last executing test programs: 5m20.492646447s ago: executing program 0 (id=122): r0 = socket$inet(0x2, 0x2, 0x0) ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000000240)={'tunl0\x00', &(0x7f00000003c0)={'tunl0\x00', 0x0, 0x0, 0x7800, 0x3c, 0xb5, {{0x6, 0x4, 0x3, 0x1, 0x18, 0x68, 0x0, 0x0, 0x4, 0x0, @multicast1, @rand_addr=0x64010102, {[@rr={0x7, 0x3, 0xc}]}}}}}) 5m20.226460072s ago: executing program 0 (id=124): r0 = socket(0x10, 0x3, 0x0) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=ANY=[@ANYBLOB="40000000100003040000", @ANYRES32=0x0, @ANYBLOB="00000000000000001800128008000100707070000c00028008000100", @ANYRES32=r1, @ANYBLOB='\b\x00\n\x00', @ANYRES64=r0], 0x40}, 0x1, 0x0, 0x0, 0x4004010}, 0x4000) readv(r1, &(0x7f0000001340)=[{&(0x7f0000000100)=""/142, 0x8e}, {0x0}], 0x2) 5m20.022432626s ago: executing program 0 (id=127): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0x8, 0x5}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_deliver\x00', r1}, 0x10) syz_open_procfs$namespace(0x0, 0xfffffffffffffffe) 5m19.906935138s ago: executing program 0 (id=129): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x50) bpf$PROG_LOAD(0x5, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000200)='./bus\x00', 0x800, &(0x7f0000000280)=ANY=[@ANYRES32=0x0, @ANYRESOCT, @ANYRES32, @ANYRESHEX], 0x1, 0x36e, &(0x7f0000000c00)="$eJzs3c9rI2UYwPEnaZpMumyTgygK0ge96GVoq2c1yC6IAZfuRtwVhNntREPGpMyESERsPXkVb/4DgsseFzwsqP9AL97WixdP9iIIuog4Mr/SJJ00aTZL0/b7gTZP8r7PzPvmF88byJuD9776uFn3zLrVkayhkhEReSRSlqwkMtFFXlLsycuX/nz4/PWbt96uVKtXtlSvVm68sqmqq2s/fPJZMe72oCD75Q8OxPht/+n9Zw/+u/FRw9OGp612Ry293f61Y912bN1ueE1T9ZpjW56tjZZnu1F7O2qvO+2dnZ5are3LKzuu7XlqtXratHvaaWvH7an1odVoqWmaenklbbjnmDFDTu3u1pZVmfGEd2bMw7z94/v+Mc2uW7GWRMzikZba3Sc6LgAAsJBG6v9vkhqhLNl+QZmJ1wL5MB5eBgT1fxKH9X+wWDis/++98FPn0rv3V+P6/0E+rf5/9Zcof6j+D84+9/r/u5HrRyuiM2/3JJ0fq/7HYlgbfkX+frhijwX1f/Bq6K/ov3j/3noYUP8DAAAAAAAAAAAAAAAAAAAAAHAWPPL9ku/7peQy+Tv8CkF8Pbl23BeNceaMe/wL8Y4C/ecDzqXrN2+JEX5xL7cq4nzZrXVr0WXcnnRcl5L8Gz4fYtGGE3thowbK8qOz260txwlL4f+KiIojtmxIScpD+WF89a3qlQ2NRPnh+Xe7tUxuJcivSyPM35SSPJWev5man5eXXhzIN6UkP9+RtjiyHb+PJfmfb6i++U51JL8Y9kvz+pN9SAAAAAAAmDtT1YiXz+Xh9W+0fjdN1bT2YC0vg+vzo58P9NfX66nr81zpudzpzh0AAAAAgIvCy3/atBzHdr3e2KAok/oU4qONNOVkwpGDIDdFn6HgYRgsH9dnaWCG0x45H/+CxrTDcL2eTD3mJPirIKl3ZrKF61CTkX6vThkk85+is3HSh8D1siefu+16a8F4dKbpDATJx0bj+si1WY88Lkh2zp3U+Zmvv/17tlNk4l17B5teu29MmGkYZEZu2ZvwpP3D9yeOZzn93eL7WX5kBgAAAMCCSIr+opfc8sbpDggAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAtortukjQlOe44AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAovg/AAD//5h69bA=") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpu.stat\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000040), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) fdatasync(r0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) process_vm_writev(r1, &(0x7f0000001c80)=[{&(0x7f0000001bc0)=""/156, 0x9c}], 0x1, &(0x7f0000001d80)=[{&(0x7f0000001cc0)=""/116, 0x20001c34}], 0x1, 0x0) 5m18.910805828s ago: executing program 0 (id=137): syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x11, &(0x7f0000000100)={[{@noblock_validity}, {@acl}, {@norecovery}, {@min_batch_time={'min_batch_time', 0x3d, 0x71d}}, {@abort}]}, 0x1, 0x60f, &(0x7f0000000a40)="$eJzs3c9rFGcfAPDvTH6avO+bKC+8rz3UQCkKrYmJWqQUau5F7I9/IDVRxGgkSaFRwQjtsfTSQ6GnHmr/i1borfTQaw+9F0FK8VCL1C2zOxs3m93Nz/3h7ucDa+aZmczznZhvnmeefWY2gJ41kf2TRhyNiJtJxFjFtv7IN06U9nv8x51L2SuJQuH935O4czdZrzxWkn8dzb/577FIfk4jjvRtrXdl7da1ucXFheW8PLV6/ebUytqtk1evz11ZuLJwY+aNmXNnz5w9N31qX+c3UGPdN189Taa//fVCEufjWR5bdl7V+w3tq+bsZzYRhZInm9dHnNvnsTvFn2Pl35PnkuoVdKzLed5mefK/GIu+iv/Nsfj03bYGBzRVIYlyGwX0nKRO/v842+gvw3DT4gFapdwPKF/b17oO3iptcq8EaIVHs6WxulLuD0REOf/7S2ODMVwcGxh5nGwa50kiYn8jcyVZHT/9cOGT7BV1xuGA5li/Vx7lrm7/k2JujsdwsTTyON2c/+uFQpr3BLL17+2x/omqsvyH1lm/FxH/z9v/wdhx/qd57pbz/8M91i//AQAAAAAA4OA8mI2I12vN/0s35v8M1pj/MxoR5w+g/u3f/0sf5gtJ1a6DB1A99LRHsxFv1Zz/uzHHd7wvL/27OB/gdnL56uLCqYj4T0SciIGhrDxdddzKGcInPzvyZb36K+f/Za+s/vJcwPxID/urbsSdn1ud2+95AxGP7kW8VJz/eyxfs3n+T9b+JzXa/yy/b+6wjiOv3r9Yb9v2+Q80S+HriOM12//n3e2k8fM5por9galyr2Crl29//l29+qvzvwmnCNSRtf8jjfN/KKl8Xs/K7o6fXaSfXusv1Nu+1/7/YPJBX1QMAnw8t7q6PB0xmLyzdf3M7mKGbpXnw7HI8yXL/xOvNB7/2+j/V+ThoYhY30F9w9ts1/+H9snyf75x+z++uf3f/cLM/fHv69V/cUft/5lim34iX2P8DyptfR7HThO0LeECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwAsujYh/RZJObiyn6eRkxGhE/DdG0sWlldXXLi99dGM+2xYxHgNp+ZN+x0rlpPz5/+MV5Zmq8umIOBwRX/QdKpYnLy0tzrf75AEAAAAAAAAAAAAAAAAAAKBDjBbv+S8MVd//n/mtr93RAU3Xn3+V79B7+vf8nYWhAw0EaLm95z/wAsuu+XeR/wPNjAVog/r5/+Rpoail4QAtpP8PvWuP+e/tAugC2n/oVTsc0xtudhxAO2j/AQAAAACgqxw+9uCXJCLW3zxUfGUG820m+0N3S9sdANA25vBC7+pfancEQLu4xgeSjaW/at7sX3/2f9KcgAAAAAAAAAAAAACALY4fdf8/9KrG9/+b2w/drMH9/7WS3+MCoIvU/+gPbT90O9f4wHatvfv/AQAAAAAAAAAAAKADDN+6Nre4uLC8svbiLbzdGWHsbmF9riPC2MVC4W5E432eNaf2gYjolB/C8koWTavqKj+Co42n3Oa/SwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwIZ/AgAA///mMhsm") 5m17.334340219s ago: executing program 0 (id=147): r0 = socket(0x10, 0x3, 0x0) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=ANY=[@ANYBLOB="400000001000030400000000000000", @ANYRES32=0x0, @ANYBLOB="00000000000000001800128008000100707070000c00028008000100", @ANYRES32=r1, @ANYBLOB='\b\x00\n\x00', @ANYRES64=r0], 0x40}, 0x1, 0x0, 0x0, 0x4004010}, 0x4000) readv(r1, &(0x7f0000001340)=[{&(0x7f0000000100)=""/142, 0x8e}, {0x0}], 0x2) 5m16.794776609s ago: executing program 32 (id=147): r0 = socket(0x10, 0x3, 0x0) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=ANY=[@ANYBLOB="400000001000030400000000000000", @ANYRES32=0x0, @ANYBLOB="00000000000000001800128008000100707070000c00028008000100", @ANYRES32=r1, @ANYBLOB='\b\x00\n\x00', @ANYRES64=r0], 0x40}, 0x1, 0x0, 0x0, 0x4004010}, 0x4000) readv(r1, &(0x7f0000001340)=[{&(0x7f0000000100)=""/142, 0x8e}, {0x0}], 0x2) 6.865084447s ago: executing program 1 (id=2029): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/15, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0b00000007000000020001000900000001"], 0x50) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000000)={r0, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000400)='virtio_transport_alloc_pkt\x00', r1}, 0x18) r2 = socket$vsock_stream(0x28, 0x1, 0x0) connect$vsock_stream(r2, &(0x7f0000000140)={0x28, 0x0, 0x0, @host}, 0x10) 6.083800863s ago: executing program 1 (id=2030): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=ANY=[], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000380)=ANY=[@ANYBLOB="1800"/13, @ANYRES16], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x42, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94) r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1, 0x0, 0x7fff}, 0x18) r3 = socket$tipc(0x1e, 0x5, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r4 = syz_usbip_server_init(0x1) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xfec8d000) mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x2) ioctl$USBDEVFS_IOCTL(0xffffffffffffffff, 0xc0105512, 0x0) write$usbip_server(r4, &(0x7f0000000c00)=ANY=[@ANYBLOB="00000003000000010000000000000001000d661dc9dc353f2a6000660974"], 0x30) r5 = bpf$BPF_LINK_CREATE_XDP(0x1c, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) r6 = accept4$bt_l2cap(0xffffffffffffffff, 0x0, &(0x7f0000000080), 0x1800) getsockopt$bt_BT_SNDMTU(r6, 0x112, 0xc, 0x0, &(0x7f00000003c0)) bind$tipc(r3, 0x0, 0x0) setsockopt$TIPC_GROUP_JOIN(r3, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x2, 0x3, 0x3}, 0x10) chroot(0x0) r7 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000c40)=ANY=[@ANYRESHEX=r5, @ANYRES64=r2], 0x5c}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x13, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000040000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000010000000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000180)='sys_enter\x00', r8, 0x0, 0x6}, 0x18) close(r0) 5.573255562s ago: executing program 2 (id=2031): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace(0x10, r3) prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0) ptrace(0x10, r3) 4.611666711s ago: executing program 2 (id=2035): bpf$ENABLE_STATS(0x20, 0x0, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000010000c50000000e000000"], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='rxrpc_peer\x00', r0}, 0x10) r1 = socket(0x2000000000000021, 0x2, 0x10000000000002) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0xffffffffffffffef) prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x5c399000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) connect$rxrpc(r1, &(0x7f0000000140)=@in4={0x21, 0x0, 0x2, 0x10}, 0x24) sendmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)=[{0x18, 0x110, 0x1, '\n'}], 0x18, 0xe000}, 0x5}], 0x1, 0x0) 4.466240334s ago: executing program 4 (id=2036): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x8, 0x1}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x18) bpf$TOKEN_CREATE(0x24, &(0x7f0000000000)={0x0, r0}, 0x8) bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0) open(0x0, 0x145142, 0x0) r2 = syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff) r3 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$SMC_PNETID_ADD(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)={0x40, r2, 0x1, 0x0, 0x0, {}, [@SMC_PNETID_ETHNAME={0x14, 0x2, 'bond0\x00'}, @SMC_PNETID_NAME={0x9, 0x1, 'syz0\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz1\x00'}]}, 0x43}}, 0x0) sendmsg$SMC_PNETID_DEL(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000000c0)={0x14, r2, 0xe27, 0x70bd28, 0x0, {0x4, 0x7, 0x2}}, 0x14}, 0x1, 0x40030000000000}, 0x4000) 4.367039616s ago: executing program 4 (id=2037): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) close(r1) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r2) ioctl$TUNSETTXFILTER(r0, 0x400454d1, &(0x7f0000000200)={0x1, 0x1, [@broadcast]}) sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c6572"], 0x38}}, 0x10) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast}) r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0) close(r4) socket$unix(0x1, 0x1, 0x0) ioctl$SIOCSIFHWADDR(r4, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"}) 3.374359175s ago: executing program 2 (id=2040): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) write$binfmt_aout(r0, &(0x7f0000000340)=ANY=[], 0xff2e) r1 = gettid() timer_create(0x1, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) ioctl$TCXONC(r0, 0x540a, 0x3) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_TRANSTABLE_GLOBAL(0xffffffffffffffff, 0x0, 0x20800) getuid() setsockopt$bt_BT_CHANNEL_POLICY(0xffffffffffffffff, 0x112, 0xa, 0x0, 0x0) r2 = socket(0x2, 0xa, 0x300) setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000000100)={0x2, &(0x7f00000001c0)=[{0x30, 0x3, 0x4d, 0xfffff034}, {0x6, 0x4, 0x2, 0x6}]}, 0x10) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x8, 0x0, 0x0) syz_emit_ethernet(0x86, &(0x7f00000005c0)=ANY=[@ANYBLOB="aaaaaaaaaaaabbbbbbbbbbbb08004500007800000000000190780a0101020e5014aa0b009078010000004700000000000000001110007f000001e0000002440c0001ac1414bb4e210000"], 0x0) r3 = syz_pidfd_open(0x0, 0x0) setns(r3, 0x20000) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_int(r4, 0x29, 0x42, &(0x7f0000000040)=0xf2b, 0x4) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000080)='kmem_cache_free\x00', r5, 0x0, 0x20000}, 0x18) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f00000002c0)=ANY=[@ANYRESDEC=r5, @ANYRESOCT, @ANYBLOB="0000000000000004b705000008000000850000"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000280)='mm_page_free\x00', r6, 0x0, 0x800000000000002}, 0x18) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000380), 0x4001, 0x0) getsockopt$inet6_buf(r4, 0x29, 0x6, &(0x7f0000001500)=""/17, &(0x7f0000000180)=0x11) clock_gettime(0x0, &(0x7f00000000c0)={0x0, 0x0}) ppoll(&(0x7f0000000040)=[{r3, 0x24}, {r4, 0x4000}, {r0, 0x1001}], 0x3, &(0x7f0000000100)={r7, r8+10000000}, &(0x7f0000000140)={[0x1]}, 0x8) 3.368740875s ago: executing program 1 (id=2041): r0 = open_tree(0xffffffffffffff9c, 0x0, 0x89001) unshare(0xc000400) recvmsg(r0, 0x0, 0x2000) 3.323762066s ago: executing program 4 (id=2042): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x80, 0x1, 0x28}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x18) r2 = memfd_create(&(0x7f0000000cc0)='\x103q}2[\xe0\x9a\xee\xaf\x03\x97\x9et\v\"|Ma\x86\xe7\xc0\x14\x9f\xb9h\xb1\x96\xe7=I\x860S6\xb5\xa8\xc2\x95Je%\xfeG\'\b\x00\xd5\xfd\xa9\r\xac7V\xf2\x93A\x94k\xcd\t\x00\x90\xbe\xd6\x05\xb6&\xd0\x9daA\xc5\x9c_\xd4\x18,\f\xd4s\xb2\x99/\xc0\x9a\xf2Oc\xc0c\agB!\xb0\xb8n\x01\x9bT\x95\x10\x86\xe8$\x7f\r[\xf9\x0e1v\xb1\n\x88\v\x95uy\xb5:`\x8b\nC\x18A;\xaa%\xaf\xc7\xa3\xac\xa2D\xb5\xe2\xe1\xdc(\xfd\x05\x9fB\x84O\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x1a\xa0\x17\xe3\xac\xe9\xc9\xa7\x8a\x1b\x03\"&\xac\xcap>\xccZ\x01\xbc\x18\xc1\xb9\xe9\v\x8b\x9c\xb4Q\xd4\x96EV<>\x99\xca\xb3\xe0\xc4tL\xed\xf5W\x9f#\xcf\x8a\x84\xed\x9f/\xd4\xbb\xea;-Dp\xd8\xf8\xd0F\x90\xf8\x92Ip6\xf4\x16\xe8\x14\xe0\x96!\x92-F\xe2\x14D\x91\xa8b\x04\xdd\x1d\a\xdc\xe0\x18\x85{\x80Q\xf6k\x96\xfaQ\x9fW\vO\xf0\xe4O\\\xceS\xe2_\x16\x05\x049d\x06#\x88\xc3\xdf\x85O\x1c\xc3\xad?r\xd7\x0e\x00\xd7\x83\xb0\x88\x9c\xf6Y-F\x98\xdd\x9c~\xfd\x95\xc3\xb6lC\xaa\"Y\xa2K\xecz\x84:*\xf5Y\xd1\x9b1\xbd\x9b\x15\xd4\xec\x02o\x01&\xaa\x90w\xc4\xc7\x8en\xb5\x1ag\xab&?\xbe\xcb\xe8v\xa8\xe0\xa4\x81sW\xacf\x149\xd2}\xef\x03Ga\x9a$4\x8c\xa5!p\x83\x05\x96%\x02%\xabj\n\b\xc8NC\x91}&y\xd3\xe1\xeep\'\xc5\xab\x19GsX5\x8c\n\x9fh\xee;4\xb1%V\xe0\xa9\x8e\xf30:\xd8\x18N~G\x139\xcaf2\x02F1\xc6\x82\x00E\xae\x9d\x17\x871N:\xb4\xea \x8e\xdelP\x83\x1f\'\xe2\xd6\xc0\xc3\xfc\xc9677u\xf3RUP@o>\xee\xb8\xa3\t\x02\xb7\\,\xebK\xed\x1b\xc9e\xb3\x16\xce\x9bI\xdb\xfa\x82\x85\t\x9bg\xd0s\xe2\f{\x8cp~;\xf8\x96\xf2\x91\x06\xd7\x80t\xfc\xf8\xd2\x12N\x1cB7^\xfd4\xae\xb0V\\w\b!\xae\x1baTv\xc0z\x19\xc5\xc8w\xba\x97N\x9a`\x8f\xfc\x9ee\xf9\x00\x1cQA\x14]\r\xd4\"\xc2\x12GD\xdb{\x17fNo\xb3\x1d\xbb\xcaI\x05\xff\x8d\xf4_\x1a\vqA\xb7\x0ed<\x98\xee\xb8\x19\xec\x9f\xee\xe1_\xacG\x8b\xa3\xc3\x13\x80\x0f\xf4I\xdeAwG\xbdkno\xa2\b\x126\x97\x9b\xf9|P\xd94\v\x15\xcb\xc0\x9d\x11\xf3\x18\xae!2\x1b\x12\xa9\xc8~\xb7S\x94\xb5\xc7;\xa90D>s\xe9\xa4N\xf8\xdb\xab\xa0\x94~\xa1]b\xa4\xe5\xe2e\x1c\x8b\xd2\xc7Md\x93\x02\xd8\xb0,\xeb\x03\xaa\v\xed\x9bR\x8a\x80\xc2\x1f\x17ej\x973wv\x83a\xe06\x96\xde\xbc%UH\xf8S\xf1\xa1g\x02\xc4\xc3\xa4\xa8\x96\t\xfex\x02Y\x8e\xae\xf5m\xca\xa0i\x80O\x11\xac\xb7$\xdb\xbc\xb0\xcb\xacqU\xb5*\x00\x00\x00\x00\x00\x00\x00\f\xda\xf8oV\x89\xd3\x1f\x99+\xe5\x04\x00\x00\x00\x00\x00\x00\x00\xf2\xcc\xd3\x94\xca\xd4\x00\x00\x00\x00\x00\x00\x00\x00\x00~A9\xf6IBu2L\x9e\xa2\xbb\xa9s\xab\x90\x06\xc6!p\x9e?~\xf9\xe6\xae*\v\xa3\xd9\xcfJ\t}\xd4:\xe4\xbe\x1c\x10\n\xc6hPO\xeagxKN\'z]*\x93\xf7\b\x91\xd0\xff\xd9\xc6a\xb5q\x9c\xa1Go\xd58\x93\xe0,\x9f\xe4\xa9\xd9A\x9e\x95e\x98\xd0V\x9d\xed\x97\xf1\xc5\xce\xf5\x90!D\x9a\xd8\x10\xbbx\r8\xff\x8bNUK\xebA\xe5\x92f\xc4\xd1\xa8\x15\xbf\xb5iW\xdb.kbf*\x89\xf0\xecq m-~\xbbf?\xec=\xd2\xe2\x1e\xca\xc5kz\x8e9\xd6\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xa3d5V\x80\x1a\x90\x10\xe3\xdf%\xfdz\xf7\x9aE\xe6\x9b\x00'/993, 0x3) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000000)={0x0, 0x2, 0x6, 0x1000000}) fcntl$addseals(r2, 0x409, 0xb) 3.218449818s ago: executing program 3 (id=2043): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace(0x10, r3) prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0) ptrace(0x10, r3) 3.178769229s ago: executing program 1 (id=2044): recvmmsg(0xffffffffffffffff, &(0x7f0000006940)=[{{0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000003c0)=""/6, 0x6}], 0x1}, 0x4}], 0x1, 0x40, 0x0) socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$sock(r0, &(0x7f00000044c0), 0x4000000000001c0, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0}, 0x94) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="17000000000000000400000003"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10) recvfrom(r1, &(0x7f0000000600)=""/55, 0x37, 0x2040, 0x0, 0x0) 2.534771741s ago: executing program 1 (id=2045): r0 = syz_io_uring_setup(0x83a, &(0x7f0000000180)={0x0, 0x2b94, 0x1000, 0x8, 0x3cf}, &(0x7f0000000040)=0x0, &(0x7f0000000000)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_LINKAT={0x27, 0x1a, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0xffffffffffffffff, 0x1000}) io_uring_enter(r0, 0x3516, 0x0, 0x0, 0x0, 0x0) 2.250703507s ago: executing program 3 (id=2046): syz_create_resource$binfmt(&(0x7f0000001400)='./file0\x00') r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000040000850000007200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) r1 = syz_open_dev$usbfs(0x0, 0x8, 0x8202) ioctl$USBDEVFS_FORBID_SUSPEND(r1, 0x5521) socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000540)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$tipc(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000040)="fb6b", 0x2}], 0x1, 0x0, 0x0, 0x4000001}, 0x0) recvmsg(r2, &(0x7f0000000b00)={0x0, 0x0, 0x0}, 0x40fd) bpf$MAP_CREATE(0x0, &(0x7f0000010140)=ANY=[@ANYBLOB="170000000000000004000000"], 0x48) open(&(0x7f0000000580)='./file0\x00', 0xc0, 0x63) r4 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f00000002c0)={0xfffffffffffffc87, 0x0}) socket$tipc(0x1e, 0x2, 0x0) r5 = bpf$MAP_CREATE(0x0, 0x0, 0x50) r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32=r5, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r6}, 0x18) write$binfmt_register(r4, &(0x7f0000000000)={0x3a, 'syz3', 0x3a, 'E', 0x3a, 0x3, 0x3a, '!+\xf0!\\+Jj\x95\xa27W\xfd\xe3aE\xa9b;\xc44\xec\xa2i6\xc2<\xa73\xec&N(G\xc0E\xf4\xc2B', 0x3a, '\x90', 0x3a, './file0', 0x3a, [0x46, 0x4f, 0x4f]}, 0x52) 2.224490358s ago: executing program 2 (id=2047): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0b00000007000000020001000900000001"], 0x50) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000000)={r0, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000400)='virtio_transport_alloc_pkt\x00', r1}, 0x18) r2 = socket$vsock_stream(0x28, 0x1, 0x0) connect$vsock_stream(r2, &(0x7f0000000140)={0x28, 0x0, 0x0, @host}, 0x10) 2.084546021s ago: executing program 2 (id=2048): bpf$ENABLE_STATS(0x20, 0x0, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000010000c50000000e000000"], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='rxrpc_peer\x00', r0}, 0x10) r1 = socket(0x2000000000000021, 0x2, 0x10000000000002) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0xffffffffffffffef) prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x5c399000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) connect$rxrpc(r1, &(0x7f0000000140)=@in4={0x21, 0x0, 0x2, 0x10}, 0x24) sendmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)=[{0x18, 0x110, 0x1, '\n'}], 0x18, 0xe000}, 0x5}], 0x1, 0x0) 1.994464592s ago: executing program 3 (id=2049): r0 = socket(0x10, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'veth1_to_bond\x00'}) mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000140)) 1.987396482s ago: executing program 4 (id=2050): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) close(r1) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r2) ioctl$TUNSETTXFILTER(r0, 0x400454d1, &(0x7f0000000200)={0x1, 0x1, [@broadcast]}) sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c6572"], 0x38}}, 0x10) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast}) r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0) close(r4) socket$unix(0x1, 0x1, 0x0) ioctl$SIOCSIFHWADDR(r4, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"}) 1.761851817s ago: executing program 3 (id=2051): socket$inet6_mptcp(0xa, 0x1, 0x106) openat$rtc(0xffffffffffffff9c, &(0x7f0000000040), 0xc00, 0x0) r0 = syz_io_uring_setup(0xd1, &(0x7f0000000480)={0x0, 0x8a73, 0x100, 0x22, 0x1b7}, &(0x7f0000000300)=0x0, &(0x7f00000001c0)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000000)=0x103, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000040)=""/15, 0xf}], 0x1}) io_uring_enter(r0, 0x47bc, 0x3000000, 0x0, 0x0, 0x0) 1.446345303s ago: executing program 4 (id=2052): r0 = open_tree(0xffffffffffffff9c, 0x0, 0x89001) unshare(0xc000400) recvmsg(r0, 0x0, 0x2000) 1.402341073s ago: executing program 1 (id=2053): r0 = socket(0x10, 0x3, 0x0) r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000005800)={0x18, 0xf, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014fa0000b7030000000008008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000020000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10) r3 = syz_io_uring_setup(0xbc3, &(0x7f0000000480)={0x0, 0x1060, 0x80, 0x0, 0x264}, &(0x7f0000000040)=0x0, &(0x7f00000000c0)=0x0) syz_io_uring_submit(r4, r5, &(0x7f0000000300)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x2, 0xa3d8, &(0x7f00000005c0)=[{&(0x7f0000000240)="5db5bd", 0x3}], 0x10000000000002a8, 0x8, 0x1, {0x2}}) syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) io_uring_enter(r3, 0x47f8, 0x0, 0x0, 0x0, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040)={0x8604}, 0x10) r6 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb702000008", @ANYRES32=r6, @ANYBLOB="0000000000000000b7050000080000008500000069000000"], &(0x7f0000000040)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x2c, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x94) r7 = socket$kcm(0x10, 0x2, 0x0) ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(r7, 0x8982, &(0x7f0000000400)={0x0, 'batadv0\x00', {0xb}}) sendmsg$kcm(r7, &(0x7f0000000600)={0x0, 0x0, 0x0}, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r8 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r8, 0x0, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0) r9 = syz_open_dev$loop(&(0x7f0000000240), 0x7, 0x142ba3) r10 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/oops_count', 0x8a883, 0x2) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) ioctl$LOOP_CONFIGURE(r9, 0x4c0a, &(0x7f0000000080)={r10, 0x0, {0x0, 0x0, 0x0, 0x7, 0x4000000000000ffd, 0x0, 0x0, 0x1e, 0x0, "faf98317e5a1149989fc8dbe43ea6acc96e3a2503dc3bd3fe37d58128bbad0099cebdc25f5ab60c9e6d680f985881a7beda9d69098c8b534464c516bdd8a0f35", "32d8cc26f7061a74df2cfc06c89f3d9e234b30c50997d3bef409ff2176ff7bfe55cd4a5d83cd4a524bd3ffe70c7f3f800b2f7b6aa54cc50a1fcaed1e831fa79a", "67523760fd40f78d2cfc03d81a8ca55ba139c01802c4dae4162e43ac61b7ad33", [0x2, 0x9]}}) ioctl$LOOP_SET_BLOCK_SIZE(r9, 0x4c09, 0x6) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000001000)=ANY=[@ANYBLOB="61158c000000000061134c0000000000bfa00000000000001503000008004e002d3501000000000095004100000000006916000000000000bf67000000000000350605000fff07206706000005000000160302000ee60060bf500000000000000f650000000000006507f9ff0100000007070000cddfffff1e75000000000000bf54000000000000070400000400f9ffbd4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd3997f9c9c4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe01c5473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc2300000008ac86d8a297dff0445a15f21dce4de9f29eff65aadc841848c9b562a31e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076ebae3f55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932c9a6aa57f1ad2e99e0e67ab93716d20000009fbb0f53acbb40b4f8e2738270b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f679629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253880800000000000000690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43010000207b40407d000000210000000000000000005f37d83f84e98a523d80bd970d703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5489af8dc2f17923f3c40dfd1970a55c22fe3a5ac000000f4000000000000000000000000c1eb2d91fb79ea00000000000000bb0d00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba9000000000000003cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c6939628950000000000000001c7205a6b068fff496d2da7d632bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6186f117b062df67d3a63f3265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b30410856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db88aa3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f8150d999d788535a4d3114dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fb9fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff010404faf0a4da65396174b4563d54b52f06c870edf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202ee1192b81f428a5b3c299848649e1a6bff52f657a67463d7dbf85ae9321fc2b517dc4a29b9b5a8ded5de8206c812439ab129ae818837ee1562078fc524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2a3bc87b0da23c00d9ef418cf19e7a8c4c328be0ce95798adc2dca871073f6bd61dc18487b6feb89752cd600000000abc86b94f8cbde4d470667bee722a6a2af483ad0d3415ed0f9db059acaba9eaea93f811d434e00000000000000000000d154ba10a8e51489a614e69722bac30000000000000000000000000000c5dfd188ff555285b9743d3aac000583f42d168613151d681a2f71373f20d92c9048407c91fabecfe8b3f2d5454d127edab14ba61ba1cfc4336324c86f3dcb43e9a58208077e90f6ec1c7ac756f61dcc372c"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x94) 1.014076661s ago: executing program 3 (id=2054): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace(0x10, r3) prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0) ptrace(0x10, r3) 851.624794ms ago: executing program 2 (id=2055): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) write$binfmt_aout(r0, &(0x7f0000000340)=ANY=[], 0xff2e) r1 = gettid() timer_create(0x1, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) ioctl$TCXONC(r0, 0x540a, 0x3) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_TRANSTABLE_GLOBAL(0xffffffffffffffff, 0x0, 0x20800) getuid() setsockopt$bt_BT_CHANNEL_POLICY(0xffffffffffffffff, 0x112, 0xa, 0x0, 0x0) r2 = socket(0x2, 0xa, 0x300) setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000000100)={0x2, &(0x7f00000001c0)=[{0x30, 0x3, 0x4d, 0xfffff034}, {0x6, 0x4, 0x2, 0x6}]}, 0x10) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x8, 0x0, 0x0) syz_emit_ethernet(0x86, &(0x7f00000005c0)=ANY=[@ANYBLOB="aaaaaaaaaaaabbbbbbbbbbbb08004500007800000000000190780a0101020e5014aa0b009078010000004700000000000000001110007f000001e0000002440c0001ac1414bb4e210000"], 0x0) r3 = syz_pidfd_open(0x0, 0x0) setns(r3, 0x20000) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_int(r4, 0x29, 0x42, &(0x7f0000000040)=0xf2b, 0x4) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000080)='kmem_cache_free\x00', r5, 0x0, 0x20000}, 0x18) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f00000002c0)=ANY=[@ANYRESDEC=r5, @ANYRESOCT, @ANYBLOB="0000000000000004b705000008000000850000"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000280)='mm_page_free\x00', r6, 0x0, 0x800000000000002}, 0x18) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000380), 0x4001, 0x0) getsockopt$inet6_buf(r4, 0x29, 0x6, &(0x7f0000001500)=""/17, &(0x7f0000000180)=0x11) clock_gettime(0x0, &(0x7f00000000c0)={0x0, 0x0}) ppoll(&(0x7f0000000040)=[{r3, 0x24}, {r4, 0x4000}, {r0, 0x1001}], 0x3, &(0x7f0000000100)={r7, r8+10000000}, &(0x7f0000000140)={[0x1]}, 0x8) 702.244537ms ago: executing program 4 (id=2056): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x10000, 0x0, &(0x7f0000006680)) mkdirat(0xffffffffffffff9c, 0x0, 0x0) r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000180)={0x0, 0x0}) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000540)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000001000000850000008600000095", @ANYRES16=r0], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r5}, 0x10) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={0x0}}, 0x0) r6 = socket$netlink(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f00000002c0)) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB="4400000010000104a5270b7357000000925e4a44", @ANYRES32, @ANYBLOB="0dfa130016000000240012000c00010000000000000000000c0002f60800000001180000080001"], 0x44}}, 0x0) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000280)={r6, 0x7, 0x104, 0xfffffffe}) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB='H'], 0x48}, 0x1, 0x0, 0x0, 0x20004810}, 0x0) sendmmsg(r6, &(0x7f00000002c0), 0x40000000000009f, 0x0) 0s ago: executing program 3 (id=2057): syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f0000000300)='./file0\x00', 0xa0835c, &(0x7f0000000340)={[{@nojournal_checksum}, {@nolazytime}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5c}}, {@dioread_nolock}, {@usrjquota}, {@oldalloc}, {@sysvgroups}]}, 0x2, 0x44a, &(0x7f0000000880)="$eJzs281vFOUfAPDvzLbl9+OtFfEFRK0SY+NLSwsqBy8aTTxgNNEDHuu2EMJCDa2JECLVGLyYGBI9G48m/gXevBj1ZOJV74aEKBfQU83MzsDuslsobHcr+/kkA8+z82yf57vPPDPPzLMbwMAaz/5JIrZGxG8RMVrPNhcYr/939fLZ6t+Xz1aTWFl5688kL3fl8tlqWbR835YiM5FGpJ8kRSXNFk+fOT5bq82fKvJTSyfem1o8febZYydmj84fnT85c/Dggf3TLzw/81xX4sziurL7w4U9u15758Lr1cMX3v3p26y9W4v9jXF0y3gW+F8rudZ9T3S7sj7b1pBOhvrYENakEhFZdw3n4380KnG980bj1Y/72jhgXWXXpk2ddy+vAHexJPrdAqA/ygt9dv9bbj2aemwIl16q3wBlcV8ttvqeoUiLMsMt97fdNB4Rh5f/+SrbYp2eQwAANPqs+uWheKbd/C+N+xvKbS/WUMYi4p6I2BER90bEzoi4LyIv+0BEPLjG+luXhm6c/6QXbyuwW5TN/14s1raa53/l7C/GKkVuWx7/cHLkWG1+X/GZTMTwpiw/vUod37/y6+ed9jXO/7Itq7+cCxbtuDjU8oBubnZpNp+UdsGljyJ2D7WLP7m2EpBExK6I2L22P729TBx76ps9nQrdPP5VdGGdaeXriCfr/b8cLfGXktXXJ6f+F7X5fVPlUXGjn385/2an+u8o/i7I+n9z8/HfWmQsaVyvXVx7Hed//7TjPc3tHv8jydv5+WikeO2D2aWlU9MRI8mhPN/0+sz195b5snwW/8Te9uN/R/GeLP6HIiI7iB+OiEci4tGi7Y9FxOMRsXeV+H98ufO+jdD/c23Pf9eO/5b+X3uicvyH7zrVf2v9fyBPTRSv5Oe/m7jVBt7JZwcAAAD/FWn+HfgknbyWTtPJyfp3+HfG5rS2sLj09JGF90/O1b8rPxbDafmka7Theeh0slz8xXp+pnhWXO7fXzw3/qLy/zw/WV2ozfU5dhh0WzqM/8wflX63Dlh37dbRZkb60BCg51rHf9qcPfdGLxsD9JTfa8Pgusn4T3vVDqD3XP9hcLUb/+da8tYC4O7k+g+Dy/iHwWX8w+Ay/mEg3cnv+iUGORHphmiGxDol+n1mAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6I5/AwAA///K8u7c") openat(0xffffffffffffff9c, &(0x7f0000001740)='.\x00', 0x511001, 0x488) r0 = inotify_init1(0x0) inotify_add_watch(r0, &(0x7f0000000200)='.\x00', 0x10000a0) unlink(&(0x7f0000000040)='./file1\x00') kernel console output (not intermixed with test programs): esystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 283.397982][ T9687] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 283.415541][ T9687] ext4 filesystem being mounted at /337/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 283.447982][ T9687] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 283.735555][ T9702] loop1: detected capacity change from 0 to 1024 [ 283.765271][ T9702] EXT4-fs: Ignoring removed orlov option [ 283.843087][ T9702] EXT4-fs (loop1): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 283.901133][ T9702] ext4 filesystem being mounted at /318/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 283.950342][ T9702] EXT4-fs error (device loop1): ext4_map_blocks:718: inode #15: block 3: comm syz.1.1280: lblock 3 mapped to illegal pblock 3 (length 1) [ 283.968288][ T9702] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 1 with error 117 [ 283.968671][ T9710] tipc: Started in network mode [ 284.003532][ T9702] EXT4-fs (loop1): This should not happen!! Data will be lost [ 284.003532][ T9702] [ 284.015494][ T9710] tipc: Node identity d2430fc76a15, cluster identity 4711 [ 284.043379][ T9710] tipc: Enabled bearer , priority 0 [ 284.056377][ T9710] syzkaller0: entered promiscuous mode [ 284.062237][ T9710] syzkaller0: entered allmulticast mode [ 284.074961][ T9702] EXT4-fs error (device loop1): ext4_map_blocks:608: inode #15: block 3: comm syz.1.1280: lblock 3 mapped to illegal pblock 3 (length 1) [ 284.108426][ T9702] EXT4-fs error (device loop1): ext4_map_blocks:608: inode #15: block 3: comm syz.1.1280: lblock 3 mapped to illegal pblock 3 (length 1) [ 284.125805][ T9702] EXT4-fs error (device loop1): ext4_map_blocks:608: inode #15: block 3: comm syz.1.1280: lblock 3 mapped to illegal pblock 3 (length 1) [ 284.151550][ T9710] tipc: Resetting bearer [ 284.168803][ T9701] EXT4-fs error (device loop1): ext4_map_blocks:608: inode #15: block 3: comm syz.1.1280: lblock 3 mapped to illegal pblock 3 (length 1) [ 284.185209][ T9710] loop3: detected capacity change from 0 to 1024 [ 284.201568][ T9710] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (58532!=20869) [ 284.220136][ T9710] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a000e11d, mo2=0002] [ 284.228780][ T9710] EXT4-fs (loop3): failed to initialize system zone (-117) [ 284.236323][ T9710] EXT4-fs (loop3): mount failed [ 284.261205][ T9701] EXT4-fs error (device loop1): ext4_map_blocks:608: inode #15: block 3: comm syz.1.1280: lblock 3 mapped to illegal pblock 3 (length 1) [ 284.342283][ T9719] EXT4-fs error (device loop1): ext4_map_blocks:718: inode #15: comm syz.1.1280: lblock 0 mapped to illegal pblock 0 (length 1) [ 284.346369][ T9702] EXT4-fs error (device loop1): ext4_map_blocks:608: inode #15: block 3: comm syz.1.1280: lblock 3 mapped to illegal pblock 3 (length 1) [ 284.437516][ T9701] EXT4-fs error (device loop1): ext4_map_blocks:608: inode #15: block 3: comm syz.1.1280: lblock 3 mapped to illegal pblock 3 (length 1) [ 284.512216][ T9719] EXT4-fs error (device loop1): ext4_map_blocks:608: inode #15: block 3: comm syz.1.1280: lblock 3 mapped to illegal pblock 3 (length 1) [ 284.560052][ T9709] tipc: Resetting bearer [ 284.589392][ T9724] loop2: detected capacity change from 0 to 1024 [ 284.616386][ T9709] tipc: Disabling bearer [ 284.660781][ T9724] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 284.832812][ T5786] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 284.979315][ T9729] loop3: detected capacity change from 0 to 2048 [ 285.047371][ T9729] loop3: p1 < > p4 [ 285.062398][ T9729] loop3: p4 size 8388608 extends beyond EOD, truncated [ 285.416017][ T5791] udevd[5791]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory [ 285.453486][ T5799] udevd[5799]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory [ 285.829733][ T5785] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 285.978005][ T9741] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1302'. [ 286.078778][ T9741] team1: entered promiscuous mode [ 286.084022][ T9741] team1: entered allmulticast mode [ 286.821036][ T9746] random: crng reseeded on system resumption [ 286.899177][ T9748] tipc: Enabled bearer , priority 0 [ 287.365058][ T9745] tipc: Disabling bearer [ 287.545280][ T27] kauditd_printk_skb: 10 callbacks suppressed [ 287.545297][ T27] audit: type=1326 audit(1757790088.552:810): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9758 comm="syz.4.1300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8a258eba9 code=0x7ffc0000 [ 287.616357][ T27] audit: type=1326 audit(1757790088.582:811): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9758 comm="syz.4.1300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8a258eba9 code=0x7ffc0000 [ 287.620521][ T9761] loop2: detected capacity change from 0 to 164 [ 287.702088][ T27] audit: type=1326 audit(1757790088.582:812): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9758 comm="syz.4.1300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb8a258eba9 code=0x7ffc0000 [ 287.811218][ T9761] iso9660: Corrupted directory entry in block 4 of inode 1792 [ 287.821102][ T27] audit: type=1326 audit(1757790088.582:813): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9758 comm="syz.4.1300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8a258eba9 code=0x7ffc0000 [ 287.908218][ T27] audit: type=1326 audit(1757790088.582:814): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9758 comm="syz.4.1300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8a258eba9 code=0x7ffc0000 [ 288.006222][ T27] audit: type=1326 audit(1757790088.582:815): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9758 comm="syz.4.1300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb8a258eba9 code=0x7ffc0000 [ 288.119461][ T27] audit: type=1326 audit(1757790088.582:816): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9758 comm="syz.4.1300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8a258eba9 code=0x7ffc0000 [ 288.163151][ T27] audit: type=1326 audit(1757790088.592:817): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9758 comm="syz.4.1300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb8a258eba9 code=0x7ffc0000 [ 288.286661][ T27] audit: type=1326 audit(1757790088.592:818): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9758 comm="syz.4.1300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8a258eba9 code=0x7ffc0000 [ 288.435919][ T9774] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1306'. [ 288.532849][ T9774] team2: entered promiscuous mode [ 288.538003][ T9774] team2: entered allmulticast mode [ 289.351476][ T9782] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1309'. [ 289.367933][ T9782] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1309'. [ 289.653381][ T9785] tipc: Enabled bearer , priority 0 [ 289.664206][ T9785] tipc: Resetting bearer [ 289.689393][ T9784] tipc: Disabling bearer [ 289.761339][ T9791] random: crng reseeded on system resumption [ 289.979290][ T9796] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1314'. [ 290.011083][ T9796] netlink: 'syz.3.1314': attribute type 4 has an invalid length. [ 290.117913][ T5828] lo speed is unknown, defaulting to 1000 [ 290.732874][ T9806] loop2: detected capacity change from 0 to 128 [ 290.821328][ T9806] syz.2.1319: attempt to access beyond end of device [ 290.821328][ T9806] loop2: rw=2049, sector=145, nr_sectors = 89 limit=128 [ 291.209316][ T9810] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1321'. [ 291.261427][ T9810] IPVS: Error joining to the multicast group [ 291.472231][ T9816] tipc: Enabled bearer , priority 0 [ 291.499368][ T9816] tipc: Resetting bearer [ 291.531590][ T9815] tipc: Disabling bearer [ 291.817753][ T27] audit: type=1326 audit(1757790092.822:819): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9821 comm="syz.2.1327" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e0e38eba9 code=0x7ffc0000 [ 292.077541][ T9830] random: crng reseeded on system resumption [ 292.745426][ T9844] tipc: Enabling of bearer rejected, failed to enable media [ 293.436435][ T27] kauditd_printk_skb: 4 callbacks suppressed [ 293.436449][ T27] audit: type=1326 audit(1757790094.442:824): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9857 comm="syz.2.1341" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f5e0e38eba9 code=0x0 [ 293.552149][ T9860] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1340'. [ 293.650462][ T9860] team4: entered promiscuous mode [ 293.655672][ T9860] team4: entered allmulticast mode [ 294.532601][ T9869] loop4: detected capacity change from 0 to 512 [ 294.540099][ T9869] EXT4-fs: Ignoring removed mblk_io_submit option [ 294.560092][ T9869] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 294.602920][ T9869] EXT4-fs (loop4): 1 truncate cleaned up [ 294.613192][ T9869] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 294.645331][ T9871] tipc: Started in network mode [ 294.650371][ T9871] tipc: Node identity 1ebe0cfbd52b, cluster identity 4711 [ 294.688546][ T6311] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 294.701410][ T9876] random: crng reseeded on system resumption [ 294.727206][ T9871] tipc: Enabled bearer , priority 0 [ 295.086495][ T9887] loop2: detected capacity change from 0 to 512 [ 295.157462][ T9887] EXT4-fs error (device loop2): ext4_validate_block_bitmap:439: comm syz.2.1351: bg 0: block 248: padding at end of block bitmap is not set [ 295.213088][ T9887] Quota error (device loop2): write_blk: dquota write failed [ 295.222905][ T9870] tipc: Disabling bearer [ 295.228943][ T9887] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota [ 295.241752][ T9887] EXT4-fs error (device loop2): ext4_acquire_dquot:6940: comm syz.2.1351: Failed to acquire dquot type 1 [ 295.258062][ T9891] loop4: detected capacity change from 0 to 512 [ 295.270075][ T9887] EXT4-fs (loop2): 1 truncate cleaned up [ 295.277491][ T9891] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 295.287737][ T9887] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 295.287863][ T9887] ext4 filesystem being mounted at /348/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 295.408715][ T9891] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #16: comm syz.4.1352: invalid indirect mapped block 4294967295 (level 0) [ 295.434223][ T9894] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 295.483813][ T9891] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #16: comm syz.4.1352: invalid indirect mapped block 4294967295 (level 1) [ 295.515940][ T9891] EXT4-fs (loop4): 1 orphan inode deleted [ 295.530436][ T5786] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 295.539817][ T9891] EXT4-fs (loop4): 1 truncate cleaned up [ 295.542816][ T9897] netdevsim netdevsim3: Direct firmware load for x failed with error -2 [ 295.547144][ T9891] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 295.562735][ T9897] netdevsim netdevsim3: Falling back to sysfs fallback for: x [ 295.608170][ T9894] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 295.686971][ T54] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 295.706955][ T54] hid-generic 0000:0000:0000.0002: hidraw0: HID v0.00 Device [syz1] on syz0 [ 295.718872][ T6311] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 295.863728][ T9894] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 295.901922][ T27] audit: type=1326 audit(1757790096.905:825): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9901 comm="syz.4.1356" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb8a258eba9 code=0x0 [ 295.979996][ T9894] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 296.130089][ T9894] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 296.176661][ T9894] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 296.182941][ T9905] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 296.229895][ T9894] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 296.257333][ T9894] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 296.529372][ T9914] usb usb4: usbfs: interface 0 claimed by hub while '+}[@' sets config #0 [ 296.722140][ T9919] tipc: Enabling of bearer rejected, failed to enable media [ 296.795312][ T9923] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1363'. [ 296.810414][ T9927] random: crng reseeded on system resumption [ 297.312587][ T9940] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1368'. [ 297.323710][ T9940] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1368'. [ 297.738243][ T9946] loop1: detected capacity change from 0 to 2048 [ 297.815653][ T9946] Alternate GPT is invalid, using primary GPT. [ 297.834041][ T9946] loop1: p1 p2 p3 [ 297.993583][ T9953] loop3: detected capacity change from 0 to 1024 [ 298.004827][ T9953] EXT4-fs: Ignoring removed orlov option [ 298.013090][ T9953] EXT4-fs (loop3): VFS: Can't find ext4 filesystem [ 298.117542][ T9955] tipc: Enabling of bearer rejected, failed to enable media [ 298.319803][ T5803] udevd[5803]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory [ 298.345436][ T5799] udevd[5799]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory [ 298.377642][ T5791] udevd[5791]: inotify_add_watch(7, /dev/loop1p2, 10) failed: No such file or directory [ 298.890454][ T9975] netlink: 68 bytes leftover after parsing attributes in process `syz.3.1382'. [ 298.904345][ T9973] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1379'. [ 298.934211][ T9973] team3: entered promiscuous mode [ 298.939324][ T9973] team3: entered allmulticast mode [ 299.021841][ T9977] random: crng reseeded on system resumption [ 299.321857][ T9983] loop3: detected capacity change from 0 to 1024 [ 299.357083][ T9983] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 299.404642][ T9983] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1384'. [ 299.709616][ T5794] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 299.748967][ T9990] loop1: detected capacity change from 0 to 512 [ 299.790513][ T9990] EXT4-fs: Ignoring removed bh option [ 299.818608][ T9990] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem [ 299.846751][ T9990] EXT4-fs (loop1): 1 truncate cleaned up [ 299.863267][ T9990] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 300.068109][ T5785] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 300.273904][T10000] tipc: Enabling of bearer rejected, failed to enable media [ 301.024230][T10021] loop1: detected capacity change from 0 to 1024 [ 301.048796][T10018] loop3: detected capacity change from 0 to 512 [ 301.059926][T10018] EXT4-fs: Ignoring removed bh option [ 301.073545][T10018] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem [ 301.085692][T10021] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 301.129803][T10026] random: crng reseeded on system resumption [ 301.175038][T10018] EXT4-fs (loop3): 1 truncate cleaned up [ 301.205554][T10018] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 301.219185][ T27] audit: type=1800 audit(1757790102.215:826): pid=10021 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1396" name="file1" dev="loop1" ino=15 res=0 errno=0 [ 301.378294][ T5785] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 301.519011][ T5794] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 301.778216][T10037] tipc: Enabling of bearer rejected, failed to enable media [ 301.814657][ T27] audit: type=1326 audit(1757790102.815:827): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10034 comm="syz.1.1400" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe6b438eba9 code=0x7ffc0000 [ 301.901006][ T27] audit: type=1326 audit(1757790102.815:828): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10034 comm="syz.1.1400" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe6b438eba9 code=0x7ffc0000 [ 301.955916][ T27] audit: type=1326 audit(1757790102.835:829): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10034 comm="syz.1.1400" exe="/root/syz-executor" sig=0 arch=c000003e syscall=131 compat=0 ip=0x7fe6b438eba9 code=0x7ffc0000 [ 302.055629][ T27] audit: type=1326 audit(1757790102.835:830): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10034 comm="syz.1.1400" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe6b438eba9 code=0x7ffc0000 [ 302.137301][T10048] netlink: 256 bytes leftover after parsing attributes in process `syz.1.1403'. [ 302.249313][T10052] loop2: detected capacity change from 0 to 1764 [ 302.732680][T10061] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1407'. [ 302.765161][T10061] team1: entered promiscuous mode [ 302.770278][T10061] team1: entered allmulticast mode [ 302.833660][T10069] random: crng reseeded on system resumption [ 303.609360][T10074] tipc: Enabling of bearer rejected, failed to enable media [ 303.664101][ T27] audit: type=1326 audit(1757790104.655:831): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10075 comm="syz.3.1414" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2bf418eba9 code=0x7ffc0000 [ 303.739232][ T27] audit: type=1326 audit(1757790104.655:832): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10075 comm="syz.3.1414" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2bf418eba9 code=0x7ffc0000 [ 303.794875][ T27] audit: type=1326 audit(1757790104.665:833): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10075 comm="syz.3.1414" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2bf418eba9 code=0x7ffc0000 [ 303.801472][T10086] random: crng reseeded on system resumption [ 303.886404][ T27] audit: type=1326 audit(1757790104.695:834): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10075 comm="syz.3.1414" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2bf418eba9 code=0x7ffc0000 [ 304.011603][ T27] audit: type=1326 audit(1757790104.725:835): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10075 comm="syz.3.1414" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2bf418eba9 code=0x7ffc0000 [ 304.057111][T10092] ieee802154 phy0 wpan0: encryption failed: -22 [ 304.559056][T10102] IPv6: Can't replace route, no match found [ 304.937523][T10113] netlink: 68 bytes leftover after parsing attributes in process `syz.4.1426'. [ 305.290325][T10124] loop1: detected capacity change from 0 to 512 [ 305.315948][T10124] ext4: Unknown parameter 'subj_type' [ 305.375696][ T5799] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 305.470282][T10128] loop4: detected capacity change from 0 to 2048 [ 305.540275][T10128] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 305.862624][T10139] random: crng reseeded on system resumption [ 306.236043][ T6311] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 306.865914][T10160] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1439'. [ 306.896002][T10160] team5: entered promiscuous mode [ 306.901141][T10160] team5: entered allmulticast mode [ 307.872277][ T23] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 308.152985][T10174] loop2: detected capacity change from 0 to 512 [ 308.172449][ T23] usb 4-1: unable to get BOS descriptor or descriptor too short [ 308.187953][T10175] loop1: detected capacity change from 0 to 1024 [ 308.232270][ T23] usb 4-1: unable to read config index 0 descriptor/start: -71 [ 308.253691][T10175] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 308.304942][T10174] __quota_error: 35 callbacks suppressed [ 308.304962][T10174] Quota error (device loop2): v2_read_file_info: Free block number 1 out of range (1, 6). [ 308.328058][ T23] usb 4-1: can't read configurations, error -71 [ 308.346827][T10175] EXT4-fs (loop1): stripe (3) is not aligned with cluster size (16), stripe is disabled [ 308.357977][T10174] EXT4-fs warning (device loop2): ext4_enable_quotas:7175: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 308.385018][T10174] EXT4-fs (loop2): mount failed [ 308.402994][T10175] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 308.471856][T10175] EXT4-fs error (device loop1): ext4_xattr_inode_iget:440: inode #11: comm syz.1.1446: missing EA_INODE flag [ 308.496073][T10175] EXT4-fs (loop1): Remounting filesystem read-only [ 308.531563][T10183] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1448'. [ 308.562059][T10183] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1448'. [ 308.600004][ T5785] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 308.633573][T10185] tipc: Enabling of bearer rejected, failed to enable media [ 309.287050][T10200] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1453'. [ 309.533778][ C0] vcan0: j1939_tp_rxtimer: 0xffff88802e9e0400: rx timeout, send abort [ 310.293286][T10214] random: crng reseeded on system resumption [ 310.586440][T10226] tipc: Enabling of bearer rejected, failed to enable media [ 311.380631][T10252] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1475'. [ 311.405219][T10254] tipc: Enabling of bearer rejected, failed to enable media [ 311.491905][T10256] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1477'. [ 311.542764][T10256] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1477'. [ 311.603477][T10263] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1479'. [ 311.630589][T10266] loop3: detected capacity change from 0 to 1024 [ 311.671625][T10266] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 311.738937][T10266] EXT4-fs error (device loop3): ext4_map_blocks:718: inode #3: block 1: comm syz.3.1477: lblock 1 mapped to illegal pblock 1 (length 1) [ 311.786094][T10266] Quota error (device loop3): write_blk: dquota write failed [ 311.808263][T10266] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota [ 311.834867][T10266] EXT4-fs error (device loop3): ext4_acquire_dquot:6940: comm syz.3.1477: Failed to acquire dquot type 0 [ 311.876531][T10273] random: crng reseeded on system resumption [ 311.895063][T10266] EXT4-fs error (device loop3): ext4_free_blocks:6676: comm syz.3.1477: Freeing blocks not in datazone - block = 0, count = 4096 [ 311.965176][T10266] EXT4-fs error (device loop3): ext4_read_inode_bitmap:140: comm syz.3.1477: Invalid inode bitmap blk 0 in block_group 0 [ 311.991265][ T48] EXT4-fs error (device loop3): ext4_map_blocks:608: inode #3: block 1: comm kworker/u4:3: lblock 1 mapped to illegal pblock 1 (length 1) [ 312.019296][T10266] EXT4-fs error (device loop3) in ext4_free_inode:363: Corrupt filesystem [ 312.023115][ T48] Quota error (device loop3): remove_tree: Can't read quota data block 1 [ 312.047748][ T48] EXT4-fs error (device loop3): ext4_release_dquot:6976: comm kworker/u4:3: Failed to release dquot type 0 [ 312.065744][T10266] EXT4-fs (loop3): 1 orphan inode deleted [ 312.081281][T10266] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 312.119824][ T27] audit: type=1326 audit(1757790113.115:871): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10255 comm="syz.3.1477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2bf418eba9 code=0x7ffc0000 [ 312.167844][T10256] netlink: 76 bytes leftover after parsing attributes in process `syz.3.1477'. [ 312.185743][ T27] audit: type=1326 audit(1757790113.145:872): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10255 comm="syz.3.1477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2bf418eba9 code=0x7ffc0000 [ 312.240986][ T27] audit: type=1326 audit(1757790113.155:873): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10255 comm="syz.3.1477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2bf418eba9 code=0x7ffc0000 [ 312.290980][ T27] audit: type=1326 audit(1757790113.155:874): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10255 comm="syz.3.1477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f2bf418eba9 code=0x7ffc0000 [ 312.313815][ T27] audit: type=1326 audit(1757790113.155:875): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10255 comm="syz.3.1477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2bf418eba9 code=0x7ffc0000 [ 312.339034][ T27] audit: type=1326 audit(1757790113.155:876): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10255 comm="syz.3.1477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2bf418eba9 code=0x7ffc0000 [ 312.725949][T10286] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1485'. [ 312.755840][T10286] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1485'. [ 312.837854][T10286] loop1: detected capacity change from 0 to 512 [ 312.916852][T10286] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 312.945099][T10286] ext4 filesystem being mounted at /368/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 312.963220][ T5794] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 313.016846][T10294] tipc: Enabling of bearer rejected, failed to enable media [ 313.237055][T10304] netlink: 'syz.3.1488': attribute type 2 has an invalid length. [ 313.605373][T10314] random: crng reseeded on system resumption [ 313.648018][T10316] loop2: detected capacity change from 0 to 164 [ 313.702155][ T5785] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 313.743026][T10316] syz.2.1494: attempt to access beyond end of device [ 313.743026][T10316] loop2: rw=524288, sector=263328, nr_sectors = 4 limit=164 [ 313.777678][T10316] syz.2.1494: attempt to access beyond end of device [ 313.777678][T10316] loop2: rw=0, sector=263328, nr_sectors = 4 limit=164 [ 314.223025][T10322] __nla_validate_parse: 1 callbacks suppressed [ 314.223041][T10322] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1495'. [ 314.258312][T10322] team4: entered promiscuous mode [ 314.263624][T10322] team4: entered allmulticast mode [ 314.660243][T10333] tipc: Enabling of bearer rejected, failed to enable media [ 315.219011][T10346] lo speed is unknown, defaulting to 1000 [ 315.227831][T10346] lo speed is unknown, defaulting to 1000 [ 315.397399][ T27] kauditd_printk_skb: 48 callbacks suppressed [ 315.397416][ T27] audit: type=1326 audit(1757790116.395:925): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10352 comm="syz.1.1506" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe6b438eba9 code=0x7ffc0000 [ 315.484488][ T27] audit: type=1326 audit(1757790116.425:926): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10352 comm="syz.1.1506" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe6b438eba9 code=0x7ffc0000 [ 315.577911][ T27] audit: type=1326 audit(1757790116.445:927): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10352 comm="syz.1.1506" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe6b438eba9 code=0x7ffc0000 [ 315.581260][T10346] lo speed is unknown, defaulting to 1000 [ 315.631364][ T27] audit: type=1326 audit(1757790116.445:928): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10352 comm="syz.1.1506" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe6b438eba9 code=0x7ffc0000 [ 315.656477][ T27] audit: type=1326 audit(1757790116.445:929): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10352 comm="syz.1.1506" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe6b438eba9 code=0x7ffc0000 [ 315.685657][ T27] audit: type=1326 audit(1757790116.445:930): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10352 comm="syz.1.1506" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe6b438eba9 code=0x7ffc0000 [ 315.792327][ T27] audit: type=1326 audit(1757790116.455:931): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10352 comm="syz.1.1506" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe6b438eba9 code=0x7ffc0000 [ 315.801019][T10361] random: crng reseeded on system resumption [ 315.815773][ T27] audit: type=1326 audit(1757790116.455:932): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10352 comm="syz.1.1506" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe6b438eba9 code=0x7ffc0000 [ 315.844564][ T27] audit: type=1326 audit(1757790116.515:933): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10352 comm="syz.1.1506" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe6b438eba9 code=0x7ffc0000 [ 315.868569][ T27] audit: type=1326 audit(1757790116.515:934): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10352 comm="syz.1.1506" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe6b438eba9 code=0x7ffc0000 [ 315.959127][T10360] ALSA: seq fatal error: cannot create timer (-22) [ 316.377915][T10376] tipc: Enabling of bearer rejected, failed to enable media [ 316.977964][T10390] tipc: Enabling of bearer rejected, failed to enable media [ 317.396231][ T1288] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.402914][ T5841] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 317.631443][ T5841] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 317.655561][ T5841] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 317.675689][T10409] random: crng reseeded on system resumption [ 317.681216][ T5841] usb 2-1: Product: syz [ 317.686293][ T5841] usb 2-1: Manufacturer: syz [ 317.696418][ T5841] usb 2-1: SerialNumber: syz [ 317.749781][T10410] tipc: Enabled bearer , priority 0 [ 317.777288][ T5841] usb 2-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 317.893019][ T5937] usb 2-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 318.099784][T10408] tipc: Disabling bearer [ 318.148840][ T5792] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 318.185810][ T5792] hid-generic 0000:0000:0000.0003: hidraw0: HID v0.00 Device [syz1] on syz0 [ 318.860025][ T23] usb 2-1: USB disconnect, device number 2 [ 319.008052][ T5937] ath9k_htc 2-1:1.0: ath9k_htc: Target is unresponsive [ 319.020733][ T5937] ath9k_htc: Failed to initialize the device [ 319.034579][ T23] usb 2-1: ath9k_htc: USB layer deinitialized [ 319.203700][T10434] tipc: Enabled bearer , priority 0 [ 319.219102][T10434] tipc: Resetting bearer [ 319.233080][T10433] tipc: Disabling bearer [ 319.557146][T10444] random: crng reseeded on system resumption [ 319.565519][T10442] tipc: New replicast peer: 255.255.255.83 [ 319.591400][T10442] tipc: Enabled bearer , priority 10 [ 320.552424][T10460] syzkaller0: entered promiscuous mode [ 320.571098][T10460] syzkaller0: entered allmulticast mode [ 320.713006][ T5792] tipc: Node number set to 3092647879 [ 321.052261][ T27] kauditd_printk_skb: 55 callbacks suppressed [ 321.052277][ T27] audit: type=1326 audit(1757790122.055:990): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10466 comm="syz.2.1549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e0e38eba9 code=0x7ffc0000 [ 321.150495][ T27] audit: type=1326 audit(1757790122.085:991): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10466 comm="syz.2.1549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e0e38eba9 code=0x7ffc0000 [ 321.221906][ T27] audit: type=1326 audit(1757790122.105:992): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10466 comm="syz.2.1549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5e0e38eba9 code=0x7ffc0000 [ 321.351406][T10474] netlink: 'syz.2.1552': attribute type 1 has an invalid length. [ 321.370090][T10474] netlink: 224 bytes leftover after parsing attributes in process `syz.2.1552'. [ 321.440534][ T27] audit: type=1326 audit(1757790122.105:993): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10466 comm="syz.2.1549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e0e38eba9 code=0x7ffc0000 [ 321.502255][ T27] audit: type=1326 audit(1757790122.105:994): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10466 comm="syz.2.1549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e0e38eba9 code=0x7ffc0000 [ 321.527269][ T27] audit: type=1326 audit(1757790122.105:995): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10466 comm="syz.2.1549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5e0e38eba9 code=0x7ffc0000 [ 321.569678][ T27] audit: type=1326 audit(1757790122.105:996): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10466 comm="syz.2.1549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e0e38eba9 code=0x7ffc0000 [ 321.600225][ T27] audit: type=1326 audit(1757790122.105:997): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10466 comm="syz.2.1549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5e0e38eba9 code=0x7ffc0000 [ 321.668600][ T27] audit: type=1326 audit(1757790122.105:998): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10466 comm="syz.2.1549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e0e38eba9 code=0x7ffc0000 [ 321.705756][T10481] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1551'. [ 321.738967][ T27] audit: type=1326 audit(1757790122.115:999): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10466 comm="syz.2.1549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5e0e38eba9 code=0x7ffc0000 [ 321.838663][T10484] random: crng reseeded on system resumption [ 321.918989][T10481] team2: entered promiscuous mode [ 321.965586][T10481] team2: entered allmulticast mode [ 324.473615][T10531] random: crng reseeded on system resumption [ 325.419994][T10542] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1570'. [ 325.479638][T10542] team3: entered promiscuous mode [ 325.489969][T10542] team3: entered allmulticast mode [ 325.495939][T10544] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1571'. [ 325.854737][T10550] loop2: detected capacity change from 0 to 1024 [ 325.863384][T10550] EXT4-fs: Ignoring removed nobh option [ 326.158687][T10550] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 326.815003][ T5786] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 327.373937][ T27] kauditd_printk_skb: 62 callbacks suppressed [ 327.373977][ T27] audit: type=1326 audit(1757790128.245:1062): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10564 comm="syz.2.1576" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e0e38eba9 code=0x7ffc0000 [ 327.870545][ T27] audit: type=1326 audit(1757790128.255:1063): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10564 comm="syz.2.1576" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e0e38eba9 code=0x7ffc0000 [ 327.997552][ T27] audit: type=1326 audit(1757790128.275:1064): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10564 comm="syz.2.1576" exe="/root/syz-executor" sig=0 arch=c000003e syscall=282 compat=0 ip=0x7f5e0e38eba9 code=0x7ffc0000 [ 328.031101][ T27] audit: type=1326 audit(1757790128.275:1065): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10564 comm="syz.2.1576" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e0e38eba9 code=0x7ffc0000 [ 328.104233][ T27] audit: type=1326 audit(1757790128.275:1066): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10564 comm="syz.2.1576" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e0e38eba9 code=0x7ffc0000 [ 328.171077][ T27] audit: type=1326 audit(1757790128.375:1067): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10564 comm="syz.2.1576" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5e0e38eba9 code=0x7ffc0000 [ 328.230992][ T27] audit: type=1326 audit(1757790128.415:1068): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10564 comm="syz.2.1576" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e0e38eba9 code=0x7ffc0000 [ 328.311028][ T27] audit: type=1326 audit(1757790128.415:1069): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10564 comm="syz.2.1576" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e0e38eba9 code=0x7ffc0000 [ 328.375863][T10581] random: crng reseeded on system resumption [ 328.381932][T10574] lo speed is unknown, defaulting to 1000 [ 328.416403][T10574] lo speed is unknown, defaulting to 1000 [ 328.423219][ T27] audit: type=1326 audit(1757790128.445:1070): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10564 comm="syz.2.1576" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5e0e38eba9 code=0x7ffc0000 [ 328.501052][ T27] audit: type=1326 audit(1757790128.475:1071): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10564 comm="syz.2.1576" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e0e38eba9 code=0x7ffc0000 [ 328.529889][T10583] openvswitch: netlink: Flow actions attr not present in new flow. [ 329.389940][T10594] tipc: Enabled bearer , priority 0 [ 329.417430][T10594] syzkaller0: entered promiscuous mode [ 329.431055][T10594] syzkaller0: entered allmulticast mode [ 329.479985][T10594] tipc: Resetting bearer [ 329.517427][T10593] tipc: Resetting bearer [ 329.627950][T10593] tipc: Disabling bearer [ 329.647685][T10574] lo speed is unknown, defaulting to 1000 [ 331.022678][T10621] random: crng reseeded on system resumption [ 331.047708][T10620] loop2: detected capacity change from 0 to 2048 [ 331.168954][T10620] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 331.201480][T10620] ext4 filesystem being mounted at /415/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 331.306905][T10620] EXT4-fs error (device loop2): __ext4_new_inode:1075: comm syz.2.1598: reserved inode found cleared - inode=1 [ 331.326462][T10627] program syz.1.1599 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 331.455734][ T5786] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 331.873128][T10635] loop2: detected capacity change from 0 to 1024 [ 331.886493][T10635] EXT4-fs: Ignoring removed bh option [ 332.103004][T10635] EXT4-fs (loop2): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 332.482521][T10635] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 332.642531][ T27] kauditd_printk_skb: 20 callbacks suppressed [ 332.642549][ T27] audit: type=1804 audit(1757790133.635:1092): pid=10635 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.1602" name="/newroot/417/file1/bus" dev="loop2" ino=18 res=1 errno=0 [ 332.836061][T10646] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1604'. [ 332.836386][ T5786] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 332.872338][T10646] netlink: 'syz.3.1604': attribute type 39 has an invalid length. [ 333.157868][T10654] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1610'. [ 333.180556][ T27] audit: type=1326 audit(1757790134.175:1093): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10655 comm="syz.1.1611" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe6b438eba9 code=0x7ffc0000 [ 333.240927][ T27] audit: type=1326 audit(1757790134.175:1094): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10655 comm="syz.1.1611" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe6b438eba9 code=0x7ffc0000 [ 333.289722][ T27] audit: type=1326 audit(1757790134.175:1095): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10655 comm="syz.1.1611" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe6b438eba9 code=0x7ffc0000 [ 333.356730][ T27] audit: type=1326 audit(1757790134.205:1096): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10655 comm="syz.1.1611" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe6b438eba9 code=0x7ffc0000 [ 333.407831][ T27] audit: type=1326 audit(1757790134.215:1097): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10655 comm="syz.1.1611" exe="/root/syz-executor" sig=0 arch=c000003e syscall=75 compat=0 ip=0x7fe6b438eba9 code=0x7ffc0000 [ 333.435171][ T27] audit: type=1326 audit(1757790134.215:1098): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10655 comm="syz.1.1611" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe6b438eba9 code=0x7ffc0000 [ 334.017813][T10682] tipc: Enabling of bearer rejected, failed to enable media [ 334.088127][T10684] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1623'. [ 334.223373][T10674] loop1: detected capacity change from 0 to 1024 [ 334.269317][T10674] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 334.283979][T10674] ext4 filesystem being mounted at /398/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 334.305289][T10664] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 334.305885][T10674] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 334.317047][T10664] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 334.327770][T10664] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 334.370619][T10674] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 334.477942][T10674] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 334.580173][T10674] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 334.782386][T10674] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 334.822118][T10674] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 334.871921][T10674] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 334.911481][T10674] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 335.125515][ T5785] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 335.275415][T10698] netdevsim netdevsim4: loading /lib/firmware/. failed with error -22 [ 335.285758][T10698] netdevsim netdevsim4: Direct firmware load for . failed with error -22 [ 335.294964][T10698] netdevsim netdevsim4: Falling back to sysfs fallback for: . [ 335.322045][T10704] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1627'. [ 335.340572][T10704] syz.4.1627: attempt to access beyond end of device [ 335.340572][T10704] md0: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 335.357832][T10706] loop1: detected capacity change from 0 to 1024 [ 335.397336][T10706] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 335.551010][ T50] Bluetooth: hci1: command 0x0c1a tx timeout [ 335.662279][ T5785] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 335.672902][T10695] syz.3.1626: vmalloc error: size 1075838976, failed to allocated page array size 2101248, mode:0x400dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=syz3,mems_allowed=0-1 [ 335.696334][T10695] CPU: 1 PID: 10695 Comm: syz.3.1626 Not tainted syzkaller #0 [ 335.703873][T10695] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 335.714070][T10695] Call Trace: [ 335.717391][T10695] [ 335.720390][T10695] dump_stack_lvl+0x16c/0x230 [ 335.725093][T10695] ? show_regs_print_info+0x20/0x20 [ 335.730479][T10695] ? load_image+0x3b0/0x3b0 [ 335.735034][T10695] ? cpuset_print_current_mems_allowed+0x1f/0x360 [ 335.741467][T10695] ? cpuset_print_current_mems_allowed+0x2e3/0x360 [ 335.748081][T10695] warn_alloc+0x210/0x300 [ 335.752436][T10695] ? zone_watermark_ok_safe+0x230/0x230 [ 335.758006][T10695] ? _raw_spin_unlock+0x28/0x40 [ 335.762869][T10695] ? __kasan_kmalloc+0x8f/0xa0 [ 335.767647][T10695] __vmalloc_node_range+0x662/0x1320 [ 335.772951][T10695] ? __asan_memset+0x22/0x40 [ 335.777781][T10695] ? free_vm_area+0x50/0x50 [ 335.782474][T10695] ? kvmalloc_node+0x70/0x180 [ 335.787252][T10695] ? rcu_is_watching+0x15/0xb0 [ 335.792032][T10695] ? kvmalloc_node+0x70/0x180 [ 335.796819][T10695] ? trace_kmalloc+0x1f/0xa0 [ 335.801445][T10695] kvmalloc_node+0x13f/0x180 [ 335.806045][T10695] ? hash_netiface_create+0x361/0xff0 [ 335.811539][T10695] hash_netiface_create+0x361/0xff0 [ 335.816760][T10695] ? __lock_acquire+0x7c80/0x7c80 [ 335.821824][T10695] ? __nla_parse+0x40/0x50 [ 335.826277][T10695] ? hash_netport6_gc+0x570/0x570 [ 335.831323][T10695] ip_set_create+0xa87/0x18e0 [ 335.836020][T10695] ? ip_set_create+0x4b2/0x18e0 [ 335.840918][T10695] ? ip_set_protocol+0x5d0/0x5d0 [ 335.845906][T10695] ? trace_contention_end+0x39/0xe0 [ 335.851174][T10695] nfnetlink_rcv_msg+0xb49/0x1130 [ 335.856251][T10695] ? entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 335.862340][T10695] ? nfnetlink_rcv_msg+0x20e/0x1130 [ 335.867567][T10695] ? nfnetlink_unbind+0x160/0x160 [ 335.872628][T10695] ? __dev_queue_xmit+0x1a64/0x35a0 [ 335.877833][T10695] ? __netlink_deliver_tap+0x5ab/0x830 [ 335.883303][T10695] ? netlink_deliver_tap+0x19c/0x1b0 [ 335.888597][T10695] ? netlink_unicast+0x72c/0x8d0 [ 335.893551][T10695] ? netlink_sendmsg+0x8c1/0xbe0 [ 335.898497][T10695] ? ____sys_sendmsg+0x5bf/0x950 [ 335.903454][T10695] ? ___sys_sendmsg+0x220/0x290 [ 335.908322][T10695] ? __se_sys_sendmsg+0x1a5/0x270 [ 335.913364][T10695] ? do_syscall_64+0x55/0xb0 [ 335.917982][T10695] netlink_rcv_skb+0x216/0x480 [ 335.922764][T10695] ? nfnetlink_unbind+0x160/0x160 [ 335.927803][T10695] ? netlink_ack+0x1110/0x1110 [ 335.932594][T10695] ? apparmor_capable+0x137/0x1a0 [ 335.937640][T10695] ? bpf_lsm_capable+0x9/0x10 [ 335.942416][T10695] ? security_capable+0x89/0xb0 [ 335.947284][T10695] nfnetlink_rcv+0x274/0x2180 [ 335.951981][T10695] ? __local_bh_enable_ip+0x12e/0x1c0 [ 335.957372][T10695] ? lockdep_hardirqs_on+0x98/0x150 [ 335.962598][T10695] ? __local_bh_enable_ip+0x12e/0x1c0 [ 335.967979][T10695] ? _local_bh_enable+0xa0/0xa0 [ 335.972928][T10695] ? __dev_queue_xmit+0x245/0x35a0 [ 335.978057][T10695] ? nfnetlink_net_exit_batch+0xa0/0xa0 [ 335.983633][T10695] ? __dev_queue_xmit+0x245/0x35a0 [ 335.988764][T10695] ? ref_tracker_free+0x634/0x7d0 [ 335.993804][T10695] ? __copy_skb_header+0xa7/0x550 [ 335.998842][T10695] ? refcount_inc+0x70/0x70 [ 336.003354][T10695] ? __skb_clone+0x63/0x790 [ 336.007960][T10695] ? __skb_clone+0x480/0x790 [ 336.012579][T10695] ? __netlink_deliver_tap+0x7e8/0x830 [ 336.018048][T10695] ? netlink_deliver_tap+0x2e/0x1b0 [ 336.023266][T10695] ? __lock_acquire+0x7c80/0x7c80 [ 336.028322][T10695] ? netlink_deliver_tap+0x2e/0x1b0 [ 336.033541][T10695] netlink_unicast+0x751/0x8d0 [ 336.038325][T10695] netlink_sendmsg+0x8c1/0xbe0 [ 336.043185][T10695] ? netlink_getsockopt+0x580/0x580 [ 336.048399][T10695] ? aa_sock_msg_perm+0x94/0x150 [ 336.053406][T10695] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 336.058703][T10695] ? security_socket_sendmsg+0x80/0xa0 [ 336.064262][T10695] ? netlink_getsockopt+0x580/0x580 [ 336.069475][T10695] ____sys_sendmsg+0x5bf/0x950 [ 336.074351][T10695] ? __asan_memset+0x22/0x40 [ 336.078986][T10695] ? __sys_sendmsg_sock+0x30/0x30 [ 336.084021][T10695] ? __import_iovec+0x5f2/0x860 [ 336.088920][T10695] ? import_iovec+0x73/0xa0 [ 336.093460][T10695] ___sys_sendmsg+0x220/0x290 [ 336.098174][T10695] ? __sys_sendmsg+0x270/0x270 [ 336.103007][T10695] __se_sys_sendmsg+0x1a5/0x270 [ 336.107882][T10695] ? __x64_sys_sendmsg+0x80/0x80 [ 336.112849][T10695] ? lockdep_hardirqs_on+0x98/0x150 [ 336.118065][T10695] do_syscall_64+0x55/0xb0 [ 336.122493][T10695] ? clear_bhb_loop+0x40/0x90 [ 336.127181][T10695] ? clear_bhb_loop+0x40/0x90 [ 336.131878][T10695] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 336.137792][T10695] RIP: 0033:0x7f2bf418eba9 [ 336.142250][T10695] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 336.161959][T10695] RSP: 002b:00007f2bf5097038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 336.170389][T10695] RAX: ffffffffffffffda RBX: 00007f2bf43d5fa0 RCX: 00007f2bf418eba9 [ 336.178373][T10695] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000003 [ 336.186438][T10695] RBP: 00007f2bf4211e19 R08: 0000000000000000 R09: 0000000000000000 [ 336.194419][T10695] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 336.202405][T10695] R13: 00007f2bf43d6038 R14: 00007f2bf43d5fa0 R15: 00007ffe1eab9d08 [ 336.210399][T10695] [ 336.226760][T10695] Mem-Info: [ 336.230399][T10695] active_anon:25340 inactive_anon:0 isolated_anon:0 [ 336.230399][T10695] active_file:14437 inactive_file:40356 isolated_file:0 [ 336.230399][T10695] unevictable:779 dirty:64 writeback:0 [ 336.230399][T10695] slab_reclaimable:10523 slab_unreclaimable:95573 [ 336.230399][T10695] mapped:24600 shmem:20652 pagetables:680 [ 336.230399][T10695] sec_pagetables:0 bounce:0 [ 336.230399][T10695] kernel_misc_reclaimable:0 [ 336.230399][T10695] free:1292765 free_pcp:9128 free_cma:0 [ 336.280752][T10695] Node 0 active_anon:99828kB inactive_anon:0kB active_file:57748kB inactive_file:161164kB unevictable:1580kB isolated(anon):0kB isolated(file):0kB mapped:98452kB dirty:160kB writeback:80kB shmem:79472kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11940kB pagetables:2748kB sec_pagetables:0kB all_unreclaimable? no [ 336.315568][T10695] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no [ 336.348330][T10695] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 336.376369][ T50] Bluetooth: hci2: command 0x0c1a tx timeout [ 336.382646][ T50] Bluetooth: hci3: command 0x0c1a tx timeout [ 336.392850][T10695] lowmem_reserve[]: 0 2525 2526 2526 2526 [ 336.398755][T10695] Node 0 DMA32 free:1265220kB boost:0kB min:34676kB low:43344kB high:52012kB reserved_highatomic:0KB active_anon:96300kB inactive_anon:0kB active_file:57748kB inactive_file:159864kB unevictable:1536kB writepending:252kB present:3129332kB managed:2589592kB mlocked:0kB bounce:0kB free_pcp:20372kB local_pcp:6516kB free_cma:0kB [ 336.429748][T10695] lowmem_reserve[]: 0 0 1 1 1 [ 336.436048][T10695] Node 0 Normal free:16kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB active_anon:44kB inactive_anon:0kB active_file:0kB inactive_file:1316kB unevictable:0kB writepending:0kB present:1048576kB managed:1384kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:0kB free_cma:0kB [ 336.463788][T10695] lowmem_reserve[]: 0 0 0 0 0 [ 336.469102][T10695] Node 1 Normal free:3890464kB boost:0kB min:55208kB low:69008kB high:82808kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB writepending:4kB present:4194304kB managed:4117312kB mlocked:0kB bounce:0kB free_pcp:21496kB local_pcp:12832kB free_cma:0kB [ 336.521087][T10695] lowmem_reserve[]: 0 0 0 0 0 [ 336.525915][T10695] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 336.556984][T10695] Node 0 DMA32: 7*4kB (E) 23*8kB (E) 63*16kB (ME) 112*32kB (UME) 50*64kB (ME) 30*128kB (ME) 8*256kB (ME) 2*512kB (UM) 1*1024kB (U) 2*2048kB (UE) 304*4096kB (M) = 1265220kB [ 336.597950][T10695] Node 0 Normal: 0*4kB 0*8kB 1*16kB (M) 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 16kB [ 336.610601][T10695] Node 1 Normal: 186*4kB (UME) 61*8kB (UME) 39*16kB (UME) 121*32kB (UME) 33*64kB (UE) 9*128kB (UME) 2*256kB (UE) 2*512kB (ME) 1*1024kB (U) 2*2048kB (UE) 946*4096kB (M) = 3890464kB [ 336.691217][T10695] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 336.766271][T10695] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB [ 336.788249][T10695] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 336.806439][T10715] tipc: Enabled bearer , priority 0 [ 336.821982][T10715] syzkaller0: entered promiscuous mode [ 336.830176][T10715] syzkaller0: entered allmulticast mode [ 336.836364][T10695] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 336.846227][T10695] 75405 total pagecache pages [ 336.851106][T10695] 0 pages in swap cache [ 336.859458][T10718] serio: Serial port ptm0 [ 336.863708][T10711] lo speed is unknown, defaulting to 1000 [ 336.873014][T10711] lo speed is unknown, defaulting to 1000 [ 336.890073][T10715] tipc: Resetting bearer [ 336.907463][T10714] tipc: Resetting bearer [ 336.918169][T10695] Free swap = 124436kB [ 336.929273][T10695] Total swap = 124996kB [ 336.946063][T10695] 2097051 pages RAM [ 336.962634][T10695] 0 pages HighMem/MovableOnly [ 336.989187][T10695] 416139 pages reserved [ 337.008880][T10695] 0 pages cma reserved [ 337.025103][T10714] tipc: Disabling bearer [ 337.113856][T10711] lo speed is unknown, defaulting to 1000 [ 337.191179][T10721] tipc: Enabling of bearer rejected, failed to enable media [ 337.517568][ T27] audit: type=1326 audit(1757790138.505:1099): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10728 comm="syz.4.1639" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8a258eba9 code=0x7ffc0000 [ 337.585580][ T27] audit: type=1326 audit(1757790138.505:1100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10728 comm="syz.4.1639" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8a258eba9 code=0x7ffc0000 [ 337.617041][T10732] loop2: detected capacity change from 0 to 1024 [ 337.634489][T10732] EXT4-fs: inline encryption not supported [ 337.640471][T10732] EXT4-fs: Ignoring removed i_version option [ 337.648576][ T27] audit: type=1326 audit(1757790138.515:1101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10728 comm="syz.4.1639" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb8a258eba9 code=0x7ffc0000 [ 337.675285][T10732] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 337.720238][ T27] audit: type=1326 audit(1757790138.515:1102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10728 comm="syz.4.1639" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8a258eba9 code=0x7ffc0000 [ 337.782030][T10732] EXT4-fs error (device loop2): ext4_map_blocks:608: inode #3: block 2: comm syz.2.1640: lblock 2 mapped to illegal pblock 2 (length 1) [ 337.810963][ T27] audit: type=1326 audit(1757790138.515:1103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10728 comm="syz.4.1639" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8a258eba9 code=0x7ffc0000 [ 337.834719][ T27] audit: type=1326 audit(1757790138.515:1104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10728 comm="syz.4.1639" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb8a258eba9 code=0x7ffc0000 [ 337.858364][ T27] audit: type=1326 audit(1757790138.515:1105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10728 comm="syz.4.1639" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8a258eba9 code=0x7ffc0000 [ 337.871005][T10732] Quota error (device loop2): qtree_write_dquot: dquota write failed [ 337.886254][ T27] audit: type=1326 audit(1757790138.515:1106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10728 comm="syz.4.1639" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8a258eba9 code=0x7ffc0000 [ 337.917002][ T27] audit: type=1326 audit(1757790138.515:1107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10728 comm="syz.4.1639" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb8a258eba9 code=0x7ffc0000 [ 337.949932][T10732] EXT4-fs error (device loop2): ext4_map_blocks:608: inode #3: block 48: comm syz.2.1640: lblock 0 mapped to illegal pblock 48 (length 1) [ 337.971021][ T27] audit: type=1326 audit(1757790138.515:1108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10728 comm="syz.4.1639" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8a258eba9 code=0x7ffc0000 [ 337.995513][T10738] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1641'. [ 338.016644][ T27] audit: type=1326 audit(1757790138.515:1109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10728 comm="syz.4.1639" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8a258eba9 code=0x7ffc0000 [ 338.044612][T10732] Quota error (device loop2): v2_write_file_info: Can't write info structure [ 338.055724][T10732] EXT4-fs error (device loop2): ext4_acquire_dquot:6940: comm syz.2.1640: Failed to acquire dquot type 0 [ 338.068453][T10732] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5902: Corrupt filesystem [ 338.485369][T10732] EXT4-fs error (device loop2): ext4_evict_inode:252: inode #11: comm syz.2.1640: mark_inode_dirty error [ 338.521032][T10732] EXT4-fs warning (device loop2): ext4_evict_inode:255: couldn't mark inode dirty (err -117) [ 338.531962][T10732] EXT4-fs (loop2): 1 orphan inode deleted [ 338.539214][T10732] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 338.556050][ T3485] EXT4-fs error (device loop2): ext4_map_blocks:608: inode #3: block 1: comm kworker/u4:11: lblock 1 mapped to illegal pblock 1 (length 1) [ 338.578640][ T3485] EXT4-fs error (device loop2): ext4_release_dquot:6976: comm kworker/u4:11: Failed to release dquot type 0 [ 338.725122][ T5786] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 338.746611][ T5786] EXT4-fs error (device loop2): __ext4_get_inode_loc:4483: comm syz-executor: Invalid inode table block 1 in block_group 0 [ 338.777385][ T5786] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5902: Corrupt filesystem [ 338.813473][ T5786] EXT4-fs error (device loop2): ext4_quota_off:7224: inode #3: comm syz-executor: mark_inode_dirty error [ 339.569514][T10760] loop1: detected capacity change from 0 to 512 [ 339.606552][T10760] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 339.628665][T10760] ext4 filesystem being mounted at /406/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 339.969465][T10770] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1653'. [ 339.993145][T10770] netlink: 'syz.2.1653': attribute type 39 has an invalid length. [ 340.144768][ T5785] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 340.338763][T10774] netlink: 132 bytes leftover after parsing attributes in process `syz.4.1656'. [ 340.384011][T10779] syz.2.1657[10779] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 340.384157][T10779] syz.2.1657[10779] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 341.502129][T10794] : renamed from bond0 (while UP) [ 342.084142][T10818] loop1: detected capacity change from 0 to 1024 [ 342.143626][T10818] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 342.413617][T10824] lo speed is unknown, defaulting to 1000 [ 342.433126][T10824] lo speed is unknown, defaulting to 1000 [ 342.581746][ T5785] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 343.118854][T10824] lo speed is unknown, defaulting to 1000 [ 343.310509][T10832] lo speed is unknown, defaulting to 1000 [ 343.318573][T10832] lo speed is unknown, defaulting to 1000 [ 343.481089][T10832] lo speed is unknown, defaulting to 1000 [ 344.252924][T10848] loop1: detected capacity change from 0 to 512 [ 344.319823][T10848] EXT4-fs error (device loop1): ext4_orphan_get:1399: inode #15: comm syz.1.1682: casefold flag without casefold feature [ 344.440974][T10848] EXT4-fs error (device loop1): ext4_orphan_get:1404: comm syz.1.1682: couldn't read orphan inode 15 (err -117) [ 344.528713][T10848] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 344.631896][T10851] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1683'. [ 344.672565][ T5785] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 345.035173][ T27] kauditd_printk_skb: 104 callbacks suppressed [ 345.035192][ T27] audit: type=1326 audit(1757790146.035:1213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10846 comm="syz.3.1681" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f2bf418eba9 code=0x0 [ 345.969169][ T27] audit: type=1326 audit(1757790146.965:1214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10870 comm="syz.1.1692" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe6b438eba9 code=0x7ffc0000 [ 346.031130][ T27] audit: type=1326 audit(1757790146.965:1215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10870 comm="syz.1.1692" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe6b438eba9 code=0x7ffc0000 [ 346.111191][ T27] audit: type=1326 audit(1757790146.975:1216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10870 comm="syz.1.1692" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe6b438eba9 code=0x7ffc0000 [ 346.187476][ T27] audit: type=1326 audit(1757790146.975:1217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10870 comm="syz.1.1692" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe6b438eba9 code=0x7ffc0000 [ 346.264905][ T27] audit: type=1326 audit(1757790146.975:1218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10870 comm="syz.1.1692" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe6b438eba9 code=0x7ffc0000 [ 346.341483][T10880] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1685'. [ 346.371840][T10880] team4: entered promiscuous mode [ 346.376939][T10880] team4: entered allmulticast mode [ 346.556743][ T27] audit: type=1326 audit(1757790146.975:1219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10870 comm="syz.1.1692" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe6b438eba9 code=0x7ffc0000 [ 346.707413][ T27] audit: type=1326 audit(1757790146.975:1220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10870 comm="syz.1.1692" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe6b438eba9 code=0x7ffc0000 [ 346.820992][ T27] audit: type=1326 audit(1757790146.975:1221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10870 comm="syz.1.1692" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7fe6b438eba9 code=0x7ffc0000 [ 346.860974][ T27] audit: type=1326 audit(1757790146.975:1222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10870 comm="syz.1.1692" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe6b438eba9 code=0x7ffc0000 [ 346.953959][T10883] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 347.001048][T10885] program syz.3.1697 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 347.415926][T10896] syzkaller0: entered promiscuous mode [ 347.453690][T10896] syzkaller0: entered allmulticast mode [ 347.567056][T10902] mmap: syz.2.1703 (10902) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 348.581358][T10929] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1711'. [ 348.791905][T10933] loop2: detected capacity change from 0 to 8192 [ 349.200235][T10940] pim6reg1: entered promiscuous mode [ 349.232628][T10940] pim6reg1: entered allmulticast mode [ 350.481690][T10953] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1723'. [ 350.646367][T10957] loop2: detected capacity change from 0 to 512 [ 350.662539][T10957] EXT4-fs: Ignoring removed mblk_io_submit option [ 350.729330][T10957] EXT4-fs (loop2): failed to initialize system zone (-117) [ 350.792052][T10957] EXT4-fs (loop2): mount failed [ 351.103856][ T27] kauditd_printk_skb: 65 callbacks suppressed [ 351.103874][ T27] audit: type=1326 audit(1757790152.105:1288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10966 comm="syz.2.1728" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e0e38eba9 code=0x7ffc0000 [ 351.191044][ T27] audit: type=1326 audit(1757790152.145:1289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10966 comm="syz.2.1728" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e0e38eba9 code=0x7ffc0000 [ 351.258538][ T27] audit: type=1326 audit(1757790152.145:1290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10966 comm="syz.2.1728" exe="/root/syz-executor" sig=0 arch=c000003e syscall=281 compat=0 ip=0x7f5e0e38eba9 code=0x7ffc0000 [ 351.273578][T10967] loop2: detected capacity change from 0 to 128 [ 351.336028][ T27] audit: type=1326 audit(1757790152.145:1291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10966 comm="syz.2.1728" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e0e38eba9 code=0x7ffc0000 [ 351.512778][ T27] audit: type=1326 audit(1757790152.145:1292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10966 comm="syz.2.1728" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f5e0e38eba9 code=0x7ffc0000 [ 351.589344][ T27] audit: type=1326 audit(1757790152.145:1293): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10966 comm="syz.2.1728" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e0e38eba9 code=0x7ffc0000 [ 351.949026][ T27] audit: type=1326 audit(1757790152.145:1294): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10966 comm="syz.2.1728" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5e0e38eba9 code=0x7ffc0000 [ 352.245359][ T27] audit: type=1326 audit(1757790152.145:1295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10966 comm="syz.2.1728" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e0e38eba9 code=0x7ffc0000 [ 352.334879][ T27] audit: type=1326 audit(1757790152.145:1296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10966 comm="syz.2.1728" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5e0e38eba9 code=0x7ffc0000 [ 352.436586][ T27] audit: type=1326 audit(1757790152.145:1297): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10966 comm="syz.2.1728" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e0e38eba9 code=0x7ffc0000 [ 352.594042][T10983] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1726'. [ 352.624438][T10983] team5: entered promiscuous mode [ 352.629544][T10983] team5: entered allmulticast mode [ 353.096609][T10986] tmpfs: Bad value for 'size' [ 353.531014][T11002] random: crng reseeded on system resumption [ 355.566511][T11025] syz.3.1746[11025] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 355.566695][T11025] syz.3.1746[11025] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 355.602112][T11025] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1746'. [ 355.674704][T11026] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1744'. [ 355.860815][T11026] team3: entered promiscuous mode [ 355.940951][T11026] team3: entered allmulticast mode [ 356.193185][ T27] kauditd_printk_skb: 33 callbacks suppressed [ 356.193203][ T27] audit: type=1326 audit(1757790157.195:1331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11034 comm=ACED exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe6b438eba9 code=0x7ffc0000 [ 356.262587][ T27] audit: type=1326 audit(1757790157.195:1332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11034 comm=ACED exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe6b438eba9 code=0x7ffc0000 [ 356.315445][ T27] audit: type=1326 audit(1757790157.225:1333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11034 comm=ACED exe="/root/syz-executor" sig=0 arch=c000003e syscall=430 compat=0 ip=0x7fe6b438eba9 code=0x7ffc0000 [ 356.359042][ T27] audit: type=1326 audit(1757790157.225:1334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11034 comm=ACED exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe6b438eba9 code=0x7ffc0000 [ 356.410984][ T27] audit: type=1326 audit(1757790157.225:1335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11034 comm=ACED exe="/root/syz-executor" sig=0 arch=c000003e syscall=256 compat=0 ip=0x7fe6b438eba9 code=0x7ffc0000 [ 356.437771][ T27] audit: type=1326 audit(1757790157.225:1336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11034 comm=ACED exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe6b438eba9 code=0x7ffc0000 [ 356.495528][ T27] audit: type=1326 audit(1757790157.475:1337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11037 comm="syz.1.1751" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe6b438eba9 code=0x7ffc0000 [ 356.542204][ T27] audit: type=1326 audit(1757790157.475:1338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11037 comm="syz.1.1751" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe6b438eba9 code=0x7ffc0000 [ 357.300676][ T27] audit: type=1326 audit(1757790158.275:1339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11040 comm="syz.1.1752" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fe6b438eba9 code=0x0 [ 357.394589][T11046] random: crng reseeded on system resumption [ 359.136879][T11066] syz.1.1758[11066] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 359.137115][T11066] syz.1.1758[11066] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 359.367366][ T27] audit: type=1326 audit(1757790160.365:1340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11072 comm="syz.3.1761" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f2bf418eba9 code=0x0 [ 360.065913][T11089] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1766'. [ 360.629656][T11095] random: crng reseeded on system resumption [ 360.974917][T11089] team6: entered promiscuous mode [ 360.980026][T11089] team6: entered allmulticast mode [ 361.332384][ T27] audit: type=1326 audit(1757790162.335:1341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11106 comm="syz.1.1772" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe6b438eba9 code=0x7ffc0000 [ 361.376083][T11107] capability: warning: `syz.1.1772' uses 32-bit capabilities (legacy support in use) [ 361.380101][ T27] audit: type=1326 audit(1757790162.335:1342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11106 comm="syz.1.1772" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe6b438eba9 code=0x7ffc0000 [ 361.461218][ T27] audit: type=1326 audit(1757790162.365:1343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11106 comm="syz.1.1772" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe6b438eba9 code=0x7ffc0000 [ 361.541104][ T27] audit: type=1326 audit(1757790162.365:1344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11106 comm="syz.1.1772" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe6b438eba9 code=0x7ffc0000 [ 361.614679][ T27] audit: type=1326 audit(1757790162.365:1345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11106 comm="syz.1.1772" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe6b438eba9 code=0x7ffc0000 [ 361.658300][T11109] netlink: 'syz.1.1773': attribute type 6 has an invalid length. [ 361.675541][T11109] netlink: 168 bytes leftover after parsing attributes in process `syz.1.1773'. [ 361.685396][ T27] audit: type=1326 audit(1757790162.375:1346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11106 comm="syz.1.1772" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe6b438eba9 code=0x7ffc0000 [ 361.741414][ T27] audit: type=1326 audit(1757790162.375:1347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11106 comm="syz.1.1772" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe6b438eba9 code=0x7ffc0000 [ 361.805449][ T27] audit: type=1326 audit(1757790162.375:1348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11106 comm="syz.1.1772" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe6b438eba9 code=0x7ffc0000 [ 361.890472][ T27] audit: type=1326 audit(1757790162.375:1349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11106 comm="syz.1.1772" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe6b438eba9 code=0x7ffc0000 [ 361.919031][ T27] audit: type=1326 audit(1757790162.375:1350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11106 comm="syz.1.1772" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe6b438eba9 code=0x7ffc0000 [ 362.546078][T11127] vxcan1: entered allmulticast mode [ 363.371082][T11135] syzkaller0: entered promiscuous mode [ 363.376647][T11135] syzkaller0: entered allmulticast mode [ 364.180369][T11131] warn_alloc: 1 callbacks suppressed [ 364.180388][T11131] syz.2.1781: vmalloc error: size 6291456, failed to allocated page array size 12288, mode:0x400dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=syz2,mems_allowed=0-1 [ 364.213171][T11131] CPU: 1 PID: 11131 Comm: syz.2.1781 Not tainted syzkaller #0 [ 364.220705][T11131] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 364.230819][T11131] Call Trace: [ 364.234135][T11131] [ 364.237103][T11131] dump_stack_lvl+0x16c/0x230 [ 364.241845][T11131] ? show_regs_print_info+0x20/0x20 [ 364.247097][T11131] ? load_image+0x3b0/0x3b0 [ 364.251745][T11131] ? cpuset_print_current_mems_allowed+0x1f/0x360 [ 364.258210][T11131] ? cpuset_print_current_mems_allowed+0x2e3/0x360 [ 364.264767][T11131] warn_alloc+0x210/0x300 [ 364.269258][T11131] ? zone_watermark_ok_safe+0x230/0x230 [ 364.274863][T11131] ? _raw_spin_unlock+0x28/0x40 [ 364.279738][T11131] ? netlink_rcv_skb+0x216/0x480 [ 364.284693][T11131] __vmalloc_node_range+0x662/0x1320 [ 364.289994][T11131] ? __asan_memset+0x22/0x40 [ 364.294625][T11131] ? free_vm_area+0x50/0x50 [ 364.299154][T11131] ? kvmalloc_node+0x70/0x180 [ 364.303965][T11131] ? rcu_is_watching+0x15/0xb0 [ 364.308742][T11131] ? kvmalloc_node+0x70/0x180 [ 364.313459][T11131] ? trace_kmalloc+0x1f/0xa0 [ 364.318156][T11131] kvmalloc_node+0x13f/0x180 [ 364.322776][T11131] ? hash_netport4_resize+0x232/0x1b50 [ 364.328252][T11131] hash_netport4_resize+0x232/0x1b50 [ 364.333634][T11131] ? hash_netport4_uadt+0xc1f/0xed0 [ 364.338840][T11131] ? lockdep_hardirqs_on_prepare+0x400/0x760 [ 364.344923][T11131] ? hash_netport4_uadt+0xed0/0xed0 [ 364.350134][T11131] ? hash_netport4_kadt+0x560/0x560 [ 364.355351][T11131] ? _local_bh_enable+0xa0/0xa0 [ 364.360224][T11131] call_ad+0x43f/0xae0 [ 364.364318][T11131] ? ip_set_ad+0x930/0x930 [ 364.368760][T11131] ? __nla_parse+0x40/0x50 [ 364.373204][T11131] ip_set_ad+0x787/0x930 [ 364.377475][T11131] ? trace_raw_output_contention_end+0x30/0xd0 [ 364.383674][T11131] ? ip_set_dump_done+0x1e0/0x1e0 [ 364.388739][T11131] ? rcu_is_watching+0x15/0xb0 [ 364.393566][T11131] nfnetlink_rcv_msg+0xb49/0x1130 [ 364.398618][T11131] ? entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 364.404706][T11131] ? nfnetlink_rcv_msg+0x20e/0x1130 [ 364.409957][T11131] ? nfnetlink_unbind+0x160/0x160 [ 364.415018][T11131] ? __dev_queue_xmit+0x1a64/0x35a0 [ 364.420240][T11131] ? __netlink_deliver_tap+0x5ab/0x830 [ 364.425710][T11131] ? netlink_deliver_tap+0x19c/0x1b0 [ 364.431182][T11131] ? netlink_unicast+0x72c/0x8d0 [ 364.436136][T11131] ? netlink_sendmsg+0x8c1/0xbe0 [ 364.441084][T11131] ? ____sys_sendmsg+0x5bf/0x950 [ 364.446045][T11131] ? ___sys_sendmsg+0x220/0x290 [ 364.450937][T11131] ? __se_sys_sendmsg+0x1a5/0x270 [ 364.456005][T11131] ? do_syscall_64+0x55/0xb0 [ 364.460636][T11131] netlink_rcv_skb+0x216/0x480 [ 364.465511][T11131] ? nfnetlink_unbind+0x160/0x160 [ 364.470554][T11131] ? netlink_ack+0x1110/0x1110 [ 364.475352][T11131] ? apparmor_capable+0x137/0x1a0 [ 364.480391][T11131] ? bpf_lsm_capable+0x9/0x10 [ 364.485090][T11131] ? security_capable+0x89/0xb0 [ 364.489965][T11131] nfnetlink_rcv+0x274/0x2180 [ 364.494665][T11131] ? __local_bh_enable_ip+0x12e/0x1c0 [ 364.500047][T11131] ? lockdep_hardirqs_on+0x98/0x150 [ 364.505268][T11131] ? __local_bh_enable_ip+0x12e/0x1c0 [ 364.510648][T11131] ? _local_bh_enable+0xa0/0xa0 [ 364.515517][T11131] ? __dev_queue_xmit+0x245/0x35a0 [ 364.520648][T11131] ? nfnetlink_net_exit_batch+0xa0/0xa0 [ 364.526219][T11131] ? __dev_queue_xmit+0x245/0x35a0 [ 364.531352][T11131] ? ref_tracker_free+0x634/0x7d0 [ 364.536408][T11131] ? __copy_skb_header+0xa7/0x550 [ 364.541454][T11131] ? refcount_inc+0x70/0x70 [ 364.545971][T11131] ? __skb_clone+0x63/0x790 [ 364.550497][T11131] ? __skb_clone+0x480/0x790 [ 364.555127][T11131] ? __netlink_deliver_tap+0x7e8/0x830 [ 364.560598][T11131] ? netlink_deliver_tap+0x2e/0x1b0 [ 364.565811][T11131] ? __lock_acquire+0x7c80/0x7c80 [ 364.570869][T11131] ? netlink_deliver_tap+0x2e/0x1b0 [ 364.576274][T11131] netlink_unicast+0x751/0x8d0 [ 364.581080][T11131] netlink_sendmsg+0x8c1/0xbe0 [ 364.585909][T11131] ? netlink_getsockopt+0x580/0x580 [ 364.591129][T11131] ? aa_sock_msg_perm+0x94/0x150 [ 364.596275][T11131] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 364.601690][T11131] ? security_socket_sendmsg+0x80/0xa0 [ 364.607174][T11131] ? netlink_getsockopt+0x580/0x580 [ 364.612741][T11131] ____sys_sendmsg+0x5bf/0x950 [ 364.617531][T11131] ? __asan_memset+0x22/0x40 [ 364.622142][T11131] ? __sys_sendmsg_sock+0x30/0x30 [ 364.627182][T11131] ? __import_iovec+0x5f2/0x860 [ 364.632236][T11131] ? import_iovec+0x73/0xa0 [ 364.636783][T11131] ___sys_sendmsg+0x220/0x290 [ 364.641481][T11131] ? __sys_sendmsg+0x270/0x270 [ 364.646303][T11131] __se_sys_sendmsg+0x1a5/0x270 [ 364.651170][T11131] ? __x64_sys_sendmsg+0x80/0x80 [ 364.656134][T11131] ? lockdep_hardirqs_on+0x98/0x150 [ 364.661522][T11131] do_syscall_64+0x55/0xb0 [ 364.665947][T11131] ? clear_bhb_loop+0x40/0x90 [ 364.670635][T11131] ? clear_bhb_loop+0x40/0x90 [ 364.675326][T11131] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 364.681237][T11131] RIP: 0033:0x7f5e0e38eba9 [ 364.685663][T11131] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 364.705309][T11131] RSP: 002b:00007f5e0f26e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 364.713935][T11131] RAX: ffffffffffffffda RBX: 00007f5e0e5d5fa0 RCX: 00007f5e0e38eba9 [ 364.722029][T11131] RDX: 0000000000000080 RSI: 00002000000002c0 RDI: 0000000000000005 [ 364.730296][T11131] RBP: 00007f5e0e411e19 R08: 0000000000000000 R09: 0000000000000000 [ 364.738364][T11131] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 364.746363][T11131] R13: 00007f5e0e5d6038 R14: 00007f5e0e5d5fa0 R15: 00007ffd21a7bcc8 [ 364.754368][T11131] [ 364.776485][T11131] Mem-Info: [ 364.779875][T11131] active_anon:28301 inactive_anon:0 isolated_anon:0 [ 364.779875][T11131] active_file:14866 inactive_file:40358 isolated_file:0 [ 364.779875][T11131] unevictable:768 dirty:94 writeback:0 [ 364.779875][T11131] slab_reclaimable:10684 slab_unreclaimable:97001 [ 364.779875][T11131] mapped:24480 shmem:23496 pagetables:740 [ 364.779875][T11131] sec_pagetables:0 bounce:0 [ 364.779875][T11131] kernel_misc_reclaimable:0 [ 364.779875][T11131] free:1318524 free_pcp:12753 free_cma:0 [ 364.844763][T11131] Node 0 active_anon:113204kB inactive_anon:0kB active_file:59464kB inactive_file:161228kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:97920kB dirty:372kB writeback:0kB shmem:92448kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:12040kB pagetables:3060kB sec_pagetables:0kB all_unreclaimable? no [ 364.882624][T11131] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no [ 364.923486][T11150] random: crng reseeded on system resumption [ 364.955946][T11131] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 365.048856][T11131] lowmem_reserve[]: 0 2525 2526 2526 2526 [ 365.081141][T11131] Node 0 DMA32 free:1367744kB boost:0kB min:34676kB low:43344kB high:52012kB reserved_highatomic:0KB active_anon:113360kB inactive_anon:0kB active_file:59464kB inactive_file:159912kB unevictable:1536kB writepending:376kB present:3129332kB managed:2589592kB mlocked:0kB bounce:0kB free_pcp:29228kB local_pcp:17668kB free_cma:0kB [ 365.134964][T11152] netlink: 3 bytes leftover after parsing attributes in process `syz.4.1790'. [ 365.147590][T11131] lowmem_reserve[]: 0 0 1 1 1 [ 365.156276][T11131] Node 0 Normal free:16kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB active_anon:44kB inactive_anon:0kB active_file:0kB inactive_file:1316kB unevictable:0kB writepending:0kB present:1048576kB managed:1384kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:0kB free_cma:0kB [ 365.187958][T11152] batadv1: entered promiscuous mode [ 365.193813][T11152] batadv1: entered allmulticast mode [ 365.199775][T11131] lowmem_reserve[]: 0 0 0 0 0 [ 365.207970][T11131] Node 1 Normal free:3890976kB boost:0kB min:55208kB low:69008kB high:82808kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB writepending:4kB present:4194304kB managed:4117312kB mlocked:0kB bounce:0kB free_pcp:21016kB local_pcp:12352kB free_cma:0kB [ 365.238668][T11131] lowmem_reserve[]: 0 0 0 0 0 [ 365.253525][T11131] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 365.305292][T11131] Node 0 DMA32: 282*4kB (UME) 857*8kB (UME) 517*16kB (UME) 618*32kB (UME) 270*64kB (UME) 191*128kB (UME) 152*256kB (UM) 59*512kB (UME) 32*1024kB (UME) 6*2048kB (M) 287*4096kB (M) = 1367488kB [ 365.362366][T11131] Node 0 Normal: 0*4kB 0*8kB 1*16kB (M) 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 16kB [ 365.388786][T11131] Node 1 Normal: 186*4kB (UME) 61*8kB (UME) 39*16kB (UME) 131*32kB (UME) 36*64kB (UE) 9*128kB (UME) 2*256kB (UE) 2*512kB (ME) 1*1024kB (U) 2*2048kB (UE) 946*4096kB (M) = 3890976kB [ 365.407911][T11131] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 365.419672][T11131] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB [ 365.429095][T11131] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 365.439106][T11131] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 365.448761][T11131] 81556 total pagecache pages [ 365.453753][T11131] 0 pages in swap cache [ 365.457942][T11131] Free swap = 124436kB [ 365.463224][T11131] Total swap = 124996kB [ 365.467419][T11131] 2097051 pages RAM [ 365.473434][T11131] 0 pages HighMem/MovableOnly [ 365.478252][T11131] 416139 pages reserved [ 365.484817][T11131] 0 pages cma reserved [ 366.431374][T11167] random: crng reseeded on system resumption [ 366.456240][ T27] kauditd_printk_skb: 4 callbacks suppressed [ 366.456255][ T27] audit: type=1326 audit(1757790167.455:1355): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11164 comm="syz.1.1794" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe6b438eba9 code=0x7ffc0000 [ 366.456363][T11168] loop3: detected capacity change from 0 to 512 [ 366.511394][ T27] audit: type=1326 audit(1757790167.455:1356): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11164 comm="syz.1.1794" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe6b438eba9 code=0x7ffc0000 [ 366.518499][T11168] FAT-fs (loop3): Unrecognized mount option "umask=€00000000\sw26hYz™[×?”;00000000000002" or missing value [ 366.571359][ T27] audit: type=1326 audit(1757790167.455:1357): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11164 comm="syz.1.1794" exe="/root/syz-executor" sig=0 arch=c000003e syscall=154 compat=0 ip=0x7fe6b438eba9 code=0x7ffc0000 [ 366.633203][ T27] audit: type=1326 audit(1757790167.455:1358): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11164 comm="syz.1.1794" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe6b438eba9 code=0x7ffc0000 [ 366.701205][ T27] audit: type=1326 audit(1757790167.455:1359): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11164 comm="syz.1.1794" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe6b438eba9 code=0x7ffc0000 [ 366.775284][ T27] audit: type=1326 audit(1757790167.575:1360): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11169 comm="syz.2.1796" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e0e38eba9 code=0x7ffc0000 [ 366.859541][ T27] audit: type=1326 audit(1757790167.575:1361): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11169 comm="syz.2.1796" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e0e38eba9 code=0x7ffc0000 [ 366.903577][ T27] audit: type=1326 audit(1757790167.605:1362): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11169 comm="syz.2.1796" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5e0e38eba9 code=0x7ffc0000 [ 366.963466][ T27] audit: type=1326 audit(1757790167.605:1363): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11169 comm="syz.2.1796" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e0e38eba9 code=0x7ffc0000 [ 367.034668][ T27] audit: type=1326 audit(1757790167.605:1364): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11169 comm="syz.2.1796" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e0e38eba9 code=0x7ffc0000 [ 367.214630][T11187] loop3: detected capacity change from 0 to 764 [ 367.254635][T11187] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 369.083175][T11228] random: crng reseeded on system resumption [ 370.749831][T11253] syzkaller0: entered promiscuous mode [ 370.781259][T11253] syzkaller0: entered allmulticast mode [ 372.256426][T11272] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1829'. [ 372.572648][T11279] random: crng reseeded on system resumption [ 373.993074][T11294] syzkaller0: entered promiscuous mode [ 374.014501][T11294] syzkaller0: entered allmulticast mode [ 375.012916][T11214] warn_alloc: 3 callbacks suppressed [ 375.012936][T11214] syz.2.1813: vmalloc error: size 2101248, failed to allocated page array size 4104, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=syz2,mems_allowed=0-1 [ 375.121109][T11214] CPU: 1 PID: 11214 Comm: syz.2.1813 Not tainted syzkaller #0 [ 375.128653][T11214] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 375.138846][T11214] Call Trace: [ 375.142163][T11214] [ 375.145124][T11214] dump_stack_lvl+0x16c/0x230 [ 375.149863][T11214] ? show_regs_print_info+0x20/0x20 [ 375.155117][T11214] ? load_image+0x3b0/0x3b0 [ 375.159661][T11214] ? cpuset_print_current_mems_allowed+0x1f/0x360 [ 375.166107][T11214] ? cpuset_print_current_mems_allowed+0x2e3/0x360 [ 375.172720][T11214] warn_alloc+0x210/0x300 [ 375.177161][T11214] ? zone_watermark_ok_safe+0x230/0x230 [ 375.182818][T11214] ? _raw_spin_unlock+0x28/0x40 [ 375.187806][T11214] __vmalloc_node_range+0x662/0x1320 [ 375.193137][T11214] ? free_vm_area+0x50/0x50 [ 375.197661][T11214] ? _raw_spin_unlock+0x28/0x40 [ 375.202535][T11214] ? __kmem_cache_free+0xba/0x1f0 [ 375.207619][T11214] __vmalloc_node_range+0x568/0x1320 [ 375.213301][T11214] ? hash_netiface_create+0x361/0xff0 [ 375.218798][T11214] ? __asan_memset+0x22/0x40 [ 375.223436][T11214] ? free_vm_area+0x50/0x50 [ 375.227963][T11214] ? kvmalloc_node+0x70/0x180 [ 375.232660][T11214] ? rcu_is_watching+0x15/0xb0 [ 375.237528][T11214] ? kvmalloc_node+0x70/0x180 [ 375.242222][T11214] ? trace_kmalloc+0x1f/0xa0 [ 375.246841][T11214] kvmalloc_node+0x13f/0x180 [ 375.251452][T11214] ? hash_netiface_create+0x361/0xff0 [ 375.256844][T11214] hash_netiface_create+0x361/0xff0 [ 375.262058][T11214] ? __lock_acquire+0x7c80/0x7c80 [ 375.267102][T11214] ? __nla_parse+0x40/0x50 [ 375.270842][ C0] sched: RT throttling activated [ 375.276509][T11214] ? hash_netport6_gc+0x570/0x570 [ 375.281574][T11214] ip_set_create+0xa87/0x18e0 [ 375.286309][T11214] ? ip_set_create+0x4b2/0x18e0 [ 375.291232][T11214] ? ip_set_protocol+0x5d0/0x5d0 [ 375.296226][T11214] ? trace_contention_end+0x39/0xe0 [ 375.301489][T11214] nfnetlink_rcv_msg+0xb49/0x1130 [ 375.306537][T11214] ? entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 375.312635][T11214] ? nfnetlink_rcv_msg+0x20e/0x1130 [ 375.317874][T11214] ? nfnetlink_unbind+0x160/0x160 [ 375.323040][T11214] ? __dev_queue_xmit+0x1a64/0x35a0 [ 375.328254][T11214] ? __netlink_deliver_tap+0x5ab/0x830 [ 375.333732][T11214] ? netlink_deliver_tap+0x19c/0x1b0 [ 375.339066][T11214] ? netlink_unicast+0x72c/0x8d0 [ 375.344018][T11214] ? netlink_sendmsg+0x8c1/0xbe0 [ 375.348971][T11214] ? ____sys_sendmsg+0x5bf/0x950 [ 375.353921][T11214] ? ___sys_sendmsg+0x220/0x290 [ 375.358793][T11214] ? __se_sys_sendmsg+0x1a5/0x270 [ 375.363834][T11214] ? do_syscall_64+0x55/0xb0 [ 375.368450][T11214] netlink_rcv_skb+0x216/0x480 [ 375.373250][T11214] ? nfnetlink_unbind+0x160/0x160 [ 375.378309][T11214] ? netlink_ack+0x1110/0x1110 [ 375.383127][T11214] ? apparmor_capable+0x137/0x1a0 [ 375.388189][T11214] ? bpf_lsm_capable+0x9/0x10 [ 375.392901][T11214] ? security_capable+0x89/0xb0 [ 375.397786][T11214] nfnetlink_rcv+0x274/0x2180 [ 375.402573][T11214] ? __local_bh_enable_ip+0x12e/0x1c0 [ 375.408043][T11214] ? lockdep_hardirqs_on+0x98/0x150 [ 375.413260][T11214] ? __local_bh_enable_ip+0x12e/0x1c0 [ 375.418728][T11214] ? _local_bh_enable+0xa0/0xa0 [ 375.423611][T11214] ? __dev_queue_xmit+0x245/0x35a0 [ 375.428739][T11214] ? nfnetlink_net_exit_batch+0xa0/0xa0 [ 375.434398][T11214] ? __dev_queue_xmit+0x245/0x35a0 [ 375.439526][T11214] ? ref_tracker_free+0x634/0x7d0 [ 375.444557][T11214] ? __copy_skb_header+0xa7/0x550 [ 375.449603][T11214] ? refcount_inc+0x70/0x70 [ 375.454117][T11214] ? __skb_clone+0x63/0x790 [ 375.458678][T11214] ? __skb_clone+0x480/0x790 [ 375.463295][T11214] ? __netlink_deliver_tap+0x7e8/0x830 [ 375.468770][T11214] ? netlink_deliver_tap+0x2e/0x1b0 [ 375.474002][T11214] ? __lock_acquire+0x7c80/0x7c80 [ 375.479075][T11214] ? netlink_deliver_tap+0x2e/0x1b0 [ 375.484308][T11214] netlink_unicast+0x751/0x8d0 [ 375.489096][T11214] netlink_sendmsg+0x8c1/0xbe0 [ 375.493879][T11214] ? netlink_getsockopt+0x580/0x580 [ 375.499102][T11214] ? aa_sock_msg_perm+0x94/0x150 [ 375.504056][T11214] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 375.509439][T11214] ? security_socket_sendmsg+0x80/0xa0 [ 375.515089][T11214] ? netlink_getsockopt+0x580/0x580 [ 375.520297][T11214] ____sys_sendmsg+0x5bf/0x950 [ 375.525085][T11214] ? __asan_memset+0x22/0x40 [ 375.529766][T11214] ? __sys_sendmsg_sock+0x30/0x30 [ 375.534805][T11214] ? __import_iovec+0x5f2/0x860 [ 375.539680][T11214] ? import_iovec+0x73/0xa0 [ 375.544202][T11214] ___sys_sendmsg+0x220/0x290 [ 375.548902][T11214] ? __sys_sendmsg+0x270/0x270 [ 375.553871][T11214] __se_sys_sendmsg+0x1a5/0x270 [ 375.558790][T11214] ? __x64_sys_sendmsg+0x80/0x80 [ 375.563763][T11214] ? lockdep_hardirqs_on+0x98/0x150 [ 375.568983][T11214] do_syscall_64+0x55/0xb0 [ 375.573416][T11214] ? clear_bhb_loop+0x40/0x90 [ 375.578105][T11214] ? clear_bhb_loop+0x40/0x90 [ 375.582890][T11214] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 375.588800][T11214] RIP: 0033:0x7f5e0e38eba9 [ 375.593234][T11214] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 375.612852][T11214] RSP: 002b:00007f5e0f26e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 375.621280][T11214] RAX: ffffffffffffffda RBX: 00007f5e0e5d5fa0 RCX: 00007f5e0e38eba9 [ 375.629345][T11214] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000003 [ 375.637411][T11214] RBP: 00007f5e0e411e19 R08: 0000000000000000 R09: 0000000000000000 [ 375.645478][T11214] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 375.653464][T11214] R13: 00007f5e0e5d6038 R14: 00007f5e0e5d5fa0 R15: 00007ffd21a7bcc8 [ 375.661548][T11214] [ 375.766732][T11214] Mem-Info: [ 375.769940][T11214] active_anon:37896 inactive_anon:0 isolated_anon:0 [ 375.769940][T11214] active_file:14866 inactive_file:40362 isolated_file:0 [ 375.769940][T11214] unevictable:768 dirty:100 writeback:0 [ 375.769940][T11214] slab_reclaimable:10705 slab_unreclaimable:96005 [ 375.769940][T11214] mapped:33461 shmem:33030 pagetables:779 [ 375.769940][T11214] sec_pagetables:0 bounce:0 [ 375.769940][T11214] kernel_misc_reclaimable:0 [ 375.769940][T11214] free:1279798 free_pcp:10583 free_cma:0 [ 375.849456][T11214] Node 0 active_anon:154084kB inactive_anon:0kB active_file:59464kB inactive_file:161244kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:136344kB dirty:396kB writeback:0kB shmem:132984kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:12040kB pagetables:3116kB sec_pagetables:0kB all_unreclaimable? no [ 375.853787][T11310] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 375.890878][T11214] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no [ 375.929387][T11214] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 375.961829][T11214] lowmem_reserve[]: 0 2525 2526 2526 2526 [ 375.967903][T11214] Node 0 DMA32 free:1212588kB boost:0kB min:34676kB low:43344kB high:52012kB reserved_highatomic:0KB active_anon:154540kB inactive_anon:0kB active_file:59464kB inactive_file:159928kB unevictable:1536kB writepending:396kB present:3129332kB managed:2589592kB mlocked:0kB bounce:0kB free_pcp:18292kB local_pcp:7392kB free_cma:0kB [ 376.012196][T11214] lowmem_reserve[]: 0 0 1 1 1 [ 376.013701][T11314] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1844'. [ 376.017154][T11214] Node 0 Normal free:16kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB active_anon:44kB inactive_anon:0kB active_file:0kB inactive_file:1316kB unevictable:0kB writepending:0kB present:1048576kB managed:1384kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:0kB free_cma:0kB [ 376.061426][T11312] netlink: 'syz.3.1843': attribute type 1 has an invalid length. [ 376.068138][T11214] lowmem_reserve[]: 0 0 0 0 0 [ 376.074596][T11214] Node 1 Normal free:3890976kB boost:0kB min:55208kB low:69008kB high:82808kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB writepending:4kB present:4194304kB managed:4117312kB mlocked:0kB bounce:0kB free_pcp:21048kB local_pcp:12352kB free_cma:0kB [ 376.082266][T11312] netlink: 'syz.3.1843': attribute type 4 has an invalid length. [ 376.108886][T11214] lowmem_reserve[]: 0 0 0 0 0 [ 376.119428][T11214] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 376.146398][T11214] Node 0 DMA32: 3*4kB (ME) 26*8kB (ME) 1*16kB (E) 2*32kB (UM) 2*64kB (UM) 2*128kB (ME) 2*256kB (UM) 22*512kB (UME) 14*1024kB (UME) 7*2048kB (UM) 286*4096kB (M) = 1212588kB [ 376.155345][T11312] netlink: 9462 bytes leftover after parsing attributes in process `syz.3.1843'. [ 376.173131][T11214] Node 0 Normal: 0*4kB 0*8kB 1*16kB (M) 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 16kB [ 376.173282][T11214] Node 1 Normal: 186*4kB (UME) 61*8kB (UME) 39*16kB (UME) 131*32kB (UME) 36*64kB (UE) 9*128kB (UME) 2*256kB (UE) 2*512kB (ME) 1*1024kB (U) 2*2048kB (UE) 946*4096kB (M) = 3890976kB [ 376.173499][T11214] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 376.173517][T11214] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB [ 376.223735][T11214] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 376.280016][T11214] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 376.334255][T11214] 91271 total pagecache pages [ 376.339192][T11214] 0 pages in swap cache [ 376.345010][T11214] Free swap = 124436kB [ 376.349204][T11214] Total swap = 124996kB [ 376.363556][T11214] 2097051 pages RAM [ 376.367416][T11214] 0 pages HighMem/MovableOnly [ 376.380630][T11310] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 376.396377][T11214] 416139 pages reserved [ 376.400951][T11214] 0 pages cma reserved [ 376.447203][T11316] random: crng reseeded on system resumption [ 376.725853][T11310] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 376.940027][T11310] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 377.316959][T11325] syz.1.1848: attempt to access beyond end of device [ 377.316959][T11325] md0: rw=0, sector=0, nr_sectors = 1 limit=0 [ 377.361196][T11325] FAT-fs (md0): unable to read boot sector [ 377.373766][T11310] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 377.778460][T11310] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 377.897854][T11310] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 377.964625][T11328] syzkaller0: entered promiscuous mode [ 377.970340][T11328] syzkaller0: entered allmulticast mode [ 378.172897][T11310] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 378.835746][ T1288] ieee802154 phy0 wpan0: encryption failed: -22 [ 379.603829][T11354] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1858'. [ 379.712330][T11354] team7: entered promiscuous mode [ 379.717580][T11354] team7: entered allmulticast mode [ 380.551441][T11360] syzkaller0: entered promiscuous mode [ 380.591089][T11360] syzkaller0: entered allmulticast mode [ 381.809600][T11381] syz.2.1870[11381] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 381.809756][T11381] syz.2.1870[11381] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 381.997713][T11381] loop2: detected capacity change from 0 to 1024 [ 382.070939][T11381] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 382.085384][T11381] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (42152!=20869) [ 382.095542][T11381] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 382.155516][T11381] EXT4-fs error (device loop2): ext4_get_journal_inode:5807: inode #5: comm syz.2.1870: unexpected bad inode w/o EXT4_IGET_BAD [ 382.194351][T11390] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1871'. [ 382.291232][T11390] team6: entered promiscuous mode [ 382.296393][T11390] team6: entered allmulticast mode [ 382.486406][T11381] EXT4-fs (loop2): no journal found [ 382.560338][T11381] EXT4-fs (loop2): can't get journal size [ 382.763657][T11381] EXT4-fs (loop2): too many log groups per flexible block group [ 382.804033][T11381] EXT4-fs (loop2): failed to initialize mballoc (-12) [ 382.841196][T11381] EXT4-fs (loop2): mount failed [ 383.503248][T11408] Set syz1 is full, maxelem 65536 reached [ 383.682133][ T27] kauditd_printk_skb: 26 callbacks suppressed [ 383.682174][ T27] audit: type=1326 audit(1757790184.675:1391): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11412 comm="syz.3.1884" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2bf418eba9 code=0x7ffc0000 [ 384.048493][T11413] loop3: detected capacity change from 0 to 1024 [ 384.158303][ T27] audit: type=1326 audit(1757790184.715:1392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11412 comm="syz.3.1884" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2bf418eba9 code=0x7ffc0000 [ 384.404822][T11413] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 384.457878][ T27] audit: type=1326 audit(1757790184.715:1393): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11412 comm="syz.3.1884" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f2bf418d510 code=0x7ffc0000 [ 384.514686][ T27] audit: type=1326 audit(1757790184.715:1394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11412 comm="syz.3.1884" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2bf418eba9 code=0x7ffc0000 [ 384.539644][ T27] audit: type=1326 audit(1757790184.715:1395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11412 comm="syz.3.1884" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2bf418eba9 code=0x7ffc0000 [ 384.564403][ T27] audit: type=1326 audit(1757790184.715:1396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11412 comm="syz.3.1884" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f2bf418eba9 code=0x7ffc0000 [ 384.587400][ T27] audit: type=1326 audit(1757790184.725:1397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11412 comm="syz.3.1884" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f2bf418ebe3 code=0x7ffc0000 [ 384.610351][ T27] audit: type=1326 audit(1757790184.765:1398): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11412 comm="syz.3.1884" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f2bf418d65f code=0x7ffc0000 [ 384.633065][ T27] audit: type=1326 audit(1757790184.915:1399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11412 comm="syz.3.1884" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f2bf418ec37 code=0x7ffc0000 [ 384.661925][T11426] sd 0:0:1:0: device reset [ 384.667336][ T27] audit: type=1326 audit(1757790185.005:1400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11412 comm="syz.3.1884" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f2bf418d510 code=0x7ffc0000 [ 384.684839][T11427] syzkaller0: entered promiscuous mode [ 384.698582][T11427] syzkaller0: entered allmulticast mode [ 384.805225][ T5794] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 384.851657][T11429] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1887'. [ 384.891178][T11429] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1887'. [ 384.973351][T11433] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1889'. [ 385.245170][T11439] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1888'. [ 385.348168][T11439] team5: entered promiscuous mode [ 385.353378][T11439] team5: entered allmulticast mode [ 386.207662][T11449] usb usb5: usbfs: process 11449 (syz.1.1895) did not claim interface 0 before use [ 387.012430][T11456] syzkaller0: entered promiscuous mode [ 387.038408][T11456] syzkaller0: entered allmulticast mode [ 387.113702][T11459] netlink: 44 bytes leftover after parsing attributes in process `syz.4.1898'. [ 387.909140][T11481] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1904'. [ 388.014508][T11481] team4: entered promiscuous mode [ 388.019853][T11481] team4: entered allmulticast mode [ 389.073359][ T27] kauditd_printk_skb: 24 callbacks suppressed [ 389.073377][ T27] audit: type=1326 audit(1757790189.515:1425): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11479 comm="syz.3.1907" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f2bf418eba9 code=0x0 [ 389.420365][T11496] random: crng reseeded on system resumption [ 390.029644][T11507] netlink: 'syz.4.1914': attribute type 1 has an invalid length. [ 390.065664][T11507] netlink: 224 bytes leftover after parsing attributes in process `syz.4.1914'. [ 390.088307][T11507] block nbd0: not configured, cannot reconfigure [ 390.729248][T11518] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1917'. [ 390.760076][T11518] team8: entered promiscuous mode [ 390.765263][T11518] team8: entered allmulticast mode [ 392.472972][ T27] audit: type=1326 audit(1757790193.095:1426): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11514 comm="syz.1.1918" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fe6b438eba9 code=0x0 [ 393.089704][T11530] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1923'. [ 393.208293][ T27] audit: type=1326 audit(1757790194.195:1427): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11532 comm="syz.4.1925" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8a258eba9 code=0x7ffc0000 [ 393.271505][ T27] audit: type=1326 audit(1757790194.195:1428): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11532 comm="syz.4.1925" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7fb8a258eba9 code=0x7ffc0000 [ 393.341743][ T27] audit: type=1326 audit(1757790194.195:1429): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11532 comm="syz.4.1925" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8a258eba9 code=0x7ffc0000 [ 393.420941][ T27] audit: type=1326 audit(1757790194.195:1430): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11532 comm="syz.4.1925" exe="/root/syz-executor" sig=0 arch=c000003e syscall=311 compat=0 ip=0x7fb8a258eba9 code=0x7ffc0000 [ 393.490919][ T27] audit: type=1326 audit(1757790194.195:1431): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11532 comm="syz.4.1925" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8a258eba9 code=0x7ffc0000 [ 393.538264][T11541] random: crng reseeded on system resumption [ 393.580961][ T27] audit: type=1326 audit(1757790194.205:1432): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11532 comm="syz.4.1925" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8a258eba9 code=0x7ffc0000 [ 394.124993][ T27] audit: type=1326 audit(1757790195.015:1433): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11542 comm="syz.2.1928" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f5e0e38eba9 code=0x0 [ 395.651331][ T27] audit: type=1326 audit(1757790196.605:1434): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11574 comm="syz.4.1940" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fb8a258eba9 code=0x0 [ 396.202577][T11587] 9pnet: p9_errstr2errno: server reported unknown error 1844674 [ 396.293329][T11594] syz.3.1945[11594] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 396.293472][T11594] syz.3.1945[11594] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 396.352494][T11595] random: crng reseeded on system resumption [ 396.376305][T11594] loop3: detected capacity change from 0 to 256 [ 396.455945][T11594] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1945'. [ 396.457338][ T5791] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 396.898135][T11611] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1952'. [ 397.423654][ T27] audit: type=1326 audit(1757790198.425:1435): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11619 comm="syz.2.1956" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f5e0e38eba9 code=0x0 [ 397.758512][T11628] lo speed is unknown, defaulting to 1000 [ 397.775117][T11628] lo speed is unknown, defaulting to 1000 [ 398.288963][T11628] lo speed is unknown, defaulting to 1000 [ 398.364767][T11630] loop3: detected capacity change from 0 to 512 [ 398.410949][T11630] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 398.547362][T11630] EXT4-fs (loop3): 1 truncate cleaned up [ 398.568190][T11630] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 398.655738][T11630] EXT4-fs error (device loop3): ext4_generic_delete_entry:2729: inode #2: block 13: comm syz.3.1959: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0 [ 398.714590][T11630] EXT4-fs (loop3): Remounting filesystem read-only [ 398.740968][T11630] EXT4-fs warning (device loop3): ext4_rename_delete:3778: inode #2: comm syz.3.1959: Deleting old file: nlink 5, error=-117 [ 398.846746][ T5794] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 399.006874][T11653] random: crng reseeded on system resumption [ 399.380872][ T27] audit: type=1326 audit(1757790200.375:1436): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11659 comm="syz.3.1970" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2bf418eba9 code=0x7ffc0000 [ 399.410046][T11660] ªªªªªª: renamed from wg2 (while UP) [ 399.454633][ T27] audit: type=1326 audit(1757790200.375:1437): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11659 comm="syz.3.1970" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2bf418eba9 code=0x7ffc0000 [ 399.540724][ T27] audit: type=1326 audit(1757790200.415:1438): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11659 comm="syz.3.1970" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2bf418eba9 code=0x7ffc0000 [ 399.586639][ T27] audit: type=1326 audit(1757790200.415:1439): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11659 comm="syz.3.1970" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2bf418eba9 code=0x7ffc0000 [ 399.609449][ T27] audit: type=1326 audit(1757790200.415:1440): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11659 comm="syz.3.1970" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2bf418eba9 code=0x7ffc0000 [ 399.646799][ T27] audit: type=1326 audit(1757790200.415:1441): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11659 comm="syz.3.1970" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2bf418eba9 code=0x7ffc0000 [ 399.669900][ T27] audit: type=1326 audit(1757790200.415:1442): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11659 comm="syz.3.1970" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2bf418eba9 code=0x7ffc0000 [ 399.698927][ T27] audit: type=1326 audit(1757790200.415:1443): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11659 comm="syz.3.1970" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2bf418eba9 code=0x7ffc0000 [ 399.723673][ T27] audit: type=1326 audit(1757790200.415:1444): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11659 comm="syz.3.1970" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7f2bf418eba9 code=0x7ffc0000 [ 399.747599][ T27] audit: type=1326 audit(1757790200.415:1445): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11659 comm="syz.3.1970" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2bf418eba9 code=0x7ffc0000 [ 400.160019][T11673] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1975'. [ 400.556745][T11686] loop3: detected capacity change from 0 to 1024 [ 400.583719][T11686] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 400.610628][T11686] EXT4-fs (loop3): stripe (3) is not aligned with cluster size (16), stripe is disabled [ 400.653767][T11686] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 400.988379][ T5794] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 402.923844][T11707] random: crng reseeded on system resumption [ 403.053264][T11713] loop2: detected capacity change from 0 to 512 [ 403.111999][T11713] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -2 [ 403.176547][T11713] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -2 [ 403.223929][T11713] EXT4-fs (loop2): 1 truncate cleaned up [ 403.260466][T11713] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 403.355486][T11713] EXT4-fs: group quota file already specified [ 403.401233][T11716] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1215: group 0, block bitmap and bg descriptor inconsistent: 227 vs 220 free clusters [ 403.439443][ T5786] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 404.505049][ T27] kauditd_printk_skb: 26 callbacks suppressed [ 404.505066][ T27] audit: type=1326 audit(1757790205.505:1472): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11725 comm="syz.3.1993" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f2bf418eba9 code=0x0 [ 404.657565][T11733] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1994'. [ 404.745799][T11733] team6: entered promiscuous mode [ 404.751216][T11733] team6: entered allmulticast mode [ 405.499020][T11739] loop2: detected capacity change from 0 to 1024 [ 405.521667][T11739] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 405.558930][T11739] EXT4-fs (loop2): stripe (3) is not aligned with cluster size (16), stripe is disabled [ 405.668756][T11739] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 406.446884][T11754] random: crng reseeded on system resumption [ 406.749215][ T5786] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 406.811654][T11761] tipc: Enabling of bearer rejected, failed to enable media [ 407.414266][ T27] audit: type=1326 audit(1757790208.415:1473): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11770 comm="syz.1.2004" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fe6b438eba9 code=0x0 [ 408.802019][T11801] random: crng reseeded on system resumption [ 408.876025][T11784] loop2: detected capacity change from 0 to 512 [ 408.923777][T11784] Quota error (device loop2): v2_read_file_info: Free block number 1 out of range (1, 6). [ 408.978371][T11810] tipc: Enabling of bearer rejected, failed to enable media [ 409.001335][T11784] EXT4-fs warning (device loop2): ext4_enable_quotas:7175: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 409.059386][T11784] EXT4-fs (loop2): mount failed [ 409.289517][T11800] loop2: detected capacity change from 0 to 512 [ 409.302013][T11800] EXT4-fs: Ignoring removed nobh option [ 409.410549][T11800] EXT4-fs error (device loop2): ext4_do_update_inode:5230: inode #3: comm syz.2.2009: corrupted inode contents [ 409.497955][T11800] EXT4-fs error (device loop2): ext4_dirty_inode:6106: inode #3: comm syz.2.2009: mark_inode_dirty error [ 409.514767][T11828] netlink: 'syz.1.2019': attribute type 56 has an invalid length. [ 409.568440][T11800] EXT4-fs error (device loop2): ext4_do_update_inode:5230: inode #3: comm syz.2.2009: corrupted inode contents [ 409.609018][T11800] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #3: comm syz.2.2009: mark_inode_dirty error [ 409.648555][T11800] Quota error (device loop2): write_blk: dquota write failed [ 409.675171][T11800] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota [ 409.697265][T11829] lo speed is unknown, defaulting to 1000 [ 409.704973][T11829] lo speed is unknown, defaulting to 1000 [ 409.717406][T11800] EXT4-fs error (device loop2): ext4_acquire_dquot:6940: comm syz.2.2009: Failed to acquire dquot type 0 [ 409.760292][T11800] EXT4-fs error (device loop2): ext4_do_update_inode:5230: inode #16: comm syz.2.2009: corrupted inode contents [ 409.802402][T11800] EXT4-fs error (device loop2): ext4_dirty_inode:6106: inode #16: comm syz.2.2009: mark_inode_dirty error [ 409.821013][T11800] EXT4-fs error (device loop2): ext4_do_update_inode:5230: inode #16: comm syz.2.2009: corrupted inode contents [ 409.843392][T11800] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #16: comm syz.2.2009: mark_inode_dirty error [ 409.887379][ T27] audit: type=1326 audit(1757790210.885:1474): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11830 comm="syz.1.2020" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fe6b438eba9 code=0x0 [ 409.893635][T11800] EXT4-fs error (device loop2): ext4_do_update_inode:5230: inode #16: comm syz.2.2009: corrupted inode contents [ 409.918828][ T27] audit: type=1326 audit(1757790210.915:1475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11834 comm="syz.4.2021" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8a258eba9 code=0x7ffc0000 [ 409.966468][T11800] EXT4-fs error (device loop2) in ext4_orphan_del:305: Corrupt filesystem [ 409.972379][ T27] audit: type=1326 audit(1757790210.945:1476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11834 comm="syz.4.2021" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb8a258eba9 code=0x7ffc0000 [ 409.990368][T11800] EXT4-fs error (device loop2): ext4_do_update_inode:5230: inode #16: comm syz.2.2009: corrupted inode contents [ 410.025908][ T27] audit: type=1326 audit(1757790210.945:1477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11834 comm="syz.4.2021" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8a258eba9 code=0x7ffc0000 [ 410.035704][T11800] EXT4-fs error (device loop2): ext4_truncate:4288: inode #16: comm syz.2.2009: mark_inode_dirty error [ 410.073659][ T27] audit: type=1326 audit(1757790210.945:1478): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11834 comm="syz.4.2021" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb8a258eba9 code=0x7ffc0000 [ 410.110156][T11800] EXT4-fs error (device loop2) in ext4_process_orphan:347: Corrupt filesystem [ 410.134777][T11800] EXT4-fs (loop2): 1 truncate cleaned up [ 410.138168][T11829] lo speed is unknown, defaulting to 1000 [ 410.144289][T11800] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 410.163550][ T27] audit: type=1326 audit(1757790210.945:1479): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11834 comm="syz.4.2021" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8a258eba9 code=0x7ffc0000 [ 410.205437][T11800] ext4 filesystem being mounted at /492/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 410.205702][ T27] audit: type=1326 audit(1757790210.945:1480): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11834 comm="syz.4.2021" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb8a258eba9 code=0x7ffc0000 [ 410.236957][T11800] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 410.246191][ T27] audit: type=1326 audit(1757790210.945:1481): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11834 comm="syz.4.2021" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8a258eba9 code=0x7ffc0000 [ 411.591347][T11853] tipc: Enabling of bearer rejected, failed to enable media [ 411.612286][T11853] syzkaller0: entered promiscuous mode [ 411.617831][T11853] syzkaller0: entered allmulticast mode [ 411.729551][T11857] random: crng reseeded on system resumption [ 412.196884][T11865] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2028'. [ 412.300939][T11865] team5: entered promiscuous mode [ 412.306089][T11865] team5: entered allmulticast mode [ 412.969076][T11867] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(4) [ 412.975668][T11867] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 413.000519][T11867] vhci_hcd vhci_hcd.0: Device attached [ 413.341180][ T54] usb 35-1: new low-speed USB device number 2 using vhci_hcd [ 413.628063][T11877] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2033'. [ 413.958339][T11884] loop3: detected capacity change from 0 to 128 [ 414.287758][T11868] usb 35-1: recv xbuf, 0 [ 414.298709][ T8768] vhci_hcd: stop threads [ 414.313128][ T8768] vhci_hcd: release socket [ 414.319171][ T8768] vhci_hcd: disconnect device [ 414.392714][T11892] smc: net device bond0 erased user defined pnetid SYZ0 [ 414.458444][T11883] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2034'. [ 414.541879][ T54] vhci_hcd: vhci_device speed not set [ 414.574568][T11895] tipc: Enabling of bearer rejected, failed to enable media [ 414.584830][T11895] syzkaller0: entered promiscuous mode [ 414.590356][T11895] syzkaller0: entered allmulticast mode [ 415.634910][T11909] random: crng reseeded on system resumption [ 416.090659][ T27] kauditd_printk_skb: 8 callbacks suppressed [ 416.090674][ T27] audit: type=1326 audit(1757790217.085:1490): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11910 comm="syz.3.2043" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f2bf418eba9 code=0x0 [ 416.918488][T11930] tipc: Enabling of bearer rejected, failed to enable media [ 416.929165][T11930] syzkaller0: entered promiscuous mode [ 416.935274][T11930] syzkaller0: entered allmulticast mode [ 418.531673][T11945] loop7: detected capacity change from 0 to 7 [ 418.537912][ T27] audit: type=1326 audit(1757790219.505:1491): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11943 comm="syz.3.2054" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f2bf418eba9 code=0x0 [ 418.698698][T11957] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2056'. [ 418.731707][T11957] team9: entered promiscuous mode [ 418.736965][T11957] team9: entered allmulticast mode [ 419.001723][T11949] [ 419.004115][T11949] ================================================ [ 419.010638][T11949] WARNING: lock held when returning to user space! [ 419.017159][T11949] syzkaller #0 Not tainted [ 419.021626][T11949] ------------------------------------------------ [ 419.028133][T11949] syz.1.2053/11949 is leaving the kernel with locks still held! [ 419.035791][T11949] 1 lock held by syz.1.2053/11949: [ 419.041009][T11949] #0: ffff888021365360 (&lo->lo_mutex){+.+.}-{3:3}, at: loop_set_block_size+0x7c/0x480 [ 419.200044][T11958] random: crng reseeded on system resumption [ 419.224555][T11961] loop3: detected capacity change from 0 to 512 [ 419.235486][T11958] PM: hibernation: Marking nosave pages: [mem 0x00000000-0x00000fff] [ 419.255924][T11961] EXT4-fs: Ignoring removed oldalloc option [ 419.274922][T11958] PM: hibernation: Marking nosave pages: [mem 0x0009f000-0x000fffff] [ 419.295885][T11961] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 419.303572][T11958] PM: hibernation: Marking nosave pages: [mem 0xbfffd000-0xffffffff] [ 419.312100][T11961] EXT4-fs error (device loop3): ext4_xattr_inode_iget:436: comm syz.3.2057: Parent and EA inode have the same ino 15 [ 419.332734][T11961] EXT4-fs error (device loop3): ext4_xattr_inode_iget:436: comm syz.3.2057: Parent and EA inode have the same ino 15 [ 419.347229][T11961] EXT4-fs (loop3): 1 orphan inode deleted [ 419.355254][T11961] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 419.416618][T11958] PM: hibernation: Basic memory bitmaps created [ 419.436520][T11958] PM: hibernation: Basic memory bitmaps freed [ 419.453225][T11961] EXT4-fs warning (device loop3): __ext4_unlink:3336: inode #15: comm syz.3.2057: Deleting file 'file1' with no links [ 419.496352][ T5794] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.