last executing test programs: 2m3.261033931s ago: executing program 1 (id=621): timer_create(0x0, &(0x7f0000000240)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=0x0) fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x1fc}) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) timer_settime(r0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0) r1 = shmget$private(0x0, 0x3000, 0x100, &(0x7f0000ffb000/0x3000)=nil) shmctl$IPC_RMID(r1, 0x0) 2m3.184073295s ago: executing program 1 (id=633): r0 = socket$inet6(0xa, 0x800000000000002, 0x0) setsockopt$inet6_udp_int(r0, 0x11, 0x67, &(0x7f0000000180)=0x7f, 0x4) socket$packet(0x11, 0x3, 0x300) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x2}, 0x1c) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @multicast1}}, 0x1c) write(r0, &(0x7f0000000300)="89ba41c97928dec7cec15a160d3dba2553b519a795020072aed129d4b5247c983455b3d757e8b2333a64d9abf416fd83f942661c47bcdf71f7d07ba20d03474a4a4bce636ea8d2b882b2b49ef18e2a96e41f206d930eda2769c5ee6d5e3d541ce9a21c3ce5cb5fbdad9a45de0000000000000000000000000000f1d3b9821c18", 0x80) 2m3.113513669s ago: executing program 1 (id=627): r0 = socket$tipc(0x1e, 0x2, 0x0) bind$tipc(r0, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x0, 0x2}}, 0x10) r1 = socket$tipc(0x1e, 0x2, 0x0) setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000100)={0x42}, 0x10) sendmsg$tipc(r1, &(0x7f0000002340)={&(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x2, 0xfffd}}, 0x10, 0x0}, 0x0) bind$tipc(r0, 0x0, 0x0) 2m3.024653144s ago: executing program 1 (id=630): syz_mount_image$tmpfs(0x0, &(0x7f00000000c0)='./file0\x00', 0x208a022, 0x0, 0x1, 0x0, &(0x7f0000000000)) chroot(&(0x7f0000000000)='./file0/../file0\x00') mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0) mount(0x0, &(0x7f0000000d40)='./file0/../file0/../file0\x00', &(0x7f0000000040)='sysfs\x00', 0x10, 0x0) chroot(&(0x7f0000000000)='./file0/../file0\x00') pivot_root(&(0x7f00000001c0)='./file0\x00', &(0x7f00000000c0)='./file0\x00') 2m2.958593888s ago: executing program 1 (id=632): syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000440)='./file0\x00', 0x414, &(0x7f00000000c0)=ANY=[], 0x1, 0x2c3, &(0x7f0000000100)="$eJzs3EFrE2sUxvFzm94mTWmTC5eCgnrQjd0MbfwAGqQFMaDWpqgLYWonGjImZSZUUsRmI279HMVld4L6BboRN+7dFUF0YRfiiJmknbSTNNUmpvb/gzInec+TvKUknBTybt56/rCQc42cWZaBmMqASFW2RJI/q7p/6teBWj0kQVWZGPny/tTN23eupjOZ6KzqTHruQkpVx868evT4xdk35ZH59bGXUdlI3t38lPqwMb5xYvP73IO8q3lXi6WymrpQKpXNBdvSxbxbMFSv25bpWpovupbTtJ6zS0tLFTWLi6PxJcdyXTWLFS1YFS2XtOxU1Lxv5otqGIaOxuV4G+ygJ7s2O2umWy57kUPdEbpuOOxOx0lXRWRo72J2rRebAgAA/aX9/O/P+q3n/8y8f23M/9OHM/+LMP93SbXp1j7zP/4KjpM24/XXbzPmfwAAAAAAAAAAAAAAAAAAAAAAjoItz0t4npdoXBs/URGJiUjj9p/eJ7pjv7//5/DYxV7vE90R+OJeTMR+tpxdzvpXfz2dk7zYYsmkJORb7f2gzq9nrmSmJ7Xmq+d5q/X86nI2ItFGviEZlj/935SfV3ltB/L/Sjz4/ClJyP/hz58KzQ/dOH8ukDckIW/vSUlsWay9r+3kn0ypXr6W2ZUfrvW1FHrSAgAAAAAA/cnQbcnmz7/+2Y9GrSEme9f9/AH+P7Dr8/WgnOzkiEoAAAAAAPDb3MpKwbRtywkp1kWkxVKtiIpIm/hxLSLSF9vYVVwSkT7YRq+KmIj49+gvxMc/bsc7Snkd9Azu82rqtyL0wGAAAAAAR9jO0H+A0LunXdwRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADHT9tjwCZG/KbKSqHR39QTfKA2jxPoivTuNwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD6z48AAAD//0vYF3I=") r0 = inotify_init1(0x0) inotify_add_watch(r0, &(0x7f0000000000)='./file0\x00', 0x12000051) r1 = openat$dir(0xffffffffffffff9c, &(0x7f00000002c0)='.\x00', 0x0, 0x0) lseek(r1, 0x4, 0x0) getdents(r1, 0x0, 0x58) 2m2.688025943s ago: executing program 1 (id=640): r0 = socket$netlink(0x10, 0x3, 0xf) r1 = socket$netlink(0x10, 0x3, 0xf) bind$netlink(r1, &(0x7f0000000a40)={0x10, 0x0, 0x25dfdbfb, 0x2ffffffff}, 0xc) setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000000), 0x4) syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), r1) syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r0) 2m2.653793055s ago: executing program 32 (id=640): r0 = socket$netlink(0x10, 0x3, 0xf) r1 = socket$netlink(0x10, 0x3, 0xf) bind$netlink(r1, &(0x7f0000000a40)={0x10, 0x0, 0x25dfdbfb, 0x2ffffffff}, 0xc) setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000000), 0x4) syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), r1) syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r0) 2m1.815623803s ago: executing program 2 (id=651): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000005"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000b703000000000000850000003300000095"], &(0x7f0000000780)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r2 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'syz_tun\x00', 0x0}) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000240)={r1, r3, 0x25, 0x0, @val=@iter={0x0}}, 0x20) syz_emit_ethernet(0x36, &(0x7f0000000000)=ANY=[], 0x0) 2m1.761643616s ago: executing program 2 (id=653): r0 = getpid() r1 = syz_pidfd_open(r0, 0x0) setns(r1, 0x24020000) setuid(0xee01) r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000140)='.\x00', 0x0, 0x0) fchmod(r2, 0x6) 2m1.716286858s ago: executing program 2 (id=654): r0 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x10, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_bp={0x0, 0x1}, 0x2002, 0x32, 0x43a1bd56, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x200002009}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1) munmap(&(0x7f0000001000/0x3000)=nil, 0x3000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f000001a000)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x33, &(0x7f000002eff0)={0x20d, &(0x7f0000000000)=[{0x4, 0xd, 0x8, 0x7fff}, {0x9000, 0x2, 0x12, 0x8}]}, 0x10) 2m1.583435086s ago: executing program 2 (id=657): syz_mount_image$tmpfs(0x0, &(0x7f00000000c0)='./file0\x00', 0x208a022, 0x0, 0x1, 0x0, &(0x7f0000000000)) chroot(&(0x7f0000000000)='./file0/../file0\x00') mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0) mount(0x0, &(0x7f0000000d40)='./file0/../file0/../file0\x00', &(0x7f0000000040)='sysfs\x00', 0x10, 0x0) chroot(&(0x7f0000000000)='./file0/../file0\x00') pivot_root(&(0x7f00000001c0)='./file0\x00', &(0x7f00000000c0)='./file0\x00') 2m1.538221178s ago: executing program 2 (id=658): r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) bind$bt_sco(r0, &(0x7f0000000000)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8) listen(r0, 0x3) ioctl$HIDIOCGUSAGES(0xffffffffffffffff, 0xd01c4813, &(0x7f0000000240)={{0x3, 0xfffffefd, 0x5, 0xb7a4, 0x1, 0xffff}, 0x341, [0xc, 0x40, 0xcd6, 0x4, 0x6, 0x0, 0x3, 0x27, 0x9, 0x7a18fde9, 0x9, 0xf12, 0x4, 0x3, 0x378, 0x350bae1e, 0x4, 0x0, 0x1, 0xffff06bd, 0x0, 0xd4f, 0x7, 0xf2, 0x10, 0x5, 0x8, 0x6, 0x401, 0x80000000, 0x2401, 0x3ca5, 0x1, 0x0, 0xff, 0x4, 0x4, 0x3, 0x0, 0x0, 0x54, 0x80000000, 0x7fff, 0x7, 0x3, 0xa, 0x0, 0x10000, 0x401, 0x8, 0xffff, 0x91ba, 0x7, 0x9, 0x1, 0xb6, 0x20, 0xcb, 0x5, 0x7f, 0x5, 0x311, 0x66d1, 0xfffffffd, 0xa7d6, 0xb6eb, 0xc74, 0x77, 0x1, 0xff, 0x5cb5, 0x3, 0x3fd, 0xedf4, 0x4, 0x1000, 0x6, 0xfffffffe, 0x8001, 0xc1, 0x1, 0x5, 0x1, 0x32, 0x98, 0x7f, 0x0, 0x401, 0x2, 0x2, 0x4680, 0x7, 0xe665, 0x3c6e, 0x3, 0x40, 0x80, 0x4f, 0x8000, 0x2, 0xb, 0x6, 0x4fa4, 0x80000002, 0x1, 0xb, 0x0, 0xfffffffa, 0x3, 0x9, 0x100, 0xfe, 0x4, 0x40, 0x9, 0x1b, 0x1ff, 0x7ff, 0x2, 0x80000000, 0xffff, 0x9, 0x0, 0x6, 0x2, 0x1, 0x3, 0xa0, 0xf, 0x1ff, 0x9, 0x7, 0x6, 0x400, 0x8, 0xff2, 0x6, 0x0, 0x6, 0x0, 0x9, 0x1, 0x8000, 0x664, 0x4, 0x9, 0x9, 0x2, 0x4, 0xfffffffd, 0x10, 0x5, 0x9, 0x10000, 0x1, 0x9, 0xf7a, 0xc6, 0x1, 0x4, 0x6, 0xffffffff, 0x6, 0x10001, 0x3042c26b, 0x68, 0x7, 0x1, 0x5, 0x3, 0x9a3f, 0x400000, 0x0, 0x80000067, 0xffff0000, 0x7, 0x10000000, 0x10001, 0x7, 0x3, 0x10, 0x10a, 0x2, 0x40, 0x1c, 0x80, 0xb5f8, 0x8bc, 0x3, 0x101, 0x5, 0x63, 0x4, 0x4, 0x10, 0x1000, 0x288c, 0x1ffe, 0x73ee, 0x1, 0x5, 0x9, 0x7fffffff, 0x73, 0x7, 0x8, 0x6, 0x400, 0x40, 0x0, 0x0, 0x0, 0x546c, 0x981, 0x5aa, 0x7fff, 0x7, 0x4, 0x8, 0x6688, 0x45e4, 0x5, 0x7, 0x1, 0x5, 0x3, 0x0, 0x1, 0x2, 0x2, 0x4, 0xce, 0xf, 0x0, 0x1, 0x667, 0x3, 0x0, 0x9, 0x9, 0x37c, 0x10001, 0x9, 0x1, 0x1, 0x2, 0x6, 0x4, 0x6, 0x1, 0x9, 0x6, 0x80000000, 0x2, 0x0, 0x9, 0x5, 0x2, 0x7, 0x3, 0xffffff1b, 0x9, 0x2, 0xd, 0x34ea, 0x10000, 0x0, 0x80000001, 0x8, 0x8000, 0x3a, 0x10, 0x8, 0x9, 0x5, 0x1, 0x6, 0x10001, 0x0, 0x4, 0x10000, 0x9, 0xffff, 0xe, 0x89, 0x2, 0x7, 0x1, 0x73, 0x3, 0x9, 0x2, 0x1, 0x9, 0x2, 0x7, 0x0, 0x2, 0x80000004, 0x29, 0x9, 0x0, 0x80000004, 0x4, 0x0, 0x1, 0x4, 0x5, 0x4, 0x0, 0xf, 0xa, 0x100, 0x4, 0x59b, 0x7, 0x9, 0x9, 0x3, 0x2, 0x4, 0xbf, 0x0, 0x8, 0x40, 0xd3, 0x7, 0x1, 0x89aa, 0x8, 0x7, 0xf0ce, 0x4, 0x1, 0x0, 0x2, 0xc6, 0x1000, 0x5, 0x937, 0xa, 0x6, 0x3, 0xffffffff, 0x8, 0x9, 0x0, 0xffffffff, 0xbe, 0x1, 0x7, 0x2, 0xffffffff, 0x0, 0x3d9, 0x0, 0xc, 0x9, 0x7, 0xfffffeff, 0x100, 0x2, 0x7fff, 0x101, 0x7, 0x6, 0x706, 0x2, 0x49, 0xe, 0xfffffff7, 0xfffff772, 0x8, 0x80000000, 0x6, 0x1, 0xa9c, 0x9, 0x7, 0x1, 0x2, 0x5, 0x1000, 0x6, 0x1ff, 0x9, 0x3, 0x3, 0x10001, 0xffff0000, 0xf, 0x4, 0xffffa5ba, 0xffffa9b4, 0xb, 0x4, 0x8000005, 0x3, 0x4b5f, 0x6, 0xa, 0xffffffff, 0x1, 0x80000000, 0xb, 0x0, 0xc8f, 0x1, 0x7, 0x8, 0x0, 0x10000, 0x57dc, 0x818a, 0x10, 0x8, 0x10, 0xfffffffc, 0xfffff001, 0xa, 0x5, 0x5, 0x4, 0xfff, 0x9, 0x10, 0xfffffffb, 0x4, 0xc2, 0x7f, 0x5, 0x2, 0x80000000, 0xd, 0x3, 0x1, 0x0, 0x5, 0xb8, 0x101, 0x401, 0x2, 0x7, 0xc, 0x6623258, 0xf2, 0x741, 0xae6, 0x9, 0xffffa0ae, 0x9, 0x6, 0x2, 0x8, 0x9, 0x1, 0x5, 0x9a, 0x9, 0xb, 0x800, 0x4, 0x3ff, 0x5, 0x7, 0x7, 0x8, 0xfe, 0x7f, 0x9, 0x4, 0x2, 0x20000000, 0x2, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x7, 0x8000005, 0x0, 0xfff, 0x101, 0x4, 0x0, 0x96c6, 0xc, 0x5, 0xfff, 0x104, 0xffff, 0x1, 0x401, 0xf0, 0x0, 0xfffff53d, 0x9, 0x2, 0x6, 0x0, 0x6, 0x4b15, 0x10000, 0x1, 0x9, 0x1, 0xd, 0x9, 0x4, 0x9, 0x1, 0x6, 0x0, 0x3, 0x10001, 0x1, 0x7, 0x1, 0x5, 0x8, 0xffffc487, 0x200, 0x10001, 0x37c, 0x7, 0x6, 0x6, 0x8, 0xfffffe00, 0x1, 0x1, 0x0, 0x10, 0x0, 0x3, 0x4, 0x80000000, 0xb46d, 0x3, 0x1000, 0x1eb4bce6, 0x10, 0x8, 0x1, 0x5, 0x1, 0x5, 0x9, 0x1000, 0x7, 0x62f2f805, 0xc, 0x3, 0xffffffff, 0x0, 0x7e, 0x6, 0x8, 0x40, 0x5, 0x2, 0xa, 0x5, 0x6, 0x80000000, 0x2, 0xb, 0x7, 0x7, 0x1, 0x5, 0x9, 0x6709, 0x80000001, 0x0, 0x3, 0x8, 0x6, 0x0, 0xa958, 0xff, 0x5, 0x6, 0x2, 0x4, 0x10000, 0x80000001, 0x5, 0x1c00, 0x9, 0x0, 0xb7, 0x3, 0xff, 0x9, 0xffff, 0x80, 0xfea5, 0x7fff, 0x7, 0x7, 0x7, 0x7485, 0x9, 0x8, 0x0, 0x5, 0xf, 0x5, 0xe, 0x6, 0x1000, 0xb, 0x7, 0x382d, 0x459, 0xcad, 0x9, 0x0, 0x2, 0x9, 0x5, 0xffff8000, 0xe0, 0xfffffffb, 0x85, 0xffffffff, 0x2, 0x7, 0xa05a, 0x0, 0x0, 0x101, 0x35, 0x8, 0x1, 0x1, 0x30, 0xffffff7e, 0x1, 0x2, 0x9, 0x3, 0x7, 0x8, 0x8, 0x4000, 0x20000001, 0x4, 0x15294b70, 0x3, 0x3, 0x2, 0x43, 0x3, 0x9, 0x5, 0x80000004, 0x6, 0x0, 0x5, 0x81, 0x1, 0x2, 0x3fd, 0x1df, 0x6, 0x6, 0xfffffffa, 0x1a, 0x9, 0x2, 0x9, 0x1, 0x9, 0x8, 0x2c1, 0x9e95, 0x2, 0xfffffedd, 0x30c4, 0x2, 0x389f, 0x7b, 0x0, 0x8, 0x9, 0x6, 0x9, 0x9, 0x8, 0x5, 0x8, 0x1ff, 0x7fff, 0x3, 0x8000002, 0x8, 0x2b, 0x200006, 0x80000004, 0x1, 0x10000002, 0xfb4, 0xbfa, 0x48, 0x405, 0x6, 0x4, 0x8001, 0x9, 0x8, 0xffffffff, 0x6ae574d2, 0x5, 0xfffffe00, 0x1000, 0x5, 0x92, 0x3, 0x7fffffff, 0xd7, 0x8001, 0x905, 0x3, 0x6, 0xfffffb31, 0xb, 0x4, 0x7, 0x8, 0x1, 0x6, 0x1, 0xff, 0x100, 0x8, 0x5, 0x6, 0x80000000, 0x0, 0x100a, 0x7fffffff, 0x7fff, 0x2, 0x17, 0x2, 0x9af, 0x10001, 0x8, 0x4, 0x8, 0x6, 0x7742348d, 0x5, 0x5, 0x1f, 0x40, 0x0, 0x6, 0x8, 0x7, 0x7, 0x8, 0x17f, 0x6, 0x2, 0x5, 0x6, 0x1, 0xb, 0xe, 0x5, 0x1, 0xfe7, 0xfffffffc, 0xfffffffa, 0x7ff, 0x3e9, 0x0, 0x3, 0x2000, 0xd, 0x3, 0x4, 0x3, 0x81, 0x8, 0x14, 0x8, 0x9, 0x6, 0xffff, 0xf28c, 0x7, 0x6, 0x4, 0x7fffffff, 0xffff, 0x7fffffff, 0xc9, 0x2, 0x0, 0x924, 0x6, 0x100, 0x1, 0x5, 0xffff351b, 0x8, 0xfffffffb, 0x7, 0x9, 0x2, 0x5, 0x4, 0x1, 0x4, 0xff, 0xee, 0x2, 0x4, 0x8, 0x9f, 0x7, 0x3, 0x9, 0xc9, 0x10001, 0x1, 0x1, 0xfffffff7, 0xfffffffb, 0x5, 0x5, 0x6, 0x400, 0x51, 0x7, 0xefb, 0xb8, 0x8, 0x5, 0xfffffff7, 0x7, 0x7, 0x5, 0x6330, 0x0, 0x6, 0xea, 0x0, 0xfff, 0x809, 0x6, 0x40, 0x6, 0xffff, 0xfffffffa, 0x3, 0xa850, 0x1, 0x6, 0x7, 0x5, 0x7, 0x2ec, 0x9, 0x6, 0x401, 0x6, 0xfff, 0x0, 0xa7b, 0x62cc, 0xfffffff7, 0x7, 0x40, 0xa, 0x8, 0x3, 0xe, 0x1, 0x1, 0xc, 0x40, 0x3, 0x4, 0x5, 0x5, 0x7ff, 0x5, 0x8, 0x5, 0x3, 0x3, 0x2, 0x80000002, 0x54, 0x400, 0x1, 0x8, 0xa, 0xb, 0x7, 0x3, 0x72, 0x80, 0x1000, 0x7, 0x800, 0x6, 0xd19, 0x3, 0x93c, 0x6, 0x0, 0x0, 0xe, 0x5, 0x3, 0xfffffffa, 0xa01, 0xf3, 0x65, 0x8, 0xe, 0x3, 0x3ff, 0x5, 0x2, 0x6, 0xfffffff8, 0xffff, 0xfffffff9, 0x9, 0x5, 0x62, 0x8, 0x1, 0xfffffffb, 0x1af88, 0x2, 0x9, 0x7, 0x0, 0x7, 0x8, 0x10000, 0x40, 0x8, 0x7, 0x2b, 0x6, 0x10, 0x5, 0x200, 0x7fff, 0x6, 0x200, 0x8, 0x10, 0x4, 0x6, 0x633, 0xf05, 0x0, 0x101, 0x200, 0x7, 0x7ff, 0x0, 0x1, 0x1, 0x10000, 0x9, 0x40, 0x9, 0x0, 0x7f, 0x7, 0x6, 0xe, 0x3, 0x80000001, 0x0, 0x8, 0x8, 0x7, 0xdd, 0x6, 0x89, 0x0, 0x100, 0x1, 0x9, 0xe75, 0x10400, 0x20001, 0x8, 0x200, 0xe9ab, 0xfffffff8, 0x8000, 0x7, 0x2, 0x2, 0x43, 0x3ff, 0x8, 0x7, 0x9, 0x1, 0x6, 0x7, 0xa, 0xf, 0xf39d, 0x71, 0xfff, 0x5, 0x8]}) unshare(0x22020400) poll(&(0x7f0000000000), 0x20000000000000b5, 0x9) 2m1.232591405s ago: executing program 2 (id=659): write$P9_RREAD(0xffffffffffffffff, &(0x7f0000000040)={0x5d5, 0x75, 0x1, {0x5ca, "43bb2063dc2f0e00e09b31b1eedf40253a46fbb33ecdb16448ab852899dd0b9eb64af606f7fc8c6c52e189de771af700716c4f66eb623a0a892bd315de94909af4e4d707e4ad5a0a6c237658bdf12020ee02fb23ed6886092a272c388f9d40f7513a229931ac4c5bf41ed25fe77d1136e5ce9ef1dd58162a6944a4ac695f3391dba372283f2e79820040ebf5a08fdee48edbdcac42f61390d61b2727cedae95ee30491581a2b07e6054862ddd12fe0b95270b441ee457bc755ff13db6094d27349b9050934aec9f02879d6fd6aba1af4b4147f8de4eb9f9823aac6c9ca6e90b021c5ffbbebc9678f96d22bece8a05a309f70bdacd9860439beecea431dad42ac14fc6ed19a9db0999fc8ffc1d63dab555df5ca86117eb7810dada5d00a01094f31a0de31423aef3fc097783995d55f3343d6121dc698fda686cffe4ab9dd4671117d0b366f5488f954bee55b244a6627173a2e92153f14c533492b9866b2e56f5ea4e539f2e6fed27010e5c9280ec02e8605b4d04855571d52666c97514111de24709f33c0e7dae8dc542a9a31339e5504a72d62d502e736486fd931fb2b310fcbcd93276ce3b178e5d9f4e119efb91fd5d4f3f440573fee6e7f1902d86b646d9da095bcb5ec68b8f4b0e746f9414f8d25bfede42a219022b64cae495bccee30297df25ce4d01a30514849ddb6bf000354dc68bc510197873c8d3ba55bf3e98bb14bf80ad717db8c3cd6517685703bd0be6b4aafe5e33bee964190fb330478ee9f956c98045a4aa713f52830fce1df14acc5573897605a3f8d308106810e9cd7107a6e328c6601a7043c444335de3c8d4488e73c6d75b9ab6b52667ef8df51a9e2379d0ac2243ff56064fa1a77a6d71fb559572306a34b467df6387fa733ad77797d0cabcdd4c2a9fedb45e3b24842824b74d78a95faf26314af69082ec2cd923adcaf110f2f0c545abec796231b4c1f11c6f08090f2ecdca01212837e5ae60b59f86e24a18cb3340c41df017fe9a1493b3c927315cc17d1fd995c50a62dd32b3098e72c13a3a49163a2414fd83ab17d0b062a3453f761f04b786f18b8a01de307e53583e859e79cd09f6a0cd53cac3cfc668ce74f52de308b4fb2b10a58e48489c3757e5daed364676d3efab54ef82c021e225083a3f36e52d9bef39f8d9100d9ab814301ffeff112b81c69a7db3e3c48cd2748b8919fbf93ee7f61f0778a508ab25a81da1d0f58746a143cbba335af9eadbeaf8979a54da20534051b81f608bf948b9a5ef5e20bdef62fce540667f04e8c9ad343ca7b4878fd26ffc1f9b954ff56aa46df1ef34721f90b8e5294e9e5cd686fc45123f53f9d86572d48088baac4f600e3678fc55ced85dc3a923f896c110dc8b67af8aa059a79d9304291c8c5badb6f525befb5f32627338e834482d7d25efabd2efadaec003cd43c7b0a497c4a9f2d9617057047ca4059890872bff3b8fbda75db2747561ceaa1427739aa4add912242d4b80bd3e17396acf35ae5094377a89f9fedd18ab015b699c7a37e22a9f57b06219ed444b69bb675b2a090e5dd4168d24499872c7e4d5e785c9067ef8741d7ff5f941ddb96e46504d22b4749bcd4613f64150ba599046647413392d4440a46c30ad321b842cb3531e6fa95a2ce17cc22fbb835703b5ffcb1dcf1de776bbcbe273944717f84bc405bddfd87fedce69317bc98ca5f998878036da43ecc1c6a7231e9911955a497a0cfd4202740041c1a0686b2d543532505836e3fb702e91db8958b3ca2a9e1e05d8c79841313399166054c4e52c9a38f30625151d7bcb4816f09ed3b4e35aac7d3f758c7295b433b20be8804e21159dcc3d8e3ee7d18eb26207c028e5b5498fceb212c1982e5867004380eeb89086c3ec43dd9c68516a12ba3bb43447f342cf2658fd478218a28d42acefe838f1fbc26b46e16d08398cb12c5502c2b3657cbe95933b509cd6355142827523ec4a92b48966f5db6b0d10c3253bfee377a7313d7fe1b953a6095f2665bc966fe42739201bed5bf77fb6e4d505ace22eaaa472958c8a38c1b2d2744920477b8d804056e031e31d2684e11b036686d35cbf13ec9ad"}}, 0x5d5) r0 = socket$kcm(0x2, 0x3, 0x106) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)={{0x14}, [@NFT_MSG_NEWRULE={0x70, 0x6, 0xa, 0x160b, 0x0, 0x0, {0x2, 0x0, 0x8}, [@NFTA_RULE_EXPRESSIONS={0x44, 0x4, 0x0, 0x1, [{0x18, 0x1, 0x0, 0x1, @osf={{0x8}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_OSF_DREG={0x8, 0x1, 0x1, 0x0, 0x4}]}}}, {0x28, 0x1, 0x0, 0x1, @nat={{0x8}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_NAT_TYPE={0x8}, @NFTA_NAT_REG_ADDR_MIN={0x8, 0x3, 0x1, 0x0, 0x14}, @NFTA_NAT_FAMILY={0x8, 0x2, 0x1, 0x0, 0x2}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x98}, 0x1, 0x0, 0x0, 0x850}, 0x4040080) sendmsg$inet(r0, &(0x7f0000000040)={&(0x7f0000000380)={0x2, 0x4e21, @remote}, 0x10, &(0x7f0000000000)=[{&(0x7f0000000600)="b9ed29d8fe490a060b483f2dd090fc6889ae6b84", 0xffeb}], 0x1}, 0x0) 2m1.232162205s ago: executing program 33 (id=659): write$P9_RREAD(0xffffffffffffffff, &(0x7f0000000040)={0x5d5, 0x75, 0x1, {0x5ca, "43bb2063dc2f0e00e09b31b1eedf40253a46fbb33ecdb16448ab852899dd0b9eb64af606f7fc8c6c52e189de771af700716c4f66eb623a0a892bd315de94909af4e4d707e4ad5a0a6c237658bdf12020ee02fb23ed6886092a272c388f9d40f7513a229931ac4c5bf41ed25fe77d1136e5ce9ef1dd58162a6944a4ac695f3391dba372283f2e79820040ebf5a08fdee48edbdcac42f61390d61b2727cedae95ee30491581a2b07e6054862ddd12fe0b95270b441ee457bc755ff13db6094d27349b9050934aec9f02879d6fd6aba1af4b4147f8de4eb9f9823aac6c9ca6e90b021c5ffbbebc9678f96d22bece8a05a309f70bdacd9860439beecea431dad42ac14fc6ed19a9db0999fc8ffc1d63dab555df5ca86117eb7810dada5d00a01094f31a0de31423aef3fc097783995d55f3343d6121dc698fda686cffe4ab9dd4671117d0b366f5488f954bee55b244a6627173a2e92153f14c533492b9866b2e56f5ea4e539f2e6fed27010e5c9280ec02e8605b4d04855571d52666c97514111de24709f33c0e7dae8dc542a9a31339e5504a72d62d502e736486fd931fb2b310fcbcd93276ce3b178e5d9f4e119efb91fd5d4f3f440573fee6e7f1902d86b646d9da095bcb5ec68b8f4b0e746f9414f8d25bfede42a219022b64cae495bccee30297df25ce4d01a30514849ddb6bf000354dc68bc510197873c8d3ba55bf3e98bb14bf80ad717db8c3cd6517685703bd0be6b4aafe5e33bee964190fb330478ee9f956c98045a4aa713f52830fce1df14acc5573897605a3f8d308106810e9cd7107a6e328c6601a7043c444335de3c8d4488e73c6d75b9ab6b52667ef8df51a9e2379d0ac2243ff56064fa1a77a6d71fb559572306a34b467df6387fa733ad77797d0cabcdd4c2a9fedb45e3b24842824b74d78a95faf26314af69082ec2cd923adcaf110f2f0c545abec796231b4c1f11c6f08090f2ecdca01212837e5ae60b59f86e24a18cb3340c41df017fe9a1493b3c927315cc17d1fd995c50a62dd32b3098e72c13a3a49163a2414fd83ab17d0b062a3453f761f04b786f18b8a01de307e53583e859e79cd09f6a0cd53cac3cfc668ce74f52de308b4fb2b10a58e48489c3757e5daed364676d3efab54ef82c021e225083a3f36e52d9bef39f8d9100d9ab814301ffeff112b81c69a7db3e3c48cd2748b8919fbf93ee7f61f0778a508ab25a81da1d0f58746a143cbba335af9eadbeaf8979a54da20534051b81f608bf948b9a5ef5e20bdef62fce540667f04e8c9ad343ca7b4878fd26ffc1f9b954ff56aa46df1ef34721f90b8e5294e9e5cd686fc45123f53f9d86572d48088baac4f600e3678fc55ced85dc3a923f896c110dc8b67af8aa059a79d9304291c8c5badb6f525befb5f32627338e834482d7d25efabd2efadaec003cd43c7b0a497c4a9f2d9617057047ca4059890872bff3b8fbda75db2747561ceaa1427739aa4add912242d4b80bd3e17396acf35ae5094377a89f9fedd18ab015b699c7a37e22a9f57b06219ed444b69bb675b2a090e5dd4168d24499872c7e4d5e785c9067ef8741d7ff5f941ddb96e46504d22b4749bcd4613f64150ba599046647413392d4440a46c30ad321b842cb3531e6fa95a2ce17cc22fbb835703b5ffcb1dcf1de776bbcbe273944717f84bc405bddfd87fedce69317bc98ca5f998878036da43ecc1c6a7231e9911955a497a0cfd4202740041c1a0686b2d543532505836e3fb702e91db8958b3ca2a9e1e05d8c79841313399166054c4e52c9a38f30625151d7bcb4816f09ed3b4e35aac7d3f758c7295b433b20be8804e21159dcc3d8e3ee7d18eb26207c028e5b5498fceb212c1982e5867004380eeb89086c3ec43dd9c68516a12ba3bb43447f342cf2658fd478218a28d42acefe838f1fbc26b46e16d08398cb12c5502c2b3657cbe95933b509cd6355142827523ec4a92b48966f5db6b0d10c3253bfee377a7313d7fe1b953a6095f2665bc966fe42739201bed5bf77fb6e4d505ace22eaaa472958c8a38c1b2d2744920477b8d804056e031e31d2684e11b036686d35cbf13ec9ad"}}, 0x5d5) r0 = socket$kcm(0x2, 0x3, 0x106) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)={{0x14}, [@NFT_MSG_NEWRULE={0x70, 0x6, 0xa, 0x160b, 0x0, 0x0, {0x2, 0x0, 0x8}, [@NFTA_RULE_EXPRESSIONS={0x44, 0x4, 0x0, 0x1, [{0x18, 0x1, 0x0, 0x1, @osf={{0x8}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_OSF_DREG={0x8, 0x1, 0x1, 0x0, 0x4}]}}}, {0x28, 0x1, 0x0, 0x1, @nat={{0x8}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_NAT_TYPE={0x8}, @NFTA_NAT_REG_ADDR_MIN={0x8, 0x3, 0x1, 0x0, 0x14}, @NFTA_NAT_FAMILY={0x8, 0x2, 0x1, 0x0, 0x2}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x98}, 0x1, 0x0, 0x0, 0x850}, 0x4040080) sendmsg$inet(r0, &(0x7f0000000040)={&(0x7f0000000380)={0x2, 0x4e21, @remote}, 0x10, &(0x7f0000000000)=[{&(0x7f0000000600)="b9ed29d8fe490a060b483f2dd090fc6889ae6b84", 0xffeb}], 0x1}, 0x0) 1.572628908s ago: executing program 5 (id=3698): r0 = socket$inet_mptcp(0x2, 0x1, 0x106) ioctl$int_in(r0, 0x5452, &(0x7f0000000280)=0x3a0af83a) shutdown(r0, 0x1) listen(r0, 0x28) poll(&(0x7f0000000340)=[{r0, 0x1189}], 0x1, 0x400) shutdown(r0, 0x0) 1.562938678s ago: executing program 3 (id=3700): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x4008032, 0xffffffffffffffff, 0xcd0b3000) madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15) syz_clone(0x24100000, 0x0, 0x0, 0x0, 0x0, 0x0) mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0xd3283d0368e269b3, 0x8031, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs$pagemap(0x0, &(0x7f0000000140)) ioctl$PAGEMAP_SCAN(r0, 0xc0606610, &(0x7f00000001c0)={0x60, 0x0, &(0x7f0000391000/0x4000)=nil, &(0x7f0000e18000/0x3000)=nil, 0x0, &(0x7f0000001500)=[{0x7, 0x0, 0x3}], 0x1, 0x2b2, 0x0, 0x0, 0x0, 0x18}) 1.37579475s ago: executing program 5 (id=3717): r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x24}}, 0x0) getsockname$packet(r1, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r2, @ANYBLOB="0000000000000000280012000c00010076657468"], 0x48}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f00000093c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@deltfilter={0x24, 0x2d, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {0x0, 0x6}, {}, {0x0, 0xffff}}}, 0x24}}, 0x0) 1.219075748s ago: executing program 3 (id=3709): r0 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x800000, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000440)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0x1d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x275a, 0x0) mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1) fcntl$lock(r2, 0x410, &(0x7f0000000080)={0x0, 0x1, 0x6, 0x1fd}) 1.19535652s ago: executing program 5 (id=3711): timer_create(0x3, &(0x7f0000533fa0)={0x0, 0x21, 0x0, @thr={0x0, 0x0}}, &(0x7f00000001c0)) r0 = signalfd4(0xffffffffffffffff, &(0x7f00000003c0)={[0x1fffffffff]}, 0x8, 0x0) r1 = syz_io_uring_setup(0x186, &(0x7f0000000240)={0x0, 0x3416, 0x13100, 0x2, 0x4, 0x0, r0}, &(0x7f0000000140)=0x0, &(0x7f0000000200)=0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd=r0, 0x0, 0x0, 0x0, {0xe091}}) io_uring_enter(r1, 0x2def, 0x9566, 0x0, 0x0, 0x0) timer_settime(0x0, 0x1, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) 1.169052412s ago: executing program 4 (id=3712): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x20, 0x3, &(0x7f0000000200)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x99ee}, 0x94) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000002380)={r0, 0x0, 0x2d, 0x0, @val=@netfilter={0x2, 0x4, 0x600, 0x1}}, 0x20) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='cpuacct.usage_sys\x00', 0x26e1, 0x0) close(r1) socket$kcm(0x2, 0x200000000000001, 0x106) sendmsg$inet(r1, &(0x7f0000000240)={&(0x7f0000000140)={0x2, 0x4001, @remote}, 0x10, 0x0}, 0x3406c096) 1.168775572s ago: executing program 5 (id=3713): perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x8708, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x800, 0x4, @perf_config_ext={0x9, 0x7}, 0x1118, 0xa88, 0x8406, 0x5, 0x0, 0x3c, 0xffff, 0x0, 0x0, 0x0, 0xedf2}, 0x0, 0xffbfffffffffffff, 0xffffffffffffffff, 0x8) syz_emit_ethernet(0x0, 0x0, 0x0) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000003200)=@newsa={0x15c, 0x10, 0x1, 0xfffffffe, 0x100, {{@in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @in6=@loopback, 0x1, 0x714, 0x4e23, 0x5, 0x0, 0x0, 0x0, 0x3a}, {@in6=@mcast2, 0x4d4, 0x6c}, @in=@loopback, {0x0, 0x192, 0x6, 0xffff, 0x8251c, 0x2, 0xfffffffffffffff8, 0x80}, {0xffffffffffffffff, 0x0, 0x1f, 0xfffffffffffffffe}, {0x2, 0xfffffffc}, 0x70bd2a, 0x3504, 0x2, 0x1, 0x0, 0x20}, [@algo_comp={0x48, 0x3, {{'deflate\x00'}}}, @lifetime_val={0x24, 0x9, {0x200, 0x20000000081, 0x9, 0x100}}]}, 0x15c}, 0x1, 0x0, 0x0, 0x8801}, 0x0) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000740)=@newsa={0x140, 0x1a, 0x1, 0xfffffffe, 0x100, {{@in=@multicast2, @in6=@private1={0xfc, 0x1, '\x00', 0x1}, 0x1, 0x71c, 0x4e23, 0x5, 0xa, 0x0, 0x20, 0x3a}, {@in6=@mcast2, 0x4d4, 0x6c}, @in6=@private2={0xfc, 0x2, '\x00', 0x1}, {0xfe, 0x1000000000000192, 0x9ba3, 0xffff, 0x8251c, 0x5, 0xfffffffffffffffc}, {0xffffffffffffffff, 0x0, 0x1f, 0xfffffffffffffffe}, {0xfffffffe, 0x3fc}, 0x80, 0x3505, 0x2, 0x1, 0x0, 0x20}, [@algo_comp={0x48, 0x3, {{'deflate\x00'}}}, @XFRMA_SET_MARK={0x8, 0x1d, 0xfffffeff}]}, 0x140}}, 0x844) 1.108766055s ago: executing program 4 (id=3715): perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x2, 0xf4039, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x147b7e, 0x0, @perf_config_ext={0x1, 0xf60e}, 0x9092, 0x0, 0x43a1bd76, 0x2, 0x9, 0x6, 0x5, 0x0, 0x0, 0x0, 0x200b}, 0x0, 0x4000000000, 0xffffffffffffffff, 0x1) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x15, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="180200001e00000000000000000000007a02500003ffffff95"], &(0x7f0000000080)='GPL\x00', 0x4, 0x0, 0x0, 0x40f00}, 0x94) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x2, &(0x7f0000000000)=[{0x69, 0x0, 0xfe}, {0x6}]}) pipe2$9p(&(0x7f0000000000), 0x0) mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x1, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffc}, 0x94) 1.108535405s ago: executing program 3 (id=3716): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'sit0\x00', 0x0}) r2 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x2, 0xf4039, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x147b7e, 0x0, @perf_config_ext={0x1, 0xf60e}, 0x9092, 0x0, 0x43a1bd76, 0x2, 0x9, 0x6, 0x5, 0x0, 0x0, 0x0, 0x200b}, 0x0, 0x4000000000, 0xffffffffffffffff, 0x1) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="1808000000000000000000000000000018000000c3707bf4000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r3) sendmsg$nl_route_sched(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=@newqdisc={0x30, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x0, r1, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_hhf={{0x8}, {0x4}}]}, 0x30}, 0x1, 0x0, 0x0, 0x48801}, 0x0) 1.082824276s ago: executing program 5 (id=3719): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f00000002c0)=[@in={0x2, 0x4e23, @loopback}, @in6={0xa, 0x0, 0x0, @loopback, 0x1}], 0x2c) sendto$inet6(r0, &(0x7f0000000080)='\x00', 0x1, 0x8081, &(0x7f0000000140)={0xa, 0x4e23, 0x0, @loopback, 0x4}, 0x1c) setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000100)={0x7, 0x84, 0x7, 0x5, 0x5, 0xfd, 0x0, 0x0, 0xfd, 0x5, 0x3, 0x0, 0xff}, 0xe) setsockopt$inet_sctp6_SCTP_RECVRCVINFO(r0, 0x84, 0x20, &(0x7f0000000200)=0x2, 0x4) recvmmsg(r0, &(0x7f0000000280)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000480)=""/181, 0xb5}, 0x8001}], 0x4000000000001c7, 0x10140, 0x0) 1.070445678s ago: executing program 4 (id=3720): perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x65, 0x0, 0x0, 0x0, 0x0, 0x8, 0x40008, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f9cf02e, 0x2, @perf_bp={0x0, 0x2}, 0xd4, 0x5bd20d9e, 0x800000, 0x0, 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1) syz_open_procfs$pagemap(0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, 0x0) r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x2, 0x0, &(0x7f0000000140)={0x0, 0x0}) write(r0, &(0x7f0000000000)="fa", 0xfffffdef) 952.868165ms ago: executing program 3 (id=3721): r0 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x9, 0x652c0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x800000, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000440)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0x1d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f0000000000)=[{0x6, 0x85, 0x7, 0x7ffc0001}]}) timer_create(0x0, 0x0, &(0x7f0000000200)) timer_getoverrun(0x0) 870.973119ms ago: executing program 3 (id=3723): r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4) connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x18, &(0x7f0000000100)=0xfefffff9, 0x4) setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000340)=[@timestamp, @window={0x3, 0x9, 0x7f}, @window={0x3, 0x9, 0x2}, @mss={0x2, 0x400}, @mss={0x2, 0xcb2}, @mss={0x2, 0x3}, @timestamp, @sack_perm], 0x8) setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0), 0x4) 729.446858ms ago: executing program 3 (id=3725): r0 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x44, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40040, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x528, 0x0, @perf_bp={0x0, 0x1}, 0x419, 0x40080000, 0x0, 0x0, 0xce0, 0x1ff, 0x1ff, 0x0, 0x0, 0x0, 0x400000000000007}, 0x0, 0x1, 0xffffffffffffffff, 0xb) futex(&(0x7f000000cffc)=0x1, 0x86, 0x2, 0x0, 0x0, 0xfffffffc) syz_clone3(&(0x7f000000dd80)={0xa04400, 0x0, 0x0, 0x0, {0x12}, 0x0, 0x0, 0x0, 0x0}, 0x58) 729.250798ms ago: executing program 6 (id=3726): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x1, 0x6}, 0x4) setsockopt$packet_fanout_data(r0, 0x107, 0x16, &(0x7f0000000100)={0x3, &(0x7f0000000180)=[{0x28, 0x0, 0xd, 0xfffff034}, {0x50, 0x0, 0x5, 0xfffffffd}, {0x6, 0x0, 0x2, 0xffffffff}]}, 0x10) syz_emit_ethernet(0x3a, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaa8aaaaaa00080046"], 0x0) r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000100)={0x6, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000002000000000000000008082295"], &(0x7f00000002c0)='GPL\x00'}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xb68, 0xffffffffffffff62, &(0x7f0000000000)="ff", 0x0, 0x149c, 0x503, 0x0, 0x0, 0x0, 0x0, 0x2, 0xffff80fe}, 0x48) 554.656198ms ago: executing program 6 (id=3729): r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000004c0), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f00000000c0)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x2}}, 0x20) write$RDMA_USER_CM_CMD_RESOLVE_IP(r0, &(0x7f0000000180)={0x3, 0x40, 0xfa00, {{0xa, 0x4e23, 0xe, @empty, 0x2}, {0xa, 0x4e23, 0x7, @remote, 0x3}, r1, 0x7}}, 0x48) r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000004c0), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f00000000c0)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x2}}, 0x20) write$RDMA_USER_CM_CMD_RESOLVE_IP(r2, &(0x7f0000000180)={0x3, 0x40, 0xfa00, {{0xa, 0x4e23, 0xe, @loopback, 0x2}, {0xa, 0x4e23, 0x7, @remote, 0x3}, r3, 0x7}}, 0x48) 489.034662ms ago: executing program 6 (id=3731): r0 = memfd_create(&(0x7f0000000540)='\x01\xfd\xae.+\xa6\x8c\xb6?2\x199\x94S,|x?Ue[\xbd\xe1!\x033\xbc\'#\xff\x17\x9b%\xf3[d \x06\x00\x00\x00\x97A\xc2\xd8\xf0Uq!\xe4\xc4\xb1\xa2\x1c\xffC;\x94Q\r\xb6}\x9c\xecC\v\xcf\xeb\xe4\x9aR\xe5,\x82\x03\x00\x19\x8d\xe8\xc6\xb9\xe4\xb4\x99\x8a\x19P\xb8\x8cx\b\x99\x04R\x05\xaf\xa2\xea5\f\xcc\x1a\x9b\x00Uf\xa5\xf7\x80Tgiz\nX\b\x91\xfd0\x8e\xb6\xa3\v#\x16\xdf\xb4\xc0\xe6\xb4\xef\xa8i\xd8\xa2\xd2(\x98\x9bA\x8f\x13\xeb\xf4b/\xef!\x8f\xf6]-\xf1k\xb62\x89gEv\x13\xf4\xc7\xb2\xf5\\\x17\x90\xb5\xa6\xa8\xb8o\x0f\xe2 \xe7\x9c$\xd7\xf2@\xf7cdv[\t\x00\x8d\xf3\xcc1\r$\x1e\xff\xf0P\xb2\x97\xb8\xbc\xeb\x91\x87\x8bu\xbf\xd4\'\xff\x1f\f\x016\x9dQ\xeeT\xe8\bY\x00\xb2\x06\xa6\xbel\x9b.o\xbe\x80\x9dx\xd5O\xd6h\\I\xc9\x8d\a\x1d\xc9k\x83\xfc\xa4\xad4\x03\xa2X\x0f\x82\xdbs\xc7\x83L\x9e\xa2\xd1\xb3\xac\x8d\xd8\xb4\xb4\xea\x90Q\xd8\xc7\xeb%\x8bOp\x1ab\x96\xcf\xbb\x15\xcf\xfcN\xed\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00s\xaf\xa2\x14]p+\x96\x1ei|n\xda\xee\\\xae\x96*\x82*\xb8j\xda\xaa\x14\x1f\x1d\xf8\xf8\xae\xfcH\xc4\xb3j\xe8\xcfO\xef\x0e\xafe\xb5*\x89\x18\xb2w\x96\b\x1by\xeaT\xdd\xb3g6\xbc\x85\xb2Y\xccv\x06\x00\x00\x00\xc5e\x90\xc51\x9f\v_# \b\xa5\xbcP,|\xe9\xd6s\x1f\x1f\xbe\xd3\x80\xb1\xa8 \xce|df\x903\v\x02\xea.\x03X\xb5\xe4,8\xb7\xadEI\xdcA\xa7\xcc\xd7\xf9n\x1b\x95\xf8\x11Z\xe6:\x03\xce\xfe\x02\x8ctdy~_oC\x9e\xef\xf0\xa2K\xe9;\x8e:\x01\x03C\x92\xeb\x16\x1c\xbf\xbe\xef\xccUxhg\xdfY\xe6\x83\xa6z\xff\x01\x9d o_{!O\xaajU\x84 \xe9\xb59r\x9cw\x18Z\xd3\xcd\x0e\xba\\\xdb\xf0\xe1\x86\t\xaf\vi\xdc\xbf?\xf5\n\xbd^\x05\xc0\xceuC}\xa8\xc7\xad\x86\xd7\x15&\xb9]1\x05J\x96\xf0\x84\xc1\f\xa6p\x96?\x00\x00\x00\x00\x00\x00\x00\x12\x88\xc8\x9c\xc9Cn\xd4\xa47V\'+\xcc\xbf\r\xa9\x10\x1d\xcf\xebKlb\xe5:\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00G\xdf\xbb\xc0_\x99F\xf4n]\x14\xbc\xcd\xd3\x9f\x9fe\xc5\xe6\xe8Mb\xc6\x82\x82\xcb\xcaXe\xe1\xa2\xaa\x02\x86\xb8\x18\xe2C\xeb\xa9\x17&\x01&\'w\xa1t0\x80\xf0\x93\x80\x9f\x9b\xe0\x9f\xea\xb9\x9eD]#V\xda\x92\xca\xc6\xfa.\xd6\xe31\xfe\xe8\x02\xebX\xbd\nz\x01O\xd3r\xa2\xa9u\x93>m\xd7q\'\xdf\xfajo\xd8n\xa7\xecJi\xde\xdf\x7f\xe3\xc4*Z 4\xe8S$\xa1H=\xdf\x05\xf3\xe3T\xd1\xdd\xc6f\xa4\xb4\x96\\\xa0\xf9\x0f\x17\x11{\xb6\x9d\xd21\xc1\x90Vj\x13r\x00\x00\xde\x03\xab\xff\x8as0\xc6E\xca\"\xd9*\x9a\x15\xb95r\x8f\xaaj\x82\xd6\xd2%\xed\xa2WQ\xec2\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xccX\xfdRB\xffU\xe9\xfa\x1f\xf6\xce\b\xde@\x061\xc6z\xe4\xe0\xc9?\xa7\x94>\x9c\xd1\xa5o\x04\xaaim\xae\xfe\xc7f\xa3\x96\xd7\xb4c)r{\r#\xddI&\n\xf2\xec\xd4\xff\x9f\x136zZ-2\x80\xfbH+\x9b8\xf3\xed\xdf\xa2my\xb28c[\xc3\xfe\xb5M\x84\x97\xa5\'s\xe9\xdc=)I\xabLt2\x9c\v\xd9S', 0x6) fallocate(r0, 0x1, 0x2, 0x7) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r0, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_int(r1, 0x29, 0x1000000000021, &(0x7f0000000040)=0x5, 0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000) 440.042374ms ago: executing program 0 (id=3732): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f0000000000)=[{0x6, 0x5, 0x7, 0x7ffc0001}]}) r1 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x209, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x81, 0x3fff8000}, 0x404, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2008}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000440)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r2) fdatasync(r0) 334.54702ms ago: executing program 0 (id=3733): syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000200)='./file2\x00', 0x1004000, &(0x7f0000000580)={[{@max_batch_time={'max_batch_time', 0x3d, 0x4}}, {@max_batch_time={'max_batch_time', 0x3d, 0x2}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6a}}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@errors_remount}, {@nombcache}]}, 0x1, 0x437, &(0x7f0000000900)="$eJzs289PHFUcAPDv7EKR/hBs6o/Sqmg1En9AobX24EWjiQdNTPRQjwi0wW6LKZjYhigaU4+miXfj0cS/wJNejHoy8ap306QxXFo9rZndGdhddrdAF7a6n08y8N7MW9777szbfW8eE0DPGk1/JBH7I+L3iBiqZusLjFZ/3Vpdnvl7dXkmiXL5rb+SSrmbq8szedH8dfvyTF9E4bMkjjSpd/HylfPTpdLcpSw/sXTh/YnFy1eem78wfW7u3NzFqdOnT56YfOHU1PMdiTON6+bIRwtHD7/2zrU3Zs5ce/fnb5M8/oY4OmS03cEny+UOV9ddB2rSSV8XG8KWFKvdNPor/X8oirF+8obi1U+72jhgR5XL5fIDrQ+vlIH/sSS63QKgO/Iv+nT+m2+7NPS4K9x4qToBSuO+lW3VI31RyMr0N8xvO2k0Is6s/PNVusXO3IcAAKjzfTr+ebbZ+K8QtfeF7s3WUIYj4r6IOBgRpyLiUETcH1Ep+2BEPNSskqR1/Y2LJBvHP4Xr2w5uE9Lx34vZ2lb9+C8f/cVwMcsdqMTfn5ydL80dz96TsegfSPOTber44ZXfvmh1rHb8l25p/flYMGvH9b6B+tfMTi9N30nMtW58EjHS1yz+ZG0lID19hyNiZJt1zD/9zdFWx24ffxsdWGcqfx3xVPX8r0RD/Lmk/frkxD1Rmjs+kV8VG/3y69U3W9V/R/F3QHr+9za9/tfiH05q12sXt17H1T8+bzmn2e71vyd5u27fh9NLS5cmI/Ykr1cbXbt/qqHc1Hr5NP6xY837/8FYfyeORER6ET8cEY9ExKNZ2x+LiMcj4lib+H96+Yn3thf/QJu/2hlp/LNbOv/riT3RuKd5onj+x+/qKh3ebPyRnf+TldRYtmczn3+badf2rmYAAAD47ylExP5ICuNr6UJhfLz6P/yHYm+htLC49MzZhQ8uzlafERiO/kJ+p2uo5n7oZDatz/NTDfkT2X3jL4uDlfz4zEJpttvBQ4/b16L/p/4sdrt1wI7zvBb0Lv0fepf+D71L/4fe1aT/D3ajHcDua/b9/3EX2gHsvob+b9kPeoj5P/Qu/R96l/4PPWlxMG7/kLyExIZEFO6KZkjsUKLbn0wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACd8W8AAAD//zpS5t0=") chdir(&(0x7f0000000240)='./file0\x00') openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpuacct.usage_percpu_user\x00', 0x275a, 0x0) r0 = open(&(0x7f00000000c0)='.\x00', 0x8000, 0x50) getdents(r0, 0x0, 0x0) getdents(r0, &(0x7f0000001fc0)=""/184, 0xb8) 253.053706ms ago: executing program 6 (id=3734): r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4) connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x18, &(0x7f0000000100)=0xfefffff9, 0x4) setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000340)=[@timestamp, @window={0x3, 0x9, 0x7f}, @window={0x3, 0x9, 0x2}, @mss={0x2, 0x400}, @mss={0x2, 0xcb2}, @mss={0x2, 0x3}, @timestamp, @sack_perm], 0x8) setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0), 0x4) 252.856716ms ago: executing program 0 (id=3735): r0 = fsopen(&(0x7f0000000300)='tracefs\x00', 0x1) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x0) fchdir(r1) r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x101000, 0x108) lseek(r2, 0x9, 0x1) 231.437687ms ago: executing program 6 (id=3736): sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000480)=ANY=[], 0x18}}, 0x20004000) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=@gettaction={0x50, 0x32, 0x20, 0x70bd25, 0x25dfdbfe, {}, [@action_gd=@TCA_ACT_TAB={0x1c, 0x1, [{0xc, 0x1c, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'nat\x00'}}, {0xc, 0x1d, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'ife\x00'}}]}, @action_gd=@TCA_ACT_TAB={0x20, 0x1, [{0x10, 0xd, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'mirred\x00'}}, {0xc, 0x17, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'ife\x00'}}]}]}, 0x50}, 0x1, 0x0, 0x0, 0x40000}, 0x4048840) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0300000000000000280012800a00010076786c616e00"], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840) r0 = socket$netlink(0x10, 0x3, 0x0) sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x0) 210.125058ms ago: executing program 5 (id=3737): perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x65, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc093, 0x2, @perf_config_ext={0x100000001, 0xdd1}, 0x0, 0x0, 0x10000, 0x2, 0x2, 0x80000001, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xdfffffffffffffff, 0xffffffffffffffff, 0xa) exit(0xffff) r0 = syz_io_uring_setup(0x5169, &(0x7f0000000200)={0x0, 0x0, 0x10100}, &(0x7f0000000100), &(0x7f0000000000)=0x0) syz_io_uring_setup(0xa94, &(0x7f0000000280)={0x0, 0x8000000, 0x80, 0x0, 0x368}, &(0x7f00000000c0)=0x0, &(0x7f00000005c0)) syz_io_uring_submit(r2, r1, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xfffffffffffffe54}) io_uring_enter(r0, 0x48e9, 0x0, 0x0, 0x0, 0x0) 167.81956ms ago: executing program 0 (id=3738): r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0xa2f01, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = dup(r1) ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000100)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}}) write$tun(r0, &(0x7f0000000000)={@val={0x0, 0x9100}, @void, @eth={@multicast, @local, @val={@val={0x88a8, 0x1, 0x1, 0x1}}, {@ipv4={0x800, @generic={{0x5, 0x4, 0x1, 0x2, 0x1c, 0x68, 0x0, 0x9, 0x11, 0x0, @private=0xa010101, @remote}, "351581a500000000"}}}}}, 0x36) 116.666193ms ago: executing program 6 (id=3739): syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x404, &(0x7f00000000c0)=ANY=[@ANYRES16=0x0, @ANYRES8, @ANYRES8], 0x1, 0x122e, &(0x7f0000002580)="$eJzs3MFrHFUcB/BftqlZU5tErdX2oA+9eBqaHDwJEiQFyYJSG6EVhCmZ6JJxN2SWwIoYe/Lq0b9BPHpTxH8gV/8Cb7mIpxzEEXZSk60NmlqyRT+fy/zIb76Z99hl4S3v7f7rX368uVFlG/kgWlNT0dqKSAcpUrTinhdXm+ut26vLnc7KjZSuL99cfC2lNPfSD+9/+s3LPw4uvPft3Hczsbfwwf4vSz/vXd67sv/7zY+6VepWqdcfpDzd6fcH+Z2ySOvdajNL6Z2yyKsidXtVsT3W3yj7W1vDlPfWL85ubRdVlfLeMG0WwzTop8H2MOUf5t1eyrIsXZwNTnT+729Z+/qgrr+PqOvz8UTUdV0/GbMxFU/FxZiLzyPi6Xgmno1L8Vxcjufjhbgyuusshg8AAAAAAAAAAAAAAAAAAAD/Hwej0/zj5/8vHJ7/n48F5/8BAAAAAAAAAAAAAAAAAADgDLx76/bqcqezciOldkT5xc7azlpzbfrLG9GNMoq4FvPxW4xO/zea+vpbnZVraeRcROwe5nd31s6N5xdHPydwmJ8e9e7lF5t8irvlsfxMzDb5dkQUsRTzcenY89tH+aUH5tvx6ivHnp/FfL0b0Y8y1kfPPsp/tpjSm2937stfHd0HAAAA/wVZ+tPC+Pq3Wb9n2Un9Jn+K7wfuW19Px9Xpyc6diGr4yWZelsX2eNH+y18mVsw8HsM4TdH6N/GZOLHVGmt99VPEpGf6WBTtw/fyo/iHU5OfzkMUdx/J3MeLCX8wcSaOXvRJjwQAAAAAAAAAAIDT+Cf7AX+Nh95FOB0P2Fn2xmSmCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/MEOHAsAAAAACPO3TqNjAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAoQIAAP//uXHE5A==") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) r1 = creat(&(0x7f00000000c0)='./bus\x00', 0x182) pwrite64(0xffffffffffffffff, 0x0, 0x0, 0x7ff) fallocate(r1, 0x0, 0xbf5, 0x2000402) fallocate(r0, 0x1, 0x8a5, 0x1001f0) 116.471253ms ago: executing program 0 (id=3740): setfsgid(0xee00) r0 = syz_clone(0x2008400, 0x0, 0x0, 0x0, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00') fchdir(r1) mount(0x0, &(0x7f0000000140)='.\x00', &(0x7f0000000080)='proc\x00', 0x189, 0x0) syz_open_procfs(r0, &(0x7f0000000180)='smaps_rollup\x00') 90.472075ms ago: executing program 4 (id=3741): syz_mount_image$ext4(&(0x7f0000000bc0)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x0, &(0x7f00000000c0), 0x2, 0xbd1, &(0x7f0000001340)="$eJzs3M1rHOcZAPBnRquVbKtduZRS91KVUmwoXUsuMrUp1C4uvfRQaK8Fq/LKCK0/kFRcyTqskn8gX+dALoEkJiGH+OxLQnLNJbGvCTkETFCsBEJIFGY/pI2lleR4V6PIvx+8mvedd7TP8+ywO/PC7gbwxBrJ/qQRxyLiYhJRau5PI6JY7w1G1BrHra4sTX65sjSZxNravz5LIomIBytLk63HSprbI83BYES8/9ckfvb05rhzC4szE9VqZbY5Pjl/5frJuYXFP0xfmbhcuVy5Onb6T+Onxk+PnhnvWq1ffXTu9he/+fsnta9f/ebW58+/nMS5GGrOtdfRLSMxsv6ctCtExES3g+Wkr1lPe51JYYd/SnucFAAAHaVt93C/iFL0xcbNWyne/iDX5AAAAICuWOuLWAMAAAAOuMT6HwAAAA641ucAHqwsTbZavp9I2Fv3z0fEcKP+1WZrzBSiVt8ORn9EHH6QRPvXWpPGvz22kYj4+N6ZN7IWPfoe8nZqyxHxy63Of1Kvf7j+Le7N9acRMdqF+CMPjX9M9Z/rQvy86wfgyXTnfONCtvn6l67f/8QW17/CFteuHyLv61/r/m910/3fRv19He7//rnLGDdfefFGp7ms/j/f/tvrrZbFz7aPVdQjuL8c8avCVvUn6/UnHeq/uMsYpW9vVDrN5V3/2ksRx2Pr+luS7X+f6OTUdLUy2vi7ZYzl98Zf6xQ/7/qz83+4Q/2t33/qdP6v7zLGfy5ceHPTznsb3e3rTz8tJv+u94rNPf+fmJ+fHYsoJv/YvP/U9rm0jmk9Rlb/id9u//rfqv7sPaHWfB6ytcByc5uNn3oo5l9u3XyrUz6t9V+e5/9Sh/PfXv+7hc3n/5ldxvjdO8+d6DTXvv7NWha/tRYGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgJY0IoYiScvr/TQtlyOORMTP43BavTY3//upa/+7eimbixiO/nRquloZjYhSY5xk47F6f2N86qHxHyPiaES8UDpUH5cnr1Uv5V08AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA645ExFAkaTki0ohYLaVpuZx3VgAAAEDXDeedAAAAANBz1v8AAABw8Fn/AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0GNHf33nbhIRtbOH6i1TbM7155oZ0Gtp3gkAuenLOwEgN4W8EwBy84hrfLcLcAAlO8wPdpwZ6HouAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOxfx4/duZtERO3soXrLFJtz/blmBvRa2tZPcswD2Ht9200W9i4PYO95icOTyxof2GntP7hxTO37MwM9ywkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/Weo3pK0HBHF5r5yOeInETEc/cnUdLUyGhE/jYgPS/0D2Xgs55wBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADovrmFxZmJarUym3XSaHbW9/Sg09eM3MMQvekkjbxr+yWfg90ZeHanY/4bjxmiGPui0n3ayfNdCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAvMwtLM5MVKuV2bm8MwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADyNrewODNRrVZme9jJu0YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPLzXQAAAP//jAsGRw==") openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x8042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x84042, 0x1fb) ioctl$EXT4_IOC_SWAP_BOOT(r0, 0x6611) r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x84042, 0x1fb) ioctl$EXT4_IOC_SWAP_BOOT(r1, 0x6611) 68.005716ms ago: executing program 0 (id=3742): setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f0000000000)=0x2, 0x4) r0 = socket$inet6_sctp(0xa, 0x5, 0x84) r1 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000040)=0x8) sendmmsg$inet6(r0, &(0x7f00000015c0)=[{{&(0x7f0000000200)={0xa, 0x4e23, 0xd08, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x5}, 0x1c, &(0x7f00000007c0)=[{&(0x7f00000008c0)='p$', 0x2}], 0x1}}, {{&(0x7f00000000c0)={0xa, 0x4e22, 0x1, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x3, 0x0}}, 0x30}, 0x1c, &(0x7f0000001700)=[{&(0x7f00000001c0)="ab", 0x1}], 0x1}}, {{&(0x7f0000000480)={0xa, 0x4e20, 0x1, @private0, 0x3}, 0x1c, &(0x7f0000000cc0)=[{&(0x7f0000001740)=' ', 0x1}], 0x1}}], 0x3, 0x20044040) setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r0, 0x84, 0x22, &(0x7f0000000280)={0x2, 0x0, 0x78d, 0x1, r2}, 0x10) 540.21µs ago: executing program 4 (id=3743): r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff) r1 = inotify_init1(0x0) inotify_add_watch(r1, &(0x7f0000000000)='.\x00', 0x2000775) write$binfmt_elf64(r0, &(0x7f0000000500)={{0x7f, 0x45, 0x4c, 0x46, 0x5, 0xfc, 0x0, 0x40, 0x7fff, 0x2, 0x3e, 0xfffbffed, 0x294, 0x40, 0x1dd, 0xf, 0x0, 0x38, 0x1, 0x0, 0x2}, [{0x3, 0x3, 0x4, 0xd, 0x1c8, 0xe6, 0x1004, 0x3}]}, 0x78) close(r0) execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x1000) 0s ago: executing program 4 (id=3744): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000bc0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x1208002, &(0x7f0000000780), 0x1, 0x5de, &(0x7f0000001840)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubac4n0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTsWOfz83jI4yWN/wPPrT7/VzT+742I+WX/d/JX857i3JP/9v3eqj3G/1CeNP4n1tX/rz8xemPgx1b1P1j/f6TR1x/Icsz/wYKv8jDtbs4vCMfsjpzNRSU0GQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeebWI2BVJbWgxXasNDUX0RcQTsbM2dWlm9oUzlz64OJGWNT7/v5Z/0m//wnGSf/7/wJLj0WXHhyNid0R82dHbOB46fWlqouyLBwAAAAAAAAAAAAAAAAAAgG2ir8X+/9QfHWW3Dth0nWU3AChNQfz/UkY7gK2n/4fqEv9QXeIfqkv8Q3WJf6gu8Q/VJf6husQ/AAAAAAD8r+zed/PXJCLmX+5tPFLdWVlXqS0DNlut7AYApXGLH6guS3+gurzHB5I1yntanrTWmauZPv0QJwMAAAAAAAAAAABA5ezfa/8/VJX9/1Bd9v9DdeX7//eV3A5g63mPD8QaO/kL9/+veRYAAAAAAAAAAAAAsJFm5q6cH5+amrws8db2aMZWJur1+tX0p2C7tOcRT+RL4bdLe5Yl8r1+D3ZWeb+TAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAZv8FAAD//y8fJNQ=") bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x15, 0x2000000000000216, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2400000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r0) creat(&(0x7f0000000040)='./bus\x00', 0x0) kernel console output (not intermixed with test programs): 294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7582 comm="syz.5.1394" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73bcbdaeb9 code=0x7ffc0000 [ 99.092056][ T29] audit: type=1326 audit(1769980972.312:725): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7582 comm="syz.5.1394" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73bcbdaeb9 code=0x7ffc0000 [ 99.116480][ T29] audit: type=1326 audit(1769980972.312:726): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7582 comm="syz.5.1394" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f73bcbdaeb9 code=0x7ffc0000 [ 99.139851][ T29] audit: type=1326 audit(1769980972.312:727): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7582 comm="syz.5.1394" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73bcbdaeb9 code=0x7ffc0000 [ 99.164076][ T29] audit: type=1326 audit(1769980972.312:728): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7582 comm="syz.5.1394" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73bcbdaeb9 code=0x7ffc0000 [ 99.188393][ T29] audit: type=1326 audit(1769980972.312:729): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7582 comm="syz.5.1394" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f73bcbdaeb9 code=0x7ffc0000 [ 99.211728][ T29] audit: type=1326 audit(1769980972.312:730): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7582 comm="syz.5.1394" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73bcbdaeb9 code=0x7ffc0000 [ 99.297768][ T7589] set_capacity_and_notify: 1 callbacks suppressed [ 99.297835][ T7589] loop4: detected capacity change from 0 to 1024 [ 99.324315][ T7597] IPv6: Can't replace route, no match found [ 99.438020][ T7609] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1403'. [ 99.764367][ T7641] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1418'. [ 99.773444][ T7641] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1418'. [ 99.839770][ T7649] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1422'. [ 99.950289][ T7660] IPVS: set_ctl: invalid protocol: 47 224.0.0.2:20004 [ 100.255641][ T7675] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1433'. [ 100.348257][ T58] Bluetooth: hci0: Frame reassembly failed (-84) [ 100.422413][ T7697] loop6: detected capacity change from 0 to 1024 [ 100.461644][ T7697] ext4 filesystem being mounted at /136/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 100.479351][ T7705] loop4: detected capacity change from 0 to 1024 [ 100.511356][ T7705] ext4 filesystem being mounted at /281/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 100.530319][ T7705] EXT4-fs error (device loop4): ext4_map_blocks:825: inode #15: block 3: comm syz.4.1443: lblock 3 mapped to illegal pblock 3 (length 3) [ 100.569656][ T7705] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117 [ 100.582044][ T7705] EXT4-fs (loop4): This should not happen!! Data will be lost [ 100.582044][ T7705] [ 100.614107][ T23] hid_parser_main: 76 callbacks suppressed [ 100.614129][ T23] hid-generic 0080:0003:0001.0003: unknown main item tag 0x0 [ 100.627558][ T23] hid-generic 0080:0003:0001.0003: unknown main item tag 0x0 [ 100.637201][ T7712] EXT4-fs error (device loop4): ext4_map_blocks:783: inode #15: block 3: comm syz.4.1443: lblock 3 mapped to illegal pblock 3 (length 1) [ 100.645936][ T23] hid-generic 0080:0003:0001.0003: hidraw0: HID v0.03 Device [syz0] on syz1 [ 100.664571][ T7712] EXT4-fs error (device loop4): ext4_map_blocks:783: inode #15: block 3: comm syz.4.1443: lblock 3 mapped to illegal pblock 3 (length 1) [ 100.682800][ T7705] EXT4-fs error (device loop4): ext4_ext_remove_space:2955: inode #15: comm syz.4.1443: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0) [ 100.707041][ T7705] EXT4-fs error (device loop4) in ext4_setattr:6035: Corrupt filesystem [ 100.739315][ T58] EXT4-fs error (device loop4): ext4_map_blocks:825: inode #15: comm kworker/u8:4: lblock 0 mapped to illegal pblock 0 (length 1) [ 100.759951][ T58] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 117 [ 100.772439][ T58] EXT4-fs (loop4): This should not happen!! Data will be lost [ 100.772439][ T58] [ 101.901293][ T7778] loop5: detected capacity change from 0 to 512 [ 101.908721][ T7778] EXT4-fs: inline encryption not supported [ 101.928558][ T7778] EXT4-fs (loop5): 1 orphan inode deleted [ 101.934813][ T7778] EXT4-fs mount: 35 callbacks suppressed [ 101.934830][ T7778] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 101.954048][ T12] EXT4-fs error (device loop5): ext4_release_dquot:7022: comm kworker/u8:0: Failed to release dquot type 1 [ 101.966973][ T7778] ext4 filesystem being mounted at /149/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 102.018277][ T7782] sch_tbf: burst 22 is lower than device lo mtu (65550) ! [ 102.046806][ T7782] sch_tbf: burst 22 is lower than device lo mtu (65550) ! [ 102.123520][ T5357] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 102.286607][ T7802] loop5: detected capacity change from 0 to 2048 [ 102.299219][ T7802] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 102.379706][ T7809] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1306: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters [ 102.395752][ T7809] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 160 with error 28 [ 102.408362][ T7809] EXT4-fs (loop5): This should not happen!! Data will be lost [ 102.408362][ T7809] [ 102.416160][ T5368] Bluetooth: hci0: command 0x1003 tx timeout [ 102.419887][ T7809] EXT4-fs (loop5): Total free blocks count 0 [ 102.430065][ T7809] EXT4-fs (loop5): Free/Dirty block details [ 102.436046][ T7809] EXT4-fs (loop5): free_blocks=2415919504 [ 102.441810][ T7809] EXT4-fs (loop5): dirty_blocks=160 [ 102.447707][ T7809] EXT4-fs (loop5): Block reservation details [ 102.453739][ T7809] EXT4-fs (loop5): i_reserved_data_blocks=10 [ 102.461070][ T7082] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 102.586725][ T7815] loop6: detected capacity change from 0 to 512 [ 102.617800][ T7815] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 102.651340][ T7815] EXT4-fs error (device loop6): ext4_orphan_get:1391: inode #15: comm syz.6.1499: iget: bad i_size value: 38620345925642 [ 102.713619][ T7825] IPv6: A: Disabled Multicast RS [ 102.719700][ T7815] EXT4-fs (loop6): Remounting filesystem read-only [ 102.730148][ T7815] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 102.837293][ T5433] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 102.891597][ T7835] loop6: detected capacity change from 0 to 128 [ 102.923767][ T7835] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 102.933110][ T7835] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 103.221969][ T7859] loop3: detected capacity change from 0 to 1024 [ 103.254452][ T12] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 160 with max blocks 2048 with error 28 [ 103.271223][ T7859] EXT4-fs (loop3): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 103.292306][ T7859] ext4 filesystem being mounted at /321/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 103.338044][ T7859] EXT4-fs error (device loop3): ext4_map_blocks:825: inode #15: block 3: comm syz.3.1509: lblock 3 mapped to illegal pblock 3 (length 3) [ 103.345243][ T7866] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1513'. [ 103.386883][ T7859] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117 [ 103.395600][ T7871] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1515'. [ 103.399338][ T7859] EXT4-fs (loop3): This should not happen!! Data will be lost [ 103.399338][ T7859] [ 103.422591][ T7859] EXT4-fs error (device loop3): ext4_map_blocks:783: inode #15: block 3: comm syz.3.1509: lblock 3 mapped to illegal pblock 3 (length 1) [ 103.454245][ T7859] EXT4-fs error (device loop3): ext4_map_blocks:783: inode #15: block 3: comm syz.3.1509: lblock 3 mapped to illegal pblock 3 (length 1) [ 103.512565][ T7859] EXT4-fs error (device loop3): ext4_map_blocks:783: inode #15: block 3: comm syz.3.1509: lblock 3 mapped to illegal pblock 3 (length 1) [ 103.565489][ T7877] EXT4-fs error (device loop3): ext4_ext_remove_space:2955: inode #15: comm syz.3.1509: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0) [ 103.616038][ T7877] EXT4-fs error (device loop3) in ext4_setattr:6035: Corrupt filesystem [ 103.663593][ T2122] EXT4-fs error (device loop3): ext4_map_blocks:825: inode #15: comm kworker/u8:6: lblock 0 mapped to illegal pblock 0 (length 1) [ 103.687808][ T2122] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 117 [ 103.700193][ T2122] EXT4-fs (loop3): This should not happen!! Data will be lost [ 103.700193][ T2122] [ 103.731025][ T3316] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 103.908578][ T7903] loop6: detected capacity change from 0 to 512 [ 103.947200][ T7903] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 103.966224][ T7903] ext4 filesystem being mounted at /158/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 103.991473][ T29] kauditd_printk_skb: 61 callbacks suppressed [ 103.991492][ T29] audit: type=1400 audit(1769980977.262:791): avc: denied { setattr } for pid=7902 comm="syz.6.1526" name="file1" dev="loop6" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 104.023013][ T7903] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.1526: bg 0: block 217: padding at end of block bitmap is not set [ 104.066386][ T7913] sch_tbf: burst 22 is lower than device lo mtu (11337746) ! [ 104.087961][ T5433] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 104.112643][ T7913] sch_tbf: burst 22 is lower than device lo mtu (11337746) ! [ 104.280397][ T29] audit: type=1400 audit(1769980977.532:792): avc: denied { rename } for pid=7922 comm="syz.3.1543" name="file0" dev="tmpfs" ino=1711 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1 [ 104.303036][ T29] audit: type=1400 audit(1769980977.532:793): avc: denied { unlink } for pid=7922 comm="syz.3.1543" name="file0" dev="tmpfs" ino=1711 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1 [ 104.373911][ T7934] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1539'. [ 104.550784][ T7951] syzkaller1: tun_chr_ioctl cmd 1074025680 [ 104.571676][ T7951] syzkaller1: tun_chr_ioctl cmd 35108 [ 104.749581][ T7970] netlink: 679 bytes leftover after parsing attributes in process `syz.6.1555'. [ 105.146058][ T29] audit: type=1400 audit(1769980978.422:794): avc: denied { bind } for pid=8015 comm="syz.6.1569" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 105.190302][ T29] audit: type=1400 audit(1769980978.452:795): avc: denied { listen } for pid=8015 comm="syz.6.1569" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 105.246765][ T8029] Invalid logical block size (1) [ 105.340627][ T8037] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1574'. [ 105.382884][ T29] audit: type=1400 audit(1769980978.642:796): avc: denied { create } for pid=8041 comm="syz.6.1576" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1 [ 105.403067][ T29] audit: type=1400 audit(1769980978.652:797): avc: denied { bind } for pid=8041 comm="syz.6.1576" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1 [ 105.566939][ T8052] syzkaller1: tun_chr_ioctl cmd 1074025680 [ 105.577421][ T8052] syzkaller1: tun_chr_ioctl cmd 35108 [ 105.852128][ T29] audit: type=1400 audit(1769980979.102:798): avc: denied { read } for pid=8064 comm="syz.3.1588" laddr=fe80::aa lport=52311 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 106.189549][ T8098] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1601'. [ 106.217555][ T8098] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1601'. [ 106.307084][ T29] audit: type=1400 audit(1769980979.582:799): avc: denied { map } for pid=8103 comm="syz.5.1604" path="socket:[20523]" dev="sockfs" ino=20523 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 106.400177][ T8108] netlink: 51 bytes leftover after parsing attributes in process `syz.5.1607'. [ 106.463885][ T29] audit: type=1326 audit(1769980979.732:800): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8111 comm="syz.5.1608" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73bcbdaeb9 code=0x7ffc0000 [ 106.940992][ T8123] loop5: detected capacity change from 0 to 1024 [ 106.956607][ T8123] EXT4-fs: inline encryption not supported [ 106.982396][ T8123] EXT4-fs (loop5): stripe (29788) is not aligned with cluster size (4096), stripe is disabled [ 106.998417][ T8123] EXT4-fs error (device loop5): ext4_free_blocks:6728: comm syz.5.1614: Freeing blocks not in datazone - block = 0, count = 4096 [ 107.013276][ T8123] EXT4-fs (loop5): Remounting filesystem read-only [ 107.027108][ T8129] loop4: detected capacity change from 0 to 128 [ 107.045682][ T8123] EXT4-fs (loop5): 1 orphan inode deleted [ 107.062892][ T12] EXT4-fs (loop5): Quota write (off=2048, len=1024) cancelled because transaction is not started [ 107.074199][ T12] EXT4-fs (loop5): Quota write (off=2048, len=1024) cancelled because transaction is not started [ 107.097289][ T8129] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 107.114352][ T8123] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 107.158377][ T8129] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 107.170791][ T12] EXT4-fs (loop5): Quota write (off=8, len=24) cancelled because transaction is not started [ 107.227059][ T8138] loop4: detected capacity change from 0 to 128 [ 107.314521][ T8138] syz.4.1620: attempt to access beyond end of device [ 107.314521][ T8138] loop4: rw=0, sector=121, nr_sectors = 920 limit=128 [ 107.619242][ T8172] loop3: detected capacity change from 0 to 128 [ 107.637534][ T8172] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 107.678401][ T8176] loop6: detected capacity change from 0 to 1024 [ 107.685388][ T8172] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 107.740962][ T8176] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 107.794721][ T5357] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 107.888541][ T5433] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 108.141299][ T8196] capability: warning: `syz.5.1643' uses 32-bit capabilities (legacy support in use) [ 108.234557][ T8213] loop6: detected capacity change from 0 to 512 [ 108.273605][ T8213] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 108.302953][ T8218] loop4: detected capacity change from 0 to 1024 [ 108.309811][ T8213] ext4 filesystem being mounted at /175/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 108.318509][ T8218] EXT4-fs: inline encryption not supported [ 108.330597][ T8218] EXT4-fs (loop4): stripe (29788) is not aligned with cluster size (4096), stripe is disabled [ 108.338395][ T8213] EXT4-fs error (device loop6): ext4_search_dir:1474: inode #2: block 3: comm syz.6.1648: bad entry in directory: directory entry overrun - offset=16444, inode=113, rec_len=2048, size=2048 fake=0 [ 108.365098][ T8213] EXT4-fs error (device loop6): ext4_readdir:264: inode #2: block 3: comm syz.6.1648: path /175/file0: bad entry in directory: directory entry overrun - offset=60, inode=113, rec_len=2048, size=2048 fake=0 [ 108.383354][ T8218] EXT4-fs error (device loop4): ext4_free_blocks:6728: comm syz.4.1649: Freeing blocks not in datazone - block = 0, count = 4096 [ 108.389565][ T8213] EXT4-fs error (device loop6): ext4_readdir:264: inode #2: block 12: comm syz.6.1648: path /175/file0: bad entry in directory: directory entry overrun - offset=0, inode=5066064, rec_len=65536, size=2048 fake=0 [ 108.404090][ T8218] EXT4-fs (loop4): Remounting filesystem read-only [ 108.422135][ T8213] EXT4-fs error (device loop6): ext4_readdir:264: inode #2: block 13: comm syz.6.1648: path /175/file0: bad entry in directory: directory entry overrun - offset=0, inode=3653246737, rec_len=65536, size=2048 fake=0 [ 108.428252][ T8218] EXT4-fs (loop4): 1 orphan inode deleted [ 108.452242][ T6911] EXT4-fs (loop4): Quota write (off=2048, len=1024) cancelled because transaction is not started [ 108.453006][ T8218] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 108.462916][ T6911] EXT4-fs (loop4): Quota write (off=2048, len=1024) cancelled because transaction is not started [ 108.463136][ T6911] EXT4-fs (loop4): Quota write (off=8, len=24) cancelled because transaction is not started [ 108.504504][ T5433] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 108.647451][ T8235] loop6: detected capacity change from 0 to 1024 [ 108.667237][ T8235] EXT4-fs: Ignoring removed nobh option [ 108.693780][ T8235] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 108.740628][ T8235] EXT4-fs error (device loop6): ext4_mb_mark_diskspace_used:4215: comm syz.6.1657: Allocating blocks 497-513 which overlap fs metadata [ 108.892300][ T5433] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 108.958880][ T3310] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 109.043001][ T8258] loop6: detected capacity change from 0 to 128 [ 109.159523][ T8263] netlink: 'syz.0.1669': attribute type 1 has an invalid length. [ 109.167440][ T8263] netlink: 'syz.0.1669': attribute type 4 has an invalid length. [ 109.175240][ T8263] netlink: 15334 bytes leftover after parsing attributes in process `syz.0.1669'. [ 109.287542][ T8269] veth1_to_bond: entered allmulticast mode [ 109.297434][ T8269] veth1_to_bond: left allmulticast mode [ 109.379586][ T8281] loop3: detected capacity change from 0 to 1024 [ 109.401249][ T8281] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 109.621208][ T8296] EXT4-fs: Ignoring removed mblk_io_submit option [ 109.670920][ T8296] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 109.690684][ T3316] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 109.715349][ T8295] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.1682: bg 0: block 234: padding at end of block bitmap is not set [ 109.760645][ T8295] EXT4-fs (loop5): Remounting filesystem read-only [ 109.767647][ T8295] EXT4-fs (loop5): error restoring inline_data for inode -- potential data loss! (inode 18, error -30) [ 109.781281][ T8305] EXT4-fs warning (device loop6): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 109.792955][ T8305] EXT4-fs warning (device loop6): dx_probe:849: Enable large directory feature to access it [ 109.803111][ T8305] EXT4-fs warning (device loop6): dx_probe:934: inode #2: comm syz.6.1684: Corrupt directory, running e2fsck is recommended [ 109.838177][ T8305] EXT4-fs (loop6): Cannot turn on journaled quota: type 1: error -117 [ 109.847418][ T5357] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 109.864661][ T8305] EXT4-fs error (device loop6): ext4_iget_extra_inode:5073: inode #15: comm syz.6.1684: corrupted in-inode xattr: e_name out of bounds [ 109.896753][ T8305] EXT4-fs error (device loop6): ext4_orphan_get:1396: comm syz.6.1684: couldn't read orphan inode 15 (err -117) [ 109.918305][ T8305] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 109.932852][ T8305] EXT4-fs warning (device loop6): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 109.945235][ T8305] EXT4-fs warning (device loop6): dx_probe:849: Enable large directory feature to access it [ 109.955438][ T8305] EXT4-fs warning (device loop6): dx_probe:934: inode #2: comm syz.6.1684: Corrupt directory, running e2fsck is recommended [ 109.970106][ T8305] EXT4-fs warning (device loop6): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 109.981670][ T8305] EXT4-fs warning (device loop6): dx_probe:849: Enable large directory feature to access it [ 109.991836][ T8305] EXT4-fs warning (device loop6): dx_probe:934: inode #2: comm syz.6.1684: Corrupt directory, running e2fsck is recommended [ 110.019862][ T8312] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended [ 110.044765][ T8313] EXT4-fs warning (device loop6): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 110.057180][ T8313] EXT4-fs warning (device loop6): dx_probe:849: Enable large directory feature to access it [ 110.067318][ T8313] EXT4-fs warning (device loop6): dx_probe:934: inode #2: comm syz.6.1684: Corrupt directory, running e2fsck is recommended [ 110.082296][ T8305] EXT4-fs warning (device loop6): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 110.097319][ T8312] EXT4-fs (loop5): warning: checktime reached, running e2fsck is recommended [ 110.106618][ T8312] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a842c01c, mo2=0002] [ 110.114744][ T8312] System zones: 0-2, 18-18, 34-34 [ 110.122672][ T8312] EXT4-fs error (device loop5): ext4_orphan_get:1417: comm syz.5.1686: bad orphan inode 15 [ 110.133158][ T8312] ext4_test_bit(bit=14, block=18) = 1 [ 110.138604][ T8312] is_bad_inode(inode)=0 [ 110.142777][ T8312] NEXT_ORPHAN(inode)=2264924160 [ 110.148428][ T8312] max_ino=32 [ 110.151674][ T8312] i_nlink=0 [ 110.155689][ T8312] EXT4-fs error (device loop5): ext4_do_update_inode:5617: inode #15: comm syz.5.1686: corrupted inode contents [ 110.171247][ T8312] EXT4-fs error (device loop5): ext4_dirty_inode:6502: inode #15: comm syz.5.1686: mark_inode_dirty error [ 110.184126][ T8312] EXT4-fs error (device loop5): ext4_do_update_inode:5617: inode #15: comm syz.5.1686: corrupted inode contents [ 110.196320][ T8312] EXT4-fs error (device loop5): ext4_xattr_delete_inode:3001: inode #15: comm syz.5.1686: mark_inode_dirty error [ 110.209581][ T8312] EXT4-fs error (device loop5): ext4_xattr_delete_inode:3004: inode #15: comm syz.5.1686: mark inode dirty (error -117) [ 110.222609][ T8312] EXT4-fs warning (device loop5): ext4_evict_inode:273: xattr delete (err -117) [ 110.233988][ T8312] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 110.247872][ T5433] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 110.254755][ T8312] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.1686: bg 0: block 80: padding at end of block bitmap is not set [ 110.295096][ T8316] EXT4-fs: Ignoring removed bh option [ 110.306701][ T5357] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 110.306980][ T8316] EXT4-fs (loop6): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 110.344114][ T8316] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 110.394853][ T8316] EXT4-fs error (device loop6): ext4_read_inline_dir:1486: inode #12: block 7: comm syz.6.1688: path /189/file1/file0: bad entry in directory: rec_len is too small for name_len - offset=40, inode=14, rec_len=40, size=80 fake=0 [ 110.473932][ T8316] EXT4-fs (loop6): Remounting filesystem read-only [ 110.533413][ T5433] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 110.599690][ T29] kauditd_printk_skb: 68 callbacks suppressed [ 110.599709][ T29] audit: type=1400 audit(1769980983.872:859): avc: denied { mounton } for pid=8329 comm="syz.6.1695" path="/190/file0" dev="tmpfs" ino=1019 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 110.600044][ T8330] FAT-fs (loop13): unable to read boot sector [ 110.765824][ T8338] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1692'. [ 111.120699][ T8353] EXT4-fs: inline encryption not supported [ 111.143853][ T8353] EXT4-fs: Ignoring removed nobh option [ 111.149541][ T8353] EXT4-fs: Ignoring removed bh option [ 111.201183][ T8353] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 111.216798][ T29] audit: type=1400 audit(1769980984.492:860): avc: denied { create } for pid=8352 comm="syz.3.1703" name="bus" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1 [ 111.251345][ T29] audit: type=1400 audit(1769980984.512:861): avc: denied { add_name } for pid=8352 comm="syz.3.1703" name="file1" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1 [ 111.273611][ T3316] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 112.672465][ T8487] set_capacity_and_notify: 5 callbacks suppressed [ 112.672483][ T8487] loop6: detected capacity change from 0 to 2048 [ 112.704887][ T8487] EXT4-fs: Ignoring removed mblk_io_submit option [ 112.753117][ T8487] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 112.813500][ T8486] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.1727: bg 0: block 234: padding at end of block bitmap is not set [ 112.832057][ T8486] EXT4-fs (loop6): Remounting filesystem read-only [ 112.839308][ T8486] EXT4-fs (loop6): error restoring inline_data for inode -- potential data loss! (inode 18, error -30) [ 112.870663][ T5433] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 113.187621][ T8516] loop3: detected capacity change from 0 to 512 [ 113.209582][ T8518] loop6: detected capacity change from 0 to 1024 [ 113.227802][ T8518] EXT4-fs: inline encryption not supported [ 113.228715][ T8516] EXT4-fs error (device loop3): ext4_orphan_get:1391: inode #15: comm syz.3.1740: iget: bad i_size value: 38620345925642 [ 113.252606][ T8518] EXT4-fs: Ignoring removed nobh option [ 113.258391][ T8518] EXT4-fs: Ignoring removed bh option [ 113.261649][ T8516] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.1740: couldn't read orphan inode 15 (err -117) [ 113.282080][ T8516] EXT4-fs (loop3): mounted filesystem 00000000-0000-00a1-0000-000000000000 r/w without journal. Quota mode: writeback. [ 113.298444][ T8518] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 113.323298][ T29] audit: type=1400 audit(1769980986.592:862): avc: denied { remount } for pid=8515 comm="syz.3.1740" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 113.343665][ T29] audit: type=1400 audit(1769980986.592:863): avc: denied { setopt } for pid=8522 comm="syz.0.1736" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 113.364975][ T5433] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 113.364979][ T8516] EXT4-fs (loop3): re-mounted 00000000-0000-00a1-0000-000000000000 ro. [ 113.396198][ T3316] EXT4-fs (loop3): unmounting filesystem 00000000-0000-00a1-0000-000000000000. [ 113.504727][ T8532] vhci_hcd vhci_hcd.4: invalid port number 254 [ 113.539303][ T8534] loop3: detected capacity change from 0 to 512 [ 113.547939][ T8534] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 113.564594][ T8534] EXT4-fs (loop3): 1 truncate cleaned up [ 113.577596][ T8534] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 113.613134][ T3316] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 113.904993][ T8549] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1751'. [ 113.914026][ T8549] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1751'. [ 113.938619][ T8539] loop3: detected capacity change from 0 to 32768 [ 113.946564][ T8549] A link change request failed with some changes committed already. Interface ip_vti0 may have been left with an inconsistent configuration, please check. [ 113.989211][ T3296] loop3: p1 p2 p3 < p5 > [ 113.993746][ T3296] loop3: p1 size 242222080 extends beyond EOD, truncated [ 113.994953][ T8552] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1752'. [ 114.010850][ T8552] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1752'. [ 114.020327][ T3296] loop3: p2 start 16777215 is beyond EOD, truncated [ 114.044615][ T8539] loop3: p1 p2 p3 < p5 > [ 114.053316][ T8539] loop3: p1 size 242222080 extends beyond EOD, truncated [ 114.066021][ T8539] loop3: p2 start 16777215 is beyond EOD, truncated [ 114.089041][ T8556] netlink: 'syz.5.1754': attribute type 3 has an invalid length. [ 114.096933][ T8556] netlink: 'syz.5.1754': attribute type 4 has an invalid length. [ 114.104843][ T8556] netlink: 9067 bytes leftover after parsing attributes in process `syz.5.1754'. [ 114.178552][ T3488] udevd[3488]: inotify_add_watch(7, /dev/loop3p5, 10) failed: No such file or directory [ 114.185597][ T3302] udevd[3302]: inotify_add_watch(7, /dev/loop3p3, 10) failed: No such file or directory [ 114.191680][ T3296] udevd[3296]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory [ 114.223244][ T8562] loop4: detected capacity change from 0 to 512 [ 114.260009][ T8562] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 114.276894][ T3296] udevd[3296]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory [ 114.299460][ T3526] udevd[3526]: inotify_add_watch(7, /dev/loop3p5, 10) failed: No such file or directory [ 114.299468][ T3488] udevd[3488]: inotify_add_watch(7, /dev/loop3p3, 10) failed: No such file or directory [ 114.300550][ T8562] EXT4-fs (loop4): 1 truncate cleaned up [ 114.332305][ T8562] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 114.354551][ T29] audit: type=1400 audit(1769980987.622:864): avc: denied { ioctl } for pid=8570 comm="syz.3.1758" path="/dev/input/event1" dev="devtmpfs" ino=243 ioctlcmd=0x4525 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1 [ 114.384673][ T3310] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 114.682041][ T29] audit: type=1400 audit(1769980987.932:865): avc: denied { setopt } for pid=8575 comm="syz.3.1762" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 114.828504][ T8599] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1772'. [ 115.099294][ T10] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 115.208156][ T29] audit: type=1400 audit(1769980988.482:866): avc: denied { read } for pid=8626 comm="syz.6.1783" name="autofs" dev="devtmpfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1 [ 115.231510][ T29] audit: type=1400 audit(1769980988.482:867): avc: denied { open } for pid=8626 comm="syz.6.1783" path="/dev/autofs" dev="devtmpfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1 [ 115.289682][ T8629] loop4: detected capacity change from 0 to 1024 [ 115.360147][ T8629] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 115.372026][ T7082] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 115.415647][ T29] audit: type=1400 audit(1769980988.682:868): avc: denied { ioctl } for pid=8626 comm="syz.6.1783" path="/dev/autofs" dev="devtmpfs" ino=91 ioctlcmd=0x9375 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1 [ 115.515188][ T3310] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 115.761323][ T10] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 116.023709][ T52] Bluetooth: hci0: Frame reassembly failed (-84) [ 116.099951][ T8451] Bluetooth: hci1: Frame reassembly failed (-84) [ 117.248969][ T8818] netlink: 'syz.0.1812': attribute type 1 has an invalid length. [ 117.271203][ T8818] 8021q: adding VLAN 0 to HW filter on device bond2 [ 117.312027][ T8818] 8021q: adding VLAN 0 to HW filter on device bond2 [ 117.321985][ T8818] bond2: (slave gre2): The slave device specified does not support setting the MAC address [ 117.334537][ T8818] bond2: (slave gre2): Error -95 calling set_mac_address [ 117.497371][ T8837] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1821'. [ 117.573622][ T8832] mmap: syz.4.1819 (8832) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 117.611293][ T29] audit: type=1400 audit(1769980990.882:869): avc: denied { create } for pid=8846 comm="syz.5.1826" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1 [ 117.655395][ T29] audit: type=1400 audit(1769980990.902:870): avc: denied { ioctl } for pid=8846 comm="syz.5.1826" path="socket:[22345]" dev="sockfs" ino=22345 ioctlcmd=0x890b scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1 [ 117.883095][ T8873] netlink: 'syz.0.1837': attribute type 1 has an invalid length. [ 117.927697][ T29] audit: type=1326 audit(1769980991.202:871): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8877 comm="syz.5.1839" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73bcbdaeb9 code=0x7ffc0000 [ 117.951309][ T29] audit: type=1326 audit(1769980991.202:872): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8877 comm="syz.5.1839" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73bcbdaeb9 code=0x7ffc0000 [ 117.974708][ T29] audit: type=1326 audit(1769980991.202:873): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8877 comm="syz.5.1839" exe="/root/syz-executor" sig=0 arch=c000003e syscall=326 compat=0 ip=0x7f73bcbdaeb9 code=0x7ffc0000 [ 117.998069][ T29] audit: type=1326 audit(1769980991.202:874): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8877 comm="syz.5.1839" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73bcbdaeb9 code=0x7ffc0000 [ 118.021496][ T29] audit: type=1326 audit(1769980991.202:875): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8877 comm="syz.5.1839" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73bcbdaeb9 code=0x7ffc0000 [ 118.035083][ T8873] bond3: entered promiscuous mode [ 118.044958][ T29] audit: type=1326 audit(1769980991.202:876): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8877 comm="syz.5.1839" exe="/root/syz-executor" sig=0 arch=c000003e syscall=432 compat=0 ip=0x7f73bcbdaeb9 code=0x7ffc0000 [ 118.044998][ T29] audit: type=1326 audit(1769980991.202:877): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8877 comm="syz.5.1839" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73bcbdaeb9 code=0x7ffc0000 [ 118.052883][ T8873] 8021q: adding VLAN 0 to HW filter on device bond3 [ 118.073380][ T29] audit: type=1326 audit(1769980991.202:878): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8877 comm="syz.5.1839" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73bcbdaeb9 code=0x7ffc0000 [ 118.117827][ T8880] bond3: (slave bridge1): making interface the new active one [ 118.134868][ T8880] bridge1: entered promiscuous mode [ 118.156235][ T5368] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 118.164132][ T8880] bond3: (slave bridge1): Enslaving as an active interface with an up link [ 118.172947][ T3754] Bluetooth: hci1: command 0x1003 tx timeout [ 118.180869][ T7082] Bluetooth: hci1: Opcode 0x1003 failed: -110 [ 118.540380][ T8914] loop5: detected capacity change from 0 to 512 [ 118.587888][ T8914] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 118.627324][ T8914] ext4 filesystem being mounted at /238/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 118.703199][ T5357] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 119.137611][ T8940] loop4: detected capacity change from 0 to 2048 [ 119.239475][ T3296] Alternate GPT is invalid, using primary GPT. [ 119.246038][ T3296] loop4: p2 p3 p7 [ 119.332181][ T8962] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 119.360238][ T8940] Alternate GPT is invalid, using primary GPT. [ 119.366711][ T8940] loop4: p2 p3 p7 [ 119.381703][ T8962] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 119.545031][ T3302] udevd[3302]: inotify_add_watch(7, /dev/loop4p3, 10) failed: No such file or directory [ 119.551482][ T3296] udevd[3296]: inotify_add_watch(7, /dev/loop4p2, 10) failed: No such file or directory [ 119.561227][ T3488] udevd[3488]: inotify_add_watch(7, /dev/loop4p7, 10) failed: No such file or directory [ 120.389006][ T9025] PF_CAN: dropped non conform CAN XL skbuff: dev type 280, len 40 [ 120.414103][ T9028] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 120.433099][ T9028] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 120.845332][ T9018] No such timeout policy "syz1" [ 120.953374][ T9055] loop5: detected capacity change from 0 to 512 [ 121.032474][ T9055] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 121.071307][ T9055] EXT4-fs (loop5): 1 truncate cleaned up [ 121.083553][ T9055] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 121.149327][ T5357] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 121.650506][ T9091] batadv_slave_1: entered promiscuous mode [ 121.657032][ T9091] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1929'. [ 121.666990][ T9091] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 121.685844][ T9091] batadv_slave_1 (unregistering): left promiscuous mode [ 121.706793][ T9091] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 121.783721][ T9093] loop6: detected capacity change from 0 to 2048 [ 121.798053][ T9093] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none. [ 121.825630][ T9103] netlink: 14 bytes leftover after parsing attributes in process `syz.0.1934'. [ 121.908611][ T9103] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 121.946514][ T5433] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000900. [ 121.957795][ T9103] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 121.995467][ T9103] bond0 (unregistering): Released all slaves [ 122.255417][ T9132] loop3: detected capacity change from 0 to 256 [ 122.279011][ T9132] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 122.463969][ T9146] TCP: TCP_TX_DELAY enabled [ 122.554104][ T9156] netlink: 14 bytes leftover after parsing attributes in process `syz.5.1953'. [ 122.616033][ T29] kauditd_printk_skb: 46 callbacks suppressed [ 122.616054][ T29] audit: type=1400 audit(1769980995.882:925): avc: denied { sys_module } for pid=9157 comm="syz.0.1955" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 122.701317][ T9156] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 122.722939][ T29] audit: type=1326 audit(1769980995.982:926): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9162 comm="syz.0.1956" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65283eaeb9 code=0x7ffc0000 [ 122.746400][ T29] audit: type=1326 audit(1769980995.982:927): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9162 comm="syz.0.1956" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65283eaeb9 code=0x7ffc0000 [ 122.769845][ T29] audit: type=1326 audit(1769980995.982:928): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9162 comm="syz.0.1956" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65283eaeb9 code=0x7ffc0000 [ 122.793244][ T29] audit: type=1326 audit(1769980995.982:929): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9162 comm="syz.0.1956" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f65283eaeb9 code=0x7ffc0000 [ 122.816658][ T29] audit: type=1326 audit(1769980995.982:930): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9162 comm="syz.0.1956" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65283eaeb9 code=0x7ffc0000 [ 122.844032][ T9156] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 122.865670][ T9156] bond0 (unregistering): Released all slaves [ 122.896993][ T9167] loop4: detected capacity change from 0 to 128 [ 122.906444][ T29] audit: type=1326 audit(1769980996.092:931): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9162 comm="syz.0.1956" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65283eaeb9 code=0x7ffc0000 [ 122.929868][ T29] audit: type=1326 audit(1769980996.092:932): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9162 comm="syz.0.1956" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65283eaeb9 code=0x7ffc0000 [ 122.953443][ T29] audit: type=1326 audit(1769980996.112:933): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9162 comm="syz.0.1956" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f65283eaeb9 code=0x7ffc0000 [ 122.976810][ T29] audit: type=1326 audit(1769980996.112:934): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9162 comm="syz.0.1956" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65283eaeb9 code=0x7ffc0000 [ 123.005479][ T9167] FAT-fs (loop4): bogus number of FAT sectors [ 123.011854][ T9167] FAT-fs (loop4): Can't find a valid FAT filesystem [ 123.202656][ T9185] loop5: detected capacity change from 0 to 2048 [ 123.266421][ T9185] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none. [ 123.295510][ T5357] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000900. [ 123.552881][ T10] Process accounting resumed [ 124.011674][ T9260] loop5: detected capacity change from 0 to 256 [ 124.027002][ T9260] FAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 124.887890][ T9322] loop3: detected capacity change from 0 to 128 [ 124.904909][ T9322] FAT-fs (loop3): bogus number of FAT sectors [ 124.911790][ T9322] FAT-fs (loop3): Can't find a valid FAT filesystem [ 125.065490][ T9336] netlink: 'syz.3.2025': attribute type 1 has an invalid length. [ 125.152806][ T9349] loop5: detected capacity change from 0 to 512 [ 125.161373][ T9349] EXT4-fs: Mount option(s) incompatible with ext2 [ 125.420905][ T9362] loop5: detected capacity change from 0 to 4096 [ 125.441631][ T9362] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 125.483937][ T5357] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 125.923020][ T9389] loop6: detected capacity change from 0 to 128 [ 125.954151][ T9389] FAT-fs (loop6): bogus number of FAT sectors [ 125.960368][ T9389] FAT-fs (loop6): Can't find a valid FAT filesystem [ 126.342498][ T3417] Process accounting resumed [ 126.386785][ T9418] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=8192 sclass=netlink_route_socket pid=9418 comm=syz.4.2057 [ 126.541648][ T9423] netlink: 36 bytes leftover after parsing attributes in process `syz.6.2059'. [ 126.638562][ T9427] 9p: Bad value for 'rfdno' [ 126.868840][ T9456] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2074'. [ 127.072919][ T9472] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2081'. [ 127.081955][ T9472] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2081'. [ 127.417898][ T9506] loop5: detected capacity change from 0 to 512 [ 127.427369][ T9506] EXT4-fs: Ignoring removed nomblk_io_submit option [ 127.443664][ T9506] EXT4-fs (loop5): revision level too high, forcing read-only mode [ 127.451794][ T9506] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=842c01c, mo2=0002] [ 127.461487][ T9506] EXT4-fs (loop5): couldn't mount RDWR because of unsupported optional features (80) [ 127.471887][ T9506] EXT4-fs (loop5): Skipping orphan cleanup due to unknown ROCOMPAT features [ 127.481447][ T9506] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 127.496634][ T9506] EXT4-fs warning (device loop5): dx_probe:861: inode #2: comm syz.5.2095: dx entry: limit 65535 != root limit 120 [ 127.508879][ T9506] EXT4-fs warning (device loop5): dx_probe:934: inode #2: comm syz.5.2095: Corrupt directory, running e2fsck is recommended [ 127.522173][ T9506] EXT4-fs error (device loop5): ext4_readdir:264: inode #2: block 3: comm syz.5.2095: path /291/file0: bad entry in directory: directory entry overrun - offset=0, inode=4294967295, rec_len=65552, size=1024 fake=0 [ 127.554993][ T5357] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 127.644641][ T9521] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2100'. [ 127.703083][ T9528] loop6: detected capacity change from 0 to 128 [ 127.726111][ T9530] netlink: 'syz.5.2103': attribute type 2 has an invalid length. [ 128.304801][ T29] kauditd_printk_skb: 107 callbacks suppressed [ 128.304820][ T29] audit: type=1326 audit(1769981001.572:1042): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9551 comm="syz.5.2112" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73bcbdaeb9 code=0x7ffc0000 [ 128.339892][ T29] audit: type=1326 audit(1769981001.582:1043): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9551 comm="syz.5.2112" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73bcbdaeb9 code=0x7ffc0000 [ 128.363585][ T29] audit: type=1326 audit(1769981001.582:1044): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9551 comm="syz.5.2112" exe="/root/syz-executor" sig=0 arch=c000003e syscall=48 compat=0 ip=0x7f73bcbdaeb9 code=0x7ffc0000 [ 128.387024][ T29] audit: type=1326 audit(1769981001.582:1045): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9551 comm="syz.5.2112" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73bcbdaeb9 code=0x7ffc0000 [ 128.410793][ T29] audit: type=1326 audit(1769981001.582:1046): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9551 comm="syz.5.2112" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f73bcbdaeb9 code=0x7ffc0000 [ 128.434251][ T29] audit: type=1326 audit(1769981001.592:1047): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9551 comm="syz.5.2112" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73bcbdaeb9 code=0x7ffc0000 [ 128.457723][ T29] audit: type=1326 audit(1769981001.592:1048): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9551 comm="syz.5.2112" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73bcbdaeb9 code=0x7ffc0000 [ 128.481162][ T29] audit: type=1326 audit(1769981001.592:1049): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9551 comm="syz.5.2112" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7f73bcbdaeb9 code=0x7ffc0000 [ 128.520530][ T29] audit: type=1326 audit(1769981001.622:1050): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9551 comm="syz.5.2112" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73bcbdaeb9 code=0x7ffc0000 [ 128.544122][ T29] audit: type=1400 audit(1769981001.632:1051): avc: denied { write } for pid=9556 comm="syz.6.2113" path="socket:[23382]" dev="sockfs" ino=23382 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 128.571024][ T9562] loop6: detected capacity change from 0 to 1024 [ 128.612488][ T9562] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 128.848701][ T5433] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 129.308123][ T9607] netlink: 'syz.4.2135': attribute type 27 has an invalid length. [ 129.356867][ T9607] bridge0: port 2(bridge_slave_1) entered disabled state [ 129.364223][ T9607] bridge0: port 1(bridge_slave_0) entered disabled state [ 129.411760][ T9607] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 129.422531][ T9607] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 129.450603][ T9607] batman_adv: batadv0: Interface deactivated: ipvlan2 [ 129.459901][ T9607] ip6gre1: left promiscuous mode [ 129.465032][ T9607] ip6gre1: left allmulticast mode [ 129.493799][ T8439] netdevsim netdevsim4 eth0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 129.502318][ T8439] netdevsim netdevsim4 eth0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 129.528393][ T8439] netdevsim netdevsim4 eth1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 129.536964][ T8439] netdevsim netdevsim4 eth1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 129.546559][ T8439] netdevsim netdevsim4 eth2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 129.554970][ T8439] netdevsim netdevsim4 eth2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 129.564330][ T8439] netdevsim netdevsim4 eth3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 129.572899][ T8439] netdevsim netdevsim4 eth3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 129.615710][ T9621] netlink: 36 bytes leftover after parsing attributes in process `syz.4.2136'. [ 131.110931][ T9727] 9p: Bad value for 'rfdno' [ 131.169242][ T9735] netlink: 'syz.0.2181': attribute type 6 has an invalid length. [ 131.196375][ T3417] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 131.211560][ T3417] hid-generic 0000:0000:0000.0004: hidraw0: HID v0.00 Device [syz1] on syz0 [ 131.258889][ T9740] fido_id[9740]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 131.344104][ T9753] loop3: detected capacity change from 0 to 1024 [ 131.353144][ T9753] EXT4-fs: Ignoring removed nomblk_io_submit option [ 131.387369][ T9753] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 131.417082][ T3316] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 131.771557][ T9796] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=9796 comm=syz.4.2206 [ 131.861297][ T9799] loop3: detected capacity change from 0 to 8192 [ 131.923701][ T9807] loop6: detected capacity change from 0 to 256 [ 131.956008][ T9807] FAT-fs (loop6): Invalid FSINFO signature: 0x00fffff8, 0x00000000 (sector = 1) [ 131.965204][ T9807] FAT-fs (loop6): bogus number of directory entries (1) [ 131.972984][ T9807] FAT-fs (loop6): Can't find a valid FAT filesystem [ 132.110633][ T9825] No such timeout policy "syz1" [ 132.243722][ T9843] netlink: 'syz.6.2225': attribute type 6 has an invalid length. [ 132.462348][ T9871] netlink: 'syz.5.2239': attribute type 6 has an invalid length. [ 132.497460][ T9868] loop3: detected capacity change from 0 to 8192 [ 132.547248][ T9880] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2243'. [ 132.556248][ T9880] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2243'. [ 132.626140][ T9880] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2243'. [ 132.635052][ T9880] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2243'. [ 132.679725][ T9887] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2246'. [ 133.147298][ T9924] No such timeout policy "syz1" [ 133.418144][ T9946] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=9946 comm=syz.3.2270 [ 133.511775][ T9955] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2274'. [ 133.520832][ T9955] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2274'. [ 133.564055][ T9955] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2274'. [ 133.573039][ T9955] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2274'. [ 133.740945][ T29] kauditd_printk_skb: 52 callbacks suppressed [ 133.740964][ T29] audit: type=1326 audit(1769981007.002:1104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9970 comm="syz.4.2281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fccf79caeb9 code=0x7ffc0000 [ 133.771665][ T29] audit: type=1326 audit(1769981007.002:1105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9970 comm="syz.4.2281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fccf79caeb9 code=0x7ffc0000 [ 133.795252][ T29] audit: type=1326 audit(1769981007.002:1106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9970 comm="syz.4.2281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fccf79caeb9 code=0x7ffc0000 [ 133.819403][ T29] audit: type=1326 audit(1769981007.002:1107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9970 comm="syz.4.2281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fccf79caeb9 code=0x7ffc0000 [ 133.843070][ T29] audit: type=1326 audit(1769981007.002:1108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9970 comm="syz.4.2281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=198 compat=0 ip=0x7fccf79caeb9 code=0x7ffc0000 [ 133.867408][ T29] audit: type=1326 audit(1769981007.002:1109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9970 comm="syz.4.2281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fccf79caeb9 code=0x7ffc0000 [ 133.890959][ T29] audit: type=1326 audit(1769981007.002:1110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9970 comm="syz.4.2281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fccf79caeb9 code=0x7ffc0000 [ 133.915261][ T29] audit: type=1326 audit(1769981007.002:1111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9970 comm="syz.4.2281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fccf79caeb9 code=0x7ffc0000 [ 133.939325][ T29] audit: type=1326 audit(1769981007.002:1112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9970 comm="syz.4.2281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fccf79caeb9 code=0x7ffc0000 [ 133.962882][ T29] audit: type=1326 audit(1769981007.002:1113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9970 comm="syz.4.2281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7fccf79caeb9 code=0x7ffc0000 [ 134.073489][ T9993] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=9993 comm=syz.4.2291 [ 134.128489][ T9994] loop6: detected capacity change from 0 to 8192 [ 134.302310][T10013] usb usb1: usbfs: interface 0 claimed by hub while 'syz.6.2300' sets config #1 [ 134.366163][T10022] netlink: 'syz.6.2305': attribute type 6 has an invalid length. [ 134.373978][T10022] netlink: 56 bytes leftover after parsing attributes in process `syz.6.2305'. [ 134.519892][T10040] loop6: detected capacity change from 0 to 128 [ 134.543566][T10041] loop3: detected capacity change from 0 to 2048 [ 134.564411][T10041] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 134.646193][ T3316] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 135.210444][T10131] Invalid ELF header magic: != ELF [ 135.271772][T10139] sctp: [Deprecated]: syz.5.2348 (pid 10139) Use of struct sctp_assoc_value in delayed_ack socket option. [ 135.271772][T10139] Use struct sctp_sack_info instead [ 135.590961][T10158] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=10158 comm=syz.6.2355 [ 135.765979][T10171] tipc: Enabling of bearer rejected, failed to enable media [ 135.936339][T10188] A link change request failed with some changes committed already. Interface sit3 may have been left with an inconsistent configuration, please check. [ 136.076017][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 136.085933][ C1] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 136.100167][T10205] sctp: [Deprecated]: syz.6.2374 (pid 10205) Use of struct sctp_assoc_value in delayed_ack socket option. [ 136.100167][T10205] Use struct sctp_sack_info instead [ 136.193258][T10209] loop3: detected capacity change from 0 to 2048 [ 136.212729][T10215] loop6: detected capacity change from 0 to 2048 [ 136.269331][T10209] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 136.290708][T10215] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 136.304639][T10215] EXT4-fs error (device loop6): ext4_find_extent:939: inode #2: comm syz.6.2379: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4) [ 136.336598][ T3316] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 136.354856][T10215] EXT4-fs (loop6): Remounting filesystem read-only [ 136.412645][ T5433] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 136.449531][ T9617] IPVS: starting estimator thread 0... [ 136.526945][T10241] tipc: Enabling of bearer rejected, failed to enable media [ 136.586598][T10231] IPVS: using max 2016 ests per chain, 100800 per kthread [ 136.636485][T10247] xt_hashlimit: size too large, truncated to 1048576 [ 137.167734][ T9617] IPVS: starting estimator thread 0... [ 137.265532][T10296] loop3: detected capacity change from 0 to 256 [ 137.272054][T10286] IPVS: using max 2208 ests per chain, 110400 per kthread [ 137.279948][T10296] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 137.319873][T10296] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 137.384069][T10298] A link change request failed with some changes committed already. Interface sit1 may have been left with an inconsistent configuration, please check. [ 137.503679][T10310] netlink: 'syz.3.2417': attribute type 12 has an invalid length. [ 137.511667][T10310] netlink: 'syz.3.2417': attribute type 29 has an invalid length. [ 137.519613][T10310] netlink: 'syz.3.2417': attribute type 2 has an invalid length. [ 137.656552][T10314] syzkaller0: entered promiscuous mode [ 137.662232][T10314] syzkaller0: entered allmulticast mode [ 137.692735][ T8461] IPVS: stop unused estimator thread 0... [ 137.947009][T10344] __nla_validate_parse: 8 callbacks suppressed [ 137.947029][T10344] netlink: 16 bytes leftover after parsing attributes in process `syz.6.2431'. [ 137.976369][T10344] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2431'. [ 137.985795][T10344] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2431'. [ 138.052109][T10355] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=10355 comm=syz.6.2437 [ 138.231200][T10370] SELinux: Context  is not valid (left unmapped). [ 138.371247][T10384] A link change request failed with some changes committed already. Interface gre3 may have been left with an inconsistent configuration, please check. [ 138.466522][T10392] loop6: detected capacity change from 0 to 512 [ 138.499136][T10392] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 138.550839][ T5433] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 138.663303][T10412] xt_hashlimit: size too large, truncated to 1048576 [ 138.743749][T10424] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=10424 comm=syz.0.2465 [ 138.763534][ T29] kauditd_printk_skb: 95 callbacks suppressed [ 138.763554][ T29] audit: type=1400 audit(1769981012.012:1209): avc: denied { cpu } for pid=10422 comm="syz.6.2466" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1 [ 139.321303][T10460] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2481'. [ 139.426156][T10468] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2484'. [ 139.438058][T10468] xfrm1: entered promiscuous mode [ 139.443150][T10468] xfrm1: entered allmulticast mode [ 139.448878][T10468] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2484'. [ 139.483383][T10472] A link change request failed with some changes committed already. Interface gre1 may have been left with an inconsistent configuration, please check. [ 139.742594][T10503] loop3: detected capacity change from 0 to 1024 [ 139.749732][T10503] EXT4-fs: inline encryption not supported [ 139.755686][T10503] EXT4-fs: Ignoring removed i_version option [ 139.777252][T10503] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 139.796810][T10503] EXT4-fs error (device loop3): mb_free_blocks:2037: group 0, inode 15: block 177:freeing already freed block (bit 11); block bitmap corrupt. [ 139.829414][ T3316] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 139.875252][ T29] audit: type=1326 audit(1769981013.142:1210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10511 comm="syz.5.2504" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73bcbdaeb9 code=0x7ffc0000 [ 139.903565][ T29] audit: type=1326 audit(1769981013.142:1211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10511 comm="syz.5.2504" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73bcbdaeb9 code=0x7ffc0000 [ 139.927919][ T29] audit: type=1326 audit(1769981013.142:1212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10511 comm="syz.5.2504" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f73bcbdaeb9 code=0x7ffc0000 [ 139.951617][ T29] audit: type=1326 audit(1769981013.142:1213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10511 comm="syz.5.2504" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73bcbdaeb9 code=0x7ffc0000 [ 139.976020][ T29] audit: type=1326 audit(1769981013.142:1214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10511 comm="syz.5.2504" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73bcbdaeb9 code=0x7ffc0000 [ 140.000560][ T29] audit: type=1326 audit(1769981013.142:1215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10511 comm="syz.5.2504" exe="/root/syz-executor" sig=0 arch=c000003e syscall=434 compat=0 ip=0x7f73bcbdaeb9 code=0x7ffc0000 [ 140.024949][ T29] audit: type=1326 audit(1769981013.142:1216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10511 comm="syz.5.2504" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73bcbdaeb9 code=0x7ffc0000 [ 140.049231][ T29] audit: type=1326 audit(1769981013.142:1217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10511 comm="syz.5.2504" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73bcbdaeb9 code=0x7ffc0000 [ 140.072963][ T29] audit: type=1326 audit(1769981013.142:1218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10511 comm="syz.5.2504" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7f73bcbdaeb9 code=0x7ffc0000 [ 140.116828][T10521] loop3: detected capacity change from 0 to 512 [ 140.124086][T10521] EXT4-fs (loop3): blocks per group (35) and clusters per group (32768) inconsistent [ 140.370834][T10540] loop3: detected capacity change from 0 to 512 [ 140.409086][T10540] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 140.462218][T10550] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2516'. [ 140.471277][T10550] netlink: 'syz.5.2516': attribute type 11 has an invalid length. [ 140.479182][T10550] netlink: 'syz.5.2516': attribute type 14 has an invalid length. [ 140.521116][ T3316] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 140.632914][T10550] vxlan0: entered promiscuous mode [ 140.679153][ T37] netdevsim netdevsim5 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 140.696675][ T37] netdevsim netdevsim5 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 140.741485][ T37] netdevsim netdevsim5 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 140.761929][ T37] netdevsim netdevsim5 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 140.782726][T10566] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2523'. [ 140.822864][T10566] xfrm1: entered promiscuous mode [ 140.828032][T10566] xfrm1: entered allmulticast mode [ 140.876440][T10566] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2523'. [ 140.969738][T10570] netlink: 'syz.0.2527': attribute type 8 has an invalid length. [ 140.977590][T10570] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2527'. [ 141.150454][T10585] loop3: detected capacity change from 0 to 164 [ 141.164572][T10585] rock: directory entry would overflow storage [ 141.170824][T10585] rock: sig=0x4d4e, size=5, remaining=4 [ 142.155995][T10628] delete_channel: no stack [ 142.264971][T10637] syzkaller0: entered promiscuous mode [ 142.271404][T10637] syzkaller0: entered allmulticast mode [ 142.348642][T10645] syz.6.2566 (10645) used greatest stack depth: 9096 bytes left [ 142.581758][T10673] loop3: detected capacity change from 0 to 1024 [ 142.646376][T10673] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 142.690817][T10685] loop6: detected capacity change from 0 to 512 [ 142.697707][ T3316] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 142.718754][T10685] EXT4-fs (loop6): mounting ext2 file system using the ext4 subsystem [ 142.747134][T10685] EXT4-fs error (device loop6): mb_free_blocks:2037: group 0, inode 11: block 64:freeing already freed block (bit 63); block bitmap corrupt. [ 142.764020][T10685] EXT4-fs error (device loop6): ext4_do_update_inode:5617: inode #11: comm syz.6.2575: corrupted inode contents [ 142.776602][T10685] EXT4-fs error (device loop6): ext4_dirty_inode:6502: inode #11: comm syz.6.2575: mark_inode_dirty error [ 142.811249][T10685] EXT4-fs error (device loop6): ext4_free_branches:1023: inode #11: comm syz.6.2575: invalid indirect mapped block 1 (level 1) [ 142.824906][T10685] EXT4-fs error (device loop6): ext4_do_update_inode:5617: inode #11: comm syz.6.2575: corrupted inode contents [ 142.837553][T10685] EXT4-fs error (device loop6) in ext4_orphan_del:303: Corrupt filesystem [ 142.847195][T10685] EXT4-fs error (device loop6): ext4_do_update_inode:5617: inode #11: comm syz.6.2575: corrupted inode contents [ 142.859544][T10685] EXT4-fs error (device loop6): ext4_truncate:4635: inode #11: comm syz.6.2575: mark_inode_dirty error [ 142.884312][T10685] EXT4-fs error (device loop6) in ext4_process_orphan:345: Corrupt filesystem [ 142.893946][T10694] loop3: detected capacity change from 0 to 512 [ 142.900633][T10685] EXT4-fs (loop6): 1 truncate cleaned up [ 142.907115][T10685] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 142.920845][T10694] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 143.094779][T10707] netlink: 'syz.5.2579': attribute type 18 has an invalid length. [ 143.102704][T10707] __nla_validate_parse: 3 callbacks suppressed [ 143.102719][T10707] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2579'. [ 143.120069][T10707] netlink: 'syz.5.2579': attribute type 18 has an invalid length. [ 143.127971][T10707] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2579'. [ 143.208812][T10714] loop3: detected capacity change from 0 to 1024 [ 143.228047][T10714] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 143.293573][ T3316] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 143.310688][T10722] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2584'. [ 143.320522][T10722] netlink: 'syz.0.2584': attribute type 11 has an invalid length. [ 143.328435][T10722] netlink: 'syz.0.2584': attribute type 14 has an invalid length. [ 143.535498][ T5433] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 143.942953][T10769] netlink: 24 bytes leftover after parsing attributes in process `syz.6.2605'. [ 144.031109][T10774] loop6: detected capacity change from 0 to 256 [ 144.297518][T10787] 9p: Bad value for 'rfdno' [ 144.324635][T10791] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 144.351986][T10791] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 144.603023][T10809] netlink: 14 bytes leftover after parsing attributes in process `syz.5.2623'. [ 144.691082][ T29] kauditd_printk_skb: 29 callbacks suppressed [ 144.691112][ T29] audit: type=1326 audit(1769981017.962:1248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10812 comm="syz.0.2625" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f65283eaeb9 code=0x0 [ 144.819302][T10816] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2626'. [ 144.929466][T10820] loop6: detected capacity change from 0 to 1024 [ 144.936614][T10818] IPVS: wrr: UDP 224.0.0.2:0 - no destination available [ 145.071501][T10829] loop6: detected capacity change from 0 to 764 [ 145.081030][T10829] rock: directory entry would overflow storage [ 145.087968][T10829] rock: sig=0x4654, size=5, remaining=4 [ 145.155807][T10835] netlink: 20 bytes leftover after parsing attributes in process `syz.5.2636'. [ 145.314995][T10858] smc: net device bond0 applied user defined pnetid SYZ2 [ 145.359784][ T29] audit: type=1400 audit(1769981018.632:1249): avc: denied { read } for pid=10863 comm="syz.6.2649" name="nvram" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1 [ 145.376750][T10858] netlink: 14 bytes leftover after parsing attributes in process `syz.4.2645'. [ 145.417317][T10858] smc: removing net device bond0 with user defined pnetid SYZ2 [ 145.425698][T10858] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 145.430085][T10870] loop6: detected capacity change from 0 to 128 [ 145.442424][T10858] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 145.458039][T10870] FAT-fs (loop6): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 145.471600][T10858] bond0 (unregistering): Released all slaves [ 145.482549][T10873] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2652'. [ 145.494628][T10870] FAT-fs (loop6): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 145.594978][T10884] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2657'. [ 145.742268][ T29] audit: type=1326 audit(1769981019.012:1250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10905 comm="syz.6.2667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f963cc4aeb9 code=0x7ffc0000 [ 145.765936][ T29] audit: type=1326 audit(1769981019.012:1251): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10905 comm="syz.6.2667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f963cc4aeb9 code=0x7ffc0000 [ 145.789540][ T29] audit: type=1326 audit(1769981019.012:1252): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10905 comm="syz.6.2667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f963cc4aeb9 code=0x7ffc0000 [ 145.820141][ T29] audit: type=1326 audit(1769981019.082:1253): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10905 comm="syz.6.2667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f963cc4aeb9 code=0x7ffc0000 [ 145.843837][ T29] audit: type=1326 audit(1769981019.082:1254): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10905 comm="syz.6.2667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f963cc4aeb9 code=0x7ffc0000 [ 145.867386][ T29] audit: type=1326 audit(1769981019.082:1255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10905 comm="syz.6.2667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f963cc4aeb9 code=0x7ffc0000 [ 145.891047][ T29] audit: type=1326 audit(1769981019.082:1256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10905 comm="syz.6.2667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f963cc4aeb9 code=0x7ffc0000 [ 145.910359][T10908] bridge2: entered promiscuous mode [ 145.914583][ T29] audit: type=1326 audit(1769981019.082:1257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10905 comm="syz.6.2667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f963cc4aeb9 code=0x7ffc0000 [ 145.956570][T10908] bridge2: entered allmulticast mode [ 146.966880][T10982] netlink: 'syz.3.2698': attribute type 4 has an invalid length. [ 146.981657][T10982] netlink: 'syz.3.2698': attribute type 4 has an invalid length. [ 147.020415][T10984] loop3: detected capacity change from 0 to 2048 [ 147.040872][T10984] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 147.060550][T10984] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1306: group 0, block bitmap and bg descriptor inconsistent: 25 vs 281 free clusters [ 147.086041][ T3316] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 147.701241][T11020] loop3: detected capacity change from 0 to 1024 [ 147.717961][T11020] EXT4-fs (loop3): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 147.733513][T11020] ext4 filesystem being mounted at /571/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 147.748608][T11020] EXT4-fs error (device loop3): ext4_map_blocks:825: inode #15: block 3: comm syz.3.2714: lblock 3 mapped to illegal pblock 3 (length 3) [ 147.762932][T11020] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117 [ 147.775448][T11020] EXT4-fs (loop3): This should not happen!! Data will be lost [ 147.775448][T11020] [ 147.787777][T11020] EXT4-fs error (device loop3): ext4_map_blocks:783: inode #15: block 3: comm syz.3.2714: lblock 3 mapped to illegal pblock 3 (length 1) [ 147.802104][T11020] EXT4-fs error (device loop3): ext4_map_blocks:783: inode #15: block 3: comm syz.3.2714: lblock 3 mapped to illegal pblock 3 (length 1) [ 147.816829][T11020] EXT4-fs error (device loop3): ext4_map_blocks:783: inode #15: block 3: comm syz.3.2714: lblock 3 mapped to illegal pblock 3 (length 1) [ 147.831734][T11020] EXT4-fs error (device loop3): ext4_map_blocks:783: inode #15: block 3: comm syz.3.2714: lblock 3 mapped to illegal pblock 3 (length 1) [ 147.841140][T11019] EXT4-fs error (device loop3): ext4_map_blocks:783: inode #15: block 4: comm syz.3.2714: lblock 4 mapped to illegal pblock 4 (length 2) [ 147.853755][T11020] EXT4-fs error (device loop3): ext4_map_blocks:783: inode #15: block 3: comm syz.3.2714: lblock 3 mapped to illegal pblock 3 (length 1) [ 147.863593][T11019] EXT4-fs error (device loop3): ext4_map_blocks:783: inode #15: block 4: comm syz.3.2714: lblock 4 mapped to illegal pblock 4 (length 2) [ 147.874969][T11020] EXT4-fs error (device loop3): ext4_map_blocks:783: inode #15: block 3: comm syz.3.2714: lblock 3 mapped to illegal pblock 3 (length 1) [ 147.890085][T11019] EXT4-fs error (device loop3): ext4_map_blocks:783: inode #15: block 4: comm syz.3.2714: lblock 4 mapped to illegal pblock 4 (length 2) [ 148.569592][ T58] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 8 with error 117 [ 148.582740][ T58] EXT4-fs (loop3): This should not happen!! Data will be lost [ 148.582740][ T58] [ 148.593778][ T3316] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 149.029479][T10915] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512 [ 149.101551][T11037] netlink: 'syz.4.2722': attribute type 83 has an invalid length. [ 149.220384][T11052] loop3: detected capacity change from 0 to 512 [ 149.259108][T11052] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 149.273729][T11052] ext4 filesystem being mounted at /575/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 149.376584][T11065] __nla_validate_parse: 3 callbacks suppressed [ 149.376604][T11065] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2733'. [ 149.391751][T11065] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2733'. [ 149.580526][ T3316] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 149.604744][T11095] netlink: 96 bytes leftover after parsing attributes in process `syz.4.2746'. [ 149.759211][T11095] bridge1: entered promiscuous mode [ 149.765020][T11095] bridge1: entered allmulticast mode [ 150.097627][ T29] kauditd_printk_skb: 72 callbacks suppressed [ 150.097648][ T29] audit: type=1326 audit(1769981023.372:1330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11133 comm="syz.5.2760" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73bcbdaeb9 code=0x7ffc0000 [ 150.128957][ T29] audit: type=1326 audit(1769981023.372:1331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11133 comm="syz.5.2760" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73bcbdaeb9 code=0x7ffc0000 [ 150.152557][ T29] audit: type=1326 audit(1769981023.372:1332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11133 comm="syz.5.2760" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73bcbdaeb9 code=0x7ffc0000 [ 150.176236][ T29] audit: type=1326 audit(1769981023.402:1333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11133 comm="syz.5.2760" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f73bcbdaeb9 code=0x7ffc0000 [ 150.199795][ T29] audit: type=1326 audit(1769981023.402:1334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11133 comm="syz.5.2760" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73bcbdaeb9 code=0x7ffc0000 [ 150.223349][ T29] audit: type=1326 audit(1769981023.402:1335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11133 comm="syz.5.2760" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73bcbdaeb9 code=0x7ffc0000 [ 150.247220][ T29] audit: type=1326 audit(1769981023.412:1336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11133 comm="syz.5.2760" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73bcbdaeb9 code=0x7ffc0000 [ 150.270745][ T29] audit: type=1326 audit(1769981023.412:1337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11133 comm="syz.5.2760" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73bcbdaeb9 code=0x7ffc0000 [ 150.294324][ T29] audit: type=1326 audit(1769981023.462:1338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11133 comm="syz.5.2760" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73bcbdaeb9 code=0x7ffc0000 [ 150.317859][ T29] audit: type=1326 audit(1769981023.462:1339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11133 comm="syz.5.2760" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73bcbdaeb9 code=0x7ffc0000 [ 150.980913][T11164] netlink: 96 bytes leftover after parsing attributes in process `syz.0.2769'. [ 151.061680][T11164] bridge2: entered promiscuous mode [ 151.067628][T11164] bridge2: entered allmulticast mode [ 151.249495][T11167] loop3: detected capacity change from 0 to 1024 [ 151.283652][T11167] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 151.313871][T11167] EXT4-fs (loop3): shut down requested (0) [ 151.336228][ T3316] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 151.376073][ T3460] Bluetooth: hci0: Frame reassembly failed (-84) [ 152.043094][T11204] netlink: 'syz.5.2789': attribute type 12 has an invalid length. [ 152.051059][T11204] netlink: 'syz.5.2789': attribute type 29 has an invalid length. [ 152.058934][T11204] netlink: 148 bytes leftover after parsing attributes in process `syz.5.2789'. [ 152.473873][T11238] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2800'. [ 153.435327][T11279] netlink: 96 bytes leftover after parsing attributes in process `syz.6.2815'. [ 153.446049][ T7082] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 153.448297][ T3754] Bluetooth: hci0: command 0x1003 tx timeout [ 153.534521][T11287] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2820'. [ 153.550334][T11279] bridge1: entered promiscuous mode [ 153.556007][T11279] bridge1: entered allmulticast mode [ 153.649259][T11298] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2822'. [ 153.659056][T11298] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2822'. [ 153.671395][T11298] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=11298 comm=syz.0.2822 [ 154.118503][T11350] loop3: detected capacity change from 0 to 512 [ 154.143831][T11350] EXT4-fs error (device loop3): ext4_orphan_get:1391: inode #15: comm syz.3.2847: iget: bad i_size value: -4294967286 [ 154.159103][T11350] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.2847: couldn't read orphan inode 15 (err -117) [ 154.171639][T11350] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 154.198630][ T3316] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 154.667937][T11391] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=11391 comm=syz.4.2863 [ 155.197049][T11456] loop6: detected capacity change from 0 to 1024 [ 155.204187][T11456] EXT4-fs: Ignoring removed bh option [ 155.231020][T11456] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 155.267267][T11456] EXT4-fs error (device loop6): mb_free_blocks:2037: group 0, inode 15: block 241:freeing already freed block (bit 15); block bitmap corrupt. [ 155.302972][ T5433] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 155.326025][T11469] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=11469 comm=syz.0.2907 [ 155.398598][ T29] kauditd_printk_skb: 475 callbacks suppressed [ 155.398617][ T29] audit: type=1400 audit(1769981028.672:1815): avc: denied { setopt } for pid=11479 comm="syz.5.2903" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1 [ 155.425744][ T29] audit: type=1400 audit(1769981028.702:1816): avc: denied { write } for pid=11479 comm="syz.5.2903" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1 [ 155.517632][T11490] __nla_validate_parse: 7 callbacks suppressed [ 155.517652][T11490] netlink: 92 bytes leftover after parsing attributes in process `syz.6.2909'. [ 155.585907][T11499] loop6: detected capacity change from 0 to 1764 [ 155.599990][T11498] syz.3.2911 (11498) used greatest stack depth: 8760 bytes left [ 155.787883][ T29] audit: type=1326 audit(1769981029.062:1817): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11528 comm="syz.6.2925" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f963cc4aeb9 code=0x7ffc0000 [ 155.812933][ T29] audit: type=1326 audit(1769981029.062:1818): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11528 comm="syz.6.2925" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f963cc4aeb9 code=0x7ffc0000 [ 155.836721][ T29] audit: type=1400 audit(1769981029.062:1819): avc: denied { create } for pid=11526 comm="syz.0.2926" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1 [ 155.879056][ T29] audit: type=1326 audit(1769981029.092:1820): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11528 comm="syz.6.2925" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f963cc4aeb9 code=0x7ffc0000 [ 155.905792][ T29] audit: type=1326 audit(1769981029.162:1821): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11528 comm="syz.6.2925" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f963cc4aeb9 code=0x7ffc0000 [ 155.929409][ T29] audit: type=1326 audit(1769981029.162:1822): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11528 comm="syz.6.2925" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f963cc4aeb9 code=0x7ffc0000 [ 155.952949][ T29] audit: type=1326 audit(1769981029.182:1823): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11528 comm="syz.6.2925" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f963cc4aeb9 code=0x7ffc0000 [ 155.976484][ T29] audit: type=1326 audit(1769981029.182:1824): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11528 comm="syz.6.2925" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f963cc4aeb9 code=0x7ffc0000 [ 155.985113][T11534] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2927'. [ 156.009697][T11534] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2927'. [ 156.023487][T11534] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2927'. [ 156.032498][T11534] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2927'. [ 156.041600][T11534] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=11534 comm=syz.4.2927 [ 156.118062][T11542] loop6: detected capacity change from 0 to 1024 [ 156.160571][T11542] EXT4-fs: Ignoring removed bh option [ 156.183449][T11542] EXT4-fs (loop6): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 156.207632][T11542] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 156.306018][ T5433] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 156.362077][T11558] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 156.472116][T11567] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2940'. [ 156.481307][T11567] netlink: 24 bytes leftover after parsing attributes in process `syz.6.2940'. [ 156.493167][T11567] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2940'. [ 156.502204][T11567] netlink: 24 bytes leftover after parsing attributes in process `syz.6.2940'. [ 156.511610][T11567] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=11567 comm=syz.6.2940 [ 157.476653][ T9617] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 157.524750][T11617] netlink: 92 bytes leftover after parsing attributes in process `syz.0.2964'. [ 157.739391][T11645] loop3: detected capacity change from 0 to 1024 [ 157.747463][T11645] EXT4-fs: Ignoring removed bh option [ 157.774187][T11645] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 157.804288][T11651] loop6: detected capacity change from 0 to 128 [ 157.816317][T11651] EXT4-fs: Ignoring removed orlov option [ 157.821571][T11645] EXT4-fs error (device loop3): mb_free_blocks:2037: group 0, inode 15: block 241: [ 157.822068][T11651] EXT4-fs: Ignoring removed nomblk_io_submit option [ 157.822098][T11651] EXT4-fs: Ignoring removed nomblk_io_submit option [ 157.831440][T11645] freeing already freed block (bit 15); block bitmap corrupt. [ 157.904132][ T3316] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 157.930910][T11651] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 157.965375][T11651] ext4 filesystem being mounted at /433/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 158.055986][ T9618] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 158.355143][T11682] loop3: detected capacity change from 0 to 8192 [ 158.372648][T11682] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 158.608033][ T5433] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 159.870262][T11790] loop3: detected capacity change from 0 to 128 [ 160.007221][ T58] kworker/u8:4: attempt to access beyond end of device [ 160.007221][ T58] loop3: rw=1, sector=145, nr_sectors = 16 limit=128 [ 160.022445][ T58] kworker/u8:4: attempt to access beyond end of device [ 160.022445][ T58] loop3: rw=1, sector=169, nr_sectors = 8 limit=128 [ 160.036096][ T58] kworker/u8:4: attempt to access beyond end of device [ 160.036096][ T58] loop3: rw=1, sector=185, nr_sectors = 8 limit=128 [ 160.051391][ T58] kworker/u8:4: attempt to access beyond end of device [ 160.051391][ T58] loop3: rw=1, sector=201, nr_sectors = 8 limit=128 [ 160.065501][ T58] kworker/u8:4: attempt to access beyond end of device [ 160.065501][ T58] loop3: rw=1, sector=217, nr_sectors = 8 limit=128 [ 160.080152][ T58] kworker/u8:4: attempt to access beyond end of device [ 160.080152][ T58] loop3: rw=1, sector=233, nr_sectors = 8 limit=128 [ 160.094850][ T58] kworker/u8:4: attempt to access beyond end of device [ 160.094850][ T58] loop3: rw=1, sector=249, nr_sectors = 8 limit=128 [ 160.109293][ T58] kworker/u8:4: attempt to access beyond end of device [ 160.109293][ T58] loop3: rw=1, sector=265, nr_sectors = 8 limit=128 [ 160.123180][ T58] kworker/u8:4: attempt to access beyond end of device [ 160.123180][ T58] loop3: rw=1, sector=281, nr_sectors = 8 limit=128 [ 160.137620][ T58] kworker/u8:4: attempt to access beyond end of device [ 160.137620][ T58] loop3: rw=1, sector=297, nr_sectors = 8 limit=128 [ 160.356925][ T23] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 160.725495][ T29] kauditd_printk_skb: 51 callbacks suppressed [ 160.725516][ T29] audit: type=1400 audit(1769981033.992:1876): avc: denied { read } for pid=11830 comm="syz.6.3051" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 160.956005][ T6589] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 161.538852][ T29] audit: type=1400 audit(1769981034.812:1877): avc: denied { mount } for pid=11897 comm="syz.3.3081" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 161.590500][ T29] audit: type=1400 audit(1769981034.862:1878): avc: denied { unmount } for pid=3316 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 161.965228][T11921] __nla_validate_parse: 5 callbacks suppressed [ 161.965246][T11921] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3091'. [ 162.000267][ T29] audit: type=1326 audit(1769981035.272:1879): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11922 comm="syz.0.3092" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f65283eaeb9 code=0x0 [ 162.326830][ T8461] netdevsim netdevsim1 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 162.338086][ T8461] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 162.390867][ T8461] netdevsim netdevsim1 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 162.401352][ T8461] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 162.474394][ T8461] netdevsim netdevsim1 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 162.485738][ T8461] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 162.533429][T11940] netlink: 36 bytes leftover after parsing attributes in process `syz.5.3098'. [ 162.560678][ T8461] netdevsim netdevsim1 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 162.571947][ T8461] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 162.654161][ T8461] bridge_slave_1: left allmulticast mode [ 162.659987][ T8461] bridge_slave_1: left promiscuous mode [ 162.665791][ T8461] bridge0: port 2(bridge_slave_1) entered disabled state [ 162.675584][ T8461] bridge_slave_0: left allmulticast mode [ 162.681447][ T8461] bridge_slave_0: left promiscuous mode [ 162.687348][ T8461] bridge0: port 1(bridge_slave_0) entered disabled state [ 162.879193][ T8461] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 162.896457][ T8461] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 162.906780][ T8461] bond0 (unregistering): Released all slaves [ 162.970433][ T8461] hsr_slave_0: left promiscuous mode [ 162.979952][ T8461] hsr_slave_1: left promiscuous mode [ 162.996244][ T8461] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 163.003725][ T8461] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 163.012333][ T8461] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 163.019856][ T8461] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 163.048739][ T8461] batman_adv: batadv0: Removing interface: vlan3 [ 163.074881][ T8461] veth1_macvtap: left promiscuous mode [ 163.080701][ T8461] veth0_macvtap: left promiscuous mode [ 163.086496][ T8461] veth1_vlan: left promiscuous mode [ 163.093072][ T8461] veth0_vlan: left promiscuous mode [ 163.200212][ T8461] team0 (unregistering): Port device team_slave_1 removed [ 163.213151][ T8461] team0 (unregistering): Port device team_slave_0 removed [ 163.279082][T12002] loop6: detected capacity change from 0 to 128 [ 163.291349][T12002] vfat: Unknown parameter 'uni_xlat0BqHDUe' [ 163.571266][ T29] audit: type=1400 audit(1769981036.842:1880): avc: denied { write } for pid=11999 comm="syz.5.3111" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1 [ 163.793681][ T29] audit: type=1326 audit(1769981037.062:1881): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12024 comm="syz.4.3116" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fccf79caeb9 code=0x7ffc0000 [ 163.829573][ T29] audit: type=1326 audit(1769981037.102:1882): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12024 comm="syz.4.3116" exe="/root/syz-executor" sig=0 arch=c000003e syscall=328 compat=0 ip=0x7fccf79caeb9 code=0x7ffc0000 [ 163.853233][ T29] audit: type=1326 audit(1769981037.102:1883): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12024 comm="syz.4.3116" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fccf79caeb9 code=0x7ffc0000 [ 163.876830][ T29] audit: type=1326 audit(1769981037.102:1884): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12024 comm="syz.4.3116" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fccf79caeb9 code=0x7ffc0000 [ 164.007291][ T29] audit: type=1400 audit(1769981037.282:1885): avc: denied { mount } for pid=12063 comm="syz.6.3123" name="/" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=filesystem permissive=1 [ 164.221499][T12081] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3129'. [ 165.765215][T12170] loop3: detected capacity change from 0 to 1024 [ 165.785207][T12170] EXT4-fs: inline encryption not supported [ 165.818046][T12170] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 165.894620][ T3316] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 165.908630][ T29] kauditd_printk_skb: 12 callbacks suppressed [ 165.908649][ T29] audit: type=1326 audit(1769981039.182:1898): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12191 comm="syz.5.3173" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f73bcbdaeb9 code=0x0 [ 166.525620][ T29] audit: type=1400 audit(1769981039.792:1899): avc: denied { setopt } for pid=12222 comm="syz.0.3184" lport=38007 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1 [ 166.550138][ T29] audit: type=1400 audit(1769981039.792:1900): avc: denied { getopt } for pid=12222 comm="syz.0.3184" lport=38007 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1 [ 166.905029][T12249] loop6: detected capacity change from 0 to 1024 [ 166.949244][T12249] EXT4-fs: Ignoring removed orlov option [ 166.986109][T12249] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 167.057582][ T5433] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 167.075895][ T29] audit: type=1400 audit(1769981040.342:1901): avc: denied { load_policy } for pid=12261 comm="syz.3.3200" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1 [ 167.142631][T12262] SELinux: failed to load policy [ 167.161480][T12265] netlink: 20 bytes leftover after parsing attributes in process `syz.6.3201'. [ 167.183996][T12265] netlink: 20 bytes leftover after parsing attributes in process `syz.6.3201'. [ 167.203441][T12265] netlink: 20 bytes leftover after parsing attributes in process `syz.6.3201'. [ 167.231884][T12271] loop3: detected capacity change from 0 to 128 [ 167.260575][T12271] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 167.276454][T12271] ext4 filesystem being mounted at /654/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 167.327949][ T3316] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 167.395414][ T29] audit: type=1400 audit(1769981040.662:1902): avc: denied { mount } for pid=12287 comm="syz.6.3211" name="/" dev="securityfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=filesystem permissive=1 [ 167.450164][T12293] loop6: detected capacity change from 0 to 512 [ 167.480814][T12293] EXT4-fs error (device loop6): ext4_orphan_get:1391: inode #15: comm syz.6.3213: iget: bad i_size value: 38620345925642 [ 167.494611][T12293] EXT4-fs error (device loop6): ext4_orphan_get:1396: comm syz.6.3213: couldn't read orphan inode 15 (err -117) [ 167.524089][T12293] EXT4-fs (loop6): mounted filesystem 00000000-0000-00a1-0000-000000000000 r/w without journal. Quota mode: writeback. [ 167.540687][T12302] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3216'. [ 167.556025][ T29] audit: type=1400 audit(1769981040.812:1903): avc: denied { execute } for pid=12292 comm="syz.6.3213" path="/481/file1/cpu.stat" dev="loop6" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 167.579450][ T29] audit: type=1400 audit(1769981040.812:1904): avc: denied { ioctl } for pid=12292 comm="syz.6.3213" path="socket:[31149]" dev="sockfs" ino=31149 ioctlcmd=0x89ef scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1 [ 167.591438][T12302] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3216'. [ 167.615118][T12302] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3216'. [ 167.615074][ T3460] EXT4-fs error (device loop6): ext4_validate_block_bitmap:432: comm kworker/u8:8: bg 0: block 5: invalid block bitmap [ 167.615660][ T3460] EXT4-fs (loop6): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28 [ 167.649332][ T3460] EXT4-fs (loop6): This should not happen!! Data will be lost [ 167.649332][ T3460] [ 167.659033][ T3460] EXT4-fs (loop6): Total free blocks count 0 [ 167.665044][ T3460] EXT4-fs (loop6): Free/Dirty block details [ 167.671013][ T3460] EXT4-fs (loop6): free_blocks=0 [ 167.676038][ T3460] EXT4-fs (loop6): dirty_blocks=1 [ 167.681126][ T3460] EXT4-fs (loop6): Block reservation details [ 167.687193][ T3460] EXT4-fs (loop6): i_reserved_data_blocks=1 [ 167.700073][ T5433] EXT4-fs (loop6): unmounting filesystem 00000000-0000-00a1-0000-000000000000. [ 168.041551][T12349] netlink: 68 bytes leftover after parsing attributes in process `syz.5.3237'. [ 168.158607][T12357] loop3: detected capacity change from 0 to 1024 [ 168.207525][T12357] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 168.375232][T12376] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 168.409464][ T3316] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 168.456727][T12383] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(5) [ 168.463371][T12383] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 168.470952][T12383] vhci_hcd vhci_hcd.0: Device attached [ 168.504857][T12384] vhci_hcd: connection closed [ 168.505043][ T58] vhci_hcd vhci_hcd.3: stop threads [ 168.515150][ T58] vhci_hcd vhci_hcd.3: release socket [ 168.521298][ T58] vhci_hcd vhci_hcd.3: disconnect device [ 168.685321][ T29] audit: type=1400 audit(1769981041.952:1905): avc: denied { setopt } for pid=12410 comm="syz.4.3256" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 169.308835][ T29] audit: type=1326 audit(1769981042.582:1906): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12432 comm="syz.5.3274" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73bcbdaeb9 code=0x7ffc0000 [ 169.332688][ T29] audit: type=1326 audit(1769981042.582:1907): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12432 comm="syz.5.3274" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73bcbdaeb9 code=0x7ffc0000 [ 169.608997][T12458] loop6: detected capacity change from 0 to 256 [ 169.655939][T12458] vfat filesystem being mounted at /491/file1 supports timestamps until 2107-12-31 (0x10391447e) [ 169.696470][T12462] netlink: 16 bytes leftover after parsing attributes in process `syz.4.3276'. [ 169.738801][T12464] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 169.817056][T12464] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 170.468940][T12493] dvmrp1: entered allmulticast mode [ 170.477232][T12493] dvmrp1: left allmulticast mode [ 170.496039][T12513] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 170.511891][T12511] 9pnet: p9_errstr2errno: server reported unknown error 0x0000 [ 170.730691][T12529] loop3: detected capacity change from 0 to 512 [ 170.757737][T12529] EXT4-fs warning (device loop3): ext4_enable_quotas:7221: Failed to enable quota tracking (type=0, err=-13, ino=3). Please run e2fsck to fix. [ 170.772676][T12529] EXT4-fs (loop3): mount failed [ 171.275518][ T29] kauditd_printk_skb: 34 callbacks suppressed [ 171.275553][ T29] audit: type=1400 audit(6064948340.541:1942): avc: denied { connect } for pid=12568 comm="syz.5.3320" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 171.362657][T12575] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3332'. [ 171.389814][T12579] loop3: detected capacity change from 0 to 512 [ 171.409395][T12579] Quota error (device loop3): v2_read_file_info: Free block number 1 out of range (1, 6). [ 171.419618][T12579] EXT4-fs warning (device loop3): ext4_enable_quotas:7221: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 171.436858][T12579] EXT4-fs (loop3): mount failed [ 171.580686][ T29] audit: type=1326 audit(6064948340.851:1943): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12605 comm="syz.6.3333" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f963cc4aeb9 code=0x7ffc0000 [ 171.617473][ T29] audit: type=1326 audit(6064948340.871:1944): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12605 comm="syz.6.3333" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f963cc4aeb9 code=0x7ffc0000 [ 171.641811][ T29] audit: type=1326 audit(6064948340.871:1945): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12605 comm="syz.6.3333" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f963cc4aeb9 code=0x7ffc0000 [ 171.665689][ T29] audit: type=1326 audit(6064948340.871:1946): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12605 comm="syz.6.3333" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f963cc4aeb9 code=0x7ffc0000 [ 171.690036][ T29] audit: type=1326 audit(6064948340.871:1947): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12605 comm="syz.6.3333" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f963cc4aeb9 code=0x7ffc0000 [ 171.713487][ T29] audit: type=1326 audit(6064948340.871:1948): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12605 comm="syz.6.3333" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f963cc4aeb9 code=0x7ffc0000 [ 171.737879][ T29] audit: type=1326 audit(6064948340.871:1949): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12605 comm="syz.6.3333" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f963cc4aeb9 code=0x7ffc0000 [ 171.761509][ T29] audit: type=1326 audit(6064948340.871:1950): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12605 comm="syz.6.3333" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f963cc4aeb9 code=0x7ffc0000 [ 171.798090][T12614] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3336'. [ 172.290226][T12613] dvmrp1: entered allmulticast mode [ 172.304417][T12613] dvmrp1: left allmulticast mode [ 172.446485][T12656] gretap1: entered allmulticast mode [ 172.992893][T12679] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3363'. [ 173.002054][T12679] netlink: 'syz.0.3363': attribute type 7 has an invalid length. [ 173.010004][T12679] netlink: 'syz.0.3363': attribute type 8 has an invalid length. [ 173.017799][T12679] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3363'. [ 173.028924][T12679] gretap0: entered promiscuous mode [ 173.036505][T12679] gretap0: left promiscuous mode [ 173.350826][T12714] sch_tbf: burst 22 is lower than device lo mtu (11337746) ! [ 173.359617][T12714] sch_tbf: burst 22 is lower than device lo mtu (11337746) ! [ 173.656484][T12751] netlink: 'syz.4.3394': attribute type 13 has an invalid length. [ 173.664356][T12751] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3394'. [ 173.692025][T12751] netlink: 'syz.4.3394': attribute type 13 has an invalid length. [ 173.695238][ T58] netdevsim netdevsim4 eth0: set [0, 0] type 1 family 0 port 8472 - 0 [ 173.699988][T12751] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3394'. [ 173.730113][T12756] dvmrp1: entered allmulticast mode [ 173.757112][T12755] netlink: 24 bytes leftover after parsing attributes in process `syz.5.3395'. [ 173.773049][ T58] netdevsim netdevsim4 eth1: set [0, 0] type 1 family 0 port 8472 - 0 [ 173.786814][ T58] netdevsim netdevsim4 eth2: set [0, 0] type 1 family 0 port 8472 - 0 [ 173.795062][ T58] netdevsim netdevsim4 eth3: set [0, 0] type 1 family 0 port 8472 - 0 [ 173.841984][T12728] dvmrp1: left allmulticast mode [ 174.056985][T12792] loop6: detected capacity change from 0 to 256 [ 174.098589][T12792] msdos filesystem being mounted at /522/w5T)`)YFnA@T<3ڂ$rcnHwC" -8 supports timestamps until 2107-12-31 (0x10391447e) [ 174.343416][T12821] loop6: detected capacity change from 0 to 128 [ 174.349969][T12819] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3427'. [ 174.379761][T12821] vfat filesystem being mounted at /525/file1 supports timestamps until 2107-12-31 (0x10391447e) [ 174.457458][T12806] dvmrp1: entered allmulticast mode [ 174.475203][T12806] dvmrp1: left allmulticast mode [ 174.550889][T12840] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3437'. [ 174.608347][T12844] gretap2: entered promiscuous mode [ 175.340340][T12970] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3455'. [ 175.358308][T12970] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3455'. [ 176.105198][T13124] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=13124 comm=syz.4.3473 [ 176.194527][T13130] netlink: 'syz.4.3476': attribute type 4 has an invalid length. [ 176.281059][T13140] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3480'. [ 176.434341][ T29] kauditd_printk_skb: 35 callbacks suppressed [ 176.434359][ T29] audit: type=1326 audit(6064948345.701:1986): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13160 comm="syz.5.3491" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73bcbdaeb9 code=0x7ffc0000 [ 176.464129][ T29] audit: type=1326 audit(6064948345.701:1987): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13160 comm="syz.5.3491" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73bcbdaeb9 code=0x7ffc0000 [ 176.488372][ T29] audit: type=1326 audit(6064948345.721:1988): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13160 comm="syz.5.3491" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f73bcbdaeb9 code=0x7ffc0000 [ 176.511972][ T29] audit: type=1326 audit(6064948345.721:1989): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13160 comm="syz.5.3491" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73bcbdaeb9 code=0x7ffc0000 [ 176.535536][ T29] audit: type=1326 audit(6064948345.721:1990): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13160 comm="syz.5.3491" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73bcbdaeb9 code=0x7ffc0000 [ 176.559417][ T29] audit: type=1326 audit(6064948345.721:1991): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13160 comm="syz.5.3491" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f73bcbdaeb9 code=0x7ffc0000 [ 176.582857][ T29] audit: type=1326 audit(6064948345.721:1992): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13160 comm="syz.5.3491" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73bcbdaeb9 code=0x7ffc0000 [ 176.606379][ T29] audit: type=1326 audit(6064948345.721:1993): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13160 comm="syz.5.3491" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73bcbdaeb9 code=0x7ffc0000 [ 176.629927][ T29] audit: type=1326 audit(6064948345.721:1994): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13160 comm="syz.5.3491" exe="/root/syz-executor" sig=0 arch=c000003e syscall=259 compat=0 ip=0x7f73bcbdaeb9 code=0x7ffc0000 [ 176.653811][ T29] audit: type=1326 audit(6064948345.721:1995): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13160 comm="syz.5.3491" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73bcbdaeb9 code=0x7ffc0000 [ 176.689763][T13167] smc: adding net device bond0 with user defined pnetid SYZ2 [ 176.706126][T13167] 8021q: adding VLAN 0 to HW filter on device bond0 [ 176.724278][T13173] loop6: detected capacity change from 0 to 256 [ 176.731385][T13167] 8021q: adding VLAN 0 to HW filter on device bond0 [ 176.752304][T13167] bond0: (slave gre4): The slave device specified does not support setting the MAC address [ 176.764050][T13167] bond0: (slave gre4): Error -95 calling set_mac_address [ 176.793595][T13173] FAT-fs (loop6): Invalid FSINFO signature: 0x00fffff8, 0x00000000 (sector = 1) [ 176.805277][T13173] vfat filesystem being mounted at /530/file0 supports timestamps until 2107-12-31 (0x10391447e) [ 176.865713][ T8439] FAT-fs (loop6): Invalid FSINFO signature: 0x00fffff8, 0x00000000 (sector = 1) [ 176.913527][T13186] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=13186 comm=syz.6.3510 [ 176.977210][T13193] loop3: detected capacity change from 0 to 1024 [ 176.994708][T13193] EXT4-fs: Ignoring removed nomblk_io_submit option [ 177.053929][T13193] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003] [ 177.062345][T13193] System zones: 0-1, 3-36 [ 177.068856][T13193] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 177.216580][ T3316] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 177.663488][T13233] loop6: detected capacity change from 0 to 1024 [ 177.682417][T13233] EXT4-fs: Ignoring removed nomblk_io_submit option [ 177.693078][T13239] gretap2: entered promiscuous mode [ 177.698329][T13233] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003] [ 177.706774][T13233] System zones: 0-1, 3-36 [ 177.712469][T13233] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 177.842439][ T5433] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 177.941304][T13266] loop6: detected capacity change from 0 to 512 [ 177.973316][T13266] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 178.005969][T13266] __nla_validate_parse: 3 callbacks suppressed [ 178.005992][T13266] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3534'. [ 178.027280][T13278] gretap2: entered promiscuous mode [ 178.061408][ T5433] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 178.064853][T13280] netlink: 'syz.5.3538': attribute type 4 has an invalid length. [ 178.207927][T13293] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3544'. [ 178.628453][T13324] netlink: 'syz.0.3557': attribute type 4 has an invalid length. [ 178.740399][T13334] netlink: 'syz.5.3564': attribute type 13 has an invalid length. [ 178.748386][T13334] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3564'. [ 178.758335][T13334] netlink: 'syz.5.3564': attribute type 13 has an invalid length. [ 178.766252][T13334] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3564'. [ 179.257001][T13366] netlink: 'syz.4.3578': attribute type 9 has an invalid length. [ 179.264872][T13366] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3578'. [ 179.274481][T13367] sch_tbf: burst 22 is lower than device lo mtu (65550) ! [ 179.282297][T13367] sch_tbf: burst 22 is lower than device lo mtu (65550) ! [ 179.300558][T13366] netlink: 'syz.4.3578': attribute type 9 has an invalid length. [ 179.308432][T13366] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3578'. [ 179.672025][T13392] loop6: detected capacity change from 0 to 1024 [ 179.699119][T13392] EXT4-fs: Ignoring removed nobh option [ 179.704768][T13392] EXT4-fs: Ignoring removed bh option [ 179.765639][T13394] sch_tbf: burst 22 is lower than device lo mtu (11337746) ! [ 179.781659][T13392] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0002-000000000000 r/w without journal. Quota mode: writeback. [ 179.817859][T13400] sch_tbf: burst 22 is lower than device lo mtu (11337746) ! [ 180.135204][T13417] netlink: 104 bytes leftover after parsing attributes in process `syz.5.3598'. [ 180.297756][T13431] loop3: detected capacity change from 0 to 512 [ 180.325656][T13431] EXT4-fs error (device loop3): ext4_orphan_get:1391: inode #15: comm syz.3.3605: iget: bad i_size value: 38620345925642 [ 180.342319][T13431] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.3605: couldn't read orphan inode 15 (err -117) [ 180.359483][T13431] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 180.436896][T13431] EXT4-fs error (device loop3): ext4_validate_block_bitmap:432: comm syz.3.3605: bg 0: block 5: invalid block bitmap [ 180.473565][T13431] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28 [ 180.485850][T13431] EXT4-fs (loop3): This should not happen!! Data will be lost [ 180.485850][T13431] [ 180.495624][T13431] EXT4-fs (loop3): Total free blocks count 0 [ 180.501690][T13431] EXT4-fs (loop3): Free/Dirty block details [ 180.507636][T13431] EXT4-fs (loop3): free_blocks=0 [ 180.512670][T13431] EXT4-fs (loop3): dirty_blocks=1 [ 180.517789][T13431] EXT4-fs (loop3): Block reservation details [ 180.523819][T13431] EXT4-fs (loop3): i_reserved_data_blocks=1 [ 180.587580][ T5433] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0002-000000000000. [ 180.617956][ T3316] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 180.829513][T13471] netlink: 'syz.3.3622': attribute type 9 has an invalid length. [ 180.837794][T13471] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3622'. [ 180.917468][T13471] netlink: 'syz.3.3622': attribute type 9 has an invalid length. [ 180.925276][T13471] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3622'. [ 180.989671][T13484] netlink: 16 bytes leftover after parsing attributes in process `syz.5.3629'. [ 181.841670][T13542] 8021q: adding VLAN 0 to HW filter on device bond2 [ 181.866319][T13542] 8021q: adding VLAN 0 to HW filter on device bond2 [ 181.884357][T13542] bond2: (slave gre2): The slave device specified does not support setting the MAC address [ 181.897579][T13542] bond2: (slave gre2): Error -95 calling set_mac_address [ 182.052436][ T29] kauditd_printk_skb: 56 callbacks suppressed [ 182.052454][ T29] audit: type=1326 audit(6064948351.321:2052): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13518 comm="syz.5.3645" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73bcbdaeb9 code=0x7fc00000 [ 182.131297][T13566] loop3: detected capacity change from 0 to 1024 [ 182.161656][T13566] EXT4-fs: Ignoring removed oldalloc option [ 182.199436][T13566] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 182.218506][T13566] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 182.242575][ T3316] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 182.781306][T13622] smc: adding net device bond0 with user defined pnetid SYZ2 [ 182.821467][T13622] 8021q: adding VLAN 0 to HW filter on device bond0 [ 182.856384][T13630] 8021q: adding VLAN 0 to HW filter on device bond0 [ 182.863753][T13630] bond0: (slave gre2): The slave device specified does not support setting the MAC address [ 182.875643][T13630] bond0: (slave gre2): Error -95 calling set_mac_address [ 182.922648][ T29] audit: type=1326 audit(6064948352.191:2053): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13631 comm="syz.3.3701" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdc06edaeb9 code=0x7ffc0000 [ 183.006882][ T29] audit: type=1326 audit(6064948352.191:2054): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13631 comm="syz.3.3701" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdc06edaeb9 code=0x7ffc0000 [ 183.030492][ T29] audit: type=1326 audit(6064948352.191:2055): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13631 comm="syz.3.3701" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdc06edaeb9 code=0x7ffc0000 [ 183.054282][ T29] audit: type=1326 audit(6064948352.191:2056): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13631 comm="syz.3.3701" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdc06edaeb9 code=0x7ffc0000 [ 183.077832][ T29] audit: type=1326 audit(6064948352.191:2057): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13631 comm="syz.3.3701" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fdc06edaeb9 code=0x7ffc0000 [ 183.101615][ T29] audit: type=1326 audit(6064948352.191:2058): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13631 comm="syz.3.3701" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdc06edaeb9 code=0x7ffc0000 [ 183.125341][ T29] audit: type=1326 audit(6064948352.191:2059): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13631 comm="syz.3.3701" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdc06edaeb9 code=0x7ffc0000 [ 183.149184][ T29] audit: type=1326 audit(6064948352.191:2060): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13631 comm="syz.3.3701" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7fdc06edaeb9 code=0x7ffc0000 [ 183.172689][ T29] audit: type=1326 audit(6064948352.231:2061): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13637 comm="syz.3.3701" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fdc06e9b78e code=0x7ffc0000 [ 183.466480][T13667] netlink: 'syz.6.3705': attribute type 83 has an invalid length. [ 183.533986][T13672] __nla_validate_parse: 8 callbacks suppressed [ 183.534003][T13672] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3706'. [ 183.578919][T13676] netlink: 24 bytes leftover after parsing attributes in process `syz.5.3717'. [ 183.590987][T13672] 8021q: adding VLAN 0 to HW filter on device bond2 [ 183.626305][T13678] 8021q: adding VLAN 0 to HW filter on device bond2 [ 183.638139][T13678] bond2: (slave gre2): The slave device specified does not support setting the MAC address [ 183.680687][T13678] bond2: (slave gre2): Error -95 calling set_mac_address [ 184.071873][T13715] loop6: detected capacity change from 0 to 1024 [ 184.088236][T13715] EXT4-fs: Ignoring removed nobh option [ 184.093918][T13715] EXT4-fs: inline encryption not supported [ 184.109965][T13715] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 184.137848][T13715] EXT4-fs error (device loop6): mb_free_blocks:2037: group 0, inode 15: block 177:freeing already freed block (bit 11); block bitmap corrupt. [ 184.168241][ T5433] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 184.735731][T13748] netlink: 24 bytes leftover after parsing attributes in process `syz.6.3736'. [ 184.750748][T13748] netlink: 24 bytes leftover after parsing attributes in process `syz.6.3736'. [ 184.833341][T13756] loop6: detected capacity change from 0 to 8192 [ 184.849280][T13756] FAT-fs (loop6): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 184.869659][T13756] vfat filesystem being mounted at /573/file0 supports timestamps until 2107-12-31 (0x10391447e) [ 184.941607][T13768] ================================================================== [ 184.949761][T13768] BUG: KCSAN: data-race in fat16_ent_put / fat_mirror_bhs [ 184.956911][T13768] [ 184.959259][T13768] write to 0xffff88811d95dbae of 2 bytes by task 13756 on cpu 1: [ 184.967003][T13768] fat16_ent_put+0x28/0x60 [ 184.971449][T13768] fat_alloc_clusters+0x57b/0xc50 [ 184.976587][T13768] fat_get_block+0x258/0x5e0 [ 184.981206][T13768] __block_write_begin_int+0x400/0xf90 [ 184.986691][T13768] cont_write_begin+0x5fe/0x970 [ 184.991575][T13768] fat_write_begin+0x4f/0xe0 [ 184.996190][T13768] cont_write_begin+0x1b0/0x970 [ 185.001071][T13768] fat_write_begin+0x4f/0xe0 [ 185.005690][T13768] generic_cont_expand_simple+0xb0/0x150 [ 185.011355][T13768] fat_cont_expand+0x3e/0x170 [ 185.016057][T13768] fat_fallocate+0x177/0x1c0 [ 185.020671][T13768] vfs_fallocate+0x3b6/0x450 [ 185.025286][T13768] __x64_sys_fallocate+0x7a/0xd0 [ 185.030251][T13768] x64_sys_call+0x1cd4/0x3000 [ 185.034957][T13768] do_syscall_64+0xc0/0x2a0 [ 185.039492][T13768] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 185.045412][T13768] [ 185.047755][T13768] read to 0xffff88811d95da00 of 512 bytes by task 13768 on cpu 0: [ 185.055586][T13768] fat_mirror_bhs+0x1df/0x320 [ 185.060287][T13768] fat_alloc_clusters+0xb48/0xc50 [ 185.065421][T13768] fat_add_cluster+0x46/0xe0 [ 185.070043][T13768] fat_fallocate+0x11e/0x1c0 [ 185.074659][T13768] vfs_fallocate+0x3b6/0x450 [ 185.079285][T13768] __x64_sys_fallocate+0x7a/0xd0 [ 185.084252][T13768] x64_sys_call+0x1cd4/0x3000 [ 185.088962][T13768] do_syscall_64+0xc0/0x2a0 [ 185.093497][T13768] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 185.099417][T13768] [ 185.101767][T13768] Reported by Kernel Concurrency Sanitizer on: [ 185.107949][T13768] CPU: 0 UID: 0 PID: 13768 Comm: syz.6.3739 Not tainted syzkaller #0 PREEMPT(voluntary) [ 185.117779][T13768] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 185.127862][T13768] ================================================================== [ 185.388490][ T5433] ================================================================== [ 185.396652][ T5433] BUG: KCSAN: data-race in __xa_clear_mark / xas_find_marked [ 185.404048][ T5433] [ 185.406380][ T5433] read-write to 0xffff88812c5336b8 of 8 bytes by interrupt on cpu 1: [ 185.414532][ T5433] __xa_clear_mark+0xf5/0x1e0 [ 185.419224][ T5433] __folio_end_writeback+0xf4/0x360 [ 185.424447][ T5433] folio_end_writeback_no_dropbehind+0x6d/0x1d0 [ 185.430708][ T5433] folio_end_writeback+0x1c/0x70 [ 185.435748][ T5433] mpage_write_end_io+0x270/0x630 [ 185.440796][ T5433] bio_endio+0x37a/0x410 [ 185.445055][ T5433] blk_update_request+0x338/0x730 [ 185.450087][ T5433] blk_mq_end_request+0x26/0x50 [ 185.454949][ T5433] lo_complete_rq+0x98/0x140 [ 185.459545][ T5433] blk_done_softirq+0x77/0xb0 [ 185.464238][ T5433] handle_softirqs+0xb9/0x280 [ 185.468932][ T5433] run_ksoftirqd+0x1c/0x30 [ 185.473368][ T5433] smpboot_thread_fn+0x32a/0x510 [ 185.478320][ T5433] kthread+0x488/0x510 [ 185.482403][ T5433] ret_from_fork+0x148/0x280 [ 185.487004][ T5433] ret_from_fork_asm+0x1a/0x30 [ 185.491782][ T5433] [ 185.494112][ T5433] read to 0xffff88812c5336b8 of 8 bytes by task 5433 on cpu 0: [ 185.501687][ T5433] xas_find_marked+0x213/0x620 [ 185.506476][ T5433] filemap_get_folios_tag+0xfa/0x510 [ 185.511774][ T5433] filemap_fdatawait_keep_errors+0x6c/0x190 [ 185.517679][ T5433] sync_inodes_sb+0x40e/0x4c0 [ 185.522376][ T5433] sync_filesystem+0x102/0x190 [ 185.527157][ T5433] generic_shutdown_super+0x44/0x210 [ 185.532546][ T5433] kill_block_super+0x2a/0x70 [ 185.537231][ T5433] deactivate_locked_super+0x75/0x1c0 [ 185.542616][ T5433] deactivate_super+0x97/0xa0 [ 185.547318][ T5433] cleanup_mnt+0x2bb/0x330 [ 185.551753][ T5433] __cleanup_mnt+0x19/0x20 [ 185.556182][ T5433] task_work_run+0x130/0x1a0 [ 185.560790][ T5433] exit_to_user_mode_loop+0x1f7/0x6f0 [ 185.566177][ T5433] do_syscall_64+0x1d3/0x2a0 [ 185.570782][ T5433] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 185.576680][ T5433] [ 185.579005][ T5433] value changed: 0xfffffffffff80000 -> 0xfffff00000000000 [ 185.586118][ T5433] [ 185.588467][ T5433] Reported by Kernel Concurrency Sanitizer on: [ 185.594625][ T5433] CPU: 0 UID: 0 PID: 5433 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(voluntary) [ 185.604527][ T5433] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 185.614603][ T5433] ==================================================================