last executing test programs: 2.483256991s ago: executing program 3 (id=1684): r0 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x1, &(0x7f0000000480)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) futex_waitv(&(0x7f0000001080)=[{0x3, &(0x7f0000001040)=0x3, 0x82}], 0x1, 0x0, 0x0, 0x1) r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB, @ANYRES32=r1, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000280)='sched_switch\x00', r2}, 0x18) 2.38855072s ago: executing program 4 (id=1689): r0 = socket(0x2a, 0x2, 0x0) sendmsg$TIPC_NL_LINK_GET(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000280)={0x0, 0x24}}, 0x0) getsockname$packet(r0, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000900)=0x14) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000040)=@newtfilter={0x44, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {0xfffa, 0xffe0}, {}, {0x1c, 0xfff9}}, [@filter_kind_options=@f_flower={{0xb}, {0x14, 0x2, [@TCA_FLOWER_KEY_ETH_TYPE={0x6, 0x8, 0x8847}, @TCA_FLOWER_KEY_MPLS_LABEL={0x8}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x81}, 0x24004000) r2 = socket$netlink(0x10, 0x3, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xe, 0x0, 0x0, &(0x7f0000000080)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x6}, 0x94) sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0) 2.311215547s ago: executing program 4 (id=1692): r0 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) pipe2(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) splice(r3, 0x0, r2, 0x0, 0x6, 0x0) pipe2$9p(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) tee(r1, r4, 0x4e, 0x7) 1.976280748s ago: executing program 2 (id=1696): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b705000008000000850000006900000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000280)='mm_page_free\x00', r1, 0x0, 0x800000000000002}, 0x18) bpf$MAP_CREATE(0x0, 0x0, 0x48) r2 = gettid() process_vm_writev(r2, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0x7ffff000}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0) sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) 1.807818353s ago: executing program 2 (id=1697): r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000000001600000000000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000000000000850000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) syz_clone(0x26801000, 0x0, 0x0, 0x0, 0x0, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) r1 = syz_io_uring_setup(0x512b, &(0x7f0000000180)={0x0, 0xcc19, 0x130c8, 0x400006, 0x20e}, &(0x7f0000000240), &(0x7f0000000140)) io_uring_register$IORING_REGISTER_RESTRICTIONS(r1, 0xb, &(0x7f00000002c0), 0x0) 1.697533143s ago: executing program 2 (id=1700): perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x63, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2, @perf_bp={0x0}, 0x0, 0x0, 0x800000, 0x6, 0x2, 0xcb, 0xffff, 0x0, 0x0, 0x0, 0xbf}, 0x0, 0xfff8000000000001, 0xffffffffffffffff, 0x1) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000003940)=ANY=[@ANYBLOB="210000000000000000000000000010000004"], 0x48) mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x200000a, 0x13, r0, 0x0) r1 = gettid() pipe(&(0x7f00000004c0)={0xffffffffffffffff, 0xffffffffffffffff}) write$P9_RGETLOCK(r2, &(0x7f00000002c0)=ANY=[], 0x200002e6) fcntl$setpipe(r2, 0x407, 0x7000000) process_vm_writev(r1, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0x7ffff000}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0) 1.612341021s ago: executing program 3 (id=1703): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000f9000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='net_dev_xmit\x00', r1}, 0x10) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='net_dev_xmit\x00', r2}, 0x10) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000640)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd020f4c0c8c56147d66527da307bf731fef97861750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3665f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fff0d7216fdb0d3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447c2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2acb72e7ead0509d380578673f8b6e74ce23877a6b24db0000000000000003629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d7b90dfae158b94f50adab988dd8e12b1b56073d0d10f7067c881434af5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a331bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf77bfc95769a9294df517d90bdc01e73835efd98ad5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b31592479ecf2392548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4e62b445c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708194cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbe1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5646ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4766e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec859c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f250057931d828ec78e116ae46c4897e2795b6ff92e9a1f63a6ed8fb4f8f3a6ec4e76f8621e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403f02734137ff47257f164391c673b6071b6ad0f05eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb79f5589829b6b0679b5d65a81826fc9b38f791c8f1892b51ad65a89bc84646ebf78f5d5d4804d9abb071fd711b5e7cc163b42a6510b8f5ee6747df0b560eabe0499bf1fef7c18bb9f55effa018679845c6598fb78bf1b8d9d9f04a5f6062c2bbb91952755b3f7c948268cb647d0a0bb1286480615941154a01d23734bcafe3b164474e2f2efa77850686ee4541f3e79efa63545a7ae53d5f0c40cc86473f7eb093980bd0d97bb4750128d9c519984c5f731ea259e71b2f12d67ce12e52c283e74594dfc933e625737ed231d61263721d46daf093f770357cd78fe1431aef52b4a0a933f1a5334ad03f3876fc8a8e187f80318427b4c922075cf829e3cc49d71d52137b48e1fb6b05dd1c7b251a7059f0a4b4f3431f67fc65b75c202e43816e34ff41db85bacd77b25242830b788ae1e00"/2566], &(0x7f0000000340)='syzkaller\x00'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r3, 0x18000000000002a0, 0xe40, 0x0, &(0x7f0000000100)="b9ff03076844268cb89e14f005dd1be0ffff00fe3a21632f77fbac14141de007031762079f4b4d2f87e5feca6aab845013f2325f1a3901050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0x8, 0x60000000}, 0x1e) 1.574533605s ago: executing program 3 (id=1704): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x318}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000003940)=ANY=[@ANYBLOB="210000000000000000000000000010000004"], 0x48) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x3000003, 0x13, r2, 0x0) syz_clone(0x26801000, 0x0, 0x0, 0x0, 0x0, 0x0) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0) 1.492730862s ago: executing program 4 (id=1707): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x18, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000000000000000000ff000000850000000e000000c500000001f0ffff95"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000000)='kmem_cache_free\x00', r0, 0x0, 0xfffffffffffffffc}, 0x18) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x50) r4 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0xe, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="18020000801000000000000004000000850000000e00000095"], &(0x7f0000000000)='syzkaller\x00', 0x1, 0x0, 0x0, 0x40f00}, 0x94) bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r3, r4, 0x5}, 0x10) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000740)={{r3}, &(0x7f00000006c0), &(0x7f0000000700)=r2}, 0x20) sendmsg$inet(r1, &(0x7f0000000980)={0x0, 0x6000, &(0x7f0000000900)=[{&(0x7f0000000640)='U', 0xa00120}], 0x1}, 0x3) 1.347528355s ago: executing program 3 (id=1709): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x800, 0x0, 0x0, 0x0, 0x18, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x200a}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1, 0x0, 0x1000000000000008}, 0x18) r2 = socket$rds(0x15, 0x5, 0x0) bind$rds(r2, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10) sendmsg$rds(r2, &(0x7f0000000040)={&(0x7f00000005c0)={0x2, 0x4, @rand_addr=0x64010101}, 0x10, 0x0, 0x0, &(0x7f0000000100)=[@rdma_map={0x30, 0x114, 0x3, {{0x0}, 0x0, 0x1d}}], 0x30, 0x4000000}, 0x0) 1.317040838s ago: executing program 3 (id=1711): bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x10) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xc, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x3ff}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000f00)='kfree\x00', r1, 0x0, 0x4}, 0x18) pipe2$9p(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x800) mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f0000000040), 0x200080, &(0x7f0000000700)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@version_9p2000}]}}) 1.284307992s ago: executing program 4 (id=1712): bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0) r0 = socket(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000240)={0x0, 0xfffffffffffffe2b, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="180000001600010a"], 0x78}, 0x1, 0x0, 0x0, 0x8000}, 0x0) recvmmsg(r0, &(0x7f0000002a40)=[{{0x0, 0x0, 0x0}, 0x9}], 0x1, 0x40002000, 0x0) r1 = socket$igmp(0x2, 0x3, 0x2) setsockopt$MRT_ADD_VIF(r1, 0x0, 0xca, &(0x7f0000000140)={0x0, 0x1, 0x0, 0x0, @vifc_lcl_addr=@rand_addr=0xc0586300, @private=0xffffffff}, 0x10) recvmmsg(r0, &(0x7f0000002840)=[{{0x0, 0x0, 0x0}, 0xe}], 0x1, 0x60, 0x0) 1.222334307s ago: executing program 4 (id=1714): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=") r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x4040, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1202, 0x0) write(r1, &(0x7f0000004200)='t', 0x1) sendfile(r1, r0, 0x0, 0x3ffff) sendfile(r1, r0, 0x0, 0x7ffff000) 1.213622408s ago: executing program 2 (id=1715): bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x1e, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0xae, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x24, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r0}, 0x10) unshare(0x68040200) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0xfdffa000) bpf$PROG_LOAD(0x5, 0x0, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) getsockopt$IP6T_SO_GET_INFO(r1, 0x29, 0x40, &(0x7f0000000500)={'security\x00', 0x0, [0x5, 0x8, 0x20000004, 0x3, 0x4]}, &(0x7f0000000040)=0x54) 1.171455542s ago: executing program 3 (id=1716): timer_create(0x0, &(0x7f0000000000)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=0x0) fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5}) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) timer_settime(r0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0) mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0xd3283d0368e269b3, 0x8031, 0xffffffffffffffff, 0x0) mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0) open$dir(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) open$dir(&(0x7f0000000100)='./file0\x00', 0x0, 0x0) 1.072378941s ago: executing program 1 (id=1717): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000010c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x10, &(0x7f0000000d40)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f00000007c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000000)='kfree\x00', r1}, 0x10) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="4c00000002060101000000000000000000000000050005000a0000000500010007007c4505000400030000000900020073797a310000000011000300686173683a6e65742c6e6574"], 0x4c}, 0x1, 0x0, 0x0, 0x4040000}, 0x0) sendmsg$IPSET_CMD_TEST(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="640000000906010800000000000000000600000505000100070000003c0007801800148014000240fc0000000000000000000000000000011800018014000240ff01000000000000000000000000000105000300070000000900020073797a31"], 0x64}}, 0x4800) sendmsg$IPSET_CMD_DESTROY(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000007c0)=ANY=[@ANYBLOB="1c0000000306010200000000000000000700000a0500010007"], 0x1c}, 0x1, 0x0, 0x0, 0x4000000}, 0x40814) 997.937968ms ago: executing program 1 (id=1718): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70300001c000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='kfree\x00', r1, 0x0, 0x2}, 0x18) r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0006}]}) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000640)=ANY=[@ANYBLOB="14000000100001000c000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x44051}, 0x0) sendmsg$NFT_BATCH(r3, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000006000000500000a3c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc4c0000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a310000000020000380100000800c00018006000100d10300000c000080080003400000000214000000110001"], 0xb0}}, 0x40) close_range(r2, 0xffffffffffffffff, 0x0) 927.606284ms ago: executing program 1 (id=1720): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x318}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000003940)=ANY=[@ANYBLOB="210000000000000000000000000010000004"], 0x48) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x3000003, 0x13, r2, 0x0) syz_clone(0x26801000, 0x0, 0x0, 0x0, 0x0, 0x0) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0) 529.584351ms ago: executing program 2 (id=1723): r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0) fcntl$setlease(r0, 0x400, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000660000000000"], 0x0, 0x7ff}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='leases_conflict\x00', r2}, 0x55) openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0) 472.360686ms ago: executing program 2 (id=1724): socket$nl_route(0x10, 0x3, 0x0) r0 = gettid() sendmsg$IPCTNL_MSG_EXP_DELETE(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000580)={&(0x7f0000000840)=ANY=[@ANYBLOB], 0x1f4}, 0x1, 0x0, 0x0, 0x800}, 0x844) timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r1, 0x0, r2, 0x0, 0x7, 0x9) 444.920859ms ago: executing program 0 (id=1725): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f0000003580)=[{{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000380)="a1", 0x1}], 0x1, &(0x7f0000000800)=ANY=[@ANYBLOB="14000000000000000100000001000000", @ANYRES32=r0, @ANYBLOB="0000000014"], 0x30, 0x40400d1}}], 0x1, 0x810) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x8ff20c2c10f0093d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x10) pipe(&(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r0, 0x0, r4, 0x0, 0xa85, 0xf) 431.66796ms ago: executing program 1 (id=1727): r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x101, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}, 0x11c167, 0x0, 0xfffffffa, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x17, 0x2000000000000242, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r2}, 0x10) rename(0x0, 0x0) 371.195655ms ago: executing program 1 (id=1728): bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="10000000040000000800000005"], 0x48) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000b703000000000000850000003300000095"], &(0x7f0000000780)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000008c0)={{r0}, &(0x7f0000000840), &(0x7f0000000880)=r1}, 0x20) r2 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'syz_tun\x00', 0x0}) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r1, r3, 0x25, 0x2, @void}, 0x10) syz_emit_ethernet(0x108, &(0x7f0000000000)=ANY=[], 0x0) 338.382798ms ago: executing program 0 (id=1729): r0 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'syz_tun\x00', 0x0}) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000780)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x50) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xd, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000bc00000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000400850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000340)={{r2}, &(0x7f00000001c0), &(0x7f0000000300)=r3}, 0x20) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000004c0)={r2, &(0x7f0000000580)="00a352d6", &(0x7f0000000480)=@tcp6=r2}, 0x20) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000900)={r3, r1, 0x25, 0x0, @void}, 0x7f) syz_emit_ethernet(0xfdef, &(0x7f0000000440)=ANY=[], 0x0) 325.42191ms ago: executing program 1 (id=1730): openat$dir(0xffffffffffffff9c, 0x0, 0x101000, 0x108) pselect6(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000010c0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x50) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{r1}, &(0x7f0000000200), &(0x7f0000000280)=r2}, 0x20) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r2, 0x0, 0x4}, 0x18) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x20, 0x1, 0x1, 0x301, 0x0, 0x0, {0xa}, [@CTA_FILTER={0xc, 0x19, 0x0, 0x1, [@CTA_FILTER_ORIG_FLAGS={0x8, 0x1, 0xc65}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x8000850}, 0x20040040) 280.278104ms ago: executing program 0 (id=1731): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4) sendmsg$inet(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000440)=[{&(0x7f00000002c0)="dfcfe9", 0x3}], 0x1}, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'erspan0\x00', 0x0}) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r2, &(0x7f0000000140)=ANY=[], 0x32600) mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x2000001, 0x12, r2, 0x0) sendto$packet(r0, &(0x7f0000000180)="d7cb96caa7a0b9f409b1", 0xa, 0x0, &(0x7f00000020c0)={0x11, 0x0, r1}, 0x14) 222.546249ms ago: executing program 0 (id=1732): r0 = socket(0xa, 0x1, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000040)=0x9, 0x4) bind$inet6(r0, &(0x7f0000000080)={0xa, 0xe64, 0x8, @ipv4={'\x00', '\xff\xff', @loopback}, 0x202}, 0x1c) r1 = socket(0xa, 0x1, 0x0) setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f0000000040)=0x9, 0x4) bind$inet6(r1, &(0x7f0000000480)={0xa, 0xe64, 0x1, @ipv4={'\x00', '\xff\xff', @loopback}, 0x2}, 0x1c) r2 = socket$netlink(0x10, 0x3, 0x4) writev(r2, &(0x7f0000000000)=[{&(0x7f0000000440)="580000001400192340834b80040d8c560a067fbc45ff810500400000070058000b480400945f640094272d7061d328b92d0000000000008000f0fffeffe809000000fff5dd00000010000100040808004149004001040800", 0x58}], 0x1) 147.138426ms ago: executing program 0 (id=1733): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000e80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10) r2 = socket$tipc(0x1e, 0x5, 0x0) r3 = socket$tipc(0x1e, 0x5, 0x0) bind$tipc(r3, &(0x7f0000000340)=@nameseq={0x1e, 0x1, 0x3, {0x43}}, 0x10) setsockopt$TIPC_GROUP_JOIN(r3, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x4, 0x3, 0x3}, 0x10) setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000380)={0x43, 0x4, 0x3, 0x3}, 0x10) 116.271809ms ago: executing program 0 (id=1734): r0 = syz_io_uring_setup(0x4e0, &(0x7f00000000c0)={0x0, 0x79ae, 0x3180, 0x8000, 0x400252}, &(0x7f0000000640)=0x0, &(0x7f0000000340)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000010000000000000000030097850000007b00000095"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x29, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x9}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000000c0)='sched_switch\x00', r3}, 0x10) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000500)=@IORING_OP_MKDIRAT={0x25, 0x17, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1f, 0x0, 0xf9b7a26b18f77d51}) io_uring_enter(r0, 0x627, 0x4c1, 0x43, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_FILES(r0, 0x3, 0x0, 0x0) 0s ago: executing program 4 (id=1735): bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x1e, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0xae, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7ffd}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x12, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x26) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r0}, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0xa007ca, &(0x7f00000002c0)={[{@nojournal_checksum}, {@journal_dev={'journal_dev', 0x3d, 0xff}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x58}}, {@nouid32}, {@resgid}, {@acl}, {@init_itable_val={'init_itable', 0x3d, 0x8d55}}]}, 0x0, 0x483, &(0x7f0000001040)="$eJzs28tvVNUfAPDvvX0APx7tD/EBolaJSaOxpQWVhRuNJsZgNNEFLms7kIaBGlqNIJFiDG5MDImujUujf4E7Y2LUlYlb3bgyJETZALqpuXfuLdNpp1A6ZWrn80lue869Z+ac79zXuefMBNCxBrI/ScS2iPg1Ivpq2YUFBmr/rl05O379ytnxJObmXvszyctdvXJ2vCxavm5rkRlMI9IPk6KShaZPnzk+Vq1WThX54ZkTbw1Pnz7zxDsnxo5VjlVOjh46dPDAyNNPjT7ZkjizuK7ueX9q7+4X37j48viRi2/++HXW3m3F9vo4WmUgC/yvuVzd6vxjerTVlbXZ9rp00t3GhrAiXRGR7a6e/Pzvi664sfP64oUP2to4YE1l96ZNzTfPzgEbWBLtbgHQHuWNPnv+LZc71PVYFy4/W3sAyuK+Viy1Ld2RFmV6Gp5vW2kgIo7M/v15tsQajUMAANT7ePyzw70R8d71r17K+h5981vSuCf//3v+d0cxh9IfEf+PiJ0RcVdE7IqIuyPysvdGxH2rbM/i/k96aZVvuays//dMMbe1sP9X9v6iv6vIbc/j70mOTlYr+4vPZDB6NmX5kWXq+Pb5Xz5ptq2+/5ctWf1lX7Box6XuhgG6ibGZsbxT2gKXz0fs6V4q/mR+JiCJiN0RsWdlb72jTEw+9uXeZoVuHv8yWjDPNPdFFt5sFv9sNMRfSurnJycXzU8Ob45qZf9weVQs9tPPF15tVv9AzN1+/C1wuRL/xMLjv7FIf1I/Xzu98jou/PZR02ea2zz+097k9XyeubdY9+7YzMypkYje5HCeX7B+9MZry3xZPjv+B/ctff7vLF6TxX9/RGQH8QMR8WBEPFS0/eGIeCQi9i0T/w/PNd9Wxh9pm/b/+YiJJa9/88d/w/5feaLr+PffNKv/1vb/wTw1WKzJr383sVRzsstFYwNX89kBAADAf0Wafwc+SYfm02k6NFT7Dv+u+F9anZqeefzo1NsnJ2rfle+PnrQc6eorxkOrk9XKSDJbvGNtfHS0GCsux0sPFOPGn3ZtyfND41PViTbHDp1ua5PzP/NHV7tbB6yxLUuuHe294w0B2qBxHj1dmD33SrgYwEbl99rQuZqf/5tjcXcA2Ejc/6FzLXX+n2vImwuAjcn9HzqX8x86VPpdu1sAtJH7P3Sk1fyufw0Tm9dHM9qTWK87JU9ElIl0XbRHYqWJLbdWuN1XJgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgNb4NwAA///Xm+pu") bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000300)='kmem_cache_free\x00'}, 0x18) r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[@ANYBLOB="020a000907000000000000000000000005001a"], 0x38}}, 0x40000) kernel console output (not intermixed with test programs): to 1024 [ 31.737116][ T3547] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 31.773738][ T3320] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 31.936077][ T3566] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 31.967738][ T3569] tipc: Started in network mode [ 31.972715][ T3569] tipc: Node identity ac14140f, cluster identity 4711 [ 31.980628][ T3569] tipc: New replicast peer: 255.255.255.255 [ 31.986891][ T3569] tipc: Enabled bearer , priority 10 [ 32.030127][ T3321] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 32.333684][ T3597] loop4: detected capacity change from 0 to 1024 [ 32.340879][ T3597] EXT4-fs: Ignoring removed orlov option [ 32.351522][ T3597] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 32.408332][ T3596] syz.2.38 (3596) used greatest stack depth: 10192 bytes left [ 32.430672][ T3600] EXT4-fs error (device loop4): ext4_iget_extra_inode:5073: inode #15: comm syz.4.39: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled [ 32.448909][ T3600] EXT4-fs (loop4): Remounting filesystem read-only [ 32.461518][ T3601] loop2: detected capacity change from 0 to 128 [ 32.553666][ T3321] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 32.559767][ T3603] loop1: detected capacity change from 0 to 8192 [ 32.580860][ T3566] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 32.600237][ T3601] syz.2.40: attempt to access beyond end of device [ 32.600237][ T3601] loop2: rw=2049, sector=169, nr_sectors = 8 limit=128 [ 32.613845][ T3601] syz.2.40: attempt to access beyond end of device [ 32.613845][ T3601] loop2: rw=2049, sector=185, nr_sectors = 16 limit=128 [ 32.629711][ T3601] syz.2.40: attempt to access beyond end of device [ 32.629711][ T3601] loop2: rw=2049, sector=209, nr_sectors = 8 limit=128 [ 32.663834][ T3601] syz.2.40: attempt to access beyond end of device [ 32.663834][ T3601] loop2: rw=2049, sector=225, nr_sectors = 8 limit=128 [ 32.679052][ T3601] syz.2.40: attempt to access beyond end of device [ 32.679052][ T3601] loop2: rw=2049, sector=241, nr_sectors = 8 limit=128 [ 32.695457][ T3601] syz.2.40: attempt to access beyond end of device [ 32.695457][ T3601] loop2: rw=2049, sector=257, nr_sectors = 8 limit=128 [ 32.709542][ T3601] syz.2.40: attempt to access beyond end of device [ 32.709542][ T3601] loop2: rw=2049, sector=273, nr_sectors = 8 limit=128 [ 32.739039][ T3601] syz.2.40: attempt to access beyond end of device [ 32.739039][ T3601] loop2: rw=2049, sector=289, nr_sectors = 8 limit=128 [ 32.762307][ T3601] syz.2.40: attempt to access beyond end of device [ 32.762307][ T3601] loop2: rw=2049, sector=305, nr_sectors = 8 limit=128 [ 32.776470][ T3601] syz.2.40: attempt to access beyond end of device [ 32.776470][ T3601] loop2: rw=2049, sector=321, nr_sectors = 8 limit=128 [ 33.110574][ T3486] tipc: Node number set to 2886997007 [ 33.201494][ T3636] capability: warning: `syz.4.54' uses 32-bit capabilities (legacy support in use) [ 33.732196][ T3566] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 33.818562][ T3566] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 33.935143][ T838] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 33.963217][ T838] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 33.965654][ T3691] loop4: detected capacity change from 0 to 164 [ 33.997714][ T838] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 34.015537][ T3691] Unable to read rock-ridge attributes [ 34.023817][ T1640] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 34.045346][ T3691] Unable to read rock-ridge attributes [ 34.103685][ T3703] netlink: 24 bytes leftover after parsing attributes in process `syz.1.71'. [ 34.570382][ T3174] IPVS: starting estimator thread 0... [ 34.641079][ T3741] netlink: 'syz.1.86': attribute type 3 has an invalid length. [ 34.649140][ T3741] netlink: 'syz.1.86': attribute type 3 has an invalid length. [ 34.664786][ T3739] IPVS: using max 2304 ests per chain, 115200 per kthread [ 35.140752][ T3769] netlink: 332 bytes leftover after parsing attributes in process `syz.1.97'. [ 35.647572][ T3790] Zero length message leads to an empty skb [ 35.749018][ T3794] loop4: detected capacity change from 0 to 8192 [ 35.769127][ T3784] Set syz1 is full, maxelem 65536 reached [ 35.843457][ T3798] netlink: 8 bytes leftover after parsing attributes in process `syz.2.112'. [ 36.051083][ T3857] netlink: 12 bytes leftover after parsing attributes in process `syz.2.116'. [ 36.147904][ T29] kauditd_printk_skb: 133 callbacks suppressed [ 36.147990][ T29] audit: type=1400 audit(1767119117.113:265): avc: denied { setopt } for pid=3858 comm="syz.4.117" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 36.239072][ T3861] loop4: detected capacity change from 0 to 512 [ 36.252090][ T3863] loop2: detected capacity change from 0 to 1024 [ 36.260413][ T3863] EXT4-fs: Ignoring removed orlov option [ 36.266406][ T3861] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -2 [ 36.279008][ T3863] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 36.298352][ T3861] EXT4-fs (loop4): 1 truncate cleaned up [ 36.327254][ T3861] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 36.569434][ T3321] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 36.654536][ T3329] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 36.979008][ T29] audit: type=1326 audit(1767119117.933:266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3886 comm="syz.2.127" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f05418665e7 code=0x7ffc0000 [ 37.002737][ T29] audit: type=1326 audit(1767119117.933:267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3886 comm="syz.2.127" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f054180b829 code=0x7ffc0000 [ 37.026376][ T29] audit: type=1326 audit(1767119117.933:268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3886 comm="syz.2.127" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f05418665e7 code=0x7ffc0000 [ 37.049662][ T29] audit: type=1326 audit(1767119117.933:269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3886 comm="syz.2.127" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f054180b829 code=0x7ffc0000 [ 37.073389][ T29] audit: type=1326 audit(1767119117.933:270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3886 comm="syz.2.127" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f054186f749 code=0x7ffc0000 [ 37.096713][ T29] audit: type=1326 audit(1767119117.933:271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3886 comm="syz.2.127" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f054186f749 code=0x7ffc0000 [ 37.120274][ T29] audit: type=1326 audit(1767119117.933:272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3886 comm="syz.2.127" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f054186f749 code=0x7ffc0000 [ 37.143874][ T29] audit: type=1326 audit(1767119117.933:273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3886 comm="syz.2.127" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f054186f749 code=0x7ffc0000 [ 37.167412][ T29] audit: type=1326 audit(1767119117.933:274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3886 comm="syz.2.127" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f054186f749 code=0x7ffc0000 [ 37.292267][ T3901] netlink: 4 bytes leftover after parsing attributes in process `syz.3.133'. [ 37.349797][ T3901] netlink: 4 bytes leftover after parsing attributes in process `syz.3.133'. [ 37.438922][ T3877] Set syz1 is full, maxelem 65536 reached [ 37.485635][ T3912] ip6gretap0: entered promiscuous mode [ 37.505495][ T3912] ip6gretap0: left promiscuous mode [ 37.577290][ T3898] loop2: detected capacity change from 0 to 32768 [ 37.625715][ T3898] loop2: p1 p2 p3 < > p4 < p5 p6 > [ 37.631357][ T3898] loop2: p1 start 460800 is beyond EOD, truncated [ 37.638235][ T3898] loop2: p2 size 83886080 extends beyond EOD, truncated [ 37.659194][ T3898] loop2: p5 start 460800 is beyond EOD, truncated [ 37.665921][ T3898] loop2: p6 size 83886080 extends beyond EOD, truncated [ 37.760745][ T3930] netlink: 'syz.1.146': attribute type 1 has an invalid length. [ 37.797584][ T3930] 8021q: adding VLAN 0 to HW filter on device batadv1 [ 37.806657][ T3930] bond1: (slave batadv1): making interface the new active one [ 37.926281][ T3579] udevd[3579]: inotify_add_watch(7, /dev/loop2p4, 10) failed: No such file or directory [ 37.937062][ T3311] udevd[3311]: inotify_add_watch(7, /dev/loop2p6, 10) failed: No such file or directory [ 37.952618][ T3930] bond1: (slave batadv1): Enslaving as an active interface with an up link [ 37.961940][ T3580] udevd[3580]: inotify_add_watch(7, /dev/loop2p2, 10) failed: No such file or directory [ 38.053936][ T3314] udevd[3314]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory [ 38.082978][ T3579] udevd[3579]: inotify_add_watch(7, /dev/loop2p4, 10) failed: No such file or directory [ 38.083026][ T3314] udevd[3314]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory [ 38.094341][ T3580] udevd[3580]: inotify_add_watch(7, /dev/loop2p2, 10) failed: No such file or directory [ 38.114545][ T3311] udevd[3311]: inotify_add_watch(7, /dev/loop2p6, 10) failed: No such file or directory [ 38.177434][ T3946] netlink: 24 bytes leftover after parsing attributes in process `syz.1.151'. [ 38.261009][ T3946] netlink: 8 bytes leftover after parsing attributes in process `syz.1.151'. [ 38.603415][ T3958] loop0: detected capacity change from 0 to 1024 [ 38.648331][ T3958] EXT4-fs: Ignoring removed orlov option [ 38.746094][ T3958] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 38.923465][ T3968] loop3: detected capacity change from 0 to 1024 [ 38.993320][ T3968] EXT4-fs: Ignoring removed bh option [ 39.047994][ T3968] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 39.093063][ T3326] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 39.141302][ T3323] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 39.524985][ T3995] SELinux: failed to load policy [ 39.563482][ T4003] process 'syz.4.174' launched './file0' with NULL argv: empty string added [ 39.572568][ T4003] Invalid argument reading file caps for ./file0 [ 40.354354][ T4039] ip6gretap0: entered promiscuous mode [ 40.361472][ T4039] ip6gretap0: left promiscuous mode [ 40.459362][ T4043] netlink: 8 bytes leftover after parsing attributes in process `syz.4.189'. [ 40.468241][ T4043] netlink: 28 bytes leftover after parsing attributes in process `syz.4.189'. [ 40.632945][ T4056] netlink: 24 bytes leftover after parsing attributes in process `syz.0.194'. [ 40.699798][ T4056] netlink: 8 bytes leftover after parsing attributes in process `syz.0.194'. [ 40.715678][ T4058] netlink: 12 bytes leftover after parsing attributes in process `syz.2.195'. [ 40.724598][ T4058] netlink: 12 bytes leftover after parsing attributes in process `syz.2.195'. [ 40.866524][ T4076] loop3: detected capacity change from 0 to 128 [ 40.933759][ T4085] SELinux: Context system_u:object_r:var_lib_t:s0 is not valid (left unmapped). [ 40.944250][ T4087] geneve2: entered promiscuous mode [ 40.949801][ T4087] geneve2: entered allmulticast mode [ 41.308815][ T4119] netlink: 'syz.0.220': attribute type 30 has an invalid length. [ 41.361553][ T4121] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4121 comm=syz.2.221 [ 41.420449][ T4125] netlink: 'syz.0.223': attribute type 1 has an invalid length. [ 41.451272][ T4125] 8021q: adding VLAN 0 to HW filter on device bond1 [ 41.483530][ T4125] 8021q: adding VLAN 0 to HW filter on device batadv1 [ 41.499197][ T29] kauditd_printk_skb: 102 callbacks suppressed [ 41.499277][ T29] audit: type=1326 audit(1767119122.463:377): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4133 comm="syz.2.227" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f054186f749 code=0x7ffc0000 [ 41.508621][ T4125] bond1: (slave batadv1): making interface the new active one [ 41.541242][ T4135] xt_connbytes: Forcing CT accounting to be enabled [ 41.550243][ T29] audit: type=1326 audit(1767119122.463:378): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4133 comm="syz.2.227" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f054186f749 code=0x7ffc0000 [ 41.557382][ T4137] netlink: 'syz.0.223': attribute type 13 has an invalid length. [ 41.573695][ T29] audit: type=1326 audit(1767119122.463:379): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4133 comm="syz.2.227" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f054186f749 code=0x7ffc0000 [ 41.582840][ T4125] bond1: (slave batadv1): Enslaving as an active interface with an up link [ 41.604818][ T29] audit: type=1326 audit(1767119122.463:380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4133 comm="syz.2.227" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f054186f749 code=0x7ffc0000 [ 41.604859][ T29] audit: type=1326 audit(1767119122.463:381): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4133 comm="syz.2.227" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f054186f749 code=0x7ffc0000 [ 41.604907][ T29] audit: type=1326 audit(1767119122.463:382): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4133 comm="syz.2.227" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f054186f749 code=0x7ffc0000 [ 41.604934][ T29] audit: type=1326 audit(1767119122.463:383): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4133 comm="syz.2.227" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f054186f749 code=0x7ffc0000 [ 41.604961][ T29] audit: type=1326 audit(1767119122.463:384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4133 comm="syz.2.227" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f054186f749 code=0x7ffc0000 [ 41.731158][ T29] audit: type=1326 audit(1767119122.463:385): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4133 comm="syz.2.227" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f054186f749 code=0x7ffc0000 [ 41.754858][ T29] audit: type=1326 audit(1767119122.463:386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4133 comm="syz.2.227" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f054186f749 code=0x7ffc0000 [ 41.884194][ T4137] bridge0: port 2(bridge_slave_1) entered disabled state [ 41.891539][ T4137] bridge0: port 1(bridge_slave_0) entered disabled state [ 42.090948][ T4137] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 42.107340][ T4137] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 42.161181][ T3825] netdevsim netdevsim0 eth0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 42.185249][ T3825] netdevsim netdevsim0 eth1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 42.193751][ T3825] netdevsim netdevsim0 eth2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 42.205194][ T3825] netdevsim netdevsim0 eth3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 42.218457][ T4155] syz.1.234 uses obsolete (PF_INET,SOCK_PACKET) [ 42.388684][ T4176] __nla_validate_parse: 5 callbacks suppressed [ 42.388702][ T4176] netlink: 2028 bytes leftover after parsing attributes in process `syz.4.239'. [ 42.404300][ T4176] netlink: 24 bytes leftover after parsing attributes in process `syz.4.239'. [ 42.494908][ C1] hrtimer: interrupt took 46822 ns [ 42.532517][ T4194] netlink: 24 bytes leftover after parsing attributes in process `syz.2.249'. [ 42.578619][ T4194] netlink: 8 bytes leftover after parsing attributes in process `syz.2.249'. [ 42.729306][ T4209] netlink: 'syz.2.254': attribute type 27 has an invalid length. [ 42.856675][ T4209] bridge0: port 2(bridge_slave_1) entered disabled state [ 42.864129][ T4209] bridge0: port 1(bridge_slave_0) entered disabled state [ 42.904923][ T4216] SELinux: Context system_u:object_r:fsadm_exec_t:s0 is not valid (left unmapped). [ 42.966467][ T4209] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 42.978745][ T4209] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 43.188954][ T4213] 8021q: adding VLAN 0 to HW filter on device bond0 [ 43.226494][ T4213] 8021q: adding VLAN 0 to HW filter on device team0 [ 43.258219][ T4213] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 43.277122][ T3825] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 43.302679][ T3825] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 43.358726][ T3825] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 43.375834][ T3825] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 43.788539][ T4249] netlink: 8 bytes leftover after parsing attributes in process `syz.2.270'. [ 43.836499][ T4253] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 43.847548][ T4253] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 43.960263][ T4264] sch_tbf: burst 2 is lower than device syzkaller0 mtu (1514) ! [ 44.458023][ T4157] syz.3.236 (4157) used greatest stack depth: 9928 bytes left [ 44.604007][ T4159] syz.3.236 (4159) used greatest stack depth: 7408 bytes left [ 44.697805][ T4278] netlink: 212 bytes leftover after parsing attributes in process `syz.3.283'. [ 45.024356][ T4285] loop7: detected capacity change from 0 to 7 [ 45.031164][ C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 45.040791][ C1] Buffer I/O error on dev loop7, logical block 0, async page read [ 45.048894][ C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 45.058813][ C0] Buffer I/O error on dev loop7, logical block 0, async page read [ 45.066805][ T4285] loop7: unable to read partition table [ 45.072668][ T4285] loop_reread_partitions: partition scan of loop7 (Cj̖P=ý?}X %`ր{֐ȵ4FLQk݊) failed (rc=-5) [ 45.096653][ C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 45.106380][ C0] Buffer I/O error on dev loop7, logical block 0, async page read [ 45.114745][ C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 45.124454][ C0] Buffer I/O error on dev loop7, logical block 0, async page read [ 45.135268][ C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 45.144981][ C1] Buffer I/O error on dev loop7, logical block 0, async page read [ 45.153120][ C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 45.162816][ C0] Buffer I/O error on dev loop7, logical block 0, async page read [ 45.171164][ C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 45.180976][ C0] Buffer I/O error on dev loop7, logical block 0, async page read [ 45.492657][ T4322] netlink: 'syz.0.301': attribute type 27 has an invalid length. [ 45.553342][ T4322] 8021q: adding VLAN 0 to HW filter on device bond0 [ 45.563413][ T4322] 8021q: adding VLAN 0 to HW filter on device team0 [ 45.603291][ T4322] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 45.629726][ T4329] netlink: 'syz.2.306': attribute type 3 has an invalid length. [ 45.641205][ T4330] loop4: detected capacity change from 0 to 1024 [ 45.649040][ T4329] netlink: 'syz.2.306': attribute type 3 has an invalid length. [ 45.657569][ T4330] ======================================================= [ 45.657569][ T4330] WARNING: The mand mount option has been deprecated and [ 45.657569][ T4330] and is ignored by this kernel. Remove the mand [ 45.657569][ T4330] option from the mount to silence this warning. [ 45.657569][ T4330] ======================================================= [ 45.736621][ T4330] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 45.787796][ T3321] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 46.120250][ T4358] loop2: detected capacity change from 0 to 1024 [ 46.139748][ T4358] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 46.169719][ T4358] ext4 filesystem being mounted at /62/file2 supports timestamps until 2038-01-19 (0x7fffffff) [ 46.272447][ T4368] netlink: 12 bytes leftover after parsing attributes in process `syz.0.321'. [ 46.284156][ T4371] netlink: 8 bytes leftover after parsing attributes in process `syz.4.322'. [ 46.293948][ T4371] netlink: 8 bytes leftover after parsing attributes in process `syz.4.322'. [ 46.435687][ T4388] sctp: [Deprecated]: syz.3.326 (pid 4388) Use of struct sctp_assoc_value in delayed_ack socket option. [ 46.435687][ T4388] Use struct sctp_sack_info instead [ 46.452536][ T4388] sctp: [Deprecated]: syz.3.326 (pid 4388) Use of struct sctp_assoc_value in delayed_ack socket option. [ 46.452536][ T4388] Use struct sctp_sack_info instead [ 46.482720][ T3329] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 46.614928][ T29] kauditd_printk_skb: 208 callbacks suppressed [ 46.614951][ T29] audit: type=1326 audit(1767119127.513:595): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4390 comm="syz.3.331" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb38e1f749 code=0x7ffc0000 [ 46.644858][ T29] audit: type=1326 audit(1767119127.513:596): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4390 comm="syz.3.331" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb38e1f749 code=0x7ffc0000 [ 46.668290][ T29] audit: type=1326 audit(1767119127.513:597): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4390 comm="syz.3.331" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb38e1f749 code=0x7ffc0000 [ 46.691757][ T29] audit: type=1326 audit(1767119127.513:598): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4390 comm="syz.3.331" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdb38e1f749 code=0x7ffc0000 [ 46.715240][ T29] audit: type=1326 audit(1767119127.523:599): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4390 comm="syz.3.331" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb38e1f749 code=0x7ffc0000 [ 46.738588][ T29] audit: type=1326 audit(1767119127.523:600): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4390 comm="syz.3.331" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb38e1f749 code=0x7ffc0000 [ 46.762285][ T29] audit: type=1326 audit(1767119127.523:601): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4390 comm="syz.3.331" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb38e1f749 code=0x7ffc0000 [ 46.786014][ T29] audit: type=1326 audit(1767119127.523:602): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4390 comm="syz.3.331" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdb38e1f749 code=0x7ffc0000 [ 46.809418][ T29] audit: type=1326 audit(1767119127.523:603): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4390 comm="syz.3.331" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb38e1f749 code=0x7ffc0000 [ 46.833482][ T29] audit: type=1326 audit(1767119127.523:604): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4390 comm="syz.3.331" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb38e1f749 code=0x7ffc0000 [ 47.497952][ T4419] sch_tbf: burst 2 is lower than device syzkaller0 mtu (1514) ! [ 47.587284][ T4423] syz.1.340 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 47.698909][ T4436] netlink: 9 bytes leftover after parsing attributes in process `syz.0.345'. [ 47.715408][ T4436] netlink: 9 bytes leftover after parsing attributes in process `syz.0.345'. [ 47.774709][ T4438] pimreg: entered allmulticast mode [ 47.796734][ T4438] pimreg: left allmulticast mode [ 48.020511][ T4454] ip6tnl1: entered promiscuous mode [ 48.473806][ T4483] netlink: 24 bytes leftover after parsing attributes in process `syz.2.361'. [ 48.484296][ T4483] netlink: 24 bytes leftover after parsing attributes in process `syz.2.361'. [ 48.695055][ T4491] bridge0: port 3(batadv1) entered blocking state [ 48.701751][ T4491] bridge0: port 3(batadv1) entered disabled state [ 48.735043][ T4491] batadv1: entered allmulticast mode [ 48.740829][ T4480] loop4: detected capacity change from 0 to 32768 [ 48.748216][ T4491] batadv1: entered promiscuous mode [ 48.796233][ T3580] loop4: p1 p2 p3 < p5 p6 > [ 48.810423][ T3580] loop4: p2 size 16775168 extends beyond EOD, truncated [ 48.832045][ T3580] loop4: p5 start 4294970168 is beyond EOD, truncated [ 48.858355][ T4480] loop4: p1 p2 p3 < p5 p6 > [ 48.873581][ T4480] loop4: p2 size 16775168 extends beyond EOD, truncated [ 48.889725][ T4480] loop4: p5 start 4294970168 is beyond EOD, truncated [ 49.021232][ T4509] loop2: detected capacity change from 0 to 1024 [ 49.032126][ T4509] EXT4-fs: Ignoring removed nomblk_io_submit option [ 49.091682][ T3579] udevd[3579]: inotify_add_watch(7, /dev/loop4p6, 10) failed: No such file or directory [ 49.091711][ T3314] udevd[3314]: inotify_add_watch(7, /dev/loop4p3, 10) failed: No such file or directory [ 49.115333][ T3580] udevd[3580]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory [ 49.131452][ T3941] udevd[3941]: inotify_add_watch(7, /dev/loop4p2, 10) failed: No such file or directory [ 49.151002][ T4509] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 49.153209][ T3941] udevd[3941]: inotify_add_watch(7, /dev/loop4p2, 10) failed: No such file or directory [ 49.165186][ T3579] udevd[3579]: inotify_add_watch(7, /dev/loop4p6, 10) failed: No such file or directory [ 49.174522][ T3580] udevd[3580]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory [ 49.194829][ T3314] udevd[3314]: inotify_add_watch(7, /dev/loop4p3, 10) failed: No such file or directory [ 49.197644][ T2476] batman_adv: batadv1: No IGMP Querier present - multicast optimizations disabled [ 49.214039][ T2476] batman_adv: batadv1: No MLD Querier present - multicast optimizations disabled [ 49.412323][ T4545] ip6_tunnel: non-ECT from fe80:0000:0000:0000:0000:0000:0000:00aa with DS=0x1d [ 49.461026][ T4550] netlink: 28 bytes leftover after parsing attributes in process `syz.0.387'. [ 49.470154][ T4550] netlink: 32 bytes leftover after parsing attributes in process `syz.0.387'. [ 49.479229][ T4550] netlink: 28 bytes leftover after parsing attributes in process `syz.0.387'. [ 49.515188][ T4550] netlink: 32 bytes leftover after parsing attributes in process `syz.0.387'. [ 49.939685][ T4572] netlink: 8 bytes leftover after parsing attributes in process `syz.1.395'. [ 49.950329][ T4572] netlink: 8 bytes leftover after parsing attributes in process `syz.1.395'. [ 50.159969][ T4509] syz.2.375 (4509) used greatest stack depth: 7072 bytes left [ 50.188921][ T3329] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 50.441473][ T4602] loop4: detected capacity change from 0 to 1024 [ 50.464744][ T4602] EXT4-fs: inline encryption not supported [ 50.470871][ T4602] EXT4-fs: Ignoring removed orlov option [ 50.476695][ T4602] EXT4-fs: Ignoring removed bh option [ 50.517284][ T4602] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a84cc018, mo2=0002] [ 50.534937][ T4602] System zones: 0-1, 3-12 [ 50.540171][ T4602] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 50.609568][ T3321] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 50.736478][ T4615] capability: warning: `syz.3.412' uses deprecated v2 capabilities in a way that may be insecure [ 50.893102][ T4626] netlink: 'syz.3.416': attribute type 1 has an invalid length. [ 50.900997][ T4626] netlink: 'syz.3.416': attribute type 2 has an invalid length. [ 51.157553][ T4647] loop2: detected capacity change from 0 to 764 [ 51.192358][ T4647] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 51.381056][ T4674] loop0: detected capacity change from 0 to 512 [ 51.408192][ T4674] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 51.421604][ T4674] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 51.452762][ T4674] EXT4-fs warning (device loop0): ext4_expand_extra_isize_ea:2857: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 51.466287][ T4674] EXT4-fs (loop0): 1 truncate cleaned up [ 51.472546][ T4674] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 51.501924][ T4681] sch_tbf: burst 22 is lower than device lo mtu (1550) ! [ 51.514485][ T4681] sch_tbf: burst 22 is lower than device lo mtu (1550) ! [ 51.587855][ T3326] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 51.630520][ T4687] bridge0: entered promiscuous mode [ 51.643094][ T4687] macsec1: entered promiscuous mode [ 51.643320][ T4689] loop0: detected capacity change from 0 to 2048 [ 51.649955][ T4687] bridge0: port 3(macsec1) entered blocking state [ 51.662053][ T4687] bridge0: port 3(macsec1) entered disabled state [ 51.679086][ T4689] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 51.695375][ T4687] macsec1: entered allmulticast mode [ 51.700738][ T4687] bridge0: entered allmulticast mode [ 51.712110][ T4687] macsec1: left allmulticast mode [ 51.717505][ T4687] bridge0: left allmulticast mode [ 51.724148][ T4687] bridge0: left promiscuous mode [ 51.761257][ T29] kauditd_printk_skb: 708 callbacks suppressed [ 51.761276][ T29] audit: type=1400 audit(51.744:1313): avc: denied { mounton } for pid=4688 comm="syz.0.442" path="/94/bus/bus" dev="loop0" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 51.810444][ T3326] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1306: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4128793 free clusters [ 51.826355][ T29] audit: type=1400 audit(51.794:1314): avc: denied { rmdir } for pid=3326 comm="syz-executor" name="lost+found" dev="loop0" ino=11 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 51.856524][ T29] audit: type=1400 audit(51.834:1315): avc: denied { unlink } for pid=3326 comm="syz-executor" name="file1" dev="loop0" ino=14 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=lnk_file permissive=1 [ 51.880219][ T29] audit: type=1326 audit(51.864:1316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4698 comm="syz.1.447" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36890af749 code=0x7ffc0000 [ 51.904910][ T29] audit: type=1400 audit(51.864:1317): avc: denied { unmount } for pid=3326 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1 [ 51.905145][ T3326] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 51.924591][ T29] audit: type=1326 audit(51.864:1318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4698 comm="syz.1.447" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36890af749 code=0x7ffc0000 [ 51.956919][ T29] audit: type=1326 audit(51.864:1319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4698 comm="syz.1.447" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f36890af749 code=0x7ffc0000 [ 51.980805][ T29] audit: type=1326 audit(51.864:1320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4698 comm="syz.1.447" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36890af749 code=0x7ffc0000 [ 52.003758][ T29] audit: type=1326 audit(51.864:1321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4698 comm="syz.1.447" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36890af749 code=0x7ffc0000 [ 52.026869][ T29] audit: type=1326 audit(51.864:1322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4698 comm="syz.1.447" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f36890af749 code=0x7ffc0000 [ 52.081462][ T4702] loop4: detected capacity change from 0 to 8192 [ 52.198723][ T3321] FAT-fs (loop4): error, invalid access to FAT (entry 0x0000e1b1) [ 52.206711][ T3321] FAT-fs (loop4): Filesystem has been set read-only [ 52.238712][ T4714] loop3: detected capacity change from 0 to 1024 [ 52.267270][ T4714] EXT4-fs (loop3): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 52.302333][ T4714] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1306: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters [ 52.352504][ T4731] netlink: 'syz.2.459': attribute type 39 has an invalid length. [ 52.365012][ T3323] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 52.450439][ T4742] loop3: detected capacity change from 0 to 2048 [ 52.498779][ T4742] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 52.678862][ T4754] veth0: entered promiscuous mode [ 52.688283][ T4754] veth0: left promiscuous mode [ 52.859424][ T3323] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 52.896759][ T4770] loop2: detected capacity change from 0 to 512 [ 52.917591][ T4770] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 52.937537][ T4770] EXT4-fs (loop2): 1 truncate cleaned up [ 52.956924][ T4770] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 53.140353][ T3329] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 53.345735][ T4792] loop0: detected capacity change from 0 to 1024 [ 53.352863][ T4792] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 53.363844][ T4792] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 53.386429][ T4794] loop4: detected capacity change from 0 to 512 [ 53.403517][ T4792] JBD2: no valid journal superblock found [ 53.409558][ T4792] EXT4-fs (loop0): Could not load journal inode [ 53.415397][ T4799] l2tp_ppp: sess 2/0: no socket in recv [ 53.433401][ T4794] EXT4-fs error (device loop4): ext4_iget_extra_inode:5073: inode #15: comm syz.4.484: corrupted in-inode xattr: invalid ea_ino [ 53.454475][ T4792] SELinux: security_context_str_to_sid (-Xܘ7.H\ %u@) failed with errno=-22 [ 53.469113][ T4794] EXT4-fs error (device loop4): ext4_orphan_get:1396: comm syz.4.484: couldn't read orphan inode 15 (err -117) [ 53.505315][ T4794] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 53.548527][ T3321] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 53.648478][ T4819] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING [ 54.010564][ T4843] __nla_validate_parse: 4 callbacks suppressed [ 54.010583][ T4843] netlink: 96 bytes leftover after parsing attributes in process `syz.2.504'. [ 54.076618][ T4840] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 54.119067][ T4840] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 54.169439][ T3840] Bluetooth: hci0: Frame reassembly failed (-84) [ 54.178950][ T4840] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 54.207970][ T4840] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 54.261541][ T3840] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.272814][ T3840] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.284138][ T3840] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.296422][ T3840] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.381880][ T4854] netlink: 60 bytes leftover after parsing attributes in process `syz.3.508'. [ 54.390852][ T4854] netlink: 60 bytes leftover after parsing attributes in process `syz.3.508'. [ 54.506890][ T4871] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 54.523060][ T4871] wireguard0: entered promiscuous mode [ 54.528792][ T4871] wireguard0: entered allmulticast mode [ 54.684147][ T4886] netlink: 8 bytes leftover after parsing attributes in process `syz.4.522'. [ 54.695312][ T4886] netlink: 8 bytes leftover after parsing attributes in process `syz.4.522'. [ 54.708941][ T4886] netlink: 8 bytes leftover after parsing attributes in process `syz.4.522'. [ 54.718248][ T4886] netlink: 8 bytes leftover after parsing attributes in process `syz.4.522'. [ 55.449977][ T4884] 9pnet_fd: p9_fd_create_tcp (4884): problem connecting socket to 127.0.0.1 [ 55.729420][ T4950] netlink: 'syz.1.544': attribute type 30 has an invalid length. [ 56.067125][ T4917] syz.0.533 (4917) used greatest stack depth: 6120 bytes left [ 56.173004][ T4961] loop0: detected capacity change from 0 to 8192 [ 56.234880][ T44] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 56.337642][ T3326] FAT-fs (loop0): error, invalid access to FAT (entry 0x0000e1b1) [ 56.345632][ T3326] FAT-fs (loop0): Filesystem has been set read-only [ 56.418647][ T4260] IPVS: starting estimator thread 0... [ 56.525633][ T4972] IPVS: using max 2496 ests per chain, 124800 per kthread [ 56.564653][ T4989] netlink: 'syz.2.561': attribute type 4 has an invalid length. [ 56.607357][ T4989] netlink: 'syz.2.561': attribute type 4 has an invalid length. [ 56.607443][ T4991] netlink: 16 bytes leftover after parsing attributes in process `syz.1.562'. [ 56.798773][ T29] kauditd_printk_skb: 274 callbacks suppressed [ 56.798869][ T29] audit: type=1400 audit(56.774:1597): avc: denied { associate } for pid=5003 comm="syz.1.566" name="core" scontext=root:object_r:etc_runtime_t tcontext=system_u:object_r:root_t tclass=filesystem permissive=1 [ 56.834483][ T5005] loop4: detected capacity change from 0 to 256 [ 56.845656][ T29] audit: type=1400 audit(56.794:1598): avc: denied { remount } for pid=5000 comm="syz.1.566" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=filesystem permissive=1 [ 56.864634][ T29] audit: type=1400 audit(56.824:1599): avc: denied { read write } for pid=5006 comm="syz.0.569" name="autofs" dev="devtmpfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1 [ 56.887779][ T29] audit: type=1400 audit(56.824:1600): avc: denied { open } for pid=5006 comm="syz.0.569" path="/dev/autofs" dev="devtmpfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1 [ 56.911575][ T29] audit: type=1400 audit(56.834:1601): avc: denied { ioctl } for pid=5006 comm="syz.0.569" path="/dev/autofs" dev="devtmpfs" ino=91 ioctlcmd=0x937e scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1 [ 56.932809][ T5005] bio_check_eod: 98 callbacks suppressed [ 56.932827][ T5005] syz.4.568: attempt to access beyond end of device [ 56.932827][ T5005] loop4: rw=2049, sector=256, nr_sectors = 32 limit=256 [ 56.959661][ T5009] veth0: entered promiscuous mode [ 56.971243][ T5009] veth0: left promiscuous mode [ 56.976500][ T5005] syz.4.568: attempt to access beyond end of device [ 56.976500][ T5005] loop4: rw=2049, sector=352, nr_sectors = 36 limit=256 [ 56.991073][ T29] audit: type=1400 audit(56.964:1602): avc: denied { connect } for pid=5010 comm="syz.3.570" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1 [ 57.003033][ T5014] syz.4.568: attempt to access beyond end of device [ 57.003033][ T5014] loop4: rw=34817, sector=261, nr_sectors = 27 limit=256 [ 57.012026][ T5016] netlink: 'syz.0.573': attribute type 13 has an invalid length. [ 57.024132][ T5014] syz.4.568: attempt to access beyond end of device [ 57.024132][ T5014] loop4: rw=8423425, sector=352, nr_sectors = 5 limit=256 [ 57.031950][ T5016] netlink: 4 bytes leftover after parsing attributes in process `syz.0.573'. [ 57.069107][ T3840] netdevsim netdevsim0 eth0: set [0, 0] type 1 family 0 port 8472 - 0 [ 57.077755][ T5016] netlink: 'syz.0.573': attribute type 13 has an invalid length. [ 57.085729][ T5016] netlink: 4 bytes leftover after parsing attributes in process `syz.0.573'. [ 57.095085][ T3840] netdevsim netdevsim0 eth1: set [0, 0] type 1 family 0 port 8472 - 0 [ 57.103363][ T3840] netdevsim netdevsim0 eth2: set [0, 0] type 1 family 0 port 8472 - 0 [ 57.159062][ T3840] netdevsim netdevsim0 eth3: set [0, 0] type 1 family 0 port 8472 - 0 [ 57.221556][ T5026] loop2: detected capacity change from 0 to 512 [ 57.272479][ T29] audit: type=1400 audit(57.254:1603): avc: denied { allowed } for pid=5028 comm="syz.0.579" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1 [ 57.324648][ T5026] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 57.379715][ T3329] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 57.655560][ T29] audit: type=1400 audit(57.644:1604): avc: denied { ioctl } for pid=5044 comm="syz.3.583" path="socket:[10002]" dev="sockfs" ino=10002 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 57.761038][ T5049] loop3: detected capacity change from 0 to 512 [ 57.767577][ T29] audit: type=1400 audit(57.664:1605): avc: denied { bind } for pid=5044 comm="syz.3.583" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 57.812469][ T5049] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 57.868985][ T5049] EXT4-fs (loop3): 1 truncate cleaned up [ 57.885435][ T5049] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 57.919613][ T3323] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 58.043726][ T5062] xt_hashlimit: max too large, truncated to 1048576 [ 58.131110][ T29] audit: type=1326 audit(58.114:1606): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5069 comm="syz.2.592" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f054186f749 code=0x7ffc0000 [ 58.432079][ T5093] netlink: 'syz.2.602': attribute type 10 has an invalid length. [ 58.473685][ T5095] team0: Device gtp0 is of different type [ 58.495863][ T5093] bond0: (slave netdevsim1): Enslaving as an active interface with an up link [ 58.570855][ T5101] sd 0:0:1:0: device reset [ 58.881750][ T5121] loop0: detected capacity change from 0 to 256 [ 59.103118][ T5130] loop0: detected capacity change from 0 to 1024 [ 59.109916][ T5130] EXT4-fs: Ignoring removed orlov option [ 59.118682][ T5130] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 59.396262][ T3326] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 59.495880][ T5142] netlink: 4 bytes leftover after parsing attributes in process `syz.4.623'. [ 59.561237][ T5147] loop4: detected capacity change from 0 to 512 [ 59.590257][ T5147] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 59.618344][ T5147] EXT4-fs (loop4): too many log groups per flexible block group [ 59.628762][ T5147] EXT4-fs (loop4): failed to initialize mballoc (-12) [ 59.637258][ T5147] EXT4-fs (loop4): mount failed [ 59.659078][ T5153] loop0: detected capacity change from 0 to 512 [ 59.695222][ T5153] EXT4-fs: dax option not supported [ 59.775919][ T5159] netlink: 12 bytes leftover after parsing attributes in process `syz.3.630'. [ 59.803198][ T5159] SELinux: policydb version 65545 does not match my version range 15-35 [ 59.811993][ T5159] SELinux: failed to load policy [ 59.870369][ T5171] SELinux: policydb magic number 0x0 does not match expected magic number 0xf97cff8c [ 59.902815][ T5171] SELinux: failed to load policy [ 60.095743][ T5196] netlink: 60 bytes leftover after parsing attributes in process `syz.2.644'. [ 60.104845][ T5196] unsupported nlmsg_type 40 [ 60.251237][ T5205] netlink: 12 bytes leftover after parsing attributes in process `syz.3.651'. [ 60.279981][ T5205] loop3: detected capacity change from 0 to 512 [ 60.295302][ T5205] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 60.304476][ T5205] EXT4-fs (loop3): couldn't mount as ext3 due to feature incompatibilities [ 60.409536][ T5218] netlink: 'syz.1.657': attribute type 10 has an invalid length. [ 60.439399][ T5218] bond0: (slave netdevsim1): Enslaving as an active interface with an up link [ 60.584843][ T5237] netlink: 8 bytes leftover after parsing attributes in process `syz.2.666'. [ 60.639464][ T5245] tipc: Enabling of bearer rejected, failed to enable media [ 60.859426][ T5263] loop2: detected capacity change from 0 to 128 [ 61.422747][ T5298] netlink: 8 bytes leftover after parsing attributes in process `syz.4.691'. [ 61.431831][ T5298] netlink: 24 bytes leftover after parsing attributes in process `syz.4.691'. [ 61.595995][ T5313] loop4: detected capacity change from 0 to 1024 [ 61.607114][ T5313] journal_path: Non-blockdev passed as './file1' [ 61.613593][ T5313] EXT4-fs: error: could not find journal device path [ 61.688918][ T5317] loop3: detected capacity change from 0 to 512 [ 61.705713][ T5317] EXT4-fs: dax option not supported [ 61.733684][ T5318] netlink: 60 bytes leftover after parsing attributes in process `syz.4.700'. [ 62.079133][ T29] kauditd_printk_skb: 237 callbacks suppressed [ 62.079149][ T29] audit: type=1326 audit(62.064:1844): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5344 comm="syz.0.711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e1bc7f749 code=0x7ffc0000 [ 62.144874][ T29] audit: type=1326 audit(62.064:1845): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5344 comm="syz.0.711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e1bc7f749 code=0x7ffc0000 [ 62.167838][ T29] audit: type=1326 audit(62.104:1846): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5344 comm="syz.0.711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1e1bc7f749 code=0x7ffc0000 [ 62.177015][ T5345] loop0: detected capacity change from 0 to 1024 [ 62.190562][ T29] audit: type=1326 audit(62.104:1847): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5344 comm="syz.0.711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e1bc7f749 code=0x7ffc0000 [ 62.220789][ T29] audit: type=1326 audit(62.104:1848): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5344 comm="syz.0.711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e1bc7f749 code=0x7ffc0000 [ 62.243611][ T29] audit: type=1326 audit(62.104:1849): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5344 comm="syz.0.711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1e1bc7f749 code=0x7ffc0000 [ 62.256827][ T5345] journal_path: Non-blockdev passed as './file1' [ 62.266463][ T29] audit: type=1326 audit(62.104:1850): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5344 comm="syz.0.711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e1bc7f749 code=0x7ffc0000 [ 62.272812][ T5345] EXT4-fs: error: could not find journal device path [ 62.295723][ T29] audit: type=1326 audit(62.104:1851): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5344 comm="syz.0.711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1e1bc7f749 code=0x7ffc0000 [ 62.325131][ T29] audit: type=1326 audit(62.104:1852): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5344 comm="syz.0.711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e1bc7f749 code=0x7ffc0000 [ 62.347920][ T29] audit: type=1326 audit(62.104:1853): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5344 comm="syz.0.711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1e1bc7f749 code=0x7ffc0000 [ 62.440181][ T5353] loop4: detected capacity change from 0 to 2048 [ 62.505135][ T5353] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 62.583639][ T5364] netlink: 28 bytes leftover after parsing attributes in process `syz.0.718'. [ 62.601293][ T5367] netlink: 182 bytes leftover after parsing attributes in process `syz.1.720'. [ 62.627577][ T5364] netem: change failed [ 62.655699][ T5371] 9p: Bad value for 'rfdno' [ 62.661235][ T3321] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 63.367519][ T5416] loop0: detected capacity change from 0 to 128 [ 63.382983][ T5416] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 63.444983][ T3326] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 63.899771][ T5383] Set syz1 is full, maxelem 65536 reached [ 63.963408][ T5376] Set syz1 is full, maxelem 65536 reached [ 64.055916][ T5438] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5438 comm=syz.2.747 [ 64.157405][ T5445] sch_tbf: burst 22 is lower than device lo mtu (1550) ! [ 64.167639][ T5447] debugfs: 'ptm1' already exists in 'caif_serial' [ 64.653688][ T5526] __nla_validate_parse: 8 callbacks suppressed [ 64.653708][ T5526] netlink: 60 bytes leftover after parsing attributes in process `syz.3.776'. [ 64.740808][ T5537] blktrace: Concurrent blktraces are not allowed on loop4 [ 65.008411][ T5574] loop0: detected capacity change from 0 to 1024 [ 65.030223][ T5574] EXT4-fs (loop0): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 65.052146][ T5574] EXT4-fs error (device loop0): ext4_free_blocks:6728: comm syz.0.795: Freeing blocks not in datazone - block = 0, count = 16 [ 65.059823][ T5580] debugfs: 'ptm1' already exists in 'caif_serial' [ 65.085474][ T3812] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm kworker/u8:25: bg 0: block 112: padding at end of block bitmap is not set [ 65.109038][ T3812] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 29 with max blocks 39 with error 28 [ 65.121514][ T3812] EXT4-fs (loop0): This should not happen!! Data will be lost [ 65.121514][ T3812] [ 65.131243][ T3812] EXT4-fs (loop0): Total free blocks count 0 [ 65.137438][ T3812] EXT4-fs (loop0): Free/Dirty block details [ 65.143453][ T3812] EXT4-fs (loop0): free_blocks=0 [ 65.148481][ T3812] EXT4-fs (loop0): dirty_blocks=64 [ 65.153682][ T3812] EXT4-fs (loop0): Block reservation details [ 65.159976][ T3812] EXT4-fs (loop0): i_reserved_data_blocks=4 [ 65.167763][ T3326] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 65.300859][ T5600] loop2: detected capacity change from 0 to 512 [ 65.307951][ T5600] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 65.319421][ T5600] EXT4-fs error (device loop2): ext4_orphan_get:1391: inode #15: comm syz.2.806: inode has both inline data and extents flags [ 65.333071][ T5600] EXT4-fs error (device loop2): ext4_orphan_get:1396: comm syz.2.806: couldn't read orphan inode 15 (err -117) [ 65.345916][ T5600] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 65.370060][ T3329] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 65.903261][ T5620] wg2: entered promiscuous mode [ 65.908309][ T5620] wg2: entered allmulticast mode [ 65.955079][ T5624] loop3: detected capacity change from 0 to 2048 [ 65.979688][ T5624] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 66.179141][ T5636] loop0: detected capacity change from 0 to 512 [ 66.190742][ T3323] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 66.252254][ T5636] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 66.335466][ T3326] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 66.552286][ T5676] loop3: detected capacity change from 0 to 256 [ 66.595218][ T5676] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 66.791507][ T5685] loop3: detected capacity change from 0 to 512 [ 66.826853][ T5685] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 66.911397][ T3323] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 66.968559][ T5694] netlink: 'syz.3.841': attribute type 10 has an invalid length. [ 67.008705][ T5694] 8021q: adding VLAN 0 to HW filter on device team0 [ 67.057753][ T5694] bond0: (slave team0): Enslaving as an active interface with an up link [ 67.673133][ T5715] loop3: detected capacity change from 0 to 8192 [ 67.947448][ T3580] loop3: p1 p2 p4 < > [ 67.951605][ T3580] loop3: partition table partially beyond EOD, truncated [ 67.962547][ T3580] loop3: p1 start 16777216 is beyond EOD, truncated [ 67.969303][ T3580] loop3: p2 size 515840 extends beyond EOD, truncated [ 68.032877][ T3580] loop3: p4 start 16777216 is beyond EOD, truncated [ 68.091546][ T5715] loop3: p1 p2 p4 < > [ 68.095916][ T5715] loop3: partition table partially beyond EOD, truncated [ 68.103567][ T5715] loop3: p1 start 16777216 is beyond EOD, truncated [ 68.110260][ T5715] loop3: p2 size 515840 extends beyond EOD, truncated [ 68.135583][ T5715] loop3: p4 start 16777216 is beyond EOD, truncated [ 68.233978][ T3580] udevd[3580]: inotify_add_watch(7, /dev/loop3p2, 10) failed: No such file or directory [ 68.258799][ T5749] loop0: detected capacity change from 0 to 2048 [ 68.274659][ T29] kauditd_printk_skb: 55 callbacks suppressed [ 68.280847][ T29] audit: type=1326 audit(68.254:1909): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5747 comm="syz.3.863" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb38e1f749 code=0x7ffc0000 [ 68.316439][ T3580] udevd[3580]: inotify_add_watch(7, /dev/loop3p2, 10) failed: No such file or directory [ 68.331290][ T5749] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 68.348758][ T29] audit: type=1326 audit(68.254:1910): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5747 comm="syz.3.863" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb38e1f749 code=0x7ffc0000 [ 68.371605][ T29] audit: type=1326 audit(68.264:1911): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5747 comm="syz.3.863" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdb38e1f749 code=0x7ffc0000 [ 68.378155][ T3580] udevd[3580]: inotify_add_watch(7, /dev/loop3p2, 10) failed: No such file or directory [ 68.394591][ T29] audit: type=1326 audit(68.264:1912): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5747 comm="syz.3.863" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb38e1f749 code=0x7ffc0000 [ 68.427565][ T29] audit: type=1326 audit(68.264:1913): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5747 comm="syz.3.863" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdb38e1f749 code=0x7ffc0000 [ 68.450449][ T29] audit: type=1326 audit(68.264:1914): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5747 comm="syz.3.863" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb38e1f749 code=0x7ffc0000 [ 68.473372][ T29] audit: type=1326 audit(68.264:1915): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5747 comm="syz.3.863" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdb38e1f749 code=0x7ffc0000 [ 68.496193][ T29] audit: type=1326 audit(68.264:1916): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5747 comm="syz.3.863" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb38e1f749 code=0x7ffc0000 [ 68.518947][ T29] audit: type=1326 audit(68.264:1917): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5747 comm="syz.3.863" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb38e1f749 code=0x7ffc0000 [ 68.541780][ T29] audit: type=1326 audit(68.264:1918): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5747 comm="syz.3.863" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7fdb38e1f749 code=0x7ffc0000 [ 68.607311][ T5761] netlink: 4 bytes leftover after parsing attributes in process `syz.3.868'. [ 68.624855][ T5761] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 68.632534][ T5761] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 68.655373][ T5761] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 68.662915][ T5761] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 68.768975][ T3326] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 68.860641][ T5766] netlink: 24 bytes leftover after parsing attributes in process `syz.3.870'. [ 68.908473][ T5771] netlink: 68 bytes leftover after parsing attributes in process `syz.0.872'. [ 68.938260][ T5766] netlink: 12 bytes leftover after parsing attributes in process `syz.3.870'. [ 69.147841][ T5787] netlink: 20 bytes leftover after parsing attributes in process `syz.2.879'. [ 69.157176][ T5787] bridge_slave_1: left allmulticast mode [ 69.163164][ T5787] bridge_slave_1: left promiscuous mode [ 69.168905][ T5787] bridge0: port 2(bridge_slave_1) entered disabled state [ 69.195371][ T5787] bridge_slave_0: left allmulticast mode [ 69.201072][ T5787] bridge_slave_0: left promiscuous mode [ 69.206921][ T5787] bridge0: port 1(bridge_slave_0) entered disabled state [ 69.278071][ T5790] netlink: 'syz.4.880': attribute type 1 has an invalid length. [ 69.323996][ T5793] netlink: 'syz.0.882': attribute type 10 has an invalid length. [ 69.332042][ T5793] netlink: 'syz.0.882': attribute type 11 has an invalid length. [ 69.339980][ T5793] netlink: 12 bytes leftover after parsing attributes in process `syz.0.882'. [ 69.390344][ T5795] netlink: 4 bytes leftover after parsing attributes in process `syz.4.883'. [ 69.397018][ T5799] netlink: 256 bytes leftover after parsing attributes in process `syz.0.885'. [ 69.408294][ T5799] netlink: 72 bytes leftover after parsing attributes in process `syz.0.885'. [ 69.512461][ T5815] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 69.545512][ T5811] loop3: detected capacity change from 0 to 8192 [ 69.586482][ T5815] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 69.636803][ T5815] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 69.706638][ T5815] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 69.764280][ T3848] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 69.790729][ T3848] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 69.803313][ T3848] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 69.811852][ T3848] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 69.914936][ T5834] xt_hashlimit: max too large, truncated to 1048576 [ 69.923220][ T5834] xt_CT: You must specify a L4 protocol and not use inversions on it [ 69.955947][ T5838] netlink: 4 bytes leftover after parsing attributes in process `syz.3.903'. [ 69.974388][ T5840] SELinux: Context @ is not valid (left unmapped). [ 70.034264][ T5842] tipc: Started in network mode [ 70.046674][ T5842] tipc: Node identity ac14140f, cluster identity 4711 [ 70.066395][ T5842] tipc: New replicast peer: 255.255.255.255 [ 70.075296][ T5842] tipc: Enabled bearer , priority 10 [ 70.383737][ T5871] netlink: 4 bytes leftover after parsing attributes in process `syz.3.915'. [ 70.396893][ T5871] netlink: 4 bytes leftover after parsing attributes in process `syz.3.915'. [ 70.406375][ T5864] bond0: (slave netdevsim1): Releasing backup interface [ 70.675562][ T5889] netlink: 12 bytes leftover after parsing attributes in process `syz.3.924'. [ 70.735402][ T5894] loop3: detected capacity change from 0 to 512 [ 70.742863][ T5894] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 70.754437][ T5894] EXT4-fs (loop3): orphan cleanup on readonly fs [ 70.761733][ T5894] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4215: comm syz.3.926: Allocating blocks 41-42 which overlap fs metadata [ 70.776119][ T5894] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4215: comm syz.3.926: Allocating blocks 41-42 which overlap fs metadata [ 70.790463][ T5894] EXT4-fs error (device loop3): ext4_acquire_dquot:6986: comm syz.3.926: Failed to acquire dquot type 1 [ 70.802564][ T5894] EXT4-fs error (device loop3): mb_free_blocks:2037: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt. [ 70.817705][ T5894] EXT4-fs error (device loop3): ext4_do_update_inode:5617: inode #12: comm syz.3.926: corrupted inode contents [ 70.834874][ T5894] EXT4-fs error (device loop3): ext4_dirty_inode:6502: inode #12: comm syz.3.926: mark_inode_dirty error [ 70.846753][ T5894] EXT4-fs error (device loop3): ext4_do_update_inode:5617: inode #12: comm syz.3.926: corrupted inode contents [ 70.872221][ T5894] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #12: comm syz.3.926: mark_inode_dirty error [ 70.886873][ T5894] EXT4-fs error (device loop3): ext4_do_update_inode:5617: inode #12: comm syz.3.926: corrupted inode contents [ 70.899336][ T5894] EXT4-fs error (device loop3) in ext4_orphan_del:303: Corrupt filesystem [ 70.910598][ T5894] EXT4-fs error (device loop3): ext4_do_update_inode:5617: inode #12: comm syz.3.926: corrupted inode contents [ 70.924412][ T5894] EXT4-fs error (device loop3): ext4_truncate:4635: inode #12: comm syz.3.926: mark_inode_dirty error [ 70.936322][ T5894] EXT4-fs error (device loop3) in ext4_process_orphan:345: Corrupt filesystem [ 70.949404][ T5894] EXT4-fs (loop3): 1 truncate cleaned up [ 70.955842][ T5894] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 70.993596][ T5894] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 70.996829][ T5911] netlink: 12 bytes leftover after parsing attributes in process `syz.2.932'. [ 71.031798][ T3323] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 71.075015][ T3174] tipc: Node number set to 2886997007 [ 71.113796][ T5923] netlink: 'syz.3.936': attribute type 1 has an invalid length. [ 71.126477][ T5929] netlink: 24 bytes leftover after parsing attributes in process `syz.4.942'. [ 71.151241][ T5919] SELinux: ebitmap: truncated map [ 71.166158][ T5919] SELinux: failed to load policy [ 71.234625][ T5941] netlink: 'syz.0.947': attribute type 1 has an invalid length. [ 71.266906][ T5941] 8021q: adding VLAN 0 to HW filter on device bond2 [ 71.283105][ T5941] 8021q: adding VLAN 0 to HW filter on device bond2 [ 71.294226][ T5941] bond2: (slave vxcan3): The slave device specified does not support setting the MAC address [ 71.308332][ T5941] bond2: (slave vxcan3): Error -95 calling set_mac_address [ 71.328180][ T5951] netlink: 24 bytes leftover after parsing attributes in process `syz.4.949'. [ 71.371227][ T5954] smc: net device bond0 applied user defined pnetid SYZ0 [ 71.378695][ T5954] smc: net device bond0 erased user defined pnetid SYZ0 [ 71.386439][ T5945] netlink: 12 bytes leftover after parsing attributes in process `syz.4.949'. [ 71.601286][ T5956] SELinux: ebitmap: empty map [ 71.623001][ T5956] SELinux: failed to load policy [ 72.164241][ T5950] Set syz1 is full, maxelem 65536 reached [ 72.191267][ T5983] loop3: detected capacity change from 0 to 512 [ 72.249271][ T5983] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 72.309431][ T3323] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 72.319518][ T5998] netlink: 4 bytes leftover after parsing attributes in process `syz.4.969'. [ 72.568783][ T6027] tmpfs: Turning off swap in unprivileged tmpfs mounts unsupported [ 72.681648][ T6033] netlink: 24 bytes leftover after parsing attributes in process `syz.1.982'. [ 73.221775][ T6046] loop0: detected capacity change from 0 to 8192 [ 73.421737][ T29] kauditd_printk_skb: 197 callbacks suppressed [ 73.421755][ T29] audit: type=1400 audit(73.404:2112): avc: denied { unmount } for pid=3326 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1 [ 73.461345][ T3326] FAT-fs (loop0): error, invalid access to FAT (entry 0x0000e1b1) [ 73.469380][ T3326] FAT-fs (loop0): Filesystem has been set read-only [ 73.545572][ T29] audit: type=1400 audit(73.534:2113): avc: denied { unmount } for pid=3326 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1 [ 73.617577][ T6057] syzkaller1: entered promiscuous mode [ 73.619587][ T29] audit: type=1326 audit(73.584:2114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6058 comm="syz.0.992" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e1bc7f749 code=0x7ffc0000 [ 73.623184][ T6057] syzkaller1: entered allmulticast mode [ 73.652088][ T29] audit: type=1326 audit(73.584:2115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6058 comm="syz.0.992" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e1bc7f749 code=0x7ffc0000 [ 73.675086][ T29] audit: type=1326 audit(73.584:2116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6058 comm="syz.0.992" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1e1bc7f749 code=0x7ffc0000 [ 73.698155][ T29] audit: type=1326 audit(73.584:2117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6058 comm="syz.0.992" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e1bc7f749 code=0x7ffc0000 [ 73.720867][ T29] audit: type=1326 audit(73.584:2118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6058 comm="syz.0.992" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e1bc7f749 code=0x7ffc0000 [ 73.743920][ T29] audit: type=1326 audit(73.594:2119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6058 comm="syz.0.992" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1e1bc7f749 code=0x7ffc0000 [ 73.766996][ T29] audit: type=1326 audit(73.594:2120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6058 comm="syz.0.992" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e1bc7f749 code=0x7ffc0000 [ 73.789966][ T29] audit: type=1326 audit(73.594:2121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6058 comm="syz.0.992" exe="/root/syz-executor" sig=0 arch=c000003e syscall=290 compat=0 ip=0x7f1e1bc7f749 code=0x7ffc0000 [ 73.906093][ T6067] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6067 comm=syz.0.998 [ 74.036017][ T6074] netlink: 'syz.3.1001': attribute type 13 has an invalid length. [ 74.194817][ T6081] netlink: 'syz.1.1004': attribute type 12 has an invalid length. [ 74.214129][ T6086] loop0: detected capacity change from 0 to 2048 [ 74.449798][ T6086] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 74.515448][ T6085] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1306: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 74.536837][ T6085] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 30 with max blocks 1 with error 28 [ 74.550127][ T6085] EXT4-fs (loop0): This should not happen!! Data will be lost [ 74.550127][ T6085] [ 74.560084][ T6085] EXT4-fs (loop0): Total free blocks count 0 [ 74.566280][ T6085] EXT4-fs (loop0): Free/Dirty block details [ 74.572269][ T6085] EXT4-fs (loop0): free_blocks=2415919104 [ 74.578073][ T6085] EXT4-fs (loop0): dirty_blocks=32 [ 74.583326][ T6085] EXT4-fs (loop0): Block reservation details [ 74.589768][ T6085] EXT4-fs (loop0): i_reserved_data_blocks=2 [ 74.643266][ T3825] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28 [ 75.426390][ T6151] bridge0: entered promiscuous mode [ 75.440064][ T6151] macsec1: entered promiscuous mode [ 75.447571][ T6151] bridge0: port 1(macsec1) entered blocking state [ 75.454216][ T6151] bridge0: port 1(macsec1) entered disabled state [ 75.461454][ T6151] macsec1: entered allmulticast mode [ 75.466915][ T6151] bridge0: entered allmulticast mode [ 75.474583][ T6151] macsec1: left allmulticast mode [ 75.479800][ T6151] bridge0: left allmulticast mode [ 75.486468][ T6151] bridge0: left promiscuous mode [ 75.611278][ T6168] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6168 comm=syz.3.1039 [ 75.763950][ T6184] __nla_validate_parse: 3 callbacks suppressed [ 75.763968][ T6184] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1046'. [ 75.848269][ T6195] loop3: detected capacity change from 0 to 512 [ 75.857800][ T6196] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6196 comm=syz.0.1051 [ 75.872944][ T6195] EXT4-fs: Ignoring removed i_version option [ 75.879161][ T6195] EXT4-fs: Ignoring removed bh option [ 75.912141][ T6195] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 75.969325][ T6207] vlan2: entered allmulticast mode [ 76.015493][ T3323] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 76.060922][ T6210] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1057'. [ 76.669166][ T6251] bridge0: entered promiscuous mode [ 76.687216][ T6251] macsec1: entered promiscuous mode [ 76.705875][ T6251] bridge0: port 3(macsec1) entered blocking state [ 76.712457][ T6251] bridge0: port 3(macsec1) entered disabled state [ 76.755192][ T6251] macsec1: entered allmulticast mode [ 76.760539][ T6251] bridge0: entered allmulticast mode [ 76.795307][ T6251] macsec1: left allmulticast mode [ 76.800387][ T6251] bridge0: left allmulticast mode [ 76.815282][ T6251] bridge0: left promiscuous mode [ 77.075596][ T6263] netlink: 'syz.2.1078': attribute type 12 has an invalid length. [ 77.552450][ T6298] bridge0: port 2(bridge_slave_1) entered disabled state [ 77.560161][ T6298] bridge0: port 1(bridge_slave_0) entered disabled state [ 77.663066][ T6304] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1096'. [ 77.690402][ T6298] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 77.713262][ T6298] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 77.780708][ T6300] geneve2: entered promiscuous mode [ 77.932678][ T6318] netlink: 'syz.3.1102': attribute type 3 has an invalid length. [ 77.940606][ T6318] netlink: 'syz.3.1102': attribute type 1 has an invalid length. [ 77.948712][ T6318] netlink: 181400 bytes leftover after parsing attributes in process `syz.3.1102'. [ 78.126414][ T6338] bridge0: entered promiscuous mode [ 78.133587][ T6338] bridge0: port 4(macvtap1) entered blocking state [ 78.140300][ T6338] bridge0: port 4(macvtap1) entered disabled state [ 78.164878][ T6338] macvtap1: entered allmulticast mode [ 78.170328][ T6338] bridge0: entered allmulticast mode [ 78.205993][ T6338] macvtap1: left allmulticast mode [ 78.211180][ T6338] bridge0: left allmulticast mode [ 78.225929][ T6338] bridge0: left promiscuous mode [ 78.272392][ T6350] loop0: detected capacity change from 0 to 512 [ 78.390937][ T6350] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 78.458358][ T29] kauditd_printk_skb: 130 callbacks suppressed [ 78.458374][ T29] audit: type=1400 audit(78.444:2252): avc: denied { create } for pid=6361 comm="syz.4.1120" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 78.566670][ T29] audit: type=1400 audit(78.484:2253): avc: denied { ioctl } for pid=6361 comm="syz.4.1120" path="socket:[18560]" dev="sockfs" ino=18560 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 78.591592][ T29] audit: type=1400 audit(78.544:2254): avc: denied { append } for pid=6349 comm="syz.0.1117" name="file2" dev="loop0" ino=16 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 78.641802][ T3326] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 78.652423][ T6378] netlink: 'syz.2.1129': attribute type 10 has an invalid length. [ 78.660432][ T6378] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1129'. [ 78.680836][ T6378] ipvlan2: entered promiscuous mode [ 78.687303][ T6378] bridge0: port 1(ipvlan2) entered blocking state [ 78.693907][ T6378] bridge0: port 1(ipvlan2) entered disabled state [ 78.700600][ T6378] ipvlan2: entered allmulticast mode [ 78.705990][ T6378] bridge0: entered allmulticast mode [ 78.760239][ T6378] ipvlan2: left allmulticast mode [ 78.765370][ T6378] bridge0: left allmulticast mode [ 78.776007][ T29] audit: type=1326 audit(78.754:2255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6394 comm="syz.4.1135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff11814f749 code=0x7ffc0000 [ 78.830630][ T6393] netlink: 96 bytes leftover after parsing attributes in process `syz.3.1134'. [ 78.901735][ T29] audit: type=1326 audit(78.784:2256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6394 comm="syz.4.1135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=103 compat=0 ip=0x7ff11814f749 code=0x7ffc0000 [ 78.924765][ T29] audit: type=1400 audit(78.864:2257): avc: denied { create } for pid=6403 comm="syz.1.1139" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1 [ 78.944006][ T29] audit: type=1400 audit(78.864:2258): avc: denied { setopt } for pid=6403 comm="syz.1.1139" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1 [ 78.963282][ T29] audit: type=1400 audit(78.864:2259): avc: denied { listen } for pid=6403 comm="syz.1.1139" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1 [ 78.983716][ T29] audit: type=1326 audit(78.904:2260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6394 comm="syz.4.1135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff11814f749 code=0x7ffc0000 [ 79.006969][ T29] audit: type=1326 audit(78.904:2261): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6394 comm="syz.4.1135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff11814f749 code=0x7ffc0000 [ 80.180259][ T6461] team0: Caught tx_queue_len zero misconfig [ 80.200091][ T6459] veth0_vlan: left promiscuous mode [ 80.205457][ T6459] veth0_vlan: entered allmulticast mode [ 80.219618][ T6459] veth0_vlan: entered promiscuous mode [ 80.261586][ T6464] wireguard0: entered promiscuous mode [ 80.267208][ T6464] wireguard0: entered allmulticast mode [ 80.277981][ T6468] : renamed from vlan0 (while UP) [ 80.742521][ T6525] netlink: 96 bytes leftover after parsing attributes in process `syz.4.1178'. [ 80.813522][ T6540] wireguard0: entered promiscuous mode [ 80.819399][ T6540] wireguard0: entered allmulticast mode [ 80.975273][ T6568] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1185'. [ 81.496085][ T6638] loop3: detected capacity change from 0 to 4096 [ 81.505513][ T6638] EXT4-fs: Ignoring removed nomblk_io_submit option [ 81.523534][ T6638] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 81.900023][ T3323] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 82.163793][ T6713] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1222'. [ 82.173567][ T6713] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1222'. [ 83.063044][ T6771] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1243'. [ 83.086410][ T6771] syz_tun: entered promiscuous mode [ 83.208275][ T6782] netlink: 131740 bytes leftover after parsing attributes in process `syz.1.1248'. [ 83.244936][ T6782] netlink: zone id is out of range [ 83.250125][ T6782] netlink: zone id is out of range [ 83.269697][ T6782] netlink: zone id is out of range [ 83.290729][ T6782] netlink: del zone limit has 8 unknown bytes [ 83.893774][ T6743] syz.0.1235 invoked oom-killer: gfp_mask=0x408d40(GFP_NOFS|__GFP_ZERO|__GFP_NOFAIL|__GFP_ACCOUNT), order=0, oom_score_adj=1000 [ 83.907314][ T6743] CPU: 0 UID: 0 PID: 6743 Comm: syz.0.1235 Not tainted syzkaller #0 PREEMPT(voluntary) [ 83.907389][ T6743] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 83.907400][ T6743] Call Trace: [ 83.907408][ T6743] [ 83.907417][ T6743] __dump_stack+0x1d/0x30 [ 83.907455][ T6743] dump_stack_lvl+0x95/0xd0 [ 83.907475][ T6743] dump_stack+0x15/0x1b [ 83.907493][ T6743] dump_header+0x81/0x240 [ 83.907514][ T6743] oom_kill_process+0x295/0x350 [ 83.907561][ T6743] out_of_memory+0x97b/0xb80 [ 83.907582][ T6743] try_charge_memcg+0x610/0xa10 [ 83.907622][ T6743] obj_cgroup_charge_pages+0xa6/0x150 [ 83.907707][ T6743] obj_cgroup_charge_account+0x73/0x1a0 [ 83.907794][ T6743] ? perf_callchain_kernel+0x2e9/0x350 [ 83.907820][ T6743] __memcg_slab_post_alloc_hook+0x397/0x530 [ 83.907850][ T6743] kmem_cache_alloc_noprof+0x2c5/0x4b0 [ 83.907870][ T6743] ? alloc_buffer_head+0x35/0x1f0 [ 83.907932][ T6743] alloc_buffer_head+0x35/0x1f0 [ 83.907960][ T6743] folio_alloc_buffers+0x14a/0x310 [ 83.908019][ T6743] create_empty_buffers+0x2c/0x200 [ 83.908150][ T6743] __block_write_begin_int+0x1d4/0xf90 [ 83.908198][ T6743] ? __rcu_read_unlock+0x4f/0x70 [ 83.908217][ T6743] ? filemap_get_entry+0x34b/0x390 [ 83.908243][ T6743] ? __pfx_ext4_da_get_block_prep+0x10/0x10 [ 83.908366][ T6743] ? ktime_get_coarse_real_ts64_mg+0x187/0x1a0 [ 83.908407][ T6743] ? __pfx_ext4_da_get_block_prep+0x10/0x10 [ 83.908494][ T6743] block_page_mkwrite+0x1a8/0x3d0 [ 83.908522][ T6743] ext4_page_mkwrite+0x859/0xb90 [ 83.908548][ T6743] ? folio_unlock+0xd9/0x120 [ 83.908570][ T6743] handle_mm_fault+0x1601/0x2c60 [ 83.908680][ T6743] do_user_addr_fault+0x630/0x1080 [ 83.908716][ T6743] exc_page_fault+0x62/0xa0 [ 83.908778][ T6743] asm_exc_page_fault+0x26/0x30 [ 83.908799][ T6743] RIP: 0033:0x7f1e1bb5142c [ 83.908815][ T6743] Code: 43 eb 00 01 48 8d 50 ff 48 89 15 47 43 eb 00 88 48 ff 8b 2d 2e 43 eb 00 e8 81 7a ff ff 48 8b 05 3a 43 eb 00 41 bc 04 00 00 00 <89> 28 48 83 c0 08 66 44 89 60 fc 83 05 2a 43 eb 00 01 66 83 3d 26 [ 83.908846][ T6743] RSP: 002b:00007ffd81121f10 EFLAGS: 00010206 [ 83.908876][ T6743] RAX: 0000001b33f24220 RBX: 00007f1e1ca05720 RCX: 0000000000000011 [ 83.908914][ T6743] RDX: 0000001b33f24220 RSI: 0000000000000008 RDI: 00007f1e1ca05720 [ 83.909000][ T6743] RBP: 00000000000116cd R08: 00007f1e1b6ef068 R09: 00007f1e1bec2000 [ 83.909053][ T6743] R10: 00007f1e1b6ef008 R11: 0000000000000006 R12: 0000000000000004 [ 83.909068][ T6743] R13: 0000000000000026 R14: 0000000000000000 R15: 00000000000116cc [ 83.909089][ T6743] [ 83.909097][ T6743] memory: usage 307200kB, limit 307200kB, failcnt 486 [ 84.101747][ T6806] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1258'. [ 84.108445][ T6743] memory+swap: usage 374720kB, limit 9007199254740988kB, failcnt 0 [ 84.108466][ T6743] kmem: usage 302676kB, limit 9007199254740988kB, failcnt 0 [ 84.115257][ T6806] syz_tun: entered promiscuous mode [ 84.123493][ T6743] Memory cgroup stats for /syz0: [ 84.133947][ T6743] cache 4096 [ 84.203679][ T6743] rss 4567040 [ 84.207134][ T6743] shmem 0 [ 84.210080][ T6743] mapped_file 4096 [ 84.213974][ T6743] dirty 0 [ 84.216949][ T6743] writeback 0 [ 84.220245][ T6743] workingset_refault_anon 1068 [ 84.225109][ T6743] workingset_refault_file 1422 [ 84.229979][ T6743] swap 69140480 [ 84.233590][ T6743] swapcached 57344 [ 84.237518][ T6743] pgpgin 82466 [ 84.240972][ T6743] pgpgout 81335 [ 84.244478][ T6743] pgfault 85690 [ 84.248013][ T6743] pgmajfault 163 [ 84.251652][ T6743] inactive_anon 4096 [ 84.255640][ T6743] active_anon 196608 [ 84.259537][ T6743] inactive_file 4431872 [ 84.263791][ T6743] active_file 0 [ 84.267305][ T6743] unevictable 0 [ 84.270767][ T6743] hierarchical_memory_limit 314572800 [ 84.276304][ T6743] hierarchical_memsw_limit 9223372036854771712 [ 84.282517][ T6743] total_cache 4096 [ 84.286377][ T6743] total_rss 4567040 [ 84.290191][ T6743] total_shmem 0 [ 84.293648][ T6743] total_mapped_file 4096 [ 84.297990][ T6743] total_dirty 0 [ 84.301455][ T6743] total_writeback 0 [ 84.305325][ T6743] total_workingset_refault_anon 1068 [ 84.310616][ T6743] total_workingset_refault_file 1422 [ 84.315940][ T6743] total_swap 69140480 [ 84.319969][ T6743] total_swapcached 57344 [ 84.324212][ T6743] total_pgpgin 82466 [ 84.328215][ T6743] total_pgpgout 81335 [ 84.332210][ T6743] total_pgfault 85690 [ 84.336297][ T6743] total_pgmajfault 163 [ 84.340382][ T6743] total_inactive_anon 4096 [ 84.344935][ T6743] total_active_anon 196608 [ 84.349440][ T6743] total_inactive_file 4431872 [ 84.354268][ T6743] total_active_file 0 [ 84.358333][ T6743] total_unevictable 0 [ 84.362323][ T6743] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz.0.1235,pid=6743,uid=0 [ 84.377065][ T6743] Memory cgroup out of memory: Killed process 6743 (syz.0.1235) total-vm:96016kB, anon-rss:5620kB, file-rss:22184kB, shmem-rss:0kB, UID:0 pgtables:148kB oom_score_adj:1000 [ 84.498486][ T29] kauditd_printk_skb: 71 callbacks suppressed [ 84.498503][ T29] audit: type=1400 audit(84.484:2333): avc: denied { read append } for pid=6809 comm="syz.4.1260" name="file0" dev="tmpfs" ino=1435 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 84.635488][ T29] audit: type=1326 audit(84.614:2334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6815 comm="syz.1.1263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36890af749 code=0x7ffc0000 [ 84.658526][ T29] audit: type=1326 audit(84.614:2335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6815 comm="syz.1.1263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=17 compat=0 ip=0x7f36890af749 code=0x7ffc0000 [ 84.681392][ T29] audit: type=1326 audit(84.614:2336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6815 comm="syz.1.1263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36890af749 code=0x7ffc0000 [ 84.704196][ T29] audit: type=1326 audit(84.614:2337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6815 comm="syz.1.1263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f36890af749 code=0x7ffc0000 [ 84.727011][ T29] audit: type=1326 audit(84.614:2338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6815 comm="syz.1.1263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36890af749 code=0x7ffc0000 [ 84.749984][ T29] audit: type=1326 audit(84.614:2339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6815 comm="syz.1.1263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7f36890af749 code=0x7ffc0000 [ 84.772850][ T29] audit: type=1326 audit(84.614:2340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6815 comm="syz.1.1263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36890af749 code=0x7ffc0000 [ 84.891836][ T6823] tipc: Started in network mode [ 84.896953][ T6823] tipc: Node identity ac14140f, cluster identity 4711 [ 84.914833][ T6823] tipc: New replicast peer: 255.255.255.255 [ 84.920991][ T6823] tipc: Enabled bearer , priority 10 [ 84.929098][ T29] audit: type=1326 audit(84.624:2341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6815 comm="syz.1.1263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7f36890af749 code=0x7ffc0000 [ 84.952062][ T29] audit: type=1326 audit(84.624:2342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6815 comm="syz.1.1263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36890af749 code=0x7ffc0000 [ 84.995064][ T6826] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1266'. [ 85.004133][ T6826] tipc: Disabling bearer [ 85.072418][ T6834] IPVS: dh: FWM 3 0x00000003 - no destination available [ 85.079837][ T3429] IPVS: starting estimator thread 0... [ 85.174776][ T6836] IPVS: using max 2400 ests per chain, 120000 per kthread [ 85.209660][ T6842] loop0: detected capacity change from 0 to 1024 [ 85.229127][ T6844] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1273'. [ 85.262643][ T6842] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=842c018, mo2=0002] [ 85.271496][ T6842] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 85.297680][ T6848] vlan0: entered allmulticast mode [ 85.306669][ T6842] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.1272: bg 0: block 88: padding at end of block bitmap is not set [ 85.333738][ T3326] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 85.822062][ T6885] SELinux: Context system_u:object_r:dhcpc_state_t:s0 is not valid (left unmapped). [ 85.865520][ T6889] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1290'. [ 86.010494][ T6903] loop3: detected capacity change from 0 to 764 [ 86.034864][ T6904] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1296'. [ 86.043973][ T6904] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1296'. [ 86.055231][ T6903] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 86.119487][ T6913] bridge_slave_0: left promiscuous mode [ 86.125373][ T6913] bridge0: port 1(bridge_slave_0) entered disabled state [ 86.148393][ T6913] bridge_slave_1: left allmulticast mode [ 86.154181][ T6913] bridge_slave_1: left promiscuous mode [ 86.160122][ T6913] bridge0: port 2(bridge_slave_1) entered disabled state [ 86.176082][ T6913] bond0: (slave bond_slave_0): Releasing backup interface [ 86.196916][ T6913] bond0: (slave bond_slave_1): Releasing backup interface [ 86.217311][ T6913] team0: Port device team_slave_0 removed [ 86.234371][ T6913] team0: Port device team_slave_1 removed [ 86.258343][ T6913] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 86.274310][ T6913] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 86.320230][ T6913] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check. [ 86.337379][ T6925] loop0: detected capacity change from 0 to 128 [ 86.562021][ T6950] loop0: detected capacity change from 0 to 512 [ 86.584551][ T6950] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 86.615828][ T6950] EXT4-fs (loop0): 1 truncate cleaned up [ 86.627528][ T6950] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 86.745849][ T3326] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 86.748253][ T6970] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1326'. [ 86.934356][ T6989] loop0: detected capacity change from 0 to 256 [ 86.955465][ T6992] netlink: 'syz.4.1336': attribute type 12 has an invalid length. [ 87.313671][ T7020] IPv6: NLM_F_CREATE should be specified when creating new route [ 87.487453][ T7028] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1352'. [ 87.504057][ T7027] pimreg: entered allmulticast mode [ 87.546391][ T7027] pimreg: left allmulticast mode [ 87.776472][ T7042] bond0: Caught tx_queue_len zero misconfig [ 87.966274][ T7055] IPv6: NLM_F_CREATE should be specified when creating new route [ 87.981995][ T7053] bond0: (slave team0): Releasing backup interface [ 87.997633][ T7053] bridge_slave_0: left allmulticast mode [ 88.003343][ T7053] bridge_slave_0: left promiscuous mode [ 88.009185][ T7053] bridge0: port 1(bridge_slave_0) entered disabled state [ 88.031152][ T7053] bridge_slave_1: left allmulticast mode [ 88.036878][ T7053] bridge_slave_1: left promiscuous mode [ 88.042757][ T7053] bridge0: port 2(bridge_slave_1) entered disabled state [ 88.082115][ T7053] bond0: (slave bond_slave_0): Releasing backup interface [ 88.097995][ T7053] bond0: (slave bond_slave_1): Releasing backup interface [ 88.131832][ T7053] team0: Port device team_slave_0 removed [ 88.141183][ T7053] team0: Port device team_slave_1 removed [ 88.151471][ T7053] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check. [ 88.245105][ T7077] IPv6: NLM_F_CREATE should be specified when creating new route [ 88.293490][ T7082] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1379'. [ 88.401155][ T7096] vlan2: entered allmulticast mode [ 88.406461][ T7096] bridge_slave_0: entered allmulticast mode [ 88.513538][ T7091] loop0: detected capacity change from 0 to 4096 [ 88.560762][ T7091] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 88.590453][ T7115] loop3: detected capacity change from 0 to 128 [ 88.623212][ T7115] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 88.673506][ T3809] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 88.896450][ T3326] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 89.025186][ T7170] netlink: 20 bytes leftover after parsing attributes in process `'. [ 89.083031][ T7176] bridge0: entered promiscuous mode [ 89.113275][ T7176] bridge0: left promiscuous mode [ 89.156264][ T7182] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 89.230059][ T7182] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 89.291320][ T7182] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 89.340843][ T7182] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 89.492711][ T3840] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.518862][ T3840] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.538190][ T3840] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.559988][ T3840] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.605858][ T7239] tipc: New replicast peer: 255.255.255.255 [ 89.611858][ T7239] tipc: Enabled bearer , priority 10 [ 89.651960][ T7239] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1417'. [ 89.661156][ T7239] tipc: Disabling bearer [ 89.788605][ T7261] netlink: 64 bytes leftover after parsing attributes in process `syz.4.1423'. [ 89.877680][ T29] kauditd_printk_skb: 695 callbacks suppressed [ 89.877699][ T29] audit: type=1326 audit(89.864:3035): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7269 comm="syz.0.1424" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e1bc7f749 code=0x7ffc0000 [ 89.980482][ T29] audit: type=1326 audit(89.864:3036): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7269 comm="syz.0.1424" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e1bc7f749 code=0x7ffc0000 [ 90.003972][ T29] audit: type=1326 audit(89.894:3037): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7269 comm="syz.0.1424" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1e1bc7f749 code=0x7ffc0000 [ 90.026877][ T29] audit: type=1326 audit(89.894:3038): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7269 comm="syz.0.1424" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e1bc7f749 code=0x7ffc0000 [ 90.049818][ T29] audit: type=1326 audit(89.894:3039): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7269 comm="syz.0.1424" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e1bc7f749 code=0x7ffc0000 [ 90.072611][ T29] audit: type=1326 audit(89.964:3040): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7269 comm="syz.0.1424" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f1e1bc7f749 code=0x7ffc0000 [ 90.095426][ T29] audit: type=1326 audit(89.964:3041): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7269 comm="syz.0.1424" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e1bc7f749 code=0x7ffc0000 [ 90.118562][ T29] audit: type=1326 audit(89.964:3042): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7269 comm="syz.0.1424" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e1bc7f749 code=0x7ffc0000 [ 90.141948][ T29] audit: type=1326 audit(89.964:3043): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7269 comm="syz.0.1424" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f1e1bc7f749 code=0x7ffc0000 [ 90.165230][ T29] audit: type=1326 audit(89.964:3044): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7269 comm="syz.0.1424" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e1bc7f749 code=0x7ffc0000 [ 91.079094][ T7369] loop3: detected capacity change from 0 to 8192 [ 91.750550][ T7416] netlink: 'syz.3.1463': attribute type 4 has an invalid length. [ 91.758475][ T7416] netlink: 152 bytes leftover after parsing attributes in process `syz.3.1463'. [ 91.816962][ T7416] .`: renamed from bond0 (while UP) [ 91.946938][ T7427] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1469'. [ 92.701235][ T7393] syz.2.1455 invoked oom-killer: gfp_mask=0x408d40(GFP_NOFS|__GFP_ZERO|__GFP_NOFAIL|__GFP_ACCOUNT), order=0, oom_score_adj=0 [ 92.714428][ T7393] CPU: 0 UID: 0 PID: 7393 Comm: syz.2.1455 Not tainted syzkaller #0 PREEMPT(voluntary) [ 92.714453][ T7393] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 92.714461][ T7393] Call Trace: [ 92.714466][ T7393] [ 92.714471][ T7393] __dump_stack+0x1d/0x30 [ 92.714489][ T7393] dump_stack_lvl+0x95/0xd0 [ 92.714518][ T7393] dump_stack+0x15/0x1b [ 92.714532][ T7393] dump_header+0x81/0x240 [ 92.714546][ T7393] oom_kill_process+0x295/0x350 [ 92.714641][ T7393] out_of_memory+0x97b/0xb80 [ 92.714675][ T7393] try_charge_memcg+0x610/0xa10 [ 92.714719][ T7393] obj_cgroup_charge_pages+0xa6/0x150 [ 92.714794][ T7393] obj_cgroup_charge_account+0x73/0x1a0 [ 92.714828][ T7393] __memcg_slab_post_alloc_hook+0x397/0x530 [ 92.714863][ T7393] kmem_cache_alloc_noprof+0x2c5/0x4b0 [ 92.714914][ T7393] ? alloc_buffer_head+0x35/0x1f0 [ 92.714940][ T7393] alloc_buffer_head+0x35/0x1f0 [ 92.715005][ T7393] folio_alloc_buffers+0x14a/0x310 [ 92.715032][ T7393] create_empty_buffers+0x2c/0x200 [ 92.715127][ T7393] __block_write_begin_int+0x1d4/0xf90 [ 92.715156][ T7393] ? __queue_delayed_work+0x165/0x1e0 [ 92.715187][ T7393] ? queue_delayed_work_on+0xd7/0x140 [ 92.715219][ T7393] ? __pfx_ext4_da_get_block_prep+0x10/0x10 [ 92.715284][ T7393] ? _raw_spin_unlock_irq+0x26/0x50 [ 92.715356][ T7393] ? wb_wakeup_delayed+0x9b/0xb0 [ 92.715384][ T7393] ? _raw_spin_unlock+0x26/0x50 [ 92.715406][ T7393] ? __pfx_ext4_da_get_block_prep+0x10/0x10 [ 92.715485][ T7393] block_page_mkwrite+0x1a8/0x3d0 [ 92.715524][ T7393] ext4_page_mkwrite+0x859/0xb90 [ 92.715547][ T7393] ? folio_unlock+0xd9/0x120 [ 92.715567][ T7393] handle_mm_fault+0x1601/0x2c60 [ 92.715672][ T7393] ? mt_find+0x21b/0x330 [ 92.715695][ T7393] do_user_addr_fault+0x3fe/0x1080 [ 92.715723][ T7393] exc_page_fault+0x62/0xa0 [ 92.715775][ T7393] asm_exc_page_fault+0x26/0x30 [ 92.715793][ T7393] RIP: 0033:0x7f054174f8c2 [ 92.715808][ T7393] Code: 0f 1f 84 00 00 00 00 00 be 08 00 00 00 48 89 df e8 f3 95 fe ff 48 8b 53 38 48 8d 42 f8 48 89 43 38 8b 43 28 83 c0 08 89 43 28 <4c> 89 62 f8 41 8d 56 01 41 39 ee 0f 83 8d 00 00 00 41 89 d6 48 8b [ 92.715824][ T7393] RSP: 002b:00007fff4fe6e4f0 EFLAGS: 00010202 [ 92.715840][ T7393] RAX: 0000000000012008 RBX: 00007f05425f5720 RCX: 0000000000000000 [ 92.715924][ T7393] RDX: 0000001b34712000 RSI: 0000000000000008 RDI: 00007f05425f5720 [ 92.715935][ T7393] RBP: 00000000000006cb R08: 00007f05412df050 R09: 00007f0541ab2000 [ 92.715947][ T7393] R10: 00007f05412df008 R11: 0000000000000005 R12: ffffffff8186a732 [ 92.716012][ T7393] R13: 00007f0541ac6038 R14: 0000000000000355 R15: fffffffffffee000 [ 92.716025][ T7393] ? walk_pgd_range+0x1482/0x14e0 [ 92.716049][ T7393] [ 92.975774][ T7393] memory: usage 307200kB, limit 307200kB, failcnt 2014 [ 92.982813][ T7393] memory+swap: usage 345812kB, limit 9007199254740988kB, failcnt 0 [ 92.990740][ T7393] kmem: usage 266104kB, limit 9007199254740988kB, failcnt 0 [ 92.991327][ T7471] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1479'. [ 92.998202][ T7393] Memory cgroup stats for /syz2: [ 93.008132][ T7393] cache 41852928 [ 93.016758][ T7393] rss 204800 [ 93.020041][ T7393] shmem 41848832 [ 93.023596][ T7393] mapped_file 11755520 [ 93.027757][ T7393] dirty 0 [ 93.030804][ T7393] writeback 0 [ 93.034133][ T7393] workingset_refault_anon 66 [ 93.038810][ T7393] workingset_refault_file 2832 [ 93.043673][ T7393] swap 39538688 [ 93.047280][ T7393] swapcached 24576 [ 93.051270][ T7393] pgpgin 101014 [ 93.054782][ T7393] pgpgout 90740 [ 93.058324][ T7393] pgfault 70264 [ 93.061796][ T7393] pgmajfault 57 [ 93.065332][ T7393] inactive_anon 13176832 [ 93.069642][ T7393] active_anon 28901376 [ 93.073897][ T7393] inactive_file 0 [ 93.077616][ T7393] active_file 4096 [ 93.081424][ T7393] unevictable 0 [ 93.084920][ T7393] hierarchical_memory_limit 314572800 [ 93.090472][ T7393] hierarchical_memsw_limit 9223372036854771712 [ 93.096755][ T7393] total_cache 41852928 [ 93.100834][ T7393] total_rss 204800 [ 93.104549][ T7393] total_shmem 41848832 [ 93.108645][ T7393] total_mapped_file 11755520 [ 93.113265][ T7393] total_dirty 0 [ 93.116876][ T7393] total_writeback 0 [ 93.120694][ T7393] total_workingset_refault_anon 66 [ 93.125878][ T7393] total_workingset_refault_file 2832 [ 93.131283][ T7393] total_swap 39538688 [ 93.135303][ T7393] total_swapcached 24576 [ 93.139649][ T7393] total_pgpgin 101014 [ 93.143718][ T7393] total_pgpgout 90740 [ 93.147822][ T7393] total_pgfault 70264 [ 93.151935][ T7393] total_pgmajfault 57 [ 93.155948][ T7393] total_inactive_anon 13176832 [ 93.160794][ T7393] total_active_anon 28901376 [ 93.165455][ T7393] total_inactive_file 0 [ 93.169700][ T7393] total_active_file 4096 [ 93.174018][ T7393] total_unevictable 0 [ 93.178020][ T7393] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.642,pid=5184,uid=0 [ 93.193212][ T7393] Memory cgroup out of memory: Killed process 5184 (syz.2.642) total-vm:95884kB, anon-rss:1172kB, file-rss:20736kB, shmem-rss:0kB, UID:0 pgtables:104kB oom_score_adj:1000 [ 93.279292][ T7394] syz.2.1455 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=0 [ 93.293623][ T7394] CPU: 1 UID: 0 PID: 7394 Comm: syz.2.1455 Not tainted syzkaller #0 PREEMPT(voluntary) [ 93.293656][ T7394] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 93.293707][ T7394] Call Trace: [ 93.293714][ T7394] [ 93.293724][ T7394] __dump_stack+0x1d/0x30 [ 93.293755][ T7394] dump_stack_lvl+0x95/0xd0 [ 93.293843][ T7394] dump_stack+0x15/0x1b [ 93.293861][ T7394] dump_header+0x81/0x240 [ 93.293881][ T7394] oom_kill_process+0x295/0x350 [ 93.293981][ T7394] out_of_memory+0x97b/0xb80 [ 93.294005][ T7394] try_charge_memcg+0x610/0xa10 [ 93.294054][ T7394] obj_cgroup_charge_pages+0xa6/0x150 [ 93.294155][ T7394] __memcg_kmem_charge_page+0x9f/0x170 [ 93.294193][ T7394] __alloc_frozen_pages_noprof+0x18f/0x360 [ 93.294235][ T7394] alloc_pages_mpol+0xb3/0x260 [ 93.294289][ T7394] alloc_pages_noprof+0x90/0x130 [ 93.294400][ T7394] __vmalloc_node_range_noprof+0xa7b/0x1310 [ 93.294441][ T7394] __kvmalloc_node_noprof+0x492/0x6b0 [ 93.294481][ T7394] ? ip_set_alloc+0x24/0x30 [ 93.294517][ T7394] ? ip_set_alloc+0x24/0x30 [ 93.294551][ T7394] ? __kmalloc_cache_noprof+0x3e5/0x4c0 [ 93.294582][ T7394] ip_set_alloc+0x24/0x30 [ 93.294665][ T7394] hash_netiface_create+0x282/0x740 [ 93.294701][ T7394] ? __pfx_hash_netiface_create+0x10/0x10 [ 93.294869][ T7394] ip_set_create+0x3cc/0x970 [ 93.294936][ T7394] ? __nla_parse+0x40/0x60 [ 93.294969][ T7394] nfnetlink_rcv_msg+0x4c6/0x590 [ 93.295013][ T7394] netlink_rcv_skb+0x123/0x220 [ 93.295047][ T7394] ? __pfx_nfnetlink_rcv_msg+0x10/0x10 [ 93.295110][ T7394] nfnetlink_rcv+0x167/0x16c0 [ 93.295140][ T7394] ? kmem_cache_free+0xe3/0x3a0 [ 93.295170][ T7394] ? __kfree_skb+0x109/0x150 [ 93.295230][ T7394] ? nlmon_xmit+0x4f/0x60 [ 93.295251][ T7394] ? consume_skb+0x49/0x150 [ 93.295278][ T7394] ? nlmon_xmit+0x4f/0x60 [ 93.295302][ T7394] ? dev_hard_start_xmit+0x3b0/0x3e0 [ 93.295395][ T7394] ? __dev_queue_xmit+0x13a6/0x1ee0 [ 93.295426][ T7394] ? __dev_queue_xmit+0x148/0x1ee0 [ 93.295457][ T7394] ? ref_tracker_free+0x37d/0x3e0 [ 93.295485][ T7394] ? __netlink_deliver_tap+0x4dc/0x500 [ 93.295601][ T7394] netlink_unicast+0x5c0/0x690 [ 93.295628][ T7394] netlink_sendmsg+0x58b/0x6b0 [ 93.295661][ T7394] ? __pfx_netlink_sendmsg+0x10/0x10 [ 93.295725][ T7394] __sock_sendmsg+0x145/0x180 [ 93.295744][ T7394] ____sys_sendmsg+0x31e/0x4a0 [ 93.295772][ T7394] ___sys_sendmsg+0x17b/0x1d0 [ 93.295883][ T7394] __x64_sys_sendmsg+0xd4/0x160 [ 93.295920][ T7394] x64_sys_call+0x17ba/0x3000 [ 93.295951][ T7394] do_syscall_64+0xca/0x2b0 [ 93.295989][ T7394] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 93.296071][ T7394] RIP: 0033:0x7f054186f749 [ 93.296089][ T7394] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 93.296106][ T7394] RSP: 002b:00007f05402d7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 93.296130][ T7394] RAX: ffffffffffffffda RBX: 00007f0541ac5fa0 RCX: 00007f054186f749 [ 93.296148][ T7394] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000006 [ 93.296162][ T7394] RBP: 00007f05418f3f91 R08: 0000000000000000 R09: 0000000000000000 [ 93.296177][ T7394] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 93.296192][ T7394] R13: 00007f0541ac6038 R14: 00007f0541ac5fa0 R15: 00007fff4fe6e448 [ 93.296214][ T7394] [ 93.626329][ T7394] memory: usage 307140kB, limit 307200kB, failcnt 2291 [ 93.633973][ T7394] memory+swap: usage 346020kB, limit 9007199254740988kB, failcnt 0 [ 93.642128][ T7394] kmem: usage 266440kB, limit 9007199254740988kB, failcnt 0 [ 93.649598][ T7394] Memory cgroup stats for /syz2: [ 93.694973][ T7394] cache 41521152 [ 93.703512][ T7394] rss 204800 [ 93.706807][ T7394] shmem 41410560 [ 93.710363][ T7394] mapped_file 11751424 [ 93.714637][ T7394] dirty 0 [ 93.717990][ T7394] writeback 0 [ 93.721762][ T7394] workingset_refault_anon 66 [ 93.726802][ T7394] workingset_refault_file 2995 [ 93.731643][ T7394] swap 39813120 [ 93.735204][ T7394] swapcached 12288 [ 93.738984][ T7394] pgpgin 101178 [ 93.742674][ T7394] pgpgout 90988 [ 93.746234][ T7394] pgfault 70269 [ 93.749794][ T7394] pgmajfault 62 [ 93.753272][ T7394] inactive_anon 23973888 [ 93.757699][ T7394] active_anon 17653760 [ 93.762190][ T7394] inactive_file 4096 [ 93.766169][ T7394] active_file 106496 [ 93.770083][ T7394] unevictable 0 [ 93.773650][ T7394] hierarchical_memory_limit 314572800 [ 93.779183][ T7394] hierarchical_memsw_limit 9223372036854771712 [ 93.785369][ T7394] total_cache 41521152 [ 93.789440][ T7394] total_rss 204800 [ 93.793259][ T7394] total_shmem 41410560 [ 93.797405][ T7394] total_mapped_file 11751424 [ 93.802001][ T7394] total_dirty 0 [ 93.805557][ T7394] total_writeback 0 [ 93.809410][ T7394] total_workingset_refault_anon 66 [ 93.815546][ T7394] total_workingset_refault_file 2995 [ 93.820925][ T7394] total_swap 39813120 [ 93.825046][ T7394] total_swapcached 12288 [ 93.829374][ T7394] total_pgpgin 101178 [ 93.833435][ T7394] total_pgpgout 90988 [ 93.837514][ T7394] total_pgfault 70269 [ 93.841504][ T7394] total_pgmajfault 62 [ 93.845521][ T7394] total_inactive_anon 23973888 [ 93.850355][ T7394] total_active_anon 17653760 [ 93.855032][ T7394] total_inactive_file 4096 [ 93.859583][ T7394] total_active_file 106496 [ 93.864020][ T7394] total_unevictable 0 [ 93.868140][ T7394] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.574,pid=5020,uid=0 [ 93.882956][ T7394] Memory cgroup out of memory: Killed process 5020 (syz.2.574) total-vm:95884kB, anon-rss:1172kB, file-rss:20736kB, shmem-rss:0kB, UID:0 pgtables:104kB oom_score_adj:1000 [ 93.998221][ T7394] syz.2.1455 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=0 [ 94.012320][ T7394] CPU: 1 UID: 0 PID: 7394 Comm: syz.2.1455 Not tainted syzkaller #0 PREEMPT(voluntary) [ 94.012418][ T7394] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 94.012433][ T7394] Call Trace: [ 94.012442][ T7394] [ 94.012452][ T7394] __dump_stack+0x1d/0x30 [ 94.012492][ T7394] dump_stack_lvl+0x95/0xd0 [ 94.012516][ T7394] dump_stack+0x15/0x1b [ 94.012567][ T7394] dump_header+0x81/0x240 [ 94.012593][ T7394] oom_kill_process+0x295/0x350 [ 94.012622][ T7394] out_of_memory+0x97b/0xb80 [ 94.012647][ T7394] try_charge_memcg+0x610/0xa10 [ 94.012828][ T7394] obj_cgroup_charge_pages+0xa6/0x150 [ 94.012855][ T7394] __memcg_kmem_charge_page+0x9f/0x170 [ 94.012883][ T7394] __alloc_frozen_pages_noprof+0x18f/0x360 [ 94.012921][ T7394] alloc_pages_mpol+0xb3/0x260 [ 94.013016][ T7394] alloc_pages_noprof+0x90/0x130 [ 94.013052][ T7394] __vmalloc_node_range_noprof+0xa7b/0x1310 [ 94.013137][ T7394] __kvmalloc_node_noprof+0x492/0x6b0 [ 94.013234][ T7394] ? ip_set_alloc+0x24/0x30 [ 94.013269][ T7394] ? ip_set_alloc+0x24/0x30 [ 94.013302][ T7394] ? __kmalloc_cache_noprof+0x3e5/0x4c0 [ 94.013331][ T7394] ip_set_alloc+0x24/0x30 [ 94.013374][ T7394] hash_netiface_create+0x282/0x740 [ 94.013412][ T7394] ? __pfx_hash_netiface_create+0x10/0x10 [ 94.013449][ T7394] ip_set_create+0x3cc/0x970 [ 94.013515][ T7394] ? __nla_parse+0x40/0x60 [ 94.013547][ T7394] nfnetlink_rcv_msg+0x4c6/0x590 [ 94.013635][ T7394] netlink_rcv_skb+0x123/0x220 [ 94.013668][ T7394] ? __pfx_nfnetlink_rcv_msg+0x10/0x10 [ 94.013761][ T7394] nfnetlink_rcv+0x167/0x16c0 [ 94.013870][ T7394] ? kmem_cache_free+0xe3/0x3a0 [ 94.013900][ T7394] ? __kfree_skb+0x109/0x150 [ 94.013951][ T7394] ? nlmon_xmit+0x4f/0x60 [ 94.013975][ T7394] ? consume_skb+0x49/0x150 [ 94.014004][ T7394] ? nlmon_xmit+0x4f/0x60 [ 94.014022][ T7394] ? dev_hard_start_xmit+0x3b0/0x3e0 [ 94.014145][ T7394] ? __dev_queue_xmit+0x13a6/0x1ee0 [ 94.014228][ T7394] ? __dev_queue_xmit+0x148/0x1ee0 [ 94.014261][ T7394] ? ref_tracker_free+0x37d/0x3e0 [ 94.014294][ T7394] ? __netlink_deliver_tap+0x4dc/0x500 [ 94.014378][ T7394] netlink_unicast+0x5c0/0x690 [ 94.014411][ T7394] netlink_sendmsg+0x58b/0x6b0 [ 94.014492][ T7394] ? __pfx_netlink_sendmsg+0x10/0x10 [ 94.014528][ T7394] __sock_sendmsg+0x145/0x180 [ 94.014599][ T7394] ____sys_sendmsg+0x31e/0x4a0 [ 94.014683][ T7394] ___sys_sendmsg+0x17b/0x1d0 [ 94.014725][ T7394] __x64_sys_sendmsg+0xd4/0x160 [ 94.014759][ T7394] x64_sys_call+0x17ba/0x3000 [ 94.014858][ T7394] do_syscall_64+0xca/0x2b0 [ 94.014897][ T7394] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 94.014998][ T7394] RIP: 0033:0x7f054186f749 [ 94.015017][ T7394] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 94.015038][ T7394] RSP: 002b:00007f05402d7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 94.015096][ T7394] RAX: ffffffffffffffda RBX: 00007f0541ac5fa0 RCX: 00007f054186f749 [ 94.015111][ T7394] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000006 [ 94.015125][ T7394] RBP: 00007f05418f3f91 R08: 0000000000000000 R09: 0000000000000000 [ 94.015147][ T7394] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 94.015162][ T7394] R13: 00007f0541ac6038 R14: 00007f0541ac5fa0 R15: 00007fff4fe6e448 [ 94.015184][ T7394] [ 94.344930][ T7394] memory: usage 307200kB, limit 307200kB, failcnt 2769 [ 94.352076][ T7394] memory+swap: usage 345916kB, limit 9007199254740988kB, failcnt 0 [ 94.360192][ T7394] kmem: usage 266556kB, limit 9007199254740988kB, failcnt 0 [ 94.367776][ T7394] Memory cgroup stats for /syz2: [ 94.368234][ T7394] cache 41410560 [ 94.376997][ T7394] rss 204800 [ 94.380249][ T7394] shmem 41410560 [ 94.383806][ T7394] mapped_file 11751424 [ 94.387995][ T7394] dirty 0 [ 94.391027][ T7394] writeback 0 [ 94.394334][ T7394] workingset_refault_anon 66 [ 94.399048][ T7394] workingset_refault_file 3229 [ 94.403884][ T7394] swap 39645184 [ 94.407496][ T7394] swapcached 4096 [ 94.411155][ T7394] pgpgin 101412 [ 94.414739][ T7394] pgpgout 91251 [ 94.418211][ T7394] pgfault 70281 [ 94.421675][ T7394] pgmajfault 73 [ 94.425333][ T7394] inactive_anon 17653760 [ 94.429586][ T7394] active_anon 23965696 [ 94.433764][ T7394] inactive_file 0 [ 94.437631][ T7394] active_file 0 [ 94.441100][ T7394] unevictable 0 [ 94.444561][ T7394] hierarchical_memory_limit 314572800 [ 94.450016][ T7394] hierarchical_memsw_limit 9223372036854771712 [ 94.456227][ T7394] total_cache 41410560 [ 94.460313][ T7394] total_rss 204800 [ 94.464023][ T7394] total_shmem 41410560 [ 94.468416][ T7394] total_mapped_file 11751424 [ 94.473011][ T7394] total_dirty 0 [ 94.476608][ T7394] total_writeback 0 [ 94.480612][ T7394] total_workingset_refault_anon 66 [ 94.485950][ T7394] total_workingset_refault_file 3229 [ 94.491310][ T7394] total_swap 39645184 [ 94.495484][ T7394] total_swapcached 4096 [ 94.499909][ T7394] total_pgpgin 101412 [ 94.503958][ T7394] total_pgpgout 91251 [ 94.508007][ T7394] total_pgfault 70281 [ 94.512268][ T7394] total_pgmajfault 73 [ 94.516518][ T7394] total_inactive_anon 17653760 [ 94.521296][ T7394] total_active_anon 23965696 [ 94.526007][ T7394] total_inactive_file 0 [ 94.530170][ T7394] total_active_file 0 [ 94.534242][ T7394] total_unevictable 0 [ 94.538354][ T7394] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.1455,pid=7393,uid=0 [ 94.553192][ T7394] Memory cgroup out of memory: Killed process 7393 (syz.2.1455) total-vm:96148kB, anon-rss:1264kB, file-rss:22184kB, shmem-rss:11392kB, UID:0 pgtables:152kB oom_score_adj:0 [ 94.922789][ T29] kauditd_printk_skb: 29 callbacks suppressed [ 94.922804][ T29] audit: type=1400 audit(94.904:3074): avc: denied { create } for pid=7521 comm="syz.1.1505" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1 [ 95.020417][ T7524] loop3: detected capacity change from 0 to 2048 [ 95.042531][ T7528] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1508'. [ 95.087643][ T29] audit: type=1400 audit(95.074:3075): avc: denied { mount } for pid=7531 comm="syz.1.1509" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 95.088025][ T7524] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 95.136335][ T7537] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 95.161263][ T29] audit: type=1400 audit(95.144:3076): avc: denied { mounton } for pid=7523 comm="syz.3.1506" path="/268/bus/bus" dev="loop3" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 95.199754][ T29] audit: type=1400 audit(95.184:3077): avc: denied { remove_name } for pid=3323 comm="syz-executor" name="lost+found" dev="loop3" ino=11 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 95.222513][ T29] audit: type=1400 audit(95.184:3078): avc: denied { rmdir } for pid=3323 comm="syz-executor" name="lost+found" dev="loop3" ino=11 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 95.246945][ T3323] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1306: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4128793 free clusters [ 95.265915][ T29] audit: type=1400 audit(95.254:3079): avc: denied { unlink } for pid=3323 comm="syz-executor" name="file0" dev="loop3" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 95.265988][ T7537] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 95.290426][ T29] audit: type=1400 audit(95.274:3080): avc: denied { unlink } for pid=3323 comm="syz-executor" name="file1" dev="loop3" ino=14 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=lnk_file permissive=1 [ 95.329174][ T3323] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 95.339778][ T29] audit: type=1400 audit(95.304:3081): avc: denied { unlink } for pid=3323 comm="syz-executor" name="bus" dev="loop3" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 95.373215][ T29] audit: type=1326 audit(95.354:3082): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7544 comm="syz.3.1513" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb38e1f749 code=0x7ffc0000 [ 95.400092][ T7537] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 95.407800][ T29] audit: type=1326 audit(95.384:3083): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7544 comm="syz.3.1513" exe="/root/syz-executor" sig=0 arch=c000003e syscall=50 compat=0 ip=0x7fdb38e1f749 code=0x7ffc0000 [ 95.456899][ T7537] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 95.495715][ T7556] tipc: Enabling of bearer rejected, already enabled [ 95.534944][ T3825] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.543344][ T3825] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.554928][ T3825] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.572819][ T7556] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1514'. [ 95.581981][ T7556] tipc: Disabling bearer [ 95.587481][ T3809] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.783873][ T7597] netem: change failed [ 96.198057][ T7624] bridge0: entered promiscuous mode [ 96.208157][ T7624] bridge0: port 1(macvtap1) entered blocking state [ 96.214952][ T7624] bridge0: port 1(macvtap1) entered disabled state [ 96.225944][ T7624] macvtap1: entered allmulticast mode [ 96.231395][ T7624] bridge0: entered allmulticast mode [ 96.240695][ T7624] macvtap1: left allmulticast mode [ 96.245921][ T7624] bridge0: left allmulticast mode [ 96.254173][ T7624] bridge0: left promiscuous mode [ 97.412116][ T7676] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1561'. [ 97.518578][ T7691] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7691 comm=syz.0.1565 [ 97.532568][ T7689] blktrace: Concurrent blktraces are not allowed on loop8 [ 97.695727][ T7702] SELinux: security_context_str_to_sid (-Xܘ7.H\ %u@) failed with errno=-22 [ 98.393747][ T7747] ip6tnl1: left promiscuous mode [ 98.405654][ T3852] netdevsim netdevsim0 eth0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 98.433181][ T3852] netdevsim netdevsim0 eth1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 98.442063][ T3852] netdevsim netdevsim0 eth2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 98.451012][ T3852] netdevsim netdevsim0 eth3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 98.564013][ T7776] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1612'. [ 98.718533][ T7792] smc: net device ip6gretap0 applied user defined pnetid SYZ2 [ 98.736956][ T7792] smc: net device ip6gretap0 erased user defined pnetid SYZ2 [ 98.977490][ T7804] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1617'. [ 99.382156][ T7839] wg2: left promiscuous mode [ 99.386951][ T7839] wg2: left allmulticast mode [ 99.420203][ T7843] loop3: detected capacity change from 0 to 512 [ 99.428644][ T7839] wg2: entered promiscuous mode [ 99.433571][ T7839] wg2: entered allmulticast mode [ 99.441556][ T7843] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 99.484644][ T7843] EXT4-fs (loop3): 1 truncate cleaned up [ 99.495940][ T7843] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 99.513492][ T7851] rdma_op ffff8881582ee980 conn xmit_rdma 0000000000000000 [ 99.803890][ T7877] batman_adv: batadv0: Adding interface: dummy0 [ 99.810222][ T7877] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 99.835694][ T7877] batman_adv: batadv0: Not using interface dummy0 (retrying later): interface not active [ 99.925204][ T29] kauditd_printk_skb: 287 callbacks suppressed [ 99.925224][ T29] audit: type=1326 audit(99.914:3371): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7880 comm="syz.4.1649" exe="/root/syz-executor" sig=0 arch=c000003e syscall=200 compat=0 ip=0x7ff11814f749 code=0x7ffc0000 [ 99.955038][ T29] audit: type=1326 audit(99.914:3372): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7880 comm="syz.4.1649" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff11814f749 code=0x7ffc0000 [ 99.978107][ T29] audit: type=1326 audit(99.914:3373): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7880 comm="syz.4.1649" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff11814f749 code=0x7ffc0000 [ 100.001929][ T29] audit: type=1326 audit(99.944:3374): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7880 comm="syz.4.1649" exe="/root/syz-executor" sig=0 arch=c000003e syscall=237 compat=0 ip=0x7ff11814f749 code=0x7ffc0000 [ 100.040622][ T29] audit: type=1326 audit(99.984:3375): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7880 comm="syz.4.1649" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff11814f749 code=0x7ffc0000 [ 100.063679][ T29] audit: type=1326 audit(99.984:3376): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7880 comm="syz.4.1649" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff11814f749 code=0x7ffc0000 [ 100.087334][ T29] audit: type=1326 audit(99.984:3377): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7880 comm="syz.4.1649" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7ff11814f749 code=0x7ffc0000 [ 100.124995][ T29] audit: type=1326 audit(100.104:3378): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7880 comm="syz.4.1649" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff11814f749 code=0x7ffc0000 [ 100.176297][ T29] audit: type=1326 audit(100.164:3379): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7880 comm="syz.4.1649" exe="/root/syz-executor" sig=0 arch=c000003e syscall=254 compat=0 ip=0x7ff11814f749 code=0x7ffc0000 [ 100.261777][ T3323] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 100.331787][ T29] audit: type=1326 audit(100.164:3380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7880 comm="syz.4.1649" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff11814f749 code=0x7ffc0000 [ 101.131490][ T7945] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1678'. [ 101.212773][ T7951] netlink: 'syz.1.1681': attribute type 10 has an invalid length. [ 101.220825][ T7951] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1681'. [ 101.249972][ T7951] ipvlan2: entered promiscuous mode [ 101.262521][ T7951] bridge0: port 3(ipvlan2) entered blocking state [ 101.269235][ T7951] bridge0: port 3(ipvlan2) entered disabled state [ 101.276420][ T7951] ipvlan2: entered allmulticast mode [ 101.281933][ T7951] bridge0: entered allmulticast mode [ 101.288521][ T7951] ipvlan2: left allmulticast mode [ 101.293696][ T7951] bridge0: left allmulticast mode [ 101.318957][ T7953] bridge0: entered promiscuous mode [ 101.325104][ T7953] bridge0: port 1(macvtap1) entered blocking state [ 101.331712][ T7953] bridge0: port 1(macvtap1) entered disabled state [ 101.338886][ T7953] macvtap1: entered allmulticast mode [ 101.344300][ T7953] bridge0: entered allmulticast mode [ 101.355636][ T7953] macvtap1: left allmulticast mode [ 101.360837][ T7953] bridge0: left allmulticast mode [ 101.382397][ T7953] bridge0: left promiscuous mode [ 101.488805][ T7963] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1686'. [ 101.505793][ T7963] netem: change failed [ 102.678994][ T8029] loop0: detected capacity change from 0 to 764 [ 102.687129][ T8029] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 102.692984][ T8030] dvmrp0: entered allmulticast mode [ 102.816916][ T8038] netlink: 'syz.0.1726': attribute type 1 has an invalid length. [ 102.863663][ T8038] 8021q: adding VLAN 0 to HW filter on device bond3 [ 102.888270][ T8038] bond3: (slave geneve2): making interface the new active one [ 102.897127][ T8038] bond3: (slave geneve2): Enslaving as an active interface with an up link [ 102.926606][ T2476] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 102.993207][ T2476] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 103.048369][ T2476] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 103.381033][ T8058] $H: renamed from bond0 [ 103.387413][ T8058] $H: entered promiscuous mode [ 103.392463][ T8058] bond_slave_0: entered promiscuous mode [ 103.398649][ T8058] bond_slave_1: entered promiscuous mode [ 103.530016][ T2476] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 103.990415][ T8036] ================================================================== [ 103.998647][ T8036] BUG: KCSAN: data-race in fifo_open / wait_for_partner [ 104.005602][ T8036] [ 104.007928][ T8036] read-write to 0xffff88812d18966c of 4 bytes by task 8044 on cpu 1: [ 104.016084][ T8036] fifo_open+0x86/0x5d0 [ 104.020330][ T8036] do_dentry_open+0x54b/0xa60 [ 104.025043][ T8036] vfs_open+0x37/0x1e0 [ 104.029120][ T8036] path_openat+0x1ddd/0x23b0 [ 104.033724][ T8036] do_filp_open+0x109/0x230 [ 104.038415][ T8036] do_sys_openat2+0xa6/0x150 [ 104.043109][ T8036] __x64_sys_open+0xe6/0x110 [ 104.047827][ T8036] x64_sys_call+0x166f/0x3000 [ 104.052774][ T8036] do_syscall_64+0xca/0x2b0 [ 104.057297][ T8036] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 104.063206][ T8036] [ 104.065540][ T8036] read to 0xffff88812d18966c of 4 bytes by task 8036 on cpu 0: [ 104.073601][ T8036] wait_for_partner+0xb5/0x1c0 [ 104.078371][ T8036] fifo_open+0x462/0x5d0 [ 104.082704][ T8036] do_dentry_open+0x54b/0xa60 [ 104.087479][ T8036] vfs_open+0x37/0x1e0 [ 104.091736][ T8036] path_openat+0x1ddd/0x23b0 [ 104.096606][ T8036] do_filp_open+0x109/0x230 [ 104.101125][ T8036] do_sys_openat2+0xa6/0x150 [ 104.105899][ T8036] __x64_sys_open+0xe6/0x110 [ 104.110625][ T8036] x64_sys_call+0x166f/0x3000 [ 104.115324][ T8036] do_syscall_64+0xca/0x2b0 [ 104.119841][ T8036] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 104.125826][ T8036] [ 104.128146][ T8036] value changed: 0x00000001 -> 0x00000002 [ 104.133879][ T8036] [ 104.136202][ T8036] Reported by Kernel Concurrency Sanitizer on: [ 104.142353][ T8036] CPU: 0 UID: 0 PID: 8036 Comm: syz.3.1716 Not tainted syzkaller #0 PREEMPT(voluntary) [ 104.152334][ T8036] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 104.162388][ T8036] ==================================================================