last executing test programs: 45.180737744s ago: executing program 0 (id=1289): capset(&(0x7f0000000040)={0x20071026}, &(0x7f0000000080)) r0 = syz_open_dev$sg(&(0x7f00000002c0), 0x0, 0x2000) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$SG_IO(r1, 0x2285, &(0x7f0000000040)={0x53, 0xfffffffe, 0x6, 0x0, @buffer={0x2, 0x0, 0x0}, &(0x7f0000000300)="259374c96ee3", 0x0, 0x200, 0x0, 0x0, 0x0}) 45.137885035s ago: executing program 0 (id=1291): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000c80)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000003c0)=@newqdisc={0x84, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq={{0x7}, {0x14, 0x2, [@TCA_FQ_PLIMIT={0x8, 0x1, 0x401}, @TCA_FQ_FLOW_REFILL_DELAY={0x8}]}}, @TCA_STAB={0x44, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x23, 0x4, 0x69, 0x0, 0x1, 0x80000000, 0x8}}, {0x4}}, {{0x1c, 0x1, {0x7, 0x6, 0x2, 0x6, 0x2, 0x9, 0xfffffff7}}, {0x4}}]}]}, 0x84}}, 0x0) 45.094944645s ago: executing program 0 (id=1294): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000d80)={0x11, 0xf, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000008c0)={0x10, 0x2, &(0x7f0000000100)=@raw=[@ldst={0x1, 0x2, 0x4, 0x0, 0x1, 0x2a}, @jmp={0x5, 0x0, 0x9, 0x0, 0x6, 0x40, 0xfffffffffffffff0}], &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1, @void, @value}, 0x94) 45.039493796s ago: executing program 0 (id=1297): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000540), r0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000580)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_SET_MESH(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)={0x2c, r1, 0x1, 0x70bd2a, 0x25dfdbfd, {}, [@BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x4}, @BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r2}, @BATADV_ATTR_BONDING_ENABLED={0x5}]}, 0x2c}, 0x1, 0x1000000, 0x0, 0x24008850}, 0x4004a040) 44.988371217s ago: executing program 0 (id=1300): r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x51) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x51) ioctl$FS_IOC_FSSETXATTR(r1, 0x401c5820, &(0x7f0000000080)={0x8}) ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000080)={0x8, 0x0, 0xfffffffc, 0xe4c, 0xf2}) 44.975346387s ago: executing program 0 (id=1302): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a40)={&(0x7f0000000980)='sys_enter\x00', r1}, 0x10) pidfd_getfd(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 34.892116492s ago: executing program 3 (id=1647): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x400e, &(0x7f0000000300)={[{@i_version}, {@nombcache}, {@resuid}, {@lazytime}, {@block_validity}, {@sysvgroups}]}, 0x1, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV") creat(&(0x7f0000001740)='./bus\x00', 0x81) r0 = open(&(0x7f00000001c0)='./bus\x00', 0x84702, 0x330269f53da8c4de) pwritev2(r0, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0xffffffe4}], 0x1, 0x50000, 0x0, 0x0) 34.754001274s ago: executing program 3 (id=1651): open(&(0x7f0000000180)='./file0\x00', 0x40c5, 0x24) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) r2 = dup(r1) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2, @ANYBLOB=',msize=0x0000000000001000']) 34.645542036s ago: executing program 3 (id=1655): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000008b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000080)='kfree\x00', r0, 0x0, 0x8}, 0x18) syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000180)='./file1\x00', 0x1000c16, &(0x7f0000000500), 0xff, 0x260, &(0x7f0000000980)="$eJzs3U9IHFccB/DfzO7Wqkux7aVQ+gdKKa0g9lboxV5aEIpIKYW2YCmllxYtWKU37SmXHJJjSIKnXCTkFpNj8CK5JARyMokHcwkkkkMkhySwYXcU/LOJxl13gvP5wDoz+ub93jDzfSPiMAEUVl9EDEVEKSL6I6ISEcnWBh9nn76NzbnupbGIWu2Hh0mjXbad2dyvNyJmI+KriFhMk/irHDG98Mvq4+XvPjs+Vfn03MLP3R09yA1rqyvfr58dOXZx+Mvp6zfvjyQxFNVtx9V+SZPvlZOIdw6j2GsiKec9AvZj9L8Lt+q5fzciPmnkvxJpZCfvxOQbi5X44syL9j354Mb7nRwr0H61WqV+D5ytAYWTRkQ1knQgIrL1NB0YyH6Hv13qSf+emPy3/8+JqfE/8p6pgHapRqx8e7nrUu+O/N8rZfkHjqjsj1IrP47O36mvrJfyHhDQER9ki/r9v/+3mc9D/qFw5B+KS/6huOQfikv+4ehp9v+mzcg/FJf8Q3HJPxSX/ENxHTj/p54d3qCAjtiafwCgWGpdB3pquP0PIgMdl/f8AwAAAAAAAAAAAAAAAAAA7DbXvTS2+WlPj+U9W1w9HbH2TdZ0d/1S433EEW82vvY8Srb1mOyrwsv9+lGLHbTofM5PX791N9/61z7Mt/7MeMTs/xExWC43rr1tF1Sycf0d3Nt7/Lzye4sFXtHOdwN8/VNn6+/0dD7f+sPLEVfq889gs/knjfcay+bzT7V+/lqs/8+TFjsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgY54HAAD//7UiauA=") lsetxattr$security_selinux(&(0x7f00000001c0)='.\x00', &(0x7f0000000240), &(0x7f0000000280)='system_u:object_r:fsadm_exec_t:s0\x00', 0x1001, 0x0) 34.575191707s ago: executing program 3 (id=1658): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) sendmsg$nl_xfrm(r0, &(0x7f0000001680)={0x0, 0x0, &(0x7f0000001640)={&(0x7f0000001700)=ANY=[@ANYBLOB="540200001600010000000000fedbdf25ff0100000000000000000000000000010a0101010000000000000000000000004e2200004e2300000a00200021000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="fc0000000000000000000000000000000000000033000000e0000002000000000000000000000000060000000000000019d000000000000009000000000000000000000000000000000000000000000008000000000000000000000000000000ff030000100000000300000000000000ffffffff00000000ffffff7f000000000900000000000000000000007f000000070000002bbd7000000000000200013f000000000000000001000000060000002c001300200100000000000000000000000000010000000000000000000000020000001c00040003004e204e210000fe"], 0x254}}, 0x0) 34.469349979s ago: executing program 3 (id=1659): r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x51) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x51) ioctl$FS_IOC_FSSETXATTR(r1, 0x401c5820, &(0x7f0000000080)={0x8}) ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000080)={0x8, 0x0, 0xfffffffc, 0xe4c, 0xf2}) 34.445193369s ago: executing program 3 (id=1660): r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000380), 0x2, 0x0) r1 = openat$selinux_policy(0xffffff9c, &(0x7f0000001040), 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x12, r1, 0x0) write$selinux_load(r0, &(0x7f0000000000)={0xf97cff8c, 0x8, 'SE Linux', "a5199fcdafdf3bb7cc4c8bc74a5ec2b0d07a2123b1ffffc2b5877ed2"}, 0x2c) 30.945868643s ago: executing program 32 (id=1302): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a40)={&(0x7f0000000980)='sys_enter\x00', r1}, 0x10) pidfd_getfd(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 20.440395125s ago: executing program 33 (id=1660): r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000380), 0x2, 0x0) r1 = openat$selinux_policy(0xffffff9c, &(0x7f0000001040), 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x12, r1, 0x0) write$selinux_load(r0, &(0x7f0000000000)={0xf97cff8c, 0x8, 'SE Linux', "a5199fcdafdf3bb7cc4c8bc74a5ec2b0d07a2123b1ffffc2b5877ed2"}, 0x2c) 905.183875ms ago: executing program 5 (id=3176): r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000280)={0x1f, 0xffff, 0x3}, 0x6) io_setup(0x8, &(0x7f00000002c0)=0x0) io_submit(r1, 0x1, &(0x7f0000000a80)=[&(0x7f0000000100)={0x2000000000, 0x4, 0x0, 0x1, 0x0, r0, &(0x7f0000000040)="0300ffff0000", 0x6}]) 852.221946ms ago: executing program 1 (id=3181): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000700)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r0 = socket$inet6(0xa, 0x80002, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f00000006c0)=@raw={'raw\x00', 0x3c1, 0x3, 0x2a8, 0x0, 0x940c, 0x3002, 0x0, 0x2c0, 0x328, 0x3d8, 0x3d8, 0x328, 0x3d8, 0x3, 0x0, {[{{@uncond, 0x0, 0xa8, 0xf0, 0x4001}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv4=@loopback, 'virt_wifi0\x00'}}}, {{@uncond, 0x0, 0xa8, 0xe8}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00', 0x1, 0xbe, {0x565159d7}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x308) 773.849297ms ago: executing program 5 (id=3187): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000700)={&(0x7f00000006c0)='kmem_cache_free\x00', r1}, 0x10) syz_emit_ethernet(0x2a, &(0x7f0000000000)={@link_local, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x66, 0x0, 0x0, 0x11, 0x0, @private=0x800001c, @empty=0xe0000001}, {0x0, 0x17c1, 0x8}}}}}, 0x0) 773.683008ms ago: executing program 1 (id=3188): bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000580)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4, @void, @value}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a40)={&(0x7f0000000980)='sys_enter\x00', r0}, 0x9) rt_sigaction(0x19, 0x0, 0x0, 0x8, &(0x7f0000000440)) 764.346788ms ago: executing program 5 (id=3189): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x8, &(0x7f00000017c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546000677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5467a932b77674e802a0d42bc6099ad238af770b5ed8925161729298700000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809b5b9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed3957f813567f7a95435ac15fc0288d9b2a169cdcacc413b48dafb7a2c8cb482bac0ac559eaf39027ceb379a902d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff7a1ef3282830689da6b53b263339863297771429d120000003341bf4abacac94500fca0493cf29b33dcc9ffffffffffffffd39f6ce0c6ff01589646efd1cf870cd7bb2366fdf870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1293b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd000c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c7df8be5877050c91301fb997316dbf17866fb84d4173731efe895ff2e1c55ef08235a0126e01254c44060926e90109b598502d3e959efc71f665c4d75cf2458e3542c9062ece84c99a861887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc74aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7ad333545794f37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f4df90400000000000000d6b2c5ea139376f24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff070000001e48418046c216c1f895778cb25122a2a998de0842a486721737390cbf3a74cb2003016f1514216bdf57d2a40dddb51ab63e96ec84ac3571f02f647b3385b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba2f58ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df986741517abf11389b751f4e109b60000000000000000d6d5210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288d139bd3da230ed05a8fe64680b0a3f9f2dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30235b9100000000a55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c776f4b4ce07e1c6fa66fcfc7a228805f76785efc0ceb1c8e5729c66418d169fc03aa18854693ad2a182068e1e3a0e2505bc7f41019645466ac96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7e478950aa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab848753203b458b97ec1afb079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7db3c4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b70ebc660309e1e245b0fdf9743af932cd6db49a47613808bad959719c0000000000378ac2e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6ca0400966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e3030108000000000000c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bffef97dcecc467ace456597685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4cba6e6390a9f302c6eb2df7766411bef0ebb5000000000006065d6735eb7a00e127c0000000000000000000000bfb0bba79344643b1d8daa9f38e4b62c1e2af68c6f5054b078acd74b4a9c944e4505da485a3a4154387a0a88370d9ed9467b09c5888a06431df3f68abf0b366c4d5f8bea7b29c257ed756dff7a21c6b661cbdd43de65afd7f661d5c84f915c90e3d6ea012b68b787eb01d8320000000000000060176dacba0ec503a37fae6b472ec369c79ee6a420c0fd8d8d82fe136d5af6c30bfeb0a7275babfdb96a127aa9386e0671c6454245a18c1c8c49552cff5d27b547cdc34c0858c77a47a9ff86ee9fbd9ceda428716a4218821176d8067997527230fa67d26950d3e4f2750fa7c872874ad3a2d11f9f6eb08e6d7b6fa257b04d8ce36360f524e3dfd2211641f3d2637d86b80681eca50ce0eecafdd22d41fa515c15591e70ded4b70efac3cb42fb352d82e8f7573e8ed8248da356fa91a252976d3a4d8c1843a8d5bb7f5f1028453a0562a3ea93117076dd4940b7df50d78289fe66197525f6095f8662d232970bef61b03fa83027963a1a2e07cfee30c0d0b4c5877f93b3637ca21eab5afcf5d4638dfe8f9202aaad51c979049dd76d65368cbd4187d9f74257c7c4a23ac4a34eec5aa17e78c5167216f5e72138d20f8325dd5f8f96c32189c904eaef580987f1ce601a7cdc35461db9981ac42f9e24b0699bbe4e3d986e38952b0b7938eefd9e7a292bbb66367ad77045fdc18855c81c031dedd185c723238373fc698d676791d04f1ff5f0825a6619e844882f31ed190233d58ecee949e310bf2b1a51b8a33ae65a06d2b6ad386bf8dc49dd328bcd75d1843a13d68560175a18af7efc3c0f20e32f84f6aaaf000000000000000000000013a6c66bce74a8fb9092023df695da2714a7933d699d42de2bc4a85e0a0e22228290a7a7553ab93a16e42553ed86869a02df2f47d4088fac1772d3cd955c81cbf91c2ca7942942f61723b558079b82547844f92df2499c4b2c2ef2539e5daa8d8727baaa6b5755e6f83bbfca000000000000000000000509619f5f0cbc72eebc653946d3552236f0dfe485cfa71bd69f4ded6e131128c3875b785875addfcbd5931c12adbef75535e694f3a19f28f9f99fa32e8ff66e7b1ff674434fb63ba0e28aadccf77d387525c98e81476058c958eaccfa7d251d0671222dc9d06485f7f690d3d4227bd21bd7ff8338617705b7faec47c86789a488b43d0fedf1b0ee05d65c677ced1e8214b2f6cb74d73886eb"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xffffffffffffff7e, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) r1 = perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0xad, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x4, 0x0, 0x0, 0x10000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000500)='percpu_free_percpu\x00', r0}, 0x18) close(r1) 761.103448ms ago: executing program 6 (id=3191): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000380)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d0000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000040)='sys_enter\x00', r0}, 0x10) r1 = timerfd_create(0x9, 0x80800) timerfd_gettime(r1, &(0x7f0000000000)) 725.160158ms ago: executing program 1 (id=3193): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000400), 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000440)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_SET_MESH(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000000)={0x2c, r1, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0xd6}, @BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r2}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x9}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4000000}, 0x80) 707.184018ms ago: executing program 6 (id=3194): r0 = perf_event_open(&(0x7f0000000800)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x8}, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_clone(0x4080b000, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r0, 0x2401, 0x6) 687.332639ms ago: executing program 1 (id=3196): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000100)={0x3, 0x3}, 0x4) r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xb68, 0x560b0000, &(0x7f0000000000)="259a53f271a76d2673004c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48) 686.804339ms ago: executing program 5 (id=3197): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x41, &(0x7f0000000040)={[{@bsdgroups}, {@nodiscard}, {@noblock_validity}, {@grpjquota}, {@grpjquota}, {@orlov}, {@journal_dev={'journal_dev', 0x3d, 0x8}}, {@nombcache}, {@stripe={'stripe', 0x3d, 0x10}}]}, 0x64, 0x50a, &(0x7f0000000200)="$eJzs3VFrHFsdAPD/bHZr06Y3ueqDXvB6tZW0aHeTxrbBh1pB9Kmg1vcak00I2WRDdtM2oWiKH0AQUcEnffFF8AMIUvDFRxEK+qyoKKKtPvigncvuTtI03U227TabZn8/mMw5Z2b2f86GmZ0zc5gJYGC9FxHXI+JJmqYXImI0K89lU2y1psZ6jx/dm21MSaTpzX8mkWRl25+VZPPT2WYnI+JrX474ZvJ83NrG5tJMpVJey/Kl+vJqqbaxeXFxeWahvFBemZqavDJ9dfry9ERP2nkmIq598a8/+O7PvnTtV5+586dbfz//rUa1RrLlu9vxgvL7LWw1vdD8LnZvsPaSwY6ifLOFmeF2aww9V3L/NdcJAID2Guf4H4yIT0bEhRiNof1PZwEAAIA3UPr5kfhfEpG2d6JDOQAAAPAGyTXHwCa5YjYWYCRyuWKxNYb3w3EqV6nW6p+er66vzLXGyo5FITe/WClPZGOFx6KQNPKTzfTT/KU9+amIeDsivj863MwXZ6uVuX5f/AAAAIABcXpP//8/o63+PwAAAHDMjPW7AgAAAMBrp/8PAAAAx5/+PwAAABxrX7lxozGl2++/nru9sb5UvX1xrlxbKi6vzxZnq2urxYVqdaH5zL7lgz6vUq2ufjZW1u+W6uVavVTb2Ly1XF1fqd9afOYV2AAAAMAhevvjD/6QRMTW54abU8OJ7jbtcjXgqMrvpJJs3ma3/uNbrflfDqlSwKEY6ncFgL7J97sCQN8U+l0BoO+SA5Z3HLzz22z+id7WBwAA6L3xj3a+/5/bd8ut/RcDR56dGAaX+/8wuJr3/7sdyetkAY6VgjMAGHivfP//QGn6QhUCAAB6bqQ5JblidnlvJHK5YjHiTPO1AIVkfrFSnoiItyLi96OFDzTyk80tkwP7DAAAAAAAAAAAAAAAAAAAAAAAAABAS5omkQIAAADHWkTub8mvW8/yHx89N7L3+sCJ5L+jkb0i9M6Pb/7w7ky9vjbZKP/XTnn9R1n5pX5cwQAAAICB8EIv8N/up2/34wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACglx4/uje7PR1m3H98ISLG2sXPx8nm/GQUIuLUv5PI79ouiYihHsQfbvz5SLv4SaNaOyHbxR/uQfyt+/vGj7HsW2gX/3QP4sMge9A4/lxvt//l4r3mvP3+l494Jv+yOh//Yuf4N9Rh/z/TZYx3Hv6i1DH+/Yh38u2PP9vxkw7xz3YZ/xtf39zstCz9ScR429+f5JlYpfryaqm2sXlxcXlmobxQXpmamrwyfXX68vREaX6xUs7+to3xvY/98sl+7T/VIf7YAe0/12X7///w7qMPtZKFdvHPn20T/zc/zdZ4Pn4u++37VJZuLB/fTm+10ru9+/Pfvbtf++c6tP+g///5Ltt/4avf+XOXqwIAh6C2sbk0U6mU145totFLPwLVkDiCiW/39APTNE0b+9QrfE4SR+FraSb6fWQCAAB67elJf79rAgAAAAAAAAAAAAAAAAAAAIPrMB4ntjfm1k4q6cUjtAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeuL9AAAA//+GAdlV") r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f00000002c0)='kfree\x00', r0}, 0x10) syz_mount_image$msdos(&(0x7f0000000f40), &(0x7f0000000f00)='.\x00', 0x1a4a438, &(0x7f00000008c0)=ANY=[], 0xb, 0x0, &(0x7f0000000000)) 632.26075ms ago: executing program 2 (id=3199): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000001c0), r0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000140)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_NEIGHBORS(r0, &(0x7f0000004340)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)={0x24, r1, 0x331, 0x0, 0x0, {0x8}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r2}, @BATADV_ATTR_HARD_IFINDEX={0x8}]}, 0x24}}, 0x0) 574.42926ms ago: executing program 4 (id=3200): r0 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f00000003c0)={'ip6tnl0\x00', &(0x7f0000000340)={'syztnl2\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @remote, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x0, 0x0, 0x0, 0xd66}}) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000400)={'dummy0\x00', 0x0}) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f00000000c0)={'syztnl2\x00', &(0x7f0000000040)={'ip6tnl0\x00', r1, 0x4, 0x84, 0x0, 0xffffffff, 0x47, @remote, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x0, 0x7, 0x0, 0x9}}) 574.16765ms ago: executing program 1 (id=3201): r0 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f00000001c0), 0x1, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f00000007c0)='syzkaller\x00', 0x3, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) writev(r0, &(0x7f0000000080)=[{&(0x7f0000000240)='4', 0x1}, {&(0x7f0000000280)="e0a3e6c7", 0x4}], 0x2) 574.00288ms ago: executing program 2 (id=3202): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000080850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x18) r1 = socket(0x2, 0x80805, 0x0) sendmmsg$inet(r1, &(0x7f0000000880)=[{{&(0x7f0000000080)={0x2, 0x0, @rand_addr=0xac1414bb}, 0x3804, &(0x7f0000000100)=[{&(0x7f00000000c0)='Q', 0x1}], 0x1}, 0x20000000}, {{&(0x7f0000000180)={0x2, 0x0, @remote}, 0x69, &(0x7f0000000400)=[{&(0x7f0000000240)="b9", 0x26892}], 0xbb}}], 0x2, 0x0) 528.187901ms ago: executing program 4 (id=3203): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r0}, 0x10) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="300000000101010300000000000000000a0000030c0019"], 0x30}, 0x1, 0x0, 0x0, 0x8008001}, 0x24008854) 493.597292ms ago: executing program 2 (id=3204): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000900850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kfree\x00', r1}, 0x10) add_key(&(0x7f0000000280)='rxrpc\x00', 0x0, &(0x7f0000000100)="01000000020000000000006bb55a2a630b00c145f94cd977", 0x18, 0xffffffffffffffff) 470.819622ms ago: executing program 4 (id=3205): r0 = socket$tipc(0x1e, 0x2, 0x0) bind$tipc(r0, &(0x7f0000000140)=@name={0x1e, 0x2, 0x0, {{0x42}}}, 0x10) r1 = socket$tipc(0x1e, 0x5, 0x0) sendmsg$tipc(r1, &(0x7f0000000380)={&(0x7f0000000140)=@name={0x1e, 0x2, 0x0, {{0x42, 0x80000009}}}, 0x10, 0x0}, 0x0) 462.582732ms ago: executing program 4 (id=3206): sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=@delsa={0x48, 0x12, 0x1, 0x0, 0x0, {@in=@dev}, [@srcaddr={0x14, 0xd, @in6=@local}, @mark={0xc}]}, 0x48}, 0x1, 0x0, 0x0, 0x40}, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x401, 0x3, 0x25dfdbfa, {0x0, 0x0, 0x0, 0x0, 0x190, 0xf1f80502f07a58b}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bond={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BOND_PACKETS_PER_SLAVE={0x8, 0x14, 0xff}]}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40010}, 0x240080c1) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="0000000000008000280012800a00010076786c616e00000018"], 0x50}}, 0x0) 461.733412ms ago: executing program 6 (id=3207): bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a00)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0xc94284a3061bb7fe, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7, @value}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10) mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='trans=fd']) 418.010433ms ago: executing program 2 (id=3208): r0 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000140), 0x8000, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, 0xffffffffffffffff, 0x0, 0x2}, 0x18) r1 = dup(r0) ioctl$PTP_EXTTS_REQUEST2(r1, 0xc0603d06, &(0x7f0000000040)) 414.976393ms ago: executing program 4 (id=3209): r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000080)=@req3={0x8000, 0x200, 0x80, 0x20000, 0x0, 0x0, 0x8}, 0x1c) mmap(&(0x7f0000568000/0x2000)=nil, 0x1000000, 0x0, 0x11, r0, 0x0) munmap(&(0x7f0000ffc000/0x1000)=nil, 0x1000) 314.819695ms ago: executing program 5 (id=3210): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000640)=ANY=[@ANYBLOB="180100001c0000000000000000100000850000006d00000095"], &(0x7f0000000600)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffcc0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000780)='netlink_extack\x00', r0, 0x0, 0x956}, 0x18) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_inet6_SIOCSIFADDR(r1, 0x8936, &(0x7f0000000000)={@dev={0xfe, 0x80, '\x00', 0x18}, 0x14e}) 314.448084ms ago: executing program 2 (id=3211): syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800700, &(0x7f0000000ac0), 0x1, 0x44a, &(0x7f0000000400)="$eJzs281vG0UbAPBn10n6vv1KKOWjpUCgQkR8JE1aoAcuIJA4FIEEh3IMTlpVdRvUBIlWFQ0IlQsSqgRnxBGJv4AbFwSckLjCHVWqoJcWTkG73m1t106b1rFD/ftJm8x4x555PDve2R07gIE1nv1JIrZGxG8RMVrPNhcYr/+7evls9e/LZ6tJrKy89WeSl7ty+Wy1LFo+b0uRmUgj0k+SopJmi6fPHJ+t1eZPFfmppRPvTS2ePvPssROzR+ePzp+cOXjwwP7pF56fea4rcWZxXdn94cKeXa+9c+H16uEL7/70bdbercX+xji6ZTwL/K+VXOu+J7pdWZ9ta0gnQ31sCGtSiYisu4bz8T8albjeeaPx6sd9bRywrrJz06bOu5dXgLtYEv1uAdAf5Yk+u/4ttx5NPTaESy/VL4CyuK8WW33PUKRFmeGW69tuGo+Iw8v/fJVtsU73IQAAGn1W/fJQPNNu/pfG/Q3lthdrKGMRcU9E7IiIeyNiZ0TcF5GXfSAiHlxj/a1LQzfOf9KLtxXYLcrmfy8Wa1vN879y9hdjlSK3LY9/ODlyrDa/r3hPJmJ4U5afXqWO71/59fNO+xrnf9mW1V/OBYt2XBxquUE3N7s0m09Ku+DSRxG7h9rFn1xbCUgiYldE7F7bS28vE8ee+mZPp0I3j38VXVhnWvk64sl6/y9HS/ylZPX1yan/RW1+31R5VNzo51/Ov9mp/juKvwuy/t/cfPy3FhlLGtdrF9dex/nfP+14TXO7x/9I8nbeLyPFYx/MLi2dmo4YSQ7l+abHZ64/t8yX5bP4J/a2H/87iudk9TwUEdlB/HBEPBIRjxZtfywiHo+IvavE/+PLnfdthP6fa/v5d+34b+n/tScqx3/4rlP9t9b/B/LURPFI/vl3E7fawDt57wAAAOC/Is2/A5+kk9fSaTo5Wf8O/87YnNYWFpeePrLw/sm5+nflx2I4Le90jTbcD51OlotXrOdninvF5f79xX3jLyr/z/OT1YXaXJ9jh0G3pcP4z/xR6XfrgHXXbh1tZqQPDQF6rnX8p83Zc2/0sjFAT/m9Ngyum4z/tFftAHrP+R8GV7vxf64lby0A7k7O/zC4jH8YXMY/DC7jHwbSnfyuX2KQE5FuiGZIrFOi359MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3fFvAAAA//+uEO7O") r0 = openat$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0) ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r0, 0x401c5820, &(0x7f0000000100)=@v1={0x8, @aes256, 0x0, @desc3}) ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000600)={0xa, 0xcf, 0xccb, 0x1}) 114.293307ms ago: executing program 1 (id=3212): ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000180)={'rose0\x00', 0x112}) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) write$cgroup_devices(r0, &(0x7f0000000140)=ANY=[@ANYBLOB="1e0306003c5c9801288363"], 0xffdd) 113.958307ms ago: executing program 6 (id=3213): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000001000000000000000000850000007d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000180)='sys_enter\x00', r0}, 0x10) linkat(0xffffffffffffffff, 0x0, 0xffffffffffffff9c, 0x0, 0x1000) fadvise64(0xffffffffffffffff, 0x81, 0x3, 0x2) 96.824838ms ago: executing program 6 (id=3214): r0 = socket$inet6(0xa, 0x3, 0x7) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@dev, @in6=@private2={0xfc, 0x2, '\x00', 0x1}, 0x0, 0x7fff, 0x1, 0x4, 0xa, 0x20}, {0xbd1, 0x0, 0x4000000000000003, 0x0, 0x5}, {0x81, 0x2}, 0x2000000, 0x0, 0x1, 0x0, 0x0, 0x2}, {{@in6=@mcast2, 0x8000, 0x33}, 0x0, @in6=@empty, 0x0, 0x0, 0x0, 0x17, 0x0, 0x0, 0x10000}}, 0xe8) sendmmsg(r0, &(0x7f0000000480), 0x2e9, 0xffe0) 79.837468ms ago: executing program 5 (id=3215): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0xb62ca000) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) syz_pidfd_open(0x0, 0x0) 75.553938ms ago: executing program 4 (id=3216): syz_mount_image$vfat(&(0x7f0000000180), &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f0000000b00)=ANY=[], 0xf, 0x2a4, &(0x7f00000001c0)="$eJzs3T9rc2UUAPBzkzSNOqSIiyJ4QQen0rq6NEoFsZMSQR002BYkCYUWAlYwduoncPR7+BFcXPwGgqvg1g6VKzf33ia16R/65k3h7e83nd7nnvOc3KckU06+eXPY3z1I4uTsz2i1kqhtxVacJ7EWtaj8FI0AAF4c51kW/2QPyWzUFt8NALAMxed/4bF7AQCW47Mvvvyks7Oz/WmatuL19umom0TE8HTULdY7+/FdDGIvNqIdFxHZpSL+6OOd7WikubV4ZzgedfPM4de/l/U7f0dM8jejHWvz8zfTwmX+y1V3aXT2V6o/2vHa/Pz3/p8fw3F0m/Hu2zP9r0c7/vg2DmIQu5HnTvN/3EzTD7Ofz374Kt8mz09q0V2d3DeV1Zd0JAAAAAAAAAAAAAAAAAAAAAAAPAHraZoU43sm83vyS5P5OaNu/WKyvp5WZuf7jKv5QElVqJgPlEU5omecxS/VfJ2NNE2z8sZpfiPeaPhhAQAAAAAAAAAAAAAAAAAAAMgdfX/c7w0Ge4cLCappANXX+h9aZ2vmyltx3O/Vby64ev+9ZqcN5L3eenM0GrGgx3JX8FLez8Irr04P9/MogupgFrrXqx8URY/7vbRcqh5yv5fctVerOrhfZ5ea8ayNZZN/iYvs6pm2Llu9mtVc0NNovjJ36d8sy+5X5/2/ijMqrySTERv3232lDOa+wDxoXT+L324ueONbRn0hbzwAAAAAAAAAAAAAAAAAAMA10y/9zlk8uTW19tyaAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAlm/7+fxW0IuLqlWvBuEy+7Z4yaMbh0SO/RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ6A/wIAAP//4ipOSw==") r0 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0) ftruncate(r0, 0x2007ffc) sendfile(r0, r0, 0x0, 0x800000009) 32.451349ms ago: executing program 2 (id=3217): r0 = io_uring_setup(0x7d98, &(0x7f00000003c0)={0x0, 0xdf07, 0x2, 0x1, 0x105}) io_setup(0x8, &(0x7f00000001c0)=0x0) io_getevents(r1, 0x2, 0x2, &(0x7f0000001340)=[{}, {}], 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 0s ago: executing program 6 (id=3218): r0 = syz_clone(0x60000400, 0x0, 0x0, 0x0, 0x0, 0x0) r1 = getpgid(r0) r2 = syz_pidfd_open(r1, 0x0) pidfd_send_signal(r2, 0x21, 0x0, 0x4) kernel console output (not intermixed with test programs): xe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2226e6e929 code=0x7ffc0000 [ 50.365712][ T29] audit: type=1326 audit(1750404684.908:656): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5689 comm="syz.4.992" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2226e6e929 code=0x7ffc0000 [ 50.365791][ T29] audit: type=1326 audit(1750404684.940:657): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5689 comm="syz.4.992" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2226e6e929 code=0x7ffc0000 [ 50.365820][ T29] audit: type=1326 audit(1750404684.940:658): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5689 comm="syz.4.992" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2226e6e929 code=0x7ffc0000 [ 50.375354][ T5686] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 50.375448][ T5686] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 50.421640][ T29] audit: type=1326 audit(1750404685.026:659): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5689 comm="syz.4.992" exe="/root/syz-executor" sig=0 arch=c000003e syscall=38 compat=0 ip=0x7f2226e6e929 code=0x7ffc0000 [ 50.421734][ T29] audit: type=1326 audit(1750404685.037:660): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5689 comm="syz.4.992" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2226e6e929 code=0x7ffc0000 [ 50.421766][ T29] audit: type=1326 audit(1750404685.037:661): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5689 comm="syz.4.992" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2226e6e929 code=0x7ffc0000 [ 50.476825][ T5705] netlink: 4 bytes leftover after parsing attributes in process `syz.0.999'. [ 50.679998][ T5714] loop0: detected capacity change from 0 to 512 [ 50.691021][ T5714] EXT4-fs: Ignoring removed bh option [ 50.697059][ T5714] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended [ 50.697078][ T5714] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem [ 50.697747][ T5714] EXT4-fs (loop0): warning: mounting unchecked fs, running e2fsck is recommended [ 50.697886][ T5714] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006] [ 50.817593][ T5732] loop0: detected capacity change from 0 to 1024 [ 50.825232][ T5734] loop2: detected capacity change from 0 to 1024 [ 50.842536][ T5732] ext4 filesystem being mounted at /176/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 50.866099][ T5734] EXT4-fs error (device loop2): mb_free_blocks:1948: group 0, inode 16: block 81:freeing already freed block (bit 5); block bitmap corrupt. [ 50.896943][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 50.897066][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 50.897148][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 51.292761][ T5748] loop3: detected capacity change from 0 to 2048 [ 51.299474][ T5748] EXT4-fs: Ignoring removed nobh option [ 51.305941][ T5748] EXT4-fs (loop3): can't mount with both data=journal and delalloc [ 51.369876][ T5756] netlink: 'syz.2.1019': attribute type 3 has an invalid length. [ 51.377879][ T5756] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1019'. [ 51.482503][ T5766] loop2: detected capacity change from 0 to 1024 [ 51.587789][ T5778] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1029'. [ 51.603954][ T5778] wireguard0: entered promiscuous mode [ 51.641386][ T5783] loop2: detected capacity change from 0 to 128 [ 51.890030][ T5810] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5810 comm=syz.4.1044 [ 52.153567][ T5835] loop2: detected capacity change from 0 to 8192 [ 52.273777][ T5835] loop2: p1 p2 p4 [ 52.297159][ T5835] loop2: p1 size 65536 extends beyond EOD, truncated [ 52.306604][ T5835] loop2: p2 start 861536256 is beyond EOD, truncated [ 52.313468][ T5835] loop2: p4 size 65536 extends beyond EOD, truncated [ 52.529202][ T5866] loop1: detected capacity change from 0 to 2048 [ 52.546206][ T5866] EXT4-fs: Ignoring removed mblk_io_submit option [ 52.659174][ T5879] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.1062: bg 0: block 234: padding at end of block bitmap is not set [ 52.678011][ T5879] EXT4-fs (loop1): Remounting filesystem read-only [ 52.980800][ T5900] loop3: detected capacity change from 0 to 2048 [ 53.003102][ T5900] EXT4-fs: Ignoring removed nomblk_io_submit option [ 53.026245][ T5900] SELinux: Context @ is not valid (left unmapped). [ 53.034671][ T5900] EXT4-fs error (device loop3): ext4_validate_block_bitmap:432: comm syz.3.1076: bg 0: block 2: invalid block bitmap [ 53.049669][ T5900] EXT4-fs (loop3): Remounting filesystem read-only [ 53.061276][ T5900] EXT4-fs warning (device loop3): ext4_xattr_inode_lookup_create:1597: inode #19: comm syz.3.1076: cleanup dec ref error -117 [ 53.075285][ T5904] netlink: 'syz.0.1077': attribute type 1 has an invalid length. [ 53.083161][ T5904] netlink: 'syz.0.1077': attribute type 2 has an invalid length. [ 53.256864][ T5931] loop0: detected capacity change from 0 to 256 [ 53.271362][ T5930] FAT-fs (loop0): error, fat_free_clusters: deleting FAT entry beyond EOF [ 53.279989][ T5930] FAT-fs (loop0): Filesystem has been set read-only [ 53.291629][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 53.299911][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 53.585252][ T5964] binfmt_misc: register: failed to install interpreter file ./file2 [ 53.686415][ T5978] loop2: detected capacity change from 0 to 512 [ 53.712037][ T5978] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 53.759230][ T5978] EXT4-fs (loop2): revision level too high, forcing read-only mode [ 53.767380][ T5978] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e000e118, mo2=0002] [ 53.782664][ T5978] System zones: 0-1, 15-15, 18-18, 34-34 [ 53.788586][ T5978] EXT4-fs (loop2): orphan cleanup on readonly fs [ 53.795031][ T5978] EXT4-fs warning (device loop2): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 53.809807][ T5978] EXT4-fs (loop2): Cannot turn on quotas: error -22 [ 53.817188][ T5978] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.1112: bg 0: block 40: padding at end of block bitmap is not set [ 53.819820][ T5992] rdma_op ffff888119dffd80 conn xmit_rdma 0000000000000000 [ 53.832644][ T5978] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6548: Corrupt filesystem [ 53.848485][ T5978] EXT4-fs (loop2): 1 truncate cleaned up [ 53.883503][ T5978] EXT4-fs (loop2): revision level too high, forcing read-only mode [ 53.891530][ T5978] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e000e118, mo2=0002] [ 54.044605][ T6014] loop4: detected capacity change from 0 to 512 [ 54.066099][ T6014] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 54.105701][ T6014] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a843c018, mo2=0002] [ 54.115163][ T6014] System zones: 0-2, 18-18, 34-34 [ 54.115354][ T6025] loop0: detected capacity change from 0 to 1024 [ 54.117711][ T6014] ext4 filesystem being mounted at /210/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 54.128270][ T6014] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.1129: Failed to acquire dquot type 1 [ 54.171842][ T6036] loop4: detected capacity change from 0 to 512 [ 54.172099][ T6036] EXT4-fs: Ignoring removed i_version option [ 54.258482][ T6039] __nla_validate_parse: 1 callbacks suppressed [ 54.258499][ T6039] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1135'. [ 54.290223][ T6046] loop4: detected capacity change from 0 to 1024 [ 54.356302][ T6058] SELinux: failed to load policy [ 54.442397][ T6057] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1144'. [ 54.459456][ T6069] loop0: detected capacity change from 0 to 256 [ 54.470182][ T6057] netlink: 'syz.4.1144': attribute type 5 has an invalid length. [ 54.505770][ T6072] vxcan0: tx address claim with dlc 0 [ 54.522771][ T6070] tap0: tun_chr_ioctl cmd 1074025680 [ 54.560962][ T6079] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1152'. [ 54.745435][ T6089] loop1: detected capacity change from 0 to 4096 [ 55.039199][ T29] kauditd_printk_skb: 122 callbacks suppressed [ 55.039242][ T29] audit: type=1400 audit(1750404689.983:781): avc: denied { setopt } for pid=6119 comm="syz.2.1171" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 55.108412][ T6123] 9pnet: Could not find request transport: 0xffffffffffffffff [ 55.175739][ T6128] program syz.2.1174 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 55.213480][ T29] audit: type=1326 audit(1750404690.079:782): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6125 comm="syz.1.1173" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f556641e929 code=0x7ffc0000 [ 55.237063][ T29] audit: type=1326 audit(1750404690.079:783): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6125 comm="syz.1.1173" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f556641e929 code=0x7ffc0000 [ 55.260755][ T29] audit: type=1400 audit(1750404690.079:784): avc: denied { bind } for pid=6119 comm="syz.2.1171" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 55.280052][ T29] audit: type=1326 audit(1750404690.101:785): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6125 comm="syz.1.1173" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f556641e929 code=0x7ffc0000 [ 55.303449][ T29] audit: type=1326 audit(1750404690.101:786): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6125 comm="syz.1.1173" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f556641e929 code=0x7ffc0000 [ 55.327064][ T29] audit: type=1326 audit(1750404690.101:787): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6125 comm="syz.1.1173" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f556641e929 code=0x7ffc0000 [ 55.350506][ T29] audit: type=1326 audit(1750404690.112:788): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6125 comm="syz.1.1173" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f556641e929 code=0x7ffc0000 [ 55.373922][ T29] audit: type=1326 audit(1750404690.112:789): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6125 comm="syz.1.1173" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f556641e929 code=0x7ffc0000 [ 55.397370][ T29] audit: type=1326 audit(1750404690.112:790): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6125 comm="syz.1.1173" exe="/root/syz-executor" sig=0 arch=c000003e syscall=460 compat=0 ip=0x7f556641e929 code=0x7ffc0000 [ 55.466516][ T6144] loop4: detected capacity change from 0 to 256 [ 55.528995][ T6146] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1183'. [ 55.698559][ T6174] xt_hashlimit: max too large, truncated to 1048576 [ 55.868092][ T6191] loop0: detected capacity change from 0 to 1024 [ 55.879966][ T6195] pimreg: entered allmulticast mode [ 55.890911][ T6197] netlink: 268 bytes leftover after parsing attributes in process `syz.4.1205'. [ 55.900299][ T6197] unsupported nla_type 65024 [ 55.986516][ T6209] dummy0: entered promiscuous mode [ 56.040065][ T6218] loop4: detected capacity change from 0 to 1024 [ 56.048666][ T6218] EXT4-fs: Ignoring removed nobh option [ 56.054508][ T6218] EXT4-fs: Ignoring removed bh option [ 56.066480][ T6221] loop2: detected capacity change from 0 to 512 [ 56.073444][ T6221] EXT4-fs: Ignoring removed oldalloc option [ 56.100416][ T6221] EXT4-fs error (device loop2): ext4_xattr_inode_iget:433: comm syz.2.1216: Parent and EA inode have the same ino 15 [ 56.115317][ T6221] EXT4-fs (loop2): Remounting filesystem read-only [ 56.121974][ T6221] EXT4-fs warning (device loop2): ext4_evict_inode:257: couldn't mark inode dirty (err -30) [ 56.132880][ T6221] EXT4-fs (loop2): 1 orphan inode deleted [ 56.147038][ T6230] SELinux: Context system_u:object_r:hwdata_t:s0 is not valid (left unmapped). [ 56.196185][ T6238] Invalid ELF header magic: != ELF [ 56.201989][ C1] net_ratelimit: 3 callbacks suppressed [ 56.202011][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 56.202094][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 56.202181][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 56.202256][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 56.202334][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 56.213935][ T6240] loop2: detected capacity change from 0 to 512 [ 56.256343][ T6240] EXT4-fs: Ignoring removed i_version option [ 56.262725][ T6240] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 56.282327][ T6240] EXT4-fs (loop2): 1 truncate cleaned up [ 56.311561][ T6247] loop3: detected capacity change from 0 to 2048 [ 56.328250][ T6249] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 56.337021][ T6249] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 56.421487][ T6265] bridge0: port 3(syz_tun) entered blocking state [ 56.428209][ T6265] bridge0: port 3(syz_tun) entered disabled state [ 56.435453][ T6265] syz_tun: entered allmulticast mode [ 56.441405][ T6265] syz_tun: entered promiscuous mode [ 56.447051][ T6265] bridge0: port 3(syz_tun) entered blocking state [ 56.453597][ T6265] bridge0: port 3(syz_tun) entered forwarding state [ 56.460853][ T6269] loop2: detected capacity change from 0 to 512 [ 56.476662][ T6269] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 56.491236][ T6269] EXT4-fs (loop2): 1 truncate cleaned up [ 56.628037][ T6287] sctp: [Deprecated]: syz.3.1244 (pid 6287) Use of int in maxseg socket option. [ 56.628037][ T6287] Use struct sctp_assoc_value instead [ 56.840379][ T36] kernel read not supported for file /vcs (pid: 36 comm: kworker/1:1) [ 56.876129][ T6304] vhci_hcd: invalid port number 96 [ 56.881373][ T6304] vhci_hcd: default hub control req: 0000 vfffc i0060 l0 [ 56.990316][ T6324] sg_write: data in/out 209152/1 bytes for SCSI command 0xf2-- guessing data in; [ 56.990316][ T6324] program syz.4.1258 not setting count and/or reply_len properly [ 57.132151][ T6330] loop3: detected capacity change from 0 to 128 [ 57.141180][ T6330] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100) [ 57.149194][ T6330] FAT-fs (loop3): Filesystem has been set read-only [ 57.156733][ T6330] bio_check_eod: 2 callbacks suppressed [ 57.156747][ T6330] syz.3.1261: attempt to access beyond end of device [ 57.156747][ T6330] loop3: rw=524288, sector=2065, nr_sectors = 8 limit=128 [ 57.176893][ T6330] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100) [ 57.184872][ T6330] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100) [ 57.194942][ T6330] syz.3.1261: attempt to access beyond end of device [ 57.194942][ T6330] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 57.210420][ T6330] syz.3.1261: attempt to access beyond end of device [ 57.210420][ T6330] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 57.224020][ T6330] syz.3.1261: attempt to access beyond end of device [ 57.224020][ T6330] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 57.239034][ T6330] syz.3.1261: attempt to access beyond end of device [ 57.239034][ T6330] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 57.254166][ T6330] syz.3.1261: attempt to access beyond end of device [ 57.254166][ T6330] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 57.272479][ T6330] syz.3.1261: attempt to access beyond end of device [ 57.272479][ T6330] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 57.291320][ T6330] syz.3.1261: attempt to access beyond end of device [ 57.291320][ T6330] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 57.329579][ T6330] syz.3.1261: attempt to access beyond end of device [ 57.329579][ T6330] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 57.344491][ T6330] syz.3.1261: attempt to access beyond end of device [ 57.344491][ T6330] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 57.379022][ T6348] loop2: detected capacity change from 0 to 512 [ 57.388947][ T6348] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 57.462924][ T6357] team0: Device gtp0 is of different type [ 57.473476][ T6348] EXT4-fs (loop2): 1 truncate cleaned up [ 57.502007][ T6350] 9pnet: Could not find request transport: fdo [ 57.602277][ T6370] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1281'. [ 57.736173][ T6381] loop0: detected capacity change from 0 to 512 [ 57.743668][ T6381] journal_path: Non-blockdev passed as './bus' [ 57.749894][ T6381] EXT4-fs: error: could not find journal device path [ 57.914321][ T6398] SELinux: Context system_u:object_r:fsadm_exec_t:s0 is not valid (left unmapped). [ 58.011317][ T6412] 9p: Unknown access argument : -22 [ 58.099144][ T6424] loop2: detected capacity change from 0 to 512 [ 58.109963][ T6424] EXT4-fs: Ignoring removed mblk_io_submit option [ 58.122941][ T6424] EXT4-fs error (device loop2): ext4_orphan_get:1393: inode #15: comm syz.2.1309: iget: bad extended attribute block 1 [ 58.135760][ T6424] EXT4-fs error (device loop2): ext4_orphan_get:1398: comm syz.2.1309: couldn't read orphan inode 15 (err -117) [ 58.177379][ T6433] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1313'. [ 58.210151][ T6435] loop2: detected capacity change from 0 to 512 [ 58.233404][ T6435] EXT4-fs (loop2): revision level too high, forcing read-only mode [ 58.241617][ T6435] EXT4-fs (loop2): orphan cleanup on readonly fs [ 58.248171][ T6435] EXT4-fs warning (device loop2): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 58.263126][ T6435] EXT4-fs (loop2): Cannot turn on quotas: error -117 [ 58.270605][ T6435] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.1314: bg 0: block 40: padding at end of block bitmap is not set [ 58.286303][ T6435] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6548: Corrupt filesystem [ 58.295535][ T6435] EXT4-fs (loop2): 1 truncate cleaned up [ 58.469000][ T6464] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1327'. [ 58.515119][ T6471] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1330'. [ 58.524415][ T6471] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1330'. [ 59.717591][ T29] kauditd_printk_skb: 140 callbacks suppressed [ 59.717609][ T29] audit: type=1326 audit(1750404695.004:930): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6568 comm="syz.2.1377" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbcae07e929 code=0x7ffc0000 [ 59.761247][ T6571] __nla_validate_parse: 2 callbacks suppressed [ 59.761263][ T6571] netlink: 104 bytes leftover after parsing attributes in process `syz.3.1378'. [ 59.771438][ T29] audit: type=1326 audit(1750404695.015:931): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6568 comm="syz.2.1377" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbcae07e929 code=0x7ffc0000 [ 59.800043][ T29] audit: type=1326 audit(1750404695.036:932): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6568 comm="syz.2.1377" exe="/root/syz-executor" sig=0 arch=c000003e syscall=97 compat=0 ip=0x7fbcae07e929 code=0x7ffc0000 [ 59.823657][ T29] audit: type=1326 audit(1750404695.036:933): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6568 comm="syz.2.1377" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbcae07e929 code=0x7ffc0000 [ 59.847201][ T29] audit: type=1326 audit(1750404695.036:934): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6568 comm="syz.2.1377" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbcae07e929 code=0x7ffc0000 [ 59.870616][ T29] audit: type=1326 audit(1750404695.047:935): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6568 comm="syz.2.1377" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7fbcae07e929 code=0x7ffc0000 [ 59.894096][ T29] audit: type=1400 audit(1750404695.047:936): avc: denied { nlmsg_read } for pid=6570 comm="syz.3.1378" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 59.937440][ T29] audit: type=1326 audit(1750404695.090:937): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6568 comm="syz.2.1377" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbcae07e929 code=0x7ffc0000 [ 59.961024][ T29] audit: type=1326 audit(1750404695.090:938): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6568 comm="syz.2.1377" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbcae07e929 code=0x7ffc0000 [ 59.984657][ T29] audit: type=1326 audit(1750404695.143:939): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6568 comm="syz.2.1377" exe="/root/syz-executor" sig=0 arch=c000003e syscall=38 compat=0 ip=0x7fbcae07e929 code=0x7ffc0000 [ 60.039640][ T6575] ip6gretap0: entered promiscuous mode [ 60.132150][ T6591] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant. [ 60.132150][ T6591] The task syz.2.1383 (6591) triggered the difference, watch for misbehavior. [ 60.741417][ T6619] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1401'. [ 60.826783][ T6627] SELinux: syz.4.1405 (6627) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace. [ 60.845583][ T6631] loop2: detected capacity change from 0 to 512 [ 60.852460][ T6631] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem [ 60.862037][ T6631] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c018, mo2=0002] [ 60.870285][ T6631] System zones: 1-12 [ 60.875116][ T6631] EXT4-fs error (device loop2): mb_free_blocks:1948: group 0, inode 11: block 64:freeing already freed block (bit 63); block bitmap corrupt. [ 60.897156][ T6631] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #11: comm syz.2.1407: corrupted inode contents [ 60.917865][ T6631] EXT4-fs error (device loop2): ext4_dirty_inode:6459: inode #11: comm syz.2.1407: mark_inode_dirty error [ 60.975133][ T6631] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #11: comm syz.2.1407: invalid indirect mapped block 1 (level 1) [ 61.004793][ T6641] program syz.4.1411 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 61.029166][ T6631] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #11: comm syz.2.1407: corrupted inode contents [ 61.066781][ T6631] EXT4-fs error (device loop2) in ext4_orphan_del:305: Corrupt filesystem [ 61.076035][ T6645] batadv_slave_1: entered promiscuous mode [ 61.082759][ T6631] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #11: comm syz.2.1407: corrupted inode contents [ 61.096206][ T6644] batadv_slave_1: left promiscuous mode [ 61.096476][ T6631] EXT4-fs error (device loop2): ext4_truncate:4597: inode #11: comm syz.2.1407: mark_inode_dirty error [ 61.126342][ T6631] EXT4-fs error (device loop2) in ext4_process_orphan:347: Corrupt filesystem [ 61.160877][ T6631] EXT4-fs (loop2): 1 truncate cleaned up [ 61.171447][ T6651] 9pnet_fd: Insufficient options for proto=fd [ 61.182762][ T6653] loop4: detected capacity change from 0 to 1024 [ 61.265759][ T6653] ext4 filesystem being mounted at /282/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 61.302866][ T6653] EXT4-fs (loop4): shut down requested (1) [ 61.318418][ T6653] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop4 ino=12 [ 61.366876][ T6653] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop4 ino=12 [ 61.595341][ T6688] IPVS: sync thread started: state = MASTER, mcast_ifn = team_slave_1, syncid = 0, id = 0 [ 61.667574][ T6695] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=6695 comm=syz.3.1436 [ 61.680122][ T6695] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=6695 comm=syz.3.1436 [ 61.818152][ T6709] SELinux: failed to load policy [ 61.847524][ T6714] loop2: detected capacity change from 0 to 512 [ 61.875717][ T6714] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 61.905890][ T6714] ext4 filesystem being mounted at /272/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 61.984292][ T6731] bond0: option ad_actor_sys_prio: mode dependency failed, not supported in mode balance-rr(0) [ 62.562806][ T6758] netlink: 372 bytes leftover after parsing attributes in process `syz.2.1466'. [ 62.648723][ T6768] SELinux: Context system_u:object_r:hald_sonypic_exec_t:s0 is not valid (left unmapped). [ 62.922479][ T6787] SELinux: failed to load policy [ 63.440257][ T6826] loop3: detected capacity change from 0 to 512 [ 63.448747][ T6826] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 63.461505][ T6826] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 63.469591][ T6826] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e000e118, mo2=0002] [ 63.478499][ T6826] System zones: 0-1, 15-15, 18-18, 34-34 [ 63.484661][ T6826] EXT4-fs (loop3): orphan cleanup on readonly fs [ 63.491905][ T6826] EXT4-fs warning (device loop3): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 63.506559][ T6826] EXT4-fs (loop3): Cannot turn on quotas: error -22 [ 63.513664][ T6826] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.1499: bg 0: block 40: padding at end of block bitmap is not set [ 63.528786][ T6826] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6548: Corrupt filesystem [ 63.549808][ T6826] EXT4-fs (loop3): 1 truncate cleaned up [ 63.556460][ T6826] EXT4-fs mount: 63 callbacks suppressed [ 63.556478][ T6826] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 63.583307][ T6826] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 63.591352][ T6826] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e000e118, mo2=0002] [ 63.622526][ T3320] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 63.875325][ T6865] loop4: detected capacity change from 0 to 512 [ 63.883215][ T6865] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 63.910738][ T6865] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 63.923305][ T6865] ext4 filesystem being mounted at /304/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 63.948650][ T3319] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 64.010552][ T6873] vhci_hcd: default hub control req: 800f v0000 i0000 l31125 [ 64.492352][ T6875] netlink: 'syz.4.1521': attribute type 29 has an invalid length. [ 64.500280][ T6875] netlink: 'syz.4.1521': attribute type 3 has an invalid length. [ 64.508209][ T6875] netlink: 132 bytes leftover after parsing attributes in process `syz.4.1521'. [ 64.561388][ T6879] loop4: detected capacity change from 0 to 256 [ 64.592004][ T6879] FAT-fs (loop4): unable to read block(268435456) for building NFS inode [ 64.650493][ T29] kauditd_printk_skb: 41 callbacks suppressed [ 64.650621][ T29] audit: type=1400 audit(1750404700.283:980): avc: denied { audit_write } for pid=6888 comm="syz.3.1527" capability=29 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 64.678009][ T29] audit: type=1107 audit(1750404700.283:981): pid=6888 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg='' [ 64.784382][ T6902] loop4: detected capacity change from 0 to 128 [ 64.792910][ T6902] journal_path: Lookup failure for './file1' [ 64.799030][ T6902] EXT4-fs: error: could not find journal device path [ 64.897324][ T6914] loop3: detected capacity change from 0 to 256 [ 65.073607][ T6920] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1541'. [ 65.096886][ T6924] vhci_hcd: default hub control req: 800f v0000 i0000 l31125 [ 65.194900][ T6920] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1541'. [ 65.293807][ T29] audit: type=1326 audit(1750404700.980:982): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6941 comm="syz.3.1552" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f486b02e929 code=0x7ffc0000 [ 65.331214][ T29] audit: type=1326 audit(1750404700.980:983): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6941 comm="syz.3.1552" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f486b02e929 code=0x7ffc0000 [ 65.354678][ T29] audit: type=1326 audit(1750404700.980:984): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6941 comm="syz.3.1552" exe="/root/syz-executor" sig=0 arch=c000003e syscall=245 compat=0 ip=0x7f486b02e929 code=0x7ffc0000 [ 65.378220][ T29] audit: type=1326 audit(1750404700.980:985): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6941 comm="syz.3.1552" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f486b02e929 code=0x7ffc0000 [ 65.401606][ T29] audit: type=1326 audit(1750404701.012:986): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6941 comm="syz.3.1552" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f486b02e929 code=0x7ffc0000 [ 65.451481][ T6955] loop3: detected capacity change from 0 to 512 [ 65.459242][ T6955] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 65.479335][ T6955] EXT4-fs (loop3): 1 truncate cleaned up [ 65.492645][ T6955] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 65.515479][ T29] audit: type=1400 audit(1750404701.227:987): avc: denied { lock } for pid=6954 comm="syz.3.1558" path="/342/bus/file1" dev="loop3" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 65.566770][ T29] audit: type=1400 audit(1750404701.227:988): avc: denied { link } for pid=6954 comm="syz.3.1558" name="file1" dev="loop3" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 65.608022][ T3320] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 65.647803][ T6963] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1560'. [ 65.657518][ T6963] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1560'. [ 65.721342][ T29] audit: type=1326 audit(1750404701.441:989): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6970 comm="syz.3.1574" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f486b02e929 code=0x7ffc0000 [ 65.914179][ T6987] bridge0: port 3(syz_tun) entered blocking state [ 65.920875][ T6987] bridge0: port 3(syz_tun) entered disabled state [ 65.940290][ T6987] syz_tun: entered allmulticast mode [ 65.946314][ T6987] syz_tun: entered promiscuous mode [ 65.969046][ T6987] bridge0: port 3(syz_tun) entered blocking state [ 65.975594][ T6987] bridge0: port 3(syz_tun) entered forwarding state [ 65.982719][ T6989] dummy0: entered promiscuous mode [ 66.086787][ T7003] netlink: 'syz.2.1578': attribute type 11 has an invalid length. [ 66.095013][ T7003] netlink: 448 bytes leftover after parsing attributes in process `syz.2.1578'. [ 66.153399][ T7009] loop4: detected capacity change from 0 to 512 [ 66.165691][ T7009] EXT4-fs: Ignoring removed oldalloc option [ 66.178358][ T7009] EXT4-fs error (device loop4): ext4_xattr_inode_iget:433: comm syz.4.1581: Parent and EA inode have the same ino 15 [ 66.213583][ T7009] EXT4-fs (loop4): Remounting filesystem read-only [ 66.220316][ T7009] EXT4-fs warning (device loop4): ext4_evict_inode:257: couldn't mark inode dirty (err -30) [ 66.231033][ T7014] netlink: 'syz.1.1583': attribute type 13 has an invalid length. [ 66.240257][ T7009] EXT4-fs (loop4): 1 orphan inode deleted [ 66.246502][ T7009] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 66.247798][ T7014] gretap0: refused to change device tx_queue_len [ 66.265043][ T7014] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check. [ 66.283162][ T7009] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 66.398289][ T7022] bridge0: port 3(syz_tun) entered blocking state [ 66.404834][ T7022] bridge0: port 3(syz_tun) entered disabled state [ 66.415184][ T7022] syz_tun: entered allmulticast mode [ 66.421451][ T7022] syz_tun: entered promiscuous mode [ 66.427010][ T7022] bridge0: port 3(syz_tun) entered blocking state [ 66.433590][ T7022] bridge0: port 3(syz_tun) entered forwarding state [ 66.458848][ T7029] loop2: detected capacity change from 0 to 128 [ 66.768226][ T7066] loop2: detected capacity change from 0 to 2048 [ 66.781352][ T7066] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 66.847678][ T3321] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 67.036519][ T7091] team0: Device gtp0 is of different type [ 67.074859][ T7097] loop3: detected capacity change from 0 to 512 [ 67.095108][ T7097] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 67.115933][ T7097] EXT4-fs (loop3): 1 truncate cleaned up [ 67.127668][ T7097] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 67.142875][ T7103] netlink: 'syz.2.1624': attribute type 13 has an invalid length. [ 67.172769][ T3320] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 67.181773][ T7103] gretap0: refused to change device tx_queue_len [ 67.181805][ T7103] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check. [ 67.259418][ T7110] loop2: detected capacity change from 0 to 128 [ 67.273338][ T7110] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 67.291259][ T7110] ext4 filesystem being mounted at /326/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 67.362469][ T3321] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 67.463065][ T7117] netlink: 268 bytes leftover after parsing attributes in process `syz.2.1640'. [ 67.482953][ T7124] loop4: detected capacity change from 0 to 512 [ 67.494608][ T7124] EXT4-fs: Ignoring removed i_version option [ 67.501203][ T7124] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 67.543274][ T7124] EXT4-fs (loop4): 1 truncate cleaned up [ 67.549694][ T7124] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 67.630589][ T7125] 9pnet: Could not find request transport: fdo [ 67.649548][ T3319] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 67.699903][ T7131] netlink: 11562 bytes leftover after parsing attributes in process `syz.2.1636'. [ 67.754843][ T7140] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in; [ 67.754843][ T7140] program syz.4.1638 not setting count and/or reply_len properly [ 67.876482][ T7148] loop4: detected capacity change from 0 to 128 [ 67.904948][ T7148] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 67.918740][ T7148] ext4 filesystem being mounted at /330/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 67.943806][ T3319] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 68.008440][ T7155] loop4: detected capacity change from 0 to 256 [ 68.030374][ T7153] vhci_hcd: invalid port number 96 [ 68.035553][ T7153] vhci_hcd: default hub control req: 0000 vfffc i0060 l0 [ 68.081789][ T7159] loop3: detected capacity change from 0 to 512 [ 68.089886][ T7159] EXT4-fs: Ignoring removed i_version option [ 68.097056][ T7159] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 68.110603][ T7159] EXT4-fs (loop3): 1 truncate cleaned up [ 68.124504][ T7159] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 68.168475][ T7164] 9pnet: Could not find request transport: fdo [ 68.197780][ T3320] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 68.235744][ T7171] tipc: Started in network mode [ 68.240668][ T7171] tipc: Node identity ac14140f, cluster identity 4711 [ 68.247751][ T7171] tipc: New replicast peer: 255.255.255.255 [ 68.253981][ T7171] tipc: Enabled bearer , priority 10 [ 68.261398][ T7171] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1654'. [ 68.270522][ T7171] tipc: Disabling bearer [ 68.318743][ T7175] loop3: detected capacity change from 0 to 128 [ 68.336958][ T7175] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 68.349838][ T7175] ext4 filesystem being mounted at /362/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 68.381591][ T3320] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 68.412883][ T7180] netlink: 268 bytes leftover after parsing attributes in process `syz.3.1658'. [ 68.972292][ T7210] tipc: Started in network mode [ 68.977233][ T7210] tipc: Node identity ac14140f, cluster identity 4711 [ 68.987561][ T7210] tipc: New replicast peer: 255.255.255.255 [ 68.993724][ T7210] tipc: Enabled bearer , priority 10 [ 69.015155][ T7210] tipc: Disabling bearer [ 69.063800][ T7213] Cannot find add_set index 0 as target [ 69.385587][ T7221] netlink: 'syz.1.1686': attribute type 1 has an invalid length. [ 69.393641][ T7221] netlink: 'syz.1.1686': attribute type 2 has an invalid length. [ 69.436209][ T7221] netlink: 'syz.1.1686': attribute type 1 has an invalid length. [ 69.444046][ T7221] netlink: 'syz.1.1686': attribute type 2 has an invalid length. [ 69.452876][ T29] kauditd_printk_skb: 23 callbacks suppressed [ 69.452891][ T29] audit: type=1326 audit(1750404705.443:1013): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7222 comm="syz.4.1677" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2226e6e929 code=0x7ffc0000 [ 69.509990][ T29] audit: type=1326 audit(1750404705.497:1014): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7222 comm="syz.4.1677" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2226e6e929 code=0x7ffc0000 [ 69.533558][ T29] audit: type=1326 audit(1750404705.497:1015): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7222 comm="syz.4.1677" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2226e6e929 code=0x7ffc0000 [ 69.558047][ T29] audit: type=1326 audit(1750404705.497:1016): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7222 comm="syz.4.1677" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2226e6e929 code=0x7ffc0000 [ 69.581464][ T29] audit: type=1326 audit(1750404705.497:1017): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7222 comm="syz.4.1677" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2226e6e929 code=0x7ffc0000 [ 69.604902][ T29] audit: type=1326 audit(1750404705.497:1018): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7222 comm="syz.4.1677" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2226e6e929 code=0x7ffc0000 [ 69.628354][ T29] audit: type=1326 audit(1750404705.497:1019): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7222 comm="syz.4.1677" exe="/root/syz-executor" sig=0 arch=c000003e syscall=229 compat=0 ip=0x7f2226e6e929 code=0x7ffc0000 [ 69.651864][ T29] audit: type=1326 audit(1750404705.497:1020): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7222 comm="syz.4.1677" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2226e6e929 code=0x7ffc0000 [ 69.655042][ T7227] netlink: 'syz.4.1689': attribute type 25 has an invalid length. [ 69.683166][ T7227] netlink: 'syz.4.1689': attribute type 28 has an invalid length. [ 69.757177][ T7231] __nla_validate_parse: 2 callbacks suppressed [ 69.757196][ T7231] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1680'. [ 69.813549][ T7231] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1680'. [ 69.907587][ T7235] loop4: detected capacity change from 0 to 512 [ 69.926520][ T7235] EXT4-fs: Ignoring removed mblk_io_submit option [ 69.929163][ T7239] netlink: 300 bytes leftover after parsing attributes in process `syz.1.1695'. [ 69.960973][ T7235] EXT4-fs error (device loop4): ext4_orphan_get:1393: inode #15: comm syz.4.1681: iget: bad extended attribute block 1 [ 69.987326][ T7235] EXT4-fs error (device loop4): ext4_orphan_get:1398: comm syz.4.1681: couldn't read orphan inode 15 (err -117) [ 70.041729][ T7235] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 70.110121][ T3319] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 70.212435][ T7256] openvswitch: netlink: Message has 6 unknown bytes. [ 70.226706][ T7258] netlink: 'syz.2.1691': attribute type 1 has an invalid length. [ 70.234604][ T7258] netlink: 'syz.2.1691': attribute type 2 has an invalid length. [ 70.265499][ T7258] netlink: 'syz.2.1691': attribute type 1 has an invalid length. [ 70.272946][ T29] audit: type=1326 audit(1750404706.312:1021): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7259 comm="syz.4.1692" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2226e6e929 code=0x7ffc0000 [ 70.273376][ T7258] netlink: 'syz.2.1691': attribute type 2 has an invalid length. [ 70.296875][ T29] audit: type=1326 audit(1750404706.312:1022): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7259 comm="syz.4.1692" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2226e6e929 code=0x7ffc0000 [ 70.404435][ T7264] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1706'. [ 70.448568][ T7264] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1706'. [ 70.498549][ T7264] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1706'. [ 70.507600][ T7264] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1706'. [ 70.567068][ T7264] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1706'. [ 70.584850][ T7264] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1706'. [ 72.208283][ T51] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 72.263992][ T51] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 72.340796][ T51] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 72.415717][ T51] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 72.498347][ T7349] netlink: 448 bytes leftover after parsing attributes in process `syz.2.1733'. [ 72.616033][ T7311] chnl_net:caif_netlink_parms(): no params data found [ 72.650447][ T51] bridge_slave_1: left allmulticast mode [ 72.656162][ T51] bridge_slave_1: left promiscuous mode [ 72.661969][ T51] bridge0: port 2(bridge_slave_1) entered disabled state [ 72.689318][ T51] bridge_slave_0: left allmulticast mode [ 72.694996][ T51] bridge_slave_0: left promiscuous mode [ 72.700969][ T51] bridge0: port 1(bridge_slave_0) entered disabled state [ 72.821531][ T51] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 72.832540][ T51] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 72.843599][ T51] bond0 (unregistering): Released all slaves [ 72.884513][ T7311] bridge0: port 1(bridge_slave_0) entered blocking state [ 72.891622][ T7311] bridge0: port 1(bridge_slave_0) entered disabled state [ 72.899155][ T7311] bridge_slave_0: entered allmulticast mode [ 72.905754][ T7311] bridge_slave_0: entered promiscuous mode [ 72.914207][ T51] hsr_slave_0: left promiscuous mode [ 72.919988][ T51] hsr_slave_1: left promiscuous mode [ 72.927608][ T51] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 72.935066][ T51] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 72.944592][ T51] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 72.952089][ T51] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 72.963746][ T51] veth1_macvtap: left promiscuous mode [ 72.969593][ T51] veth0_macvtap: left promiscuous mode [ 72.975162][ T51] veth1_vlan: left promiscuous mode [ 72.981655][ T51] veth0_vlan: left promiscuous mode [ 73.053707][ T51] team0 (unregistering): Port device team_slave_1 removed [ 73.066482][ T51] team0 (unregistering): Port device team_slave_0 removed [ 73.103690][ T7311] bridge0: port 2(bridge_slave_1) entered blocking state [ 73.110833][ T7311] bridge0: port 2(bridge_slave_1) entered disabled state [ 73.119357][ T7311] bridge_slave_1: entered allmulticast mode [ 73.126620][ T7311] bridge_slave_1: entered promiscuous mode [ 73.150294][ T7311] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 73.162055][ T7311] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 73.183890][ T7311] team0: Port device team_slave_0 added [ 73.190477][ T7311] team0: Port device team_slave_1 added [ 73.208843][ T7311] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 73.216157][ T7311] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 73.242291][ T7311] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 73.256379][ T7311] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 73.263380][ T7311] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 73.289498][ T7311] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 73.334000][ T7311] hsr_slave_0: entered promiscuous mode [ 73.340149][ T7311] hsr_slave_1: entered promiscuous mode [ 73.346110][ T7311] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 73.356122][ T7311] Cannot create hsr debugfs directory [ 73.493457][ T7311] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 73.517299][ T7311] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 73.528776][ T7380] SELinux: Context system_u:object_r:apt_var_cache_t:s0 is not valid (left unmapped). [ 73.543849][ T7311] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 73.569297][ T7311] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 73.655980][ T7311] 8021q: adding VLAN 0 to HW filter on device bond0 [ 73.696946][ T7311] 8021q: adding VLAN 0 to HW filter on device team0 [ 73.713771][ T7406] batadv_slave_1: entered promiscuous mode [ 73.733423][ T7405] batadv_slave_1: left promiscuous mode [ 73.747009][ T51] bridge0: port 1(bridge_slave_0) entered blocking state [ 73.754127][ T51] bridge0: port 1(bridge_slave_0) entered forwarding state [ 73.771797][ T127] bridge0: port 2(bridge_slave_1) entered blocking state [ 73.778989][ T127] bridge0: port 2(bridge_slave_1) entered forwarding state [ 73.913126][ T7311] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 74.117355][ T29] kauditd_printk_skb: 25 callbacks suppressed [ 74.117419][ T29] audit: type=1400 audit(1750404710.454:1048): avc: denied { setopt } for pid=7450 comm="syz.1.1763" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 74.198615][ T7311] veth0_vlan: entered promiscuous mode [ 74.208577][ T7458] xt_hashlimit: max too large, truncated to 1048576 [ 74.209068][ T7311] veth1_vlan: entered promiscuous mode [ 74.229861][ T7311] veth0_macvtap: entered promiscuous mode [ 74.247351][ T7311] veth1_macvtap: entered promiscuous mode [ 74.272319][ T7311] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 74.291528][ T7311] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 74.308414][ T7311] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.317280][ T7311] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.326073][ T7311] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.334894][ T7311] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.373516][ T29] audit: type=1400 audit(1750404710.722:1049): avc: denied { mounton } for pid=7311 comm="syz-executor" path="/root/syzkaller.SHyzSk/syz-tmp" dev="sda1" ino=2047 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1 [ 74.401950][ T29] audit: type=1400 audit(1750404710.754:1050): avc: denied { mount } for pid=7311 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 74.424408][ T29] audit: type=1400 audit(1750404710.754:1051): avc: denied { mount } for pid=7311 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1 [ 74.446745][ T29] audit: type=1400 audit(1750404710.754:1052): avc: denied { mounton } for pid=7311 comm="syz-executor" path="/root/syzkaller.SHyzSk/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1 [ 74.473678][ T29] audit: type=1400 audit(1750404710.754:1053): avc: denied { mounton } for pid=7311 comm="syz-executor" path="/root/syzkaller.SHyzSk/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=17154 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1 [ 74.553249][ T29] audit: type=1400 audit(1750404710.872:1054): avc: denied { mounton } for pid=7311 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=536 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1 [ 74.576522][ T29] audit: type=1400 audit(1750404710.872:1055): avc: denied { mount } for pid=7311 comm="syz-executor" name="/" dev="gadgetfs" ino=4192 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1 [ 74.599259][ T29] audit: type=1400 audit(1750404710.883:1056): avc: denied { create } for pid=7474 comm="syz.2.1773" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1 [ 74.618774][ T29] audit: type=1400 audit(1750404710.894:1057): avc: denied { bind } for pid=7472 comm="syz.1.1772" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 74.672402][ T7486] __nla_validate_parse: 2 callbacks suppressed [ 74.672472][ T7486] netlink: 48 bytes leftover after parsing attributes in process `syz.4.1777'. [ 74.682400][ T7483] 9pnet: Could not find request transport: 0xffffffffffffffff [ 74.737516][ T7496] syzkaller0: tun_chr_ioctl cmd 2147767520 [ 74.921749][ T7520] loop4: detected capacity change from 0 to 764 [ 74.952759][ T7520] rock: directory entry would overflow storage [ 74.959027][ T7520] rock: sig=0x4654, size=5, remaining=4 [ 74.994636][ T7520] rock: directory entry would overflow storage [ 75.000892][ T7520] rock: sig=0x4f50, size=4, remaining=3 [ 75.006557][ T7520] iso9660: Corrupted directory entry in block 4 of inode 1792 [ 75.150938][ T7557] loop5: detected capacity change from 0 to 256 [ 75.160399][ T7557] FAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 75.214742][ T7566] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0) [ 75.291720][ T7577] syzkaller0: tun_chr_ioctl cmd 2147767520 [ 75.364180][ T7586] loop2: detected capacity change from 0 to 256 [ 75.402477][ T7586] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 75.437885][ T7594] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0) [ 75.554233][ T7608] validate_nla: 3 callbacks suppressed [ 75.554251][ T7608] netlink: 'syz.2.1832': attribute type 10 has an invalid length. [ 75.730043][ T7636] netlink: 128 bytes leftover after parsing attributes in process `syz.1.1845'. [ 75.807279][ T7647] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1851'. [ 75.854657][ T7651] loop2: detected capacity change from 0 to 1024 [ 75.878953][ T7651] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 75.909660][ T7651] ext4 filesystem being mounted at /388/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 76.018853][ T3321] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 76.129744][ T7677] loop4: detected capacity change from 0 to 1024 [ 76.157917][ T7677] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 76.174738][ T7677] ext4 filesystem being mounted at /399/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 76.318287][ T3319] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 76.610151][ T7716] loop4: detected capacity change from 0 to 1024 [ 76.634020][ T7718] SELinux: policydb version 0 does not match my version range 15-34 [ 76.653094][ T7718] SELinux: failed to load policy [ 76.673240][ T7716] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 76.698322][ T7728] loop5: detected capacity change from 0 to 128 [ 76.711608][ T7728] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 76.746690][ T7728] ext4 filesystem being mounted at /21/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 76.785757][ T3319] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 76.837129][ T7311] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 76.944907][ T7754] loop4: detected capacity change from 0 to 1024 [ 76.964367][ T7754] EXT4-fs: inline encryption not supported [ 76.988671][ T7754] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 77.015696][ T7754] EXT4-fs error (device loop4): ext4_map_blocks:816: inode #3: block 1: comm syz.4.1898: lblock 1 mapped to illegal pblock 1 (length 1) [ 77.038964][ T7754] EXT4-fs (loop4): Remounting filesystem read-only [ 77.046093][ T7754] EXT4-fs (loop4): 1 orphan inode deleted [ 77.052536][ T7754] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 77.079870][ T3319] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 77.136783][ T7763] netlink: 'syz.1.1902': attribute type 1 has an invalid length. [ 77.214664][ T7782] loop2: detected capacity change from 0 to 512 [ 77.231280][ T7782] journal_path: Lookup failure for './file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa' [ 77.250712][ T7782] EXT4-fs: error: could not find journal device path [ 77.269198][ T7786] loop4: detected capacity change from 0 to 128 [ 77.724477][ T7822] loop4: detected capacity change from 0 to 512 [ 77.731536][ T7822] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem [ 77.741116][ T7822] EXT4-fs (loop4): invalid journal inode [ 77.746981][ T7822] EXT4-fs (loop4): can't get journal size [ 77.759471][ T7822] EXT4-fs (loop4): 1 truncate cleaned up [ 77.772999][ T7825] loop5: detected capacity change from 0 to 4096 [ 77.775742][ T7822] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 77.797808][ T7825] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 77.832728][ T3319] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 77.878892][ T7311] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 78.106788][ T7850] 9pnet_fd: Insufficient options for proto=fd [ 78.173401][ T7858] loop4: detected capacity change from 0 to 1024 [ 78.220119][ T7858] EXT4-fs: Ignoring removed orlov option [ 78.242853][ T7858] EXT4-fs (loop4): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 78.298137][ T7858] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 78.329647][ T7858] EXT4-fs error (device loop4): __ext4_new_inode:1073: comm syz.4.1948: reserved inode found cleared - inode=18 [ 78.424466][ T7882] 9pnet_fd: Insufficient options for proto=fd [ 78.426750][ T3319] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 78.594256][ T7904] macvtap1: entered allmulticast mode [ 78.599864][ T7904] veth0_macvtap: entered allmulticast mode [ 78.695694][ T7916] SELinux: syz.4.1977 (7916) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace. [ 78.768165][ T7901] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 78.778103][ T7901] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 78.892573][ T29] kauditd_printk_skb: 202 callbacks suppressed [ 78.892591][ T29] audit: type=1326 audit(1750404715.572:1258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7928 comm="syz.4.1981" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2226e6e929 code=0x7ffc0000 [ 78.942133][ T29] audit: type=1326 audit(1750404715.572:1259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7928 comm="syz.4.1981" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2226e6e929 code=0x7ffc0000 [ 78.965752][ T29] audit: type=1326 audit(1750404715.572:1260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7928 comm="syz.4.1981" exe="/root/syz-executor" sig=0 arch=c000003e syscall=137 compat=0 ip=0x7f2226e6e929 code=0x7ffc0000 [ 78.989185][ T29] audit: type=1326 audit(1750404715.572:1261): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7928 comm="syz.4.1981" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2226e6e929 code=0x7ffc0000 [ 79.012978][ T29] audit: type=1326 audit(1750404715.572:1262): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7928 comm="syz.4.1981" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2226e6e929 code=0x7ffc0000 [ 79.068244][ T29] audit: type=1326 audit(1750404715.754:1263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7933 comm="syz.2.1983" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbcae07e929 code=0x7ffc0000 [ 79.092143][ T29] audit: type=1326 audit(1750404715.754:1264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7933 comm="syz.2.1983" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbcae07e929 code=0x7ffc0000 [ 79.115761][ T29] audit: type=1326 audit(1750404715.754:1265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7933 comm="syz.2.1983" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbcae07e929 code=0x7ffc0000 [ 79.139292][ T29] audit: type=1326 audit(1750404715.754:1266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7933 comm="syz.2.1983" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbcae07e929 code=0x7ffc0000 [ 79.164631][ T29] audit: type=1326 audit(1750404715.872:1267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7933 comm="syz.2.1983" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbcae07e929 code=0x7ffc0000 [ 79.377224][ T7955] loop5: detected capacity change from 0 to 512 [ 79.385123][ T7955] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 79.420898][ T7955] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters [ 79.467774][ T7955] EXT4-fs (loop5): 1 truncate cleaned up [ 79.492654][ T7955] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 79.521536][ T7965] loop4: detected capacity change from 0 to 512 [ 79.559302][ T7965] EXT4-fs: test_dummy_encryption option not supported [ 79.608153][ T7311] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 79.657470][ T7973] loop5: detected capacity change from 0 to 512 [ 79.702073][ T7973] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 79.719026][ T7973] ext4 filesystem being mounted at /54/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 79.742596][ T7973] EXT4-fs error (device loop5): ext4_acquire_dquot:6933: comm syz.5.2000: Failed to acquire dquot type 0 [ 79.776003][ T7311] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 79.843763][ T8000] loop5: detected capacity change from 0 to 128 [ 80.058034][ T8029] lo speed is unknown, defaulting to 1000 [ 80.068551][ T8029] lo speed is unknown, defaulting to 1000 [ 80.074708][ T8029] lo speed is unknown, defaulting to 1000 [ 80.081461][ T8029] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 80.090934][ T8029] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98 [ 80.118035][ T8029] lo speed is unknown, defaulting to 1000 [ 80.128108][ T8029] lo speed is unknown, defaulting to 1000 [ 80.147509][ T8029] lo speed is unknown, defaulting to 1000 [ 80.171029][ T8029] lo speed is unknown, defaulting to 1000 [ 80.184742][ T8029] lo speed is unknown, defaulting to 1000 [ 80.219166][ T8000] bio_check_eod: 18502 callbacks suppressed [ 80.219185][ T8000] syz.5.2013: attempt to access beyond end of device [ 80.219185][ T8000] loop5: rw=2049, sector=129, nr_sectors = 8 limit=128 [ 80.247210][ T8000] syz.5.2013: attempt to access beyond end of device [ 80.247210][ T8000] loop5: rw=2049, sector=145, nr_sectors = 8 limit=128 [ 80.268433][ T8043] loop4: detected capacity change from 0 to 1024 [ 80.276819][ T8000] syz.5.2013: attempt to access beyond end of device [ 80.276819][ T8000] loop5: rw=2049, sector=161, nr_sectors = 8 limit=128 [ 80.285013][ T8045] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2036'. [ 80.299271][ T8045] netlink: 32 bytes leftover after parsing attributes in process `syz.2.2036'. [ 80.308569][ T8045] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2036'. [ 80.313056][ T8000] syz.5.2013: attempt to access beyond end of device [ 80.313056][ T8000] loop5: rw=2049, sector=177, nr_sectors = 8 limit=128 [ 80.322276][ T8045] netlink: 32 bytes leftover after parsing attributes in process `syz.2.2036'. [ 80.341762][ T8000] syz.5.2013: attempt to access beyond end of device [ 80.341762][ T8000] loop5: rw=2049, sector=193, nr_sectors = 8 limit=128 [ 80.361207][ T8000] syz.5.2013: attempt to access beyond end of device [ 80.361207][ T8000] loop5: rw=2049, sector=209, nr_sectors = 8 limit=128 [ 80.375762][ T8043] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 80.406204][ T8000] syz.5.2013: attempt to access beyond end of device [ 80.406204][ T8000] loop5: rw=2049, sector=225, nr_sectors = 8 limit=128 [ 80.406470][ T3319] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 80.419737][ T8000] syz.5.2013: attempt to access beyond end of device [ 80.419737][ T8000] loop5: rw=2049, sector=241, nr_sectors = 8 limit=128 [ 80.442581][ T8000] syz.5.2013: attempt to access beyond end of device [ 80.442581][ T8000] loop5: rw=2049, sector=257, nr_sectors = 8 limit=128 [ 80.460647][ T8000] syz.5.2013: attempt to access beyond end of device [ 80.460647][ T8000] loop5: rw=2049, sector=273, nr_sectors = 8 limit=128 [ 80.486285][ T8053] netlink: 'syz.2.2040': attribute type 1 has an invalid length. [ 80.564154][ T8055] loop4: detected capacity change from 0 to 2048 [ 80.638992][ T8055] Alternate GPT is invalid, using primary GPT. [ 80.645465][ T8055] loop4: p1 p2 p3 [ 80.864646][ T8095] loop5: detected capacity change from 0 to 512 [ 80.890297][ T8095] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 80.906894][ T8095] EXT4-fs error (device loop5): ext4_get_branch:178: inode #11: block 4294967295: comm syz.5.2058: invalid block [ 80.920246][ T8095] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #11: comm syz.5.2058: invalid indirect mapped block 4294967295 (level 1) [ 80.934581][ T8095] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #11: comm syz.5.2058: invalid indirect mapped block 4294967295 (level 1) [ 80.950853][ T8095] EXT4-fs (loop5): 2 truncates cleaned up [ 80.957130][ T8095] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 80.997319][ T7311] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 81.043421][ T8103] SELinux: policydb version 0 does not match my version range 15-34 [ 81.141757][ T8103] SELinux: failed to load policy [ 81.182330][ T8107] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2063'. [ 81.222989][ T8109] Falling back ldisc for ttyS3. [ 81.341768][ T8114] openvswitch: netlink: Message has 6 unknown bytes. [ 81.657914][ T8126] loop4: detected capacity change from 0 to 1024 [ 81.684695][ T8126] EXT4-fs: Ignoring removed nobh option [ 81.690380][ T8126] EXT4-fs: Ignoring removed bh option [ 81.772333][ T8132] loop5: detected capacity change from 0 to 512 [ 81.782545][ T8126] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 81.797915][ T8132] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 81.810632][ T8132] ext4 filesystem being mounted at /70/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 81.857988][ T3319] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 81.881376][ T8142] netdevsim netdevsim1: Direct firmware load for ./file0 failed with error -2 [ 81.925273][ T7311] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 82.040430][ T8163] pim6reg: entered allmulticast mode [ 82.083126][ T8163] pim6reg: left allmulticast mode [ 82.146218][ T8176] netlink: 172 bytes leftover after parsing attributes in process `syz.2.2094'. [ 82.169279][ T8176] netlink: 172 bytes leftover after parsing attributes in process `syz.2.2094'. [ 82.181213][ T8181] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2096'. [ 82.291767][ T8195] x_tables: ip6_tables: tcpmss match: only valid for protocol 6 [ 82.359978][ T8202] block device autoloading is deprecated and will be removed. [ 82.393018][ T8206] netlink: 9286 bytes leftover after parsing attributes in process `syz.2.2108'. [ 82.463470][ T8210] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.2110'. [ 82.502749][ T8210] netlink: zone id is out of range [ 82.520740][ T8210] netlink: zone id is out of range [ 82.526063][ T8210] netlink: zone id is out of range [ 82.536187][ T8210] netlink: zone id is out of range [ 82.549125][ T8210] netlink: del zone limit has 8 unknown bytes [ 82.761896][ T8223] lo speed is unknown, defaulting to 1000 [ 83.050420][ T4729] bridge0: port 3(syz_tun) entered disabled state [ 83.059682][ T4729] syz_tun (unregistering): left allmulticast mode [ 83.066266][ T4729] syz_tun (unregistering): left promiscuous mode [ 83.072770][ T4729] bridge0: port 3(syz_tun) entered disabled state [ 83.128678][ T8223] chnl_net:caif_netlink_parms(): no params data found [ 83.128995][ T8244] loop2: detected capacity change from 0 to 512 [ 83.219197][ T2868] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 83.281479][ T2868] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 83.318978][ T8270] loop5: detected capacity change from 0 to 1024 [ 83.326038][ T8270] EXT4-fs: Ignoring removed i_version option [ 83.335152][ T8270] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 83.358450][ T36] kernel read not supported for file /rfkill (pid: 36 comm: kworker/1:1) [ 83.369848][ T8223] bridge0: port 1(bridge_slave_0) entered blocking state [ 83.376997][ T8223] bridge0: port 1(bridge_slave_0) entered disabled state [ 83.387975][ T8223] bridge_slave_0: entered allmulticast mode [ 83.388855][ T8282] netlink: 'syz.1.2136': attribute type 10 has an invalid length. [ 83.396095][ T8223] bridge_slave_0: entered promiscuous mode [ 83.413267][ T2868] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 83.416560][ T8270] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:483: comm syz.5.2132: Invalid block bitmap block 0 in block_group 0 [ 83.443356][ T8282] team0: Port device hsr0 added [ 83.450764][ T8285] loop4: detected capacity change from 0 to 512 [ 83.457251][ T8223] bridge0: port 2(bridge_slave_1) entered blocking state [ 83.464721][ T8223] bridge0: port 2(bridge_slave_1) entered disabled state [ 83.473311][ T8223] bridge_slave_1: entered allmulticast mode [ 83.480500][ T8223] bridge_slave_1: entered promiscuous mode [ 83.487205][ T8270] EXT4-fs error (device loop5): ext4_acquire_dquot:6933: comm syz.5.2132: Failed to acquire dquot type 0 [ 83.508039][ T8270] EXT4-fs error (device loop5): ext4_free_blocks:6587: comm syz.5.2132: Freeing blocks not in datazone - block = 0, count = 4096 [ 83.522320][ T2868] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 83.523047][ T8270] EXT4-fs error (device loop5): ext4_read_inode_bitmap:139: comm syz.5.2132: Invalid inode bitmap blk 0 in block_group 0 [ 83.547641][ T8270] EXT4-fs error (device loop5) in ext4_free_inode:361: Corrupt filesystem [ 83.547754][ T8223] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 83.558202][ T8270] EXT4-fs (loop5): 1 orphan inode deleted [ 83.571154][ T41] __quota_error: 147 callbacks suppressed [ 83.571169][ T41] Quota error (device loop5): do_check_range: Getting block 0 out of range 1-8 [ 83.574517][ T8223] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 83.576948][ T41] EXT4-fs error (device loop5): ext4_release_dquot:6969: comm kworker/u8:2: Failed to release dquot type 0 [ 83.590903][ T8270] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 83.616381][ T8285] EXT4-fs (loop4): too many log groups per flexible block group [ 83.627070][ T8285] EXT4-fs (loop4): failed to initialize mballoc (-12) [ 83.634670][ T8285] EXT4-fs (loop4): mount failed [ 83.646003][ T8223] team0: Port device team_slave_0 added [ 83.653023][ T8223] team0: Port device team_slave_1 added [ 83.671655][ T8223] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 83.678728][ T8223] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 83.705017][ T8223] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 83.741067][ T8223] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 83.748234][ T8223] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 83.774310][ T8223] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 83.798227][ T29] audit: type=1400 audit(1750404720.839:1411): avc: denied { create } for pid=8298 comm="syz.4.2143" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 83.820524][ T29] audit: type=1400 audit(1750404720.861:1412): avc: denied { write } for pid=8298 comm="syz.4.2143" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 83.841060][ T29] audit: type=1400 audit(1750404720.861:1413): avc: denied { nlmsg_write } for pid=8298 comm="syz.4.2143" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 83.885254][ T8223] hsr_slave_0: entered promiscuous mode [ 83.891807][ T8223] hsr_slave_1: entered promiscuous mode [ 83.897964][ T8223] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 83.905623][ T29] audit: type=1326 audit(1750404720.947:1414): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8304 comm="syz.2.2146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbcae07e929 code=0x7ffc0000 [ 83.929427][ T29] audit: type=1326 audit(1750404720.947:1415): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8304 comm="syz.2.2146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbcae07e929 code=0x7ffc0000 [ 83.952913][ T29] audit: type=1326 audit(1750404720.947:1416): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8304 comm="syz.2.2146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbcae07e929 code=0x7ffc0000 [ 83.976399][ T29] audit: type=1326 audit(1750404720.947:1417): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8304 comm="syz.2.2146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbcae07e929 code=0x7ffc0000 [ 83.985235][ T8223] Cannot create hsr debugfs directory [ 83.999867][ T29] audit: type=1326 audit(1750404720.947:1418): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8304 comm="syz.2.2146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbcae07e929 code=0x7ffc0000 [ 83.999897][ T29] audit: type=1326 audit(1750404720.947:1419): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8304 comm="syz.2.2146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbcae07e929 code=0x7ffc0000 [ 84.023102][ T8309] loop2: detected capacity change from 0 to 128 [ 84.060328][ T7311] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 84.064975][ T8309] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (30846!=65535) [ 84.086162][ T8309] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 ro without journal. Quota mode: none. [ 84.127909][ T2868] bridge_slave_1: left promiscuous mode [ 84.133634][ T2868] bridge0: port 2(bridge_slave_1) entered disabled state [ 84.141042][ T8309] EXT4-fs error (device loop2): __ext4_find_entry:1626: inode #2: comm syz.2.2149: checksumming directory block 0 [ 84.165095][ T2868] bridge_slave_0: left allmulticast mode [ 84.165117][ T2868] bridge_slave_0: left promiscuous mode [ 84.165249][ T2868] bridge0: port 1(bridge_slave_0) entered disabled state [ 84.178571][ T3321] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 84.262758][ T2868] batman_adv: batadv0: Removing interface: geneve2 [ 84.305098][ T2868] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 84.316504][ T2868] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 84.327608][ T2868] bond0 (unregistering): Released all slaves [ 84.348826][ T8324] netlink: 'syz.1.2154': attribute type 1 has an invalid length. [ 84.356633][ T8324] netlink: 'syz.1.2154': attribute type 2 has an invalid length. [ 84.375689][ T8344] SELinux: policydb version 133 does not match my version range 15-34 [ 84.384601][ T8344] SELinux: failed to load policy [ 84.413420][ T2868] hsr_slave_0: left promiscuous mode [ 84.431710][ T2868] hsr_slave_1: left promiscuous mode [ 84.448363][ T2868] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 84.455927][ T2868] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 84.464701][ T2868] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 84.472267][ T2868] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 84.496563][ T8358] loop2: detected capacity change from 0 to 1024 [ 84.516193][ T2868] veth1_macvtap: left promiscuous mode [ 84.521724][ T2868] veth0_macvtap: left promiscuous mode [ 84.528030][ T2868] veth1_vlan: left promiscuous mode [ 84.533370][ T2868] veth0_vlan: left promiscuous mode [ 84.545919][ T8358] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 84.575792][ T8358] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.2170: bg 0: block 88: padding at end of block bitmap is not set [ 84.612553][ T3321] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 84.649159][ T2868] team0 (unregistering): Port device team_slave_1 removed [ 84.660624][ T2868] team0 (unregistering): Port device team_slave_0 removed [ 84.693526][ T8384] sg_write: data in/out 1729250402/1 bytes for SCSI command 0x2d-- guessing data in; [ 84.693526][ T8384] program syz.2.2180 not setting count and/or reply_len properly [ 84.795099][ T8223] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 84.808691][ T8223] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 84.822601][ T8223] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 84.835132][ T8223] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 84.901692][ T8223] 8021q: adding VLAN 0 to HW filter on device bond0 [ 84.914760][ T8223] 8021q: adding VLAN 0 to HW filter on device team0 [ 84.927750][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 84.934965][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 84.949020][ T41] bridge0: port 2(bridge_slave_1) entered blocking state [ 84.956226][ T41] bridge0: port 2(bridge_slave_1) entered forwarding state [ 85.070881][ T8436] __nla_validate_parse: 3 callbacks suppressed [ 85.070898][ T8436] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2200'. [ 85.086327][ T8436] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 85.117876][ T8223] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 85.297873][ T8223] veth0_vlan: entered promiscuous mode [ 85.309441][ T8470] netlink: 36 bytes leftover after parsing attributes in process `syz.2.2210'. [ 85.309780][ T8223] veth1_vlan: entered promiscuous mode [ 85.350362][ T8223] veth0_macvtap: entered promiscuous mode [ 85.360786][ T8223] veth1_macvtap: entered promiscuous mode [ 85.373950][ T8223] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 85.393356][ T8223] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 85.404037][ T8223] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 85.412925][ T8223] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 85.422160][ T8223] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 85.431150][ T8223] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 85.441474][ T8479] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2214'. [ 85.557032][ T8497] xt_hashlimit: max too large, truncated to 1048576 [ 85.656450][ T8519] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 85.706228][ T8519] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 85.777248][ T8519] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 85.823440][ T8519] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 85.898121][ T8519] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 85.913147][ T8519] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 85.934740][ T8559] lo speed is unknown, defaulting to 1000 [ 85.950819][ T8519] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 85.978958][ T8519] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 86.026132][ T8568] loop5: detected capacity change from 0 to 8192 [ 86.140826][ T8583] loop5: detected capacity change from 0 to 2048 [ 86.150569][ T8585] loop6: detected capacity change from 0 to 512 [ 86.172927][ T8587] netlink: 40 bytes leftover after parsing attributes in process `syz.4.2261'. [ 86.175494][ T8583] loop5: p1 < > p4 [ 86.186794][ T8583] loop5: p4 size 8388608 extends beyond EOD, truncated [ 86.195733][ T8585] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 86.312430][ T8585] ext4 filesystem being mounted at /9/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 86.450122][ T8612] netlink: 132 bytes leftover after parsing attributes in process `syz.4.2272'. [ 86.468083][ T8223] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 86.517408][ T8616] netlink: 'syz.5.2275': attribute type 1 has an invalid length. [ 86.559407][ T8622] bridge0: port 1(bridge_slave_0) entered blocking state [ 86.566682][ T8622] bridge0: port 1(bridge_slave_0) entered forwarding state [ 86.906305][ T8666] futex_wake_op: syz.6.2298 tries to shift op by 32; fix this program [ 87.073318][ T8684] netlink: 16 bytes leftover after parsing attributes in process `syz.6.2306'. [ 87.426621][ T8710] loop4: detected capacity change from 0 to 1024 [ 87.433854][ T8710] EXT4-fs: Ignoring removed oldalloc option [ 87.439753][ T8710] EXT4-fs: Ignoring removed bh option [ 87.453281][ T8710] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 87.467691][ T8710] EXT4-fs error (device loop4): ext4_xattr_block_get:593: inode #12: comm syz.4.2317: corrupted xattr block 13: invalid header [ 87.481073][ T8710] EXT4-fs (loop4): Remounting filesystem read-only [ 87.487582][ T8710] SELinux: inode_doinit_use_xattr: getxattr returned 117 for dev=loop4 ino=12 [ 87.497418][ T8710] SELinux: inode_doinit_use_xattr: getxattr returned 117 for dev=loop4 ino=12 [ 87.506598][ T8710] SELinux: inode_doinit_use_xattr: getxattr returned 117 for dev=loop4 ino=12 [ 87.515739][ T8710] SELinux: inode_doinit_use_xattr: getxattr returned 117 for dev=loop4 ino=12 [ 87.524955][ T8710] SELinux: inode_doinit_use_xattr: getxattr returned 117 for dev=loop4 ino=12 [ 87.534135][ T8710] SELinux: inode_doinit_use_xattr: getxattr returned 117 for dev=loop4 ino=12 [ 87.543182][ T8710] SELinux: inode_doinit_use_xattr: getxattr returned 117 for dev=loop4 ino=12 [ 87.552311][ T8710] SELinux: inode_doinit_use_xattr: getxattr returned 117 for dev=loop4 ino=12 [ 87.561329][ T8710] SELinux: inode_doinit_use_xattr: getxattr returned 117 for dev=loop4 ino=12 [ 87.579051][ T3319] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 87.595858][ T8714] serio: Serial port ttyS3 [ 87.645895][ T8716] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2319'. [ 87.974873][ T8755] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2337'. [ 87.975830][ T8757] loop9: detected capacity change from 0 to 7 [ 87.990567][ T8757] Buffer I/O error on dev loop9, logical block 0, async page read [ 88.007105][ T8757] Buffer I/O error on dev loop9, logical block 0, async page read [ 88.015125][ T8757] loop9: unable to read partition table [ 88.035412][ T8757] loop_reread_partitions: partition scan of loop9 (被ڬdƤݡ [ 88.035412][ T8757] U) failed (rc=-5) [ 88.173099][ T8769] x_tables: ip6_tables: tcpmss match: only valid for protocol 6 [ 88.242366][ T29] kauditd_printk_skb: 192 callbacks suppressed [ 88.242381][ T29] audit: type=1400 audit(1750404725.603:1612): avc: denied { ioctl } for pid=8785 comm="syz.5.2351" path="socket:[22708]" dev="sockfs" ino=22708 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 88.275518][ T29] audit: type=1400 audit(1750404725.603:1613): avc: denied { write } for pid=8785 comm="syz.5.2351" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 88.312003][ T29] audit: type=1400 audit(1750404725.678:1614): avc: denied { write } for pid=8780 comm="syz.1.2350" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 88.366278][ T8796] loop9: detected capacity change from 0 to 7 [ 88.372799][ T8796] Buffer I/O error on dev loop9, logical block 0, async page read [ 88.381182][ T8796] Buffer I/O error on dev loop9, logical block 0, async page read [ 88.389255][ T8796] loop9: unable to read partition table [ 88.395421][ T8796] loop_reread_partitions: partition scan of loop9 (被ڬdƤݡ [ 88.395421][ T8796] U) failed (rc=-5) [ 88.451522][ T8799] SELinux: policydb version 133 does not match my version range 15-34 [ 88.460694][ T29] audit: type=1400 audit(1750404725.828:1615): avc: denied { load_policy } for pid=8798 comm="syz.5.2358" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1 [ 88.463587][ T8799] SELinux: failed to load policy [ 88.510696][ T29] audit: type=1400 audit(1750404725.893:1616): avc: denied { write } for pid=8803 comm="syz.4.2359" lport=132 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 88.601993][ T29] audit: type=1400 audit(1750404725.979:1617): avc: denied { read write } for pid=8813 comm="syz.2.2365" name="ppp" dev="devtmpfs" ino=140 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1 [ 88.625581][ T29] audit: type=1400 audit(1750404725.979:1618): avc: denied { open } for pid=8813 comm="syz.2.2365" path="/dev/ppp" dev="devtmpfs" ino=140 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1 [ 88.649076][ T29] audit: type=1400 audit(1750404725.979:1619): avc: denied { ioctl } for pid=8813 comm="syz.2.2365" path="/dev/ppp" dev="devtmpfs" ino=140 ioctlcmd=0x743e scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1 [ 88.674576][ T29] audit: type=1400 audit(1750404726.064:1620): avc: denied { create } for pid=8815 comm="syz.5.2366" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 88.694360][ T29] audit: type=1400 audit(1750404726.064:1621): avc: denied { getopt } for pid=8815 comm="syz.5.2366" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 88.781537][ T8828] lo speed is unknown, defaulting to 1000 [ 88.879650][ T8838] loop6: detected capacity change from 0 to 1024 [ 88.892091][ T8838] EXT4-fs: Ignoring removed i_version option [ 88.902142][ T8838] EXT4-fs (loop6): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 88.919229][ T8838] EXT4-fs error (device loop6): ext4_read_block_bitmap_nowait:483: comm syz.6.2377: Invalid block bitmap block 0 in block_group 0 [ 88.958045][ T8838] EXT4-fs error (device loop6): ext4_acquire_dquot:6933: comm syz.6.2377: Failed to acquire dquot type 0 [ 88.973025][ T8838] EXT4-fs error (device loop6): ext4_free_blocks:6587: comm syz.6.2377: Freeing blocks not in datazone - block = 0, count = 4096 [ 89.030747][ T8838] EXT4-fs error (device loop6): ext4_read_inode_bitmap:139: comm syz.6.2377: Invalid inode bitmap blk 0 in block_group 0 [ 89.045487][ T12] EXT4-fs error (device loop6): ext4_release_dquot:6969: comm kworker/u8:0: Failed to release dquot type 0 [ 89.089255][ T8838] EXT4-fs error (device loop6) in ext4_free_inode:361: Corrupt filesystem [ 89.125725][ T8838] EXT4-fs (loop6): 1 orphan inode deleted [ 89.153937][ T8838] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 89.226604][ T8223] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 89.261822][ T8860] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 89.326642][ T8860] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 89.449108][ T8860] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 89.535887][ T2960] IPVS: starting estimator thread 0... [ 89.576198][ T8860] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 89.623035][ T8888] IPVS: using max 2640 ests per chain, 132000 per kthread [ 89.667143][ T8860] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.680160][ T8860] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.691900][ T8860] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.699239][ T8902] SELinux: syz.2.2405 (8902) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace. [ 89.704256][ T8860] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.766465][ T8909] loop2: detected capacity change from 0 to 1024 [ 89.782732][ T8909] ext4 filesystem being mounted at /520/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 89.808568][ T8914] random: crng reseeded on system resumption [ 89.830896][ T8916] loop2: detected capacity change from 0 to 1024 [ 89.848390][ T8916] ext4 filesystem being mounted at /521/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 89.876225][ T3321] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 16: comm syz-executor: path /521/file1: bad entry in directory: rec_len is smaller than minimal - offset=876, inode=0, rec_len=0, size=1024 fake=0 [ 89.897629][ T3321] EXT4-fs (loop2): Remounting filesystem read-only [ 89.915885][ T8930] hsr0: entered allmulticast mode [ 89.920999][ T8930] hsr_slave_0: entered allmulticast mode [ 89.926816][ T8930] hsr_slave_1: entered allmulticast mode [ 89.948207][ T8934] netlink: 'syz.2.2418': attribute type 1 has an invalid length. [ 89.973225][ T8938] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2429'. [ 89.985882][ T8940] loop2: detected capacity change from 0 to 128 [ 90.104528][ T8940] bio_check_eod: 105 callbacks suppressed [ 90.104540][ T8940] syz.2.2420: attempt to access beyond end of device [ 90.104540][ T8940] loop2: rw=2049, sector=129, nr_sectors = 8 limit=128 [ 90.124081][ T8940] syz.2.2420: attempt to access beyond end of device [ 90.124081][ T8940] loop2: rw=2049, sector=145, nr_sectors = 8 limit=128 [ 90.137567][ T8940] syz.2.2420: attempt to access beyond end of device [ 90.137567][ T8940] loop2: rw=2049, sector=161, nr_sectors = 8 limit=128 [ 90.150954][ T8940] syz.2.2420: attempt to access beyond end of device [ 90.150954][ T8940] loop2: rw=2049, sector=177, nr_sectors = 8 limit=128 [ 90.164426][ T8940] syz.2.2420: attempt to access beyond end of device [ 90.164426][ T8940] loop2: rw=2049, sector=193, nr_sectors = 8 limit=128 [ 90.178009][ T8940] syz.2.2420: attempt to access beyond end of device [ 90.178009][ T8940] loop2: rw=2049, sector=209, nr_sectors = 8 limit=128 [ 90.191568][ T8940] syz.2.2420: attempt to access beyond end of device [ 90.191568][ T8940] loop2: rw=2049, sector=225, nr_sectors = 8 limit=128 [ 90.205565][ T8940] syz.2.2420: attempt to access beyond end of device [ 90.205565][ T8940] loop2: rw=2049, sector=241, nr_sectors = 8 limit=128 [ 90.219156][ T8940] syz.2.2420: attempt to access beyond end of device [ 90.219156][ T8940] loop2: rw=2049, sector=257, nr_sectors = 8 limit=128 [ 90.232972][ T8940] syz.2.2420: attempt to access beyond end of device [ 90.232972][ T8940] loop2: rw=2049, sector=273, nr_sectors = 8 limit=128 [ 90.327384][ T8951] netlink: 24 bytes leftover after parsing attributes in process `syz.6.2425'. [ 90.370329][ T8955] netlink: 24 bytes leftover after parsing attributes in process `syz.6.2427'. [ 90.482233][ T8963] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2431'. [ 90.617654][ T8993] xt_hashlimit: max too large, truncated to 1048576 [ 90.710079][ T8977] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 90.720025][ T8977] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 90.806408][ T9011] serio: Serial port ttyS3 [ 91.320821][ T9061] netlink: 'syz.2.2476': attribute type 14 has an invalid length. [ 91.463226][ T9088] netlink: 24 bytes leftover after parsing attributes in process `syz.6.2490'. [ 91.481292][ T9090] netlink: 'syz.2.2489': attribute type 1 has an invalid length. [ 91.529617][ T9098] loop2: detected capacity change from 0 to 512 [ 91.546564][ T9098] EXT4-fs: inline encryption not supported [ 91.569527][ T9098] EXT4-fs mount: 4 callbacks suppressed [ 91.569547][ T9098] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 91.595388][ T9098] ext4 filesystem being mounted at /561/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 91.620804][ T9098] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #2: comm syz.2.2494: corrupted inode contents [ 91.633997][ T9098] EXT4-fs error (device loop2): ext4_dirty_inode:6459: inode #2: comm syz.2.2494: mark_inode_dirty error [ 91.646847][ T9115] netlink: 'syz.6.2501': attribute type 5 has an invalid length. [ 91.663393][ T9098] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #2: comm syz.2.2494: corrupted inode contents [ 91.675634][ T9098] EXT4-fs error (device loop2): __ext4_ext_dirty:206: inode #2: comm syz.2.2494: mark_inode_dirty error [ 91.695447][ T9098] EXT4-fs error (device loop2): ext4_lookup:1784: inode #18: comm syz.2.2494: 'file0' linked to parent dir [ 91.720915][ T3321] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 91.732627][ T9122] loop4: detected capacity change from 0 to 1024 [ 91.751371][ T9122] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 91.777372][ T9122] ext4 filesystem being mounted at /535/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 91.843047][ T3319] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 91.897455][ T9149] atomic_op ffff88814ae59d28 conn xmit_atomic 0000000000000000 [ 91.941271][ T9155] loop5: detected capacity change from 0 to 128 [ 91.956706][ T9155] FAT-fs (loop5): error, clusters badly computed (2 != 1) [ 91.963968][ T9155] FAT-fs (loop5): Filesystem has been set read-only [ 91.970907][ T9161] netlink: 277 bytes leftover after parsing attributes in process `syz.2.2520'. [ 91.972357][ T9155] FAT-fs (loop5): error, clusters badly computed (3 != 2) [ 91.988274][ T9155] FAT-fs (loop5): error, clusters badly computed (4 != 3) [ 91.996131][ T9155] FAT-fs (loop5): error, clusters badly computed (5 != 4) [ 92.005556][ T9155] FAT-fs (loop5): error, clusters badly computed (6 != 5) [ 92.014321][ T9155] FAT-fs (loop5): error, clusters badly computed (7 != 6) [ 92.051309][ T9167] binfmt_misc: register: failed to install interpreter file ./file2 [ 92.120321][ T9183] random: crng reseeded on system resumption [ 92.181000][ T9188] netlink: 31 bytes leftover after parsing attributes in process `syz.2.2536'. [ 92.197094][ T9195] loop4: detected capacity change from 0 to 128 [ 92.291806][ T9212] x_tables: ip_tables: osf match: used from hooks OUTPUT, but only valid from PREROUTING/INPUT/FORWARD [ 92.347442][ T9215] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 92.396629][ T9215] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 92.406675][ T9230] loop5: detected capacity change from 0 to 1024 [ 92.431252][ T9230] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 92.451244][ T9238] netlink: 76 bytes leftover after parsing attributes in process `syz.2.2559'. [ 92.489921][ T9215] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 92.510628][ T7311] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 92.548695][ T9251] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2565'. [ 92.563463][ T3579] IPVS: starting estimator thread 0... [ 92.575496][ T9255] netlink: 'syz.4.2566': attribute type 1 has an invalid length. [ 92.589912][ T9215] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 92.620905][ T9265] gretap0: entered promiscuous mode [ 92.635150][ T9265] netlink: 31 bytes leftover after parsing attributes in process `syz.5.2570'. [ 92.652349][ T9253] IPVS: using max 2544 ests per chain, 127200 per kthread [ 92.653574][ T9215] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.675223][ T9215] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.713396][ T9215] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.729740][ T9215] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.766482][ T9276] loop5: detected capacity change from 0 to 2048 [ 92.904374][ T29] kauditd_printk_skb: 233 callbacks suppressed [ 92.904392][ T29] audit: type=1326 audit(2000000003.272:1852): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9287 comm="syz.4.2580" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2226e6e929 code=0x7ffc0000 [ 92.945830][ T29] audit: type=1326 audit(2000000003.272:1853): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9287 comm="syz.4.2580" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2226e6e929 code=0x7ffc0000 [ 92.969380][ T29] audit: type=1326 audit(2000000003.272:1854): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9287 comm="syz.4.2580" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2226e6e929 code=0x7ffc0000 [ 92.993244][ T29] audit: type=1326 audit(2000000003.304:1855): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9287 comm="syz.4.2580" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2226e6e929 code=0x7ffc0000 [ 93.016678][ T29] audit: type=1326 audit(2000000003.304:1856): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9287 comm="syz.4.2580" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2226e6e929 code=0x7ffc0000 [ 93.040424][ T29] audit: type=1326 audit(2000000003.304:1857): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9287 comm="syz.4.2580" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2226e6e929 code=0x7ffc0000 [ 93.064182][ T29] audit: type=1326 audit(2000000003.304:1858): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9287 comm="syz.4.2580" exe="/root/syz-executor" sig=0 arch=c000003e syscall=290 compat=0 ip=0x7f2226e6e929 code=0x7ffc0000 [ 93.087649][ T29] audit: type=1326 audit(2000000003.304:1859): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9287 comm="syz.4.2580" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2226e6e929 code=0x7ffc0000 [ 93.089788][ T9300] atomic_op ffff88810a9c5928 conn xmit_atomic 0000000000000000 [ 93.111365][ T29] audit: type=1326 audit(2000000003.304:1860): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9287 comm="syz.4.2580" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2226e6e929 code=0x7ffc0000 [ 93.111399][ T29] audit: type=1400 audit(2000000003.304:1861): avc: denied { block_suspend } for pid=9291 comm="syz.6.2582" capability=36 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 93.232502][ T9306] loop6: detected capacity change from 0 to 1024 [ 93.272491][ T9306] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 93.302865][ T8223] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 93.446947][ T9349] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 93.459289][ T9349] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:1) [ 93.471586][ T9349] bridge_slave_0: default FDB implementation only supports local addresses [ 93.594908][ T9375] Cannot find del_set index 3 as target [ 93.596913][ T9371] loop5: detected capacity change from 0 to 8192 [ 93.613963][ T9379] netlink: 'syz.1.2621': attribute type 6 has an invalid length. [ 93.791268][ T9409] loop4: detected capacity change from 0 to 512 [ 93.798207][ T9409] EXT4-fs: inline encryption not supported [ 93.824307][ T9419] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 93.834114][ T9419] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 93.846991][ T9409] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 93.863637][ T9409] ext4 filesystem being mounted at /570/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 93.898122][ T9409] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #2: comm syz.4.2636: corrupted inode contents [ 93.910147][ T9409] EXT4-fs error (device loop4): ext4_dirty_inode:6459: inode #2: comm syz.4.2636: mark_inode_dirty error [ 93.923699][ T9409] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #2: comm syz.4.2636: corrupted inode contents [ 93.935731][ T9409] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #2: comm syz.4.2636: mark_inode_dirty error [ 93.951259][ T9409] EXT4-fs error (device loop4): ext4_lookup:1784: inode #18: comm syz.4.2636: 'file0' linked to parent dir [ 93.987978][ T3319] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 94.079046][ T9454] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0) [ 94.296857][ C1] sd 0:0:1:0: [sda] tag#2895 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s [ 94.307309][ C1] sd 0:0:1:0: [sda] tag#2895 CDB: Write(6) 0a 00 4e 23 00 00 04 01 00 00 00 00 [ 94.318174][ T9496] SELinux: syz.4.2676 (9496) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace. [ 94.333041][ T9500] SELinux: failed to load policy [ 94.466369][ T9526] wg2: entered promiscuous mode [ 94.474674][ T9530] Cannot find del_set index 0 as target [ 94.489674][ T9526] A link change request failed with some changes committed already. Interface wg2 may have been left with an inconsistent configuration, please check. [ 94.557340][ T9540] loop6: detected capacity change from 0 to 128 [ 94.568038][ T9540] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 94.580866][ T9540] ext4 filesystem being mounted at /82/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 94.625688][ T8223] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 94.681072][ T9562] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0 [ 94.712416][ T9567] IPv6: NLM_F_CREATE should be specified when creating new route [ 94.994323][ T9616] xt_CT: You must specify a L4 protocol and not use inversions on it [ 95.012452][ T9618] bond1: entered promiscuous mode [ 95.017565][ T9618] bond1: entered allmulticast mode [ 95.023128][ T9618] 8021q: adding VLAN 0 to HW filter on device bond1 [ 95.151985][ T9639] __nla_validate_parse: 5 callbacks suppressed [ 95.152004][ T9639] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2744'. [ 95.161732][ T9641] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2745'. [ 95.167507][ T9639] netlink: 20 bytes leftover after parsing attributes in process `syz.5.2744'. [ 95.183020][ T9641] netlink: 32 bytes leftover after parsing attributes in process `syz.1.2745'. [ 95.310042][ T9655] loop5: detected capacity change from 0 to 1024 [ 95.316823][ T9655] EXT4-fs: Ignoring removed nobh option [ 95.322537][ T9655] EXT4-fs: Ignoring removed bh option [ 95.339543][ T9655] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 95.368411][ T7311] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 95.404825][ T9659] SELinux: failed to load policy [ 95.473335][ T9673] lo speed is unknown, defaulting to 1000 [ 95.701188][ T9712] x_tables: ip6_tables: tcpmss match: only valid for protocol 6 [ 95.751574][ T9722] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2782'. [ 95.761623][ T9721] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2781'. [ 95.771228][ T9718] wg2: entered promiscuous mode [ 95.778242][ T9718] A link change request failed with some changes committed already. Interface wg2 may have been left with an inconsistent configuration, please check. [ 96.263222][ T9813] sch_tbf: burst 3298 is lower than device lo mtu (65550) ! [ 96.480226][ T9840] loop6: detected capacity change from 0 to 128 [ 96.496454][ T9842] loop2: detected capacity change from 0 to 1024 [ 96.520843][ T9842] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 96.531903][ T9842] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 96.543112][ T9842] JBD2: no valid journal superblock found [ 96.549007][ T9842] EXT4-fs (loop2): Could not load journal inode [ 96.615949][ T9853] bio_check_eod: 114 callbacks suppressed [ 96.616003][ T9853] syz.2.2838: attempt to access beyond end of device [ 96.616003][ T9853] md33: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 96.751377][ T9872] loop4: detected capacity change from 0 to 2048 [ 96.815350][ T9872] Alternate GPT is invalid, using primary GPT. [ 96.815711][ T9887] xt_NFQUEUE: number of total queues is 0 [ 96.821726][ T9872] loop4: p2 p3 p7 [ 96.882286][ T9897] ip6gretap0: entered promiscuous mode [ 96.888012][ T9897] macsec1: entered allmulticast mode [ 96.893466][ T9897] ip6gretap0: entered allmulticast mode [ 96.901050][ T9897] ip6gretap0: left allmulticast mode [ 96.906503][ T9897] ip6gretap0: left promiscuous mode [ 96.984685][ T9911] tap0: tun_chr_ioctl cmd 1074025677 [ 97.001708][ T9911] tap0: linktype set to 778 [ 97.081414][ T9929] netlink: 'syz.6.2874': attribute type 25 has an invalid length. [ 97.141283][ T9939] loop2: detected capacity change from 0 to 512 [ 97.193334][ T9939] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 97.207518][ T9939] ext4 filesystem being mounted at /614/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 97.218115][ T9945] loop4: detected capacity change from 0 to 164 [ 97.235053][ T3321] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 97.249299][ T9945] syz.4.2882: attempt to access beyond end of device [ 97.249299][ T9945] loop4: rw=524288, sector=263328, nr_sectors = 4 limit=164 [ 97.272937][ T9945] syz.4.2882: attempt to access beyond end of device [ 97.272937][ T9945] loop4: rw=0, sector=263328, nr_sectors = 4 limit=164 [ 97.334268][ T9970] program syz.4.2893 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 97.343991][ T9970] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 97.356338][ T9974] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2895'. [ 97.408621][ T9978] loop6: detected capacity change from 0 to 1024 [ 97.428346][ T9983] ip6gretap0: entered promiscuous mode [ 97.434160][ T9983] macsec2: entered allmulticast mode [ 97.439530][ T9983] ip6gretap0: entered allmulticast mode [ 97.447391][ T9978] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 97.459688][ T9983] ip6gretap0: left allmulticast mode [ 97.465131][ T9983] ip6gretap0: left promiscuous mode [ 97.496823][ T8223] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 97.520443][ T9990] netlink: 'syz.4.2903': attribute type 17 has an invalid length. [ 97.528443][ T9990] netlink: 152 bytes leftover after parsing attributes in process `syz.4.2903'. [ 97.540508][ T9990] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 97.556157][ T3579] lo speed is unknown, defaulting to 1000 [ 97.592330][ T9998] netlink: 60 bytes leftover after parsing attributes in process `syz.1.2906'. [ 97.606286][ T9998] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2906'. [ 97.669007][T10008] syz.1.2912: attempt to access beyond end of device [ 97.669007][T10008] md33: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 97.692681][T10014] loop5: detected capacity change from 0 to 1024 [ 97.714933][T10014] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 97.782467][ T29] kauditd_printk_skb: 158 callbacks suppressed [ 97.782485][ T29] audit: type=1326 audit(2000000008.508:2020): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10032 comm="syz.1.2922" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f556641e929 code=0x7ffc0000 [ 97.817645][ T29] audit: type=1326 audit(2000000008.540:2021): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10032 comm="syz.1.2922" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f556641e929 code=0x7ffc0000 [ 97.857856][ T29] audit: type=1326 audit(2000000008.583:2022): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10032 comm="syz.1.2922" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f556641e929 code=0x7ffc0000 [ 97.890885][ T29] audit: type=1400 audit(2000000008.615:2023): avc: denied { mount } for pid=10031 comm="syz.2.2923" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 97.914075][ T7311] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 97.958565][ T29] audit: type=1326 audit(2000000008.626:2024): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10032 comm="syz.1.2922" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f556641e929 code=0x7ffc0000 [ 97.961505][T10045] xt_NFQUEUE: number of total queues is 0 [ 98.001083][ T29] audit: type=1326 audit(2000000008.733:2025): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10032 comm="syz.1.2922" exe="/root/syz-executor" sig=0 arch=c000003e syscall=84 compat=0 ip=0x7f556641e929 code=0x7ffc0000 [ 98.024771][ T29] audit: type=1326 audit(2000000008.733:2026): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10032 comm="syz.1.2922" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f556641e929 code=0x7ffc0000 [ 98.048539][ T29] audit: type=1326 audit(2000000008.733:2027): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10032 comm="syz.1.2922" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f556641e929 code=0x7ffc0000 [ 98.098273][T10054] netlink: 'syz.5.2933': attribute type 1 has an invalid length. [ 98.126400][ T29] audit: type=1326 audit(2000000008.862:2028): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10058 comm="syz.6.2935" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa88761e929 code=0x7ffc0000 [ 98.149969][ T29] audit: type=1326 audit(2000000008.862:2029): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10058 comm="syz.6.2935" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa88761e929 code=0x7ffc0000 [ 98.220757][T10073] SELinux: syz.2.2941 (10073) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace. [ 98.438679][T10116] x_tables: ip6_tables: mh match: only valid for protocol 135 [ 98.460517][T10113] loop6: detected capacity change from 0 to 1024 [ 98.487940][T10113] EXT4-fs (loop6): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 98.553713][T10113] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 98.575285][T10130] loop5: detected capacity change from 0 to 512 [ 98.638407][ T8223] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 98.658033][T10130] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 98.691077][T10130] ext4 filesystem being mounted at /278/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 98.721059][ T7311] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 98.750167][T10141] loop6: detected capacity change from 0 to 512 [ 98.759694][T10141] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode [ 98.775385][T10141] EXT4-fs (loop6): 1 truncate cleaned up [ 98.781672][T10141] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 98.897360][ T8223] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 98.954252][T10185] loop2: detected capacity change from 0 to 128 [ 98.964339][T10191] random: crng reseeded on system resumption [ 98.971477][T10185] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 98.991640][T10185] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 99.030776][ T56] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 99.072551][T10208] loop4: detected capacity change from 0 to 512 [ 99.106933][T10208] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 99.124287][T10208] ext4 filesystem being mounted at /650/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 99.162007][T10221] netlink: 'syz.5.3007': attribute type 6 has an invalid length. [ 99.190977][T10208] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 99.236484][ T3319] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 99.313186][T10248] loop5: detected capacity change from 0 to 1024 [ 99.323375][T10248] EXT4-fs (loop5): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 99.357185][T10248] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 99.391926][ T7311] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 99.415645][T10258] xt_CHECKSUM: CHECKSUM should be avoided. If really needed, restrict with "-p udp" and only use in OUTPUT [ 99.436844][T10258] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0' [ 99.986556][T10309] 9pnet: Could not find request transport: r [ 100.086124][T10328] loop2: detected capacity change from 0 to 512 [ 100.092932][T10328] journal_path: Lookup failure for './file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa' [ 100.112378][T10328] EXT4-fs: error: could not find journal device path [ 100.377590][T10368] loop4: detected capacity change from 0 to 512 [ 100.409396][T10368] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 100.433873][T10378] __nla_validate_parse: 12 callbacks suppressed [ 100.433894][T10378] netlink: 64 bytes leftover after parsing attributes in process `syz.2.3076'. [ 100.449828][T10368] ext4 filesystem being mounted at /659/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 100.488886][T10368] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #19: comm syz.4.3074: corrupted inode contents [ 100.525688][T10368] EXT4-fs (loop4): Remounting filesystem read-only [ 100.540972][T10368] EXT4-fs warning (device loop4): ext4_evict_inode:274: xattr delete (err -30) [ 100.567068][ T3319] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 100.638334][T10409] netlink: 'syz.6.3087': attribute type 1 has an invalid length. [ 100.721419][T10422] loop2: detected capacity change from 0 to 2048 [ 100.762503][T10422] Alternate GPT is invalid, using primary GPT. [ 100.768974][T10422] loop2: p1 p2 p3 [ 100.771636][T10433] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3099'. [ 101.202091][T10486] loop6: detected capacity change from 0 to 512 [ 101.217420][T10486] journal_path: Lookup failure for './file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa' [ 101.236954][T10486] EXT4-fs: error: could not find journal device path [ 101.481144][T10526] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 101.490721][T10526] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 101.502497][T10529] loop5: detected capacity change from 0 to 256 [ 101.512768][T10529] FAT-fs (loop5): error, clusters badly computed (0 != 128) [ 101.520232][T10529] FAT-fs (loop5): Filesystem has been set read-only [ 101.527842][T10529] FAT-fs (loop5): error, fat_bmap_cluster: request beyond EOF (i_pos 196) [ 101.543929][T10529] FAT-fs (loop5): error, fat_bmap_cluster: request beyond EOF (i_pos 196) [ 101.636407][T10549] lo speed is unknown, defaulting to 1000 [ 101.721891][T10561] loop5: detected capacity change from 0 to 512 [ 101.729101][T10561] EXT4-fs (loop5): mounting ext3 file system using the ext4 subsystem [ 101.748757][T10561] EXT4-fs (loop5): invalid journal inode [ 101.762836][T10561] EXT4-fs (loop5): can't get journal size [ 101.777065][T10559] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 101.802332][T10561] EXT4-fs (loop5): 1 truncate cleaned up [ 101.808591][T10561] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 101.846721][ T7311] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 101.984493][T10585] openvswitch: netlink: Message has 6 unknown bytes. [ 102.087793][T10606] netlink: 'syz.4.3180': attribute type 1 has an invalid length. [ 102.204671][T10627] netlink: 132 bytes leftover after parsing attributes in process `syz.4.3192'. [ 102.274634][T10640] loop5: detected capacity change from 0 to 512 [ 102.299744][T10640] EXT4-fs: Ignoring removed orlov option [ 102.306798][T10640] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 102.335396][T10640] EXT4-fs (loop5): orphan cleanup on readonly fs [ 102.349015][T10639] lo speed is unknown, defaulting to 1000 [ 102.360138][T10640] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.3197: bg 0: block 248: padding at end of block bitmap is not set [ 102.379416][T10640] EXT4-fs error (device loop5): ext4_acquire_dquot:6933: comm syz.5.3197: Failed to acquire dquot type 1 [ 102.391777][T10640] EXT4-fs (loop5): 1 truncate cleaned up [ 102.399824][T10640] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 102.435381][T10656] netlink: 16 bytes leftover after parsing attributes in process `syz.4.3203'. [ 102.470461][T10640] EXT4-fs (loop5): warning: mounting fs with errors, running e2fsck is recommended [ 102.488915][T10640] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000 r/w. [ 102.491876][T10663] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3206'. [ 102.506384][T10663] netlink: 'syz.4.3206': attribute type 20 has an invalid length. [ 102.513699][T10640] ext4 filesystem being remounted at /308/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 102.514272][T10663] netlink: 'syz.4.3206': attribute type 21 has an invalid length. [ 102.535908][ T29] kauditd_printk_skb: 143 callbacks suppressed [ 102.535924][ T29] audit: type=1400 audit(2000000013.604:2171): avc: denied { read write } for pid=3319 comm="syz-executor" name="loop4" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 102.566404][ T29] audit: type=1400 audit(2000000013.604:2172): avc: denied { open } for pid=3319 comm="syz-executor" path="/dev/loop4" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 102.599746][T10667] 9pnet_fd: Insufficient options for proto=fd [ 102.607420][ T29] audit: type=1400 audit(2000000013.604:2173): avc: denied { ioctl } for pid=3321 comm="syz-executor" path="/dev/loop2" dev="devtmpfs" ino=102 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 102.633087][ T29] audit: type=1400 audit(2000000013.668:2174): avc: denied { unmount } for pid=7311 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 102.643809][T10669] loop2: detected capacity change from 0 to 512 [ 102.652901][ T29] audit: type=1400 audit(2000000013.668:2175): avc: denied { read } for pid=10664 comm="syz.2.3208" name="ptp0" dev="devtmpfs" ino=246 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1 [ 102.682187][ T29] audit: type=1400 audit(2000000013.668:2176): avc: denied { open } for pid=10664 comm="syz.2.3208" path="/dev/ptp0" dev="devtmpfs" ino=246 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1 [ 102.705719][ T29] audit: type=1400 audit(2000000013.668:2177): avc: denied { ioctl } for pid=10664 comm="syz.2.3208" path="/dev/ptp0" dev="devtmpfs" ino=246 ioctlcmd=0x3d06 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1 [ 102.707090][ T7311] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 102.731041][ T29] audit: type=1400 audit(2000000013.668:2178): avc: denied { prog_load } for pid=10665 comm="syz.6.3207" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 102.731109][ T29] audit: type=1400 audit(2000000013.679:2179): avc: denied { bpf } for pid=10665 comm="syz.6.3207" capability=39 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 102.731137][ T29] audit: type=1400 audit(2000000013.679:2180): avc: denied { perfmon } for pid=10665 comm="syz.6.3207" capability=38 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 102.736377][T10669] EXT4-fs error (device loop2): ext4_iget_extra_inode:5035: inode #15: comm syz.2.3211: corrupted in-inode xattr: invalid ea_ino [ 102.821792][T10669] EXT4-fs error (device loop2): ext4_orphan_get:1398: comm syz.2.3211: couldn't read orphan inode 15 (err -117) [ 102.858759][T10669] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 102.888265][T10683] loop4: detected capacity change from 0 to 256 [ 102.919145][T10683] FAT-fs (loop4): error, clusters badly computed (0 != 128) [ 102.926644][T10683] FAT-fs (loop4): Filesystem has been set read-only [ 102.935009][ T3321] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 102.951720][ T3321] ================================================================== [ 102.952784][T10683] FAT-fs (loop4): error, fat_bmap_cluster: request beyond EOF (i_pos 196) [ 102.959844][ T3321] BUG: KCSAN: data-race in __lru_add_drain_all / folio_add_lru [ 102.975902][ T3321] [ 102.978248][ T3321] read-write to 0xffff888237d25e68 of 1 bytes by task 10681 on cpu 1: [ 102.986418][ T3321] folio_add_lru+0xa5/0x1f0 [ 102.990962][ T3321] shmem_get_folio_gfp+0x7ab/0xd60 [ 102.996363][ T3321] shmem_fault+0xf6/0x250 [ 103.000728][ T3321] __do_fault+0xbc/0x200 [ 103.005004][ T3321] handle_mm_fault+0xf78/0x2be0 [ 103.005793][T10683] FAT-fs (loop4): error, fat_bmap_cluster: request beyond EOF (i_pos 196) [ 103.009869][ T3321] __get_user_pages+0x1036/0x1fb0 [ 103.009898][ T3321] __mm_populate+0x243/0x3a0 [ 103.009918][ T3321] vm_mmap_pgoff+0x232/0x2e0 [ 103.032859][ T3321] ksys_mmap_pgoff+0xc2/0x310 [ 103.037608][ T3321] x64_sys_call+0x1602/0x2fb0 [ 103.042302][ T3321] do_syscall_64+0xd2/0x200 [ 103.046824][ T3321] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 103.052913][ T3321] [ 103.055253][ T3321] read to 0xffff888237d25e68 of 1 bytes by task 3321 on cpu 0: [ 103.062807][ T3321] __lru_add_drain_all+0x12b/0x3f0 [ 103.067943][ T3321] lru_add_drain_all+0x10/0x20 [ 103.072726][ T3321] invalidate_bdev+0x47/0x70 [ 103.077326][ T3321] ext4_put_super+0x624/0x7d0 [ 103.082014][ T3321] generic_shutdown_super+0xe6/0x210 [ 103.087308][ T3321] kill_block_super+0x2a/0x70 [ 103.092006][ T3321] ext4_kill_sb+0x42/0x80 [ 103.096343][ T3321] deactivate_locked_super+0x72/0x1c0 [ 103.101816][ T3321] deactivate_super+0x97/0xa0 [ 103.106514][ T3321] cleanup_mnt+0x269/0x2e0 [ 103.110938][ T3321] __cleanup_mnt+0x19/0x20 [ 103.115371][ T3321] task_work_run+0x12e/0x1a0 [ 103.119973][ T3321] exit_to_user_mode_loop+0xe4/0x100 [ 103.125287][ T3321] do_syscall_64+0x1d6/0x200 [ 103.129885][ T3321] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 103.135785][ T3321] [ 103.138108][ T3321] value changed: 0x17 -> 0x1b [ 103.142802][ T3321] [ 103.145127][ T3321] Reported by Kernel Concurrency Sanitizer on: [ 103.151281][ T3321] CPU: 0 UID: 0 PID: 3321 Comm: syz-executor Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(voluntary) [ 103.163869][ T3321] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 103.173930][ T3321] ================================================================== [ 103.225262][T10690] lo speed is unknown, defaulting to 1000