last executing test programs: 5.705916745s ago: executing program 3 (id=2301): pipe2(&(0x7f0000001cc0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x800) mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000080), 0x0, &(0x7f00000000c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@uname={'uname', 0x3d, '\xd0\xae\xde\xc1\xaa \xff\xd8\x1d\x1b\xf8\x93)!|\xb0X\xa3\x96\xed\xa2\xab@\xa2m\x93\xdd\b<\x00t\xdc\xabl\xab!\xae\x16\xc4\xcd\xf9{\xdc5_;A\xd2{eC\x014\\\xb3\xc4\xce\xc3yS2-\x01\xbe\xaarW\x96O\xd3\x0f\xe2\xd7/\x17\x1d\xa7.8\x9f8-\xea<\x8d\x91\x90j\xea\xd5\xd5\xae\xcc\xc0\x97\xef\x10\x92\xea\x98|+\x00\x00\x00\x00\x00\x00\x00\x00'}}]}}) 5.476260117s ago: executing program 3 (id=2303): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x9, 0x4, 0x1, 0x4}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f0000000380)=@raw={'raw\x00', 0x3c1, 0x3, 0x318, 0x168, 0x6c, 0x0, 0x168, 0x0, 0x248, 0x258, 0x258, 0x248, 0x258, 0x3, 0x0, {[{{@ipv6={@rand_addr=' \x01\x00', @private0, [], [], 'wlan1\x00', 'ip6gre0\x00', {}, {}, 0x11, 0x0, 0x0, 0x48}, 0x0, 0x100, 0x168, 0x0, {}, [@common=@inet=@l2tp={{0x30}, {0x0, 0x0, 0x2, 0x0, 0x5}}, @inet=@rpfilter={{0x28}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0xfffffffd, 'netbios-ns\x00', 'syz1\x00'}}}, {{@ipv6={@dev, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, [], [], 'netdevsim0\x00', 'lo\x00'}, 0x0, 0xa8, 0xe0}, @common=@inet=@SET3={0x38}}], {{'\x00', 0x0, 0xa8, 0xd0, 0x0, {0x0, 0x2001}}, {0x28}}}}, 0x378) 5.415223777s ago: executing program 3 (id=2305): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000b80)=ANY=[@ANYBLOB], 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0xd, 0x10, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bf8100000000000007080000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018210000", @ANYRES32=r0, @ANYBLOB="0000000002000000b70500000800000085000000c200000095", @ANYRES64=r0, @ANYRES8=r0], &(0x7f0000000300)='GPL\x00', 0x4, 0x2c, &(0x7f00000014c0)=""/4098, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x8e, 0x10, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffe65}, 0x2f) 5.292114358s ago: executing program 3 (id=2308): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873f1a103c87f69"], &(0x7f0000000100)='GPL\x00'}, 0x41) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000340)='kfree\x00', r0, 0x0, 0x4}, 0x18) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4) connect$inet6(r1, &(0x7f0000000200)={0xa, 0x0, 0x2, @loopback}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r1, 0x6, 0x1f, &(0x7f00000000c0), 0x4) setsockopt$inet6_tcp_TLS_TX(r1, 0x11a, 0x1, &(0x7f0000000100)=@gcm_128={{0x304}, "87ee8ac6c46dad33", "2607080d7f4fcf00fd4ef2dece6c7c58", "000600", "230000fff600fcff"}, 0x28) sendmsg$inet(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000009c0)=[{&(0x7f0000000240)='n', 0x1}], 0x1}, 0x0) 5.136496519s ago: executing program 3 (id=2311): r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='\x00', 0x89901) r1 = fspick(r0, &(0x7f0000000000)='.\x00', 0x0) fsconfig$FSCONFIG_SET_FLAG(r1, 0x0, &(0x7f0000000080)='ro\x00', 0x0, 0x0) r2 = dup(r1) fsconfig$FSCONFIG_CMD_RECONFIGURE(r2, 0x7, 0x0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r1, 0x7, 0x0, 0x0, 0x0) 4.84209249s ago: executing program 3 (id=2313): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="18080000000001000000000000000000851000000600000018000000", @ANYRES32=0x0, @ANYBLOB="00000000000100006608000000000000180000000000000000000000000000009500000000000000360a020000000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b50a000000000000850000000600000095"], &(0x7f0000000000)='GPL\x00', 0xa, 0x0, 0x0, 0x0, 0x8}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000a80)='kfree\x00', r0, 0x0, 0xfffffffffffffffd}, 0x18) mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0xb, 0x59032, 0xffffffffffffffff, 0x0) r1 = getpid() setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x33, &(0x7f00000a2000)={0x1, &(0x7f0000f07000)=[{0x6}]}, 0x10) process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) 4.179129894s ago: executing program 1 (id=2320): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000000)={r0, &(0x7f00000004c0), 0x0}, 0x20) 4.002708356s ago: executing program 1 (id=2323): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFCONF(r0, 0x8912, 0x0) 3.797253147s ago: executing program 1 (id=2324): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x13, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x38, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r1}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000200)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x7]}, 0x8, 0x80800) 3.588388178s ago: executing program 1 (id=2329): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0700000004000000000100000100000028"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x8, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18) openat$autofs(0xffffffffffffff9c, 0x0, 0x40, 0x0) syz_emit_ethernet(0xd2, &(0x7f0000000540)=ANY=[@ANYBLOB="3fe10e28ae58aaaaaaaaaaaa86dd60000000009c8800fe800000000000000000000000000040ff02000000000000000000000000000100000000009c9078"], 0x0) 3.37043391s ago: executing program 1 (id=2332): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r1}, 0x18) r2 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_MCAST_JOIN_GROUP(r2, 0x0, 0x2a, &(0x7f0000000180)={0x2, {{0x2, 0x0, @multicast2}}}, 0x88) setsockopt$inet_MCAST_MSFILTER(r2, 0x0, 0x30, &(0x7f00000012c0)=ANY=[@ANYBLOB="020000000000000002000000e0000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000002000000e0000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000007f00000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000002000000e000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002"], 0x290) 3.35423146s ago: executing program 0 (id=2333): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYRESHEX=0x0], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0xfffffffd, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1000000}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000001480)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x5, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) r2 = gettid() ptrace$ARCH_ENABLE_TAGGED_ADDR(0x1e, r2, 0x4, 0x4002) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r3, 0x5452, &(0x7f0000b28000)=0x20000000000000ff) fcntl$setsig(r3, 0xa, 0x12) poll(&(0x7f0000b2c000)=[{r4}], 0x2c, 0xffffffffffbffff8) r5 = dup2(r3, r4) fcntl$setown(r3, 0x8, r2) tkill(r2, 0x13) bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffff5, 0x0, 0x0, 0x0}, 0x94) r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="0900000005000000000200004000000000000000", @ANYBLOB], 0x50) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000200), &(0x7f00000003c0), 0x7fff, r6}, 0x38) bpf$MAP_GET_NEXT_KEY(0x15, &(0x7f00000001c0)={r6, &(0x7f0000000080), 0x0}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x13, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x50, '\x00', 0x0, @fallback=0x2c, r5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) futimesat(0xffffffffffffffff, 0x0, 0x0) socket$can_bcm(0x1d, 0x2, 0x2) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x1, &(0x7f0000000180)=ANY=[@ANYRES16, @ANYRES32=r1], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x45, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r7 = socket(0x28, 0x5, 0x0) connect$vsock_stream(r7, &(0x7f0000000080)={0x28, 0x0, 0x0, @local}, 0x10) r8 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]}) close_range(r8, 0xffffffffffffffff, 0x0) 3.1866633s ago: executing program 0 (id=2334): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000080b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='workqueue_queue_work\x00', r1}, 0x18) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94) 3.185865421s ago: executing program 1 (id=2335): r0 = socket(0x10, 0x3, 0x0) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000001340)={0x11, 0x10, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r2) openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040), 0x303006, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000005840)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{}, 0x3548, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb}}}]}, 0x78}}, 0x0) r4 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="0300000004000000040000000a"], 0x48) r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000240)=@framed={{}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r5}}]}, &(0x7f0000000200)='GPL\x00', 0x2, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000ac0)=ANY=[@ANYBLOB="b700000081000000bfa30000000000000703000005feffff720af0fff8ffffff71a4f0ff000000002d030000000000001d400500000000004704000001ed000072030000000000001d44000000000000db0a00fee10000007303000000000000b5000000000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f62e96753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e9673560000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b393cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6432399f87a7a14245bbd796a09313b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff28861aac8302d268569dd42e194e330c7aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3be18a1a2b65079cc1c7bc46dd12305a1ae9dd19e8d525206c0a728cfd42193abe8130bc01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e38534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ad1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94) r7 = socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_NEWLINK(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000001c0)={0x38, 0x1403, 0x1, 0x0, 0x0, "", [{{0x9, 0x2, 'syz1\x00'}, {0x8, 0x41, 'rxe\x00'}, {0x14, 0x33, 'vcan0\x00'}}]}, 0x38}}, 0x0) r8 = socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_RES_MR_GET(r8, 0x0, 0x4) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r6}, 0x10) r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x8, &(0x7f00000004c0)=ANY=[@ANYBLOB="1809000000000000000000000001000018120000", @ANYRES32=r4, @ANYBLOB="0000000000000000b703000000000000850000000c000000b70000000000000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000005c0)={{r4}, &(0x7f0000000540), &(0x7f0000000580)=r9}, 0x20) bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000007c0)={r4, &(0x7f0000000780)}, 0x20) sendmsg$nl_route_sched(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) 3.016374112s ago: executing program 0 (id=2336): socket$kcm(0x11, 0xa, 0x300) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f0000000380)=ANY=[@ANYBLOB="1800000000000700000000000000000095"], &(0x7f0000000040)='syzkaller\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='sock_rcvqueue_full\x00', r0}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f0000000380)=ANY=[], &(0x7f0000000040)='syzkaller\x00'}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r1 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03003f000b05d25a806c8c6f94f90524fc6010000200d7070000053582c137153e37000c0980fc0b10000300", 0x33fe0}], 0x1}, 0x0) 2.323242746s ago: executing program 0 (id=2337): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000008c0)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000770000000e000000850000002a00000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f00000003c0)='io_uring_register\x00', r0}, 0x18) r1 = io_uring_setup(0x53b5, &(0x7f0000000280)={0x0, 0xbf6b, 0x1000, 0x2, 0x30f}) io_uring_register$IORING_REGISTER_RING_FDS(r1, 0x14, &(0x7f0000000000), 0x1) 2.122713347s ago: executing program 0 (id=2339): bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f0000001ac0)=ANY=[@ANYBLOB="b702000000000000bfa30000000000000703000000feffff7a0af0fff8fff7ff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001000000b70500000000e000720a23fe000000008500000012000000b70000000000000095000000000000004e6258941c823b7505608556ba4ababb42684e890d31ae450400373a0a5447a801b8c1c4f0c4bd97c6555e61345400f9bd32abeb9ade0105000000000000a21902ff07000094a2b51c21df74924f5436a6ed89b98f75e800230c49c90fe1336481f3b92a63336c36fcd745d61d7739c6554ca201000000bebbe8282f8b1e26407437a397bf8f50e87ed4d27adfd876bffc402887781979461c4363bc5c9b6202ea471428197ef88bc333fbcec0ea4334f1ddb9d679ae95a90fd41d528f58d305000000435883df6c10ce86188c92292b2d0226082960be682836bdff8b0971f2a5405e453228e7b1005bd73479358a90df3e481947de6453736aa572158af6ea63d6d418fbbd2bba050000001da000ef78df03000000d19913a5fb03c79dac2e489f68127892658115e7ffb588a71dffffff951b8535167ab8069a2c92a3aa18e22517000026637b4c34bf2d0aa304ed42bf70480e9e97203fd169411f37fddd1f7fbe16dbbc0f307bceb5064f388a0350c3dc928b0e638b1e2b2a9d25264233e5d45eb377f56b95241024dbe30f67191c2b56b70328d6d3215dfffe5d89af1d10599bd494d921d1fb2db99b6aba0fa978f41eb1d4c553e5a9326ed550c13f8dd36716a899a1e79234294707c5312b924d142c17b20bb80ee202222c03fa84ccc374e717f694018630366397266090a82343aedfbf7afe892390c2eb775b0d16073da2229958db05de7df6ab7600004000010000006d8081cb3bf251d906c00da0e23b50465f8394820be571e3592d0000c7ef10fdc462e7040e7074ec43aa461fc54401a76406db718d4efd6c1bd10ce1d087cf9bba461162555a"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8}, 0x94) r0 = syz_open_dev$evdev(&(0x7f0000000000), 0x2, 0x0) ioctl$EVIOCGREP(r0, 0x80084503, &(0x7f0000001900)=""/94) 1.911372368s ago: executing program 0 (id=2341): bpf$PROG_LOAD(0x5, &(0x7f0000000cc0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=ANY=[], &(0x7f0000000000)='GPL\x00', 0xa, 0x0, 0x0, 0x0, 0x8}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000a80)='kfree\x00', r0, 0x0, 0xfffffffffffffffd}, 0x18) kexec_load(0x4, 0xa, 0x0, 0x0) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_NEWLINK(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)={0x38, 0x1403, 0x1, 0x70bd2d, 0x25dfdbfb, "", [{{0x9, 0x2, 'syz0\x00'}, {0x8, 0x41, 'rxe\x00'}, {0x14, 0x33, 'bond_slave_0\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x24000811}, 0xe000000) r3 = syz_open_procfs(0x0, &(0x7f0000001380)) getdents(r3, &(0x7f0000002000)=""/4096, 0x1000) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8a}, 0x94) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x69, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000c}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000300)='kfree\x00', r6}, 0x10) r7 = syz_genetlink_get_family_id$fou(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$FOU_CMD_ADD(r4, &(0x7f0000000440)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, r7, 0x209}, 0x14}, 0x1, 0x0, 0x0, 0x4008080}, 0x0) r8 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000200), 0xffffffffffffffff) r9 = gettid() r10 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TUNSETIFF(r10, 0x400454ca, &(0x7f0000000300)={'pim6reg1\x00', 0x1}) r11 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x589b}, 0x50) r12 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000200)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r11}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r12, 0x0, 0x3}, 0x18) close(r10) ustat(0x3, &(0x7f0000000040)) r13 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r13, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000580)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a34000000140a0703000000000000000002000b09080003400000000a0900010073797a30000000000c000640000008000000000214000000020a01", @ANYBLOB="996f7aae27ab931b5e8bcb0d2f20186b9c87a0aec3f7e5f396e0c84a3d22e5936c20cf81a31c392e06adacc178cfb94ec78c14f3e32a2b385ac7566c01ce6b7af977fc71ec3d5ffd908c4599a685c979db9f3182b375fa193cb67ea3dce6fe1a3b0efdfad9c769c8d491175448617d2298e9ce", @ANYRESDEC=r5], 0x70}}, 0x0) sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)={0x24, r8, 0x1, 0x70bd28, 0x25dfdbff, {}, [@NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x1}, @NL802154_ATTR_PID={0x8, 0x1c, r9}]}, 0x24}, 0x1, 0x0, 0x0, 0x20000040}, 0x4000000) 1.829142949s ago: executing program 2 (id=2342): mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0) r0 = memfd_create(&(0x7f0000000080)=',\xea\x00', 0x4) ftruncate(r0, 0x7000000) preadv(r0, &(0x7f00000000c0)=[{&(0x7f0000001380)=""/4090, 0xffa}], 0x1, 0x5, 0x4) 1.712927849s ago: executing program 2 (id=2343): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000001c0)={0x1, &(0x7f0000000200)=[{0x200000000006, 0x0, 0xfd, 0x7ffc0001}]}) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000001000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x18) tgkill(0x0, 0x0, 0x0) 1.540093981s ago: executing program 2 (id=2344): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x10000, &(0x7f0000000080)={[{@nombcache}, {@delalloc}, {@data_err_ignore}, {@nojournal_checksum}, {@usrjquota}, {@bsdgroups}]}, 0x1, 0x4cd, &(0x7f0000000c80)="$eJzs3M9vFGUfAPDvbHdpgZfXioiCKAU0Nia2UFA4eMHExIMmRjzIsWkrQRYwtAchREpi8Ezi3Xg03jTxqkfjyT8ADx5MDAkxXABPa2Z3pt3ur+7CtqXs55Ns+zwzz8zzPDPzzD77PDsbwMAaS/8kEf+LiFsR8VQtujLBWO3f/btXZx7cvToTi5XKqX+Sarp7aTyTb7c9i4wXIgpfJg07rJm/fOXcdLk8dymLTy6c/2xy/vKV18+enz4zd2buwtSJE8eOHjn+5tQbvVeqRX5pve7t/eLivj3vnr75/kwxXz6S/a+vR1vF3oox1mHdK73t6rG3oy6cNB+na+taGLo2kl3WpbT9Xy0fPL3RBQLWTaVSqQy3X71YaXS9aQmwaSWx0SUANkb+Rp9+/s1f69T1eCzcOVn7AJTW+372qq0pRiFLU2r4fNtPYxHx8eK/36Sv6DQO8ecaFQAAGDi/nMx7go39v0Lsrkv3/2wOZTQino6InRHxTETsiohnI6ppn4uI5xszSCIqHfLf1RBfzv/HbBahcPuRK9lB2v97K5vbWtn/y3t/MTqUxXZE5B3mucPZMRmP0vAnZ8tzR9rsf8sq+df3/9JXmn/eF8zKcbvYMEA3O70w/XC1bXbnesTeYmP9k2J64vJpnCQi9kTE3h72O1oXPvvad/uWIqWV6Vavf1WlxZRez/NxrVS+jXi1dv4XY8X5X84x6Tw/OTkS5bnDk+lVcLhlHr/9fuODdvmvWv+f/mrc5J3jP5961GovSc//trrrP/L52+X6jyYRydJ87XxEZai3PG788VV1v2OHmtc97PW/JfmoGs7b1+fTCwuXjkRsSd5rXj61vG0ez9On9R8/1Lr978y2SY/ECxGRXsQvRsRLEbE/K/uBiDgYES2qtuTXt1/+tN26Lq//NZPWf7bl/W/F+V+er+8ykG+cLhk6d+DWgzY3j+7O/7FqaDxb0vr+l6y4RXRb0kc7egAAALA5FKL63f/CxFK4UJiYqI0B7YpthfLF+YX9EXFhtvaMwGiUCvlIV208uJTk45+jdfGphvjRbNz466Gt1fjEzMXy7EZXHgbc9mqbT5raf+rvHsd5gU2oD/NowCa1WvvffXOdCgKsO+//MLjq2v9imySLvikDTybv/zC4WrX/a/F9x2cX3DNg86toyzDQtH8YXMX4cClcfey55dO2wJPI+z8MpF6f6+8tUBluvWokWvxiwMjaFGNri7w2JJD2rPq4w1JEdJd468NkkXcB2//CQ6G3HQ5H86qh6LRV0sPvOOSB9KismvjM7r5f/PlvovT7svlhuZ2WujzdfQpsyO0IAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg7/4LAAD///QJ1ng=") mkdir(&(0x7f0000000180)='./bus\x00', 0x0) getsockopt$sock_buf(0xffffffffffffffff, 0x1, 0x1c, 0x0, &(0x7f00000000c0)) chdir(&(0x7f0000000100)='./bus\x00') r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x0, 0xc, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, 0x0, &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) semctl$IPC_STAT(0x0, 0x0, 0x2, &(0x7f0000000240)=""/10) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000cc0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc0200000000000000ae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fc40848228567ffb400000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df2624f56da648d28ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71400fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada10eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff00000000000f000000ef0000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18aba6b16455a66c3b84b138efc20a546d3d5227e23b03f2a834391ade2ff3e93ee296c4082ee73e7c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0847a1ff2f7fc3c2b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f05c7f0be31491eb8c9ff68236c8600040000000000000000000066e034c81c3cab64e4fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f224baf1221c15fa12313ffbfa7c2730309f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca205081173bd03c4754fc4674812daab482fd390a1c903b5d28a1eb247b5837d7603b92495d5c569f6433c3fca5206cb0000003fdbbd3892c52c2e7612e05de32322e980a3d69931e2c9312dd517c96f2ee90362476ed853c4c9b7d4ebf13cbaa795860e92a3d7d004f2c491db38eb769f094d5d48b262cc35c40682138cf13a49aa9f27abec00002f01ba1251aaf2385416ca719300"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x70) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xd, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x61, 0x14, 0x64}, [@ldst={0x5}]}, 0x0, 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sock_ops}, 0x94) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x58) r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x1, 0x0) pwrite64(r5, &(0x7f0000000140)='2', 0xfdef, 0xe7c) 371.278028ms ago: executing program 2 (id=2345): socket$kcm(0x11, 0xa, 0x300) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f0000000380)=ANY=[@ANYBLOB="1800000000000700000000000000000095"], &(0x7f0000000040)='syzkaller\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='sock_rcvqueue_full\x00', r0}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f0000000380)=ANY=[], &(0x7f0000000040)='syzkaller\x00'}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r1 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03003f000b05d25a806c8c6f94f90524fc6010000200d7070000053582c137153e37000c0980fc0b10000300", 0x33fe0}], 0x1}, 0x0) 73.5076ms ago: executing program 2 (id=2346): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000b80)=ANY=[@ANYBLOB="02000000040000"], 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0xd, 0x10, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bf8100000000000007080000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018210000", @ANYRES32=r0, @ANYBLOB="0000000002000000b70500000800000085000000c200000095", @ANYRES64=r0, @ANYRES8=r0], &(0x7f0000000300)='GPL\x00', 0x4, 0x2c, &(0x7f00000014c0)=""/4098, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x8e, 0x10, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffe65}, 0x2f) 0s ago: executing program 2 (id=2347): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb70200"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_MAP_FREEZE(0x16, &(0x7f00000005c0)=r0, 0x4) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x94) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) shutdown(r1, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f00000001c0)={0x0, 0x1c, &(0x7f0000000340)=[@in6={0xa, 0x4e20, 0x6, @dev={0xfe, 0x80, '\x00', 0x32}, 0x9}]}, &(0x7f0000000480)=0x10) kernel console output (not intermixed with test programs): =9758 comm="syz.0.1417" exe="/root/syz-executor" sig=0 arch=c000003e syscall=228 compat=0 ip=0x7f2ef558f6c9 code=0x7ffc0000 [ 235.546359][ T27] audit: type=1326 audit(235.232:1994): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9758 comm="syz.0.1417" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ef558f6c9 code=0x7ffc0000 [ 235.572706][ T27] audit: type=1326 audit(235.232:1995): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9758 comm="syz.0.1417" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ef558f6c9 code=0x7ffc0000 [ 235.598277][ T27] audit: type=1326 audit(235.232:1996): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9758 comm="syz.0.1417" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ef558f6c9 code=0x7ffc0000 [ 235.757608][ T27] audit: type=1326 audit(235.232:1997): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9758 comm="syz.0.1417" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2ef558f6c9 code=0x7ffc0000 [ 236.148382][ T27] audit: type=1326 audit(235.232:1998): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9758 comm="syz.0.1417" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ef558f6c9 code=0x7ffc0000 [ 236.241866][ T27] audit: type=1326 audit(235.232:1999): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9758 comm="syz.0.1417" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ef558f6c9 code=0x7ffc0000 [ 236.303044][ T5781] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 237.393326][ T9787] netlink: 'syz.2.1428': attribute type 10 has an invalid length. [ 237.444981][ T9787] macvlan1: entered allmulticast mode [ 237.450455][ T9787] veth1_vlan: entered allmulticast mode [ 237.464738][ T9787] team0: Device macvlan1 is up. Set it down before adding it as a team port [ 237.512974][ T9789] loop3: detected capacity change from 0 to 512 [ 237.553068][ T9789] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 237.601277][ T9789] EXT4-fs error (device loop3): ext4_orphan_get:1399: inode #15: comm syz.3.1429: iget: bad i_size value: 38620345925642 [ 237.674284][ T9789] EXT4-fs error (device loop3): ext4_orphan_get:1404: comm syz.3.1429: couldn't read orphan inode 15 (err -117) [ 237.698069][ T9789] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 237.953405][ T9805] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1434'. [ 238.013765][ T9805] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1434'. [ 238.408259][ T9811] veth0: entered promiscuous mode [ 238.438428][ T9811] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1436'. [ 238.450138][ T9796] EXT4-fs error (device loop3): ext4_validate_block_bitmap:430: comm ext4lazyinit: bg 0: block 5: invalid block bitmap [ 238.492346][ T9806] loop2: detected capacity change from 0 to 2048 [ 238.600096][ T9811] veth0 (unregistering): left promiscuous mode [ 238.653771][ T9805] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1434'. [ 238.721047][ T5780] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 238.775946][ T9806] Alternate GPT is invalid, using primary GPT. [ 238.782310][ T9806] loop2: p2 p3 p7 [ 238.967927][ T5781] __loop_clr_fd: partition scan of loop2 failed (rc=-16) [ 238.971290][ T5775] blk_print_req_error: 29 callbacks suppressed [ 238.971304][ T5775] I/O error, dev loop2, sector 408 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 238.975484][ T6595] I/O error, dev loop2, sector 208 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 238.981314][ T7300] I/O error, dev loop2, sector 608 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 239.009367][ T5775] I/O error, dev loop2, sector 408 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 239.011754][ T7300] I/O error, dev loop2, sector 608 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 239.029412][ T7300] buffer_io_error: 28 callbacks suppressed [ 239.029445][ T7300] Buffer I/O error on dev loop2p2, logical block 8, async page read [ 239.043805][ T7300] I/O error, dev loop2, sector 609 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 239.053294][ T7300] Buffer I/O error on dev loop2p2, logical block 9, async page read [ 239.242183][ T7300] I/O error, dev loop2, sector 610 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 239.293948][ T6595] I/O error, dev loop2, sector 208 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 239.392146][ T5775] Buffer I/O error on dev loop2p7, logical block 8, async page read [ 239.524783][ T7300] Buffer I/O error on dev loop2p2, logical block 10, async page read [ 239.615825][ T6595] Buffer I/O error on dev loop2p3, logical block 8, async page read [ 239.623951][ T6595] I/O error, dev loop2, sector 209 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 239.633347][ T6595] Buffer I/O error on dev loop2p3, logical block 9, async page read [ 239.646113][ T6595] I/O error, dev loop2, sector 210 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 239.667311][ T5775] Buffer I/O error on dev loop2p7, logical block 9, async page read [ 239.682580][ T7300] Buffer I/O error on dev loop2p2, logical block 11, async page read [ 239.691763][ T9820] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1439'. [ 239.730641][ T5775] Buffer I/O error on dev loop2p7, logical block 10, async page read [ 239.739122][ T6595] Buffer I/O error on dev loop2p3, logical block 10, async page read [ 239.800723][ T9828] lo speed is unknown, defaulting to 1000 [ 239.811306][ T9820] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1439'. [ 239.908555][ T9830] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 239.926834][ T9830] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 239.956366][ T6595] udevd[6595]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory [ 239.962559][ T9834] loop3: detected capacity change from 0 to 512 [ 239.968503][ T7300] udevd[7300]: inotify_add_watch(7, /dev/loop2p2, 10) failed: No such file or directory [ 239.973481][ T5775] udevd[5775]: inotify_add_watch(7, /dev/loop2p7, 10) failed: No such file or directory [ 240.019151][ T9834] EXT4-fs: Ignoring removed bh option [ 240.031688][ T9834] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem [ 240.076488][ T6096] udevd[6096]: inotify_add_watch(7, /dev/loop2p7, 10) failed: No such file or directory [ 240.081165][ T6595] udevd[6595]: inotify_add_watch(7, /dev/loop2p2, 10) failed: No such file or directory [ 240.091017][ T5775] udevd[5775]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory [ 240.111055][ T9834] EXT4-fs (loop3): 1 truncate cleaned up [ 240.118153][ T9832] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1442'. [ 240.136663][ T9834] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 240.180914][ T9831] lo speed is unknown, defaulting to 1000 [ 240.305283][ T5780] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 240.339407][ T9844] 9pnet_fd: Insufficient options for proto=fd [ 240.584684][ T9846] mkiss: ax0: crc mode is auto. [ 242.590557][ T9828] lo speed is unknown, defaulting to 1000 [ 242.682217][ T9864] syzkaller0: entered promiscuous mode [ 242.694881][ T9864] syzkaller0: entered allmulticast mode [ 242.903353][ T9873] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 242.928797][ T9873] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 243.972223][ T9884] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1459'. [ 244.035867][ T9831] lo speed is unknown, defaulting to 1000 [ 245.268869][ T9906] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 245.276438][ T9906] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 245.285981][ T9906] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 245.293422][ T9906] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 245.299031][ T27] kauditd_printk_skb: 143 callbacks suppressed [ 245.299045][ T27] audit: type=1326 audit(245.262:2143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9908 comm="syz.1.1468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f664418f6c9 code=0x7ffc0000 [ 245.329836][ T27] audit: type=1326 audit(245.262:2144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9908 comm="syz.1.1468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f664418f6c9 code=0x7ffc0000 [ 245.372286][ T27] audit: type=1326 audit(245.272:2145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9908 comm="syz.1.1468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f664418f6c9 code=0x7ffc0000 [ 245.394440][ T27] audit: type=1326 audit(245.272:2146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9908 comm="syz.1.1468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f664418f6c9 code=0x7ffc0000 [ 245.417414][ T27] audit: type=1326 audit(245.272:2147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9908 comm="syz.1.1468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f664418f6c9 code=0x7ffc0000 [ 245.439892][ T27] audit: type=1326 audit(245.272:2148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9908 comm="syz.1.1468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f664418f6c9 code=0x7ffc0000 [ 245.448762][ T9907] mkiss: ax0: crc mode is auto. [ 245.470737][ T27] audit: type=1326 audit(245.272:2149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9908 comm="syz.1.1468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f664418f6c9 code=0x7ffc0000 [ 245.493771][ T27] audit: type=1326 audit(245.272:2150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9908 comm="syz.1.1468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f664418f6c9 code=0x7ffc0000 [ 245.518982][ T27] audit: type=1326 audit(245.272:2151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9908 comm="syz.1.1468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f664418f6c9 code=0x7ffc0000 [ 245.542213][ T27] audit: type=1326 audit(245.272:2152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9908 comm="syz.1.1468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f664418f6c9 code=0x7ffc0000 [ 248.659014][ T9965] loop2: detected capacity change from 0 to 512 [ 248.697416][ T9965] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 248.740159][ T9965] EXT4-fs error (device loop2): ext4_orphan_get:1399: inode #15: comm syz.2.1480: iget: bad i_size value: 38620345925642 [ 248.754036][ T9965] EXT4-fs error (device loop2): ext4_orphan_get:1404: comm syz.2.1480: couldn't read orphan inode 15 (err -117) [ 248.778917][ T9965] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 248.813062][ T9968] EXT4-fs error (device loop2): ext4_validate_block_bitmap:430: comm ext4lazyinit: bg 0: block 5: invalid block bitmap [ 248.901933][ T9970] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1481'. [ 249.084020][ T9975] loop3: detected capacity change from 0 to 128 [ 249.657233][ T9978] bio_check_eod: 1488 callbacks suppressed [ 249.657250][ T9978] syz.3.1483: attempt to access beyond end of device [ 249.657250][ T9978] loop3: rw=2049, sector=145, nr_sectors = 280 limit=128 [ 249.741073][ T5781] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 250.693889][ T9986] syz.2.1485[9986] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 250.694017][ T9986] syz.2.1485[9986] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 250.766448][ T9986] syz.2.1485[9986] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 250.806038][ T9986] syz.2.1485[9986] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 250.846519][ T9990] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1488'. [ 250.915500][ T9988] syzkaller0: entered promiscuous mode [ 250.937600][ T9988] syzkaller0: entered allmulticast mode [ 251.292775][T10006] loop2: detected capacity change from 0 to 512 [ 251.304968][T10006] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 251.343443][T10006] EXT4-fs error (device loop2): ext4_orphan_get:1399: inode #15: comm syz.2.1494: iget: bad i_size value: 38620345925642 [ 251.363548][T10005] loop3: detected capacity change from 0 to 2048 [ 251.376499][T10006] EXT4-fs error (device loop2): ext4_orphan_get:1404: comm syz.2.1494: couldn't read orphan inode 15 (err -117) [ 251.393973][T10006] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 251.667292][T10005] loop3: p2 p3 p7 [ 252.206308][T10012] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1492'. [ 252.368995][ T41] EXT4-fs error (device loop2): ext4_validate_block_bitmap:430: comm kworker/u4:2: bg 0: block 5: invalid block bitmap [ 252.389340][ T41] EXT4-fs (loop2): Delayed block allocation failed for inode 19 at logical offset 3 with max blocks 65 with error 28 [ 252.406510][ T5780] __loop_clr_fd: partition scan of loop3 failed (rc=-16) [ 252.416047][ T6595] blk_print_req_error: 17 callbacks suppressed [ 252.416064][ T6595] I/O error, dev loop3, sector 208 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 252.432208][ T7300] I/O error, dev loop3, sector 608 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 252.443362][ T5775] I/O error, dev loop3, sector 408 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 252.474059][ T7300] I/O error, dev loop3, sector 608 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 252.484586][ T41] EXT4-fs (loop2): This should not happen!! Data will be lost [ 252.484586][ T41] [ 252.491021][ T6595] I/O error, dev loop3, sector 208 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 252.494956][ T5775] I/O error, dev loop3, sector 408 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 252.513222][ T6595] buffer_io_error: 14 callbacks suppressed [ 252.513233][ T6595] Buffer I/O error on dev loop3p3, logical block 8, async page read [ 252.534557][ T7300] Buffer I/O error on dev loop3p2, logical block 8, async page read [ 252.535182][ T41] EXT4-fs (loop2): Total free blocks count 0 [ 252.553901][ T7300] I/O error, dev loop3, sector 609 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 252.560142][ T41] EXT4-fs (loop2): Free/Dirty block details [ 252.564681][ T6595] I/O error, dev loop3, sector 209 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 252.569318][ T5775] Buffer I/O error on dev loop3p7, logical block 8, async page read [ 252.583967][ T7300] Buffer I/O error on dev loop3p2, logical block 9, async page read [ 252.604611][ T41] EXT4-fs (loop2): free_blocks=0 [ 252.604664][ T6595] Buffer I/O error on dev loop3p3, logical block 9, async page read [ 252.609578][ T41] EXT4-fs (loop2): dirty_blocks=65 [ 252.609593][ T41] EXT4-fs (loop2): Block reservation details [ 252.609604][ T41] EXT4-fs (loop2): i_reserved_data_blocks=65 [ 252.616116][ T5781] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 252.624744][ T7300] I/O error, dev loop3, sector 610 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 252.658267][ T6595] I/O error, dev loop3, sector 210 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 252.680400][ T6595] Buffer I/O error on dev loop3p3, logical block 10, async page read [ 252.699630][ T6595] Buffer I/O error on dev loop3p3, logical block 11, async page read [ 252.708100][ T5775] Buffer I/O error on dev loop3p7, logical block 9, async page read [ 252.718265][ T7300] Buffer I/O error on dev loop3p2, logical block 10, async page read [ 252.737076][ T5775] Buffer I/O error on dev loop3p7, logical block 10, async page read [ 253.656611][ T6096] udevd[6096]: inotify_add_watch(7, /dev/loop3p7, 10) failed: No such file or directory [ 253.667653][ T5775] udevd[5775]: inotify_add_watch(7, /dev/loop3p3, 10) failed: No such file or directory [ 253.690113][ T7300] udevd[7300]: inotify_add_watch(7, /dev/loop3p2, 10) failed: No such file or directory [ 253.948869][T10032] loop2: detected capacity change from 0 to 128 [ 253.975176][T10031] syzkaller0: entered promiscuous mode [ 253.980697][T10031] syzkaller0: entered allmulticast mode [ 254.186905][T10032] syz.2.1502: attempt to access beyond end of device [ 254.186905][T10032] loop2: rw=2049, sector=145, nr_sectors = 424 limit=128 [ 254.204861][ T6672] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 254.344696][T10030] syz.2.1502: attempt to access beyond end of device [ 254.344696][T10030] loop2: rw=524288, sector=145, nr_sectors = 224 limit=128 [ 254.439309][ T6672] usb 4-1: device descriptor read/64, error -71 [ 254.456485][T10032] syz.2.1502: attempt to access beyond end of device [ 254.456485][T10032] loop2: rw=0, sector=145, nr_sectors = 8 limit=128 [ 254.505369][T10032] syz.2.1502: attempt to access beyond end of device [ 254.505369][T10032] loop2: rw=0, sector=145, nr_sectors = 8 limit=128 [ 254.535314][T10032] syz.2.1502: attempt to access beyond end of device [ 254.535314][T10032] loop2: rw=0, sector=145, nr_sectors = 8 limit=128 [ 254.549243][T10032] syz.2.1502: attempt to access beyond end of device [ 254.549243][T10032] loop2: rw=0, sector=145, nr_sectors = 8 limit=128 [ 254.563492][T10032] syz.2.1502: attempt to access beyond end of device [ 254.563492][T10032] loop2: rw=0, sector=145, nr_sectors = 8 limit=128 [ 254.578601][T10032] syz.2.1502: attempt to access beyond end of device [ 254.578601][T10032] loop2: rw=0, sector=145, nr_sectors = 8 limit=128 [ 254.593894][T10032] syz.2.1502: attempt to access beyond end of device [ 254.593894][T10032] loop2: rw=0, sector=145, nr_sectors = 8 limit=128 [ 254.898486][T10032] bio_check_eod: 126 callbacks suppressed [ 254.898530][T10032] syz.2.1502: attempt to access beyond end of device [ 254.898530][T10032] loop2: rw=0, sector=145, nr_sectors = 8 limit=128 [ 255.203040][T10032] syz.2.1502: attempt to access beyond end of device [ 255.203040][T10032] loop2: rw=0, sector=145, nr_sectors = 8 limit=128 [ 255.277093][T10032] syz.2.1502: attempt to access beyond end of device [ 255.277093][T10032] loop2: rw=0, sector=145, nr_sectors = 8 limit=128 [ 255.335981][T10032] syz.2.1502: attempt to access beyond end of device [ 255.335981][T10032] loop2: rw=0, sector=145, nr_sectors = 8 limit=128 [ 255.374057][ T6672] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 255.555021][ T6672] usb 4-1: device descriptor read/64, error -71 [ 255.785586][ T6672] usb usb4-port1: attempt power cycle [ 256.044126][ T1275] ieee802154 phy0 wpan0: encryption failed: -22 [ 256.644687][ T27] kauditd_printk_skb: 5 callbacks suppressed [ 256.644703][ T27] audit: type=1326 audit(256.602:2158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10059 comm="syz.2.1506" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ff418f6c9 code=0x7ffc0000 [ 256.705486][ T27] audit: type=1326 audit(256.602:2159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10059 comm="syz.2.1506" exe="/root/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7f5ff418f6c9 code=0x7ffc0000 [ 256.709558][ T6672] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 256.758255][ T27] audit: type=1326 audit(256.602:2160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10059 comm="syz.2.1506" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ff418f6c9 code=0x7ffc0000 [ 256.814027][ T27] audit: type=1326 audit(256.602:2161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10059 comm="syz.2.1506" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ff418f6c9 code=0x7ffc0000 [ 256.854623][ T6672] usb 4-1: device descriptor read/8, error -71 [ 256.891005][ T27] audit: type=1326 audit(256.612:2162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10059 comm="syz.2.1506" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f5ff418f6c9 code=0x7ffc0000 [ 257.180976][ T27] audit: type=1326 audit(257.142:2163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10059 comm="syz.2.1506" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ff418f6c9 code=0x7ffc0000 [ 257.195099][T10077] 9pnet_fd: Insufficient options for proto=fd [ 257.251490][ T27] audit: type=1326 audit(257.142:2164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10059 comm="syz.2.1506" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ff418f6c9 code=0x7ffc0000 [ 257.303634][ T27] audit: type=1326 audit(257.212:2165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10059 comm="syz.2.1506" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f5ff418f6c9 code=0x7ffc0000 [ 257.362177][ T27] audit: type=1326 audit(257.212:2166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10059 comm="syz.2.1506" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ff418f6c9 code=0x7ffc0000 [ 257.404627][ T27] audit: type=1326 audit(257.212:2167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10059 comm="syz.2.1506" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ff418f6c9 code=0x7ffc0000 [ 257.478418][ T9953] Set syz1 is full, maxelem 65536 reached [ 257.660686][T10087] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1510'. [ 257.831574][T10095] loop2: detected capacity change from 0 to 512 [ 257.868635][T10095] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 257.931188][T10095] EXT4-fs error (device loop2): ext4_orphan_get:1399: inode #15: comm syz.2.1512: iget: bad i_size value: 38620345925642 [ 257.962821][T10095] EXT4-fs error (device loop2): ext4_orphan_get:1404: comm syz.2.1512: couldn't read orphan inode 15 (err -117) [ 258.002099][T10095] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 258.245819][T10107] netlink: 3 bytes leftover after parsing attributes in process `syz.1.1516'. [ 258.283753][T10107] 0ªX¹¦À: renamed from caif0 [ 258.320068][T10107] 0ªX¹¦À: entered allmulticast mode [ 258.326920][T10107] A link change request failed with some changes committed already. Interface 60ªX¹¦À may have been left with an inconsistent configuration, please check. [ 259.019484][ T1319] EXT4-fs error (device loop2): ext4_validate_block_bitmap:430: comm kworker/u4:7: bg 0: block 5: invalid block bitmap [ 259.076376][ T1319] EXT4-fs (loop2): Delayed block allocation failed for inode 19 at logical offset 3 with max blocks 65 with error 28 [ 259.112648][ T1319] EXT4-fs (loop2): This should not happen!! Data will be lost [ 259.112648][ T1319] [ 259.137638][ T1319] EXT4-fs (loop2): Total free blocks count 0 [ 259.146224][ T1319] EXT4-fs (loop2): Free/Dirty block details [ 259.153055][ T1319] EXT4-fs (loop2): free_blocks=0 [ 259.166694][T10117] xt_CHECKSUM: CHECKSUM should be avoided. If really needed, restrict with "-p udp" and only use in OUTPUT [ 259.168853][ T1319] EXT4-fs (loop2): dirty_blocks=65 [ 259.185278][ T1319] EXT4-fs (loop2): Block reservation details [ 259.191373][ T1319] EXT4-fs (loop2): i_reserved_data_blocks=65 [ 259.218855][ T5781] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 259.219652][T10119] xt_TCPMSS: Only works on TCP SYN packets [ 259.291762][T10122] syz.1.1523[10122] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 259.291909][T10122] syz.1.1523[10122] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 259.307803][T10120] syzkaller0: entered promiscuous mode [ 259.327824][T10120] syzkaller0: entered allmulticast mode [ 259.944440][T10144] 9pnet_fd: Insufficient options for proto=fd [ 260.143813][T10150] syzkaller0: entered promiscuous mode [ 260.158010][T10150] syzkaller0: entered allmulticast mode [ 261.106156][T10160] syz.3.1539[10160] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 261.106286][T10160] syz.3.1539[10160] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 261.456317][T10168] syzkaller0: entered promiscuous mode [ 261.516197][T10168] syzkaller0: entered allmulticast mode [ 262.666324][ T27] kauditd_printk_skb: 44 callbacks suppressed [ 262.666339][ T27] audit: type=1326 audit(262.632:2212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10179 comm="syz.3.1546" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f602098f6c9 code=0x7ffc0000 [ 262.744689][ T27] audit: type=1326 audit(262.682:2213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10179 comm="syz.3.1546" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f602098f6c9 code=0x7ffc0000 [ 262.795974][ T27] audit: type=1326 audit(262.682:2214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10179 comm="syz.3.1546" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f602098f6c9 code=0x7ffc0000 [ 262.868918][ T27] audit: type=1326 audit(262.682:2215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10179 comm="syz.3.1546" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f602098f6c9 code=0x7ffc0000 [ 262.941993][ T27] audit: type=1326 audit(262.682:2216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10179 comm="syz.3.1546" exe="/root/syz-executor" sig=0 arch=c000003e syscall=103 compat=0 ip=0x7f602098f6c9 code=0x7ffc0000 [ 262.995816][ T27] audit: type=1326 audit(262.692:2217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10179 comm="syz.3.1546" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f602098f6c9 code=0x7ffc0000 [ 263.044691][ T27] audit: type=1326 audit(262.702:2218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10179 comm="syz.3.1546" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f602098f6c9 code=0x7ffc0000 [ 263.114847][ T27] audit: type=1326 audit(262.702:2219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10179 comm="syz.3.1546" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f602098f6c9 code=0x7ffc0000 [ 263.125796][T10191] 9pnet_fd: Insufficient options for proto=fd [ 263.165864][ T27] audit: type=1326 audit(262.702:2220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10179 comm="syz.3.1546" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f602098f6c9 code=0x7ffc0000 [ 263.234302][ T27] audit: type=1326 audit(262.812:2221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10181 comm="syz.0.1548" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ef558f6c9 code=0x7ffc0000 [ 263.753538][T10208] lo speed is unknown, defaulting to 1000 [ 264.359892][T10216] lo speed is unknown, defaulting to 1000 [ 264.830241][T10208] lo speed is unknown, defaulting to 1000 [ 265.227322][T10216] lo speed is unknown, defaulting to 1000 [ 265.505748][T10231] syzkaller0: entered promiscuous mode [ 265.511283][T10231] syzkaller0: entered allmulticast mode [ 265.694444][T10124] Set syz1 is full, maxelem 65536 reached [ 266.182992][T10241] 9pnet_fd: Insufficient options for proto=fd [ 266.801854][T10243] netlink: 'syz.2.1570': attribute type 2 has an invalid length. [ 266.812424][T10243] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.1570'. [ 267.623001][T10260] syzkaller0: entered promiscuous mode [ 267.648330][T10260] syzkaller0: entered allmulticast mode [ 267.764382][T10262] program syz.3.1579 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 267.952011][ T27] kauditd_printk_skb: 16 callbacks suppressed [ 267.952027][ T27] audit: type=1326 audit(267.912:2238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10266 comm="syz.1.1582" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f664418f6c9 code=0x7ffc0000 [ 267.962351][T10268] netlink: 80 bytes leftover after parsing attributes in process `syz.1.1582'. [ 268.012498][ T27] audit: type=1326 audit(267.912:2239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10266 comm="syz.1.1582" exe="/root/syz-executor" sig=0 arch=c000003e syscall=116 compat=0 ip=0x7f664418f6c9 code=0x7ffc0000 [ 268.063139][ T27] audit: type=1326 audit(267.912:2240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10266 comm="syz.1.1582" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f664418f6c9 code=0x7ffc0000 [ 268.105263][ T27] audit: type=1326 audit(267.912:2241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10266 comm="syz.1.1582" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f664418f6c9 code=0x7ffc0000 [ 268.105312][T10274] loop2: detected capacity change from 0 to 1024 [ 268.127688][ T27] audit: type=1326 audit(267.912:2242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10266 comm="syz.1.1582" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f664418f6c9 code=0x7ffc0000 [ 268.170884][T10274] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 268.185503][ T27] audit: type=1326 audit(267.912:2243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10266 comm="syz.1.1582" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f664418f6c9 code=0x7ffc0000 [ 268.207881][ T27] audit: type=1326 audit(267.912:2244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10266 comm="syz.1.1582" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f664418f6c9 code=0x7ffc0000 [ 268.225664][T10274] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 268.232027][T10278] 9pnet_fd: Insufficient options for proto=fd [ 268.246381][ T27] audit: type=1326 audit(267.912:2245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10266 comm="syz.1.1582" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f664418f6c9 code=0x7ffc0000 [ 268.277668][ T27] audit: type=1326 audit(267.912:2246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10266 comm="syz.1.1582" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f664418f6c9 code=0x7ffc0000 [ 268.288281][T10274] JBD2: no valid journal superblock found [ 268.300087][ T27] audit: type=1326 audit(267.932:2247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10266 comm="syz.1.1582" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f664418f6c9 code=0x7ffc0000 [ 268.331983][T10274] EXT4-fs (loop2): Could not load journal inode [ 268.666923][T10286] syzkaller0: entered promiscuous mode [ 268.681244][T10286] syzkaller0: entered allmulticast mode [ 268.707164][T10288] netlink: 'syz.1.1590': attribute type 2 has an invalid length. [ 268.715253][T10288] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.1590'. [ 269.393826][T10302] loop2: detected capacity change from 0 to 512 [ 269.463777][T10302] EXT4-fs (loop2): orphan cleanup on readonly fs [ 269.490605][T10302] EXT4-fs warning (device loop2): ext4_enable_quotas:7168: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix. [ 269.540096][T10302] EXT4-fs (loop2): Cannot turn on quotas: error -22 [ 269.549211][T10310] netlink: 'syz.3.1599': attribute type 2 has an invalid length. [ 269.565225][T10302] EXT4-fs error (device loop2): ext4_ext_check_inode:520: inode #13: comm syz.2.1596: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0) [ 269.566682][T10310] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.1599'. [ 269.598212][T10302] EXT4-fs error (device loop2): ext4_orphan_get:1404: comm syz.2.1596: couldn't read orphan inode 13 (err -117) [ 269.612163][T10302] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 269.725661][T10302] EXT4-fs (loop2): warning: mounting fs with errors, running e2fsck is recommended [ 269.741670][T10302] EXT4-fs warning (device loop2): read_mmp_block:115: Error -117 while reading MMP block 8 [ 269.769782][ T5781] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 269.911302][T10325] syzkaller0: entered promiscuous mode [ 269.918184][T10325] syzkaller0: entered allmulticast mode [ 270.223040][T10331] 9pnet_fd: Insufficient options for proto=fd [ 270.482921][T10333] lo speed is unknown, defaulting to 1000 [ 270.816847][T10339] netlink: 'syz.0.1611': attribute type 2 has an invalid length. [ 270.841952][T10339] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.1611'. [ 271.098705][T10345] syzkaller0: entered promiscuous mode [ 271.104237][T10345] syzkaller0: entered allmulticast mode [ 271.171724][T10333] lo speed is unknown, defaulting to 1000 [ 271.481102][T10356] loop2: detected capacity change from 0 to 2048 [ 271.575462][T10356] loop2: p1 p3 [ 271.579039][T10356] loop2: partition table partially beyond EOD, truncated [ 271.592326][T10356] loop2: p1 start 458752 is beyond EOD, truncated [ 271.599683][T10356] loop2: p3 start 8388352 is beyond EOD, truncated [ 271.633162][ T5157] loop2: p1 p3 [ 271.643089][ T5157] loop2: partition table partially beyond EOD, truncated [ 271.664927][ T5157] loop2: p1 start 458752 is beyond EOD, truncated [ 271.679437][ T5157] loop2: p3 start 8388352 is beyond EOD, truncated [ 271.730627][ T7300] blk_print_req_error: 17 callbacks suppressed [ 271.730644][ T7300] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 271.739162][T10367] netlink: 'syz.0.1625': attribute type 13 has an invalid length. [ 271.785902][T10367] gretap0: refused to change device tx_queue_len [ 271.794376][T10369] 9pnet_fd: Insufficient options for proto=fd [ 271.802821][T10367] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check. [ 272.109712][T10377] syzkaller0: entered promiscuous mode [ 272.123397][T10377] syzkaller0: entered allmulticast mode [ 273.242805][T10403] loop3: detected capacity change from 0 to 512 [ 273.296635][T10403] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 273.366101][T10403] EXT4-fs error (device loop3): ext4_orphan_get:1399: inode #15: comm syz.3.1638: iget: bad i_size value: 38620345925642 [ 273.386069][T10403] EXT4-fs error (device loop3): ext4_orphan_get:1404: comm syz.3.1638: couldn't read orphan inode 15 (err -117) [ 273.425873][T10403] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 274.100387][T10420] lo speed is unknown, defaulting to 1000 [ 274.349143][T10421] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1644'. [ 274.695514][T10420] lo speed is unknown, defaulting to 1000 [ 274.822537][ T49] EXT4-fs error (device loop3): ext4_validate_block_bitmap:430: comm kworker/u4:3: bg 0: block 5: invalid block bitmap [ 274.868240][ T49] EXT4-fs (loop3): Delayed block allocation failed for inode 19 at logical offset 3 with max blocks 65 with error 28 [ 274.883170][ T49] EXT4-fs (loop3): This should not happen!! Data will be lost [ 274.883170][ T49] [ 274.894566][ T49] EXT4-fs (loop3): Total free blocks count 0 [ 274.900602][ T49] EXT4-fs (loop3): Free/Dirty block details [ 274.916181][ T49] EXT4-fs (loop3): free_blocks=0 [ 274.921180][ T49] EXT4-fs (loop3): dirty_blocks=65 [ 274.926531][ T49] EXT4-fs (loop3): Block reservation details [ 274.932539][ T49] EXT4-fs (loop3): i_reserved_data_blocks=65 [ 274.975649][ T5780] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 275.005311][T10428] 9pnet_fd: Insufficient options for proto=fd [ 275.051511][ T27] kauditd_printk_skb: 78 callbacks suppressed [ 275.051526][ T27] audit: type=1326 audit(275.012:2326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10429 comm="syz.0.1648" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ef558f6c9 code=0x7ffc0000 [ 275.125865][ T27] audit: type=1326 audit(275.042:2327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10429 comm="syz.0.1648" exe="/root/syz-executor" sig=0 arch=c000003e syscall=116 compat=0 ip=0x7f2ef558f6c9 code=0x7ffc0000 [ 275.165097][ T27] audit: type=1326 audit(275.042:2328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10429 comm="syz.0.1648" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ef558f6c9 code=0x7ffc0000 [ 275.214918][ T27] audit: type=1326 audit(275.052:2329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10429 comm="syz.0.1648" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ef558f6c9 code=0x7ffc0000 [ 275.334354][T10439] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1657'. [ 275.783206][T10449] netlink: 'syz.0.1653': attribute type 2 has an invalid length. [ 275.799731][T10449] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.1653'. [ 276.595234][T10469] netlink: 'syz.0.1664': attribute type 2 has an invalid length. [ 276.614652][T10469] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.1664'. [ 276.854124][T10487] 9pnet_fd: Insufficient options for proto=fd [ 276.868873][T10485] loop2: detected capacity change from 0 to 1024 [ 276.933154][T10485] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 277.197309][ T5781] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 278.955299][T10525] loop2: detected capacity change from 0 to 512 [ 278.970254][T10525] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 279.016223][T10525] EXT4-fs error (device loop2): ext4_orphan_get:1399: inode #15: comm syz.2.1687: iget: bad i_size value: 38620345925642 [ 279.046497][T10525] EXT4-fs error (device loop2): ext4_orphan_get:1404: comm syz.2.1687: couldn't read orphan inode 15 (err -117) [ 279.061599][T10525] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 279.131890][T10529] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1689'. [ 279.343684][T10532] syzkaller0: entered promiscuous mode [ 279.350043][T10532] syzkaller0: entered allmulticast mode [ 279.361691][T10532] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1690'. [ 279.676054][T10541] 9pnet_fd: Insufficient options for proto=fd [ 279.900122][ T79] EXT4-fs error (device loop2): ext4_validate_block_bitmap:430: comm kworker/u4:5: bg 0: block 5: invalid block bitmap [ 279.931970][ T79] EXT4-fs (loop2): Delayed block allocation failed for inode 19 at logical offset 3 with max blocks 65 with error 28 [ 279.975135][ T79] EXT4-fs (loop2): This should not happen!! Data will be lost [ 279.975135][ T79] [ 279.985361][ T79] EXT4-fs (loop2): Total free blocks count 0 [ 279.991860][ T79] EXT4-fs (loop2): Free/Dirty block details [ 280.002888][T10550] 9pnet_fd: Insufficient options for proto=fd [ 280.009438][ T79] EXT4-fs (loop2): free_blocks=0 [ 280.014424][ T79] EXT4-fs (loop2): dirty_blocks=65 [ 280.028255][ T79] EXT4-fs (loop2): Block reservation details [ 280.042993][ T79] EXT4-fs (loop2): i_reserved_data_blocks=65 [ 280.058646][ T5781] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 280.189416][T10552] loop3: detected capacity change from 0 to 2048 [ 280.249172][T10552] loop3: p1 < > p4 [ 280.258531][T10552] loop3: p4 size 8388608 extends beyond EOD, truncated [ 280.611481][ T7300] udevd[7300]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory [ 280.625350][ T6595] udevd[6595]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory [ 280.790393][ T27] audit: type=1326 audit(280.752:2330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10571 comm="syz.3.1707" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f602098f6c9 code=0x7ffc0000 [ 280.845002][ T27] audit: type=1326 audit(280.752:2331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10571 comm="syz.3.1707" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f602098f6c9 code=0x7ffc0000 [ 280.906491][ T27] audit: type=1326 audit(280.752:2332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10571 comm="syz.3.1707" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f602098f6c9 code=0x7ffc0000 [ 280.949158][T10574] loop2: detected capacity change from 0 to 512 [ 280.966230][ T27] audit: type=1326 audit(280.752:2333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10571 comm="syz.3.1707" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f602098f6c9 code=0x7ffc0000 [ 280.990002][T10574] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 281.017723][T10574] EXT4-fs error (device loop2): ext4_orphan_get:1399: inode #15: comm syz.2.1706: iget: bad i_size value: 38620345925642 [ 281.040924][ T27] audit: type=1326 audit(280.752:2334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10571 comm="syz.3.1707" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f602098f6c9 code=0x7ffc0000 [ 281.068241][T10574] EXT4-fs error (device loop2): ext4_orphan_get:1404: comm syz.2.1706: couldn't read orphan inode 15 (err -117) [ 281.083812][T10576] loop3: detected capacity change from 0 to 4096 [ 281.084819][ T27] audit: type=1326 audit(280.752:2335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10571 comm="syz.3.1707" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f602098f6c9 code=0x7ffc0000 [ 281.113979][ T27] audit: type=1326 audit(280.752:2336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10571 comm="syz.3.1707" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f602098f6c9 code=0x7ffc0000 [ 281.115252][T10574] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 281.209043][T10576] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 281.244615][ T27] audit: type=1326 audit(280.752:2337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10571 comm="syz.3.1707" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f602098f6c9 code=0x7ffc0000 [ 281.340752][ T27] audit: type=1326 audit(280.752:2338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10571 comm="syz.3.1707" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f602098f6c9 code=0x7ffc0000 [ 281.390755][ T27] audit: type=1326 audit(280.752:2339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10571 comm="syz.3.1707" exe="/root/syz-executor" sig=0 arch=c000003e syscall=262 compat=0 ip=0x7f602098f6c9 code=0x7ffc0000 [ 281.469619][ T5780] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 282.019468][ T79] EXT4-fs error (device loop2): ext4_validate_block_bitmap:430: comm kworker/u4:5: bg 0: block 5: invalid block bitmap [ 282.056031][ T79] EXT4-fs (loop2): Delayed block allocation failed for inode 19 at logical offset 3 with max blocks 65 with error 28 [ 282.457836][ T79] EXT4-fs (loop2): This should not happen!! Data will be lost [ 282.457836][ T79] [ 282.786851][ T79] EXT4-fs (loop2): Total free blocks count 0 [ 282.793144][ T79] EXT4-fs (loop2): Free/Dirty block details [ 282.799388][ T79] EXT4-fs (loop2): free_blocks=0 [ 282.812995][ T79] EXT4-fs (loop2): dirty_blocks=65 [ 282.824704][ T79] EXT4-fs (loop2): Block reservation details [ 282.842692][ T79] EXT4-fs (loop2): i_reserved_data_blocks=65 [ 282.864421][ T5781] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 283.233066][T10600] netlink: 12 bytes leftover after parsing attributes in process `wÞ£ÿ'. [ 283.314095][T10600] netlink: 12 bytes leftover after parsing attributes in process `wÞ£ÿ'. [ 283.480593][T10600] netlink: 12 bytes leftover after parsing attributes in process `wÞ£ÿ'. [ 283.520999][T10614] tipc: Enabled bearer , priority 0 [ 283.548356][T10614] syzkaller0: entered promiscuous mode [ 283.554703][T10614] syzkaller0: entered allmulticast mode [ 283.631689][T10614] tipc: Resetting bearer [ 283.650860][T10613] tipc: Resetting bearer [ 283.705940][T10613] tipc: Disabling bearer [ 284.461619][T10626] netlink: 'syz.3.1726': attribute type 2 has an invalid length. [ 284.487029][T10626] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.1726'. [ 285.137393][T10650] netlink: 'syz.2.1736': attribute type 2 has an invalid length. [ 285.145902][T10650] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.1736'. [ 285.643842][T10660] loop2: detected capacity change from 0 to 512 [ 285.694389][T10660] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 285.751320][T10660] EXT4-fs error (device loop2): ext4_get_first_dir_block:3606: inode #12: comm syz.2.1739: directory missing '..' [ 285.896365][ T5781] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 286.833221][T10680] lo speed is unknown, defaulting to 1000 [ 287.035094][T10681] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1745'. [ 287.428329][T10680] lo speed is unknown, defaulting to 1000 [ 287.554084][T10686] loop2: detected capacity change from 0 to 512 [ 287.586017][T10686] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 287.618817][T10686] EXT4-fs error (device loop2): ext4_orphan_get:1399: inode #15: comm syz.2.1749: iget: bad i_size value: 38620345925642 [ 287.675364][T10686] EXT4-fs error (device loop2): ext4_orphan_get:1404: comm syz.2.1749: couldn't read orphan inode 15 (err -117) [ 287.713171][T10686] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 288.053321][ T59] EXT4-fs error (device loop2): ext4_validate_block_bitmap:430: comm kworker/u4:4: bg 0: block 5: invalid block bitmap [ 288.057987][ T27] kauditd_printk_skb: 28 callbacks suppressed [ 288.057999][ T27] audit: type=1326 audit(288.022:2368): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10693 comm="syz.1.1751" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f664418f6c9 code=0x7ffc0000 [ 288.100505][ T59] EXT4-fs (loop2): Delayed block allocation failed for inode 19 at logical offset 3 with max blocks 65 with error 28 [ 288.115088][ T59] EXT4-fs (loop2): This should not happen!! Data will be lost [ 288.115088][ T59] [ 288.133652][ T27] audit: type=1326 audit(288.022:2369): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10693 comm="syz.1.1751" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f664418f6c9 code=0x7ffc0000 [ 288.157051][ T27] audit: type=1326 audit(288.062:2370): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10693 comm="syz.1.1751" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f664418f6c9 code=0x7ffc0000 [ 288.164639][ T59] EXT4-fs (loop2): Total free blocks count 0 [ 288.181925][ T27] audit: type=1326 audit(288.062:2371): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10693 comm="syz.1.1751" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f664418f6c9 code=0x7ffc0000 [ 288.200176][ T59] EXT4-fs (loop2): Free/Dirty block details [ 288.212902][ T27] audit: type=1326 audit(288.062:2372): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10693 comm="syz.1.1751" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f664418f6c9 code=0x7ffc0000 [ 288.223166][ T59] EXT4-fs (loop2): free_blocks=0 [ 288.237085][ T27] audit: type=1326 audit(288.062:2373): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10693 comm="syz.1.1751" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f664418f6c9 code=0x7ffc0000 [ 288.252636][ T59] EXT4-fs (loop2): dirty_blocks=65 [ 288.263244][ T27] audit: type=1326 audit(288.062:2374): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10693 comm="syz.1.1751" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f664418f6c9 code=0x7ffc0000 [ 288.279124][ T59] EXT4-fs (loop2): Block reservation details [ 288.289863][ T27] audit: type=1326 audit(288.062:2375): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10693 comm="syz.1.1751" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f664418f6c9 code=0x7ffc0000 [ 288.307295][ T59] EXT4-fs (loop2): i_reserved_data_blocks=65 [ 288.327513][ T27] audit: type=1326 audit(288.062:2376): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10693 comm="syz.1.1751" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f664418f6c9 code=0x7ffc0000 [ 288.331945][ T5781] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 288.379757][ T27] audit: type=1326 audit(288.062:2377): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10693 comm="syz.1.1751" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f664418f6c9 code=0x7ffc0000 [ 288.482113][T10700] netlink: 'syz.2.1752': attribute type 12 has an invalid length. [ 288.505032][T10700] netlink: 132 bytes leftover after parsing attributes in process `syz.2.1752'. [ 288.586644][T10702] netlink: 'syz.3.1755': attribute type 2 has an invalid length. [ 288.605451][T10702] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.1755'. [ 288.869941][T10712] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1760'. [ 288.879150][T10712] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1760'. [ 288.888994][T10712] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1760'. [ 288.909234][T10712] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1760'. [ 288.920169][T10712] netlink: 'syz.1.1760': attribute type 6 has an invalid length. [ 289.695006][T10724] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1763'. [ 289.714719][T10731] netlink: 'syz.2.1767': attribute type 2 has an invalid length. [ 289.722538][T10731] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.1767'. [ 289.915182][T10736] loop2: detected capacity change from 0 to 1024 [ 289.923189][T10736] EXT4-fs: Ignoring removed mblk_io_submit option [ 290.001692][T10736] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 290.126117][T10739] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1215: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters [ 290.188006][ T5781] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 290.405887][T10749] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1774'. [ 290.588068][T10755] netlink: 'syz.0.1777': attribute type 2 has an invalid length. [ 290.605992][T10755] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.1777'. [ 291.669227][T10780] netlink: 'syz.1.1786': attribute type 2 has an invalid length. [ 291.687442][T10780] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.1786'. [ 292.015536][T10790] tipc: Enabling of bearer rejected, failed to enable media [ 292.324945][T10792] siw: device registration error -23 [ 292.415314][T10791] lo speed is unknown, defaulting to 1000 [ 292.946302][T10791] lo speed is unknown, defaulting to 1000 [ 293.119879][T10802] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1796'. [ 293.417253][T10808] loop2: detected capacity change from 0 to 512 [ 293.427398][T10808] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 293.470101][T10808] EXT4-fs error (device loop2): ext4_orphan_get:1399: inode #15: comm syz.2.1798: iget: bad i_size value: 38620345925642 [ 293.496637][T10808] EXT4-fs error (device loop2): ext4_orphan_get:1404: comm syz.2.1798: couldn't read orphan inode 15 (err -117) [ 293.539521][T10808] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 293.600903][ T59] EXT4-fs error (device loop2): ext4_validate_block_bitmap:430: comm kworker/u4:4: bg 0: block 5: invalid block bitmap [ 293.615586][ T59] EXT4-fs (loop2): Delayed block allocation failed for inode 19 at logical offset 3 with max blocks 65 with error 28 [ 293.628046][ T59] EXT4-fs (loop2): This should not happen!! Data will be lost [ 293.628046][ T59] [ 293.638455][ T59] EXT4-fs (loop2): Total free blocks count 0 [ 293.644558][ T59] EXT4-fs (loop2): Free/Dirty block details [ 293.651469][ T59] EXT4-fs (loop2): free_blocks=0 [ 293.657734][ T59] EXT4-fs (loop2): dirty_blocks=65 [ 293.662871][ T59] EXT4-fs (loop2): Block reservation details [ 293.669206][ T59] EXT4-fs (loop2): i_reserved_data_blocks=65 [ 293.688419][ T5781] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 293.757335][T10816] netlink: 'syz.0.1801': attribute type 2 has an invalid length. [ 293.796331][T10816] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.1801'. [ 293.866553][T10818] loop2: detected capacity change from 0 to 512 [ 293.874400][T10818] EXT4-fs: Ignoring removed i_version option [ 294.048330][T10818] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 294.776535][ T5781] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 295.125666][T10845] netlink: 'syz.2.1810': attribute type 2 has an invalid length. [ 295.153397][T10845] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.1810'. [ 296.227972][T10864] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1818'. [ 296.281805][T10864] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1818'. [ 296.627934][T10872] netlink: 'syz.3.1822': attribute type 2 has an invalid length. [ 296.660032][T10872] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.1822'. [ 296.806419][T10878] loop2: detected capacity change from 0 to 2048 [ 296.851981][T10878] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 296.941046][T10887] loop3: detected capacity change from 0 to 8192 [ 297.027879][T10887] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 297.057022][T10890] EXT4-fs error (device loop2): ext4_validate_block_bitmap:439: comm syz.2.1824: bg 0: block 345: padding at end of block bitmap is not set [ 297.108296][T10890] EXT4-fs (loop2): Remounting filesystem read-only [ 297.226930][ T27] kauditd_printk_skb: 697 callbacks suppressed [ 297.226946][ T27] audit: type=1326 audit(297.192:3075): auid=4294967295 uid=0 gid=60928 ses=4294967295 subj=unconfined pid=10891 comm="syz.0.1829" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ef558f6c9 code=0x7ffc0000 [ 297.290670][ T27] audit: type=1326 audit(297.192:3076): auid=4294967295 uid=0 gid=60928 ses=4294967295 subj=unconfined pid=10891 comm="syz.0.1829" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ef558f6c9 code=0x7ffc0000 [ 297.346961][ T27] audit: type=1326 audit(297.232:3077): auid=4294967295 uid=0 gid=60928 ses=4294967295 subj=unconfined pid=10891 comm="syz.0.1829" exe="/root/syz-executor" sig=0 arch=c000003e syscall=187 compat=0 ip=0x7f2ef558f6c9 code=0x7ffc0000 [ 297.398100][ T27] audit: type=1326 audit(297.232:3078): auid=4294967295 uid=0 gid=60928 ses=4294967295 subj=unconfined pid=10891 comm="syz.0.1829" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ef558f6c9 code=0x7ffc0000 [ 297.444307][ T27] audit: type=1326 audit(297.232:3079): auid=4294967295 uid=0 gid=60928 ses=4294967295 subj=unconfined pid=10891 comm="syz.0.1829" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ef558f6c9 code=0x7ffc0000 [ 297.498281][ T27] audit: type=1326 audit(297.232:3080): auid=4294967295 uid=0 gid=60928 ses=4294967295 subj=unconfined pid=10891 comm="syz.0.1829" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7f2ef558f6c9 code=0x7ffc0000 [ 297.545714][ T27] audit: type=1326 audit(297.292:3081): auid=4294967295 uid=0 gid=60928 ses=4294967295 subj=unconfined pid=10891 comm="syz.0.1829" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ef558f6c9 code=0x7ffc0000 [ 297.610096][ T27] audit: type=1326 audit(297.292:3082): auid=4294967295 uid=0 gid=60928 ses=4294967295 subj=unconfined pid=10891 comm="syz.0.1829" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ef558f6c9 code=0x7ffc0000 [ 297.657940][ T27] audit: type=1326 audit(297.292:3083): auid=4294967295 uid=0 gid=60928 ses=4294967295 subj=unconfined pid=10900 comm="syz.0.1829" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f2ef55c1f85 code=0x7ffc0000 [ 297.719644][ T27] audit: type=1326 audit(297.342:3084): auid=4294967295 uid=0 gid=60928 ses=4294967295 subj=unconfined pid=10891 comm="syz.0.1829" exe="/root/syz-executor" sig=0 arch=c000003e syscall=10 compat=0 ip=0x7f2ef558f6c9 code=0x7ffc0000 [ 298.216558][ T5781] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 298.230539][T10909] netlink: 'syz.3.1834': attribute type 2 has an invalid length. [ 298.239698][T10909] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.1834'. [ 298.593454][T10916] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1837'. [ 298.772496][T10921] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1839'. [ 298.850641][T10921] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1839'. [ 299.367768][T10936] netlink: 'syz.2.1845': attribute type 2 has an invalid length. [ 299.391020][T10936] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.1845'. [ 299.458067][T10939] xt_TPROXY: Can be used only with -p tcp or -p udp [ 299.767689][T10952] netlink: 'syz.0.1851': attribute type 10 has an invalid length. [ 299.808941][T10947] 9pnet: Could not find request transport: fd0x0000000000000005 [ 299.821500][T10952] team0: Port device dummy0 added [ 299.856167][T10953] netlink: 'syz.0.1851': attribute type 10 has an invalid length. [ 299.945718][T10953] team0: Port device dummy0 removed [ 299.966743][T10953] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 300.291193][T10966] netlink: 'syz.0.1857': attribute type 2 has an invalid length. [ 300.299188][T10966] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.1857'. [ 300.654642][T10967] lo speed is unknown, defaulting to 1000 [ 301.187104][T10967] lo speed is unknown, defaulting to 1000 [ 301.227768][T10972] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1859'. [ 301.384723][T10962] siw: device registration error -23 [ 302.017261][T10987] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1865'. [ 302.515870][T10989] netlink: 'syz.1.1866': attribute type 2 has an invalid length. [ 302.547490][T10989] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.1866'. [ 302.705319][T10993] netlink: 24 bytes leftover after parsing attributes in process `+}[@'. [ 303.019689][ T27] kauditd_printk_skb: 38 callbacks suppressed [ 303.019706][ T27] audit: type=1326 audit(302.982:3123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11003 comm="syz.2.1873" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ff418f6c9 code=0x7ffc0000 [ 303.098963][ T27] audit: type=1326 audit(303.012:3124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11003 comm="syz.2.1873" exe="/root/syz-executor" sig=0 arch=c000003e syscall=187 compat=0 ip=0x7f5ff418f6c9 code=0x7ffc0000 [ 303.124072][ T27] audit: type=1326 audit(303.012:3125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11003 comm="syz.2.1873" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ff418f6c9 code=0x7ffc0000 [ 303.286101][T11006] 9pnet: Could not find request transport: fd0x0000000000000005 [ 303.331644][T11012] syz_tun: entered promiscuous mode [ 303.349741][T11012] syz_tun: left promiscuous mode [ 303.393122][T11015] loop2: detected capacity change from 0 to 512 [ 303.410597][T11015] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 303.442386][T11015] EXT4-fs error (device loop2): ext4_orphan_get:1399: inode #15: comm syz.2.1876: iget: bad i_size value: 38620345925642 [ 303.456056][T11015] EXT4-fs error (device loop2): ext4_orphan_get:1404: comm syz.2.1876: couldn't read orphan inode 15 (err -117) [ 303.495094][T11015] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 303.716293][T11022] netlink: 'syz.3.1877': attribute type 2 has an invalid length. [ 303.743581][T11022] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.1877'. [ 303.986011][ T8] usb 1-1: new full-speed USB device number 6 using dummy_hcd [ 304.226525][ T8] usb 1-1: config 0 has an invalid interface number: 239 but max is 0 [ 304.244611][ T8] usb 1-1: config 0 has no interface number 0 [ 304.261600][ T8] usb 1-1: config 0 interface 239 altsetting 0 endpoint 0x1 has invalid maxpacket 991, setting to 64 [ 304.294046][ T8] usb 1-1: config 0 interface 239 altsetting 0 endpoint 0x82 has invalid maxpacket 255, setting to 64 [ 304.305043][T11030] dummy0: entered promiscuous mode [ 304.305559][T11030] vlan2: entered promiscuous mode [ 304.351482][ T8] usb 1-1: New USB device found, idVendor=6189, idProduct=182d, bcdDevice= 1.73 [ 304.381063][ T8] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 304.404547][ T8] usb 1-1: Product: syz [ 304.414681][ T8] usb 1-1: Manufacturer: syz [ 304.419401][ T8] usb 1-1: SerialNumber: syz [ 304.455509][ T8] usb 1-1: config 0 descriptor?? [ 304.594800][T11018] EXT4-fs error (device loop2): ext4_validate_block_bitmap:430: comm ext4lazyinit: bg 0: block 5: invalid block bitmap [ 304.963950][ T41] EXT4-fs (loop2): Delayed block allocation failed for inode 19 at logical offset 3 with max blocks 65 with error 28 [ 304.977946][ T41] EXT4-fs (loop2): This should not happen!! Data will be lost [ 304.977946][ T41] [ 304.987969][ T41] EXT4-fs (loop2): Total free blocks count 0 [ 304.994070][ T41] EXT4-fs (loop2): Free/Dirty block details [ 305.003196][ T41] EXT4-fs (loop2): free_blocks=0 [ 305.009816][ T41] EXT4-fs (loop2): dirty_blocks=65 [ 305.017949][ T41] EXT4-fs (loop2): Block reservation details [ 305.024081][ T41] EXT4-fs (loop2): i_reserved_data_blocks=65 [ 305.038844][ T5781] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 305.840902][T11047] lo speed is unknown, defaulting to 1000 [ 306.425252][T11046] loop3: detected capacity change from 0 to 512 [ 306.463588][T11046] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 306.558476][T11047] lo speed is unknown, defaulting to 1000 [ 306.676428][T11046] EXT4-fs (loop3): 1 truncate cleaned up [ 306.699026][T11046] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 306.763792][ T8] asix 1-1:0.239 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71 [ 306.771083][ T27] audit: type=1326 audit(306.722:3126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11045 comm="syz.3.1885" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f602098f6c9 code=0x7ffc0000 [ 306.775141][ T8] asix: probe of 1-1:0.239 failed with error -71 [ 306.826361][ T8] usb 1-1: USB disconnect, device number 6 [ 306.846461][ T27] audit: type=1326 audit(306.732:3127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11045 comm="syz.3.1885" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f602098f6c9 code=0x7ffc0000 [ 306.907462][ T27] audit: type=1326 audit(306.732:3128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11045 comm="syz.3.1885" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f602098f6c9 code=0x7ffc0000 [ 306.950536][ T27] audit: type=1326 audit(306.732:3129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11045 comm="syz.3.1885" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f602098f6c9 code=0x7ffc0000 [ 306.976641][ T27] audit: type=1326 audit(306.732:3130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11045 comm="syz.3.1885" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f602098f6c9 code=0x7ffc0000 [ 307.006335][ T27] audit: type=1326 audit(306.732:3131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11045 comm="syz.3.1885" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f602098f6c9 code=0x7ffc0000 [ 307.032700][ T27] audit: type=1326 audit(306.732:3132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11045 comm="syz.3.1885" exe="/root/syz-executor" sig=0 arch=c000003e syscall=223 compat=0 ip=0x7f602098f6c9 code=0x7ffc0000 [ 307.102664][ T5780] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 307.314126][T11060] loop3: detected capacity change from 0 to 8192 [ 307.331178][T11060] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 307.429960][T11066] 9pnet: Could not find request transport: fd0x0000000000000005 [ 307.575191][T11071] loop3: detected capacity change from 0 to 128 [ 307.598981][T11071] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 307.662474][T11071] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 308.393821][T11084] netlink: 'syz.3.1899': attribute type 2 has an invalid length. [ 308.418688][T11084] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.1899'. [ 308.648149][T11088] syz.3.1901[11088] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 308.648296][T11088] syz.3.1901[11088] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 308.702941][T11088] xt_CT: You must specify a L4 protocol and not use inversions on it [ 308.805804][ T27] kauditd_printk_skb: 64 callbacks suppressed [ 308.805819][ T27] audit: type=1326 audit(308.762:3197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11093 comm="syz.1.1904" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f664418f6c9 code=0x7ffc0000 [ 308.890462][ T27] audit: type=1326 audit(308.762:3198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11093 comm="syz.1.1904" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f664418f6c9 code=0x7ffc0000 [ 308.935958][ T27] audit: type=1326 audit(308.802:3199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11093 comm="syz.1.1904" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f664418f6c9 code=0x7ffc0000 [ 308.993715][ T27] audit: type=1326 audit(308.802:3200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11093 comm="syz.1.1904" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f664418f6c9 code=0x7ffc0000 [ 309.052356][ T27] audit: type=1326 audit(308.802:3201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11093 comm="syz.1.1904" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7f664418f6c9 code=0x7ffc0000 [ 309.119535][ T27] audit: type=1326 audit(308.862:3202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11093 comm="syz.1.1904" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f664418f6c9 code=0x7ffc0000 [ 309.160768][ T27] audit: type=1326 audit(308.872:3203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11099 comm="syz.1.1904" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f66441c1f85 code=0x7ffc0000 [ 309.212306][ T27] audit: type=1326 audit(308.872:3204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11093 comm="syz.1.1904" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f664418f6c9 code=0x7ffc0000 [ 309.262059][ T27] audit: type=1326 audit(308.922:3205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11093 comm="syz.1.1904" exe="/root/syz-executor" sig=0 arch=c000003e syscall=434 compat=0 ip=0x7f664418f6c9 code=0x7ffc0000 [ 309.303120][ T27] audit: type=1326 audit(308.922:3206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11093 comm="syz.1.1904" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f664418f6c9 code=0x7ffc0000 [ 309.511538][T11112] netlink: 'syz.3.1911': attribute type 2 has an invalid length. [ 309.520930][T11112] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.1911'. [ 309.598683][T11114] 9pnet_fd: Insufficient options for proto=fd [ 310.674461][T11130] tipc: Enabled bearer , priority 0 [ 310.717193][T11126] tipc: Resetting bearer [ 311.422788][T11140] netlink: 'syz.2.1921': attribute type 2 has an invalid length. [ 311.450779][T11140] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.1921'. [ 311.704587][ T5820] tipc: Node number set to 4294246401 [ 311.989657][T11158] 9pnet_fd: Insufficient options for proto=fd [ 312.900538][T11160] syz.2.1929[11160] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 312.900674][T11160] syz.2.1929[11160] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 313.555209][T11126] tipc: Disabling bearer [ 313.757533][T11168] netlink: 'syz.1.1932': attribute type 2 has an invalid length. [ 313.773716][T11168] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.1932'. [ 313.961755][T11175] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1935'. [ 314.070768][T11175] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1935'. [ 314.139682][T11162] lo speed is unknown, defaulting to 1000 [ 314.254439][T11175] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1935'. [ 314.365342][T11186] 9pnet_fd: Insufficient options for proto=fd [ 314.447834][T11190] loop3: detected capacity change from 0 to 164 [ 314.486728][T11190] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 314.508379][T11190] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 314.528101][T11190] Symlink component flag not implemented [ 314.533774][T11190] Symlink component flag not implemented [ 314.579949][T11190] Symlink component flag not implemented (7) [ 314.607688][T11190] Symlink component flag not implemented (116) [ 314.777117][T11197] netlink: 'syz.2.1942': attribute type 2 has an invalid length. [ 314.793011][T11197] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.1942'. [ 315.044171][ T27] kauditd_printk_skb: 1856 callbacks suppressed [ 315.044188][ T27] audit: type=1326 audit(315.002:5063): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11204 comm="syz.3.1947" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f602098f6c9 code=0x7ffc0000 [ 315.087773][ T27] audit: type=1326 audit(315.002:5064): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11204 comm="syz.3.1947" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f602098f6c9 code=0x7ffc0000 [ 315.150386][ T27] audit: type=1326 audit(315.042:5065): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11204 comm="syz.3.1947" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7f602098f6c9 code=0x7ffc0000 [ 315.221134][ T27] audit: type=1326 audit(315.052:5066): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11204 comm="syz.3.1947" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f602098f703 code=0x7ffc0000 [ 315.244228][T11211] syz.0.1949[11211] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 315.244370][T11211] syz.0.1949[11211] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 315.297171][ T27] audit: type=1326 audit(315.052:5067): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11204 comm="syz.3.1947" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f602098f703 code=0x7ffc0000 [ 315.386080][T11214] loop2: detected capacity change from 0 to 128 [ 315.404756][ T27] audit: type=1326 audit(315.052:5068): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11204 comm="syz.3.1947" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f602098f6c9 code=0x7ffc0000 [ 315.497677][ T27] audit: type=1326 audit(315.052:5069): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11204 comm="syz.3.1947" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f602098f6c9 code=0x7ffc0000 [ 315.583978][ T27] audit: type=1326 audit(315.052:5070): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11204 comm="syz.3.1947" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f602098f6c9 code=0x7ffc0000 [ 315.651485][ T27] audit: type=1326 audit(315.052:5071): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11204 comm="syz.3.1947" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f602098f6c9 code=0x7ffc0000 [ 315.706903][ T27] audit: type=1326 audit(315.052:5072): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11204 comm="syz.3.1947" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f602098f6c9 code=0x7ffc0000 [ 315.805877][T11218] loop2: detected capacity change from 0 to 4096 [ 315.814812][T11218] EXT4-fs (loop2): Test dummy encryption mode enabled [ 315.821638][T11218] EXT4-fs (loop2): unsupported descriptor size 255 [ 315.997933][T11222] netlink: 'syz.0.1954': attribute type 2 has an invalid length. [ 316.013734][T11222] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.1954'. [ 316.020313][T11224] loop3: detected capacity change from 0 to 512 [ 316.039495][T11224] EXT4-fs: Ignoring removed i_version option [ 316.054828][T11224] EXT4-fs: Ignoring removed bh option [ 316.099549][T11224] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 316.350503][ T5780] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 316.444794][T11242] netlink: 'syz.3.1961': attribute type 29 has an invalid length. [ 316.453110][T11242] netlink: 'syz.3.1961': attribute type 29 has an invalid length. [ 316.476553][T11242] netlink: 'syz.3.1961': attribute type 29 has an invalid length. [ 316.702820][T11255] netlink: 'syz.0.1966': attribute type 2 has an invalid length. [ 316.723278][T11259] 9pnet_fd: Insufficient options for proto=fd [ 316.733524][T11255] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.1966'. [ 317.479600][ T1275] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.825644][T11281] netlink: 'syz.3.1978': attribute type 2 has an invalid length. [ 317.833425][T11281] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.1978'. [ 318.020298][T11292] loop3: detected capacity change from 0 to 128 [ 318.038591][T11295] macsec0: entered promiscuous mode [ 318.100193][T11292] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 318.249330][ T5780] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 318.326698][T11312] loop2: detected capacity change from 0 to 512 [ 318.334850][T11312] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 318.348127][T11312] EXT4-fs error (device loop2): ext4_orphan_get:1399: inode #15: comm syz.2.1993: iget: bad i_size value: 38620345925642 [ 318.361669][T11312] EXT4-fs error (device loop2): ext4_orphan_get:1404: comm syz.2.1993: couldn't read orphan inode 15 (err -117) [ 318.376731][T11312] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 318.544244][T11319] loop3: detected capacity change from 0 to 512 [ 318.611301][T11319] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 319.209569][ T5820] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 319.258724][ T5780] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 319.362876][ T59] EXT4-fs error (device loop2): ext4_validate_block_bitmap:430: comm kworker/u4:4: bg 0: block 5: invalid block bitmap [ 319.380443][ T59] EXT4-fs (loop2): Delayed block allocation failed for inode 19 at logical offset 3 with max blocks 65 with error 28 [ 319.395187][ T5820] usb 1-1: device descriptor read/64, error -71 [ 319.404406][ T59] EXT4-fs (loop2): This should not happen!! Data will be lost [ 319.404406][ T59] [ 319.430814][ T59] EXT4-fs (loop2): Total free blocks count 0 [ 319.451222][ T59] EXT4-fs (loop2): Free/Dirty block details [ 319.462189][ T59] EXT4-fs (loop2): free_blocks=0 [ 319.469339][ T59] EXT4-fs (loop2): dirty_blocks=65 [ 319.477329][ T59] EXT4-fs (loop2): Block reservation details [ 319.484001][ T59] EXT4-fs (loop2): i_reserved_data_blocks=65 [ 319.495790][ T5781] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 319.674677][ T5820] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 319.749349][T11350] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2007'. [ 319.834625][ T5820] usb 1-1: device descriptor read/64, error -71 [ 319.856518][T11354] loop3: detected capacity change from 0 to 512 [ 319.886202][T11354] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 319.917734][T11354] EXT4-fs error (device loop3): ext4_orphan_get:1399: inode #15: comm syz.3.2009: iget: bad i_size value: 38620345925642 [ 319.931455][T11354] EXT4-fs error (device loop3): ext4_orphan_get:1404: comm syz.3.2009: couldn't read orphan inode 15 (err -117) [ 319.948586][T11354] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 319.965317][ T5820] usb usb1-port1: attempt power cycle [ 320.264362][T11367] loop2: detected capacity change from 0 to 1024 [ 320.311205][T11367] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 320.413502][ T27] kauditd_printk_skb: 81 callbacks suppressed [ 320.413517][ T27] audit: type=1326 audit(320.372:5154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11366 comm="syz.2.2014" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f5ff418f6c9 code=0x0 [ 320.772235][ T79] EXT4-fs error (device loop3): ext4_validate_block_bitmap:430: comm kworker/u4:5: bg 0: block 5: invalid block bitmap [ 320.785001][ T5820] usb 1-1: new high-speed USB device number 9 using dummy_hcd [ 320.785853][ T79] EXT4-fs (loop3): Delayed block allocation failed for inode 19 at logical offset 3 with max blocks 65 with error 28 [ 320.806939][ T79] EXT4-fs (loop3): This should not happen!! Data will be lost [ 320.806939][ T79] [ 320.818869][ T79] EXT4-fs (loop3): Total free blocks count 0 [ 320.825145][ T5820] usb 1-1: device descriptor read/8, error -71 [ 320.826197][ T79] EXT4-fs (loop3): Free/Dirty block details [ 320.840767][ T79] EXT4-fs (loop3): free_blocks=0 [ 320.847214][ T79] EXT4-fs (loop3): dirty_blocks=65 [ 320.852353][ T79] EXT4-fs (loop3): Block reservation details [ 320.858809][ T79] EXT4-fs (loop3): i_reserved_data_blocks=65 [ 320.872543][ T5780] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 320.937406][ T27] audit: type=1326 audit(320.902:5155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11381 comm="syz.3.2019" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f602098f6c9 code=0x7ffc0000 [ 320.958942][T11384] netlink: 'syz.1.2021': attribute type 2 has an invalid length. [ 320.967259][T11384] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.2021'. [ 320.978086][ T27] audit: type=1326 audit(320.922:5156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11381 comm="syz.3.2019" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f602098f6c9 code=0x7ffc0000 [ 321.002944][ T27] audit: type=1326 audit(320.922:5157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11381 comm="syz.3.2019" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f602098f6c9 code=0x7ffc0000 [ 321.059381][ T27] audit: type=1326 audit(320.922:5158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11381 comm="syz.3.2019" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f602098f6c9 code=0x7ffc0000 [ 321.104142][ T27] audit: type=1326 audit(320.922:5159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11381 comm="syz.3.2019" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f602098f6c9 code=0x7ffc0000 [ 321.126544][ T5820] usb 1-1: new high-speed USB device number 10 using dummy_hcd [ 321.137994][ T5781] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 321.150615][T11389] netlink: 'syz.3.2024': attribute type 6 has an invalid length. [ 321.151493][ T27] audit: type=1326 audit(320.922:5160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11381 comm="syz.3.2019" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f602098f6c9 code=0x7ffc0000 [ 321.191094][ T5820] usb 1-1: device descriptor read/8, error -71 [ 321.234811][ T27] audit: type=1326 audit(320.922:5161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11381 comm="syz.3.2019" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f602098f6c9 code=0x7ffc0000 [ 321.265669][ T27] audit: type=1326 audit(320.922:5162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11381 comm="syz.3.2019" exe="/root/syz-executor" sig=0 arch=c000003e syscall=207 compat=0 ip=0x7f602098f6c9 code=0x7ffc0000 [ 321.288006][ T27] audit: type=1326 audit(320.922:5163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11381 comm="syz.3.2019" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f602098f6c9 code=0x7ffc0000 [ 321.325374][ T5820] usb usb1-port1: unable to enumerate USB device [ 321.375829][T11390] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2023'. [ 321.409820][T11401] loop2: detected capacity change from 0 to 512 [ 321.418073][T11401] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 321.430019][T11401] EXT4-fs error (device loop2): ext4_orphan_get:1399: inode #15: comm syz.2.2029: iget: bad i_size value: 38620345925642 [ 321.443474][T11401] EXT4-fs error (device loop2): ext4_orphan_get:1404: comm syz.2.2029: couldn't read orphan inode 15 (err -117) [ 321.456757][T11401] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 321.701154][T11406] netlink: 'syz.0.2032': attribute type 2 has an invalid length. [ 321.721424][T11406] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.2032'. [ 321.942744][T11414] tipc: Started in network mode [ 321.963325][T11414] tipc: Node identity 00000000000000000000000000000001, cluster identity 4711 [ 322.002651][T11414] tipc: New replicast peer: fe80:0000:0000:0000:0000:0000:0000:00bb [ 322.075316][T11414] tipc: Enabled bearer , priority 10 [ 322.137112][T11414] veth0: entered promiscuous mode [ 322.142424][T11414] veth0: entered allmulticast mode [ 322.198811][T11422] netlink: 19 bytes leftover after parsing attributes in process `syz.3.2037'. [ 322.326056][ T59] EXT4-fs error (device loop2): ext4_validate_block_bitmap:430: comm kworker/u4:4: bg 0: block 5: invalid block bitmap [ 322.348733][ T59] EXT4-fs (loop2): Delayed block allocation failed for inode 19 at logical offset 3 with max blocks 65 with error 28 [ 322.361999][ T59] EXT4-fs (loop2): This should not happen!! Data will be lost [ 322.361999][ T59] [ 322.373364][ T59] EXT4-fs (loop2): Total free blocks count 0 [ 322.379549][ T59] EXT4-fs (loop2): Free/Dirty block details [ 322.387244][ T59] EXT4-fs (loop2): free_blocks=0 [ 322.392220][ T59] EXT4-fs (loop2): dirty_blocks=65 [ 322.397472][ T59] EXT4-fs (loop2): Block reservation details [ 322.403465][ T59] EXT4-fs (loop2): i_reserved_data_blocks=65 [ 322.415374][ T5781] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 322.765554][ T5820] Process accounting resumed [ 323.492352][ T5828] tipc: Node number set to 1 [ 323.908959][T11451] loop2: detected capacity change from 0 to 512 [ 323.919419][T11451] EXT4-fs: Ignoring removed i_version option [ 323.953608][T11451] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=e000c018, mo2=0002] [ 323.962578][T11451] System zones: 0-2, 18-18, 34-35 [ 323.983281][T11451] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 325.452928][T11455] netlink: 'syz.3.2049': attribute type 2 has an invalid length. [ 325.463165][T11455] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.2049'. [ 325.838542][ T5781] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 326.136201][T11462] loop2: detected capacity change from 0 to 512 [ 326.179329][T11462] EXT4-fs: inline encryption not supported [ 326.193548][T11462] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 326.219470][T11462] EXT4-fs error (device loop2): ext4_orphan_get:1399: comm syz.2.2050: inode #13: comm syz.2.2050: iget: illegal inode # [ 326.234104][T11467] netlink: 12 bytes leftover after parsing attributes in process `wÞ£ÿ'. [ 326.235289][T11462] EXT4-fs error (device loop2): ext4_orphan_get:1404: comm syz.2.2050: couldn't read orphan inode 13 (err -117) [ 326.256684][T11462] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 326.594663][T11462] EXT4-fs error (device loop2): ext4_resize_begin:62: comm syz.2.2050: resize_inode disabled but reserved GDT blocks non-zero [ 326.927950][ T5781] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 327.297503][ T27] kauditd_printk_skb: 95 callbacks suppressed [ 327.297517][ T27] audit: type=1326 audit(327.262:5259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11479 comm="syz.3.2058" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f602098f6c9 code=0x7ffc0000 [ 327.338404][ T27] audit: type=1326 audit(327.302:5260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11479 comm="syz.3.2058" exe="/root/syz-executor" sig=0 arch=c000003e syscall=61 compat=0 ip=0x7f602098f6c9 code=0x7ffc0000 [ 327.380645][ T27] audit: type=1326 audit(327.342:5261): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11479 comm="syz.3.2058" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f602098f6c9 code=0x7ffc0000 [ 327.385300][T11484] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2058'. [ 327.422804][ T27] audit: type=1326 audit(327.342:5262): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11479 comm="syz.3.2058" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f602098f6c9 code=0x7ffc0000 [ 327.446928][ T27] audit: type=1326 audit(327.342:5263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11479 comm="syz.3.2058" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f602098f6c9 code=0x7ffc0000 [ 327.491800][ T27] audit: type=1326 audit(327.342:5264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11479 comm="syz.3.2058" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f602098f6c9 code=0x7ffc0000 [ 327.517601][ T27] audit: type=1326 audit(327.342:5265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11479 comm="syz.3.2058" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f602098f6c9 code=0x7ffc0000 [ 327.541452][ T27] audit: type=1326 audit(327.382:5266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11479 comm="syz.3.2058" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f602098f6c9 code=0x7ffc0000 [ 327.564732][ T27] audit: type=1326 audit(327.382:5267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11479 comm="syz.3.2058" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f602098f6c9 code=0x7ffc0000 [ 327.589232][ T27] audit: type=1326 audit(327.412:5268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11479 comm="syz.3.2058" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f602098f6c9 code=0x7ffc0000 [ 327.825943][T11480] loop3: detected capacity change from 0 to 8192 [ 327.966178][T11486] netlink: 'syz.0.2060': attribute type 2 has an invalid length. [ 327.973985][T11486] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.2060'. [ 330.823766][T11531] loop3: detected capacity change from 0 to 512 [ 330.843509][T11531] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 330.884083][T11531] EXT4-fs error (device loop3): ext4_orphan_get:1399: inode #15: comm syz.3.2078: iget: bad i_size value: 38620345925642 [ 330.897549][T11531] EXT4-fs error (device loop3): ext4_orphan_get:1404: comm syz.3.2078: couldn't read orphan inode 15 (err -117) [ 330.918313][T11531] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 332.104640][T11534] EXT4-fs error (device loop3): ext4_validate_block_bitmap:430: comm ext4lazyinit: bg 0: block 5: invalid block bitmap [ 332.263825][ T59] EXT4-fs (loop3): Delayed block allocation failed for inode 19 at logical offset 3 with max blocks 65 with error 28 [ 332.278700][ T59] EXT4-fs (loop3): This should not happen!! Data will be lost [ 332.278700][ T59] [ 332.290471][ T59] EXT4-fs (loop3): Total free blocks count 0 [ 332.298295][ T59] EXT4-fs (loop3): Free/Dirty block details [ 332.304406][ T59] EXT4-fs (loop3): free_blocks=0 [ 332.309964][ T59] EXT4-fs (loop3): dirty_blocks=65 [ 332.316571][ T59] EXT4-fs (loop3): Block reservation details [ 332.322636][ T59] EXT4-fs (loop3): i_reserved_data_blocks=65 [ 332.334114][ T5780] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 332.496880][ T27] kauditd_printk_skb: 59 callbacks suppressed [ 332.496896][ T27] audit: type=1326 audit(332.462:5328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11546 comm="syz.3.2083" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f602098f6c9 code=0x7ffc0000 [ 332.526641][ T27] audit: type=1326 audit(332.492:5329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11546 comm="syz.3.2083" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f602098f6c9 code=0x7ffc0000 [ 332.550697][ T27] audit: type=1326 audit(332.492:5330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11546 comm="syz.3.2083" exe="/root/syz-executor" sig=0 arch=c000003e syscall=61 compat=0 ip=0x7f602098f6c9 code=0x7ffc0000 [ 332.583582][ T27] audit: type=1326 audit(332.542:5331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11546 comm="syz.3.2083" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f602098f6c9 code=0x7ffc0000 [ 332.610089][ T27] audit: type=1326 audit(332.542:5332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11546 comm="syz.3.2083" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f602098f6c9 code=0x7ffc0000 [ 332.653938][ T27] audit: type=1326 audit(332.542:5333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11546 comm="syz.3.2083" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f602098f6c9 code=0x7ffc0000 [ 332.686576][ T27] audit: type=1326 audit(332.542:5334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11546 comm="syz.3.2083" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f602098f6c9 code=0x7ffc0000 [ 332.734000][ T27] audit: type=1326 audit(332.542:5335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11546 comm="syz.3.2083" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f602098df10 code=0x7ffc0000 [ 332.759133][ T27] audit: type=1326 audit(332.542:5336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11546 comm="syz.3.2083" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f602098f6c9 code=0x7ffc0000 [ 332.782188][ T27] audit: type=1326 audit(332.542:5337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11546 comm="syz.3.2083" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f602098e32a code=0x7ffc0000 [ 332.839033][T11557] bond2: entered promiscuous mode [ 332.844185][T11557] bond2: entered allmulticast mode [ 332.849898][T11557] 8021q: adding VLAN 0 to HW filter on device bond2 [ 333.189481][T11557] bond2 (unregistering): Released all slaves [ 333.790129][T11566] loop3: detected capacity change from 0 to 512 [ 333.809534][T11566] EXT4-fs: inline encryption not supported [ 333.839357][T11566] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 333.885149][T11566] EXT4-fs error (device loop3): ext4_orphan_get:1399: comm syz.3.2089: inode #13: comm syz.3.2089: iget: illegal inode # [ 333.925016][T11566] EXT4-fs error (device loop3): ext4_orphan_get:1404: comm syz.3.2089: couldn't read orphan inode 13 (err -117) [ 333.956366][T11566] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 334.037204][T11566] EXT4-fs error (device loop3): ext4_resize_begin:62: comm syz.3.2089: resize_inode disabled but reserved GDT blocks non-zero [ 334.284310][ T5780] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 335.032992][ T8] Process accounting resumed [ 336.242224][T11602] netlink: 'syz.3.2103': attribute type 2 has an invalid length. [ 336.255957][T11602] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.2103'. [ 336.284985][T11604] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2104'. [ 336.306056][T11604] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2104'. [ 336.325057][T11604] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2104'. [ 336.356834][T11604] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2104'. [ 336.375954][T11604] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2104'. [ 336.516305][T11612] netlink: 56 bytes leftover after parsing attributes in process `syz.1.2108'. [ 336.537857][T11612] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2108'. [ 337.015484][T11628] netlink: 'syz.2.2115': attribute type 2 has an invalid length. [ 337.023290][T11628] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.2115'. [ 337.765621][ T27] kauditd_printk_skb: 57 callbacks suppressed [ 337.765639][ T27] audit: type=1326 audit(337.732:5395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11633 comm="syz.0.2118" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ef558f6c9 code=0x7ffc0000 [ 337.808972][ T27] audit: type=1326 audit(337.762:5396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11633 comm="syz.0.2118" exe="/root/syz-executor" sig=0 arch=c000003e syscall=100 compat=0 ip=0x7f2ef558f6c9 code=0x7ffc0000 [ 337.831961][ T27] audit: type=1326 audit(337.762:5397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11633 comm="syz.0.2118" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ef558f6c9 code=0x7ffc0000 [ 337.854142][ T27] audit: type=1326 audit(337.782:5398): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11633 comm="syz.0.2118" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ef558f6c9 code=0x7ffc0000 [ 337.935783][ T27] audit: type=1326 audit(337.892:5399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11638 comm="syz.1.2120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f664418f6c9 code=0x7ffc0000 [ 337.965167][ T27] audit: type=1326 audit(337.892:5400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11638 comm="syz.1.2120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f664418f6c9 code=0x7ffc0000 [ 337.990195][ T27] audit: type=1326 audit(337.922:5401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11638 comm="syz.1.2120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f664418f6c9 code=0x7ffc0000 [ 338.013349][ T27] audit: type=1326 audit(337.922:5402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11638 comm="syz.1.2120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f664418f6c9 code=0x7ffc0000 [ 338.044879][ T27] audit: type=1326 audit(337.922:5403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11638 comm="syz.1.2120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f664418f6c9 code=0x7ffc0000 [ 338.072245][ T27] audit: type=1326 audit(337.922:5404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11638 comm="syz.1.2120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f664418f6c9 code=0x7ffc0000 [ 338.133856][T11648] syz.1.2125[11648] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 338.134000][T11648] syz.1.2125[11648] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 339.008125][T11671] loop2: detected capacity change from 0 to 1024 [ 339.203654][T11671] EXT4-fs: inline encryption not supported [ 339.228721][T11671] EXT4-fs: Ignoring removed orlov option [ 339.256794][T11671] EXT4-fs (loop2): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 339.320565][T11678] loop3: detected capacity change from 0 to 512 [ 339.330957][T11678] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 339.342770][T11671] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 339.356875][T11678] EXT4-fs error (device loop3): ext4_orphan_get:1399: inode #15: comm syz.3.2136: iget: bad i_size value: 38620345925642 [ 339.375200][T11678] EXT4-fs error (device loop3): ext4_orphan_get:1404: comm syz.3.2136: couldn't read orphan inode 15 (err -117) [ 339.387405][T11675] 9pnet: Could not find request transport: d [ 339.412536][T11678] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 339.498003][ T5781] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 339.832893][T11701] loop2: detected capacity change from 0 to 1024 [ 339.848408][T11701] EXT4-fs: Ignoring removed bh option [ 339.865889][T11701] EXT4-fs (loop2): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 340.029432][T11701] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 340.130075][ T5781] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 340.873727][T11712] netlink: 'syz.2.2147': attribute type 2 has an invalid length. [ 340.893654][T11712] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.2147'. [ 341.170073][ T49] EXT4-fs error (device loop3): ext4_validate_block_bitmap:430: comm kworker/u4:3: bg 0: block 5: invalid block bitmap [ 341.204336][ T49] EXT4-fs (loop3): Delayed block allocation failed for inode 19 at logical offset 3 with max blocks 65 with error 28 [ 341.221425][ T49] EXT4-fs (loop3): This should not happen!! Data will be lost [ 341.221425][ T49] [ 341.232446][ T49] EXT4-fs (loop3): Total free blocks count 0 [ 341.240877][ T49] EXT4-fs (loop3): Free/Dirty block details [ 341.248506][ T49] EXT4-fs (loop3): free_blocks=0 [ 341.253485][ T49] EXT4-fs (loop3): dirty_blocks=65 [ 341.260666][ T49] EXT4-fs (loop3): Block reservation details [ 341.267778][ T49] EXT4-fs (loop3): i_reserved_data_blocks=65 [ 341.280840][ T5780] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 341.368344][T11724] loop3: detected capacity change from 0 to 1024 [ 341.377666][T11724] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 341.389969][T11724] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 341.413174][T11724] JBD2: no valid journal superblock found [ 341.419646][T11724] EXT4-fs (loop3): Could not load journal inode [ 342.615583][T11737] loop3: detected capacity change from 0 to 1024 [ 342.737433][T11737] EXT4-fs: Ignoring removed orlov option [ 342.902347][T11737] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 343.086194][ T5780] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 343.113972][ T27] kauditd_printk_skb: 58 callbacks suppressed [ 343.113990][ T27] audit: type=1326 audit(343.062:5463): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11744 comm="syz.2.2160" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ff418f6c9 code=0x7ffc0000 [ 343.164885][ T27] audit: type=1326 audit(343.062:5464): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11744 comm="syz.2.2160" exe="/root/syz-executor" sig=0 arch=c000003e syscall=325 compat=0 ip=0x7f5ff418f6c9 code=0x7ffc0000 [ 343.234832][ T27] audit: type=1326 audit(343.062:5465): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11744 comm="syz.2.2160" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ff418f6c9 code=0x7ffc0000 [ 343.423106][T11758] loop3: detected capacity change from 0 to 512 [ 343.444391][T11758] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 343.588601][ T5780] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 344.705491][T11769] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2169'. [ 345.534230][ T27] audit: type=1326 audit(345.492:5466): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11782 comm="syz.2.2175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ff418f6c9 code=0x7ffc0000 [ 345.568890][ T27] audit: type=1326 audit(345.532:5467): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11782 comm="syz.2.2175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=67 compat=0 ip=0x7f5ff418f6c9 code=0x7ffc0000 [ 345.584871][T11790] netlink: 'syz.1.2179': attribute type 2 has an invalid length. [ 345.614415][ T27] audit: type=1326 audit(345.532:5468): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11782 comm="syz.2.2175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ff418f6c9 code=0x7ffc0000 [ 345.634287][T11790] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.2179'. [ 345.639431][T11792] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2175'. [ 345.694271][ T27] audit: type=1326 audit(345.532:5469): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11782 comm="syz.2.2175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=291 compat=0 ip=0x7f5ff418f6c9 code=0x7ffc0000 [ 345.718457][ T27] audit: type=1326 audit(345.532:5470): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11782 comm="syz.2.2175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ff418f6c9 code=0x7ffc0000 [ 345.740617][ T27] audit: type=1326 audit(345.532:5471): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11782 comm="syz.2.2175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5ff418f6c9 code=0x7ffc0000 [ 345.762609][ T27] audit: type=1326 audit(345.532:5472): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11782 comm="syz.2.2175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ff418f6c9 code=0x7ffc0000 [ 345.916462][T11802] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2182'. [ 346.933991][T11826] netlink: 'syz.3.2191': attribute type 2 has an invalid length. [ 346.941942][T11826] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.2191'. [ 348.222612][T11844] loop3: detected capacity change from 0 to 512 [ 348.252659][T11844] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 348.452003][ T5780] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 348.604241][T11863] netlink: 'syz.2.2204': attribute type 2 has an invalid length. [ 348.613955][T11863] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.2204'. [ 348.634340][T11861] program syz.3.2203 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 349.292737][ T27] kauditd_printk_skb: 23 callbacks suppressed [ 349.292771][ T27] audit: type=1326 audit(349.252:5496): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11876 comm="syz.2.2209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ff418f6c9 code=0x7ffc0000 [ 349.684088][ T27] audit: type=1326 audit(349.292:5497): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11876 comm="syz.2.2209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ff418f6c9 code=0x7ffc0000 [ 349.744563][ T27] audit: type=1326 audit(349.332:5498): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11876 comm="syz.2.2209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5ff418f6c9 code=0x7ffc0000 [ 349.839622][ T27] audit: type=1326 audit(349.342:5499): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11876 comm="syz.2.2209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ff418f6c9 code=0x7ffc0000 [ 349.860775][T11883] program syz.3.2212 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 349.897858][ T27] audit: type=1326 audit(349.352:5500): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11876 comm="syz.2.2209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ff418f6c9 code=0x7ffc0000 [ 349.950269][ T27] audit: type=1326 audit(349.352:5501): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11876 comm="syz.2.2209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5ff418f6c9 code=0x7ffc0000 [ 349.973581][ T27] audit: type=1326 audit(349.382:5502): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11876 comm="syz.2.2209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ff418f6c9 code=0x7ffc0000 [ 349.996290][ T27] audit: type=1326 audit(349.382:5503): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11876 comm="syz.2.2209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ff418f6c9 code=0x7ffc0000 [ 350.040378][T11892] netlink: 'syz.3.2216': attribute type 2 has an invalid length. [ 350.048680][T11892] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.2216'. [ 350.062141][ T27] audit: type=1326 audit(349.392:5504): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11876 comm="syz.2.2209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5ff418f6c9 code=0x7ffc0000 [ 350.114941][ T27] audit: type=1326 audit(349.392:5505): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11876 comm="syz.2.2209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ff418f6c9 code=0x7ffc0000 [ 350.152252][T11894] syz.2.2218[11894] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 350.152398][T11894] syz.2.2218[11894] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 351.367571][T11924] netlink: 'syz.2.2229': attribute type 2 has an invalid length. [ 351.415287][T11924] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.2229'. [ 351.557393][T11932] loop2: detected capacity change from 0 to 1024 [ 351.568652][T11932] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 351.594820][T11932] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 351.621983][T11932] JBD2: no valid journal superblock found [ 351.634943][T11932] EXT4-fs (loop2): Could not load journal inode [ 351.665353][T11935] netlink: 'syz.1.2235': attribute type 5 has an invalid length. [ 351.701115][T11935] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 351.710825][T11935] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 351.719783][T11935] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 351.728627][T11935] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 351.748901][T11935] netdevsim netdevsim1 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 351.758095][T11935] netdevsim netdevsim1 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 351.767052][T11935] netdevsim netdevsim1 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 351.776021][T11935] netdevsim netdevsim1 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 352.503340][T11944] netlink: 'syz.2.2238': attribute type 10 has an invalid length. [ 352.653199][T11948] syz.1.2239[11948] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 352.653332][T11948] syz.1.2239[11948] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 352.715260][T11944] team0: Port device dummy0 added [ 352.732857][T11945] netlink: 'syz.2.2238': attribute type 10 has an invalid length. [ 352.767501][T11945] team0: Failed to send port change of device dummy0 via netlink (err -105) [ 352.803330][T11945] team0: Failed to send options change via netlink (err -105) [ 352.822101][T11945] team0: Failed to send port change of device dummy0 via netlink (err -105) [ 352.832059][T11945] team0: Port device dummy0 removed [ 352.852519][T11945] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 352.864411][T11946] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2238'. [ 353.062397][T11965] loop2: detected capacity change from 0 to 512 [ 353.087318][T11965] EXT4-fs: Ignoring removed nobh option [ 353.093653][T11965] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 353.121945][T11965] EXT4-fs (loop2): 1 truncate cleaned up [ 353.151548][T11965] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 353.543988][T11989] netlink: 'syz.3.2257': attribute type 2 has an invalid length. [ 353.552977][T11989] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.2257'. [ 353.581605][ T5781] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 353.999519][T12011] netlink: 'syz.3.2267': attribute type 2 has an invalid length. [ 354.025458][T12011] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.2267'. [ 354.341339][T12024] loop3: detected capacity change from 0 to 512 [ 354.369156][T12024] ext4: Unknown parameter 'fsmagic' [ 354.708138][T12038] program syz.2.2280 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 354.911073][ T27] kauditd_printk_skb: 73 callbacks suppressed [ 354.911088][ T27] audit: type=1326 audit(354.872:5579): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12045 comm="syz.0.2285" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ef558f6c9 code=0x7ffc0000 [ 354.993517][T12048] loop3: detected capacity change from 0 to 1024 [ 354.994571][ T27] audit: type=1326 audit(354.872:5580): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12045 comm="syz.0.2285" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ef558f6c9 code=0x7ffc0000 [ 355.025628][T12048] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 355.058230][ T27] audit: type=1326 audit(354.892:5581): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12045 comm="syz.0.2285" exe="/root/syz-executor" sig=0 arch=c000003e syscall=239 compat=0 ip=0x7f2ef558f6c9 code=0x7ffc0000 [ 355.098890][T12048] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 355.103238][ T27] audit: type=1326 audit(354.892:5582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12045 comm="syz.0.2285" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ef558f6c9 code=0x7ffc0000 [ 355.187963][ T27] audit: type=1326 audit(354.892:5583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12045 comm="syz.0.2285" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ef558f6c9 code=0x7ffc0000 [ 355.260910][ T5780] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 355.315758][ T27] audit: type=1326 audit(355.282:5584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12054 comm="syz.0.2287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ef558f6c9 code=0x7ffc0000 [ 355.383682][ T27] audit: type=1326 audit(355.282:5585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12054 comm="syz.0.2287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ef558f6c9 code=0x7ffc0000 [ 355.427741][ T27] audit: type=1326 audit(355.282:5586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12054 comm="syz.0.2287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2ef558f6c9 code=0x7ffc0000 [ 355.482147][ T27] audit: type=1326 audit(355.282:5587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12054 comm="syz.0.2287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ef558f6c9 code=0x7ffc0000 [ 355.546166][ T27] audit: type=1326 audit(355.282:5588): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12054 comm="syz.0.2287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2ef558f6c9 code=0x7ffc0000 [ 357.069306][T12091] xt_CT: You must specify a L4 protocol and not use inversions on it [ 358.207630][T12121] netlink: 'syz.1.2318': attribute type 2 has an invalid length. [ 358.224759][T12121] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.2318'. [ 358.474727][T12127] netlink: 'syz.2.2321': attribute type 13 has an invalid length. [ 358.517463][ T51] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 358.527597][ T51] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 358.536874][ T51] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 358.545035][ T51] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 358.552834][ T51] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 358.571295][ T51] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 358.591093][T12127] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 358.711872][T12136] ip6t_rpfilter: unknown options [ 358.775749][T12139] netlink: 'syz.2.2327': attribute type 2 has an invalid length. [ 358.783769][T12139] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.2327'. [ 358.989733][ T59] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 359.046691][T12151] loop2: detected capacity change from 0 to 512 [ 359.056672][T12151] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 359.076250][T12151] EXT4-fs error (device loop2): ext4_orphan_get:1399: inode #15: comm syz.2.2330: iget: bad i_size value: 38620345925642 [ 359.116910][T12151] EXT4-fs error (device loop2): ext4_orphan_get:1404: comm syz.2.2330: couldn't read orphan inode 15 (err -117) [ 359.133148][ T59] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 359.147123][T12151] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 359.370138][ T59] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 359.442060][T12166] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2335'. [ 359.840837][ T59] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 359.952411][T12168] (null): rxe_set_mtu: Set mtu to 256 [ 359.989466][T12128] lo speed is unknown, defaulting to 1000 [ 360.030029][T12171] netlink: 'syz.0.2336': attribute type 2 has an invalid length. [ 360.060883][T12171] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.2336'. [ 360.112208][ T12] EXT4-fs error (device loop2): ext4_validate_block_bitmap:430: comm kworker/u4:1: bg 0: block 5: invalid block bitmap [ 360.158821][ T12] EXT4-fs (loop2): Delayed block allocation failed for inode 19 at logical offset 3 with max blocks 65 with error 28 [ 360.177196][ T12] EXT4-fs (loop2): This should not happen!! Data will be lost [ 360.177196][ T12] [ 360.204566][ T12] EXT4-fs (loop2): Total free blocks count 0 [ 360.211351][ T12] EXT4-fs (loop2): Free/Dirty block details [ 360.229838][ T12] EXT4-fs (loop2): free_blocks=0 [ 360.244533][ T12] EXT4-fs (loop2): dirty_blocks=65 [ 360.249689][ T12] EXT4-fs (loop2): Block reservation details [ 360.260031][T12168] vcan0 speed is unknown, defaulting to 1000 [ 360.264539][ T12] EXT4-fs (loop2): i_reserved_data_blocks=65 [ 360.293792][ T5781] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 360.304449][ T59] tipc: Left network mode [ 360.343325][T12168] vcan0 speed is unknown, defaulting to 1000 [ 360.384688][T12168] vcan0 speed is unknown, defaulting to 1000 [ 360.466436][T12177] Falling back ldisc for ttyS3. [ 360.562725][T12168] infiniband syz1: set down [ 360.571657][T12168] infiniband syz1: added vcan0 [ 360.579078][T12168] syz1: rxe_create_cq: returned err = -12 [ 360.585104][T12168] infiniband syz1: Couldn't create ib_mad CQ [ 360.591362][T12168] infiniband syz1: Couldn't open port 1 [ 360.605957][ T51] Bluetooth: hci4: command tx timeout [ 360.632819][T12168] RDS/IB: syz1: added [ 360.637092][T12168] smc: adding ib device syz1 with port count 1 [ 360.643402][T12168] smc: ib device syz1 port 1 has pnetid [ 360.654075][ T5820] vcan0 speed is unknown, defaulting to 1000 [ 360.676345][T12183] (null): rxe_set_mtu: Set mtu to 1024 [ 360.708388][ T6684] vcan0 speed is unknown, defaulting to 1000 [ 360.726711][T12168] vcan0 speed is unknown, defaulting to 1000 [ 360.871872][ T27] kauditd_printk_skb: 79 callbacks suppressed [ 360.871886][ T27] audit: type=1326 audit(360.832:5668): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12189 comm="syz.2.2343" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ff418f6c9 code=0x7ffc0000 [ 360.921122][T12128] chnl_net:caif_netlink_parms(): no params data found [ 360.929952][ T27] audit: type=1326 audit(360.832:5669): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12189 comm="syz.2.2343" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ff418f6c9 code=0x7ffc0000 [ 360.979122][ T27] audit: type=1326 audit(360.862:5670): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12189 comm="syz.2.2343" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5ff418f6c9 code=0x7ffc0000 [ 361.001941][ T27] audit: type=1326 audit(360.862:5671): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12189 comm="syz.2.2343" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ff418f6c9 code=0x7ffc0000 [ 361.026661][ T27] audit: type=1326 audit(360.872:5672): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12189 comm="syz.2.2343" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5ff418f6c9 code=0x7ffc0000 [ 361.034448][T12192] loop2: detected capacity change from 0 to 512 [ 361.051648][ T27] audit: type=1326 audit(360.872:5673): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12189 comm="syz.2.2343" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ff418f6c9 code=0x7ffc0000 [ 361.082829][T12192] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 361.088584][ T27] audit: type=1326 audit(360.872:5674): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12189 comm="syz.2.2343" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ff418f6c9 code=0x7ffc0000 [ 361.094669][T12192] EXT4-fs error (device loop2): ext4_orphan_get:1399: inode #15: comm syz.2.2344: iget: bad i_size value: 38620345925642 [ 361.114391][ T27] audit: type=1326 audit(360.872:5675): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12189 comm="syz.2.2343" exe="/root/syz-executor" sig=0 arch=c000003e syscall=234 compat=0 ip=0x7f5ff418f6c9 code=0x7ffc0000 [ 361.131108][T12192] EXT4-fs error (device loop2): ext4_orphan_get:1404: comm syz.2.2344: couldn't read orphan inode 15 (err -117) [ 361.153915][ T27] audit: type=1326 audit(360.872:5676): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12189 comm="syz.2.2343" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ff418f6c9 code=0x7ffc0000 [ 361.165807][T12192] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 361.192451][T12168] vcan0 speed is unknown, defaulting to 1000 [ 361.209807][ T27] audit: type=1326 audit(360.872:5677): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12189 comm="syz.2.2343" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ff418f6c9 code=0x7ffc0000 [ 361.463651][T12128] bridge0: port 1(bridge_slave_0) entered blocking state [ 361.470997][T12128] bridge0: port 1(bridge_slave_0) entered disabled state [ 361.478386][T12128] bridge_slave_0: entered allmulticast mode [ 361.486083][T12128] bridge_slave_0: entered promiscuous mode [ 361.494170][T12168] vcan0 speed is unknown, defaulting to 1000 [ 361.496591][T12128] bridge0: port 2(bridge_slave_1) entered blocking state [ 361.523660][T12128] bridge0: port 2(bridge_slave_1) entered disabled state [ 361.532458][T12128] bridge_slave_1: entered allmulticast mode [ 361.702139][T12128] bridge_slave_1: entered promiscuous mode [ 362.003860][T12128] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 362.050277][T12128] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 362.146035][ T1066] EXT4-fs error (device loop2): ext4_validate_block_bitmap:430: comm kworker/u4:6: bg 0: block 5: invalid block bitmap [ 362.156404][T12128] team0: Port device team_slave_0 added [ 362.167714][T12128] team0: Port device team_slave_1 added [ 362.175781][ T1066] EXT4-fs (loop2): Delayed block allocation failed for inode 19 at logical offset 3 with max blocks 65 with error 28 [ 362.188153][ T1066] EXT4-fs (loop2): This should not happen!! Data will be lost [ 362.188153][ T1066] [ 362.198426][ T1066] EXT4-fs (loop2): Total free blocks count 0 [ 362.204456][ T1066] EXT4-fs (loop2): Free/Dirty block details [ 362.210894][ T1066] EXT4-fs (loop2): free_blocks=0 [ 362.215959][ T1066] EXT4-fs (loop2): dirty_blocks=65 [ 362.221084][ T1066] EXT4-fs (loop2): Block reservation details [ 362.227346][ T1066] EXT4-fs (loop2): i_reserved_data_blocks=65 [ 362.238842][ T5781] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 362.240561][T12128] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 362.258949][T12128] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 362.299186][T12128] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 362.312248][T12128] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 362.319680][T12128] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 362.345983][T12128] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 362.359866][T12168] vcan0 speed is unknown, defaulting to 1000 [ 362.371875][T12201] netlink: 'syz.2.2345': attribute type 2 has an invalid length. [ 362.382230][T12201] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.2345'. [ 362.436826][T12128] hsr_slave_0: entered promiscuous mode [ 362.443461][T12128] hsr_slave_1: entered promiscuous mode [ 362.450681][T12128] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 362.458622][T12128] Cannot create hsr debugfs directory [ 362.564446][T12205] ================================================================== [ 362.572561][T12205] BUG: KASAN: slab-use-after-free in __xfrm_decode_session+0x18d7/0x20a0 [ 362.581017][T12205] Read of size 1 at addr ffff88805703b0e5 by task syz.2.2347/12205 [ 362.589186][T12205] [ 362.591746][T12205] CPU: 1 PID: 12205 Comm: syz.2.2347 Not tainted syzkaller #0 [ 362.599221][T12205] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 362.609306][T12205] Call Trace: SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 362.612594][T12205] [ 362.615540][T12205] dump_stack_lvl+0x16c/0x230 [ 362.620245][T12205] ? __lock_acquire+0x7c80/0x7c80 [ 362.625296][T12205] ? show_regs_print_info+0x20/0x20 [ 362.630514][T12205] ? load_image+0x3b0/0x3b0 [ 362.635038][T12205] ? _raw_spin_lock_irqsave+0xb4/0xf0 [ 362.640436][T12205] ? __virt_addr_valid+0x18c/0x540 [ 362.645570][T12205] ? __virt_addr_valid+0x469/0x540 [ 362.650697][T12205] print_report+0xac/0x220 [ 362.655130][T12205] ? __xfrm_decode_session+0x18d7/0x20a0 [ 362.660776][T12205] kasan_report+0x117/0x150 [ 362.665301][T12205] ? __xfrm_decode_session+0x18d7/0x20a0 [ 362.670969][T12205] __xfrm_decode_session+0x18d7/0x20a0 [ 362.676460][T12205] icmpv6_route_lookup+0x358/0x590 [ 362.681594][T12205] ? icmpv6_xrlim_allow+0x5f0/0x5f0 [ 362.686824][T12205] ? icmpv6_xrlim_allow+0x4f0/0x5f0 [ 362.692052][T12205] ? dev_get_by_index+0x22/0x2d0 [ 362.697032][T12205] ? dev_get_by_index+0x22/0x2d0 [ 362.701999][T12205] icmp6_send+0x106a/0x1990 [ 362.704739][ T51] Bluetooth: hci4: command tx timeout [ 362.706506][T12205] ? icmp6_send+0x1e1/0x1990 [ 362.716569][T12205] ? icmpv6_push_pending_frames+0x400/0x400 [ 362.722494][T12205] ? ip6_neigh_lookup+0x14c/0x470 [ 362.727553][T12205] ? __ipv6_addr_type+0x10c/0x2f0 [ 362.732768][T12205] ? ip6_tnl_xmit_ctl+0x19f/0x650 [ 362.737825][T12205] ip6_link_failure+0x3b/0x4c0 [ 362.742617][T12205] ? ip6_negative_advice+0x310/0x310 [ 362.747929][T12205] ip6_tnl_xmit+0xdf7/0x2a30 [ 362.752554][T12205] ? ip6_tnl_xmit_ctl+0x650/0x650 [ 362.757726][T12205] ? lockdep_hardirqs_on_prepare+0x400/0x760 [ 362.763727][T12205] ? __put_user_ns+0x50/0x50 [ 362.768340][T12205] ? iptunnel_handle_offloads+0x2f7/0x620 [ 362.774092][T12205] ip6_tnl_start_xmit+0xc10/0x1140 [ 362.779237][T12205] ? ip6_tnl_dev_uninit+0x160/0x160 [ 362.784469][T12205] ? get_random_u16+0x48e/0x940 [ 362.789345][T12205] ? validate_xmit_skb+0x953/0xf50 [ 362.794485][T12205] dev_hard_start_xmit+0x246/0x740 [ 362.799622][T12205] sch_direct_xmit+0x252/0x4a0 [ 362.804397][T12205] ? mrp_pdu_parse_vecattr_event+0x2a0/0x2a0 [ 362.810407][T12205] __qdisc_run+0xab2/0x1570 [ 362.814941][T12205] __dev_queue_xmit+0xf02/0x35a0 [ 362.819904][T12205] ? neigh_connected_output+0x1ed/0x450 [ 362.825489][T12205] ? __dev_queue_xmit+0x245/0x35a0 [ 362.830632][T12205] ? read_seqbegin+0x1b5/0x260 [ 362.835419][T12205] ? _local_bh_enable+0xa0/0xa0 [ 362.840454][T12205] ? neigh_event_send+0x110/0x110 [ 362.845493][T12205] ? netdev_core_pick_tx+0x340/0x340 [ 362.850796][T12205] ? ___neigh_create+0x1df6/0x2440 [ 362.855938][T12205] ? neigh_connected_output+0x3b0/0x450 [ 362.861512][T12205] ip6_finish_output2+0xe2e/0x1650 [ 362.866653][T12205] ? ip6_finish_output2+0x661/0x1650 [ 362.871957][T12205] ? nf_hook+0x370/0x370 [ 362.876224][T12205] ip6_fragment+0x13c5/0x1f90 [ 362.880949][T12205] ? nf_hook+0x370/0x370 [ 362.885202][T12205] ? ip6_mtu+0x7d/0x3f0 [ 362.889375][T12205] ? ip6_frag_next+0xb40/0xb40 [ 362.894157][T12205] ip6_xmit+0x10aa/0x1840 [ 362.898506][T12205] ? ip6_autoflowlabel+0xe0/0xe0 [ 362.903462][T12205] ? read_lock_is_recursive+0x20/0x20 [ 362.908835][T12205] ? sctp_v6_xmit+0x65d/0x1230 [ 362.913622][T12205] sctp_v6_xmit+0x9e3/0x1230 [ 362.918239][T12205] ? __sctp_v6_cmp_addr+0x510/0x510 [ 362.923452][T12205] ? sctp_compute_cksum+0xe0/0xe0 [ 362.928487][T12205] ? __skb_checksum+0x752/0x800 [ 362.933694][T12205] sctp_packet_transmit+0x2488/0x2a30 [ 362.939080][T12205] sctp_packet_singleton+0x234/0x330 [ 362.944363][T12205] ? sctp_outq_select_transport+0x570/0x570 [ 362.950251][T12205] ? sctp_outq_select_transport+0x45d/0x570 [ 362.956166][T12205] ? sctp_transport_burst_limited+0x197/0x280 [ 362.962246][T12205] sctp_outq_flush+0x4f1/0x3100 [ 362.967106][T12205] ? _raw_spin_unlock_irqrestore+0x86/0x110 [ 362.973022][T12205] ? _raw_spin_unlock+0x40/0x40 [ 362.977877][T12205] ? rcu_is_watching+0x15/0xb0 [ 362.982649][T12205] ? enqueue_timer+0x225/0x530 [ 362.987417][T12205] ? sctp_outq_tail+0x8b0/0x8b0 [ 362.992279][T12205] ? sctp_outq_tail+0x604/0x8b0 [ 362.997134][T12205] ? sctp_outq_uncork+0x4d/0xa0 [ 363.001981][T12205] sctp_do_sm+0x52d6/0x59a0 [ 363.006488][T12205] ? sctp_generate_t3_rtx_event+0x340/0x340 [ 363.012381][T12205] ? idr_get_free+0x8db/0xa60 [ 363.017067][T12205] ? __lock_acquire+0x7c80/0x7c80 [ 363.022093][T12205] ? __local_bh_enable_ip+0x12e/0x1c0 [ 363.027450][T12205] ? _local_bh_enable+0xa0/0xa0 [ 363.032289][T12205] ? do_raw_spin_unlock+0x121/0x230 [ 363.037487][T12205] sctp_primitive_ASSOCIATE+0x95/0xc0 [ 363.042856][T12205] __sctp_connect+0x92f/0xd20 [ 363.047532][T12205] ? sctp_send_asconf+0x170/0x170 [ 363.052558][T12205] ? __might_fault+0xaa/0x120 [ 363.057224][T12205] ? bpf_lsm_sctp_bind_connect+0x9/0x10 [ 363.062758][T12205] ? security_sctp_bind_connect+0x89/0xb0 [ 363.068470][T12205] sctp_getsockopt_connectx3+0x2c7/0x440 [ 363.074102][T12205] ? sctp_getsockopt_local_addrs+0xe40/0xe40 [ 363.080078][T12205] ? __local_bh_enable_ip+0x12e/0x1c0 [ 363.085444][T12205] ? _local_bh_enable+0xa0/0xa0 [ 363.090294][T12205] sctp_getsockopt+0x986/0xb60 [ 363.095065][T12205] ? sock_recv_errqueue+0x510/0x510 [ 363.100260][T12205] do_sock_getsockopt+0x368/0x440 [ 363.105346][T12205] ? __ia32_sys_setsockopt+0x200/0x200 [ 363.110892][T12205] __x64_sys_getsockopt+0x1d6/0x280 [ 363.116087][T12205] do_syscall_64+0x55/0xb0 [ 363.120500][T12205] ? clear_bhb_loop+0x40/0x90 [ 363.125165][T12205] ? clear_bhb_loop+0x40/0x90 [ 363.129835][T12205] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 363.135724][T12205] RIP: 0033:0x7f5ff418f6c9 [ 363.140143][T12205] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 363.159742][T12205] RSP: 002b:00007f5ff509b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037 [ 363.168148][T12205] RAX: ffffffffffffffda RBX: 00007f5ff43e5fa0 RCX: 00007f5ff418f6c9 [ 363.176109][T12205] RDX: 000000000000006f RSI: 0000000000000084 RDI: 0000000000000004 [ 363.184069][T12205] RBP: 00007f5ff4211f91 R08: 0000200000000480 R09: 0000000000000000 [ 363.192032][T12205] R10: 00002000000001c0 R11: 0000000000000246 R12: 0000000000000000 [ 363.199992][T12205] R13: 00007f5ff43e6038 R14: 00007f5ff43e5fa0 R15: 00007ffeda3b5b58 [ 363.207963][T12205] [ 363.210969][T12205] [ 363.213286][T12205] Allocated by task 12128: [ 363.217773][T12205] kasan_set_track+0x4e/0x70 [ 363.222356][T12205] __kasan_kmalloc+0x8f/0xa0 [ 363.226938][T12205] __kmalloc_node_track_caller+0xb2/0x230 [ 363.232652][T12205] kmalloc_reserve+0x117/0x260 [ 363.237409][T12205] pskb_expand_head+0x185/0x1230 [ 363.242331][T12205] netlink_trim+0x180/0x220 [ 363.246826][T12205] netlink_broadcast_filtered+0x80/0x1110 [ 363.252536][T12205] nlmsg_notify+0xf0/0x1a0 [ 363.257464][T12205] rtnetlink_event+0x224/0x260 [ 363.262214][T12205] notifier_call_chain+0x197/0x390 [ 363.267312][T12205] netdev_change_features+0x8e/0xc0 [ 363.272498][T12205] team_add_slave+0x1dd5/0x2660 [ 363.277429][T12205] do_setlink+0xe14/0x3fb0 [ 363.281843][T12205] rtnl_newlink+0x175b/0x2020 [ 363.286601][T12205] rtnetlink_rcv_msg+0x7c7/0xf10 [ 363.291526][T12205] netlink_rcv_skb+0x216/0x480 [ 363.296280][T12205] netlink_unicast+0x751/0x8d0 [ 363.301035][T12205] netlink_sendmsg+0x8c1/0xbe0 [ 363.305789][T12205] __sys_sendto+0x46a/0x620 [ 363.310285][T12205] __x64_sys_sendto+0xde/0xf0 [ 363.314969][T12205] do_syscall_64+0x55/0xb0 [ 363.319390][T12205] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 363.325283][T12205] [ 363.327641][T12205] Freed by task 12128: [ 363.331696][T12205] kasan_set_track+0x4e/0x70 [ 363.336301][T12205] kasan_save_free_info+0x2e/0x50 [ 363.341320][T12205] ____kasan_slab_free+0x126/0x1e0 [ 363.346425][T12205] slab_free_freelist_hook+0x130/0x1b0 [ 363.351882][T12205] __kmem_cache_free+0xba/0x1f0 [ 363.356726][T12205] skb_release_data+0x634/0x800 [ 363.361572][T12205] consume_skb+0xb2/0x110 [ 363.365920][T12205] netlink_broadcast_filtered+0x101c/0x1110 [ 363.371804][T12205] nlmsg_notify+0xf0/0x1a0 [ 363.376218][T12205] rtnetlink_event+0x224/0x260 [ 363.380972][T12205] notifier_call_chain+0x197/0x390 [ 363.386081][T12205] netdev_change_features+0x8e/0xc0 [ 363.391277][T12205] team_add_slave+0x1dd5/0x2660 [ 363.396117][T12205] do_setlink+0xe14/0x3fb0 [ 363.400521][T12205] rtnl_newlink+0x175b/0x2020 [ 363.405207][T12205] rtnetlink_rcv_msg+0x7c7/0xf10 [ 363.410167][T12205] netlink_rcv_skb+0x216/0x480 [ 363.414940][T12205] netlink_unicast+0x751/0x8d0 [ 363.419702][T12205] netlink_sendmsg+0x8c1/0xbe0 [ 363.424465][T12205] __sys_sendto+0x46a/0x620 [ 363.429010][T12205] __x64_sys_sendto+0xde/0xf0 [ 363.433685][T12205] do_syscall_64+0x55/0xb0 [ 363.438107][T12205] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 363.443992][T12205] [ 363.446309][T12205] The buggy address belongs to the object at ffff88805703b000 [ 363.446309][T12205] which belongs to the cache kmalloc-2k of size 2048 [ 363.460351][T12205] The buggy address is located 229 bytes inside of [ 363.460351][T12205] freed 2048-byte region [ffff88805703b000, ffff88805703b800) [ 363.474226][T12205] [ 363.476537][T12205] The buggy address belongs to the physical page: [ 363.482944][T12205] page:ffffea00015c0e00 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x57038 [ 363.493089][T12205] head:ffffea00015c0e00 order:3 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 363.502038][T12205] flags: 0xfff00000000840(slab|head|node=0|zone=1|lastcpupid=0x7ff) [ 363.510015][T12205] page_type: 0xffffffff() [ 363.514328][T12205] raw: 00fff00000000840 ffff888017842000 ffffea0000ae5400 dead000000000002 [ 363.522896][T12205] raw: 0000000000000000 0000000080080008 00000001ffffffff 0000000000000000 [ 363.531460][T12205] page dumped because: kasan: bad access detected [ 363.537860][T12205] page_owner tracks the page as allocated [ 363.543550][T12205] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x1d20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL), pid 11510, tgid 11509 (syz.2.2069), ts 330136975073, free_ts 327727965369 [ 363.566472][T12205] post_alloc_hook+0x1cd/0x210 [ 363.571237][T12205] get_page_from_freelist+0x195c/0x19f0 [ 363.576860][T12205] __alloc_pages+0x1e3/0x460 [ 363.581437][T12205] alloc_slab_page+0x5d/0x170 [ 363.586109][T12205] new_slab+0x87/0x2e0 [ 363.590165][T12205] ___slab_alloc+0xc6d/0x1300 [ 363.594846][T12205] __kmem_cache_alloc_node+0x1a2/0x260 [ 363.600326][T12205] kmalloc_trace+0x2a/0xe0 [ 363.604750][T12205] copy_verifier_state+0x8b1/0xd20 [ 363.609954][T12205] push_stack+0x1b9/0x500 [ 363.614289][T12205] check_cond_jmp_op+0xdd0/0x2680 [ 363.619318][T12205] do_check+0x672e/0xdbe0 [ 363.623698][T12205] do_check_common+0xadb/0x13e0 [ 363.628599][T12205] bpf_check+0x649f/0xe970 [ 363.633010][T12205] bpf_prog_load+0x11cb/0x16d0 [ 363.637763][T12205] __sys_bpf+0x55a/0x800 [ 363.641994][T12205] page last free stack trace: [ 363.646647][T12205] free_unref_page_prepare+0x7ce/0x8e0 [ 363.652096][T12205] free_unref_page+0x32/0x2e0 [ 363.656767][T12205] skb_release_data+0x49a/0x800 [ 363.661645][T12205] napi_consume_skb+0x123/0x200 [ 363.666494][T12205] net_rx_action+0x41f/0xbf0 [ 363.671068][T12205] handle_softirqs+0x280/0x820 [ 363.675818][T12205] run_ksoftirqd+0x9c/0xf0 [ 363.680218][T12205] smpboot_thread_fn+0x635/0xa00 [ 363.685147][T12205] kthread+0x2fa/0x390 [ 363.689205][T12205] ret_from_fork+0x48/0x80 [ 363.693651][T12205] ret_from_fork_asm+0x11/0x20 [ 363.698430][T12205] [ 363.700748][T12205] Memory state around the buggy address: [ 363.706369][T12205] ffff88805703af80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 363.714425][T12205] ffff88805703b000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 363.722531][T12205] >ffff88805703b080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 363.730615][T12205] ^ [ 363.737830][T12205] ffff88805703b100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 363.745925][T12205] ffff88805703b180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 363.753980][T12205] ================================================================== [ 363.762170][T12205] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 363.769378][T12205] CPU: 1 PID: 12205 Comm: syz.2.2347 Not tainted syzkaller #0 [ 363.776838][T12205] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 363.786883][T12205] Call Trace: [ 363.790154][T12205] [ 363.793073][T12205] dump_stack_lvl+0x16c/0x230 [ 363.797754][T12205] ? show_regs_print_info+0x20/0x20 [ 363.802944][T12205] ? load_image+0x3b0/0x3b0 [ 363.807444][T12205] panic+0x2c0/0x710 [ 363.811332][T12205] ? bpf_jit_dump+0xd0/0xd0 [ 363.815823][T12205] ? _raw_spin_unlock_irqrestore+0xa9/0x110 [ 363.821706][T12205] ? _raw_spin_unlock_irqrestore+0xae/0x110 [ 363.827585][T12205] ? _raw_spin_unlock+0x40/0x40 [ 363.832423][T12205] ? print_memory_metadata+0x314/0x400 [ 363.837876][T12205] ? __xfrm_decode_session+0x18d7/0x20a0 [ 363.843509][T12205] check_panic_on_warn+0x84/0xa0 [ 363.848473][T12205] ? __xfrm_decode_session+0x18d7/0x20a0 [ 363.854397][T12205] end_report+0x6f/0x140 [ 363.858652][T12205] kasan_report+0x128/0x150 [ 363.863163][T12205] ? __xfrm_decode_session+0x18d7/0x20a0 [ 363.868802][T12205] __xfrm_decode_session+0x18d7/0x20a0 [ 363.874259][T12205] icmpv6_route_lookup+0x358/0x590 [ 363.879371][T12205] ? icmpv6_xrlim_allow+0x5f0/0x5f0 [ 363.884565][T12205] ? icmpv6_xrlim_allow+0x4f0/0x5f0 [ 363.889755][T12205] ? dev_get_by_index+0x22/0x2d0 [ 363.894688][T12205] ? dev_get_by_index+0x22/0x2d0 [ 363.899626][T12205] icmp6_send+0x106a/0x1990 [ 363.904126][T12205] ? icmp6_send+0x1e1/0x1990 [ 363.908714][T12205] ? icmpv6_push_pending_frames+0x400/0x400 [ 363.914601][T12205] ? ip6_neigh_lookup+0x14c/0x470 [ 363.919629][T12205] ? __ipv6_addr_type+0x10c/0x2f0 [ 363.924646][T12205] ? ip6_tnl_xmit_ctl+0x19f/0x650 [ 363.929666][T12205] ip6_link_failure+0x3b/0x4c0 [ 363.934428][T12205] ? ip6_negative_advice+0x310/0x310 [ 363.939703][T12205] ip6_tnl_xmit+0xdf7/0x2a30 [ 363.944294][T12205] ? ip6_tnl_xmit_ctl+0x650/0x650 [ 363.949308][T12205] ? lockdep_hardirqs_on_prepare+0x400/0x760 [ 363.955282][T12205] ? __put_user_ns+0x50/0x50 [ 363.959865][T12205] ? iptunnel_handle_offloads+0x2f7/0x620 [ 363.965584][T12205] ip6_tnl_start_xmit+0xc10/0x1140 [ 363.970694][T12205] ? ip6_tnl_dev_uninit+0x160/0x160 [ 363.975887][T12205] ? get_random_u16+0x48e/0x940 [ 363.980767][T12205] ? validate_xmit_skb+0x953/0xf50 [ 363.985893][T12205] dev_hard_start_xmit+0x246/0x740 [ 363.991004][T12205] sch_direct_xmit+0x252/0x4a0 [ 363.995761][T12205] ? mrp_pdu_parse_vecattr_event+0x2a0/0x2a0 [ 364.001736][T12205] __qdisc_run+0xab2/0x1570 [ 364.006324][T12205] __dev_queue_xmit+0xf02/0x35a0 [ 364.011256][T12205] ? neigh_connected_output+0x1ed/0x450 [ 364.016799][T12205] ? __dev_queue_xmit+0x245/0x35a0 [ 364.021985][T12205] ? read_seqbegin+0x1b5/0x260 [ 364.027347][T12205] ? _local_bh_enable+0xa0/0xa0 [ 364.032189][T12205] ? neigh_event_send+0x110/0x110 [ 364.037199][T12205] ? netdev_core_pick_tx+0x340/0x340 [ 364.042471][T12205] ? ___neigh_create+0x1df6/0x2440 [ 364.047575][T12205] ? neigh_connected_output+0x3b0/0x450 [ 364.053114][T12205] ip6_finish_output2+0xe2e/0x1650 [ 364.058218][T12205] ? ip6_finish_output2+0x661/0x1650 [ 364.063538][T12205] ? nf_hook+0x370/0x370 [ 364.067773][T12205] ip6_fragment+0x13c5/0x1f90 [ 364.072441][T12205] ? nf_hook+0x370/0x370 [ 364.076670][T12205] ? ip6_mtu+0x7d/0x3f0 [ 364.080817][T12205] ? ip6_frag_next+0xb40/0xb40 [ 364.085583][T12205] ip6_xmit+0x10aa/0x1840 [ 364.089910][T12205] ? ip6_autoflowlabel+0xe0/0xe0 [ 364.094836][T12205] ? read_lock_is_recursive+0x20/0x20 [ 364.100205][T12205] ? sctp_v6_xmit+0x65d/0x1230 [ 364.104958][T12205] sctp_v6_xmit+0x9e3/0x1230 [ 364.109541][T12205] ? __sctp_v6_cmp_addr+0x510/0x510 [ 364.114726][T12205] ? sctp_compute_cksum+0xe0/0xe0 [ 364.119747][T12205] ? __skb_checksum+0x752/0x800 [ 364.124594][T12205] sctp_packet_transmit+0x2488/0x2a30 [ 364.129970][T12205] sctp_packet_singleton+0x234/0x330 [ 364.135248][T12205] ? sctp_outq_select_transport+0x570/0x570 [ 364.141130][T12205] ? sctp_outq_select_transport+0x45d/0x570 [ 364.147015][T12205] ? sctp_transport_burst_limited+0x197/0x280 [ 364.153073][T12205] sctp_outq_flush+0x4f1/0x3100 [ 364.157943][T12205] ? _raw_spin_unlock_irqrestore+0x86/0x110 [ 364.163836][T12205] ? _raw_spin_unlock+0x40/0x40 [ 364.168679][T12205] ? rcu_is_watching+0x15/0xb0 [ 364.173521][T12205] ? enqueue_timer+0x225/0x530 [ 364.178272][T12205] ? sctp_outq_tail+0x8b0/0x8b0 [ 364.183118][T12205] ? sctp_outq_tail+0x604/0x8b0 [ 364.187960][T12205] ? sctp_outq_uncork+0x4d/0xa0 [ 364.192974][T12205] sctp_do_sm+0x52d6/0x59a0 [ 364.197477][T12205] ? sctp_generate_t3_rtx_event+0x340/0x340 [ 364.203369][T12205] ? idr_get_free+0x8db/0xa60 [ 364.208053][T12205] ? __lock_acquire+0x7c80/0x7c80 [ 364.213070][T12205] ? __local_bh_enable_ip+0x12e/0x1c0 [ 364.218432][T12205] ? _local_bh_enable+0xa0/0xa0 [ 364.223270][T12205] ? do_raw_spin_unlock+0x121/0x230 [ 364.228469][T12205] sctp_primitive_ASSOCIATE+0x95/0xc0 [ 364.233837][T12205] __sctp_connect+0x92f/0xd20 [ 364.238520][T12205] ? sctp_send_asconf+0x170/0x170 [ 364.243546][T12205] ? __might_fault+0xaa/0x120 [ 364.248212][T12205] ? bpf_lsm_sctp_bind_connect+0x9/0x10 [ 364.253749][T12205] ? security_sctp_bind_connect+0x89/0xb0 [ 364.259462][T12205] sctp_getsockopt_connectx3+0x2c7/0x440 [ 364.265089][T12205] ? sctp_getsockopt_local_addrs+0xe40/0xe40 [ 364.271056][T12205] ? __local_bh_enable_ip+0x12e/0x1c0 [ 364.276414][T12205] ? _local_bh_enable+0xa0/0xa0 [ 364.281339][T12205] sctp_getsockopt+0x986/0xb60 [ 364.286102][T12205] ? sock_recv_errqueue+0x510/0x510 [ 364.291301][T12205] do_sock_getsockopt+0x368/0x440 [ 364.296320][T12205] ? __ia32_sys_setsockopt+0x200/0x200 [ 364.301779][T12205] __x64_sys_getsockopt+0x1d6/0x280 [ 364.307076][T12205] do_syscall_64+0x55/0xb0 [ 364.311494][T12205] ? clear_bhb_loop+0x40/0x90 [ 364.316603][T12205] ? clear_bhb_loop+0x40/0x90 [ 364.321269][T12205] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 364.327150][T12205] RIP: 0033:0x7f5ff418f6c9 [ 364.331553][T12205] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 364.351234][T12205] RSP: 002b:00007f5ff509b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037 [ 364.359726][T12205] RAX: ffffffffffffffda RBX: 00007f5ff43e5fa0 RCX: 00007f5ff418f6c9 [ 364.367688][T12205] RDX: 000000000000006f RSI: 0000000000000084 RDI: 0000000000000004 [ 364.375646][T12205] RBP: 00007f5ff4211f91 R08: 0000200000000480 R09: 0000000000000000 [ 364.383602][T12205] R10: 00002000000001c0 R11: 0000000000000246 R12: 0000000000000000 [ 364.391563][T12205] R13: 00007f5ff43e6038 R14: 00007f5ff43e5fa0 R15: 00007ffeda3b5b58 [ 364.399531][T12205] [ 364.402839][T12205] Kernel Offset: disabled [ 364.407149][T12205] Rebooting in 86400 seconds..