last executing test programs: 2.625321596s ago: executing program 2 (id=999): perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0) futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, 0x0, 0x0) capset(&(0x7f00000004c0)={0x20080522}, &(0x7f0000000500)={0x0, 0x2000, 0x0, 0x0, 0x0, 0x3cd}) futex(&(0x7f000000cffc), 0x3, 0x801, 0x0, &(0x7f0000000040), 0xfffffffc) mlock2(&(0x7f0000ff5000/0x9000)=nil, 0x9000, 0x0) mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil) syz_clone3(&(0x7f00000006c0)={0x102102180, 0x0, 0x0, 0x0, {0x40}, 0x0, 0x0, 0x0, 0x0}, 0x58) mlock2(&(0x7f0000495000/0x2000)=nil, 0x2000, 0x0) 2.433713208s ago: executing program 0 (id=1000): bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x45, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x38, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001240)={&(0x7f0000000200)='kfree\x00', r1, 0x0, 0xfffffffffffffffd}, 0x18) r2 = io_uring_setup(0x177d, &(0x7f00000002c0)={0x0, 0x3e12, 0x2, 0x2, 0x3b1}) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x8aa, 0x4}, 0x10040, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000180)={0x1, &(0x7f0000000140)=[{0x6, 0x8, 0x8, 0x8}]}) seccomp$SECCOMP_GET_ACTION_AVAIL(0x2, 0x0, 0x0) close_range(r2, 0xffffffffffffffff, 0x200000000000000) 1.781245857s ago: executing program 2 (id=1005): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000800000006"], 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r3 = socket(0x400000000010, 0x2, 0x0) r4 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r5, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0) sendmsg$nl_route_sched(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000001300)=@newtfilter={0x40, 0x2c, 0xd27, 0x70bd29, 0x2, {0x0, 0x0, 0x0, r5, {0xffff, 0xf}, {}, {0x7}}, [@filter_kind_options=@f_matchall={{0xd}, {0xc, 0x2, [@TCA_MATCHALL_FLAGS={0x8, 0x3, 0x2}]}}]}, 0x40}, 0x1, 0x0, 0x0, 0x10}, 0x0) 1.709932597s ago: executing program 4 (id=1006): mknod$loop(&(0x7f0000000080)='./file0\x00', 0x100000000000600d, 0x0) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15) r2 = dup(r1) write$P9_RLERRORu(r2, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53) perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x40, 0x1, 0x0, 0x0, 0x0, 0x8000, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000, 0x2, @perf_config_ext={0xf60, 0x40ffffffff}, 0x1100, 0x5, 0x3a65, 0x5, 0x0, 0x5, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_SET_OPTION(r2, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20) write$binfmt_elf64(r2, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2]) creat(&(0x7f0000000380)='./file0\x00', 0x181) 1.676980978s ago: executing program 2 (id=1007): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x10) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r3 = socket(0x400000000010, 0x3, 0x0) r4 = socket$unix(0x1, 0x5, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r5, {0x0, 0x5}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0) sendmsg$nl_route_sched(r3, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000580)=@newtfilter={0x4c, 0x2c, 0xd27, 0x70bd24, 0x25dfdbfc, {0x0, 0x0, 0x0, r5, {0xfff1, 0xfff3}, {}, {0x7, 0x2}}, [@filter_kind_options=@f_bpf={{0x8}, {0x20, 0x2, [@TCA_BPF_FLAGS_GEN={0x8, 0x9, 0x2}, @TCA_BPF_OPS={{0x6, 0x4, 0x1}, {0xc, 0x5, [{0x6, 0xd, 0x5, 0x4}]}}]}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x48c8}, 0x20004804) 1.613743599s ago: executing program 2 (id=1008): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x3, &(0x7f0000000600)=@framed={{0x18, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x0, 0x0, 0x10}}, &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5df6, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10) futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0) futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0) futex(&(0x7f000000cffc), 0x1, 0x800001, 0x0, 0x0, 0x0) mlock2(&(0x7f0000ff5000/0x9000)=nil, 0x9000, 0x0) mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x6a855000) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) 1.598275349s ago: executing program 4 (id=1009): bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x7f, 0x7ffc0002}]}) bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) creat(&(0x7f00000005c0)='./file0\x00', 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffe28, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x3000010, &(0x7f0000000000)={[{@errors_remount}, {@nobh}]}, 0x1, 0x513, &(0x7f0000000380)="$eJzs3d9rY1kdAPDvvW1mOzNdk1WRdcF1cVc6i07Sbt3dIqLriz4tqOv7WNu0lCZNadJ1Whbt4H8ggoJPPvki+AcIwzz4B8jAgL6ID6KiiM7og6DOlSQ3TidN2rrTNp3m84HTnHPvzf2ec0NO7o/TewMYWy9FxFsRMRERr0ZEMZ+e5in2uqm93IP77y21UxJZ9s5fk0jyab11tcuTEXE1f9tURHztyxHfTA7Gbe7sri/WatWtvFxp1TcrzZ3d62v1xdXqanVjfn7ujYU3F15fmM1yT9TOUi/zky99/vanv/W7G3++9u12tT73kShEXztOUrfphc626Glvo63TCDYCE3l7CqOuCAAAx9Lex/9gRHyis/9fjInO3lyfiVHUDAAAADgp2Rem499JRAYAAABcWGlETEeSlvOxANORppfycwMfjitprdFsfWqlsb2x3J4XUYpCurJWq87mY4VLUUja5bl8jG2v/FpfeT4inouI7xcvd8rlpUZtecTnPgAAAGBcXO07/v9HMe3kjzbg/wQAAACA86s0tAAAAABcFA75AQAA4OLrP/6/PaJ6AAAAAKfiK2+/3U5Z7/nXy+/ubK833r2+XG2ul+vbS+WlxtZmebXRWO3cs69+1PpqjcbmZ2Jj+2alVW22Ks2d3Rv1xvZG68baY4/ABgAAAM7Qcx+/8+skIvY+e7mTIr8PIMBj/jDqCgAnaWLUFQBGxl28YXwVRl0BYOSSI+YbvAMAAE+/mY8evP7fe/6/cwNwsRnrAwDjx/V/GF8FIwBhrKUR8YFu9plhywy9/v/L40bJsoi7xf1TnF8EAICzNd1JSVrOjwOmI03L5YhnI9JSFJKVtVp1Nj8++FWx8Ey7PNd5Z3LkmGEAAAAAAAAAAAAAAAAAAAAAAAAAoCvLksgAAACACy0i/VPSuZt/xEzxlen+8wOXkn8W44954Ufv/ODmYqu1Ndee/rfOs7wuRUTrh/n014Y+PgwAAAA4acne0Fnd4/T8de5MawUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAGHhw/72lXjrLuH/5YkSUBsWfjKnO61QUIuLK35OY3Pe+JCImTiD+3q2IeH5Q/CQeZllWymvRHz+NiMunHL/U2TTD4189gfgwzu60+5+3Bn3/0nip8zr4+zeZpyc1vP9L88jPd/q5Qf3fswfWVh8Y44V7P6sMjX8r4oXJwf1Pr/9NhsR/+cDa/pVl2cEY3/j67u6w+NmPI2YG/v4kj8WqtOqblebO7vW1+uJqdbW6MT8/98bCmwuvL8xWVtZq1fzvwBjf+9jPHx7W/isD4v/2N93+97D2vzJspX3+c+/m/Q91s4VB8a+9PPD3dyqGxE/z375P5vn2/Jlefq+b3+/Fn9598bD2Lw/Z/kd9/teO2f5Xv/rd3x9zUQDgDDR3dtcXa7Xq1iGZqWMs8zRmfjF1Lqrxf2ay73Q/ufNSn/ebae+tPprSa9U5qNi+THZmsSbinDT5f5mRdksAAMApeLTTP+qaAAAAAAAAAAAAAAAAAAAAwPg6i9uJ9cfcG01TAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAO9d8AAAD//ysA4A0=") setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2e, &(0x7f0000000240)={0x22c, {{0xa, 0x4e21, 0x2, @mcast2, 0x1}}, {{0xa, 0x4e22, 0x1ff, @private1, 0x9}}}, 0x108) syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x0, &(0x7f00000002c0)={[{@noauto_da_alloc}, {@jqfmt_vfsold}, {@noquota}, {@norecovery}, {}]}, 0x1, 0x4be, &(0x7f0000000540)="$eJzs3ctrW1caAPBPUvyMZ/KYYUgyMAlkIPMglh8MsWdmM6uZWQSGCXTTQuraiutatowlp7EJ1Gl3WXRRWlooXXRZ6D/QbppVQ6F03e5LFiWlTV1oCwUVXUmO/JArGjsC398PbnTuOTf6zrH4jq+OrnUDSK1ztX8yEUMR8UlEHKvvbj3gXP1h48HN6dqWiWr1yleZ5LjafvPQ5v87GhHrEdEfEf//d8QzmZ1xy6tr81PFYmG5sZ+vLCzly6trF+cWpmYLs4XF0YlLk5MTI+Njk/s21tsvP3f78vv/7X33u5fu333lww9q3RpqtLWOYz/Vh94TJ1rqjkTEPw8iWBfkGuMZ6HZH+EVqr99vIuJ8kv/HIpe8mkAaVKvV6o/VvnbN61Xg0Mom58CZ7HBE1MvZ7PBw/Rz+tzGYLZbKlb9eK60sztTPlY9HT/baXLEw0nivcDx6MrX90aT8cH9s2/54RHIO/GpuINkfni4VZx7vVAdsc3Rb/n+bq+c/kBLe8kN6yX9IL/kP6SX/Ib3kP6SX/If0kv+QXvIf0kv+Q3rJf0gv+Q+p9L/Ll2tbtfn37zPXV1fmS9cvzhTK88MLK9PD06XlGJ4t9b3X2fMVS6Wl0b/Fyo18pVCu5Mura1cXSiuLlatzC1OzvVHoOeDxAJ07cfbOZ5mIWP/7QLLV9Dba5CocbtUX6t8BAKRPrtsTENA1lv4gvbzHB3b5it4t+ts1LD1S1J8LCxygbLc7AHTNhdM+/4O0sv4P6WX9H9Jr6zm+swFIo+6s/wPdZP0f0muo5f4/mZb7f/2q5d5dIxHx64j4NNfT17zXF3AYZL/INHL/wrE/Dm1v7c18nywK9EbE829eef3GVKWyPFqr/3qzvvJGvb63G90HOpbk71jj0S9yAEi1jQc3p5vbZuXxg4/75b/qFyHsjH+ksTbZn3xGObiR2XKtQmafrl1YvxURp3aLn2nc77z+ycfgRm5H/JONx0z9KZL+Hknum/4o8e+902n80y3x/9AS/8wj/1QgHe7U5p+R3fI/m+R0bObf1vlnaJ+uj24//2U3579cm/nvbIcxnn3rxXtt49+KOLNr/Ga8/iTW9vi1vl3oMP79p574Xbu26tv159ktflOtlK8sLOXLq2sX5xamZguzhcXRiUuTkxMj42OT+WSNOt9cqd7pH6c+vrvX+AfbxN9r/LW6P3c4/h9+/9GT5/aI/6fzu7/+J/eIPxARf+kw/jdjnz/drq0Wf6bN+LPb47cs8NXqxjuMX37tP30dHgoAPAbl1bX5qWKxsKygoKCwWej2zAQctIdJ3+2eAAAAAAAAAAAAAJ16HJcTd3uMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACHwU8BAAD//zAx0oQ=") 1.582534339s ago: executing program 0 (id=1010): r0 = socket(0x11, 0x3, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000005c0)={'gre0\x00', 0x0}) bind$packet(r0, &(0x7f0000000180)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @remote}, 0x14) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r4}, 0x10) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000000)=0xe9, 0x4) sendmsg$netlink(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="020114008cdc18000e3580009f000114600000060600ac141414e0000003808a8972bd0b72e41082b1a3d206"], 0xdd12}], 0x1}, 0x20044051) 1.560897899s ago: executing program 0 (id=1011): bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000ebff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000540)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000280), 0x401, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r2, 0x0, 0x0) sendmsg$NFT_BATCH(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[], 0x74}, 0x1, 0x0, 0x0, 0x4000004}, 0x0) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000001c0)=ANY=[@ANYBLOB="b0000000000805000000000000000000030000002c00048008000140000000050800014000000004080001400000000308000140c000000008000140000000090600024000f900000500030011000000060002407b1500000900010073797a300000000005000300840000000500030021000000060002408802400000000408000740000000040800014000008000080009400000000008000a40000000070600024089149300"/176], 0xb0}, 0x1, 0x0, 0x0, 0x20048000}, 0x4804) 1.149221234s ago: executing program 4 (id=1016): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000001900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000020000008500000082"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0xbb) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000540)='inet_sock_set_state\x00', r2}, 0x10) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000540)='inet_sock_set_state\x00', r3}, 0x18) listen(r1, 0x3) 1.126967235s ago: executing program 4 (id=1017): prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, 0x0, &(0x7f0000000440)) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r2}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) process_mrelease(0xffffffffffffffff, 0x0) 733.63342ms ago: executing program 2 (id=1018): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4) connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000000c0), 0x4) setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000500)=@gcm_128={{0x303}, "a959fc5ec5071900", "8e083700daf38a6d69e9b5e9c2f133d7", "e2739528", "12772541f8ebfebb"}, 0x28) setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000040)=0xffffffffffffffff, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='freezer.state\x00', 0x275a, 0x0) write$cgroup_int(r1, &(0x7f0000000000), 0xffffff6a) sendfile(r0, r1, 0x0, 0xffffffff004) 733.32777ms ago: executing program 4 (id=1019): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000640)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x10003, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x81}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffb16, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1, 0x0, 0x200000000200}, 0x18) syz_clone(0x630c1100, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28012, r2, 0x0) kexec_load(0x0, 0x1, &(0x7f0000000140)=[{0x0, 0x3e00, 0x116094000, 0x41000000}], 0x0) 732.80479ms ago: executing program 0 (id=1028): syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000480)='./file0\x00', 0x8080, &(0x7f0000000040)={[{@norecovery}, {@dioread_nolock}, {@sysvgroups}, {@lazytime}]}, 0xee, 0x49b, &(0x7f0000000a40)="$eJzs3EtsG0UYAOB/HefVBw2lPFpaCJRHBTRp0gc9cAGBxAEkJDgUcQppWpWmDWqCRKsICodyRJW4I45I3JE4wQUBB4TEFe6oUoVyaeG0aO1d10ls5+XGLf4+yc7M7joz/85OdjJjO4CuNZw9JRHbIuKPiNhRzS4+YLj64+bC/OQ/C/OTSaTpm38nleNuLMxPFocWr9tazaRpRH+W7G9Q7pV3Iiamp6cu5PnRuXPvj85evHTwzLmJ01Onp86PHz9+5PC+vmPjRyv70yb1710hvlL+M4vrxp6PZvbufvXtq69Pnrj67s/fZPXdlu+vj2Nd0uU1HK6e3aUezZ6e3FBhd5Rfs6ftdRuScvODRzahQqxeT0SUa/0oiZ4YrO3bEa982sGqAbdZmqZpo/tz1N23U+B/KtG/oUsV9/rs/9/isTkjjzvD9Rcj4mCeWZifvFmLv1ybO+hd8v9tOw1HxInL/36ZPaId8xAAACv4Phv/PNdo/FeKB+qOuydfQxmKiHsjYmdE3BcRuyLi/ojKsQ9GnHtojeUvXSFZPv4pXVtXYKuUjf9eyNe2bi4a/xWjvxjqyXPbK/H3JqfOTE8dys/Jgejtz/JjLcr44eXfPy/SA0v21Y//skdWfjEWzOtxrbxkgu7kxNxEJZGm6ccbCz+ufxKxp9wo/iSKZZwkInZHxJ51lnHmma/3Ntu3cvwttFhnWq30q4inq+1/efH4/1ZTJfXrk4MRUVufHHv+2PjR0YGYnjo0WlwVy/3y25U3mpW/ofjbIGv/LQ2v/9oq8FAyEDF78dLZynrt7NrLuPLnZ3V9etHqchZ/6duINV//fclblXRfvu3Dibm5C2MRfclry7eP33ptkS+Oz+I/sL9x/99ZV+OHIyK7iPdFxCP5Im7Wdo9FxOMRsb9F/D+99MR7zfY1b/9ms/LtdT0/US3bP+rbf+2JnrM/ftes/OF8DTLy89C4/Y9UUgfyLbW/fy2stoLrOmkAAABwlylV3gOflEZq6VJpZKT6Hv5dsaU0PTM79+ypmQ/On6y+V34oekvFTNeOuvnQsXxuuMiPL8kfzueNv+gZrORHJmemT3Y6eOhyW5v0/8xfPZ2uHXDbtWEdDbhL6f/QvfR/6F76P3Qv/R+6V6P+v9EPFgB3B/d/6F6V/v/U5U5XA+gA93/oXvo/dKWmn40vbegj/00TSbt/YcNE8d0Jm1HWyoniuyg2vfTBdb98YOVTF6XOntWuSZSXtUWU21pEf8NdHfyjBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0Eb/BQAA///i5tKw") r0 = bpf$MAP_CREATE(0x0, &(0x7f0000003200)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x7, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) getrandom(0x0, 0x0, 0x0) setxattr$security_capability(0x0, &(0x7f0000000280), 0x0, 0x0, 0x0) lsetxattr$security_capability(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), &(0x7f00000006c0)=@v3={0x3000000, [{0x3, 0x2}, {0x9, 0x56}], 0xee01}, 0x18, 0x0) lgetxattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000280)=ANY=[], 0x0, 0x0) 648.434501ms ago: executing program 3 (id=1021): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000000e00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r0, 0x0, 0xff}, 0x18) r1 = socket$inet_smc(0x2b, 0x1, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r2}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20) bpf$PROG_LOAD(0x5, 0x0, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x23, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000140)='mm_page_alloc\x00', r3}, 0x10) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000580)=@raw={'raw\x00', 0x8, 0x3, 0x4d0, 0x0, 0x25, 0x148, 0x340, 0x60, 0x438, 0x2a8, 0x2a8, 0x438, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0x2f8, 0x340, 0x0, {0x200003ae, 0x7f00}, [@common=@inet=@hashlimit1={{0x58}, {'geneve0\x00', {0x44, 0x0, 0x9, 0x0, 0x0, 0xffffffff, 0x7}}}, @common=@unspec=@bpf1={{0x230, 'bpf\x00', 0x0}, @pinned={0x1, 0x0, 0x6, './file0\x00'}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x6, 'syz0\x00'}}}, {{@ip={@broadcast, @multicast1, 0x0, 0x0, 'veth1_to_bond\x00', 'veth0\x00', {0xff}}, 0x0, 0xd0, 0xf8, 0x0, {}, [@common=@unspec=@cgroup0={{0x28}, {0x4}}, @common=@unspec=@statistic={{0x38}}]}, @common=@unspec=@MARK={0x28, 'MARK\x00', 0x2, {0x9, 0x8001}}}], {{'\x00', 0xc8, 0x70, 0x98}, {0x28}}}}, 0x530) 647.772411ms ago: executing program 0 (id=1022): openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000100), 0x0) r0 = socket$qrtr(0x2a, 0x2, 0x0) connect$qrtr(r0, &(0x7f0000000040)={0x2a, 0xffffffffffffffff, 0xfffffffe}, 0xc) r1 = syz_io_uring_setup(0xd2, &(0x7f0000000480)={0x0, 0xb7dc, 0x800, 0x80000000}, &(0x7f0000000040)=0x0, &(0x7f0000000080)=0x0) r4 = io_uring_setup(0x36dc, &(0x7f00000001c0)) close_range(r4, 0xffffffffffffffff, 0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r2, r3, &(0x7f0000000200)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}) syz_open_procfs(0x0, &(0x7f00000001c0)='fd/3\x00') io_uring_enter(r1, 0x47ba, 0x1000000, 0x0, 0x0, 0x0) 573.084952ms ago: executing program 3 (id=1024): prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00') r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873f1a103c87f69"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x41) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000380)='mm_page_free\x00', r0, 0x0, 0xfffffffffffffffe}, 0x18) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x275a, 0x0) write$binfmt_script(r1, &(0x7f0000000540), 0x84) mmap$IORING_OFF_SQ_RING(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x12, r1, 0x0) perf_event_open(&(0x7f00000004c0)={0x8, 0x80, 0x0, 0xc, 0x0, 0x0, 0x82, 0x200000000, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000080), 0x9}, 0x18204, 0x0, 0x3, 0x0, 0x0, 0x5338c7af, 0x0, 0x0, 0x0, 0x0, 0x2}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0) mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x1e, 0x12, r2, 0x0) 518.252883ms ago: executing program 0 (id=1026): socket$packet(0x11, 0xa, 0x300) r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4000, @void, @value}, 0x94) r1 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r2}, &(0x7f0000000180), &(0x7f00000001c0)=r1}, 0x20) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0x560b0000, &(0x7f0000000000)="259a53f271a76d2688ca4c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48) 515.911193ms ago: executing program 1 (id=1038): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000000e00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r0, 0x0, 0xff}, 0x18) r1 = socket$inet_smc(0x2b, 0x1, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r2}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20) bpf$PROG_LOAD(0x5, 0x0, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x23, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000140)='mm_page_alloc\x00', r3}, 0x10) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000580)=@raw={'raw\x00', 0x8, 0x3, 0x4d0, 0x0, 0x25, 0x148, 0x340, 0x60, 0x438, 0x2a8, 0x2a8, 0x438, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0x2f8, 0x340, 0x0, {0x200003ae, 0x7f00}, [@common=@inet=@hashlimit1={{0x58}, {'geneve0\x00', {0x44, 0x0, 0x9, 0x0, 0x0, 0xffffffff, 0x7}}}, @common=@unspec=@bpf1={{0x230, 'bpf\x00', 0x0}, @pinned={0x1, 0x0, 0x6, './file0\x00'}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x6, 'syz0\x00'}}}, {{@ip={@broadcast, @multicast1, 0x0, 0x0, 'veth1_to_bond\x00', 'veth0\x00', {0xff}}, 0x0, 0xd0, 0xf8, 0x0, {}, [@common=@unspec=@cgroup0={{0x28}, {0x4}}, @common=@unspec=@statistic={{0x38}}]}, @common=@unspec=@MARK={0x28, 'MARK\x00', 0x2, {0x9, 0x8001}}}], {{'\x00', 0xc8, 0x70, 0x98}, {0x28}}}}, 0x530) 467.880283ms ago: executing program 4 (id=1027): connect$inet(0xffffffffffffffff, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TIOCMIWAIT(r2, 0x545c, 0x0) ioctl$TIOCVHANGUP(r2, 0x5437, 0x0) openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x44880, 0x0) 465.981953ms ago: executing program 1 (id=1030): r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x400}, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000080)='kfree\x00', r2, 0x0, 0x4}, 0x18) r3 = fsopen(&(0x7f0000001340)='cgroup2\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0) fsmount(r3, 0x0, 0x0) 404.845344ms ago: executing program 3 (id=1031): r0 = socket$inet6(0xa, 0x800000000000002, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000700)=@base={0x1, 0x4, 0x7fe2, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10) rename(0x0, 0x0) capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000}) setrlimit(0x40000000000008, &(0x7f0000000000)) setsockopt$sock_linger(r0, 0x1, 0x3c, &(0x7f0000000600)={0x200000000000001, 0x3}, 0x8) sendto$inet6(r0, 0x0, 0x0, 0x4c880, &(0x7f0000000540)={0xa, 0x4e20, 0x0, @loopback, 0x100}, 0x1c) sendmmsg$inet6(r0, &(0x7f00000004c0)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000180)='\x00', 0x1}], 0x1}}], 0x2, 0x404c484) 385.582254ms ago: executing program 1 (id=1032): socket$nl_generic(0x10, 0x3, 0x10) r0 = socket$inet6(0xa, 0x80002, 0x0) setsockopt$sock_linger(r0, 0x1, 0x3c, &(0x7f0000000100)={0x200000000000001}, 0x8) r1 = socket$can_j1939(0x1d, 0x2, 0x7) r2 = socket$igmp(0x2, 0x3, 0x2) ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f00000000c0)={'vcan0\x00', 0x0}) bind$can_j1939(r1, &(0x7f0000000100)={0x1d, r3, 0x1, {}, 0xff}, 0x18) sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={0x0}, 0x1, 0x0, 0x0, 0x4000}, 0x0) setsockopt$sock_int(r1, 0x1, 0x6, &(0x7f0000000040)=0x1, 0x4) connect$can_j1939(r1, &(0x7f0000000200)={0x1d, r3, 0x0, {0x2, 0x0, 0x4}, 0xfd}, 0x18) 321.719475ms ago: executing program 1 (id=1033): syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000480)='./file0\x00', 0x8080, &(0x7f0000000040)={[{@norecovery}, {@dioread_nolock}, {@sysvgroups}, {@lazytime}]}, 0xee, 0x49b, &(0x7f0000000a40)="$eJzs3EtsG0UYAOB/HefVBw2lPFpaCJRHBTRp0gc9cAGBxAEkJDgUcQppWpWmDWqCRKsICodyRJW4I45I3JE4wQUBB4TEFe6oUoVyaeG0aO1d10ls5+XGLf4+yc7M7joz/85OdjJjO4CuNZw9JRHbIuKPiNhRzS4+YLj64+bC/OQ/C/OTSaTpm38nleNuLMxPFocWr9tazaRpRH+W7G9Q7pV3Iiamp6cu5PnRuXPvj85evHTwzLmJ01Onp86PHz9+5PC+vmPjRyv70yb1710hvlL+M4vrxp6PZvbufvXtq69Pnrj67s/fZPXdlu+vj2Nd0uU1HK6e3aUezZ6e3FBhd5Rfs6ftdRuScvODRzahQqxeT0SUa/0oiZ4YrO3bEa982sGqAbdZmqZpo/tz1N23U+B/KtG/oUsV9/rs/9/isTkjjzvD9Rcj4mCeWZifvFmLv1ybO+hd8v9tOw1HxInL/36ZPaId8xAAACv4Phv/PNdo/FeKB+qOuydfQxmKiHsjYmdE3BcRuyLi/ojKsQ9GnHtojeUvXSFZPv4pXVtXYKuUjf9eyNe2bi4a/xWjvxjqyXPbK/H3JqfOTE8dys/Jgejtz/JjLcr44eXfPy/SA0v21Y//skdWfjEWzOtxrbxkgu7kxNxEJZGm6ccbCz+ufxKxp9wo/iSKZZwkInZHxJ51lnHmma/3Ntu3cvwttFhnWq30q4inq+1/efH4/1ZTJfXrk4MRUVufHHv+2PjR0YGYnjo0WlwVy/3y25U3mpW/ofjbIGv/LQ2v/9oq8FAyEDF78dLZynrt7NrLuPLnZ3V9etHqchZ/6duINV//fclblXRfvu3Dibm5C2MRfclry7eP33ptkS+Oz+I/sL9x/99ZV+OHIyK7iPdFxCP5Im7Wdo9FxOMRsb9F/D+99MR7zfY1b/9ms/LtdT0/US3bP+rbf+2JnrM/ftes/OF8DTLy89C4/Y9UUgfyLbW/fy2stoLrOmkAAABwlylV3gOflEZq6VJpZKT6Hv5dsaU0PTM79+ypmQ/On6y+V34oekvFTNeOuvnQsXxuuMiPL8kfzueNv+gZrORHJmemT3Y6eOhyW5v0/8xfPZ2uHXDbtWEdDbhL6f/QvfR/6F76P3Qv/R+6V6P+v9EPFgB3B/d/6F6V/v/U5U5XA+gA93/oXvo/dKWmn40vbegj/00TSbt/YcNE8d0Jm1HWyoniuyg2vfTBdb98YOVTF6XOntWuSZSXtUWU21pEf8NdHfyjBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0Eb/BQAA///i5tKw") r0 = bpf$MAP_CREATE(0x0, &(0x7f0000003200)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x7, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) getrandom(0x0, 0x0, 0x0) setxattr$security_capability(0x0, &(0x7f0000000280), 0x0, 0x0, 0x0) lsetxattr$security_capability(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), &(0x7f00000006c0)=@v3={0x3000000, [{0x3, 0x2}, {0x9, 0x56}], 0xee01}, 0x18, 0x0) lgetxattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000280)=ANY=[], 0x0, 0x0) 321.554675ms ago: executing program 3 (id=1034): socket$nl_route(0x10, 0x3, 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) pipe2(&(0x7f0000000040)={0xffffffffffffffff}, 0x0) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) r3 = epoll_create(0x8) epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r2, &(0x7f0000000040)={0xf6c447fee59251f4}) pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0) close_range(r1, r2, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x1}}, [@NFT_MSG_NEWCHAIN={0x14, 0x3, 0xa, 0x101, 0x0, 0x0, {0x1, 0x0, 0x4}}], {0x14}}, 0x3c}}, 0x0) 285.713366ms ago: executing program 2 (id=1035): syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000001240)='./file0\x00', 0x10, &(0x7f0000000a80)=ANY=[@ANYBLOB="00e789da34e04a1ffbc2f05cefeb4ee6d5ae1071124b2c2fb684f5c7ac05000000c7880f67e775c748f6381a3e01e7f93330b30b90bbb4d2b697899a16f2df4fa2a8f06ac2c5352ddcae2b83672ef3d9f532e55f4e798924ac6332751e737383f6890d2dcfcbdbd41940a64c7b4374674e7bb6dd0d1b8d3d62f6d77b0282e166e2ce4c353d2d4d315a81146bf46a1508ef0d2ddc7d0b447fe17b85b292d13cea2256a16cab12d75a852bc680da7ea837480feb2e0500001e0000000000003bc18c52d0351cd285197b0641569048b5b416ba1c570000000000100083794afff0a9eed63b1226b18c4b455ab222d7ae1be52a22e8ec8bf2c0c7d99770415863f50aa18bcb66061a29bc55105f3482ed752f882d224a386b51836c1b437036b677156e22e174ff516dbab0b2cdf52bee43c4ffffffffffffffffd9487b8663a339b98df63b4bf3e97f02d6f1e7e65f968dd90841506355d9ac40f1b434c8a9b5bd91a70c53a5aadbebd9ed9d0a55bd47a967163e0c02753f8895bfbf1b41b5490667c241068d59983ae1d0f03e650f5357425284b76d793e25a2558fa437e38b8200000000630000000000000000000000000000000000000000000000e911000000000066e073c14bb74617079e0b6ecfc830db14244567fd8f4e4e5903eaf983786e28295783f130b95dc37f59a658000e88047db7783ce8a9cba6c255902cfb83946ea3f5f7a8cee911b2b37ae4b01e65ea86d5ea7ae17b2a9bc250c9b8fc9fbc04617939bdd13457954172d18701768f8a461bee740f2d82ae566d2e30a93ad2b201a6d16a93c75a950cc437e7f25d3aadddb8edd028d84490b6bafd636aa4fb482a8a4b3987dafe58e742448c4b36b03790090198145dee533257bb9050554f8cace210a5bc5c768f83e99019f7c00ff9ca679768dbba3f7d21c545c99c2f7688f7030fe37121d625d1f81018feb74c9d48eebdf1702550b097271ab9bd38c62f4b31fd9482c05ba0", @ANYRES16=0x0], 0xff, 0x11dc, &(0x7f0000001280)="$eJzs3MGLG1UcB/Bf19rW1N2sWqstiA+96GVo9uBFL0G2IA0obSO0gjB1JxoyJiETFiJi9eTVv0M8ehPEm1724t/gbS8eexBHTNR2l3hYdDewfD6X/OD3vuQ9BgbeMG/23/jq40Gvynr5NNbOnIm1cUR6kCLFWvzt83j19R9/euHWnbs32p3O9s2Urrdvt15LKW28+P17n37z0g/Ti+9+u/Hd+djbfH//161f9i7vXdn//fZH/Sr1qzQcTVOe7o1G0/xeWaSdfjXIUnqnLPKqSP1hVUwO9HvlaDyepXy4s94YT4qqSvlwlgbFLE1HaTqZpfzDvD9MWZal9UbwX3S/flDXdURdPx7noq7r+oloxMV4MtZjI5qxGU/F0/FMXIpn43I8F8/HlfmoVc8bAAAAAAAAAAAAAAAAAAAAThfn/wEAAAAAAAAAAAAAAAAAAGD1bt25e6Pd6WzfTOlCRPnlbne3u/hd9Nu96EcZRVyLZvwW89P/C4v6+lud7WtpbjO+KO//lb+/233sYL41/5zA0nxrkU8H8+ej8Wh+K5pxaXl+a2n+Qrzy8iP5LJrx8wcxijJ24s/sw/xnrZTefLtzKH91Pg4AAABOgyz9Y+n+Pcv+rb/IH+H5wKH99dm4ena1ayeimn0yyMuymBxbcS6O/S8UCsX/XKz6zsRJeHjRVz0TAAAAAAAAAAAAjuIkXidc9RoBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA/2IFjAQAAAABh/tZpdGwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBVAAAA//8xgdSv") bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={0x0}, 0x18) perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x5}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0x0, 0xffffffffffffffff, 0x9) open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x88882, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x0) write(r1, &(0x7f0000004200)='t', 0x1) sendfile(r1, r0, 0x0, 0x3ffff) sendfile(r1, r0, 0x0, 0x7ffff000) 218.174207ms ago: executing program 3 (id=1036): r0 = socket(0x10, 0x803, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={0x0}, 0x18) ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f00000002c0)={'team_slave_0\x00', &(0x7f0000000040)=@ethtool_stats}) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000140)={'veth0_to_team\x00', &(0x7f0000000280)=@ethtool_channels={0x3d, 0x0, 0x0, 0x0, 0x4, 0x2, 0x1}}) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000002c0)={'veth0_to_team\x00', &(0x7f0000000000)=@ethtool_cmd={0x2c, 0x6, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}}) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000f80)=ANY=[@ANYBLOB="0500000004000000080000000b"], 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2, 0x0, 0x10000002}, 0x18) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000040)={'veth0_to_team\x00', 0x800}) 130.765247ms ago: executing program 3 (id=1037): r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000400)='io_uring_create\x00', r2}, 0x18) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000400)='io_uring_create\x00', r3}, 0x18) io_uring_setup(0x1de0, &(0x7f00000000c0)={0x0, 0x45d6, 0x0, 0x0, 0x0, 0x0, r3}) 118.021117ms ago: executing program 1 (id=1048): socket$nl_route(0x10, 0x3, 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) pipe2(&(0x7f0000000040)={0xffffffffffffffff}, 0x0) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) r3 = epoll_create(0x8) epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r2, &(0x7f0000000040)={0xf6c447fee59251f4}) pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0) close_range(r1, r2, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x1}}, [@NFT_MSG_NEWCHAIN={0x14, 0x3, 0xa, 0x101, 0x0, 0x0, {0x1, 0x0, 0x4}}], {0x14}}, 0x3c}}, 0x0) 0s ago: executing program 1 (id=1039): bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, 0x0) socket$kcm(0x2, 0xa, 0x2) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3f, 0x1, 0x0, 0x0, 0x0, 0x7, 0x590, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @perf_bp={0x0, 0xd}, 0x20608c, 0x2, 0x0, 0x9, 0x4, 0x3, 0xb, 0x0, 0x6e, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x533c, &(0x7f00000002c0)={0x0, 0xfffffffe, 0x2, 0x2}, &(0x7f00000000c0), &(0x7f0000000080)) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000002c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) kexec_load(0xf5, 0x1, &(0x7f0000000b80)=[{&(0x7f0000000300)="33c7", 0x2, 0x0, 0x401000}], 0x0) kernel console output (not intermixed with test programs): has an invalid length. [ 35.881914][ T3677] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 35.937633][ T3681] loop3: detected capacity change from 0 to 2048 [ 36.010662][ T3681] Alternate GPT is invalid, using primary GPT. [ 36.010796][ T3681] loop3: p1 p2 p3 [ 36.400113][ T3726] ªªªªªª: renamed from vlan0 (while UP) [ 36.508241][ T3734] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 36.508409][ T3734] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 36.839336][ T3743] loop0: detected capacity change from 0 to 512 [ 36.859859][ T3743] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 36.928094][ T3743] ext4 filesystem being mounted at /20/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 37.092925][ T3303] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 37.163678][ T3750] syz.0.123 uses obsolete (PF_INET,SOCK_PACKET) [ 37.251553][ T3752] loop1: detected capacity change from 0 to 164 [ 37.259664][ T3752] iso9660: Unknown parameter '0177777777777777777777718446744073709551615ÿÿ18446744073709551615' [ 37.744910][ T3781] loop1: detected capacity change from 0 to 512 [ 37.766967][ T3781] EXT4-fs: Ignoring removed nobh option [ 37.907849][ T3781] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 38.027783][ T3781] EXT4-fs error (device loop1): ext4_do_update_inode:5211: inode #16: comm syz.1.133: corrupted inode contents [ 38.043273][ T3781] EXT4-fs (loop1): Remounting filesystem read-only [ 38.051095][ T29] kauditd_printk_skb: 188 callbacks suppressed [ 38.051111][ T29] audit: type=1400 audit(1745520468.601:330): avc: denied { map } for pid=3790 comm="syz.3.136" path="/dev/bus/usb/006/001" dev="devtmpfs" ino=162 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1 [ 38.053821][ T3791] vhci_hcd: invalid port number 96 [ 38.086647][ T3791] vhci_hcd: default hub control req: 0000 vfffc i0060 l0 [ 38.095699][ T3781] EXT4-fs (loop1): 1 truncate cleaned up [ 38.101957][ T3781] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 38.116993][ T1751] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 38.127577][ T1751] Quota error (device loop1): write_blk: dquota write failed [ 38.134965][ T1751] Quota error (device loop1): remove_free_dqentry: Can't write block (5) with free entries [ 38.145063][ T1751] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 38.155918][ T1751] Quota error (device loop1): write_blk: dquota write failed [ 38.163512][ T1751] Quota error (device loop1): free_dqentry: Can't move quota data block (5) to free list [ 38.177047][ T3781] ext4 filesystem being mounted at /38/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 38.188331][ T3781] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 38.197519][ T1751] EXT4-fs (loop1): Quota write (off=8, len=24) cancelled because transaction is not started [ 38.207720][ T1751] Quota error (device loop1): v2_write_file_info: Can't write info structure [ 38.216991][ T1751] Quota error (device loop1): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 38.240916][ T29] audit: type=1326 audit(1745520468.791:331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3780 comm="syz.1.133" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fc0721cd2d0 code=0x7ffc0000 [ 38.270646][ T29] audit: type=1326 audit(1745520468.791:332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3780 comm="syz.1.133" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fc0721ce56b code=0x7ffc0000 [ 38.293938][ T29] audit: type=1326 audit(1745520468.791:333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3780 comm="syz.1.133" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fc0721cd5ca code=0x7ffc0000 [ 38.317647][ T3781] loop1: detected capacity change from 0 to 512 [ 38.332027][ T3781] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 38.370466][ T3781] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 38.383257][ T3781] ext4 filesystem being mounted at /38/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 38.396126][ T3781] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 38.479011][ T3808] ref_ctr increment failed for inode: 0xe0 offset: 0x9 ref_ctr_offset: 0x82 of mm: 0xffff888100058b00 [ 38.524839][ T3807] uprobe: syz.1.143:3807 failed to unregister, leaking uprobe [ 38.617135][ T3820] random: crng reseeded on system resumption [ 38.822927][ T3837] sd 0:0:1:0: device reset [ 39.064847][ T3846] loop3: detected capacity change from 0 to 512 [ 39.078547][ T3846] EXT4-fs: Mount option(s) incompatible with ext3 [ 39.183258][ T3850] smc: net device bond0 applied user defined pnetid SYZ0 [ 39.190934][ T3850] smc: net device bond0 erased user defined pnetid SYZ0 [ 39.331629][ T3858] ip6gre1: entered allmulticast mode [ 39.397992][ T3860] loop3: detected capacity change from 0 to 8192 [ 39.440526][ T3858] syz.2.165 (3858) used greatest stack depth: 10864 bytes left [ 39.609593][ T3875] bridge0: entered promiscuous mode [ 39.615750][ T3875] macvlan0: entered promiscuous mode [ 39.640015][ T3875] bridge0: port 3(macvlan0) entered blocking state [ 39.646707][ T3875] bridge0: port 3(macvlan0) entered disabled state [ 39.654212][ T3875] macvlan0: entered allmulticast mode [ 39.659772][ T3875] bridge0: entered allmulticast mode [ 39.666203][ T3875] macvlan0: left allmulticast mode [ 39.671438][ T3875] bridge0: left allmulticast mode [ 39.693103][ T3875] bridge0: left promiscuous mode [ 39.889368][ T3899] capability: warning: `syz.4.176' uses deprecated v2 capabilities in a way that may be insecure [ 39.968657][ T3906] loop2: detected capacity change from 0 to 128 [ 39.997868][ T3909] loop1: detected capacity change from 0 to 128 [ 40.032671][ T3909] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 40.049981][ T3906] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 40.079768][ T3906] ext4 filesystem being mounted at /36/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 40.118458][ T3909] ext4 filesystem being mounted at /46/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 40.242345][ T3909] EXT4-fs error (device loop1): htree_dirblock_to_tree:1082: inode #2: block 4: comm syz.1.180: bad entry in directory: inode out of bounds - offset=1012, inode=128, rec_len=12, size=1024 fake=1 [ 40.302266][ T3312] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 40.315285][ T3309] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 40.410935][ T3934] loop1: detected capacity change from 0 to 512 [ 40.452043][ T3934] EXT4-fs (loop1): orphan cleanup on readonly fs [ 40.462146][ T3934] EXT4-fs error (device loop1): ext4_orphan_get:1416: comm syz.1.184: bad orphan inode 13 [ 40.498452][ T3934] ext4_test_bit(bit=12, block=18) = 1 [ 40.503940][ T3934] is_bad_inode(inode)=0 [ 40.508176][ T3934] NEXT_ORPHAN(inode)=2130706432 [ 40.513074][ T3934] max_ino=32 [ 40.516267][ T3934] i_nlink=1 [ 40.635330][ T3934] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 40.689897][ T3866] syz.3.164 (3866) used greatest stack depth: 10824 bytes left [ 40.780422][ T3309] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 40.864795][ T3945] loop3: detected capacity change from 0 to 128 [ 40.917426][ T3945] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 40.930839][ T3945] ext4 filesystem being mounted at /36/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 40.948226][ T3947] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=3947 comm=syz.1.187 [ 40.960658][ T3947] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=3947 comm=syz.1.187 [ 40.974187][ T3912] syz.4.181 (3912) used greatest stack depth: 10784 bytes left [ 41.018401][ T3311] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 41.151603][ T3955] sch_tbf: burst 4398 is lower than device lo mtu (11337746) ! [ 41.189006][ T3955] syz.2.191 (3955) used greatest stack depth: 8848 bytes left [ 41.282979][ T3962] loop2: detected capacity change from 0 to 512 [ 41.295423][ T3962] EXT4-fs: Mount option(s) incompatible with ext3 [ 41.329607][ T3965] loop0: detected capacity change from 0 to 128 [ 41.355554][ T3965] syz.0.197: attempt to access beyond end of device [ 41.355554][ T3965] loop0: rw=2049, sector=225, nr_sectors = 16 limit=128 [ 41.370077][ T3965] syz.0.197: attempt to access beyond end of device [ 41.370077][ T3965] loop0: rw=2049, sector=249, nr_sectors = 16 limit=128 [ 41.385717][ T3965] syz.0.197: attempt to access beyond end of device [ 41.385717][ T3965] loop0: rw=2049, sector=273, nr_sectors = 8 limit=128 [ 41.400595][ T3965] syz.0.197: attempt to access beyond end of device [ 41.400595][ T3965] loop0: rw=2049, sector=289, nr_sectors = 8 limit=128 [ 41.414177][ T3965] syz.0.197: attempt to access beyond end of device [ 41.414177][ T3965] loop0: rw=2049, sector=305, nr_sectors = 8 limit=128 [ 41.430818][ T3965] syz.0.197: attempt to access beyond end of device [ 41.430818][ T3965] loop0: rw=2049, sector=321, nr_sectors = 8 limit=128 [ 41.484621][ T3965] syz.0.197: attempt to access beyond end of device [ 41.484621][ T3965] loop0: rw=2049, sector=337, nr_sectors = 8 limit=128 [ 41.505074][ T3965] syz.0.197: attempt to access beyond end of device [ 41.505074][ T3965] loop0: rw=2049, sector=353, nr_sectors = 8 limit=128 [ 41.519887][ T3965] syz.0.197: attempt to access beyond end of device [ 41.519887][ T3965] loop0: rw=2049, sector=369, nr_sectors = 8 limit=128 [ 41.568288][ T3971] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=3971 comm=syz.3.198 [ 41.580838][ T3971] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=3971 comm=syz.3.198 [ 41.612947][ T3965] syz.0.197: attempt to access beyond end of device [ 41.612947][ T3965] loop0: rw=2049, sector=385, nr_sectors = 8 limit=128 [ 41.764801][ T3990] __nla_validate_parse: 1 callbacks suppressed [ 41.764851][ T3990] netlink: 96 bytes leftover after parsing attributes in process `syz.2.208'. [ 41.832144][ T3999] netlink: 4 bytes leftover after parsing attributes in process `syz.2.211'. [ 41.848953][ T4001] mmap: syz.4.212 (4001) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 41.852086][ T3999] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 41.869712][ T3999] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 41.878573][ T3999] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 41.887385][ T3999] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 41.896518][ T4003] netlink: 4 bytes leftover after parsing attributes in process `syz.3.213'. [ 41.930872][ T3999] netdevsim netdevsim2 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 41.939846][ T3999] netdevsim netdevsim2 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 41.948736][ T3999] netdevsim netdevsim2 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 41.957672][ T3999] netdevsim netdevsim2 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 41.971623][ T4003] netlink: 12 bytes leftover after parsing attributes in process `syz.3.213'. [ 42.063298][ T4007] tipc: Started in network mode [ 42.068253][ T4007] tipc: Node identity 8e07e4ed8e21, cluster identity 4711 [ 42.075512][ T4007] tipc: Enabled bearer , priority 0 [ 42.085111][ T4006] tipc: Resetting bearer [ 42.110616][ T4006] tipc: Disabling bearer [ 42.253259][ T4020] netlink: 8 bytes leftover after parsing attributes in process `syz.4.221'. [ 42.289454][ T4022] tipc: New replicast peer: 10.1.1.2 [ 42.294850][ T4022] tipc: Enabled bearer , priority 10 [ 42.689262][ T4052] loop4: detected capacity change from 0 to 512 [ 42.696209][ T4052] EXT4-fs: Ignoring removed oldalloc option [ 42.702888][ T4052] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 42.729660][ T4052] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 42.737920][ T4052] EXT4-fs (loop4): orphan cleanup on readonly fs [ 42.744646][ T4052] EXT4-fs warning (device loop4): ext4_expand_extra_isize_ea:2848: Unable to expand inode 11. Delete some EAs or run e2fsck. [ 42.759067][ T4052] EXT4-fs (loop4): 1 truncate cleaned up [ 42.765275][ T4052] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 42.837776][ T3304] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 42.890723][ T4057] loop4: detected capacity change from 0 to 8192 [ 42.903136][ T4060] veth0_vlan: entered allmulticast mode [ 42.971427][ T4064] loop2: detected capacity change from 0 to 128 [ 43.019096][ T4060] veth0_vlan: left promiscuous mode [ 43.024347][ T4060] veth0_vlan: entered promiscuous mode [ 43.072523][ T4066] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 43.160021][ T4066] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 43.239951][ T4066] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 43.287766][ T29] kauditd_printk_skb: 127 callbacks suppressed [ 43.287781][ T29] audit: type=1400 audit(1745520473.841:461): avc: denied { read } for pid=4077 comm="syz.2.246" name="loop-control" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1 [ 43.318154][ T29] audit: type=1400 audit(1745520473.841:462): avc: denied { open } for pid=4077 comm="syz.2.246" path="/dev/loop-control" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1 [ 43.342638][ T29] audit: type=1400 audit(1745520473.841:463): avc: denied { ioctl } for pid=4077 comm="syz.2.246" path="/dev/loop-control" dev="devtmpfs" ino=99 ioctlcmd=0x4c81 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1 [ 43.368699][ T29] audit: type=1400 audit(1745520473.891:464): avc: denied { read } for pid=4077 comm="syz.2.246" name="snapshot" dev="devtmpfs" ino=90 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1 [ 43.370915][ T4066] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 43.406911][ T36] tipc: Node number set to 2548973 [ 43.443701][ T4066] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 43.455135][ T4066] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 43.466267][ T4066] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 43.478545][ T4066] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 43.549588][ T29] audit: type=1400 audit(1745520474.101:465): avc: denied { write } for pid=4085 comm="syz.0.248" lport=17 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 43.584249][ T29] audit: type=1400 audit(1745520474.121:466): avc: denied { read } for pid=4085 comm="syz.0.248" lport=17 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 43.604463][ T29] audit: type=1400 audit(1745520474.121:467): avc: denied { read } for pid=4083 comm="syz.4.249" name="event2" dev="devtmpfs" ino=245 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1 [ 43.627442][ T29] audit: type=1400 audit(1745520474.121:468): avc: denied { open } for pid=4083 comm="syz.4.249" path="/dev/input/event2" dev="devtmpfs" ino=245 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1 [ 43.654555][ T29] audit: type=1400 audit(1745520474.181:469): avc: denied { create } for pid=4083 comm="syz.4.249" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 43.675074][ T29] audit: type=1400 audit(1745520474.181:470): avc: denied { write } for pid=4083 comm="syz.4.249" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 43.809281][ T4099] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 43.945527][ T4114] netlink: 'syz.0.262': attribute type 10 has an invalid length. [ 43.954969][ T4114] bridge0: port 2(bridge_slave_1) entered disabled state [ 43.969957][ T4114] bridge_slave_1: left allmulticast mode [ 43.975715][ T4114] bridge_slave_1: left promiscuous mode [ 43.981512][ T4114] bridge0: port 2(bridge_slave_1) entered disabled state [ 44.012783][ T4112] loop4: detected capacity change from 0 to 512 [ 44.020044][ T4112] EXT4-fs: Ignoring removed nobh option [ 44.028230][ T4114] bond0: (slave bridge_slave_1): Enslaving as an active interface with an up link [ 44.045119][ T4112] EXT4-fs error (device loop4): ext4_do_update_inode:5211: inode #16: comm syz.4.261: corrupted inode contents [ 44.068872][ T4117] tipc: Started in network mode [ 44.073826][ T4117] tipc: Node identity 5e1f5703ec16, cluster identity 4711 [ 44.081019][ T4117] tipc: Enabled bearer , priority 0 [ 44.089017][ T4115] tipc: Resetting bearer [ 44.097999][ T4112] EXT4-fs (loop4): Remounting filesystem read-only [ 44.117487][ T4115] tipc: Disabling bearer [ 44.123496][ T4112] EXT4-fs (loop4): 1 truncate cleaned up [ 44.129867][ T4112] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 44.142490][ T4112] ext4 filesystem being mounted at /55/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 44.154361][ T1682] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 44.160183][ T4112] SELinux: inode_doinit_use_xattr: getxattr returned 117 for dev=loop4 ino=15 [ 44.164988][ T1682] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 44.184396][ T1682] EXT4-fs (loop4): Quota write (off=8, len=24) cancelled because transaction is not started [ 44.247452][ T4112] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 44.292332][ T4137] netlink: 8 bytes leftover after parsing attributes in process `syz.2.270'. [ 44.394326][ T4143] loop4: detected capacity change from 0 to 512 [ 44.430347][ T4143] EXT4-fs error (device loop4): ext4_orphan_get:1390: inode #15: comm syz.4.273: iget: bad extended attribute block 1 [ 44.473063][ T4143] EXT4-fs error (device loop4): ext4_orphan_get:1395: comm syz.4.273: couldn't read orphan inode 15 (err -117) [ 44.528264][ T4143] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 44.543594][ T4143] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 7934 vs 220 free clusters [ 44.583512][ T3304] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 44.604177][ T4153] loop2: detected capacity change from 0 to 512 [ 44.605516][ T4151] syz.3.276 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 44.611233][ T4153] EXT4-fs: Ignoring removed orlov option [ 44.628706][ T4153] EXT4-fs error (device loop2): ext4_iget_extra_inode:4693: inode #15: comm syz.2.277: corrupted in-inode xattr: invalid ea_ino [ 44.642254][ T4153] EXT4-fs error (device loop2): ext4_orphan_get:1395: comm syz.2.277: couldn't read orphan inode 15 (err -117) [ 44.656571][ T4153] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 44.708020][ T4164] process 'syz.4.282' launched './file0' with NULL argv: empty string added [ 44.748886][ T3312] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 44.794734][ T4172] loop2: detected capacity change from 0 to 1024 [ 44.812713][ T4168] infiniband syz0: set active [ 44.817529][ T4168] infiniband syz0: added bond0 [ 44.823861][ T4172] EXT4-fs: Ignoring removed nomblk_io_submit option [ 44.834587][ T4168] RDS/IB: syz0: added [ 44.839919][ T4168] smc: adding ib device syz0 with port count 1 [ 44.846313][ T4168] smc: ib device syz0 port 1 has pnetid [ 44.890989][ T4172] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 45.147072][ T4172] EXT4-fs (loop2): shut down requested (0) [ 45.154168][ T4198] netlink: 96 bytes leftover after parsing attributes in process `syz.1.296'. [ 45.193237][ T3312] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 45.286445][ T4214] netlink: 'syz.3.304': attribute type 1 has an invalid length. [ 45.303336][ T4214] 8021q: adding VLAN 0 to HW filter on device bond1 [ 45.324580][ T4218] loop1: detected capacity change from 0 to 512 [ 45.335240][ T4218] EXT4-fs: Ignoring removed oldalloc option [ 45.341640][ T4219] netlink: 24 bytes leftover after parsing attributes in process `syz.2.298'. [ 45.359359][ T4218] EXT4-fs error (device loop1): ext4_xattr_inode_iget:433: comm syz.1.305: Parent and EA inode have the same ino 15 [ 45.372829][ T4214] bond1: (slave veth3): Enslaving as an active interface with a down link [ 45.384004][ T4221] ip6gretap1: entered promiscuous mode [ 45.391041][ T4218] EXT4-fs (loop1): Remounting filesystem read-only [ 45.397683][ T4218] EXT4-fs warning (device loop1): ext4_expand_extra_isize_ea:2848: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 45.410682][ T4218] EXT4-fs warning (device loop1): ext4_evict_inode:262: couldn't mark inode dirty (err -30) [ 45.433523][ T4221] bond1: (slave ip6gretap1): making interface the new active one [ 45.444271][ T4221] bond1: (slave ip6gretap1): Enslaving as an active interface with an up link [ 45.454772][ T4218] EXT4-fs (loop1): 1 orphan inode deleted [ 45.463258][ T4218] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 45.515686][ T3309] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 45.613261][ T4230] netlink: 24 bytes leftover after parsing attributes in process `syz.0.310'. [ 45.658308][ T4236] tipc: Started in network mode [ 45.663297][ T4236] tipc: Node identity de5449cb2ad2, cluster identity 4711 [ 45.670554][ T4236] tipc: Enabled bearer , priority 0 [ 45.678526][ T4239] netlink: 96 bytes leftover after parsing attributes in process `syz.4.312'. [ 45.702126][ T4236] tipc: Disabling bearer [ 45.773673][ T4248] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 45.792668][ T4248] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 45.928797][ T4263] ip6gre1: entered allmulticast mode [ 46.027191][ T4267] SELinux: ebitmap: truncated map [ 46.032951][ T4267] SELinux: failed to load policy [ 46.044176][ T4265] tipc: Started in network mode [ 46.049089][ T4265] tipc: Node identity 2ec86a8ace54, cluster identity 4711 [ 46.056295][ T4265] tipc: Enabled bearer , priority 0 [ 46.064244][ T4264] tipc: Resetting bearer [ 46.081545][ T4264] tipc: Disabling bearer [ 46.145511][ T4271] pim6reg1: entered promiscuous mode [ 46.150936][ T4271] pim6reg1: entered allmulticast mode [ 46.253345][ T4288] loop2: detected capacity change from 0 to 512 [ 46.277744][ T4288] EXT4-fs (loop2): orphan cleanup on readonly fs [ 46.287995][ T4288] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.337: bg 0: block 248: padding at end of block bitmap is not set [ 46.327621][ T4288] EXT4-fs error (device loop2): ext4_acquire_dquot:6935: comm syz.2.337: Failed to acquire dquot type 1 [ 46.371435][ T4288] EXT4-fs (loop2): 1 truncate cleaned up [ 46.394992][ T4288] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 46.489113][ T4288] EXT4-fs error (device loop2): ext4_lookup:1793: inode #2: comm syz.2.337: deleted inode referenced: 12 [ 46.518446][ T3312] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 46.732108][ T4301] random: crng reseeded on system resumption [ 46.911185][ T4308] loop2: detected capacity change from 0 to 512 [ 46.920450][ T4308] EXT4-fs: Ignoring removed oldalloc option [ 46.964118][ T4308] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a84ee02c, mo2=0002] [ 47.048641][ T4308] System zones: 1-12 [ 47.124160][ T4308] EXT4-fs (loop2): 1 truncate cleaned up [ 47.150757][ T4308] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 47.284259][ T4320] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 47.368845][ T4320] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 47.430706][ T4320] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 47.499321][ T4320] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 47.799375][ T23] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 47.827341][ T23] hid-generic 0000:0000:0000.0001: hidraw0: HID v0.00 Device [syz1] on syz0 [ 47.932273][ T3312] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 48.023330][ T4340] pim6reg1: entered promiscuous mode [ 48.028717][ T4340] pim6reg1: entered allmulticast mode [ 48.148248][ T4343] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4343 comm=syz.2.357 [ 48.196420][ T4313] syz.0.346 (4313) used greatest stack depth: 7128 bytes left [ 48.275582][ T4320] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.297395][ T4320] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.320618][ T4320] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.347816][ T4320] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.404189][ T4352] loop1: detected capacity change from 0 to 512 [ 48.421305][ T4352] EXT4-fs error (device loop1): ext4_iget_extra_inode:4693: inode #15: comm syz.1.360: corrupted in-inode xattr: invalid ea_ino [ 48.444486][ T4352] EXT4-fs error (device loop1): ext4_orphan_get:1395: comm syz.1.360: couldn't read orphan inode 15 (err -117) [ 48.465796][ T4352] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 48.680002][ T4350] netlink: 185 bytes leftover after parsing attributes in process `syz.4.361'. [ 48.685017][ T3309] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 48.740962][ T4364] ªªªªªª: renamed from vlan0 (while UP) [ 48.799397][ T4370] loop3: detected capacity change from 0 to 128 [ 48.876839][ T4379] bio_check_eod: 18 callbacks suppressed [ 48.882680][ T4379] syz.3.368: attempt to access beyond end of device [ 48.882680][ T4379] loop3: rw=2049, sector=153, nr_sectors = 8 limit=128 [ 48.896811][ T4379] syz.3.368: attempt to access beyond end of device [ 48.896811][ T4379] loop3: rw=2049, sector=169, nr_sectors = 8 limit=128 [ 48.916070][ T4379] syz.3.368: attempt to access beyond end of device [ 48.916070][ T4379] loop3: rw=2049, sector=185, nr_sectors = 8 limit=128 [ 48.940801][ T4379] syz.3.368: attempt to access beyond end of device [ 48.940801][ T4379] loop3: rw=2049, sector=201, nr_sectors = 8 limit=128 [ 48.971314][ T4379] syz.3.368: attempt to access beyond end of device [ 48.971314][ T4379] loop3: rw=2049, sector=217, nr_sectors = 8 limit=128 [ 48.988875][ T29] kauditd_printk_skb: 153 callbacks suppressed [ 48.988892][ T29] audit: type=1326 audit(1745520479.541:616): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4384 comm="syz.1.375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc0721ce969 code=0x7ffc0000 [ 49.003188][ T4379] syz.3.368: attempt to access beyond end of device [ 49.003188][ T4379] loop3: rw=2049, sector=233, nr_sectors = 8 limit=128 [ 49.018361][ T29] audit: type=1326 audit(1745520479.541:617): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4384 comm="syz.1.375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc0721ce969 code=0x7ffc0000 [ 49.054918][ T29] audit: type=1326 audit(1745520479.541:618): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4384 comm="syz.1.375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7fc0721ce969 code=0x7ffc0000 [ 49.055352][ T4379] syz.3.368: attempt to access beyond end of device [ 49.055352][ T4379] loop3: rw=2049, sector=249, nr_sectors = 8 limit=128 [ 49.078337][ T29] audit: type=1326 audit(1745520479.541:619): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4384 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc0721ce969 code=0x7ffc0000 [ 49.078368][ T29] audit: type=1326 audit(1745520479.541:620): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4384 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc0721ce969 code=0x7ffc0000 [ 49.085526][ T29] audit: type=1326 audit(1745520479.581:621): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4384 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc0721ce969 code=0x7ffc0000 [ 49.160091][ T29] audit: type=1326 audit(1745520479.581:622): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4384 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc0721ce969 code=0x7ffc0000 [ 49.182899][ T29] audit: type=1326 audit(1745520479.581:623): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4384 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc0721ce969 code=0x7ffc0000 [ 49.205654][ T29] audit: type=1326 audit(1745520479.591:624): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4384 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc0721ce969 code=0x7ffc0000 [ 49.251927][ T4379] syz.3.368: attempt to access beyond end of device [ 49.251927][ T4379] loop3: rw=2049, sector=265, nr_sectors = 8 limit=128 [ 49.280476][ T4379] syz.3.368: attempt to access beyond end of device [ 49.280476][ T4379] loop3: rw=2049, sector=281, nr_sectors = 8 limit=128 [ 49.307284][ T4379] syz.3.368: attempt to access beyond end of device [ 49.307284][ T4379] loop3: rw=2049, sector=297, nr_sectors = 8 limit=128 [ 49.423492][ T4394] loop2: detected capacity change from 0 to 2048 [ 49.434694][ T29] audit: type=1326 audit(1745520479.781:625): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4384 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc0721ce969 code=0x7ffc0000 [ 49.532236][ T4394] loop2: p1 < > p4 [ 49.536681][ T4394] loop2: p4 size 8388608 extends beyond EOD, truncated [ 49.671264][ T4422] loop4: detected capacity change from 0 to 512 [ 49.681468][ T4422] EXT4-fs: Ignoring removed oldalloc option [ 49.690435][ T4422] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a84ee02c, mo2=0002] [ 49.700330][ T4422] System zones: 1-12 [ 49.705148][ T4422] EXT4-fs (loop4): 1 truncate cleaned up [ 49.754298][ T4422] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 50.160699][ T4461] netlink: 4 bytes leftover after parsing attributes in process `syz.2.403'. [ 50.175058][ T4461] netlink: 12 bytes leftover after parsing attributes in process `syz.2.403'. [ 50.283564][ T4465] tipc: Enabled bearer , priority 0 [ 50.292650][ T4464] tipc: Resetting bearer [ 50.336675][ T4464] tipc: Disabling bearer [ 50.372978][ T4443] syz.0.392 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000 [ 50.383970][ T4443] CPU: 1 UID: 0 PID: 4443 Comm: syz.0.392 Not tainted 6.15.0-rc3-syzkaller-00076-ge72e9e693307 #0 PREEMPT(voluntary) [ 50.383997][ T4443] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 50.384014][ T4443] Call Trace: [ 50.384022][ T4443] [ 50.384031][ T4443] dump_stack_lvl+0xf6/0x150 [ 50.384060][ T4443] dump_stack+0x15/0x1a [ 50.384079][ T4443] dump_header+0x83/0x2d0 [ 50.384105][ T4443] oom_kill_process+0x341/0x4c0 [ 50.384183][ T4443] out_of_memory+0x9d1/0xc20 [ 50.384211][ T4443] mem_cgroup_out_of_memory+0x13f/0x190 [ 50.384242][ T4443] try_charge_memcg+0x5f1/0x890 [ 50.384304][ T4443] charge_memcg+0x50/0xc0 [ 50.384398][ T4443] mem_cgroup_swapin_charge_folio+0xd0/0x150 [ 50.384515][ T4443] __read_swap_cache_async+0x207/0x3b0 [ 50.384560][ T4443] swap_cluster_readahead+0x27f/0x400 [ 50.384599][ T4443] swapin_readahead+0xe6/0x6f0 [ 50.384708][ T4443] ? swap_cache_get_folio+0x77/0x210 [ 50.384748][ T4443] do_swap_page+0x31c/0x2510 [ 50.384778][ T4443] ? __rcu_read_lock+0x36/0x50 [ 50.384801][ T4443] ? __pfx_default_wake_function+0x10/0x10 [ 50.384830][ T4443] handle_mm_fault+0x8ed/0x2e80 [ 50.384895][ T4443] ? mas_walk+0x204/0x320 [ 50.384917][ T4443] ? __rcu_read_unlock+0x4e/0x70 [ 50.384948][ T4443] exc_page_fault+0x3b9/0x6a0 [ 50.384974][ T4443] asm_exc_page_fault+0x26/0x30 [ 50.385019][ T4443] RIP: 0033:0x7fb3d994e8c6 [ 50.385038][ T4443] Code: fb e8 9e 03 02 00 85 c0 b8 00 00 00 00 48 0f 45 d8 48 89 d8 5b c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 83 ec 28 31 f6 <64> 48 8b 04 25 28 00 00 00 48 89 44 24 18 31 c0 89 f8 48 69 c0 83 [ 50.385056][ T4443] RSP: 002b:00007ffcb92ad160 EFLAGS: 00010246 [ 50.385075][ T4443] RAX: 000000000000c47a RBX: 00007fb3d9b75fa0 RCX: 000000000000c350 [ 50.385089][ T4443] RDX: 000000000000012a RSI: 0000000000000000 RDI: 00000000000003e8 [ 50.385103][ T4443] RBP: 00007fb3d9b77ba0 R08: 0000000011c4ea27 R09: 7fffffffffffffff [ 50.385117][ T4443] R10: 00007fb3d9b48038 R11: 0000000000000010 R12: 000000000000c62a [ 50.385131][ T4443] R13: 00007fb3d9b76080 R14: ffffffffffffffff R15: 00007ffcb92ad2a0 [ 50.385186][ T4443] [ 50.385295][ T4443] memory: usage 307200kB, limit 307200kB, failcnt 307 [ 50.597514][ T4443] memory+swap: usage 130756kB, limit 9007199254740988kB, failcnt 0 [ 50.605558][ T4443] kmem: usage 127500kB, limit 9007199254740988kB, failcnt 0 [ 50.605574][ T4443] Memory cgroup stats for /syz0: [ 50.605855][ T4443] cache 0 [ 50.605865][ T4443] rss 0 [ 50.605872][ T4443] shmem 0 [ 50.605877][ T4443] mapped_file 0 [ 50.605909][ T4443] dirty 0 [ 50.605915][ T4443] writeback 0 [ 50.605996][ T4443] workingset_refault_anon 59 [ 50.606005][ T4443] workingset_refault_file 136 [ 50.606014][ T4443] swap 204800 [ 50.606076][ T4443] swapcached 0 [ 50.606084][ T4443] pgpgin 37951 [ 50.606092][ T4443] pgpgout 37951 [ 50.606099][ T4443] pgfault 47445 [ 50.606106][ T4443] pgmajfault 52 [ 50.606114][ T4443] inactive_anon 0 [ 50.606122][ T4443] active_anon 0 [ 50.606129][ T4443] inactive_file 0 [ 50.606137][ T4443] active_file 0 [ 50.606143][ T4443] unevictable 0 [ 50.606150][ T4443] hierarchical_memory_limit 314572800 [ 50.606160][ T4443] hierarchical_memsw_limit 9223372036854771712 [ 50.606170][ T4443] total_cache 0 [ 50.606182][ T4443] total_rss 0 [ 50.606189][ T4443] total_shmem 0 [ 50.606197][ T4443] total_mapped_file 0 [ 50.606204][ T4443] total_dirty 0 [ 50.606210][ T4443] total_writeback 0 [ 50.606216][ T4443] total_workingset_refault_anon 59 [ 50.606223][ T4443] total_workingset_refault_file 136 [ 50.606265][ T4443] total_swap 204800 [ 50.606273][ T4443] total_swapcached 0 [ 50.606281][ T4443] total_pgpgin 37951 [ 50.606288][ T4443] total_pgpgout 37951 [ 50.606296][ T4443] total_pgfault 47445 [ 50.606304][ T4443] total_pgmajfault 52 [ 50.606312][ T4443] total_inactive_anon 0 [ 50.606320][ T4443] total_active_anon 0 [ 50.606328][ T4443] total_inactive_file 0 [ 50.606336][ T4443] total_active_file 0 [ 50.606344][ T4443] total_unevictable 0 [ 50.606352][ T4443] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz.0.392,pid=4443,uid=0 [ 50.606593][ T4443] Memory cgroup out of memory: Killed process 4443 (syz.0.392) total-vm:95796kB, anon-rss:1060kB, file-rss:22308kB, shmem-rss:0kB, UID:0 pgtables:124kB oom_score_adj:1000 [ 50.608642][ T3304] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 50.795476][ T4488] netlink: 4 bytes leftover after parsing attributes in process `syz.4.415'. [ 50.799229][ T4488] netlink: 12 bytes leftover after parsing attributes in process `syz.4.415'. [ 51.006225][ T4498] tipc: Started in network mode [ 51.011246][ T4498] tipc: Node identity 327b26bd4c85, cluster identity 4711 [ 51.018729][ T4498] tipc: Enabled bearer , priority 0 [ 51.025631][ T4509] veth0_vlan: entered allmulticast mode [ 51.036518][ T4497] tipc: Resetting bearer [ 51.051082][ T4497] tipc: Disabling bearer [ 51.061344][ T4509] veth0_vlan: left promiscuous mode [ 51.066596][ T4509] veth0_vlan: entered promiscuous mode [ 51.107810][ T4513] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 51.170730][ T4513] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 51.220020][ T4513] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 51.239289][ T4526] netlink: 4 bytes leftover after parsing attributes in process `syz.1.432'. [ 51.248788][ T4526] netlink: 12 bytes leftover after parsing attributes in process `syz.1.432'. [ 51.275541][ T4513] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 51.327387][ T4530] loop1: detected capacity change from 0 to 512 [ 51.334001][ T4530] EXT4-fs: Ignoring removed oldalloc option [ 51.341533][ T4530] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 51.347998][ T4513] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 51.352234][ T4530] EXT4-fs (loop1): revision level too high, forcing read-only mode [ 51.367875][ T4530] EXT4-fs (loop1): orphan cleanup on readonly fs [ 51.369768][ T4513] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 51.384723][ T4530] EXT4-fs warning (device loop1): ext4_expand_extra_isize_ea:2848: Unable to expand inode 11. Delete some EAs or run e2fsck. [ 51.403043][ T4513] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 51.411410][ T4530] EXT4-fs (loop1): 1 truncate cleaned up [ 51.422310][ T4513] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 51.430964][ T4530] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 51.512758][ T4514] syz.2.428 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000 [ 51.523762][ T4514] CPU: 0 UID: 0 PID: 4514 Comm: syz.2.428 Not tainted 6.15.0-rc3-syzkaller-00076-ge72e9e693307 #0 PREEMPT(voluntary) [ 51.523788][ T4514] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 51.523803][ T4514] Call Trace: [ 51.523818][ T4514] [ 51.523828][ T4514] dump_stack_lvl+0xf6/0x150 [ 51.523854][ T4514] dump_stack+0x15/0x1a [ 51.523869][ T4514] dump_header+0x83/0x2d0 [ 51.523889][ T4514] oom_kill_process+0x341/0x4c0 [ 51.523965][ T4514] out_of_memory+0x9d1/0xc20 [ 51.523994][ T4514] mem_cgroup_out_of_memory+0x13f/0x190 [ 51.524028][ T4514] try_charge_memcg+0x5f1/0x890 [ 51.524054][ T4514] charge_memcg+0x50/0xc0 [ 51.524082][ T4514] mem_cgroup_swapin_charge_folio+0xd0/0x150 [ 51.524155][ T4514] __read_swap_cache_async+0x207/0x3b0 [ 51.524198][ T4514] swap_cluster_readahead+0x27f/0x400 [ 51.524233][ T4514] swapin_readahead+0xe6/0x6f0 [ 51.524322][ T4514] ? __lruvec_stat_mod_folio+0xde/0x120 [ 51.524346][ T4514] ? swap_cache_get_folio+0x77/0x210 [ 51.524384][ T4514] do_swap_page+0x31c/0x2510 [ 51.524415][ T4514] ? __rcu_read_lock+0x36/0x50 [ 51.524438][ T4514] ? __pfx_default_wake_function+0x10/0x10 [ 51.524532][ T4514] handle_mm_fault+0x8ed/0x2e80 [ 51.524561][ T4514] ? mas_walk+0x204/0x320 [ 51.524614][ T4514] ? __rcu_read_unlock+0x4e/0x70 [ 51.524638][ T4514] exc_page_fault+0x3b9/0x6a0 [ 51.524663][ T4514] asm_exc_page_fault+0x26/0x30 [ 51.524681][ T4514] RIP: 0033:0x7f8b0cbd5388 [ 51.524706][ T4514] Code: 48 f7 f1 48 01 d8 49 39 c4 4c 0f 42 e0 83 3d 3a 28 35 00 00 0f 8e 09 fe ff ff e8 f3 9f fe ff 49 39 c4 72 66 66 0f 1f 44 00 00 <69> 3d 06 03 e8 00 e8 03 00 00 48 8d 1d 07 0c 35 00 e8 22 95 12 00 [ 51.524722][ T4514] RSP: 002b:00007ffc41633670 EFLAGS: 00010212 [ 51.524738][ T4514] RAX: 000000000000c90b RBX: 00007f8b0cf27ba0 RCX: 000000000000c738 [ 51.524779][ T4514] RDX: 00000000000001d3 RSI: 00007ffc41633650 RDI: 0000000000000001 [ 51.524791][ T4514] RBP: 00007f8b0cf27ba0 R08: 000000001bdb0617 R09: 7fffffffffffffff [ 51.524804][ T4514] R10: 00007f8b0cef8038 R11: 0000000000000010 R12: 000000000000cad9 [ 51.524816][ T4514] R13: 00007f8b0cf26080 R14: ffffffffffffffff R15: 00007ffc41633780 [ 51.524836][ T4514] [ 51.524842][ T4514] memory: usage 307200kB, limit 307200kB, failcnt 216 [ 51.745178][ T4514] memory+swap: usage 141224kB, limit 9007199254740988kB, failcnt 0 [ 51.745193][ T4514] kmem: usage 140872kB, limit 9007199254740988kB, failcnt 0 [ 51.760431][ T4514] Memory cgroup stats for /syz2: [ 51.770425][ T4514] cache 0 [ 51.778352][ T4514] rss 0 [ 51.781219][ T4514] shmem 0 [ 51.784334][ T4514] mapped_file 0 [ 51.787830][ T4514] dirty 0 [ 51.790913][ T4514] writeback 0 [ 51.794450][ T4514] workingset_refault_anon 4 [ 51.798978][ T4514] workingset_refault_file 0 [ 51.803708][ T4514] swap 188416 [ 51.807059][ T4514] swapcached 12288 [ 51.810864][ T4514] pgpgin 7947 [ 51.811755][ T4540] veth0_vlan: entered allmulticast mode [ 51.814135][ T4514] pgpgout 7944 [ 51.814145][ T4514] pgfault 13935 [ 51.814153][ T4514] pgmajfault 5 [ 51.814162][ T4514] inactive_anon 12288 [ 51.833907][ T4514] active_anon 0 [ 51.833916][ T4514] inactive_file 0 [ 51.841099][ T4514] active_file 0 [ 51.844562][ T4514] unevictable 0 [ 51.848101][ T4514] hierarchical_memory_limit 314572800 [ 51.853495][ T4514] hierarchical_memsw_limit 9223372036854771712 [ 51.859679][ T4514] total_cache 0 [ 51.863145][ T4514] total_rss 0 [ 51.866431][ T4514] total_shmem 0 [ 51.869922][ T4514] total_mapped_file 0 [ 51.873986][ T4514] total_dirty 0 [ 51.877499][ T4514] total_writeback 0 [ 51.881391][ T4514] total_workingset_refault_anon 4 [ 51.886453][ T4514] total_workingset_refault_file 0 [ 51.891540][ T4514] total_swap 188416 [ 51.895479][ T4514] total_swapcached 12288 [ 51.899845][ T4514] total_pgpgin 7947 [ 51.903736][ T4514] total_pgpgout 7944 [ 51.907674][ T4514] total_pgfault 13935 [ 51.911677][ T4514] total_pgmajfault 5 [ 51.915667][ T4514] total_inactive_anon 12288 [ 51.920189][ T4514] total_active_anon 0 [ 51.924181][ T4514] total_inactive_file 0 [ 51.926945][ T4539] tipc: Enabled bearer , priority 0 [ 51.928414][ T4514] total_active_file 0 [ 51.938987][ T4514] total_unevictable 0 [ 51.942965][ T4514] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.428,pid=4514,uid=0 [ 51.957595][ T4514] Memory cgroup out of memory: Killed process 4514 (syz.2.428) total-vm:95796kB, anon-rss:936kB, file-rss:22308kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000 [ 51.976042][ T3309] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 51.991632][ T4537] tipc: Resetting bearer [ 52.015395][ T4546] loop1: detected capacity change from 0 to 128 [ 52.031915][ T4537] tipc: Disabling bearer [ 52.047621][ T4540] veth0_vlan: left promiscuous mode [ 52.052875][ T4540] veth0_vlan: entered promiscuous mode [ 52.093043][ T4552] netlink: 'syz.1.443': attribute type 4 has an invalid length. [ 52.162486][ T4561] loop1: detected capacity change from 0 to 764 [ 52.186149][ T4563] veth5: entered promiscuous mode [ 52.191312][ T4563] veth5: entered allmulticast mode [ 52.209753][ T4561] Symlink component flag not implemented [ 52.232311][ T4561] Symlink component flag not implemented (7) [ 52.496198][ T4576] random: crng reseeded on system resumption [ 52.527557][ T4578] netlink: 100 bytes leftover after parsing attributes in process `syz.4.453'. [ 53.009152][ T4592] netlink: 4 bytes leftover after parsing attributes in process `syz.0.458'. [ 53.018946][ T4592] netlink: 12 bytes leftover after parsing attributes in process `syz.0.458'. [ 53.212861][ T4586] syz.3.457 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000 [ 53.223870][ T4586] CPU: 0 UID: 0 PID: 4586 Comm: syz.3.457 Not tainted 6.15.0-rc3-syzkaller-00076-ge72e9e693307 #0 PREEMPT(voluntary) [ 53.223903][ T4586] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 53.223918][ T4586] Call Trace: [ 53.223925][ T4586] [ 53.224050][ T4586] dump_stack_lvl+0xf6/0x150 [ 53.224078][ T4586] dump_stack+0x15/0x1a [ 53.224099][ T4586] dump_header+0x83/0x2d0 [ 53.224121][ T4586] oom_kill_process+0x341/0x4c0 [ 53.224146][ T4586] out_of_memory+0x9d1/0xc20 [ 53.224249][ T4586] mem_cgroup_out_of_memory+0x13f/0x190 [ 53.224283][ T4586] try_charge_memcg+0x5f1/0x890 [ 53.224322][ T4586] charge_memcg+0x50/0xc0 [ 53.224358][ T4586] mem_cgroup_swapin_charge_folio+0xd0/0x150 [ 53.224394][ T4586] __read_swap_cache_async+0x207/0x3b0 [ 53.224469][ T4586] swap_cluster_readahead+0x27f/0x400 [ 53.224515][ T4586] swapin_readahead+0xe6/0x6f0 [ 53.224566][ T4586] ? swap_cache_get_folio+0x77/0x210 [ 53.224597][ T4586] do_swap_page+0x31c/0x2510 [ 53.224623][ T4586] ? __rcu_read_lock+0x36/0x50 [ 53.224707][ T4586] ? __pfx_default_wake_function+0x10/0x10 [ 53.224729][ T4586] handle_mm_fault+0x8ed/0x2e80 [ 53.224751][ T4586] ? mas_walk+0x204/0x320 [ 53.224776][ T4586] ? __rcu_read_unlock+0x4e/0x70 [ 53.224884][ T4586] exc_page_fault+0x3b9/0x6a0 [ 53.224958][ T4586] asm_exc_page_fault+0x26/0x30 [ 53.224980][ T4586] RIP: 0033:0x7f6b9e8253ac [ 53.224996][ T4586] Code: 66 0f 1f 44 00 00 69 3d 06 03 e8 00 e8 03 00 00 48 8d 1d 07 0c 35 00 e8 22 95 12 00 eb 0c 48 81 c3 e0 00 00 00 48 39 eb 74 24 <80> 7b 20 00 74 ee 8b 43 0c 85 c0 74 e7 48 89 df 48 81 c3 e0 00 00 [ 53.225012][ T4586] RSP: 002b:00007ffe4ee70980 EFLAGS: 00010283 [ 53.225026][ T4586] RAX: 0000000000000000 RBX: 00007f6b9eb76080 RCX: 0000000000000000 [ 53.225037][ T4586] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000055555a9b9808 [ 53.225050][ T4586] RBP: 00007f6b9eb77ba0 R08: 0000000000000000 R09: 7fffffffffffffff [ 53.225151][ T4586] R10: 0000000000000000 R11: 0000000000000293 R12: 000000000000d116 [ 53.225164][ T4586] R13: 00007f6b9eb76080 R14: ffffffffffffffff R15: 00007ffe4ee70a90 [ 53.225185][ T4586] [ 53.225191][ T4586] memory: usage 307200kB, limit 307200kB, failcnt 10802 [ 53.438045][ T4586] memory+swap: usage 67332kB, limit 9007199254740988kB, failcnt 0 [ 53.445874][ T4586] kmem: usage 54836kB, limit 9007199254740988kB, failcnt 0 [ 53.453097][ T4586] Memory cgroup stats for /syz3: [ 53.453926][ T4586] cache 4096 [ 53.462175][ T4586] rss 4096 [ 53.465203][ T4586] shmem 0 [ 53.468176][ T4586] mapped_file 4096 [ 53.471928][ T4586] dirty 0 [ 53.474881][ T4586] writeback 0 [ 53.478258][ T4586] workingset_refault_anon 10 [ 53.482868][ T4586] workingset_refault_file 2 [ 53.487394][ T4586] swap 380928 [ 53.490681][ T4586] swapcached 4096 [ 53.494304][ T4586] pgpgin 83932 [ 53.497693][ T4586] pgpgout 83930 [ 53.501149][ T4586] pgfault 64363 [ 53.504628][ T4586] pgmajfault 10 [ 53.508151][ T4586] inactive_anon 0 [ 53.511844][ T4586] active_anon 0 [ 53.515292][ T4586] inactive_file 0 [ 53.518936][ T4586] active_file 0 [ 53.522389][ T4586] unevictable 0 [ 53.525937][ T4586] hierarchical_memory_limit 314572800 [ 53.531321][ T4586] hierarchical_memsw_limit 9223372036854771712 [ 53.537522][ T4586] total_cache 4096 [ 53.541233][ T4586] total_rss 4096 [ 53.544766][ T4586] total_shmem 0 [ 53.548236][ T4586] total_mapped_file 4096 [ 53.552498][ T4586] total_dirty 0 [ 53.555957][ T4586] total_writeback 0 [ 53.559841][ T4586] total_workingset_refault_anon 10 [ 53.564982][ T4586] total_workingset_refault_file 2 [ 53.570006][ T4586] total_swap 380928 [ 53.573885][ T4586] total_swapcached 4096 [ 53.578040][ T4586] total_pgpgin 83932 [ 53.581993][ T4586] total_pgpgout 83930 [ 53.585958][ T4586] total_pgfault 64363 [ 53.589983][ T4586] total_pgmajfault 10 [ 53.593963][ T4586] total_inactive_anon 0 [ 53.598118][ T4586] total_active_anon 0 [ 53.602104][ T4586] total_inactive_file 0 [ 53.606241][ T4586] total_active_file 0 [ 53.610267][ T4586] total_unevictable 0 [ 53.614244][ T4586] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz3,task_memcg=/syz3,task=syz.3.457,pid=4586,uid=0 [ 53.628856][ T4586] Memory cgroup out of memory: Killed process 4586 (syz.3.457) total-vm:95796kB, anon-rss:936kB, file-rss:22308kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000 [ 53.710723][ T4605] loop2: detected capacity change from 0 to 512 [ 53.725831][ T4602] tipc: Enabled bearer , priority 0 [ 53.734871][ T4605] EXT4-fs: Ignoring removed oldalloc option [ 53.741270][ T4601] tipc: Resetting bearer [ 53.782539][ T4605] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 53.793499][ T4601] tipc: Disabling bearer [ 53.801058][ T4605] EXT4-fs (loop2): revision level too high, forcing read-only mode [ 53.809761][ T4605] EXT4-fs (loop2): orphan cleanup on readonly fs [ 53.818060][ T4605] EXT4-fs (loop2): 1 truncate cleaned up [ 53.824230][ T4605] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 53.946245][ T3312] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 53.970503][ T4612] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 53.985046][ T4614] veth0_vlan: entered allmulticast mode [ 54.031470][ T4612] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 54.043508][ T4614] veth0_vlan: left promiscuous mode [ 54.048967][ T4614] veth0_vlan: entered promiscuous mode [ 54.101460][ T3309] syz-executor invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0 [ 54.112414][ T3309] CPU: 1 UID: 0 PID: 3309 Comm: syz-executor Not tainted 6.15.0-rc3-syzkaller-00076-ge72e9e693307 #0 PREEMPT(voluntary) [ 54.112444][ T3309] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 54.112455][ T3309] Call Trace: [ 54.112461][ T3309] [ 54.112468][ T3309] dump_stack_lvl+0xf6/0x150 [ 54.112533][ T3309] dump_stack+0x15/0x1a [ 54.112553][ T3309] dump_header+0x83/0x2d0 [ 54.112576][ T3309] oom_kill_process+0x341/0x4c0 [ 54.112617][ T3309] out_of_memory+0x9d1/0xc20 [ 54.112640][ T3309] mem_cgroup_out_of_memory+0x13f/0x190 [ 54.112674][ T3309] try_charge_memcg+0x5f1/0x890 [ 54.112768][ T3309] charge_memcg+0x50/0xc0 [ 54.112879][ T3309] mem_cgroup_swapin_charge_folio+0xd0/0x150 [ 54.113021][ T3309] __read_swap_cache_async+0x207/0x3b0 [ 54.113064][ T3309] swap_cluster_readahead+0x27f/0x400 [ 54.113135][ T3309] swapin_readahead+0xe6/0x6f0 [ 54.113181][ T3309] ? swap_cache_get_folio+0x77/0x210 [ 54.113278][ T3309] do_swap_page+0x31c/0x2510 [ 54.113306][ T3309] ? __schedule+0x809/0xb70 [ 54.113338][ T3309] ? schedule+0x5f/0xd0 [ 54.113436][ T3309] ? __rcu_read_lock+0x36/0x50 [ 54.113459][ T3309] ? __pfx_default_wake_function+0x10/0x10 [ 54.113486][ T3309] handle_mm_fault+0x8ed/0x2e80 [ 54.113515][ T3309] ? mas_walk+0x204/0x320 [ 54.113537][ T3309] ? __rcu_read_unlock+0x4e/0x70 [ 54.113599][ T3309] exc_page_fault+0x3b9/0x6a0 [ 54.113671][ T3309] ? do_syscall_64+0xd6/0x1a0 [ 54.113763][ T3309] asm_exc_page_fault+0x26/0x30 [ 54.113785][ T3309] RIP: 0033:0x7fc0722011e5 [ 54.113802][ T3309] Code: 00 00 00 00 00 83 ff 03 74 7b 83 ff 02 b8 fa ff ff ff 49 89 ca 0f 44 f8 80 3d 5e 33 1c 00 00 74 14 b8 e6 00 00 00 0f 05 f7 d8 66 2e 0f 1f 84 00 00 00 00 00 48 83 ec 28 48 89 54 24 10 89 74 [ 54.113894][ T3309] RSP: 002b:00007fff1bc22848 EFLAGS: 00010246 [ 54.113911][ T3309] RAX: 0000000000000000 RBX: 00000000000000da RCX: 00007fc0722011e3 [ 54.113926][ T3309] RDX: 00007fff1bc22860 RSI: 0000000000000000 RDI: 0000000000000000 [ 54.113939][ T3309] RBP: 00007fff1bc228cc R08: 000000003b55e70b R09: 0000000000000000 [ 54.113950][ T3309] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000001388 [ 54.113987][ T3309] R13: 00000000000927c0 R14: 000000000000d1ea R15: 00007fff1bc22920 [ 54.114005][ T3309] [ 54.114010][ T3309] memory: usage 307200kB, limit 307200kB, failcnt 228 [ 54.340000][ T3309] memory+swap: usage 576kB, limit 9007199254740988kB, failcnt 0 [ 54.347681][ T3309] kmem: usage 300kB, limit 9007199254740988kB, failcnt 0 [ 54.354745][ T3309] Memory cgroup stats for /syz1: [ 54.357136][ T4612] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 54.357774][ T3309] cache 0 [ 54.375457][ T3309] rss 12288 [ 54.378658][ T3309] shmem 0 [ 54.381710][ T3309] mapped_file 0 [ 54.385231][ T3309] dirty 0 [ 54.388201][ T3309] writeback 0 [ 54.391555][ T3309] workingset_refault_anon 7 [ 54.396041][ T3309] workingset_refault_file 1 [ 54.400581][ T3309] swap 172032 [ 54.403937][ T3309] swapcached 16384 [ 54.407686][ T3309] pgpgin 27241 [ 54.411043][ T3309] pgpgout 27234 [ 54.414526][ T3309] pgfault 35012 [ 54.418003][ T3309] pgmajfault 10 [ 54.421513][ T3309] inactive_anon 0 [ 54.425190][ T3309] active_anon 24576 [ 54.429003][ T3309] inactive_file 0 [ 54.432626][ T3309] active_file 0 [ 54.436103][ T3309] unevictable 0 [ 54.439634][ T3309] hierarchical_memory_limit 314572800 [ 54.445000][ T3309] hierarchical_memsw_limit 9223372036854771712 [ 54.451230][ T3309] total_cache 0 [ 54.454676][ T3309] total_rss 12288 [ 54.458422][ T3309] total_shmem 0 [ 54.461876][ T3309] total_mapped_file 0 [ 54.465920][ T3309] total_dirty 0 [ 54.469434][ T3309] total_writeback 0 [ 54.473275][ T3309] total_workingset_refault_anon 7 [ 54.478309][ T3309] total_workingset_refault_file 1 [ 54.483318][ T3309] total_swap 172032 [ 54.487143][ T3309] total_swapcached 16384 [ 54.491412][ T3309] total_pgpgin 27241 [ 54.495298][ T3309] total_pgpgout 27234 [ 54.499312][ T3309] total_pgfault 35012 [ 54.503313][ T3309] total_pgmajfault 10 [ 54.507333][ T3309] total_inactive_anon 0 [ 54.511485][ T3309] total_active_anon 24576 [ 54.515880][ T3309] total_inactive_file 0 [ 54.520093][ T3309] total_active_file 0 [ 54.524091][ T3309] total_unevictable 0 [ 54.528106][ T3309] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz1,task_memcg=/syz1,task=syz.1.470,pid=4598,uid=0 [ 54.542737][ T3309] Memory cgroup out of memory: Killed process 4598 (syz.1.470) total-vm:95796kB, anon-rss:936kB, file-rss:22316kB, shmem-rss:0kB, UID:0 pgtables:124kB oom_score_adj:1000 [ 54.585212][ T4619] loop4: detected capacity change from 0 to 128 [ 54.596317][ T4612] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 54.625733][ T29] kauditd_printk_skb: 63 callbacks suppressed [ 54.625801][ T29] audit: type=1326 audit(1745520485.171:689): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4624 comm="syz.2.479" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b0ccfe969 code=0x7ffc0000 [ 54.656895][ T29] audit: type=1326 audit(1745520485.171:690): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4624 comm="syz.2.479" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b0ccfe969 code=0x7ffc0000 [ 54.680357][ T29] audit: type=1326 audit(1745520485.171:691): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4624 comm="syz.2.479" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f8b0ccfe969 code=0x7ffc0000 [ 54.689049][ T4619] bio_check_eod: 80 callbacks suppressed [ 54.689069][ T4619] syz.4.466: attempt to access beyond end of device [ 54.689069][ T4619] loop4: rw=2049, sector=153, nr_sectors = 8 limit=128 [ 54.703699][ T29] audit: type=1326 audit(1745520485.181:692): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4624 comm="syz.2.479" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b0ccfe969 code=0x7ffc0000 [ 54.745964][ T29] audit: type=1326 audit(1745520485.181:693): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4624 comm="syz.2.479" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b0ccfe969 code=0x7ffc0000 [ 54.752528][ T4619] syz.4.466: attempt to access beyond end of device [ 54.752528][ T4619] loop4: rw=2049, sector=169, nr_sectors = 8 limit=128 [ 54.769504][ T29] audit: type=1326 audit(1745520485.211:694): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4624 comm="syz.2.479" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8b0ccfe969 code=0x7ffc0000 [ 54.786677][ T4619] syz.4.466: attempt to access beyond end of device [ 54.786677][ T4619] loop4: rw=2049, sector=185, nr_sectors = 8 limit=128 [ 54.806046][ T29] audit: type=1326 audit(1745520485.211:695): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4624 comm="syz.2.479" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b0ccfe969 code=0x7ffc0000 [ 54.806108][ T29] audit: type=1326 audit(1745520485.211:696): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4624 comm="syz.2.479" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b0ccfe969 code=0x7ffc0000 [ 54.838209][ T4619] syz.4.466: attempt to access beyond end of device [ 54.838209][ T4619] loop4: rw=2049, sector=201, nr_sectors = 8 limit=128 [ 54.842768][ T29] audit: type=1326 audit(1745520485.211:697): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4624 comm="syz.2.479" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8b0ccfe969 code=0x7ffc0000 [ 54.869974][ T4619] syz.4.466: attempt to access beyond end of device [ 54.869974][ T4619] loop4: rw=2049, sector=217, nr_sectors = 8 limit=128 [ 54.879248][ T29] audit: type=1326 audit(1745520485.211:698): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4624 comm="syz.2.479" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b0ccfe969 code=0x7ffc0000 [ 54.905604][ T4619] syz.4.466: attempt to access beyond end of device [ 54.905604][ T4619] loop4: rw=2049, sector=233, nr_sectors = 8 limit=128 [ 54.954605][ T4619] syz.4.466: attempt to access beyond end of device [ 54.954605][ T4619] loop4: rw=2049, sector=249, nr_sectors = 8 limit=128 [ 54.969286][ T4619] syz.4.466: attempt to access beyond end of device [ 54.969286][ T4619] loop4: rw=2049, sector=265, nr_sectors = 8 limit=128 [ 54.983252][ T4619] syz.4.466: attempt to access beyond end of device [ 54.983252][ T4619] loop4: rw=2049, sector=281, nr_sectors = 8 limit=128 [ 54.988720][ T4612] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.996938][ T4619] syz.4.466: attempt to access beyond end of device [ 54.996938][ T4619] loop4: rw=2049, sector=297, nr_sectors = 8 limit=128 [ 55.029982][ T4612] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.045165][ T4612] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.060785][ T4612] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.141217][ T4646] loop3: detected capacity change from 0 to 512 [ 55.148357][ T4646] EXT4-fs: Ignoring removed oldalloc option [ 55.154608][ T4646] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 55.191984][ T4646] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 55.209765][ T4646] EXT4-fs (loop3): orphan cleanup on readonly fs [ 55.227097][ T4646] EXT4-fs (loop3): 1 truncate cleaned up [ 55.233276][ T4646] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 55.316015][ T3311] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 55.380683][ T4670] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 55.395539][ T4671] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 55.460162][ T4671] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 55.510577][ T4671] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 55.536325][ T3312] syz-executor invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0 [ 55.547292][ T3312] CPU: 1 UID: 0 PID: 3312 Comm: syz-executor Not tainted 6.15.0-rc3-syzkaller-00076-ge72e9e693307 #0 PREEMPT(voluntary) [ 55.547326][ T3312] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 55.547342][ T3312] Call Trace: [ 55.547349][ T3312] [ 55.547358][ T3312] dump_stack_lvl+0xf6/0x150 [ 55.547381][ T3312] dump_stack+0x15/0x1a [ 55.547462][ T3312] dump_header+0x83/0x2d0 [ 55.547489][ T3312] oom_kill_process+0x341/0x4c0 [ 55.547513][ T3312] out_of_memory+0x9d1/0xc20 [ 55.547559][ T3312] mem_cgroup_out_of_memory+0x13f/0x190 [ 55.547636][ T3312] try_charge_memcg+0x5f1/0x890 [ 55.547662][ T3312] charge_memcg+0x50/0xc0 [ 55.547691][ T3312] __mem_cgroup_charge+0x29/0xb0 [ 55.547770][ T3312] filemap_add_folio+0x56/0x1b0 [ 55.547789][ T3312] __filemap_get_folio+0x340/0x6b0 [ 55.547831][ T3312] filemap_fault+0x46a/0xbc0 [ 55.547887][ T3312] __do_fault+0xb6/0x200 [ 55.547940][ T3312] handle_mm_fault+0xe9b/0x2e80 [ 55.547972][ T3312] ? __rcu_read_unlock+0x4e/0x70 [ 55.548005][ T3312] exc_page_fault+0x3b9/0x6a0 [ 55.548031][ T3312] ? do_syscall_64+0xd6/0x1a0 [ 55.548131][ T3312] asm_exc_page_fault+0x26/0x30 [ 55.548179][ T3312] RIP: 0033:0x7f8b0cbd5994 [ 55.548196][ T3312] Code: 85 ed 09 00 00 48 b8 db 34 b6 d7 82 de 1b 43 48 f7 a4 24 98 00 00 00 48 8b 05 08 fe e7 00 48 69 8c 24 90 00 00 00 e8 03 00 00 <8b> 78 08 48 8b 44 24 18 48 c1 ea 12 4c 8b 0d 19 fd e7 00 48 01 d1 [ 55.548293][ T3312] RSP: 002b:00007ffc41633890 EFLAGS: 00010206 [ 55.548310][ T3312] RAX: 0000001b32020000 RBX: 00000000000000d6 RCX: 000000000000d6d8 [ 55.548325][ T3312] RDX: 0000000007e798e5 RSI: 00007ffc41633920 RDI: 0000000000000001 [ 55.548339][ T3312] RBP: 00007ffc416338cc R08: 000000001e276930 R09: 7fffffffffffffff [ 55.548357][ T3312] R10: 00007f8b0cef8038 R11: 0000000000000010 R12: 0000000000001388 [ 55.548372][ T3312] R13: 00000000000927c0 R14: 000000000000d7d6 R15: 00007ffc41633920 [ 55.548394][ T3312] [ 55.548402][ T3312] memory: usage 307200kB, limit 307200kB, failcnt 417 [ 55.743023][ T3312] memory+swap: usage 119324kB, limit 9007199254740988kB, failcnt 0 [ 55.750989][ T3312] kmem: usage 109404kB, limit 9007199254740988kB, failcnt 0 [ 55.758377][ T3312] Memory cgroup stats for /syz2: [ 55.759262][ T3312] cache 0 [ 55.767210][ T3312] rss 0 [ 55.769992][ T3312] shmem 0 [ 55.773012][ T3312] mapped_file 0 [ 55.776473][ T3312] dirty 0 [ 55.779704][ T3312] writeback 0 [ 55.783015][ T3312] workingset_refault_anon 26 [ 55.787652][ T3312] workingset_refault_file 45 [ 55.792307][ T3312] swap 188416 [ 55.795629][ T3312] swapcached 12288 [ 55.799453][ T3312] pgpgin 8383 [ 55.802742][ T3312] pgpgout 8380 [ 55.806118][ T3312] pgfault 14889 [ 55.809698][ T3312] pgmajfault 20 [ 55.813166][ T3312] inactive_anon 12288 [ 55.817205][ T3312] active_anon 0 [ 55.820679][ T3312] inactive_file 0 [ 55.824324][ T3312] active_file 0 [ 55.827957][ T3312] unevictable 0 [ 55.831423][ T3312] hierarchical_memory_limit 314572800 [ 55.836862][ T3312] hierarchical_memsw_limit 9223372036854771712 [ 55.843114][ T3312] total_cache 0 [ 55.846668][ T3312] total_rss 0 [ 55.850027][ T3312] total_shmem 0 [ 55.853530][ T3312] total_mapped_file 0 [ 55.857566][ T3312] total_dirty 0 [ 55.861072][ T3312] total_writeback 0 [ 55.865020][ T3312] total_workingset_refault_anon 26 [ 55.870171][ T3312] total_workingset_refault_file 45 [ 55.875273][ T3312] total_swap 188416 [ 55.879110][ T3312] total_swapcached 12288 [ 55.883410][ T3312] total_pgpgin 8383 [ 55.887246][ T3312] total_pgpgout 8380 [ 55.891162][ T3312] total_pgfault 14889 [ 55.895149][ T3312] total_pgmajfault 20 [ 55.899184][ T3312] total_inactive_anon 12288 [ 55.903701][ T3312] total_active_anon 0 [ 55.903713][ T3312] total_inactive_file 0 [ 55.903722][ T3312] total_active_file 0 [ 55.915989][ T3312] total_unevictable 0 [ 55.920019][ T3312] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.480,pid=4644,uid=0 [ 55.934626][ T3312] Memory cgroup out of memory: Killed process 4644 (syz.2.480) total-vm:95796kB, anon-rss:936kB, file-rss:22316kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000 [ 55.959308][ T4671] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 56.017346][ T4671] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 56.034811][ T4671] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 56.046428][ T4671] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 56.060038][ T4671] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 56.123554][ T4696] loop2: detected capacity change from 0 to 2048 [ 56.139697][ T4698] loop1: detected capacity change from 0 to 512 [ 56.147499][ T4698] EXT4-fs error (device loop1): ext4_orphan_get:1390: inode #15: comm syz.1.499: iget: bad extended attribute block 1 [ 56.149402][ T4696] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 56.181268][ T4698] EXT4-fs error (device loop1): ext4_orphan_get:1395: comm syz.1.499: couldn't read orphan inode 15 (err -117) [ 56.206618][ T4698] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 56.243245][ T4698] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 7934 vs 220 free clusters [ 56.270239][ T4696] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 56.285530][ T4696] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28 [ 56.298052][ T4696] EXT4-fs (loop2): This should not happen!! Data will be lost [ 56.298052][ T4696] [ 56.308006][ T4696] EXT4-fs (loop2): Total free blocks count 0 [ 56.308037][ T4696] EXT4-fs (loop2): Free/Dirty block details [ 56.308053][ T4696] EXT4-fs (loop2): free_blocks=2415919104 [ 56.308068][ T4696] EXT4-fs (loop2): dirty_blocks=2528 [ 56.330962][ T4696] EXT4-fs (loop2): Block reservation details [ 56.337026][ T4696] EXT4-fs (loop2): i_reserved_data_blocks=158 [ 56.344063][ T3309] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 56.353755][ T4706] EXT4-fs (loop2): shut down requested (0) [ 57.153628][ T4718] loop3: detected capacity change from 0 to 128 [ 57.163536][ T4719] loop4: detected capacity change from 0 to 2048 [ 57.189447][ T4719] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 57.281336][ T4719] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 57.301723][ T4719] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1860 with error 28 [ 57.314321][ T4719] EXT4-fs (loop4): This should not happen!! Data will be lost [ 57.314321][ T4719] [ 57.324184][ T4719] EXT4-fs (loop4): Total free blocks count 0 [ 57.330316][ T4719] EXT4-fs (loop4): Free/Dirty block details [ 57.336395][ T4719] EXT4-fs (loop4): free_blocks=2415919104 [ 57.342230][ T4719] EXT4-fs (loop4): dirty_blocks=1872 [ 57.347656][ T4719] EXT4-fs (loop4): Block reservation details [ 57.353672][ T4719] EXT4-fs (loop4): i_reserved_data_blocks=117 [ 57.367953][ T4729] EXT4-fs (loop4): shut down requested (0) [ 57.405936][ T4743] loop1: detected capacity change from 0 to 512 [ 57.417173][ T4743] EXT4-fs: Ignoring removed orlov option [ 57.440406][ T4743] EXT4-fs error (device loop1): ext4_iget_extra_inode:4693: inode #15: comm syz.1.514: corrupted in-inode xattr: invalid ea_ino [ 57.459969][ T4743] EXT4-fs error (device loop1): ext4_orphan_get:1395: comm syz.1.514: couldn't read orphan inode 15 (err -117) [ 57.472675][ T4743] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 57.488367][ T4748] loop3: detected capacity change from 0 to 512 [ 57.507214][ T4748] EXT4-fs error (device loop3): ext4_orphan_get:1390: inode #15: comm syz.3.527: iget: bad extended attribute block 1 [ 57.521094][ T4748] EXT4-fs error (device loop3): ext4_orphan_get:1395: comm syz.3.527: couldn't read orphan inode 15 (err -117) [ 57.533824][ T4748] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 57.549142][ T4748] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 7934 vs 220 free clusters [ 57.574790][ T3309] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 57.584727][ T3311] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 58.332856][ T4779] loop3: detected capacity change from 0 to 2048 [ 58.349021][ T4779] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 58.386789][ T4785] loop4: detected capacity change from 0 to 512 [ 58.408933][ T4785] EXT4-fs: Ignoring removed orlov option [ 58.422044][ T4788] loop2: detected capacity change from 0 to 512 [ 58.423091][ T4779] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 58.444917][ T4779] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1994 with error 28 [ 58.446293][ T4785] EXT4-fs error (device loop4): ext4_iget_extra_inode:4693: inode #15: comm syz.4.531: corrupted in-inode xattr: invalid ea_ino [ 58.457515][ T4779] EXT4-fs (loop3): This should not happen!! Data will be lost [ 58.457515][ T4779] [ 58.471495][ T4785] EXT4-fs error (device loop4): ext4_orphan_get:1395: comm syz.4.531: couldn't read orphan inode 15 (err -117) [ 58.480417][ T4779] EXT4-fs (loop3): Total free blocks count 0 [ 58.480432][ T4779] EXT4-fs (loop3): Free/Dirty block details [ 58.480442][ T4779] EXT4-fs (loop3): free_blocks=2415919104 [ 58.480456][ T4779] EXT4-fs (loop3): dirty_blocks=2000 [ 58.494435][ T4788] EXT4-fs error (device loop2): ext4_orphan_get:1390: inode #15: comm syz.2.532: iget: bad extended attribute block 1 [ 58.498222][ T4779] EXT4-fs (loop3): Block reservation details [ 58.498234][ T4779] EXT4-fs (loop3): i_reserved_data_blocks=125 [ 58.504382][ T4788] EXT4-fs error (device loop2): ext4_orphan_get:1395: comm syz.2.532: couldn't read orphan inode 15 (err -117) [ 58.511831][ T4785] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 58.515809][ T4788] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 58.596954][ T4788] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 7934 vs 220 free clusters [ 58.642225][ T3312] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 58.672287][ T3304] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 58.697659][ T4779] EXT4-fs (loop3): shut down requested (0) [ 58.746223][ T4794] loop4: detected capacity change from 0 to 8192 [ 58.798811][ T4794] loop4: p1 p2 < > p3 p4 < p5 > [ 58.803789][ T4794] loop4: partition table partially beyond EOD, truncated [ 58.811031][ T4794] loop4: p1 size 100663296 extends beyond EOD, truncated [ 58.818567][ T4794] loop4: p2 start 591104 is beyond EOD, truncated [ 58.825024][ T4794] loop4: p3 start 33572980 is beyond EOD, truncated [ 58.832122][ T4794] loop4: p5 size 100663296 extends beyond EOD, truncated [ 58.875366][ T4805] netlink: 96 bytes leftover after parsing attributes in process `syz.2.541'. [ 60.395194][ T4821] loop4: detected capacity change from 0 to 512 [ 60.404109][ T4821] EXT4-fs error (device loop4): ext4_orphan_get:1390: inode #15: comm syz.4.545: iget: bad extended attribute block 1 [ 60.418354][ T4821] EXT4-fs error (device loop4): ext4_orphan_get:1395: comm syz.4.545: couldn't read orphan inode 15 (err -117) [ 60.430909][ T4821] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 60.446754][ T4821] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 7934 vs 220 free clusters [ 60.481076][ T3304] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 61.257898][ T4834] loop1: detected capacity change from 0 to 2048 [ 61.265338][ T4837] loop3: detected capacity change from 0 to 512 [ 61.276528][ T4837] EXT4-fs: Ignoring removed orlov option [ 61.289086][ T4834] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 61.308605][ T4836] loop2: detected capacity change from 0 to 8192 [ 61.317280][ T4837] EXT4-fs error (device loop3): ext4_iget_extra_inode:4693: inode #15: comm syz.3.558: corrupted in-inode xattr: invalid ea_ino [ 61.331306][ T4837] EXT4-fs error (device loop3): ext4_orphan_get:1395: comm syz.3.558: couldn't read orphan inode 15 (err -117) [ 61.343911][ T4837] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 61.354631][ T29] kauditd_printk_skb: 102 callbacks suppressed [ 61.354647][ T29] audit: type=1326 audit(1745520491.901:801): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4844 comm="syz.0.554" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb3d994e969 code=0x7ffc0000 [ 61.385920][ T29] audit: type=1326 audit(1745520491.901:802): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4844 comm="syz.0.554" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb3d994e969 code=0x7ffc0000 [ 61.409206][ T29] audit: type=1326 audit(1745520491.901:803): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4844 comm="syz.0.554" exe="/root/syz-executor" sig=0 arch=c000003e syscall=77 compat=0 ip=0x7fb3d994e969 code=0x7ffc0000 [ 61.414685][ T4836] loop2: p1 p2 < > p3 p4 < p5 > [ 61.432396][ T29] audit: type=1326 audit(1745520491.901:804): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4844 comm="syz.0.554" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb3d994e969 code=0x7ffc0000 [ 61.437360][ T4836] loop2: partition table partially beyond EOD, truncated [ 61.460571][ T29] audit: type=1326 audit(1745520491.901:805): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4844 comm="syz.0.554" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb3d994e969 code=0x7ffc0000 [ 61.469575][ T4836] loop2: p1 size 100663296 extends beyond EOD, [ 61.490845][ T29] audit: type=1326 audit(1745520491.901:806): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4844 comm="syz.0.554" exe="/root/syz-executor" sig=0 arch=c000003e syscall=240 compat=0 ip=0x7fb3d994e969 code=0x7ffc0000 [ 61.490880][ T29] audit: type=1326 audit(1745520491.901:807): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4844 comm="syz.0.554" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb3d994e969 code=0x7ffc0000 [ 61.497110][ T4836] truncated [ 61.499632][ T4834] EXT4-fs (loop1): shut down requested (0) [ 61.520335][ T29] audit: type=1326 audit(1745520491.901:808): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4844 comm="syz.0.554" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fb3d994e969 code=0x7ffc0000 [ 61.564961][ T4836] loop2: p2 start 591104 is beyond EOD, [ 61.575600][ T29] audit: type=1326 audit(1745520491.901:809): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4844 comm="syz.0.554" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb3d994e969 code=0x7ffc0000 [ 61.581273][ T4836] truncated [ 61.604486][ T29] audit: type=1326 audit(1745520491.901:810): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4844 comm="syz.0.554" exe="/root/syz-executor" sig=0 arch=c000003e syscall=242 compat=0 ip=0x7fb3d994e969 code=0x7ffc0000 [ 61.607601][ T4836] loop2: p3 start 33572980 is beyond EOD, truncated [ 61.665249][ T4836] loop2: p5 size 100663296 extends beyond EOD, truncated [ 61.676629][ T3311] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 61.695502][ T4853] netlink: 96 bytes leftover after parsing attributes in process `syz.0.555'. [ 61.750398][ T3309] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 61.928401][ T4873] netlink: 'syz.2.560': attribute type 1 has an invalid length. [ 61.949301][ T4873] 8021q: adding VLAN 0 to HW filter on device bond1 [ 61.995535][ T4873] bond1: (slave veth3): Enslaving as an active interface with a down link [ 62.015857][ T4873] ip6gretap1: entered promiscuous mode [ 62.024508][ T4873] bond1: (slave ip6gretap1): making interface the new active one [ 62.034944][ T4873] bond1: (slave ip6gretap1): Enslaving as an active interface with an up link [ 62.080053][ T4880] netlink: 24 bytes leftover after parsing attributes in process `syz.3.567'. [ 62.130262][ T4884] netlink: 'syz.1.578': attribute type 1 has an invalid length. [ 62.144316][ T4884] 8021q: adding VLAN 0 to HW filter on device bond1 [ 62.170655][ T4884] bond1: (slave veth3): Enslaving as an active interface with a down link [ 62.191133][ T4889] netlink: 96 bytes leftover after parsing attributes in process `syz.0.569'. [ 62.205384][ T4884] ip6gretap1: entered promiscuous mode [ 62.213675][ T4884] bond1: (slave ip6gretap1): making interface the new active one [ 62.223322][ T4884] bond1: (slave ip6gretap1): Enslaving as an active interface with an up link [ 62.262662][ T4893] tipc: Enabled bearer , priority 0 [ 62.271462][ T4893] tipc: Disabling bearer [ 62.286511][ T4898] netlink: 'syz.0.584': attribute type 1 has an invalid length. [ 62.308193][ T4900] loop2: detected capacity change from 0 to 512 [ 62.314830][ T4900] EXT4-fs: Ignoring removed oldalloc option [ 62.322892][ T4898] 8021q: adding VLAN 0 to HW filter on device bond1 [ 62.331208][ T4900] EXT4-fs error (device loop2): ext4_xattr_inode_iget:433: comm syz.2.573: Parent and EA inode have the same ino 15 [ 62.345714][ T4901] netlink: 96 bytes leftover after parsing attributes in process `syz.1.585'. [ 62.365668][ T4900] EXT4-fs (loop2): Remounting filesystem read-only [ 62.372259][ T4900] EXT4-fs warning (device loop2): ext4_expand_extra_isize_ea:2848: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 62.385286][ T4900] EXT4-fs warning (device loop2): ext4_evict_inode:262: couldn't mark inode dirty (err -30) [ 62.396801][ T4900] EXT4-fs (loop2): 1 orphan inode deleted [ 62.404381][ T4900] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 62.405278][ T4898] bond1: (slave veth5): Enslaving as an active interface with a down link [ 62.428476][ T4911] ip6gretap1: entered promiscuous mode [ 62.436331][ T4911] bond1: (slave ip6gretap1): making interface the new active one [ 62.456978][ T4911] bond1: (slave ip6gretap1): Enslaving as an active interface with an up link [ 62.487281][ T4915] netlink: 24 bytes leftover after parsing attributes in process `syz.1.579'. [ 62.511995][ T3312] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 62.717898][ T4939] tipc: Enabled bearer , priority 0 [ 62.751530][ T4945] loop4: detected capacity change from 0 to 512 [ 62.759474][ T4945] EXT4-fs: Ignoring removed oldalloc option [ 62.766960][ T4939] tipc: Disabling bearer [ 62.778458][ T4941] tipc: Enabled bearer , priority 0 [ 62.786370][ T4940] tipc: Resetting bearer [ 62.800444][ T4945] EXT4-fs error (device loop4): ext4_xattr_inode_iget:433: comm syz.4.594: Parent and EA inode have the same ino 15 [ 62.820046][ T4943] SELinux: ebitmap: truncated map [ 62.825802][ T4943] SELinux: failed to load policy [ 62.832246][ T4945] EXT4-fs (loop4): Remounting filesystem read-only [ 62.833154][ T4940] tipc: Disabling bearer [ 62.838858][ T4945] EXT4-fs warning (device loop4): ext4_evict_inode:262: couldn't mark inode dirty (err -30) [ 62.854844][ T4945] EXT4-fs (loop4): 1 orphan inode deleted [ 62.861099][ T4945] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 62.892980][ T3304] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 62.913287][ T4952] netlink: 'syz.4.597': attribute type 1 has an invalid length. [ 62.938540][ T4952] 8021q: adding VLAN 0 to HW filter on device bond1 [ 62.962341][ T4952] bond1: (slave veth3): Enslaving as an active interface with a down link [ 62.977181][ T4955] pim6reg1: entered promiscuous mode [ 62.982557][ T4955] pim6reg1: entered allmulticast mode [ 62.992579][ T4952] ip6gretap1: entered promiscuous mode [ 63.000663][ T4952] bond1: (slave ip6gretap1): making interface the new active one [ 63.010129][ T4952] bond1: (slave ip6gretap1): Enslaving as an active interface with an up link [ 63.145097][ T4971] loop3: detected capacity change from 0 to 512 [ 63.199710][ T4971] EXT4-fs: Ignoring removed oldalloc option [ 63.229685][ T4971] EXT4-fs error (device loop3): ext4_xattr_inode_iget:433: comm syz.3.606: Parent and EA inode have the same ino 15 [ 63.257299][ T4971] EXT4-fs (loop3): Remounting filesystem read-only [ 63.263849][ T4971] EXT4-fs warning (device loop3): ext4_evict_inode:262: couldn't mark inode dirty (err -30) [ 63.291438][ T4971] EXT4-fs (loop3): 1 orphan inode deleted [ 63.371286][ T4979] tipc: Enabled bearer , priority 0 [ 63.388335][ T4979] tipc: Disabling bearer [ 63.395804][ T4977] tipc: Enabled bearer , priority 0 [ 63.403671][ T4976] tipc: Resetting bearer [ 63.415518][ T4976] tipc: Disabling bearer [ 63.448649][ T4981] SELinux: ebitmap: truncated map [ 63.454563][ T4981] SELinux: failed to load policy [ 63.541965][ T4986] loop3: detected capacity change from 0 to 512 [ 63.553114][ T4986] EXT4-fs (loop3): orphan cleanup on readonly fs [ 63.561312][ T4986] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.611: bg 0: block 248: padding at end of block bitmap is not set [ 63.579001][ T4986] EXT4-fs error (device loop3): ext4_acquire_dquot:6935: comm syz.3.611: Failed to acquire dquot type 1 [ 63.609347][ T4986] EXT4-fs (loop3): 1 truncate cleaned up [ 63.627995][ T4986] EXT4-fs error (device loop3): ext4_lookup:1793: inode #2: comm syz.3.611: deleted inode referenced: 12 [ 63.732462][ T5002] pim6reg1: entered promiscuous mode [ 63.737917][ T5002] pim6reg1: entered allmulticast mode [ 63.825888][ T5010] loop4: detected capacity change from 0 to 512 [ 63.833933][ T5010] EXT4-fs: Ignoring removed oldalloc option [ 63.842024][ T5010] EXT4-fs error (device loop4): ext4_xattr_inode_iget:433: comm syz.4.619: Parent and EA inode have the same ino 15 [ 63.855712][ T5010] EXT4-fs (loop4): Remounting filesystem read-only [ 63.862407][ T5010] EXT4-fs warning (device loop4): ext4_evict_inode:262: couldn't mark inode dirty (err -30) [ 63.872952][ T5010] EXT4-fs (loop4): 1 orphan inode deleted [ 63.939406][ T5016] loop4: detected capacity change from 0 to 512 [ 63.946122][ T5016] EXT4-fs: Ignoring removed oldalloc option [ 63.964817][ T5018] tipc: Enabled bearer , priority 0 [ 63.982871][ T5017] tipc: Resetting bearer [ 63.991212][ T5016] EXT4-fs error (device loop4): ext4_xattr_inode_iget:433: comm syz.4.632: Parent and EA inode have the same ino 15 [ 64.006572][ T5024] loop1: detected capacity change from 0 to 2048 [ 64.015012][ T5016] EXT4-fs (loop4): Remounting filesystem read-only [ 64.021573][ T5016] EXT4-fs warning (device loop4): ext4_evict_inode:262: couldn't mark inode dirty (err -30) [ 64.021643][ T5017] tipc: Disabling bearer [ 64.037614][ T5016] EXT4-fs (loop4): 1 orphan inode deleted [ 64.040652][ T5022] SELinux: ebitmap: truncated map [ 64.049366][ T5022] SELinux: failed to load policy [ 64.058664][ T5024] loop1: p1 < > p4 [ 64.063324][ T5024] loop1: p4 size 8388608 extends beyond EOD, truncated [ 64.083934][ T5028] loop4: detected capacity change from 0 to 128 [ 64.170170][ T5036] loop1: detected capacity change from 0 to 512 [ 64.176747][ T5028] bio_check_eod: 16 callbacks suppressed [ 64.176760][ T5028] syz.4.625: attempt to access beyond end of device [ 64.176760][ T5028] loop4: rw=2049, sector=153, nr_sectors = 8 limit=128 [ 64.199375][ T5028] syz.4.625: attempt to access beyond end of device [ 64.199375][ T5028] loop4: rw=2049, sector=169, nr_sectors = 8 limit=128 [ 64.213201][ T5036] EXT4-fs (loop1): orphan cleanup on readonly fs [ 64.213899][ T5028] syz.4.625: attempt to access beyond end of device [ 64.213899][ T5028] loop4: rw=2049, sector=185, nr_sectors = 8 limit=128 [ 64.220378][ T5036] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.626: bg 0: block 248: padding at end of block bitmap is not set [ 64.234880][ T5028] syz.4.625: attempt to access beyond end of device [ 64.234880][ T5028] loop4: rw=2049, sector=201, nr_sectors = 8 limit=128 [ 64.260691][ T5028] syz.4.625: attempt to access beyond end of device [ 64.260691][ T5028] loop4: rw=2049, sector=217, nr_sectors = 8 limit=128 [ 64.274108][ T5028] syz.4.625: attempt to access beyond end of device [ 64.274108][ T5028] loop4: rw=2049, sector=233, nr_sectors = 8 limit=128 [ 64.287527][ T5028] syz.4.625: attempt to access beyond end of device [ 64.287527][ T5028] loop4: rw=2049, sector=249, nr_sectors = 8 limit=128 [ 64.300874][ T5028] syz.4.625: attempt to access beyond end of device [ 64.300874][ T5028] loop4: rw=2049, sector=265, nr_sectors = 8 limit=128 [ 64.315402][ T5028] syz.4.625: attempt to access beyond end of device [ 64.315402][ T5028] loop4: rw=2049, sector=281, nr_sectors = 8 limit=128 [ 64.328767][ T5028] syz.4.625: attempt to access beyond end of device [ 64.328767][ T5028] loop4: rw=2049, sector=297, nr_sectors = 8 limit=128 [ 64.338300][ T5036] EXT4-fs error (device loop1): ext4_acquire_dquot:6935: comm syz.1.626: Failed to acquire dquot type 1 [ 64.383711][ T5036] EXT4-fs (loop1): 1 truncate cleaned up [ 64.426227][ T5036] EXT4-fs error (device loop1): ext4_lookup:1793: inode #2: comm syz.1.626: deleted inode referenced: 12 [ 64.428864][ T5041] pim6reg1: entered promiscuous mode [ 64.442816][ T5041] pim6reg1: entered allmulticast mode [ 64.618708][ T5064] loop3: detected capacity change from 0 to 2048 [ 64.677846][ T5064] loop3: p1 < > p4 [ 64.682190][ T5064] loop3: p4 size 8388608 extends beyond EOD, truncated [ 65.394170][ T5081] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5081 comm=syz.3.644 [ 65.417674][ T5076] SELinux: ebitmap: truncated map [ 65.429776][ T5076] SELinux: failed to load policy [ 65.435395][ T5083] pim6reg1: entered promiscuous mode [ 65.440795][ T5083] pim6reg1: entered allmulticast mode [ 65.698542][ T5097] pim6reg1: entered promiscuous mode [ 65.703902][ T5097] pim6reg1: entered allmulticast mode [ 65.718774][ T5094] SELinux: ebitmap: truncated map [ 65.727680][ T5094] SELinux: failed to load policy [ 65.733345][ T3382] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 65.741220][ T3382] hid-generic 0000:0000:0000.0002: hidraw0: HID v0.00 Device [syz1] on syz0 [ 65.791346][ T5102] loop1: detected capacity change from 0 to 128 [ 65.868578][ T5106] ªªªªªª: renamed from vlan0 (while UP) [ 66.043821][ T5118] loop4: detected capacity change from 0 to 512 [ 66.051083][ T5121] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5121 comm=syz.0.661 [ 66.078531][ T5118] EXT4-fs (loop4): orphan cleanup on readonly fs [ 66.095026][ T5118] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.659: bg 0: block 248: padding at end of block bitmap is not set [ 66.123892][ T5118] EXT4-fs error (device loop4): ext4_acquire_dquot:6935: comm syz.4.659: Failed to acquire dquot type 1 [ 66.162580][ T5118] EXT4-fs (loop4): 1 truncate cleaned up [ 66.217062][ T5127] pim6reg1: entered promiscuous mode [ 66.222418][ T5127] pim6reg1: entered allmulticast mode [ 66.238663][ T5118] EXT4-fs error (device loop4): ext4_lookup:1793: inode #2: comm syz.4.659: deleted inode referenced: 12 [ 66.590452][ T5137] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 66.664822][ T5137] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 66.718487][ T5137] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 66.798178][ T5137] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 66.832634][ T5151] loop3: detected capacity change from 0 to 1024 [ 66.849923][ T5155] random: crng reseeded on system resumption [ 66.851763][ T29] kauditd_printk_skb: 71 callbacks suppressed [ 66.851780][ T29] audit: type=1326 audit(1745520497.401:876): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5152 comm="syz.2.674" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b0ccfe969 code=0x7ffc0000 [ 66.885530][ T29] audit: type=1326 audit(1745520497.401:877): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5152 comm="syz.2.674" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b0ccfe969 code=0x7ffc0000 [ 66.955713][ T29] audit: type=1326 audit(1745520497.461:878): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5152 comm="syz.2.674" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8b0ccfe969 code=0x7ffc0000 [ 66.956454][ T5151] EXT4-fs: Ignoring removed nobh option [ 66.979062][ T29] audit: type=1326 audit(1745520497.461:879): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5152 comm="syz.2.674" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b0ccfe969 code=0x7ffc0000 [ 66.979176][ T29] audit: type=1326 audit(1745520497.461:880): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5152 comm="syz.2.674" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b0ccfe969 code=0x7ffc0000 [ 66.984776][ T5151] EXT4-fs: Ignoring removed nobh option [ 67.007996][ T29] audit: type=1326 audit(1745520497.481:881): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5152 comm="syz.2.674" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8b0ccfe969 code=0x7ffc0000 [ 67.008032][ T29] audit: type=1326 audit(1745520497.481:882): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5152 comm="syz.2.674" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b0ccfe969 code=0x7ffc0000 [ 67.008092][ T29] audit: type=1326 audit(1745520497.481:883): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5152 comm="syz.2.674" exe="/root/syz-executor" sig=0 arch=c000003e syscall=250 compat=0 ip=0x7f8b0ccfe969 code=0x7ffc0000 [ 67.008190][ T29] audit: type=1326 audit(1745520497.481:884): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5152 comm="syz.2.674" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b0ccfe969 code=0x7ffc0000 [ 67.008216][ T29] audit: type=1326 audit(1745520497.481:885): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5152 comm="syz.2.674" exe="/root/syz-executor" sig=0 arch=c000003e syscall=249 compat=0 ip=0x7f8b0ccfe969 code=0x7ffc0000 [ 67.064409][ T5137] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.190902][ T5137] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.213757][ T5137] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.240667][ T5137] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.252969][ T36] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 67.277187][ T36] hid-generic 0000:0000:0000.0003: hidraw0: HID v0.00 Device [syz1] on syz0 [ 67.358118][ T5151] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869) [ 67.411433][ T5151] EXT4-fs error (device loop3): ext4_get_journal_inode:5798: comm syz.3.670: inode #4294967295: comm syz.3.670: iget: illegal inode # [ 67.538190][ T5151] EXT4-fs (loop3): no journal found [ 67.543427][ T5151] EXT4-fs (loop3): can't get journal size [ 67.626952][ T5151] EXT4-fs (loop3): failed to initialize system zone (-22) [ 67.634321][ T5151] EXT4-fs (loop3): mount failed [ 67.955136][ T5186] loop2: detected capacity change from 0 to 128 [ 68.097849][ T5192] random: crng reseeded on system resumption [ 68.281991][ T5197] ip6gre1: entered allmulticast mode [ 68.525053][ T5207] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 68.637790][ T5207] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 68.690180][ T5207] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 68.740147][ T5207] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 68.905120][ T5216] siw: device registration error -23 [ 68.934726][ T5218] loop3: detected capacity change from 0 to 128 [ 68.962307][ T5218] loop3: detected capacity change from 0 to 2048 [ 69.007413][ T5218] loop3: p1 < > p4 [ 69.011780][ T5218] loop3: p4 size 8388608 extends beyond EOD, truncated [ 69.130385][ T5226] loop2: detected capacity change from 0 to 128 [ 69.158446][ T5226] loop2: detected capacity change from 0 to 2048 [ 69.172784][ T5207] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 69.195953][ T5207] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 69.207294][ T5226] loop2: p1 < > p4 [ 69.212404][ T5226] loop2: p4 size 8388608 extends beyond EOD, truncated [ 69.227891][ T5207] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 69.280331][ T5207] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 69.462859][ T5241] random: crng reseeded on system resumption [ 69.585787][ T5245] ip6gre1: entered allmulticast mode [ 69.786301][ T5262] siw: device registration error -23 [ 69.815148][ T5260] ip6gre2: entered allmulticast mode [ 69.922331][ T5268] netlink: 24 bytes leftover after parsing attributes in process `syz.4.714'. [ 69.955106][ T5265] loop1: detected capacity change from 0 to 1024 [ 69.989434][ T5265] EXT4-fs: Ignoring removed nobh option [ 69.995149][ T5265] EXT4-fs: Ignoring removed nobh option [ 70.006799][ T5270] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 70.048245][ T5270] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 70.081949][ T5265] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869) [ 70.095063][ T5265] EXT4-fs error (device loop1): ext4_get_journal_inode:5798: comm syz.1.707: inode #4294967295: comm syz.1.707: iget: illegal inode # [ 70.118396][ T5270] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 70.139540][ T5265] EXT4-fs (loop1): no journal found [ 70.144844][ T5265] EXT4-fs (loop1): can't get journal size [ 70.159104][ T5265] EXT4-fs (loop1): failed to initialize system zone (-22) [ 70.168746][ T5270] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 70.188646][ T5265] EXT4-fs (loop1): mount failed [ 70.285308][ T5270] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 70.298315][ T5270] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 70.311359][ T5270] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 70.325022][ T5270] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 70.503117][ T5283] random: crng reseeded on system resumption [ 70.916046][ T5301] siw: device registration error -23 [ 75.331653][ T5322] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 75.360272][ T5325] netlink: 24 bytes leftover after parsing attributes in process `syz.3.733'. [ 75.384455][ T5322] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 75.449153][ T5332] siw: device registration error -23 [ 75.460561][ T5322] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 75.553872][ T5322] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 75.656464][ T5322] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.692091][ T5344] loop4: detected capacity change from 0 to 1024 [ 75.709908][ T5344] EXT4-fs: Ignoring removed nobh option [ 75.710843][ T5322] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.715518][ T5344] EXT4-fs: Ignoring removed nobh option [ 75.750624][ T5344] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869) [ 75.778459][ T5322] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.804370][ T5322] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.813851][ T5344] EXT4-fs error (device loop4): ext4_get_journal_inode:5798: comm syz.4.742: inode #4294967295: comm syz.4.742: iget: illegal inode # [ 75.892500][ T5344] EXT4-fs (loop4): no journal found [ 75.897859][ T5344] EXT4-fs (loop4): can't get journal size [ 75.929267][ T5344] EXT4-fs (loop4): failed to initialize system zone (-22) [ 75.944301][ T5344] EXT4-fs (loop4): mount failed [ 76.136940][ T29] kauditd_printk_skb: 6 callbacks suppressed [ 76.136956][ T29] audit: type=1326 audit(1745520506.681:892): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5313 comm="syz.3.733" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b9e94e969 code=0x7fc00000 [ 76.166245][ T29] audit: type=1326 audit(1745520506.681:893): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5313 comm="syz.3.733" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f6b9e94e969 code=0x7fc00000 [ 76.189447][ T29] audit: type=1326 audit(1745520506.681:894): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5313 comm="syz.3.733" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b9e94e969 code=0x7fc00000 [ 76.212807][ T29] audit: type=1326 audit(1745520506.681:895): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5313 comm="syz.3.733" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b9e94e969 code=0x7fc00000 [ 76.236097][ T29] audit: type=1326 audit(1745520506.681:896): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5313 comm="syz.3.733" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b9e94e969 code=0x7fc00000 [ 76.259390][ T29] audit: type=1326 audit(1745520506.681:897): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5313 comm="syz.3.733" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b9e94e969 code=0x7fc00000 [ 76.282727][ T29] audit: type=1326 audit(1745520506.681:898): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5313 comm="syz.3.733" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b9e94e969 code=0x7fc00000 [ 76.305961][ T29] audit: type=1326 audit(1745520506.681:899): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5313 comm="syz.3.733" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b9e94e969 code=0x7fc00000 [ 76.329291][ T29] audit: type=1326 audit(1745520506.681:900): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5313 comm="syz.3.733" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b9e94e969 code=0x7fc00000 [ 76.352524][ T29] audit: type=1326 audit(1745520506.681:901): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5313 comm="syz.3.733" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b9e94e969 code=0x7fc00000 [ 76.449212][ T5352] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 76.562649][ T5352] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 76.606892][ T5359] rdma_rxe: rxe_newlink: failed to add bond0 [ 76.658143][ T5352] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 76.781395][ T5371] siw: device registration error -23 [ 76.816282][ T5352] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 76.926121][ T5352] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.940769][ T5352] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.953558][ T5352] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.990273][ T5352] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.493398][ T5377] loop1: detected capacity change from 0 to 1024 [ 77.517402][ T5376] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 77.534660][ T5377] EXT4-fs: Ignoring removed nomblk_io_submit option [ 77.569019][ T5377] EXT4-fs mount: 12 callbacks suppressed [ 77.569038][ T5377] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 77.599523][ T5376] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 77.699956][ T5376] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 77.759184][ T5376] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 77.839545][ T5393] netlink: 8 bytes leftover after parsing attributes in process `syz.4.758'. [ 77.854234][ T5394] loop2: detected capacity change from 0 to 1024 [ 77.875074][ T5394] EXT4-fs: Ignoring removed nobh option [ 77.880799][ T5394] EXT4-fs: Ignoring removed nobh option [ 77.903116][ T5394] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869) [ 77.959101][ T5377] EXT4-fs (loop1): shut down requested (0) [ 77.977170][ T5394] EXT4-fs error (device loop2): ext4_get_journal_inode:5798: comm syz.2.769: inode #4294967295: comm syz.2.769: iget: illegal inode # [ 77.997578][ T5394] EXT4-fs (loop2): no journal found [ 78.002827][ T5394] EXT4-fs (loop2): can't get journal size [ 78.024755][ T3309] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 78.047328][ T5394] EXT4-fs (loop2): failed to initialize system zone (-22) [ 78.047746][ T5397] rdma_rxe: rxe_newlink: failed to add bond0 [ 78.054569][ T5394] EXT4-fs (loop2): mount failed [ 78.418771][ T5415] netlink: 'syz.3.771': attribute type 10 has an invalid length. [ 78.453423][ T5415] bridge0: port 2(bridge_slave_1) entered disabled state [ 78.471494][ T5415] bridge_slave_1: left allmulticast mode [ 78.477197][ T5415] bridge_slave_1: left promiscuous mode [ 78.482841][ T5415] bridge0: port 2(bridge_slave_1) entered disabled state [ 78.520211][ T5415] bond0: (slave bridge_slave_1): Enslaving as an active interface with an up link [ 78.530842][ T5416] tipc: Enabled bearer , priority 0 [ 78.548136][ T5414] tipc: Resetting bearer [ 78.568825][ C0] Illegal XDP return value 16128 on prog (id 632) dev bridge_slave_1, expect packet loss! [ 78.586805][ T5414] tipc: Disabling bearer [ 78.602294][ T5418] loop4: detected capacity change from 0 to 1024 [ 78.617809][ T5418] EXT4-fs: Ignoring removed nomblk_io_submit option [ 78.645212][ T5418] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 78.861360][ T5424] EXT4-fs (loop4): shut down requested (0) [ 78.915000][ T3304] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 79.134167][ T5433] netlink: 8 bytes leftover after parsing attributes in process `syz.3.776'. [ 79.143863][ T5430] rdma_rxe: rxe_newlink: failed to add bond0 [ 79.278499][ T5434] loop1: detected capacity change from 0 to 512 [ 79.285151][ T5434] EXT4-fs: Ignoring removed nobh option [ 79.299527][ T5434] EXT4-fs error (device loop1): ext4_do_update_inode:5211: inode #16: comm syz.1.777: corrupted inode contents [ 79.328079][ T5434] EXT4-fs (loop1): Remounting filesystem read-only [ 79.334813][ T5434] EXT4-fs (loop1): 1 truncate cleaned up [ 79.341754][ T5434] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 79.354998][ T5434] ext4 filesystem being mounted at /157/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 79.355028][ T1682] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 79.376000][ T1682] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 79.390164][ T5434] SELinux: inode_doinit_use_xattr: getxattr returned 117 for dev=loop1 ino=15 [ 79.410420][ T1682] EXT4-fs (loop1): Quota write (off=8, len=24) cancelled because transaction is not started [ 79.421757][ T5434] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 79.686760][ T5454] loop3: detected capacity change from 0 to 1024 [ 79.701724][ T5454] EXT4-fs: Ignoring removed nomblk_io_submit option [ 79.721028][ T5454] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 79.779492][ T5459] netlink: 'syz.1.786': attribute type 10 has an invalid length. [ 79.797848][ T5455] tipc: Enabled bearer , priority 0 [ 79.805526][ T5450] tipc: Resetting bearer [ 79.841942][ T5450] tipc: Disabling bearer [ 79.876800][ T5459] bridge0: port 2(bridge_slave_1) entered disabled state [ 79.885895][ T5459] bridge_slave_1: left allmulticast mode [ 79.891644][ T5459] bridge_slave_1: left promiscuous mode [ 79.897340][ T5459] bridge0: port 2(bridge_slave_1) entered disabled state [ 79.919333][ T5459] bond0: (slave bridge_slave_1): Enslaving as an active interface with an up link [ 80.025878][ T5454] EXT4-fs (loop3): shut down requested (0) [ 80.055348][ T3311] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 80.206188][ T5467] loop1: detected capacity change from 0 to 1024 [ 80.267187][ T5467] EXT4-fs: Ignoring removed nobh option [ 80.272865][ T5467] EXT4-fs: Ignoring removed nobh option [ 80.293860][ T5467] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869) [ 80.319044][ T5467] EXT4-fs error (device loop1): ext4_get_journal_inode:5798: comm syz.1.788: inode #4294967295: comm syz.1.788: iget: illegal inode # [ 80.367112][ T5467] EXT4-fs (loop1): no journal found [ 80.372366][ T5467] EXT4-fs (loop1): can't get journal size [ 80.413375][ T5467] EXT4-fs (loop1): failed to initialize system zone (-22) [ 80.438816][ T5467] EXT4-fs (loop1): mount failed [ 81.230271][ T5464] syz.1.788 (5464) used greatest stack depth: 7112 bytes left [ 81.393650][ T5376] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 81.406555][ T5376] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 81.419707][ T5376] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 81.431547][ T5376] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 81.466533][ T5474] netlink: 8 bytes leftover after parsing attributes in process `syz.1.790'. [ 81.484868][ T5470] rdma_rxe: rxe_newlink: failed to add bond0 [ 81.578064][ T5478] loop1: detected capacity change from 0 to 8192 [ 81.690651][ T5487] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=5487 comm=syz.3.797 [ 81.703150][ T5487] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=5487 comm=syz.3.797 [ 83.481145][ T5511] sch_tbf: burst 4398 is lower than device lo mtu (65550) ! [ 83.500040][ T5515] netlink: 8 bytes leftover after parsing attributes in process `syz.0.805'. [ 83.533993][ T29] kauditd_printk_skb: 48 callbacks suppressed [ 83.534010][ T29] audit: type=1400 audit(1745520514.081:944): avc: denied { read } for pid=5507 comm="syz.4.816" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 83.650096][ T5519] loop3: detected capacity change from 0 to 512 [ 83.657362][ T5517] loop2: detected capacity change from 0 to 8192 [ 83.660569][ T5519] EXT4-fs: Ignoring removed nobh option [ 83.701638][ T5519] EXT4-fs error (device loop3): ext4_do_update_inode:5211: inode #16: comm syz.3.809: corrupted inode contents [ 83.744457][ T5519] EXT4-fs (loop3): Remounting filesystem read-only [ 83.755862][ T5519] EXT4-fs (loop3): 1 truncate cleaned up [ 83.767078][ T12] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 83.767406][ T5519] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 83.777749][ T12] Quota error (device loop3): write_blk: dquota write failed [ 83.797912][ T12] Quota error (device loop3): remove_free_dqentry: Can't write block (5) with free entries [ 83.808010][ T12] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 83.818611][ T12] Quota error (device loop3): write_blk: dquota write failed [ 83.826042][ T12] Quota error (device loop3): free_dqentry: Can't move quota data block (5) to free list [ 83.840929][ T5519] ext4 filesystem being mounted at /162/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 83.878170][ T5519] SELinux: inode_doinit_use_xattr: getxattr returned 117 for dev=loop3 ino=15 [ 83.928633][ T12] EXT4-fs (loop3): Quota write (off=8, len=24) cancelled because transaction is not started [ 83.938836][ T12] Quota error (device loop3): v2_write_file_info: Can't write info structure [ 83.949990][ T5519] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 83.959310][ T12] Quota error (device loop3): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 84.041010][ T29] audit: type=1326 audit(1745520514.591:945): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5549 comm="syz.2.825" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b0ccfe969 code=0x7ffc0000 [ 84.093661][ T29] audit: type=1326 audit(1745520514.611:946): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5549 comm="syz.2.825" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b0ccfe969 code=0x7ffc0000 [ 84.117015][ T29] audit: type=1326 audit(1745520514.621:947): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5549 comm="syz.2.825" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8b0ccfe969 code=0x7ffc0000 [ 84.318709][ T5571] netlink: 4 bytes leftover after parsing attributes in process `syz.3.831'. [ 84.346203][ T5573] vlan0: entered allmulticast mode [ 85.208806][ T5594] bond_slave_1: mtu less than device minimum [ 85.269744][ T5602] netlink: 14528 bytes leftover after parsing attributes in process `syz.0.846'. [ 85.328687][ T5608] loop4: detected capacity change from 0 to 512 [ 85.372350][ T5608] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 85.411098][ T5608] ext4 filesystem being mounted at /180/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 85.463161][ T5621] netlink: 8 bytes leftover after parsing attributes in process `syz.2.854'. [ 85.525832][ T5625] netlink: 16 bytes leftover after parsing attributes in process `syz.0.853'. [ 85.539122][ T5621] macvtap0: entered promiscuous mode [ 85.545356][ T5621] macvtap0: left promiscuous mode [ 85.555485][ T3304] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 85.661475][ T5635] SELinux: ebitmap: truncated map [ 85.669062][ T5635] SELinux: failed to load policy [ 85.781561][ T5656] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 85.788858][ T5656] IPv6: NLM_F_CREATE should be set when creating new route [ 85.957896][ T5681] bond_slave_1: mtu less than device minimum [ 86.076472][ T5689] loop3: detected capacity change from 0 to 1024 [ 86.091532][ T5689] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 86.102550][ T5689] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 86.115715][ T5689] JBD2: no valid journal superblock found [ 86.121563][ T5689] EXT4-fs (loop3): Could not load journal inode [ 86.206152][ T36] IPVS: starting estimator thread 0... [ 86.215262][ T5698] loop1: detected capacity change from 0 to 512 [ 86.224764][ T5679] bridge0: port 2(bridge_slave_1) entered disabled state [ 86.232336][ T5679] bridge0: port 1(bridge_slave_0) entered disabled state [ 86.292998][ T5679] wg2: left promiscuous mode [ 86.297202][ T5700] IPVS: using max 2304 ests per chain, 115200 per kthread [ 86.297729][ T5679] wg2: left allmulticast mode [ 86.343463][ T5715] netlink: 'syz.3.895': attribute type 1 has an invalid length. [ 86.354895][ T5679] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 86.364421][ T3379] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 86.372893][ T5717] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 86.379109][ T5679] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 86.381854][ T3379] hid-generic 0000:0000:0000.0004: hidraw0: HID v0.00 Device [syz1] on syz0 [ 86.399098][ T5717] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 86.408105][ T5679] veth0_vlan: left allmulticast mode [ 86.439191][ T5679] netdevsim netdevsim2 eth0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 86.447700][ T5679] netdevsim netdevsim2 eth1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 86.456186][ T5679] netdevsim netdevsim2 eth2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 86.464720][ T5679] netdevsim netdevsim2 eth3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 86.475063][ T5679] ip6gre1: left allmulticast mode [ 86.499950][ T5679] ip6gretap1: left promiscuous mode [ 86.505713][ T5679] ip6gre2: left allmulticast mode [ 86.589454][ T5730] loop3: detected capacity change from 0 to 128 [ 86.756607][ T5742] loop3: detected capacity change from 0 to 512 [ 86.759959][ T5740] netlink: 28 bytes leftover after parsing attributes in process `syz.0.905'. [ 86.772147][ T5740] netlink: 28 bytes leftover after parsing attributes in process `syz.0.905'. [ 86.789209][ T5742] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 86.803048][ T5742] ext4 filesystem being mounted at /180/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 86.835981][ T3311] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 86.940498][ T5761] netlink: 28 bytes leftover after parsing attributes in process `syz.0.920'. [ 86.949556][ T5761] netlink: 'syz.0.920': attribute type 7 has an invalid length. [ 86.957252][ T5761] netlink: 'syz.0.920': attribute type 8 has an invalid length. [ 86.964906][ T5761] netlink: 4 bytes leftover after parsing attributes in process `syz.0.920'. [ 86.977079][ T5761] netlink: 28 bytes leftover after parsing attributes in process `syz.0.920'. [ 86.979431][ T5758] netlink: '+}[@': attribute type 11 has an invalid length. [ 86.986062][ T5761] netlink: 'syz.0.920': attribute type 7 has an invalid length. [ 86.986078][ T5761] netlink: 'syz.0.920': attribute type 8 has an invalid length. [ 87.008836][ T5761] netlink: 4 bytes leftover after parsing attributes in process `syz.0.920'. [ 87.035894][ T5758] netlink: 448 bytes leftover after parsing attributes in process `+}[@'. [ 87.299076][ T5780] ALSA: seq fatal error: cannot create timer (-19) [ 87.329441][ T5785] netlink: 'syz.0.918': attribute type 21 has an invalid length. [ 87.337371][ T5785] netlink: 152 bytes leftover after parsing attributes in process `syz.0.918'. [ 87.481607][ T5800] netlink: '+}[@': attribute type 11 has an invalid length. [ 87.506763][ T5800] netlink: 448 bytes leftover after parsing attributes in process `+}[@'. [ 87.630960][ T5812] loop1: detected capacity change from 0 to 164 [ 87.638493][ T5812] Unable to read rock-ridge attributes [ 87.687281][ T5814] netlink: 'syz.4.934': attribute type 4 has an invalid length. [ 87.707477][ T5814] netlink: 'syz.4.934': attribute type 4 has an invalid length. [ 88.098679][ T5859] netlink: 448 bytes leftover after parsing attributes in process `+}[@'. [ 88.179650][ T5864] loop4: detected capacity change from 0 to 2048 [ 88.248781][ T5864] Alternate GPT is invalid, using primary GPT. [ 88.255148][ T5864] loop4: p1 p2 p3 [ 88.559534][ T5889] ALSA: seq fatal error: cannot create timer (-19) [ 88.703395][ T5902] debugfs: Directory 'ttyS3' with parent 'caif_serial' already present! [ 89.610900][ T5949] loop1: detected capacity change from 0 to 512 [ 89.612528][ T5948] debugfs: Directory 'ttyS3' with parent 'caif_serial' already present! [ 89.628921][ T5949] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 89.642687][ T5949] ext4 filesystem being mounted at /195/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 89.758386][ T3309] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 89.814132][ T29] kauditd_printk_skb: 353 callbacks suppressed [ 89.814150][ T29] audit: type=1326 audit(1745520520.361:1298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5966 comm="syz.3.991" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b9e94e969 code=0x7ffc0000 [ 89.884537][ T29] audit: type=1326 audit(1745520520.391:1299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5966 comm="syz.3.991" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b9e94e969 code=0x7ffc0000 [ 89.908165][ T29] audit: type=1326 audit(1745520520.391:1300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5966 comm="syz.3.991" exe="/root/syz-executor" sig=0 arch=c000003e syscall=246 compat=0 ip=0x7f6b9e94e969 code=0x7ffc0000 [ 89.931618][ T29] audit: type=1326 audit(1745520520.401:1301): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5966 comm="syz.3.991" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b9e94e969 code=0x7ffc0000 [ 89.955184][ T29] audit: type=1326 audit(1745520520.411:1302): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5966 comm="syz.3.991" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b9e94e969 code=0x7ffc0000 [ 90.090780][ T5979] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 90.117087][ T5979] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 90.403027][ T5975] loop4: detected capacity change from 0 to 1024 [ 90.410696][ T5975] EXT4-fs: Ignoring removed nobh option [ 90.416362][ T5975] EXT4-fs: Ignoring removed nobh option [ 90.460611][ T5975] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869) [ 90.510135][ T5975] EXT4-fs error (device loop4): ext4_get_journal_inode:5798: comm syz.4.988: inode #4294967295: comm syz.4.988: iget: illegal inode # [ 90.583648][ T5975] EXT4-fs (loop4): no journal found [ 90.589032][ T5975] EXT4-fs (loop4): can't get journal size [ 90.677605][ T5975] EXT4-fs (loop4): failed to initialize system zone (-22) [ 90.684808][ T5975] EXT4-fs (loop4): mount failed [ 90.900765][ T29] audit: type=1326 audit(1745520521.451:1303): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5999 comm="syz.0.1000" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb3d994e969 code=0x0 [ 91.362689][ T6009] loop3: detected capacity change from 0 to 164 [ 91.384530][ T6009] iso9660: Unknown parameter '0177777777777777777777718446744073709551615ÿÿ18446744073709551615' [ 91.471677][ T6007] vhci_hcd: invalid port number 96 [ 91.476887][ T6007] vhci_hcd: default hub control req: 0000 vfffc i0060 l0 [ 91.563598][ T29] audit: type=1326 audit(1745520522.111:1304): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6010 comm="syz.1.1004" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc0721ce969 code=0x0 [ 91.768094][ T29] audit: type=1326 audit(1745520522.321:1305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6023 comm="syz.4.1009" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f370322e969 code=0x7ffc0000 [ 91.791591][ T29] audit: type=1326 audit(1745520522.321:1306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6023 comm="syz.4.1009" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f370322e969 code=0x7ffc0000 [ 91.821664][ T6024] loop4: detected capacity change from 0 to 512 [ 91.830443][ T6024] EXT4-fs: Ignoring removed nobh option [ 91.836731][ T29] audit: type=1326 audit(1745520522.361:1307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6023 comm="syz.4.1009" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f370322e969 code=0x7ffc0000 [ 91.864179][ T6024] EXT4-fs error (device loop4): ext4_do_update_inode:5211: inode #16: comm syz.4.1009: corrupted inode contents [ 91.876743][ T6024] EXT4-fs (loop4): Remounting filesystem read-only [ 91.884517][ T6024] EXT4-fs (loop4): 1 truncate cleaned up [ 91.890737][ T6024] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 91.904711][ T12] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 91.915365][ T12] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 91.917332][ T6024] ext4 filesystem being mounted at /209/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 91.926012][ T12] EXT4-fs (loop4): Quota write (off=8, len=24) cancelled because transaction is not started [ 91.947126][ T6024] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 91.953417][ T6027] random: crng reseeded on system resumption [ 91.985083][ T6024] loop4: detected capacity change from 0 to 512 [ 91.993619][ T6024] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 92.013873][ T6034] __nla_validate_parse: 2 callbacks suppressed [ 92.013894][ T6034] netlink: 52 bytes leftover after parsing attributes in process `syz.0.1011'. [ 92.068384][ T6024] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 92.087020][ T6024] ext4 filesystem being mounted at /209/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 92.099099][ T6024] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 92.773364][ T6070] ref_ctr increment failed for inode: 0x462 offset: 0x9 ref_ctr_offset: 0x82 of mm: 0xffff88811897b700 [ 92.824422][ T6068] uprobe: syz.3.1024:6068 failed to unregister, leaking uprobe [ 93.016347][ T6089] loop1: detected capacity change from 0 to 512 [ 93.028064][ T6089] EXT4-fs: Mount option(s) incompatible with ext3 [ 93.168096][ T6094] loop2: detected capacity change from 0 to 8192 [ 93.572698][ T6103] ================================================================== [ 93.580838][ T6103] BUG: KCSAN: data-race in vfs_fsync_range / writeback_single_inode [ 93.588848][ T6103] [ 93.591187][ T6103] write to 0xffff88811593ee28 of 4 bytes by task 6094 on cpu 0: [ 93.598863][ T6103] writeback_single_inode+0x14f/0x3f0 [ 93.604264][ T6103] sync_inode_metadata+0x60/0x90 [ 93.609236][ T6103] __generic_file_fsync+0xed/0x140 [ 93.614396][ T6103] fat_file_fsync+0x46/0x100 [ 93.619014][ T6103] vfs_fsync_range+0x116/0x130 [ 93.623795][ T6103] generic_file_write_iter+0x1cc/0x310 [ 93.629296][ T6103] iter_file_splice_write+0x5f2/0x980 [ 93.634721][ T6103] direct_splice_actor+0x160/0x2c0 [ 93.639873][ T6103] splice_direct_to_actor+0x305/0x680 [ 93.645290][ T6103] do_splice_direct+0xd9/0x150 [ 93.650096][ T6103] do_sendfile+0x40a/0x690 [ 93.654553][ T6103] __x64_sys_sendfile64+0x113/0x160 [ 93.659782][ T6103] x64_sys_call+0xfc3/0x2e10 [ 93.664397][ T6103] do_syscall_64+0xc9/0x1a0 [ 93.668936][ T6103] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 93.674853][ T6103] [ 93.677195][ T6103] read to 0xffff88811593ee28 of 4 bytes by task 6103 on cpu 1: [ 93.684763][ T6103] vfs_fsync_range+0x9a/0x130 [ 93.689475][ T6103] generic_file_write_iter+0x1cc/0x310 [ 93.694977][ T6103] iter_file_splice_write+0x5f2/0x980 [ 93.700380][ T6103] direct_splice_actor+0x160/0x2c0 [ 93.705537][ T6103] splice_direct_to_actor+0x305/0x680 [ 93.710957][ T6103] do_splice_direct+0xd9/0x150 [ 93.715764][ T6103] do_sendfile+0x40a/0x690 [ 93.720219][ T6103] __x64_sys_sendfile64+0x113/0x160 [ 93.725464][ T6103] x64_sys_call+0xfc3/0x2e10 [ 93.730079][ T6103] do_syscall_64+0xc9/0x1a0 [ 93.734649][ T6103] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 93.740569][ T6103] [ 93.742906][ T6103] value changed: 0x00000038 -> 0x00000022 [ 93.748638][ T6103] [ 93.750975][ T6103] Reported by Kernel Concurrency Sanitizer on: [ 93.757142][ T6103] CPU: 1 UID: 0 PID: 6103 Comm: syz.2.1035 Not tainted 6.15.0-rc3-syzkaller-00076-ge72e9e693307 #0 PREEMPT(voluntary) [ 93.769611][ T6103] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 93.779694][ T6103] ==================================================================