last executing test programs: 12.317597623s ago: executing program 1 (id=1488): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000340)='kfree\x00', 0xffffffffffffffff, 0x0, 0x2}, 0x18) r0 = socket$can_raw(0x1d, 0x3, 0x1) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000020000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='kfree\x00', r1}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[], 0x50) sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x8) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r2, 0x2, &(0x7f0000000000)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) setsockopt$CAN_RAW_FILTER(r0, 0x65, 0x1, 0x0, 0xf00) sendmsg$xdp(0xffffffffffffffff, &(0x7f00000022c0)={0x0, 0x0, &(0x7f0000002240)=[{&(0x7f00000000c0)="9454b83847a5c639dccc1cc3aa288229ee8a8a45ab78b6638fd2636c7547f7afcc1711878b54b4a8bc9eda3358a5cafd58dbb8a9f638354fbf2e6ab22b8558896f959a8579d9a05c6dde4a9dcc1779d407440e34d6e555f793ec7c2979d1f4b82e4122ce3f815e2e5322b7e74e3439af393c3adad4bab28934e91efd14ebc482d56ce8cedb094afc27d5c1e6cc050411de76f5731640796ba1e233fa6da1bb14cd30662898a0595bf34af8eebc3d12716e62ae66fbb6cf070bef47415d593769c361fc054ea962c9d09ed46aecba2af20e0a40204d4d795d019895bc0d52d8cc032ee13ae832fb1f989b70ab35596dfe28c239d45c99016cadd05b87af7bd13d37c5efae45046d0e5f9860e35c2f08ef9f67c80c47b870e353c089bab87b74c588183c64b20b7ccbdb068390e4c59a848d9695f46fc8bdbde97a4400f2e8b7379a62c57fd4ef8bd4f8e3a4bf141e87156efc1b86e15f34591489db7112fcae399f83f9e4ee56a923ea3123b3fbff37ccdf92284137a1500cad979bc0331524168b5f1a5da3e2d6643b6b0f28eb15869ba7f609c4fc9e4aecca1183de7b6427e7564714ffe154c2e4db0042ada0561c58a4003191033a4fdbf0d09c9c49e802e325da5bc2bcbe5b7a64c411a780ae8d0902118894f5f63fe989623f25a7e201e135e8f25b5365c3a615a4727144109cc4b88660728445ce841940d20e87069cb74f63fbfb5dd7992dc4ccde1484aeec05630a440ed9481d03267585eed156484d23b07280cc045ff023abd628d43f7d3b7bc5a9e8e6445f94271d508e5bb17b12216dba8a5f1a02aef9126389dcf725197440404b29b95e71d45b9dad8f3fdf1c6a2734632ca7991026304d869a94259cc32ac8a45da5ba38f54e9d98faf2af04e3f11ab495eb490daa88cbf465fe127cf144081196d8319692a51d3bae449ff531427c829d9cfab8cb15ae4ff6f4392e2c657beae5364b55d05729bc7f950e4b99c7ce71136168a3fda8b7ead182973c1f5fb52f7c6f488f6383c1259345306375ebe0639e40f367be4a480c2babf3e0572a5c089cccd06588489fdf12ff256af41faef912dea1c1cf122e8e4b99770b19fdc9f6b12cdfa51d0b0d3b6dbc18af665f0f92b83b12eda1fae071a9fb49575763d1bfce45616089b868e37bad0c806a5cff911ae163f82f98c885e7c9afa4d55a4117246086b07e55991205ad345dde63ef855097c7be09343ff9dd982e7e8332337c1b9c8aedd1afeb06010e59aeb5008f7bb0d971963f79df825d94773c9b79e6897c53a83388ef89bddd1d35addfb6c3dc0121ac2a7936643159365a0ef14dc95de2d1f60f41a687c04ba42ed9b225496a418e593587f40a25bbb761eeddc2080512646d163a9968ea00f599239b3abd581253d383fb72abad3b19e0d85a7eafdc02e92cbe784129c37152934a286c2a3d5c5eb1ac65caf63f352e58c96a26b0b13462b992926bae78774d7d9de575bf86b50da743692fb38ee9fbc51ac0eff40589f7259b50e1208753abdd7e404abe252592ec7605fb2aacf41771c506cbcf84d7e8657d3801a64f8b8480ff07", 0x461}], 0x1, 0x0, 0x0, 0x10}, 0x40000) 11.8948005s ago: executing program 5 (id=1492): r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000000)={0x0, 0x0}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr', 0x3) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newlink={0x28, 0x10, 0x801, 0xfffffffd, 0x0, {0x0, 0x0, 0x0, 0x0, 0x2a042, 0x41c23}, [@IFLA_GROUP={0x8}]}, 0x28}, 0x1, 0x0, 0x0, 0x20000000}, 0x0) sendto$inet(r0, &(0x7f0000000580)="17", 0x59a, 0x10008095, 0x0, 0x0) 9.593900384s ago: executing program 5 (id=1499): r0 = socket$rds(0x15, 0x5, 0x0) bind$rds(r0, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10) sendmsg$rds(r0, &(0x7f0000000300)={&(0x7f0000000040)={0x2, 0x4e24, @local}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x40845}, 0x0) 8.857526234s ago: executing program 5 (id=1501): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sys_enter\x00', r0}, 0x10) unlink(0x0) 8.279678583s ago: executing program 5 (id=1505): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$F2FS_IOC_START_ATOMIC_WRITE(r0, 0xf501, 0x0) r1 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000020"], 0x50) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001000000000000000640000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000e0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={0x0}, 0x18) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x6, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180200002343ffff0000000000000000850000004100000095"], &(0x7f00000000c0)='GPL\x00'}, 0x4e) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'syz_tun\x00', 0x0}) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r3, r4, 0x25, 0x4, @void}, 0x10) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r5}, 0x10) syz_emit_ethernet(0xfed7, &(0x7f00000002c0)=ANY=[], 0x0) 7.878183753s ago: executing program 5 (id=1509): socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000280)) syz_io_uring_setup(0x499, &(0x7f0000000400)={0x0, 0xd144, 0x0, 0x3, 0x288}, 0x0, 0x0) r0 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000100), 0x10101, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x18, 0xb, &(0x7f00000005c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000730000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000340)='kfree\x00', r1, 0x0, 0x200000000}, 0x18) ioctl$PTP_PIN_GETFUNC(r0, 0xc0603d06, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_ADD(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000780)=ANY=[@ANYBLOB="74000000090601020000000000000000030000000900020073797a310000000005000100070000004c0007801800018014000240fe8000000000000000000000000000aa1800148014000240fc000000000000000000000000000000060004404e1f0000050007008400000006000540"], 0x74}, 0x1, 0x0, 0x0, 0x10040003}, 0x0) 7.385601738s ago: executing program 3 (id=1513): bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000500)='kfree\x00', r0, 0x0, 0x80004000000}, 0x18) munmap(&(0x7f0000001000/0x3000)=nil, 0x3000) r1 = syz_open_dev$tty1(0xc, 0x4, 0x3) ioctl$KDFONTOP_SET(r1, 0x4b72, &(0x7f0000000080)={0x0, 0x3000000, 0x8, 0x1b, 0x100, &(0x7f00000000c0)="387ed7626d850509a2d6c1aa38f15cd00f85c263cb226db671261fff7ce9c555f189afae3530db6dd493f28fd988721b9ae21b3e3b4523ae2594f47d8f62b480c4160b1f90ac9c41fae6ab12ac4c113fef588684ef495689092883b902a41cd75387ef6f7bc7d460d5e665f398ff95596dc94ec97003a3db08e500c2fb07e11aa4031a61c51caf7a65a2b613bda33f3eaeae635d7cd81761e74c38a7695800a15516eb337056e02335f9a7d10aa2eaf7beb7e1f7a1e850ecb3421143c5c4ded0f083a0c524dcf320827266819b6a952db5bc96141b26c54db857edbcbbc81c7af7aadf50bc549974b6401a19cdb130282b955592efa94242065a4c8d695a2cdd9ada350defd58c775b92d348305774d3a256c7520b285d8da0dbf5e20d604413ed2ddf9bcbf881caf811852806175d63892a15234fbcd7a88a2a0aea45d19148f0e7dada7d6d0d77881387fdeaa02863be90b88dfff412bff40c31c6415c54ae3335e54a49d315851feffe30d999c36def4df7df747695ef060000001bbe1b649f42f310859122c0d2c1e558dc6586958a28374f386ecf369274e43003a09b5159ea515eb44521901ef0d00baa91c10a8e44a76aac3468a15bd3d45ad389977467f306f9bcde071b30769795eed2f1580414d168f557cd90040c4bd2a3d6bc509254a12cece59181fcb5bad8c24bd9f8f78d17ab01831325501e80d899e9252f99d3a2666343392fda115048e4f4dd9f45657f8224fc78eb1168fe0527fac33466aadf48f16994d29a47778566e0f3945b2bf36b6eecc7fa18914beb66ac9e519bd3330000000000000009a3237aebbe3bed781e39d5a0fb0cdc60e196f2261305feb596b5b66ab89d2d6333f699b16db68986ab3eee7b199fefb5f79ffb2d1050e46982af1c14a88dd9b647ba812f56a8404755c73e74bb90e64bab9647c70ed5afca1c3d87907d14df8aa9df6f40a80ace2bb8a2aad3b0c66915927db4173181943d88c0c76d5969e2043db5bd77fd60ba0f012139929ccfec965c1f769785a4d23332d71f0875e3146afef5b20cc306d3ecee65944fe9829e0ad0c3f6bb2fdc1bc31152538db50f47dc38ba908a0d808687e478a609fe0daa0000000000000000e7f2e98597e27f3e1dba9c3c16e9fab3bda6ed33cb1c75513e2264b69d4794ded98eff9aa53d22eb77c9d93169c04ab2490bf28106f770e07eb7a9e8fd4e71929f918b98c4cbfcb11a90139264a9ee807c973167f493760278df0cc34be9e8f86f948d9a62e63ad6ca9d174d2465380b1a00ddc42915e4f3a5db640600000095a3d63904c9ecd1c313c08e29b814bd8fed1ab6d2846c73345962895d289ac77152cac2e04c93a5470774975b42091f218dd1e68a15f8226577bf9481ae0555db64a717eb23a811356d00000000ddffffff00"}) 7.175525087s ago: executing program 0 (id=1515): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={0x0}}, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f00000002c0)) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB="4400000010000104a5270b7357000000925e4a44", @ANYRES32, @ANYBLOB="0dfa130016000000240012000c00010000000000000000000c0002f60800000001180000080001"], 0x44}}, 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000280)={r0, 0x7, 0x104, 0x7ff}) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB='H'], 0x48}, 0x1, 0x0, 0x0, 0x20004810}, 0x0) sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x0) 6.878119681s ago: executing program 3 (id=1516): bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@bloom_filter={0x1e, 0x0, 0x1, 0x7, 0x0, 0x1}, 0x48) bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r0, 0x0, 0x0}, 0x20) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000059"], 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x3000490, &(0x7f00000001c0)={[{@dioread_lock}, {@usrjquota}, {@quota}, {@norecovery}, {@auto_da_alloc}, {@noquota}, {@grpquota}, {@barrier_val}, {@grpjquota}, {@jqfmt_vfsold}]}, 0x45, 0x7b1, &(0x7f0000000c80)="$eJzs3c9rHNcdAPDvrFY/7VYqFFr3JCi0BuNV5ap2C4Wq9FAKNRjaUw+1xWotHK20RrsylhCJTQjkEkhCbsnF5/y8hFzz45BL8n8EGyeRTRxyCAqzP6SVtCvvOtKuHX8+MNZ7M2/2ve+82TfPmtFuAE+tyfSfTMSJiHg5iRivr08iYrCaykbM1so92NzIp0sSW1v/+Sqplrm/uZGPpn1Sx+qZX0fExy9EnMrsr7e8tr44VywWVur5qcrS1any2vrpK0tzC4WFwvLZ6ZmZM+f+dO7s4cX6zefrx++88s/fvzP73fO/evelT5KYjeP1bc1xHJbJmKwfk8H0EO7yj8OurG/ef7aDQk1nQPYoG0OX0o4ZqPfKiRiPgYP6Z7SXLQMAjspzEbHVzkDbLQDAEy2pXf//1u92AAC90vg9wP3NjXxj6e9vJHrr7t8jYqQWf+P+Zm1Ltn7PbqR6H3TsfrLrzkgSEROHUP9kRLzxwf/fSpc4ovuQAK3cuBkRlyYm94//yb5nFrr1h9arF5ozk3s2Gv+gdz5M5z9/bjX/y2zPf6LF/Ge4xXv3UTz8/Z+5fQjVtJXO//7a9Gzbg6b46yYG6rmfVed8g8nlK8VCOrb9PCJOxuBwmp8+oI6T976/125b8/zv61efeTOtP/25UyJzOzu8e5/5ucrcj4m52d2bEb/Jtoo/Hf+Hq/2ftJn/Xuiwjn/95cXX221L40/jbSz74z9aW7ciftey/5PtMsmBzydOVU+HqcZJ0cJ7szHWrv7J7E7/p0taf+P/Ar2Q9v/YwfFPJM3Pa5Y7funtp8U+uzX+UbtCzed/6/hbn/9DyX+r6aH6uutzlcrKdMRQ8u/968/s7NvIN8qn8Z/8bev3f2P8a3H+/y99/UsdHojsnS/ffvT4j1Ya/3xX/d91IkYeLA60q7+z/p/ZtU8n41+nDXzU4wYAAAAAAAAAAAAAAAAAAAAAAAAA3chExPFIMrntdCaTy9W+w/uXMZYplsqVU5dLq8vzUf2u7IkYzDQ+6nK86fNQp+ufh9/In9mT/2NE/CIiXhsereZz+VJxvt/BAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDdsTbf/5/6YnhP4YF+tBAAOBIjLuwA8LRJstl+NwEA6LWRrkqPHlk7AIDe6e76DwD8FLj+A8DT5yHX/71/BgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADdunD+fLpsfbu5kU/z89fWVhdL107PF8qLuaXVfC5fWrmaWyiVFoqFXL601PaFbtR+FEulqzOxvHp9qlIoV6bKa+sXl0qry5WLV5bmFgoXC4M9iwwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOldeW1+cKxYLKxJ9SSx+WuuHx6U9Et0l4kat/x6X9hxeIoZ2RonR/gxOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAE+AHwIAAP//4VQjgA==") r2 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x84042, 0x1fb) write$P9_RUNLINKAT(r2, &(0x7f0000000000)={0xfffffffffffffecb, 0x4d, 0x1}, 0xffffffd7) 6.518803662s ago: executing program 0 (id=1518): syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x0, &(0x7f00000004c0)={[{@journal_ioprio={'journal_ioprio', 0x3d, 0x4}}, {@noload}, {@acl}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}]}, 0x1, 0x783, &(0x7f0000001000)="$eJzs3c9rHFUcAPDvbJKmSauJIGg9BQQNlG5Mja2Ch4oHESwU9Gy7bLahZpMt2U1pQg4tIngRVDwIeunZH/Xm1R9X/S88SEvVtFjxIJHZH+222U03bXY3kM8HXva9mdm89903P97sDDsB7FkT6Z9MxKGI+DiJGKtPTyJiqJobjDhRW+72+lo+TUlsbLz9Z1Jd5tb6Wj6a3pM6UC88HRE/fRBxOLO53vLK6nyuWCws1ctTlYXzU+WV1SPnFnJzhbnC4rHpmZmjx186fmznYv3719WD1z954/lvT/z7/lNXP/o5iRNxsD6vOY6dMhET9c9kKP0I7/H6TlfWZ0m/G8BDSTfNgdpWHodiLAaquTZGetkyAKBbNgCAPSgxBgCAPabxPcCt9bV8I/X3G4neuvFaROyvxd+4vlmbM1i/Zre/eh109FZyz5WRJCLGd6D+iYj48vt3v05T1PvBtTSgFy5djogz4xOb9//JpnsWtuuFrWZuDFdfJu6bvNeOP9BPP6Tjn5dbjf8yd8Y/0WL8M9xi230YD97+M9d2oJq20vHfq033tt1uir9ufKBeeqw65htKzp4rFtJ92+MRMRlDw2l5urpo65Hb5M3/brarv3n899en732V1p++3l0ic21w+N73zOYquUeNu+HG5YhnBlvFn9zp/6TN+PdUh3W8+cqHX7Sbl8afxttIm+Pvro0rEc+17P+7fZlseX/iVHV1mGqsFC1899vno+3qb+7/NKX1N84FeiHt/9Gt4x9Pmu/XLG+/jl+ujP3Ybt6D42+9/u9L3qnm99WnXcxVKkvTEfuStzZPP3r3vY1yY/k0/slnW2//tWpbr//pOeGZDuMfvP7HNw8ff3el8c9uq/+3n7l6e36gXf2d9f9MNTdZn9LJ/q/TBj7KZwcAAAAAAAAAAAAAAAAAAAAAAAAAncpExMFIMtk7+Uwmm609w/vJGM0US+XK4bOl5cXZqD4rezyGMo2fuhxr+j3U6frv4TfKR+8rvxgRT0TEZ8Mj1XI2XyrO9jt4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKg70Ob5/6nfh/vdOgCga/b3uwEAQM85/gPA3rO94/9I19oBAPSO838A2Hs6Pv6f6W47AIDecf4PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAl506eTJNG/+sr+XT8uyFleX50oUjs4XyfHZhOZ/Nl5bOZ+dKpbliIZsvLbT9R5dqL8VS6fxMLC5fnKoUypWp8srq6YXS8mLl9LmF3FzhdGGoZ5EBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQOfKK6vzuWKxsCSzZWZkdzRj12QGY1c0Q6Zrmea9xEj/dlAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAu9z/AQAA//+MoS4e") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) pwrite64(r0, &(0x7f0000000140)='2', 0x1, 0x8000c61) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) sendfile(r1, r1, 0x0, 0xe3aa6ea) prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f00000004c0)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0) r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r6 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_udp_encap(r6, 0x11, 0x64, &(0x7f0000000080)=0x2, 0x4) sendmsg$inet(0xffffffffffffffff, &(0x7f0000000f80)={0x0, 0x0, &(0x7f0000000f40)=[{0x0}], 0x1}, 0x0) recvmsg(0xffffffffffffffff, 0x0, 0x1c3) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000000f0000000000000c00000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000014000200b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, 0x0, 0x0) accept4(r4, 0x0, 0x0, 0x800) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) add_key$fscrypt_v1(0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff) unshare(0x64000600) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$EXT4_IOC_MOVE_EXT(r0, 0x40305829, &(0x7f0000000240)={0x17c04, 0xffffffffffffffff, 0x100, 0x100000002}) 6.324785732s ago: executing program 4 (id=1519): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x2) sendmsg$IPSET_CMD_DESTROY(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)={0x1c, 0x3, 0x6, 0x5, 0x0, 0x0, {0x2, 0x0, 0xa}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40841}, 0x4) 6.323427403s ago: executing program 1 (id=1520): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0x18, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000180)='GPL\x00', 0x1, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r1}, 0x18) r2 = syz_open_dev$sg(&(0x7f0000000200), 0x6f5e, 0x443) ioctl$SCSI_IOCTL_SEND_COMMAND(r2, 0x1, &(0x7f0000000540)=ANY=[]) 5.94773426s ago: executing program 2 (id=1521): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xb, &(0x7f00000006c0)=ANY=[@ANYBLOB="18000000000000000000000095980000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f0ffffffb702000005000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='kfree\x00', r0}, 0x10) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/bus/input/devices\x00', 0x0, 0x0) preadv(r1, &(0x7f00000015c0)=[{&(0x7f0000001600)=""/4094, 0xffe}], 0x1, 0xf0, 0xd215) 4.522021803s ago: executing program 1 (id=1522): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f00000001c0), 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==") r0 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0) pwritev2(r0, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x78c00}], 0x300, 0x1200, 0x0, 0x3) 4.203442174s ago: executing program 2 (id=1523): r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c) mmap(&(0x7f0000000000/0x2000)=nil, 0x30000, 0x2, 0x11, r0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x16, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94) madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2) munmap(&(0x7f0000001000/0x3000)=nil, 0x3000) recvmmsg$unix(0xffffffffffffffff, &(0x7f0000006b40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x2, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x94173000) 4.188799262s ago: executing program 3 (id=1524): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, 0x0, 0x0, 0x4) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000480)='./file0\x00', 0x18000, &(0x7f0000001580)=ANY=[@ANYRES32=0x0, @ANYRESOCT=r0, @ANYRES16=0x0, @ANYBLOB="b022fd84099290ab8ebe39cfc17f80bc2926131e9437a1dea9ca1756900531c14b67f7a9edd0d80c7c73649053153a8d8db6d3c0d3b3fa951f57d14071b61a27d968a0ae7bd580d2d9fd9034451c3ecffae80b234e72fb11e3a60c1208bd5262c5009e3e45582ed4203850292ed682fc5e26f5c2af47718ee5b4f2ed68f0b21b813ec22c4c61d3f22f5a01ebea6c484d8ef4ca90180b4587e0bee2f782fef574aa1e0ebc5d9e42452910d03c12feff7848f72ac5430476b9dc2457a09efdc6f181c408abe7b30cccd2c8fb85389e1cacd4f4b29a3d4a55941bf1bb416203732d6712d5a89470876ae6daec66f3fe1b39982c2781b115e20af7ce0a0c7c77db1073adc6e11597bd9f540f90f60b92dc84a5c764379c0b9426ff4f547182502633aa754dcfc63e46c7cef8e3a0c29bf5184ac150e90d884c59cba3dae7c531fb114534292629d8532c0f67ee37f2c349ea8f28199aff2aa335df5db411287a73adfbfff212cf7b6d277a361c55af160d98b5c3db84da37d80e07269c33f60f111ec3c09d8843e1f5499e71de9b48882b9415d45b20393888ec49f307d535580947b5a5b40b465382aa4a579f317d91792f8ed70e9401863bc0a21d7e15f828ae8f13c673a30cba6f10f89c8a018cc8bbe7072ffe1c5d4ef11f0f82cf967faef8608f8b289245f87607917b0c2578dbbe5186ac78b8cd9a5aff567aebe8a73dd547fdc503885a2df4953f3497688b7b1ede6a2e529b25ecc246a7bcb00077059d7e0100aa20cb4d1dbac6eec0a9f803601c799eddb9b271f0530842291167abffb982fe47a496e884ee3c17850f970cb3ac3342b832b8b984e2eb4836afb7727f7310a347add2a1094cfff7b44516593bbf15f3a9e0e2a788e99bdec6706ae9a39b4f8983ae38d4cdf866d9670de91036ea86646f195ec4b4ce462ea624b8875825262a301f9235496b935506109287bbcf4754e3fa637428a2e39a80cd07ffafd756839abddc721421754fcae705ab432fcdd6f3c004dfad9e6bfa87746dd41649dcd2bf1728a3d6d2ddf27a52957422a27f9e478530873d9f1861b71f2378540648b171bcbd44533723ae1a89e56e2f570c0571eb3c66fac65e3abad003a828f2d21cc990e57b80dd3762fe1204eb320591d6a93f9052b80494b2f52ad89d6374cf33040e2484c3384946450bb65835d65bebb4a91c0f82e598e5aa7ff9ba79f27bbd46240287721d2759fa24cec97658d8f17b3f424293f7253b74dae4b966c8089c546936953d8ce63463c26f1e296f56e17e7f890b6001ed5d9f739036842e989b40c02d3fe5227b1fb08a98f1b1f0c336346698e70171e74e40c5304a356b29c947672f8a0535b7ce3a66b276d09ca3d9fff030e41598649a310875f5b5801c471182c1f617c907f06b5f36a1f9294b0f4a95d0fc98682b1e38f2f94fb08f20c5e5c7afaa9fbbd84734a98dd9b33188f6b79334b09ca8e2de56457242f904b114a2c313b193fe421d7fa97da5ab77f363e83b4698bf903022d13826ded79a905f07f97dc0fc4cc290b969ee37075a4a80a0d86d0696eeea2048ebd1a97f8319b3342e515ae5c9e25ee933d926ae0f31af55aeb07da6508756ac9549ba8bbc0095a17cb647df12f926e595a531d7208ef75cfd6239f65a0584121c75e00f7c77990b90e6350b1a84eba4430979bb726ab02050573af29156bed8e243527593dc0c6de41d0b6775818a96ee97d153826a217e8d7e88c6c44baa781a495afeba3882a06f5b1a87b1e8ee1edf404ac3ade6f5af1f6cd22c01506b5f84befb55c86f79b56e4d5754be8f564f57852f991c2275cbf55937666e022c2b2f0d020156152377859b345f74fe66791421e5571a7900df89c9bef5c3cb19113fae5d524ae2edea5ca91baf096c02e1e860c9b5a97882da598ef1e39fcb61d83f997675a772ac37c0fbe65a9d379b9204a915fdb6a7c7cdbd14c0893cd5e8cfd56f4021756d6c6a25b258a69922a41f3c7bc43b69f46293b381a27ae5a3cfcf2526f8eadcb540ec87d6009d6a2939882140f9a447c5be4328a0681aa3002f6a9dfd836b362fb1d423d7c9571aeb50e2a6acb9ab4e85574baf27b1028db0f6647aa7fe995c1fbf8ab422bb15acf9ae6de73972c9549cb601297bbb1c740e8761af16c4785c4827b5dc5e52f4a82000f6f87670ec19fea4e04e564fc83c0ccf1b7fa2bb9ac3e56addfa7f5f6d1d3d3c92dea5de9fa42f1414a769b0cdc40e306fee0ad66573628b83a07fe087fcb3377848e1a7869e592c83bb594284da28a4f5db381059d56e5d4989042dadbbe6000b66184ca8fe9d293f6c70988f3d7b8ee00546a21aaeca498ae06fa7becc5a55914c7a1ab714d955a8b0bd72e8d6bbf4dd451b525fcbc9fb5c10747dee3c755d39be5c2d52345c56185a8d6cee878b72255acabf7dbefafaed94838532fd01ea6244c4ac929de6846084a07d19de7098e62b613775abe326d402f707c4fbb3968b0aac7f1f27537cbdecee19151b310bcbe2c848ef41eea747e85f87d5a160b2cb6b28d137e30c69770c1651e44a66f8e3394bec03c8256b89fd59bec449c6a2bdb351f53d05e463f75b834624b8c7b557dc38a398d726d0846fc2f062b5b32d10af38ce844c6811aaef73ace1d86813bc37433670f6180f9bd112ae00133077fc7a0bd12d7b4b3a53a3c16a9cb0e8112f18691aa3bd2215afdaa1d00c8ea4f4a302ea9ebc94afaad2549f646a8ae66b953fa9cd649a02c4b152cc6c7b55d99ddc3d0fd1fcd84da355eb02581dba9e4d9dd235d2d4c4e094161440e70926221d76ce70c8762485c8b801550cc208e5d1bfd184e622ff0950a912dd47163c838fd562f09ca1690e76da55a471ec67cb83bbb103975bd4683f0393ec8b843f55ba2c0bdc6c90b50031cfe751792bd5d0cb50c8ee93086794e18c4ed66d6bd09b499f8ff2f63a8920701ab0af5b4b75402b1d65b1eb515dc46e181a1699f21e67349c904f02f8358e28faff2ade65703d14dc2774b02acc731eee0941675502d95e0c32a7304f6e9af85ef220daea0de24cf79e35a59412e62835d3032f88d9ed7befd4f708bfd2d236bd188b6f951bbe13e3add84f111e20324a523426611ec15fb376e7306cbec6867f0b945047a4facf78154e68a66a36972d5a18af1403baa9b4b51fddd072ee1f0087add02485b40323bd708b76406e10a927a913d91c5d771d3aeb3cfafb54b1016785c61ed13060d5f1b550676a656b874fd392ae61c5044218df55cbb72b819990ffdb130fb17a14f7cb5a2a8aafedc6526d83762dbf320f15758030eeecf5652dccf04cdc68827400c768a21daff47212b87357ff0bcb36cae4d113a5d9815b07332cb42329321664d93e43e6dcd6115987007fc623088004f8ac943736eb2a045a25b1bbfbbc97571eabf875d924f6b7b0e524b1afa0ff499473aa7976de83b91928e84f8e445728778fe0e5a356a57f09ed254848cec31b7c5c9c7a2fca21befe15ffc9317e96f7ad582684ce625791b99563781bf64983e77be4f1a5893beec4b560fc15e9c21dd0c29bf2879dfaa257ba5ec97957050d5b2c1f25eb4064488c139dbf88f3b7c70850d6fdbf0603cdd4011bf76e0d9ee5c2b128b50dba5689a8f04d4caf62d777eab31aab4b4195da780901352d284885bf417eb05367ee1b5f2f8c5cfe7f0394fb977f3a3f96084375e22ccf6c3ee4659d68d2b1948a4a1783a4db2282c67d39613fa67be4dd144793b76c09dd563ef3d169f34318acbd62d3b2d64f9173d16e9801132918c3390172c6f64d049b4c894d593419e5f4d5a513fc5a64ddcd05b034e6d16fe88ff89a520c464f842ad5a62a6fc46f0e9d56d05d6f5e625d25f537cca62910981dd463255318d8273db13d27fdc6c17c2c54776ba3a246c413957f297b8ecb1adb5c3f1d4d8e4d7705bdb9268f956d2845b68511edd51cdc5d05de5d6d4b3f573592986fed325f1f3c6a9ef7740f9d843e11981d1ca515c7e722ec4d691c5e4d3a146e39bcf407f66418f754bb2508cb4cc843aa9d8eb63850e5b9103682ecc1fc8f972f394be9d31cb9efd0f693d4ec41fe8d0993b45d2f422f9ab604d3371c1bda1daa3206a027c4de5c8f2cf6d1fc7e6d1423a6c71e84f24e0a4dfbf4a331deff2ae649df9681a08846efc9f0001e7ef106f1bfa25ee2799b13f1f076e30e58078d186afb65301497e982478babf143972cc7072f70829b8faee46e56a1451ff7ddd0dd35816bfa29eee361de60fbc3222e89d70f1495be94d0e82072a0e572e3055c905552e6c45d2af3d4f505a99d947667059c1c92ce2d3549077539c4cec4c07337361eeb9f78813bf9e77b0a79f391ae6eb663deb53317f61ef8ddffdbd0ca2d8095c10c106b0968325bc1e88829d92399b809f1b881e9b9f0aeada5c5ee20fd0866070e3d5d41e62f5b6d2d25441babcdf9d3dc8ae3c140a6f352daf00ed38e248b236acd27f24bdebae0f272a5820ef77fb603fe3cc910a9d842129259e61d25dcf546cd770e4cccab470b20fa5f5972a6dd15853483de6e032f9726c166e81e8e0f9db4df397cc4a10b6e58708a31f48d7d2bae4ef92828c37088068b2ae433110dc7c08e6017d8b26e4e0382ca8fa62dc6f53c4cc2f0f78af72335c494f57f2414afe247e2291c395895bb18f701b6f4331feb759110c543dd94a238e782ad552047677558a50e7683d71a9e222fd19a9343e1d64528640a8099dedd19e4c747dda18ff25b15bddf750a54533b6ecfc75ad4a2909485f7fd759d45c74727b2e7300eae71a8784f5dd7f25b4b000ed3254264131cbbae316fb3a3bfbeb309dd2d18104629db354f447791eb882bf0333a520b8dba745b673d071b07e1de3e02fe751a1cf5908435b1a38edbd60483abdb15452c868844ceb96c449ab72999a55c79f9ce7405797142ef7095b4caf99d7bbe51cd4e963e4ffbbd2648761abd3894b5420a0add261ff9c0eff61aafd1ac5195ff15cadb5b0c7ce34d4d2d68146f3dae677e833b8be0f8a876153bb65398def38e4bf539d3a00047b19c483062fc1c2547b7d4f7d99b7035212ccfffeeb21ed7bbd6165ac7fbafbca3cef86fff655305706dd0baa607c50543bb0d66f0f4dbdd9c365fdb7b875dc5e7ee59afccc321ad1e31cc84687afda71231bb2e4dc3ce79ff3ce4bbafed8821a5b71bbf3844f110e2dd9557b596ac792d97506d22c0410bce435e20fa2e2d435361b5b6ac85f44763769723a7b629258f45e10578f70bef2e9c05af8032e357697dfcd30de9b3e953a36d6cb7a03ce69288b663f692793904dd8fb4ab6dc31ddf7f6942ef84c1e68c78bf9974f830ee2fccca84113cee98b47ed41a87fe610c5348dc38d4ada19862772317a70754870347ad87dbbb4c52349b0261aa8e108fcf387b24d4e2a77ba76e8472fd74ab6fa021277a24ef7a48d395b0fd1f9c0cf83bac56b433ffbfe5984a362e337969febf259988162c2b4842bd2fc0b230fee93a085003e615088abfe41889f7b5e0f380ffe55b66c1f7419993c3dd4aac5891494a183ddca2e415e1749489c925715f3c44d94b90d2d735f2b923bdbbbf1646580ab135356a9ee29bc19e73ded9a33798a69d248574e0c9e9f40a1c1ba52bc66a578d08b75f271a9e9f447efede09d6b3b57e0aa6322c18fd6f5e1c9d2753e0a6513cc04124ab89802eb9c504f0e5550868ab597629d7cc7447ed1b01b2ff4cf511aa098710b208b5aa0f595039a2f0e7294c5fe3b0c3e6c40000000000000000000000000000000002588beb10115f4b22f4ac997c86c49201ee9dceb2142ae61555bbbc4ef8cdd468a8ffbe6cbfc8877dd87292c70e10669bc99d8d5710f7719cc2cffc86cd529b6da2511d07aef4a1d9533ab58a76f80ad7fe91a17397d3c83481", @ANYBLOB="fe2ecf20a9a17bd2ed7e803f830375c150a1f848f604c2c1f932d2b7163be4b2b9a5bd521d185cfbee555b27608594beba6325923aaf5db74cff01000053db92c6c5fcbba0abd975fc76bea49b00513afc856ed89d3fadeda307ca587354322803b0983cc65725ae7f45fb95e7cdb28c6b886959b7dde2c87c73f6008cf6eed7861f24b7423704b95f3d05b92d3d7ff9d392833ecd02443320b60131a350360fcc1d659e2a03cb469caf0498bacae0735a161345b3d71a55f14ef636b6f832c7a6071fce83904dfd871b6d8e03648dbaa3a039eb5673792cae80335732030f9aeabaf3bb3cc4ca5fe75271d69b2e78beb2b81fc3cf3a18a7ae93a3cdbe6599b99408275e2b4b4477c6fcf4806134e839e13533ec000000000000006a1c000000000000000000000000000000000000000000000000000069c3288311b7414705e975eb3f1b77a120", @ANYRES64], 0x8, 0x2eb, &(0x7f00000004c0)="$eJzs3E1PE10UwPHTF0pbAmXx5DGaGG50o5sJVNdKYyAxNpEgNb4kJgNMtenYkpkGU2NEV26NH8IFYcmORPkCbNzpxo07NiYuZGEc0+kMhTKAlNIi/H8JmcPce6b3zgzk3AnD+r23T4t5W8vrFQnHlYRERDZEBiUsvpC3DbtxTLZ6JZf7fnw+f+f+g1uZbHZsUqnxzNSVtFJqYOjDsxcJr9tKr6wNPlr/nv629v/a2fXfU08KtirYqlSuKF1Nl79W9GnTULMFu6gpNWEaum2oQsk2rHp7ud6eN8tzc1Wll2b7k3OWYdtKL1VV0aiqSllVrKqKPNYLJaVpmupPCvaTW5yc1DMtJs+0eTA4IpaV0SMiktjRklvsyoAAAEBXNdf/YVHtrP+XLqxW+u4uD3j1/0osqP6/+qV+rG31f1xEAut///MD63/9YPX/zorodDlU/Y/jYSi2Y1eoEdYarYye9H5+Xa8fLg27AfU/AAAAAAAAAAAAAAAAAAAAAAD/gg3HSTmOk/K3/leviMRFxP8+IDUiIte7MGS00SGuP06Axot70QER8818bj5X33odVkXEFEOGJSW/3PvBU4v9N49UzaB8NBe8/IX5XMRtyeSl4OaPSKpHmvMdZ/xmdmxE1W3P75Hk1vy0pOS/4Px0YH5MLl3ckq9JSj7NSFlMmXXH0ch/OaLUjdvZpvyE2w8AAAAAgJNAU5sC1++atlt7PX9zfd38fCDSWF8PB67Po3Iu2t25AwAAAABwWtjV50XdNA1rjyAh+/dpPYge0ZH9Gf5tlv+3DEc30z0C/8O3NcW9nW0/LaEDnJZdgrC0kjVUm4067Cz8x0a79ZGJ0c5fQTc48+79z/Yd8NpyfJ+Zth5E9r4Bejr2CwgAAABAxzSKfn/PaHcHBAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAKdSJ/47W7TkCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAx8WfAAAA//+SWQVN") r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0) syz_genetlink_get_family_id$devlink(&(0x7f0000000900), 0xffffffffffffffff) r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0xf0) setsockopt$inet_group_source_req(0xffffffffffffffff, 0x0, 0x2e, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0xb, &(0x7f0000000740)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000008085000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x2e, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x330b9072}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) io_uring_enter(0xffffffffffffffff, 0x47f6, 0x0, 0x0, 0x0, 0x0) setsockopt$TIPC_GROUP_JOIN(0xffffffffffffffff, 0x10f, 0x87, &(0x7f0000000040)={0x80042, 0x1}, 0x10) sendmsg$tipc(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000140)=@nameseq={0x1e, 0x1, 0x1, {0x42, 0x5, 0x5}}, 0x10, 0x0}, 0x40000) pwritev2(r2, &(0x7f0000000100)=[{&(0x7f0000000080)="ff", 0xabfb}], 0x1, 0x5412, 0x0, 0x0) write$binfmt_script(r1, &(0x7f0000000040), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r1, 0x0) fdatasync(r1) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) ftruncate(r1, 0x5) bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) 4.011401341s ago: executing program 1 (id=1525): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0x13, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020641700000000002020007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10) chroot(&(0x7f0000000000)='./file0/../file0\x00') 3.533937408s ago: executing program 1 (id=1526): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000e7ef90030000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x76}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) r2 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0) fcntl$notify(r2, 0x402, 0x8000001f) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020782500000000002020207b1af8fe00000000bfa100000000000007010000f8ffffffb702000008000000b703000007000000850000001100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r3, 0x0, 0x4}, 0x18) getitimer(0x1, 0x0) r4 = open(&(0x7f0000000000)='.\x00', 0x0, 0x4) fcntl$notify(r4, 0x402, 0x8000003d) close_range(r2, r4, 0x0) r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50) bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000}, 0x94) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r6}, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000180)={0x2, 0x3, 0x0, 0x3, 0x11, 0x0, 0x70bd2c, 0x25dfdbfc, [@sadb_key={0x3, 0x9, 0x80, 0x0, "1cdc0dca1d9f68846960e56de42944af"}, @sadb_address={0x5, 0x6, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @loopback, 0x2}}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0x7, 0xc}, @sadb_address={0x5, 0x5, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @loopback, 0x7}}]}, 0x88}, 0x1, 0x7}, 0x0) pipe2$9p(0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00'}, 0x18) syz_clone(0x42164000, 0x0, 0x0, 0x0, 0x0, 0x0) 3.340649807s ago: executing program 0 (id=1527): openat2(0xffffffffffffffff, 0x0, 0x0, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10) r1 = socket(0x80000000000000a, 0x2, 0x0) r2 = getpid() prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) setsockopt$inet6_group_source_req(r1, 0x29, 0x2f, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @empty}}}, 0x108) 2.774889489s ago: executing program 2 (id=1528): r0 = socket(0x400000000010, 0x3, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) socket(0x400000000010, 0x3, 0x0) r2 = socket$unix(0x1, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'}) r3 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000042c0)=@newtfilter={0x78, 0x2c, 0xd27, 0x70bd28, 0xfffff000, {0x0, 0x0, 0x0, r4, {0xf000, 0xffff}, {}, {0x7, 0xa}}, [@TCA_RATE={0x6, 0x5, {0x0, 0x40}}, @filter_kind_options=@f_flow={{0x9}, {0x1c, 0x2, [@TCA_FLOW_DIVISOR={0x8, 0x8, 0xfffff4c4}, @TCA_FLOW_BASECLASS={0x8, 0x3, {0xfff9, 0x1}}, @TCA_FLOW_DIVISOR={0x8, 0x8, 0xf000}]}}, @TCA_CHAIN={0x8, 0xb, 0x57}, @TCA_RATE={0x6, 0x5, {0x6, 0x6}}, @filter_kind_options=@f_u32={{0x8}, {0x4}}, @TCA_CHAIN={0x8, 0xb, 0xe0e1}]}, 0x78}, 0x1, 0x0, 0x0, 0x80}, 0x20008800) 1.655410558s ago: executing program 0 (id=1529): syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) syz_open_dev$sg(&(0x7f0000000280), 0x80000000002, 0x1) 1.51385715s ago: executing program 0 (id=1530): timer_create(0x0, &(0x7f0000000680)={0x0, 0x21, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000100)) r0 = socket(0x10, 0x3, 0x0) write(r0, &(0x7f0000000080)="1400000052004f030e789e7ee2ce2fa4ff612d27", 0x14) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000000c0), 0x62181) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r1, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick=0x1f4, {}, {}, @raw32={[0x2600]}}], 0xffc8) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) quotactl_fd$Q_QUOTAOFF(0xffffffffffffffff, 0xffffffff80000302, 0x0, 0x0) 1.457716321s ago: executing program 4 (id=1531): r0 = syz_io_uring_setup(0x6de4, &(0x7f0000000180)={0x0, 0x113a, 0x2, 0x2}, &(0x7f00000000c0), &(0x7f0000000000)) io_uring_register$IORING_REGISTER_BUFFERS2(r0, 0xf, &(0x7f00000024c0)={0x2, 0x0, 0x0, &(0x7f0000000080)=[{0x0}, {&(0x7f0000000240)=""/191, 0xbf}], &(0x7f0000002480)=[0x0, 0x2]}, 0x20) 1.442271096s ago: executing program 5 (id=1532): bpf$MAP_CREATE(0x0, &(0x7f0000003940)=ANY=[@ANYBLOB="210000000000000000000000000010000004"], 0x48) r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) capset(&(0x7f0000000000)={0x20071026}, &(0x7f0000000280)) migrate_pages(r0, 0x8, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000240)='fdinfo/3\x00') r2 = socket$nl_generic(0x10, 0x3, 0x10) mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1000, 0x10000) openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x1) openat(0xffffffffffffffff, &(0x7f0000000080)='./file0\x00', 0x86b01, 0x70) syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x40, 0x4, &(0x7f0000006680)) mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x2, &(0x7f0000000000)=0x9, 0x8, 0x0) set_mempolicy_home_node(&(0x7f0000417000/0x2000)=nil, 0x2000, 0x0, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="0600000004000000990000000d"], 0x50) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000340)={'macsec0\x00', 0x0}) r6 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_add_memb(r6, 0x107, 0x1, &(0x7f00000001c0)={r5, 0x1, 0x6, @broadcast}, 0x10) open(&(0x7f0000000140)='./file0\x00', 0x4000, 0x80) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000071000000180100002020752500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000500)='sys_enter\x00', r8}, 0x18) r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYRESDEC=r2], 0x50) r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095", @ANYRES32=r9], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x94) r11 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x12, 0xc, &(0x7f0000000580)=ANY=[@ANYRES8=r5, @ANYRESOCT=r10, @ANYRESDEC, @ANYRES16, @ANYRESHEX=r7], &(0x7f0000000780)='GPL\x00', 0x1000000, 0x0, 0x0, 0x0, 0x0, '\x00', r5, @fallback=0x14, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='kfree\x00', r11, 0x0, 0xfffffffffffffffe}, 0x18) r12 = socket$nl_generic(0x10, 0x3, 0x10) r13 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001880), 0xffffffffffffffff) sendmsg$NL80211_CMD_START_AP(r12, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000840)=ANY=[@ANYBLOB="24010000", @ANYRES16=r13, @ANYBLOB="a18300000000000000000500"], 0x124}}, 0x0) 1.412758511s ago: executing program 2 (id=1533): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x45, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x18) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40e00, 0x0, '\x00', 0x0, @fallback=0x2f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r1, 0x0, 0xfffffffffffffffd}, 0x18) r2 = socket$inet6_mptcp(0xa, 0x1, 0x106) sendto$inet6(r2, 0x0, 0x0, 0x20004041, 0x0, 0x0) connect$inet6(r2, &(0x7f0000000180)={0xa, 0x4e22, 0x2, @dev={0xfe, 0x80, '\x00', 0x13}, 0x7}, 0x1c) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$mptcp(&(0x7f0000001640), r3) sendmsg$MPTCP_PM_CMD_ADD_ADDR(r3, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000001c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="0900000000000000000002000000140001800500020001"], 0x28}}, 0x0) 1.283028278s ago: executing program 3 (id=1534): bpf$MAP_CREATE(0x0, 0x0, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xc, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x39, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x24, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x18) bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="0300000004000000040000000a00000000000000", @ANYRES32, @ANYBLOB="fcffffff00"/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\x00\x00\x00\x00\x00\x00\x00\x00'], 0x50) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000900)={0x10, 0x6, &(0x7f00000009c0)=@framed={{0x18, 0x2}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x8}, @exit]}, &(0x7f0000000040)='GPL\x00', 0x4, 0x0, 0x0, 0x41000, 0xa}, 0x94) openat$cgroup(0xffffffffffffffff, &(0x7f0000000040)='syz1\x00', 0x200002, 0x0) stat(&(0x7f0000004400)='./file0\x00', &(0x7f0000004440)) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f00000044c0)) r1 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) stat(0x0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0}) sendmsg$netlink(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000200)=ANY=[@ANYBLOB="140100002800010004000000fcdbdf250401f2800c00180008ac0f0000000100140001"], 0x114}, {&(0x7f00000009c0)=ANY=[@ANYRESOCT, @ANYRES32=r2, @ANYBLOB="040094807a026c57d2654d115e528c1459241cdf02597f14d35c3655073c5f407b4160b64e80e167c709d80d9da587820eeb0f3c363a773f519c2717597d2217f73d756a1e5262327a0d6705cffb6119d2df818584899aaf8d7b874dbb99330a6d2593829a3125c105c65840af5555000d003f0026e4b56b1866ada1d6000000ae69a5084963450371edc84dc99933e5f3798214db2bbd9046f0ccf707e29850c523bbf617b1d7ef1a551fb4d16bc02c3b80b31afd787c9d7b26e5ddbb196f76b5ae845fa547821e75e7ce9e57909e40c4879551d2f2238d4b261e66380a5ae73b551539b77a6588ca710abc8bcf5659e97a7c436980198477bba6e6a869a636c008a123467d4ebde947f09e3e18471413aa"], 0x2cc}], 0x2, 0x0, 0x0, 0x20000001}, 0x0) r3 = getgid() lchown(0x0, 0x0, r3) r4 = syz_open_dev$tty1(0xc, 0x4, 0x4) ioctl$PIO_UNIMAPCLR(r4, 0x4b68, 0x0) 1.183327946s ago: executing program 4 (id=1535): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000140)={0x0, 0xffffffffffffff34, &(0x7f0000000080)={0x0, 0xb8}}, 0x0) getsockname$packet(r1, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="34000000100081eee8000004000000", @ANYRES32=r3, @ANYBLOB="ddfffffdff000000140012000c000100627269646765"], 0x34}}, 0x0) sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)=@ipv4_newaddr={0x20, 0x14, 0x1, 0x0, 0x0, {0x2, 0x0, 0x0, 0xff, r3}, [@IFA_LOCAL={0x8, 0x2, @local}]}, 0x20}}, 0x0) r4 = socket$inet(0x2, 0x3, 0x2) setsockopt$inet_mreqsrc(r4, 0x0, 0x27, &(0x7f0000000040)={@multicast2, @local}, 0xc) r5 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000400)=@delchain={0x24, 0x11, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {}, {0x9}}}, 0x24}}, 0x0) 967.022488ms ago: executing program 3 (id=1536): bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0xc, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x39, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r0}, 0x10) r1 = inotify_init1(0x80000) inotify_add_watch(r1, &(0x7f0000000200)='./file0\x00', 0x5000402) 905.413519ms ago: executing program 4 (id=1537): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f00000001c0), 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==") r0 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0) pwritev2(r0, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x78c00}], 0x300, 0x1200, 0x0, 0x3) 827.315239ms ago: executing program 1 (id=1538): move_pages(0x0, 0x20a0, &(0x7f0000000040), &(0x7f0000001180), &(0x7f0000000000), 0x0) r0 = socket$inet_mptcp(0x2, 0x1, 0x106) getsockopt$inet_mptcp_buf(r0, 0x11c, 0x3, &(0x7f0000000040)=""/185, &(0x7f0000000100)=0xb9) socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x1000000000000f, &(0x7f0000000180)=0x6, 0x4) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x33, &(0x7f00000a2000)={0x0, 0x0}, 0x10) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68) ioctl$USBDEVFS_SUBMITURB(0xffffffffffffffff, 0x8038550a, &(0x7f0000000140)=@urb_type_control={0x2, {}, 0x2000000b, 0x80, 0x0, 0x0, 0x6, 0x7d, 0x0, 0x1, 0x101, 0x0}) socket$inet6_sctp(0xa, 0x1, 0x84) syz_emit_ethernet(0x66, &(0x7f00000004c0)=ANY=[@ANYBLOB="bbbbbbbbbbbbaaaaaaaaaabb86dd6000021000303a00fc000000000000000000000000000000ff0200000000000000000000000000010401907800000000608bb91d00001100fe80000000000000e800000000000016fe88000000000000000000000000000195b00f6c43a72576f21498e7a0f7e19b2880cb33fe8fc183d736c70009f3ccc90670b6210300c76188c5cb3a0b69dbefaebd252021020613e5b9090bb46af4f4bf46fda7e493917c40bf3499ee212196ea74ef4dbd1b69c05a6b3833db85d2970304fa31559323c4a70cfccc868fca0e5d1b3a446ed545a04618566cb7635ebff00c5f435bb18e6a28a910179a339fd52bb9d0c2e16250028da3ee900bb9cf6f41f516ffc0c4829d482302f92e73597428699798726c306cba0d539778673ec77e1d2341ddf2b86aa23e5b71f72362dbd1bc35254e1c291b26d8c415d113aed439c91ae4301170d75d8463d6c2e0724502ace2433ccea45667ca2ec05de305"], 0x0) getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, 0x0, &(0x7f00000003c0)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r2}, 0x10) r3 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000002c0)="2e00000011008b88040f80ee59acbc04130800480f0000005e2900421803001825800000000000000280000c0012", 0x2e}], 0x1}, 0x0) 706.380238ms ago: executing program 3 (id=1539): syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x0, &(0x7f00000004c0)={[{@journal_ioprio={'journal_ioprio', 0x3d, 0x4}}, {@noload}, {@acl}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}]}, 0x1, 0x783, &(0x7f0000001000)="$eJzs3c9rHFUcAPDvbJKmSauJIGg9BQQNlG5Mja2Ch4oHESwU9Gy7bLahZpMt2U1pQg4tIngRVDwIeunZH/Xm1R9X/S88SEvVtFjxIJHZH+222U03bXY3kM8HXva9mdm89903P97sDDsB7FkT6Z9MxKGI+DiJGKtPTyJiqJobjDhRW+72+lo+TUlsbLz9Z1Jd5tb6Wj6a3pM6UC88HRE/fRBxOLO53vLK6nyuWCws1ctTlYXzU+WV1SPnFnJzhbnC4rHpmZmjx186fmznYv3719WD1z954/lvT/z7/lNXP/o5iRNxsD6vOY6dMhET9c9kKP0I7/H6TlfWZ0m/G8BDSTfNgdpWHodiLAaquTZGetkyAKBbNgCAPSgxBgCAPabxPcCt9bV8I/X3G4neuvFaROyvxd+4vlmbM1i/Zre/eh109FZyz5WRJCLGd6D+iYj48vt3v05T1PvBtTSgFy5djogz4xOb9//JpnsWtuuFrWZuDFdfJu6bvNeOP9BPP6Tjn5dbjf8yd8Y/0WL8M9xi230YD97+M9d2oJq20vHfq033tt1uir9ufKBeeqw65htKzp4rFtJ92+MRMRlDw2l5urpo65Hb5M3/brarv3n899en732V1p++3l0ic21w+N73zOYquUeNu+HG5YhnBlvFn9zp/6TN+PdUh3W8+cqHX7Sbl8afxttIm+Pvro0rEc+17P+7fZlseX/iVHV1mGqsFC1899vno+3qb+7/NKX1N84FeiHt/9Gt4x9Pmu/XLG+/jl+ujP3Ybt6D42+9/u9L3qnm99WnXcxVKkvTEfuStzZPP3r3vY1yY/k0/slnW2//tWpbr//pOeGZDuMfvP7HNw8ff3el8c9uq/+3n7l6e36gXf2d9f9MNTdZn9LJ/q/TBj7KZwcAAAAAAAAAAAAAAAAAAAAAAAAAncpExMFIMtk7+Uwmm609w/vJGM0US+XK4bOl5cXZqD4rezyGMo2fuhxr+j3U6frv4TfKR+8rvxgRT0TEZ8Mj1XI2XyrO9jt4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKg70Ob5/6nfh/vdOgCga/b3uwEAQM85/gPA3rO94/9I19oBAPSO838A2Hs6Pv6f6W47AIDecf4PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAl506eTJNG/+sr+XT8uyFleX50oUjs4XyfHZhOZ/Nl5bOZ+dKpbliIZsvLbT9R5dqL8VS6fxMLC5fnKoUypWp8srq6YXS8mLl9LmF3FzhdGGoZ5EBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQOfKK6vzuWKxsCSzZWZkdzRj12QGY1c0Q6Zrmea9xEj/dlAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAu9z/AQAA//+MoS4e") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) pwrite64(r0, &(0x7f0000000140)='2', 0x1, 0x8000c61) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) sendfile(r1, r1, 0x0, 0xe3aa6ea) prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f00000004c0)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r5 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_udp_encap(r5, 0x11, 0x64, &(0x7f0000000080)=0x2, 0x4) sendmsg$inet(0xffffffffffffffff, &(0x7f0000000f80)={0x0, 0x0, &(0x7f0000000f40)=[{0x0}], 0x1}, 0x0) recvmsg(0xffffffffffffffff, 0x0, 0x1c3) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00'}, 0x10) bpf$PROG_LOAD(0x5, 0x0, 0x0) accept4(r4, 0x0, 0x0, 0x800) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) add_key$fscrypt_v1(0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff) unshare(0x64000600) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$EXT4_IOC_MOVE_EXT(r0, 0x40305829, &(0x7f0000000240)={0x17c04, 0xffffffffffffffff, 0x100, 0x100000002}) 488.365755ms ago: executing program 4 (id=1540): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f000000c280)={&(0x7f0000000380)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000050000000900010073797a300000000064000000030a01030000000000000000050000000900010073797a30000000000900030073797a300000000008000a40000000032800048008000240000000120800014000000000140003006e657464657673696d30000000000000080000000000"], 0xac}, 0x1, 0x0, 0x0, 0x4008805}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000ac0)={&(0x7f0000000bc0)=ANY=[@ANYBLOB="14000000100001f500000000000000000100000a14000000020a497f75241d4e1deb00000500000614000000110001"], 0x3c}}, 0xc050) 316.614511ms ago: executing program 0 (id=1541): r0 = accept4(0xffffffffffffffff, 0x0, &(0x7f0000000140), 0x80800) sendmsg$TIPC_CMD_GET_REMOTE_MNG(r0, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x1c, 0x0, 0x2, 0x70bd2d, 0x25dfdbfe}, 0x1c}, 0x1, 0x0, 0x0, 0x425d9b36da1673a8}, 0x4) socket$nl_route(0x10, 0x3, 0x0) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IPVS_CMD_SET_INFO(0xffffffffffffffff, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0) rseq(&(0x7f0000000400), 0x20, 0x0, 0x0) r1 = socket(0x2a, 0x2, 0x0) getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000001000)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}, {0x0, 0xfff1}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0) sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000000c0)={0x0}, 0x1, 0x0, 0x0, 0x4040044}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000380)=@newtfilter={0x84, 0x2c, 0x605, 0x70bd2a, 0x0, {0x0, 0x0, 0x0, r2, {0x0, 0xffe0}, {}, {0xffff, 0x2}}, [@filter_kind_options=@f_cgroup={{0xb}, {0x4c, 0x2, [@TCA_CGROUP_ACT={0x48, 0x1, [@m_ct={0x44, 0x1, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x10, 0x7ff, 0x6, 0x1, 0xff}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x2}}}}]}]}}, @TCA_RATE={0x6, 0x5, {0x0, 0x1}}]}, 0x84}}, 0x20004084) r3 = socket$netlink(0x10, 0x3, 0x0) sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0) 269.76055ms ago: executing program 2 (id=1542): r0 = socket(0x18, 0x4, 0x0) connect$pppoe(r0, &(0x7f0000000100)={0x18, 0x0, {0x2, @multicast, 'vcan0\x00'}}, 0x1e) sendmmsg(r0, &(0x7f0000001440)=[{{0x0, 0x0, &(0x7f0000000880)=[{&(0x7f0000000640)="52d742aa2c99133b2231e7ff01000000000000835edd8e0ce70ab632b536cd2fe89db804cdb0e44eb13512d48a7a97fec89692aabdf1f240ab02db4d08c443aee325608ce98743b8c309979343b424533fa63be47414e9082741bf19692a6194107ec7e0e041812fedd957a8f38c8d482d2914e79fa7cb508e21a2ce3137a7c9ad44ab1447be9cfa989b04505942b8286c1da3da16c2570198a830dbc0fc821aead524a66e2cbb7ab8c5f7c10eb6c67e33ead29e310ef94ef44ee533616d205e738adabbbef8adeb2d0845394a2df02e07f7432de0191ab798", 0xd9}, {0x0, 0x1b}], 0x2}}], 0x1, 0x4000) 70.615854ms ago: executing program 2 (id=1543): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000fbff000000000000001d8500000007000000850000002a00000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800700, &(0x7f00000007c0)={[{@nodioread_nolock}, {@journal_dev={'journal_dev', 0x3d, 0xff}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5a}}, {@nouid32}, {@resgid}, {@acl}, {@init_itable_val={'init_itable', 0x3d, 0x3}}]}, 0x1, 0x46f, &(0x7f0000000bc0)="$eJzs281rHOUfAPDvTF7a/vqS/Gp9aa0aLUJQTJq0ag9eFAWRioIe6jEm2xK6baSJYmuxqYgnQQp6Fo+if4E3EUQ9CV49eZJC0V7aeorM7Ey62WYTazaZ2P18YLPPM/PszvebeXv2eXYD6FpD2Z8kYkdE/BoRA43q0gZDjafrV89P3rh6fjKJhYXX/kjydteunp8sm5av215UhtOI9MOk2MhSs2fPnZyo12tnivro3Km3RmfPnnvinVMTJ2onaqfHjxw5fGjs6afGn+xInlle1/a9P7N/74tvXHp58tilN3/8Oot3R7G+OY9OGcoS/3Mh17ru0U5vrGI7m8pJb4WBcFt6IiLbXX35+T8QPXFz5w3ECx9UGhywrrJ705b2q+cXgDtYElVHAFSjvNFnn3/LxwZ1PTaFK882PgBleV8vHo01vZEWbfpaPt920lBEHJv/6/PsEes0DgEA0Ozjyc+O9kfEeze+einrewwsrknjnvz5t/zvrmIOZTAi/h8RuyPirojYExF3R+Rt742I+9YYz639n/TyGt9yRVn/75libmtp/6/s/cVgT1HbmefflxyfrtcOFv+T4ejbktXHVtjGt8//8km7dc39v+yRbb/sCxZxXO5tGaCbmpibyDulHXDlYsS+3uXyTxZnApKI2BsR+27vrXeVhenHvtzfrtHq+a+gA/NMC19k6c1n+c9HS/6lpHl+cvqW+cnRrVGvHRwtj4pb/fTzR6+22/6a8u+AK7XGc9P+b20ymDTP1852dvv/8vhP+5PX83nm/mLZuxNzc2fGIvqTo3l9yfLxm68t62X77PgfPrD8+b+7eE2W//0RkR3ED0TEgxHxUBH7wxHxSEQcWCHHH55bPf9IK9r/FyOmlr3+LR7/Lfv/9gs9J7//pt32/9n+P5yXhosl+fVvFcuFk10uWgNcy/8OAAAA/ivS/DvwSTqyWE7TkZHGd/j3xP/S+szs3OPHZ94+PdX4rvxg9KXlSNdAMR5an67XxpL54h0b46PjxVhxOV56qBg3/rRnW14fmZypT1WcO3S77W3O/8zvPVVHB6yzbcsuHe/f8ECACrTOo6dLqxdeCRcDuFP5vTZ0r1XO/3Sj4gA2nvs/dK/lzv8LLXVzAXBncv+H7uX8hy6Vfld1BECF3P+hK63ld/3rWNi6OcKoprBZd0peiCgL6aaIR2GdClVfmQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADrj7wAAAP//KFzmgQ==") syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x22000406, &(0x7f0000000680)={[{@dioread_lock}, {@noblock_validity}, {@abort}, {@user_xattr}, {@user_xattr}, {@grpjquota, 0x2e}, {@max_batch_time={'max_batch_time', 0x3d, 0x1}}, {@errors_remount}, {@jqfmt_vfsv1}, {@grpid}], [], 0x2c}, 0x84, 0x4c1, &(0x7f0000001940)="$eJzs3M9vFFUcAPDvTGkpP1uQqPxQVtHYiLa0oHLwoEYTLhoTPeCxlkqQAobWRAiRagwejX+BejQx8eTFkybGqBc1XvVuTIjhAnowa2Z3pt2l2+3ulnbF/XyS3b4382be+76Ztzs7r7sB9KxS9pREbI2IXyNiqJqtL1Cq/rlx7dLUX9cuTSVRLr/0Z1Ipd/3apamiaLHdljwzkkak7yWxt0G9sxcunp6cmZk+n+fH5s68MTZ74eKjp85Mnpw+OX124ujRI4fHn3h84rGW4ri8wvosrut73j63b/exVz58fqocr37/Wdberfn62jiqhluqt5lSlKKcW1w6UHl+cNV7/2/ZVpNONnSxIbSlLyKyw9VfGf9D0ReLB28onnt3IfNNlxoIrJnsvWnHkqV9+d904f0L+D9KjHHoUcU7fvb5t3is5/VHt119OnuersR/I3/8+EK1b9Lss+xw9RN7eZnt72ywbHAxWR5aof6tEXF8/u+Pskc0vA/RRNJySQCABV9l1z+PNLr+S+uubbbncyjDEXEwInZGxB0RsSvShTJ3RcTdbdZfuim/9Prn501t7rIt2fXfk/ncVvGoriniShZy2yrx9yevnZqZPpT3yUj0b8zy403q+PrZXz5Ybl2p5vove2T1F9eCeTv+2LCxfpsTk3OTqwi5ztV3IvZsaBR/sjATkPXA7ojY08H+sz479fCn+7L09i1L168cfxO3YJ6p/EnEQ9XjPx83xV9IqjUtNz85Nhgz04fGirNiqR9+uvJibb6/Jl0X/2BrMQ12GmwD2fHf3PD8z+MvhkExXzvbfh1Xfnt/2c80S49/Esfna0vk5/+mxW7Lzv+B5OVKeiBf9tbk3Nz58YiBfEHd8onFvRX5onwW/8iBxuN/Z8Q/H+fb7Y2I7CS+JyLujYj9edvvi4j7I+JAk/i/e+aB15v3UIfn/y2QxX+i2fGPGE5q5+s7SPSd/vbL5epv7fXvSCU1ki9p5fWv1Qaupu8AAADgdpFW5qCTdLRI19yc2hWb05lzs3MHS/Hm2RPVuerh6E+LO11DNfdDx/N7w0V+4qb84YjYUflPo02V/OjUuZlt3QwcqHxXp278R5qOjlbX/d7X7dYBa66tebTafzr7/Itb3xhgXfm+JvQu4x96l/EPvcv4h97VaPxfjrjRhaYA68z7P/Qu4x96l/EPvcv4h5609Cvxxc+tdPJN/8XEzmOr2nzNE+WhNdnzfPtb9a1RpFH7ox3LJpKI6KyKSJuXGWih9q4l0hXLPLVSt/Sv6jcxssT+PLExIlrd6vK69WrxCpH4lUkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOC29m8AAAD//2cg5YI=") openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) kexec_load(0x4, 0xa, 0x0, 0x0) 0s ago: executing program 4 (id=1544): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x2) sendmsg$IPSET_CMD_DESTROY(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)={0x1c, 0x3, 0x6, 0x5, 0x0, 0x0, {0x2, 0x0, 0xa}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40841}, 0x4) kernel console output (not intermixed with test programs): : error -22 [ 261.216367][ T8662] EXT4-fs error (device loop4): ext4_ext_check_inode:523: inode #13: comm syz.4.932: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0) [ 261.253676][ T8662] EXT4-fs error (device loop4): ext4_orphan_get:1395: comm syz.4.932: couldn't read orphan inode 13 (err -117) [ 261.270594][ T8666] netlink: 'syz.3.933': attribute type 4 has an invalid length. [ 261.287177][ T8662] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 261.322772][ T8667] netlink: 'syz.3.933': attribute type 4 has an invalid length. [ 261.340304][ T8662] EXT4-fs (loop4): warning: mounting fs with errors, running e2fsck is recommended [ 261.381708][ T8662] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002] [ 261.422547][ T8662] EXT4-fs warning (device loop4): ext4_enable_quotas:7176: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix. [ 261.504518][ T5827] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 262.405455][ T30] audit: type=1326 audit(262.389:333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8688 comm="syz.4.940" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e9a98eec9 code=0x7ffc0000 [ 262.547625][ T30] audit: type=1326 audit(262.389:334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8688 comm="syz.4.940" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e9a98eec9 code=0x7ffc0000 [ 262.575176][ T30] audit: type=1326 audit(262.389:335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8688 comm="syz.4.940" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7f6e9a98eec9 code=0x7ffc0000 [ 262.597478][ T30] audit: type=1326 audit(262.389:336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8688 comm="syz.4.940" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f6e9a98ef03 code=0x7ffc0000 [ 262.619517][ T30] audit: type=1326 audit(262.389:337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8688 comm="syz.4.940" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f6e9a98ef03 code=0x7ffc0000 [ 262.641406][ T30] audit: type=1326 audit(262.389:338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8688 comm="syz.4.940" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e9a98eec9 code=0x7ffc0000 [ 262.708321][ T30] audit: type=1326 audit(262.389:339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8688 comm="syz.4.940" exe="/root/syz-executor" sig=0 arch=c000003e syscall=426 compat=0 ip=0x7f6e9a98eec9 code=0x7ffc0000 [ 262.785460][ T30] audit: type=1326 audit(262.439:340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8688 comm="syz.4.940" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e9a98eec9 code=0x7ffc0000 [ 262.881242][ T30] audit: type=1326 audit(262.439:341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8688 comm="syz.4.940" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e9a98eec9 code=0x7ffc0000 [ 262.921543][ T30] audit: type=1326 audit(262.449:342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8688 comm="syz.4.940" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7f6e9a98eec9 code=0x7ffc0000 [ 264.209525][ T8624] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 264.226624][ T8606] netlink: 28 bytes leftover after parsing attributes in process `syz.2.913'. [ 264.235661][ T8606] netlink: 108 bytes leftover after parsing attributes in process `syz.2.913'. [ 264.248145][ T8606] netlink: 28 bytes leftover after parsing attributes in process `syz.2.913'. [ 264.257733][ T8606] netlink: 108 bytes leftover after parsing attributes in process `syz.2.913'. [ 264.273426][ T8606] netlink: 84 bytes leftover after parsing attributes in process `syz.2.913'. [ 264.301303][ T8651] netlink: 168 bytes leftover after parsing attributes in process `syz.0.929'. [ 264.375082][ T8624] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 264.560820][ T8624] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 264.823711][ T8469] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 264.887350][ T8469] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 264.946155][ T8509] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 265.096516][ T8509] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 265.271114][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 265.277559][ T1296] ieee802154 phy1 wpan1: encryption failed: -22 [ 266.455703][ T8756] loop2: detected capacity change from 0 to 2048 [ 266.527120][ T8756] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 267.242193][ T8782] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1286: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters [ 267.258631][ T8782] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 96 with error 28 [ 267.271546][ T8782] EXT4-fs (loop2): This should not happen!! Data will be lost [ 267.271546][ T8782] [ 267.281494][ T8782] EXT4-fs (loop2): Total free blocks count 0 [ 267.287555][ T8782] EXT4-fs (loop2): Free/Dirty block details [ 267.293569][ T8782] EXT4-fs (loop2): free_blocks=2415919504 [ 267.299368][ T8782] EXT4-fs (loop2): dirty_blocks=112 [ 267.304884][ T8782] EXT4-fs (loop2): Block reservation details [ 267.310937][ T8782] EXT4-fs (loop2): i_reserved_data_blocks=7 [ 267.483888][ T8758] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 267.551933][ T8758] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 267.558102][ T8758] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 267.626427][ T8758] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 267.662692][ T8758] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 267.691955][ T8758] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 267.814111][ T8784] netdevsim netdevsim5 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 268.541651][ T5844] Bluetooth: hci2: command 0x0406 tx timeout [ 269.583281][ T5844] Bluetooth: hci0: command 0x0406 tx timeout [ 269.583295][ T5848] Bluetooth: hci1: command 0x0406 tx timeout [ 269.661246][ T5848] Bluetooth: hci3: command 0x0406 tx timeout [ 269.672840][ T8470] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 65537 with max blocks 1 with error 28 [ 269.741444][ T5848] Bluetooth: hci5: command 0x0405 tx timeout [ 269.744382][ T5844] Bluetooth: hci4: command 0x0406 tx timeout [ 270.044840][ T8812] netlink: 'syz.4.980': attribute type 4 has an invalid length. [ 270.146362][ T8815] netlink: 'syz.4.980': attribute type 4 has an invalid length. [ 270.987767][ T8786] warn_alloc: 3 callbacks suppressed [ 270.987794][ T8786] syz.5.971: vmalloc error: size 268439552, failed to allocated page array size 524296, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 271.091533][ T8786] CPU: 0 UID: 0 PID: 8786 Comm: syz.5.971 Not tainted syzkaller #0 PREEMPT(full) [ 271.091584][ T8786] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 271.091607][ T8786] Call Trace: [ 271.091619][ T8786] [ 271.091632][ T8786] dump_stack_lvl+0x16c/0x1f0 [ 271.091696][ T8786] warn_alloc+0x248/0x3a0 [ 271.091762][ T8786] ? __pfx_warn_alloc+0x10/0x10 [ 271.091845][ T8786] ? xskq_create+0xfb/0x1d0 [ 271.091890][ T8786] ? srso_alias_return_thunk+0x5/0xfbef5 [ 271.091935][ T8786] ? __vmalloc_node_noprof+0xad/0xf0 [ 271.091997][ T8786] __vmalloc_node_range_noprof+0xfe2/0x1480 [ 271.092067][ T8786] ? xskq_create+0xfb/0x1d0 [ 271.092127][ T8786] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 271.092198][ T8786] ? xskq_create+0xfb/0x1d0 [ 271.092245][ T8786] vmalloc_user_noprof+0x9e/0xe0 [ 271.092297][ T8786] ? xskq_create+0xfb/0x1d0 [ 271.092351][ T8786] xskq_create+0xfb/0x1d0 [ 271.092402][ T8786] xsk_setsockopt+0x792/0x9a0 [ 271.092449][ T8786] ? __pfx_xsk_setsockopt+0x10/0x10 [ 271.092492][ T8786] ? srso_alias_return_thunk+0x5/0xfbef5 [ 271.092535][ T8786] ? find_held_lock+0x2b/0x80 [ 271.092604][ T8786] ? srso_alias_return_thunk+0x5/0xfbef5 [ 271.092648][ T8786] ? aa_sock_opt_perm+0xfd/0x1c0 [ 271.092712][ T8786] ? __pfx_xsk_setsockopt+0x10/0x10 [ 271.092760][ T8786] do_sock_setsockopt+0xf3/0x1d0 [ 271.092807][ T8786] __sys_setsockopt+0x1a0/0x230 [ 271.092870][ T8786] __x64_sys_setsockopt+0xbd/0x160 [ 271.092922][ T8786] ? do_syscall_64+0x91/0xfa0 [ 271.092977][ T8786] ? srso_alias_return_thunk+0x5/0xfbef5 [ 271.093021][ T8786] ? lockdep_hardirqs_on+0x7c/0x110 [ 271.093077][ T8786] do_syscall_64+0xcd/0xfa0 [ 271.093138][ T8786] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 271.093175][ T8786] RIP: 0033:0x7f9d10d8eec9 [ 271.093203][ T8786] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 271.093240][ T8786] RSP: 002b:00007f9d11bcf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 271.093275][ T8786] RAX: ffffffffffffffda RBX: 00007f9d10fe6180 RCX: 00007f9d10d8eec9 [ 271.093305][ T8786] RDX: 0000000000000002 RSI: 000000000000011b RDI: 0000000000000008 [ 271.093328][ T8786] RBP: 00007f9d10e11f91 R08: 0000000000000004 R09: 0000000000000000 [ 271.093351][ T8786] R10: 00002000000004c0 R11: 0000000000000246 R12: 0000000000000000 [ 271.093374][ T8786] R13: 00007f9d10fe6218 R14: 00007f9d10fe6180 R15: 00007ffca8ef7c48 [ 271.093427][ T8786] [ 271.097332][ T8786] Mem-Info: [ 271.374931][ T8786] active_anon:8011 inactive_anon:0 isolated_anon:0 [ 271.374931][ T8786] active_file:3624 inactive_file:46765 isolated_file:0 [ 271.374931][ T8786] unevictable:768 dirty:364 writeback:0 [ 271.374931][ T8786] slab_reclaimable:11799 slab_unreclaimable:97596 [ 271.374931][ T8786] mapped:43882 shmem:4225 pagetables:1324 [ 271.374931][ T8786] sec_pagetables:0 bounce:0 [ 271.374931][ T8786] kernel_misc_reclaimable:0 [ 271.374931][ T8786] free:1282339 free_pcp:25540 free_cma:0 [ 271.466635][ T8786] Node 0 active_anon:32044kB inactive_anon:0kB active_file:14496kB inactive_file:186860kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:175528kB dirty:1452kB writeback:0kB shmem:15364kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:14244kB pagetables:5264kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 271.531759][ T8786] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:48kB pagetables:132kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 271.562017][ T8786] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 271.619068][ T8786] lowmem_reserve[]: 0 2483 2485 2485 2485 [ 271.646923][ T8786] Node 0 DMA32 free:1219740kB boost:0kB min:34108kB low:42632kB high:51156kB reserved_highatomic:0KB free_highatomic:0KB active_anon:37644kB inactive_anon:0kB active_file:14496kB inactive_file:186860kB unevictable:1536kB writepending:1452kB zspages:0kB present:3129332kB managed:2543524kB mlocked:0kB bounce:0kB free_pcp:80148kB local_pcp:13540kB free_cma:0kB [ 271.749394][ T8786] lowmem_reserve[]: 0 0 1 1 1 [ 271.758953][ T8786] Node 0 Normal free:0kB boost:0kB min:24kB low:28kB high:32kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:1900kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 271.814810][ T8786] lowmem_reserve[]: 0 0 0 0 0 [ 271.819711][ T8786] Node 1 Normal free:3894640kB boost:0kB min:55768kB low:69708kB high:83648kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB writepending:4kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:16928kB local_pcp:12416kB free_cma:0kB [ 271.853856][ T8786] lowmem_reserve[]: 0 0 0 0 0 [ 271.865100][ T8786] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 271.899656][ T8786] Node 0 DMA32: 3544*4kB (UE) 2080*8kB (UM) 1262*16kB (UM) 1187*32kB (U) 287*64kB (UME) 86*128kB (UME) 199*256kB (UME) 73*512kB (UM) 22*1024kB (UM) 8*2048kB (UM) 235*4096kB (UM) = 1208160kB [ 271.955667][ T8786] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 272.010635][ T8786] Node 1 Normal: 166*4kB (UM) 39*8kB (UME) 36*16kB (UME) 125*32kB (UME) 39*64kB (UME) 6*128kB (UME) 3*256kB (UM) 2*512kB (M) 1*1024kB (M) 2*2048kB (UE) 947*4096kB (M) = 3894640kB [ 272.059684][ T8786] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 272.069463][ T8786] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 272.079803][ T8786] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 272.089433][ T8786] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 272.098802][ T8786] 60335 total pagecache pages [ 272.103545][ T8786] 0 pages in swap cache [ 272.107711][ T8786] Free swap = 124996kB [ 272.111909][ T8786] Total swap = 124996kB [ 272.116161][ T8786] 2097051 pages RAM [ 272.119970][ T8786] 0 pages HighMem/MovableOnly [ 272.124879][ T8786] 429080 pages reserved [ 272.129104][ T8786] 0 pages cma reserved [ 272.752935][ T8784] netdevsim netdevsim5 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 272.927891][ T8823] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -12 [ 272.937713][ T8823] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -12 [ 272.948160][ T8823] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db [ 272.974484][ T8784] netdevsim netdevsim5 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 273.334372][ T8835] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 273.340858][ T8835] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 273.352082][ T8835] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 273.358267][ T8835] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 273.379812][ T8835] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 273.395529][ T8835] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 273.593907][ T8784] netdevsim netdevsim5 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 273.665756][ T8859] 9pnet_fd: Insufficient options for proto=fd [ 273.669069][ T8857] loop3: detected capacity change from 0 to 2048 [ 273.727549][ T8857] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 273.761592][ T30] kauditd_printk_skb: 2 callbacks suppressed [ 273.761616][ T30] audit: type=1800 audit(273.749:345): pid=8857 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.995" name="file1" dev="loop3" ino=15 res=0 errno=0 [ 273.993623][ T8479] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 274.031594][ T8479] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 274.263046][ T13] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 274.318047][ T8469] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 274.448358][ T8857] EXT4-fs error (device loop3): ext4_validate_block_bitmap:440: comm syz.3.995: bg 0: block 234: padding at end of block bitmap is not set [ 274.549313][ T8857] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1336 with error 117 [ 274.596504][ T8886] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1002'. [ 274.608890][ T8857] EXT4-fs (loop3): This should not happen!! Data will be lost [ 274.608890][ T8857] [ 274.654571][ T8886] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1002'. [ 275.484897][ T5844] Bluetooth: hci1: command 0x0406 tx timeout [ 275.490973][ T5844] Bluetooth: hci2: command 0x0406 tx timeout [ 275.497127][ T5848] Bluetooth: hci5: command 0x0405 tx timeout [ 275.503232][ T5847] Bluetooth: hci4: command 0x0406 tx timeout [ 275.509260][ T5847] Bluetooth: hci3: command 0x0406 tx timeout [ 275.515761][ T5842] Bluetooth: hci0: command 0x0406 tx timeout [ 275.665709][ T8894] netlink: 'syz.5.1005': attribute type 4 has an invalid length. [ 275.683993][ T8894] netlink: 'syz.5.1005': attribute type 4 has an invalid length. [ 275.739501][ T5825] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 277.989694][ T8939] netlink: 'syz.0.1022': attribute type 4 has an invalid length. [ 278.058039][ T8939] netlink: 'syz.0.1022': attribute type 4 has an invalid length. [ 278.058118][ T8941] ip6_tunnel: non-ECT from fc02:0000:0000:0000:0000:0000:0000:0000 with DS=0x6 [ 278.130458][ T8941] loop9: detected capacity change from 0 to 8 [ 278.167982][ C0] blk_print_req_error: 5 callbacks suppressed [ 278.168008][ C0] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 278.184409][ C0] Buffer I/O error on dev loop9, logical block 0, async page read [ 278.207059][ C1] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 278.217335][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 278.265172][ C0] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 278.275447][ C0] Buffer I/O error on dev loop9, logical block 0, async page read [ 278.306776][ C0] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 278.317042][ C0] Buffer I/O error on dev loop9, logical block 0, async page read [ 278.334822][ C0] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 278.336960][ T8951] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1027'. [ 278.345090][ C0] Buffer I/O error on dev loop9, logical block 0, async page read [ 278.351739][ C0] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 278.372084][ C0] Buffer I/O error on dev loop9, logical block 0, async page read [ 278.385154][ C1] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 278.395457][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 278.404590][ C1] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 278.414854][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 278.422844][ T8941] ldm_validate_partition_table(): Disk read failed. [ 278.448478][ C0] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 278.458769][ C0] Buffer I/O error on dev loop9, logical block 0, async page read [ 278.468166][ C0] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 278.478422][ C0] Buffer I/O error on dev loop9, logical block 0, async page read [ 278.486967][ T8941] Dev loop9: unable to read RDB block 0 [ 278.502124][ T8941] loop9: unable to read partition table [ 278.508492][ T8941] loop9: partition table beyond EOD, truncated [ 278.561345][ T8941] loop_reread_partitions: partition scan of loop9 (被xڬdGݡ [ 278.561345][ T8941] ) failed (rc=-5) [ 278.696263][ T8962] geneve0: entered allmulticast mode [ 279.993720][ T8984] netlink: 'syz.5.1040': attribute type 4 has an invalid length. [ 280.033911][ T8984] netlink: 'syz.5.1040': attribute type 4 has an invalid length. [ 280.303806][ T9000] loop9: detected capacity change from 0 to 8 [ 280.312955][ T9000] ldm_validate_partition_table(): Disk read failed. [ 280.320484][ T9000] Dev loop9: unable to read RDB block 0 [ 280.326954][ T9000] loop9: unable to read partition table [ 280.341508][ T9000] loop9: partition table beyond EOD, truncated [ 280.352336][ T9000] loop_reread_partitions: partition scan of loop9 (被xڬdGݡ [ 280.352336][ T9000] ) failed (rc=-5) [ 280.654202][ T9013] loop3: detected capacity change from 0 to 2048 [ 280.791628][ T9013] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 282.069456][ T9032] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1286: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters [ 282.143425][ T9028] lo speed is unknown, defaulting to 1000 [ 282.305539][ T9039] netlink: 'syz.1.1058': attribute type 4 has an invalid length. [ 282.314671][ T9038] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1059'. [ 282.386968][ T10] lo speed is unknown, defaulting to 1000 [ 282.394131][ T9038] IPVS: Error connecting to the multicast addr [ 282.404603][ T10] sy0: Port: 1 Link DOWN [ 282.404811][ T9040] netlink: 'syz.1.1058': attribute type 4 has an invalid length. [ 282.461753][ T5901] lo speed is unknown, defaulting to 1000 [ 282.467530][ T5901] sy0: Port: 1 Link ACTIVE [ 283.104115][ T9054] ip6_tunnel: non-ECT from fc02:0000:0000:0000:0000:0000:0000:0000 with DS=0x6 [ 283.447771][ T9058] tipc: Enabling of bearer rejected, failed to enable media [ 284.724553][ T30] audit: type=1326 audit(284.699:346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9078 comm="syz.0.1075" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e5098eec9 code=0x7ffc0000 [ 284.786376][ T30] audit: type=1326 audit(284.709:347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9078 comm="syz.0.1075" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e5098eec9 code=0x7ffc0000 [ 284.803726][ T9075] lo speed is unknown, defaulting to 1000 [ 284.845231][ T30] audit: type=1326 audit(284.709:348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9078 comm="syz.0.1075" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e5098eec9 code=0x7ffc0000 [ 284.899662][ T30] audit: type=1326 audit(284.709:349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9078 comm="syz.0.1075" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e5098eec9 code=0x7ffc0000 [ 284.931430][ T9083] netlink: 'syz.1.1076': attribute type 4 has an invalid length. [ 284.947908][ T30] audit: type=1326 audit(284.709:350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9078 comm="syz.0.1075" exe="/root/syz-executor" sig=0 arch=c000003e syscall=34 compat=0 ip=0x7f8e5098eec9 code=0x7ffc0000 [ 284.983841][ T9084] netlink: 'syz.1.1076': attribute type 4 has an invalid length. [ 285.071476][ T30] audit: type=1326 audit(284.709:351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9078 comm="syz.0.1075" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e5098eec9 code=0x7ffc0000 [ 285.202958][ T30] audit: type=1326 audit(284.759:352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9078 comm="syz.0.1075" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f8e509c1785 code=0x7ffc0000 [ 285.271389][ T30] audit: type=1326 audit(284.759:353): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9078 comm="syz.0.1075" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f8e509c1785 code=0x7ffc0000 [ 285.334261][ T24] lo speed is unknown, defaulting to 1000 [ 285.338989][ T30] audit: type=1326 audit(284.759:354): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9078 comm="syz.0.1075" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f8e509c1785 code=0x7ffc0000 [ 285.361734][ T24] sy0: Port: 1 Link DOWN [ 285.451206][ T30] audit: type=1326 audit(284.759:355): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9078 comm="syz.0.1075" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f8e509c1785 code=0x7ffc0000 [ 287.861746][ T9122] lo speed is unknown, defaulting to 1000 [ 288.201466][ T9126] loop4: detected capacity change from 0 to 512 [ 288.260961][ T9126] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 288.291644][ T9126] EXT4-fs error (device loop4): ext4_validate_block_bitmap:431: comm syz.4.1090: bg 0: block 18: invalid block bitmap [ 288.311606][ T9126] EXT4-fs error (device loop4): ext4_acquire_dquot:6943: comm syz.4.1090: Failed to acquire dquot type 1 [ 289.243585][ T5827] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 289.731192][ T9144] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 289.757334][ T9144] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 289.763588][ T9144] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 289.769699][ T9144] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 289.776537][ T9144] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 289.782717][ T9144] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 290.254879][ T5825] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 291.090267][ T9164] loop4: detected capacity change from 0 to 128 [ 291.173687][ T9164] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 291.421226][ T5140] Bluetooth: hci2: command 0x0406 tx timeout [ 291.493087][ T9164] lo speed is unknown, defaulting to 1000 [ 291.822771][ T5140] Bluetooth: hci5: command 0x0405 tx timeout [ 291.828839][ T5140] Bluetooth: hci4: command 0x0406 tx timeout [ 291.835092][ T5140] Bluetooth: hci3: command 0x0406 tx timeout [ 291.841689][ T5847] Bluetooth: hci0: command 0x0406 tx timeout [ 291.847717][ T5847] Bluetooth: hci1: command 0x0406 tx timeout [ 291.952176][ T9180] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1108'. [ 291.953934][ T5827] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 292.025184][ T9180] IPVS: Error connecting to the multicast addr [ 293.154299][ T9188] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 293.752928][ T9188] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 293.798767][ T9188] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 293.832678][ T9188] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 293.868254][ T9188] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 293.906749][ T9188] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 294.197586][ T9214] loop3: detected capacity change from 0 to 512 [ 294.216544][ T9216] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1124'. [ 294.228895][ T9214] EXT4-fs error (device loop3): ext4_do_update_inode:5624: inode #15: comm syz.3.1121: corrupted inode contents [ 294.244753][ T9214] EXT4-fs error (device loop3) in ext4_orphan_del:301: Corrupt filesystem [ 294.257475][ T9214] EXT4-fs error (device loop3): ext4_do_update_inode:5624: inode #15: comm syz.3.1121: corrupted inode contents [ 294.260184][ T9216] IPVS: Error connecting to the multicast addr [ 294.270591][ T9214] EXT4-fs error (device loop3): ext4_evict_inode:302: inode #15: comm syz.3.1121: mark_inode_dirty error [ 294.372173][ T9214] EXT4-fs (loop3): 1 orphan inode deleted [ 294.380058][ T9214] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 294.455999][ T9214] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 294.466786][ T5847] Bluetooth: hci2: command 0x0406 tx timeout [ 294.727160][ T9233] loop2: detected capacity change from 0 to 512 [ 294.949381][ T9233] EXT4-fs warning (device loop2): dx_probe:859: inode #2: comm syz.2.1130: dx entry: limit 0 != root limit 125 [ 295.026892][ T9233] EXT4-fs warning (device loop2): dx_probe:933: inode #2: comm syz.2.1130: Corrupt directory, running e2fsck is recommended [ 295.100270][ T9233] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -117 [ 295.130289][ T9233] EXT4-fs error (device loop2): ext4_iget_extra_inode:5074: inode #15: comm syz.2.1130: corrupted in-inode xattr: invalid ea_ino [ 295.221372][ T5847] Bluetooth: hci1: command 0x0406 tx timeout [ 295.339768][ T9233] EXT4-fs (loop2): Remounting filesystem read-only [ 295.383349][ T9233] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 295.443211][ T30] kauditd_printk_skb: 87 callbacks suppressed [ 295.443236][ T30] audit: type=1326 audit(295.429:441): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9243 comm="syz.0.1136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e5098eec9 code=0x7ffc0000 [ 295.563996][ T30] audit: type=1326 audit(295.429:442): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9243 comm="syz.0.1136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e5098eec9 code=0x7ffc0000 [ 295.641710][ T30] audit: type=1326 audit(295.469:443): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9243 comm="syz.0.1136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f8e5098eec9 code=0x7ffc0000 [ 295.694958][ T9253] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1139'. [ 295.724492][ T30] audit: type=1326 audit(295.469:444): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9243 comm="wg1" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e5098eec9 code=0x7ffc0000 [ 295.794454][ T30] audit: type=1326 audit(295.469:445): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9243 comm="wg1" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e5098eec9 code=0x7ffc0000 [ 295.828509][ T5847] Bluetooth: hci0: command 0x0406 tx timeout [ 295.873308][ T30] audit: type=1326 audit(295.469:446): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9243 comm="wg1" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8e5098eec9 code=0x7ffc0000 [ 295.905299][ T5847] Bluetooth: hci4: command 0x0406 tx timeout [ 295.911205][ T5848] Bluetooth: hci3: command 0x0406 tx timeout [ 295.924356][ T30] audit: type=1326 audit(295.469:447): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9243 comm="wg1" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e5098eec9 code=0x7ffc0000 [ 295.981923][ T5848] Bluetooth: hci5: command 0x0405 tx timeout [ 295.990552][ T5833] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 296.088128][ T30] audit: type=1326 audit(295.469:448): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9243 comm="wg1" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e5098eec9 code=0x7ffc0000 [ 296.168616][ T30] audit: type=1326 audit(295.499:449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9243 comm="wg1" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8e5098eec9 code=0x7ffc0000 [ 296.240862][ T30] audit: type=1326 audit(295.499:450): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9243 comm="wg1" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e5098eec9 code=0x7ffc0000 [ 296.397406][ T9260] loop2: detected capacity change from 0 to 512 [ 296.419362][ T9250] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 296.452430][ T9250] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 296.458675][ T9250] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 296.465351][ T9250] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 296.471585][ T9250] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 296.478808][ T9250] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 296.489807][ T9260] EXT4-fs (loop2): orphan cleanup on readonly fs [ 296.512223][ T9260] EXT4-fs error (device loop2): ext4_get_branch:178: inode #11: block 4294967295: comm syz.2.1140: invalid block [ 296.544033][ T9260] EXT4-fs (loop2): Remounting filesystem read-only [ 296.613600][ T9260] EXT4-fs (loop2): 2 truncates cleaned up [ 297.036023][ T9260] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 297.365330][ T5833] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 297.910435][ T9279] netlink: 14 bytes leftover after parsing attributes in process `syz.5.1150'. [ 297.959955][ T9279] hsr_slave_0: left promiscuous mode [ 298.035246][ T9279] hsr_slave_1: left promiscuous mode [ 298.061603][ T5848] Bluetooth: hci2: command 0x0406 tx timeout [ 298.461327][ T5848] Bluetooth: hci0: command 0x0406 tx timeout [ 298.467407][ T5848] Bluetooth: hci1: command 0x0406 tx timeout [ 298.541323][ T5848] Bluetooth: hci5: command 0x0405 tx timeout [ 298.547693][ T5847] Bluetooth: hci4: command 0x0406 tx timeout [ 298.551685][ T5140] Bluetooth: hci3: command 0x0406 tx timeout [ 299.979990][ T9324] loop3: detected capacity change from 0 to 512 [ 300.085642][ T9324] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 300.971972][ T9341] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1173'. [ 300.992526][ T9333] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 300.998646][ T9333] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 301.013908][ T5825] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 301.031665][ T9333] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 301.037783][ T9333] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 301.058787][ T9333] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 301.091517][ T9333] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 301.429864][ T9358] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1181'. [ 301.515275][ T9360] loop2: detected capacity change from 0 to 2048 [ 301.607494][ T9362] loop4: detected capacity change from 0 to 2048 [ 301.616336][ T9360] loop2: p1 < p5 p6 p7 p8 p9 p10 p11 p12 p13 p14 p15 p16 p17 p18 p19 p20 p21 p22 p23 p24 p25 p26 p27 p28 p29 p30 p31 p32 p33 p34 p35 p36 p37 p38 p39 p40 p41 p42 p43 p44 p45 p46 p47 p48 p49 p50 p51 p52 p53 p54 p55 p56 p57 p58 p59 p60 p61 p62 p63 p64 p65 p66 p67 p68 p69 p70 p71 p72 p73 p74 p75 p76 p77 p78 p79 p80 p81 p82 p83 p84 p85 p86 p87 p88 p89 p90 p91 p92 p93 p94 p95 p96 p97 p98 p99 p100 p101 p102 p103 p104 p105 p106 p107 p108 p109 p110 p111 p112 p113 p114 p115 p116 p117 p118 p119 p120 p121 p122 p123 p124 p125 p126 p127 p128 p129 p130 p131 p132 p133 p134 p135 p136 p137 p138 p139 p140 p141 p142 p143 p144 p145 p146 p147 p148 p149 p150 p151 p152 p153 p154 p155 p156 p157 p158 p159 p160 p161 p162 p163 p164 p165 p166 p167 p168 p169 p170 p171 p172 p173 p174 p175 p176 p177 p178 p179 p180 p181 p182 p183 p184 p185 p186 p187 p188 p189 p190 p191 p192 p193 p194 p195 p196 p197 p198 p199 p200 p201 p202 p203 p204 p205 p206 p207 p208 p209 p210 p211 p212 p213 p214 p215 p216 p217 p218 p219 p220 p221 p222 p223 p224 p225 p22 [ 301.628129][ T9360] loop2: p4 start 42180 is beyond EOD, truncated [ 301.776366][ T9360] loop2: p5 start 42180 is beyond EOD, truncated [ 301.806266][ T9360] loop2: p6 start 42180 is beyond EOD, truncated [ 301.899336][ T9360] loop2: p7 start 42180 is beyond EOD, truncated [ 301.921609][ T9362] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 301.939597][ T9360] loop2: p8 start 42180 is beyond EOD, truncated [ 301.951748][ T9360] loop2: p9 start 42180 is beyond EOD, truncated [ 301.958445][ T9360] loop2: p10 start 42180 is beyond EOD, truncated [ 301.965341][ T9360] loop2: p11 start 42180 is beyond EOD, truncated [ 301.971957][ T9360] loop2: p12 start 42180 is beyond EOD, truncated [ 301.980636][ T9360] loop2: p13 start 42180 is beyond EOD, truncated [ 301.981034][ T30] kauditd_printk_skb: 35 callbacks suppressed [ 301.981056][ T30] audit: type=1800 audit(301.949:486): pid=9362 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1183" name="file1" dev="loop4" ino=15 res=0 errno=0 [ 301.987971][ T9360] loop2: p14 start 42180 is beyond EOD, truncated [ 302.020184][ T9360] loop2: p15 start 42180 is beyond EOD, truncated [ 302.026734][ T9360] loop2: p16 start 42180 is beyond EOD, truncated [ 302.037370][ T9360] loop2: p17 start 42180 is beyond EOD, truncated [ 302.044122][ T9360] loop2: p18 start 42180 is beyond EOD, truncated [ 302.050585][ T9360] loop2: p19 start 42180 is beyond EOD, truncated [ 302.057107][ T9360] loop2: p20 start 42180 is beyond EOD, truncated [ 302.063816][ T9360] loop2: p21 start 42180 is beyond EOD, truncated [ 302.070262][ T9360] loop2: p22 start 42180 is beyond EOD, truncated [ 302.077458][ T9360] loop2: p23 start 42180 is beyond EOD, truncated [ 302.086558][ T9360] loop2: p24 start 42180 is beyond EOD, truncated [ 302.093190][ T9360] loop2: p25 start 42180 is beyond EOD, truncated [ 302.099633][ T9360] loop2: p26 start 42180 is beyond EOD, truncated [ 302.127008][ T9360] loop2: p27 start 42180 is beyond EOD, truncated [ 302.248930][ T9360] loop2: p28 start 42180 is beyond EOD, truncated [ 302.379253][ T9362] EXT4-fs error (device loop4): ext4_validate_block_bitmap:440: comm syz.4.1183: bg 0: block 234: padding at end of block bitmap is not set [ 302.404680][ T9360] loop2: p29 start 42180 is beyond EOD, truncated [ 302.443680][ T9360] loop2: p30 start 42180 is beyond EOD, truncated [ 302.455384][ T9362] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 2048 with error 117 [ 302.493575][ T9360] loop2: p31 start 42180 is beyond EOD, truncated [ 302.513633][ T9360] loop2: p32 start 42180 is beyond EOD, truncated [ 302.524629][ T9362] EXT4-fs (loop4): This should not happen!! Data will be lost [ 302.524629][ T9362] [ 302.536631][ T9360] loop2: p33 start 42180 is beyond EOD, truncated [ 302.572873][ T9360] loop2: p34 start 42180 is beyond EOD, truncated [ 302.579454][ T9360] loop2: p35 start 42180 is beyond EOD, truncated [ 302.642167][ T9360] loop2: p36 start 42180 is beyond EOD, truncated [ 302.648662][ T9360] loop2: p37 start 42180 is beyond EOD, truncated [ 302.701312][ T9360] loop2: p38 start 42180 is beyond EOD, truncated [ 302.751219][ T9360] loop2: p39 start 42180 is beyond EOD, truncated [ 302.757710][ T9360] loop2: p40 start 42180 is beyond EOD, truncated [ 302.851266][ T9360] loop2: p41 start 42180 is beyond EOD, truncated [ 302.900348][ T9360] loop2: p42 start 42180 is beyond EOD, truncated [ 302.946036][ T9360] loop2: p43 start 42180 is beyond EOD, truncated [ 302.965771][ T9360] loop2: p44 start 42180 is beyond EOD, truncated [ 302.972439][ T9360] loop2: p45 start 42180 is beyond EOD, truncated [ 302.978886][ T9360] loop2: p46 start 42180 is beyond EOD, truncated [ 302.985806][ T9360] loop2: p47 start 42180 is beyond EOD, truncated [ 302.992424][ T9360] loop2: p48 start 42180 is beyond EOD, truncated [ 302.999205][ T9360] loop2: p49 start 42180 is beyond EOD, truncated [ 303.022943][ T5140] Bluetooth: hci2: command 0x0406 tx timeout [ 303.049361][ T5140] Bluetooth: hci1: command 0x0406 tx timeout [ 303.112388][ T5140] Bluetooth: hci5: command 0x0405 tx timeout [ 303.118708][ T5140] Bluetooth: hci0: command 0x0406 tx timeout [ 303.125412][ T5140] Bluetooth: hci4: command 0x0406 tx timeout [ 303.131695][ T5140] Bluetooth: hci3: command 0x0406 tx timeout [ 303.150854][ T9360] loop2: p50 start 42180 is beyond EOD, truncated [ 303.215895][ T9360] loop2: p51 start 42180 is beyond EOD, truncated [ 303.246927][ T9360] loop2: p52 start 42180 is beyond EOD, truncated [ 303.293137][ T9360] loop2: p53 start 42180 is beyond EOD, truncated [ 303.339748][ T9360] loop2: p54 start 42180 is beyond EOD, truncated [ 303.400416][ T9360] loop2: p55 start 42180 is beyond EOD, truncated [ 303.450422][ T9360] loop2: p56 start 42180 is beyond EOD, truncated [ 303.529329][ T9360] loop2: p57 start 42180 is beyond EOD, truncated [ 303.543874][ T9360] loop2: p58 start 42180 is beyond EOD, truncated [ 303.555126][ T9360] loop2: p59 start 42180 is beyond EOD, truncated [ 303.562085][ T9360] loop2: p60 start 42180 is beyond EOD, truncated [ 303.568642][ T9360] loop2: p61 start 42180 is beyond EOD, truncated [ 303.575300][ T9360] loop2: p62 start 42180 is beyond EOD, truncated [ 303.582262][ T9360] loop2: p63 start 42180 is beyond EOD, truncated [ 303.588881][ T9360] loop2: p64 start 42180 is beyond EOD, truncated [ 303.595476][ T9360] loop2: p65 start 42180 is beyond EOD, truncated [ 303.602339][ T9360] loop2: p66 start 42180 is beyond EOD, truncated [ 303.608890][ T9360] loop2: p67 start 42180 is beyond EOD, truncated [ 303.616133][ T9360] loop2: p68 start 42180 is beyond EOD, truncated [ 303.624370][ T9360] loop2: p69 start 42180 is beyond EOD, truncated [ 303.632217][ T9360] loop2: p70 start 42180 is beyond EOD, truncated [ 303.638763][ T9360] loop2: p71 start 42180 is beyond EOD, truncated [ 303.645589][ T9360] loop2: p72 start 42180 is beyond EOD, truncated [ 303.652161][ T9360] loop2: p73 start 42180 is beyond EOD, truncated [ 303.659056][ T9360] loop2: p74 start 42180 is beyond EOD, truncated [ 303.667085][ T9360] loop2: p75 start 42180 is beyond EOD, truncated [ 303.674565][ T9360] loop2: p76 start 42180 is beyond EOD, truncated [ 303.681359][ T9360] loop2: p77 start 42180 is beyond EOD, truncated [ 303.688022][ T9360] loop2: p78 start 42180 is beyond EOD, truncated [ 303.694743][ T9360] loop2: p79 start 42180 is beyond EOD, truncated [ 303.701471][ T9360] loop2: p80 start 42180 is beyond EOD, truncated [ 303.708034][ T9360] loop2: p81 start 42180 is beyond EOD, truncated [ 303.714726][ T9360] loop2: p82 start 42180 is beyond EOD, truncated [ 303.723687][ T9360] loop2: p83 start 42180 is beyond EOD, truncated [ 303.730319][ T9360] loop2: p84 start 42180 is beyond EOD, truncated [ 303.736918][ T9360] loop2: p85 start 42180 is beyond EOD, truncated [ 303.744093][ T9360] loop2: p86 start 42180 is beyond EOD, truncated [ 303.754952][ T9360] loop2: p87 start 42180 is beyond EOD, truncated [ 303.761958][ T9360] loop2: p88 start 42180 is beyond EOD, truncated [ 303.768704][ T9360] loop2: p89 start 42180 is beyond EOD, truncated [ 303.775203][ T9360] loop2: p90 start 42180 is beyond EOD, truncated [ 303.781925][ T9360] loop2: p91 start 42180 is beyond EOD, truncated [ 303.788364][ T9360] loop2: p92 start 42180 is beyond EOD, truncated [ 303.795066][ T9360] loop2: p93 start 42180 is beyond EOD, truncated [ 303.818613][ T8491] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 2050 with max blocks 1426 with error 28 [ 303.819896][ T9360] loop2: p94 start 42180 is beyond EOD, [ 303.861178][ T8491] EXT4-fs (loop4): This should not happen!! Data will be lost [ 303.861178][ T8491] [ 303.876205][ T9360] truncated [ 303.879592][ T9360] loop2: p95 start 42180 is beyond EOD, truncated [ 303.891238][ T8491] EXT4-fs (loop4): Total free blocks count 0 [ 303.897255][ T8491] EXT4-fs (loop4): Free/Dirty block details [ 303.920018][ T9360] loop2: p96 start 42180 is beyond EOD, truncated [ 303.931258][ T8491] EXT4-fs (loop4): free_blocks=0 [ 303.936256][ T8491] EXT4-fs (loop4): dirty_blocks=1440 [ 303.942221][ T9360] loop2: p97 start 42180 is beyond EOD, truncated [ 303.966061][ T9360] loop2: p98 start 42180 is beyond EOD, truncated [ 303.981207][ T8491] EXT4-fs (loop4): Block reservation details [ 303.990645][ T9360] loop2: p99 start 42180 is beyond EOD, truncated [ 304.021810][ T9360] loop2: p100 start 42180 is beyond EOD, truncated [ 304.040893][ T9360] loop2: p101 start 42180 is beyond EOD, truncated [ 304.057870][ T9360] loop2: p102 start 42180 is beyond EOD, truncated [ 304.077453][ T9360] loop2: p103 start 42180 is beyond EOD, truncated [ 304.102377][ T9360] loop2: p104 start 42180 is beyond EOD, truncated [ 304.108945][ T9360] loop2: p105 start 42180 is beyond EOD, truncated [ 304.140117][ T9360] loop2: p106 start 42180 is beyond EOD, truncated [ 304.160302][ T9360] loop2: p107 start 42180 is beyond EOD, truncated [ 304.185792][ T9360] loop2: p108 start 42180 is beyond EOD, truncated [ 304.211295][ T9360] loop2: p109 start 42180 is beyond EOD, truncated [ 304.217870][ T9360] loop2: p110 start 42180 is beyond EOD, truncated [ 304.271289][ T9360] loop2: p111 start 42180 is beyond EOD, truncated [ 304.277910][ T9360] loop2: p112 start 42180 is beyond EOD, truncated [ 304.306005][ T9360] loop2: p113 start 42180 is beyond EOD, truncated [ 304.326583][ T9360] loop2: p114 start 42180 is beyond EOD, truncated [ 304.382557][ T9360] loop2: p115 start 42180 is beyond EOD, truncated [ 304.389304][ T9360] loop2: p116 start 42180 is beyond EOD, truncated [ 304.438473][ T9360] loop2: p117 start 42180 is beyond EOD, truncated [ 304.483695][ T9360] loop2: p118 start 42180 is beyond EOD, truncated [ 304.504911][ T9360] loop2: p119 start 42180 is beyond EOD, truncated [ 304.541857][ T9360] loop2: p120 start 42180 is beyond EOD, truncated [ 304.591927][ T9360] loop2: p121 start 42180 is beyond EOD, truncated [ 304.598713][ T9360] loop2: p122 start 42180 is beyond EOD, truncated [ 304.759734][ T9360] loop2: p123 start 42180 is beyond EOD, truncated [ 304.987598][ T9360] loop2: p124 start 42180 is beyond EOD, truncated [ 305.188750][ T9360] loop2: p125 start 42180 is beyond EOD, truncated [ 305.227953][ T9360] loop2: p126 start 42180 is beyond EOD, truncated [ 305.269307][ T9360] loop2: p127 start 42180 is beyond EOD, truncated [ 305.300843][ T9360] loop2: p128 start 42180 is beyond EOD, truncated [ 305.345528][ T9360] loop2: p129 start 42180 is beyond EOD, truncated [ 305.393462][ T9360] loop2: p130 start 42180 is beyond EOD, truncated [ 305.434416][ T9360] loop2: p131 start 42180 is beyond EOD, truncated [ 305.477021][ T9360] loop2: p132 start 42180 is beyond EOD, truncated [ 305.496770][ T9360] loop2: p133 start 42180 is beyond EOD, truncated [ 305.505887][ T9360] loop2: p134 start 42180 is beyond EOD, truncated [ 305.512595][ T9360] loop2: p135 start 42180 is beyond EOD, truncated [ 305.519130][ T9360] loop2: p136 start 42180 is beyond EOD, truncated [ 305.531632][ T9360] loop2: p137 start 42180 is beyond EOD, truncated [ 305.539126][ T9418] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1205'. [ 305.550184][ T9360] loop2: p138 start 42180 is beyond EOD, truncated [ 305.560577][ T9360] loop2: p139 start 42180 is beyond EOD, truncated [ 305.577457][ T9360] loop2: p140 start 42180 is beyond EOD, truncated [ 305.615307][ T9360] loop2: p141 start 42180 is beyond EOD, truncated [ 305.631265][ T9360] loop2: p142 start 42180 is beyond EOD, truncated [ 305.638828][ T9360] loop2: p143 start 42180 is beyond EOD, truncated [ 305.645960][ T9360] loop2: p144 start 42180 is beyond EOD, truncated [ 305.661241][ T9360] loop2: p145 start 42180 is beyond EOD, truncated [ 305.668288][ T9360] loop2: p146 start 42180 is beyond EOD, truncated [ 305.689541][ T9418] 8021q: adding VLAN 0 to HW filter on device bond1 [ 305.704871][ T9360] loop2: p147 start 42180 is beyond EOD, truncated [ 305.737259][ T9360] loop2: p148 start 42180 is beyond EOD, truncated [ 305.873640][ T9422] vlan2: entered allmulticast mode [ 305.898351][ T9422] bond1: entered allmulticast mode [ 305.904213][ T9360] loop2: p149 start 42180 is beyond EOD, truncated [ 305.924081][ T9360] loop2: p150 start 42180 is beyond EOD, truncated [ 305.951776][ T9360] loop2: p151 start 42180 is beyond EOD, truncated [ 305.990852][ T9360] loop2: p152 start 42180 is beyond EOD, truncated [ 306.003912][ T9360] loop2: p153 start 42180 is beyond EOD, truncated [ 306.011211][ T9360] loop2: p154 start 42180 is beyond EOD, truncated [ 306.017822][ T9360] loop2: p155 start 42180 is beyond EOD, truncated [ 306.025026][ T9360] loop2: p156 start 42180 is beyond EOD, truncated [ 306.031625][ T9360] loop2: p157 start 42180 is beyond EOD, truncated [ 306.038142][ T9360] loop2: p158 start 42180 is beyond EOD, truncated [ 306.044736][ T9360] loop2: p159 start 42180 is beyond EOD, truncated [ 306.051335][ T9360] loop2: p160 start 42180 is beyond EOD, truncated [ 306.057854][ T9360] loop2: p161 start 42180 is beyond EOD, truncated [ 306.064453][ T9360] loop2: p162 start 42180 is beyond EOD, truncated [ 306.071217][ T9360] loop2: p163 start 42180 is beyond EOD, truncated [ 306.078165][ T9360] loop2: p164 start 42180 is beyond EOD, truncated [ 306.084850][ T9360] loop2: p165 start 42180 is beyond EOD, truncated [ 306.180954][ T9360] loop2: p166 start 42180 is beyond EOD, truncated [ 306.404496][ T9360] loop2: p167 start 42180 is beyond EOD, truncated [ 306.601415][ T9360] loop2: p168 start 42180 is beyond EOD, truncated [ 306.619309][ T9360] loop2: p169 start 42180 is beyond EOD, truncated [ 306.635251][ T9360] loop2: p170 start 42180 is beyond EOD, truncated [ 306.647819][ T9360] loop2: p171 start 42180 is beyond EOD, truncated [ 306.655566][ T9360] loop2: p172 start 42180 is beyond EOD, truncated [ 306.662283][ T9360] loop2: p173 start 42180 is beyond EOD, truncated [ 306.669041][ T9360] loop2: p174 start 42180 is beyond EOD, truncated [ 306.677308][ T9360] loop2: p175 start 42180 is beyond EOD, truncated [ 306.684359][ T9360] loop2: p176 start 42180 is beyond EOD, truncated [ 306.693270][ T9360] loop2: p177 start 42180 is beyond EOD, truncated [ 306.700045][ T9360] loop2: p178 start 42180 is beyond EOD, truncated [ 306.707252][ T9360] loop2: p179 start 42180 is beyond EOD, truncated [ 306.714085][ T9360] loop2: p180 start 42180 is beyond EOD, truncated [ 306.720624][ T9360] loop2: p181 start 42180 is beyond EOD, truncated [ 306.727690][ T9360] loop2: p182 start 42180 is beyond EOD, truncated [ 306.734348][ T9360] loop2: p183 start 42180 is beyond EOD, truncated [ 306.741551][ T9360] loop2: p184 start 42180 is beyond EOD, truncated [ 306.748176][ T9360] loop2: p185 start 42180 is beyond EOD, truncated [ 306.755028][ T9360] loop2: p186 start 42180 is beyond EOD, truncated [ 306.761918][ T9360] loop2: p187 start 42180 is beyond EOD, truncated [ 306.768698][ T9360] loop2: p188 start 42180 is beyond EOD, truncated [ 306.775334][ T9360] loop2: p189 start 42180 is beyond EOD, truncated [ 306.782947][ T9360] loop2: p190 start 42180 is beyond EOD, truncated [ 306.790096][ T9360] loop2: p191 start 42180 is beyond EOD, truncated [ 306.798596][ T9360] loop2: p192 start 42180 is beyond EOD, truncated [ 306.805610][ T9360] loop2: p193 start 42180 is beyond EOD, truncated [ 306.812679][ T9360] loop2: p194 start 42180 is beyond EOD, truncated [ 306.819276][ T9360] loop2: p195 start 42180 is beyond EOD, truncated [ 306.826210][ T9360] loop2: p196 start 42180 is beyond EOD, truncated [ 306.832906][ T9360] loop2: p197 start 42180 is beyond EOD, truncated [ 306.839686][ T9360] loop2: p198 start 42180 is beyond EOD, truncated [ 306.846578][ T9360] loop2: p199 start 42180 is beyond EOD, truncated [ 306.853712][ T9360] loop2: p200 start 42180 is beyond EOD, truncated [ 306.860309][ T9360] loop2: p201 start 42180 is beyond EOD, truncated [ 306.869537][ T9360] loop2: p202 start 42180 is beyond EOD, truncated [ 306.876639][ T9360] loop2: p203 start 42180 is beyond EOD, truncated [ 306.883706][ T9360] loop2: p204 start 42180 is beyond EOD, truncated [ 306.890305][ T9360] loop2: p205 start 42180 is beyond EOD, truncated [ 306.905581][ T9435] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1209'. [ 306.936856][ T9360] loop2: p206 start 42180 is beyond EOD, truncated [ 306.965483][ T9360] loop2: p207 start 42180 is beyond EOD, truncated [ 307.002054][ T9360] loop2: p208 start 42180 is beyond EOD, truncated [ 307.028077][ T9360] loop2: p209 start 42180 is beyond EOD, truncated [ 307.071268][ T9360] loop2: p210 start 42180 is beyond EOD, truncated [ 307.109754][ T9360] loop2: p211 start 42180 is beyond EOD, truncated [ 307.134397][ T9360] loop2: p212 start 42180 is beyond EOD, truncated [ 307.164032][ T9360] loop2: p213 start 42180 is beyond EOD, truncated [ 307.170595][ T9360] loop2: p214 start 42180 is beyond EOD, truncated [ 307.188803][ T9360] loop2: p215 start 42180 is beyond EOD, truncated [ 307.203133][ T9360] loop2: p216 start 42180 is beyond EOD, truncated [ 307.219278][ T9360] loop2: p217 start 42180 is beyond EOD, truncated [ 307.243533][ T9360] loop2: p218 start 42180 is beyond EOD, truncated [ 307.261858][ T9360] loop2: p219 start 42180 is beyond EOD, truncated [ 307.295054][ T9360] loop2: p220 start 42180 is beyond EOD, truncated [ 307.388600][ T9360] loop2: p221 start 42180 is beyond EOD, truncated [ 307.420669][ T9447] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1216'. [ 307.440287][ T9360] loop2: p222 start 42180 is beyond EOD, truncated [ 307.481731][ T9360] loop2: p223 start 42180 is beyond EOD, truncated [ 307.539644][ T9360] loop2: p224 start 42180 is beyond EOD, truncated [ 307.566973][ T9360] loop2: p225 start 42180 is beyond EOD, truncated [ 307.573703][ T9360] loop2: p226 start 42180 is beyond EOD, truncated [ 307.580242][ T9360] loop2: p227 start 42180 is beyond EOD, truncated [ 307.601184][ T9360] loop2: p228 start 42180 is beyond EOD, truncated [ 307.607733][ T9360] loop2: p229 start 42180 is beyond EOD, truncated [ 307.855198][ T9360] loop2: p230 start 42180 is beyond EOD, truncated [ 307.995941][ T9360] loop2: p231 start 42180 is beyond EOD, truncated [ 308.172660][ T9454] loop9: detected capacity change from 0 to 8 [ 308.178974][ T9360] loop2: p232 start 42180 is beyond EOD, truncated [ 308.212066][ T9360] loop2: p233 start 42180 is beyond EOD, truncated [ 308.218638][ T9360] loop2: p234 start 42180 is beyond EOD, truncated [ 308.225257][ C1] blk_print_req_error: 20 callbacks suppressed [ 308.225280][ C1] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 308.225328][ C1] buffer_io_error: 20 callbacks suppressed [ 308.225347][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 308.289714][ C1] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 308.299974][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 308.359855][ C1] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 308.370173][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 308.381182][ C1] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 308.391497][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 308.437175][ C1] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 308.447504][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 308.457324][ C1] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 308.467552][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 308.471306][ T9360] loop2: p235 start 42180 is beyond EOD, truncated [ 308.482175][ C0] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 308.492395][ C0] Buffer I/O error on dev loop9, logical block 0, async page read [ 308.500513][ C1] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 308.510749][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 308.518675][ T9454] ldm_validate_partition_table(): Disk read failed. [ 308.526282][ C1] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 308.536506][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 308.542629][ T9360] loop2: p236 start 42180 is beyond EOD, [ 308.547346][ C1] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 308.561222][ T9360] truncated [ 308.563290][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 308.574581][ T9454] Dev loop9: unable to read RDB block 0 [ 308.580662][ T9360] loop2: p237 start 42180 is beyond EOD, truncated [ 308.591353][ T9454] loop9: unable to read partition table [ 308.597228][ T9454] loop9: partition table beyond EOD, truncated [ 308.613036][ T9360] loop2: p238 start 42180 is beyond EOD, truncated [ 308.619727][ T9360] loop2: p239 start 42180 is beyond EOD, truncated [ 308.631203][ T9454] loop_reread_partitions: partition scan of loop9 (被xڬdGݡ [ 308.631203][ T9454] ) failed (rc=-5) [ 308.658452][ T9360] loop2: p240 start 42180 is beyond EOD, truncated [ 308.671362][ T9360] loop2: p241 start 42180 is beyond EOD, truncated [ 308.691205][ T9360] loop2: p242 start 42180 is beyond EOD, truncated [ 308.697765][ T9360] loop2: p243 start 42180 is beyond EOD, truncated [ 308.731172][ T9360] loop2: p244 start 42180 is beyond EOD, truncated [ 308.762044][ T9360] loop2: p245 start 42180 is beyond EOD, truncated [ 308.768695][ T9360] loop2: p246 start 42180 is beyond EOD, truncated [ 308.791181][ T9360] loop2: p247 start 42180 is beyond EOD, truncated [ 308.808409][ T9360] loop2: p248 start 42180 is beyond EOD, truncated [ 308.831231][ T9360] loop2: p249 start 42180 is beyond EOD, truncated [ 308.863502][ T9360] loop2: p250 start 42180 is beyond EOD, truncated [ 308.870120][ T9360] loop2: p251 start 42180 is beyond EOD, truncated [ 308.897105][ T9360] loop2: p252 start 42180 is beyond EOD, truncated [ 308.906793][ T9360] loop2: p253 start 42180 is beyond EOD, truncated [ 308.930843][ T9360] loop2: p254 start 42180 is beyond EOD, truncated [ 308.955308][ T9360] loop2: p255 start 42180 is beyond EOD, truncated [ 308.969954][ T9468] loop4: detected capacity change from 0 to 512 [ 309.007637][ T9468] EXT4-fs: Ignoring removed bh option [ 309.028796][ T9468] journal_path: Lookup failure for './file0' [ 309.046353][ T9468] EXT4-fs: error: could not find journal device path [ 310.292293][ T9489] loop4: detected capacity change from 0 to 512 [ 310.315980][ T9489] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002] [ 310.326907][ T9491] ip6_tunnel: non-ECT from fc02:0000:0000:0000:0000:0000:0000:0000 with DS=0x6 [ 310.339623][ T9491] loop9: detected capacity change from 0 to 8 [ 310.346090][ T9489] EXT4-fs (loop4): orphan cleanup on readonly fs [ 310.352376][ T9487] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1231'. [ 310.355585][ T9491] ldm_validate_partition_table(): Disk read failed. [ 310.369703][ T9491] Dev loop9: unable to read RDB block 0 [ 310.371234][ T9489] EXT4-fs warning (device loop4): ext4_enable_quotas:7176: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix. [ 310.376573][ T9491] loop9: unable to read partition table [ 310.376816][ T9491] loop9: partition table beyond EOD, truncated [ 310.376845][ T9491] loop_reread_partitions: partition scan of loop9 (被xڬdGݡ [ 310.376845][ T9491] ) failed (rc=-5) [ 310.494292][ T9489] EXT4-fs (loop4): Cannot turn on quotas: error -22 [ 310.521510][ T9489] EXT4-fs error (device loop4): ext4_ext_check_inode:523: inode #13: comm syz.4.1233: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0) [ 310.599353][ T9489] EXT4-fs error (device loop4): ext4_orphan_get:1395: comm syz.4.1233: couldn't read orphan inode 13 (err -117) [ 310.656061][ T9489] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 310.759058][ T9489] EXT4-fs (loop4): warning: mounting fs with errors, running e2fsck is recommended [ 310.802323][ T9489] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002] [ 310.882053][ T9489] EXT4-fs warning (device loop4): ext4_enable_quotas:7176: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix. [ 312.848460][ T5827] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 313.392253][ T9530] loop9: detected capacity change from 0 to 8 [ 313.405884][ C1] blk_print_req_error: 20 callbacks suppressed [ 313.405910][ C1] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 313.422327][ C1] buffer_io_error: 20 callbacks suppressed [ 313.422350][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 313.441810][ C1] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 313.452061][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 313.461433][ C0] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 313.471696][ C0] Buffer I/O error on dev loop9, logical block 0, async page read [ 313.480422][ C0] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 313.490687][ C0] Buffer I/O error on dev loop9, logical block 0, async page read [ 313.507141][ T9539] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1252'. [ 313.511187][ C0] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 313.526615][ C0] Buffer I/O error on dev loop9, logical block 0, async page read [ 313.534792][ C0] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 313.545010][ C0] Buffer I/O error on dev loop9, logical block 0, async page read [ 313.553962][ C1] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 313.564272][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 313.581493][ C1] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 313.591856][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 313.599865][ T9530] ldm_validate_partition_table(): Disk read failed. [ 313.600831][ T9537] loop2: detected capacity change from 0 to 128 [ 313.607719][ C1] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 313.623051][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 313.641258][ C0] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 313.651502][ C0] Buffer I/O error on dev loop9, logical block 0, async page read [ 313.670807][ T9530] Dev loop9: unable to read RDB block 0 [ 313.684333][ T9530] loop9: unable to read partition table [ 313.720481][ T9537] bio_check_eod: 26 callbacks suppressed [ 313.720507][ T9537] syz.2.1253: attempt to access beyond end of device [ 313.720507][ T9537] loop2: rw=2049, sector=145, nr_sectors = 24 limit=128 [ 313.744382][ T9530] loop9: partition table beyond EOD, truncated [ 313.751803][ T9537] syz.2.1253: attempt to access beyond end of device [ 313.751803][ T9537] loop2: rw=2049, sector=177, nr_sectors = 8 limit=128 [ 313.757261][ T9530] loop_reread_partitions: partition scan of loop9 (被xڬdGݡ [ 313.757261][ T9530] ) failed (rc=-5) [ 313.785228][ T9537] syz.2.1253: attempt to access beyond end of device [ 313.785228][ T9537] loop2: rw=2049, sector=193, nr_sectors = 8 limit=128 [ 313.803243][ T9537] syz.2.1253: attempt to access beyond end of device [ 313.803243][ T9537] loop2: rw=2049, sector=209, nr_sectors = 8 limit=128 [ 313.835377][ T9537] syz.2.1253: attempt to access beyond end of device [ 313.835377][ T9537] loop2: rw=2049, sector=225, nr_sectors = 8 limit=128 [ 313.866178][ T9548] syz.2.1253: attempt to access beyond end of device [ 313.866178][ T9548] loop2: rw=2049, sector=305, nr_sectors = 80 limit=128 [ 313.880792][ T9547] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 313.910615][ T9548] syz.2.1253: attempt to access beyond end of device [ 313.910615][ T9548] loop2: rw=2049, sector=393, nr_sectors = 8 limit=128 [ 313.938578][ T9537] syz.2.1253: attempt to access beyond end of device [ 313.938578][ T9537] loop2: rw=2049, sector=241, nr_sectors = 8 limit=128 [ 313.964069][ T9537] syz.2.1253: attempt to access beyond end of device [ 313.964069][ T9537] loop2: rw=2049, sector=257, nr_sectors = 8 limit=128 [ 313.988335][ T9537] syz.2.1253: attempt to access beyond end of device [ 313.988335][ T9537] loop2: rw=2049, sector=273, nr_sectors = 8 limit=128 [ 314.007531][ T9552] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1258'. [ 315.003613][ T9559] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 315.169062][ T9559] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 315.203751][ T9559] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 315.223246][ T9573] loop4: detected capacity change from 0 to 512 [ 315.234350][ T9559] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 315.258213][ T9559] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 315.288695][ T9559] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 315.302372][ T9573] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002] [ 315.327598][ T9573] EXT4-fs (loop4): orphan cleanup on readonly fs [ 315.359545][ T9573] EXT4-fs warning (device loop4): ext4_enable_quotas:7176: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix. [ 315.423569][ T9573] EXT4-fs (loop4): Cannot turn on quotas: error -22 [ 315.447099][ T9573] EXT4-fs error (device loop4): ext4_ext_check_inode:523: inode #13: comm syz.4.1265: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0) [ 315.511337][ T9573] EXT4-fs error (device loop4): ext4_orphan_get:1395: comm syz.4.1265: couldn't read orphan inode 13 (err -117) [ 315.568690][ T9573] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 315.608070][ T9583] mmap: syz.3.1269 (9583) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 315.751316][ T9573] EXT4-fs (loop4): warning: mounting fs with errors, running e2fsck is recommended [ 315.753828][ T9587] netlink: 'syz.5.1271': attribute type 21 has an invalid length. [ 315.781497][ T9573] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002] [ 315.844325][ T9573] EXT4-fs warning (device loop4): ext4_enable_quotas:7176: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix. [ 316.031185][ T5827] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 316.297658][ T9602] loop9: detected capacity change from 0 to 8 [ 316.307536][ T5848] Bluetooth: hci2: command 0x0406 tx timeout [ 316.376342][ T9602] ldm_validate_partition_table(): Disk read failed. [ 316.422193][ T9602] Dev loop9: unable to read RDB block 0 [ 316.422842][ T9602] loop9: unable to read partition table [ 316.441857][ T9602] loop9: partition table beyond EOD, truncated [ 316.468989][ T9602] loop_reread_partitions: partition scan of loop9 (被xڬdGݡ [ 316.468989][ T9602] ) failed (rc=-5) [ 317.006614][ T9620] loop3: detected capacity change from 0 to 2048 [ 317.096793][ T9620] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 317.234065][ T30] audit: type=1800 audit(317.219:487): pid=9620 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1276" name="file1" dev="loop3" ino=15 res=0 errno=0 [ 317.268502][ T5848] Bluetooth: hci4: command 0x0406 tx timeout [ 317.274767][ T5140] Bluetooth: hci3: command 0x0406 tx timeout [ 317.274832][ T5847] Bluetooth: hci1: command 0x0406 tx timeout [ 317.281356][ T5848] Bluetooth: hci0: command 0x0406 tx timeout [ 317.342735][ T5847] Bluetooth: hci5: command 0x0405 tx timeout [ 317.472107][ T9641] loop4: detected capacity change from 0 to 2048 [ 317.486077][ T5825] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 317.492269][ T9641] EXT4-fs: Ignoring removed mblk_io_submit option [ 317.521250][ T9641] EXT4-fs: Ignoring removed i_version option [ 317.572922][ T9641] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 317.632903][ T9649] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1284'. [ 317.841893][ T9580] syz.2.1268: vmalloc error: size 2101248, failed to allocated page array size 4104, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 317.877806][ T9580] CPU: 1 UID: 0 PID: 9580 Comm: syz.2.1268 Not tainted syzkaller #0 PREEMPT(full) [ 317.877854][ T9580] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 317.877876][ T9580] Call Trace: [ 317.877888][ T9580] [ 317.877901][ T9580] dump_stack_lvl+0x16c/0x1f0 [ 317.877962][ T9580] warn_alloc+0x248/0x3a0 [ 317.878027][ T9580] ? __pfx_warn_alloc+0x10/0x10 [ 317.878108][ T9580] ? hash_netiface_create+0x3ec/0x1250 [ 317.878160][ T9580] ? srso_alias_return_thunk+0x5/0xfbef5 [ 317.878203][ T9580] ? __vmalloc_node_noprof+0xad/0xf0 [ 317.878265][ T9580] __vmalloc_node_range_noprof+0xfe2/0x1480 [ 317.878335][ T9580] ? hash_netiface_create+0x3ec/0x1250 [ 317.878408][ T9580] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 317.878481][ T9580] ? hash_netiface_create+0x3ec/0x1250 [ 317.878533][ T9580] __vmalloc_node_noprof+0xad/0xf0 [ 317.878585][ T9580] ? hash_netiface_create+0x3ec/0x1250 [ 317.878643][ T9580] __vmalloc_node_range_noprof+0xb3b/0x1480 [ 317.878696][ T9580] ? __kasan_kmalloc+0xaa/0xb0 [ 317.878733][ T9580] ? srso_alias_return_thunk+0x5/0xfbef5 [ 317.878792][ T9580] ? hash_netiface_create+0x3ec/0x1250 [ 317.878857][ T9580] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 317.878919][ T9580] ? srso_alias_return_thunk+0x5/0xfbef5 [ 317.878963][ T9580] ? ___kmalloc_large_node+0xed/0x160 [ 317.879013][ T9580] ? srso_alias_return_thunk+0x5/0xfbef5 [ 317.879066][ T9580] __kvmalloc_node_noprof+0x431/0x9c0 [ 317.879109][ T9580] ? hash_netiface_create+0x3ec/0x1250 [ 317.879165][ T9580] ? hash_netiface_create+0x3ec/0x1250 [ 317.879228][ T9580] ? hash_netiface_create+0x3ec/0x1250 [ 317.879280][ T9580] hash_netiface_create+0x3ec/0x1250 [ 317.879337][ T9580] ? __pfx___nla_validate+0xb/0x10 [ 317.879389][ T9580] ? __pfx_hash_netiface_create+0x10/0x10 [ 317.879446][ T9580] ip_set_create+0x7e4/0x14d0 [ 317.879508][ T9580] ? __pfx_ip_set_create+0x10/0x10 [ 317.879597][ T9580] ? srso_alias_return_thunk+0x5/0xfbef5 [ 317.879640][ T9580] ? find_held_lock+0x2b/0x80 [ 317.879704][ T9580] ? srso_alias_return_thunk+0x5/0xfbef5 [ 317.879758][ T9580] nfnetlink_rcv_msg+0x9fc/0x1200 [ 317.879824][ T9580] ? __pfx_nfnetlink_rcv_msg+0x10/0x10 [ 317.879880][ T9580] ? srso_alias_return_thunk+0x5/0xfbef5 [ 317.879923][ T9580] ? consume_skb+0xcc/0x100 [ 317.880005][ T9580] ? __pfx___dev_queue_xmit+0x10/0x10 [ 317.880064][ T9580] netlink_rcv_skb+0x158/0x420 [ 317.880099][ T9580] ? __pfx_nfnetlink_rcv_msg+0x10/0x10 [ 317.880150][ T9580] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 317.880183][ T9580] ? srso_alias_return_thunk+0x5/0xfbef5 [ 317.880256][ T9580] ? srso_alias_return_thunk+0x5/0xfbef5 [ 317.880303][ T9580] ? ns_capable+0xd7/0x110 [ 317.880365][ T9580] nfnetlink_rcv+0x1b3/0x430 [ 317.880420][ T9580] ? __pfx_nfnetlink_rcv+0x10/0x10 [ 317.880465][ T9580] ? srso_alias_return_thunk+0x5/0xfbef5 [ 317.880508][ T9580] ? netlink_deliver_tap+0x1ae/0xd30 [ 317.880576][ T9580] netlink_unicast+0x5aa/0x870 [ 317.880618][ T9580] ? __pfx_netlink_unicast+0x10/0x10 [ 317.880672][ T9580] netlink_sendmsg+0x8c8/0xdd0 [ 317.880717][ T9580] ? __pfx_netlink_sendmsg+0x10/0x10 [ 317.880749][ T9580] ? srso_alias_return_thunk+0x5/0xfbef5 [ 317.880800][ T9580] ? srso_alias_return_thunk+0x5/0xfbef5 [ 317.880843][ T9580] ? aa_sock_msg_perm.constprop.0+0x100/0x1d0 [ 317.880915][ T9580] ____sys_sendmsg+0xa98/0xc70 [ 317.880958][ T9580] ? srso_alias_return_thunk+0x5/0xfbef5 [ 317.881002][ T9580] ? copy_msghdr_from_user+0x10a/0x160 [ 317.881059][ T9580] ? __pfx_____sys_sendmsg+0x10/0x10 [ 317.881111][ T9580] ? __pfx_futex_wake_mark+0x10/0x10 [ 317.881179][ T9580] ___sys_sendmsg+0x134/0x1d0 [ 317.881231][ T9580] ? srso_alias_return_thunk+0x5/0xfbef5 [ 317.881279][ T9580] ? __pfx____sys_sendmsg+0x10/0x10 [ 317.881327][ T9580] ? __lock_acquire+0x622/0x1c90 [ 317.881404][ T9580] ? srso_alias_return_thunk+0x5/0xfbef5 [ 317.881485][ T9580] __sys_sendmsg+0x16d/0x220 [ 317.881542][ T9580] ? __pfx___sys_sendmsg+0x10/0x10 [ 317.881597][ T9580] ? srso_alias_return_thunk+0x5/0xfbef5 [ 317.881641][ T9580] ? srso_alias_return_thunk+0x5/0xfbef5 [ 317.881703][ T9580] ? srso_alias_return_thunk+0x5/0xfbef5 [ 317.881759][ T9580] do_syscall_64+0xcd/0xfa0 [ 317.881820][ T9580] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 317.881856][ T9580] RIP: 0033:0x7fcc7ed8eec9 [ 317.881883][ T9580] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 317.881920][ T9580] RSP: 002b:00007fcc7fb86038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 317.881953][ T9580] RAX: ffffffffffffffda RBX: 00007fcc7efe5fa0 RCX: 00007fcc7ed8eec9 [ 317.881978][ T9580] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000005 [ 317.882001][ T9580] RBP: 00007fcc7ee11f91 R08: 0000000000000000 R09: 0000000000000000 [ 317.882024][ T9580] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 317.882047][ T9580] R13: 00007fcc7efe6038 R14: 00007fcc7efe5fa0 R15: 00007ffefde54ef8 [ 317.882098][ T9580] [ 318.358922][ T9643] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 318.629272][ T9580] Mem-Info: [ 318.636187][ T9580] active_anon:8303 inactive_anon:0 isolated_anon:0 [ 318.636187][ T9580] active_file:3689 inactive_file:46796 isolated_file:0 [ 318.636187][ T9580] unevictable:768 dirty:301 writeback:0 [ 318.636187][ T9580] slab_reclaimable:11766 slab_unreclaimable:96929 [ 318.636187][ T9580] mapped:37707 shmem:4479 pagetables:1525 [ 318.636187][ T9580] sec_pagetables:0 bounce:0 [ 318.636187][ T9580] kernel_misc_reclaimable:0 [ 318.636187][ T9580] free:1263094 free_pcp:19194 free_cma:0 [ 318.682223][ T9580] Node 0 active_anon:33212kB inactive_anon:0kB active_file:14756kB inactive_file:186984kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:150828kB dirty:1200kB writeback:0kB shmem:16380kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:14264kB pagetables:5968kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 318.717986][ T9580] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:48kB pagetables:132kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 318.748480][ T9580] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 318.779487][ T9580] lowmem_reserve[]: 0 2483 2485 2485 2485 [ 318.785481][ T9580] Node 0 DMA32 free:1141580kB boost:0kB min:34108kB low:42632kB high:51156kB reserved_highatomic:0KB free_highatomic:0KB active_anon:33212kB inactive_anon:0kB active_file:14756kB inactive_file:186984kB unevictable:1536kB writepending:1200kB zspages:0kB present:3129332kB managed:2543524kB mlocked:0kB bounce:0kB free_pcp:60780kB local_pcp:29572kB free_cma:0kB [ 318.819295][ T9580] lowmem_reserve[]: 0 0 1 1 1 [ 318.824289][ T9580] Node 0 Normal free:0kB boost:0kB min:24kB low:28kB high:32kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:1900kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 318.855458][ T9580] lowmem_reserve[]: 0 0 0 0 0 [ 318.860225][ T9580] Node 1 Normal free:3895436kB boost:0kB min:55768kB low:69708kB high:83648kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB writepending:4kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:16128kB local_pcp:4000kB free_cma:0kB [ 318.941554][ T9643] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 318.947738][ T9643] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 318.985238][ T9580] lowmem_reserve[]: 0 0 0 0 0 [ 318.995258][ T9643] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 319.002880][ T9580] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 319.031556][ T9643] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 319.037722][ T9643] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 319.044104][ T9580] Node 0 DMA32: 1*4kB (E) 1*8kB (E) 2*16kB (UE) 107*32kB (UE) 1171*64kB (UME) 662*128kB (UME) 428*256kB (UME) 233*512kB (UM) 84*1024kB (UM) 10*2048kB (UM) 157*4096kB (UME) = 1141580kB [ 319.071291][ T9658] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1287'. [ 319.072122][ T9580] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 319.103720][ T5827] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 319.121468][ T9658] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1287'. [ 319.142132][ T9658] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1287'. [ 319.160684][ T9661] ip6_tunnel: non-ECT from fc02:0000:0000:0000:0000:0000:0000:0000 with DS=0x6 [ 319.169797][ T9580] Node 1 Normal: 165*4kB (UM) 39*8kB (UME) 36*16kB (UME) 142*32kB (UME) 43*64kB (UME) 6*128kB (UME) 3*256kB (UM) 2*512kB (M) 1*1024kB (M) 2*2048kB (UE) 947*4096kB (M) = 3895436kB [ 319.212872][ T9661] loop9: detected capacity change from 0 to 8 [ 319.219929][ C1] blk_print_req_error: 20 callbacks suppressed [ 319.219954][ C1] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 319.230023][ T9580] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 319.236699][ C1] buffer_io_error: 756 callbacks suppressed [ 319.236719][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 319.249923][ T9580] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 319.255092][ T9658] tipc: Started in network mode [ 319.260218][ T9580] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 319.295061][ C1] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 319.295114][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 319.304665][ C1] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 319.316337][ T9580] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 319.316375][ T9580] 52100 total pagecache pages [ 319.326534][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 319.328124][ C1] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 319.336276][ T9658] tipc: Node identity 7f000001, cluster identity 4711 [ 319.340668][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 319.351934][ C1] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 319.372673][ T9666] netlink: 14 bytes leftover after parsing attributes in process `syz.5.1290'. [ 319.373356][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 319.394938][ T9580] 0 pages in swap cache [ 319.404731][ C1] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 319.406702][ T9658] tipc: Enabled bearer , priority 10 [ 319.414962][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 319.434984][ C1] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 319.443854][ T9580] Free swap = 124996kB [ 319.445240][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 319.455329][ T9580] Total swap = 124996kB [ 319.464986][ C1] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 319.470495][ T9580] 2097051 pages RAM [ 319.475211][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 319.491440][ T9580] 0 pages HighMem/MovableOnly [ 319.491859][ T9661] ldm_validate_partition_table(): Disk read failed. [ 319.496339][ T9580] 429080 pages reserved [ 319.519124][ C1] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 319.529420][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 319.537769][ C1] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 319.542027][ T9580] 0 pages cma reserved [ 319.548022][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 319.581953][ T9661] Dev loop9: unable to read RDB block 0 [ 319.588573][ T9661] loop9: unable to read partition table [ 319.594359][ T5847] Bluetooth: hci2: command 0x0406 tx timeout [ 319.626451][ T9661] loop9: partition table beyond EOD, truncated [ 319.651248][ T9661] loop_reread_partitions: partition scan of loop9 (被xڬdGݡ [ 319.651248][ T9661] ) failed (rc=-5) [ 319.761889][ T9666] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 319.778981][ T9666] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 319.794901][ T9666] bond0 (unregistering): Released all slaves [ 319.900873][ T9679] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1293'. [ 320.002603][ T9682] netlink: 'syz.5.1296': attribute type 4 has an invalid length. [ 320.058932][ T9683] loop3: detected capacity change from 0 to 2048 [ 320.125360][ T9683] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 320.161331][ T30] audit: type=1800 audit(320.139:488): pid=9683 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1295" name="file1" dev="loop3" ino=15 res=0 errno=0 [ 320.402953][ T5832] tipc: Node number set to 2130706433 [ 321.055751][ T5847] Bluetooth: hci3: command 0x0406 tx timeout [ 321.062480][ T5847] Bluetooth: hci0: command 0x0406 tx timeout [ 321.068760][ T5842] Bluetooth: hci1: command 0x0406 tx timeout [ 321.107598][ T5847] Bluetooth: hci4: command 0x0406 tx timeout [ 321.114150][ T5842] Bluetooth: hci5: command 0x0405 tx timeout [ 321.535130][ T9683] EXT4-fs error (device loop3): ext4_validate_block_bitmap:440: comm syz.3.1295: bg 0: block 234: padding at end of block bitmap is not set [ 321.621417][ T9683] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 2048 with error 117 [ 321.681455][ T9683] EXT4-fs (loop3): This should not happen!! Data will be lost [ 321.681455][ T9683] [ 322.032405][ T8483] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 2050 with max blocks 1682 with error 28 [ 322.071619][ T8483] EXT4-fs (loop3): This should not happen!! Data will be lost [ 322.071619][ T8483] [ 322.121310][ T8483] EXT4-fs (loop3): Total free blocks count 0 [ 322.137735][ T8483] EXT4-fs (loop3): Free/Dirty block details [ 322.157950][ T8483] EXT4-fs (loop3): free_blocks=0 [ 322.171238][ T8483] EXT4-fs (loop3): dirty_blocks=1696 [ 322.176548][ T8483] EXT4-fs (loop3): Block reservation details [ 322.641839][ T9725] netlink: 'syz.3.1310': attribute type 4 has an invalid length. [ 323.205571][ T9737] loop3: detected capacity change from 0 to 2048 [ 323.234500][ T9737] EXT4-fs: Ignoring removed mblk_io_submit option [ 323.278782][ T9737] EXT4-fs: Ignoring removed i_version option [ 323.300310][ T9739] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1320'. [ 323.343753][ T9741] loop2: detected capacity change from 0 to 512 [ 323.373098][ T9737] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 323.442046][ T9741] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002] [ 323.460763][ T9741] EXT4-fs (loop2): orphan cleanup on readonly fs [ 323.507229][ T9741] EXT4-fs warning (device loop2): ext4_enable_quotas:7176: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix. [ 323.547947][ T9741] EXT4-fs (loop2): Cannot turn on quotas: error -22 [ 323.571705][ T9741] EXT4-fs error (device loop2): ext4_ext_check_inode:523: inode #13: comm syz.2.1321: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0) [ 323.648566][ T5825] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 323.661369][ T9741] EXT4-fs error (device loop2): ext4_orphan_get:1395: comm syz.2.1321: couldn't read orphan inode 13 (err -117) [ 323.706909][ T9741] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 323.858266][ T9741] EXT4-fs (loop2): warning: mounting fs with errors, running e2fsck is recommended [ 323.877318][ T9741] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002] [ 323.888129][ T9752] unsupported nla_type 52263 [ 323.933493][ T9741] EXT4-fs warning (device loop2): ext4_enable_quotas:7176: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix. [ 324.199745][ T5833] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 324.420568][ T9770] loop2: detected capacity change from 0 to 512 [ 324.428863][ T9770] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 324.459515][ T9770] EXT4-fs (loop2): 1 truncate cleaned up [ 324.466586][ T9773] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1333'. [ 324.468689][ T9770] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 324.680265][ T5833] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 325.629665][ T9791] loop3: detected capacity change from 0 to 2048 [ 325.660653][ T9791] EXT4-fs: Ignoring removed mblk_io_submit option [ 325.673970][ T9791] EXT4-fs: Ignoring removed i_version option [ 325.732431][ T9791] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 325.970990][ T5825] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 326.366752][ T9821] netdevsim netdevsim5 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 326.394528][ T9825] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1348'. [ 326.483623][ T9821] netdevsim netdevsim5 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 326.630837][ T9829] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1348'. [ 326.705275][ T9821] netdevsim netdevsim5 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 326.710717][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 326.722174][ T1296] ieee802154 phy1 wpan1: encryption failed: -22 [ 326.842316][ T9840] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1351'. [ 326.878148][ T9821] netdevsim netdevsim5 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 327.150332][ T8476] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 327.221423][ T8476] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 327.230447][ T9850] loop4: detected capacity change from 0 to 2048 [ 327.256015][ T9850] EXT4-fs: Ignoring removed nobh option [ 327.292618][ T8483] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 327.331014][ T8476] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 327.380411][ T9850] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 327.530667][ T30] audit: type=1800 audit(327.509:489): pid=9850 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1354" name="file1" dev="loop4" ino=15 res=0 errno=0 [ 327.560453][ T9858] loop3: detected capacity change from 0 to 2048 [ 327.568772][ T9849] EXT4-fs error (device loop4): ext4_validate_block_bitmap:440: comm syz.4.1354: bg 0: block 408: padding at end of block bitmap is not set [ 327.611548][ T30] audit: type=1800 audit(327.529:490): pid=9850 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1354" name="file1" dev="loop4" ino=15 res=0 errno=0 [ 327.634308][ T9858] EXT4-fs: Ignoring removed mblk_io_submit option [ 327.635509][ T9849] EXT4-fs (loop4): Remounting filesystem read-only [ 327.640756][ T9858] EXT4-fs: Ignoring removed i_version option [ 327.686635][ T9849] EXT4-fs (loop4): error restoring inline_data for inode -- potential data loss! (inode 15, error -30) [ 327.702200][ T9858] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 327.855428][ T5825] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 327.876602][ T5827] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 328.299097][ T30] audit: type=1326 audit(328.279:491): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9877 comm="syz.0.1362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f8e50985d67 code=0x7ffc0000 [ 328.385976][ T30] audit: type=1326 audit(328.279:492): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9877 comm="syz.0.1362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f8e5092af79 code=0x7ffc0000 [ 328.536282][ T30] audit: type=1326 audit(328.279:493): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9877 comm="syz.0.1362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f8e50985d67 code=0x7ffc0000 [ 328.590148][ T9885] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1365'. [ 328.633249][ T9888] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1366'. [ 328.648542][ T30] audit: type=1326 audit(328.279:494): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9877 comm="syz.0.1362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f8e5092af79 code=0x7ffc0000 [ 328.648951][ T9885] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1365'. [ 328.765022][ T30] audit: type=1326 audit(328.279:495): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9877 comm="syz.0.1362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e5098eec9 code=0x7ffc0000 [ 328.830415][ T30] audit: type=1326 audit(328.289:496): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9877 comm="syz.0.1362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=284 compat=0 ip=0x7f8e5098eec9 code=0x7ffc0000 [ 328.997246][ T9899] loop2: detected capacity change from 0 to 512 [ 329.068471][ T30] audit: type=1326 audit(328.289:497): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9877 comm="syz.0.1362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e5098eec9 code=0x7ffc0000 [ 329.119220][ T30] audit: type=1326 audit(328.289:498): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9877 comm="syz.0.1362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e5098eec9 code=0x7ffc0000 [ 329.141102][ T9899] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002] [ 329.149451][ T9899] EXT4-fs (loop2): orphan cleanup on readonly fs [ 329.159966][ T9899] EXT4-fs warning (device loop2): ext4_enable_quotas:7176: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix. [ 329.204377][ T9899] EXT4-fs (loop2): Cannot turn on quotas: error -22 [ 329.254555][ T9899] EXT4-fs error (device loop2): ext4_ext_check_inode:523: inode #13: comm syz.2.1372: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0) [ 329.304113][ T8487] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 329.346952][ T9899] EXT4-fs error (device loop2): ext4_orphan_get:1395: comm syz.2.1372: couldn't read orphan inode 13 (err -117) [ 329.390893][ T9899] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 329.533914][ T9899] EXT4-fs (loop2): warning: mounting fs with errors, running e2fsck is recommended [ 329.557581][ T9899] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002] [ 329.576010][ T9899] EXT4-fs warning (device loop2): ext4_enable_quotas:7176: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix. [ 329.684811][ T8488] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 329.704360][ T8488] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 329.852013][ T8488] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 329.894162][ T5833] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 330.423635][ T9928] lo speed is unknown, defaulting to 1000 [ 331.243483][ T9912] warn_alloc: 3 callbacks suppressed [ 331.243508][ T9912] syz.0.1371: vmalloc error: size 268439552, failed to allocated page array size 524296, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 331.377386][ T9912] CPU: 0 UID: 0 PID: 9912 Comm: syz.0.1371 Not tainted syzkaller #0 PREEMPT(full) [ 331.377434][ T9912] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 331.377457][ T9912] Call Trace: [ 331.377469][ T9912] [ 331.377482][ T9912] dump_stack_lvl+0x16c/0x1f0 [ 331.377543][ T9912] warn_alloc+0x248/0x3a0 [ 331.377608][ T9912] ? __pfx_warn_alloc+0x10/0x10 [ 331.377688][ T9912] ? xskq_create+0xfb/0x1d0 [ 331.377731][ T9912] ? srso_alias_return_thunk+0x5/0xfbef5 [ 331.377775][ T9912] ? __vmalloc_node_noprof+0xad/0xf0 [ 331.377836][ T9912] __vmalloc_node_range_noprof+0xfe2/0x1480 [ 331.377905][ T9912] ? xskq_create+0xfb/0x1d0 [ 331.377963][ T9912] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 331.378037][ T9912] ? xskq_create+0xfb/0x1d0 [ 331.378084][ T9912] vmalloc_user_noprof+0x9e/0xe0 [ 331.378135][ T9912] ? xskq_create+0xfb/0x1d0 [ 331.378188][ T9912] xskq_create+0xfb/0x1d0 [ 331.378238][ T9912] xsk_setsockopt+0x792/0x9a0 [ 331.378285][ T9912] ? __pfx_xsk_setsockopt+0x10/0x10 [ 331.378327][ T9912] ? srso_alias_return_thunk+0x5/0xfbef5 [ 331.378371][ T9912] ? find_held_lock+0x2b/0x80 [ 331.378434][ T9912] ? srso_alias_return_thunk+0x5/0xfbef5 [ 331.378477][ T9912] ? aa_sock_opt_perm+0xfd/0x1c0 [ 331.378540][ T9912] ? __pfx_xsk_setsockopt+0x10/0x10 [ 331.378587][ T9912] do_sock_setsockopt+0xf3/0x1d0 [ 331.378632][ T9912] __sys_setsockopt+0x1a0/0x230 [ 331.378695][ T9912] __x64_sys_setsockopt+0xbd/0x160 [ 331.378745][ T9912] ? do_syscall_64+0x91/0xfa0 [ 331.378799][ T9912] ? srso_alias_return_thunk+0x5/0xfbef5 [ 331.378842][ T9912] ? lockdep_hardirqs_on+0x7c/0x110 [ 331.378897][ T9912] do_syscall_64+0xcd/0xfa0 [ 331.378957][ T9912] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 331.378993][ T9912] RIP: 0033:0x7f8e5098eec9 [ 331.379021][ T9912] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 331.379057][ T9912] RSP: 002b:00007f8e517a2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 331.379090][ T9912] RAX: ffffffffffffffda RBX: 00007f8e50be6180 RCX: 00007f8e5098eec9 [ 331.379115][ T9912] RDX: 0000000000000002 RSI: 000000000000011b RDI: 0000000000000006 [ 331.379137][ T9912] RBP: 00007f8e50a11f91 R08: 0000000000000004 R09: 0000000000000000 [ 331.379166][ T9912] R10: 00002000000004c0 R11: 0000000000000246 R12: 0000000000000000 [ 331.379190][ T9912] R13: 00007f8e50be6218 R14: 00007f8e50be6180 R15: 00007ffe9577e428 [ 331.379241][ T9912] [ 331.456044][ T9940] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1384'. [ 331.545412][ T9912] Mem-Info: [ 331.652210][ T9912] active_anon:7029 inactive_anon:1 isolated_anon:0 [ 331.652210][ T9912] active_file:3688 inactive_file:46789 isolated_file:0 [ 331.652210][ T9912] unevictable:796 dirty:311 writeback:0 [ 331.652210][ T9912] slab_reclaimable:11902 slab_unreclaimable:97620 [ 331.652210][ T9912] mapped:36800 shmem:4091 pagetables:1476 [ 331.652210][ T9912] sec_pagetables:0 bounce:0 [ 331.652210][ T9912] kernel_misc_reclaimable:0 [ 331.652210][ T9912] free:1283916 free_pcp:24548 free_cma:0 [ 331.847721][ T9912] Node 0 active_anon:17416kB inactive_anon:4kB active_file:14752kB inactive_file:186956kB unevictable:1648kB isolated(anon):0kB isolated(file):0kB mapped:143200kB dirty:1244kB writeback:0kB shmem:3928kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:13940kB pagetables:5572kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 331.960298][ T9912] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:48kB pagetables:132kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 332.086247][ T9912] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 332.272031][ T9912] lowmem_reserve[]: 0 2483 2485 2485 2485 [ 332.277921][ T9912] Node 0 DMA32 free:1224808kB boost:0kB min:34108kB low:42632kB high:51156kB reserved_highatomic:0KB free_highatomic:0KB active_anon:17244kB inactive_anon:4kB active_file:14752kB inactive_file:186956kB unevictable:1604kB writepending:1252kB zspages:0kB present:3129332kB managed:2543524kB mlocked:68kB bounce:0kB free_pcp:94044kB local_pcp:59004kB free_cma:0kB [ 332.367662][ T9912] lowmem_reserve[]: 0 0 1 1 1 [ 332.387986][ T9912] Node 0 Normal free:0kB boost:0kB min:24kB low:28kB high:32kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:1900kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 332.511324][ T9912] lowmem_reserve[]: 0 0 0 0 0 [ 332.565308][ T9912] Node 1 Normal free:3895948kB boost:0kB min:55768kB low:69708kB high:83648kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB writepending:0kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:15616kB local_pcp:3744kB free_cma:0kB [ 332.637579][ T9912] lowmem_reserve[]: 0 0 0 0 0 [ 332.701517][ T9912] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 332.822199][ T9912] Node 0 DMA32: 4814*4kB (UM) 2663*8kB (UME) 987*16kB (UME) 980*32kB (UME) 1194*64kB (UM) 602*128kB (UM) 421*256kB (UM) 237*512kB (UM) 83*1024kB (UME) 11*2048kB (UM) 156*4096kB (UM) = 1216800kB [ 332.920091][ T9912] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 332.978913][ T9912] Node 1 Normal: 165*4kB (UM) 39*8kB (UME) 36*16kB (UME) 148*32kB (UME) 46*64kB (UME) 7*128kB (UME) 3*256kB (UM) 2*512kB (M) 1*1024kB (M) 2*2048kB (UE) 947*4096kB (M) = 3895948kB [ 333.322126][ T9912] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 333.505029][ T9912] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 333.571546][ T9912] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 333.721783][ T0] NOHZ tick-stop error: local softirq work is pending, handler #c2!!! [ 333.803589][ T9912] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 333.838886][ T9912] 51845 total pagecache pages [ 333.867622][ T9912] 0 pages in swap cache [ 333.897641][ T9912] Free swap = 124996kB [ 333.935911][ T9912] Total swap = 124996kB [ 333.961498][ T9912] 2097051 pages RAM [ 333.965529][ T9912] 0 pages HighMem/MovableOnly [ 333.970208][ T9912] 429080 pages reserved [ 334.001572][ T9912] 0 pages cma reserved [ 334.160736][ T9986] loop4: detected capacity change from 0 to 512 [ 334.190455][ T9985] loop9: detected capacity change from 0 to 8 [ 334.207893][ C0] blk_print_req_error: 5 callbacks suppressed [ 334.207919][ C0] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 334.224308][ C0] buffer_io_error: 5 callbacks suppressed [ 334.224331][ C0] Buffer I/O error on dev loop9, logical block 0, async page read [ 334.241416][ C0] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 334.251659][ C0] Buffer I/O error on dev loop9, logical block 0, async page read [ 334.267077][ C1] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 334.267130][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 334.267360][ C1] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 334.267414][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 334.278165][ C1] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 334.278213][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 334.293317][ C1] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 334.293368][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 334.293624][ C1] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 334.293670][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 334.293890][ C1] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 334.293937][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 334.294029][ T9985] ldm_validate_partition_table(): Disk read failed. [ 334.294188][ C1] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 334.294233][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 334.294461][ C1] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 334.294508][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 334.299318][ T9985] Dev loop9: unable to read RDB block 0 [ 334.299959][ T9985] loop9: unable to read partition table [ 334.300193][ T9985] loop9: partition table beyond EOD, truncated [ 334.300221][ T9985] loop_reread_partitions: partition scan of loop9 (被xڬdGݡ [ 334.300221][ T9985] ) failed (rc=-5) [ 334.364108][ T9986] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 334.504188][ T9980] EXT4-fs error (device loop4): ext4_validate_block_bitmap:431: comm syz.4.1399: bg 0: block 18: invalid block bitmap [ 334.511529][ T9980] Quota error (device loop4): write_blk: dquota write failed [ 334.511783][ T9980] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota [ 334.511853][ T9980] EXT4-fs error (device loop4): ext4_acquire_dquot:6943: comm syz.4.1399: Failed to acquire dquot type 1 [ 334.961973][ T30] audit: type=1326 audit(334.929:499): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9993 comm="syz.2.1403" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcc7ed8eec9 code=0x7ffc0000 [ 334.962053][ T30] audit: type=1326 audit(334.929:500): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9993 comm="syz.2.1403" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcc7ed8eec9 code=0x7ffc0000 [ 334.962124][ T30] audit: type=1326 audit(334.929:501): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9993 comm="syz.2.1403" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcc7ed8eec9 code=0x7ffc0000 [ 334.962196][ T30] audit: type=1326 audit(334.939:502): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9993 comm="syz.2.1403" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcc7ed8eec9 code=0x7ffc0000 [ 334.962266][ T30] audit: type=1326 audit(334.939:503): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9993 comm="syz.2.1403" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcc7ed8eec9 code=0x7ffc0000 [ 334.962335][ T30] audit: type=1326 audit(334.939:504): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9993 comm="syz.2.1403" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcc7ed8eec9 code=0x7ffc0000 [ 334.962410][ T30] audit: type=1326 audit(334.939:505): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9993 comm="syz.2.1403" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcc7ed8eec9 code=0x7ffc0000 [ 334.980546][ T9995] loop2: detected capacity change from 0 to 512 [ 334.981199][ T30] audit: type=1326 audit(334.959:506): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9993 comm="syz.2.1403" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcc7ed8eec9 code=0x7ffc0000 [ 335.075511][ T5827] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 335.098917][ T9995] EXT4-fs error (device loop2): ext4_orphan_get:1395: comm syz.2.1403: couldn't read orphan inode 26 (err -116) [ 335.108063][ T9995] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 335.191699][ T9987] tty tty1: ldisc open failed (-12), clearing slot 0 [ 335.552061][ T5833] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 335.699324][T10007] loop2: detected capacity change from 0 to 128 [ 335.737082][T10007] vfat: Unknown parameter ''hVR`HL.17]t! Ɛ2>P(x_)^ Ga[JDGP&oxpVG>ŕʶh+A/`c Y5fKdk!&&' [ 335.860834][ T12] Bluetooth: hci6: Frame reassembly failed (-84) [ 335.884894][ T12] Bluetooth: hci6: Frame reassembly failed (-84) [ 336.586055][T10024] lo speed is unknown, defaulting to 1000 [ 337.814743][T10036] ip6_tunnel: non-ECT from fc02:0000:0000:0000:0000:0000:0000:0000 with DS=0x6 [ 337.848577][T10032] loop4: detected capacity change from 0 to 8192 [ 337.901282][ T5847] Bluetooth: hci6: command 0x1003 tx timeout [ 337.971268][ T5842] Bluetooth: hci6: Opcode 0x1003 failed: -110 [ 338.200620][T10041] xt_recent: hitcount (16777216) is larger than allowed maximum (65535) [ 338.889830][T10056] loop4: detected capacity change from 0 to 1024 [ 338.948473][T10056] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 340.108183][ T5827] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 340.619768][T10109] loop9: detected capacity change from 0 to 7 [ 340.649351][T10109] buffer_io_error: 5 callbacks suppressed [ 340.649376][T10109] Buffer I/O error on dev loop9, logical block 0, async page read [ 340.681851][T10109] Buffer I/O error on dev loop9, logical block 0, async page read [ 340.691934][T10109] Buffer I/O error on dev loop9, logical block 0, async page read [ 340.711825][T10109] Buffer I/O error on dev loop9, logical block 0, async page read [ 340.729408][T10109] Buffer I/O error on dev loop9, logical block 0, async page read [ 340.747864][T10109] Buffer I/O error on dev loop9, logical block 0, async page read [ 340.768120][T10109] Buffer I/O error on dev loop9, logical block 0, async page read [ 340.788303][T10109] ldm_validate_partition_table(): Disk read failed. [ 340.808505][T10109] Buffer I/O error on dev loop9, logical block 0, async page read [ 340.831560][T10109] Buffer I/O error on dev loop9, logical block 0, async page read [ 340.851374][T10109] Buffer I/O error on dev loop9, logical block 0, async page read [ 340.859399][T10109] Dev loop9: unable to read RDB block 0 [ 340.881600][T10109] loop9: unable to read partition table [ 340.890907][T10109] loop9: partition table beyond EOD, truncated [ 340.909473][T10109] loop_reread_partitions: partition scan of loop9 (被xڬdGݡ [ 340.909473][T10109] ) failed (rc=-5) [ 341.261546][T10117] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1454'. [ 341.261556][ T5847] Bluetooth: hci6: command 0x1003 tx timeout [ 341.278087][ T5842] Bluetooth: hci6: Opcode 0x1003 failed: -110 [ 341.310579][T10117] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1454'. [ 341.508031][ T30] kauditd_printk_skb: 52 callbacks suppressed [ 341.508058][ T30] audit: type=1326 audit(341.489:559): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10114 comm="syz.1.1454" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f65ac18eec9 code=0x0 [ 341.739115][T10127] loop2: detected capacity change from 0 to 2048 [ 341.826113][T10127] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 341.882477][ T30] audit: type=1800 audit(341.869:560): pid=10127 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1458" name="file1" dev="loop2" ino=15 res=0 errno=0 [ 342.518652][T10127] EXT4-fs error (device loop2): ext4_validate_block_bitmap:440: comm syz.2.1458: bg 0: block 234: padding at end of block bitmap is not set [ 342.557283][T10127] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 2048 with error 117 [ 342.608288][T10127] EXT4-fs (loop2): This should not happen!! Data will be lost [ 342.608288][T10127] [ 342.997760][ T8866] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 2050 with max blocks 6 with error 28 [ 343.045832][ T8866] EXT4-fs (loop2): This should not happen!! Data will be lost [ 343.045832][ T8866] [ 343.078270][ T8866] EXT4-fs (loop2): Total free blocks count 0 [ 343.095952][ T8866] EXT4-fs (loop2): Free/Dirty block details [ 343.120060][ T8866] EXT4-fs (loop2): free_blocks=0 [ 343.126287][ T8866] EXT4-fs (loop2): dirty_blocks=16 [ 343.137577][ T8866] EXT4-fs (loop2): Block reservation details [ 343.535254][T10175] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) ! [ 343.778303][ T30] audit: type=1326 audit(343.759:561): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10185 comm="syz.5.1483" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d10d8eec9 code=0x7ffc0000 [ 343.851256][ T30] audit: type=1326 audit(343.759:562): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10185 comm="syz.5.1483" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9d10d8eec9 code=0x7ffc0000 [ 343.915352][ T30] audit: type=1326 audit(343.759:563): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10185 comm="syz.5.1483" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d10d8eec9 code=0x7ffc0000 [ 343.967415][ T30] audit: type=1326 audit(343.759:564): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10185 comm="syz.5.1483" exe="/root/syz-executor" sig=0 arch=c000003e syscall=87 compat=0 ip=0x7f9d10d8eec9 code=0x7ffc0000 [ 344.015032][ T30] audit: type=1326 audit(343.759:565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10185 comm="syz.5.1483" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d10d8eec9 code=0x7ffc0000 [ 344.060848][ T30] audit: type=1326 audit(343.759:566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10185 comm="syz.5.1483" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d10d8eec9 code=0x7ffc0000 [ 344.222117][T10168] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 344.233603][T10168] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 344.239735][T10168] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 344.251804][T10168] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 344.263873][T10168] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 344.288502][T10168] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 344.363538][T10204] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1490'. [ 344.376891][T10204] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1490'. [ 344.647310][T10208] bridge0: port 2(bridge_slave_1) entered disabled state [ 344.655208][T10208] bridge0: port 1(bridge_slave_0) entered disabled state [ 344.824270][T10218] loop4: detected capacity change from 0 to 2048 [ 344.824593][T10208] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 344.848942][T10208] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 344.969669][T10218] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 345.043128][ T9205] netdevsim netdevsim5 eth0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 345.061298][ T8865] netdevsim netdevsim5 eth1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 345.107463][ T8865] netdevsim netdevsim5 eth2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 345.152158][ T8865] netdevsim netdevsim5 eth3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 345.309416][T10229] ip6_tunnel: non-ECT from fc02:0000:0000:0000:0000:0000:0000:0000 with DS=0x6 [ 345.407432][T10229] loop9: detected capacity change from 0 to 8 [ 345.803710][T10231] lo speed is unknown, defaulting to 1000 [ 346.287490][ T5847] Bluetooth: hci2: command 0x0406 tx timeout [ 346.424072][T10232] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1286: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters [ 346.440315][ T5842] Bluetooth: hci3: command 0x0406 tx timeout [ 346.446468][ T5847] Bluetooth: hci0: command 0x0406 tx timeout [ 346.452531][ T5848] Bluetooth: hci1: command 0x0406 tx timeout [ 346.458605][ T5140] Bluetooth: hci4: command 0x0406 tx timeout [ 346.461471][ T5848] Bluetooth: hci5: command 0x0405 tx timeout [ 346.480561][ C0] blk_print_req_error: 5 callbacks suppressed [ 346.480584][ C0] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 346.496874][ C0] buffer_io_error: 4 callbacks suppressed [ 346.496895][ C0] Buffer I/O error on dev loop9, logical block 0, async page read [ 346.498359][T10232] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 32 with error 28 [ 346.523461][T10232] EXT4-fs (loop4): This should not happen!! Data will be lost [ 346.523461][T10232] [ 346.533133][T10232] EXT4-fs (loop4): Total free blocks count 0 [ 346.539123][T10232] EXT4-fs (loop4): Free/Dirty block details [ 346.545101][T10232] EXT4-fs (loop4): free_blocks=2415919504 [ 346.550830][T10232] EXT4-fs (loop4): dirty_blocks=48 [ 346.556004][T10232] EXT4-fs (loop4): Block reservation details [ 346.562036][T10232] EXT4-fs (loop4): i_reserved_data_blocks=3 [ 346.609684][ C1] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 346.619945][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 346.672896][ C1] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 346.683181][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 346.702623][ C1] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 346.712893][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 346.782432][ C1] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 346.792852][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 346.821011][ C1] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 346.831276][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 346.841425][ C1] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 346.851665][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 346.859672][T10229] ldm_validate_partition_table(): Disk read failed. [ 346.871182][ C1] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 346.881434][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 346.889709][ C1] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 346.900161][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 346.911706][ C1] critical medium error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 346.921943][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 346.951439][T10229] Dev loop9: unable to read RDB block 0 [ 346.981692][T10229] loop9: unable to read partition table [ 346.987580][T10229] loop9: partition table beyond EOD, truncated [ 347.055284][T10229] loop_reread_partitions: partition scan of loop9 (被xڬdGݡ [ 347.055284][T10229] ) failed (rc=-5) [ 347.964783][ T8483] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 65537 with max blocks 1 with error 28 [ 348.244527][T10249] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 348.566849][T10249] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 348.778549][T10249] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 349.121723][T10249] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 349.283231][T10276] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1515'. [ 349.439215][T10276] team1: entered promiscuous mode [ 349.471460][T10276] team1: entered allmulticast mode [ 349.488005][T10276] 8021q: adding VLAN 0 to HW filter on device team1 [ 349.626110][T10278] loop3: detected capacity change from 0 to 2048 [ 349.789325][ T8483] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 349.831552][T10278] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 349.951972][ T30] audit: type=1800 audit(349.929:567): pid=10278 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1516" name="file1" dev="loop3" ino=15 res=0 errno=0 [ 349.967321][ T12] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 349.989694][ T12] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 350.050963][ T8483] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 350.301506][T10289] program syz.1.1520 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 350.400414][T10278] EXT4-fs error (device loop3): ext4_validate_block_bitmap:440: comm syz.3.1516: bg 0: block 234: padding at end of block bitmap is not set [ 350.815473][T10294] lo speed is unknown, defaulting to 1000 [ 351.443967][T10278] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1276 with error 117 [ 351.475719][T10278] EXT4-fs (loop3): This should not happen!! Data will be lost [ 351.475719][T10278] [ 352.181042][ T5825] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 352.426773][ T30] audit: type=1326 audit(352.389:568): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10301 comm="syz.1.1525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65ac18eec9 code=0x7ffc0000 [ 352.538145][ T30] audit: type=1326 audit(352.399:569): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10301 comm="syz.1.1525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65ac18eec9 code=0x7ffc0000 [ 352.703957][ T30] audit: type=1326 audit(352.409:570): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10301 comm="syz.1.1525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f65ac18eec9 code=0x7ffc0000 [ 352.744994][T10304] loop3: detected capacity change from 0 to 128 [ 352.787032][ T30] audit: type=1326 audit(352.409:571): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10301 comm="syz.1.1525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65ac18eec9 code=0x7ffc0000 [ 352.846888][T10304] bio_check_eod: 738 callbacks suppressed [ 352.846914][T10304] syz.3.1524: attempt to access beyond end of device [ 352.846914][T10304] loop3: rw=2049, sector=145, nr_sectors = 24 limit=128 [ 352.870090][ T30] audit: type=1326 audit(352.409:572): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10301 comm="syz.1.1525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65ac18eec9 code=0x7ffc0000 [ 352.892484][ T30] audit: type=1326 audit(352.439:573): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10301 comm="syz.1.1525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f65ac18eec9 code=0x7ffc0000 [ 352.916897][ T30] audit: type=1326 audit(352.439:574): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10301 comm="syz.1.1525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65ac18eec9 code=0x7ffc0000 [ 352.939049][T10304] syz.3.1524: attempt to access beyond end of device [ 352.939049][T10304] loop3: rw=2049, sector=177, nr_sectors = 8 limit=128 [ 352.963859][ T30] audit: type=1326 audit(352.439:575): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10301 comm="syz.1.1525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65ac18eec9 code=0x7ffc0000 [ 352.991512][ T30] audit: type=1326 audit(352.449:576): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10301 comm="syz.1.1525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f65ac18eec9 code=0x7ffc0000 [ 353.015032][T10304] syz.3.1524: attempt to access beyond end of device [ 353.015032][T10304] loop3: rw=2049, sector=193, nr_sectors = 8 limit=128 [ 353.028775][T10304] syz.3.1524: attempt to access beyond end of device [ 353.028775][T10304] loop3: rw=2049, sector=209, nr_sectors = 8 limit=128 [ 353.042666][T10304] syz.3.1524: attempt to access beyond end of device [ 353.042666][T10304] loop3: rw=2049, sector=225, nr_sectors = 8 limit=128 [ 353.065543][T10304] syz.3.1524: attempt to access beyond end of device [ 353.065543][T10304] loop3: rw=2049, sector=241, nr_sectors = 8 limit=128 [ 353.080406][T10304] syz.3.1524: attempt to access beyond end of device [ 353.080406][T10304] loop3: rw=2049, sector=257, nr_sectors = 8 limit=128 [ 353.081754][T10307] syz.3.1524: attempt to access beyond end of device [ 353.081754][T10307] loop3: rw=2049, sector=305, nr_sectors = 80 limit=128 [ 353.110222][T10304] syz.3.1524: attempt to access beyond end of device [ 353.110222][T10304] loop3: rw=2049, sector=273, nr_sectors = 8 limit=128 [ 353.130718][T10307] syz.3.1524: attempt to access beyond end of device [ 353.130718][T10307] loop3: rw=2049, sector=393, nr_sectors = 8 limit=128 [ 353.303150][T10303] buffer_io_error: 5 callbacks suppressed [ 353.303175][T10303] Buffer I/O error on dev loop3, logical block 305, async page read [ 353.368406][T10303] Buffer I/O error on dev loop3, logical block 306, async page read [ 353.378521][T10306] lo speed is unknown, defaulting to 1000 [ 353.407359][T10303] Buffer I/O error on dev loop3, logical block 307, async page read [ 353.436233][T10303] Buffer I/O error on dev loop3, logical block 308, async page read [ 354.436470][T10303] Buffer I/O error on dev loop3, logical block 309, async page read [ 354.477035][T10303] Buffer I/O error on dev loop3, logical block 310, async page read [ 354.520524][T10303] Buffer I/O error on dev loop3, logical block 311, async page read [ 354.528940][T10303] Buffer I/O error on dev loop3, logical block 312, async page read [ 354.537099][T10303] Buffer I/O error on dev loop3, logical block 305, async page read [ 354.551523][T10303] Buffer I/O error on dev loop3, logical block 306, async page read [ 355.025811][T10330] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1533'. [ 355.081023][T10330] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1533'. [ 355.111224][T10332] netlink: 224 bytes leftover after parsing attributes in process `syz.3.1534'. [ 355.138002][T10332] ksmbd: Unknown IPC event: 4, ignore. [ 355.151015][T10334] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1535'. [ 355.192835][T10334] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1535'. [ 355.262064][T10328] macsec0: entered promiscuous mode [ 355.397107][T10328] netlink: 272 bytes leftover after parsing attributes in process `syz.5.1532'. [ 355.486251][T10342] loop4: detected capacity change from 0 to 1024 [ 355.577141][T10344] netlink: 14 bytes leftover after parsing attributes in process `syz.1.1538'. [ 355.588666][T10342] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 355.622619][ T30] kauditd_printk_skb: 38 callbacks suppressed [ 355.622644][ T30] audit: type=1800 audit(355.609:615): pid=10342 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1537" name="bus" dev="loop4" ino=18 res=0 errno=0 [ 355.745407][ T5827] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 355.774452][T10349] loop3: detected capacity change from 0 to 2048 [ 355.834239][T10349] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 356.231426][T10344] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 356.550357][T10364] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1286: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters [ 356.567791][T10364] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 64 with error 28 [ 356.581477][T10364] EXT4-fs (loop3): This should not happen!! Data will be lost [ 356.581477][T10364] [ 356.591272][T10364] EXT4-fs (loop3): Total free blocks count 0 [ 356.597325][T10364] EXT4-fs (loop3): Free/Dirty block details [ 356.603324][T10364] EXT4-fs (loop3): free_blocks=2415919504 [ 356.609127][T10364] EXT4-fs (loop3): dirty_blocks=80 [ 356.614343][T10364] EXT4-fs (loop3): Block reservation details [ 356.620388][T10364] EXT4-fs (loop3): i_reserved_data_blocks=5 [ 356.835623][T10362] loop2: detected capacity change from 0 to 512 [ 356.892446][T10344] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 356.914712][T10362] [ 356.917052][T10362] ====================================================== [ 356.924060][T10362] WARNING: possible circular locking dependency detected [ 356.931076][T10362] syzkaller #0 Not tainted [ 356.935482][T10362] ------------------------------------------------------ [ 356.942491][T10362] syz.2.1543/10362 is trying to acquire lock: [ 356.948556][T10362] ffff88801220ab98 (&sbi->s_writepages_rwsem){++++}-{0:0}, at: do_writepages+0x27a/0x600 [ 356.958457][T10362] [ 356.958457][T10362] but task is already holding lock: [ 356.965828][T10362] ffff888048df0a58 (&ei->xattr_sem){++++}-{4:4}, at: __ext4_mark_inode_dirty+0x4ba/0x870 [ 356.975752][T10362] [ 356.975752][T10362] which lock already depends on the new lock. [ 356.975752][T10362] [ 356.986159][T10362] [ 356.986159][T10362] the existing dependency chain (in reverse order) is: [ 356.995171][T10362] [ 356.995171][T10362] -> #1 (&ei->xattr_sem){++++}-{4:4}: [ 357.002761][T10362] down_write+0x92/0x200 [ 357.007544][T10362] ext4_destroy_inline_data+0x2d/0xe0 [ 357.013461][T10362] ext4_do_writepages+0x1154/0x3cf0 [ 357.019215][T10362] ext4_writepages+0x37a/0x7d0 [ 357.024531][T10362] do_writepages+0x27a/0x600 [ 357.029664][T10362] filemap_fdatawrite_wbc+0x104/0x160 [ 357.035578][T10362] __filemap_fdatawrite_range+0xb9/0x100 [ 357.041739][T10362] ext4_convert_inline_data+0x1a7/0x610 [ 357.047820][T10362] ext4_fallocate+0x1f5/0x37a0 [ 357.053113][T10362] vfs_fallocate+0x5b4/0x10e0 [ 357.058324][T10362] ioctl_preallocate+0x1a0/0x210 [ 357.063813][T10362] do_vfs_ioctl+0x11da/0x14f0 [ 357.069039][T10362] __x64_sys_ioctl+0x114/0x210 [ 357.074353][T10362] do_syscall_64+0xcd/0xfa0 [ 357.079404][T10362] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 357.085833][T10362] [ 357.085833][T10362] -> #0 (&sbi->s_writepages_rwsem){++++}-{0:0}: [ 357.094288][T10362] __lock_acquire+0x126f/0x1c90 [ 357.099676][T10362] lock_acquire+0x179/0x350 [ 357.104723][T10362] ext4_writepages+0x224/0x7d0 [ 357.110040][T10362] do_writepages+0x27a/0x600 [ 357.115175][T10362] __writeback_single_inode+0x160/0xfb0 [ 357.121280][T10362] writeback_single_inode+0x2bc/0x550 [ 357.127209][T10362] write_inode_now+0x170/0x1e0 [ 357.132499][T10362] iput.part.0+0x487/0xb00 [ 357.137465][T10362] iput+0x35/0x40 [ 357.141645][T10362] ext4_xattr_block_set+0x67c/0x3650 [ 357.147472][T10362] ext4_expand_extra_isize_ea+0x1442/0x1ab0 [ 357.153910][T10362] __ext4_expand_extra_isize+0x346/0x480 [ 357.160089][T10362] __ext4_mark_inode_dirty+0x544/0x870 [ 357.166106][T10362] ext4_evict_inode+0x74e/0x18e0 [ 357.171575][T10362] evict+0x3e6/0x920 [ 357.176017][T10362] iput.part.0+0x6a9/0xb00 [ 357.180975][T10362] iput+0x35/0x40 [ 357.185152][T10362] ext4_orphan_cleanup+0x731/0x11e0 [ 357.190903][T10362] ext4_fill_super+0x8db7/0xaf70 [ 357.196374][T10362] get_tree_bdev_flags+0x38c/0x620 [ 357.202026][T10362] vfs_get_tree+0x8e/0x340 [ 357.206998][T10362] path_mount+0x7b9/0x23a0 [ 357.211957][T10362] __x64_sys_mount+0x293/0x310 [ 357.217265][T10362] do_syscall_64+0xcd/0xfa0 [ 357.222322][T10362] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 357.228747][T10362] [ 357.228747][T10362] other info that might help us debug this: [ 357.228747][T10362] [ 357.238966][T10362] Possible unsafe locking scenario: [ 357.238966][T10362] [ 357.246407][T10362] CPU0 CPU1 [ 357.251779][T10362] ---- ---- [ 357.257136][T10362] lock(&ei->xattr_sem); [ 357.261488][T10362] lock(&sbi->s_writepages_rwsem); [ 357.269218][T10362] lock(&ei->xattr_sem); [ 357.276079][T10362] rlock(&sbi->s_writepages_rwsem); [ 357.281378][T10362] [ 357.281378][T10362] *** DEADLOCK *** [ 357.281378][T10362] [ 357.289511][T10362] 3 locks held by syz.2.1543/10362: [ 357.294717][T10362] #0: ffff888033dc60e0 (&type->s_umount_key#27/1){+.+.}-{4:4}, at: alloc_super+0x1e3/0xb60 [ 357.304894][T10362] #1: ffff888033dc6610 (sb_internal){++++}-{0:0}, at: evict+0x3e6/0x920 [ 357.313408][T10362] #2: ffff888048df0a58 (&ei->xattr_sem){++++}-{4:4}, at: __ext4_mark_inode_dirty+0x4ba/0x870 [ 357.323762][T10362] [ 357.323762][T10362] stack backtrace: [ 357.329651][T10362] CPU: 0 UID: 0 PID: 10362 Comm: syz.2.1543 Not tainted syzkaller #0 PREEMPT(full) [ 357.329697][T10362] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 357.329719][T10362] Call Trace: [ 357.329730][T10362] [ 357.329744][T10362] dump_stack_lvl+0x116/0x1f0 [ 357.329805][T10362] print_circular_bug+0x275/0x350 [ 357.329852][T10362] check_noncircular+0x14c/0x170 [ 357.329903][T10362] __lock_acquire+0x126f/0x1c90 [ 357.329952][T10362] ? __lock_acquire+0x622/0x1c90 [ 357.330000][T10362] lock_acquire+0x179/0x350 [ 357.330044][T10362] ? do_writepages+0x27a/0x600 [ 357.330095][T10362] ? __pfx___might_resched+0x10/0x10 [ 357.330161][T10362] ext4_writepages+0x224/0x7d0 [ 357.330219][T10362] ? do_writepages+0x27a/0x600 [ 357.330267][T10362] ? __pfx_ext4_writepages+0x10/0x10 [ 357.330324][T10362] ? srso_alias_return_thunk+0x5/0xfbef5 [ 357.330369][T10362] ? __lock_acquire+0xb8a/0x1c90 [ 357.330422][T10362] ? srso_alias_return_thunk+0x5/0xfbef5 [ 357.330474][T10362] ? __pfx_ext4_writepages+0x10/0x10 [ 357.330535][T10362] do_writepages+0x27a/0x600 [ 357.330586][T10362] ? __pfx_do_writepages+0x10/0x10 [ 357.330641][T10362] __writeback_single_inode+0x160/0xfb0 [ 357.330702][T10362] ? __pfx___writeback_single_inode+0x10/0x10 [ 357.330761][T10362] ? srso_alias_return_thunk+0x5/0xfbef5 [ 357.330805][T10362] ? do_raw_spin_unlock+0x172/0x230 [ 357.330860][T10362] ? srso_alias_return_thunk+0x5/0xfbef5 [ 357.330907][T10362] writeback_single_inode+0x2bc/0x550 [ 357.330971][T10362] write_inode_now+0x170/0x1e0 [ 357.331004][T10362] ? __pfx_write_inode_now+0x10/0x10 [ 357.331067][T10362] ? find_held_lock+0x2b/0x80 [ 357.331126][T10362] ? srso_alias_return_thunk+0x5/0xfbef5 [ 357.331172][T10362] ? srso_alias_return_thunk+0x5/0xfbef5 [ 357.331220][T10362] iput.part.0+0x487/0xb00 [ 357.331277][T10362] iput+0x35/0x40 [ 357.331325][T10362] ext4_xattr_block_set+0x67c/0x3650 [ 357.331385][T10362] ? __pfx_ext4_xattr_block_set+0x10/0x10 [ 357.331437][T10362] ? srso_alias_return_thunk+0x5/0xfbef5 [ 357.331486][T10362] ? xattr_find_entry+0x289/0x330 [ 357.331533][T10362] ? srso_alias_return_thunk+0x5/0xfbef5 [ 357.331577][T10362] ? ext4_xattr_block_find+0x59/0x430 [ 357.331625][T10362] ext4_expand_extra_isize_ea+0x1442/0x1ab0 [ 357.331695][T10362] ? __pfx_ext4_expand_extra_isize_ea+0x10/0x10 [ 357.331756][T10362] ? srso_alias_return_thunk+0x5/0xfbef5 [ 357.331799][T10362] ? srso_alias_return_thunk+0x5/0xfbef5 [ 357.331843][T10362] ? dquot_initialize_needed+0x183/0x2a0 [ 357.331899][T10362] __ext4_expand_extra_isize+0x346/0x480 [ 357.331950][T10362] __ext4_mark_inode_dirty+0x544/0x870 [ 357.332013][T10362] ? __pfx___ext4_mark_inode_dirty+0x10/0x10 [ 357.332076][T10362] ? __pfx___might_resched+0x10/0x10 [ 357.332141][T10362] ? ext4_journal_check_start+0x22b/0x340 [ 357.332197][T10362] ? srso_alias_return_thunk+0x5/0xfbef5 [ 357.332241][T10362] ? __ext4_journal_start_sb+0x19e/0x690 [ 357.332295][T10362] ? ext4_evict_inode+0x5cf/0x18e0 [ 357.332332][T10362] ext4_evict_inode+0x74e/0x18e0 [ 357.332369][T10362] ? __pfx_ext4_evict_inode+0x10/0x10 [ 357.332404][T10362] ? srso_alias_return_thunk+0x5/0xfbef5 [ 357.332458][T10362] ? __pfx_ext4_evict_inode+0x10/0x10 [ 357.332491][T10362] evict+0x3e6/0x920 [ 357.332541][T10362] ? __pfx_evict+0x10/0x10 [ 357.332590][T10362] ? srso_alias_return_thunk+0x5/0xfbef5 [ 357.332640][T10362] ? srso_alias_return_thunk+0x5/0xfbef5 [ 357.332691][T10362] iput.part.0+0x6a9/0xb00 [ 357.332741][T10362] ? __pfx_ext4_drop_inode+0x10/0x10 [ 357.332794][T10362] iput+0x35/0x40 [ 357.332842][T10362] ext4_orphan_cleanup+0x731/0x11e0 [ 357.332910][T10362] ? __pfx_ext4_orphan_cleanup+0x10/0x10 [ 357.332976][T10362] ? srso_alias_return_thunk+0x5/0xfbef5 [ 357.333019][T10362] ? ext4_register_li_request+0xec/0x9b0 [ 357.333063][T10362] ext4_fill_super+0x8db7/0xaf70 [ 357.333119][T10362] ? __pfx_ext4_fill_super+0x10/0x10 [ 357.333157][T10362] ? do_raw_spin_lock+0x12c/0x2b0 [ 357.333209][T10362] ? srso_alias_return_thunk+0x5/0xfbef5 [ 357.333252][T10362] ? find_held_lock+0x2b/0x80 [ 357.333315][T10362] ? srso_alias_return_thunk+0x5/0xfbef5 [ 357.333359][T10362] ? sb_set_blocksize+0x176/0x1d0 [ 357.333402][T10362] ? srso_alias_return_thunk+0x5/0xfbef5 [ 357.333451][T10362] ? setup_bdev_super+0x369/0x730 [ 357.333488][T10362] get_tree_bdev_flags+0x38c/0x620 [ 357.333526][T10362] ? __pfx_ext4_fill_super+0x10/0x10 [ 357.333566][T10362] ? __pfx_get_tree_bdev_flags+0x10/0x10 [ 357.333608][T10362] ? apparmor_capable+0x114/0x1d0 [ 357.333648][T10362] ? srso_alias_return_thunk+0x5/0xfbef5 [ 357.333692][T10362] ? srso_alias_return_thunk+0x5/0xfbef5 [ 357.333736][T10362] ? security_capable+0x7e/0x260 [ 357.333797][T10362] vfs_get_tree+0x8e/0x340 [ 357.333854][T10362] path_mount+0x7b9/0x23a0 [ 357.333905][T10362] ? __pfx_path_mount+0x10/0x10 [ 357.333954][T10362] ? putname+0x154/0x1a0 [ 357.334007][T10362] ? srso_alias_return_thunk+0x5/0xfbef5 [ 357.334051][T10362] ? putname+0x154/0x1a0 [ 357.334101][T10362] ? __x64_sys_mount+0x293/0x310 [ 357.334148][T10362] __x64_sys_mount+0x293/0x310 [ 357.334196][T10362] ? __pfx___x64_sys_mount+0x10/0x10 [ 357.334244][T10362] ? srso_alias_return_thunk+0x5/0xfbef5 [ 357.334296][T10362] do_syscall_64+0xcd/0xfa0 [ 357.334355][T10362] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 357.334392][T10362] RIP: 0033:0x7fcc7ed9066a [ 357.334419][T10362] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 357.334460][T10362] RSP: 002b:00007fcc7fb85e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 357.334493][T10362] RAX: ffffffffffffffda RBX: 00007fcc7fb85ef0 RCX: 00007fcc7ed9066a [ 357.334518][T10362] RDX: 0000200000000180 RSI: 00002000000001c0 RDI: 00007fcc7fb85eb0 [ 357.334543][T10362] RBP: 0000200000000180 R08: 00007fcc7fb85ef0 R09: 0000000000800700 [ 357.334566][T10362] R10: 0000000000800700 R11: 0000000000000246 R12: 00002000000001c0 [ 357.334589][T10362] R13: 00007fcc7fb85eb0 R14: 000000000000046f R15: 00002000000007c0 [ 357.334628][T10362] [ 358.066953][T10344] bond0 (unregistering): Released all slaves [ 358.083826][T10324] macsec0: left promiscuous mode [ 358.102301][T10362] ------------[ cut here ]------------ [ 358.107796][T10362] EA inode 11 i_nlink=2 [ 358.108364][T10362] WARNING: CPU: 1 PID: 10362 at fs/ext4/xattr.c:1056 ext4_xattr_inode_update_ref+0x4ec/0x610 [ 358.123052][T10362] Modules linked in: [ 358.126955][T10362] CPU: 1 UID: 0 PID: 10362 Comm: syz.2.1543 Not tainted syzkaller #0 PREEMPT(full) [ 358.136399][T10362] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 358.146598][T10362] RIP: 0010:ext4_xattr_inode_update_ref+0x4ec/0x610 [ 358.153275][T10362] Code: df 48 8d 7b 40 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 23 01 00 00 48 8b 73 40 44 89 e2 48 c7 c7 c0 5d a8 8b e8 35 00 ed fe 90 <0f> 0b 90 90 e9 d9 fe ff ff e8 36 cb 2e ff 44 0f b6 2d 22 8b dd 0d [ 358.172952][T10362] RSP: 0018:ffffc9000dcf7178 EFLAGS: 00010282 [ 358.179040][T10362] RAX: 0000000000000000 RBX: ffff8880561fc588 RCX: ffffc9000ba4b000 [ 358.187094][T10362] RDX: 0000000000080000 RSI: ffffffff817b5ef5 RDI: 0000000000000001 [ 358.195313][T10362] RBP: ffffc9000dcf7240 R08: 0000000000000001 R09: 0000000000000000 [ 358.203473][T10362] R10: 0000000000000001 R11: 000000002d2d2d2d R12: 0000000000000002 [ 358.211513][T10362] R13: 0000000000000000 R14: 1ffff92001b9ee32 R15: ffff8880561fc778 [ 358.219492][T10362] FS: 00007fcc7fb866c0(0000) GS:ffff888124ada000(0000) knlGS:0000000000000000 [ 358.228564][T10362] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 358.235216][T10362] CR2: 0000001b30e22ff8 CR3: 000000004aa35000 CR4: 0000000000350ef0 [ 358.243265][T10362] Call Trace: [ 358.246540][T10362] [ 358.249471][T10362] ? __pfx_ext4_xattr_inode_update_ref+0x10/0x10 [ 358.255872][T10362] ? srso_alias_return_thunk+0x5/0xfbef5 [ 358.261554][T10362] ? ext4_xattr_inode_iget+0x1ee/0x400 [ 358.267039][T10362] ext4_xattr_set_entry+0x158f/0x1f00 [ 358.272513][T10362] ? __pfx_ext4_xattr_set_entry+0x10/0x10 [ 358.278256][T10362] ? xattr_find_entry+0x289/0x330 [ 358.283349][T10362] ext4_xattr_ibody_set+0x3d6/0x5d0 [ 358.288574][T10362] ext4_expand_extra_isize_ea+0x148c/0x1ab0 [ 358.294583][T10362] ? __pfx_ext4_expand_extra_isize_ea+0x10/0x10 [ 358.301011][T10362] ? srso_alias_return_thunk+0x5/0xfbef5 [ 358.306849][T10362] ? srso_alias_return_thunk+0x5/0xfbef5 [ 358.312545][T10362] ? dquot_initialize_needed+0x183/0x2a0 [ 358.318217][T10362] __ext4_expand_extra_isize+0x346/0x480 [ 358.323903][T10362] __ext4_mark_inode_dirty+0x544/0x870 [ 358.329406][T10362] ? __pfx___ext4_mark_inode_dirty+0x10/0x10 [ 358.335488][T10362] ? __pfx___might_resched+0x10/0x10 [ 358.340908][T10362] ? ext4_journal_check_start+0x22b/0x340 [ 358.346703][T10362] ? srso_alias_return_thunk+0x5/0xfbef5 [ 358.352398][T10362] ? __ext4_journal_start_sb+0x19e/0x690 [ 358.358067][T10362] ? ext4_evict_inode+0x5cf/0x18e0 [ 358.363242][T10362] ext4_evict_inode+0x74e/0x18e0 [ 358.368218][T10362] ? __pfx_ext4_evict_inode+0x10/0x10 [ 358.373655][T10362] ? srso_alias_return_thunk+0x5/0xfbef5 [ 358.379312][T10362] ? __pfx_ext4_evict_inode+0x10/0x10 [ 358.384738][T10362] evict+0x3e6/0x920 [ 358.388662][T10362] ? __pfx_evict+0x10/0x10 [ 358.393179][T10362] ? srso_alias_return_thunk+0x5/0xfbef5 [ 358.398991][T10362] ? srso_alias_return_thunk+0x5/0xfbef5 [ 358.404821][T10362] iput.part.0+0x6a9/0xb00 [ 358.409268][T10362] ? __pfx_ext4_drop_inode+0x10/0x10 [ 358.414620][T10362] iput+0x35/0x40 [ 358.418283][T10362] ext4_orphan_cleanup+0x731/0x11e0 [ 358.423571][T10362] ? __pfx_ext4_orphan_cleanup+0x10/0x10 [ 358.429243][T10362] ? srso_alias_return_thunk+0x5/0xfbef5 [ 358.434939][T10362] ? ext4_register_li_request+0xec/0x9b0 [ 358.440592][T10362] ext4_fill_super+0x8db7/0xaf70 [ 358.445605][T10362] ? __pfx_ext4_fill_super+0x10/0x10 [ 358.450912][T10362] ? do_raw_spin_lock+0x12c/0x2b0 [ 358.456055][T10362] ? srso_alias_return_thunk+0x5/0xfbef5 [ 358.461753][T10362] ? find_held_lock+0x2b/0x80 [ 358.466472][T10362] ? srso_alias_return_thunk+0x5/0xfbef5 [ 358.472161][T10362] ? sb_set_blocksize+0x176/0x1d0 [ 358.477218][T10362] ? srso_alias_return_thunk+0x5/0xfbef5 [ 358.482932][T10362] ? setup_bdev_super+0x369/0x730 [ 358.487993][T10362] get_tree_bdev_flags+0x38c/0x620 [ 358.493173][T10362] ? __pfx_ext4_fill_super+0x10/0x10 [ 358.498482][T10362] ? __pfx_get_tree_bdev_flags+0x10/0x10 [ 358.504311][T10362] ? apparmor_capable+0x114/0x1d0 [ 358.509356][T10362] ? srso_alias_return_thunk+0x5/0xfbef5 [ 358.515342][T10362] ? srso_alias_return_thunk+0x5/0xfbef5 [ 358.521000][T10362] ? security_capable+0x7e/0x260 [ 358.526005][T10362] vfs_get_tree+0x8e/0x340 [ 358.530458][T10362] path_mount+0x7b9/0x23a0 [ 358.534942][T10362] ? __pfx_path_mount+0x10/0x10 [ 358.539820][T10362] ? putname+0x154/0x1a0 [ 358.544220][T10362] ? srso_alias_return_thunk+0x5/0xfbef5 [ 358.549874][T10362] ? putname+0x154/0x1a0 [ 358.554194][T10362] ? __x64_sys_mount+0x293/0x310 [ 358.559173][T10362] __x64_sys_mount+0x293/0x310 [ 358.563994][T10362] ? __pfx___x64_sys_mount+0x10/0x10 [ 358.569307][T10362] ? srso_alias_return_thunk+0x5/0xfbef5 [ 358.575044][T10362] do_syscall_64+0xcd/0xfa0 [ 358.579589][T10362] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 358.585524][T10362] RIP: 0033:0x7fcc7ed9066a [ 358.589946][T10362] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 358.609791][T10362] RSP: 002b:00007fcc7fb85e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 358.618397][T10362] RAX: ffffffffffffffda RBX: 00007fcc7fb85ef0 RCX: 00007fcc7ed9066a [ 358.626603][T10362] RDX: 0000200000000180 RSI: 00002000000001c0 RDI: 00007fcc7fb85eb0 [ 358.634635][T10362] RBP: 0000200000000180 R08: 00007fcc7fb85ef0 R09: 0000000000800700 [ 358.642653][T10362] R10: 0000000000800700 R11: 0000000000000246 R12: 00002000000001c0 [ 358.650632][T10362] R13: 00007fcc7fb85eb0 R14: 000000000000046f R15: 00002000000007c0 [ 358.658678][T10362] [ 358.661733][T10362] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 358.669015][T10362] CPU: 1 UID: 0 PID: 10362 Comm: syz.2.1543 Not tainted syzkaller #0 PREEMPT(full) [ 358.678401][T10362] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 358.688464][T10362] Call Trace: [ 358.691739][T10362] [ 358.694668][T10362] dump_stack_lvl+0x3d/0x1f0 [ 358.699299][T10362] vpanic+0x640/0x6f0 [ 358.703306][T10362] ? ext4_xattr_inode_update_ref+0x4ec/0x610 [ 358.709316][T10362] panic+0xca/0xd0 [ 358.713061][T10362] ? __pfx_panic+0x10/0x10 [ 358.717515][T10362] check_panic_on_warn+0xab/0xb0 [ 358.722475][T10362] __warn+0xf6/0x3c0 [ 358.726390][T10362] ? srso_alias_return_thunk+0x5/0xfbef5 [ 358.732043][T10362] ? ext4_xattr_inode_update_ref+0x4ec/0x610 [ 358.738040][T10362] report_bug+0x3c3/0x580 [ 358.742386][T10362] ? ext4_xattr_inode_update_ref+0x4ec/0x610 [ 358.748382][T10362] handle_bug+0x184/0x210 [ 358.752714][T10362] exc_invalid_op+0x17/0x50 [ 358.757221][T10362] asm_exc_invalid_op+0x1a/0x20 [ 358.762070][T10362] RIP: 0010:ext4_xattr_inode_update_ref+0x4ec/0x610 [ 358.768670][T10362] Code: df 48 8d 7b 40 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 23 01 00 00 48 8b 73 40 44 89 e2 48 c7 c7 c0 5d a8 8b e8 35 00 ed fe 90 <0f> 0b 90 90 e9 d9 fe ff ff e8 36 cb 2e ff 44 0f b6 2d 22 8b dd 0d [ 358.788284][T10362] RSP: 0018:ffffc9000dcf7178 EFLAGS: 00010282 [ 358.794357][T10362] RAX: 0000000000000000 RBX: ffff8880561fc588 RCX: ffffc9000ba4b000 [ 358.802327][T10362] RDX: 0000000000080000 RSI: ffffffff817b5ef5 RDI: 0000000000000001 [ 358.810300][T10362] RBP: ffffc9000dcf7240 R08: 0000000000000001 R09: 0000000000000000 [ 358.818326][T10362] R10: 0000000000000001 R11: 000000002d2d2d2d R12: 0000000000000002 [ 358.826303][T10362] R13: 0000000000000000 R14: 1ffff92001b9ee32 R15: ffff8880561fc778 [ 358.834282][T10362] ? __warn_printk+0x1a5/0x350 [ 358.839070][T10362] ? ext4_xattr_inode_update_ref+0x4eb/0x610 [ 358.845078][T10362] ? __pfx_ext4_xattr_inode_update_ref+0x10/0x10 [ 358.851428][T10362] ? srso_alias_return_thunk+0x5/0xfbef5 [ 358.857079][T10362] ? ext4_xattr_inode_iget+0x1ee/0x400 [ 358.862555][T10362] ext4_xattr_set_entry+0x158f/0x1f00 [ 358.867951][T10362] ? __pfx_ext4_xattr_set_entry+0x10/0x10 [ 358.873707][T10362] ? xattr_find_entry+0x289/0x330 [ 358.878748][T10362] ext4_xattr_ibody_set+0x3d6/0x5d0 [ 358.883964][T10362] ext4_expand_extra_isize_ea+0x148c/0x1ab0 [ 358.889976][T10362] ? __pfx_ext4_expand_extra_isize_ea+0x10/0x10 [ 358.896244][T10362] ? srso_alias_return_thunk+0x5/0xfbef5 [ 358.901886][T10362] ? srso_alias_return_thunk+0x5/0xfbef5 [ 358.907527][T10362] ? dquot_initialize_needed+0x183/0x2a0 [ 358.913184][T10362] __ext4_expand_extra_isize+0x346/0x480 [ 358.918839][T10362] __ext4_mark_inode_dirty+0x544/0x870 [ 358.924328][T10362] ? __pfx___ext4_mark_inode_dirty+0x10/0x10 [ 358.930338][T10362] ? __pfx___might_resched+0x10/0x10 [ 358.935652][T10362] ? ext4_journal_check_start+0x22b/0x340 [ 358.941393][T10362] ? srso_alias_return_thunk+0x5/0xfbef5 [ 358.947039][T10362] ? __ext4_journal_start_sb+0x19e/0x690 [ 358.952951][T10362] ? ext4_evict_inode+0x5cf/0x18e0 [ 358.958098][T10362] ext4_evict_inode+0x74e/0x18e0 [ 358.963044][T10362] ? __pfx_ext4_evict_inode+0x10/0x10 [ 358.968453][T10362] ? srso_alias_return_thunk+0x5/0xfbef5 [ 358.974105][T10362] ? __pfx_ext4_evict_inode+0x10/0x10 [ 358.979479][T10362] evict+0x3e6/0x920 [ 358.983393][T10362] ? __pfx_evict+0x10/0x10 [ 358.987834][T10362] ? srso_alias_return_thunk+0x5/0xfbef5 [ 358.993481][T10362] ? srso_alias_return_thunk+0x5/0xfbef5 [ 358.999151][T10362] iput.part.0+0x6a9/0xb00 [ 359.003587][T10362] ? __pfx_ext4_drop_inode+0x10/0x10 [ 359.008894][T10362] iput+0x35/0x40 [ 359.012548][T10362] ext4_orphan_cleanup+0x731/0x11e0 [ 359.017779][T10362] ? __pfx_ext4_orphan_cleanup+0x10/0x10 [ 359.023445][T10362] ? srso_alias_return_thunk+0x5/0xfbef5 [ 359.029092][T10362] ? ext4_register_li_request+0xec/0x9b0 [ 359.034821][T10362] ext4_fill_super+0x8db7/0xaf70 [ 359.039781][T10362] ? __pfx_ext4_fill_super+0x10/0x10 [ 359.045069][T10362] ? do_raw_spin_lock+0x12c/0x2b0 [ 359.050111][T10362] ? srso_alias_return_thunk+0x5/0xfbef5 [ 359.055753][T10362] ? find_held_lock+0x2b/0x80 [ 359.060460][T10362] ? srso_alias_return_thunk+0x5/0xfbef5 [ 359.066103][T10362] ? sb_set_blocksize+0x176/0x1d0 [ 359.071141][T10362] ? srso_alias_return_thunk+0x5/0xfbef5 [ 359.076793][T10362] ? setup_bdev_super+0x369/0x730 [ 359.081822][T10362] get_tree_bdev_flags+0x38c/0x620 [ 359.086940][T10362] ? __pfx_ext4_fill_super+0x10/0x10 [ 359.092233][T10362] ? __pfx_get_tree_bdev_flags+0x10/0x10 [ 359.097875][T10362] ? apparmor_capable+0x114/0x1d0 [ 359.102905][T10362] ? srso_alias_return_thunk+0x5/0xfbef5 [ 359.108546][T10362] ? srso_alias_return_thunk+0x5/0xfbef5 [ 359.114185][T10362] ? security_capable+0x7e/0x260 [ 359.119153][T10362] vfs_get_tree+0x8e/0x340 [ 359.123599][T10362] path_mount+0x7b9/0x23a0 [ 359.128034][T10362] ? __pfx_path_mount+0x10/0x10 [ 359.132901][T10362] ? putname+0x154/0x1a0 [ 359.137165][T10362] ? srso_alias_return_thunk+0x5/0xfbef5 [ 359.142813][T10362] ? putname+0x154/0x1a0 [ 359.147158][T10362] ? __x64_sys_mount+0x293/0x310 [ 359.152112][T10362] __x64_sys_mount+0x293/0x310 [ 359.156892][T10362] ? __pfx___x64_sys_mount+0x10/0x10 [ 359.162188][T10362] ? srso_alias_return_thunk+0x5/0xfbef5 [ 359.167849][T10362] do_syscall_64+0xcd/0xfa0 [ 359.172377][T10362] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 359.178276][T10362] RIP: 0033:0x7fcc7ed9066a [ 359.182686][T10362] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 359.202301][T10362] RSP: 002b:00007fcc7fb85e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 359.210727][T10362] RAX: ffffffffffffffda RBX: 00007fcc7fb85ef0 RCX: 00007fcc7ed9066a [ 359.218694][T10362] RDX: 0000200000000180 RSI: 00002000000001c0 RDI: 00007fcc7fb85eb0 [ 359.226664][T10362] RBP: 0000200000000180 R08: 00007fcc7fb85ef0 R09: 0000000000800700 [ 359.234634][T10362] R10: 0000000000800700 R11: 0000000000000246 R12: 00002000000001c0 [ 359.242602][T10362] R13: 00007fcc7fb85eb0 R14: 000000000000046f R15: 00002000000007c0 [ 359.250586][T10362] [ 359.253795][T10362] Kernel Offset: disabled [ 359.258111][T10362] Rebooting in 86400 seconds..