last executing test programs: 4.851477729s ago: executing program 3 (id=2175): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = dup(r0) sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x58, 0x2, 0x6, 0x5, 0x0, 0xf0ffff, {}, [@IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0xe000000}]}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,port\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}]}, 0x58}}, 0x0) 4.771606745s ago: executing program 3 (id=2177): r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket(0x400000000010, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'bridge_slave_1\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f0000000bc0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000500)=@newqdisc={0x34, 0x24, 0x4ee4e6a52ff56541, 0x70bd2b, 0xffffffff, {0x0, 0x0, 0x0, r2, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0x2}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x4}}]}, 0x34}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000c00)=@newtfilter={0x2fc, 0x2c, 0xd27, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r2, {0xd, 0x4}, {}, {0x8, 0xf}}, [@TCA_RATE={0x6, 0x5, {0x3, 0x1}}, @filter_kind_options=@f_u32={{0x8}, {0x2c8, 0x2, [@TCA_U32_FLAGS={0x8}, @TCA_U32_MARK={0x10, 0xa, {0x6, 0xffffffff}}, @TCA_U32_CLASSID={0x8, 0x1, {0x7, 0xfff1}}, @TCA_U32_MARK={0x10, 0xa, {0x5, 0x4}}, @TCA_U32_SEL={0x294, 0x5, {0xc, 0x80, 0x4, 0x401, 0x1f, 0x3, 0x9, 0x0, [{0x10, 0x7fff, 0x7fff, 0x3}, {0x3, 0x7, 0x4, 0xffffffff}, {0x4396, 0xd, 0xec, 0x8e4a}, {0x5, 0x2000, 0x10001, 0xc}, {0x3, 0x2, 0x1}, {0x40, 0x370d, 0x1ff, 0x6}, {0x6, 0x12b, 0xd, 0x80000000}, {0x1, 0x6, 0x7, 0x1}, {0x0, 0x6, 0x8}, {0xa, 0x4, 0x4}, {0x9, 0x2, 0x6, 0xcc}, {0x80000001, 0x1000, 0x5, 0x3}, {0x242, 0x5, 0x4, 0x5}, {0x0, 0x429, 0x4, 0x940}, {0x6, 0xfffffffa, 0x1000, 0x10000}, {0x6, 0x45bc, 0x9, 0x5}, {0x200, 0xd941, 0x4, 0x7}, {0x5, 0x443f, 0x8, 0xffff}, {0x8, 0xff, 0x5}, {0x7e6f, 0x8, 0x78fe, 0xffffffff}, {0xfff, 0x401, 0x3871, 0x5}, {0x2, 0x7, 0x9, 0x5}, {0x8, 0xa5b0, 0x2, 0x5}, {0x4, 0x7, 0xb2be, 0x7}, {0x2, 0x0, 0x8, 0x9}, {0x4, 0x5, 0x1, 0x9}, {0x3f5, 0x5, 0x7, 0xfffffff8}, {0x3, 0x2, 0x2f32, 0x1}, {0xffffffff, 0x0, 0x4b, 0x7}, {0x0, 0x401, 0x0, 0x4518}, {0x6, 0x1c00000, 0xcc4f, 0x6}, {0x0, 0x0, 0x401, 0x2}, {0x9, 0xff, 0x38e, 0x179}, {0x6, 0x4, 0x1, 0x2}, {0x8, 0x2, 0xe0f, 0x9}, {0x2, 0x87, 0x3, 0x3}, {0x5, 0x0, 0xf, 0x3}, {0x0, 0x0, 0xc}, {0x1, 0x10000, 0xffff3bfe, 0x1}, {0x6, 0x0, 0x2, 0x400}]}}]}}]}, 0x2fc}, 0x1, 0x0, 0x0, 0x20000010}, 0x20000000) 3.493051036s ago: executing program 2 (id=2182): r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_int(r0, 0x29, 0x31, &(0x7f0000000000)=0x7fffffff, 0x4) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e21, 0x659, @empty, 0xfb}, 0x1c) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000080)=0x4109, 0x4) sendto$inet6(r0, 0x0, 0x0, 0x0, 0x0, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) recvmmsg$unix(r1, &(0x7f0000009600)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000240)}}], 0x1, 0x12183, 0x0) 3.341678009s ago: executing program 0 (id=2184): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$TIPC_CMD_SET_LINK_PRI(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010026bd7000ffdbdf12010c195250d6b9a18f37c5815fd0"], 0x68}, 0x1, 0x0, 0x0, 0x4000800}, 0x50800) 3.275018107s ago: executing program 3 (id=2185): r0 = socket(0x2a, 0x2, 0x0) getsockname$packet(r0, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000001000)=@newqdisc={0x24, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}, {0x0, 0xfff1}}}, 0x24}}, 0x0) sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000000c0)={0x0}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=@newtfilter={0x34, 0x2c, 0x605, 0x70bd2a, 0x0, {0x0, 0x0, 0x0, r1, {0x0, 0xffe0}, {}, {0x5, 0x2}}, [@filter_kind_options=@f_cgroup={{0xb}, {0x4}}]}, 0x34}}, 0x20044085) r2 = socket$netlink(0x10, 0x3, 0x0) sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0) 3.147744884s ago: executing program 1 (id=2186): syz_open_procfs(0x0, 0x0) r0 = socket$can_bcm(0x1d, 0x2, 0x2) connect$can_bcm(r0, &(0x7f0000000540), 0x10) sendmsg$can_bcm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000004c0)=ANY=[@ANYBLOB="0500"/16, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0xea60, @ANYBLOB="0000000001"], 0x48}, 0x2}, 0x0) 3.098660935s ago: executing program 0 (id=2187): r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00000000c0)='veno', 0x4) sendmmsg$inet(r0, &(0x7f0000001240)=[{{0x0, 0x0, &(0x7f0000001dc0)=[{&(0x7f0000000740)="91f8a98495", 0x5}], 0x1}}, {{0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000b80)="f77d2b5dd5f7d74f0748cf3d2cf218d644566a14103b1c7dd35fd2951bd022f10f2dc7f4ce0d8ac5f4abaca4b97b706153756913b7dd48248b5bfb10460019248bf238743fa2aeb5bef21ce832db670920dc5e911ef2ad63e849901d1001129dbacbfd4924d7545517fd18b5d2", 0x6d}], 0x1}}], 0x2, 0x2090) sendto(r0, &(0x7f0000001e00)="e1dbddc64b7dab55bda04bd80c87e8239d80ddea0085abca0b5db6d39a37d0d2a98c084306eda8f303b1a48c757f3751c22d466fbddecaef91be5eb5393784a3841576cf353ae3bee945908bac4d5bcd27647fd807428a84c9c9ff1ae3f2e4db0cb4522f3abe078737a5961f78083a7f67548ab1a878567d678aed9d87cfc0d404090eca33ad5e2cf08be8b5971ce05531389191a959e1f38a917f2b96c83c6d12028e906f7b6d9d2de308c24137c5959c2f92be55b961af4bfa58a493cb55b30b3c292ce89bc262ac2a2c1b79bc9f01957488210799d5b69b46200bbe11e4a160d6751ea166450221130e45c66c62cfe674f861d422a23d122ff49bf6bbdcc2f53053cebe5672a18e9884566afedd874b8d3c5d2ced1dd0504be650b56d974be89a1f5a03c73c2e9f88e6dce63e4aa23151af26773ae3078499cd1e9197250f9b1ff5de77e5ac18aca81eaf63284c4ccf0868f2c35a70f8b145bab572645f75870f9cbb988e04b0ac3c1570b4a83498e239da507ac0329cf1d7f2ed7bea2cc6da52afef27cc9064c8ff1134f3e9798bdc1126710761d59fe3c6418a8e7ee928d08b7ff7a0617f7650cbdf740476277bce7ea4d210ba", 0x1b6, 0x84c, 0x0, 0x0) 3.098304975s ago: executing program 2 (id=2189): r0 = epoll_create1(0x80000) r1 = signalfd4(0xffffffffffffffff, &(0x7f00000000c0)={[0x4452]}, 0x8, 0x800) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, 0x0) signalfd4(r1, &(0x7f0000000140)={[0xfffffffffffffff9]}, 0x8, 0x0) r2 = syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0x5885}, &(0x7f0000000340)=0x0, &(0x7f0000000280)=0x0) syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x4004, @fd_index=0x3, 0x0, 0x0}) io_uring_enter(r2, 0x3516, 0x0, 0x0, 0x0, 0x0) 2.879434226s ago: executing program 2 (id=2190): r0 = syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000200)={[{@dioread_nolock}, {@data_err_abort}, {@inlinecrypt}, {@noauto_da_alloc}, {@data_err_ignore}, {@nojournal_checksum}, {@errors_remount}, {@grpquota}, {@noblock_validity}, {@user_xattr}, {@noauto_da_alloc}, {@errors_remount}]}, 0x11, 0x553, &(0x7f0000000440)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==") r1 = openat(r0, &(0x7f0000000400)='./file1\x00', 0x143142, 0x40) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r1) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x5, 0x3, &(0x7f0000000140)=ANY=[@ANYRESDEC], 0x0, 0x110000, 0x0, 0x0, 0x41000}, 0x94) write(0xffffffffffffffff, &(0x7f0000000300), 0x0) r3 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$IP_VS_SO_SET_ADD(r3, 0x0, 0x482, &(0x7f0000000040)={0x84, @local, 0x4e21, 0x3, 'rr\x00', 0x1, 0x10000004, 0x8}, 0x2c) syz_emit_ethernet(0x86, &(0x7f0000003bc0)=ANY=[@ANYRESDEC=r0, @ANYRESHEX=r2, @ANYBLOB="e8ae2aada5b6531213e747421aa59a4a82aa3147730e9e3eba83969fc785026b21bf974f9dbaefc18fd87fd83f95b62c79201fc7fd27c09aff73de213b83a6148854557f331742f30f3192df491cac2ce42cc45367dd96633ee7ad4c55f3170d51a09fd4ab1d235775a8ac2828bdfac909a8d47ebe6df792e77c645c68200deed06211607175d7930bc5d25ef8eceeab3885e113c20e9b6ce294df526737c0b04af66be52a0e03629b7c4e185ff84e03f71fd1d46ccabdd1a4cbb73a2c96b03ec2741d2fa1e56a6d0b7c40a9b2b228503e9296c36efd4d8dbb75d26bba452f5c93e3d68a21e0a063d03f9bd99c3a3c716c24af4f0c6081ce613819c736ed3661c02e943d8d16cf7a8e35d4e315facf22a050ec7c6d7ff269bc9d05a9475972f967ed751085e239aa43985d9ba7d7e60a6c491d27476e20b7048c7b2b6402f94c604c3d083cc348025b1bb8c38a94ef1ba5d88d4b12a49c1972e80b897423acf3c2f426e59464c0c96eb2cefa1b24d0a05f765db12b9491acc6fe30c611d43ee0504e0e6f1912499931b334b409c962c5550de9fe4e55811ccc3f4373400a64d6510106c636398b4562b6e0e9f94f7ec9370208d663ee87dfe6652b412ad400692b131783af0339e1d2c2d07f0a1236312548dffd246f3a54f403889c382f67e7e13eed5eff8b7cb3a4065c9eee9dd9bd454db03b15a60293703f3bba562ced0aa7ed900903fd0127c76ff0059a76768a579d7488f5dfd57fffb7c85e541b0bcfeb83ff03768a0fd02ac82e2ae99ed065bb83508250f7b9a284f742c219eb531aece3dc4e569278d6871c16f6b37b4d9c3a5e67615ceccd4ce663dc002c2a82d8c9d085330266b7b001ba2a262f0e6e2e9df43c9af333a37b4c0452967f1d8ff15ff6c5fa6c1a55218446d7705cc800b80070160c96d9ad490c10d56f38afdeeb19aa8c1d159148914d5e1f8d90ed37480316556ea3cc9dca2d100336dd115dcf6ad7d6b3f38645fc87938d53ff249d0a11ff91d6f1a696215e361e389f1800079436a95172fb024619c662818826da9f6cc352af6c9bf75f488358c4d5af4d23b3b032da4a18099d10be589bb2a530e42979c2fcd3c0cfa5f27ea91c9b4ab438fe75cc166d604de1fb40617a107d6c496181466e00c417cb45fc34e97018fa6349910d7262f15b89e21fd0dffd565dc03f9c32e8afd761da0fa1e34de3e9dd0ecacf9cf5782b675c82ba47f1fafb4c2328b64df2b3f4cf734d07647280a108d51b1204c17d2ddee614aa9ffa6d6628fc3b7c1e0d698dd25aae00723b73551560053d7853cfdedc0864c5d35f0427ca83c3a7f69fc2b2abbb7958e894b13ce0f93d2afce9d263960b7dfb0a1e5aadb2bc45c788024785320cfab85a9f283d05ee58206fabe93b3fc7d492eb280202dd56147e34f8a6f417ce855d3aa38cedfc2ca0728989e9f8e05a16286d521453798526bb8796c8d1f7f0023bff826fb30e5cf741fc72000da2a168c2feb42fd27cd981de72f185a8b442e584dc99aa77644d884fdf46f97c77bcd1a29a238649d540b1f9cd22186485ccc91eda270bea6105adcfa535e5b0fe284affa67dc3597435ab3f5792d44eaa67144a199b0c05ca37a728b9c37dc3c5f93c7b314d105007c3586c9555b936d062dd576d67d44f30a38701e0759fe2645a76c5f625b7c1f14fbf6c9fd53f9d2bc26c40c6ff898700945449daf9057962ac75a37f17a31f6a7ded79c4ef1d76dfe310cf918a3cea9f11b30ac1f51c9da7b752d228b66728f6065e6f2c058596844cd8a90123d7e0edf600a19b4a89ee85652da5eaca90c336ff43f5e02d5686c20d6a195e4b637122e35cfd6f7a1d0ece7f83908fffa70dbd205c8918ee19962e00d787fb9ecc30d910102a2fe5ed87eece09470565c08517d011dbfe4ce1f0dcbf402a6770d3d46d89f0e4d4173b2201958a21b98dcc3bce8a7e70cc78f6b456f0a7f41c42c8789273aa7855c5f2222fa6a776c52919784f2cb9ed96b988958e0bf67165a2650bb4515566dff74614c0b282ae366a0f4480bfb112007a4c01bc73fb5a12d90f94cfbc1f5c621800a6faad7db432c0fbd5aa294aa13c8dedd5edafb3d915ffb9abf48690f23b421dfc5cf38db0cafef064e6da8ed2172b83eff855b8c40d9b0b7c89fb44d6c2fce4619fe912ab09064ba264b09df7405dfc34a9febd15399b0671bc732940dfb390ec9240097537b9f9152d67abe5ffb7004f1ac937de2fb73cadfb1640cb340129595e0293c2affda0a986ee8f4422d6d90556742c43eb9252bdb2b8429b64e744c24af2e8ae7c7bc34c599344787a9de9321204d08aa42940db97c6cc7be3cc859856beb3a6a84c14445213511d6ada6ea664152a84106fa17dc6d77b98348f36005160ae9095ebeb3b4b664b2289f75ccce189d05cd5415470492e8f5647e62b4b290773a1d7d53384ca7bfc76ee3666ab0e0ff8964f3fc6c50d51510464b950b3ce292be526264fc06f4df22547f478ed5e3a4afa69b0bf717ac5f25a47b70de7496f1aaeeac55cfdcc4968e3ac029a10240c2ad8ab928d4c36b8f978f146d75fe11fa23c2cdcbb71efaaedee30fd2970cfa20f9aff74a39827e1726dda1c54a8076d9b609497e032b35a856dd0b998aea636ac94e686de8da0878f2a8facc55e6a831a170e7c5589bcf5ad23c8ba6e07cfb40c47f9e0ece630b690b3f397abb7b2959560894c37fefbf34fe569fc63b3982d45ae44757cee55623e810258625c756d5d30e9d0f5b84dd8b27ae4158013bf918a150068bf58c43b4a1f39c4195e616bab8ae9a27d23fbc79f5bcf3e9b813bd1fb90e4a04ec5f774f3513ce0599652b585bdc068b715f2c63fe8beed4edfbec59b90878c310412c4b4d11d8e0938a0e0e8806479f440302bd7f3d593b8ca5a45c92d88fa5a2cbaeca5cafcada994bda1c05c99a668377581593606de1bc40f95f8b83ce688aff77f9c28304df986635d53d998f0d98973b6b38a985d0c4dfdbf32a9fca0146a2ef7314869b51a3897b8e2b59b3228433e3e7fd0888ce16e5d289954b215ed12fde6358dd759a70047d8294400f2f51a4edb9b906bf3e7c680e974c518c6f932143cbf83e79256c2b62bf0f4ace41f02dce4a76157db5eb8d1a1b148c23c8da7709073176229d7ca05a83f0791c4b419ec09b3c4bc22f72b6332f650b42a7d15e9c842822854d6f13fee77a4dcf8e4a0d948925e2caa87bdac7c3a952d62e67eec6d5f7377f4ed9f3f6c55307c73c87c6a5de63dc9795aeac2713dbec2b9e93e6fbf811fda00dee2d1cde7a102bb7e24a7b66393016358b7a3b638109b5f6b7689c685beef5791eaee3a7a1fde8ba7f7fdeaa5e31da93b58c0ae57bd8a5861534f6610fa42a64556bc186e1c6e589ee1b396dbdd4a03c53e44c1918d47287e5efb38b6701660ebc28eff65c6306e86dcbcead5658b00c976a3577329b8a48b1dfbc04976acbf9bef331b4a085df8f9ad8c9aa98f3c7f41fcf862c0d67b8b72bf896c0f360d1c3ac83cebb8c0c417c64a9d1eb43bd2d031a77f11ef38e77eaae4cf7dbda65c68daa9c1f892809deb28790839adac7f8b086f1f849dbb1958e6390318ca94b68e07fc2a09ad2466221b34569fe84389f707ad31ca8256993bcc8db8b47c2002e3d8bb566efb276040dce5060f1b505e75811ab3cd5dcb41518175999b089f745afaab6d2973f97953745e3cc8af44ab3d3650af8acb02ac0f90b9bbb2bcc37226e2db39a92fbc367f98927e2759e58efb709f9b8545f617c88559cd5961d78af39883e0041e2a33b05ff4e0556ebd4e3125fa5786b7a1acb91d7e5c581306b385872dd4f6310c19912efed3af4be2d4b90d99af65c446a9716227a4bde3124557b8d8b4da175b09a3ceb0fd093c98c2ee8b97f1d63f6bd5b229c331d3ac8b9479d07980a955f02bdd98f9c06a0d289a432e5a9335bdaa46971d3db5c8bc943fd54dbf9b0f794aa0395bc31eab7921701447d89edc516f60f3c98cc4c9b64a6d60c20d5571d1131b4d55b8966c793943fa0f3bee4cbeb052de55c6ad499243a53467c1092a7139c425f25bbe2bf93549fb17a627a7bea15c5fd161cc9b3c263899dd76bd05ba4775748bfb16a2ef863dcc10a44d7768f27520bd0852004734e66ddd416c832648b196ed2c1030ed623ae2ab3c391915ba8a9f26e9bb65135d14e01c1335d2a6952d53b01b69023c30afeedd48db2cb4bb647be47d65e4aa8d88190fc9b21d82339e485316be809b2d160a96fd9a46675f848802cae9b47953f8aeb11996579c70d95c8fe6ae0639378c5ef074d0f3d30e94b6fa94ba09e0bae836326275dd3e1aa34044aad85e57f91480d146215ce6f4d613f8e52f2de1873eaadd84c4579c1687263e66ab7905881a9f08421f45aab891c63224355412d5a21da4d13381cc5b9b7b575eff5af511cfaea48645a7e68b92aa5ff57389c0b0c451f842afd5cb25c477932801b4dfc51e40460f403f5b5383410143af93c2f26a15886713499ec9325205c3176d51a5a96787910eca4e679a330c86c718d061bd358e1865ad138e0dfffd63b16aa9bf9b4b31cb9d00d552a5be0d6ccd25c5ae5791ca17f10ae8eb3bfd0d63a5bfc93888f8b8aa4ef81399fc23a1216f1f572521af8d7602b9719b10e37ce21f5771c8851da809a04ef94929f7dbeb3fc10decbd138bc46b0200eca0c3b5ce4305ebb473f5cfe1c73a23e88c0567e968bb719d50cd59862139b8ef98a4c3f6ee6cc6a476ca41cf5a03c372c9b1ea6f3a57049a02eb1889eb7535d5952abff28e427cad18d0773707f12c13f3b9b80d26bbef34e71d6d4095bff186c4ed6d7da0edab30c50c29971f01442c188d0358f1b8fe4d26e14e9c80115377a1d8fa98af29cc06ec7a5076b3d1f9f1a78718b30ca9b1f6da102891bb8004128d8c8ecab2c14e1a5dd5dbb5bf244e6feddf61c9ffee91e25879c1eed058484ac731b9230ebdac037b6836178e5afc5e0cf8056063ecf3b0a6663a252e7540c52fe950b1515c829208ccebc6901773fb3a37cd374832b586a8a131dddc47e4279dda1344ee7cf2bcdb9a5b66f01fbe656884411ab2ed9374ce82bf81ff4a6dc230df1c266903e988a7e6caf4cd89993c779a6eadab67bfbe5227e3d826f7749cce58979876738f90f8f25fe97dbe83ca8c90be7afc6ffd65e34b33ed15460ccf533764916c7eb404b5b9648f9d7bb3c899bdd39dab8275e9daa290eeeebb18cc5356f4afd1f74119ec2f236de12acae53dd3fd2fecc2fe6e23904b84f8802d946cffe5170e02ba81a47e966e38a20b96bdec8102537272126b56188a8b8a4912e68007627ddfb3af239e88022e2caccb8cc97469b6d1b0161904cf49602d232fb012bc1ccdb4919c172df748f07cdddbf93c7018ca22bd3fc796e55174a3a580fb379b7ea1f2f251d2da6ccfdeb19989e5aa46e16ab42a4a4ea6b14d71d90bf96275e7e6d97c261c6c862d0e7a12e46ae6d1018b46c1290a37355dccad3e24aa20f47d8e041d2f45dcfb3084261f409d94a943d75a835f4ca483b7caeb7dab238d415e0280e824705bb32dfb27382e98d5bb20cc4cde1b05d10e3f85c8556a4b6c5db3c1097126ebb31c71ebf1b12de17d3dc62e06d591430405b80fe217005f10fdc68c726970173f9bc853752494204d250d0cd2fd36a29e11bf2c2e2a28cf842b6a22f0fea3371e95ed378ccfb662a0ead8f91a7c2dd991713b091482a34ea48661249283d79c91697a831b5a1ecab6c9c5c9c67fc212925f5c009b6d32d54aca94c83d2726fc61ba9fcd549e16b7a6b284be40a76e3817f268d64bd3cd2ccc83a6ac5b83bad81454368352e7c85431d722fcede3203a5ee1ed2bc6c1baa3d8e60dd90ccb0a46de77a7ee32534c3f3be700e9a8eaaae214a8ce5c10f0135cf2f21a352c4595fb5f78f1e18ad03666c2eb9b020d0e6292e2e6db0a5f29c830791297f498e2654efc3915d53ca196668935ce66e28cefcf77c3fb6fcf54627388dd9981f3e858b1b6798a8702eb5b03a05ca7e1f2c28c58c816a465e87dd9af83dcf2a49c09b99599a9f05b951a08b5df1d33de67e122", @ANYRES16=0x0, @ANYRES8=r2], 0x0) r4 = socket$kcm(0xa, 0x2, 0x0) sendmsg$sock(r4, &(0x7f0000000400)={&(0x7f0000000580)=@in6={0x2, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @broadcast}, 0xfffffeec}, 0x80, 0x0, 0x0, &(0x7f0000000000)=[@mark={{0x14, 0x1, 0x24, 0x3}}], 0x18}, 0x4840) 2.827519437s ago: executing program 4 (id=2191): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000240)={0x1, &(0x7f0000000000)=[{0x6, 0x85, 0x7, 0x7ffc0003}]}) socket$nl_generic(0x10, 0x3, 0x10) r0 = timerfd_create(0x4, 0x80800) r1 = syz_io_uring_setup(0xbdc, &(0x7f00000000c0)={0x0, 0x5edc, 0x1000, 0x1, 0x40000333}, &(0x7f0000000000)=0x0, &(0x7f00000001c0)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r2, r3, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0}) io_uring_enter(r1, 0x847ba, 0x0, 0xe, 0x0, 0x0) connect$inet(0xffffffffffffffff, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x1d, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x4, 0x40, 0x7fff0000}]}) 2.827226597s ago: executing program 1 (id=2192): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_SWAP(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x34, 0x6, 0x6, 0x5, 0x0, 0x0, {0x1, 0x0, 0x7}, [@IPSET_ATTR_SETNAME2={0x9, 0x3, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}]}, 0x34}, 0x1, 0x0, 0x0, 0x4000000}, 0x10) 2.584387273s ago: executing program 3 (id=2193): socket$inet6_sctp(0xa, 0x1, 0x84) socket(0x2b, 0x1, 0x1) socket$key(0xf, 0x3, 0x2) syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) socket$kcm(0x10, 0x3, 0x10) socket$netlink(0x10, 0x3, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000680)=@base={0x12, 0x4, 0x4, 0x12}, 0x50) socket$nl_route(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)) socket$nl_netfilter(0x10, 0x3, 0xc) socket$inet_udp(0x2, 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x6, 0xe, &(0x7f00000008c0)=ANY=[@ANYBLOB="b7020000000d0000bfa30000000000000703000000feffff7a0af0fff8ffff1971a4f0ff00000000b7060000080000006f6400000000000045040400010000001704000001000a00b7040000ff0100006a0a00fe0000000085000000be000000b70000000000000095000000000000009e17f199a68b06d83298a8cdc21ce784909b849d5550ad857d0454d8877a6db61d69f2ffcaa10350e11cb97c8adf1bc9a0c4eeceb9971e43405d621ffbc9ce000000d8ca56b50d0c010d631f6dde53a9a53608c10556e5734eb84049761451ce540c772e2d9f8004e26f7fcc059c062234d5595f6fbaa187b81d1106000000000fd60000fd9ac3d09e29a9d542ca9d85a5c9c88474895d679838def0a83a733dc6a39b63a5ed69d32394c53361d7e43c5cbd80450f859ce8122a79c3e40000b59b0fc46d6cec3c0802882add4e3179bd4a44f231b6d753a7be428ba953df4aece69311687f4122073a236c3a32efa04137d4524847d2638da3261c8162bb7c7824be6195a66d2e17e122040e1100000000928612a29fc691e4f1f7bd053abb885f39381f1759410b1059f05684261f332d606834669b49ec99320ca7712d7e79bd5bf5ed818ecc7640917f6a559a47db608fcf9f6c131b84e41c354c66838f72b9e12d36e996f316f0812ca83efb30c7f6c6d57c4a64590401eec22523dd712c680013e87f649a1ede7142ca9d5d8a8c9f9b440fe4331ad5532c74d9a31a5d737537f7a2caa30581253d14dd3e92af7dc836686365ae01bdec561c0402b67801267a8df97d2f85426a5963d4fa3e26cc05972c162f223f000000d999e80de00fcbcc02d0aed7bb8f7ba337d59c14f39dcd4aad4139ef6425a9367f1bd1467fc6b95a4df7669839771ce9d5788029901e5a79d8b9990ace8f74087f25ad50c46088000000008000"/686], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x3a, 0x10, &(0x7f0000000340), 0xd58495bc, 0x0, 0xffffffffffffffff, 0xffffffffffffff5b}, 0x42) socket$nl_route(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@base={0xe, 0x4, 0x4, 0x1, 0x0, 0x1, 0xfffffffc}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x14, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000100000000000000000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000007000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000fcffffff7b8af8ff00000000bca2000000000000a6020000f8ffffffb703000018000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r2 = socket$inet_tcp(0x2, 0x1, 0x0) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000480)={{r0}, &(0x7f0000000280), &(0x7f0000000000)=r1}, 0x20) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'syz_tun\x00', 0x0}) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000002c0)={r1, r3, 0x25, 0x2, @void}, 0x10) syz_emit_ethernet(0x11, &(0x7f00000005c0)={@remote, @random="001a00e100", @void, {@mpls_uc={0x8847, {[], @llc={@llc={0x42, 0xaa, "d4"}}}}}}, 0x0) 2.518201431s ago: executing program 4 (id=2194): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$team(&(0x7f0000000100), 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000040)={'team0\x00', 0x0}) sendmsg$TEAM_CMD_OPTIONS_SET(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)={0x60, r1, 0x1, 0x70bd27, 0x25dfdc03, {}, [{{0x8, 0x1, r2}, {0x44, 0x2, 0x0, 0x1, [{0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x1}}, {0x8}}}]}}]}, 0x60}, 0x1, 0x400000000000000}, 0x48090) 2.45600217s ago: executing program 1 (id=2195): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1, 0x10012, r0, 0x0) migrate_pages(0x0, 0xfc, 0x0, &(0x7f0000000240)=0x1) 2.136035883s ago: executing program 2 (id=2196): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r2, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}, 0x1, 0x0, 0x0, 0x800}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001300)=@newtfilter={0x34, 0x2c, 0xd27, 0x70bd25, 0x2, {0x0, 0x0, 0x0, r2, {0x0, 0x1}, {}, {0x8, 0xc}}, [@filter_kind_options=@f_flower={{0xb}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x881}, 0x0) r3 = socket(0x400000000010, 0x3, 0x0) r4 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r3, &(0x7f0000006040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000006100)=@delchain={0x24, 0x65, 0x1, 0x70bd2e, 0x25dfdbff, {0x0, 0x0, 0x0, r5, {0xffff, 0xc}, {}, {0xfff2}}}, 0x24}, 0x1, 0x0, 0x0, 0x8848}, 0x20044002) 2.068600281s ago: executing program 4 (id=2197): socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$sock_buf(r0, 0x1, 0x52, &(0x7f00000017c0)=""/4090, &(0x7f0000000100)=0xffa) 2.001138219s ago: executing program 0 (id=2198): r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000000c0)=0x1, 0x4) connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10) setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000100)=0xffffffffffffffff, 0x4) sendmmsg(r0, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000800)=[{&(0x7f0000000200)='V', 0xfe75}], 0x1, &(0x7f0000001b80)=[{0xc, 0x1}], 0xc}}], 0x1, 0x4044044) r1 = syz_io_uring_setup(0x1327, &(0x7f0000000300)={0x0, 0x7303, 0x10100, 0x0, 0x2}, &(0x7f0000000180)=0x0, &(0x7f00000001c0)=0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3}) io_uring_enter(r1, 0x2def, 0x4000, 0x0, 0x0, 0x0) 2.000937619s ago: executing program 1 (id=2199): r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0) write$UHID_CREATE2(r0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0b00000073797a31000000dfff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a30000037b35f0a000089b4c45a10000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a3100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001"], 0x119) poll(&(0x7f0000000040)=[{r0}], 0x1, 0x101) write$UHID_DESTROY(r0, &(0x7f0000000200), 0x4) 1.752461384s ago: executing program 0 (id=2200): socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$inet_msfilter(0xffffffffffffffff, 0x0, 0x29, &(0x7f0000000080)=ANY=[@ANYBLOB="e00000027f000700000000000a"], 0x18) r1 = bpf$MAP_CREATE(0x0, 0x0, 0x50) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r1, 0xffffffffffffffff}, &(0x7f0000000080), &(0x7f0000000380)=r0}, 0x20) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f00000001c0)={r2, &(0x7f00000001c0), 0x0}, 0x20) 1.680620631s ago: executing program 3 (id=2201): r0 = epoll_create1(0x80000) r1 = signalfd4(0xffffffffffffffff, &(0x7f00000000c0)={[0x4452]}, 0x8, 0x800) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, 0x0) signalfd4(r1, &(0x7f0000000140)={[0xfffffffffffffff9]}, 0x8, 0x0) r2 = syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0x5885}, &(0x7f0000000340)=0x0, &(0x7f0000000280)=0x0) syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x4004, @fd_index=0x3, 0x0, 0x0}) io_uring_enter(r2, 0x3516, 0x0, 0x0, 0x0, 0x0) 1.540140886s ago: executing program 4 (id=2202): r0 = socket$inet_smc(0x2b, 0x1, 0x0) setsockopt$inet_buf(r0, 0x0, 0x26, 0x0, 0x0) 1.488244566s ago: executing program 0 (id=2203): r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000080)={@empty, 0x7, 0x0, 0x2, 0x3, 0x0, 0x800}, 0x20) socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$kcm(0x11, 0x200000000000002, 0x300) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0xe, &(0x7f0000001100)=ANY=[@ANYBLOB="b7020000b96871dfbfa30000000000000703000000feffff7a0af0fff8ffff1971a4f0ff00000000b7060000080000001e6400000000000045040400010000001704000001000a00b7040000000100006a0af2fe0000004f850000001a000000b7000000000000009500000000000000455781a5feee5e1ce784909b849d5550adf200000000000000b61d69f2ffdaa10350e11cb97c8ad51bcda0c4ee6d9674c77404ceb9971e43405d62de53a9a53608c10556e5734eb84049761451ce2e2d9f8004e26f7fcc059c06220002595f6dba87b81d1106fb026cce67a66afd9ac3d09e29a9d542ca9d85a5c9c88474895c679838def0a83a733dc6a39b63a5ed69d32394c53361d7480884bd6fee53f5b2e7b91c61ced1ebad000000000000e8122a793c080a882add4e1179bd4a44f2fcb6d753a78845d8363e0401861abebe428ba953df4aece69311687f4122073a236c3ad198e3f3a532efa04137d452ff47d2638da3261c8362bb7c7824be6195a66d2e17e122040e11e3bd4a69fc6e8d9f7043e09b9e10dc7777bfae5884e4ba1e9cc4a2bbe99e30810400000000000000d63d716c0975e1ce4a655362e7062ff6ab3934555c01840219829472adefa06d3482c7b2711b98eabdca89b77efd13e6dba4a431ce47911834118093b6cabaa17a57727474e1785ee234835088445aa4a9b677d3d342640e328504aea02a2d727e62b7f097a02dbf8fe1d704765de7482040b2fc3000000000000000008947baeaaf954aff687deaa2f804924600273ee26d8115cbca081a14cba24788779291745083fccdddc90d7af35c048d46362ea0d8d79c79ddca066da478c197d4a550470557bc99cca336bd88cd28a5ee651627e3a6fbf6ea53b95ddb64c69c7d8d2f4baddc239828760459564124bad68209d2a1d16ad085886c017679cfcda8b10700ac1e2bcc5ede5b5687aa418abfa29acd7339e73b2cd185c9eb5fb34fccd20ffa155b16c0c309ed6f6663677df37de0ec0d0f548b273940be5d1fe0bae14d1a76bf741330dacd9cc19c0163bcc93059e8d2d120ea257bba458ecd989cb3581a3f270ad48255ac0dad4923e3e357e4e90583ce8d43ec65ed491d87a51d7c13f665dcf772e3ead71112008b16b0ea821f70aee1ccbd71c5a1c21e87d5b7b73d356337dbcf3456ff6cd0d6b98a258e3509a7d15b9dcae4d0d750ffa07909c955e718585b2456308beda2fa03bb9bcf03cdff31ee4b1665b987829c0f0872c006c6e4ed666fe23b343aae943923eedbdb0e7abee90e3da7b98b7d07d2d4816201ad1737798635b0a3ebd3aed120e4500c16e6c9dc729f009db49c6b8b19613e4d792cb4ff5106419291d4222980b49ddb9527ce785822d8f4e2bc30a96767f500b9e26e3b12854da63083320d8bfe49d85e0842803dc59d6375bce2b8a93caf39c0ba767880bbb9bf9407e6a6c0f9a43d1ab51dabf9423b482e848fbe1653ff0c6161fa43543546ce17a42e6cddadaf0767d84407478ffe2d0b567d81201efc81e800d4c0874235ff5cd7f5f0ee71cc2b0193bfc9290627ceaeb0b02931a817688f3a51fa2861e70cbab50a5d434ed8d8841694dba46f3d5a95ae86e4d471684ccf427b2ba53a157b2a7cf7a4c10051bb77822190a14c2ab1f271a7cf9c240b99"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000340), 0xfffffffffffffe19, 0x0, 0xffffffffffffffff, 0x54}, 0x42) setsockopt$sock_attach_bpf(r2, 0x1, 0x32, &(0x7f0000000040)=r3, 0x4) sendmsg$nl_generic(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)={0x14, 0x29, 0x9, 0x70bd27, 0x0, {0x4}}, 0x14}, 0x1, 0x0, 0x0, 0x4042806}, 0x84) 1.378731947s ago: executing program 1 (id=2204): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000840)=@newqdisc={0x34, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x4000000}, 0x20040084) r4 = socket$unix(0x1, 0x1, 0x0) r5 = socket$kcm(0x11, 0x3, 0x0) r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) close(r6) ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast}) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) r8 = socket(0x400000000010, 0x3, 0x0) r9 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r8, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000b80)=@newtfilter={0x87c, 0x2c, 0xd3f, 0x30bd2d, 0x25dfdbfd, {0x0, 0x0, 0x0, r10, {0xb, 0xfff3}, {}, {0x8, 0x300}}, [@filter_kind_options=@f_basic={{0xa}, {0x84c, 0x2, [@TCA_BASIC_POLICE={0x848, 0x4, [@TCA_POLICE_RATE={0x404, 0x2, [0x6, 0x3, 0x5, 0xfffffffb, 0x6, 0x6, 0x2, 0x9, 0x6, 0xb04a, 0x3, 0x7, 0x9, 0xca2, 0x3, 0x9, 0x9, 0x3, 0xaeb2, 0x6, 0x81, 0x2, 0x8, 0x1000, 0x2, 0x6, 0x2, 0x7, 0x0, 0x9, 0x8, 0x46, 0x1000, 0xd47, 0xc98, 0x4, 0x4, 0x8, 0x0, 0x2, 0x80000000, 0x80000000, 0x10, 0x0, 0x1, 0x80000000, 0x0, 0x6, 0x9, 0x3, 0x8, 0x4, 0x23a2, 0x80, 0x1, 0x4, 0xffffff80, 0x5, 0x6, 0x6, 0x6, 0x4, 0x6, 0x8, 0x372e, 0x9, 0x1, 0x0, 0x2, 0x1, 0x5a, 0x5, 0x80040001, 0x4, 0xb6, 0x7, 0x99fc, 0x8, 0x5, 0x3, 0xffffffff, 0x4, 0x3ff, 0x400, 0x0, 0xea12, 0x4, 0x720, 0x2, 0x118, 0x6, 0x101, 0x3, 0x1, 0x6444, 0x28, 0x10001, 0x1, 0x87, 0x23, 0x1, 0x200, 0x8, 0x2, 0x7, 0x10000, 0x2, 0x8, 0x200, 0x100, 0x9, 0x1, 0x1, 0x9, 0x8, 0x3, 0x100, 0x1, 0x7, 0x8, 0x34, 0x9, 0x7, 0x30529d92, 0xea0, 0xfd, 0x0, 0x400, 0x2, 0x8d1, 0x3, 0x7fffffff, 0xdaba, 0x9, 0x5, 0x5, 0x3, 0x81, 0x8, 0x4, 0x8, 0x2, 0x5, 0x5, 0x80000001, 0x3, 0x8, 0xe0eb, 0x461, 0x9, 0x2, 0xffff73b1, 0x23f7, 0x40, 0x7, 0x9, 0x7b3, 0x5, 0x1ff, 0x7, 0x80, 0x8, 0x4, 0x400, 0xdb61, 0x6, 0x4, 0x7, 0xd4, 0xffff6a88, 0xe901, 0x5, 0xe, 0x1, 0x5, 0x9, 0x1372, 0x800, 0x72, 0x8, 0xe, 0x7f5, 0x2b, 0x25, 0x6, 0x6, 0x6, 0x100, 0x71, 0xe, 0xfffffffd, 0x60, 0xc, 0x5, 0x2b, 0x6, 0x2, 0x3, 0x7, 0x3, 0x9, 0x3, 0x4, 0xfffffc00, 0xfffffeac, 0x6, 0x3ff, 0x101, 0x5, 0x7f, 0x3, 0x1, 0x1, 0x400, 0x7, 0x0, 0xdd6, 0x4, 0x3, 0x35, 0x9, 0x7, 0x3, 0x1b9, 0x2, 0xc572, 0x33, 0x7, 0xb6, 0xf1, 0x188b, 0x4, 0x5, 0x5, 0x3, 0x80, 0x3, 0x2, 0x0, 0x3, 0x6, 0x7fff, 0x7b, 0x5, 0x9, 0x3, 0x942, 0x4, 0x3, 0x7, 0x7, 0xa8, 0xfff, 0x6, 0x1000, 0x9]}, @TCA_POLICE_TBF={0x3c, 0x1, {0xfff, 0x8, 0x5, 0xff, 0x73, {0xf, 0x1, 0x436, 0x8, 0xff81, 0x4}, {0x3, 0x0, 0x9, 0x6, 0x3, 0xc11}, 0x5, 0x8, 0x7d80}}, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0xcb6d, 0xca, 0x351, 0x122e4b0e, 0xfffffff1, 0xb, 0xffffc33a, 0x4, 0x79, 0x0, 0x9, 0x0, 0x8, 0x1, 0x29b01c17, 0x4, 0xfff, 0x4, 0x6895c422, 0x2e7, 0x3, 0x5697, 0x0, 0xffffff13, 0x400, 0x1f, 0x9, 0x7, 0x7d, 0x7, 0x7, 0x1, 0x8, 0x2975, 0xc5, 0xf, 0x1, 0xb09d, 0x1ff, 0x101, 0x7, 0x18fc3c8b, 0x5, 0x6, 0x5, 0x2, 0x1, 0x2, 0x0, 0xfffffff7, 0x9, 0x9, 0x9, 0x3, 0x1, 0x6, 0x449, 0x2, 0xf, 0x0, 0x3, 0x5, 0x4, 0xff, 0x80, 0x8906, 0xd, 0x8000, 0x7, 0x5, 0xffffffff, 0x9, 0x5, 0x8, 0x7, 0xffffffff, 0x7, 0x0, 0xcf28, 0x9, 0xd, 0x5, 0x7fffffff, 0x28, 0x3ff, 0x40, 0xff, 0x8, 0x6, 0x5, 0x28786a93, 0x9, 0xfffffffb, 0x5, 0x7fff, 0x5, 0x4cf, 0x81, 0x2, 0x9, 0x9, 0x6, 0x4, 0x1, 0x0, 0x1, 0x0, 0x9, 0x2, 0x3, 0x9, 0x3, 0x4, 0x8, 0x1, 0x6, 0x7fffffff, 0x9, 0x5, 0x9, 0x4, 0x5, 0xfffffff9, 0x0, 0x400, 0x1dd0, 0x200, 0x2, 0x2, 0x7, 0xff, 0x8, 0x0, 0xffffff80, 0x6, 0x4, 0x1, 0xfffffffa, 0x5, 0x7fffffff, 0x2, 0x9, 0x1, 0xd, 0x8, 0x6, 0x10001, 0x3, 0x529a, 0x40, 0x8001, 0x8, 0x5, 0xe, 0x5, 0x2, 0x0, 0x1740000, 0xe153, 0x234e, 0x2, 0x401, 0x96, 0x5, 0x2, 0x3ff, 0x8, 0x5, 0x6, 0x5, 0x80000001, 0x9, 0x2, 0x8, 0x5, 0x653, 0xe3, 0x0, 0x1753, 0x6a7, 0x9, 0x3, 0xbc, 0x8000, 0x2, 0x7, 0x7, 0x0, 0x3, 0x6be7, 0x2418fe41, 0x0, 0x39, 0xb, 0x0, 0x4, 0x10000, 0x293, 0x10001, 0x3, 0x5, 0x3, 0x5, 0x9, 0x1, 0x8, 0x6, 0xd, 0x8, 0x4, 0x69a, 0x1, 0x0, 0xfffffff8, 0xb, 0x5b453d30, 0x6, 0x0, 0x3, 0xbfa, 0x7ff, 0x7, 0x80000000, 0x0, 0x9, 0x3, 0x32, 0x0, 0x0, 0x3, 0x0, 0xffffff1b, 0x7, 0x2, 0xff, 0x5, 0xc558, 0x10000, 0x81, 0x2, 0x3, 0x2, 0x6, 0x5, 0x9, 0x2, 0x8597, 0xa, 0x9, 0x9, 0xc834, 0xf15, 0x0, 0x3, 0xffffffff, 0x8001]}]}]}}]}, 0x87c}, 0x1, 0x0, 0x0, 0x10}, 0x0) setsockopt$sock_attach_bpf(r5, 0x107, 0xf, &(0x7f0000000600), 0x56) sendmsg$kcm(r5, &(0x7f0000000000)={&(0x7f0000000380)=@xdp={0x2c, 0x0, r7, 0x3e}, 0x80, &(0x7f00000001c0)=[{&(0x7f0000000180)="27030200000214000e00002fb96dffff1144ee163cddcb000000800000827600000000000000", 0x26}, {&(0x7f0000000780)="f058050000007f8f", 0x300}], 0x2}, 0x5) 1.378154407s ago: executing program 2 (id=2205): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) r1 = socket$kcm(0x2, 0x3, 0x2) ioctl$SIOCSIFHWADDR(r1, 0x8914, 0x0) write$tun(r0, &(0x7f0000001240)={@val={0x8, 0x800}, @val={0x7, 0x0, 0x1, 0x0, 0x14}, @ipv4=@generic={{0x5, 0x4, 0x2, 0x2, 0xfbc, 0x64, 0x0, 0x8, 0x88, 0x0, @private=0xa010102, @dev={0xac, 0x14, 0x14, 0x1a}}, "3297e3ba0fa8a2e71bd9fe1a399b5110420b70460c0dad392d66248a43540df968e7fcaab34569c0e36170578c0d3c546a98b26295e2592f360905866eb4720fed00100000000000005629fd6ccec64f13a999f18f518e3ee28798381975e862f1db9dccdb2f1c1fb60f5ffc7a339d40a8bd1f24cede8a32f186f142e194d4fb48224759faf813ea80e6a853e79b4fe27fe3e1aec5897b314a7f0d515b07b1835986b4885e9826d902c40f16cd77c58b6433ab039955ce9db11f36f459e7114ace6c9989eecea80a81fd39f339356c7c3391af83da2486503a7973f6db4806cf3e5ca94cf7e1f79fd00decd76100c18251a59d1474caabf4d3ca6a9a9885df710e68c5b0dc11832dbb5eecb5c88c2f8f02bdbd88569ad4a740359cbca8c378118220d73bdd1e661c3a74f77aa931b11cd38119b0f084bb96e84803fca6566c33ee1e4e34ab0253fbf24f9f5974af5e1fc2a43a4ec9dd9928a8f38a128ea27c429300ae5a6bd7740471f973d8224b2b07879f4fbe7dcbed776a72ebdc713bcf1d7aa45b01c32a1003e6670d58510bd79ba2fde5cb2b82cef2cc315648f4e9d96d848ba327949b8926253cbdef6888a8982108b6ac7a1108533dd3fe125002e2e286362d1055082a9d73ec5ac3080f2a501ff27250b62c8965f371cf92b32d6422d79f66261eb08a2f8fe50049e102c69ce703d116d0834208cc957d0f1376457a90245816d7642412897fdd2f982fdfbc3af65aa0446b00c767b79aec40e460887ea02188e3a0960eea39b144859467b881978378c9fd593259e0f63148179fe2c2f6d40987b63a6e384e63027f03d8039d707522942d5dc88fd842524d006290b6a65e9cc86cc5b401a60ec4aedfb3bf4d0447bb681810a16b9684b72c2f4593ef834a0203e78cd1d9dbc978e9ae8f3ab62c07f1e41d59470decee7b0cc41ac49e4b75a9ab6da65849f62ec217bb39ed161e7d337822d96badbd74d66451ea9a74bed591dc9631bf639dcf7846ee428a9fa55bfceedf3b1c23642f3b58dd0a7273664c6c49c9160a4b9c0200000010e305b94e2cb09ae1d4af9d365b5093851f229c8c30aef75d45ccdbab4b86d801a9ad3b27f26ba601d531c0743717aa7aae29d37f496fec7682c5a1abd321ad61941a2d23fcac6af1d1875e308c8d8c64a5152be47b59c09d293f46b857310a99f1885f0a49d432aa0d39a3e8fc885e75e66b63215133175a19267c8d0adf7d8f644e742ed5369d1405e99e63b78727f135e0243f24d9ce354a1562102ee8de4c191508343b86bf7e7519ddd770ce55e17e590561b2f437194c97ad46622a6ae3dd68d9993e6744954f4cd308bd6594fdccedc578e80aed274a65219697229059723ac37d535cca0e9c314e7941b4160bbd2ffba71f26ffe3228431bc81463078ad70583277ef18bce23ca2e5b9a00670956ea8e0e2c739c006106c8c9ee3f92ba728d8490742b74a9a18cbedfc4e69bb87e0da4c7dfb964374c28c837d4641fb99a19b233675f8526af395335e0185cf3934805442ac379980b687a7128e53284ba9e741b5fe9bc969bfbd55cbce76842915e076e2adf844338d16d3802c681bafdcc60465bd34dfc2d1c069ceee40060e0570fc1275ccabfe3f9be3e84ceedf72cd649c082232008e2b0c94594588c00e0fe911bbf1c12eb6c37ce05674a7597feecf27f5e051ffa824d9616257a6fa9a84c77562aa2cf897f55a97b79c18544ad03480e1011b8f93e0ead9c2c6672448f585c5803ae99be777fbc662ef4450c1e936ed8b3c8047f00e72adc84561f417f8e5e1dde4967005d96a64fc75d9f486b3ebdb5904a0a56ec48542f0efce939f66fd69259e7376ad37e84434ea90f35b2d3bd63b5c36b267d8f2c7dc5a50b46e00ed086dff8b039e07b84c60611269d4f282ad04dc8e0b481eece2f8a614734be73617f0ad5be195446b09dca4cf1f32653dd3e188aece76f3014deb2ba61744835c0f735234b6a4637c948a7b4fd4203b286ca87d669e325d70277075b094f59eb1dff6c9c05c40d5e464c563df79486e1a32e6ed9bcf675aac7968b4e98dc4e210215b0d3b6a2525b2e3df11f3f1490eb39cbbffbe32e23659121fde8e4e346e0f595aaf3666a5f6f118c1a1128039502ac04c40b85eb4c54e6c95b8060000000000000055ccde9d54d5d833293f5df09224482179e5bcd8e227c9eaacb5793498be490de32baba49172a6e14c2cd4e6462ceb0a905a1d64804840ce62e350c6efac10a7fcb029f84af64e2256d45afd3b3f59379895740e0cd2fd24c63264f785bb6e3f40ec72ed67d1a7d87dd264743d9c951cb5aa8bc6f1d1bc9b23303d5aa7f8f6f961326757456057000cb2bacf78cc229002777e932c2640b8dfa793846ca49fa93996db95104a8808a1906b19df17e754b90582b6c49efb3ddce067dd9292291cfd2bb0323ce8098f29e4fce0de31cf5c7e2e2da5d0d0996a8be776de8fecfd3ce68e80d21f1701f6b90ac51278abbd727d19411e0ebe001b990b177b8db0c592b18a4b5e4a6221902362e5b20e6e6f2131a5a5e03c1150b179ef40c933c2fef1b79de738652ec4c32565f5cf751a11db177099c4e2e5bd7616cd0dd501d5bfccf5691de3cca590365328648baf8a9487a3c212193c9bb837594460967e823067a9465eba7001eaf609a810488ef5c147aaa5e9e8c75b585ac3582b6915e20b5aa2f79b7a94857122988c56dbce1ea52de1a56652e839bb853be3ee16052b33fb83ca54d8e4e19440a5e81492107043a66286f63ca87a1f7b8a4e9547a7eb6005419cfd28cb37e9e374f4d0143973286e870707b0c7f64860b854025c1a6fccfdc6858eaca8c35ecb19584ce7141cc79a5bc813469161b87a19fc21f3373d1f25b3427916dd1be2a589b70ea3b39fcc7801e13beaf19b76164faf3dc4ab8faa5648d24eddd6caceaa0d5ac9cad633c19a4a4d059ee823a49b7cf82c5777d376c111f58ea8fd473429907852301a2c856f27bd0c687ab5be0e2bbef64ddee1601375a4440e3f59d60f57caebfe457f82432523ec4a61cdbb7f1e91e4b05fda892df131c274b19929d26f7a5a6d3ca487983f729601ed9bb4bf5c1cc3d453d406e9534688dec6a2dd0b9db149365c125a95e129565e62cc91f7d960abe1055b730ae0994e7eb08392d5745d0e4f529c4defc3d3e43d0815b0cc63effa88d20c13b14e780c2f6c89a1ee5e4db45a5c272186cc3e51b13dab3add5f467e8ca0f4c45a1fc76db2f0cbf794102946aafcd8cd8a3e935a606b9721645c4d550ae0907f345593736506efc626498c974753d474a73626041d3a54f8fb50de2a6335611a3779da3a02daceb2256d9b102d4d30dd3cd389a04b1a7a6076879f36534bb3379debb46ed1fa2c40096c752017dd024345c58313b43070ff7bef94dc3cafbe6ec20d59e5ea3c196ba3b783bfa87384407efc664cd350c80ac397516018e35371956e414755cde304d2a228c1540ba6fd6a6080fc348cce607402d11c666964f024da4c016eb556ba2c5fab86c60c12efb1496295d8f46d9d7c438b46998085735b2b7308e60f0383526e8e0fc55a287bbd3cb966a916f57958d8b6ef97aa0c4b47f7746bab6b99698c1c96b25c4e2e084147866fe0970b109dd26984adc0758eb6442712cc46dcd8ed3038b0595252eed1b8a46525862662d1e67eba66ac341f8d27853eed54854f488f079bd48df6ce7a4be8b1b61fd23a2dc4d3ade0992011539cc63f80fcfc75008c20cb639348cb218f8f476a6d56917f4ca07e67fc20ea2e9642eaf2182b397e279f5f6c70438fb8aa39cba788588c181461ea7efe1a0dd5b95eb26f7158b91012f7ce0ee1b4e79ce4da377bea4551738a0f491a84f19b3be9827b4469c299527aa9c20b8bf12f919976a0356bba720fb97800763c79bcbb10d89280f0f97cdd19aa0d54828b308195fac17041cc717915e340a9ef2c97f618a9f50b30ae34ebeed9a38b4c6969680accc740b154ecb014fb5d543a59ccb98a7de2823a2dec39f331cb503eb74fef61262c6d4050bc723caee834eb28c64ce007f6027375e936b62387cf1778970e88b0574a0106d4c855be7425767c551b2fa644d9d8a59f787e7610581b768057d229673344571c3d6e3f10975b2859f568398b1f38f89524d9ad0c1588617c3883a1227b714c81cdf28da54f33968c1c50f28da01c308eb31d319b3e77f96bec001c9300000000000000009cc0062283ac112868592619db14d629c47bfb793a723dcd2f7b07ae4ec14ca3ef4b955ea5b2b153a279b080f6236d418075b86850974c8850efb306d5c304e726bf2643b4403e6d46b0e0395b02e93308b4b2c3e957308d497dc51c753344a7878f1f0c91295fd76e3d1cc9ef813161c6b92b7ea6068ceb97d8f45a4ce57af7d7632d699951f7fe3c71c3a32b014c74425c67e5030546b10cf7edcec2eca5ba31dc62c08f83f35bc2e36b93f15f071bc2537ebe9ca19f86dce4e84272e10323d0ceaa2cc47fe4f6ad101d454c761f9863e94af91199c5000000000000009314b84aa7efa4bdc18f7700c19511d48d6132450111d70401a8ac73565d5386ca12345e884d08b23f9c901000a95eb4167865e58c28b112f47c96beeaa6657c923e25e56529107c5c30e65bb485d5ed21b91332db4e09df7e59dcfa05c994570deb3f9b838e22ae4abbf9a9a8c319cc9112c8dba7c2278f78b9578b0254c46a4c04b8fa4fedad6bd275f70b1618971ef6503379bfb0a508c9944328af2c820091a89e3f75e68e7f980ddc9154d273f709ce7a6294aefe93136860786679b80e41f6636ff45efeacfb52e2ba2bd9bd9c9030079a46caca5c4b340c17d01ba8ecbc5c561b2038481a8321c009d12136a3ad5461881d998eeaac5236fdcd8f81fb5e53848bb096d9198fd0d38830d1809f2a632b31e2b67754140c907ed58aead048b2d8af9a1c407e48db815212cfdcca97222dabdfe01f311a73e1e82c3e189ec5add48d3f8190eb9e14b58e540f7f1388a7c687629eadb19fd8a133dc8177629270ecaabff79efb6c1f750d89b9e6c5f34c6238066f8e3e425e46a27b3c0d2e9e2ed3cffe2a6f39b8e0137ea5de689b94107fb4748a5feb3902f0feba64dae4c2e69bc8d86463575c6b0ef4a8a64fef41121e57a8c67eda07e9fc8f98299677de198ea0a649ef3c00591940b2c27ba1414aaa1633deb52e3a44cfa8d7a00d014317c026a7d7f42a34b97128e1bf9cda4d8315819ac73ed5061bf9b5631d07b09b85b78ff1b6eb86e9e8c4faa0f991cd6fa0b0eb71b39c20ca9bc7c156f3bd255a5b408df172396bafd7f0fb11c6eaf1eb0a06576d37bee00424bf699584b1dfed68f0d8d8a35f0427c783fe2d79b4373628971e87501a5e4bb05b5058d0b2132741f26e76065b6f4017d963c8ee5605c4c5b6eebb96fca0a41893cb6add3fb0d728abeb860f22cedbd36e464bdaf124a7041460f7af3d64b54e9ffd240b5afad9baf6e5dd8406bc1b205da5848f51fc9dd5197716e144e1b0386614bd3cfd5ddb80ada1e5ca74c8960093a553b1f6288aa7f53663cdd867f658e51b95772dc7a6fa45fa03e14988a33250e6c16fbf0351769080d64ddfbdbf77e1215563bf2e82ecc38a682846d7e2e2"}}, 0xfca) 1.123841361s ago: executing program 4 (id=2206): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) syz_io_uring_setup(0x0, 0xfffffffffffffffe, 0x0, 0x0) mkdir(0x0, 0x0) 1.072124842s ago: executing program 0 (id=2207): r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0xa2f01, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) r1 = socket$inet6(0xa, 0x2, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, 0x0) bind$inet6(r1, &(0x7f0000000100)={0xa, 0x4e20, 0x0, @empty}, 0x1c) setsockopt$inet6_udp_int(r1, 0x11, 0x68, &(0x7f0000000080)=0xa40, 0x4) r2 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) setsockopt$inet6_udp_encap(r1, 0x11, 0x64, &(0x7f0000000040)=0x2, 0x4) write$tun(r0, &(0x7f00000006c0)={@val={0xa, 0x1b}, @void, @eth={@multicast, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x29}, @void, {@ipv6={0x86dd, @udp={0xd, 0x6, '\x00 \b', 0x18, 0x11, 0xff, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @mcast2, {[], {0x4f19, 0x4e20, 0x18, 0x0, @wg=@data={0x4, 0xa, 0x8}}}}}}}}, 0x52) 941.060978ms ago: executing program 1 (id=2208): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) r1 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}}) writev(r0, &(0x7f0000000340)=[{&(0x7f0000000080)="429b5b0007f6b0885f", 0x9}], 0x1) 940.234559ms ago: executing program 2 (id=2209): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x30000c6, &(0x7f0000000080), 0x1, 0x574, &(0x7f00000003c0)="$eJzs3ctrG8cfAPDvylbev18cCKEtpRh6aEoaObb7SKGH9NyGBtp7KmzFBMtRsOQQu4Emh+ZcQi+lgdJ76bnH0H+gh/4NgTYQSjDtoReVlXcV2Zb8SORHqs8H1szsrDwzmp3RjEZCAQys0fRPIeLliPg6iTgeEUmWNhxZ4ujKdctPbk2lRxLN5qd/Jq3r0nj+v/LHHc0iL0XEL19FnCmsz7e+uDRbrlYr81l8rDF3fay+uHT26lx5pjJTuTYxOXn+ncmJ9997t291ffPS399+8mAoi524l8SFOJbFOuvxHG53RkZjNHtOinFhzYXjfchsP0m6nv1p18vB9gxl/bwY6RhwPIayXg/8930ZEU1gQCXb7v+/FXemJMDuyucB+dq+T+vgF8bjD1cWQOvrP7zy3kgcaq2Njiwnq1ZG6Xp3pA/5p3n8/Mf9e+kR/XsfAmBTt+9ExLnh4fXjX5KNf8/u3BauWZuH8Q92z4N0/vNWt/lPoT3/iS7zn6Nd+u6z2Lz/Fx71IZue0vnfB13nv+1Nq5GhLPa/1pyvmFy5Wq2kY9v/I+J0FA+m8Y32c84vP2z2Suuc/6VHmn8+F8zK8Wj44OrHTJcb5eepc6fHdyJe6Tr/Tdrtn3Rp//T5uLTFPE5V7r/WK23z+u+s5g8Rb3Rt/6c7WsnG+5NjrfthLL8r1vvr7qlfe+W/1/VP2//IxvUfSTr3a+vbz+P7Q/9Uor2fvNqq+sfW7/8DyWet8IHs3M1yozE/HnEg+bh9vpCfn3j62DyeX5/W//TrG49/3e7/wxHx+Rbrf/fkj6/2StsP7T/dtf3bq9s17d8zkN8w65IefvTFd1lac+1AuLXx7+1W6HR2Zivj34YlnX+euxkAAAAAAAD2r0JEHIukUGqHC4VSaeXzHSfjSKFaqzfOXKktXJuO1ndlR6JYyHe6j3d8HmI82zHM4xNr4pMRcSIivhk63IqXpmrV6b2uPAAAAAAAAAAAAAAAAAAAAOwTR3t8/z/1+9Belw7YcX7yGwbXpv2/H7/0BOxLXv9hcOn/MLi22f+TnSoHsPu8/sPg0v9hcOn/MLg6+v/sXpYD2H1e/wEAAAAAAAAAAAAAAAAAAAAAAAAAAKCvLl28mB7N5Se3ptL49I3FhdnajbPTlfpsaW5hqjRVm79emqnVZqqV0lRtbrP/V63Vro9PxMLNsUal3hirLy5dnqstXGtcvjpXnqlcrhR3pVYAAAAAAAAAAAAAAAAAAADwYqkvLs2Wq9XKvIDAMwWG90cxBPoc2OuRCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACe+jcAAP//iecx8A==") setxattr$incfs_metadata(&(0x7f0000000240)='./file1\x00', &(0x7f0000000280), &(0x7f0000000380)="30573472b621739984c336124406e8a5c812ca847e3bf1b82ec91d46ab", 0x1d, 0x1) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0) lsetxattr$trusted_overlay_upper(&(0x7f00000001c0)='./file1\x00', &(0x7f0000000180), &(0x7f0000000000)=ANY=[], 0x361, 0x0) setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, &(0x7f0000000040)={0x9c4, 0x0, 0x0, 0xffc}, 0x10) lsetxattr$trusted_overlay_upper(&(0x7f0000000100)='./file1\x00', &(0x7f00000000c0), &(0x7f0000000000)=ANY=[], 0xfe37, 0x0) 931.012127ms ago: executing program 3 (id=2210): syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80a, &(0x7f0000000000), 0x1, 0x79b, &(0x7f0000000a40)="$eJzs3c1rXFUbAPDnTpImTfu+zQsv2LppVloonbQ1tgqCERciWCjo2jZMpiFmkimZSWlCFhYRBBG0uBB049qPunMruvZvcCMiLVXTYsWFjNz5SKb5mHw0k2mb3w9ucs6dc+ecZ+7cc8/MPcwNYM8aTP9kIo5ExIdJxKH6+iQieqqp7oiRWrl7iwu5dEmiUnn996Ra5u7iQi6atkkdqGcOR8T370Ycz6yutzQ3PzlaKORn6vmh8tTlodLc/ImJqdHx/Hh++syp4eHTZ589e2bnYv3zx/mDtz565emvR/5+54kbH/yQxEgcrD/WHMdOGYzB+mvSk76E93l5pyvrsKTTDWBb0kOzq3aUx5E4FF3VFADwOEvP/xUAYI9JnP8BYI9pfA9wd3Eh11g6+43E7rr9UkT01eJvXN+sPdJdv2bXV70O2n83ie76FdHYwetdgxHx2bdvfpku0abrkABreftaRFwcGFzd/yer5ixs1clNlBlckdf/we75Lh3/PLfW+C+zNP6JpfHPst41jt3tGIzY15xfffxnbq654Ys7UHl9/PdCbW5bGmjT+G9p0tpAVz33nzRzNCImCvm0b/tvRByLnt5LE4X8qRZ1HLvzz531Hmse//1x/a0v0vrT/8slMje7e+/fZmy0PPogMTe7fS3iye7luX33VvX/fdWx7sr9n6473+qJjy4nX33+vU/XK5bGn8bbWFbH316VzyOeirXjb0hazk8cSnf/ydrftev45udP+terv3n/p0taf+OzwG5I939/6/gHkub5mqWdrX/j+Nd+/+9L3qimG53H1dFyeeZUxL7ktdXrTy9v28g3yqfx1yJdGX+m5fs//SR4cZMxdt/67avtx7+kLVMs0/jHtrT/t564cW+ya/vxp/t/uJo6Vl+zmf5vsw18kNcOAAAAAAAAAAAAAAAAAAAAAAAAADYrExEHI8lkl9KZTDZbu4f3/6M/UyiWyscvFWenx6J6r+yB6Mk0furyUC2fNH7/dKApf3pF/pmI+F9EfNy7v5rP5oqFsU4HDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB1B9a5/3/q195Otw4AaJu+DUvcyd+XrVQqlTa2BwBov43P/wDA46bF+X//brYDANg9Pv8DwN7j/A8Ae4/zPwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG12/ty5dKn8tbiQS/NjV+ZmJ4tXTozlS5PZqdlcNlecuZwdLxbHC/lsrji10fMVisXLwzE9e3WonC+Vh0pz8xemirPT5QsTU6Pj+Qv5nl2JCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC2pjQ3PzlaKORnHovE+xHxEDSjHYkkHopmdCTxy4mfDrcqc32Dt/HIQxHFI5bodM8EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8Gj4NwAA//8PbSWm") timer_create(0x2, 0x0, &(0x7f0000bbdffc)=0x0) timer_settime(0x0, 0x1, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) timer_gettime(r0, 0x0) 0s ago: executing program 4 (id=2211): setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x27, 0x0, 0x0) r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000004c0)={{{@in=@multicast1, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x4f}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x2}}, {{@in=@multicast2, 0x404d3, 0x32}, 0x0, @in=@empty}}, 0xe8) setsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x1b, 0x0, 0x0) r1 = socket$key(0xf, 0x3, 0x2) setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f00000001c0), 0x4) sendmsg$key(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=ANY=[@ANYBLOB="020b000102"], 0x10}}, 0x0) sendmsg$key(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="0212000002"], 0x10}}, 0x0) r2 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r2, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9990000000000000000fc000000000000000100000000000000ac1e000100000000000000000000000000000000000000000a0060"], 0xb8}, 0x1, 0x0, 0x0, 0x4004040}, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r3, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9990000000000000000fc0000000000000000"], 0xb8}, 0x1, 0x0, 0x0, 0x80}, 0x0) sendmsg$nl_xfrm(r3, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000700)=@updpolicy={0xb8, 0x13, 0xcb23c9c9931e99e9, 0x0, 0x0, {{@in6=@private0, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 0x4e21, 0x0, 0xa, 0x40, 0x0, 0x0, 0x0, 0xee01}, {0x0, 0x0, 0xaa3, 0xfffffffffffffff8}, {0x0, 0xb}}}, 0xb8}}, 0x0) kernel console output (not intermixed with test programs): 968][ T14] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024 [ 270.198087][ T6794] netlink: 'syz.0.599': attribute type 29 has an invalid length. [ 270.208064][ T14] usb 4-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=20.79 [ 270.209270][ T6794] netlink: 'syz.0.599': attribute type 29 has an invalid length. [ 270.252239][ T14] usb 4-1: New USB device strings: Mfr=2, Product=236, SerialNumber=0 [ 270.288665][ T14] usb 4-1: Product: syz [ 270.304108][ T14] usb 4-1: Manufacturer: syz [ 270.313011][ T4882] BTRFS error: device /dev/loop0 already registered with a higher generation, found 8 expect 10 [ 270.332542][ T14] usb 4-1: config 0 descriptor?? [ 270.345659][ T6786] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 270.687855][ T4501] usb 4-1: USB disconnect, device number 12 [ 271.411389][ T6805] FAULT_INJECTION: forcing a failure. [ 271.411389][ T6805] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 271.424684][ T6805] CPU: 1 PID: 6805 Comm: syz.2.604 Not tainted syzkaller #0 [ 271.432021][ T6805] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 271.442564][ T6805] Call Trace: [ 271.445887][ T6805] [ 271.448856][ T6805] dump_stack_lvl+0x188/0x24e [ 271.453602][ T6805] ? show_regs_print_info+0x12/0x12 [ 271.458874][ T6805] ? load_image+0x400/0x400 [ 271.463557][ T6805] ? __lock_acquire+0x7d10/0x7d10 [ 271.468652][ T6805] should_fail_ex+0x399/0x4d0 [ 271.473386][ T6805] _copy_from_user+0x2c/0x170 [ 271.478178][ T6805] core_sys_select+0x759/0x9b0 [ 271.483019][ T6805] ? poll_select_set_timeout+0x150/0x150 [ 271.488723][ T6805] ? __seccomp_filter+0x85c/0x1bf0 [ 271.494025][ T6805] ? sigprocmask+0x190/0x190 [ 271.498663][ T6805] ? asm_sysvec_reschedule_ipi+0x16/0x20 [ 271.504392][ T6805] __se_sys_pselect6+0x2f4/0x3c0 [ 271.509410][ T6805] ? __x64_sys_pselect6+0xf0/0xf0 [ 271.514503][ T6805] ? __x64_sys_pselect6+0x1d/0xf0 [ 271.519685][ T6805] do_syscall_64+0x4c/0xa0 [ 271.524161][ T6805] ? clear_bhb_loop+0x60/0xb0 [ 271.528892][ T6805] ? clear_bhb_loop+0x60/0xb0 [ 271.533662][ T6805] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 271.539731][ T6805] RIP: 0033:0x7fcefdf9c799 [ 271.544200][ T6805] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 271.563995][ T6805] RSP: 002b:00007fcefeef5028 EFLAGS: 00000246 ORIG_RAX: 000000000000010e [ 271.572478][ T6805] RAX: ffffffffffffffda RBX: 00007fcefe216090 RCX: 00007fcefdf9c799 [ 271.580494][ T6805] RDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000000000000040 [ 271.588524][ T6805] RBP: 00007fcefeef5090 R08: 0000000000000000 R09: 0000000000000000 [ 271.596546][ T6805] R10: 00002000000002c0 R11: 0000000000000246 R12: 0000000000000001 [ 271.604560][ T6805] R13: 00007fcefe216128 R14: 00007fcefe216090 R15: 00007ffde5f4a5e8 [ 271.612783][ T6805] [ 272.505417][ T6808] fuse: Bad value for 'fd' [ 275.084078][ T6807] loop2: detected capacity change from 0 to 32768 [ 275.148059][ T6807] XFS: noikeep mount option is deprecated. [ 277.288449][ T6842] loop4: detected capacity change from 0 to 512 [ 277.503563][ T6849] loop2: detected capacity change from 0 to 764 [ 277.519884][ T4441] usb 4-1: new high-speed USB device number 13 using dummy_hcd [ 277.627787][ T6849] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 277.676195][ T6849] Symlink component flag not implemented [ 277.700010][ T4441] usb 4-1: Using ep0 maxpacket: 8 [ 277.707554][ T4441] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 277.761092][ T6849] Symlink component flag not implemented (7) [ 277.767536][ T4441] usb 4-1: New USB device found, idVendor=054c, idProduct=09cc, bcdDevice= 0.00 [ 277.794395][ T4441] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 277.829042][ T4441] usb 4-1: config 0 descriptor?? [ 277.869480][ T4441] usbhid 4-1:0.0: couldn't find an input interrupt endpoint [ 277.958902][ T6845] loop0: detected capacity change from 0 to 4096 [ 278.055222][ T4456] usb 4-1: USB disconnect, device number 13 [ 278.078517][ T6845] ntfs3: Bad value for 'uid' [ 278.304956][ T6856] mkiss: ax0: crc mode is auto. [ 278.861615][ T6866] FAULT_INJECTION: forcing a failure. [ 278.861615][ T6866] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 278.875062][ T6866] CPU: 1 PID: 6866 Comm: syz.3.619 Not tainted syzkaller #0 [ 278.882396][ T6866] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 278.892497][ T6866] Call Trace: [ 278.896420][ T6866] [ 278.899377][ T6866] dump_stack_lvl+0x188/0x24e [ 278.904108][ T6866] ? show_regs_print_info+0x12/0x12 [ 278.909394][ T6866] ? load_image+0x400/0x400 [ 278.914198][ T6866] ? __lock_acquire+0x7d10/0x7d10 [ 278.919271][ T6866] should_fail_ex+0x399/0x4d0 [ 278.923992][ T6866] _copy_from_user+0x2c/0x170 [ 278.928712][ T6866] iovec_from_user+0x143/0x360 [ 278.933515][ T6866] __import_iovec+0x6d/0x500 [ 278.938325][ T6866] import_iovec+0x6f/0xa0 [ 278.942689][ T6866] ___sys_sendmsg+0x252/0x360 [ 278.947581][ T6866] ? lockdep_hardirqs_on+0x94/0x140 [ 278.952907][ T6866] ? __sys_sendmsg+0x290/0x290 [ 278.957757][ T6866] __se_sys_sendmsg+0x1bb/0x2a0 [ 278.962915][ T6866] ? __x64_sys_sendmsg+0x80/0x80 [ 278.968094][ T6866] ? syscall_enter_from_user_mode+0x2a/0x80 [ 278.974031][ T6866] do_syscall_64+0x4c/0xa0 [ 278.978574][ T6866] ? clear_bhb_loop+0x60/0xb0 [ 278.983294][ T6866] ? clear_bhb_loop+0x60/0xb0 [ 278.988025][ T6866] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 278.993953][ T6866] RIP: 0033:0x7f65f0d9c799 [ 278.998401][ T6866] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 279.018483][ T6866] RSP: 002b:00007f65f1cd7028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 279.026930][ T6866] RAX: ffffffffffffffda RBX: 00007f65f1016180 RCX: 00007f65f0d9c799 [ 279.035222][ T6866] RDX: 0000000004000054 RSI: 0000200000000480 RDI: 0000000000000007 [ 279.043244][ T6866] RBP: 00007f65f1cd7090 R08: 0000000000000000 R09: 0000000000000000 [ 279.051265][ T6866] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 279.059289][ T6866] R13: 00007f65f1016218 R14: 00007f65f1016180 R15: 00007ffeef3f1c78 [ 279.067395][ T6866] [ 279.075376][ T6866] mmap: syz.3.619 (6866) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 279.253105][ T6862] loop1: detected capacity change from 0 to 8192 [ 279.809331][ T6873] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 279.861852][ T6873] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 279.992051][ T4449] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 280.053355][ T4456] usb 1-1: new high-speed USB device number 21 using dummy_hcd [ 280.112066][ T4449] hid-generic 0000:0000:0000.0003: hidraw0: HID v0.00 Device [syz1] on syz0 [ 280.761364][ T6887] process 'syz.2.623' launched '/dev/fd/5' with NULL argv: empty string added [ 280.802810][ T6887] serio: Serial port ptm0 [ 281.951448][ T6895] 9pnet_fd: Insufficient options for proto=fd [ 283.775112][ T6899] syz.3.627 (6899) used greatest stack depth: 17136 bytes left [ 284.091808][ T6906] netlink: 28 bytes leftover after parsing attributes in process `syz.4.630'. [ 284.395262][ T6909] loop4: detected capacity change from 0 to 4096 [ 284.508899][ T6912] FAULT_INJECTION: forcing a failure. [ 284.508899][ T6912] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 284.564299][ T6914] loop1: detected capacity change from 0 to 512 [ 284.611076][ T6914] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 284.644657][ T6914] EXT4-fs (loop1): Cannot use DAX on a filesystem that may contain inline data [ 284.660046][ T6912] CPU: 1 PID: 6912 Comm: syz.3.631 Not tainted syzkaller #0 [ 284.668310][ T6912] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 284.679206][ T6912] Call Trace: [ 284.682565][ T6912] [ 284.685596][ T6912] dump_stack_lvl+0x188/0x24e [ 284.690764][ T6912] ? show_regs_print_info+0x12/0x12 [ 284.697964][ T6912] ? load_image+0x400/0x400 [ 284.702532][ T6912] ? __lock_acquire+0x7d10/0x7d10 [ 284.707609][ T6912] ? trace_contention_end+0x5f/0x170 [ 284.713158][ T6912] should_fail_ex+0x399/0x4d0 [ 284.718361][ T6912] _copy_from_user+0x2c/0x170 [ 284.723106][ T6912] snd_pcm_oss_write2+0x2c1/0x410 [ 284.728190][ T6912] ? snd_pcm_hw_param_max+0x6a0/0x6a0 [ 284.733695][ T6912] ? snd_pcm_do_prepare+0x220/0x220 [ 284.738945][ T6912] ? snd_pcm_action_nonatomic+0x24a/0x2a0 [ 284.744735][ T6912] snd_pcm_oss_write+0x6a7/0xaf0 [ 284.749722][ T6912] ? snd_pcm_oss_read+0x8b0/0x8b0 [ 284.754871][ T6912] vfs_write+0x2e6/0xa30 [ 284.759445][ T6912] ? file_end_write+0x250/0x250 [ 284.764427][ T6912] ? __fget_files+0x28/0x4b0 [ 284.769058][ T6912] ? __fget_files+0x28/0x4b0 [ 284.774057][ T6912] ? __fget_files+0x43d/0x4b0 [ 284.778966][ T6912] ? __fdget_pos+0x1d4/0x360 [ 284.783600][ T6912] ? ksys_write+0x71/0x250 [ 284.788199][ T6912] ksys_write+0x14c/0x250 [ 284.792672][ T6912] ? __ia32_sys_read+0x80/0x80 [ 284.797571][ T6912] ? lockdep_hardirqs_on+0x94/0x140 [ 284.802983][ T6912] do_syscall_64+0x4c/0xa0 [ 284.807451][ T6912] ? clear_bhb_loop+0x60/0xb0 [ 284.812802][ T6912] ? clear_bhb_loop+0x60/0xb0 [ 284.817687][ T6912] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 284.824511][ T6912] RIP: 0033:0x7f65f0d9c799 [ 284.829309][ T6912] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 284.849330][ T6912] RSP: 002b:00007f65f1cf8028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 284.857788][ T6912] RAX: ffffffffffffffda RBX: 00007f65f1016090 RCX: 00007f65f0d9c799 [ 284.866514][ T6912] RDX: 0000000000004000 RSI: 00002000000012c0 RDI: 0000000000000003 [ 284.874886][ T6912] RBP: 00007f65f1cf8090 R08: 0000000000000000 R09: 0000000000000000 [ 284.882982][ T6912] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 284.891252][ T6912] R13: 00007f65f1016128 R14: 00007f65f1016090 R15: 00007ffeef3f1c78 [ 284.899751][ T6912] [ 285.260981][ T4456] usb 1-1: device descriptor read/64, error -110 [ 285.734148][ T4441] usb 5-1: new high-speed USB device number 17 using dummy_hcd [ 285.929897][ T4441] usb 5-1: Using ep0 maxpacket: 32 [ 285.948479][ T6924] FAULT_INJECTION: forcing a failure. [ 285.948479][ T6924] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 285.962616][ T6924] CPU: 1 PID: 6924 Comm: syz.1.635 Not tainted syzkaller #0 [ 285.970055][ T6924] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 285.980605][ T6924] Call Trace: [ 285.983946][ T6924] [ 285.986930][ T6924] dump_stack_lvl+0x188/0x24e [ 285.991936][ T6924] ? show_regs_print_info+0x12/0x12 [ 285.997728][ T6924] ? load_image+0x400/0x400 [ 286.002691][ T6924] ? __lock_acquire+0x7d10/0x7d10 [ 286.008073][ T6924] should_fail_ex+0x399/0x4d0 [ 286.013080][ T6924] _copy_from_user+0x2c/0x170 [ 286.018450][ T6924] iovec_from_user+0x143/0x360 [ 286.024064][ T6924] __import_iovec+0x6d/0x500 [ 286.029084][ T6924] import_iovec+0x6f/0xa0 [ 286.034463][ T6924] ___sys_sendmsg+0x252/0x360 [ 286.039217][ T6924] ? __sys_sendmsg+0x290/0x290 [ 286.044616][ T6924] ? __lock_acquire+0x7d10/0x7d10 [ 286.050013][ T6924] __se_sys_sendmsg+0x1bb/0x2a0 [ 286.055460][ T6924] ? __x64_sys_sendmsg+0x80/0x80 [ 286.060708][ T6924] ? lockdep_hardirqs_on+0x94/0x140 [ 286.067029][ T6924] do_syscall_64+0x4c/0xa0 [ 286.071698][ T6924] ? clear_bhb_loop+0x60/0xb0 [ 286.077445][ T6924] ? clear_bhb_loop+0x60/0xb0 [ 286.082701][ T6924] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 286.089125][ T6924] RIP: 0033:0x7fb673b9c799 [ 286.094134][ T6924] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 286.113841][ T6924] RSP: 002b:00007fb6749d1028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 286.122923][ T6924] RAX: ffffffffffffffda RBX: 00007fb673e16090 RCX: 00007fb673b9c799 [ 286.131474][ T6924] RDX: 00000000200048c4 RSI: 00002000000006c0 RDI: 0000000000000006 [ 286.139512][ T6924] RBP: 00007fb6749d1090 R08: 0000000000000000 R09: 0000000000000000 [ 286.147556][ T6924] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 286.155692][ T6924] R13: 00007fb673e16128 R14: 00007fb673e16090 R15: 00007fff8e50af08 [ 286.163845][ T6924] [ 286.694470][ T4441] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024 [ 286.715426][ T4441] usb 5-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=20.79 [ 286.740161][ T4441] usb 5-1: New USB device strings: Mfr=2, Product=236, SerialNumber=0 [ 286.750907][ T4441] usb 5-1: Product: syz [ 286.755161][ T4441] usb 5-1: Manufacturer: syz [ 286.761981][ T4441] usb 5-1: config 0 descriptor?? [ 286.767884][ T6906] raw-gadget.2 gadget.4: fail, usb_ep_enable returned -22 [ 287.936724][ T14] usb 5-1: USB disconnect, device number 17 [ 288.204445][ T6942] bridge0: port 2(bridge_slave_1) entered disabled state [ 288.217208][ T6942] bridge0: port 1(bridge_slave_0) entered disabled state [ 288.750259][ T6953] loop2: detected capacity change from 0 to 1024 [ 289.311392][ T6953] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 289.322915][ T6953] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (27642!=20869) [ 289.362698][ T6953] JBD2: no valid journal superblock found [ 289.368858][ T6953] EXT4-fs (loop2): error loading journal [ 290.103445][ T6965] serio: Serial port ptm0 [ 290.537967][ T6974] FAULT_INJECTION: forcing a failure. [ 290.537967][ T6974] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 290.552221][ T6974] CPU: 0 PID: 6974 Comm: syz.4.648 Not tainted syzkaller #0 [ 290.559677][ T6974] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 290.569984][ T6974] Call Trace: [ 290.573325][ T6974] [ 290.576328][ T6974] dump_stack_lvl+0x188/0x24e [ 290.581099][ T6974] ? show_regs_print_info+0x12/0x12 [ 290.586384][ T6974] ? load_image+0x400/0x400 [ 290.591409][ T6974] ? __lock_acquire+0x7d10/0x7d10 [ 290.596716][ T6974] should_fail_ex+0x399/0x4d0 [ 290.601482][ T6974] _copy_from_user+0x2c/0x170 [ 290.606248][ T6974] __copy_msghdr+0x3b7/0x580 [ 290.610944][ T6974] ___sys_sendmsg+0x210/0x360 [ 290.615988][ T6974] ? __sys_sendmsg+0x290/0x290 [ 290.620853][ T6974] ? __lock_acquire+0x7d10/0x7d10 [ 290.625970][ T6974] __se_sys_sendmsg+0x1bb/0x2a0 [ 290.630970][ T6974] ? __x64_sys_sendmsg+0x80/0x80 [ 290.635975][ T6974] ? lockdep_hardirqs_on+0x94/0x140 [ 290.641948][ T6974] do_syscall_64+0x4c/0xa0 [ 290.646435][ T6974] ? clear_bhb_loop+0x60/0xb0 [ 290.651160][ T6974] ? clear_bhb_loop+0x60/0xb0 [ 290.655884][ T6974] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 290.661826][ T6974] RIP: 0033:0x7f5a7bf9c799 [ 290.666304][ T6974] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 290.686125][ T6974] RSP: 002b:00007f5a7ceb1028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 290.694597][ T6974] RAX: ffffffffffffffda RBX: 00007f5a7c216090 RCX: 00007f5a7bf9c799 [ 290.702609][ T6974] RDX: 0000000000004800 RSI: 0000200000000540 RDI: 0000000000000004 [ 290.710628][ T6974] RBP: 00007f5a7ceb1090 R08: 0000000000000000 R09: 0000000000000000 [ 290.718667][ T6974] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 290.726679][ T6974] R13: 00007f5a7c216128 R14: 00007f5a7c216090 R15: 00007fff79e0e7b8 [ 290.734718][ T6974] [ 291.587165][ T6986] FAULT_INJECTION: forcing a failure. [ 291.587165][ T6986] name failslab, interval 1, probability 0, space 0, times 0 [ 291.601065][ T6986] CPU: 0 PID: 6986 Comm: syz.3.649 Not tainted syzkaller #0 [ 291.608595][ T6986] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 291.618894][ T6986] Call Trace: [ 291.622227][ T6986] [ 291.625230][ T6986] dump_stack_lvl+0x188/0x24e [ 291.630006][ T6986] ? show_regs_print_info+0x12/0x12 [ 291.635366][ T6986] ? load_image+0x400/0x400 [ 291.640053][ T6986] should_fail_ex+0x399/0x4d0 [ 291.644796][ T6986] should_failslab+0x5/0x20 [ 291.649366][ T6986] slab_pre_alloc_hook+0x59/0x310 [ 291.654615][ T6986] kmem_cache_alloc+0x56/0x2f0 [ 291.659448][ T6986] ? sctp_get_port_local+0x6d7/0x1510 [ 291.664909][ T6986] sctp_get_port_local+0x6d7/0x1510 [ 291.670198][ T6986] ? sctp_do_bind+0x990/0x990 [ 291.674937][ T6986] ? sctp_bind_addr_match+0x2c/0x2a0 [ 291.680377][ T6986] sctp_do_bind+0x555/0x990 [ 291.685057][ T6986] sctp_connect_new_asoc+0x266/0x6a0 [ 291.690432][ T6986] ? __sctp_connect+0xd80/0xd80 [ 291.695351][ T6986] ? __local_bh_enable_ip+0x136/0x1c0 [ 291.700835][ T6986] ? bpf_lsm_sctp_bind_connect+0x5/0x10 [ 291.706503][ T6986] ? security_sctp_bind_connect+0x85/0xb0 [ 291.712384][ T6986] sctp_sendmsg+0x15b0/0x2940 [ 291.717233][ T6986] ? aa_sk_perm+0x781/0x950 [ 291.721803][ T6986] ? sctp_getsockopt+0x8a0/0x8a0 [ 291.726809][ T6986] ? __lock_acquire+0x7d10/0x7d10 [ 291.732156][ T6986] ? aa_af_perm+0x340/0x340 [ 291.736725][ T6986] ? tomoyo_socket_sendmsg_permission+0x1dd/0x2f0 [ 291.743233][ T6986] ? inet_sendmsg+0xe5/0x2f0 [ 291.747897][ T6986] __sys_sendto+0x497/0x650 [ 291.752472][ T6986] ? __ia32_sys_getpeername+0x80/0x80 [ 291.757926][ T6986] ? __fget_files+0x43d/0x4b0 [ 291.762709][ T6986] ? lockdep_hardirqs_on_prepare+0x409/0x770 [ 291.768767][ T6986] ? lock_chain_count+0x20/0x20 [ 291.773698][ T6986] __x64_sys_sendto+0xda/0xf0 [ 291.778440][ T6986] do_syscall_64+0x4c/0xa0 [ 291.783024][ T6986] ? clear_bhb_loop+0x60/0xb0 [ 291.787765][ T6986] ? clear_bhb_loop+0x60/0xb0 [ 291.792586][ T6986] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 291.798547][ T6986] RIP: 0033:0x7f65f0d9c799 [ 291.803136][ T6986] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 291.823420][ T6986] RSP: 002b:00007f65f1cf8028 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 291.831924][ T6986] RAX: ffffffffffffffda RBX: 00007f65f1016090 RCX: 00007f65f0d9c799 [ 291.840145][ T6986] RDX: 0000000000034000 RSI: 0000200000847fff RDI: 0000000000000005 [ 291.848191][ T6986] RBP: 00007f65f1cf8090 R08: 000020000005ffe4 R09: 000000000000001c [ 291.856479][ T6986] R10: 00000000000000e0 R11: 0000000000000246 R12: 0000000000000001 [ 291.864683][ T6986] R13: 00007f65f1016128 R14: 00007f65f1016090 R15: 00007ffeef3f1c78 [ 291.872817][ T6986] [ 292.478796][ T6995] FAULT_INJECTION: forcing a failure. [ 292.478796][ T6995] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 292.650142][ T6995] CPU: 1 PID: 6995 Comm: syz.2.654 Not tainted syzkaller #0 [ 292.657625][ T6995] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 292.667924][ T6995] Call Trace: [ 292.671246][ T6995] [ 292.674226][ T6995] dump_stack_lvl+0x188/0x24e [ 292.678965][ T6995] ? show_regs_print_info+0x12/0x12 [ 292.684321][ T6995] ? load_image+0x400/0x400 [ 292.689158][ T6995] ? __lock_acquire+0x7d10/0x7d10 [ 292.694398][ T6995] should_fail_ex+0x399/0x4d0 [ 292.699653][ T6995] _copy_from_user+0x2c/0x170 [ 292.704444][ T6995] iovec_from_user+0x143/0x360 [ 292.709290][ T6995] __import_iovec+0x6d/0x500 [ 292.713960][ T6995] import_iovec+0x6f/0xa0 [ 292.718957][ T6995] ___sys_sendmsg+0x252/0x360 [ 292.723883][ T6995] ? __sys_sendmsg+0x290/0x290 [ 292.728857][ T6995] __sys_sendmmsg+0x2c3/0x510 [ 292.733644][ T6995] ? __ia32_sys_sendmsg+0x80/0x80 [ 292.738755][ T6995] ? mutex_unlock+0x10/0x10 [ 292.743379][ T6995] ? __fget_files+0x43d/0x4b0 [ 292.748222][ T6995] ? lockdep_hardirqs_on_prepare+0x409/0x770 [ 292.754990][ T6995] ? lock_chain_count+0x20/0x20 [ 292.759916][ T6995] __x64_sys_sendmmsg+0x9c/0xb0 [ 292.764833][ T6995] do_syscall_64+0x4c/0xa0 [ 292.769312][ T6995] ? clear_bhb_loop+0x60/0xb0 [ 292.774170][ T6995] ? clear_bhb_loop+0x60/0xb0 [ 292.778989][ T6995] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 292.785110][ T6995] RIP: 0033:0x7fcefdf9c799 [ 292.789603][ T6995] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 292.809728][ T6995] RSP: 002b:00007fcefef16028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 292.818310][ T6995] RAX: ffffffffffffffda RBX: 00007fcefe215fa0 RCX: 00007fcefdf9c799 [ 292.826343][ T6995] RDX: 040000000000009f RSI: 00002000000002c0 RDI: 0000000000000003 [ 292.834570][ T6995] RBP: 00007fcefef16090 R08: 0000000000000000 R09: 0000000000000000 [ 292.842701][ T6995] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 292.850824][ T6995] R13: 00007fcefe216038 R14: 00007fcefe215fa0 R15: 00007ffde5f4a5e8 [ 292.859012][ T6995] [ 293.937414][ T7008] netlink: 12 bytes leftover after parsing attributes in process `syz.1.658'. [ 294.143300][ T7016] netlink: 8 bytes leftover after parsing attributes in process `syz.1.658'. [ 296.283598][ T27] kauditd_printk_skb: 38 callbacks suppressed [ 296.283648][ T27] audit: type=1326 audit(1773047658.836:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7024 comm="syz.4.660" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a7bf9c799 code=0x7ffc0000 [ 296.625212][ T27] audit: type=1326 audit(1773047658.836:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7024 comm="syz.4.660" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a7bf9c799 code=0x7ffc0000 [ 296.648794][ T27] audit: type=1326 audit(1773047658.836:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7024 comm="syz.4.660" exe="/root/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7f5a7bf9c799 code=0x7ffc0000 [ 296.770318][ T27] audit: type=1326 audit(1773047658.836:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7024 comm="syz.4.660" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a7bf9c799 code=0x7ffc0000 [ 296.896820][ T7033] netlink: 20 bytes leftover after parsing attributes in process `syz.1.661'. [ 296.912831][ T27] audit: type=1326 audit(1773047658.836:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7024 comm="syz.4.660" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a7bf9c799 code=0x7ffc0000 [ 297.036249][ T27] audit: type=1326 audit(1773047658.836:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7024 comm="syz.4.660" exe="/root/syz-executor" sig=0 arch=c000003e syscall=223 compat=0 ip=0x7f5a7bf9c799 code=0x7ffc0000 [ 297.061355][ T27] audit: type=1326 audit(1773047658.836:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7024 comm="syz.4.660" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a7bf9c799 code=0x7ffc0000 [ 297.083660][ C1] vkms_vblank_simulate: vblank timer overrun [ 297.099880][ T27] audit: type=1326 audit(1773047658.836:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7024 comm="syz.4.660" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a7bf9c799 code=0x7ffc0000 [ 297.126029][ T27] audit: type=1326 audit(1773047658.836:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7024 comm="syz.4.660" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f5a7bf9c799 code=0x7ffc0000 [ 297.148238][ C1] vkms_vblank_simulate: vblank timer overrun [ 298.909866][ T128] usb 5-1: new high-speed USB device number 18 using dummy_hcd [ 300.786002][ T128] usb 5-1: device descriptor read/all, error -71 [ 300.899851][ T7049] FAULT_INJECTION: forcing a failure. [ 300.899851][ T7049] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 300.919874][ T7049] CPU: 0 PID: 7049 Comm: syz.4.667 Not tainted syzkaller #0 [ 300.927246][ T7049] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 300.937442][ T7049] Call Trace: [ 300.940771][ T7049] [ 300.943749][ T7049] dump_stack_lvl+0x188/0x24e [ 300.948506][ T7049] ? show_regs_print_info+0x12/0x12 [ 300.953904][ T7049] ? load_image+0x400/0x400 [ 300.958458][ T7049] ? __lock_acquire+0x7d10/0x7d10 [ 300.963564][ T7049] should_fail_ex+0x399/0x4d0 [ 300.968290][ T7049] strncpy_from_user+0x32/0x350 [ 300.973295][ T7049] bpf_prog_load+0x1f3/0x1560 [ 300.978050][ T7049] ? map_freeze+0x390/0x390 [ 300.982798][ T7049] ? __might_fault+0xa6/0x120 [ 300.987629][ T7049] ? __might_fault+0xa6/0x120 [ 300.992450][ T7049] ? __might_fault+0xc2/0x120 [ 300.997174][ T7049] ? __might_fault+0xa6/0x120 [ 301.001923][ T7049] ? bpf_lsm_bpf+0x5/0x10 [ 301.006307][ T7049] ? security_bpf+0x7a/0xa0 [ 301.010953][ T7049] __sys_bpf+0x5b8/0x780 [ 301.015280][ T7049] ? bpf_link_show_fdinfo+0x380/0x380 [ 301.020739][ T7049] ? lock_chain_count+0x20/0x20 [ 301.025756][ T7049] __x64_sys_bpf+0x78/0x90 [ 301.030232][ T7049] do_syscall_64+0x4c/0xa0 [ 301.034793][ T7049] ? clear_bhb_loop+0x60/0xb0 [ 301.039640][ T7049] ? clear_bhb_loop+0x60/0xb0 [ 301.044479][ T7049] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 301.050436][ T7049] RIP: 0033:0x7f5a7bf9c799 [ 301.055093][ T7049] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 301.074760][ T7049] RSP: 002b:00007f5a7ced2028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 301.083261][ T7049] RAX: ffffffffffffffda RBX: 00007f5a7c215fa0 RCX: 00007f5a7bf9c799 [ 301.091289][ T7049] RDX: 0000000000000094 RSI: 0000200000000400 RDI: 0000000000000005 [ 301.099490][ T7049] RBP: 00007f5a7ced2090 R08: 0000000000000000 R09: 0000000000000000 [ 301.107519][ T7049] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 301.116153][ T7049] R13: 00007f5a7c216038 R14: 00007f5a7c215fa0 R15: 00007fff79e0e7b8 [ 301.124279][ T7049] [ 301.130049][ T4278] Bluetooth: hci4: command 0x0405 tx timeout [ 301.290921][ T7053] 8021q: adding VLAN 0 to HW filter on device bond0 [ 301.371640][ T7053] bond0: (slave rose0): Enslaving as an active interface with an up link [ 301.436627][ T5558] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 301.788556][ T7066] netlink: 8 bytes leftover after parsing attributes in process `syz.1.672'. [ 302.087227][ T7072] netlink: 'syz.1.674': attribute type 10 has an invalid length. [ 302.218177][ T7072] team0: Port device dummy0 added [ 302.240671][ T7074] netlink: 'syz.1.674': attribute type 10 has an invalid length. [ 302.267442][ T7074] team0: Failed to send port change of device dummy0 via netlink (err -105) [ 302.334251][ T7074] team0: Failed to send options change via netlink (err -105) [ 302.362679][ T7074] team0: Failed to send port change of device dummy0 via netlink (err -105) [ 302.406721][ T7074] team0: Port device dummy0 removed [ 302.439421][ T7074] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 302.468817][ T7057] netlink: 'syz.0.668': attribute type 4 has an invalid length. [ 302.597034][ T7082] loop4: detected capacity change from 0 to 512 [ 302.687814][ T7082] EXT4-fs: Ignoring removed bh option [ 302.732804][ T7082] EXT4-fs: inline encryption not supported [ 302.804604][ T7082] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended [ 302.982406][ T7082] EXT4-fs warning (device loop4): ext4_update_dynamic_rev:1086: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 304.270064][ T7082] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.675: bg 0: block 248: padding at end of block bitmap is not set [ 304.382531][ T7082] Quota error (device loop4): write_blk: dquota write failed [ 304.420023][ T7082] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota [ 304.447645][ T7082] EXT4-fs error (device loop4): ext4_acquire_dquot:6835: comm syz.4.675: Failed to acquire dquot type 1 [ 304.506699][ T7101] loop1: detected capacity change from 0 to 128 [ 304.607898][ T7082] EXT4-fs (loop4): 1 truncate cleaned up [ 304.638846][ T7082] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 304.815444][ T7101] syz.1.678: attempt to access beyond end of device [ 304.815444][ T7101] loop1: rw=2049, sector=138, nr_sectors = 32 limit=128 [ 304.951899][ T4267] EXT4-fs (loop4): unmounting filesystem. [ 304.960187][ T5558] Quota error (device loop4): do_check_range: Getting block 0 out of range 1-5 [ 305.013666][ T5558] EXT4-fs error (device loop4): ext4_release_dquot:6871: comm kworker/u4:15: Failed to release dquot type 1 [ 306.121176][ T7143] loop4: detected capacity change from 0 to 2048 [ 306.195389][ T7143] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 306.218356][ T7143] ext4 filesystem being mounted at /118/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 306.666304][ T7156] loop0: detected capacity change from 0 to 1024 [ 306.700997][ T7156] EXT4-fs: inline encryption not supported [ 306.716002][ T7156] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 306.799071][ T7156] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 306.979453][ T7165] loop2: detected capacity change from 0 to 1764 [ 307.038728][ T14] Process accounting resumed [ 307.097624][ T7156] EXT4-fs (loop0): unmounting filesystem. [ 307.137348][ T4267] EXT4-fs (loop4): unmounting filesystem. [ 307.147481][ T7165] loop2: detected capacity change from 0 to 1024 [ 307.206573][ T7171] loop1: detected capacity change from 0 to 512 [ 307.207542][ T7165] EXT4-fs: Ignoring removed orlov option [ 307.273270][ T7171] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended [ 307.409363][ T7171] EXT4-fs warning (device loop1): ext4_update_dynamic_rev:1086: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 307.452980][ T7165] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 307.482915][ T7171] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.700: bg 0: block 248: padding at end of block bitmap is not set [ 307.575725][ T7171] Quota error (device loop1): write_blk: dquota write failed [ 307.630026][ T7171] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota [ 307.650441][ T4280] EXT4-fs (loop2): unmounting filesystem. [ 307.660060][ T7171] EXT4-fs error (device loop1): ext4_acquire_dquot:6835: comm syz.1.700: Failed to acquire dquot type 1 [ 307.777923][ T7171] EXT4-fs (loop1): 1 truncate cleaned up [ 307.809904][ T7171] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 308.087066][ T4273] EXT4-fs (loop1): unmounting filesystem. [ 308.172984][ T7199] netlink: 4 bytes leftover after parsing attributes in process `syz.4.708'. [ 308.210438][ T7199] IPv6: Can't replace route, no match found [ 308.406179][ T7208] netlink: 168 bytes leftover after parsing attributes in process `syz.3.712'. [ 308.778900][ T7221] loop2: detected capacity change from 0 to 512 [ 309.827035][ T7226] netlink: 16 bytes leftover after parsing attributes in process `syz.1.718'. [ 309.951921][ T7226] device gtp0 entered promiscuous mode [ 309.962501][ T7259] IPv6: ADDRCONF(NETDEV_CHANGE): netdevsim0: link becomes ready [ 310.015320][ T7259] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 310.458604][ T7280] netlink: 32 bytes leftover after parsing attributes in process `syz.3.736'. [ 310.596996][ T11] bond0: (slave bond_slave_0): interface is now down [ 310.614951][ T11] bond0: (slave bond_slave_1): interface is now down [ 310.632940][ T7284] netlink: 'syz.2.738': attribute type 10 has an invalid length. [ 310.643538][ T4682] bond0: (slave bond_slave_0): interface is now down [ 310.662987][ T4682] bond0: (slave bond_slave_1): interface is now down [ 310.680625][ T7284] device syz_tun entered promiscuous mode [ 310.692804][ T6208] bond0: (slave bond_slave_0): interface is now down [ 310.711355][ T6208] bond0: (slave bond_slave_1): interface is now down [ 310.736986][ T7284] bond0: (slave syz_tun): Enslaving as an active interface with an up link [ 310.752068][ T5558] bond0: (slave bond_slave_0): interface is now down [ 310.789629][ T5558] bond0: (slave bond_slave_1): interface is now down [ 310.829143][ T5558] bond0: (slave syz_tun): interface is now down [ 310.851856][ T6208] bond0: (slave bond_slave_0): interface is now down [ 310.889657][ T6208] bond0: (slave bond_slave_1): interface is now down [ 310.914484][ T6208] bond0: (slave syz_tun): interface is now down [ 310.948348][ T6208] bond0: now running without any active interface! [ 311.407639][ T7311] loop3: detected capacity change from 0 to 764 [ 311.432031][ T7311] Symlink component flag not implemented [ 311.447687][ T7311] Symlink component flag not implemented [ 311.485352][ T7311] Symlink component flag not implemented (129) [ 311.502296][ T7311] Symlink component flag not implemented (6) [ 311.528858][ T7315] netlink: 8 bytes leftover after parsing attributes in process `syz.2.752'. [ 311.572022][ T7315] 8021q: adding VLAN 0 to HW filter on device bond1 [ 311.731693][ T27] audit: type=1326 audit(1773047930.295:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7320 comm="syz.2.755" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcefdf9c799 code=0x7ffc0000 [ 311.799967][ T27] audit: type=1326 audit(1773047930.325:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7320 comm="syz.2.755" exe="/root/syz-executor" sig=0 arch=c000003e syscall=106 compat=0 ip=0x7fcefdf9c799 code=0x7ffc0000 [ 311.900494][ T27] audit: type=1326 audit(1773047930.325:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7320 comm="syz.2.755" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcefdf9c799 code=0x7ffc0000 [ 311.984048][ T7326] device geneve2 entered promiscuous mode [ 312.168330][ T7332] tipc: Can't bind to reserved service type 1 [ 312.389891][ T4278] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 312.452684][ T7346] netlink: 28 bytes leftover after parsing attributes in process `syz.3.766'. [ 312.515514][ T7346] netlink: 'syz.3.766': attribute type 7 has an invalid length. [ 312.545714][ T7346] netlink: 4 bytes leftover after parsing attributes in process `syz.3.766'. [ 312.686091][ T27] audit: type=1326 audit(1773047931.245:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7344 comm="syz.2.767" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fcefdf9c799 code=0x0 [ 312.715420][ T7353] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 313.660408][ T7386] netlink: 20 bytes leftover after parsing attributes in process `syz.1.783'. [ 314.258943][ T7397] loop4: detected capacity change from 0 to 4096 [ 314.361260][ T7397] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 314.645569][ T4267] EXT4-fs (loop4): unmounting filesystem. [ 316.003677][ T27] audit: type=1326 audit(1773047934.565:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7451 comm="syz.0.811" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5fa9f9c799 code=0x7ffc0000 [ 316.063435][ T7452] netlink: 4 bytes leftover after parsing attributes in process `syz.0.811'. [ 316.103316][ T27] audit: type=1326 audit(1773047934.565:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7451 comm="syz.0.811" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5fa9f9c799 code=0x7ffc0000 [ 316.178656][ T27] audit: type=1326 audit(1773047934.625:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7451 comm="syz.0.811" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f5fa9f9c799 code=0x7ffc0000 [ 316.277320][ T27] audit: type=1326 audit(1773047934.625:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7451 comm="syz.0.811" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5fa9f9c799 code=0x7ffc0000 [ 316.385467][ T27] audit: type=1326 audit(1773047934.625:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7451 comm="syz.0.811" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5fa9f9c799 code=0x7ffc0000 [ 316.525236][ T27] audit: type=1326 audit(1773047934.625:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7451 comm="syz.0.811" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f5fa9f9e007 code=0x7ffc0000 [ 316.641889][ T7464] netlink: 'syz.3.816': attribute type 1 has an invalid length. [ 316.723611][ T7464] bond2: (slave vxcan3): The slave device specified does not support setting the MAC address [ 316.834191][ T7464] bond2: (slave vxcan3): Error -95 calling set_mac_address [ 316.935324][ T7472] netlink: 12 bytes leftover after parsing attributes in process `syz.3.816'. [ 317.012324][ T7472] 8021q: adding VLAN 0 to HW filter on device bond2 [ 317.074807][ T7478] netlink: 12 bytes leftover after parsing attributes in process `syz.1.823'. [ 317.089922][ T7464] bond2: (slave gretap1): making interface the new active one [ 317.145791][ T7464] bond2: (slave gretap1): Enslaving as an active interface with an up link [ 317.179138][ T7472] device macvlan2 entered promiscuous mode [ 317.199675][ T7472] device bond2 entered promiscuous mode [ 317.216600][ T7472] device gretap1 entered promiscuous mode [ 317.226237][ T7472] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 317.245713][ T7472] bond2: (slave macvlan2): the slave hw address is in use by the bond; giving it the hw address of gretap1 [ 317.265115][ T7472] device bond2 left promiscuous mode [ 317.273701][ T7472] device gretap1 left promiscuous mode [ 317.354386][ T1267] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.360916][ T1267] ieee802154 phy1 wpan1: encryption failed: -22 [ 317.403520][ T4682] IPv6: ADDRCONF(NETDEV_CHANGE): bond2: link becomes ready [ 317.983635][ T7493] netlink: 4 bytes leftover after parsing attributes in process `syz.4.830'. [ 319.108051][ T7517] netlink: 'syz.1.839': attribute type 10 has an invalid length. [ 319.152408][ T7517] netlink: 32 bytes leftover after parsing attributes in process `syz.1.839'. [ 319.249707][ T7522] loop1: detected capacity change from 0 to 1024 [ 319.321079][ T7522] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 319.332675][ T7522] ext4 filesystem being mounted at /175/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 319.425846][ T4273] EXT4-fs (loop1): unmounting filesystem. [ 319.672597][ T7543] device hsr0 entered promiscuous mode [ 319.678894][ T7543] device macsec1 entered promiscuous mode [ 319.846497][ T7551] loop4: detected capacity change from 0 to 1024 [ 319.970893][ T7551] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 320.020027][ T7551] ext4 filesystem being mounted at /148/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 320.129872][ T7556] random: crng reseeded on system resumption [ 320.965575][ T7551] EXT4-fs error (device loop4): ext4_map_blocks:745: inode #15: comm syz.4.849: lblock 0 mapped to illegal pblock 0 (length 5) [ 321.129933][ T7551] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 5 with error 117 [ 321.182773][ T7551] EXT4-fs (loop4): This should not happen!! Data will be lost [ 321.182773][ T7551] [ 321.394656][ T4267] EXT4-fs (loop4): unmounting filesystem. [ 321.883711][ T7593] device macvtap1 entered promiscuous mode [ 321.905368][ T7593] device batadv0 entered promiscuous mode [ 321.923068][ T7596] netlink: 12 bytes leftover after parsing attributes in process `syz.3.864'. [ 322.036460][ T7593] 8021q: adding VLAN 0 to HW filter on device macvtap1 [ 322.115824][ T7593] team0: Device macvtap1 failed to register rx_handler [ 322.204245][ T7593] device batadv0 left promiscuous mode [ 323.423307][ T7615] device syzkaller0 entered promiscuous mode [ 324.487598][ T7637] loop1: detected capacity change from 0 to 1024 [ 324.648504][ T7643] loop2: detected capacity change from 0 to 128 [ 324.745765][ T7643] syz.2.880: attempt to access beyond end of device [ 324.745765][ T7643] loop2: rw=3, sector=138, nr_sectors = 6 limit=128 [ 324.807196][ T7643] syz.2.880: attempt to access beyond end of device [ 324.807196][ T7643] loop2: rw=2051, sector=144, nr_sectors = 106 limit=128 [ 325.264948][ T7657] loop2: detected capacity change from 0 to 512 [ 325.377272][ T7657] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 325.391222][ T7657] ext4 filesystem being mounted at /192/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 325.515392][ T27] kauditd_printk_skb: 17 callbacks suppressed [ 325.515408][ T27] audit: type=1800 audit(1773047944.075:89): pid=7657 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.886" name="file1" dev="loop2" ino=15 res=0 errno=0 [ 325.638549][ T4280] EXT4-fs (loop2): unmounting filesystem. [ 325.979571][ T7670] loop2: detected capacity change from 0 to 128 [ 326.011041][ T7670] FAT-fs (loop2): Unrecognized mount option "utf=1" or missing value [ 330.179917][ T7646] netlink: 8 bytes leftover after parsing attributes in process `syz.1.881'. [ 330.363426][ T7696] netlink: 8 bytes leftover after parsing attributes in process `syz.1.899'. [ 330.376739][ T7696] IPv6: ADDRCONF(NETDEV_CHANGE): gre1: link becomes ready [ 330.505150][ T7694] loop4: detected capacity change from 0 to 4096 [ 330.594456][ T7699] loop2: detected capacity change from 0 to 1024 [ 330.602413][ T7694] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 330.617503][ T7699] EXT4-fs: Ignoring removed orlov option [ 330.633264][ T7694] netlink: 68 bytes leftover after parsing attributes in process `syz.4.898'. [ 330.728719][ T7699] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 331.071789][ T4280] EXT4-fs (loop2): unmounting filesystem. [ 331.124057][ T7720] autofs4:pid:7720:autofs_fill_super: called with bogus options [ 331.740145][ T4267] EXT4-fs (loop4): unmounting filesystem. [ 334.183817][ T7833] loop1: detected capacity change from 0 to 512 [ 334.280120][ T7833] EXT4-fs (loop1): external journal device major/minor numbers have changed [ 334.441094][ T7833] block device autoloading is deprecated and will be removed. [ 334.459632][ T7833] EXT4-fs (loop1): couldn't read superblock of external journal [ 334.563170][ T7825] bridge0: port 2(bridge_slave_1) entered disabled state [ 334.570898][ T7825] bridge0: port 1(bridge_slave_0) entered disabled state [ 334.601161][ T7833] usb usb1: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 334.613612][ T7833] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 334.816044][ T7839] loop2: detected capacity change from 0 to 4096 [ 334.867211][ T7839] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 335.700579][ T4280] EXT4-fs (loop2): unmounting filesystem. [ 335.908202][ T7825] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 335.965770][ T7825] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 336.463209][ T7825] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 336.472974][ T7825] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 336.483773][ T7825] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 336.493927][ T7825] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 336.919178][ T7852] netlink: 328 bytes leftover after parsing attributes in process `syz.2.933'. [ 336.934412][ T7850] loop4: detected capacity change from 0 to 1024 [ 337.074119][ T7850] Quota error (device loop4): find_tree_dqentry: Cycle in quota tree detected: block 4 index 0 [ 337.089814][ T7850] Quota error (device loop4): qtree_read_dquot: Can't read quota structure for id 0 [ 337.100961][ T7850] EXT4-fs error (device loop4): ext4_acquire_dquot:6835: comm syz.4.931: Failed to acquire dquot type 0 [ 337.150925][ T7850] EXT4-fs (loop4): 1 truncate cleaned up [ 337.163279][ T7850] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 337.247169][ T7850] Quota error (device loop4): find_tree_dqentry: Cycle in quota tree detected: block 4 index 0 [ 337.292397][ T7850] Quota error (device loop4): qtree_read_dquot: Can't read quota structure for id 0 [ 337.322089][ T7850] EXT4-fs error (device loop4): ext4_acquire_dquot:6835: comm syz.4.931: Failed to acquire dquot type 0 [ 337.691885][ T4267] EXT4-fs (loop4): unmounting filesystem. [ 339.249234][ T7865] loop2: detected capacity change from 0 to 32768 [ 339.327349][ T7865] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 339.367396][ T7865] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm [ 339.386982][ T7865] BTRFS info (device loop2): force clearing of disk cache [ 339.425431][ T7865] BTRFS info (device loop2): metadata ratio 0 [ 339.449937][ T7865] BTRFS info (device loop2): enabling ssd optimizations [ 339.479987][ T7865] BTRFS info (device loop2): using spread ssd allocation scheme [ 339.535422][ T7865] BTRFS info (device loop2): using free space tree [ 339.610536][ T7867] loop3: detected capacity change from 0 to 32768 [ 339.880850][ T7865] BTRFS info (device loop2): rebuilding free space tree [ 340.196893][ T7707] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop3 scanned by udevd (7707) [ 340.236279][ T7912] loop1: detected capacity change from 0 to 1024 [ 340.345815][ T4280] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 340.459408][ T7912] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 341.108413][ T7932] device syzkaller0 entered promiscuous mode [ 341.132441][ T7932] 0: reclassify loop, rule prio 0, protocol 700 [ 341.230445][ T4273] EXT4-fs (loop1): unmounting filesystem. [ 341.446316][ T7942] netlink: 8 bytes leftover after parsing attributes in process `syz.2.961'. [ 342.024562][ T27] audit: type=1326 audit(1773047960.585:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7962 comm="syz.3.968" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65f0d9c799 code=0x7ffc0000 [ 342.094402][ T27] audit: type=1326 audit(1773047960.625:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7962 comm="syz.3.968" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65f0d9c799 code=0x7ffc0000 [ 342.218414][ T27] audit: type=1326 audit(1773047960.625:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7962 comm="syz.3.968" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65f0d9c799 code=0x7ffc0000 [ 342.296907][ T7970] autofs4:pid:7970:autofs_fill_super: called with bogus options [ 342.317133][ T7971] netlink: 8 bytes leftover after parsing attributes in process `syz.2.971'. [ 342.339902][ T27] audit: type=1326 audit(1773047960.625:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7962 comm="syz.3.968" exe="/root/syz-executor" sig=0 arch=c000003e syscall=430 compat=0 ip=0x7f65f0d9c799 code=0x7ffc0000 [ 342.375713][ T7971] netlink: 4 bytes leftover after parsing attributes in process `syz.2.971'. [ 342.393600][ T27] audit: type=1326 audit(1773047960.625:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7962 comm="syz.3.968" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65f0d9c799 code=0x7ffc0000 [ 342.417575][ T27] audit: type=1326 audit(1773047960.625:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7962 comm="syz.3.968" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65f0d9c799 code=0x7ffc0000 [ 342.419713][ T7971] netlink: 'syz.2.971': attribute type 11 has an invalid length. [ 342.440127][ T7971] netlink: 'syz.2.971': attribute type 12 has an invalid length. [ 342.459802][ T27] audit: type=1326 audit(1773047960.625:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7962 comm="syz.3.968" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65f0d9c799 code=0x7ffc0000 [ 342.487206][ T27] audit: type=1326 audit(1773047960.625:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7962 comm="syz.3.968" exe="/root/syz-executor" sig=0 arch=c000003e syscall=431 compat=0 ip=0x7f65f0d9c799 code=0x7ffc0000 [ 342.522460][ T27] audit: type=1326 audit(1773047960.625:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7962 comm="syz.3.968" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65f0d9c799 code=0x7ffc0000 [ 342.597173][ T27] audit: type=1326 audit(1773047960.625:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7962 comm="syz.3.968" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65f0d9c799 code=0x7ffc0000 [ 342.699330][ T27] audit: type=1326 audit(1773047960.625:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7962 comm="syz.3.968" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65f0d9c799 code=0x7ffc0000 [ 342.805736][ T7986] netlink: 60 bytes leftover after parsing attributes in process `syz.4.976'. [ 342.879205][ T7986] bridge2: trying to set multicast query interval below minimum, setting to 100 (1000ms) [ 342.915406][ T7986] device bridge2 entered promiscuous mode [ 342.975436][ T7993] autofs4:pid:7993:autofs_fill_super: called with bogus options [ 342.988684][ T7988] loop2: detected capacity change from 0 to 4096 [ 343.026417][ T7988] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 343.184647][ T4280] EXT4-fs (loop2): unmounting filesystem. [ 343.567427][ T8008] loop3: detected capacity change from 0 to 512 [ 343.582931][ T8009] netlink: 'syz.2.987': attribute type 1 has an invalid length. [ 343.601049][ T8008] /dev/loop3: Can't open blockdev [ 343.650054][ T8009] 8021q: adding VLAN 0 to HW filter on device bond2 [ 343.671714][ T8013] netlink: 28 bytes leftover after parsing attributes in process `syz.2.987'. [ 343.855493][ T8009] bond2: (slave dummy0): making interface the new active one [ 343.937476][ T8009] bond2: (slave dummy0): Enslaving as an active interface with an up link [ 343.988200][ T8013] loop2: detected capacity change from 0 to 1024 [ 344.015766][ T8012] loop4: detected capacity change from 0 to 8192 [ 344.080664][ T8013] hfsplus: request for non-existent node 3 in B*Tree [ 344.099867][ T5622] IPv6: ADDRCONF(NETDEV_CHANGE): bond2: link becomes ready [ 344.125522][ T8013] hfsplus: request for non-existent node 3 in B*Tree [ 344.347424][ T8009] loop2: detected capacity change from 0 to 16 [ 344.383897][ T8009] erofs: Unknown parameter '0177777777777777777777701777777777777777777777' [ 345.205914][ T8048] loop4: detected capacity change from 0 to 512 [ 345.278428][ T8048] EXT4-fs (loop4): 1 truncate cleaned up [ 345.291886][ T8048] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 345.418657][ T8052] 9pnet_fd: Insufficient options for proto=fd [ 345.621736][ T4267] EXT4-fs (loop4): unmounting filesystem. [ 346.136155][ T8075] loop1: detected capacity change from 0 to 512 [ 346.184010][ T8075] EXT4-fs: Ignoring removed nomblk_io_submit option [ 346.351792][ T7779] Bluetooth: hci5: Frame reassembly failed (-84) [ 346.365698][ T8075] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 346.424309][ T8075] ext4 filesystem being mounted at /207/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 346.502075][ T8075] EXT4-fs error (device loop1): ext4_acquire_dquot:6835: comm syz.1.1011: Failed to acquire dquot type 1 [ 346.711763][ T4273] EXT4-fs (loop1): unmounting filesystem. [ 347.065642][ T8102] loop1: detected capacity change from 0 to 512 [ 347.585745][ T8102] EXT4-fs error (device loop1): ext4_orphan_get:1404: comm syz.1.1016: couldn't read orphan inode 26 (err -116) [ 347.870020][ T8102] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 347.920851][ T8102] ext4 filesystem being mounted at /208/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 348.039344][ T4273] EXT4-fs (loop1): unmounting filesystem. [ 348.259955][ T8117] loop3: detected capacity change from 0 to 512 [ 348.290597][ T8117] /dev/loop3: Can't open blockdev [ 348.310121][ T4284] Bluetooth: hci6: Opcode 0x1003 failed: -110 [ 348.320677][ T4281] Bluetooth: hci5: command 0x1003 tx timeout [ 348.327295][ T4278] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 348.897517][ T8128] loop1: detected capacity change from 0 to 1024 [ 349.019399][ T8128] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 349.227694][ T4273] EXT4-fs (loop1): unmounting filesystem. [ 349.242122][ T8141] loop3: detected capacity change from 0 to 512 [ 349.292839][ T8141] /dev/loop3: Can't open blockdev [ 349.318877][ T8143] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1032'. [ 350.394478][ T8187] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1048'. [ 350.683005][ T8198] loop1: detected capacity change from 0 to 128 [ 351.208596][ T8206] loop4: detected capacity change from 0 to 512 [ 351.235441][ T8206] FAT-fs (loop4): IO charset utfѾ¹Éh$Û‚‰œ#wî•w9Á‹C= Yæ’³t ¤•áÁEÅ’&y3‹_òÀ©„@¥rRh¢BÀ&5dùˆÓÁxpOêø¤ß‚upˆ‚êš@HÆäX¡ð[ƒòæ›–[ò²â°î7VGø†¥1‰˜ yª{´îþvŽìX±œõªñ)P1uô&-÷@=õ6 not found [ 351.676250][ T8221] netlink: 164 bytes leftover after parsing attributes in process `syz.3.1062'. [ 352.445824][ T8251] xt_hashlimit: size too large, truncated to 1048576 [ 352.525989][ T8253] ªªªªª»: renamed from vxcan1 [ 353.327802][ T8273] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1085'. [ 353.352181][ T8275] (unnamed net_device) (uninitialized): option packets_per_slave: mode dependency failed, not supported in mode active-backup(1) [ 353.890458][ T8282] loop3: detected capacity change from 0 to 8192 [ 355.770038][ T4422] usb 2-1: new high-speed USB device number 18 using dummy_hcd [ 356.006852][ T4422] usb 2-1: device descriptor read/all, error -71 [ 356.696245][ T8302] netlink: 4595 bytes leftover after parsing attributes in process `syz.4.1097'. [ 357.145878][ T8311] device syzkaller0 entered promiscuous mode [ 361.923068][ T8359] loop3: detected capacity change from 0 to 1764 [ 362.043671][ T8364] device syzkaller0 entered promiscuous mode [ 362.245626][ T8373] loop4: detected capacity change from 0 to 512 [ 362.285995][ T8373] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended [ 362.363931][ T8373] EXT4-fs warning (device loop4): ext4_update_dynamic_rev:1086: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 362.437960][ T8373] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.1128: bg 0: block 248: padding at end of block bitmap is not set [ 362.476956][ T8373] __quota_error: 61 callbacks suppressed [ 362.476980][ T8373] Quota error (device loop4): write_blk: dquota write failed [ 362.492075][ T8373] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota [ 362.502950][ T8373] EXT4-fs error (device loop4): ext4_acquire_dquot:6835: comm syz.4.1128: Failed to acquire dquot type 1 [ 362.531377][ T8373] EXT4-fs (loop4): 1 truncate cleaned up [ 362.537151][ T8373] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 362.613195][ T8384] loop3: detected capacity change from 0 to 256 [ 362.665708][ T8384] FAT-fs (loop3): bogus number of FAT sectors [ 362.680254][ T8384] FAT-fs (loop3): Can't find a valid FAT filesystem [ 362.761366][ T4267] EXT4-fs (loop4): unmounting filesystem. [ 362.785164][ T4676] Quota error (device loop4): do_check_range: Getting block 0 out of range 1-5 [ 362.814086][ T4676] EXT4-fs error (device loop4): ext4_release_dquot:6871: comm kworker/u4:8: Failed to release dquot type 1 [ 363.147896][ T8398] loop1: detected capacity change from 0 to 512 [ 363.226568][ T8398] EXT4-fs: Ignoring removed bh option [ 363.270235][ T8398] EXT4-fs: inline encryption not supported [ 363.297661][ T8402] loop4: detected capacity change from 0 to 736 [ 363.353708][ T8398] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended [ 363.503113][ T8409] autofs4:pid:8409:autofs_fill_super: called with bogus options [ 363.707916][ T8398] EXT4-fs warning (device loop1): ext4_update_dynamic_rev:1086: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 363.816881][ T8398] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.1137: bg 0: block 248: padding at end of block bitmap is not set [ 363.881527][ T8398] Quota error (device loop1): write_blk: dquota write failed [ 363.892986][ T8398] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota [ 363.933984][ T8398] EXT4-fs error (device loop1): ext4_acquire_dquot:6835: comm syz.1.1137: Failed to acquire dquot type 1 [ 363.961861][ T8398] EXT4-fs (loop1): 1 truncate cleaned up [ 363.967649][ T8398] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 364.196853][ T4273] EXT4-fs (loop1): unmounting filesystem. [ 364.227259][ T8432] netlink: 'syz.2.1151': attribute type 11 has an invalid length. [ 364.498271][ T8440] loop3: detected capacity change from 0 to 512 [ 364.514595][ T8440] /dev/loop3: Can't open blockdev [ 364.520599][ T8437] loop4: detected capacity change from 0 to 1024 [ 364.535438][ T8437] EXT4-fs: Ignoring removed nobh option [ 364.565659][ T8441] IPv6: addrconf: prefix option has invalid lifetime [ 364.587449][ T8437] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 364.687574][ T8437] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 364.772744][ T27] audit: type=1800 audit(1773047983.335:160): pid=8437 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1155" name="file1" dev="loop4" ino=15 res=0 errno=0 [ 364.794825][ T8437] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1111: group 0, block bitmap and bg descriptor inconsistent: 25 vs 1305 free clusters [ 364.869276][ T8437] EXT4-fs warning (device loop4): ext4_expand_extra_isize_ea:2800: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 364.983136][ T8452] loop1: detected capacity change from 0 to 4096 [ 365.079573][ T8452] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 365.099021][ T4267] EXT4-fs (loop4): unmounting filesystem. [ 365.271999][ T8464] loop4: detected capacity change from 0 to 128 [ 365.282561][ T8461] loop3: detected capacity change from 0 to 512 [ 365.337408][ T8461] /dev/loop3: Can't open blockdev [ 365.360263][ T4273] EXT4-fs (loop1): unmounting filesystem. [ 366.122879][ T8482] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 366.134309][ T8482] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (27642!=20869) [ 366.174016][ T8482] JBD2: no valid journal superblock found [ 366.180448][ T8482] EXT4-fs (loop1): error loading journal [ 367.193912][ T8494] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100) [ 367.202976][ T8494] FAT-fs (loop4): Filesystem has been set read-only [ 367.209830][ T8494] syz.4.1162: attempt to access beyond end of device [ 367.209830][ T8494] loop4: rw=524288, sector=2065, nr_sectors = 8 limit=128 [ 367.224390][ T8494] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100) [ 367.244982][ T8494] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100) [ 367.258202][ T27] audit: type=1800 audit(1773047985.735:161): pid=8494 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1162" name="file2" dev="loop4" ino=1048610 res=0 errno=0 [ 367.548279][ T8495] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100) [ 367.557008][ T8495] syz.4.1162: attempt to access beyond end of device [ 367.557008][ T8495] loop4: rw=524288, sector=2065, nr_sectors = 8 limit=128 [ 367.572911][ T8495] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100) [ 367.581083][ T8495] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100) [ 368.421828][ T8508] set_capacity_and_notify: 2 callbacks suppressed [ 368.421846][ T8508] loop3: detected capacity change from 0 to 32768 [ 368.436763][ T8508] /dev/loop3: Can't open blockdev [ 368.486396][ T8517] netlink: 88 bytes leftover after parsing attributes in process `syz.0.1182'. [ 369.905733][ T27] audit: type=1326 audit(1773047988.465:162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8535 comm="syz.4.1190" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f5a7bf9c799 code=0x0 [ 370.860143][ T8556] loop1: detected capacity change from 0 to 4096 [ 370.909051][ T8556] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 370.964418][ T27] audit: type=1800 audit(1773047989.525:163): pid=8556 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1198" name="file0" dev="loop1" ino=13 res=0 errno=0 [ 371.409657][ T4273] EXT4-fs (loop1): unmounting filesystem. [ 372.390282][ T8611] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1220'. [ 372.758881][ T8627] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1227'. [ 373.029174][ T8633] loop1: detected capacity change from 0 to 512 [ 373.110153][ T8637] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1231'. [ 373.168711][ T8633] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 373.189034][ T8633] ext4 filesystem being mounted at /247/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 373.522934][ T4273] EXT4-fs (loop1): unmounting filesystem. [ 374.219659][ T8682] netlink: 168 bytes leftover after parsing attributes in process `syz.4.1248'. [ 375.327680][ T8702] random: crng reseeded on system resumption [ 375.407281][ T8706] loop1: detected capacity change from 0 to 512 [ 375.437556][ T8706] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem [ 375.524512][ T8706] EXT4-fs error (device loop1): ext4_validate_block_bitmap:429: comm syz.1.1255: bg 0: block 104: invalid block bitmap [ 375.651544][ T8706] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6179: Corrupt filesystem [ 375.701610][ T8706] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #11: comm syz.1.1255: invalid indirect mapped block 1 (level 1) [ 375.758440][ T8706] EXT4-fs (loop1): 1 truncate cleaned up [ 375.774835][ T8706] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 376.013650][ T4273] EXT4-fs (loop1): unmounting filesystem. [ 377.272295][ T8722] loop1: detected capacity change from 0 to 764 [ 377.306490][ T8722] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 377.565915][ T8731] loop1: detected capacity change from 0 to 512 [ 377.639368][ T8731] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 377.669669][ T8733] loop3: detected capacity change from 0 to 1024 [ 377.720847][ T8733] EXT4-fs: inline encryption not supported [ 377.726816][ T8733] EXT4-fs: Ignoring removed nobh option [ 377.762094][ T8731] EXT4-fs error (device loop1): ext4_orphan_get:1399: inode #15: comm syz.1.1267: iget: bad i_size value: 38620345925642 [ 377.800091][ T8733] /dev/loop3: Can't open blockdev [ 377.818167][ T8733] Invalid option length (316) for dns_resolver key [ 377.837686][ T8731] EXT4-fs (loop1): Remounting filesystem read-only [ 377.858645][ T8731] EXT4-fs error (device loop1): ext4_orphan_get:1404: comm syz.1.1267: couldn't read orphan inode 15 (err -117) [ 377.916025][ T8731] EXT4-fs (loop1): Remounting filesystem read-only [ 377.963017][ T8731] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 378.232814][ T4273] EXT4-fs (loop1): unmounting filesystem. [ 378.573700][ T8746] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 378.642537][ T8746] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 378.731040][ T8746] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 378.797759][ T1267] ieee802154 phy1 wpan1: encryption failed: -22 [ 378.865064][ T8746] device netdevsim0 left promiscuous mode [ 379.517067][ T8768] loop1: detected capacity change from 0 to 512 [ 379.598740][ T8770] loop4: detected capacity change from 0 to 1024 [ 379.624304][ T8770] EXT4-fs: Ignoring removed orlov option [ 379.639994][ T8770] EXT4-fs: Ignoring removed nobh option [ 379.662120][ T8768] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 379.697707][ T8768] ext4 filesystem being mounted at /259/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 379.714745][ T8770] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 380.039516][ T4273] EXT4-fs (loop1): unmounting filesystem. [ 380.090431][ T27] audit: type=1800 audit(1773047998.655:164): pid=8782 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1283" name="file1" dev="loop4" ino=15 res=0 errno=0 [ 380.550751][ T4267] EXT4-fs (loop4): unmounting filesystem. [ 381.398574][ T8809] loop3: detected capacity change from 0 to 1024 [ 381.423512][ T8809] /dev/loop3: Can't open blockdev [ 382.067757][ T8827] device syzkaller0 entered promiscuous mode [ 383.266600][ T8865] bridge0: port 2(bridge_slave_1) entered disabled state [ 383.274094][ T8865] bridge0: port 1(bridge_slave_0) entered disabled state [ 383.928598][ T8884] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1328'. [ 384.604078][ T8910] tipc: Cannot configure node identity twice [ 384.610017][ T8909] cgroup: none used incorrectly [ 385.375405][ T8937] loop2: detected capacity change from 0 to 1024 [ 385.456940][ T8937] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 385.521531][ T8941] device syzkaller0 entered promiscuous mode [ 385.616083][ T8941] 0: reclassify loop, rule prio 0, protocol 800 [ 385.806236][ T4280] EXT4-fs (loop2): unmounting filesystem. [ 386.161989][ T8964] usb usb8: usbfs: interface 0 claimed by hub while 'syz.2.1364' resets device [ 386.581000][ T8981] loop2: detected capacity change from 0 to 1024 [ 386.616166][ T8981] EXT4-fs: inline encryption not supported [ 386.638324][ T8981] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 386.730331][ T8981] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 386.939291][ T8981] IPVS: rr: FWM 3 0x00000003 - no destination available [ 386.981019][ T8981] IPVS: set_ctl: invalid protocol: 135 255.255.255.255:20003 [ 387.042643][ T8992] tipc: Started in network mode [ 387.047618][ T8992] tipc: Node identity f2d259361ab, cluster identity 4711 [ 387.064165][ T8992] tipc: Enabled bearer , priority 0 [ 387.079333][ T8992] device syzkaller0 entered promiscuous mode [ 387.147176][ T8992] tipc: Resetting bearer [ 387.178370][ T8991] tipc: Resetting bearer [ 387.251068][ T8991] tipc: Disabling bearer [ 387.300320][ T4280] EXT4-fs (loop2): unmounting filesystem. [ 387.488010][ T9006] loop2: detected capacity change from 0 to 512 [ 387.506163][ T9006] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 387.528276][ T9005] loop4: detected capacity change from 0 to 512 [ 387.544940][ T9006] EXT4-fs error (device loop2): ext4_validate_block_bitmap:420: comm syz.2.1380: bg 0: bad block bitmap checksum [ 387.620220][ T9012] loop3: detected capacity change from 0 to 512 [ 387.627614][ T9012] /dev/loop3: Can't open blockdev [ 387.643668][ T9005] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 387.676484][ T9005] ext4 filesystem being mounted at /245/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 387.691473][ T8358] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 387.735318][ T4280] EXT4-fs (loop2): unmounting filesystem. [ 387.829873][ T4278] Bluetooth: hci5: command 0x1003 tx timeout [ 387.830053][ T4284] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 387.849275][ T9005] Quota error (device loop4): write_blk: dquota write failed [ 387.875705][ T9005] Quota error (device loop4): qtree_write_dquot: Error -28 occurred while creating quota [ 387.936336][ T9005] EXT4-fs error (device loop4): ext4_acquire_dquot:6835: comm syz.4.1381: Failed to acquire dquot type 1 [ 388.065211][ T9005] EXT4-fs (loop4): Remounting filesystem read-only [ 388.208606][ T4267] EXT4-fs (loop4): unmounting filesystem. [ 388.579371][ T9033] loop1: detected capacity change from 0 to 736 [ 389.188255][ T9045] loop4: detected capacity change from 0 to 1024 [ 389.306051][ T9045] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 389.626880][ T4267] EXT4-fs (loop4): unmounting filesystem. [ 389.904533][ T9066] loop1: detected capacity change from 0 to 1024 [ 390.052041][ T9071] loop3: detected capacity change from 0 to 512 [ 390.100785][ T9071] /dev/loop3: Can't open blockdev [ 390.294233][ T9078] loop2: detected capacity change from 0 to 128 [ 390.329618][ T9078] EXT4-fs: Ignoring removed nomblk_io_submit option [ 390.375097][ T9074] IPVS: rr: FWM 3 0x00000003 - no destination available [ 390.406498][ T9078] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 390.435121][ T9078] ext4 filesystem being mounted at /283/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 390.553928][ T9086] loop1: detected capacity change from 0 to 1024 [ 390.607794][ T9086] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 390.856947][ T4280] EXT4-fs (loop2): unmounting filesystem. [ 390.996916][ T4273] EXT4-fs (loop1): unmounting filesystem. [ 391.140316][ T9104] bridge: RTM_NEWNEIGH with invalid ether address [ 391.365835][ T9110] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1420'. [ 391.539898][ T9112] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 391.568263][ T9112] ext4 filesystem being mounted at /285/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 391.815930][ T9121] set_capacity_and_notify: 1 callbacks suppressed [ 391.815949][ T9121] loop4: detected capacity change from 0 to 1024 [ 391.835187][ T9112] Quota error (device loop1): write_blk: dquota write failed [ 391.873708][ T9112] Quota error (device loop1): qtree_write_dquot: Error -28 occurred while creating quota [ 391.920017][ T9112] EXT4-fs error (device loop1): ext4_acquire_dquot:6835: comm syz.1.1422: Failed to acquire dquot type 1 [ 391.940794][ T9121] EXT4-fs: inline encryption not supported [ 391.959882][ T9121] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 391.971733][ T9112] EXT4-fs (loop1): Remounting filesystem read-only [ 392.571960][ T9121] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 392.703265][ T4273] EXT4-fs (loop1): unmounting filesystem. [ 392.777164][ T4267] EXT4-fs (loop4): unmounting filesystem. [ 393.024762][ T7766] bond0: (slave bond_slave_0): link status definitely up, 10000 Mbps full duplex [ 393.127033][ T7766] bond0: (slave bond_slave_1): link status definitely up, 10000 Mbps full duplex [ 393.192939][ T7766] bond0: (slave syz_tun): link status definitely up, 10 Mbps full duplex [ 393.250268][ T7766] bond0: active interface up! [ 393.499893][ T9152] netlink: 52 bytes leftover after parsing attributes in process `syz.4.1436'. [ 394.297725][ T9152] bridge0: port 2(bridge_slave_1) entered disabled state [ 394.305345][ T9152] bridge0: port 1(bridge_slave_0) entered disabled state [ 394.452108][ T9160] loop2: detected capacity change from 0 to 512 [ 394.697418][ T9160] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 394.729979][ T9160] ext4 filesystem being mounted at /290/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 394.977894][ T9178] loop3: detected capacity change from 0 to 1024 [ 395.018331][ T9178] EXT4-fs: Ignoring removed orlov option [ 395.065982][ T9178] /dev/loop3: Can't open blockdev [ 395.136300][ T4280] EXT4-fs (loop2): unmounting filesystem. [ 395.852782][ T9181] tipc: Started in network mode [ 395.857855][ T9181] tipc: Node identity ee515c05d913, cluster identity 4711 [ 395.905345][ T9181] tipc: Enabled bearer , priority 0 [ 396.048318][ T9180] tipc: Disabling bearer [ 397.936725][ T9228] IPVS: rr: FWM 3 0x00000003 - no destination available [ 397.968871][ T9234] tipc: Invalid UDP bearer configuration [ 397.968919][ T9234] tipc: Enabling of bearer rejected, failed to enable media [ 397.975015][ T9231] loop2: detected capacity change from 0 to 512 [ 398.106662][ T9231] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 398.164389][ T9231] ext4 filesystem being mounted at /294/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 398.516416][ T4280] EXT4-fs (loop2): unmounting filesystem. [ 399.034656][ T9268] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1480'. [ 399.056314][ T9267] loop1: detected capacity change from 0 to 1024 [ 399.092163][ T9267] EXT4-fs: inline encryption not supported [ 399.182652][ T9267] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 399.980804][ T9267] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 400.178461][ T9267] IPVS: lblcr: FWM 3 0x00000003 - no destination available [ 400.194078][ T9281] loop4: detected capacity change from 0 to 1024 [ 400.306565][ T9281] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 400.380314][ T4273] EXT4-fs (loop1): unmounting filesystem. [ 400.451112][ T9292] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 400.520436][ T9292] bond1: (slave dummy0): Releasing active interface [ 400.549487][ T4267] EXT4-fs (loop4): unmounting filesystem. [ 400.592897][ T9292] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 400.616132][ T9292] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 400.671301][ T9292] device bridge_slave_0 left promiscuous mode [ 400.708608][ T9292] bridge0: port 1(bridge_slave_0) entered disabled state [ 400.811928][ T9292] device bridge_slave_1 left promiscuous mode [ 400.821511][ T9292] bridge0: port 2(bridge_slave_1) entered disabled state [ 400.895533][ T9292] bond0: (slave bond_slave_0): Releasing backup interface [ 401.055890][ T9292] bond0: (slave bond_slave_1): Releasing backup interface [ 401.456739][ T9292] team0: Port device team_slave_0 removed [ 401.539177][ T9292] team0: Port device team_slave_1 removed [ 401.572564][ T9292] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 401.581058][ T9292] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 401.613793][ T9292] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 401.625161][ T9292] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 401.661319][ T9292] bond2: (slave gretap1): Releasing active interface [ 402.067955][ T9325] loop2: detected capacity change from 0 to 1024 [ 402.101792][ T9325] EXT4-fs: inline encryption not supported [ 402.133386][ T9325] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 402.257266][ T9325] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 402.533050][ T9325] IPVS: rr: FWM 3 0x00000003 - no destination available [ 402.891347][ T4280] EXT4-fs (loop2): unmounting filesystem. [ 404.836211][ T9365] loop1: detected capacity change from 0 to 128 [ 404.876233][ T9365] FAT-fs (loop1): Unrecognized mount option "utf=1" or missing value [ 404.920689][ T9362] IPVS: rr: FWM 3 0x00000003 - no destination available [ 405.099638][ T9370] loop3: detected capacity change from 0 to 1024 [ 405.125133][ T9370] /dev/loop3: Can't open blockdev [ 405.282213][ T9376] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1520'. [ 406.943884][ T9404] loop4: detected capacity change from 0 to 1024 [ 406.990804][ T9404] EXT4-fs: inline encryption not supported [ 407.087423][ T9404] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 407.155355][ T9410] loop2: detected capacity change from 0 to 1024 [ 407.238838][ T9404] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 407.343771][ T9404] IPVS: rr: FWM 3 0x00000003 - no destination available [ 407.377111][ T9410] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 407.502321][ T4267] EXT4-fs (loop4): unmounting filesystem. [ 407.798977][ T4280] EXT4-fs (loop2): unmounting filesystem. [ 408.016149][ T9442] loop1: detected capacity change from 0 to 512 [ 408.064612][ T9442] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 408.095276][ T9442] ext4 filesystem being mounted at /306/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 408.307021][ T4273] EXT4-fs (loop1): unmounting filesystem. [ 408.525591][ T9449] loop2: detected capacity change from 0 to 8192 [ 408.757697][ T9449] device syzkaller1 entered promiscuous mode [ 409.735402][ T9474] loop3: detected capacity change from 0 to 1024 [ 409.843586][ T9474] /dev/loop3: Can't open blockdev [ 410.285905][ T9488] device syzkaller0 entered promiscuous mode [ 410.952019][ T9503] IPVS: rr: FWM 3 0x00000003 - no destination available [ 411.794071][ T9514] netlink: 128 bytes leftover after parsing attributes in process `syz.3.1571'. [ 411.853039][ T9514] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check. [ 412.446699][ T9535] device syzkaller0 entered promiscuous mode [ 412.463924][ T9537] loop2: detected capacity change from 0 to 1024 [ 412.712299][ T9537] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 413.446897][ T9551] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1585'. [ 413.552138][ T4280] EXT4-fs (loop2): unmounting filesystem. [ 413.557253][ T9551] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1585'. [ 414.219351][ T9575] loop4: detected capacity change from 0 to 1024 [ 414.287515][ T9575] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 414.438879][ T4267] EXT4-fs (loop4): unmounting filesystem. [ 414.585123][ T9592] loop4: detected capacity change from 0 to 512 [ 414.624015][ T9592] EXT4-fs: Ignoring removed nomblk_io_submit option [ 414.717019][ T9592] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 414.736555][ T9592] ext4 filesystem being mounted at /291/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 414.858440][ T9592] Quota error (device loop4): find_tree_dqentry: Cycle in quota tree detected: block 4 index 0 [ 414.884224][ T9599] loop3: detected capacity change from 0 to 8192 [ 414.894749][ T9592] Quota error (device loop4): qtree_read_dquot: Can't read quota structure for id 0 [ 414.909470][ T9592] EXT4-fs error (device loop4): ext4_acquire_dquot:6835: comm syz.4.1602: Failed to acquire dquot type 1 [ 414.961303][ T9599] device syzkaller1 entered promiscuous mode [ 415.071493][ T4267] EXT4-fs (loop4): unmounting filesystem. [ 415.915943][ T9632] loop3: detected capacity change from 0 to 512 [ 415.945446][ T9632] /dev/loop3: Can't open blockdev [ 416.200483][ T4676] Bluetooth: hci5: Frame reassembly failed (-84) [ 416.240258][ T27] audit: type=1326 audit(1773048034.805:165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9646 comm="syz.1.1628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb673b9c799 code=0x7ffc0000 [ 416.298845][ T27] audit: type=1326 audit(1773048034.805:166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9646 comm="syz.1.1628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb673b9c799 code=0x7ffc0000 [ 416.381231][ T27] audit: type=1326 audit(1773048034.805:167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9646 comm="syz.1.1628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fb673b9c799 code=0x7ffc0000 [ 416.407475][ T9647] loop1: detected capacity change from 0 to 8192 [ 416.442370][ T27] audit: type=1326 audit(1773048034.805:168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9646 comm="syz.1.1628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fb673b9c502 code=0x7ffc0000 [ 416.495642][ T27] audit: type=1326 audit(1773048034.845:169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9646 comm="syz.1.1628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fb673b5cfce code=0x7ffc0000 [ 416.607003][ T27] audit: type=1326 audit(1773048034.945:170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9646 comm="syz.1.1628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7fb673b9c5c7 code=0x7ffc0000 [ 416.719759][ T27] audit: type=1326 audit(1773048034.965:171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9646 comm="syz.1.1628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fb673b5cfce code=0x7ffc0000 [ 416.820126][ T27] audit: type=1326 audit(1773048034.965:172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9646 comm="syz.1.1628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fb673b9c42b code=0x7ffc0000 [ 418.229887][ T4278] Bluetooth: hci5: command 0x1003 tx timeout [ 418.250009][ T4284] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 418.668865][ T9726] loop2: detected capacity change from 0 to 512 [ 418.726606][ T9726] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e002e028, mo2=0002] [ 418.739896][ T9726] System zones: 0-2, 18-18, 34-34 [ 418.845881][ T9726] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1111: group 0, block bitmap and bg descriptor inconsistent: 42 vs 41 free clusters [ 418.868749][ T9735] loop3: detected capacity change from 0 to 1024 [ 418.919813][ T9726] EXT4-fs (loop2): Remounting filesystem read-only [ 418.934250][ T9735] EXT4-fs: inline encryption not supported [ 418.960780][ T9735] /dev/loop3: Can't open blockdev [ 418.985083][ T9726] EXT4-fs error (device loop2): ext4_do_update_inode:5272: inode #16: comm syz.2.1660: corrupted inode contents [ 419.040430][ T9726] EXT4-fs (loop2): Remounting filesystem read-only [ 419.049868][ T9726] EXT4-fs error (device loop2): ext4_dirty_inode:6137: inode #16: comm syz.2.1660: mark_inode_dirty error [ 419.095479][ T9726] EXT4-fs (loop2): Remounting filesystem read-only [ 419.123882][ T9726] EXT4-fs error (device loop2): ext4_do_update_inode:5272: inode #16: comm syz.2.1660: corrupted inode contents [ 419.206130][ T9726] EXT4-fs (loop2): Remounting filesystem read-only [ 419.215296][ T9726] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #16: comm syz.2.1660: mark_inode_dirty error [ 419.247519][ T9726] EXT4-fs (loop2): Remounting filesystem read-only [ 419.282633][ T9726] EXT4-fs error (device loop2): ext4_do_update_inode:5272: inode #16: comm syz.2.1660: corrupted inode contents [ 419.315736][ T9726] EXT4-fs (loop2): Remounting filesystem read-only [ 419.341837][ T9726] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #16: comm syz.2.1660: mark_inode_dirty error [ 419.393375][ T9726] EXT4-fs (loop2): Remounting filesystem read-only [ 419.423961][ T9726] EXT4-fs error (device loop2): ext4_do_update_inode:5272: inode #16: comm syz.2.1660: corrupted inode contents [ 419.497160][ T9726] EXT4-fs (loop2): Remounting filesystem read-only [ 419.518912][ T9726] EXT4-fs error (device loop2) in ext4_orphan_del:303: Corrupt filesystem [ 419.545280][ T9726] EXT4-fs (loop2): Remounting filesystem read-only [ 419.563819][ T9726] EXT4-fs error (device loop2): ext4_do_update_inode:5272: inode #16: comm syz.2.1660: corrupted inode contents [ 419.580351][ T9726] EXT4-fs (loop2): Remounting filesystem read-only [ 419.616444][ T9726] EXT4-fs error (device loop2): ext4_truncate:4318: inode #16: comm syz.2.1660: mark_inode_dirty error [ 419.669874][ T9726] EXT4-fs (loop2): Remounting filesystem read-only [ 419.694479][ T9726] EXT4-fs error (device loop2) in ext4_process_orphan:345: Corrupt filesystem [ 419.730928][ T9726] EXT4-fs (loop2): Remounting filesystem read-only [ 419.758203][ T9726] EXT4-fs (loop2): 1 truncate cleaned up [ 419.771197][ T7763] EXT4-fs error (device loop2): ext4_release_dquot:6871: comm kworker/u4:22: Failed to release dquot type 1 [ 419.793514][ T9726] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 419.813728][ T7763] EXT4-fs (loop2): Remounting filesystem read-only [ 419.842235][ T9726] ext4 filesystem being mounted at /327/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 420.139302][ T4280] EXT4-fs (loop2): unmounting filesystem. [ 420.152351][ T9760] device syzkaller0 entered promiscuous mode [ 420.271973][ T9765] loop4: detected capacity change from 0 to 512 [ 420.319184][ T9765] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 420.362820][ T9770] loop2: detected capacity change from 0 to 1024 [ 420.382965][ T9765] EXT4-fs (loop4): orphan file too big: 4294967295 [ 420.407131][ T9765] EXT4-fs (loop4): mount failed [ 420.464691][ T9770] EXT4-fs: inline encryption not supported [ 420.488232][ T9770] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 420.591944][ T9767] netlink: 'syz.3.1677': attribute type 1 has an invalid length. [ 420.601198][ T9770] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 420.830489][ T4280] EXT4-fs (loop2): unmounting filesystem. [ 421.146249][ T9787] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1681'. [ 421.259231][ T9787] bond0: (slave dummy0): Releasing backup interface [ 421.419003][ T9801] loop2: detected capacity change from 0 to 1024 [ 421.538754][ T9801] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 421.579418][ T9808] loop3: detected capacity change from 0 to 512 [ 421.601620][ T9808] /dev/loop3: Can't open blockdev [ 421.869418][ T4280] EXT4-fs (loop2): unmounting filesystem. [ 422.844868][ T9849] loop1: detected capacity change from 0 to 1024 [ 422.885547][ T9849] EXT4-fs: inline encryption not supported [ 422.910895][ T9849] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 422.989487][ T9849] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 423.081109][ T9849] IPVS: lblcr: FWM 3 0x00000003 - no destination available [ 423.174785][ T9863] loop4: detected capacity change from 0 to 512 [ 423.205344][ T9861] loop3: detected capacity change from 0 to 1024 [ 423.232617][ T9861] /dev/loop3: Can't open blockdev [ 423.257927][ T9863] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e002e028, mo2=0002] [ 423.274896][ T4273] EXT4-fs (loop1): unmounting filesystem. [ 423.331305][ T9863] System zones: 0-2, 18-18, 34-34 [ 423.422739][ T9863] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1111: group 0, block bitmap and bg descriptor inconsistent: 42 vs 41 free clusters [ 423.495204][ T9863] EXT4-fs (loop4): Remounting filesystem read-only [ 423.523812][ T9863] EXT4-fs error (device loop4): ext4_do_update_inode:5272: inode #16: comm syz.4.1705: corrupted inode contents [ 423.559411][ T9863] EXT4-fs (loop4): Remounting filesystem read-only [ 423.581029][ T9863] EXT4-fs error (device loop4): ext4_dirty_inode:6137: inode #16: comm syz.4.1705: mark_inode_dirty error [ 423.647825][ T9863] EXT4-fs (loop4): Remounting filesystem read-only [ 423.678584][ T9863] EXT4-fs error (device loop4): ext4_do_update_inode:5272: inode #16: comm syz.4.1705: corrupted inode contents [ 423.725381][ T9863] EXT4-fs (loop4): Remounting filesystem read-only [ 423.746089][ T9863] EXT4-fs error (device loop4): __ext4_ext_dirty:202: inode #16: comm syz.4.1705: mark_inode_dirty error [ 423.778984][ T9863] EXT4-fs (loop4): Remounting filesystem read-only [ 423.790063][ T9876] device syzkaller0 entered promiscuous mode [ 423.800001][ T9863] EXT4-fs error (device loop4): ext4_do_update_inode:5272: inode #16: comm syz.4.1705: corrupted inode contents [ 423.840018][ T9863] EXT4-fs (loop4): Remounting filesystem read-only [ 423.846740][ T9863] EXT4-fs error (device loop4): __ext4_ext_dirty:202: inode #16: comm syz.4.1705: mark_inode_dirty error [ 423.906542][ T9863] EXT4-fs (loop4): Remounting filesystem read-only [ 423.922370][ T9863] EXT4-fs error (device loop4): ext4_do_update_inode:5272: inode #16: comm syz.4.1705: corrupted inode contents [ 423.952326][ T9863] EXT4-fs (loop4): Remounting filesystem read-only [ 423.958962][ T9863] EXT4-fs error (device loop4) in ext4_orphan_del:303: Corrupt filesystem [ 423.995846][ T9863] EXT4-fs (loop4): Remounting filesystem read-only [ 424.011866][ T9863] EXT4-fs error (device loop4): ext4_do_update_inode:5272: inode #16: comm syz.4.1705: corrupted inode contents [ 424.056861][ T9863] EXT4-fs (loop4): Remounting filesystem read-only [ 424.072941][ T9863] EXT4-fs error (device loop4): ext4_truncate:4318: inode #16: comm syz.4.1705: mark_inode_dirty error [ 424.110487][ T9863] EXT4-fs (loop4): Remounting filesystem read-only [ 424.117547][ T9863] EXT4-fs error (device loop4) in ext4_process_orphan:345: Corrupt filesystem [ 424.159803][ T9863] EXT4-fs (loop4): Remounting filesystem read-only [ 424.180115][ T9863] EXT4-fs (loop4): 1 truncate cleaned up [ 424.185877][ T9863] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 424.211726][ T7763] __quota_error: 14 callbacks suppressed [ 424.211746][ T7763] Quota error (device loop4): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 424.220336][ T9863] ext4 filesystem being mounted at /311/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 424.243996][ T7763] EXT4-fs error (device loop4): ext4_release_dquot:6871: comm kworker/u4:22: Failed to release dquot type 1 [ 424.257591][ T7763] EXT4-fs (loop4): Remounting filesystem read-only [ 424.401403][ T4267] EXT4-fs (loop4): unmounting filesystem. [ 424.994127][ T9901] loop2: detected capacity change from 0 to 1024 [ 425.044500][ T9901] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 425.282904][ T4280] EXT4-fs (loop2): unmounting filesystem. [ 426.475534][ T9940] loop1: detected capacity change from 0 to 8192 [ 426.746241][ T9954] loop4: detected capacity change from 0 to 1024 [ 426.758694][ T9954] EXT4-fs: inline encryption not supported [ 426.765597][ T9956] netlink: 48 bytes leftover after parsing attributes in process `syz.0.1741'. [ 426.768701][ T9954] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 426.912091][ T9954] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 427.013874][ T9954] IPVS: rr: FWM 3 0x00000003 - no destination available [ 427.202533][ T4267] EXT4-fs (loop4): unmounting filesystem. [ 427.380773][ T9970] netlink: 'syz.3.1749': attribute type 10 has an invalid length. [ 427.480198][ T9970] team0: Device veth1_vlan failed to register rx_handler [ 427.646020][ T9983] loop2: detected capacity change from 0 to 1024 [ 427.818537][ T9983] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 428.040804][ T4280] EXT4-fs (loop2): unmounting filesystem. [ 428.458211][T10011] loop2: detected capacity change from 0 to 128 [ 428.902181][T10018] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100) [ 428.910377][T10018] FAT-fs (loop2): Filesystem has been set read-only [ 428.917193][T10018] syz.2.1761: attempt to access beyond end of device [ 428.917193][T10018] loop2: rw=524288, sector=2065, nr_sectors = 8 limit=128 [ 428.932041][T10018] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100) [ 428.940074][T10018] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100) [ 428.959126][ T27] audit: type=1800 audit(1773048047.455:186): pid=10018 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1761" name="file2" dev="loop2" ino=1048640 res=0 errno=0 [ 428.990613][T10019] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100) [ 428.998689][T10019] syz.2.1761: attempt to access beyond end of device [ 428.998689][T10019] loop2: rw=524288, sector=2065, nr_sectors = 8 limit=128 [ 429.012818][T10019] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100) [ 429.021086][T10019] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100) [ 429.039026][T10019] syz.2.1761: attempt to access beyond end of device [ 429.039026][T10019] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 429.054007][T10019] syz.2.1761: attempt to access beyond end of device [ 429.054007][T10019] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 429.073669][T10018] syz.2.1761: attempt to access beyond end of device [ 429.073669][T10018] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 429.087746][T10018] syz.2.1761: attempt to access beyond end of device [ 429.087746][T10018] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 429.101990][T10018] syz.2.1761: attempt to access beyond end of device [ 429.101990][T10018] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 429.116218][T10018] syz.2.1761: attempt to access beyond end of device [ 429.116218][T10018] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 429.130580][T10018] syz.2.1761: attempt to access beyond end of device [ 429.130580][T10018] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 429.144661][T10018] syz.2.1761: attempt to access beyond end of device [ 429.144661][T10018] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 429.744974][T10032] loop3: detected capacity change from 0 to 1024 [ 429.816634][T10032] /dev/loop3: Can't open blockdev [ 429.881014][ T8472] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 430.232734][T10048] loop1: detected capacity change from 0 to 512 [ 430.351019][T10048] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e002e028, mo2=0002] [ 430.360710][T10051] loop2: detected capacity change from 0 to 1024 [ 430.368152][T10051] EXT4-fs: inline encryption not supported [ 430.375198][T10051] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 430.418439][T10048] System zones: 0-2, 18-18, 34-34 [ 430.458046][T10048] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1111: group 0, block bitmap and bg descriptor inconsistent: 42 vs 41 free clusters [ 430.461340][T10051] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 430.484096][T10048] EXT4-fs (loop1): Remounting filesystem read-only [ 430.537471][T10048] EXT4-fs error (device loop1): ext4_do_update_inode:5272: inode #16: comm syz.1.1771: corrupted inode contents [ 430.566908][T10051] IPVS: rr: FWM 3 0x00000003 - no destination available [ 430.581768][T10048] EXT4-fs (loop1): Remounting filesystem read-only [ 430.655688][T10048] EXT4-fs error (device loop1): ext4_dirty_inode:6137: inode #16: comm syz.1.1771: mark_inode_dirty error [ 430.736488][T10048] EXT4-fs (loop1): Remounting filesystem read-only [ 430.763308][T10048] EXT4-fs error (device loop1): ext4_do_update_inode:5272: inode #16: comm syz.1.1771: corrupted inode contents [ 430.780008][ T4280] EXT4-fs (loop2): unmounting filesystem. [ 430.871899][T10048] EXT4-fs (loop1): Remounting filesystem read-only [ 430.878877][T10048] EXT4-fs error (device loop1): __ext4_ext_dirty:202: inode #16: comm syz.1.1771: mark_inode_dirty error [ 430.919811][T10048] EXT4-fs (loop1): Remounting filesystem read-only [ 430.951703][T10048] EXT4-fs error (device loop1): ext4_do_update_inode:5272: inode #16: comm syz.1.1771: corrupted inode contents [ 431.019868][T10048] EXT4-fs (loop1): Remounting filesystem read-only [ 431.030128][T10048] EXT4-fs error (device loop1): __ext4_ext_dirty:202: inode #16: comm syz.1.1771: mark_inode_dirty error [ 431.080086][T10048] EXT4-fs (loop1): Remounting filesystem read-only [ 431.117986][T10048] EXT4-fs error (device loop1): ext4_do_update_inode:5272: inode #16: comm syz.1.1771: corrupted inode contents [ 431.153382][T10048] EXT4-fs (loop1): Remounting filesystem read-only [ 431.179881][T10048] EXT4-fs error (device loop1) in ext4_orphan_del:303: Corrupt filesystem [ 431.210857][T10048] EXT4-fs (loop1): Remounting filesystem read-only [ 431.227880][T10048] EXT4-fs error (device loop1): ext4_do_update_inode:5272: inode #16: comm syz.1.1771: corrupted inode contents [ 431.261909][T10048] EXT4-fs (loop1): Remounting filesystem read-only [ 431.278795][T10048] EXT4-fs error (device loop1): ext4_truncate:4318: inode #16: comm syz.1.1771: mark_inode_dirty error [ 431.306699][T10048] EXT4-fs (loop1): Remounting filesystem read-only [ 431.326223][T10048] EXT4-fs error (device loop1) in ext4_process_orphan:345: Corrupt filesystem [ 431.362769][T10048] EXT4-fs (loop1): Remounting filesystem read-only [ 431.377861][T10048] EXT4-fs (loop1): 1 truncate cleaned up [ 431.386213][T10048] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 431.400487][ T7775] Quota error (device loop1): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 431.425285][T10048] ext4 filesystem being mounted at /347/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 431.440945][ T7775] EXT4-fs error (device loop1): ext4_release_dquot:6871: comm kworker/u4:26: Failed to release dquot type 1 [ 431.496271][ T7775] EXT4-fs (loop1): Remounting filesystem read-only [ 431.625677][ T4273] EXT4-fs (loop1): unmounting filesystem. [ 431.839216][T10080] loop3: detected capacity change from 0 to 8192 [ 431.888819][T10086] device syzkaller0 entered promiscuous mode [ 432.859331][T10108] device syzkaller0 entered promiscuous mode [ 433.065167][T10115] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1793'. [ 433.160460][T10120] loop4: detected capacity change from 0 to 512 [ 433.251798][T10120] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e002e028, mo2=0002] [ 433.299940][T10120] System zones: 0-2, 18-18, 34-34 [ 433.394324][T10120] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1111: group 0, block bitmap and bg descriptor inconsistent: 42 vs 41 free clusters [ 433.450411][T10120] EXT4-fs (loop4): Remounting filesystem read-only [ 433.479465][T10120] EXT4-fs error (device loop4): ext4_do_update_inode:5272: inode #16: comm syz.4.1796: corrupted inode contents [ 433.548815][T10120] EXT4-fs (loop4): Remounting filesystem read-only [ 433.569085][T10120] EXT4-fs error (device loop4): ext4_dirty_inode:6137: inode #16: comm syz.4.1796: mark_inode_dirty error [ 433.617470][T10120] EXT4-fs (loop4): Remounting filesystem read-only [ 433.629082][T10134] device syzkaller0 entered promiscuous mode [ 433.646533][T10120] EXT4-fs error (device loop4): ext4_do_update_inode:5272: inode #16: comm syz.4.1796: corrupted inode contents [ 433.680418][T10120] EXT4-fs (loop4): Remounting filesystem read-only [ 433.692186][T10120] EXT4-fs error (device loop4): __ext4_ext_dirty:202: inode #16: comm syz.4.1796: mark_inode_dirty error [ 433.745625][T10120] EXT4-fs (loop4): Remounting filesystem read-only [ 433.760103][T10120] EXT4-fs error (device loop4): ext4_do_update_inode:5272: inode #16: comm syz.4.1796: corrupted inode contents [ 433.808367][T10120] EXT4-fs (loop4): Remounting filesystem read-only [ 433.839354][T10120] EXT4-fs error (device loop4): __ext4_ext_dirty:202: inode #16: comm syz.4.1796: mark_inode_dirty error [ 433.889795][T10120] EXT4-fs (loop4): Remounting filesystem read-only [ 433.896515][T10120] EXT4-fs error (device loop4): ext4_do_update_inode:5272: inode #16: comm syz.4.1796: corrupted inode contents [ 433.950288][T10120] EXT4-fs (loop4): Remounting filesystem read-only [ 433.957174][T10120] EXT4-fs error (device loop4) in ext4_orphan_del:303: Corrupt filesystem [ 434.024680][T10120] EXT4-fs (loop4): Remounting filesystem read-only [ 434.039797][T10120] EXT4-fs error (device loop4): ext4_do_update_inode:5272: inode #16: comm syz.4.1796: corrupted inode contents [ 434.087862][T10120] EXT4-fs (loop4): Remounting filesystem read-only [ 434.099778][T10120] EXT4-fs error (device loop4): ext4_truncate:4318: inode #16: comm syz.4.1796: mark_inode_dirty error [ 434.143284][T10120] EXT4-fs (loop4): Remounting filesystem read-only [ 434.159754][T10120] EXT4-fs error (device loop4) in ext4_process_orphan:345: Corrupt filesystem [ 434.218893][T10120] EXT4-fs (loop4): Remounting filesystem read-only [ 434.226370][T10120] EXT4-fs (loop4): 1 truncate cleaned up [ 434.232772][T10120] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 434.248969][ T5622] Quota error (device loop4): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 434.262981][T10120] ext4 filesystem being mounted at /327/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 434.281334][ T5622] EXT4-fs error (device loop4): ext4_release_dquot:6871: comm kworker/u4:17: Failed to release dquot type 1 [ 434.317162][ T5622] EXT4-fs (loop4): Remounting filesystem read-only [ 434.508801][ T4267] EXT4-fs (loop4): unmounting filesystem. [ 434.545283][T10143] loop2: detected capacity change from 0 to 1764 [ 434.807752][T10148] loop4: detected capacity change from 0 to 1024 [ 434.840491][T10148] EXT4-fs: inline encryption not supported [ 434.868355][T10148] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 434.967244][T10148] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 435.265762][T10148] IPVS: rr: FWM 3 0x00000003 - no destination available [ 435.429157][ T4267] EXT4-fs (loop4): unmounting filesystem. [ 435.945090][T10182] loop2: detected capacity change from 0 to 512 [ 435.992703][T10181] loop4: detected capacity change from 0 to 1764 [ 436.039268][T10182] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e002e028, mo2=0002] [ 436.054465][T10182] System zones: 0-2, 18-18, 34-34 [ 436.138535][T10182] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1111: group 0, block bitmap and bg descriptor inconsistent: 42 vs 41 free clusters [ 436.235598][T10182] EXT4-fs (loop2): Remounting filesystem read-only [ 436.265223][T10182] EXT4-fs error (device loop2): ext4_do_update_inode:5272: inode #16: comm syz.2.1819: corrupted inode contents [ 436.288326][T10182] EXT4-fs (loop2): Remounting filesystem read-only [ 436.300098][T10182] EXT4-fs error (device loop2): ext4_dirty_inode:6137: inode #16: comm syz.2.1819: mark_inode_dirty error [ 436.349109][T10182] EXT4-fs (loop2): Remounting filesystem read-only [ 436.361120][T10182] EXT4-fs error (device loop2): ext4_do_update_inode:5272: inode #16: comm syz.2.1819: corrupted inode contents [ 436.397582][T10182] EXT4-fs (loop2): Remounting filesystem read-only [ 436.420412][T10182] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #16: comm syz.2.1819: mark_inode_dirty error [ 436.488175][T10182] EXT4-fs (loop2): Remounting filesystem read-only [ 436.540316][T10182] EXT4-fs error (device loop2): ext4_do_update_inode:5272: inode #16: comm syz.2.1819: corrupted inode contents [ 436.571835][T10182] EXT4-fs (loop2): Remounting filesystem read-only [ 436.588805][T10182] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #16: comm syz.2.1819: mark_inode_dirty error [ 436.619279][T10182] EXT4-fs (loop2): Remounting filesystem read-only [ 436.640322][T10189] loop3: detected capacity change from 0 to 1024 [ 436.647591][T10182] EXT4-fs error (device loop2): ext4_do_update_inode:5272: inode #16: comm syz.2.1819: corrupted inode contents [ 436.680764][T10189] /dev/loop3: Can't open blockdev [ 436.699056][T10182] EXT4-fs (loop2): Remounting filesystem read-only [ 436.717948][T10182] EXT4-fs error (device loop2) in ext4_orphan_del:303: Corrupt filesystem [ 436.758860][T10182] EXT4-fs (loop2): Remounting filesystem read-only [ 436.774348][T10182] EXT4-fs error (device loop2): ext4_do_update_inode:5272: inode #16: comm syz.2.1819: corrupted inode contents [ 436.833269][T10182] EXT4-fs (loop2): Remounting filesystem read-only [ 436.846378][T10182] EXT4-fs error (device loop2): ext4_truncate:4318: inode #16: comm syz.2.1819: mark_inode_dirty error [ 436.914843][T10182] EXT4-fs (loop2): Remounting filesystem read-only [ 436.935967][T10182] EXT4-fs error (device loop2) in ext4_process_orphan:345: Corrupt filesystem [ 436.968170][T10182] EXT4-fs (loop2): Remounting filesystem read-only [ 436.995291][T10182] EXT4-fs (loop2): 1 truncate cleaned up [ 437.011440][T10182] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 437.020533][ T9] Quota error (device loop2): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 437.049928][ T9] EXT4-fs error (device loop2): ext4_release_dquot:6871: comm kworker/u4:0: Failed to release dquot type 1 [ 437.061267][T10182] ext4 filesystem being mounted at /363/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 437.094533][ T9] EXT4-fs (loop2): Remounting filesystem read-only [ 437.307047][ T4280] EXT4-fs (loop2): unmounting filesystem. [ 437.313266][T10204] device syzkaller0 entered promiscuous mode [ 438.124902][T10228] loop1: detected capacity change from 0 to 1024 [ 438.147960][T10228] EXT4-fs: inline encryption not supported [ 438.215094][T10228] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 438.360716][T10228] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 438.413349][T10228] IPVS: lblcr: FWM 3 0x00000003 - no destination available [ 438.540818][ T4273] EXT4-fs (loop1): unmounting filesystem. [ 439.064343][T10261] loop3: detected capacity change from 0 to 128 [ 439.133269][ T8468] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 440.235790][ T1267] ieee802154 phy1 wpan1: encryption failed: -22 [ 440.803339][T10292] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1863'. [ 441.088798][T10300] loop3: detected capacity change from 0 to 128 [ 441.174271][ T8472] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 441.407454][T10306] loop1: detected capacity change from 0 to 1024 [ 441.435212][T10306] EXT4-fs: inline encryption not supported [ 441.973472][T10306] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 442.099373][T10306] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 442.250594][T10306] IPVS: lblcr: FWM 3 0x00000003 - no destination available [ 442.428111][ T4273] EXT4-fs (loop1): unmounting filesystem. [ 443.492587][T10350] loop1: detected capacity change from 0 to 512 [ 444.436595][T10350] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e002e028, mo2=0002] [ 444.461933][T10350] System zones: 0-2, 18-18, 34-34 [ 444.570176][T10350] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1111: group 0, block bitmap and bg descriptor inconsistent: 42 vs 41 free clusters [ 444.587731][T10365] loop2: detected capacity change from 0 to 128 [ 444.666323][T10350] EXT4-fs (loop1): Remounting filesystem read-only [ 444.669388][T10365] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 444.686236][T10350] EXT4-fs error (device loop1): ext4_do_update_inode:5272: inode #16: comm syz.1.1881: corrupted inode contents [ 444.705050][T10350] EXT4-fs (loop1): Remounting filesystem read-only [ 444.712956][T10350] EXT4-fs error (device loop1): ext4_dirty_inode:6137: inode #16: comm syz.1.1881: mark_inode_dirty error [ 444.727037][T10350] EXT4-fs (loop1): Remounting filesystem read-only [ 444.735309][T10350] EXT4-fs error (device loop1): ext4_do_update_inode:5272: inode #16: comm syz.1.1881: corrupted inode contents [ 444.755235][T10350] EXT4-fs (loop1): Remounting filesystem read-only [ 444.764393][T10350] EXT4-fs error (device loop1): __ext4_ext_dirty:202: inode #16: comm syz.1.1881: mark_inode_dirty error [ 444.776622][T10350] EXT4-fs (loop1): Remounting filesystem read-only [ 444.783568][T10350] EXT4-fs error (device loop1): ext4_do_update_inode:5272: inode #16: comm syz.1.1881: corrupted inode contents [ 444.784938][T10365] ext4 filesystem being mounted at /374/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 444.816579][T10350] EXT4-fs (loop1): Remounting filesystem read-only [ 444.829857][T10350] EXT4-fs error (device loop1): __ext4_ext_dirty:202: inode #16: comm syz.1.1881: mark_inode_dirty error [ 444.875007][T10350] EXT4-fs (loop1): Remounting filesystem read-only [ 444.920385][T10350] EXT4-fs error (device loop1): ext4_do_update_inode:5272: inode #16: comm syz.1.1881: corrupted inode contents [ 444.962514][T10350] EXT4-fs (loop1): Remounting filesystem read-only [ 444.998004][T10350] EXT4-fs error (device loop1) in ext4_orphan_del:303: Corrupt filesystem [ 445.035537][T10350] EXT4-fs (loop1): Remounting filesystem read-only [ 445.049844][T10350] EXT4-fs error (device loop1): ext4_do_update_inode:5272: inode #16: comm syz.1.1881: corrupted inode contents [ 445.106098][T10350] EXT4-fs (loop1): Remounting filesystem read-only [ 445.126554][T10350] EXT4-fs error (device loop1): ext4_truncate:4318: inode #16: comm syz.1.1881: mark_inode_dirty error [ 445.150567][ T4280] EXT4-fs (loop2): unmounting filesystem. [ 445.157226][T10350] EXT4-fs (loop1): Remounting filesystem read-only [ 445.170781][T10350] EXT4-fs error (device loop1) in ext4_process_orphan:345: Corrupt filesystem [ 445.212308][T10350] EXT4-fs (loop1): Remounting filesystem read-only [ 445.235109][T10350] EXT4-fs (loop1): 1 truncate cleaned up [ 445.248040][T10350] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 445.260687][ T7788] Quota error (device loop1): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 445.308629][T10350] ext4 filesystem being mounted at /364/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 445.331827][ T7788] EXT4-fs error (device loop1): ext4_release_dquot:6871: comm kworker/u4:31: Failed to release dquot type 1 [ 445.385637][ T7788] EXT4-fs (loop1): Remounting filesystem read-only [ 445.480952][ T4273] EXT4-fs (loop1): unmounting filesystem. [ 445.738378][T10390] loop3: detected capacity change from 0 to 1024 [ 445.771924][T10390] /dev/loop3: Can't open blockdev [ 445.921907][T10393] loop1: detected capacity change from 0 to 128 [ 447.377442][T10414] loop2: detected capacity change from 0 to 512 [ 447.484692][T10414] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e002e028, mo2=0002] [ 447.498107][T10414] System zones: 0-2, 18-18, 34-34 [ 447.557363][T10414] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1111: group 0, block bitmap and bg descriptor inconsistent: 42 vs 41 free clusters [ 447.629915][T10414] EXT4-fs (loop2): Remounting filesystem read-only [ 447.660307][T10414] EXT4-fs error (device loop2): ext4_do_update_inode:5272: inode #16: comm syz.2.1903: corrupted inode contents [ 447.753864][T10414] EXT4-fs (loop2): Remounting filesystem read-only [ 447.772692][T10414] EXT4-fs error (device loop2): ext4_dirty_inode:6137: inode #16: comm syz.2.1903: mark_inode_dirty error [ 447.786268][T10425] loop1: detected capacity change from 0 to 1024 [ 447.814535][T10414] EXT4-fs (loop2): Remounting filesystem read-only [ 447.840059][T10414] EXT4-fs error (device loop2): ext4_do_update_inode:5272: inode #16: comm syz.2.1903: corrupted inode contents [ 447.854367][T10425] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 447.883490][T10414] EXT4-fs (loop2): Remounting filesystem read-only [ 447.892727][T10414] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #16: comm syz.2.1903: mark_inode_dirty error [ 447.906570][T10414] EXT4-fs (loop2): Remounting filesystem read-only [ 447.913398][T10414] EXT4-fs error (device loop2): ext4_do_update_inode:5272: inode #16: comm syz.2.1903: corrupted inode contents [ 447.930931][T10414] EXT4-fs (loop2): Remounting filesystem read-only [ 447.942136][T10414] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #16: comm syz.2.1903: mark_inode_dirty error [ 447.962764][T10414] EXT4-fs (loop2): Remounting filesystem read-only [ 447.970220][T10414] EXT4-fs error (device loop2): ext4_do_update_inode:5272: inode #16: comm syz.2.1903: corrupted inode contents [ 448.034633][T10414] EXT4-fs (loop2): Remounting filesystem read-only [ 448.049788][T10414] EXT4-fs error (device loop2) in ext4_orphan_del:303: Corrupt filesystem [ 448.061895][T10414] EXT4-fs (loop2): Remounting filesystem read-only [ 448.074176][T10414] EXT4-fs error (device loop2): ext4_do_update_inode:5272: inode #16: comm syz.2.1903: corrupted inode contents [ 448.099871][T10414] EXT4-fs (loop2): Remounting filesystem read-only [ 448.120919][T10414] EXT4-fs error (device loop2): ext4_truncate:4318: inode #16: comm syz.2.1903: mark_inode_dirty error [ 448.157221][T10414] EXT4-fs (loop2): Remounting filesystem read-only [ 448.177220][ T4273] EXT4-fs (loop1): unmounting filesystem. [ 448.190188][T10414] EXT4-fs error (device loop2) in ext4_process_orphan:345: Corrupt filesystem [ 448.241137][T10414] EXT4-fs (loop2): Remounting filesystem read-only [ 448.262602][T10414] EXT4-fs (loop2): 1 truncate cleaned up [ 448.279654][T10414] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 448.280779][ T46] Quota error (device loop2): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 448.302407][T10414] ext4 filesystem being mounted at /379/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 448.341577][ T46] EXT4-fs error (device loop2): ext4_release_dquot:6871: comm kworker/u4:3: Failed to release dquot type 1 [ 448.394854][ T46] EXT4-fs (loop2): Remounting filesystem read-only [ 448.523804][ T4280] EXT4-fs (loop2): unmounting filesystem. [ 448.544257][T10439] loop1: detected capacity change from 0 to 512 [ 448.615643][T10439] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem [ 448.702722][T10439] EXT4-fs error (device loop1): mb_free_blocks:1824: group 0, inode 11: block 64:freeing already freed block (bit 63); block bitmap corrupt. [ 448.815128][T10439] EXT4-fs error (device loop1): ext4_do_update_inode:5272: inode #11: comm syz.1.1912: corrupted inode contents [ 448.828498][T10439] EXT4-fs error (device loop1): ext4_dirty_inode:6137: inode #11: comm syz.1.1912: mark_inode_dirty error [ 448.851325][T10439] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #11: comm syz.1.1912: invalid indirect mapped block 1 (level 1) [ 448.884397][T10439] EXT4-fs error (device loop1): ext4_do_update_inode:5272: inode #11: comm syz.1.1912: corrupted inode contents [ 448.944011][T10439] EXT4-fs error (device loop1) in ext4_orphan_del:303: Corrupt filesystem [ 448.962566][T10439] EXT4-fs error (device loop1): ext4_do_update_inode:5272: inode #11: comm syz.1.1912: corrupted inode contents [ 448.990821][T10439] EXT4-fs error (device loop1): ext4_truncate:4318: inode #11: comm syz.1.1912: mark_inode_dirty error [ 449.043239][T10439] EXT4-fs error (device loop1) in ext4_process_orphan:345: Corrupt filesystem [ 449.073248][T10439] EXT4-fs (loop1): 1 truncate cleaned up [ 449.121364][T10439] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 449.249498][T10454] loop4: detected capacity change from 0 to 128 [ 450.241026][ T4273] EXT4-fs (loop1): unmounting filesystem. [ 450.513625][T10468] device syzkaller1 entered promiscuous mode [ 450.796717][T10476] loop1: detected capacity change from 0 to 128 [ 450.965048][T10483] loop2: detected capacity change from 0 to 128 [ 451.990902][T10493] loop3: detected capacity change from 0 to 512 [ 452.254580][ T8472] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 452.976629][T10503] loop1: detected capacity change from 0 to 512 [ 452.991895][T10503] FAT-fs (loop1): IO charset utfѾ¹Éh$Û‚‰œ#wî•w9Á‹C= Yæ’³t ¤•áÁEÅ’&y3‹_òÀ©„@¥rRh¢BÀ&5dùˆÓÁxpOêø¤ß‚upˆ‚êš@HÆäX¡ð[ƒòæ›–[ò²â°î7VGø†¥1‰˜ yª{´îþvŽìX±œõªñ)P1uô&-÷@=õ6 not found [ 453.852308][ T8468] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 454.625031][T10526] loop1: detected capacity change from 0 to 128 [ 455.011563][T10535] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 455.019547][T10535] FAT-fs (loop1): Filesystem has been set read-only [ 455.026561][T10535] bio_check_eod: 504 callbacks suppressed [ 455.026596][T10535] syz.1.1942: attempt to access beyond end of device [ 455.026596][T10535] loop1: rw=524288, sector=2065, nr_sectors = 8 limit=128 [ 455.047714][T10535] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 455.065442][T10535] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 455.074565][ T27] audit: type=1800 audit(1773048073.565:187): pid=10535 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1942" name="file2" dev="loop1" ino=1048641 res=0 errno=0 [ 455.110099][T10536] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 455.118233][T10536] syz.1.1942: attempt to access beyond end of device [ 455.118233][T10536] loop1: rw=524288, sector=2065, nr_sectors = 8 limit=128 [ 455.134161][T10536] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 455.142103][T10536] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 455.152863][T10536] syz.1.1942: attempt to access beyond end of device [ 455.152863][T10536] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 455.166660][T10536] syz.1.1942: attempt to access beyond end of device [ 455.166660][T10536] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 455.181399][T10535] syz.1.1942: attempt to access beyond end of device [ 455.181399][T10535] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 455.196455][T10535] syz.1.1942: attempt to access beyond end of device [ 455.196455][T10535] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 455.211029][T10535] syz.1.1942: attempt to access beyond end of device [ 455.211029][T10535] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 455.225102][T10535] syz.1.1942: attempt to access beyond end of device [ 455.225102][T10535] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 455.239175][T10535] syz.1.1942: attempt to access beyond end of device [ 455.239175][T10535] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 455.253143][T10535] syz.1.1942: attempt to access beyond end of device [ 455.253143][T10535] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 456.887906][T10583] loop3: detected capacity change from 0 to 128 [ 458.322701][T10609] vcan0: tx drop: invalid sa for name 0x0000000000000001 [ 458.444719][T10615] loop2: detected capacity change from 0 to 512 [ 458.472943][T10615] EXT4-fs: inline encryption not supported [ 458.509997][T10615] EXT4-fs: EXT4-fs: inode_readahead_blks must be 0 or a power of 2 smaller than 2^31 [ 460.275815][T10662] loop3: detected capacity change from 0 to 256 [ 461.288725][T10680] loop3: detected capacity change from 0 to 128 [ 461.385623][T10680] /dev/loop3: Can't open blockdev [ 463.156396][T10725] device syzkaller0 entered promiscuous mode [ 463.329236][T10732] loop4: detected capacity change from 0 to 128 [ 463.366483][T10732] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 463.415341][T10732] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 463.510321][ T46] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 463.939531][T10745] device syzkaller0 entered promiscuous mode [ 465.514621][T10815] loop2: detected capacity change from 0 to 1024 [ 465.602583][T10815] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 465.701329][ T4280] EXT4-fs (loop2): unmounting filesystem. [ 466.009990][T10834] loop4: detected capacity change from 0 to 764 [ 466.182061][T10837] loop3: detected capacity change from 0 to 512 [ 467.570483][T10875] sctp: [Deprecated]: syz.0.2072 (pid 10875) Use of int in max_burst socket option deprecated. [ 467.570483][T10875] Use struct sctp_assoc_value instead [ 468.011723][T10883] usb usb8: usbfs: process 10883 (syz.2.2075) did not claim interface 0 before use [ 468.947327][T10915] loop1: detected capacity change from 0 to 1024 [ 469.138839][T10915] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 469.336165][ T4273] EXT4-fs (loop1): unmounting filesystem. [ 469.517748][T10933] loop3: detected capacity change from 0 to 1024 [ 469.544132][T10933] EXT4-fs: inline encryption not supported [ 469.556303][T10933] /dev/loop3: Can't open blockdev [ 469.648473][T10933] IPVS: rr: FWM 3 0x00000003 - no destination available [ 469.947825][T10951] loop3: detected capacity change from 0 to 512 [ 469.978818][T10951] /dev/loop3: Can't open blockdev [ 470.503488][T10965] loop4: detected capacity change from 0 to 512 [ 470.672449][T10965] EXT4-fs error (device loop4): ext4_orphan_get:1404: comm syz.4.2108: couldn't read orphan inode 26 (err -116) [ 470.724936][T10965] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 470.769632][T10965] ext4 filesystem being mounted at /370/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 470.992945][ T4267] EXT4-fs (loop4): unmounting filesystem. [ 471.195855][T10969] loop2: detected capacity change from 0 to 8192 [ 471.636723][T10998] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2120'. [ 471.682379][T10998] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2120'. [ 471.710868][T10998] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2120'. [ 471.752246][T10998] device syzkaller0 entered promiscuous mode [ 473.238841][T11048] IPVS: rr: FWM 3 0x00000003 - no destination available [ 473.330947][T11046] netlink: 104 bytes leftover after parsing attributes in process `syz.1.2139'. [ 474.359541][T11082] loop2: detected capacity change from 0 to 1024 [ 474.380501][T11082] EXT4-fs: inline encryption not supported [ 474.390062][T11082] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 474.460494][T11082] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 474.537361][T11082] IPVS: rr: FWM 3 0x00000003 - no destination available [ 474.740915][ T4280] EXT4-fs (loop2): unmounting filesystem. [ 474.823295][T11091] ptrace attach of "./syz-executor exec"[11094] was attempted by "./syz-executor exec"[11091] [ 475.031747][T11098] loop3: detected capacity change from 0 to 164 [ 475.109911][ T4278] Bluetooth: hci5: command 0x1003 tx timeout [ 475.119121][ T4284] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 475.249922][T11102] tap0: tun_chr_ioctl cmd 1074025677 [ 475.255702][T11102] tap0: linktype set to 805 [ 475.638864][T11107] syz.1.2164 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 477.117787][T11129] loop3: detected capacity change from 0 to 512 [ 477.126135][T11129] EXT4-fs: Ignoring removed nobh option [ 477.132416][T11129] /dev/loop3: Can't open blockdev [ 477.182459][ T8468] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 479.594251][ T27] audit: type=1326 audit(1773048098.155:188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11199 comm="syz.4.2191" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a7bf9c799 code=0x7ffc0000 [ 479.643583][T11200] loop2: detected capacity change from 0 to 1024 [ 479.666933][T11200] EXT4-fs: inline encryption not supported [ 479.707898][T11200] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 479.726470][ T27] audit: type=1326 audit(1773048098.185:189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11199 comm="syz.4.2191" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a7bf9c799 code=0x7ffc0000 [ 479.820879][ T27] audit: type=1326 audit(1773048098.195:190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11199 comm="syz.4.2191" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f5a7bf9c799 code=0x7ffc0000 [ 479.895559][T11200] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 480.010247][T11200] IPVS: rr: FWM 3 0x00000003 - no destination available [ 480.039864][ T27] audit: type=1326 audit(1773048098.195:191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11199 comm="syz.4.2191" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a7bf9c799 code=0x7ffc0000 [ 480.120118][ T27] audit: type=1326 audit(1773048098.195:192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11199 comm="syz.4.2191" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a7bf9c799 code=0x7ffc0000 [ 480.206986][ T27] audit: type=1326 audit(1773048098.195:193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11199 comm="syz.4.2191" exe="/root/syz-executor" sig=0 arch=c000003e syscall=283 compat=0 ip=0x7f5a7bf9c799 code=0x7ffc0000 [ 480.253453][ T4280] EXT4-fs (loop2): unmounting filesystem. [ 480.329883][ T27] audit: type=1326 audit(1773048098.195:194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11199 comm="syz.4.2191" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a7bf9c799 code=0x7ffc0000 [ 480.449851][ T27] audit: type=1326 audit(1773048098.195:195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11199 comm="syz.4.2191" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a7bf9c799 code=0x7ffc0000 [ 480.504484][ T4314] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 480.550952][ T4314] hid-generic 0000:0000:0000.0004: hidraw0: HID v0.00 Device [syz1] on syz0 [ 480.580046][ T27] audit: type=1326 audit(1773048098.205:196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11199 comm="syz.4.2191" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7f5a7bf9c799 code=0x7ffc0000 [ 480.652428][ T27] audit: type=1326 audit(1773048098.205:197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11199 comm="syz.4.2191" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f5a7bf9c502 code=0x7ffc0000 [ 480.953674][T11229] fido_id[11229]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 482.169151][T11251] loop2: detected capacity change from 0 to 1024 [ 482.277369][T11251] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 482.438765][T11262] loop3: detected capacity change from 0 to 2048 [ 482.446373][T11262] /dev/loop3: Can't open blockdev [ 482.511877][T11251] ================================================================== [ 482.520025][T11251] BUG: KASAN: out-of-bounds in ext4_xattr_set_entry+0x965/0x1e90 [ 482.527801][T11251] Read of size 18446744073709551588 at addr ffff888055560840 by task syz.2.2209/11251 [ 482.537392][T11251] [ 482.539753][T11251] CPU: 1 PID: 11251 Comm: syz.2.2209 Not tainted syzkaller #0 [ 482.547266][T11251] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 482.557378][T11251] Call Trace: [ 482.560711][T11251] [ 482.563679][T11251] dump_stack_lvl+0x188/0x24e [ 482.568483][T11251] ? __lock_acquire+0x7d10/0x7d10 [ 482.573603][T11251] ? show_regs_print_info+0x12/0x12 [ 482.578883][T11251] ? load_image+0x400/0x400 [ 482.583447][T11251] ? _raw_spin_lock_irqsave+0xbc/0x100 [ 482.588976][T11251] ? __virt_addr_valid+0x188/0x540 [ 482.594160][T11251] ? __virt_addr_valid+0x465/0x540 [ 482.599346][T11251] ? ext4_xattr_set_entry+0x965/0x1e90 [ 482.604873][T11251] print_report+0xa8/0x210 [ 482.609354][T11251] kasan_report+0x10b/0x140 [ 482.613932][T11251] ? ext4_xattr_set_entry+0x965/0x1e90 [ 482.619550][T11251] ? ext4_xattr_set_entry+0x965/0x1e90 [ 482.625102][T11251] kasan_check_range+0x235/0x290 [ 482.630199][T11251] ? ext4_xattr_set_entry+0x965/0x1e90 [ 482.635739][T11251] memmove+0x25/0x60 [ 482.639711][T11251] ext4_xattr_set_entry+0x965/0x1e90 [ 482.645076][T11251] ext4_xattr_block_set+0xae4/0x32b0 [ 482.650466][T11251] ? ext4_destroy_inode+0x200/0x200 [ 482.655734][T11251] ? proc_nr_inodes+0x2f0/0x2f0 [ 482.660663][T11251] ? _raw_spin_unlock+0x24/0x40 [ 482.665667][T11251] ? iput+0x768/0x980 [ 482.669717][T11251] ? ext4_xattr_block_find+0x2b0/0x2b0 [ 482.675340][T11251] ? ext4_xattr_ibody_set+0x509/0x690 [ 482.680790][T11251] ext4_xattr_set_handle+0x1338/0x1570 [ 482.686510][T11251] ? ext4_xattr_inode_free_quota+0x1b0/0x1b0 [ 482.692577][T11251] ext4_xattr_set+0x242/0x320 [ 482.697332][T11251] ? ext4_xattr_set_credits+0x290/0x290 [ 482.702945][T11251] ? posix_xattr_acl+0x8f/0xb0 [ 482.707783][T11251] ? evm_protect_xattr+0x333/0x9d0 [ 482.712967][T11251] ? ext4_xattr_trusted_get+0x40/0x40 [ 482.718485][T11251] __vfs_setxattr+0x3e0/0x420 [ 482.723254][T11251] __vfs_setxattr_noperm+0x129/0x5e0 [ 482.728615][T11251] vfs_setxattr+0x167/0x2e0 [ 482.733282][T11251] ? xattr_permission+0x500/0x500 [ 482.738382][T11251] ? _copy_from_user+0x10b/0x170 [ 482.743425][T11251] ? setxattr+0x2ce/0x360 [ 482.747916][T11251] setxattr+0x346/0x360 [ 482.752153][T11251] ? path_setxattr+0x290/0x290 [ 482.757098][T11251] ? __mnt_want_write+0x21f/0x2a0 [ 482.762378][T11251] path_setxattr+0x147/0x290 [ 482.767046][T11251] ? simple_xattr_list_add+0xf0/0xf0 [ 482.772406][T11251] ? lock_chain_count+0x20/0x20 [ 482.777355][T11251] __x64_sys_lsetxattr+0xb4/0xd0 [ 482.782373][T11251] do_syscall_64+0x4c/0xa0 [ 482.786950][T11251] ? clear_bhb_loop+0x60/0xb0 [ 482.791785][T11251] ? clear_bhb_loop+0x60/0xb0 [ 482.796539][T11251] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 482.802686][T11251] RIP: 0033:0x7fcefdf9c799 [ 482.807160][T11251] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 482.826831][T11251] RSP: 002b:00007fcefef16028 EFLAGS: 00000246 ORIG_RAX: 00000000000000bd [ 482.835529][T11251] RAX: ffffffffffffffda RBX: 00007fcefe215fa0 RCX: 00007fcefdf9c799 [ 482.843560][T11251] RDX: 0000200000000000 RSI: 0000200000000180 RDI: 00002000000001c0 [ 482.851765][T11251] RBP: 00007fcefe032bd9 R08: 0000000000000000 R09: 0000000000000000 [ 482.859885][T11251] R10: 0000000000000361 R11: 0000000000000246 R12: 0000000000000000 [ 482.867917][T11251] R13: 00007fcefe216038 R14: 00007fcefe215fa0 R15: 00007ffde5f4a5e8 [ 482.876042][T11251] [ 482.879105][T11251] [ 482.881521][T11251] Allocated by task 11251: [ 482.885989][T11251] kasan_set_track+0x4b/0x70 [ 482.890647][T11251] __kasan_kmalloc+0x8e/0xa0 [ 482.895305][T11251] __kmalloc_node_track_caller+0xae/0x230 [ 482.901097][T11251] kmemdup+0x27/0x60 [ 482.905057][T11251] ext4_xattr_block_set+0x9e6/0x32b0 [ 482.910409][T11251] ext4_xattr_set_handle+0x1338/0x1570 [ 482.915938][T11251] ext4_xattr_set+0x242/0x320 [ 482.920686][T11251] __vfs_setxattr+0x3e0/0x420 [ 482.925421][T11251] __vfs_setxattr_noperm+0x129/0x5e0 [ 482.930770][T11251] vfs_setxattr+0x167/0x2e0 [ 482.935328][T11251] setxattr+0x346/0x360 [ 482.939548][T11251] path_setxattr+0x147/0x290 [ 482.944373][T11251] __x64_sys_lsetxattr+0xb4/0xd0 [ 482.949543][T11251] do_syscall_64+0x4c/0xa0 [ 482.954032][T11251] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 482.960083][T11251] [ 482.962481][T11251] The buggy address belongs to the object at ffff888055560800 [ 482.962481][T11251] which belongs to the cache kmalloc-1k of size 1024 [ 482.976622][T11251] The buggy address is located 64 bytes inside of [ 482.976622][T11251] 1024-byte region [ffff888055560800, ffff888055560c00) [ 482.989944][T11251] [ 482.992309][T11251] The buggy address belongs to the physical page: [ 482.998773][T11251] page:ffffea0001555800 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x55560 [ 483.009071][T11251] head:ffffea0001555800 order:3 compound_mapcount:0 compound_pincount:0 [ 483.017535][T11251] flags: 0xfff00000010200(slab|head|node=0|zone=1|lastcpupid=0x7ff) [ 483.025678][T11251] raw: 00fff00000010200 dead000000000100 dead000000000122 ffff888017441dc0 [ 483.034445][T11251] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 483.043108][T11251] page dumped because: kasan: bad access detected [ 483.049665][T11251] page_owner tracks the page as allocated [ 483.055874][T11251] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x52a20(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 4317, tgid 4317 (kworker/0:5), ts 84713264492, free_ts 24877024152 [ 483.075291][T11251] post_alloc_hook+0x173/0x1a0 [ 483.080188][T11251] get_page_from_freelist+0x1a1e/0x1ab0 [ 483.085796][T11251] __alloc_pages+0x1ec/0x4f0 [ 483.090429][T11251] alloc_slab_page+0x5d/0x160 [ 483.095158][T11251] new_slab+0x87/0x2c0 [ 483.099342][T11251] ___slab_alloc+0xbc6/0x1240 [ 483.104087][T11251] __kmem_cache_alloc_node+0x1a0/0x260 [ 483.109581][T11251] __kmalloc+0xa0/0x240 [ 483.113803][T11251] ___neigh_create+0x6ce/0x24c0 [ 483.118710][T11251] ip6_finish_output2+0x1525/0x15d0 [ 483.123963][T11251] NF_HOOK+0x161/0x4a0 [ 483.128066][T11251] mld_sendpack+0x83b/0xdc0 [ 483.132618][T11251] mld_ifc_work+0x836/0xb40 [ 483.137148][T11251] process_one_work+0x8a2/0x1160 [ 483.142168][T11251] worker_thread+0xaa2/0x1270 [ 483.147065][T11251] kthread+0x29d/0x330 [ 483.151296][T11251] page last free stack trace: [ 483.155991][T11251] free_unref_page_prepare+0x8b4/0x9a0 [ 483.161568][T11251] free_unref_page+0x2e/0x3f0 [ 483.166272][T11251] free_contig_range+0x9d/0x150 [ 483.171285][T11251] destroy_args+0xf0/0xa0a [ 483.175743][T11251] debug_vm_pgtable+0x33c/0x38e [ 483.180722][T11251] do_one_initcall+0x26a/0x840 [ 483.185604][T11251] do_initcall_level+0x137/0x1e4 [ 483.190607][T11251] do_initcalls+0x4b/0x8a [ 483.195235][T11251] kernel_init_freeable+0x415/0x5be [ 483.200517][T11251] kernel_init+0x19/0x1b0 [ 483.204935][T11251] ret_from_fork+0x1f/0x30 [ 483.209421][T11251] [ 483.211866][T11251] Memory state around the buggy address: [ 483.217613][T11251] ffff888055560700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 483.225729][T11251] ffff888055560780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 483.234111][T11251] >ffff888055560800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 483.243098][T11251] ^ [ 483.249661][T11251] ffff888055560880: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 483.258476][T11251] ffff888055560900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 483.266774][T11251] ================================================================== [ 483.418394][T11251] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 483.425705][T11251] CPU: 0 PID: 11251 Comm: syz.2.2209 Not tainted syzkaller #0 [ 483.433296][T11251] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 483.443676][T11251] Call Trace: [ 483.447006][T11251] [ 483.449988][T11251] dump_stack_lvl+0x188/0x24e [ 483.454838][T11251] ? memcpy+0x3c/0x60 [ 483.458978][T11251] ? show_regs_print_info+0x12/0x12 [ 483.464441][T11251] ? load_image+0x400/0x400 [ 483.469124][T11251] panic+0x2e5/0x730 [ 483.473275][T11251] ? asm_sysvec_apic_timer_interrupt+0x16/0x20 [ 483.479579][T11251] ? bpf_jit_dump+0xd0/0xd0 [ 483.484144][T11251] ? _raw_spin_unlock_irqrestore+0x10d/0x120 [ 483.490297][T11251] ? _raw_spin_unlock+0x40/0x40 [ 483.495228][T11251] check_panic_on_warn+0x80/0xa0 [ 483.500315][T11251] ? ext4_xattr_set_entry+0x965/0x1e90 [ 483.505921][T11251] end_report+0x66/0x110 [ 483.510233][T11251] kasan_report+0x118/0x140 [ 483.514826][T11251] ? ext4_xattr_set_entry+0x965/0x1e90 [ 483.520446][T11251] ? ext4_xattr_set_entry+0x965/0x1e90 [ 483.525972][T11251] kasan_check_range+0x235/0x290 [ 483.530988][T11251] ? ext4_xattr_set_entry+0x965/0x1e90 [ 483.536532][T11251] memmove+0x25/0x60 [ 483.540474][T11251] ext4_xattr_set_entry+0x965/0x1e90 [ 483.545911][T11251] ext4_xattr_block_set+0xae4/0x32b0 [ 483.551258][T11251] ? ext4_destroy_inode+0x200/0x200 [ 483.556708][T11251] ? proc_nr_inodes+0x2f0/0x2f0 [ 483.561616][T11251] ? _raw_spin_unlock+0x24/0x40 [ 483.566520][T11251] ? iput+0x768/0x980 [ 483.570553][T11251] ? ext4_xattr_block_find+0x2b0/0x2b0 [ 483.576064][T11251] ? ext4_xattr_ibody_set+0x509/0x690 [ 483.581499][T11251] ext4_xattr_set_handle+0x1338/0x1570 [ 483.587041][T11251] ? ext4_xattr_inode_free_quota+0x1b0/0x1b0 [ 483.593101][T11251] ext4_xattr_set+0x242/0x320 [ 483.597849][T11251] ? ext4_xattr_set_credits+0x290/0x290 [ 483.603473][T11251] ? posix_xattr_acl+0x8f/0xb0 [ 483.608356][T11251] ? evm_protect_xattr+0x333/0x9d0 [ 483.613677][T11251] ? ext4_xattr_trusted_get+0x40/0x40 [ 483.619357][T11251] __vfs_setxattr+0x3e0/0x420 [ 483.624108][T11251] __vfs_setxattr_noperm+0x129/0x5e0 [ 483.629551][T11251] vfs_setxattr+0x167/0x2e0 [ 483.634151][T11251] ? xattr_permission+0x500/0x500 [ 483.639327][T11251] ? _copy_from_user+0x10b/0x170 [ 483.644383][T11251] ? setxattr+0x2ce/0x360 [ 483.648785][T11251] setxattr+0x346/0x360 [ 483.653354][T11251] ? path_setxattr+0x290/0x290 [ 483.658376][T11251] ? __mnt_want_write+0x21f/0x2a0 [ 483.663469][T11251] path_setxattr+0x147/0x290 [ 483.668150][T11251] ? simple_xattr_list_add+0xf0/0xf0 [ 483.673520][T11251] ? lock_chain_count+0x20/0x20 [ 483.678456][T11251] __x64_sys_lsetxattr+0xb4/0xd0 [ 483.683471][T11251] do_syscall_64+0x4c/0xa0 [ 483.687950][T11251] ? clear_bhb_loop+0x60/0xb0 [ 483.692682][T11251] ? clear_bhb_loop+0x60/0xb0 [ 483.697412][T11251] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 483.703448][T11251] RIP: 0033:0x7fcefdf9c799 [ 483.707908][T11251] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 483.727647][T11251] RSP: 002b:00007fcefef16028 EFLAGS: 00000246 ORIG_RAX: 00000000000000bd [ 483.736312][T11251] RAX: ffffffffffffffda RBX: 00007fcefe215fa0 RCX: 00007fcefdf9c799 [ 483.744506][T11251] RDX: 0000200000000000 RSI: 0000200000000180 RDI: 00002000000001c0 [ 483.752528][T11251] RBP: 00007fcefe032bd9 R08: 0000000000000000 R09: 0000000000000000 [ 483.760540][T11251] R10: 0000000000000361 R11: 0000000000000246 R12: 0000000000000000 [ 483.768740][T11251] R13: 00007fcefe216038 R14: 00007fcefe215fa0 R15: 00007ffde5f4a5e8 [ 483.776868][T11251] [ 483.780524][T11251] Kernel Offset: disabled [ 483.784868][T11251] Rebooting in 86400 seconds..