: dquota write failed [ 93.968828][ T4586] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota [ 93.979025][ T4586] EXT4-fs error (device loop4): ext4_acquire_dquot:6794: comm syz.4.102: Failed to acquire dquot type 1 [ 93.994708][ T4586] EXT4-fs (loop4): 1 truncate cleaned up [ 94.006198][ T4586] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 94.015600][ T4586] ext4 filesystem being mounted at /26/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 94.045559][ T4586] xt_CT: You must specify a L4 protocol and not use inversions on it [ 94.187601][ T27] audit: type=1326 audit(1734790881.047:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4610 comm="syz.2.109" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ff9785d29 code=0x7ffc0000 [ 94.257359][ T4256] EXT4-fs (loop4): unmounting filesystem. [ 94.264239][ T27] audit: type=1326 audit(1734790881.087:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4610 comm="syz.2.109" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ff9785d29 code=0x7ffc0000 [ 94.372979][ T27] audit: type=1326 audit(1734790881.087:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4610 comm="syz.2.109" exe="/root/syz-executor" sig=0 arch=c000003e syscall=75 compat=0 ip=0x7f0ff9785d29 code=0x7ffc0000 [ 94.467079][ T27] audit: type=1326 audit(1734790881.087:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4610 comm="syz.2.109" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ff9785d29 code=0x7ffc0000 [ 94.493935][ T4621] xt_hashlimit: max too large, truncated to 1048576 [ 94.526636][ T4620] loop1: detected capacity change from 0 to 2048 [ 94.545412][ T27] audit: type=1326 audit(1734790881.087:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4610 comm="syz.2.109" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ff9785d29 code=0x7ffc0000 [ 94.588406][ T4623] netlink: 16 bytes leftover after parsing attributes in process `syz.2.114'. [ 94.599293][ T27] audit: type=1326 audit(1734790881.287:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4616 comm="syz.3.112" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fa2585d29 code=0x7ffc0000 [ 94.602277][ T4624] loop4: detected capacity change from 0 to 512 [ 94.692132][ T27] audit: type=1326 audit(1734790881.287:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4616 comm="syz.3.112" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fa2585d29 code=0x7ffc0000 [ 94.746556][ T27] audit: type=1326 audit(1734790881.297:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4616 comm="syz.3.112" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9fa2585d29 code=0x7ffc0000 [ 94.752296][ T4624] EXT4-fs error (device loop4): ext4_acquire_dquot:6794: comm syz.4.111: Failed to acquire dquot type 1 [ 94.913757][ T4624] EXT4-fs (loop4): 1 truncate cleaned up [ 94.919530][ T4624] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 94.954253][ T4624] ext4 filesystem being mounted at /27/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 95.017363][ T4635] syz.2.117[4635] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 95.017482][ T4635] syz.2.117[4635] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 95.062150][ T4637] loop3: detected capacity change from 0 to 128 [ 95.097820][ T4256] EXT4-fs (loop4): unmounting filesystem. [ 95.239215][ T4639] netdevsim netdevsim0 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 95.256457][ T4639] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 95.332227][ T4645] netlink: 4 bytes leftover after parsing attributes in process `syz.4.122'. [ 95.369156][ T4645] device bridge_slave_1 left promiscuous mode [ 95.409950][ T4645] bridge0: port 2(bridge_slave_1) entered disabled state [ 95.432756][ T4645] device bridge_slave_0 left promiscuous mode [ 95.447515][ T4645] bridge0: port 1(bridge_slave_0) entered disabled state [ 95.574196][ T4647] netlink: 20 bytes leftover after parsing attributes in process `syz.2.123'. [ 95.593470][ T4647] netlink: 4 bytes leftover after parsing attributes in process `syz.2.123'. [ 95.758130][ T4639] netdevsim netdevsim0 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 95.822663][ T4639] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 95.950139][ T4654] device syzkaller0 entered promiscuous mode [ 96.043470][ T4639] netdevsim netdevsim0 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 96.070425][ T4659] loop2: detected capacity change from 0 to 8192 [ 96.079882][ T4639] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 96.648163][ T4675] loop1: detected capacity change from 0 to 128 [ 96.725319][ T4327] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 96.889048][ T4682] loop2: detected capacity change from 0 to 1024 [ 96.909663][ T4682] EXT4-fs: Ignoring removed orlov option [ 96.962023][ T4682] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 97.257333][ T4259] EXT4-fs (loop2): unmounting filesystem. [ 97.509800][ T4692] loop2: detected capacity change from 0 to 8192 [ 98.130837][ T4707] syz.2.145 uses obsolete (PF_INET,SOCK_PACKET) [ 98.461474][ T4712] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(5) [ 98.468412][ T4712] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 98.479375][ T4712] vhci_hcd vhci_hcd.0: Device attached [ 98.504294][ T4713] vhci_hcd: connection closed [ 98.506956][ T4312] vhci_hcd: stop threads [ 98.526757][ T4312] vhci_hcd: release socket [ 98.531921][ T4312] vhci_hcd: disconnect device [ 99.087637][ T4717] loop1: detected capacity change from 0 to 128 [ 99.145627][ T4327] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 99.585129][ T4725] loop1: detected capacity change from 0 to 512 [ 99.628043][ T4725] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 99.629386][ T4639] netdevsim netdevsim0 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 99.660641][ T4725] EXT4-fs (loop1): orphan cleanup on readonly fs [ 99.669281][ T4639] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 99.693664][ T4725] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.151: bg 0: block 248: padding at end of block bitmap is not set [ 99.734159][ T4725] __quota_error: 24 callbacks suppressed [ 99.734181][ T4725] Quota error (device loop1): write_blk: dquota write failed [ 99.749281][ T4725] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota [ 99.768118][ T4725] EXT4-fs error (device loop1): ext4_acquire_dquot:6794: comm syz.1.151: Failed to acquire dquot type 1 [ 99.781113][ T4706] netlink: 4 bytes leftover after parsing attributes in process `syz.4.146'. [ 99.795702][ T4725] EXT4-fs (loop1): 1 truncate cleaned up [ 99.844336][ T4725] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 99.908257][ T4730] loop3: detected capacity change from 0 to 8192 [ 100.245440][ T4639] netdevsim netdevsim0 eth0: set [0, 0] type 1 family 0 port 8472 - 0 [ 100.254959][ T4639] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.271047][ T4639] netdevsim netdevsim0 eth1: set [0, 0] type 1 family 0 port 8472 - 0 [ 100.279310][ T4639] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.325777][ T4639] netdevsim netdevsim0 eth2: set [0, 0] type 1 family 0 port 8472 - 0 [ 100.340723][ T4639] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.353790][ T4737] netlink: 'syz.2.156': attribute type 4 has an invalid length. [ 100.369892][ T4737] netlink: 3657 bytes leftover after parsing attributes in process `syz.2.156'. [ 100.404505][ T4639] netdevsim netdevsim0 eth3: set [0, 0] type 1 family 0 port 8472 - 0 [ 100.415491][ T4251] EXT4-fs (loop1): unmounting filesystem. [ 100.415555][ T4639] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.949620][ T4755] loop1: detected capacity change from 0 to 512 [ 100.979664][ T4755] EXT4-fs: Ignoring removed oldalloc option [ 101.033926][ T4755] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 101.094778][ T4755] EXT4-fs (loop1): 1 truncate cleaned up [ 101.123011][ T4755] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 101.192754][ T27] audit: type=1804 audit(1734790888.057:130): pid=4755 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.164" name="/newroot/29/bus/bus" dev="loop1" ino=18 res=1 errno=0 [ 101.508781][ T4251] EXT4-fs (loop1): unmounting filesystem. [ 101.705913][ T27] audit: type=1326 audit(1734790888.567:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4778 comm="syz.2.175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ff9785d29 code=0x7ffc0000 [ 101.767981][ T27] audit: type=1326 audit(1734790888.567:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4778 comm="syz.2.175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ff9785d29 code=0x7ffc0000 [ 101.855317][ T27] audit: type=1326 audit(1734790888.567:133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4778 comm="syz.2.175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=135 compat=0 ip=0x7f0ff9785d29 code=0x7ffc0000 [ 101.949929][ T27] audit: type=1326 audit(1734790888.567:134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4778 comm="syz.2.175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ff9785d29 code=0x7ffc0000 [ 102.004660][ T27] audit: type=1326 audit(1734790888.567:135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4778 comm="syz.2.175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ff9785d29 code=0x7ffc0000 [ 102.054179][ T27] audit: type=1326 audit(1734790888.907:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4795 comm="syz.4.182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f863a985d29 code=0x7ffc0000 [ 102.130507][ T27] audit: type=1326 audit(1734790888.907:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4795 comm="syz.4.182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f863a985d29 code=0x7ffc0000 [ 102.253807][ T4804] loop3: detected capacity change from 0 to 512 [ 102.285954][ T4804] EXT4-fs: Ignoring removed oldalloc option [ 102.322597][ T4804] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 102.372608][ T4804] EXT4-fs (loop3): 1 truncate cleaned up [ 102.385373][ T4804] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 102.627804][ T4263] EXT4-fs (loop3): unmounting filesystem. [ 103.059376][ T4825] netlink: 16 bytes leftover after parsing attributes in process `syz.2.193'. [ 103.424738][ T4845] loop1: detected capacity change from 0 to 512 [ 103.436547][ T4845] EXT4-fs: Ignoring removed oldalloc option [ 103.444916][ T4845] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 103.473942][ T4845] EXT4-fs (loop1): 1 truncate cleaned up [ 103.485157][ T4845] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 103.812010][ T4854] loop4: detected capacity change from 0 to 8192 [ 103.813447][ T4251] EXT4-fs (loop1): unmounting filesystem. [ 104.711914][ T4854] loop4: p2 p4[EZD] [ 104.716071][ T4854] loop4: p2 size 2130728454 extends beyond EOD, truncated [ 104.864987][ T4854] loop4: p4 size 65536 extends beyond EOD, truncated [ 104.889075][ T27] kauditd_printk_skb: 291 callbacks suppressed [ 104.889091][ T27] audit: type=1326 audit(1734790891.747:429): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4861 comm="syz.0.207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f021b585d29 code=0x7ffc0000 [ 104.933123][ T4866] loop2: detected capacity change from 0 to 256 [ 104.937878][ T27] audit: type=1326 audit(1734790891.747:430): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4861 comm="syz.0.207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f021b585d29 code=0x7ffc0000 [ 104.950128][ T4866] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 105.076408][ T27] audit: type=1326 audit(1734790891.757:431): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4861 comm="syz.0.207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=18 compat=0 ip=0x7f021b585d29 code=0x7ffc0000 [ 105.134127][ T27] audit: type=1326 audit(1734790891.757:432): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4861 comm="syz.0.207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f021b585d29 code=0x7ffc0000 [ 105.161249][ T27] audit: type=1326 audit(1734790891.757:433): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4861 comm="syz.0.207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f021b585d29 code=0x7ffc0000 [ 105.200419][ T4866] FAT-fs (loop2): Directory bread(block 64) failed [ 105.207115][ T4866] FAT-fs (loop2): Directory bread(block 65) failed [ 105.249530][ T4870] autofs4:pid:4870:autofs_fill_super: called with bogus options [ 105.264710][ T4866] FAT-fs (loop2): Directory bread(block 66) failed [ 105.289857][ T4866] FAT-fs (loop2): Directory bread(block 67) failed [ 105.329992][ T4866] FAT-fs (loop2): Directory bread(block 68) failed [ 105.336682][ T4866] FAT-fs (loop2): Directory bread(block 69) failed [ 105.380383][ T4866] FAT-fs (loop2): Directory bread(block 70) failed [ 105.407336][ T4866] FAT-fs (loop2): Directory bread(block 71) failed [ 105.439959][ T4866] FAT-fs (loop2): Directory bread(block 72) failed [ 105.446561][ T4866] FAT-fs (loop2): Directory bread(block 73) failed [ 105.503423][ T4876] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(5) [ 105.510019][ T4876] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 105.518213][ T4876] vhci_hcd vhci_hcd.0: Device attached [ 105.528471][ T4879] vhci_hcd: connection closed [ 105.547297][ T33] vhci_hcd: stop threads [ 105.559803][ T33] vhci_hcd: release socket [ 105.564303][ T33] vhci_hcd: disconnect device [ 105.924292][ T4891] loop2: detected capacity change from 0 to 1024 [ 105.955830][ T4891] EXT4-fs: Ignoring removed nobh option [ 105.968739][ T4891] EXT4-fs: Ignoring removed orlov option [ 105.983531][ T27] audit: type=1326 audit(1734790892.847:434): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4894 comm="syz.1.221" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27da985d29 code=0x7ffc0000 [ 106.020803][ T4891] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 106.026390][ T27] audit: type=1326 audit(1734790892.877:435): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4894 comm="syz.1.221" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27da985d29 code=0x7ffc0000 [ 106.060230][ T27] audit: type=1326 audit(1734790892.877:436): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4894 comm="syz.1.221" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f27da985d29 code=0x7ffc0000 [ 106.082666][ T27] audit: type=1326 audit(1734790892.877:437): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4894 comm="syz.1.221" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27da985d29 code=0x7ffc0000 [ 106.106083][ T27] audit: type=1326 audit(1734790892.877:438): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4894 comm="syz.1.221" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27da985d29 code=0x7ffc0000 [ 106.340185][ T4259] EXT4-fs (loop2): unmounting filesystem. [ 106.543122][ T4910] loop2: detected capacity change from 0 to 1024 [ 106.548907][ T4912] netlink: 4 bytes leftover after parsing attributes in process `syz.4.228'. [ 106.550947][ T4906] loop1: detected capacity change from 0 to 2048 [ 106.570607][ T4910] EXT4-fs: Ignoring removed nobh option [ 106.576244][ T4910] EXT4-fs: Ignoring removed oldalloc option [ 106.604422][ T4910] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 106.645479][ T4906] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 106.687103][ T4910] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 106.767034][ T4906] EXT4-fs: Ignoring removed bh option [ 106.804353][ T4906] EXT4-fs (loop1): re-mounted. Quota mode: writeback. [ 106.843556][ T4920] sch_tbf: burst 1 is lower than device lo mtu (65550) ! [ 106.908997][ T4906] netlink: 16 bytes leftover after parsing attributes in process `syz.1.225'. [ 106.977869][ T4259] EXT4-fs (loop2): unmounting filesystem. [ 107.091182][ T4918] loop3: detected capacity change from 0 to 8192 [ 107.191973][ T4930] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(5) [ 107.198570][ T4930] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 107.233535][ T4930] vhci_hcd vhci_hcd.0: Device attached [ 107.275331][ T4931] vhci_hcd: connection closed [ 107.276322][ T4858] vhci_hcd: stop threads [ 107.310976][ T4858] vhci_hcd: release socket [ 107.317376][ T4858] vhci_hcd: disconnect device [ 107.401621][ T4251] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4128793 free clusters [ 107.481989][ T4251] EXT4-fs (loop1): unmounting filesystem. [ 108.105375][ T4958] netlink: 4 bytes leftover after parsing attributes in process `syz.2.244'. [ 108.170269][ T4958] device bridge_slave_1 left promiscuous mode [ 108.177114][ T4958] bridge0: port 2(bridge_slave_1) entered disabled state [ 108.187677][ T4958] device bridge_slave_0 left promiscuous mode [ 108.195367][ T4958] bridge0: port 1(bridge_slave_0) entered disabled state [ 108.970019][ T4964] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 108.999647][ T4963] loop1: detected capacity change from 0 to 8192 [ 109.087548][ T4964] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 109.176391][ T4964] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 109.282504][ T4964] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 109.354987][ T4977] loop1: detected capacity change from 0 to 128 [ 109.368292][ T4964] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.383784][ T4964] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.400407][ T4977] ext4: Unknown parameter 'seclabel' [ 109.400526][ T4964] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.421334][ T4964] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.572989][ T4327] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 109.679151][ T4981] loop4: detected capacity change from 0 to 164 [ 109.745314][ T4983] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(5) [ 109.751995][ T4983] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 109.797281][ T4983] vhci_hcd vhci_hcd.0: Device attached [ 109.841380][ T4985] vhci_hcd: connection closed [ 109.841617][ T4969] vhci_hcd: stop threads [ 109.868209][ T4969] vhci_hcd: release socket [ 109.971649][ T4969] vhci_hcd: disconnect device [ 110.066294][ T4991] loop3: detected capacity change from 0 to 512 [ 110.321225][ T4991] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 110.355380][ T4991] ext4 filesystem being mounted at /49/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 110.432481][ T4986] EXT4-fs error (device loop3): ext4_do_update_inode:5224: inode #2: comm syz.3.253: corrupted inode contents [ 110.444798][ T4981] iso9660: Corrupted directory entry in block 4 of inode 1792 [ 110.447630][ T4986] EXT4-fs error (device loop3): ext4_dirty_inode:6089: inode #2: comm syz.3.253: mark_inode_dirty error [ 110.465735][ T4986] EXT4-fs error (device loop3): ext4_do_update_inode:5224: inode #2: comm syz.3.253: corrupted inode contents [ 110.477987][ T4986] EXT4-fs error (device loop3): __ext4_ext_dirty:202: inode #2: comm syz.3.253: mark_inode_dirty error [ 110.575983][ T4997] mmap: syz.1.256 (4997) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 110.676662][ T5004] netlink: 4 bytes leftover after parsing attributes in process `syz.0.257'. [ 110.688352][ T4263] EXT4-fs (loop3): unmounting filesystem. [ 111.109350][ T5010] loop3: detected capacity change from 0 to 8192 [ 111.553035][ T5024] loop4: detected capacity change from 0 to 512 [ 111.609169][ T5024] EXT4-fs: Ignoring removed oldalloc option [ 111.695826][ T5024] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 111.721554][ T5027] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(5) [ 111.728132][ T5027] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 111.746195][ T5027] vhci_hcd vhci_hcd.0: Device attached [ 111.747370][ T5024] EXT4-fs (loop4): 1 truncate cleaned up [ 111.762277][ T5024] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 111.772776][ T5030] vhci_hcd: connection closed [ 111.773975][ T9] vhci_hcd: stop threads [ 111.817960][ T9] vhci_hcd: release socket [ 111.861282][ T5039] loop1: detected capacity change from 0 to 512 [ 111.872462][ T9] vhci_hcd: disconnect device [ 111.879439][ T5037] Unknown options in mask 5 [ 111.929441][ T5039] __quota_error: 109 callbacks suppressed [ 111.929462][ T5039] Quota error (device loop1): do_check_range: Getting dqdh_prev_free 1536 out of range 0-5 [ 111.934296][ T5037] netlink: 'syz.2.269': attribute type 10 has an invalid length. [ 111.939539][ T5039] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota [ 111.964591][ T5039] EXT4-fs error (device loop1): ext4_acquire_dquot:6794: comm syz.1.271: Failed to acquire dquot type 1 [ 111.977990][ T5039] EXT4-fs (loop1): 1 truncate cleaned up [ 111.983915][ T5039] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 111.993278][ T5039] ext4 filesystem being mounted at /51/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 112.008788][ T5037] netlink: 4 bytes leftover after parsing attributes in process `syz.2.269'. [ 112.052328][ T4251] EXT4-fs (loop1): unmounting filesystem. [ 112.220607][ T5049] netlink: 4 bytes leftover after parsing attributes in process `syz.3.274'. [ 112.273031][ T4256] EXT4-fs error (device loop4): mb_free_blocks:1815: group 0, inode 16: block 35:freeing already freed block (bit 34); block bitmap corrupt. [ 112.356116][ T4256] EXT4-fs (loop4): unmounting filesystem. [ 112.470663][ T5054] netlink: 24 bytes leftover after parsing attributes in process `syz.0.277'. [ 112.493469][ T27] audit: type=1800 audit(1734790899.347:548): pid=5052 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.276" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0 [ 112.934115][ T5060] netdevsim netdevsim0 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 112.951203][ T5060] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 113.021035][ T5060] netdevsim netdevsim0 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 113.080981][ T5060] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 113.164884][ T5060] netdevsim netdevsim0 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 113.204587][ T5060] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 113.258208][ T5073] loop1: detected capacity change from 0 to 1764 [ 113.276378][ T5060] netdevsim netdevsim0 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 113.298966][ T5060] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 113.315558][ T4327] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 113.483142][ T5060] netdevsim netdevsim0 eth0: set [0, 0] type 1 family 0 port 8472 - 0 [ 113.500219][ T5060] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 113.521854][ T5060] netdevsim netdevsim0 eth1: set [0, 0] type 1 family 0 port 8472 - 0 [ 113.548559][ T5060] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 113.579383][ T5060] netdevsim netdevsim0 eth2: set [0, 0] type 1 family 0 port 8472 - 0 [ 113.593904][ T5060] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 113.625018][ T5060] netdevsim netdevsim0 eth3: set [0, 0] type 1 family 0 port 8472 - 0 [ 113.633819][ T5060] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 113.999540][ T5087] loop4: detected capacity change from 0 to 128 [ 114.006568][ T27] audit: type=1326 audit(1734790900.857:549): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5088 comm="syz.0.290" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f021b585d29 code=0x7ffc0000 [ 114.035938][ T5087] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x61ff7272 (sector = 1) [ 114.045503][ T27] audit: type=1326 audit(1734790900.867:550): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5088 comm="syz.0.290" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f021b585d29 code=0x7ffc0000 [ 114.080974][ T27] audit: type=1326 audit(1734790900.867:551): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5088 comm="syz.0.290" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f021b585d29 code=0x7ffc0000 [ 114.157548][ T27] audit: type=1326 audit(1734790900.867:552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5088 comm="syz.0.290" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f021b585d29 code=0x7ffc0000 [ 114.187355][ T27] audit: type=1326 audit(1734790900.897:553): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5088 comm="syz.0.290" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f021b585d29 code=0x7ffc0000 [ 114.227720][ T27] audit: type=1326 audit(1734790900.897:554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5088 comm="syz.0.290" exe="/root/syz-executor" sig=0 arch=c000003e syscall=132 compat=0 ip=0x7f021b585d29 code=0x7ffc0000 [ 114.292639][ T27] audit: type=1326 audit(1734790900.897:555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5088 comm="syz.0.290" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f021b585d29 code=0x7ffc0000 [ 114.803533][ T5112] loop1: detected capacity change from 0 to 512 [ 114.827308][ T5112] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 114.850675][ T5114] netlink: 'syz.2.302': attribute type 10 has an invalid length. [ 114.867184][ T5112] EXT4-fs (loop1): 1 truncate cleaned up [ 114.879320][ T5114] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 114.881252][ T5112] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 114.902876][ T5114] bond0: (slave batadv0): Enslaving as an active interface with an up link [ 115.491808][ T5136] loop4: detected capacity change from 0 to 512 [ 115.498845][ T5136] EXT4-fs: Ignoring removed nomblk_io_submit option [ 115.584590][ T5136] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 115.609541][ T5136] ext4 filesystem being mounted at /71/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 115.980119][ T4256] EXT4-fs (loop4): unmounting filesystem. [ 115.989257][ T5150] syz.2.315[5150] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 115.989368][ T5150] syz.2.315[5150] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 116.037686][ T5150] syz.2.315 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 117.263809][ T27] kauditd_printk_skb: 28 callbacks suppressed [ 117.263825][ T27] audit: type=1326 audit(1734790904.127:584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5164 comm="syz.4.323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f863a985d29 code=0x7ffc0000 [ 117.366210][ T27] audit: type=1326 audit(1734790904.167:585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5164 comm="syz.4.323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f863a985d29 code=0x7ffc0000 [ 117.398493][ T5169] loop3: detected capacity change from 0 to 512 [ 117.445705][ T5169] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 117.460289][ T27] audit: type=1326 audit(1734790904.167:586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5164 comm="syz.4.323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f863a985d29 code=0x7ffc0000 [ 117.516436][ T27] audit: type=1326 audit(1734790904.167:587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5164 comm="syz.4.323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=129 compat=0 ip=0x7f863a985d29 code=0x7ffc0000 [ 117.551203][ T27] audit: type=1326 audit(1734790904.167:588): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5164 comm="syz.4.323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f863a97cce7 code=0x7ffc0000 [ 117.574376][ T27] audit: type=1326 audit(1734790904.167:589): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5164 comm="syz.4.323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f863a921f29 code=0x7ffc0000 [ 117.593758][ T5169] EXT4-fs (loop3): 1 truncate cleaned up [ 117.596989][ T27] audit: type=1326 audit(1734790904.167:590): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5164 comm="syz.4.323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f863a985d29 code=0x7ffc0000 [ 117.629311][ T5169] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 117.884310][ T4263] EXT4-fs (loop3): unmounting filesystem. [ 118.515705][ T5192] netlink: 20 bytes leftover after parsing attributes in process `syz.3.334'. [ 118.548732][ T5195] netlink: 4 bytes leftover after parsing attributes in process `syz.2.335'. [ 118.999474][ T27] audit: type=1326 audit(1734790905.857:591): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5201 comm="syz.0.338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f021b585d29 code=0x7ffc0000 [ 119.014207][ T5205] loop4: detected capacity change from 0 to 512 [ 119.046310][ T27] audit: type=1326 audit(1734790905.857:592): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5201 comm="syz.0.338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=66 compat=0 ip=0x7f021b585d29 code=0x7ffc0000 [ 119.102553][ T27] audit: type=1326 audit(1734790905.857:593): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5201 comm="syz.0.338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f021b585d29 code=0x7ffc0000 [ 119.158348][ T5205] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 119.177843][ T5205] ext4 filesystem being mounted at /78/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 119.214861][ T5205] EXT4-fs error (device loop4): ext4_do_update_inode:5224: inode #2: comm syz.4.339: corrupted inode contents [ 119.240091][ T5205] EXT4-fs error (device loop4): ext4_dirty_inode:6089: inode #2: comm syz.4.339: mark_inode_dirty error [ 119.270205][ T5205] EXT4-fs error (device loop4): ext4_do_update_inode:5224: inode #2: comm syz.4.339: corrupted inode contents [ 119.326541][ T5209] EXT4-fs error (device loop4): ext4_do_update_inode:5224: inode #2: comm syz.4.339: corrupted inode contents [ 119.362407][ T5209] EXT4-fs error (device loop4): ext4_dirty_inode:6089: inode #2: comm syz.4.339: mark_inode_dirty error [ 119.386927][ T5209] EXT4-fs error (device loop4): ext4_do_update_inode:5224: inode #2: comm syz.4.339: corrupted inode contents [ 119.450877][ T4256] EXT4-fs (loop4): unmounting filesystem. [ 119.906247][ T5213] loop2: detected capacity change from 0 to 128 [ 119.951089][ T5215] loop4: detected capacity change from 0 to 512 [ 119.975012][ T4327] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 119.991654][ T5215] EXT4-fs (loop4): couldn't mount as ext2 due to feature incompatibilities [ 120.235038][ T5225] netlink: 'syz.2.347': attribute type 4 has an invalid length. [ 120.242899][ T5225] netlink: 3657 bytes leftover after parsing attributes in process `syz.2.347'. [ 120.546800][ T4251] EXT4-fs (loop1): unmounting filesystem. [ 121.045232][ T5221] ebtables: ebtables: counters copy to user failed while replacing table [ 121.511553][ T5233] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 121.572470][ T5243] netlink: 4 bytes leftover after parsing attributes in process `syz.1.346'. [ 121.586090][ T5243] device bridge_slave_1 left promiscuous mode [ 121.600031][ T5243] bridge0: port 2(bridge_slave_1) entered disabled state [ 121.611072][ T5243] device bridge_slave_0 left promiscuous mode [ 121.619025][ T5243] bridge0: port 1(bridge_slave_0) entered disabled state [ 122.034847][ T5253] loop4: detected capacity change from 0 to 128 [ 122.052047][ T5233] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 122.125215][ T4327] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 122.232535][ T5233] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 122.376230][ T5233] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 122.416764][ T5263] netlink: 48 bytes leftover after parsing attributes in process `syz.3.361'. [ 122.534320][ T5233] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 122.590846][ T5233] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 122.631285][ T5233] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 122.647560][ T5271] loop3: detected capacity change from 0 to 128 [ 122.656156][ T5233] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 123.024508][ T5279] loop1: detected capacity change from 0 to 512 [ 123.060943][ T5279] EXT4-fs: Ignoring removed oldalloc option [ 123.089940][ T5279] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 123.132474][ T5279] EXT4-fs (loop1): 1 truncate cleaned up [ 123.143816][ T5279] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 123.224465][ T5287] device veth0_virt_wifi entered promiscuous mode [ 123.233756][ T5287] device veth0_virt_wifi left promiscuous mode [ 123.261511][ T5279] loop1: detected capacity change from 512 to 64 [ 123.468679][ T4251] EXT4-fs error (device loop1): mb_free_blocks:1815: group 0, inode 16: block 35:freeing already freed block (bit 34); block bitmap corrupt. [ 123.546407][ T4251] EXT4-fs (loop1): unmounting filesystem. [ 123.714062][ T27] kauditd_printk_skb: 25 callbacks suppressed [ 123.714079][ T27] audit: type=1326 audit(1734790910.577:619): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5308 comm="syz.1.373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27da985d29 code=0x7ffc0000 [ 123.813121][ T27] audit: type=1326 audit(1734790910.577:620): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5308 comm="syz.1.373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f27da985d29 code=0x7ffc0000 [ 123.954563][ T5315] loop4: detected capacity change from 0 to 128 [ 123.963734][ T27] audit: type=1326 audit(1734790910.577:621): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5308 comm="syz.1.373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27da985d29 code=0x7ffc0000 [ 124.039368][ T27] audit: type=1326 audit(1734790910.577:622): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5308 comm="syz.1.373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f27da985d29 code=0x7ffc0000 [ 124.095330][ T4327] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 124.141797][ T27] audit: type=1326 audit(1734790910.577:623): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5308 comm="syz.1.373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27da985d29 code=0x7ffc0000 [ 124.195261][ T27] audit: type=1326 audit(1734790910.577:624): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5308 comm="syz.1.373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f27da985d29 code=0x7ffc0000 [ 124.243459][ T27] audit: type=1326 audit(1734790910.577:625): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5308 comm="syz.1.373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27da985d29 code=0x7ffc0000 [ 124.270884][ T27] audit: type=1326 audit(1734790910.587:626): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5308 comm="syz.1.373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f27da985d29 code=0x7ffc0000 [ 124.298099][ T27] audit: type=1326 audit(1734790910.677:627): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5308 comm="syz.1.373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27da985d29 code=0x7ffc0000 [ 124.306952][ T5327] loop1: detected capacity change from 0 to 256 [ 124.327850][ T27] audit: type=1326 audit(1734790910.677:628): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5308 comm="syz.1.373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=274 compat=0 ip=0x7f27da985d29 code=0x7ffc0000 [ 124.420289][ T5323] Zero length message leads to an empty skb [ 124.433065][ T5327] FAT-fs (loop1): Directory bread(block 64) failed [ 124.439680][ T5327] FAT-fs (loop1): Directory bread(block 65) failed [ 124.450263][ T5327] FAT-fs (loop1): Directory bread(block 66) failed [ 124.457405][ T5327] FAT-fs (loop1): Directory bread(block 67) failed [ 124.466023][ T5327] FAT-fs (loop1): Directory bread(block 68) failed [ 124.473460][ T5327] FAT-fs (loop1): Directory bread(block 69) failed [ 124.486937][ T5327] FAT-fs (loop1): Directory bread(block 70) failed [ 124.522643][ T5327] FAT-fs (loop1): Directory bread(block 71) failed [ 124.534158][ T5327] FAT-fs (loop1): Directory bread(block 72) failed [ 124.545809][ T5327] FAT-fs (loop1): Directory bread(block 73) failed [ 124.878117][ T5327] syz.1.381: attempt to access beyond end of device [ 124.878117][ T5327] loop1: rw=2049, sector=1800, nr_sectors = 600 limit=256 [ 124.955737][ T5340] syz.1.381: attempt to access beyond end of device [ 124.955737][ T5340] loop1: rw=524288, sector=1736, nr_sectors = 32 limit=256 [ 125.046058][ T5340] syz.1.381: attempt to access beyond end of device [ 125.046058][ T5340] loop1: rw=0, sector=1736, nr_sectors = 8 limit=256 [ 125.233092][ T5350] IPVS: sh: UDP 224.0.0.2:0 - no destination available [ 125.402734][ T4969] kworker/u4:12: attempt to access beyond end of device [ 125.402734][ T4969] loop1: rw=1, sector=1808, nr_sectors = 8 limit=256 [ 125.485373][ T4969] kworker/u4:12: attempt to access beyond end of device [ 125.485373][ T4969] loop1: rw=1, sector=2400, nr_sectors = 1452 limit=256 [ 125.532533][ T5361] loop2: detected capacity change from 0 to 128 [ 125.626954][ T4327] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 126.018411][ T5375] loop3: detected capacity change from 0 to 1764 [ 126.204697][ T5382] loop4: detected capacity change from 0 to 1024 [ 126.303472][ T5382] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 126.655260][ T4256] EXT4-fs (loop4): unmounting filesystem. [ 126.751181][ T5397] netlink: 4 bytes leftover after parsing attributes in process `syz.1.414'. [ 127.157088][ T5413] loop1: detected capacity change from 0 to 128 [ 127.259878][ T4327] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 127.419051][ T5419] loop2: detected capacity change from 0 to 512 [ 127.473509][ T5419] EXT4-fs (loop2): orphan cleanup on readonly fs [ 127.509650][ T5419] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -13 [ 127.594607][ T5419] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters [ 127.656363][ T5419] EXT4-fs error (device loop2): ext4_clear_blocks:883: inode #13: comm syz.2.424: attempt to clear invalid blocks 2 len 1 [ 127.679011][ T5419] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #13: comm syz.2.424: invalid indirect mapped block 1819239214 (level 0) [ 127.724860][ T5419] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #13: comm syz.2.424: invalid indirect mapped block 1819239214 (level 1) [ 127.800068][ T5419] EXT4-fs (loop2): 1 truncate cleaned up [ 127.816166][ T5419] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 127.871340][ T5439] Cannot find set identified by id 0 to match [ 128.043486][ T4259] EXT4-fs (loop2): unmounting filesystem. [ 128.151446][ T5445] loop1: detected capacity change from 0 to 512 [ 128.214349][ T5449] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(5) [ 128.220941][ T5449] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 128.229378][ T5449] vhci_hcd vhci_hcd.0: Device attached [ 128.238296][ T5453] vhci_hcd: connection closed [ 128.241466][ T5445] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 128.265450][ T4312] vhci_hcd: stop threads [ 128.284321][ T4312] vhci_hcd: release socket [ 128.288830][ T4312] vhci_hcd: disconnect device [ 128.304272][ T5445] ext4 filesystem being mounted at /81/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 128.384962][ T5459] loop3: detected capacity change from 0 to 128 [ 128.474453][ T4327] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 128.498228][ T4251] EXT4-fs (loop1): unmounting filesystem. [ 128.755780][ T5470] loop3: detected capacity change from 0 to 1024 [ 128.774249][ T27] kauditd_printk_skb: 55 callbacks suppressed [ 128.774266][ T27] audit: type=1326 audit(1734790915.637:684): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5472 comm="syz.0.447" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f021b585d29 code=0x7ffc0000 [ 128.811699][ T5470] EXT4-fs: Ignoring removed nobh option [ 128.817326][ T5470] EXT4-fs: Ignoring removed nomblk_io_submit option [ 128.885010][ T27] audit: type=1326 audit(1734790915.677:685): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5472 comm="syz.0.447" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f021b585d29 code=0x7ffc0000 [ 128.900954][ T5470] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 128.983731][ T27] audit: type=1326 audit(1734790915.677:686): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5472 comm="syz.0.447" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f021b585d29 code=0x7ffc0000 [ 128.984799][ T5470] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 129.084661][ T27] audit: type=1326 audit(1734790915.677:687): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5472 comm="syz.0.447" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f021b585d29 code=0x7ffc0000 [ 129.123019][ T5470] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 129.174819][ T27] audit: type=1326 audit(1734790915.677:688): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5472 comm="syz.0.447" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f021b585d29 code=0x7ffc0000 [ 129.268145][ T5491] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 129.319820][ T27] audit: type=1326 audit(1734790915.697:689): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5472 comm="syz.0.447" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f021b585d29 code=0x7ffc0000 [ 129.347152][ T5493] EXT4-fs (loop3): re-mounted. Quota mode: writeback. [ 129.352832][ T5494] loop4: detected capacity change from 0 to 128 [ 129.372396][ T27] audit: type=1326 audit(1734790915.697:690): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5472 comm="syz.0.447" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f021b585d29 code=0x7ffc0000 [ 129.395339][ T27] audit: type=1326 audit(1734790915.697:691): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5472 comm="syz.0.447" exe="/root/syz-executor" sig=0 arch=c000003e syscall=252 compat=0 ip=0x7f021b585d29 code=0x7ffc0000 [ 129.438325][ T27] audit: type=1326 audit(1734790915.697:692): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5472 comm="syz.0.447" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f021b585d29 code=0x7ffc0000 [ 129.524805][ T27] audit: type=1326 audit(1734790915.697:693): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5472 comm="syz.0.447" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f021b585d29 code=0x7ffc0000 [ 129.635999][ T5498] loop1: detected capacity change from 0 to 2048 [ 129.724438][ T5498] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 129.807298][ T5507] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(5) [ 129.814038][ T5507] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 129.830192][ T5507] vhci_hcd vhci_hcd.0: Device attached [ 129.846381][ T4263] EXT4-fs (loop3): unmounting filesystem. [ 129.862074][ T5508] vhci_hcd: connection closed [ 129.881160][ T4966] vhci_hcd: stop threads [ 129.922937][ T4966] vhci_hcd: release socket [ 129.924788][ T4251] EXT4-fs (loop1): unmounting filesystem. [ 129.927406][ T4966] vhci_hcd: disconnect device [ 130.230632][ T5525] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready [ 130.253606][ T5525] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 130.368017][ T5532] loop1: detected capacity change from 0 to 128 [ 130.436126][ T4327] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 130.487707][ T5530] loop2: detected capacity change from 0 to 8192 [ 130.536813][ T5530] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 130.601668][ T5530] FAT-fs (loop2): error, fat_free_clusters: deleting FAT entry beyond EOF [ 130.638265][ T5530] FAT-fs (loop2): Filesystem has been set read-only [ 130.874711][ T5542] netlink: 16 bytes leftover after parsing attributes in process `+}[@'. [ 131.131698][ T5553] loop4: detected capacity change from 0 to 512 [ 131.169537][ T5554] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(5) [ 131.176208][ T5554] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 131.221578][ T5553] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 131.243652][ T5554] vhci_hcd vhci_hcd.0: Device attached [ 131.254900][ T5553] ext4 filesystem being mounted at /102/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 131.283491][ T5555] vhci_hcd: connection closed [ 131.284672][ T5236] vhci_hcd: stop threads [ 131.294467][ T5564] loop1: detected capacity change from 0 to 128 [ 131.308628][ T5236] vhci_hcd: release socket [ 131.344479][ T5236] vhci_hcd: disconnect device [ 131.364652][ T4327] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 131.444260][ T4256] EXT4-fs (loop4): unmounting filesystem. [ 131.557348][ T5568] serio: Serial port ptm0 [ 131.651177][ T5576] Unknown options in mask 5 [ 131.688587][ T5576] netlink: 'syz.1.486': attribute type 10 has an invalid length. [ 131.710395][ T5576] netlink: 4 bytes leftover after parsing attributes in process `syz.1.486'. [ 131.844234][ T5583] smc: net device bond0 applied user defined pnetid SYZ0 [ 131.878676][ T5583] netlink: 116 bytes leftover after parsing attributes in process `syz.0.491'. [ 131.923400][ T5583] smc: net device bond0 erased user defined pnetid SYZ0 [ 132.104730][ T5592] loop3: detected capacity change from 0 to 128 [ 132.174934][ T4327] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 132.224481][ T5598] loop4: detected capacity change from 0 to 128 [ 132.358349][ T5598] syz.4.499: attempt to access beyond end of device [ 132.358349][ T5598] loop4: rw=2049, sector=145, nr_sectors = 896 limit=128 [ 132.419323][ T5598] syz.4.499: attempt to access beyond end of device [ 132.419323][ T5598] loop4: rw=524288, sector=145, nr_sectors = 224 limit=128 [ 132.470587][ T5605] netlink: 4 bytes leftover after parsing attributes in process `syz.3.501'. [ 132.544489][ T5608] random: crng reseeded on system resumption [ 132.823458][ T1276] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.830703][ T1276] ieee802154 phy1 wpan1: encryption failed: -22 [ 132.926164][ T5614] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(5) [ 132.932756][ T5614] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 132.979230][ T5614] vhci_hcd vhci_hcd.0: Device attached [ 132.994980][ T5615] vhci_hcd: connection closed [ 132.995292][ T4968] vhci_hcd: stop threads [ 133.005489][ T4968] vhci_hcd: release socket [ 133.017689][ T4968] vhci_hcd: disconnect device [ 133.047464][ T5621] loop4: detected capacity change from 0 to 512 [ 133.067760][ T5621] EXT4-fs: Ignoring removed nobh option [ 133.134914][ T5621] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 133.154196][ T5621] EXT4-fs (loop4): orphan cleanup on readonly fs [ 133.169222][ T5621] EXT4-fs error (device loop4): ext4_acquire_dquot:6794: comm syz.4.506: Failed to acquire dquot type 1 [ 133.201255][ T5621] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.506: bg 0: block 40: padding at end of block bitmap is not set [ 133.227938][ T5621] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6170: Corrupt filesystem [ 133.238723][ T5621] EXT4-fs (loop4): 1 truncate cleaned up [ 133.246426][ T5629] loop3: detected capacity change from 0 to 2048 [ 133.250474][ T5621] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 133.307636][ T5629] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 133.625012][ T4256] EXT4-fs (loop4): unmounting filesystem. [ 133.746099][ T5639] loop2: detected capacity change from 0 to 2048 [ 133.805800][ T22] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 133.832783][ T5639] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 133.840930][ T22] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 133.848773][ T22] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 133.869832][ T22] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 133.877311][ T22] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 133.893035][ T22] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 133.905203][ T22] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 133.918624][ T22] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 133.946948][ T22] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 133.947325][ T4259] EXT4-fs (loop2): unmounting filesystem. [ 133.966917][ T22] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 133.979560][ T22] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 133.999830][ T22] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 134.007391][ T22] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 134.015021][ T22] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 134.022770][ T22] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 134.030501][ T22] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 134.038083][ T22] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 134.053270][ T22] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 134.066693][ T22] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 134.080043][ T22] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 134.092349][ T22] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 134.106615][ T22] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 134.125399][ T22] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 134.133454][ T22] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 134.149822][ T22] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 134.157333][ T22] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 134.176289][ T22] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 134.184226][ T22] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 134.195864][ T27] kauditd_printk_skb: 94 callbacks suppressed [ 134.195881][ T27] audit: type=1800 audit(1734790921.057:786): pid=5629 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.509" name="file2" dev="loop3" ino=16 res=0 errno=0 [ 134.200777][ T22] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 134.266764][ T22] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 134.275246][ T22] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 134.283267][ T22] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 134.296754][ T22] hid-generic 0000:0000:0000.0001: hidraw0: HID v0.00 Device [sy] on syz0 [ 134.459682][ T4263] EXT4-fs (loop3): unmounting filesystem. [ 134.526755][ T27] audit: type=1326 audit(1734790921.387:787): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5650 comm="syz.3.516" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fa2585d29 code=0x7ffc0000 [ 134.577111][ T27] audit: type=1326 audit(1734790921.387:788): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5650 comm="syz.3.516" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9fa2585d29 code=0x7ffc0000 [ 134.648162][ T27] audit: type=1326 audit(1734790921.387:789): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5650 comm="syz.3.516" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fa2585d29 code=0x7ffc0000 [ 134.746955][ T27] audit: type=1326 audit(1734790921.387:790): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5650 comm="syz.3.516" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9fa2585d29 code=0x7ffc0000 [ 134.782768][ T5657] netlink: 4 bytes leftover after parsing attributes in process `syz.1.519'. [ 134.792506][ T27] audit: type=1326 audit(1734790921.387:791): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5650 comm="syz.3.516" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fa2585d29 code=0x7ffc0000 [ 134.882807][ T27] audit: type=1326 audit(1734790921.387:792): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5650 comm="syz.3.516" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9fa2585d29 code=0x7ffc0000 [ 134.990110][ T27] audit: type=1326 audit(1734790921.387:793): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5650 comm="syz.3.516" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fa2585d29 code=0x7ffc0000 [ 135.084677][ T27] audit: type=1326 audit(1734790921.387:794): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5650 comm="syz.3.516" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9fa2585d29 code=0x7ffc0000 [ 135.199825][ T27] audit: type=1326 audit(1734790921.427:795): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5650 comm="syz.3.516" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fa2585d29 code=0x7ffc0000 [ 135.499295][ T5681] netlink: 132 bytes leftover after parsing attributes in process `syz.3.530'. [ 135.876384][ T5700] netlink: 4 bytes leftover after parsing attributes in process `syz.2.536'. [ 136.257975][ T5711] loop3: detected capacity change from 0 to 512 [ 136.353922][ T5711] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 136.380949][ T5711] ext4 filesystem being mounted at /109/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 136.383948][ T5720] netlink: 64 bytes leftover after parsing attributes in process `syz.4.544'. [ 136.420578][ T5711] EXT4-fs (loop3): re-mounted. Quota mode: writeback. [ 136.489656][ T4263] EXT4-fs (loop3): unmounting filesystem. [ 136.731618][ T5733] syz.2.549[5733] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 136.731730][ T5733] syz.2.549[5733] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 136.734525][ T5728] loop1: detected capacity change from 0 to 164 [ 136.829987][ T5728] rock: corrupted directory entry. extent=28, offset=0, size=16777216 [ 136.852798][ T5728] rock: corrupted directory entry. extent=28, offset=0, size=16777216 [ 136.887569][ T5728] iso9660: Corrupted directory entry in block 4 of inode 1792 [ 137.173909][ T5747] loop3: detected capacity change from 0 to 512 [ 137.277815][ T5747] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 137.306377][ T5747] ext4 filesystem being mounted at /112/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 137.324736][ T5757] 9pnet_fd: Insufficient options for proto=fd [ 137.389435][ T5759] netlink: 'syz.1.557': attribute type 27 has an invalid length. [ 137.400689][ T4263] EXT4-fs (loop3): unmounting filesystem. [ 138.766862][ T5759] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 138.822057][ T5759] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 139.326122][ T5759] netdevsim netdevsim1 eth0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 139.334871][ T5759] netdevsim netdevsim1 eth1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 139.344069][ T5759] netdevsim netdevsim1 eth2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 139.352524][ T5759] netdevsim netdevsim1 eth3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 140.157134][ T5812] IPVS: set_ctl: invalid protocol: 50 224.0.0.1:20002 [ 140.336319][ T5820] netlink: 4 bytes leftover after parsing attributes in process `syz.3.580'. [ 140.367998][ T5820] device bridge_slave_1 left promiscuous mode [ 140.391073][ T5820] bridge0: port 2(bridge_slave_1) entered disabled state [ 140.416138][ T5820] device bridge_slave_0 left promiscuous mode [ 140.422684][ T5820] bridge0: port 1(bridge_slave_0) entered disabled state [ 140.593429][ T5828] netlink: 4 bytes leftover after parsing attributes in process `syz.0.582'. [ 140.749085][ T5832] Unknown options in mask 5 [ 140.762068][ T27] kauditd_printk_skb: 35 callbacks suppressed [ 140.762084][ T27] audit: type=1326 audit(1734790927.627:831): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5833 comm="syz.4.584" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f863a985d29 code=0x7ffc0000 [ 140.813040][ T5832] netlink: 'syz.2.583': attribute type 10 has an invalid length. [ 140.856225][ T5832] netlink: 4 bytes leftover after parsing attributes in process `syz.2.583'. [ 140.869959][ T27] audit: type=1326 audit(1734790927.697:832): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5833 comm="syz.4.584" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f863a985d29 code=0x7ffc0000 [ 140.910476][ T5839] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 140.914561][ T27] audit: type=1326 audit(1734790927.697:833): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5833 comm="syz.4.584" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f863a985d29 code=0x7ffc0000 [ 140.961166][ T27] audit: type=1326 audit(1734790927.697:834): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5833 comm="syz.4.584" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f863a985d29 code=0x7ffc0000 [ 141.005564][ T27] audit: type=1326 audit(1734790927.697:835): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5833 comm="syz.4.584" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f863a985d29 code=0x7ffc0000 [ 141.066225][ T27] audit: type=1326 audit(1734790927.697:836): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5833 comm="syz.4.584" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f863a985d29 code=0x7ffc0000 [ 141.110314][ T27] audit: type=1326 audit(1734790927.697:837): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5833 comm="syz.4.584" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f863a985d29 code=0x7ffc0000 [ 141.112741][ T5839] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 141.138804][ T27] audit: type=1326 audit(1734790927.697:838): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5833 comm="syz.4.584" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f863a985d29 code=0x7ffc0000 [ 141.179063][ T27] audit: type=1326 audit(1734790927.697:839): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5833 comm="syz.4.584" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f863a985d29 code=0x7ffc0000 [ 141.200934][ T5846] device syzkaller0 entered promiscuous mode [ 141.202023][ T27] audit: type=1326 audit(1734790927.697:840): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5833 comm="syz.4.584" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f863a985d29 code=0x7ffc0000 [ 141.345070][ T5839] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 141.428646][ T5839] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 141.559163][ T5839] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 141.599318][ T5839] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 141.642191][ T5859] loop4: detected capacity change from 0 to 1024 [ 141.650862][ T5839] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 141.666828][ T5839] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 141.678108][ T5859] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 141.688410][ T5859] EXT4-fs (loop4): orphan cleanup on readonly fs [ 141.717804][ T5859] EXT4-fs error (device loop4): ext4_map_blocks:744: inode #3: block 3: comm ]:: lblock 3 mapped to illegal pblock 3 (length 1) [ 141.735930][ T5859] EXT4-fs error (device loop4): ext4_acquire_dquot:6794: comm ]:: Failed to acquire dquot type 0 [ 141.748397][ T5859] EXT4-fs error (device loop4): ext4_map_blocks:634: inode #3: block 3: comm ]:: lblock 3 mapped to illegal pblock 3 (length 1) [ 141.763689][ T5859] EXT4-fs error (device loop4): ext4_acquire_dquot:6794: comm ]:: Failed to acquire dquot type 0 [ 141.781883][ T5859] EXT4-fs error (device loop4): ext4_free_blocks:6210: comm ]:: Freeing blocks not in datazone - block = 0, count = 4096 [ 141.801756][ T5859] EXT4-fs error (device loop4): ext4_map_blocks:634: inode #3: block 3: comm ]:: lblock 3 mapped to illegal pblock 3 (length 1) [ 141.818784][ T5859] EXT4-fs error (device loop4): ext4_acquire_dquot:6794: comm ]:: Failed to acquire dquot type 0 [ 141.834520][ T5859] EXT4-fs (loop4): 1 orphan inode deleted [ 141.841497][ T5859] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 142.013959][ T5866] netlink: 'syz.1.595': attribute type 11 has an invalid length. [ 142.041032][ T5866] netlink: 60 bytes leftover after parsing attributes in process `syz.1.595'. [ 142.042271][ T4256] EXT4-fs (loop4): unmounting filesystem. [ 142.228566][ T5874] netlink: 4 bytes leftover after parsing attributes in process `syz.4.598'. [ 142.340826][ T5877] loop1: detected capacity change from 0 to 128 [ 142.522620][ T5882] syz.1.600: attempt to access beyond end of device [ 142.522620][ T5882] loop1: rw=2049, sector=145, nr_sectors = 792 limit=128 [ 142.751193][ T5892] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 142.776808][ T5892] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 143.045374][ T5903] netdevsim netdevsim0 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 143.113264][ T5903] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 143.833904][ T5903] netdevsim netdevsim0 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 143.929834][ T5903] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 144.109866][ T5903] netdevsim netdevsim0 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 144.133472][ T5903] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 144.223420][ T5921] netlink: 4 bytes leftover after parsing attributes in process `syz.4.614'. [ 144.312029][ T5903] netdevsim netdevsim0 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 144.348936][ T5903] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 144.519267][ T5903] netdevsim netdevsim0 eth0: set [0, 0] type 1 family 0 port 8472 - 0 [ 144.554049][ T5903] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 144.619043][ T5903] netdevsim netdevsim0 eth1: set [0, 0] type 1 family 0 port 8472 - 0 [ 144.665841][ T5903] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 144.727856][ T5903] netdevsim netdevsim0 eth2: set [0, 0] type 1 family 0 port 8472 - 0 [ 144.750394][ T5903] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 144.791361][ T5903] netdevsim netdevsim0 eth3: set [0, 0] type 1 family 0 port 8472 - 0 [ 144.830571][ T5903] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 145.227683][ T5952] loop1: detected capacity change from 0 to 512 [ 145.247949][ T5952] EXT4-fs: Ignoring removed bh option [ 145.275567][ T5952] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 145.317693][ T5961] netlink: 4 bytes leftover after parsing attributes in process `syz.3.629'. [ 145.334005][ T5952] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 145.343489][ T5952] ext4 filesystem being mounted at /114/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 145.472286][ T5964] netlink: 16 bytes leftover after parsing attributes in process `syz.0.630'. [ 145.508085][ T4251] EXT4-fs (loop1): unmounting filesystem. [ 145.550530][ T5966] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0, syncid = 0, id = 0 [ 146.231727][ T5995] netlink: 4 bytes leftover after parsing attributes in process `syz.4.642'. [ 146.259632][ T27] kauditd_printk_skb: 94 callbacks suppressed [ 146.259649][ T27] audit: type=1326 audit(1734790933.117:930): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5996 comm="syz.0.645" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f021b585d29 code=0x7ffc0000 [ 146.263710][ T5994] netlink: 8 bytes leftover after parsing attributes in process `syz.3.644'. [ 146.271547][ T27] audit: type=1326 audit(1734790933.127:931): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5996 comm="syz.0.645" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f021b585d29 code=0x7ffc0000 [ 146.330167][ T27] audit: type=1326 audit(1734790933.167:932): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5996 comm="syz.0.645" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f021b585d29 code=0x7ffc0000 [ 146.403975][ T6000] device pim6reg1 entered promiscuous mode [ 146.429459][ T27] audit: type=1326 audit(1734790933.167:933): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5996 comm="syz.0.645" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f021b585d29 code=0x7ffc0000 [ 146.541303][ T27] audit: type=1326 audit(1734790933.197:934): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5996 comm="syz.0.645" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f021b585d29 code=0x7ffc0000 [ 146.541359][ T27] audit: type=1326 audit(1734790933.197:935): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5996 comm="syz.0.645" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f021b585d29 code=0x7ffc0000 [ 146.541396][ T27] audit: type=1326 audit(1734790933.197:936): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5996 comm="syz.0.645" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f021b585d29 code=0x7ffc0000 [ 146.541436][ T27] audit: type=1326 audit(1734790933.197:937): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5996 comm="syz.0.645" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f021b585d29 code=0x7ffc0000 [ 146.541473][ T27] audit: type=1326 audit(1734790933.197:938): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5996 comm="syz.0.645" exe="/root/syz-executor" sig=0 arch=c000003e syscall=118 compat=0 ip=0x7f021b585d29 code=0x7ffc0000 [ 146.541512][ T27] audit: type=1326 audit(1734790933.197:939): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5996 comm="syz.0.645" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f021b585d29 code=0x7ffc0000 [ 146.613777][ T6009] syz.0.647[6009] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 146.613889][ T6009] syz.0.647[6009] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 146.793486][ C0] vkms_vblank_simulate: vblank timer overrun [ 146.850781][ T6017] netlink: 16 bytes leftover after parsing attributes in process `syz.1.651'. [ 147.162173][ C0] vkms_vblank_simulate: vblank timer overrun [ 147.415615][ T6034] 9pnet_fd: Insufficient options for proto=fd [ 148.302002][ T6037] netdevsim netdevsim0 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 148.336126][ T6037] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 148.382834][ T6041] netlink: 4 bytes leftover after parsing attributes in process `syz.1.660'. [ 148.649173][ T6052] loop2: detected capacity change from 0 to 512 [ 148.723740][ T6052] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e842c11c, mo2=0002] [ 148.747585][ T6052] System zones: 0-2, 18-18, 34-34 [ 148.773383][ T6054] loop3: detected capacity change from 0 to 4096 [ 148.803145][ T6052] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.665: bg 0: block 248: padding at end of block bitmap is not set [ 148.833263][ T6054] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 148.860491][ T6052] EXT4-fs error (device loop2): ext4_acquire_dquot:6794: comm syz.2.665: Failed to acquire dquot type 1 [ 148.873913][ T6062] loop4: detected capacity change from 0 to 512 [ 148.901272][ T6052] EXT4-fs (loop2): 1 truncate cleaned up [ 148.915133][ T6052] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 148.927772][ T6062] EXT4-fs error (device loop4): ext4_xattr_inode_iget:404: comm syz.4.669: inode #1: comm syz.4.669: iget: illegal inode # [ 148.949619][ T6037] netdevsim netdevsim0 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 148.957087][ T6052] ext4 filesystem being mounted at /118/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 148.959829][ T6037] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 148.976890][ T6062] EXT4-fs error (device loop4): ext4_xattr_inode_iget:409: comm syz.4.669: error while reading EA inode 1 err=-117 [ 149.054658][ T6052] xt_CT: You must specify a L4 protocol and not use inversions on it [ 149.056239][ T6062] EXT4-fs (loop4): 1 orphan inode deleted [ 149.072310][ T6062] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 149.088278][ T6037] netdevsim netdevsim0 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 149.134379][ T6037] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 149.216071][ T4256] EXT4-fs (loop4): unmounting filesystem. [ 149.234889][ T6037] netdevsim netdevsim0 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 149.267853][ T6037] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 149.409295][ T4259] EXT4-fs (loop2): unmounting filesystem. [ 149.538617][ T4263] EXT4-fs (loop3): unmounting filesystem. [ 149.629178][ T6073] loop4: detected capacity change from 0 to 1024 [ 149.645252][ T6073] EXT4-fs: Ignoring removed nobh option [ 149.672597][ T6073] EXT4-fs: Ignoring removed orlov option [ 149.716157][ T6073] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 149.835526][ T6083] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 149.861034][ T6083] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 149.875330][ T4256] EXT4-fs (loop4): unmounting filesystem. [ 150.554376][ T6037] netdevsim netdevsim0 eth0: set [0, 0] type 1 family 0 port 8472 - 0 [ 150.680619][ T6037] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 150.857496][ T6037] netdevsim netdevsim0 eth1: set [0, 0] type 1 family 0 port 8472 - 0 [ 150.934527][ T6037] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 151.021208][ T6037] netdevsim netdevsim0 eth2: set [0, 0] type 1 family 0 port 8472 - 0 [ 151.070491][ T6037] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 151.137211][ T6037] netdevsim netdevsim0 eth3: set [0, 0] type 1 family 0 port 8472 - 0 [ 151.207917][ T6037] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 152.556951][ T27] kauditd_printk_skb: 75 callbacks suppressed [ 152.556968][ T27] audit: type=1326 audit(1734790939.417:1013): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6108 comm="syz.1.688" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27da985d29 code=0x7ffc0000 [ 152.646878][ T6112] loop0: detected capacity change from 0 to 1024 [ 152.672243][ T27] audit: type=1326 audit(1734790939.467:1014): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6108 comm="syz.1.688" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27da985d29 code=0x7ffc0000 [ 152.744099][ T6112] EXT4-fs (loop0): revision level too high, forcing read-only mode [ 152.791308][ T6112] EXT4-fs (loop0): orphan cleanup on readonly fs [ 152.819326][ T27] audit: type=1326 audit(1734790939.467:1015): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6108 comm="syz.1.688" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f27da985d29 code=0x7ffc0000 [ 152.851304][ T6112] EXT4-fs error (device loop0): ext4_map_blocks:744: inode #3: block 3: comm ]:: lblock 3 mapped to illegal pblock 3 (length 1) [ 152.886789][ T6112] Quota error (device loop0): write_blk: dquota write failed [ 152.906821][ T27] audit: type=1326 audit(1734790939.467:1016): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6108 comm="syz.1.688" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27da985d29 code=0x7ffc0000 [ 152.934319][ T6112] Quota error (device loop0): find_free_dqentry: Can't write quota data block 3 [ 152.960023][ T6112] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota [ 152.994578][ T6112] EXT4-fs error (device loop0): ext4_acquire_dquot:6794: comm ]:: Failed to acquire dquot type 0 [ 152.999734][ C0] sched: RT throttling activated [ 153.013393][ T27] audit: type=1326 audit(1734790939.467:1017): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6108 comm="syz.1.688" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27da985d29 code=0x7ffc0000 [ 153.108970][ T27] audit: type=1326 audit(1734790939.467:1018): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6108 comm="syz.1.688" exe="/root/syz-executor" sig=0 arch=c000003e syscall=294 compat=0 ip=0x7f27da985d29 code=0x7ffc0000 [ 153.175598][ T6112] EXT4-fs error (device loop0): ext4_map_blocks:634: inode #3: block 3: comm ]:: lblock 3 mapped to illegal pblock 3 (length 1) [ 153.261044][ T6112] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota [ 153.306589][ T6112] EXT4-fs error (device loop0): ext4_acquire_dquot:6794: comm ]:: Failed to acquire dquot type 0 [ 153.349169][ T6112] EXT4-fs error (device loop0): ext4_free_blocks:6210: comm ]:: Freeing blocks not in datazone - block = 0, count = 4096 [ 153.409210][ T6112] EXT4-fs error (device loop0): ext4_map_blocks:634: inode #3: block 3: comm ]:: lblock 3 mapped to illegal pblock 3 (length 1) [ 153.474448][ T6112] EXT4-fs error (device loop0): ext4_acquire_dquot:6794: comm ]:: Failed to acquire dquot type 0 [ 153.571582][ T6112] EXT4-fs (loop0): 1 orphan inode deleted [ 153.632251][ T6123] loop2: detected capacity change from 0 to 512 [ 153.696063][ T6123] EXT4-fs error (device loop2): ext4_xattr_inode_iget:404: comm syz.2.692: inode #1: comm syz.2.692: iget: illegal inode # [ 153.735786][ T6123] EXT4-fs error (device loop2): ext4_xattr_inode_iget:409: comm syz.2.692: error while reading EA inode 1 err=-117 [ 153.789683][ T6123] EXT4-fs (loop2): 1 orphan inode deleted [ 153.816112][ T6123] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 153.920208][ T6112] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 154.067849][ T4259] EXT4-fs (loop2): unmounting filesystem. [ 155.044593][ T4248] EXT4-fs (loop0): unmounting filesystem. [ 155.128559][ T6136] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 155.289127][ T6136] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 155.388518][ T6157] netlink: 4 bytes leftover after parsing attributes in process `syz.0.699'. [ 155.416649][ T6158] netlink: 36 bytes leftover after parsing attributes in process `syz.4.702'. [ 155.893462][ T6172] netlink: 8 bytes leftover after parsing attributes in process `syz.0.708'. [ 155.922268][ T6168] loop3: detected capacity change from 0 to 8192 [ 155.932359][ T6172] device bond1 entered promiscuous mode [ 155.938238][ T6172] 8021q: adding VLAN 0 to HW filter on device bond1 [ 156.355551][ T6181] device syzkaller0 entered promiscuous mode [ 156.365612][ T6185] loop2: detected capacity change from 0 to 512 [ 156.440078][ T6185] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 156.510096][ T6185] ext4 filesystem being mounted at /127/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 156.771040][ T4259] EXT4-fs (loop2): unmounting filesystem. [ 156.986729][ T6202] loop2: detected capacity change from 0 to 1024 [ 157.049442][ T6202] EXT4-fs (loop2): revision level too high, forcing read-only mode [ 157.071543][ T6202] EXT4-fs (loop2): orphan cleanup on readonly fs [ 157.126007][ T6202] EXT4-fs error (device loop2): ext4_map_blocks:744: inode #3: block 3: comm syz.2.719: lblock 3 mapped to illegal pblock 3 (length 1) [ 157.200590][ T6212] syz.3.724[6212] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 157.200734][ T6212] syz.3.724[6212] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 157.211472][ T6202] EXT4-fs error (device loop2): ext4_acquire_dquot:6794: comm syz.2.719: Failed to acquire dquot type 0 [ 157.265629][ T6202] EXT4-fs error (device loop2): ext4_map_blocks:634: inode #3: block 3: comm syz.2.719: lblock 3 mapped to illegal pblock 3 (length 1) [ 157.325260][ T6202] EXT4-fs error (device loop2): ext4_acquire_dquot:6794: comm syz.2.719: Failed to acquire dquot type 0 [ 157.350180][ T6202] EXT4-fs error (device loop2): ext4_free_blocks:6210: comm syz.2.719: Freeing blocks not in datazone - block = 0, count = 4096 [ 157.397553][ T6202] EXT4-fs error (device loop2): ext4_map_blocks:634: inode #3: block 3: comm syz.2.719: lblock 3 mapped to illegal pblock 3 (length 1) [ 157.446223][ T6202] EXT4-fs error (device loop2): ext4_acquire_dquot:6794: comm syz.2.719: Failed to acquire dquot type 0 [ 157.480958][ T6202] EXT4-fs (loop2): 1 orphan inode deleted [ 157.487446][ T6202] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 157.568215][ T4259] EXT4-fs (loop2): unmounting filesystem. [ 157.629651][ T6221] Unknown options in mask 5 [ 158.151162][ T27] kauditd_printk_skb: 89 callbacks suppressed [ 158.151180][ T27] audit: type=1326 audit(1734790945.017:1102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6232 comm=34B9DF737F exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27da985d29 code=0x7ffc0000 [ 158.181426][ T27] audit: type=1326 audit(1734790945.017:1103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6232 comm=34B9DF737F exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27da985d29 code=0x7ffc0000 [ 158.205190][ T27] audit: type=1326 audit(1734790945.017:1104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6232 comm=34B9DF737F exe="/root/syz-executor" sig=0 arch=c000003e syscall=246 compat=0 ip=0x7f27da985d29 code=0x7ffc0000 [ 158.229608][ T27] audit: type=1326 audit(1734790945.017:1105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6232 comm=34B9DF737F exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27da985d29 code=0x7ffc0000 [ 158.252466][ T27] audit: type=1326 audit(1734790945.067:1106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6232 comm=34B9DF737F exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27da985d29 code=0x7ffc0000 [ 159.625456][ T6224] netlink: 'syz.3.727': attribute type 10 has an invalid length. [ 159.636276][ T6226] netlink: 4 bytes leftover after parsing attributes in process `syz.3.727'. [ 159.869433][ T27] audit: type=1326 audit(1734790946.727:1107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6241 comm="syz.2.736" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ff9785d29 code=0x7ffc0000 [ 159.940913][ T6214] Falling back ldisc for ttyS3. [ 159.959925][ T27] audit: type=1326 audit(1734790946.777:1108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6241 comm="syz.2.736" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7f0ff9785d29 code=0x7ffc0000 [ 160.424812][ T6243] loop1: detected capacity change from 0 to 1024 [ 160.432191][ T6243] EXT4-fs: Ignoring removed orlov option [ 160.437890][ T6243] EXT4-fs: Ignoring removed nomblk_io_submit option [ 160.488389][ T27] audit: type=1326 audit(1734790946.777:1109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6241 comm="syz.2.736" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ff9785d29 code=0x7ffc0000 [ 160.529124][ T6243] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 160.540166][ T27] audit: type=1326 audit(1734790946.777:1110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6241 comm="syz.2.736" exe="/root/syz-executor" sig=0 arch=c000003e syscall=240 compat=0 ip=0x7f0ff9785d29 code=0x7ffc0000 [ 160.563588][ T27] audit: type=1326 audit(1734790946.777:1111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6241 comm="syz.2.736" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ff9785d29 code=0x7ffc0000 [ 160.795660][ T4251] EXT4-fs (loop1): unmounting filesystem. [ 162.971834][ T6261] loop3: detected capacity change from 0 to 164 [ 163.291394][ T27] audit: type=1326 audit(1734790950.157:1112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6264 comm="syz.0.745" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f021b585d29 code=0x7ffc0000 [ 163.440235][ T27] audit: type=1326 audit(1734790950.157:1113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6264 comm="syz.0.745" exe="/root/syz-executor" sig=0 arch=c000003e syscall=430 compat=0 ip=0x7f021b585d29 code=0x7ffc0000 [ 163.504147][ T27] audit: type=1326 audit(1734790950.157:1114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6264 comm="syz.0.745" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f021b585d29 code=0x7ffc0000 [ 163.527839][ T6273] netlink: 8 bytes leftover after parsing attributes in process `syz.4.746'. [ 163.557833][ T27] audit: type=1326 audit(1734790950.177:1115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6264 comm="syz.0.745" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f021b585d29 code=0x7ffc0000 [ 163.601221][ T6273] device bond1 entered promiscuous mode [ 163.620164][ T6273] 8021q: adding VLAN 0 to HW filter on device bond1 [ 163.916742][ T6261] iso9660: Corrupted directory entry in block 4 of inode 1792 [ 165.873142][ T6304] loop4: detected capacity change from 0 to 128 [ 166.554014][ T27] audit: type=1326 audit(1734790953.417:1116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6326 comm="syz.2.769" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ff9785d29 code=0x7ffc0000 [ 166.618383][ T27] audit: type=1326 audit(1734790953.447:1117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6326 comm="syz.2.769" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ff9785d29 code=0x7ffc0000 [ 166.682404][ T27] audit: type=1326 audit(1734790953.447:1118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6326 comm="syz.2.769" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0ff9785d29 code=0x7ffc0000 [ 166.798431][ T27] audit: type=1326 audit(1734790953.447:1119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6326 comm="syz.2.769" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ff9785d29 code=0x7ffc0000 [ 166.866711][ T27] audit: type=1326 audit(1734790953.447:1120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6326 comm="syz.2.769" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ff9785d29 code=0x7ffc0000 [ 166.917974][ T27] audit: type=1326 audit(1734790953.447:1121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6326 comm="syz.2.769" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0ff9785d29 code=0x7ffc0000 [ 167.494132][ T6356] netlink: 'syz.4.782': attribute type 3 has an invalid length. [ 167.566601][ T6360] 9pnet_virtio: no channels available for device ./bus [ 167.603586][ T6363] netlink: 4 bytes leftover after parsing attributes in process `syz.3.783'. [ 167.775426][ T6366] loop4: detected capacity change from 0 to 1024 [ 167.847438][ T6366] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 167.867077][ T6366] EXT4-fs (loop4): orphan cleanup on readonly fs [ 167.875956][ T6366] EXT4-fs error (device loop4): ext4_map_blocks:744: inode #3: block 3: comm ]:: lblock 3 mapped to illegal pblock 3 (length 1) [ 167.964628][ T6366] EXT4-fs error (device loop4): ext4_acquire_dquot:6794: comm ]:: Failed to acquire dquot type 0 [ 167.985926][ T6366] EXT4-fs error (device loop4): ext4_map_blocks:634: inode #3: block 3: comm ]:: lblock 3 mapped to illegal pblock 3 (length 1) [ 168.011222][ T6366] EXT4-fs error (device loop4): ext4_acquire_dquot:6794: comm ]:: Failed to acquire dquot type 0 [ 168.039683][ T6366] EXT4-fs error (device loop4): ext4_free_blocks:6210: comm ]:: Freeing blocks not in datazone - block = 0, count = 4096 [ 168.084974][ T6366] EXT4-fs error (device loop4): ext4_map_blocks:634: inode #3: block 3: comm ]:: lblock 3 mapped to illegal pblock 3 (length 1) [ 168.136233][ T6366] EXT4-fs error (device loop4): ext4_acquire_dquot:6794: comm ]:: Failed to acquire dquot type 0 [ 168.156366][ T6376] loop1: detected capacity change from 0 to 256 [ 168.192252][ T6366] EXT4-fs (loop4): 1 orphan inode deleted [ 168.209691][ T6376] FAT-fs (loop1): bogus number of FAT sectors [ 168.224482][ T6366] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 168.234689][ T6376] FAT-fs (loop1): Can't find a valid FAT filesystem [ 168.465109][ T4256] EXT4-fs (loop4): unmounting filesystem. [ 169.282020][ T6407] loop4: detected capacity change from 0 to 512 [ 169.389676][ T6407] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 169.419905][ T6407] ext4 filesystem being mounted at /172/file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 169.451951][ T27] kauditd_printk_skb: 76 callbacks suppressed [ 169.451968][ T27] audit: type=1326 audit(1734790956.317:1193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6405 comm="syz.4.800" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f863a985d29 code=0x7ffc0000 [ 169.535911][ T6415] loop2: detected capacity change from 0 to 4096 [ 169.553500][ T27] audit: type=1326 audit(1734790956.317:1194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6405 comm="syz.4.800" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f863a985d29 code=0x7ffc0000 [ 169.613958][ T6415] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 169.635721][ T27] audit: type=1326 audit(1734790956.347:1195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6405 comm="syz.4.800" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f863a985d29 code=0x7ffc0000 [ 169.692017][ T4256] EXT4-fs (loop4): unmounting filesystem. [ 169.704222][ T6418] loop1: detected capacity change from 0 to 1024 [ 169.750759][ T27] audit: type=1326 audit(1734790956.347:1196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6405 comm="syz.4.800" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f863a985d29 code=0x7ffc0000 [ 169.830045][ T27] audit: type=1326 audit(1734790956.347:1197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6405 comm="syz.4.800" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f863a985d29 code=0x7ffc0000 [ 169.873475][ T6418] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 169.889903][ T27] audit: type=1326 audit(1734790956.347:1198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6405 comm="syz.4.800" exe="/root/syz-executor" sig=0 arch=c000003e syscall=260 compat=0 ip=0x7f863a985d29 code=0x7ffc0000 [ 169.912438][ T27] audit: type=1326 audit(1734790956.397:1199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6405 comm="syz.4.800" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f863a985d29 code=0x7ffc0000 [ 169.935209][ T6418] ext4 filesystem being mounted at /149/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 170.033552][ T6418] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.804: bg 0: block 393: padding at end of block bitmap is not set [ 170.181381][ T4251] EXT4-fs (loop1): unmounting filesystem. [ 170.268966][ T4259] EXT4-fs (loop2): unmounting filesystem. [ 170.910806][ T6449] loop0: detected capacity change from 0 to 512 [ 170.950759][ T6453] loop4: detected capacity change from 0 to 1024 [ 170.983509][ T6453] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 171.002093][ T6449] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 171.023578][ T6453] EXT4-fs (loop4): orphan cleanup on readonly fs [ 171.033647][ T6449] ext4 filesystem being mounted at /164/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 171.061394][ T6436] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 171.111055][ T6436] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 171.120059][ T6453] EXT4-fs error (device loop4): ext4_map_blocks:744: inode #3: block 3: comm ]:: lblock 3 mapped to illegal pblock 3 (length 1) [ 171.145928][ T6436] Bluetooth: hci0: Suspend notifier action (1) failed: -4 [ 171.164863][ T6436] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 171.171736][ T6453] Quota error (device loop4): write_blk: dquota write failed [ 171.180356][ T6453] Quota error (device loop4): find_free_dqentry: Can't write quota data block 3 [ 171.200217][ T6436] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 171.206450][ T6453] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota [ 171.219863][ T6436] Bluetooth: hci1: Suspend notifier action (1) failed: -4 [ 171.227232][ T6453] EXT4-fs error (device loop4): ext4_acquire_dquot:6794: comm ]:: Failed to acquire dquot type 0 [ 171.239483][ T6460] loop2: detected capacity change from 0 to 2048 [ 171.259352][ T6436] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 171.270053][ T6453] EXT4-fs error (device loop4): ext4_map_blocks:634: inode #3: block 3: comm ]:: lblock 3 mapped to illegal pblock 3 (length 1) [ 171.270147][ T6436] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 171.284598][ T4248] EXT4-fs (loop0): unmounting filesystem. [ 171.293598][ T6436] Bluetooth: hci2: Suspend notifier action (1) failed: -4 [ 171.309247][ T6453] EXT4-fs error (device loop4): ext4_acquire_dquot:6794: comm ]:: Failed to acquire dquot type 0 [ 171.309621][ T6460] loop2: p1 < > p4 [ 171.336573][ T6453] EXT4-fs error (device loop4): ext4_free_blocks:6210: comm ]:: Freeing blocks not in datazone - block = 0, count = 4096 [ 171.341812][ T6436] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 171.355848][ T6460] loop2: p4 size 8388608 extends beyond EOD, truncated [ 171.363330][ T6453] EXT4-fs error (device loop4): ext4_map_blocks:634: inode #3: block 3: comm ]:: lblock 3 mapped to illegal pblock 3 (length 1) [ 171.368859][ T6436] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 171.402761][ T3622] loop2: p1 < > p4 [ 171.414806][ T3622] loop2: p4 size 8388608 extends beyond EOD, truncated [ 171.424694][ T6436] Bluetooth: hci3: Suspend notifier action (1) failed: -4 [ 171.437332][ T6453] EXT4-fs error (device loop4): ext4_acquire_dquot:6794: comm ]:: Failed to acquire dquot type 0 [ 171.438204][ T6436] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 171.474519][ T6453] EXT4-fs (loop4): 1 orphan inode deleted [ 171.495244][ T6453] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 171.504670][ T6436] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 171.554874][ T6436] Bluetooth: hci4: Suspend notifier action (1) failed: -4 [ 171.574857][ T3622] loop2: p1 < > p4 [ 171.600224][ T3622] loop2: p4 size 8388608 extends beyond EOD, truncated [ 171.668554][ T6469] syz.1.822[6469] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 171.668663][ T6469] syz.1.822[6469] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 171.791652][ T4256] EXT4-fs (loop4): unmounting filesystem. [ 172.074609][ T4327] udevd[4327]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory [ 172.092263][ T4337] udevd[4337]: inotify_add_watch(7, /dev/loop2p4, 10) failed: No such file or directory [ 172.191558][ T4346] udevd[4346]: inotify_add_watch(7, /dev/loop2p4, 10) failed: No such file or directory [ 172.210601][ T4327] udevd[4327]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory [ 172.500065][ T4255] Bluetooth: hci0: command 0x0c1a tx timeout [ 172.840711][ T6494] netlink: 4 bytes leftover after parsing attributes in process `syz.0.833'. [ 172.859469][ T6494] device bridge_slave_1 left promiscuous mode [ 172.887992][ T6494] bridge0: port 2(bridge_slave_1) entered disabled state [ 172.897535][ T6496] loop4: detected capacity change from 0 to 256 [ 172.928028][ T6494] device bridge_slave_0 left promiscuous mode [ 172.940637][ T6494] bridge0: port 1(bridge_slave_0) entered disabled state [ 172.971910][ T6496] FAT-fs (loop4): Directory bread(block 64) failed [ 172.998491][ T6499] loop3: detected capacity change from 0 to 512 [ 173.002890][ T6496] FAT-fs (loop4): Directory bread(block 65) failed [ 173.047775][ T6496] FAT-fs (loop4): Directory bread(block 66) failed [ 173.051483][ T6499] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 173.079154][ T6496] FAT-fs (loop4): Directory bread(block 67) failed [ 173.094315][ T6499] EXT4-fs (loop3): 1 truncate cleaned up [ 173.125582][ T6496] FAT-fs (loop4): Directory bread(block 68) failed [ 173.152463][ T6499] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 173.178823][ T6499] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2186: inode #15: comm syz.3.834: corrupted in-inode xattr [ 173.184167][ T6496] FAT-fs (loop4): Directory bread(block 69) failed [ 173.198153][ T6496] FAT-fs (loop4): Directory bread(block 70) failed [ 173.204784][ T6496] FAT-fs (loop4): Directory bread(block 71) failed [ 173.211604][ T6496] FAT-fs (loop4): Directory bread(block 72) failed [ 173.218173][ T6496] FAT-fs (loop4): Directory bread(block 73) failed [ 173.226610][ T4255] Bluetooth: hci1: command 0x0c1a tx timeout [ 173.280385][ T6499] EXT4-fs warning (device loop3): ext4_xattr_set_entry:1723: inode #15: comm syz.3.834: unable to update i_inline_off [ 173.299837][ T4255] Bluetooth: hci2: command 0x0c1a tx timeout [ 173.379486][ T6499] syz.3.834 (6499) used greatest stack depth: 18432 bytes left [ 173.387251][ T4255] Bluetooth: hci3: command 0x0c1a tx timeout [ 173.459814][ T4255] Bluetooth: hci4: command 0x0c1a tx timeout [ 173.560912][ T4263] EXT4-fs (loop3): unmounting filesystem. [ 173.725945][ T6515] loop3: detected capacity change from 0 to 512 [ 173.807410][ T6496] syz.4.832: attempt to access beyond end of device [ 173.807410][ T6496] loop4: rw=2049, sector=1800, nr_sectors = 2052 limit=256 [ 173.845260][ T6515] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 173.871883][ T6515] ext4 filesystem being mounted at /171/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 173.885972][ T6496] syz.4.832: attempt to access beyond end of device [ 173.885972][ T6496] loop4: rw=524288, sector=1736, nr_sectors = 32 limit=256 [ 173.900439][ T6496] syz.4.832: attempt to access beyond end of device [ 173.900439][ T6496] loop4: rw=0, sector=1736, nr_sectors = 8 limit=256 [ 174.093457][ T4263] EXT4-fs (loop3): unmounting filesystem. [ 174.390952][ T6534] syz.2.848[6534] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 174.391064][ T6534] syz.2.848[6534] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 174.429301][ T6142] kworker/u4:14: attempt to access beyond end of device [ 174.429301][ T6142] loop4: rw=1, sector=1808, nr_sectors = 8 limit=256 [ 174.494200][ T27] kauditd_printk_skb: 20 callbacks suppressed [ 174.494216][ T27] audit: type=1326 audit(1734790961.357:1218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6532 comm="syz.2.848" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f0ff97847df code=0x7ffc0000 [ 174.524886][ T6534] loop2: detected capacity change from 0 to 128 [ 174.558728][ T6534] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 174.579788][ T4255] Bluetooth: hci0: command 0x0406 tx timeout [ 174.603028][ T6534] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 174.619085][ T6541] loop3: detected capacity change from 0 to 512 [ 174.636645][ T6541] EXT4-fs (loop3): orphan cleanup on readonly fs [ 174.643985][ T27] audit: type=1326 audit(1734790961.387:1219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6532 comm="syz.2.848" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f0ff9785db7 code=0x7ffc0000 [ 174.667928][ T6541] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -13 [ 174.704531][ T6541] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters [ 174.719245][ T27] audit: type=1326 audit(1734790961.387:1220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6532 comm="syz.2.848" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f0ff9784690 code=0x7ffc0000 [ 174.775598][ T6548] loop0: detected capacity change from 0 to 128 [ 174.805325][ T6541] EXT4-fs error (device loop3): ext4_clear_blocks:883: inode #13: comm syz.3.853: attempt to clear invalid blocks 2 len 1 [ 174.822635][ T27] audit: type=1326 audit(1734790961.387:1221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6532 comm="syz.2.848" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f0ff978592b code=0x7ffc0000 [ 174.896432][ T5236] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 174.907464][ T6541] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #13: comm syz.3.853: invalid indirect mapped block 1819239214 (level 0) [ 174.943470][ T27] audit: type=1326 audit(1734790961.407:1222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6532 comm="syz.2.848" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f0ff978498a code=0x7ffc0000 [ 174.995355][ T6541] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #13: comm syz.3.853: invalid indirect mapped block 1819239214 (level 1) [ 175.013242][ T27] audit: type=1326 audit(1734790961.407:1223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6532 comm="syz.2.848" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f0ff978498a code=0x7ffc0000 [ 175.043814][ T6541] EXT4-fs (loop3): 1 truncate cleaned up [ 175.069808][ T6541] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 175.099930][ T27] audit: type=1326 audit(1734790961.417:1224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6532 comm="syz.2.848" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f0ff9784597 code=0x7ffc0000 [ 175.153563][ T27] audit: type=1326 audit(1734790961.417:1225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6532 comm="syz.2.848" exe="/root/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7f0ff97874ca code=0x7ffc0000 [ 175.205427][ T27] audit: type=1326 audit(1734790961.557:1226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6532 comm="syz.2.848" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f0ff9784690 code=0x7ffc0000 [ 175.281140][ T27] audit: type=1326 audit(1734790961.557:1227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6532 comm="syz.2.848" exe="/root/syz-executor" sig=0 arch=c000003e syscall=80 compat=0 ip=0x7f0ff9784a77 code=0x7ffc0000 [ 175.311383][ T4255] Bluetooth: hci1: command 0x0406 tx timeout [ 175.380789][ T4255] Bluetooth: hci2: command 0x0406 tx timeout [ 175.459825][ T4255] Bluetooth: hci3: command 0x0406 tx timeout [ 175.539811][ T4255] Bluetooth: hci4: command 0x0406 tx timeout [ 175.592668][ T4263] EXT4-fs (loop3): unmounting filesystem. [ 175.685081][ T6571] netdevsim netdevsim0 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 175.722767][ T6571] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 175.797554][ T6571] netdevsim netdevsim0 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 175.837884][ T6576] loop2: detected capacity change from 0 to 1024 [ 175.844501][ T6571] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 175.865273][ T6576] EXT4-fs (loop2): revision level too high, forcing read-only mode [ 175.881012][ T6576] EXT4-fs (loop2): orphan cleanup on readonly fs [ 175.918667][ T6576] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5885: Corrupt filesystem [ 175.984106][ T6576] EXT4-fs (loop2): Remounting filesystem read-only [ 175.985929][ T6571] netdevsim netdevsim0 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 175.996135][ T6576] EXT4-fs error (device loop2): ext4_dirty_inode:6089: inode #3: comm syz.2.866: mark_inode_dirty error [ 176.015234][ T6576] EXT4-fs (loop2): Remounting filesystem read-only [ 176.024604][ T6576] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:477: comm syz.2.866: Invalid block bitmap block 3 in block_group 0 [ 176.038835][ T6576] EXT4-fs (loop2): Remounting filesystem read-only [ 176.046395][ T6576] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5885: Corrupt filesystem [ 176.049073][ T6571] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 176.071265][ T6576] EXT4-fs (loop2): Remounting filesystem read-only [ 176.084747][ T6576] EXT4-fs error (device loop2): ext4_dirty_inode:6089: inode #3: comm syz.2.866: mark_inode_dirty error [ 176.099509][ T6576] EXT4-fs (loop2): Remounting filesystem read-only [ 176.106683][ T6576] EXT4-fs error (device loop2): ext4_map_blocks:634: inode #3: block 1: comm syz.2.866: lblock 6 mapped to illegal pblock 1 (length 1) [ 176.138831][ T6571] netdevsim netdevsim0 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 176.151289][ T6576] EXT4-fs (loop2): Remounting filesystem read-only [ 176.168539][ T6576] EXT4-fs error (device loop2): ext4_map_blocks:634: inode #3: block 48: comm syz.2.866: lblock 0 mapped to illegal pblock 48 (length 1) [ 176.182825][ T6571] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 176.229992][ T6576] EXT4-fs (loop2): Remounting filesystem read-only [ 176.240010][ T6576] EXT4-fs error (device loop2): ext4_acquire_dquot:6794: comm syz.2.866: Failed to acquire dquot type 0 [ 176.267753][ T6576] EXT4-fs (loop2): Remounting filesystem read-only [ 176.283275][ T6576] EXT4-fs error (device loop2): ext4_map_blocks:634: inode #3: block 49: comm syz.2.866: lblock 1 mapped to illegal pblock 49 (length 1) [ 176.298106][ T6571] netdevsim netdevsim0 eth0: set [0, 0] type 1 family 0 port 8472 - 0 [ 176.317132][ T6576] EXT4-fs (loop2): Remounting filesystem read-only [ 176.334079][ T6576] EXT4-fs error (device loop2): ext4_acquire_dquot:6794: comm syz.2.866: Failed to acquire dquot type 0 [ 176.337131][ T6571] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 176.365529][ T6571] netdevsim netdevsim0 eth1: set [0, 0] type 1 family 0 port 8472 - 0 [ 176.374000][ T6571] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 176.389380][ T6571] netdevsim netdevsim0 eth2: set [0, 0] type 1 family 0 port 8472 - 0 [ 176.397928][ T6571] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 176.413541][ T6571] netdevsim netdevsim0 eth3: set [0, 0] type 1 family 0 port 8472 - 0 [ 176.417580][ T6576] EXT4-fs (loop2): Remounting filesystem read-only [ 176.422032][ T6571] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 176.470211][ T6576] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5885: Corrupt filesystem [ 176.553898][ T6576] EXT4-fs (loop2): Remounting filesystem read-only [ 176.573147][ T6576] EXT4-fs error (device loop2): ext4_evict_inode:279: inode #15: comm syz.2.866: mark_inode_dirty error [ 176.601995][ T6590] netlink: 72 bytes leftover after parsing attributes in process `syz.1.872'. [ 176.644942][ T6576] EXT4-fs (loop2): Remounting filesystem read-only [ 176.660982][ T6576] EXT4-fs warning (device loop2): ext4_evict_inode:282: couldn't mark inode dirty (err -117) [ 176.686374][ T6576] EXT4-fs (loop2): 1 orphan inode deleted [ 176.716059][ T6576] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 176.841423][ T6596] loop0: detected capacity change from 0 to 512 [ 176.894493][ T6596] EXT4-fs (loop0): orphan cleanup on readonly fs [ 176.903782][ T6596] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -13 [ 176.925171][ T4259] EXT4-fs (loop2): unmounting filesystem. [ 176.931025][ T6596] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters [ 176.932059][ T6596] EXT4-fs error (device loop0): ext4_clear_blocks:883: inode #13: comm syz.0.876: attempt to clear invalid blocks 2 len 1 [ 176.965889][ T6596] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #13: comm syz.0.876: invalid indirect mapped block 1819239214 (level 0) [ 176.983167][ T6596] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #13: comm syz.0.876: invalid indirect mapped block 1819239214 (level 1) [ 177.007749][ T6596] EXT4-fs (loop0): 1 truncate cleaned up [ 177.013707][ T6596] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 177.140749][ T4248] EXT4-fs (loop0): unmounting filesystem. [ 177.497650][ T6615] loop2: detected capacity change from 0 to 2048 [ 177.748422][ T6628] loop1: detected capacity change from 0 to 1024 [ 177.820412][ T6632] netlink: 20 bytes leftover after parsing attributes in process `syz.2.887'. [ 177.825172][ T6628] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 178.093922][ T6639] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 178.151018][ T4251] EXT4-fs (loop1): unmounting filesystem. [ 178.617302][ T6653] loop4: detected capacity change from 0 to 512 [ 178.726591][ T6653] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 178.748792][ T6653] ext4 filesystem being mounted at /188/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 179.037720][ T4256] EXT4-fs (loop4): unmounting filesystem. [ 179.229918][ T6670] loop3: detected capacity change from 0 to 1024 [ 179.265462][ T6670] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 179.281012][ T6670] EXT4-fs (loop3): orphan cleanup on readonly fs [ 179.360534][ T6670] EXT4-fs error (device loop3): ext4_map_blocks:744: inode #3: block 3: comm syz.3.906: lblock 3 mapped to illegal pblock 3 (length 1) [ 179.419277][ T6670] EXT4-fs error (device loop3): ext4_acquire_dquot:6794: comm syz.3.906: Failed to acquire dquot type 0 [ 179.450755][ T6670] EXT4-fs error (device loop3): ext4_map_blocks:634: inode #3: block 3: comm syz.3.906: lblock 3 mapped to illegal pblock 3 (length 1) [ 179.503563][ T6670] __quota_error: 154 callbacks suppressed [ 179.503583][ T6670] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota [ 179.535486][ T6687] netlink: 4 bytes leftover after parsing attributes in process `syz.2.909'. [ 179.579862][ T6670] EXT4-fs error (device loop3): ext4_acquire_dquot:6794: comm syz.3.906: Failed to acquire dquot type 0 [ 179.672640][ T6670] EXT4-fs error (device loop3): ext4_free_blocks:6210: comm syz.3.906: Freeing blocks not in datazone - block = 0, count = 4096 [ 179.747382][ T6670] EXT4-fs error (device loop3): ext4_map_blocks:634: inode #3: block 3: comm syz.3.906: lblock 3 mapped to illegal pblock 3 (length 1) [ 179.788320][ T6670] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota [ 179.808751][ T6695] netdevsim netdevsim0 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 179.825627][ T6670] EXT4-fs error (device loop3): ext4_acquire_dquot:6794: comm syz.3.906: Failed to acquire dquot type 0 [ 179.837520][ T6695] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 179.849324][ T6670] EXT4-fs (loop3): 1 orphan inode deleted [ 179.876005][ T6670] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 179.986914][ T6695] netdevsim netdevsim0 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 180.043243][ T6695] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 180.130179][ T4263] EXT4-fs (loop3): unmounting filesystem. [ 180.201216][ T6695] netdevsim netdevsim0 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 180.233732][ T6695] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 180.353545][ T6695] netdevsim netdevsim0 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 180.384005][ T6695] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 180.878484][ T6727] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING [ 180.963717][ T6730] Unknown options in mask 5 [ 180.983146][ T6730] netlink: 'syz.2.923': attribute type 10 has an invalid length. [ 181.002325][ T6730] netlink: 4 bytes leftover after parsing attributes in process `syz.2.923'. [ 181.138659][ T6739] netlink: 4 bytes leftover after parsing attributes in process `syz.4.925'. [ 181.167135][ T27] audit: type=1326 audit(1734790968.027:1373): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6737 comm="syz.1.926" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27da985d29 code=0x7ffc0000 [ 181.224954][ T27] audit: type=1326 audit(1734790968.057:1374): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6737 comm="syz.1.926" exe="/root/syz-executor" sig=0 arch=c000003e syscall=127 compat=0 ip=0x7f27da985d29 code=0x7ffc0000 [ 181.288244][ T27] audit: type=1326 audit(1734790968.057:1375): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6737 comm="syz.1.926" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27da985d29 code=0x7ffc0000 [ 181.299027][ T6695] netdevsim netdevsim0 eth0: set [0, 0] type 1 family 0 port 8472 - 0 [ 181.366291][ T6695] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 181.411434][ T6695] netdevsim netdevsim0 eth1: set [0, 0] type 1 family 0 port 8472 - 0 [ 181.440431][ T6695] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 181.475037][ T6695] netdevsim netdevsim0 eth2: set [0, 0] type 1 family 0 port 8472 - 0 [ 181.499950][ T6695] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 181.540262][ T6695] netdevsim netdevsim0 eth3: set [0, 0] type 1 family 0 port 8472 - 0 [ 181.560183][ T6695] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 181.586959][ T6743] loop1: detected capacity change from 0 to 1024 [ 181.710756][ T6743] EXT4-fs (loop1): revision level too high, forcing read-only mode [ 181.720568][ T6743] EXT4-fs (loop1): orphan cleanup on readonly fs [ 181.755044][ T6743] EXT4-fs error (device loop1): ext4_map_blocks:744: inode #3: block 3: comm syz.1.927: lblock 3 mapped to illegal pblock 3 (length 1) [ 181.818652][ T6752] netlink: 4 bytes leftover after parsing attributes in process `syz.0.931'. [ 181.822151][ T6743] Quota error (device loop1): write_blk: dquota write failed [ 181.879991][ T6743] Quota error (device loop1): find_free_dqentry: Can't write quota data block 3 [ 181.889214][ T6743] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota [ 181.929166][ T6743] EXT4-fs error (device loop1): ext4_acquire_dquot:6794: comm syz.1.927: Failed to acquire dquot type 0 [ 181.992789][ T6743] EXT4-fs error (device loop1): ext4_map_blocks:634: inode #3: block 3: comm syz.1.927: lblock 3 mapped to illegal pblock 3 (length 1) [ 182.048643][ T6743] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota [ 182.079409][ T6743] EXT4-fs error (device loop1): ext4_acquire_dquot:6794: comm syz.1.927: Failed to acquire dquot type 0 [ 182.115850][ T6743] EXT4-fs error (device loop1): ext4_free_blocks:6210: comm syz.1.927: Freeing blocks not in datazone - block = 0, count = 4096 [ 182.159683][ T6743] EXT4-fs error (device loop1): ext4_map_blocks:634: inode #3: block 3: comm syz.1.927: lblock 3 mapped to illegal pblock 3 (length 1) [ 182.207151][ T6743] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota [ 182.231939][ T6743] EXT4-fs error (device loop1): ext4_acquire_dquot:6794: comm syz.1.927: Failed to acquire dquot type 0 [ 182.245141][ T6743] EXT4-fs (loop1): 1 orphan inode deleted [ 182.254331][ T6743] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 182.660220][ T6773] loop3: detected capacity change from 0 to 1024 [ 182.668118][ T4251] EXT4-fs (loop1): unmounting filesystem. [ 182.743319][ T6783] netlink: 4 bytes leftover after parsing attributes in process `syz.4.938'. [ 182.756157][ T6773] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 183.318417][ T4263] EXT4-fs (loop3): unmounting filesystem. [ 183.377888][ T6796] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING [ 183.777974][ T6810] netlink: 24 bytes leftover after parsing attributes in process `syz.3.950'. [ 183.979306][ T6819] netlink: 4 bytes leftover after parsing attributes in process `syz.4.951'. [ 184.486464][ T6832] loop4: detected capacity change from 0 to 512 [ 184.545651][ T6837] loop3: detected capacity change from 0 to 1024 [ 184.551414][ T6838] netlink: 12 bytes leftover after parsing attributes in process `syz.2.962'. [ 184.561987][ T6837] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 184.586105][ T6832] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 184.600204][ T6832] ext4 filesystem being mounted at /202/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 184.613309][ T6837] EXT4-fs (loop3): orphan cleanup on readonly fs [ 184.642349][ T6837] EXT4-fs error (device loop3): ext4_map_blocks:744: inode #3: block 3: comm syz.3.961: lblock 3 mapped to illegal pblock 3 (length 1) [ 184.685727][ T4256] EXT4-fs (loop4): unmounting filesystem. [ 184.719896][ T6837] __quota_error: 28 callbacks suppressed [ 184.719917][ T6837] Quota error (device loop3): write_blk: dquota write failed [ 184.765441][ T6837] Quota error (device loop3): find_free_dqentry: Can't write quota data block 3 [ 184.795950][ T6837] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota [ 184.816497][ T6837] EXT4-fs error (device loop3): ext4_acquire_dquot:6794: comm syz.3.961: Failed to acquire dquot type 0 [ 184.846013][ T6837] EXT4-fs error (device loop3): ext4_map_blocks:634: inode #3: block 3: comm syz.3.961: lblock 3 mapped to illegal pblock 3 (length 1) [ 184.885878][ T6837] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota [ 184.907387][ T6837] EXT4-fs error (device loop3): ext4_acquire_dquot:6794: comm syz.3.961: Failed to acquire dquot type 0 [ 184.916796][ T6855] loop0: detected capacity change from 0 to 128 [ 184.926419][ T6837] EXT4-fs error (device loop3): ext4_free_blocks:6210: comm syz.3.961: Freeing blocks not in datazone - block = 0, count = 4096 [ 184.952237][ T6837] EXT4-fs error (device loop3): ext4_map_blocks:634: inode #3: block 3: comm syz.3.961: lblock 3 mapped to illegal pblock 3 (length 1) [ 184.960533][ T6855] EXT4-fs: inline encryption not supported [ 184.984368][ T6855] journal_path: Lookup failure for './file0' [ 184.995964][ T6837] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota [ 185.006346][ T6855] EXT4-fs: error: could not find journal device path [ 185.013096][ T6837] EXT4-fs error (device loop3): ext4_acquire_dquot:6794: comm syz.3.961: Failed to acquire dquot type 0 [ 185.030178][ T6837] EXT4-fs (loop3): 1 orphan inode deleted [ 185.038270][ T6837] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 185.052618][ T6858] Unknown options in mask 5 [ 185.077052][ T6858] netlink: 'syz.4.965': attribute type 10 has an invalid length. [ 185.100488][ T6858] netlink: 4 bytes leftover after parsing attributes in process `syz.4.965'. [ 185.280689][ T4263] EXT4-fs (loop3): unmounting filesystem. [ 185.457765][ T27] audit: type=1326 audit(1734790972.317:1404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6867 comm="syz.3.969" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fa2585d29 code=0x7ffc0000 [ 185.527302][ T27] audit: type=1326 audit(1734790972.317:1405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6867 comm="syz.3.969" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fa2585d29 code=0x7ffc0000 [ 185.629831][ T27] audit: type=1326 audit(1734790972.357:1406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6867 comm="syz.3.969" exe="/root/syz-executor" sig=0 arch=c000003e syscall=121 compat=0 ip=0x7f9fa2585d29 code=0x7ffc0000 [ 185.667006][ T6873] loop2: detected capacity change from 0 to 2048 [ 185.713904][ T27] audit: type=1326 audit(1734790972.357:1407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6867 comm="syz.3.969" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fa2585d29 code=0x7ffc0000 [ 185.787292][ T27] audit: type=1326 audit(1734790972.357:1408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6867 comm="syz.3.969" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fa2585d29 code=0x7ffc0000 [ 185.865736][ T6873] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 186.117176][ T4259] EXT4-fs (loop2): unmounting filesystem. [ 186.247658][ T6891] 9pnet: Could not find request transport: r [ 186.276355][ T6895] debugfs: Directory 'ttyS3' with parent 'caif_serial' already present! [ 187.377818][ T6936] loop0: detected capacity change from 0 to 2048 [ 187.473304][ T6936] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 187.521604][ T6942] netlink: 'syz.3.993': attribute type 1 has an invalid length. [ 187.540666][ T6942] netlink: 83992 bytes leftover after parsing attributes in process `syz.3.993'. [ 187.761355][ T4248] EXT4-fs (loop0): unmounting filesystem. [ 188.438550][ T6978] netlink: 132 bytes leftover after parsing attributes in process `syz.3.1006'. [ 188.528685][ T6981] loop0: detected capacity change from 0 to 512 [ 188.590898][ T6981] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 188.667850][ T6981] EXT4-fs (loop0): 1 truncate cleaned up [ 188.685531][ T6986] loop4: detected capacity change from 0 to 1024 [ 188.692168][ T6981] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 188.752917][ T6986] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 188.754557][ T6981] ================================================================== [ 188.769500][ T6981] BUG: KASAN: out-of-bounds in ext4_xattr_set_entry+0x8ca/0x1f30 [ 188.777359][ T6981] Read of size 18446744073709551572 at addr ffff88807bded050 by task syz.0.1007/6981 [ 188.786856][ T6981] [ 188.789243][ T6981] CPU: 1 PID: 6981 Comm: syz.0.1007 Tainted: G W 6.1.121-syzkaller #0 [ 188.798815][ T6981] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 188.808914][ T6981] Call Trace: [ 188.812235][ T6981] [ 188.815196][ T6981] dump_stack_lvl+0x1e3/0x2cb [ 188.819932][ T6981] ? nf_tcp_handle_invalid+0x642/0x642 [ 188.825470][ T6981] ? panic+0x764/0x764 [ 188.829582][ T6981] ? _printk+0xd1/0x111 [ 188.833783][ T6981] ? __virt_addr_valid+0x17f/0x530 [ 188.838961][ T6981] ? __virt_addr_valid+0x17f/0x530 [ 188.844128][ T6981] print_report+0x15f/0x4f0 [ 188.848676][ T6981] ? __virt_addr_valid+0x17f/0x530 [ 188.853839][ T6981] ? __virt_addr_valid+0x17f/0x530 [ 188.858995][ T6981] ? __virt_addr_valid+0x45b/0x530 [ 188.864146][ T6981] ? __phys_addr+0xb6/0x170 [ 188.868676][ T6981] ? ext4_xattr_set_entry+0x8ca/0x1f30 [ 188.874155][ T6981] kasan_report+0x136/0x160 [ 188.878759][ T6981] ? __x64_sys_unlink+0x45/0x50 [ 188.883643][ T6981] ? ext4_xattr_set_entry+0x8ca/0x1f30 [ 188.889119][ T6981] ? ext4_xattr_set_entry+0x8ca/0x1f30 [ 188.894589][ T6981] kasan_check_range+0x27f/0x290 [ 188.899572][ T6981] ? ext4_xattr_set_entry+0x8ca/0x1f30 [ 188.905038][ T6981] memmove+0x25/0x60 [ 188.908947][ T6981] ext4_xattr_set_entry+0x8ca/0x1f30 [ 188.914249][ T6981] ? ext4_xattr_inode_lookup_create+0x1ff0/0x1ff0 [ 188.920675][ T6981] ? ext4_xattr_block_set+0x884/0x3920 [ 188.926140][ T6981] ? kmemdup+0x41/0x60 [ 188.930222][ T6981] ? memcpy+0x3c/0x60 [ 188.934221][ T6981] ext4_xattr_block_set+0xa58/0x3920 [ 188.939531][ T6981] ? __getblk_gfp+0x50/0xa20 [ 188.944172][ T6981] ? _raw_spin_unlock+0x24/0x40 [ 188.949040][ T6981] ? ext4_xattr_block_find+0x510/0x510 [ 188.954516][ T6981] ? ext4_xattr_block_find+0x468/0x510 [ 188.960080][ T6981] ext4_expand_extra_isize_ea+0x10d5/0x1bb0 [ 188.966097][ T6981] ? ext4_xattr_set+0x3d0/0x3d0 [ 188.971039][ T6981] ? rwsem_write_trylock+0x166/0x210 [ 188.976340][ T6981] ? clear_nonspinnable+0x60/0x60 [ 188.981405][ T6981] ? ext4_reserve_inode_write+0x2b3/0x360 [ 188.987189][ T6981] ? dquot_initialize_needed+0x128/0x320 [ 188.992851][ T6981] __ext4_expand_extra_isize+0x2f7/0x3d0 [ 188.998514][ T6981] __ext4_mark_inode_dirty+0x54f/0x920 [ 189.004088][ T6981] ? ext4_blocks_for_truncate+0x270/0x270 [ 189.009829][ T6981] ? current_time+0x1ba/0x300 [ 189.014533][ T6981] ? atime_needs_update+0x7b0/0x7b0 [ 189.019751][ T6981] __ext4_unlink+0x6ed/0xba0 [ 189.024352][ T6981] ? __ext4_read_dirblock+0x890/0x890 [ 189.029734][ T6981] ? rwsem_write_trylock+0x166/0x210 [ 189.035035][ T6981] ? inode_permission+0xf7/0x450 [ 189.039984][ T6981] ? clear_nonspinnable+0x60/0x60 [ 189.045055][ T6981] ext4_unlink+0x1d5/0x670 [ 189.049495][ T6981] vfs_unlink+0x359/0x5f0 [ 189.053851][ T6981] do_unlinkat+0x4a5/0x820 [ 189.058289][ T6981] ? fsnotify_link_count+0xf0/0xf0 [ 189.063526][ T6981] __x64_sys_unlink+0x45/0x50 [ 189.068215][ T6981] do_syscall_64+0x3b/0xb0 [ 189.072647][ T6981] ? clear_bhb_loop+0x45/0xa0 [ 189.077335][ T6981] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 189.083241][ T6981] RIP: 0033:0x7f021b585d29 [ 189.087676][ T6981] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 189.107311][ T6981] RSP: 002b:00007f021c388038 EFLAGS: 00000246 ORIG_RAX: 0000000000000057 [ 189.115732][ T6981] RAX: ffffffffffffffda RBX: 00007f021b775fa0 RCX: 00007f021b585d29 [ 189.123709][ T6981] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000000 [ 189.131698][ T6981] RBP: 00007f021b601aa8 R08: 0000000000000000 R09: 0000000000000000 [ 189.139673][ T6981] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 189.147932][ T6981] R13: 0000000000000000 R14: 00007f021b775fa0 R15: 00007fffb8c94bd8 [ 189.155918][ T6981] [ 189.158946][ T6981] [ 189.161269][ T6981] Allocated by task 6981: [ 189.165605][ T6981] kasan_set_track+0x4b/0x70 [ 189.170218][ T6981] __kasan_kmalloc+0x97/0xb0 [ 189.174810][ T6981] __kmalloc_node_track_caller+0xb1/0x220 [ 189.180538][ T6981] kmemdup+0x26/0x60 [ 189.184460][ T6981] ext4_xattr_block_set+0x884/0x3920 [ 189.189781][ T6981] ext4_expand_extra_isize_ea+0x10d5/0x1bb0 [ 189.195684][ T6981] __ext4_expand_extra_isize+0x2f7/0x3d0 [ 189.201340][ T6981] __ext4_mark_inode_dirty+0x54f/0x920 [ 189.206818][ T6981] __ext4_unlink+0x6ed/0xba0 [ 189.211417][ T6981] ext4_unlink+0x1d5/0x670 [ 189.215931][ T6981] vfs_unlink+0x359/0x5f0 [ 189.220272][ T6981] do_unlinkat+0x4a5/0x820 [ 189.224704][ T6981] __x64_sys_unlink+0x45/0x50 [ 189.229482][ T6981] do_syscall_64+0x3b/0xb0 [ 189.233919][ T6981] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 189.239828][ T6981] [ 189.242159][ T6981] The buggy address belongs to the object at ffff88807bded000 [ 189.242159][ T6981] which belongs to the cache kmalloc-1k of size 1024 [ 189.256223][ T6981] The buggy address is located 80 bytes inside of [ 189.256223][ T6981] 1024-byte region [ffff88807bded000, ffff88807bded400) [ 189.269514][ T6981] [ 189.271841][ T6981] The buggy address belongs to the physical page: [ 189.278267][ T6981] page:ffffea0001ef7a00 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7bde8 [ 189.288444][ T6981] head:ffffea0001ef7a00 order:3 compound_mapcount:0 compound_pincount:0 [ 189.296768][ T6981] flags: 0xfff00000010200(slab|head|node=0|zone=1|lastcpupid=0x7ff) [ 189.304792][ T6981] raw: 00fff00000010200 ffffea0001ec5e00 dead000000000002 ffff888017c41dc0 [ 189.313394][ T6981] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 189.321980][ T6981] page dumped because: kasan: bad access detected [ 189.328406][ T6981] page_owner tracks the page as allocated [ 189.334125][ T6981] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 4248, tgid 4248 (syz-executor), ts 77247732699, free_ts 77181719543 [ 189.355888][ T6981] post_alloc_hook+0x18d/0x1b0 [ 189.360668][ T6981] get_page_from_freelist+0x3731/0x38d0 [ 189.366242][ T6981] __alloc_pages+0x28d/0x770 [ 189.370839][ T6981] alloc_slab_page+0x6a/0x150 [ 189.375533][ T6981] new_slab+0x84/0x2d0 [ 189.379704][ T6981] ___slab_alloc+0xc20/0x1270 [ 189.384403][ T6981] __kmem_cache_alloc_node+0x19f/0x260 [ 189.389883][ T6981] __kmalloc_node+0xa2/0x230 [ 189.394571][ T6981] qdisc_alloc+0x93/0xa30 [ 189.398935][ T6981] qdisc_create_dflt+0x5d/0x500 [ 189.403819][ T6981] dev_activate+0x3b4/0x1200 [ 189.408429][ T6981] __dev_open+0x3f3/0x510 [ 189.412814][ T6981] __dev_change_flags+0x1db/0x6e0 [ 189.417852][ T6981] dev_change_flags+0x87/0x190 [ 189.422625][ T6981] do_setlink+0xcf4/0x3de0 [ 189.427055][ T6981] rtnl_newlink+0x172c/0x2050 [ 189.431746][ T6981] page last free stack trace: [ 189.436418][ T6981] free_unref_page_prepare+0x12a6/0x15b0 [ 189.442062][ T6981] free_unref_page+0x33/0x3e0 [ 189.446744][ T6981] qlist_free_all+0x76/0xe0 [ 189.451256][ T6981] kasan_quarantine_reduce+0x156/0x170 [ 189.456827][ T6981] __kasan_slab_alloc+0x1f/0x70 [ 189.461681][ T6981] slab_post_alloc_hook+0x52/0x3a0 [ 189.466800][ T6981] __kmem_cache_alloc_node+0x137/0x260 [ 189.472267][ T6981] __kmalloc+0xa1/0x230 [ 189.476455][ T6981] load_elf_binary+0x2ec/0x2720 [ 189.481317][ T6981] bprm_execve+0x96a/0x18a0 [ 189.485820][ T6981] kernel_execve+0x8e6/0xa10 [ 189.490414][ T6981] call_usermodehelper_exec_async+0x22f/0x370 [ 189.496672][ T6981] ret_from_fork+0x1f/0x30 [ 189.501097][ T6981] [ 189.503419][ T6981] Memory state around the buggy address: [ 189.509047][ T6981] ffff88807bdecf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 189.517211][ T6981] ffff88807bdecf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 189.525368][ T6981] >ffff88807bded000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 189.533437][ T6981] ^ [ 189.540108][ T6981] ffff88807bded080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 189.548262][ T6981] ffff88807bded100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 189.556320][ T6981] ================================================================== [ 189.572049][ T6981] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 189.579307][ T6981] CPU: 0 PID: 6981 Comm: syz.0.1007 Tainted: G W 6.1.121-syzkaller #0 [ 189.588907][ T6981] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 189.598993][ T6981] Call Trace: [ 189.602304][ T6981] [ 189.605272][ T6981] dump_stack_lvl+0x1e3/0x2cb [ 189.610344][ T6981] ? nf_tcp_handle_invalid+0x642/0x642 [ 189.615895][ T6981] ? panic+0x764/0x764 [ 189.620020][ T6981] ? preempt_schedule_common+0xa6/0xd0 [ 189.625521][ T6981] ? vscnprintf+0x59/0x80 [ 189.629894][ T6981] panic+0x318/0x764 [ 189.633867][ T6981] ? check_panic_on_warn+0x1d/0xa0 [ 189.639011][ T6981] ? memcpy_page_flushcache+0xfc/0xfc [ 189.644422][ T6981] ? _raw_spin_unlock_irqrestore+0x128/0x130 [ 189.650450][ T6981] ? _raw_spin_unlock+0x40/0x40 [ 189.655432][ T6981] check_panic_on_warn+0x7e/0xa0 [ 189.660420][ T6981] ? ext4_xattr_set_entry+0x8ca/0x1f30 [ 189.665915][ T6981] end_report+0x66/0x110 [ 189.670192][ T6981] kasan_report+0x143/0x160 [ 189.674731][ T6981] ? __x64_sys_unlink+0x45/0x50 [ 189.679636][ T6981] ? ext4_xattr_set_entry+0x8ca/0x1f30 [ 189.685137][ T6981] ? ext4_xattr_set_entry+0x8ca/0x1f30 [ 189.690630][ T6981] kasan_check_range+0x27f/0x290 [ 189.695595][ T6981] ? ext4_xattr_set_entry+0x8ca/0x1f30 [ 189.701088][ T6981] memmove+0x25/0x60 [ 189.705024][ T6981] ext4_xattr_set_entry+0x8ca/0x1f30 [ 189.710348][ T6981] ? ext4_xattr_inode_lookup_create+0x1ff0/0x1ff0 [ 189.716803][ T6981] ? ext4_xattr_block_set+0x884/0x3920 [ 189.722349][ T6981] ? kmemdup+0x41/0x60 [ 189.726539][ T6981] ? memcpy+0x3c/0x60 [ 189.730555][ T6981] ext4_xattr_block_set+0xa58/0x3920 [ 189.735878][ T6981] ? __getblk_gfp+0x50/0xa20 [ 189.740507][ T6981] ? _raw_spin_unlock+0x24/0x40 [ 189.745410][ T6981] ? ext4_xattr_block_find+0x510/0x510 [ 189.750921][ T6981] ? ext4_xattr_block_find+0x468/0x510 [ 189.756528][ T6981] ext4_expand_extra_isize_ea+0x10d5/0x1bb0 [ 189.762497][ T6981] ? ext4_xattr_set+0x3d0/0x3d0 [ 189.767555][ T6981] ? rwsem_write_trylock+0x166/0x210 [ 189.772894][ T6981] ? clear_nonspinnable+0x60/0x60 [ 189.777957][ T6981] ? ext4_reserve_inode_write+0x2b3/0x360 [ 189.783803][ T6981] ? dquot_initialize_needed+0x128/0x320 [ 189.789519][ T6981] __ext4_expand_extra_isize+0x2f7/0x3d0 [ 189.795284][ T6981] __ext4_mark_inode_dirty+0x54f/0x920 [ 189.800796][ T6981] ? ext4_blocks_for_truncate+0x270/0x270 [ 189.806563][ T6981] ? current_time+0x1ba/0x300 [ 189.811335][ T6981] ? atime_needs_update+0x7b0/0x7b0 [ 189.816653][ T6981] __ext4_unlink+0x6ed/0xba0 [ 189.821285][ T6981] ? __ext4_read_dirblock+0x890/0x890 [ 189.826762][ T6981] ? rwsem_write_trylock+0x166/0x210 [ 189.832067][ T6981] ? inode_permission+0xf7/0x450 [ 189.837012][ T6981] ? clear_nonspinnable+0x60/0x60 [ 189.842053][ T6981] ext4_unlink+0x1d5/0x670 [ 189.846479][ T6981] vfs_unlink+0x359/0x5f0 [ 189.850826][ T6981] do_unlinkat+0x4a5/0x820 [ 189.855259][ T6981] ? fsnotify_link_count+0xf0/0xf0 [ 189.860401][ T6981] __x64_sys_unlink+0x45/0x50 [ 189.865181][ T6981] do_syscall_64+0x3b/0xb0 [ 189.869620][ T6981] ? clear_bhb_loop+0x45/0xa0 [ 189.874336][ T6981] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 189.880262][ T6981] RIP: 0033:0x7f021b585d29 [ 189.884691][ T6981] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 189.904659][ T6981] RSP: 002b:00007f021c388038 EFLAGS: 00000246 ORIG_RAX: 0000000000000057 [ 189.913084][ T6981] RAX: ffffffffffffffda RBX: 00007f021b775fa0 RCX: 00007f021b585d29 [ 189.921060][ T6981] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000000 [ 189.929039][ T6981] RBP: 00007f021b601aa8 R08: 0000000000000000 R09: 0000000000000000 [ 189.937031][ T6981] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 189.945007][ T6981] R13: 0000000000000000 R14: 00007f021b775fa0 R15: 00007fffb8c94bd8 [ 189.952988][ T6981] [ 189.956144][ T6981] Kernel Offset: disabled [ 189.960487][ T6981] Rebooting in 86400 seconds..