last executing test programs: 1.686215997s ago: executing program 4 (id=11055): r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2}) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'pimreg0\x00', 0x0}) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x6, 0x3, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000010b00000000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000140)={r3, r2, 0x25, 0x0, @val=@netfilter={0x1, 0x0, 0x7}}, 0x20) 1.580694622s ago: executing program 1 (id=11059): r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x7}, 0x1c) listen(r0, 0xfffffffc) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff) r3 = openat$tun(0xffffffffffffff9c, 0x0, 0x40241, 0x0) ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) dup(r4) writev(r3, 0x0, 0x0) r5 = socket$inet_mptcp(0x2, 0x1, 0x106) r6 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000009c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x100, 0x80e1}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) sendmmsg(r5, &(0x7f0000000540)=[{{0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000300)="eb", 0x1}], 0x1}}, {{&(0x7f0000000280)=@pppol2tp={0x18, 0x1, {0x0, r6, {0x2, 0x4e21, @local}, 0x0, 0x0, 0x1}}, 0x80, &(0x7f0000000580)=[{&(0x7f0000000180)="1619611018e85afabc2cf02d8b8b3823dbc3b244f46efc970b175619a7a8", 0x1e}, {&(0x7f00000004c0)="97d491458b1ead14df923c6d2880fb3d766d955e304f0fe1112f0dc4532ec762fa1c0904561d733e6ab35e5fb95fc27ef22d9cd8dbbc8c", 0x37}], 0x2, &(0x7f0000001d80)=[{0xf0, 0x0, 0xb779, "ba9da4d6efa6eaf5371422e53637f001743d34e72d4ed3d93f5ba2eac6df8c74bef2db507c905ffd277b83edb1e7b7f3309c8b94da4853acb960dbe68e97ab77665f07f2e55fb1f2be68593106b3f21c81c3b762d4744354a8f834abd906150ec63ef09131ff6c877919ebaf43f903c16bf52c7b7f0b30a77f646fceb8e959d63c7b3d8441a92ccae85dfe987bae871ed897c95e2b81cd6d496fab89fa83a94d564d30a2d17175179b11dc9e3c3fd84c22e86519d81326ed441af4de0e591502bba328d206e49ba3849c23114abe68e34e2b8edc2d7e009d0f2cd0d43179dac06c2dfaec"}, {0x100c, 0x3a, 0xa, "0b33a3f8ff15f433bbf59e8879615f84d8f13273f6f9402c3c2bcac96241f9c31153295afd16306b59e67b49821d83e30f9fbf2891a82ba33520c9b1a5237c8dac7534d0015e91639e2df3f814621a7de23e2f1c3aece9fd85a10d4f9c7f6758df6db9d2e5db237bca613669f3026fc137df9a5a368a0fa995efaed04de25bcd700cd0f26998be1200caecce6fcb4c332be073db4f7f5db6885ba9c4e509569294d2ca18e0c46e4b3ec7e201aae3f88c0b2f340d658126eb70db84c84a9722d022b9f034530df82666d2d0e7a4fcdefead59b9a9d3fbdcc0c7a32801ca79e9e03fd19387a852837991333cd026fdc26f137dec1b5df571456dc82ced47efcc374689a088a0cfddcd74a6b08bd1cc57260a372e1b6e406c8c084c3b2aa626763f17155e5bf4f137b799d289fb1871230bf21f187d89c4792b8862ebd167f65cee976efe798853261ed0d2f9a46e312f89af97717b240a6e67015930708db475b4cef9a682e1c7c1754fe3009a8ad13410287ef29e6bd33ccfa698a83cd47500f59905768759e992a4e60f70f68a284bdc944476236c761d445db984897245bbf21d201888fe35b595a78acfe7f9cc36a5666e1225bbcb8b4ed8b286d5ddfa6088ec0857af9153330ea2630b2153de726b23ce73500f3a9b8fd2dd3830ef97e23db0a017220204018fb2e325ecb82c4e5e2494798bbc532c8a8fa0f97ac1b72fc1dc9bf706070c386b482e332219c26ed867ee0804f86e87c6264be32bc8560e0053d51f8c1a06bc1b132625d2f30551f70c845ecd067decba610e54d75266a2c5dc64942f189aa11767c83b38f34f5b75c7ab94d7c98f436cb92fe82496f9963abd528f7191183e295da0e1a9d1ed384ea5016c9c7c22f4fea019ad63db8495456451d9f0b59c3f95b621e22a5a58591095592d0730858dc8c4b0c1151a07b6f851c8147782fdd9bc7150b199ec8cc29d304d3d5275e7323a36b5da6b66602516121f40f701df4655b00e1c79d74cbb976887628d3aa0fcc8fd51345904aface278f4c1dce8ce4c9c59beaba7fb3bca0e1e237c67a160bb8aeb5ca80bf50fbfe330eead59502a9f6a5271a1a35eba443af010a85d872ef8a946cdf77db93c93909157225c12f095ee98f7338727a755bc5a0c7ff287f6c784be3b27ef4cdce691c8a00c07208af77ded9dde7bd514d5b643c880f2258adf0fdf94b58327c086a1fe673334a6a65cb71369bbbaf0ee20a071eb6efeb1fda4467698ca88d0482d4f63045c608eb3da8dd02a14c5d4ff8f87657ccf62b42fc8c7f8a1f34a21b646f07e93d2b65b56a45e9bbd542f474990658fc3433882f165db15a1c03f4d62419096d7cf1e1a365d811e374f653d9a704d9504beaccb3daeedee584af0efd842549dde0fbc77cd44e3d86e48be814f8b4027ee182d530613aa56de481eecb62de82f36ac7a9d57f56214ba43a1d72cb4255142146824db79771cd8467f9dbf43314248c039b1ba3c9b0c52ef4a5c2ba7b75f04a83296ae7f67cbd127221f0ae4055c712f82f789867a68e428e01b9a3a0a25422bc85b4c14871ee718a03304d5b1513acf87ff5df6283d13b6ce459698ee8f076c2ba32e6d8303f6958410feee7376917889056d18b76d9c6bbe8d223f39d4c2d263de7b6d3b9c2501672c77c46becfaabe8fc56462f9033dae6997c2c0e9b136a9c459ec35e8e83e2eb29dd834db81f34d551c11bc27bf74b922c86b0e79102744c410e34fd9bcb9a2be9d2e0d49f6ef474490ad3650fd183a54848e8d7adcae63f4204950993998462c53748dd093c669b2b2cc285fb087834aaaf545d356c882161d0912b18ef26aa01fc43c645923a15476b31298539521ecc5956abb9a5d5fbdaad8339ec41abf3fa080e20ab20e19001e34ad9267779235de9180329d8d9d1e2b21371d710ef1defda7d6bf8d39b7cf3fab667f8bf8a775a783ec6c1f99856b5f7063df535906f0bd9262945b2637e1c381c067b377ebd2b66ba4880f583ff7fccf1d7f3958cb79b74b408d9e0caf2eed6f85bd87aa0d67b012d07346decd072dc6626c345b601a6201e2a75cf481143a256d7c8493dd2d9497ef539271ee5d3f607925b46801cda5ad614ebee6302ff1b9c0528b0916f2a795a45506ed0a9a311d2cb07021ba45b8f38666b80814196e66231c7e7c8cbab559dd8a04d75e98c9007d827bc47c696ec3fea34058aa257bf51b06268546445724ad8cb033e0553f6582081d02941f60faef389c8614cc81f905ba835ff2d438549360fc34e3497148da0b86e9566da8bd14739d5537628d715282c1ab1c74aa300cfae0c3bc0586c72d33f3f3f28369da9810e82334911f1931390e47fed9bb390862eeee5fa2c9ca0e8d8a2599dc70f6b17baaf777b8906475abc1b75a752d57ed94a05a9253f035d1642f11bd4db51b27e4203f4eb2e6904a4397a14fc973e0eae32e1fbeb3fb0265acd5dcd4ed1c8bdf486b1b02353ecae742ec6050e3e1a93aad7bd52417d6d56382a2a17bde6eee4473ffc56cd00ea4162ffe1e8b421879dd479d61dc7e05945f0b4a9d2f2a82fa356f7d422c6aaa75383d0724f744c47d3d1eda851cbb08cbded7bfd933d372547e947c0778810265b67f104757289dfe65cbe6f07a4515e2824f42c97c4648b625272765f79615a9988a830a240152ee907b3c2f6b446ba032e1753c5b3c38d6a4561e822832b8995f80c915d0b828d496326e47d0ef7942b80543cd879f6aad33ca60f7fe6dd7775c66051c6b787df1295f09381592d9c781e6aac396582d04176ade6819c20f66a56d6cd68764c19177478db5aaae335a6f9d9cae91fd6be685461966017245bb6a1914c1af8b48c103de90ab130f045c3a209ba7ea082f2236d8ba1b0401776c82fb3cb0193be14f619b42ccdc9a9661005a7b6e28fd43fb213a3c2e7606936300d39f27cac3b2724dc7d15baf5bdb239afca508f29ce235cbfbf50ab51e74d91e59e0d6cbdb6916b9858176a1b99e2f2626a0da9d102c24652dd40b19d8bb38fef0cbdf8421a0263039fe75feb0a6932c144f0f6392d55191e0c3e644e73986a66966bb80a250e6536489fee757a84aa17c936d3541a3181d22c8831462d88f0d3b554691bff3fe0e2fff54416fb6a172e34f5b8a04258264c6a430aa93143c5a5391b738309839fef83e8a7d90892c9aa9616f69e14f69b26f7ac246b9b774936de59b785d36644964246908cb3c4448f44ebe9e10820a4cbed61853a36379f80be7f62d07500cc6e7234c6f043758d0b21ce9fdce47193381da917fc32ae0a4a7fbbb37acee3eee4f49fad26118f91fe6a07404d74f81bab8e2d390de16b276875cf5ecd4462ce337c119229be3e85bc10b6ca52ac9bd9aa95afe56a05db44f14352c1ca589f97c028fb0792f7d0a44399deafa172be585ad8c2ae0a925eec023493654381002706c75d0a15da3086e66329a9ef2f6df8acf6c028ff9cd5eb9b1c3fa95d33018e4042342c82a455ace5004c19cea6629252595e6fa57095f3c05ed736cecf2b60d90e61f851633571ddf8fecf371174c800d8a66cd2639e8bd63bf422782c5d59c10a75bb1b00c7f79e72b6d2ad2fa6a2eba6c12c6d04298aa4e00aa270c01bb6945f6ebbb3d7af56092df7e5e5a1b7777955f4d1e7e6aecb64d88944ebf6fbe60c137753fb31d9a7e31469db893836374f7a55b6d182c830224b84fff5d9853505b53f5e2953a50d3122f46fe1c068cf5ad52d52aa9f876d388711498967a3b58ed662798fd115e0eca826e2960a0bb23b820f5c70c928ddde36158bebc8979bd57092b76bbccc0db753c3bd3366ddbfe65772aff1626c1624f3d0e760819b0550c460dcc1e18e3856a9c510ab1f79546b80f4d1b8363345b8a2f88f33d00965323ab84a7a0ea35638b155116324e8496c1773af6ce9ce9c0748b009f44676aa11a0c61ce6570db6550d0e483daaad2f854a3cbbe8a3f09bacf2dcd2d2ed0f89a2e0ead827d71c57bf9999abe5c9e66720d86a17edf69d548f25a17bee6840a6fb62fcceda79b058627bce2859e19122deb838e2ef727b0f863dcceeaeef7ccd79950be26a96c657740d346608167e5023673b7a9560f226cbb085c4e5e18cd6428f9c1d961f2d928e0726ee2dfbfadcd237ee5fab3ddc605fa85ba0b079f8efa7da2f366d005a2747e57762ffe3e4422903a9a099d7e3348386b191029635103cf8e99c6e2fe82826dabe2394fc5a459a00aacbe19c26807ca86b90694bb7397c668786c988da77de97529902f228643df4e8c3ddd8fba68acb169892644bef11ca21888a9d6fb40031f2a039623e23a1d1c9c6b8bc43a9d394b76b7c3f38ed72b977be5f3e50d69bf90baa78357f62e2014f9048bdcbdcb697d0677a1029c07682d0bb7b22687a4d8ef4d98c6230417ea2cfcf3178058794569d4754b63b532d537354e3b66a19823d10791d559267733bc278e694216a387fb0a52623cc12b09122ee5244b6fc53c3956a669c59062b3760830344eb926b184c11e429e206f04a8bea9085e5c074c983e4d9e6b1476afc9101b936317c72cce56c3c8419eaf86961d2f33ee4155777f693516a658fe66a4b933cf59d20af3723478a37b1e91cfd79399cf77d1228a28b019a74fdf2bb8cc2f84ff265b8aef3223d61998dfed4d0ac547fa9e6b3f94d894aff6f243246837912ebf6b394a8d0195321d4678ee801ae8aa747f5995298a5628bf593a36d678b2ff59384097993893f7a819ab29c9b4bc99fec13038e0ca8338b635a96d7e9323da449be6fc3fe98e91f030d41e245beb5263f2f5a94a39fdaf102e6c19e690e5cf8d452160b5e0fe2672dde34485e13ea5002ece004d12a956f0d8bedea1aa810e5ef994622f43e84d3a742556928053afdb49c4e0d3941a5f3764bc0be282d7a5d0b956cfd40b732d456b32add76dffb987f8da58aa732ed83bad53c5133e4f733e664b0c5dc3cdc74de41a81e8287e1b369882c27d5265143841484210b5c25777957ddba84433b7b9264a5ccebc330f8a919ac9d2556212145dbb7017e70452b63dd6a39abde8ce03580612b301fe742d31eda6e66f3ad4f7c1a028e93cd8f27cec87142bd290ead432f100af5ed55b7cf0a62a0cb2d8b31a2e5d8a6855e28a29b929dcfa4a53a97d7536c60f972bcda14fdbea1b59fd14b5d27ae13ab0b777269e902ef4c0e1b1929ef587b16286d9a48aaed1017088817e78fc13697ee5ca71bdfa278d439a5a699cd026fbbd523324d69e7d517cdcbe704e8c1f738f737b3023b31a4aa80955b2eca7813327d1031c72417a90dbad58766be2765a0eec58fb9eac6253a4d59114fcd85cd7422363beae3b7735b47a278cee46de07f058b269ffbf34573e60a7a258a04ceacf6edaa5c39cca63e691c212cdacfa25dec7c662a268c79839293a63b2fd320635164830f7835e1303e30f746c466cb76c45cdddff4cd1292ae7de50065370008cd6a86a5e0f114cdbfc383ab35eb9dcdee3d471c88b956c3098e24bfa0baa953d9ded2884e8beb59eea5aabb0999efda0c5db28ea8a68fba08c0a6b3ec10b0c136b3be67023b9b94ae9a11adcd5dbf06451d011e5223819a568309b2992c5d81608e48bb1e6daf2008c5090030a5eba1f87a6df1bd2ce66d00edcef446cb06b5ed1d76e25dd0d44385729841ef69e1228f75e483de3076b9ef2203669b0685798a3ec77c9aee974fcfbd669d3cb89f76840726d53105acb2e01b4abb234d95e5b9023fc3ed092d8618d981c6e6492d"}, {0x64, 0x10e, 0xff, "d557b745815984fbf4d0b033ab70154d7b778107055a854be8c03e111e0cb30e39efe3e8535877c5660c1ba238e3f201f98586435c2d44e3de829a7557083b55e75102d660fde7e761c926deace52ad40076a239199804"}, {0xc, 0x118, 0xffff}, {0x64, 0x103, 0x26e, "da8a4e6bf007a912bca3751d674cbc66fe82d074aa9350624bc8d53920b4b6f7b5201c0b20f0dcf94ece2c33e9375f3f378136e2720e65d8d45344ba3e6b1fa2d3a0bc7931626ca1344ce67b740b40a5413cb41cf01f"}], 0x11d0}}], 0x2, 0x80) sendmsg$MPTCP_PM_CMD_DEL_ADDR(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)={0x28, r2, 0x7, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @local}]}]}, 0x28}}, 0x0) 1.566624653s ago: executing program 4 (id=11060): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x22, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xfffffffffffffea1, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x9}, 0x80}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x2, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x10000000000002) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10) pipe(&(0x7f00000001c0)) r4 = socket$inet6_udplite(0xa, 0x2, 0x88) connect$inet6(r4, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c) sendmmsg$inet6(r4, &(0x7f0000007e40)=[{{&(0x7f0000000340)={0xa, 0x4e20, 0x0, @dev}, 0x18, 0x0}}], 0x6c00, 0x48) sendto$inet6(r4, 0x0, 0x0, 0x10, &(0x7f0000000140)={0xa, 0x4e23, 0x0, @ipv4={'\x00', '\xff\xff', @broadcast}, 0xffffff69}, 0x1c) r5 = socket$netlink(0x10, 0x3, 0x0) getsockname$packet(0xffffffffffffffff, &(0x7f00000002c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x7) sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="480000001000050700000086d7c0d6c878f064eb", @ANYRES32=r6, @ANYBLOB="0000000000000000280012000c00010076657468"], 0x48}}, 0x0) 1.309288653s ago: executing program 1 (id=11061): syz_emit_ethernet(0x2a, &(0x7f0000000100)={@multicast, @random="8a0a63cdec59", @void, {@arp={0x806, @ether_ipv4={0x1, 0x800, 0x6, 0x4, 0xa, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x10}, @multicast2, @random="410986e2085b", @remote}}}}, 0x0) 1.224353987s ago: executing program 1 (id=11062): openat$ttyS3(0xffffffffffffff9c, 0x0, 0x8000, 0x0) setsockopt$XDP_UMEM_REG(0xffffffffffffffff, 0x11b, 0x4, 0x0, 0x0) connect$inet(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, 0x0) getpid() sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x400000000000041, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r0 = syz_io_uring_setup(0x497, &(0x7f0000000400)={0x0, 0x7079, 0x0, 0x34, 0x28b}, &(0x7f0000000140)=0x0, &(0x7f0000000200)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_SYMLINKAT={0x26, 0x8, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x1}) io_uring_enter(r0, 0x7c45, 0x0, 0xe, 0x0, 0x0) 1.178697879s ago: executing program 1 (id=11065): mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x2000, 0x1a8) unlinkat(0xffffffffffffff9c, &(0x7f0000000380)='./file1\x00', 0x200) fchdir(r0) r1 = syz_open_procfs(0x0, &(0x7f0000000480)='task\x00') fchdir(r1) mount(0x0, &(0x7f0000000180)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000040)='stat\x00') pread64(r2, &(0x7f0000000140)=""/15, 0xf, 0x4) 1.15199778s ago: executing program 3 (id=11067): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r2 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd26, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_FSC={0x10, 0x2, {0xd, 0xfffffffb, 0x7ffeffff}}}}]}, 0x44}}, 0x20040084) r4 = socket(0x400000000010, 0x3, 0x0) r5 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r4, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000027c0)=@newtfilter={0xa8, 0x2c, 0xd27, 0x30bd29, 0x25dfdc00, {0x0, 0x0, 0x0, r6, {0x5, 0x4}, {}, {0x8}}, [@filter_kind_options=@f_matchall={{0xd}, {0x74, 0x2, [@TCA_MATCHALL_ACT={0x70, 0x2, [@m_police={0x6c, 0x1, 0x0, 0x0, {{0xb}, {0x40, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c, 0x1, {0xfffffe00, 0x20000000, 0x5, 0x1, 0xdbec, {0x8, 0x0, 0xb55, 0x5, 0x7, 0x5}, {0x6, 0x2, 0xd, 0x5, 0x1, 0x5d17}, 0x2, 0x0, 0x6}}]]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x3}}}}]}]}}]}, 0xa8}, 0x1, 0x0, 0x0, 0x10}, 0x40) 1.15038526s ago: executing program 1 (id=11068): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f00000004c0)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in6=@rand_addr=' \x01\x00', @in=@local, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xa9, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xa00, 0x40800000000000, 0x800000000000000}}}, 0xb8}}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)=ANY=[@ANYBLOB="021600000a0000000000000000000000080012000007a18208"], 0x50}}, 0x0) 1.099821042s ago: executing program 1 (id=11069): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x42901, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) r1 = socket$kcm(0x2, 0xa, 0x2) socket$packet(0x11, 0x3, 0x300) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) write$tun(r0, &(0x7f0000000240)=ANY=[], 0xfdef) 1.045105225s ago: executing program 3 (id=11071): r0 = syz_open_dev$loop(&(0x7f0000000080), 0x401, 0x800600) ioctl$LOOP_CONFIGURE(r0, 0x1277, &(0x7f0000000700)={0xffffffffffffffff, 0x1000, {0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1b, 0x15, "54c870a8634edc745dfa1ab0a34a10a233e6180aa539ec68114b5aba1c98911df5ba72296d56740d56ea4d0434aa3592a4791300", "fc0177a6f3bb16d5d5560f93e0e50bbf206c9d8db97c00040000000000005f8a654e14dc7c4cc6020004003b3acc9f02cd3eac8be657b534bfa1142100696b29", "c921095856cdf9fd8199034f3b875fe5c92394e3c7a178fb1c16c99189819ef4", [0x1, 0x9]}}) 988.311587ms ago: executing program 3 (id=11072): r0 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$inet_udp_int(r0, 0x11, 0xb, &(0x7f0000000200)=0x6, 0x4) bind$inet(r0, 0x0, 0x0) syz_emit_ethernet(0xbe, &(0x7f0000000300)={@local, @broadcast, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x68, 0x0, 0x0, 0x88, 0x0, @remote, @local}, {0xfffe, 0x4e24, 0x4d, 0x0, @wg=@initiation={0x1, 0x4, "497a1d08fd3d0ee007022798bb6374ed840b4f36f41fc4d035e9ebe414aa958d", "4bbef5e4007898221aa606d083cd59745493938f1e2de8fdadd3823fedd2c01b2aff03050a4ca5d10fd1b6b06f47ea42", "ef7c9d6a98e3943f6892078bb952854743fe4dddd2e7c0ce70a4ac7d", {"a851525b16af17fe87acbae2ab0b233d", "01422d01cd53c3abe94331d0b7918724"}}}}}}}, 0x0) 960.867278ms ago: executing program 3 (id=11073): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) ioctl$TUNSETOWNER(r0, 0x400454cc, 0xffffffffffffffff) 823.956504ms ago: executing program 3 (id=11076): syz_open_dev$hidraw(&(0x7f0000000000), 0x0, 0x10f242) 823.682194ms ago: executing program 0 (id=11077): bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0xe, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="850000002e0c000016400000000000005c00000000003b16"], 0x0, 0x4, 0x0, 0xffffffffffffffff, 0x0, 0x0, '\x00', 0x0, @sk_skb}, 0x94) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.numa_stat\x00', 0x26e1, 0x0) close(r0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='mm_khugepaged_scan_pmd\x00'}, 0x18) socket$kcm(0x10, 0x2, 0x0) ioctl$SIOCSIFHWADDR(r0, 0x8b28, &(0x7f0000000000)={'virt_wifi0\x00', @random="1f00"}) 823.337814ms ago: executing program 0 (id=11079): r0 = socket$pptp(0x18, 0x1, 0x2) bind$pptp(r0, &(0x7f0000000000)={0x18, 0x2, {0x0, @local}}, 0x1e) connect$pptp(r0, &(0x7f0000000080)={0x18, 0x2, {0x0, @rand_addr=0x64010102}}, 0x1e) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f00000015c0), 0x2300, 0x0) ioctl$PPPIOCATTCHAN(r1, 0x40047438, &(0x7f0000000040)=0x1) close(0x3) 792.694736ms ago: executing program 3 (id=11080): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x1c1742, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) close(r1) socket$netlink(0x10, 0x3, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0) unshare(0x8000000) semget$private(0x0, 0x4000, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000640)={0xffffffffffffffff, 0xf0, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1d, 0x0, 0x8, 0x0, 0x0}}, 0x34) bind$vsock_stream(0xffffffffffffffff, &(0x7f0000000040)={0x28, 0x0, 0x2710, @local}, 0x10) r5 = socket$vsock_stream(0x28, 0x1, 0x0) connect$vsock_stream(r5, &(0x7f0000000640)={0x28, 0x0, 0x2710, @local}, 0x10) recvmmsg(r5, &(0x7f0000002b80)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f00000002c0)=""/80, 0x50}], 0x1}, 0x5}], 0x40000, 0x0, 0x0) shutdown(r5, 0x0) read$msr(0xffffffffffffffff, 0x0, 0x0) ioctl$KIOCSOUND(r2, 0x4b2f, 0x2) ioctl$TCSETS(r2, 0x5402, &(0x7f0000000100)={0x6, 0x73, 0x2, 0x0, 0xb, "88bd91aa28528000000000007500000400"}) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0xffffffff, 0x0, &(0x7f0000000040)) r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl802154(&(0x7f0000000200), r6) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}}) 792.229466ms ago: executing program 0 (id=11081): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='contention_begin\x00', r0, 0x0, 0xd}, 0x18) dup(0xffffffffffffffff) syz_io_uring_submit(0x0, 0x0, 0x0) readv(0xffffffffffffffff, 0x0, 0x0) syslog(0x2, &(0x7f00000004c0)=""/164, 0xa4) 717.153529ms ago: executing program 0 (id=11084): r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2}) openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) r1 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000180)={'pimreg0\x00', 0x0}) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x6, 0x3, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000010b00000000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000140)={r3, r2, 0x25, 0x0, @val=@netfilter={0x1, 0x0, 0x7}}, 0x20) 583.984295ms ago: executing program 0 (id=11088): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x90}, 0x0) 532.205297ms ago: executing program 0 (id=11089): r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) setsockopt$bt_l2cap_L2CAP_OPTIONS(r0, 0x6, 0x1, &(0x7f0000000000)={0x4fc0, 0x80, 0x6, 0x0, 0x8, 0x80, 0x7}, 0xc) bind$bt_l2cap(r0, 0x0, 0x0) r1 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r4, 0x10e, 0xc, &(0x7f0000000180)={0x80000020}, 0x10) sendmsg$nl_route(r4, 0x0, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) setsockopt$netlink_NETLINK_LISTEN_ALL_NSID(r5, 0x10e, 0x8, 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000340)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0xc, 0x8, 0x4, 0x3}, 0x0) r6 = socket$inet6(0xa, 0x2, 0x88) bind$inet6(r6, &(0x7f0000002c80)={0xa, 0x14e24, 0x0, @rand_addr, 0xffff}, 0x1c) connect$inet6(r6, &(0x7f00000002c0)={0xa, 0x4e24, 0x0, @rand_addr, 0xd}, 0x1c) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x40) sendmmsg(r6, &(0x7f00000092c0), 0x4ff, 0x0) r7 = syz_io_uring_setup(0x2b9, &(0x7f0000000740)={0x0, 0xb1e9, 0x10100}, &(0x7f0000000080), &(0x7f00000001c0)) io_uring_enter(r7, 0x2ded, 0xef92, 0x0, 0x0, 0x0) sendmsg$L2TP_CMD_TUNNEL_CREATE(0xffffffffffffffff, 0x0, 0x0) bind$bt_sco(r1, &(0x7f0000000040), 0x8) 395.866983ms ago: executing program 2 (id=11091): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="180000001a000000000000000000ca00791280000000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x94) 349.148035ms ago: executing program 2 (id=11092): mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0) openat$dir(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x2000, 0x1a8) unlinkat(0xffffffffffffff9c, &(0x7f0000000380)='./file1\x00', 0x200) r0 = syz_clone(0x22180, 0x0, 0xa42f, 0x0, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000480)='task\x00') fchdir(r1) mount(0x0, &(0x7f0000000180)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0) r2 = syz_open_procfs(r0, &(0x7f0000000040)='stat\x00') pread64(r2, &(0x7f0000000140)=""/15, 0xf, 0x4) 285.101558ms ago: executing program 2 (id=11093): r0 = socket$inet6_udp(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f0000000500)={0xa, 0x4e20, 0xd19, @empty, 0x4}, 0x1c) connect$inet6(r0, 0x0, 0x0) syz_emit_ethernet(0xda, &(0x7f0000000140)={@multicast, @local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x4400, 0x0, 0x0, 0x11, 0x0, @rand_addr=0x64010100, @multicast1}, {0x0, 0x4e20, 0x9c, 0x0, @wg=@initiation={0x1, 0x1, "69eb047c187e143bddcbe699ef7a74fd2c1a7c6b59dd637719d6395dda566f42", "6e8ae37dc217c78b70a4dc5eeb6f624200e45176f0c8444ad4b18c65ce5eb8dbb3b30234e8bea411688bf272fdef179d", "ffffffff08ffffff7f67384ff24422a0e9fc1dfc0001b200", {"18b0a3516f6b94835c625da017fdd035", "7fa6bc2b0e933988c64a103320cfe3d2"}}}}}}}, 0x0) 232.296829ms ago: executing program 2 (id=11094): r0 = socket$pppoe(0x18, 0x1, 0x0) connect$pppoe(r0, &(0x7f0000000400)={0x18, 0x0, {0x4, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x27}, 'lo\x00'}}, 0x1e) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=@newlink={0x30, 0x10, 0x1, 0x0, 0x0, {}, [@IFLA_MTU={0x8, 0x4, 0x600}, @IFLA_GROUP={0x8}]}, 0x30}}, 0x0) connect$pppoe(r0, &(0x7f0000000040)={0x18, 0x0, {0x0, @remote, 'veth1_vlan\x00'}}, 0x1e) 157.186813ms ago: executing program 4 (id=11095): r0 = syz_open_dev$loop(&(0x7f0000000240), 0x40, 0x1c0862) write(r0, &(0x7f0000000100)="7ef2", 0x2) 151.580193ms ago: executing program 2 (id=11096): r0 = socket$l2tp6(0xa, 0x2, 0x73) bind$l2tp6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @empty}, 0x20) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$l2tp(0x0, 0xffffffffffffffff) sendmsg$L2TP_CMD_TUNNEL_CREATE(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="0100000000000000000001000500050007000000000008000900030000001400200000000000000000000000e1ffe000000108000a0000000000060002000100000014001f"], 0x5c}, 0x1, 0x6c}, 0x0) 96.018506ms ago: executing program 4 (id=11097): r0 = syz_open_dev$loop(&(0x7f0000000240), 0x40, 0x1c0862) r1 = openat$sysfs(0xffffffffffffff9c, 0x0, 0x82802, 0xf) ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f0000000280)={r1, 0x1000, {0x0, 0x0, 0x0, 0x0, 0x4000000000001001, 0x0, 0x0, 0x1c, 0xc, "faf98317e5a1149989fc8dbe53ea6acc96e3a2503dc3bd3fe37d58128bbad0099cebdc25f5ab60c9e6d680f985881a8a0f3500000000000000000e00", "32d8cc26f7061a74df2cfc06c89f3d9e234b30c50997d3bef409ff2176ff7bfe55cd4a5d83cd4a524bd3ffe70c7f3f800b2f7b6aa54cc50a1fcaed1e831fa79a", "675237601a8ca5b07dcc141802c4dae4162e43ac61b7ad3300", [0xfffffffffffffce8, 0x6]}}) sendfile(r0, r1, 0x0, 0x200) 95.491276ms ago: executing program 2 (id=11098): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) close(r1) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$tipc(&(0x7f0000000080), r2) sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast}) close(0xffffffffffffffff) socket$unix(0x1, 0x1, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000180)=0x22) ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"}) 16.390469ms ago: executing program 4 (id=11099): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x90}, 0x0) 0s ago: executing program 4 (id=11100): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2}) r1 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) close(r1) socket$inet_udplite(0x2, 0x2, 0x88) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendmsg$IPSET_CMD_RENAME(0xffffffffffffffff, 0x0, 0x800) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r3, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r3, 0x6, 0x1f, 0x0, 0x0) openat$tun(0xffffffffffffff9c, 0x0, 0xc80, 0x0) r4 = socket$igmp6(0xa, 0x3, 0x2) r5 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r5, 0x8914, 0x0) ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r4, 0x8983, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, 0x0) bind$inet(r2, &(0x7f0000000280)={0x2, 0x4e21, @local}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r2, 0x6, 0xd, &(0x7f0000000240)='yeah', 0x4) connect$inet(r2, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) r6 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r6, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000740)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x40000, 0x25dfdbfb, {0x0, 0x0, 0x0, r7, {0x0, 0xb}, {0xffff, 0xffff}, {0x3, 0xfff3}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x6, 0x6b7, 0x80, 0x0, 0x1, 0x91b1}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4000400}, 0x24000000) sendto$inet(r2, &(0x7f0000000900)="2e552f5d9fd8b0d9627c4980f0d1ea2bf8f617a682acd2841acd878bd68344d4f50f83b0c51fa9135a01c95d4a068ec8b12d01010000a44c4505ba9a36f2cf4cc5e8308126d0a2c3b9d24e57c5011376b6263e2a1258eec1eb72bedea3eb5ccf73eb081b4c6d5faa998d7b795c057dd757d14200a8a6dbb3e59df96b77d16753ac4b32b94ffe6b5ee304d0428eb18056657c8c5c71c632be66cb26fe5c9abec7591ef3cb9b2a1133e9fa9bf0de6c378bed7b51cb8a07c343aabfda193349b91a5dc81a658cb61fbbfa51ef95abe03381ee2cb8d41da19ea8b96ec68ce17cf57da60f1d04acaf34a643db8d2d5ad2991f306b42744347a0c9e1fe2136b2b3da49032d3a57df1e236222cf6d6fe396aff8e5fe7fff5baa88789b783c12045e2c904a5d118369fdddc3e6e2f24bdbb26df92ac9bf4751c897a87c0223888e36ad14ba6e4d879ff464cac6f13a3a543e067d922e99c50f2fc6391e9c1c82b7195005eafdbb3374200c134cbd0f11739e8c19dd07140686242fea48caf3a1a93b86f35d77f258a2c9ce24cf321068551a584262d7a74a344e428c77c8af755e72904b0ca8a0bb359fb0", 0xffffff5d, 0x12, 0x0, 0x0) recvfrom$inet(r2, &(0x7f0000000080), 0xffffffffffffffa9, 0xc9100120, 0x0, 0x1500) bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="0500000004", @ANYBLOB='\x00\x00\x00\x00', @ANYBLOB], 0x48) r8 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$tipc(0x0, r8) sendmsg$TIPC_CMD_ENABLE_BEARER(r8, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={0x0, 0x38}}, 0x0) ioctl$SIOCSIFHWADDR(r1, 0x8914, 0x0) kernel console output (not intermixed with test programs): to 1024 [ 589.844511][T30181] loop4: detected capacity change from 0 to 2368 [ 589.852365][T30183] EXT4-fs: inline encryption not supported [ 589.879679][T30183] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 589.943731][T30195] loop1: detected capacity change from 0 to 1024 [ 589.950561][T30195] EXT4-fs: inline encryption not supported [ 589.958201][T26442] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 589.969254][T30195] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 589.981962][T30197] loop4: detected capacity change from 0 to 512 [ 589.989116][T30197] EXT4-fs: Mount option(s) incompatible with ext3 [ 590.043816][T30203] pim6reg: entered allmulticast mode [ 590.051719][T27404] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 590.061867][T30203] pim6reg: left allmulticast mode [ 590.365114][T30214] loop1: detected capacity change from 0 to 512 [ 590.390997][T30208] loop3: detected capacity change from 0 to 8192 [ 590.425682][T30214] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 590.542425][T30214] ext4 filesystem being mounted at /190/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 590.737630][T30227] netlink: 12 bytes leftover after parsing attributes in process `syz.2.10268'. [ 590.915958][T30237] loop2: detected capacity change from 0 to 128 [ 590.931617][T30237] EXT4-fs: Ignoring removed nobh option [ 590.954400][T30237] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 590.967729][T30239] loop0: detected capacity change from 0 to 512 [ 590.974841][T30235] loop4: detected capacity change from 0 to 8192 [ 590.987579][T30239] EXT4-fs: Mount option(s) incompatible with ext3 [ 590.998910][T27404] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 591.018779][T30237] ext4 filesystem being mounted at /296/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 591.093040][T25816] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 591.189529][T30243] loop5: detected capacity change from 0 to 7 [ 591.195835][T30243] loop5: unable to read partition table [ 591.215576][T30243] loop_reread_partitions: partition scan of loop5 (被xڬdGݡ [ 591.215576][T30243] ) failed (rc=-5) [ 591.253095][T30248] xt_recent: Unsupported userspace flags (000000b1) [ 591.405919][T30252] loop3: detected capacity change from 0 to 512 [ 591.436798][T30252] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 591.492321][T30252] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4193: comm syz.3.10277: Allocating blocks 41-42 which overlap fs metadata [ 591.545838][T30252] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4193: comm syz.3.10277: Allocating blocks 41-42 which overlap fs metadata [ 591.600570][T30252] EXT4-fs error (device loop3): ext4_acquire_dquot:6945: comm syz.3.10277: Failed to acquire dquot type 1 [ 591.643229][T30252] EXT4-fs error (device loop3): mb_free_blocks:2017: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt. [ 591.712262][T30252] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #12: comm syz.3.10277: corrupted inode contents [ 591.739952][T30252] EXT4-fs error (device loop3): ext4_dirty_inode:6517: inode #12: comm syz.3.10277: mark_inode_dirty error [ 591.840139][T30252] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #12: comm syz.3.10277: corrupted inode contents [ 591.855822][T30252] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #12: comm syz.3.10277: mark_inode_dirty error [ 591.882897][T30252] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #12: comm syz.3.10277: corrupted inode contents [ 591.884703][T30260] pim6reg: entered allmulticast mode [ 591.902287][T30260] pim6reg: left allmulticast mode [ 591.909822][T30252] EXT4-fs error (device loop3) in ext4_orphan_del:301: Corrupt filesystem [ 591.919100][T30252] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #12: comm syz.3.10277: corrupted inode contents [ 591.931428][T30252] EXT4-fs error (device loop3): ext4_truncate:4637: inode #12: comm syz.3.10277: mark_inode_dirty error [ 591.943485][T30252] EXT4-fs error (device loop3) in ext4_process_orphan:343: Corrupt filesystem [ 591.952900][T30252] EXT4-fs (loop3): 1 truncate cleaned up [ 591.970895][T30252] siw: device registration error -23 [ 592.015319][T30256] loop1: detected capacity change from 0 to 512 [ 592.052571][T30256] ext4 filesystem being mounted at /192/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 592.114124][T30281] loop1: detected capacity change from 0 to 1024 [ 592.124117][T30283] pim6reg: entered allmulticast mode [ 592.128645][T30281] EXT4-fs: inline encryption not supported [ 592.132111][T30283] pim6reg: left allmulticast mode [ 592.230701][T30294] loop4: detected capacity change from 0 to 512 [ 592.260887][T30296] pim6reg: entered allmulticast mode [ 592.268306][T30294] ext4 filesystem being mounted at /325/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 592.282486][T30296] pim6reg: left allmulticast mode [ 592.326078][T30304] loop3: detected capacity change from 0 to 1024 [ 592.339543][T30304] EXT4-fs: inline encryption not supported [ 592.404756][T30311] pim6reg: entered allmulticast mode [ 592.418353][T30311] pim6reg: left allmulticast mode [ 592.445370][T30313] FAULT_INJECTION: forcing a failure. [ 592.445370][T30313] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 592.458723][T30313] CPU: 0 UID: 0 PID: 30313 Comm: syz.3.10295 Not tainted syzkaller #0 PREEMPT(voluntary) [ 592.458791][T30313] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 592.458806][T30313] Call Trace: [ 592.458814][T30313] [ 592.458824][T30313] __dump_stack+0x1d/0x30 [ 592.458876][T30313] dump_stack_lvl+0xe8/0x140 [ 592.458974][T30313] dump_stack+0x15/0x1b [ 592.458993][T30313] should_fail_ex+0x265/0x280 [ 592.459052][T30313] should_fail+0xb/0x20 [ 592.459068][T30313] should_fail_usercopy+0x1a/0x20 [ 592.459092][T30313] _copy_from_user+0x1c/0xb0 [ 592.459124][T30313] ___sys_recvmsg+0xaa/0x370 [ 592.459187][T30313] ? 0xffffffff81000000 [ 592.459208][T30313] ? __rcu_read_unlock+0x4f/0x70 [ 592.459258][T30313] __x64_sys_recvmsg+0xd1/0x160 [ 592.459314][T30313] x64_sys_call+0x2b46/0x3000 [ 592.459343][T30313] do_syscall_64+0xd2/0x200 [ 592.459410][T30313] ? arch_exit_to_user_mode_prepare+0x27/0x80 [ 592.459495][T30313] ? irqentry_exit_to_user_mode+0x7b/0xa0 [ 592.459563][T30313] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 592.459598][T30313] RIP: 0033:0x7fc735c2f749 [ 592.459617][T30313] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 592.459640][T30313] RSP: 002b:00007fc73468f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 592.459666][T30313] RAX: ffffffffffffffda RBX: 00007fc735e85fa0 RCX: 00007fc735c2f749 [ 592.459681][T30313] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003 [ 592.459711][T30313] RBP: 00007fc73468f090 R08: 0000000000000000 R09: 0000000000000000 [ 592.459723][T30313] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 592.459775][T30313] R13: 00007fc735e86038 R14: 00007fc735e85fa0 R15: 00007ffcab3153e8 [ 592.459801][T30313] [ 592.718392][T30325] loop2: detected capacity change from 0 to 128 [ 592.892764][T30345] loop2: detected capacity change from 0 to 512 [ 592.946057][T30345] EXT4-fs: Mount option(s) incompatible with ext3 [ 592.993350][T30351] xt_hashlimit: max too large, truncated to 1048576 [ 593.004937][T30351] loop0: detected capacity change from 0 to 512 [ 593.012770][T30351] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 593.042552][T30351] EXT4-fs (loop0): orphan cleanup on readonly fs [ 593.059871][T30351] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm wޣ: bg 0: block 248: padding at end of block bitmap is not set [ 593.127547][T30351] __quota_error: 889 callbacks suppressed [ 593.127567][T30351] Quota error (device loop0): write_blk: dquota write failed [ 593.140864][T30351] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota [ 593.150853][T30351] EXT4-fs error (device loop0): ext4_acquire_dquot:6945: comm wޣ: Failed to acquire dquot type 1 [ 593.313172][ T29] audit: type=1326 audit(1764469433.327:82424): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30357 comm="syz.4.10313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b3f77f749 code=0x7ffc0000 [ 593.535888][ T29] audit: type=1326 audit(1764469433.367:82425): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30357 comm="syz.4.10313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0b3f77f749 code=0x7ffc0000 [ 593.559834][ T29] audit: type=1326 audit(1764469433.367:82426): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30357 comm="syz.4.10313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b3f77f749 code=0x7ffc0000 [ 593.583740][ T29] audit: type=1326 audit(1764469433.367:82427): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30357 comm="syz.4.10313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b3f77f749 code=0x7ffc0000 [ 593.607460][ T29] audit: type=1326 audit(1764469433.367:82428): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30357 comm="syz.4.10313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0b3f77f749 code=0x7ffc0000 [ 593.631172][ T29] audit: type=1326 audit(1764469433.367:82429): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30357 comm="syz.4.10313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b3f77f749 code=0x7ffc0000 [ 593.654968][ T29] audit: type=1326 audit(1764469433.367:82430): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30357 comm="syz.4.10313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b3f77f749 code=0x7ffc0000 [ 593.678670][ T29] audit: type=1326 audit(1764469433.367:82431): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30357 comm="syz.4.10313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0b3f77f749 code=0x7ffc0000 [ 594.053122][T30351] EXT4-fs (loop0): 1 truncate cleaned up [ 594.149265][T30376] loop0: detected capacity change from 0 to 1024 [ 594.157579][T30376] EXT4-fs: inline encryption not supported [ 594.167126][T30380] netlink: 12 bytes leftover after parsing attributes in process `syz.4.10321'. [ 594.199959][T30381] FAULT_INJECTION: forcing a failure. [ 594.199959][T30381] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 594.213140][T30381] CPU: 1 UID: 0 PID: 30381 Comm: syz.1.10317 Not tainted syzkaller #0 PREEMPT(voluntary) [ 594.213176][T30381] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 594.213189][T30381] Call Trace: [ 594.213197][T30381] [ 594.213206][T30381] __dump_stack+0x1d/0x30 [ 594.213232][T30381] dump_stack_lvl+0xe8/0x140 [ 594.213313][T30381] dump_stack+0x15/0x1b [ 594.213383][T30381] should_fail_ex+0x265/0x280 [ 594.213405][T30381] should_fail+0xb/0x20 [ 594.213420][T30381] should_fail_usercopy+0x1a/0x20 [ 594.213440][T30381] _copy_from_user+0x1c/0xb0 [ 594.213470][T30381] __sys_bpf+0x183/0x7c0 [ 594.213559][T30381] __x64_sys_bpf+0x41/0x50 [ 594.213591][T30381] x64_sys_call+0x2aee/0x3000 [ 594.213628][T30381] do_syscall_64+0xd2/0x200 [ 594.213654][T30381] ? arch_exit_to_user_mode_prepare+0x27/0x80 [ 594.213684][T30381] ? irqentry_exit_to_user_mode+0x7b/0xa0 [ 594.213717][T30381] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 594.213809][T30381] RIP: 0033:0x7f6e51aff749 [ 594.213828][T30381] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 594.213848][T30381] RSP: 002b:00007f6e50546038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 594.213870][T30381] RAX: ffffffffffffffda RBX: 00007f6e51d56090 RCX: 00007f6e51aff749 [ 594.213884][T30381] RDX: 0000000000000038 RSI: 0000200000000080 RDI: 000000000000001b [ 594.213949][T30381] RBP: 00007f6e50546090 R08: 0000000000000000 R09: 0000000000000000 [ 594.213965][T30381] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 594.213980][T30381] R13: 00007f6e51d56128 R14: 00007f6e51d56090 R15: 00007ffdd2485648 [ 594.214005][T30381] [ 594.479964][T30387] netlink: 12 bytes leftover after parsing attributes in process `syz.3.10323'. [ 594.526467][T30385] loop4: detected capacity change from 0 to 8192 [ 594.576041][T30385] bio_check_eod: 33635 callbacks suppressed [ 594.576056][T30385] syz.4.10322: attempt to access beyond end of device [ 594.576056][T30385] loop4: rw=0, sector=57847, nr_sectors = 1 limit=8192 [ 594.595741][T30385] buffer_io_error: 33637 callbacks suppressed [ 594.595760][T30385] Buffer I/O error on dev loop4, logical block 57847, async page read [ 594.611102][T30385] syz.4.10322: attempt to access beyond end of device [ 594.611102][T30385] loop4: rw=0, sector=57847, nr_sectors = 1 limit=8192 [ 594.624799][T30385] Buffer I/O error on dev loop4, logical block 57847, async page read [ 594.635185][T30385] syz.4.10322: attempt to access beyond end of device [ 594.635185][T30385] loop4: rw=0, sector=57847, nr_sectors = 1 limit=8192 [ 594.648814][T30385] Buffer I/O error on dev loop4, logical block 57847, async page read [ 594.659117][T30385] syz.4.10322: attempt to access beyond end of device [ 594.659117][T30385] loop4: rw=0, sector=57847, nr_sectors = 1 limit=8192 [ 594.672758][T30385] Buffer I/O error on dev loop4, logical block 57847, async page read [ 594.682432][T30385] syz.4.10322: attempt to access beyond end of device [ 594.682432][T30385] loop4: rw=0, sector=57847, nr_sectors = 1 limit=8192 [ 594.696019][T30385] Buffer I/O error on dev loop4, logical block 57847, async page read [ 594.704759][T30385] syz.4.10322: attempt to access beyond end of device [ 594.704759][T30385] loop4: rw=0, sector=57847, nr_sectors = 1 limit=8192 [ 594.718316][T30385] Buffer I/O error on dev loop4, logical block 57847, async page read [ 594.726953][T30385] syz.4.10322: attempt to access beyond end of device [ 594.726953][T30385] loop4: rw=0, sector=57847, nr_sectors = 1 limit=8192 [ 594.740590][T30385] Buffer I/O error on dev loop4, logical block 57847, async page read [ 594.760650][T30398] loop3: detected capacity change from 0 to 512 [ 594.767412][T30385] syz.4.10322: attempt to access beyond end of device [ 594.767412][T30385] loop4: rw=0, sector=57847, nr_sectors = 1 limit=8192 [ 594.776047][T30398] EXT4-fs: Mount option(s) incompatible with ext3 [ 594.781057][T30385] Buffer I/O error on dev loop4, logical block 57847, async page read [ 594.800822][T30402] loop1: detected capacity change from 0 to 1024 [ 594.808383][T30385] syz.4.10322: attempt to access beyond end of device [ 594.808383][T30385] loop4: rw=0, sector=57847, nr_sectors = 1 limit=8192 [ 594.822011][T30385] Buffer I/O error on dev loop4, logical block 57847, async page read [ 594.830880][T30385] syz.4.10322: attempt to access beyond end of device [ 594.830880][T30385] loop4: rw=0, sector=57847, nr_sectors = 1 limit=8192 [ 594.844440][T30385] Buffer I/O error on dev loop4, logical block 57847, async page read [ 594.993330][T30409] loop0: detected capacity change from 0 to 1024 [ 595.017856][T30409] EXT4-fs: inline encryption not supported [ 595.617887][T30417] netlink: 12 bytes leftover after parsing attributes in process `syz.3.10333'. [ 595.766502][T30432] loop0: detected capacity change from 0 to 1024 [ 595.786833][T30432] EXT4-fs: inline encryption not supported [ 595.796514][T30402] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters [ 595.982408][T30447] netlink: 'syz.3.10342': attribute type 1 has an invalid length. [ 596.003262][T30449] loop1: detected capacity change from 0 to 512 [ 596.017605][T30447] bond2: (slave ip6gretap1): Enslaving as a backup interface with an up link [ 596.021418][T30449] EXT4-fs: Mount option(s) incompatible with ext3 [ 596.029027][T30447] 8021q: adding VLAN 0 to HW filter on device bond2 [ 596.047658][T30447] loop3: detected capacity change from 0 to 1024 [ 596.048298][T13270] net_ratelimit: 3 callbacks suppressed [ 596.048316][T13270] bond2: Warning: No 802.3ad response from the link partner for any adapters in the bond [ 596.071953][T30455] vhci_hcd: default hub control req: 0700 v0000 i0007 l0 [ 596.222614][ T172] bond2: Warning: No 802.3ad response from the link partner for any adapters in the bond [ 596.249902][T30460] 9p: Unknown Cache mode or invalid value fsca [ 596.432454][T30470] loop5: detected capacity change from 0 to 7 [ 596.446481][T30468] FAULT_INJECTION: forcing a failure. [ 596.446481][T30468] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 596.459725][T30468] CPU: 1 UID: 0 PID: 30468 Comm: syz.2.10350 Not tainted syzkaller #0 PREEMPT(voluntary) [ 596.459790][T30468] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 596.459806][T30468] Call Trace: [ 596.459814][T30468] [ 596.459825][T30468] __dump_stack+0x1d/0x30 [ 596.459851][T30468] dump_stack_lvl+0xe8/0x140 [ 596.459895][T30468] dump_stack+0x15/0x1b [ 596.459917][T30468] should_fail_ex+0x265/0x280 [ 596.459949][T30468] should_fail+0xb/0x20 [ 596.460019][T30468] should_fail_usercopy+0x1a/0x20 [ 596.460045][T30468] _copy_from_user+0x1c/0xb0 [ 596.460078][T30468] do_ipt_set_ctl+0x3a0/0x820 [ 596.460122][T30468] ? __schedule+0x6b9/0xb30 [ 596.460165][T30468] nf_setsockopt+0x199/0x1b0 [ 596.460240][T30468] ip_setsockopt+0x102/0x110 [ 596.460289][T30468] tcp_setsockopt+0x98/0xb0 [ 596.460381][T30468] sock_common_setsockopt+0x69/0x80 [ 596.460421][T30468] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 596.460458][T30468] __sys_setsockopt+0x184/0x200 [ 596.460530][T30468] __x64_sys_setsockopt+0x64/0x80 [ 596.460562][T30468] x64_sys_call+0x20ec/0x3000 [ 596.460583][T30468] do_syscall_64+0xd2/0x200 [ 596.460604][T30468] ? arch_exit_to_user_mode_prepare+0x27/0x80 [ 596.460697][T30468] ? irqentry_exit_to_user_mode+0x7b/0xa0 [ 596.460732][T30468] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 596.460815][T30468] RIP: 0033:0x7f3f1be5f749 [ 596.460831][T30468] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 596.460848][T30468] RSP: 002b:00007f3f1a8bf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 596.460871][T30468] RAX: ffffffffffffffda RBX: 00007f3f1c0b5fa0 RCX: 00007f3f1be5f749 [ 596.460883][T30468] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000004 [ 596.460949][T30468] RBP: 00007f3f1a8bf090 R08: 0000000000000500 R09: 0000000000000000 [ 596.460965][T30468] R10: 0000200000000580 R11: 0000000000000246 R12: 0000000000000001 [ 596.460981][T30468] R13: 00007f3f1c0b6038 R14: 00007f3f1c0b5fa0 R15: 00007ffef6c11f08 [ 596.461005][T30468] [ 596.672805][T30470] loop5: unable to read partition table [ 596.678574][T30470] loop_reread_partitions: partition scan of loop5 (被xڬdGݡ [ 596.678574][T30470] ) failed (rc=-5) [ 596.693936][T30470] xt_recent: Unsupported userspace flags (000000b1) [ 596.702542][T30473] netlink: 188 bytes leftover after parsing attributes in process `syz.2.10351'. [ 596.783603][T30478] loop4: detected capacity change from 0 to 1024 [ 596.791991][T30478] EXT4-fs: inline encryption not supported [ 596.912543][T30484] loop1: detected capacity change from 0 to 512 [ 596.923302][T30484] EXT4-fs: inline encryption not supported [ 596.938661][T30484] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 596.958919][T30488] loop4: detected capacity change from 0 to 512 [ 596.967120][T30488] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended [ 596.979126][T30488] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4193: comm syz.4.10356: Allocating blocks 41-42 which overlap fs metadata [ 596.987201][T30484] EXT4-fs (loop1): 1 truncate cleaned up [ 597.000623][T30484] netlink: 4 bytes leftover after parsing attributes in process `syz.1.10354'. [ 597.011761][T30488] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4193: comm syz.4.10356: Allocating blocks 41-42 which overlap fs metadata [ 597.017903][T30484] netlink: 4 bytes leftover after parsing attributes in process `syz.1.10354'. [ 597.038592][T30488] EXT4-fs error (device loop4): ext4_acquire_dquot:6945: comm syz.4.10356: Failed to acquire dquot type 1 [ 597.050449][T30488] EXT4-fs error (device loop4): mb_free_blocks:2017: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt. [ 597.065586][T30488] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #12: comm syz.4.10356: corrupted inode contents [ 597.066483][T30497] loop0: detected capacity change from 0 to 8192 [ 597.078296][T30488] EXT4-fs error (device loop4): ext4_dirty_inode:6517: inode #12: comm syz.4.10356: mark_inode_dirty error [ 597.097241][T30488] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #12: comm syz.4.10356: corrupted inode contents [ 597.109502][T30488] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #12: comm syz.4.10356: mark_inode_dirty error [ 597.121319][T30488] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #12: comm syz.4.10356: corrupted inode contents [ 597.141240][T30488] EXT4-fs error (device loop4) in ext4_orphan_del:301: Corrupt filesystem [ 597.157394][T30488] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #12: comm syz.4.10356: corrupted inode contents [ 597.172481][T30502] loop1: detected capacity change from 0 to 1024 [ 597.180889][T30488] EXT4-fs error (device loop4): ext4_truncate:4637: inode #12: comm syz.4.10356: mark_inode_dirty error [ 597.192985][T30502] EXT4-fs: inline encryption not supported [ 597.199631][T30488] EXT4-fs error (device loop4) in ext4_process_orphan:343: Corrupt filesystem [ 597.209702][T30488] EXT4-fs (loop4): 1 truncate cleaned up [ 597.233839][T30488] siw: device registration error -23 [ 597.312064][T30508] loop4: detected capacity change from 0 to 512 [ 597.319285][T30508] EXT4-fs: Mount option(s) incompatible with ext3 [ 597.478648][T30514] loop5: detected capacity change from 0 to 7 [ 597.485080][T30514] loop5: unable to read partition table [ 597.490976][T30514] loop_reread_partitions: partition scan of loop5 (被xڬdGݡ [ 597.490976][T30514] ) failed (rc=-5) [ 597.505161][T30514] xt_recent: Unsupported userspace flags (000000b1) [ 597.707756][T30520] loop2: detected capacity change from 0 to 1024 [ 597.734149][T30520] EXT4-fs: inline encryption not supported [ 598.032242][T30528] netlink: 8 bytes leftover after parsing attributes in process `syz.0.10367'. [ 598.041439][T30528] netlink: 8 bytes leftover after parsing attributes in process `syz.0.10367'. [ 598.051260][T30529] vhci_hcd: default hub control req: 0700 v0000 i0007 l0 [ 598.144499][T30546] loop0: detected capacity change from 0 to 512 [ 598.151634][T30546] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 598.161696][T30546] EXT4-fs (loop0): orphan cleanup on readonly fs [ 598.169217][T30546] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.10374: bg 0: block 248: padding at end of block bitmap is not set [ 598.184587][T30548] vhci_hcd: default hub control req: 0700 v0000 i0007 l0 [ 598.192156][T30546] __quota_error: 1273 callbacks suppressed [ 598.192172][T30546] Quota error (device loop0): write_blk: dquota write failed [ 598.205600][T30546] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota [ 598.215595][T30546] EXT4-fs error (device loop0): ext4_acquire_dquot:6945: comm syz.0.10374: Failed to acquire dquot type 1 [ 598.233951][T30550] loop4: detected capacity change from 0 to 1024 [ 598.240120][T30546] EXT4-fs (loop0): 1 truncate cleaned up [ 598.241992][T30550] EXT4-fs: inline encryption not supported [ 598.265013][ T29] audit: type=1326 audit(1764469438.277:83701): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30549 comm="syz.4.10375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b3f77f749 code=0x7ffc0000 [ 598.289028][ T29] audit: type=1326 audit(1764469438.277:83702): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30549 comm="syz.4.10375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b3f77f749 code=0x7ffc0000 [ 598.312922][ T29] audit: type=1326 audit(1764469438.277:83703): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30549 comm="syz.4.10375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b3f77f749 code=0x7ffc0000 [ 598.336704][ T29] audit: type=1326 audit(1764469438.277:83704): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30549 comm="syz.4.10375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b3f77f749 code=0x7ffc0000 [ 598.361076][ T29] audit: type=1326 audit(1764469438.277:83705): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30549 comm="syz.4.10375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0b3f77f749 code=0x7ffc0000 [ 598.384861][ T29] audit: type=1326 audit(1764469438.277:83706): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30549 comm="syz.4.10375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b3f77f749 code=0x7ffc0000 [ 598.408548][ T29] audit: type=1326 audit(1764469438.277:83707): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30549 comm="syz.4.10375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b3f77f749 code=0x7ffc0000 [ 598.432501][ T29] audit: type=1326 audit(1764469438.277:83708): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30549 comm="syz.4.10375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b3f77f749 code=0x7ffc0000 [ 598.470749][T30558] loop0: detected capacity change from 0 to 1024 [ 598.471406][T30560] pim6reg: entered allmulticast mode [ 598.478000][T30558] EXT4-fs: inline encryption not supported [ 598.488013][T30560] pim6reg: left allmulticast mode [ 598.536416][T30564] loop0: detected capacity change from 0 to 512 [ 598.555138][T30564] EXT4-fs: Mount option(s) incompatible with ext3 [ 598.687847][T30577] netlink: 12 bytes leftover after parsing attributes in process `syz.4.10385'. [ 599.049282][T30587] loop3: detected capacity change from 0 to 1024 [ 599.105233][T30587] EXT4-fs: inline encryption not supported [ 599.118685][T30589] loop1: detected capacity change from 0 to 512 [ 599.138567][T30589] EXT4-fs: Mount option(s) incompatible with ext3 [ 599.192920][T30596] loop4: detected capacity change from 0 to 1024 [ 599.260890][T30600] loop3: detected capacity change from 0 to 1024 [ 599.268424][T30600] EXT4-fs: inline encryption not supported [ 599.579530][T30614] netlink: 8 bytes leftover after parsing attributes in process `syz.0.10398'. [ 599.588659][T30614] netlink: 8 bytes leftover after parsing attributes in process `syz.0.10398'. [ 599.600414][T30612] loop2: detected capacity change from 0 to 128 [ 599.774205][T30625] loop3: detected capacity change from 0 to 512 [ 599.781982][T30623] loop2: detected capacity change from 0 to 128 [ 599.789885][T30625] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 599.802597][T30625] EXT4-fs (loop3): orphan cleanup on readonly fs [ 599.816399][T30625] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.10402: bg 0: block 248: padding at end of block bitmap is not set [ 599.832453][T30625] EXT4-fs error (device loop3): ext4_acquire_dquot:6945: comm syz.3.10402: Failed to acquire dquot type 1 [ 599.848589][T30625] EXT4-fs (loop3): 1 truncate cleaned up [ 600.007342][T30647] loop5: detected capacity change from 0 to 7 [ 600.012326][T30645] netlink: 12 bytes leftover after parsing attributes in process `syz.4.10411'. [ 600.013833][T30647] buffer_io_error: 18099 callbacks suppressed [ 600.013850][T30647] Buffer I/O error on dev loop5, logical block 0, async page read [ 600.036833][T30647] Buffer I/O error on dev loop5, logical block 0, async page read [ 600.044744][T30647] loop5: unable to read partition table [ 600.050960][T30647] loop_reread_partitions: partition scan of loop5 (被xڬdGݡ [ 600.050960][T30647] ) failed (rc=-5) [ 600.067496][T30651] xt_recent: Unsupported userspace flags (000000b1) [ 600.122924][T30658] pim6reg: entered allmulticast mode [ 600.164204][T30660] pim6reg: entered allmulticast mode [ 600.175704][T30662] loop4: detected capacity change from 0 to 1024 [ 600.193031][T30662] EXT4-fs: inline encryption not supported [ 600.200346][T30660] pim6reg: left allmulticast mode [ 600.298807][T30668] loop4: detected capacity change from 0 to 512 [ 600.311256][T30668] EXT4-fs: Mount option(s) incompatible with ext3 [ 600.542282][T30675] loop5: detected capacity change from 0 to 7 [ 600.573041][T30675] Buffer I/O error on dev loop5, logical block 0, async page read [ 600.603439][T30678] xt_recent: Unsupported userspace flags (000000b1) [ 600.613766][T30675] Buffer I/O error on dev loop5, logical block 0, async page read [ 600.621787][T30675] loop5: unable to read partition table [ 600.673407][T30675] loop_reread_partitions: partition scan of loop5 (被xڬdGݡ [ 600.673407][T30675] ) failed (rc=-5) [ 601.029002][T30686] loop3: detected capacity change from 0 to 1024 [ 601.043106][T30686] EXT4-fs: inline encryption not supported [ 601.077132][T30693] netlink: 12 bytes leftover after parsing attributes in process `syz.2.10427'. [ 601.175353][T30696] vhci_hcd: default hub control req: 0700 v0000 i0007 l0 [ 601.200508][T30698] pim6reg: entered allmulticast mode [ 601.218065][T30698] pim6reg: left allmulticast mode [ 601.479115][T30717] netlink: 131740 bytes leftover after parsing attributes in process `syz.3.10434'. [ 601.490042][T30717] netlink: zone id is out of range [ 601.495201][T30717] netlink: zone id is out of range [ 601.500832][T30717] netlink: del zone limit has 8 unknown bytes [ 601.531406][T30716] loop4: detected capacity change from 0 to 512 [ 601.558609][T30716] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended [ 601.592286][T30716] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4193: comm syz.4.10436: Allocating blocks 41-42 which overlap fs metadata [ 601.622382][T30716] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4193: comm syz.4.10436: Allocating blocks 41-42 which overlap fs metadata [ 601.652305][T30716] EXT4-fs error (device loop4): ext4_acquire_dquot:6945: comm syz.4.10436: Failed to acquire dquot type 1 [ 601.664424][T30727] loop1: detected capacity change from 0 to 1024 [ 601.677904][T30716] EXT4-fs error (device loop4): mb_free_blocks:2017: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt. [ 601.692781][T30716] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #12: comm syz.4.10436: corrupted inode contents [ 601.705834][T30716] EXT4-fs error (device loop4): ext4_dirty_inode:6517: inode #12: comm syz.4.10436: mark_inode_dirty error [ 601.726581][T30716] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #12: comm syz.4.10436: corrupted inode contents [ 601.743723][T30716] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #12: comm syz.4.10436: mark_inode_dirty error [ 601.768798][T30716] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #12: comm syz.4.10436: corrupted inode contents [ 601.771627][T30731] loop1: detected capacity change from 0 to 1024 [ 601.799038][T30716] EXT4-fs error (device loop4) in ext4_orphan_del:301: Corrupt filesystem [ 601.807432][T30731] EXT4-fs: inline encryption not supported [ 601.813784][T30716] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #12: comm syz.4.10436: corrupted inode contents [ 601.834333][T30716] EXT4-fs error (device loop4): ext4_truncate:4637: inode #12: comm syz.4.10436: mark_inode_dirty error [ 601.854677][T30716] EXT4-fs error (device loop4) in ext4_process_orphan:343: Corrupt filesystem [ 601.872836][T30716] EXT4-fs (loop4): 1 truncate cleaned up [ 601.915291][T30716] siw: device registration error -23 [ 602.070295][T30751] loop4: detected capacity change from 0 to 1024 [ 602.099840][T30751] FAULT_INJECTION: forcing a failure. [ 602.099840][T30751] name failslab, interval 1, probability 0, space 0, times 0 [ 602.112596][T30751] CPU: 1 UID: 0 PID: 30751 Comm: syz.4.10447 Not tainted syzkaller #0 PREEMPT(voluntary) [ 602.112623][T30751] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 602.112635][T30751] Call Trace: [ 602.112641][T30751] [ 602.112685][T30751] __dump_stack+0x1d/0x30 [ 602.112722][T30751] dump_stack_lvl+0xe8/0x140 [ 602.112795][T30751] dump_stack+0x15/0x1b [ 602.112813][T30751] should_fail_ex+0x265/0x280 [ 602.112836][T30751] should_failslab+0x8c/0xb0 [ 602.112873][T30751] kmem_cache_alloc_noprof+0x50/0x480 [ 602.112940][T30751] ? getname_flags+0x80/0x3b0 [ 602.112983][T30751] ? __fget_files+0x184/0x1c0 [ 602.113060][T30751] getname_flags+0x80/0x3b0 [ 602.113096][T30751] path_listxattrat+0x7e/0x2a0 [ 602.113143][T30751] __x64_sys_listxattr+0x4a/0x60 [ 602.113234][T30751] x64_sys_call+0x2e06/0x3000 [ 602.113258][T30751] do_syscall_64+0xd2/0x200 [ 602.113280][T30751] ? arch_exit_to_user_mode_prepare+0x27/0x80 [ 602.113316][T30751] ? irqentry_exit_to_user_mode+0x7b/0xa0 [ 602.113368][T30751] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 602.113396][T30751] RIP: 0033:0x7f0b3f77f749 [ 602.113415][T30751] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 602.113436][T30751] RSP: 002b:00007f0b3e1e7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000c2 [ 602.113478][T30751] RAX: ffffffffffffffda RBX: 00007f0b3f9d5fa0 RCX: 00007f0b3f77f749 [ 602.113493][T30751] RDX: 0000000000100000 RSI: 0000000000000000 RDI: 0000200000000100 [ 602.113506][T30751] RBP: 00007f0b3e1e7090 R08: 0000000000000000 R09: 0000000000000000 [ 602.113519][T30751] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 602.113533][T30751] R13: 00007f0b3f9d6038 R14: 00007f0b3f9d5fa0 R15: 00007ffdadeb01b8 [ 602.113557][T30751] [ 602.396724][T30760] loop3: detected capacity change from 0 to 512 [ 602.421071][T30763] loop0: detected capacity change from 0 to 128 [ 602.434191][T30760] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 602.464522][T30767] loop4: detected capacity change from 0 to 512 [ 602.478011][T30760] EXT4-fs (loop3): orphan cleanup on readonly fs [ 602.485770][T30767] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended [ 602.487634][T30769] loop2: detected capacity change from 0 to 1024 [ 602.497705][T30760] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm wޣ: bg 0: block 248: padding at end of block bitmap is not set [ 602.533831][T30767] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4193: comm syz.4.10454: Allocating blocks 41-42 which overlap fs metadata [ 602.550580][T30760] EXT4-fs error (device loop3): ext4_acquire_dquot:6945: comm wޣ: Failed to acquire dquot type 1 [ 602.562533][T30769] EXT4-fs: inline encryption not supported [ 602.572592][T30767] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4193: comm syz.4.10454: Allocating blocks 41-42 which overlap fs metadata [ 602.604457][T30760] EXT4-fs (loop3): 1 truncate cleaned up [ 602.638223][T30767] EXT4-fs error (device loop4): ext4_acquire_dquot:6945: comm syz.4.10454: Failed to acquire dquot type 1 [ 602.704791][T30767] EXT4-fs error (device loop4): mb_free_blocks:2017: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt. [ 602.751658][T30781] pim6reg: entered allmulticast mode [ 602.797018][T30767] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #12: comm syz.4.10454: corrupted inode contents [ 602.814960][T30786] pim6reg: left allmulticast mode [ 602.819163][T30767] EXT4-fs error (device loop4): ext4_dirty_inode:6517: inode #12: comm syz.4.10454: mark_inode_dirty error [ 602.868627][T30767] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #12: comm syz.4.10454: corrupted inode contents [ 602.911594][T30767] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #12: comm syz.4.10454: mark_inode_dirty error [ 602.933302][T30767] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #12: comm syz.4.10454: corrupted inode contents [ 602.979482][T30767] EXT4-fs error (device loop4) in ext4_orphan_del:301: Corrupt filesystem [ 602.999341][T30797] netlink: 131740 bytes leftover after parsing attributes in process `syz.0.10462'. [ 603.008616][T30767] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #12: comm syz.4.10454: corrupted inode contents [ 603.038685][T30767] EXT4-fs error (device loop4): ext4_truncate:4637: inode #12: comm syz.4.10454: mark_inode_dirty error [ 603.045064][T30797] netlink: zone id is out of range [ 603.055094][T30797] netlink: zone id is out of range [ 603.059062][T30767] EXT4-fs error (device loop4) in ext4_process_orphan:343: Corrupt filesystem [ 603.080704][T30767] EXT4-fs (loop4): 1 truncate cleaned up [ 603.106717][T30767] siw: device registration error -23 [ 603.115860][T30797] netlink: zone id is out of range [ 603.126361][T30797] netlink: del zone limit has 8 unknown bytes [ 603.175005][T30804] loop3: detected capacity change from 0 to 128 [ 603.330331][T30817] loop3: detected capacity change from 0 to 128 [ 603.341802][T30816] loop4: detected capacity change from 0 to 1024 [ 603.438729][T30821] loop3: detected capacity change from 0 to 1024 [ 603.473284][T30821] EXT4-fs: inline encryption not supported [ 603.480093][T30816] netlink: 4 bytes leftover after parsing attributes in process `syz.4.10471'. [ 603.531027][ T29] kauditd_printk_skb: 839 callbacks suppressed [ 603.531056][ T29] audit: type=1326 audit(1764469443.547:84536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30820 comm="syz.3.10472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc735c2f749 code=0x7ffc0000 [ 603.586920][ T29] audit: type=1326 audit(1764469443.547:84537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30820 comm="syz.3.10472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc735c2f749 code=0x7ffc0000 [ 603.610703][ T29] audit: type=1326 audit(1764469443.557:84538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30820 comm="syz.3.10472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc735c2f749 code=0x7ffc0000 [ 603.634576][ T29] audit: type=1326 audit(1764469443.557:84539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30820 comm="syz.3.10472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc735c2f749 code=0x7ffc0000 [ 603.658325][ T29] audit: type=1326 audit(1764469443.557:84540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30820 comm="syz.3.10472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc735c2f749 code=0x7ffc0000 [ 603.682095][ T29] audit: type=1326 audit(1764469443.557:84541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30820 comm="syz.3.10472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc735c2f749 code=0x7ffc0000 [ 603.705918][ T29] audit: type=1326 audit(1764469443.557:84542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30820 comm="syz.3.10472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc735c2f749 code=0x7ffc0000 [ 603.729692][ T29] audit: type=1326 audit(1764469443.557:84543): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30820 comm="syz.3.10472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc735c2f749 code=0x7ffc0000 [ 603.753456][ T29] audit: type=1326 audit(1764469443.557:84544): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30820 comm="syz.3.10472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc735c2f749 code=0x7ffc0000 [ 603.777153][ T29] audit: type=1326 audit(1764469443.557:84545): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30820 comm="syz.3.10472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fc735c2f749 code=0x7ffc0000 [ 603.852796][T30828] loop0: detected capacity change from 0 to 1024 [ 603.870053][T30828] EXT4-fs: inline encryption not supported [ 603.934446][T30831] loop4: detected capacity change from 0 to 512 [ 603.948807][T30836] loop3: detected capacity change from 0 to 512 [ 603.956931][T30831] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended [ 603.989290][T30836] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 604.008922][T30831] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4193: comm syz.4.10476: Allocating blocks 41-42 which overlap fs metadata [ 604.012351][T30839] pim6reg: entered allmulticast mode [ 604.049150][T30839] pim6reg: left allmulticast mode [ 604.057586][T30844] FAULT_INJECTION: forcing a failure. [ 604.057586][T30844] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 604.070732][T30844] CPU: 0 UID: 0 PID: 30844 Comm: syz.1.10480 Not tainted syzkaller #0 PREEMPT(voluntary) [ 604.070815][T30844] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 604.070829][T30844] Call Trace: [ 604.070838][T30844] [ 604.070849][T30844] __dump_stack+0x1d/0x30 [ 604.070877][T30844] dump_stack_lvl+0xe8/0x140 [ 604.070904][T30844] dump_stack+0x15/0x1b [ 604.070927][T30844] should_fail_ex+0x265/0x280 [ 604.071027][T30844] should_fail+0xb/0x20 [ 604.071044][T30844] should_fail_usercopy+0x1a/0x20 [ 604.071065][T30844] _copy_from_user+0x1c/0xb0 [ 604.071156][T30844] ___sys_sendmsg+0xc1/0x1d0 [ 604.071199][T30844] __x64_sys_sendmsg+0xd4/0x160 [ 604.071231][T30844] x64_sys_call+0x191e/0x3000 [ 604.071278][T30844] do_syscall_64+0xd2/0x200 [ 604.071304][T30844] ? arch_exit_to_user_mode_prepare+0x27/0x80 [ 604.071349][T30844] ? irqentry_exit_to_user_mode+0x7b/0xa0 [ 604.071395][T30844] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 604.071421][T30844] RIP: 0033:0x7f6e51aff749 [ 604.071438][T30844] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 604.071507][T30844] RSP: 002b:00007f6e50567038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 604.071578][T30844] RAX: ffffffffffffffda RBX: 00007f6e51d55fa0 RCX: 00007f6e51aff749 [ 604.071595][T30844] RDX: 0000000000004000 RSI: 0000200000002ac0 RDI: 0000000000000003 [ 604.071610][T30844] RBP: 00007f6e50567090 R08: 0000000000000000 R09: 0000000000000000 [ 604.071622][T30844] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 604.071634][T30844] R13: 00007f6e51d56038 R14: 00007f6e51d55fa0 R15: 00007ffdd2485648 [ 604.071655][T30844] [ 604.247297][T30831] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4193: comm syz.4.10476: Allocating blocks 41-42 which overlap fs metadata [ 604.287317][T30831] EXT4-fs error (device loop4): ext4_acquire_dquot:6945: comm syz.4.10476: Failed to acquire dquot type 1 [ 604.302576][T30836] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4193: comm syz.3.10477: Allocating blocks 41-42 which overlap fs metadata [ 604.317046][T30831] EXT4-fs error (device loop4): mb_free_blocks:2017: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt. [ 604.388465][T30836] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4193: comm syz.3.10477: Allocating blocks 41-42 which overlap fs metadata [ 604.419175][T30831] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #12: comm syz.4.10476: corrupted inode contents [ 604.463309][T30852] netlink: 131740 bytes leftover after parsing attributes in process `syz.1.10482'. [ 604.477625][T30836] EXT4-fs error (device loop3): ext4_acquire_dquot:6945: comm syz.3.10477: Failed to acquire dquot type 1 [ 604.483342][T30852] netlink: zone id is out of range [ 604.494201][T30852] netlink: zone id is out of range [ 604.499708][T30831] EXT4-fs error (device loop4): ext4_dirty_inode:6517: inode #12: comm syz.4.10476: mark_inode_dirty error [ 604.525410][T30852] netlink: zone id is out of range [ 604.525723][T30836] EXT4-fs error (device loop3): mb_free_blocks:2017: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt. [ 604.565948][T30831] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #12: comm syz.4.10476: corrupted inode contents [ 604.607284][T30836] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #12: comm syz.3.10477: corrupted inode contents [ 604.620765][T30831] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #12: comm syz.4.10476: mark_inode_dirty error [ 604.649718][T30831] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #12: comm syz.4.10476: corrupted inode contents [ 604.664427][T30836] EXT4-fs error (device loop3): ext4_dirty_inode:6517: inode #12: comm syz.3.10477: mark_inode_dirty error [ 604.732012][T30836] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #12: comm syz.3.10477: corrupted inode contents [ 604.756604][T30831] EXT4-fs error (device loop4) in ext4_orphan_del:301: Corrupt filesystem [ 604.780639][T30831] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #12: comm syz.4.10476: corrupted inode contents [ 604.797948][T30836] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #12: comm syz.3.10477: mark_inode_dirty error [ 604.832527][T30831] EXT4-fs error (device loop4): ext4_truncate:4637: inode #12: comm syz.4.10476: mark_inode_dirty error [ 604.847794][T30836] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #12: comm syz.3.10477: corrupted inode contents [ 604.886344][T30831] EXT4-fs error (device loop4) in ext4_process_orphan:343: Corrupt filesystem [ 604.900455][T30836] EXT4-fs error (device loop3) in ext4_orphan_del:301: Corrupt filesystem [ 604.910613][T30831] EXT4-fs (loop4): 1 truncate cleaned up [ 604.951019][T30831] siw: device registration error -23 [ 604.967324][T30836] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #12: comm syz.3.10477: corrupted inode contents [ 605.017253][T30836] EXT4-fs error (device loop3): ext4_truncate:4637: inode #12: comm syz.3.10477: mark_inode_dirty error [ 605.043020][T30836] EXT4-fs error (device loop3) in ext4_process_orphan:343: Corrupt filesystem [ 605.062134][T30836] EXT4-fs (loop3): 1 truncate cleaned up [ 605.094813][T30836] siw: device registration error -23 [ 605.131278][T30873] loop5: detected capacity change from 0 to 7 [ 605.146176][T30873] Buffer I/O error on dev loop5, logical block 0, async page read [ 605.154652][T30873] Buffer I/O error on dev loop5, logical block 0, async page read [ 605.162574][T30873] loop5: unable to read partition table [ 605.168970][T30873] loop_reread_partitions: partition scan of loop5 (被xڬdGݡ [ 605.168970][T30873] ) failed (rc=-5) [ 605.185672][T30873] xt_recent: Unsupported userspace flags (000000b1) [ 605.264928][T30880] loop4: detected capacity change from 0 to 1024 [ 605.265345][T30880] EXT4-fs: inline encryption not supported [ 605.346538][T30885] pim6reg: entered allmulticast mode [ 605.347537][T30885] pim6reg: left allmulticast mode [ 605.500466][T30887] loop4: detected capacity change from 0 to 8192 [ 605.503056][T30887] bio_check_eod: 18095 callbacks suppressed [ 605.503077][T30887] syz.4.10494: attempt to access beyond end of device [ 605.503077][T30887] loop4: rw=0, sector=57847, nr_sectors = 1 limit=8192 [ 605.527615][T30887] Buffer I/O error on dev loop4, logical block 57847, async page read [ 605.536094][T30887] syz.4.10494: attempt to access beyond end of device [ 605.536094][T30887] loop4: rw=0, sector=57847, nr_sectors = 1 limit=8192 [ 605.536119][T30887] Buffer I/O error on dev loop4, logical block 57847, async page read [ 605.536155][T30887] syz.4.10494: attempt to access beyond end of device [ 605.536155][T30887] loop4: rw=0, sector=57847, nr_sectors = 1 limit=8192 [ 605.536185][T30887] Buffer I/O error on dev loop4, logical block 57847, async page read [ 605.536300][T30887] syz.4.10494: attempt to access beyond end of device [ 605.536300][T30887] loop4: rw=0, sector=57847, nr_sectors = 1 limit=8192 [ 605.536324][T30887] Buffer I/O error on dev loop4, logical block 57847, async page read [ 605.536419][T30887] syz.4.10494: attempt to access beyond end of device [ 605.536419][T30887] loop4: rw=0, sector=57847, nr_sectors = 1 limit=8192 [ 605.536456][T30887] Buffer I/O error on dev loop4, logical block 57847, async page read [ 605.536487][T30887] syz.4.10494: attempt to access beyond end of device [ 605.536487][T30887] loop4: rw=0, sector=57847, nr_sectors = 1 limit=8192 [ 605.536582][T30887] Buffer I/O error on dev loop4, logical block 57847, async page read [ 605.536617][T30887] syz.4.10494: attempt to access beyond end of device [ 605.536617][T30887] loop4: rw=0, sector=57847, nr_sectors = 1 limit=8192 [ 605.536703][T30887] Buffer I/O error on dev loop4, logical block 57847, async page read [ 605.536729][T30887] syz.4.10494: attempt to access beyond end of device [ 605.536729][T30887] loop4: rw=0, sector=57847, nr_sectors = 1 limit=8192 [ 605.536762][T30887] Buffer I/O error on dev loop4, logical block 57847, async page read [ 605.536826][T30887] syz.4.10494: attempt to access beyond end of device [ 605.536826][T30887] loop4: rw=0, sector=57847, nr_sectors = 1 limit=8192 [ 605.537047][T30887] syz.4.10494: attempt to access beyond end of device [ 605.537047][T30887] loop4: rw=0, sector=57847, nr_sectors = 1 limit=8192 [ 605.750497][T30890] loop1: detected capacity change from 0 to 512 [ 605.757939][T30890] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended [ 605.771734][T30890] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4193: comm syz.1.10495: Allocating blocks 41-42 which overlap fs metadata [ 605.771963][T30890] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4193: comm syz.1.10495: Allocating blocks 41-42 which overlap fs metadata [ 605.772187][T30890] EXT4-fs error (device loop1): ext4_acquire_dquot:6945: comm syz.1.10495: Failed to acquire dquot type 1 [ 605.772406][T30890] EXT4-fs error (device loop1): mb_free_blocks:2017: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt. [ 605.772615][T30890] EXT4-fs error (device loop1): ext4_do_update_inode:5632: inode #12: comm syz.1.10495: corrupted inode contents [ 605.772811][T30890] EXT4-fs error (device loop1): ext4_dirty_inode:6517: inode #12: comm syz.1.10495: mark_inode_dirty error [ 605.772972][T30890] EXT4-fs error (device loop1): ext4_do_update_inode:5632: inode #12: comm syz.1.10495: corrupted inode contents [ 605.773078][T30890] EXT4-fs error (device loop1): __ext4_ext_dirty:206: inode #12: comm syz.1.10495: mark_inode_dirty error [ 605.773199][T30890] EXT4-fs error (device loop1): ext4_do_update_inode:5632: inode #12: comm syz.1.10495: corrupted inode contents [ 605.773352][T30890] EXT4-fs error (device loop1) in ext4_orphan_del:301: Corrupt filesystem [ 605.773533][T30890] EXT4-fs error (device loop1): ext4_do_update_inode:5632: inode #12: comm syz.1.10495: corrupted inode contents [ 605.773713][T30890] EXT4-fs error (device loop1): ext4_truncate:4637: inode #12: comm syz.1.10495: mark_inode_dirty error [ 605.773838][T30890] EXT4-fs error (device loop1) in ext4_process_orphan:343: Corrupt filesystem [ 605.774088][T30890] EXT4-fs (loop1): 1 truncate cleaned up [ 605.894042][T30890] siw: device registration error -23 [ 606.028449][T30894] loop1: detected capacity change from 0 to 8192 [ 606.064960][T30898] netlink: 12 bytes leftover after parsing attributes in process `syz.0.10498'. [ 606.139832][T30904] loop0: detected capacity change from 0 to 512 [ 606.157750][T30904] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended [ 606.200675][T30904] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4193: comm syz.0.10501: Allocating blocks 41-42 which overlap fs metadata [ 606.225132][T30904] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4193: comm syz.0.10501: Allocating blocks 41-42 which overlap fs metadata [ 606.260884][T30904] EXT4-fs error (device loop0): ext4_acquire_dquot:6945: comm syz.0.10501: Failed to acquire dquot type 1 [ 606.280223][T30912] loop3: detected capacity change from 0 to 512 [ 606.297181][T30904] EXT4-fs error (device loop0): mb_free_blocks:2017: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt. [ 606.314472][T30912] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 606.334129][T30912] EXT4-fs (loop3): orphan cleanup on readonly fs [ 606.343277][T30904] EXT4-fs error (device loop0): ext4_do_update_inode:5632: inode #12: comm syz.0.10501: corrupted inode contents [ 606.364033][T30912] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm wޣ: bg 0: block 248: padding at end of block bitmap is not set [ 606.378785][T30912] EXT4-fs error (device loop3): ext4_acquire_dquot:6945: comm wޣ: Failed to acquire dquot type 1 [ 606.390014][T30904] EXT4-fs error (device loop0): ext4_dirty_inode:6517: inode #12: comm syz.0.10501: mark_inode_dirty error [ 606.402292][T30912] EXT4-fs (loop3): 1 truncate cleaned up [ 606.408454][T30904] EXT4-fs error (device loop0): ext4_do_update_inode:5632: inode #12: comm syz.0.10501: corrupted inode contents [ 606.432219][T30904] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #12: comm syz.0.10501: mark_inode_dirty error [ 606.444510][T30904] EXT4-fs error (device loop0): ext4_do_update_inode:5632: inode #12: comm syz.0.10501: corrupted inode contents [ 606.475742][T30915] pim6reg: entered allmulticast mode [ 606.477066][T30904] EXT4-fs error (device loop0) in ext4_orphan_del:301: Corrupt filesystem [ 606.488930][T30915] pim6reg: left allmulticast mode [ 606.505447][T30904] EXT4-fs error (device loop0): ext4_do_update_inode:5632: inode #12: comm syz.0.10501: corrupted inode contents [ 606.517750][T30904] EXT4-fs error (device loop0): ext4_truncate:4637: inode #12: comm syz.0.10501: mark_inode_dirty error [ 606.529463][T30904] EXT4-fs error (device loop0) in ext4_process_orphan:343: Corrupt filesystem [ 606.540488][T30904] EXT4-fs (loop0): 1 truncate cleaned up [ 606.651251][T30926] loop0: detected capacity change from 0 to 128 [ 606.673388][T30927] loop3: detected capacity change from 0 to 128 [ 606.810253][T30936] netlink: 12 bytes leftover after parsing attributes in process `syz.1.10511'. [ 606.829264][T30938] loop3: detected capacity change from 0 to 512 [ 606.836104][T30938] EXT4-fs: Mount option(s) incompatible with ext3 [ 606.849418][T30941] loop5: detected capacity change from 0 to 7 [ 606.856088][T30941] loop5: unable to read partition table [ 606.861830][T30941] loop_reread_partitions: partition scan of loop5 (被xڬdGݡ [ 606.861830][T30941] ) failed (rc=-5) [ 606.876505][T30941] xt_recent: Unsupported userspace flags (000000b1) [ 606.958565][T30944] loop1: detected capacity change from 0 to 1024 [ 606.965361][T30944] EXT4-fs: inline encryption not supported [ 607.397168][T30950] loop4: detected capacity change from 0 to 1024 [ 607.405612][T30950] EXT4-fs: inline encryption not supported [ 607.462081][T30956] loop2: detected capacity change from 0 to 1024 [ 607.476686][T30956] EXT4-fs: inline encryption not supported [ 607.540410][T30963] loop4: detected capacity change from 0 to 512 [ 607.569647][T30963] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 607.593266][T30963] EXT4-fs (loop4): orphan cleanup on readonly fs [ 607.601795][T30963] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm wޣ: bg 0: block 248: padding at end of block bitmap is not set [ 607.619734][T30963] EXT4-fs error (device loop4): ext4_acquire_dquot:6945: comm wޣ: Failed to acquire dquot type 1 [ 607.631494][T30963] EXT4-fs (loop4): 1 truncate cleaned up [ 607.721336][T30975] loop2: detected capacity change from 0 to 1024 [ 607.727365][T30967] loop1: detected capacity change from 0 to 8192 [ 607.747622][T30978] netlink: 131740 bytes leftover after parsing attributes in process `syz.0.10525'. [ 607.757245][T30975] EXT4-fs: inline encryption not supported [ 607.767726][T30978] net_ratelimit: 3 callbacks suppressed [ 607.767745][T30978] netlink: zone id is out of range [ 607.778582][T30978] netlink: zone id is out of range [ 607.837321][T30978] netlink: zone id is out of range [ 607.872725][T30978] netlink: zone id is out of range [ 607.890744][T30978] netlink: zone id is out of range [ 607.905699][T30978] netlink: del zone limit has 8 unknown bytes [ 607.919808][T30994] loop3: detected capacity change from 0 to 1024 [ 607.932999][T30994] EXT4-fs: inline encryption not supported [ 608.139893][T31015] __ib_cache_gid_add: unable to add gid fe80:0000:0000:0000:3849:65ff:fe45:50d0 error=-28 [ 608.205838][T31020] batadv1: entered promiscuous mode [ 608.211277][T31020] batadv1: entered allmulticast mode [ 608.255377][T31022] loop2: detected capacity change from 0 to 512 [ 608.278923][T31022] EXT4-fs: Mount option(s) incompatible with ext3 [ 608.287197][T31015] infiniband syz!: set active [ 608.291941][T31015] infiniband syz!: added team_slave_0 [ 608.397512][T31015] RDS/IB: syz!: added [ 608.421194][T31015] smc: adding ib device syz! with port count 1 [ 608.441647][T31015] smc: ib device syz! port 1 has no pnetid [ 608.611644][ T29] kauditd_printk_skb: 1008 callbacks suppressed [ 608.611661][ T29] audit: type=1326 audit(1764469448.627:85534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31010 comm="syz.0.10539" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f485b86f749 code=0x7ffc0000 [ 608.962159][ T29] audit: type=1326 audit(1764469448.657:85535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31010 comm="syz.0.10539" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7f485b86f749 code=0x7ffc0000 [ 608.985936][ T29] audit: type=1326 audit(1764469448.657:85536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31010 comm="syz.0.10539" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f485b86f749 code=0x7ffc0000 [ 609.009691][ T29] audit: type=1326 audit(1764469448.657:85537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31010 comm="syz.0.10539" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f485b86f749 code=0x7ffc0000 [ 609.033397][ T29] audit: type=1326 audit(1764469448.657:85538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31010 comm="syz.0.10539" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f485b86f749 code=0x7ffc0000 [ 609.057080][ T29] audit: type=1326 audit(1764469448.657:85539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31010 comm="syz.0.10539" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f485b86f749 code=0x7ffc0000 [ 609.080776][ T29] audit: type=1326 audit(1764469448.657:85541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31010 comm="syz.0.10539" exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7f485b86f749 code=0x7ffc0000 [ 609.098444][T31033] loop5: detected capacity change from 0 to 7 [ 609.104775][ T29] audit: type=1326 audit(1764469448.657:85540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31010 comm="syz.0.10539" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f485b86f749 code=0x7ffc0000 [ 609.134444][ T29] audit: type=1326 audit(1764469448.727:85542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31010 comm="syz.0.10539" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f485b86f749 code=0x7ffc0000 [ 609.158162][ T29] audit: type=1326 audit(1764469448.727:85543): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31010 comm="syz.0.10539" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f485b86f749 code=0x7ffc0000 [ 609.197391][T31034] xt_recent: Unsupported userspace flags (000000b1) [ 609.255136][T31033] loop5: unable to read partition table [ 609.265050][T31033] loop_reread_partitions: partition scan of loop5 (被xڬdGݡ [ 609.265050][T31033] ) failed (rc=-5) [ 609.471351][T31043] loop2: detected capacity change from 0 to 1024 [ 609.491375][T31047] loop5: detected capacity change from 0 to 7 [ 609.517385][T31043] EXT4-fs: inline encryption not supported [ 609.523581][T31047] loop5: unable to read partition table [ 609.541746][T31048] loop1: detected capacity change from 0 to 128 [ 609.544066][T31047] loop_reread_partitions: partition scan of loop5 (被xڬdGݡ [ 609.544066][T31047] ) failed (rc=-5) [ 609.556986][T31049] xt_recent: Unsupported userspace flags (000000b1) [ 609.610500][T31043] EXT4-fs mount: 90 callbacks suppressed [ 609.610517][T31043] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 609.790545][T31060] loop5: detected capacity change from 0 to 7 [ 609.808091][T31060] loop5: unable to read partition table [ 609.813871][T31060] loop_reread_partitions: partition scan of loop5 (被xڬdGݡ [ 609.813871][T31060] ) failed (rc=-5) [ 609.828810][T31057] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check. [ 609.855535][T31064] xt_recent: Unsupported userspace flags (000000b1) [ 609.991835][T31067] pim6reg: entered allmulticast mode [ 610.034434][T25816] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 610.069893][T31069] loop1: detected capacity change from 0 to 512 [ 610.077007][T31071] pim6reg: left allmulticast mode [ 610.097323][T31069] EXT4-fs: Mount option(s) incompatible with ext3 [ 610.915821][T31082] loop4: detected capacity change from 0 to 512 [ 610.932732][T31082] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended [ 610.979680][T31082] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4193: comm syz.4.10560: Allocating blocks 41-42 which overlap fs metadata [ 610.987263][T31078] loop3: detected capacity change from 0 to 1024 [ 611.007471][T31078] EXT4-fs: inline encryption not supported [ 611.030752][T31082] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4193: comm syz.4.10560: Allocating blocks 41-42 which overlap fs metadata [ 611.069375][T31078] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 611.082776][T31082] EXT4-fs error (device loop4): ext4_acquire_dquot:6945: comm syz.4.10560: Failed to acquire dquot type 1 [ 611.157844][T31082] EXT4-fs error (device loop4): mb_free_blocks:2017: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt. [ 611.204212][T26872] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 611.224555][T31082] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #12: comm syz.4.10560: corrupted inode contents [ 611.237012][T31082] EXT4-fs error (device loop4): ext4_dirty_inode:6517: inode #12: comm syz.4.10560: mark_inode_dirty error [ 611.249450][T31094] loop5: detected capacity change from 0 to 7 [ 611.255695][T31094] buffer_io_error: 40217 callbacks suppressed [ 611.255721][T31094] Buffer I/O error on dev loop5, logical block 0, async page read [ 611.270377][T31082] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #12: comm syz.4.10560: corrupted inode contents [ 611.270525][T31094] Buffer I/O error on dev loop5, logical block 0, async page read [ 611.290320][T31094] loop5: unable to read partition table [ 611.293711][T31082] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #12: comm syz.4.10560: mark_inode_dirty error [ 611.296206][T31094] loop_reread_partitions: partition scan of loop5 (被xڬdGݡ [ 611.296206][T31094] ) failed (rc=-5) [ 611.323694][T31082] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #12: comm syz.4.10560: corrupted inode contents [ 611.350916][T31094] xt_recent: Unsupported userspace flags (000000b1) [ 611.379337][T31082] EXT4-fs error (device loop4) in ext4_orphan_del:301: Corrupt filesystem [ 611.397650][T31082] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #12: comm syz.4.10560: corrupted inode contents [ 611.411755][T31082] EXT4-fs error (device loop4): ext4_truncate:4637: inode #12: comm syz.4.10560: mark_inode_dirty error [ 611.442530][T31082] EXT4-fs error (device loop4) in ext4_process_orphan:343: Corrupt filesystem [ 611.452110][T31082] EXT4-fs (loop4): 1 truncate cleaned up [ 611.467705][T31082] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 611.501873][T31107] netlink: 12 bytes leftover after parsing attributes in process `syz.3.10569'. [ 611.521121][T31082] siw: device registration error -23 [ 611.569131][T25417] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 611.651566][T31114] loop0: detected capacity change from 0 to 8192 [ 611.661647][T31114] bio_check_eod: 40207 callbacks suppressed [ 611.661708][T31114] syz.0.10574: attempt to access beyond end of device [ 611.661708][T31114] loop0: rw=0, sector=57847, nr_sectors = 1 limit=8192 [ 611.681248][T31114] Buffer I/O error on dev loop0, logical block 57847, async page read [ 611.690177][T31114] syz.0.10574: attempt to access beyond end of device [ 611.690177][T31114] loop0: rw=0, sector=57847, nr_sectors = 1 limit=8192 [ 611.703732][T31114] Buffer I/O error on dev loop0, logical block 57847, async page read [ 611.712477][T31114] syz.0.10574: attempt to access beyond end of device [ 611.712477][T31114] loop0: rw=0, sector=57847, nr_sectors = 1 limit=8192 [ 611.726130][T31114] Buffer I/O error on dev loop0, logical block 57847, async page read [ 611.734530][T31114] syz.0.10574: attempt to access beyond end of device [ 611.734530][T31114] loop0: rw=0, sector=57847, nr_sectors = 1 limit=8192 [ 611.748121][T31114] Buffer I/O error on dev loop0, logical block 57847, async page read [ 611.756621][T31114] syz.0.10574: attempt to access beyond end of device [ 611.756621][T31114] loop0: rw=0, sector=57847, nr_sectors = 1 limit=8192 [ 611.770215][T31114] Buffer I/O error on dev loop0, logical block 57847, async page read [ 611.781845][T31114] syz.0.10574: attempt to access beyond end of device [ 611.781845][T31114] loop0: rw=0, sector=57847, nr_sectors = 1 limit=8192 [ 611.795402][T31114] Buffer I/O error on dev loop0, logical block 57847, async page read [ 611.806349][T31114] syz.0.10574: attempt to access beyond end of device [ 611.806349][T31114] loop0: rw=0, sector=57847, nr_sectors = 1 limit=8192 [ 611.819953][T31114] Buffer I/O error on dev loop0, logical block 57847, async page read [ 611.828209][T31114] syz.0.10574: attempt to access beyond end of device [ 611.828209][T31114] loop0: rw=0, sector=57847, nr_sectors = 1 limit=8192 [ 611.841792][T31114] Buffer I/O error on dev loop0, logical block 57847, async page read [ 611.850389][T31114] syz.0.10574: attempt to access beyond end of device [ 611.850389][T31114] loop0: rw=0, sector=57847, nr_sectors = 1 limit=8192 [ 611.863972][T31114] syz.0.10574: attempt to access beyond end of device [ 611.863972][T31114] loop0: rw=0, sector=57847, nr_sectors = 1 limit=8192 [ 612.110569][T31127] netlink: 131740 bytes leftover after parsing attributes in process `syz.1.10576'. [ 612.129648][T31127] netlink: zone id is out of range [ 612.134879][T31127] netlink: zone id is out of range [ 612.151548][T31127] netlink: zone id is out of range [ 612.417389][T31133] pim6reg: entered allmulticast mode [ 612.425206][T31133] pim6reg: left allmulticast mode [ 612.569899][T31136] loop3: detected capacity change from 0 to 512 [ 612.597204][T31136] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 612.626967][T31136] EXT4-fs (loop3): orphan cleanup on readonly fs [ 612.641961][T31142] loop2: detected capacity change from 0 to 512 [ 612.651385][T31136] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm wޣ: bg 0: block 248: padding at end of block bitmap is not set [ 612.668489][T31142] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended [ 612.681586][T31136] EXT4-fs error (device loop3): ext4_acquire_dquot:6945: comm wޣ: Failed to acquire dquot type 1 [ 612.696198][T31142] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4193: comm syz.2.10582: Allocating blocks 41-42 which overlap fs metadata [ 612.714187][T31136] EXT4-fs (loop3): 1 truncate cleaned up [ 612.750180][T31136] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 612.762950][T31142] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4193: comm syz.2.10582: Allocating blocks 41-42 which overlap fs metadata [ 612.779240][T31142] EXT4-fs error (device loop2): ext4_acquire_dquot:6945: comm syz.2.10582: Failed to acquire dquot type 1 [ 612.790997][T31142] EXT4-fs error (device loop2): mb_free_blocks:2017: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt. [ 612.806787][T31142] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #12: comm syz.2.10582: corrupted inode contents [ 612.818939][T31142] EXT4-fs error (device loop2): ext4_dirty_inode:6517: inode #12: comm syz.2.10582: mark_inode_dirty error [ 612.830942][T31142] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #12: comm syz.2.10582: corrupted inode contents [ 612.843927][T31142] EXT4-fs error (device loop2): __ext4_ext_dirty:206: inode #12: comm syz.2.10582: mark_inode_dirty error [ 612.855917][T31142] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #12: comm syz.2.10582: corrupted inode contents [ 612.860199][T26872] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 612.878379][T31142] EXT4-fs error (device loop2) in ext4_orphan_del:301: Corrupt filesystem [ 612.890369][T31149] pim6reg: entered allmulticast mode [ 612.897747][T31142] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #12: comm syz.2.10582: corrupted inode contents [ 612.907218][T31149] pim6reg: left allmulticast mode [ 612.923277][T31142] EXT4-fs error (device loop2): ext4_truncate:4637: inode #12: comm syz.2.10582: mark_inode_dirty error [ 612.939164][T31142] EXT4-fs error (device loop2) in ext4_process_orphan:343: Corrupt filesystem [ 612.952879][T31142] EXT4-fs (loop2): 1 truncate cleaned up [ 612.960087][T31151] FAULT_INJECTION: forcing a failure. [ 612.960087][T31151] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 612.973272][T31151] CPU: 1 UID: 0 PID: 31151 Comm: syz.3.10585 Not tainted syzkaller #0 PREEMPT(voluntary) [ 612.973312][T31151] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 612.973328][T31151] Call Trace: [ 612.973336][T31151] [ 612.973347][T31151] __dump_stack+0x1d/0x30 [ 612.973375][T31151] dump_stack_lvl+0xe8/0x140 [ 612.973396][T31151] dump_stack+0x15/0x1b [ 612.973413][T31151] should_fail_ex+0x265/0x280 [ 612.973511][T31151] should_fail+0xb/0x20 [ 612.973528][T31151] should_fail_usercopy+0x1a/0x20 [ 612.973640][T31151] _copy_from_user+0x1c/0xb0 [ 612.973673][T31151] __sys_bpf+0x183/0x7c0 [ 612.973709][T31151] __x64_sys_bpf+0x41/0x50 [ 612.973828][T31151] x64_sys_call+0x2aee/0x3000 [ 612.973856][T31151] do_syscall_64+0xd2/0x200 [ 612.973884][T31151] ? arch_exit_to_user_mode_prepare+0x27/0x80 [ 612.973920][T31151] ? irqentry_exit_to_user_mode+0x7b/0xa0 [ 612.973990][T31151] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 612.974016][T31151] RIP: 0033:0x7fc735c2f749 [ 612.974042][T31151] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 612.974062][T31151] RSP: 002b:00007fc73468f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 612.974085][T31151] RAX: ffffffffffffffda RBX: 00007fc735e85fa0 RCX: 00007fc735c2f749 [ 612.974138][T31151] RDX: 0000000000000020 RSI: 0000200000000740 RDI: 0000000000000003 [ 612.974151][T31151] RBP: 00007fc73468f090 R08: 0000000000000000 R09: 0000000000000000 [ 612.974162][T31151] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 612.974175][T31151] R13: 00007fc735e86038 R14: 00007fc735e85fa0 R15: 00007ffcab3153e8 [ 612.974201][T31151] [ 612.975544][T31142] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 613.168324][T31142] siw: device registration error -23 [ 613.168853][T31165] pim6reg: entered allmulticast mode [ 613.186188][T31165] pim6reg: left allmulticast mode [ 613.199773][T25816] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 613.265778][T31175] loop2: detected capacity change from 0 to 512 [ 613.278331][T31175] EXT4-fs: Mount option(s) incompatible with ext3 [ 613.292778][T31178] pim6reg: entered allmulticast mode [ 613.298885][T31178] pim6reg: left allmulticast mode [ 613.325581][T31179] loop0: detected capacity change from 0 to 512 [ 613.333211][T31179] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 613.343081][T31179] EXT4-fs (loop0): orphan cleanup on readonly fs [ 613.351597][T31179] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm wޣ: bg 0: block 248: padding at end of block bitmap is not set [ 613.366429][T31179] EXT4-fs error (device loop0): ext4_acquire_dquot:6945: comm wޣ: Failed to acquire dquot type 1 [ 613.377997][T31179] EXT4-fs (loop0): 1 truncate cleaned up [ 613.384237][T31179] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 613.417568][T26442] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 613.443455][T31187] loop0: detected capacity change from 0 to 1024 [ 613.450463][T31187] EXT4-fs: inline encryption not supported [ 613.881201][T31187] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 613.884875][ T29] kauditd_printk_skb: 747 callbacks suppressed [ 613.884895][ T29] audit: type=1326 audit(1764469453.897:86279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31199 comm="syz.4.10603" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b3f77f749 code=0x7ffc0000 [ 613.927879][ T29] audit: type=1326 audit(1764469453.937:86280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31199 comm="syz.4.10603" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b3f77f749 code=0x7ffc0000 [ 613.951767][ T29] audit: type=1326 audit(1764469453.947:86281): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31199 comm="syz.4.10603" exe="/root/syz-executor" sig=0 arch=c000003e syscall=262 compat=0 ip=0x7f0b3f77f749 code=0x7ffc0000 [ 613.975546][ T29] audit: type=1326 audit(1764469453.947:86282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31199 comm="syz.4.10603" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b3f77f749 code=0x7ffc0000 [ 613.999319][ T29] audit: type=1326 audit(1764469453.947:86283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31199 comm="syz.4.10603" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b3f77f749 code=0x7ffc0000 [ 614.021831][T31195] netlink: 'syz.1.10602': attribute type 3 has an invalid length. [ 614.023206][ T29] audit: type=1326 audit(1764469453.947:86284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31199 comm="syz.4.10603" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f0b3f77f749 code=0x7ffc0000 [ 614.043682][T31195] netlink: 36 bytes leftover after parsing attributes in process `syz.1.10602'. [ 614.054675][ T29] audit: type=1326 audit(1764469453.947:86285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31199 comm="syz.4.10603" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b3f77f749 code=0x7ffc0000 [ 614.087499][ T29] audit: type=1326 audit(1764469453.947:86286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31199 comm="syz.4.10603" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b3f77f749 code=0x7ffc0000 [ 614.111660][ T29] audit: type=1326 audit(1764469453.947:86287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31199 comm="syz.4.10603" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f0b3f77f749 code=0x7ffc0000 [ 614.121837][T31204] loop4: detected capacity change from 0 to 512 [ 614.188667][ T29] audit: type=1326 audit(1764469453.977:86288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31186 comm="syz.0.10599" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f485b86f749 code=0x7ffc0000 [ 614.217542][T31204] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended [ 614.243193][T26442] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 614.257492][T31204] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4193: comm syz.4.10603: Allocating blocks 41-42 which overlap fs metadata [ 614.284234][T31209] syz!: rxe_newlink: already configured on team_slave_0 [ 614.292640][T31204] EXT4-fs error (device loop4): ext4_acquire_dquot:6945: comm syz.4.10603: Failed to acquire dquot type 1 [ 614.299396][T31217] netlink: 12 bytes leftover after parsing attributes in process `syz.0.10607'. [ 614.305470][T31204] EXT4-fs error (device loop4): mb_free_blocks:2017: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt. [ 614.328190][T31204] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #12: comm syz.4.10603: corrupted inode contents [ 614.342086][T31204] EXT4-fs error (device loop4): ext4_dirty_inode:6517: inode #12: comm syz.4.10603: mark_inode_dirty error [ 614.363154][T31218] loop2: detected capacity change from 0 to 128 [ 614.377601][T31204] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #12: comm syz.4.10603: corrupted inode contents [ 614.404884][T31204] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #12: comm syz.4.10603: mark_inode_dirty error [ 614.422207][T31223] FAULT_INJECTION: forcing a failure. [ 614.422207][T31223] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 614.435341][T31223] CPU: 1 UID: 0 PID: 31223 Comm: syz.3.10610 Not tainted syzkaller #0 PREEMPT(voluntary) [ 614.435379][T31223] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 614.435395][T31223] Call Trace: [ 614.435403][T31223] [ 614.435463][T31223] __dump_stack+0x1d/0x30 [ 614.435489][T31223] dump_stack_lvl+0xe8/0x140 [ 614.435510][T31223] dump_stack+0x15/0x1b [ 614.435527][T31223] should_fail_ex+0x265/0x280 [ 614.435553][T31223] should_fail+0xb/0x20 [ 614.435626][T31223] should_fail_usercopy+0x1a/0x20 [ 614.435675][T31223] _copy_to_user+0x20/0xa0 [ 614.435702][T31223] simple_read_from_buffer+0xb5/0x130 [ 614.435746][T31223] proc_fail_nth_read+0x10e/0x150 [ 614.435804][T31223] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 614.435835][T31223] vfs_read+0x1a8/0x770 [ 614.435873][T31223] ? __rcu_read_unlock+0x4f/0x70 [ 614.435908][T31223] ? __fget_files+0x184/0x1c0 [ 614.435942][T31223] ksys_read+0xda/0x1a0 [ 614.435971][T31223] __x64_sys_read+0x40/0x50 [ 614.436003][T31223] x64_sys_call+0x27c0/0x3000 [ 614.436031][T31223] do_syscall_64+0xd2/0x200 [ 614.436111][T31223] ? arch_exit_to_user_mode_prepare+0x27/0x80 [ 614.436149][T31223] ? irqentry_exit_to_user_mode+0x7b/0xa0 [ 614.436212][T31223] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 614.436235][T31223] RIP: 0033:0x7fc735c2e15c [ 614.436252][T31223] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 614.436335][T31223] RSP: 002b:00007fc73468f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 614.436354][T31223] RAX: ffffffffffffffda RBX: 00007fc735e85fa0 RCX: 00007fc735c2e15c [ 614.436432][T31223] RDX: 000000000000000f RSI: 00007fc73468f0a0 RDI: 0000000000000007 [ 614.436455][T31223] RBP: 00007fc73468f090 R08: 0000000000000000 R09: 0000000000000000 [ 614.436467][T31223] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 614.436491][T31223] R13: 00007fc735e86038 R14: 00007fc735e85fa0 R15: 00007ffcab3153e8 [ 614.436519][T31223] [ 614.436815][T31204] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #12: comm syz.4.10603: corrupted inode contents [ 614.447061][T31221] pim6reg: left allmulticast mode [ 614.477159][T31204] EXT4-fs error (device loop4) in ext4_orphan_del:301: Corrupt filesystem [ 614.678136][T31228] pim6reg: entered allmulticast mode [ 614.684233][T31228] pim6reg: left allmulticast mode [ 614.692944][T31204] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #12: comm syz.4.10603: corrupted inode contents [ 614.714355][T31204] EXT4-fs error (device loop4): ext4_truncate:4637: inode #12: comm syz.4.10603: mark_inode_dirty error [ 614.768633][T31204] EXT4-fs error (device loop4) in ext4_process_orphan:343: Corrupt filesystem [ 614.778534][T31204] EXT4-fs (loop4): 1 truncate cleaned up [ 614.785051][T31204] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 614.817542][T31200] siw: device registration error -23 [ 614.841917][T31242] loop3: detected capacity change from 0 to 512 [ 614.863439][T25417] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 614.872855][T31242] EXT4-fs: Mount option(s) incompatible with ext3 [ 615.040335][T31253] loop2: detected capacity change from 0 to 1024 [ 615.067074][T31253] EXT4-fs: inline encryption not supported [ 615.280116][T31253] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 615.312138][T31259] loop1: detected capacity change from 0 to 512 [ 615.366224][T31259] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 615.461266][T31259] EXT4-fs (loop1): orphan cleanup on readonly fs [ 615.537355][T31259] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.10622: bg 0: block 248: padding at end of block bitmap is not set [ 615.568857][T25816] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 615.629289][T31259] EXT4-fs error (device loop1): ext4_acquire_dquot:6945: comm syz.1.10622: Failed to acquire dquot type 1 [ 615.658116][T31259] EXT4-fs (loop1): 1 truncate cleaned up [ 615.667548][T31266] netlink: 12 bytes leftover after parsing attributes in process `syz.2.10623'. [ 615.710375][T31268] loop0: detected capacity change from 0 to 128 [ 615.729356][T31259] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 615.767979][T27404] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 615.921051][T31279] loop2: detected capacity change from 0 to 512 [ 615.931458][T31281] netlink: 20 bytes leftover after parsing attributes in process `syz.0.10628'. [ 615.941991][T31279] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 615.978831][T31279] EXT4-fs (loop2): orphan cleanup on readonly fs [ 615.991683][T31279] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.10629: bg 0: block 248: padding at end of block bitmap is not set [ 616.001379][T31286] loop5: detected capacity change from 0 to 7 [ 616.027164][T31279] EXT4-fs error (device loop2): ext4_acquire_dquot:6945: comm syz.2.10629: Failed to acquire dquot type 1 [ 616.078070][T31286] loop5: unable to read partition table [ 616.103877][T31279] EXT4-fs (loop2): 1 truncate cleaned up [ 616.107219][T31290] xt_recent: Unsupported userspace flags (000000b1) [ 616.123006][T31286] loop_reread_partitions: partition scan of loop5 (被xڬdGݡ [ 616.123006][T31286] ) failed (rc=-5) [ 616.142664][T31279] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 616.158711][T31289] pim6reg: entered allmulticast mode [ 616.178228][T31291] pim6reg: left allmulticast mode [ 616.281972][T25816] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 616.308886][T31297] loop3: detected capacity change from 0 to 8192 [ 616.357697][T31306] netlink: 12 bytes leftover after parsing attributes in process `syz.4.10639'. [ 616.376452][T31308] loop1: detected capacity change from 0 to 512 [ 616.413989][T31308] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended [ 616.477082][T31315] loop2: detected capacity change from 0 to 1024 [ 616.486512][T31308] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4193: comm syz.1.10641: Allocating blocks 41-42 which overlap fs metadata [ 616.494224][T31315] EXT4-fs: inline encryption not supported [ 616.523982][T31317] netlink: 20 bytes leftover after parsing attributes in process `syz.4.10644'. [ 616.560329][T31308] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4193: comm syz.1.10641: Allocating blocks 41-42 which overlap fs metadata [ 616.586147][T31315] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 616.599286][T31320] loop3: detected capacity change from 0 to 1024 [ 616.607916][T31320] EXT4-fs: inline encryption not supported [ 616.614326][T31308] EXT4-fs error (device loop1): ext4_acquire_dquot:6945: comm syz.1.10641: Failed to acquire dquot type 1 [ 616.628872][T31308] EXT4-fs error (device loop1): mb_free_blocks:2017: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt. [ 616.648436][T31320] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 616.671681][T31308] EXT4-fs error (device loop1): ext4_do_update_inode:5632: inode #12: comm syz.1.10641: corrupted inode contents [ 616.694115][T25816] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 616.743401][T31330] loop0: detected capacity change from 0 to 128 [ 616.746944][T31308] EXT4-fs error (device loop1): ext4_dirty_inode:6517: inode #12: comm syz.1.10641: mark_inode_dirty error [ 616.801327][T26872] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 616.810544][T31330] __vm_enough_memory: pid: 31330, comm: syz.0.10648, bytes: 21200162447360 not enough memory for the allocation [ 616.838099][T31308] EXT4-fs error (device loop1): ext4_do_update_inode:5632: inode #12: comm syz.1.10641: corrupted inode contents [ 616.875346][T31330] bio_check_eod: 14307 callbacks suppressed [ 616.875366][T31330] syz.0.10648: attempt to access beyond end of device [ 616.875366][T31330] loop0: rw=34817, sector=113, nr_sectors = 32 limit=128 [ 616.883550][T31338] pim6reg: entered allmulticast mode [ 616.918687][T31340] loop5: detected capacity change from 0 to 7 [ 616.924945][T31308] EXT4-fs error (device loop1): __ext4_ext_dirty:206: inode #12: comm syz.1.10641: mark_inode_dirty error [ 616.957449][T31340] buffer_io_error: 14311 callbacks suppressed [ 616.957536][T31340] Buffer I/O error on dev loop5, logical block 0, async page read [ 616.972274][T31341] pim6reg: left allmulticast mode [ 616.977800][T31308] EXT4-fs error (device loop1): ext4_do_update_inode:5632: inode #12: comm syz.1.10641: corrupted inode contents [ 616.991769][T31342] xt_recent: Unsupported userspace flags (000000b1) [ 617.020129][T31340] Buffer I/O error on dev loop5, logical block 0, async page read [ 617.028118][T31340] loop5: unable to read partition table [ 617.037119][T31308] EXT4-fs error (device loop1) in ext4_orphan_del:301: Corrupt filesystem [ 617.067376][T31308] EXT4-fs error (device loop1): ext4_do_update_inode:5632: inode #12: comm syz.1.10641: corrupted inode contents [ 617.076798][T31340] loop_reread_partitions: partition scan of loop5 (被xڬdGݡ [ 617.076798][T31340] ) failed (rc=-5) [ 617.157301][T31308] EXT4-fs error (device loop1): ext4_truncate:4637: inode #12: comm syz.1.10641: mark_inode_dirty error [ 617.193426][T31308] EXT4-fs error (device loop1) in ext4_process_orphan:343: Corrupt filesystem [ 617.198193][T31346] loop5: detected capacity change from 0 to 7 [ 617.219526][T31308] EXT4-fs (loop1): 1 truncate cleaned up [ 617.242337][T31308] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 617.247243][T31346] Buffer I/O error on dev loop5, logical block 0, async page read [ 617.277820][T31349] xt_recent: Unsupported userspace flags (000000b1) [ 617.315491][T31346] Buffer I/O error on dev loop5, logical block 0, async page read [ 617.315936][T31308] siw: device registration error -23 [ 617.323410][T31346] loop5: unable to read partition table [ 617.345159][T31346] loop_reread_partitions: partition scan of loop5 (被xڬdGݡ [ 617.345159][T31346] ) failed (rc=-5) [ 617.359374][T31345] loop0: detected capacity change from 0 to 8192 [ 617.376533][T31345] syz.0.10653: attempt to access beyond end of device [ 617.376533][T31345] loop0: rw=0, sector=57847, nr_sectors = 1 limit=8192 [ 617.390264][T31345] Buffer I/O error on dev loop0, logical block 57847, async page read [ 617.443664][T31345] syz.0.10653: attempt to access beyond end of device [ 617.443664][T31345] loop0: rw=0, sector=57847, nr_sectors = 1 limit=8192 [ 617.457409][T31345] Buffer I/O error on dev loop0, logical block 57847, async page read [ 617.469671][T27404] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 617.484025][T31345] syz.0.10653: attempt to access beyond end of device [ 617.484025][T31345] loop0: rw=0, sector=57847, nr_sectors = 1 limit=8192 [ 617.497620][T31345] Buffer I/O error on dev loop0, logical block 57847, async page read [ 617.548684][T31361] loop2: detected capacity change from 0 to 1024 [ 617.560379][T31345] syz.0.10653: attempt to access beyond end of device [ 617.560379][T31345] loop0: rw=0, sector=57847, nr_sectors = 1 limit=8192 [ 617.573987][T31345] Buffer I/O error on dev loop0, logical block 57847, async page read [ 617.587369][T31361] EXT4-fs: inline encryption not supported [ 617.613267][T31361] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 617.632095][T31345] syz.0.10653: attempt to access beyond end of device [ 617.632095][T31345] loop0: rw=0, sector=57847, nr_sectors = 1 limit=8192 [ 617.645875][T31345] Buffer I/O error on dev loop0, logical block 57847, async page read [ 617.666781][T31367] netlink: 'syz.3.10661': attribute type 3 has an invalid length. [ 617.688599][T31345] syz.0.10653: attempt to access beyond end of device [ 617.688599][T31345] loop0: rw=0, sector=57847, nr_sectors = 1 limit=8192 [ 617.702288][T31345] Buffer I/O error on dev loop0, logical block 57847, async page read [ 617.712225][T31345] syz.0.10653: attempt to access beyond end of device [ 617.712225][T31345] loop0: rw=0, sector=57847, nr_sectors = 1 limit=8192 [ 617.726098][T31345] syz.0.10653: attempt to access beyond end of device [ 617.726098][T31345] loop0: rw=0, sector=57847, nr_sectors = 1 limit=8192 [ 617.727437][T31367] netlink: 36 bytes leftover after parsing attributes in process `syz.3.10661'. [ 617.740482][T31345] syz.0.10653: attempt to access beyond end of device [ 617.740482][T31345] loop0: rw=0, sector=57847, nr_sectors = 1 limit=8192 [ 617.749873][T31369] 9p: Unknown Cache mode or invalid value fsca [ 617.823558][T25816] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 617.858636][T31374] loop4: detected capacity change from 0 to 512 [ 617.883943][T31374] EXT4-fs: Mount option(s) incompatible with ext3 [ 618.019674][T31377] pim6reg: entered allmulticast mode [ 618.048688][T31379] pim6reg: left allmulticast mode [ 618.317685][T31392] loop3: detected capacity change from 0 to 2048 [ 618.398026][T31392] Alternate GPT is invalid, using primary GPT. [ 618.404460][T31392] loop3: p2 p3 p7 [ 618.772411][T31398] loop5: detected capacity change from 0 to 7 [ 618.792006][T31397] loop4: detected capacity change from 0 to 512 [ 618.803763][T31398] loop5: unable to read partition table [ 618.817036][T31398] loop_reread_partitions: partition scan of loop5 (被xڬdGݡ [ 618.817036][T31398] ) failed (rc=-5) [ 618.841300][T31401] xt_recent: Unsupported userspace flags (000000b1) [ 618.895228][ T29] kauditd_printk_skb: 917 callbacks suppressed [ 618.895247][ T29] audit: type=1326 audit(1764469458.907:87195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31399 comm="syz.2.10670" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3f1be5f749 code=0x7ffc0000 [ 618.926248][ T29] audit: type=1326 audit(1764469458.907:87196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31399 comm="syz.2.10670" exe="/root/syz-executor" sig=0 arch=c000003e syscall=10 compat=0 ip=0x7f3f1be5f807 code=0x7ffc0000 [ 618.949912][ T29] audit: type=1326 audit(1764469458.907:87197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31399 comm="syz.2.10670" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3f1be5f749 code=0x7ffc0000 [ 618.973765][ T29] audit: type=1326 audit(1764469458.907:87198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31399 comm="syz.2.10670" exe="/root/syz-executor" sig=0 arch=c000003e syscall=14 compat=0 ip=0x7f3f1be16bdd code=0x7ffc0000 [ 618.997407][ T29] audit: type=1326 audit(1764469458.907:87199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31399 comm="syz.2.10670" exe="/root/syz-executor" sig=0 arch=c000003e syscall=435 compat=0 ip=0x7f3f1be93e89 code=0x7ffc0000 [ 619.021203][ T29] audit: type=1326 audit(1764469458.907:87200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31399 comm="syz.2.10670" exe="/root/syz-executor" sig=0 arch=c000003e syscall=14 compat=0 ip=0x7f3f1be16c47 code=0x7ffc0000 [ 619.044818][ T29] audit: type=1326 audit(1764469458.907:87201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31399 comm="syz.2.10670" exe="/root/syz-executor" sig=0 arch=c000003e syscall=273 compat=0 ip=0x7f3f1be16357 code=0x7ffc0000 [ 619.068535][ T29] audit: type=1326 audit(1764469458.907:87203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31399 comm="syz.2.10670" exe="/root/syz-executor" sig=0 arch=c000003e syscall=14 compat=0 ip=0x7f3f1be163b6 code=0x7ffc0000 [ 619.092181][ T29] audit: type=1326 audit(1764469458.907:87204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31399 comm="syz.2.10670" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f3f1be5f34b code=0x7ffc0000 [ 619.093664][T31397] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended [ 619.116144][ T29] audit: type=1326 audit(1764469458.907:87202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31399 comm="syz.2.10670" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3f1be5f749 code=0x7ffc0000 [ 619.208318][T31409] loop1: detected capacity change from 0 to 1024 [ 619.303628][T31409] EXT4-fs: inline encryption not supported [ 619.502408][T31409] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 619.637843][T31422] netlink: 12 bytes leftover after parsing attributes in process `syz.0.10677'. [ 619.657482][T31397] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4193: comm syz.4.10668: Allocating blocks 41-42 which overlap fs metadata [ 619.675631][T31397] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4193: comm syz.4.10668: Allocating blocks 41-42 which overlap fs metadata [ 619.705396][T27404] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 619.747428][T31397] EXT4-fs error (device loop4): ext4_acquire_dquot:6945: comm syz.4.10668: Failed to acquire dquot type 1 [ 619.764006][T31397] EXT4-fs error (device loop4): mb_free_blocks:2017: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt. [ 619.779006][T31397] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #12: comm syz.4.10668: corrupted inode contents [ 619.791379][T31397] EXT4-fs error (device loop4): ext4_dirty_inode:6517: inode #12: comm syz.4.10668: mark_inode_dirty error [ 619.793946][T31428] loop1: detected capacity change from 0 to 1024 [ 619.810818][T31425] loop3: detected capacity change from 0 to 512 [ 619.817610][T31397] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #12: comm syz.4.10668: corrupted inode contents [ 619.836968][T31425] EXT4-fs: Mount option(s) incompatible with ext3 [ 619.841810][T31428] EXT4-fs: inline encryption not supported [ 619.867094][T31435] rdma_rxe: rxe_newlink: failed to add team_slave_0 [ 619.868618][T31397] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #12: comm syz.4.10668: mark_inode_dirty error [ 619.885992][T31397] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #12: comm syz.4.10668: corrupted inode contents [ 619.894845][T31438] pim6reg: entered allmulticast mode [ 619.902276][T31397] EXT4-fs error (device loop4) in ext4_orphan_del:301: Corrupt filesystem [ 619.924562][T31438] pim6reg: left allmulticast mode [ 619.933510][T31397] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #12: comm syz.4.10668: corrupted inode contents [ 619.950790][T31397] EXT4-fs error (device loop4): ext4_truncate:4637: inode #12: comm syz.4.10668: mark_inode_dirty error [ 619.962441][T31397] EXT4-fs error (device loop4) in ext4_process_orphan:343: Corrupt filesystem [ 619.972395][T31428] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 619.991248][T31397] EXT4-fs (loop4): 1 truncate cleaned up [ 620.000412][T31397] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 620.031681][T27404] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 620.057259][T31397] siw: device registration error -23 [ 620.063461][T31448] pim6reg: entered allmulticast mode [ 620.073861][T31448] pim6reg: left allmulticast mode [ 620.288014][T25417] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 620.421673][T31455] loop0: detected capacity change from 0 to 1024 [ 620.430773][T31453] loop2: detected capacity change from 0 to 512 [ 620.437892][T31455] EXT4-fs: inline encryption not supported [ 620.452019][T31453] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 620.487915][T31453] EXT4-fs (loop2): orphan cleanup on readonly fs [ 620.496852][T31455] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 620.512436][T31453] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.10688: bg 0: block 248: padding at end of block bitmap is not set [ 620.547009][T31453] EXT4-fs error (device loop2): ext4_acquire_dquot:6945: comm syz.2.10688: Failed to acquire dquot type 1 [ 620.564961][T31453] EXT4-fs (loop2): 1 truncate cleaned up [ 620.596476][T31453] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 620.610612][T26442] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 620.637641][T25816] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 621.028634][T31467] loop3: detected capacity change from 0 to 512 [ 621.077840][T31467] EXT4-fs: Mount option(s) incompatible with ext3 [ 621.094284][T31471] loop0: detected capacity change from 0 to 512 [ 621.135762][T31471] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 621.163173][T31475] rdma_rxe: rxe_newlink: failed to add team_slave_0 [ 621.173217][T31471] EXT4-fs (loop0): orphan cleanup on readonly fs [ 621.201529][T31471] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.10691: bg 0: block 248: padding at end of block bitmap is not set [ 621.232183][T31471] EXT4-fs error (device loop0): ext4_acquire_dquot:6945: comm syz.0.10691: Failed to acquire dquot type 1 [ 621.244326][T31471] EXT4-fs (loop0): 1 truncate cleaned up [ 621.250773][T31471] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 621.289296][T31478] loop2: detected capacity change from 0 to 1024 [ 621.296301][T31478] EXT4-fs: inline encryption not supported [ 621.304798][T26442] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 621.315852][T31478] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 621.354431][T25816] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 621.393084][T31485] loop2: detected capacity change from 0 to 512 [ 621.403420][T31485] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 621.415674][T31485] EXT4-fs (loop2): orphan cleanup on readonly fs [ 621.429076][T31485] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm wޣ: bg 0: block 248: padding at end of block bitmap is not set [ 621.446249][T31485] EXT4-fs error (device loop2): ext4_acquire_dquot:6945: comm wޣ: Failed to acquire dquot type 1 [ 621.458611][T31485] EXT4-fs (loop2): 1 truncate cleaned up [ 621.819522][T31485] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 621.922330][T25816] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 621.958601][T31503] loop5: detected capacity change from 0 to 7 [ 621.982157][T31503] buffer_io_error: 7022 callbacks suppressed [ 621.982175][T31503] Buffer I/O error on dev loop5, logical block 0, async page read [ 621.995835][T31499] loop4: detected capacity change from 0 to 8192 [ 621.996551][T31503] Buffer I/O error on dev loop5, logical block 0, async page read [ 622.010476][T31503] loop5: unable to read partition table [ 622.016306][T31503] loop_reread_partitions: partition scan of loop5 (被xڬdGݡ [ 622.016306][T31503] ) failed (rc=-5) [ 622.030337][T31507] xt_recent: Unsupported userspace flags (000000b1) [ 622.033658][T31509] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 622.064661][T31509] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 622.076824][T31499] bio_check_eod: 7017 callbacks suppressed [ 622.076844][T31499] syz.4.10701: attempt to access beyond end of device [ 622.076844][T31499] loop4: rw=0, sector=57847, nr_sectors = 1 limit=8192 [ 622.096335][T31499] Buffer I/O error on dev loop4, logical block 57847, async page read [ 622.184479][T31499] syz.4.10701: attempt to access beyond end of device [ 622.184479][T31499] loop4: rw=0, sector=57847, nr_sectors = 1 limit=8192 [ 622.198219][T31499] Buffer I/O error on dev loop4, logical block 57847, async page read [ 622.213660][T31515] loop3: detected capacity change from 0 to 512 [ 622.226213][T31515] EXT4-fs: Ignoring removed nomblk_io_submit option [ 622.248423][T31525] netlink: 'syz.2.10711': attribute type 1 has an invalid length. [ 622.254520][T31499] syz.4.10701: attempt to access beyond end of device [ 622.254520][T31499] loop4: rw=0, sector=57847, nr_sectors = 1 limit=8192 [ 622.269930][T31499] Buffer I/O error on dev loop4, logical block 57847, async page read [ 622.278629][T31499] syz.4.10701: attempt to access beyond end of device [ 622.278629][T31499] loop4: rw=0, sector=57847, nr_sectors = 1 limit=8192 [ 622.287864][T31515] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 622.292137][T31499] Buffer I/O error on dev loop4, logical block 57847, async page read [ 622.300598][T31515] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 622.311230][T31525] 8021q: adding VLAN 0 to HW filter on device bond1 [ 622.319802][T31499] syz.4.10701: attempt to access beyond end of device [ 622.319802][T31499] loop4: rw=0, sector=57847, nr_sectors = 1 limit=8192 [ 622.328033][T31515] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4193: comm syz.3.10705: Allocating blocks 41-42 which overlap fs metadata [ 622.338173][T31499] Buffer I/O error on dev loop4, logical block 57847, async page read [ 622.352356][T31515] EXT4-fs (loop3): Remounting filesystem read-only [ 622.360523][T31499] syz.4.10701: attempt to access beyond end of device [ 622.360523][T31499] loop4: rw=0, sector=57847, nr_sectors = 1 limit=8192 [ 622.367920][T31515] EXT4-fs (loop3): 1 truncate cleaned up [ 622.380363][T31499] Buffer I/O error on dev loop4, logical block 57847, async page read [ 622.386589][T31515] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 622.398822][T31499] syz.4.10701: attempt to access beyond end of device [ 622.398822][T31499] loop4: rw=0, sector=57847, nr_sectors = 1 limit=8192 [ 622.420166][T31499] Buffer I/O error on dev loop4, logical block 57847, async page read [ 622.437615][T31499] syz.4.10701: attempt to access beyond end of device [ 622.437615][T31499] loop4: rw=0, sector=57847, nr_sectors = 1 limit=8192 [ 622.437657][T31499] Buffer I/O error on dev loop4, logical block 57847, async page read [ 622.459733][T31499] syz.4.10701: attempt to access beyond end of device [ 622.459733][T31499] loop4: rw=0, sector=57847, nr_sectors = 1 limit=8192 [ 622.464336][T31528] bond1: (slave veth3): Enslaving as an active interface with a down link [ 622.473310][T31499] syz.4.10701: attempt to access beyond end of device [ 622.473310][T31499] loop4: rw=0, sector=57847, nr_sectors = 1 limit=8192 [ 622.500650][T31525] bond1: (slave dummy0): making interface the new active one [ 622.510665][T31525] dummy0: entered promiscuous mode [ 622.516048][T31525] bond1: (slave dummy0): Enslaving as an active interface with an up link [ 622.545494][T31530] bond1 (unregistering): (slave veth3): Releasing active interface [ 622.555939][T31530] bond1 (unregistering): (slave dummy0): Releasing active interface [ 622.565791][T31530] bond1 (unregistering): Released all slaves [ 622.694309][T31538] netlink: 12 bytes leftover after parsing attributes in process `syz.0.10715'. [ 622.791260][T31549] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 622.799966][T31549] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 623.423635][T31606] netlink: 'syz.1.10744': attribute type 8 has an invalid length. [ 623.616750][T31612] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(5) [ 623.623390][T31612] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus) [ 623.628853][T31616] batadv0: entered promiscuous mode [ 623.631810][T31612] vhci_hcd vhci_hcd.0: Device attached [ 623.647846][T31615] batadv0: left promiscuous mode [ 623.678774][T31612] netlink: 7 bytes leftover after parsing attributes in process `syz.4.10742'. [ 623.751134][T31621] loop0: detected capacity change from 0 to 512 [ 623.768066][T31621] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended [ 623.791008][T31621] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4193: comm syz.0.10748: Allocating blocks 41-42 which overlap fs metadata [ 623.819949][T31621] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4193: comm syz.0.10748: Allocating blocks 41-42 which overlap fs metadata [ 623.851153][T31621] EXT4-fs error (device loop0): ext4_acquire_dquot:6945: comm syz.0.10748: Failed to acquire dquot type 1 [ 623.900435][T31621] EXT4-fs error (device loop0): mb_free_blocks:2017: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt. [ 623.957028][ T36] usb 10-1: SetAddress Request (2) to port 0 [ 623.984408][ T36] usb 10-1: new SuperSpeed USB device number 2 using vhci_hcd [ 623.994182][T31621] EXT4-fs error (device loop0): ext4_do_update_inode:5632: inode #12: comm syz.0.10748: corrupted inode contents [ 623.995289][T31636] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 624.013818][T31621] EXT4-fs error (device loop0): ext4_dirty_inode:6517: inode #12: comm syz.0.10748: mark_inode_dirty error [ 624.031038][T31621] EXT4-fs error (device loop0): ext4_do_update_inode:5632: inode #12: comm syz.0.10748: corrupted inode contents [ 624.042881][T31636] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 624.050040][T31621] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #12: comm syz.0.10748: mark_inode_dirty error [ 624.064398][T31621] EXT4-fs error (device loop0): ext4_do_update_inode:5632: inode #12: comm syz.0.10748: corrupted inode contents [ 624.076778][T31621] EXT4-fs error (device loop0) in ext4_orphan_del:301: Corrupt filesystem [ 624.085638][T31621] EXT4-fs error (device loop0): ext4_do_update_inode:5632: inode #12: comm syz.0.10748: corrupted inode contents [ 624.098019][T31621] EXT4-fs error (device loop0): ext4_truncate:4637: inode #12: comm syz.0.10748: mark_inode_dirty error [ 624.109858][T31621] EXT4-fs error (device loop0) in ext4_process_orphan:343: Corrupt filesystem [ 624.119096][T31621] EXT4-fs (loop0): 1 truncate cleaned up [ 624.125079][T31621] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 624.138089][ T29] kauditd_printk_skb: 1048 callbacks suppressed [ 624.138113][ T29] audit: type=1326 audit(1764469464.157:88235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31620 comm="syz.0.10748" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f485b86df90 code=0x7ffc0000 [ 624.171868][T31613] vhci_hcd: connection reset by peer [ 624.173882][ T29] audit: type=1326 audit(1764469464.157:88236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31620 comm="syz.0.10748" exe="/root/syz-executor" sig=0 arch=c000003e syscall=80 compat=0 ip=0x7f485b86e497 code=0x7ffc0000 [ 624.186547][T13270] vhci_hcd: stop threads [ 624.201402][ T29] audit: type=1326 audit(1764469464.157:88237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31620 comm="syz.0.10748" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f485b86df90 code=0x7ffc0000 [ 624.205564][T13270] vhci_hcd: release socket [ 624.205609][T13270] vhci_hcd: disconnect device [ 624.229800][ T29] audit: type=1326 audit(1764469464.157:88238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31620 comm="syz.0.10748" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f485b86f749 code=0x7ffc0000 [ 624.240739][T31638] 9pnet_virtio: no channels available for device syz [ 624.262617][ T29] audit: type=1326 audit(1764469464.157:88239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31620 comm="syz.0.10748" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f485b86f749 code=0x7ffc0000 [ 624.292965][ T29] audit: type=1326 audit(1764469464.157:88240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31620 comm="syz.0.10748" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f485b86f749 code=0x7ffc0000 [ 624.316699][ T29] audit: type=1326 audit(1764469464.157:88241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31620 comm="syz.0.10748" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f485b86f749 code=0x7ffc0000 [ 624.340475][ T29] audit: type=1326 audit(1764469464.157:88242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31620 comm="syz.0.10748" exe="/root/syz-executor" sig=0 arch=c000003e syscall=104 compat=0 ip=0x7f485b86f749 code=0x7ffc0000 [ 624.364221][ T29] audit: type=1326 audit(1764469464.157:88243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31620 comm="syz.0.10748" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f485b86f749 code=0x7ffc0000 [ 624.388052][ T29] audit: type=1326 audit(1764469464.157:88244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31620 comm="syz.0.10748" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f485b86f749 code=0x7ffc0000 [ 624.413074][T26442] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 624.606579][T31657] tmpfs: Bad value for 'mpol' [ 624.888597][T31678] 9pnet_virtio: no channels available for device syz [ 624.945968][T31684] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 624.961639][T31684] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 625.002655][T31688] netlink: 12 bytes leftover after parsing attributes in process `syz.2.10776'. [ 625.043739][T31691] bridge_slave_0: left allmulticast mode [ 625.049548][T31691] bridge_slave_0: left promiscuous mode [ 625.055381][T31691] bridge0: port 1(bridge_slave_0) entered disabled state [ 625.065442][T26872] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 625.066364][T31691] bridge_slave_1: left allmulticast mode [ 625.080649][T31691] bridge_slave_1: left promiscuous mode [ 625.086440][T31691] bridge0: port 2(bridge_slave_1) entered disabled state [ 625.102580][T31691] bond0: (slave bond_slave_0): Releasing backup interface [ 625.117479][T31691] bond0: (slave bond_slave_1): Releasing backup interface [ 625.117834][T31694] netlink: 12 bytes leftover after parsing attributes in process `syz.3.10778'. [ 625.143337][T31691] team0: Port device team_slave_0 removed [ 625.161922][T31691] team0: Port device team_slave_1 removed [ 625.169281][T31691] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 625.176707][T31691] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 625.186290][T31691] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 625.193775][T31691] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 625.204292][T31691] net_ratelimit: 2 callbacks suppressed [ 625.204308][T31691] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check. [ 625.228543][T31692] team0: Mode changed to "loadbalance" [ 625.239986][T31696] veth0_vlan: left promiscuous mode [ 625.248548][T31696] vlan0: entered promiscuous mode [ 625.253606][T31696] veth0_vlan: entered promiscuous mode [ 625.272204][T31696] team0: Port device vlan0 added [ 625.296115][T31698] tipc: Enabled bearer , priority 0 [ 625.708244][T31737] 9pnet_virtio: no channels available for device syz [ 625.868771][T31756] syzkaller0: entered promiscuous mode [ 625.874344][T31756] syzkaller0: entered allmulticast mode [ 626.256980][T31784] netlink: 'syz.2.10815': attribute type 9 has an invalid length. [ 626.256999][T31784] netlink: 'syz.2.10815': attribute type 6 has an invalid length. [ 626.257081][T31784] netlink: 'syz.2.10815': attribute type 7 has an invalid length. [ 626.257096][T31784] netlink: 'syz.2.10815': attribute type 8 has an invalid length. [ 627.325711][T31830] bridge0: port 2(bridge_slave_1) entered disabled state [ 627.333132][T31830] bridge0: port 1(bridge_slave_0) entered disabled state [ 627.382944][T31830] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 627.394229][T31830] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 627.442668][ T6570] netdevsim netdevsim4 eth0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 627.451287][ T6570] netdevsim netdevsim4 eth1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 627.459827][ T6570] netdevsim netdevsim4 eth2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 627.460262][T31804] 9pnet_fd: p9_fd_create_tcp (31804): problem connecting socket to 127.0.0.1 [ 627.468606][ T6570] netdevsim netdevsim4 eth3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 627.725942][T31882] tipc: Enabled bearer , priority 0 [ 627.734088][T31882] syzkaller0: entered promiscuous mode [ 627.739707][T31882] syzkaller0: entered allmulticast mode [ 627.752860][T31882] tipc: Resetting bearer [ 627.768516][T31881] tipc: Resetting bearer [ 627.784465][T31881] tipc: Disabling bearer [ 628.144295][T31903] program syz.2.10865 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 629.107038][ T36] usb 10-1: device descriptor read/8, error -110 [ 629.221197][ T36] usb 10-1: new SuperSpeed USB device number 2 using vhci_hcd [ 629.246930][ T36] usb 10-1: enqueue for inactive port 0 [ 629.266137][ T36] usb 10-1: enqueue for inactive port 0 [ 629.291115][ T36] usb 10-1: enqueue for inactive port 0 [ 629.585686][ T29] kauditd_printk_skb: 658 callbacks suppressed [ 629.585707][ T29] audit: type=1400 audit(1764469469.597:88903): avc: denied { name_connect } for pid=31935 comm="syz.3.10879" dest=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=sctp_socket permissive=1 [ 630.320216][ T36] usb usb10-port1: attempt power cycle [ 630.334635][T31992] loop4: detected capacity change from 0 to 8 [ 630.380405][ C0] invalid error, dev loop4, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 2 [ 630.390243][ C0] buffer_io_error: 5040 callbacks suppressed [ 630.390262][ C0] Buffer I/O error on dev loop4, logical block 0, lost async page write [ 630.413355][ C0] invalid error, dev loop4, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 2 [ 630.423192][ C0] Buffer I/O error on dev loop4, logical block 0, lost async page write [ 630.484338][ T29] audit: type=1400 audit(1764469470.497:88904): avc: denied { bind } for pid=32003 comm="syz.2.10908" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 630.553210][T32014] netlink: 28 bytes leftover after parsing attributes in process `syz.4.10912'. [ 630.562444][T32014] netlink: 'syz.4.10912': attribute type 7 has an invalid length. [ 630.570437][T32014] netlink: 'syz.4.10912': attribute type 8 has an invalid length. [ 630.578427][T32014] netlink: 4 bytes leftover after parsing attributes in process `syz.4.10912'. [ 630.608097][T32014] ip6gretap0: entered promiscuous mode [ 630.623344][T32014] syz_tun: entered promiscuous mode [ 630.629044][T32020] tipc: Can't bind to reserved service type 2 [ 630.637918][T32014] erspan0: entered promiscuous mode [ 630.648432][T32014] hsr1: Slave A (ip6gretap0) is not up; please bring it up to get a fully working HSR network [ 630.658901][T32014] hsr1: Slave B (syz_tun) is not up; please bring it up to get a fully working HSR network [ 630.669191][T32014] hsr1: Interlink (erspan0) is not up; please bring it up to get a fully working HSR network [ 630.771604][T32033] loop4: detected capacity change from 0 to 8 [ 630.831381][ C0] invalid error, dev loop4, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 2 [ 630.841231][ C0] Buffer I/O error on dev loop4, logical block 0, lost async page write [ 630.860840][ C1] invalid error, dev loop4, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 2 [ 630.871105][ C1] Buffer I/O error on dev loop4, logical block 0, lost async page write [ 631.027290][T32049] vlan0: entered promiscuous mode [ 631.051192][T32049] team0: Port device vlan0 added [ 632.081545][T32152] netem: change failed [ 632.103873][T32156] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 632.113447][T32156] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 632.137225][ T36] usb usb10-port1: unable to enumerate USB device [ 632.337343][T32156] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 632.356064][ T29] audit: type=1326 audit(1764469472.347:88905): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32124 comm="syz.1.10963" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e51aff749 code=0x7ffc0000 [ 632.379904][ T29] audit: type=1326 audit(1764469472.347:88906): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32124 comm="syz.1.10963" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e51aff749 code=0x7ffc0000 [ 632.403606][ T29] audit: type=1326 audit(1764469472.347:88907): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32124 comm="syz.1.10963" exe="/root/syz-executor" sig=0 arch=c000003e syscall=435 compat=0 ip=0x7f6e51aff749 code=0x7ffc0000 [ 632.427363][ T29] audit: type=1326 audit(1764469472.367:88908): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32124 comm="syz.1.10963" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e51aff749 code=0x7ffc0000 [ 632.451155][ T29] audit: type=1326 audit(1764469472.367:88909): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32166 comm="syz.1.10963" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f6e51b32005 code=0x7ffc0000 [ 632.474892][ T29] audit: type=1326 audit(1764469472.367:88910): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32124 comm="syz.1.10963" exe="/root/syz-executor" sig=0 arch=c000003e syscall=438 compat=0 ip=0x7f6e51aff749 code=0x7ffc0000 [ 632.475227][T32156] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 632.498670][ T29] audit: type=1326 audit(1764469472.367:88911): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32124 comm="syz.1.10963" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e51aff749 code=0x7ffc0000 [ 632.530112][ T29] audit: type=1326 audit(1764469472.367:88912): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32124 comm="syz.1.10963" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e51aff749 code=0x7ffc0000 [ 632.867928][T32178] tipc: Resetting bearer [ 632.979611][ T60] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 633.010036][ T60] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 633.039189][T32193] macsec0: entered promiscuous mode [ 633.044645][T32193] macsec0: entered allmulticast mode [ 633.050002][T32193] veth1_macvtap: entered allmulticast mode [ 633.080232][ T60] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 633.098406][ T60] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 633.203721][T32200] tipc: Started in network mode [ 633.208793][T32200] tipc: Node identity 36d7bfe1341b, cluster identity 4711 [ 633.215989][T32200] tipc: Enabled bearer , priority 0 [ 633.253544][T32210] syzkaller0: entered promiscuous mode [ 633.259311][T32210] syzkaller0: entered allmulticast mode [ 633.300330][T32199] tipc: Resetting bearer [ 633.327225][T32199] tipc: Disabling bearer [ 633.727023][T32271] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(5) [ 633.733703][T32271] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus) [ 633.742021][T32271] vhci_hcd vhci_hcd.0: Device attached [ 634.026965][ T36] usb 10-1: SetAddress Request (6) to port 0 [ 634.045750][ T36] usb 10-1: new SuperSpeed USB device number 6 using vhci_hcd [ 634.287003][T32272] vhci_hcd: connection reset by peer [ 634.292675][ T52] vhci_hcd: stop threads [ 634.297164][ T52] vhci_hcd: release socket [ 634.301672][ T52] vhci_hcd: disconnect device [ 635.491236][T32328] syzkaller0: entered promiscuous mode [ 635.497042][T32328] syzkaller0: entered allmulticast mode [ 635.586744][T32331] xt_TPROXY: Can be used only with -p tcp or -p udp [ 635.965094][T32354] batman_adv: batadv0: Interface deactivated: veth1_vlan [ 636.022149][ T60] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 636.043974][ T60] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 636.070238][ T60] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 636.094756][ T60] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 636.200677][T32366] netlink: 24 bytes leftover after parsing attributes in process `syz.0.11064'. [ 636.235269][T32366] netlink: 4 bytes leftover after parsing attributes in process `syz.0.11064'. [ 636.318808][T32379] netlink: 24 bytes leftover after parsing attributes in process `syz.4.11060'. [ 636.361445][ T29] kauditd_printk_skb: 4 callbacks suppressed [ 636.361475][ T29] audit: type=1400 audit(1764469476.377:88917): avc: denied { append } for pid=32380 comm="syz.3.11071" name="loop5" dev="devtmpfs" ino=105 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 636.493575][T32387] netlink: 8 bytes leftover after parsing attributes in process `syz.0.11074'. [ 636.698780][ T29] audit: type=1400 audit(1764469476.697:88918): avc: denied { getopt } for pid=32410 comm="syz.2.11085" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 636.895199][ T29] audit: type=1400 audit(1764469476.907:88919): avc: denied { setopt } for pid=32421 comm="syz.0.11089" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 637.202822][T32436] team0: Device vlan0 failed to change mtu [ 637.341834][T32444] tipc: Enabled bearer , priority 0 [ 637.381770][T32444] syzkaller0: entered promiscuous mode [ 637.387457][T32444] syzkaller0: entered allmulticast mode [ 637.408844][T32443] tipc: Resetting bearer [ 637.417100][ T9] ================================================================== [ 637.425324][ T9] BUG: KCSAN: data-race in kick_pool / wq_worker_running [ 637.432357][ T9] [ 637.434676][ T9] read-write to 0xffff888237d29de4 of 4 bytes by task 23 on cpu 1: [ 637.442566][ T9] wq_worker_running+0x95/0x120 [ 637.447433][ T9] schedule_timeout+0xb7/0x170 [ 637.452203][ T9] msleep+0x50/0x90 [ 637.456024][ T9] nsim_fib_event_work+0x3e5a/0x4790 [ 637.461330][ T9] process_scheduled_works+0x4ce/0x9d0 [ 637.466814][ T9] worker_thread+0x582/0x770 [ 637.471445][ T9] kthread+0x489/0x510 [ 637.475542][ T9] ret_from_fork+0x122/0x1b0 [ 637.480172][ T9] ret_from_fork_asm+0x1a/0x30 [ 637.484949][ T9] [ 637.487323][ T9] read to 0xffff888237d29de4 of 4 bytes by task 9 on cpu 0: [ 637.494618][ T9] kick_pool+0x49/0x2d0 [ 637.498787][ T9] __queue_work+0x8cb/0xb50 [ 637.503293][ T9] queue_work_on+0xd1/0x160 [ 637.507811][ T9] wg_packet_encrypt_worker+0xc0a/0xe10 [ 637.513404][ T9] process_scheduled_works+0x4ce/0x9d0 [ 637.519003][ T9] worker_thread+0x582/0x770 [ 637.523599][ T9] kthread+0x489/0x510 [ 637.527666][ T9] ret_from_fork+0x122/0x1b0 [ 637.532255][ T9] ret_from_fork_asm+0x1a/0x30 [ 637.537023][ T9] [ 637.539358][ T9] value changed: 0x00000000 -> 0x00000001 [ 637.545127][ T9] [ 637.547447][ T9] Reported by Kernel Concurrency Sanitizer on: [ 637.553594][ T9] CPU: 0 UID: 0 PID: 9 Comm: kworker/0:0 Not tainted syzkaller #0 PREEMPT(voluntary) [ 637.563194][ T9] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 637.573339][ T9] Workqueue: wg-crypt-wg0 wg_packet_encrypt_worker [ 637.579942][ T9] ================================================================== [ 637.653170][T32443] tipc: Disabling bearer [ 639.096964][ T36] usb 10-1: device descriptor read/8, error -110 [ 639.206957][ T36] usb 10-1: new SuperSpeed USB device number 6 using vhci_hcd [ 639.226967][ T36] usb 10-1: enqueue for inactive port 0 [ 639.232606][ T36] usb 10-1: enqueue for inactive port 0 [ 639.238345][ T36] usb 10-1: enqueue for inactive port 0 [ 640.267120][ T36] usb usb10-port1: attempt power cycle [ 642.097165][ T36] usb usb10-port1: unable to enumerate USB device