last executing test programs: 1.747983942s ago: executing program 1 (id=2569): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) mremap(&(0x7f00006bd000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000721000/0x4000)=nil) madvise(&(0x7f0000ad2000/0x4000)=nil, 0x4000, 0x10) mremap(&(0x7f00007b2000/0x4000)=nil, 0x4000, 0x3000, 0x3, &(0x7f0000968000/0x3000)=nil) mremap(&(0x7f000040b000/0x1000)=nil, 0x1000, 0x4000, 0x3, &(0x7f00004b3000/0x4000)=nil) mremap(&(0x7f000046b000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000769000/0x1000)=nil) r0 = socket$xdp(0x2c, 0x3, 0x0) mmap$xdp(&(0x7f0000002000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) munmap(&(0x7f00003fe000/0xc00000)=nil, 0xc00000) 1.356222352s ago: executing program 1 (id=2580): bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="17000000000000000400000003"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r1, 0x0, 0x7}, 0x18) r2 = inotify_init1(0x0) inotify_add_watch(r2, &(0x7f00000000c0)='.\x00', 0xa4000061) close(r2) 1.220217002s ago: executing program 4 (id=2586): bpf$MAP_CREATE(0x0, 0x0, 0x50) bpf$MAP_CREATE(0x0, 0x0, 0x48) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r1}, 0x10) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0xa, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r2, 0x2000002, 0xe, 0xffffffffffffffa0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) syz_open_dev$usbmon(0x0, 0x0, 0x101000) 1.167943878s ago: executing program 1 (id=2587): perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3f, 0x1, 0x0, 0x0, 0x0, 0x3, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff800000, 0x0, @perf_bp={0x0}, 0x2, 0xffffffff, 0x5, 0x6, 0x800002, 0x1, 0xfffb, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x9) io_setup(0x1, 0x0) r0 = perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) readv(r0, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) socket$inet6(0xa, 0x80002, 0x0) r1 = socket$rxrpc(0x21, 0x2, 0xa) poll(&(0x7f0000000000)=[{r1, 0x1000}, {r1}], 0x2, 0x10000f45) setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000240), 0x4) 1.163068938s ago: executing program 4 (id=2588): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200ac1e00010c0002800500010000000000080007"], 0x64}}, 0x0) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)={0x6c, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x2c, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast2=0xe0000001}, {0x8, 0x2, @dev}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x4}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8}]}, 0x6c}}, 0x0) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000340)={0x3c, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_NAT_SRC={0x4}]}, 0x3c}}, 0x0) 1.037017568s ago: executing program 4 (id=2589): r0 = socket$tipc(0x1e, 0x2, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]}) close_range(r1, 0xffffffffffffffff, 0x0) r2 = socket$tipc(0x1e, 0x2, 0x0) r3 = socket$tipc(0x1e, 0x2, 0x0) setsockopt$TIPC_GROUP_JOIN(r3, 0x10f, 0x87, 0x0, 0x0) dup3(r2, r0, 0x80000) 1.036370778s ago: executing program 3 (id=2590): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0}, 0x18) perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x99, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000000000000000000000ed000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r0}, 0x10) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff) r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r2 = openat$cgroup_freezer_state(r1, &(0x7f0000000140), 0x2, 0x0) write$cgroup_freezer_state(r2, &(0x7f0000000400)='FROZEN\x00', 0x7) mkdirat$cgroup(r1, &(0x7f0000000200)='syz0\x00', 0x1ff) 1.010198356s ago: executing program 4 (id=2591): r0 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_CRIT_PROTOCOL_START(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x1c}}, 0x0) getsockname$packet(r0, &(0x7f0000000600)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xf, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2d, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10) socket$inet_tcp(0x2, 0x1, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=@newlink={0x50, 0x10, 0x503, 0x0, 0x700, {}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @ip6gre={{0xb}, {0x18, 0x2, 0x0, 0x1, [@IFLA_GRE_REMOTE={0x14, 0x7, @local}]}}}, @IFLA_MASTER={0x8, 0xa, r1}]}, 0x50}, 0x1, 0x0, 0x0, 0x800}, 0xc0b0) 915.955179ms ago: executing program 4 (id=2592): r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fc, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) sendmsg$inet(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001c80)="50e2d0e8f7c79f56fe316075d1848c2846a50934836763ae403f35dbe8580de2c59113798cdc8a74dc21020f4e97e9ac22768c9b7d9aca64aa97212a1826646b4a19ebd05d3e7cbae0f91b621e6ac8e60d7d39df4febd1a8e2a737845dccfdbecde934165ded16e411da023b9fba7840a8e50b7f909cc9d51522dc4ac3075e975b35681f8d16915a3d248396f134273ff13a72f082839bd3021d4f0a5550671bb7d267d74dc8a800f3f7e8be6daea4379e76bc978e801fbd9d83544776580baa62d6156cc3", 0xc5}], 0x1}, 0x44080) sendmmsg$inet(r0, &(0x7f0000004540)=[{{0x0, 0x0, &(0x7f0000000740)=[{&(0x7f0000000180)="57a4ee344c1b709018a38df02055772fa641fa186ba8dbaf28c9707440fe22d087f131a1c5ca799d522770b094285e935dbbef508bf235754bb9cf2a912af9283337aa91f819e8f0590788db6fbbd7bb7378", 0x52}, {&(0x7f0000000380)="72de1879369e4f9daac1bb235192f199fcc52e603636d7e0727505ec", 0x1c}], 0x2}}], 0x1, 0x20004050) socket$xdp(0x2c, 0x3, 0x0) close(0x3) 915.465679ms ago: executing program 3 (id=2593): bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0x8, 0x3, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002a00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) pipe2$9p(&(0x7f0000001900)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r4 = dup(r2) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000500)='9p_client_req\x00', r3}, 0x10) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[], [], 0x6b}}) 835.702513ms ago: executing program 3 (id=2594): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) recvmsg$unix(0xffffffffffffffff, 0x0, 0x0) ioctl$TUNATTACHFILTER(0xffffffffffffffff, 0x401054d5, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff03a}]}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) close(r1) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local}) write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="7bedcb5d07081196f37538e486dd6372ce22667f2b00dbf6e97158cf474fec87891f6d76745b686158bbcfe8875afdef00010000000029"], 0x66) 725.123935ms ago: executing program 3 (id=2596): bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x15, 0xf, &(0x7f0000000100)=@ringbuf={{0x18, 0x8, 0x0, 0x0, 0x4000}, {{}, {}, {0x7, 0x0, 0xb, 0x6}, {0x85, 0x0, 0x0, 0x2e}}, {{0x5, 0x0, 0x3, 0x9, 0x0, 0x1, 0x20000000}}, [], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, '\x00', 0x0, @sk_reuseport=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r0 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c) recvmmsg(r0, &(0x7f0000000040), 0x40000000000029d, 0x832b, 0x0) sendmsg$inet(0xffffffffffffffff, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=[@ip_retopts={{0x10, 0x0, 0x34}}], 0x10}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x854) setsockopt$inet6_int(r0, 0x29, 0x4a, &(0x7f0000000040)=0x7, 0x4) setsockopt$inet6_int(r0, 0x29, 0x4d, &(0x7f0000000180)=0x8, 0x4) sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c) 633.671758ms ago: executing program 3 (id=2597): r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x10000000013, &(0x7f0000d06000)=0x1, 0x4) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='batadv_slave_0\x00', 0x10) connect$inet(r0, &(0x7f0000000740)={0x2, 0x4e24, @rand_addr=0x64010102}, 0x10) r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x20, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1803000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000800b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000140), 0x4) 603.200286ms ago: executing program 3 (id=2598): r0 = socket$pppoe(0x18, 0x1, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x1c, 0x4, 0x2, 0x5, 0x0, 0x1, 0xea1, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x3, 0x4, 0x0, @void, @value, @void, @value}, 0x50) connect$pppoe(r0, &(0x7f0000000100)={0x18, 0x0, {0x11ff, @broadcast, 'bond_slave_1\x00'}}, 0x1e) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x1f, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x1a01, 0x0) ioctl$EVIOCGPROP(r2, 0x40047438, &(0x7f0000000180)=""/246) syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) poll(&(0x7f0000000080)=[{r0}, {r2, 0x100}, {r1, 0x20}, {r2, 0xc411}, {r0, 0x2008}, {r1, 0x34c3}, {r1, 0x109}], 0x7, 0x8e67) writev(r2, 0x0, 0x0) 306.311224ms ago: executing program 2 (id=2600): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f00000018010000646c012500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000008000008500000006"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000a700000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000040)='hrtimer_init\x00', r1}, 0x10) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000040)='hrtimer_init\x00', r2}, 0x10) perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 306.120703ms ago: executing program 2 (id=2601): r0 = socket$tipc(0x1e, 0x2, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]}) close_range(r1, 0xffffffffffffffff, 0x0) r2 = socket$tipc(0x1e, 0x2, 0x0) r3 = socket$tipc(0x1e, 0x2, 0x0) setsockopt$TIPC_GROUP_JOIN(r3, 0x10f, 0x87, 0x0, 0x0) dup3(r2, r0, 0x80000) 305.935324ms ago: executing program 2 (id=2602): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) r2 = socket(0x10, 0x803, 0x0) r3 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0x9}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x4, 0xc00}}}]}, 0x38}}, 0x0) sendmsg$nl_route_sched(r2, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000003580)=@newtfilter={0x44, 0x2c, 0xd27, 0xfffffffc, 0x0, {0x0, 0x0, 0x0, r4, {0xc, 0x4}, {}, {0x3, 0xf}}, [@filter_kind_options=@f_bpf={{0x8}, {0x18, 0x2, [@TCA_BPF_OPS={{0x6, 0x4, 0x1}, {0xc, 0x5, [{0x5, 0xfb, 0xd8, 0x54}]}}]}}]}, 0x44}}, 0x20040054) 269.345261ms ago: executing program 0 (id=2603): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0xc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000000000003850000008600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r2}, 0x10) r3 = perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2) ioctl$PERF_EVENT_IOC_SET_FILTER(r3, 0x40082406, 0x0) r4 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r4, &(0x7f00000007c0)={0x400000000000000, 0x0, &(0x7f0000000700)={&(0x7f0000001900)=ANY=[@ANYBLOB="020f000015000000000000000000000005000500000000000a00000000000000000000000000000000432e0000000000000000000000000008001200000002000000f1edc4ea00000600000000000000000000000000000000000000000000000000000000000000fc01000000000000000000000000810005000600000000000a00000000000000ff0200000000000000000000000000010000000000000000010018"], 0xa8}}, 0x40080) ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x89f1, 0x0) 246.008479ms ago: executing program 1 (id=2604): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000000), 0xffffffffffffffff) bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000003000000050000000100000006000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000050000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x7, 0x8000, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r2, 0xffffffffffffffff}, &(0x7f00000002c0), &(0x7f0000000280)}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000020d0039000000000000b4a518110000", @ANYRES32=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000cc0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r4}, 0x10) sendmsg$TIPC_CMD_GET_NODES(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000480)={0x1c, r1, 0x1, 0x0, 0x0, {{}, {0x0, 0x6}}}, 0xfd53}}, 0x0) 245.544949ms ago: executing program 2 (id=2605): bpf$MAP_CREATE(0x0, 0x0, 0x48) add_key$keyring(0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff) r0 = socket$inet_udp(0x2, 0x2, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b708000000000e007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000020850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10) connect$inet(r0, &(0x7f0000000480)={0x2, 0x100, @local}, 0x10) sendto$inet(r0, 0x0, 0x0, 0xc840, 0x0, 0x0) close(r0) 233.902348ms ago: executing program 0 (id=2606): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) recvmsg$unix(0xffffffffffffffff, 0x0, 0x0) ioctl$TUNATTACHFILTER(0xffffffffffffffff, 0x401054d5, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff03a}]}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) close(r1) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local}) write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="7bedcb5d07081196f37538e486dd6372ce22667f2b00dbf6e97158cf474fec87891f6d76745b686158bbcfe8875afdef00010000000029"], 0x66) 233.454258ms ago: executing program 1 (id=2607): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x1b, &(0x7f0000000000)={@remote, 0x0, 0x2}, 0x20) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x1b, &(0x7f00000000c0)={@remote={0xfe, 0x80, '\x00', 0xffffffffffffffff}}, 0x20) r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000180)={'syz_tun\x00', 0x0}) sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000001c0)=@dellink={0x20, 0x11, 0x101, 0x70bd25, 0x0, {0x0, 0x0, 0x0, r4}}, 0x20}}, 0x0) close_range(r1, 0xffffffffffffffff, 0x0) 131.43109ms ago: executing program 0 (id=2608): r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x10000000013, &(0x7f0000d06000)=0x1, 0x4) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='batadv_slave_0\x00', 0x10) connect$inet(r0, &(0x7f0000000740)={0x2, 0x4e24, @rand_addr=0x64010102}, 0x10) r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x20, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1803000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000800b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000140), 0x4) 131.30505ms ago: executing program 2 (id=2609): socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000006c0)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r1, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x4004000) recvmsg$unix(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r3, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0) recvmsg$unix(r2, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) close_range(r4, 0xffffffffffffffff, 0x2) dup3(r2, r4, 0x0) 114.289479ms ago: executing program 2 (id=2610): getpid() syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000200)='./file0\x00', 0x800, &(0x7f00000000c0)=ANY=[@ANYRES8=0x0, @ANYRES16, @ANYRES64, @ANYRES16=0x0], 0x1, 0x36e, &(0x7f0000000c00)="$eJzs3c9rI2UYwPEnaZpMumyTgygK0ge96GVoq2c1yC6IAZfuRtwVhNntREPGpMyESERsPXkVb/4DgsseFzwsqP9AL97WixdP9iIIuog4Mr/SJJ00aTZL0/b7gTZP8r7PzPvmF88byJuD9776uFn3zLrVkayhkhEReSRSlqwkMtFFXlLsycuX/nz4/PWbt96uVKtXtlSvVm68sqmqq2s/fPJZMe72oCD75Q8OxPht/+n9Zw/+u/FRw9OGp612Ry293f61Y912bN1ueE1T9ZpjW56tjZZnu1F7O2qvO+2dnZ5are3LKzuu7XlqtXratHvaaWvH7an1odVoqWmaenklbbjnmDFDTu3u1pZVmfGEd2bMw7z94/v+Mc2uW7GWRMzikZba3Sc6LgAAsJBG6v9vkhqhLNl+QZmJ1wL5MB5eBgT1fxKH9X+wWDis/++98FPn0rv3V+P6/0E+rf5/9Zcof6j+D84+9/r/u5HrRyuiM2/3JJ0fq/7HYlgbfkX+frhijwX1f/Bq6K/ov3j/3noYUP8DAAAAAAAAAAAAAAAAAAAAAHAWPPL9ku/7peQy+Tv8CkF8Pbl23BeNceaMe/wL8Y4C/ecDzqXrN2+JEX5xL7cq4nzZrXVr0WXcnnRcl5L8Gz4fYtGGE3thowbK8qOz260txwlL4f+KiIojtmxIScpD+WF89a3qlQ2NRPnh+Xe7tUxuJcivSyPM35SSPJWev5man5eXXhzIN6UkP9+RtjiyHb+PJfmfb6i++U51JL8Y9kvz+pN9SAAAAAAAmDtT1YiXz+Xh9W+0fjdN1bT2YC0vg+vzo58P9NfX66nr81zpudzpzh0AAAAAgIvCy3/atBzHdr3e2KAok/oU4qONNOVkwpGDIDdFn6HgYRgsH9dnaWCG0x45H/+CxrTDcL2eTD3mJPirIKl3ZrKF61CTkX6vThkk85+is3HSh8D1siefu+16a8F4dKbpDATJx0bj+si1WY88Lkh2zp3U+Zmvv/17tlNk4l17B5teu29MmGkYZEZu2ZvwpP3D9yeOZzn93eL7WX5kBgAAAMCCSIr+opfc8sbpDggAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAtortukjQlOe44AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAovg/AAD//5h69bA=") r0 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x88882, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x0) write(r2, &(0x7f0000004200)='t', 0x1) sendfile(r2, r1, 0x0, 0x3ffff) sendfile(r2, r1, 0x0, 0x7ffff000) fallocate(r0, 0x0, 0x0, 0x1001f0) 110.684739ms ago: executing program 0 (id=2611): getsockopt$IP_VS_SO_GET_VERSION(0xffffffffffffffff, 0x0, 0x480, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) set_mempolicy_home_node(&(0x7f0000ff4000/0xc000)=nil, 0xc000, 0x0, 0x3f000000) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='netlink_extack\x00', r1}, 0x10) r2 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000e80)=ANY=[@ANYBLOB="70010000100013"], 0x170}}, 0x0) 69.795856ms ago: executing program 0 (id=2612): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4) setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000280)=0x1, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, 0x1c) sendto$inet6(r0, &(0x7f00000001c0)="a6e2976b5c4383036d32dadd2e144d8645ca8d1b230e105614396838da83c754887e7bea2f35d4ea667817d90d532af065f2e398dd9081ea16f8b371a202a6f9e505bbc964a0d3880bf0104a0a0a2f0d311efee1637e85a0125b38f961918f99bf9c2c146e42327f178dc2b3d4936e7f7f0a79f74ba464d83ab41742d1186776dc1779b5c50ac82d0fa8f9e42074b5b6079207fb21e718080907964669be539791e3e98687ee059853", 0xfffffffffffffcc1, 0x840, 0x0, 0x56) writev(r0, &(0x7f0000000800)=[{&(0x7f00000002c0)="2c7a1dad5a1c87beaebaa09053846be4d7c254cb91898c5027b0c6e3e62380108a712620d91d0faa1484ba87df7d9669dd1c9640c2ddb3fbbdeac2ba92df5a185ac5caa36f0cf01e8ee35d01dc7e48e221fe33c075375eb44da75fcbf212fa8730496d2768f9e22d66cd47453a5d2eb497e38e83dfe83c564939a556a34c7e1e8e1738a483db76569705b6386083a1464d097a0408f7b00fcc409460c73e4bb5aff5c0d2257c07535c7fedb832769d597ce90519a2f5de1507fe4060ebdc0afc3ba59220d14641eca1f3766f1566156dc9ca26337ea5144cff3e20db", 0xdc}, {&(0x7f0000000180)="e8976302e53fd703c67abe3e9fc506576a52e768dce53d148c296a44fde6285b31cc0409bb98ab2efdb48dc250ecb99b50b39c68cd25d8136581eb", 0x3b}, {&(0x7f00000003c0)="206e5e6a344d5377057ba82b2d9f62117753b47b89f78007a92e814fee41da033f31ed9f949a56017c487d40ef9948d557f05c2a807d9156e4679251c95e3b8580c835fda80fa25d295230f41f6ab1ea701c08e65442d367c90e88c632eda3e5638373f8dcfce9c1123c5d443604c2b83ff96dbef6fe", 0x76}, {&(0x7f0000002380)="091d3775438734ab4dc3732bbca3013079a2c306e02f3a1fc680290ecd7cd11e85ce44067854ebaead541cbf5b05c047889a375676b398e90212dec8fb133b1063293b1123f6a5e8862db1c39c2cf16816e4a6fdc1f15c2b48ccc6661b2e046f2220aa13c61fb6729bc72a1e3475dfa53e10fb506ef53f22b4005151fbaa22390a5c0d1b7684ccb91b4959e234abe79551479a52f0850ebf105a505641b5ca1b82e19697b424aa0cb9c501591dfe0ae1efce8d3a43dc0b118c12c83b17116e17a5be762251ae1b62331cd7482ed8addda3164cf15ab2bff065a0f75273a02cea7979e0ba0351d56a81a67a0d751cf07674220c81b9cd217bcd608f8e1cbec7740dfa4707f096a11358533389996d4e77329801947720067c8d6fc1a6eb32db60e4c74923d2d24234a7f7c996353675b34bec9b8b4cb3b119634537ab423bedfd9dd2d4ddac19ff1608912a176d7fefb167fb2ef1498379462fd4362bc7a524a178e2243a5e882fa7e0f7c1863841ab0bc37e9f97ccf89653cb18b13038d76bbeba450e3cb159d24a1fefa6e371ccf16426ab4f838b8bebe126e4138015b250fce15186ba2dd6124aa8a8bd523b808ccee2fca0d536792b02760bad6935023b1e6e1839d237290566435816d2f6b0bc9c14594b39723d67b7b2e7b93f1553b1c142250101d9d0d32e4ecfd445a6eba6a792a5a77f1c14c9281ffd30718d7cc51ef7c4104e5bbc0d52696cf52ae41d3b0ff24deae150c6ed927083d4b11aef51b609846160d0fca0ceb28b17d149495c2d90d8e7b4d5bc425e3c8e4c0c699c00843b121e892f3117358d5b213395034d2a5ae208d89f6459f884c7872858f493f8cf9e7172797e2ec70aa2fff2cfc9d59d443be9056a98a8f62709058f03095f30d9078518ebb7a743a7e8d70d35f91ef358f19b84ef4a43d45dfdb8a2f7acdc558d61bc727a3074720fd8a8b0ad061b66e0884f47ac89015b166e0ed98140f0afee8c1066f5ececc7c9a02ae2df15a7792f6a69a7c7764bb96794a9127d19eac6f82275c2bd3ff782000cc9edebfde80208dd77f287e790e4899e2515fb70062889293c5ba4c72082ee20564d70985eb4ed85fe532b66ce996532a70c3c5235e1ce69703b8f6b2821ae47cb0289c8ccf4cc5676bc1290ed056faadd8b727533d5a77093ea06aa27c305b79bc1285a1374a64893d75651ade4961de93ef25c785b25a2eaf86f4178b14cb7502195a66bc691d033e8927ffbbc36cc48eb25ab29ba648d5fbbd7accd4feef1a03bc578bdab1d7592d1cb9dd10b89df94194823f6bbc52dcf479eee604c6687142621e65d4350bc5305f6f477a34745046f55d1a8934905c2aed0dc30e253d8f5461b2c4bb32e8e23dd5f8b40b7df7bd062b94ad361bf3da61a0199c16aa90d781bde6f7e107247a5004da9211e67148dde9f3bf9ca548e98a4c99a31388c46f16196883fe92529ff72d5cfc9978d9c8a8c4facb6cccd2757357c30cd11f27c059ebdf8ef493a19a2e379f622db086887e1563a8a0f19ce574f8de6be3bd543f08376181dc67a4ef0afffcfd247c13528283eee790a39b696ef9463a417508b48ce5b2d6c6aa910833abf5dd3e83421686b10e75c754bf33003e5334ead474d9d913481d9b9934b4234771a0b0ade3afd0ad8c6fdf9be3bfec203e2d25e66aa12291d964e509ecd066eacf8e7e513edb06c1bb4df2de2c12ecc8425bb81454738d3382b6eeccf320a2c4678d258ec5967f8507b5d24bab4a60f9406cfe8a0b688055cd83e2c535bc29564456e1e6762b06fc7bbc40c722eba1f31c11c30f60fc43ae5bba2da52a3d6442dcbf548a79a2072a186372e75368ff45fc1979337b77e69a1f725e63636ce1facc8e934a69b8e82b8a7bfe76cb0db6022717923e8d15572df3e3d93ec91c0de371dca47dafb59ebf47d41a6efb7aa94761f52c168178398c09ca26790370ac15562fd0949f8988421900e3ad4194c12a5e77e82300023f233dddc29ccc1af4393d239bd5724d910066857802a263648de9ede10c179fc2665eb3ba34151135513b0c6687c50e9058695f173f388c676b025a9339c630f4513877b71fd15aac04c7fe1f14d8d335d7f61e5d37a2eede2d914c8c1498d942d710d267a994d8672ac661258c834d0d1295294035a22a26184c591d4a67c88d15625ff15c8c534b113a8656375fa7e1a0b8e4eebe01552a6205ead48209ce13b9eed3965bc9913ee7fa079760e081a37b47558e523dd51d0b86d3393421eb76df136b8312e12b02909438fe03775b0f5aed8099121853589786856578ecb5def73336667d0ee297f643fb7df5df2a3d3447769708ee86d87f22374ef854e96557d10da495476fcc509c8c386eab7e2792dbeedf6f724113c2a510e0e0147a84f28242ed2ce1ad53518b1e69f46eaa23a14def6745ad840a8b9b7c717f4c41e4432f3009a8476c286d3830dde5405cf1f2d70fdc6642e1990f49a2c283feb1f67df581b781fbc6265fce41ea6fb47976df36e06e4b6980f89547fc47803db5eed6777a332d160914f596caaa5c256e8a4863653e1d6f791b8d6cf29aaabadceb7457a7a1d1eea41981ef3b799a2889431b6fb12f41963a8a8f54e89192d970e7610f2a1ac40e673b616278c9bf5f28e7f28b6432a60e932e2eb267486effcaf96b050b35b35f7c962546eb1fdf2ae3dff75ab62dc9d5fe28940fbd2ee97db5c45ca6a5da0a65d07194fdb571a8b14d14efd3df747f930d61e3782ebab573f2ac1b86a51da87b8034959f599e80a5a339ccd6aca1e8978af4c556a734eb6c98263d7b64587ab649a960bb6c0110f8c4840d5402ed5b4d089686d51053dde78f802fd099ac9881472ac632d58844d18fb26d036d8459f55054104daf5e020f86dfc592e124836caee223a1be740c8ece0e48359eb96ba98d64174039f4709d19cfc2c01a750f681b8dd37b7c07737de0a4d192b4df44c0bcd1aade7b4002637b5063fdd75ab419fd5550e07a6514efd6837c9a4f6fccee347f77ca8fb32177ec3e4a527cb0bef959a468a508ae9816e17bb24ff3b9371879eeac102b7d199d4e9dbecaf101e75b14e6229ba72e1f6b11310ba2350817df82ec087836e99394281c385b56f2659aa5ae062c66323210835d89ac1fc725fbc417cb2af4c27b36749a7d033d19a0cb3f8138c0c4ad0405a9dc7db4127d36f18eb8cba7fa64660a6e2c550b08a824bb096923031d7eff5c1f225c1eaff91ee9a509cfe713b59ccf568244afe08a760758a1df3ea793ccac33281db50a26c217773a7d90133dc04e73112d784f46f0d7d1ea9c481e1f44dd8f1c96d29c80c7f1012ac7864e000635646eaa534a46db1af71c9ffcc8db048bea4a97446c22c4450292ad4d380aa2cadebd0ae6cd6c85c6032a163264dbe8900224a1bf809a203804e7115b4fa359750265d359e1d5a7db220bcdd789c59592e05a0d7fea42a821e5944b1b2d49f78052824035ccf9068f0ae44e7131f648cc7c1aa79c8dfcf0f8b8c4507d64d5320d19ee5294d1d326a291f96ea63ad3fd5f066bf52320f6ffaef3c390f5efae1ac9da0673239e1cd3176323b68119a315b31f5df0248f783b322cfcd151cdd2f2f2082aa9012c58649f1e3aa92975a46b4ff92358f141d92200fc1df88663830064d270a3821d74ed1bb0e7e5e9a1242684d2706530559a84096e58cfbcabfc06d45dbefd207f35120f2bc75d9d0e82e195f7d16207e7a43c3b6f175a3f5acaea8b5bbfdd8878ef9f632736346bc1349960c926f2a9a03916133a1a6a4036e569025fd4e4bc3490023bb5e8528d62c3213a19d3f88839369664acdcda39279c3900f35447e4daae5ca5873674c5803239de13cf1c8f9589e73afe82aece34637e250ac66d244d4ce65aad1179691c0cec2378cc2e564e08eba0913e098a1344713bfcc536e63518520495265f38140f193c0ae5a8a82bb5ec65f37b9bfd6abd373dcf47a95716e502e0d0331947840fe3764f81c6c8c8524438b6d955adfbf0dadfda7636960af294519224decd237798ba314034b5ff44666bd47c8fe04e172e94b1378b7de88a558d62916bed3bab5815f6b9cdad299e1ec718fbbe7152ab5238283c7152926dab84dd4e45f1d317772db37974d7bf3af7069da4d6579981830c71f6af41e09100e7fdd662885f8bc2e81ee6a7814cfc8103568d6ea09d68f89598c43742cf14419d714cd993143c18134b8aa8b4079ef36f382473acc0230d089b2eb5e9fc2b5fea6504c5139a1cf37049ac85edbe6d74fb31be6cb91c6571ee894c26102bf5e41dac5f15934fb8e751960a351138dd3a3798e0318c721b9f6bbe4b1b75912234f74a31ecdde3b389b34876e4375417edcba530a08e1cb60d0d54a216a89bfef4d622258f8081e95fe14bdf99578d0aa19825232ace7b3e4162b0a473c2c2d25bd98f9afda98353ca4de2b16c0ae613cc727a33e329b02e9d50309fcae9f58e3d2cf1c2153415bdfb5b6b712dc32bc47e97a2d5d4a984d37c499e56fb825c9c46b7fe838e778bc016658ce72704ec649a6f40cd831e84565020a70c1716b66f0bbccab41a7d337f0ee066facc2ee70b4fb0a4cb7c246e0ec773d32913119397021aa57c8034e16993c63f8dc85613023e89f4df44fc08f31f43453e68ba7db0a93ad3944bcf8c3d9f9bc281d46f46c25a90ea86984d2f78b9dab5edef0fcf9582b16e1da5b1cebbe9a33adadab0ff786d2379f8f0113151d88489b59b31744a628add2e99bc8b08e985d982f864a1879f86143bbfa2d4f3154cb672c5de7fef0f46ce846b3ecd846a4c48694c9f88bf385f452b886866ca8199959c0882eff9049ca5938b7739a394ece20768933c39c6e40657700124e09dc5c1920738b5c01610cc81a2f8211d8dbd99c30cfad6c3082b248e63cc8eba54c79d08550f9f31e20cf0acaabeb9ec7c46da64a930a4c52614a889257d2885b7272cd84d6e9c82902d0eeacd4f4bd52c7aed4800c24c9aadafbf7bc429b6747605bcdedfa8f713fa3c506767a487cbeb3e39ecbfa5a70eb40fb84234d93884d3285009c49373985fcbddc429bc79479c05655e91f6aeb2f4cae5d1ca65e4cbb474d1e0b4c6dc5f52c2384f0c9a3e34d222210f9349aef935944939d7a611fcf762c1ff93245a95953be539ceff5bbc44bb56fb83febbba169826f000dd4a5cf0289753deedb1bda682813", 0xe73}], 0x4) mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f0000000140)={&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x0, 0x0, 0x0, &(0x7f0000001380)=""/4080, 0xfffffffffffffdcc, 0x0, 0x0, 0xffffffffffffff29}, &(0x7f0000000000)=0x40) getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f0000000440)={&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x0, 0x0, 0x0, 0x19, 0x0, 0x0}, &(0x7f0000000100)=0x40) 236.74µs ago: executing program 0 (id=2613): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200ac1e00010c0002800500010000000000080007"], 0x64}}, 0x0) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)={0x6c, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x2c, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast2=0xe0000001}, {0x8, 0x2, @dev}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x4}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8}]}, 0x6c}}, 0x0) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000340)={0x3c, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_NAT_SRC={0x4}]}, 0x3c}}, 0x0) 151.45µs ago: executing program 4 (id=2614): r0 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x1, 0x0) fchdir(r1) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143242, 0x80) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0) fcntl$setlease(r2, 0x400, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x10) linkat(r3, &(0x7f0000000180)='./file1\x00', r3, &(0x7f0000000640)='./bus\x00', 0x0) 0s ago: executing program 1 (id=2615): r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00') fchdir(r0) mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0) r1 = inotify_init1(0x0) r2 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) fcntl$setown(r1, 0x8, r2) fcntl$getownex(r1, 0x10, &(0x7f0000000140)={0x0, 0x0}) r4 = syz_open_procfs(r3, &(0x7f00000008c0)='wchan\x00') pread64(r4, &(0x7f0000000180)=""/263, 0x107, 0x100000000000000) kernel console output (not intermixed with test programs): : 1 truncate cleaned up [ 60.557759][ T5574] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 60.600100][ T3303] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 60.617959][ T5579] netlink: 'syz.0.873': attribute type 13 has an invalid length. [ 60.778590][ T5579] bridge0: port 2(bridge_slave_1) entered disabled state [ 60.786081][ T5579] bridge0: port 1(bridge_slave_0) entered disabled state [ 60.961304][ T5579] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 60.994122][ T5579] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 61.026723][ T3297] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 61.102733][ T5579] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 61.111947][ T5579] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 61.121081][ T5579] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 61.130255][ T5579] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 61.199947][ T5615] xt_connbytes: Forcing CT accounting to be enabled [ 61.207603][ T5615] Cannot find del_set index 1 as target [ 61.374896][ T5636] netlink: 4 bytes leftover after parsing attributes in process `syz.1.889'. [ 61.384057][ T5636] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 61.391629][ T5636] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 61.400523][ T5636] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 61.408072][ T5636] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 61.433277][ T5639] netlink: 4 bytes leftover after parsing attributes in process `syz.3.890'. [ 61.453960][ T5641] netlink: 4 bytes leftover after parsing attributes in process `syz.4.891'. [ 61.458449][ T5606] IPVS: starting estimator thread 0... [ 61.493241][ T5639] ipvlan2: entered promiscuous mode [ 61.510136][ T5646] loop0: detected capacity change from 0 to 164 [ 61.528597][ T5646] Unable to read rock-ridge attributes [ 61.536378][ T5646] Unable to read rock-ridge attributes [ 61.560653][ T5644] IPVS: using max 2064 ests per chain, 103200 per kthread [ 61.570769][ T5648] IPv6: Can't replace route, no match found [ 61.667584][ T5664] loop3: detected capacity change from 0 to 164 [ 61.675348][ T5664] ISOFS: unable to read i-node block [ 61.680714][ T5664] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet. [ 61.711562][ T5661] loop2: detected capacity change from 0 to 1024 [ 61.742895][ T5661] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 61.812084][ T5661] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4115: comm syz.2.900: Allocating blocks 385-513 which overlap fs metadata [ 61.885540][ T5686] wg2: entered promiscuous mode [ 61.890485][ T5686] wg2: entered allmulticast mode [ 61.898359][ T5661] EXT4-fs (loop2): pa ffff88810696d700: logic 16, phys. 129, len 24 [ 61.906550][ T5661] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:5366: group 0, free 0, pa_free 8 [ 61.931732][ T5661] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 52 with error 28 [ 61.944360][ T5661] EXT4-fs (loop2): This should not happen!! Data will be lost [ 61.944360][ T5661] [ 61.954135][ T5661] EXT4-fs (loop2): Total free blocks count 0 [ 61.960171][ T5661] EXT4-fs (loop2): Free/Dirty block details [ 61.966181][ T5661] EXT4-fs (loop2): free_blocks=128 [ 61.971367][ T5661] EXT4-fs (loop2): dirty_blocks=0 [ 61.976415][ T5661] EXT4-fs (loop2): Block reservation details [ 61.982509][ T5661] EXT4-fs (loop2): i_reserved_data_blocks=0 [ 62.032335][ T5696] vlan2: entered allmulticast mode [ 62.042733][ T5696] bond0: entered allmulticast mode [ 62.048051][ T5696] bond_slave_0: entered allmulticast mode [ 62.053993][ T5696] bond_slave_1: entered allmulticast mode [ 62.069148][ T5696] bond0: left allmulticast mode [ 62.074163][ T5696] bond_slave_0: left allmulticast mode [ 62.079989][ T5696] bond_slave_1: left allmulticast mode [ 62.126998][ T5702] loop1: detected capacity change from 0 to 2048 [ 62.144780][ T5702] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 62.278570][ T5720] loop3: detected capacity change from 0 to 1024 [ 62.312552][ T5724] netlink: 'syz.2.928': attribute type 12 has an invalid length. [ 62.348683][ T5720] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 62.450515][ T5720] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.926: bg 0: block 184: padding at end of block bitmap is not set [ 62.523071][ T3297] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 62.566049][ T5736] IPVS: wrr: SCTP 172.20.20.187:0 - no destination available [ 62.589251][ T5587] IPVS: starting estimator thread 0... [ 62.646520][ T5725] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.917: bg 0: block 234: padding at end of block bitmap is not set [ 62.671248][ T5725] EXT4-fs (loop1): Remounting filesystem read-only [ 62.683720][ T5737] IPVS: using max 1968 ests per chain, 98400 per kthread [ 62.805044][ T5760] loop3: detected capacity change from 0 to 164 [ 62.832506][ T5760] ISOFS: unable to read i-node block [ 62.837889][ T5760] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet. [ 62.854603][ T3296] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 62.942409][ T5764] loop1: detected capacity change from 0 to 8192 [ 63.087651][ T5778] program syz.1.951 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 63.230214][ T5807] x_tables: ip6_tables: SYNPROXY target: used from hooks PREROUTING, but only usable from INPUT/FORWARD [ 63.242002][ T5806] netlink: 8 bytes leftover after parsing attributes in process `syz.3.957'. [ 63.515686][ T5857] SELinux: ebitmap: empty map [ 63.526146][ T5857] SELinux: failed to load policy [ 64.103225][ T5928] netlink: 'syz.3.976': attribute type 4 has an invalid length. [ 64.181865][ T5928] netlink: 'syz.3.976': attribute type 4 has an invalid length. [ 64.215981][ T5936] netlink: 36 bytes leftover after parsing attributes in process `syz.2.979'. [ 64.523046][ T5956] serio: Serial port ptm0 [ 64.543724][ T5961] loop3: detected capacity change from 0 to 2048 [ 64.590762][ T5961] loop3: p2 p3 < > p4 < p5 > [ 64.595487][ T5961] loop3: partition table partially beyond EOD, truncated [ 64.604541][ T5961] loop3: p3 start 4284289 is beyond EOD, truncated [ 64.774857][ T5985] ip_vti0: entered promiscuous mode [ 64.780445][ T5985] vlan2: entered promiscuous mode [ 64.789472][ T5985] ip_vti0: left promiscuous mode [ 64.882410][ T5987] SELinux: failed to load policy [ 64.914760][ T29] kauditd_printk_skb: 130 callbacks suppressed [ 64.914824][ T29] audit: type=1326 audit(1740507878.888:1065): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5988 comm="syz.4.1001" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20e44cd169 code=0x7ffc0000 [ 64.949965][ T5994] loop3: detected capacity change from 0 to 128 [ 64.952541][ T29] audit: type=1326 audit(1740507878.918:1066): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5988 comm="syz.4.1001" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7f20e44cd169 code=0x7ffc0000 [ 64.979794][ T29] audit: type=1326 audit(1740507878.918:1067): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5988 comm="syz.4.1001" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20e44cd169 code=0x7ffc0000 [ 65.003257][ T29] audit: type=1326 audit(1740507878.918:1068): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5988 comm="syz.4.1001" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20e44cd169 code=0x7ffc0000 [ 65.026954][ T29] audit: type=1326 audit(1740507878.918:1069): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5988 comm="syz.4.1001" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f20e44cd169 code=0x7ffc0000 [ 65.050867][ T29] audit: type=1326 audit(1740507878.918:1070): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5988 comm="syz.4.1001" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20e44cd169 code=0x7ffc0000 [ 65.074804][ T29] audit: type=1326 audit(1740507878.918:1071): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5988 comm="syz.4.1001" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20e44cd169 code=0x7ffc0000 [ 65.100519][ T29] audit: type=1326 audit(1740507879.068:1072): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5988 comm="syz.4.1001" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f20e44cd169 code=0x7ffc0000 [ 65.124188][ T29] audit: type=1326 audit(1740507879.068:1073): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5988 comm="syz.4.1001" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20e44cd169 code=0x7ffc0000 [ 65.126696][ T5989] SELinux: Context system_u:object_r:semanage_exec_t:s0 is not valid (left unmapped). [ 65.147683][ T29] audit: type=1326 audit(1740507879.068:1074): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5988 comm="syz.4.1001" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20e44cd169 code=0x7ffc0000 [ 65.212387][ T5994] ext4 filesystem being mounted at /212/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 65.277868][ T6004] netlink: 96 bytes leftover after parsing attributes in process `syz.3.1007'. [ 65.354294][ T6014] pim6reg1: entered promiscuous mode [ 65.359704][ T6014] pim6reg1: entered allmulticast mode [ 65.453617][ T6023] loop3: detected capacity change from 0 to 8192 [ 65.499228][ T6027] loop4: detected capacity change from 0 to 4096 [ 65.626612][ T6041] loop4: detected capacity change from 0 to 512 [ 65.663018][ T6041] ext4 filesystem being mounted at /173/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 66.004644][ T3531] IPVS: starting estimator thread 0... [ 66.064810][ T6068] loop3: detected capacity change from 0 to 128 [ 66.111312][ T6064] IPVS: using max 2112 ests per chain, 105600 per kthread [ 66.196536][ T6068] syz.3.1032: attempt to access beyond end of device [ 66.196536][ T6068] loop3: rw=2049, sector=145, nr_sectors = 664 limit=128 [ 66.230345][ T6074] loop4: detected capacity change from 0 to 8192 [ 66.251993][ T6068] syz.3.1032: attempt to access beyond end of device [ 66.251993][ T6068] loop3: rw=524288, sector=145, nr_sectors = 664 limit=128 [ 66.401919][ T6088] pim6reg1: entered promiscuous mode [ 66.407409][ T6088] pim6reg1: entered allmulticast mode [ 66.604700][ T6109] vlan2: entered allmulticast mode [ 66.610035][ T6109] bridge_slave_0: entered allmulticast mode [ 66.649127][ T6109] bridge_slave_0: left allmulticast mode [ 67.295962][ T6162] vlan2: entered allmulticast mode [ 67.421684][ T6170] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(3) [ 67.429090][ T6170] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 67.436834][ T6170] vhci_hcd vhci_hcd.0: Device attached [ 67.458578][ T6170] vhci_hcd vhci_hcd.0: pdev(1) rhport(1) sockfd(5) [ 67.465363][ T6170] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 67.472939][ T6170] vhci_hcd vhci_hcd.0: Device attached [ 67.498907][ T6170] vhci_hcd vhci_hcd.0: pdev(1) rhport(2) sockfd(7) [ 67.505824][ T6170] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 67.513538][ T6170] vhci_hcd vhci_hcd.0: Device attached [ 67.537149][ T6182] loop3: detected capacity change from 0 to 2048 [ 67.552266][ T6182] EXT4-fs: Ignoring removed bh option [ 67.589382][ T6170] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 67.603322][ T3413] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 67.620672][ T5587] vhci_hcd: vhci_device speed not set [ 67.663803][ T6170] vhci_hcd vhci_hcd.0: pdev(1) rhport(4) sockfd(11) [ 67.670483][ T6170] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 67.678240][ T6170] vhci_hcd vhci_hcd.0: Device attached [ 67.694233][ T5587] usb 3-1: new full-speed USB device number 2 using vhci_hcd [ 67.727673][ T6170] vhci_hcd vhci_hcd.0: pdev(1) rhport(5) sockfd(13) [ 67.734353][ T6170] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 67.741902][ T6170] vhci_hcd vhci_hcd.0: Device attached [ 67.765506][ T6192] loop4: detected capacity change from 0 to 4096 [ 67.780805][ T6170] vhci_hcd vhci_hcd.0: pdev(1) rhport(6) sockfd(15) [ 67.787456][ T6170] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 67.795127][ T6170] vhci_hcd vhci_hcd.0: Device attached [ 67.820228][ T6170] vhci_hcd vhci_hcd.0: pdev(1) rhport(7) sockfd(17) [ 67.827058][ T6170] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 67.834772][ T6170] vhci_hcd vhci_hcd.0: Device attached [ 67.872659][ T6204] vhci_hcd: connection closed [ 67.872794][ T11] vhci_hcd: stop threads [ 67.874106][ T6193] vhci_hcd: connection closed [ 67.877534][ T11] vhci_hcd: release socket [ 67.882022][ T6173] vhci_hcd: connection closed [ 67.886631][ T11] vhci_hcd: disconnect device [ 67.886794][ T6201] vhci_hcd: connection closed [ 67.892333][ T6171] vhci_hcd: connection reset by peer [ 67.895885][ T6177] vhci_hcd: connection closed [ 67.901847][ T6198] vhci_hcd: connection closed [ 67.936011][ T11] vhci_hcd: stop threads [ 67.944999][ T11] vhci_hcd: release socket [ 67.949435][ T11] vhci_hcd: disconnect device [ 67.976932][ T6200] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 68.000730][ T11] vhci_hcd: stop threads [ 68.005038][ T11] vhci_hcd: release socket [ 68.009592][ T11] vhci_hcd: disconnect device [ 68.027633][ T11] vhci_hcd: stop threads [ 68.031999][ T11] vhci_hcd: release socket [ 68.036463][ T11] vhci_hcd: disconnect device [ 68.044036][ T6200] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 32 with error 28 [ 68.048183][ T11] vhci_hcd: stop threads [ 68.056484][ T6200] EXT4-fs (loop3): This should not happen!! Data will be lost [ 68.056484][ T6200] [ 68.060727][ T11] vhci_hcd: release socket [ 68.060743][ T11] vhci_hcd: disconnect device [ 68.070373][ T6200] EXT4-fs (loop3): Total free blocks count 0 [ 68.085932][ T6200] EXT4-fs (loop3): Free/Dirty block details [ 68.092017][ T6200] EXT4-fs (loop3): free_blocks=2415919104 [ 68.097831][ T6200] EXT4-fs (loop3): dirty_blocks=8224 [ 68.103160][ T6200] EXT4-fs (loop3): Block reservation details [ 68.109388][ T6200] EXT4-fs (loop3): i_reserved_data_blocks=514 [ 68.115902][ T11] vhci_hcd: stop threads [ 68.120262][ T11] vhci_hcd: release socket [ 68.124761][ T11] vhci_hcd: disconnect device [ 68.161579][ T11] vhci_hcd: stop threads [ 68.165956][ T11] vhci_hcd: release socket [ 68.170421][ T11] vhci_hcd: disconnect device [ 68.240434][ T11] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 32 with max blocks 2048 with error 28 [ 68.253268][ T11] EXT4-fs (loop3): This should not happen!! Data will be lost [ 68.253268][ T11] [ 68.263401][ T6210] hub 9-0:1.0: USB hub found [ 68.268826][ T6210] hub 9-0:1.0: 8 ports detected [ 68.426913][ T3297] EXT4-fs unmount: 9 callbacks suppressed [ 68.704778][ T6249] netlink: 'syz.3.1101': attribute type 13 has an invalid length. [ 68.713348][ T6248] loop4: detected capacity change from 0 to 512 [ 68.743759][ T6248] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 68.775516][ T6248] EXT4-fs (loop4): 1 truncate cleaned up [ 68.781897][ T6248] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 68.834410][ T6249] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 68.845476][ T6249] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 68.889839][ T6249] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 68.899021][ T6249] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 68.908048][ T6249] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 68.917351][ T6249] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 68.949875][ T3303] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 69.008101][ T6257] netlink: 96 bytes leftover after parsing attributes in process `syz.2.1116'. [ 69.049303][ T6259] x_tables: ip6_tables: SYNPROXY target: used from hooks PREROUTING, but only usable from INPUT/FORWARD [ 69.067339][ T6261] loop2: detected capacity change from 0 to 164 [ 69.161365][ T6273] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 69.252730][ T6273] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 69.520835][ T6289] netlink: 'syz.4.1119': attribute type 13 has an invalid length. [ 69.589789][ T6289] bridge0: port 2(bridge_slave_1) entered disabled state [ 69.597238][ T6289] bridge0: port 1(bridge_slave_0) entered disabled state [ 69.640384][ T6289] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 69.651353][ T6289] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 69.686866][ T6289] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 69.696134][ T6289] netdevsim netdevsim4 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 69.705203][ T6289] netdevsim netdevsim4 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 69.714298][ T6289] netdevsim netdevsim4 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 69.835984][ T6299] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1125'. [ 69.874864][ T6305] netlink: 68 bytes leftover after parsing attributes in process `syz.4.1129'. [ 69.922677][ T6316] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1132'. [ 69.932237][ T6316] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 69.940494][ T6316] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 70.318323][ T6335] loop2: detected capacity change from 0 to 2048 [ 70.332198][ T6335] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 70.556090][ T6335] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.1138: bg 0: block 234: padding at end of block bitmap is not set [ 70.571056][ T6335] EXT4-fs (loop2): Remounting filesystem read-only [ 70.613371][ T6351] netlink: 9 bytes leftover after parsing attributes in process `syz.3.1144'. [ 70.623040][ T6351] gretap0: entered promiscuous mode [ 70.629560][ T6351] netlink: 5 bytes leftover after parsing attributes in process `syz.3.1144'. [ 70.644665][ T6351] 0XD: renamed from gretap0 [ 70.651818][ T6351] 0XD: left promiscuous mode [ 70.656799][ T6351] 0XD: entered allmulticast mode [ 70.663293][ T6351] A link change request failed with some changes committed already. Interface 30XD may have been left with an inconsistent configuration, please check. [ 70.735662][ T3305] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 70.766737][ T6360] xt_CT: No such helper "pptp" [ 71.020268][ T6384] pim6reg1: entered promiscuous mode [ 71.025662][ T6384] pim6reg1: entered allmulticast mode [ 71.262300][ T6436] loop3: detected capacity change from 0 to 256 [ 71.477691][ T6451] loop3: detected capacity change from 0 to 1024 [ 71.501920][ T6451] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 71.650876][ T6451] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters [ 71.681636][ T6451] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1132 with error 28 [ 71.694362][ T6451] EXT4-fs (loop3): This should not happen!! Data will be lost [ 71.694362][ T6451] [ 71.704324][ T6451] EXT4-fs (loop3): Total free blocks count 0 [ 71.710562][ T6451] EXT4-fs (loop3): Free/Dirty block details [ 71.716726][ T6451] EXT4-fs (loop3): free_blocks=68451041280 [ 71.722737][ T6451] EXT4-fs (loop3): dirty_blocks=1136 [ 71.728366][ T6451] EXT4-fs (loop3): Block reservation details [ 71.735121][ T6451] EXT4-fs (loop3): i_reserved_data_blocks=71 [ 71.856008][ T6408] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1132 with error 28 [ 71.912965][ T29] kauditd_printk_skb: 37 callbacks suppressed [ 71.912982][ T29] audit: type=1326 audit(1740507885.878:1112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6457 comm="syz.3.1167" exe="/root/syz-executor" sig=31 arch=c000003e syscall=39 compat=0 ip=0x7f4a93d14127 code=0x0 [ 71.958518][ T6462] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1168'. [ 72.006460][ T6469] netlink: 132 bytes leftover after parsing attributes in process `syz.1.1172'. [ 72.176867][ T6486] blktrace: Concurrent blktraces are not allowed on loop3 [ 72.790655][ T5587] usb 3-1: enqueue for inactive port 0 [ 72.796252][ T5587] usb 3-1: enqueue for inactive port 0 [ 72.873646][ T5587] vhci_hcd: vhci_device speed not set [ 72.886259][ T3376] kernel write not supported for file bpf-prog (pid: 3376 comm: kworker/0:5) [ 72.989144][ T6498] netem: incorrect gi model size [ 72.994515][ T6498] netem: change failed [ 73.594450][ T29] audit: type=1326 audit(1740507887.568:1113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6516 comm="syz.4.1192" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20e44cd169 code=0x7ffc0000 [ 73.619788][ T29] audit: type=1326 audit(1740507887.588:1114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6516 comm="syz.4.1192" exe="/root/syz-executor" sig=0 arch=c000003e syscall=69 compat=0 ip=0x7f20e44cd169 code=0x7ffc0000 [ 73.643182][ T29] audit: type=1326 audit(1740507887.588:1115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6516 comm="syz.4.1192" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20e44cd169 code=0x7ffc0000 [ 73.764708][ T6534] loop2: detected capacity change from 0 to 1024 [ 73.783513][ T6534] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 73.824059][ T6540] loop4: detected capacity change from 0 to 256 [ 73.856191][ T6540] FAT-fs (loop4): bogus number of FAT sectors [ 73.862398][ T6540] FAT-fs (loop4): Can't find a valid FAT filesystem [ 73.921950][ T6534] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters [ 73.946564][ T6534] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28 [ 73.959256][ T6534] EXT4-fs (loop2): This should not happen!! Data will be lost [ 73.959256][ T6534] [ 73.969045][ T6534] EXT4-fs (loop2): Total free blocks count 0 [ 73.975178][ T6534] EXT4-fs (loop2): Free/Dirty block details [ 73.981730][ T6534] EXT4-fs (loop2): free_blocks=68451041280 [ 73.987665][ T6534] EXT4-fs (loop2): dirty_blocks=2896 [ 73.993270][ T6534] EXT4-fs (loop2): Block reservation details [ 73.999925][ T6534] EXT4-fs (loop2): i_reserved_data_blocks=181 [ 74.082675][ T6549] loop4: detected capacity change from 0 to 512 [ 74.100557][ T6549] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 74.126872][ T6423] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 4 with max blocks 2048 with error 28 [ 74.140209][ T6549] ext4 filesystem being mounted at /232/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 74.208569][ T6555] netlink: 96 bytes leftover after parsing attributes in process `syz.1.1206'. [ 74.211340][ T3303] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 74.351412][ T6566] loop2: detected capacity change from 0 to 512 [ 74.359545][ T6566] EXT4-fs error (device loop2): ext4_orphan_get:1389: inode #15: comm syz.2.1211: casefold flag without casefold feature [ 74.372928][ T6566] EXT4-fs error (device loop2): ext4_orphan_get:1394: comm syz.2.1211: couldn't read orphan inode 15 (err -117) [ 74.389074][ T6566] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 74.422000][ T6569] capability: warning: `syz.1.1212' uses 32-bit capabilities (legacy support in use) [ 74.434946][ T3305] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 74.478385][ T29] audit: type=1400 audit(1740507888.448:1116): avc: denied { mounton } for pid=6575 comm="syz.2.1215" path="/proc/533/cgroup" dev="proc" ino=13329 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=file permissive=1 [ 74.527324][ T29] audit: type=1400 audit(1740507888.498:1117): avc: denied { read } for pid=6579 comm="syz.4.1217" path="socket:[13332]" dev="sockfs" ino=13332 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 74.600022][ T6587] netlink: 'syz.4.1220': attribute type 13 has an invalid length. [ 74.608043][ T6587] netlink: 152 bytes leftover after parsing attributes in process `syz.4.1220'. [ 74.618819][ T6587] syz_tun: refused to change device tx_queue_len [ 74.625351][ T6587] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check. [ 74.803091][ T29] audit: type=1400 audit(1740507888.778:1118): avc: denied { lock } for pid=6601 comm="syz.2.1237" path="socket:[13389]" dev="sockfs" ino=13389 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_stream_socket permissive=1 [ 74.845377][ T6616] bond2: entered promiscuous mode [ 74.850803][ T6616] bond2: entered allmulticast mode [ 74.856886][ T6616] 8021q: adding VLAN 0 to HW filter on device bond2 [ 74.868628][ T6616] bond2 (unregistering): Released all slaves [ 74.915717][ T6622] program syz.4.1234 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 75.113858][ T6642] netlink: 'syz.3.1244': attribute type 39 has an invalid length. [ 75.132926][ T6646] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1247'. [ 75.226231][ T6658] loop4: detected capacity change from 0 to 512 [ 75.242935][ T6658] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 75.272242][ T6664] bridge_slave_1: left allmulticast mode [ 75.278060][ T6664] bridge_slave_1: left promiscuous mode [ 75.279537][ T6658] ext4 filesystem being mounted at /248/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 75.283796][ T6664] bridge0: port 2(bridge_slave_1) entered disabled state [ 75.313063][ T6668] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1256'. [ 75.323430][ T6664] bridge_slave_0: left allmulticast mode [ 75.329227][ T6664] bridge_slave_0: left promiscuous mode [ 75.335026][ T6664] bridge0: port 1(bridge_slave_0) entered disabled state [ 75.343556][ T3303] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 75.374920][ T29] audit: type=1326 audit(1740507889.348:1119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6673 comm="syz.3.1258" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a93d1d169 code=0x7ffc0000 [ 75.401358][ T29] audit: type=1326 audit(1740507889.348:1120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6673 comm="syz.3.1258" exe="/root/syz-executor" sig=0 arch=c000003e syscall=432 compat=0 ip=0x7f4a93d1d169 code=0x7ffc0000 [ 75.425290][ T29] audit: type=1326 audit(1740507889.348:1121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6673 comm="syz.3.1258" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a93d1d169 code=0x7ffc0000 [ 75.490267][ T6681] pim6reg1: entered promiscuous mode [ 75.496181][ T6681] pim6reg1: entered allmulticast mode [ 76.192549][ T6743] SELinux: syz.3.1285 (6743) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace. [ 76.874847][ T6794] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1307'. [ 76.964494][ T6801] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6801 comm=syz.4.1311 [ 76.986093][ T6801] netlink: 'syz.4.1311': attribute type 5 has an invalid length. [ 77.115567][ T29] kauditd_printk_skb: 39 callbacks suppressed [ 77.115583][ T29] audit: type=1400 audit(1740507891.088:1161): avc: denied { read } for pid=6820 comm="syz.0.1320" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 77.187152][ T6829] loop2: detected capacity change from 0 to 256 [ 77.195922][ T6829] FAT-fs (loop2): bogus number of FAT sectors [ 77.206020][ T6829] FAT-fs (loop2): Can't find a valid FAT filesystem [ 77.245911][ T6831] x_tables: unsorted underflow at hook 2 [ 77.269417][ T6831] loop4: detected capacity change from 0 to 512 [ 77.276531][ T29] audit: type=1400 audit(1740507891.248:1162): avc: denied { ioctl } for pid=6832 comm="syz.1.1325" path="socket:[13778]" dev="sockfs" ino=13778 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1 [ 77.324523][ T6831] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2240: inode #15: comm syz.4.1324: corrupted in-inode xattr: invalid ea_ino [ 77.353462][ T6831] EXT4-fs error (device loop4): ext4_orphan_get:1394: comm syz.4.1324: couldn't read orphan inode 15 (err -117) [ 77.367618][ T6831] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 77.414316][ T3303] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 77.523274][ T6858] loop2: detected capacity change from 0 to 512 [ 77.524886][ T6854] block device autoloading is deprecated and will be removed. [ 77.550439][ T6856] netlink: 'syz.4.1335': attribute type 15 has an invalid length. [ 77.564791][ T6858] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 77.597315][ T6858] ext4 filesystem being mounted at /258/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 77.630680][ T29] audit: type=1400 audit(1740507891.588:1163): avc: denied { read } for pid=3296 comm="syz-executor" name="loop1" dev="devtmpfs" ino=536 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 77.656212][ T29] audit: type=1326 audit(1740507891.598:1164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6861 comm="syz.3.1336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a93d1d169 code=0x7ffc0000 [ 77.682002][ T29] audit: type=1326 audit(1740507891.598:1165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6861 comm="syz.3.1336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a93d1d169 code=0x7ffc0000 [ 77.707990][ T29] audit: type=1326 audit(1740507891.598:1166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6861 comm="syz.3.1336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f4a93d1d169 code=0x7ffc0000 [ 77.733686][ T29] audit: type=1326 audit(1740507891.598:1167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6861 comm="syz.3.1336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a93d1d169 code=0x7ffc0000 [ 77.760311][ T29] audit: type=1326 audit(1740507891.598:1168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6861 comm="syz.3.1336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=12 compat=0 ip=0x7f4a93d1d169 code=0x7ffc0000 [ 77.785572][ T29] audit: type=1326 audit(1740507891.598:1169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6861 comm="syz.3.1336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a93d1d169 code=0x7ffc0000 [ 77.868639][ T6875] loop4: detected capacity change from 0 to 1024 [ 77.892048][ T6877] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 77.902554][ T6877] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 77.903628][ T3305] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 77.939041][ T6875] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 78.079317][ T6891] loop1: detected capacity change from 0 to 512 [ 78.083962][ T6875] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters [ 78.110737][ T6875] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28 [ 78.134662][ T6875] EXT4-fs (loop4): This should not happen!! Data will be lost [ 78.134662][ T6875] [ 78.149024][ T6875] EXT4-fs (loop4): Total free blocks count 0 [ 78.158534][ T6875] EXT4-fs (loop4): Free/Dirty block details [ 78.168172][ T6875] EXT4-fs (loop4): free_blocks=68451041280 [ 78.176229][ T6875] EXT4-fs (loop4): dirty_blocks=2512 [ 78.184357][ T6875] EXT4-fs (loop4): Block reservation details [ 78.191340][ T6875] EXT4-fs (loop4): i_reserved_data_blocks=157 [ 78.222566][ T6891] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 78.250675][ T6891] ext4 filesystem being mounted at /306/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 78.293754][ T3296] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 78.382578][ T29] audit: type=1400 audit(1740507892.358:1170): avc: denied { ioctl } for pid=6896 comm="syz.2.1350" path="/dev/ptp0" dev="devtmpfs" ino=246 ioctlcmd=0x3d05 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1 [ 78.444768][ T6399] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 4 with max blocks 2048 with error 28 [ 78.483876][ T6905] x_tables: unsorted underflow at hook 2 [ 78.496402][ T6905] loop2: detected capacity change from 0 to 512 [ 78.509950][ T6905] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2240: inode #15: comm syz.2.1354: corrupted in-inode xattr: invalid ea_ino [ 78.535286][ T6903] loop1: detected capacity change from 0 to 8192 [ 78.551895][ T6905] EXT4-fs error (device loop2): ext4_orphan_get:1394: comm syz.2.1354: couldn't read orphan inode 15 (err -117) [ 78.569826][ T6907] loop4: detected capacity change from 0 to 8192 [ 78.583696][ T6905] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 78.618800][ T6907] loop4: p1 p3 p4 < p5 p6 p7 p8 p9 p10 p11 p12 p13 p14 p15 p16 p17 p18 p19 p20 p21 p22 p23 p24 p25 p26 p27 p28 p29 p30 p31 p32 p33 p34 p35 p36 p37 p38 p39 p40 p41 p42 p43 p44 p45 p46 p47 p48 p49 p50 p51 p52 p53 p54 p55 p56 p57 p58 p59 p60 p61 p62 p63 p64 p65 p66 p67 p68 p69 p70 p71 p72 p73 p74 p75 p76 p77 p78 p79 p80 p81 p82 p83 p84 p85 p86 p87 p88 p89 p90 p91 p92 p93 p94 p95 p96 p97 p98 p99 p100 p101 p102 p103 p104 p105 p106 p107 p108 p109 p110 p111 p112 p113 p114 p115 p116 p117 p118 p119 p120 p121 p122 p123 p124 p125 p126 p127 p128 p129 p130 p131 p132 p133 p134 p135 p136 p137 p138 p139 p140 p141 p142 p143 p144 p145 p146 p147 p148 p149 p150 p151 p152 p153 p154 p155 p156 p157 p158 p159 p160 p161 p162 p163 p164 p165 p166 p167 p168 p169 p170 p171 p172 p173 p174 p175 p176 p177 p178 p179 p180 p181 p182 p183 p184 p185 p186 p187 p188 p189 p190 p191 p192 p193 p194 p195 p196 p197 p198 p199 p200 p201 p202 p203 p204 p205 p206 p207 p208 p209 p210 p211 p212 p213 p214 p215 p216 p217 p218 p219 p220 p221 p222 p223 p224 p2 [ 78.619936][ T3305] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 78.739980][ T6907] loop4: p1 size 108986237 extends beyond EOD, truncated [ 78.762943][ T6907] loop4: p3 size 50462720 extends beyond EOD, truncated [ 78.793310][ T6907] loop4: p5 size 108986237 extends beyond EOD, truncated [ 78.806403][ T6907] loop4: p6 size 108986237 extends beyond EOD, truncated [ 78.831224][ T6907] loop4: p7 size 108986237 extends beyond EOD, truncated [ 78.840352][ T6907] loop4: p8 size 108986237 extends beyond EOD, truncated [ 78.850939][ T6907] loop4: p9 size 108986237 extends beyond EOD, truncated [ 78.860999][ T6907] loop4: p10 size 108986237 extends beyond EOD, truncated [ 78.869854][ T6907] loop4: p11 size 108986237 extends beyond EOD, truncated [ 78.879826][ T6907] loop4: p12 size 108986237 extends beyond EOD, truncated [ 78.892059][ T6907] loop4: p13 size 108986237 extends beyond EOD, truncated [ 78.901960][ T6907] loop4: p14 size 108986237 extends beyond EOD, truncated [ 78.916573][ T6907] loop4: p15 size 108986237 extends beyond EOD, truncated [ 78.926533][ T6907] loop4: p16 size 108986237 extends beyond EOD, truncated [ 78.937364][ T6907] loop4: p17 size 108986237 extends beyond EOD, truncated [ 78.955708][ T6907] loop4: p18 size 108986237 extends beyond EOD, truncated [ 78.989717][ T6907] loop4: p19 size 108986237 extends beyond EOD, truncated [ 78.999848][ T6907] loop4: p20 size 108986237 extends beyond EOD, truncated [ 79.035396][ T6907] loop4: p21 size 108986237 extends beyond EOD, truncated [ 79.047363][ T6907] loop4: p22 size 108986237 extends beyond EOD, truncated [ 79.060922][ T6907] loop4: p23 size 108986237 extends beyond EOD, truncated [ 79.073237][ T6907] loop4: p24 size 108986237 extends beyond EOD, truncated [ 79.082453][ T6907] loop4: p25 size 108986237 extends beyond EOD, truncated [ 79.112684][ T6907] loop4: p26 size 108986237 extends beyond EOD, truncated [ 79.124208][ T6907] loop4: p27 size 108986237 extends beyond EOD, truncated [ 79.139048][ T6907] loop4: p28 size 108986237 extends beyond EOD, truncated [ 79.156080][ T6907] loop4: p29 size 108986237 extends beyond EOD, truncated [ 79.165608][ T6907] loop4: p30 size 108986237 extends beyond EOD, truncated [ 79.173441][ T6907] loop4: p31 size 108986237 extends beyond EOD, truncated [ 79.185551][ T6907] loop4: p32 size 108986237 extends beyond EOD, truncated [ 79.195455][ T6907] loop4: p33 size 108986237 extends beyond EOD, truncated [ 79.205752][ T6907] loop4: p34 size 108986237 extends beyond EOD, truncated [ 79.220982][ T6907] loop4: p35 size 108986237 extends beyond EOD, truncated [ 79.239811][ T6907] loop4: p36 size 108986237 extends beyond EOD, truncated [ 79.248515][ T6947] loop1: detected capacity change from 0 to 1024 [ 79.251966][ T6907] loop4: p37 size 108986237 extends beyond EOD, truncated [ 79.262356][ T6947] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 79.284889][ T6907] loop4: p38 size 108986237 extends beyond EOD, truncated [ 79.295428][ T6907] loop4: p39 size 108986237 extends beyond EOD, truncated [ 79.305769][ T6907] loop4: p40 size 108986237 extends beyond EOD, truncated [ 79.313919][ T6907] loop4: p41 size 108986237 extends beyond EOD, truncated [ 79.327289][ T6907] loop4: p42 size 108986237 extends beyond EOD, truncated [ 79.336794][ T3296] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 79.351943][ T6907] loop4: p43 size 108986237 extends beyond EOD, truncated [ 79.392737][ T6955] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1371'. [ 79.397734][ T6907] loop4: p44 size 108986237 extends beyond EOD, truncated [ 79.433049][ T6907] loop4: p45 size 108986237 extends beyond EOD, truncated [ 79.445755][ T6907] loop4: p46 size 108986237 extends beyond EOD, truncated [ 79.455801][ T6907] loop4: p47 size 108986237 extends beyond EOD, truncated [ 79.463693][ T6959] loop1: detected capacity change from 0 to 2048 [ 79.465077][ T6907] loop4: p48 size 108986237 extends beyond EOD, truncated [ 79.470980][ T6959] EXT4-fs: Ignoring removed bh option [ 79.482132][ T6907] loop4: p49 size 108986237 extends beyond EOD, truncated [ 79.498574][ T6907] loop4: p50 size 108986237 extends beyond EOD, truncated [ 79.510357][ T6907] loop4: p51 size 108986237 extends beyond EOD, truncated [ 79.521358][ T6907] loop4: p52 size 108986237 extends beyond EOD, truncated [ 79.523051][ T6959] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 79.529936][ T6907] loop4: p53 size 108986237 extends beyond EOD, truncated [ 79.580702][ T6907] loop4: p54 size 108986237 extends beyond EOD, truncated [ 79.595517][ T6959] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 79.612365][ T6907] loop4: p55 size 108986237 extends beyond EOD, truncated [ 79.612451][ T6959] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 19 with error 28 [ 79.634696][ T6959] EXT4-fs (loop1): This should not happen!! Data will be lost [ 79.634696][ T6959] [ 79.645115][ T6959] EXT4-fs (loop1): Total free blocks count 0 [ 79.652161][ T6959] EXT4-fs (loop1): Free/Dirty block details [ 79.659988][ T6959] EXT4-fs (loop1): free_blocks=2415919104 [ 79.667190][ T6959] EXT4-fs (loop1): dirty_blocks=32 [ 79.672602][ T6959] EXT4-fs (loop1): Block reservation details [ 79.679052][ T6959] EXT4-fs (loop1): i_reserved_data_blocks=2 [ 79.685555][ T6907] loop4: p56 size 108986237 extends beyond EOD, truncated [ 79.701594][ T6907] loop4: p57 size 108986237 extends beyond EOD, truncated [ 79.713287][ T6907] loop4: p58 size 108986237 extends beyond EOD, truncated [ 79.723485][ T6907] loop4: p59 size 108986237 extends beyond EOD, truncated [ 79.733794][ T6907] loop4: p60 size 108986237 extends beyond EOD, truncated [ 79.742225][ T6907] loop4: p61 size 108986237 extends beyond EOD, truncated [ 79.751182][ T6907] loop4: p62 size 108986237 extends beyond EOD, truncated [ 79.761493][ T6907] loop4: p63 size 108986237 extends beyond EOD, truncated [ 79.762837][ T3296] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 79.770950][ T6907] loop4: p64 size 108986237 extends beyond EOD, truncated [ 79.789241][ T6907] loop4: p65 size 108986237 extends beyond EOD, truncated [ 79.802329][ T6907] loop4: p66 size 108986237 extends beyond EOD, truncated [ 79.814670][ T6907] loop4: p67 size 108986237 extends beyond EOD, truncated [ 79.841194][ T6907] loop4: p68 size 108986237 extends beyond EOD, truncated [ 79.852831][ T6907] loop4: p69 size 108986237 extends beyond EOD, truncated [ 79.882336][ T6907] loop4: p70 size 108986237 extends beyond EOD, truncated [ 79.941306][ T6907] loop4: p71 size 108986237 extends beyond EOD, truncated [ 79.952343][ T6907] loop4: p72 size 108986237 extends beyond EOD, truncated [ 79.972132][ T6907] loop4: p73 size 108986237 extends beyond EOD, truncated [ 80.000553][ T6907] loop4: p74 size 108986237 extends beyond EOD, truncated [ 80.012044][ T6907] loop4: p75 size 108986237 extends beyond EOD, truncated [ 80.023809][ T6907] loop4: p76 size 108986237 extends beyond EOD, truncated [ 80.042770][ T6907] loop4: p77 size 108986237 extends beyond EOD, truncated [ 80.057182][ T6907] loop4: p78 size 108986237 extends beyond EOD, truncated [ 80.150296][ T6985] loop3: detected capacity change from 0 to 128 [ 80.159907][ T6985] EXT4-fs: Ignoring removed nobh option [ 80.173490][ T6907] loop4: p79 size 108986237 extends beyond EOD, truncated [ 80.182324][ T6985] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 80.197700][ T6985] ext4 filesystem being mounted at /294/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 80.201376][ T6907] loop4: p80 size 108986237 extends beyond EOD, truncated [ 80.249695][ T6907] loop4: p81 size 108986237 extends beyond EOD, truncated [ 80.258590][ T3297] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 80.272722][ T6907] loop4: p82 size 108986237 extends beyond EOD, truncated [ 80.281517][ T6907] loop4: p83 size 108986237 extends beyond EOD, truncated [ 80.291257][ T6907] loop4: p84 size 108986237 extends beyond EOD, truncated [ 80.303714][ T6907] loop4: p85 size 108986237 extends beyond EOD, truncated [ 80.323085][ T6907] loop4: p86 size 108986237 extends beyond EOD, truncated [ 80.350474][ T6995] loop2: detected capacity change from 0 to 256 [ 80.358699][ T6907] loop4: p87 size 108986237 extends beyond EOD, truncated [ 80.368928][ T6995] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 80.382999][ T6907] loop4: p88 size 108986237 extends beyond EOD, truncated [ 80.394730][ T6995] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 80.410906][ T6907] loop4: p89 size 108986237 extends beyond EOD, truncated [ 80.430892][ T6907] loop4: p90 size 108986237 extends beyond EOD, truncated [ 80.452042][ T6907] loop4: p91 size 108986237 extends beyond EOD, truncated [ 80.466083][ T6907] loop4: p92 size 108986237 extends beyond EOD, truncated [ 80.497171][ T6907] loop4: p93 size 108986237 extends beyond EOD, truncated [ 80.517771][ T6907] loop4: p94 size 108986237 extends beyond EOD, truncated [ 80.531248][ T6907] loop4: p95 size 108986237 extends beyond EOD, truncated [ 80.544338][ T6907] loop4: p96 size 108986237 extends beyond EOD, truncated [ 80.560466][ T6907] loop4: p97 size 108986237 extends beyond EOD, truncated [ 80.588060][ T6907] loop4: p98 size 108986237 extends beyond EOD, truncated [ 80.626526][ T6907] loop4: p99 size 108986237 extends beyond EOD, truncated [ 80.642927][ T6907] loop4: p100 size 108986237 extends beyond EOD, truncated [ 80.660758][ T6907] loop4: p101 size 108986237 extends beyond EOD, truncated [ 80.673440][ T6907] loop4: p102 size 108986237 extends beyond EOD, truncated [ 80.728667][ T6907] loop4: p103 size 108986237 extends beyond EOD, truncated [ 80.830182][ T6907] loop4: p104 size 108986237 extends beyond EOD, truncated [ 80.843264][ T6907] loop4: p105 size 108986237 extends beyond EOD, truncated [ 80.855104][ T6907] loop4: p106 size 108986237 extends beyond EOD, truncated [ 80.869542][ T7028] loop3: detected capacity change from 0 to 512 [ 80.882337][ T6907] loop4: p107 size 108986237 extends beyond EOD, truncated [ 80.899065][ T6907] loop4: p108 size 108986237 extends beyond EOD, truncated [ 80.926336][ T7028] EXT4-fs (loop3): orphan cleanup on readonly fs [ 80.938697][ T6907] loop4: p109 size 108986237 extends beyond EOD, truncated [ 80.947352][ T7028] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.1401: bg 0: block 248: padding at end of block bitmap is not set [ 80.964764][ T6907] loop4: p110 size 108986237 extends beyond EOD, truncated [ 80.970954][ T7028] EXT4-fs error (device loop3): ext4_acquire_dquot:6927: comm syz.3.1401: Failed to acquire dquot type 1 [ 80.988124][ T6907] loop4: p111 size 108986237 extends beyond EOD, truncated [ 80.997912][ T6907] loop4: p112 size 108986237 extends beyond EOD, truncated [ 81.006346][ T6907] loop4: p113 size 108986237 extends beyond EOD, truncated [ 81.007890][ T7028] EXT4-fs (loop3): 1 truncate cleaned up [ 81.015600][ T6907] loop4: p114 size 108986237 extends beyond EOD, truncated [ 81.032432][ T6907] loop4: p115 size 108986237 extends beyond EOD, truncated [ 81.060433][ T7028] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 81.081349][ T6907] loop4: p116 size 108986237 extends beyond EOD, truncated [ 81.090070][ T6907] loop4: p117 size 108986237 extends beyond EOD, truncated [ 81.119135][ T7028] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended [ 81.119171][ T6907] loop4: p118 size 108986237 extends beyond EOD, truncated [ 81.141517][ T7028] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback. [ 81.165718][ T6907] loop4: p119 size 108986237 extends beyond EOD, truncated [ 81.182860][ T3297] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 81.201866][ T6907] loop4: p120 size 108986237 extends beyond EOD, truncated [ 81.219463][ T6907] loop4: p121 size 108986237 extends beyond EOD, truncated [ 81.236276][ T6907] loop4: p122 size 108986237 extends beyond EOD, truncated [ 81.246574][ T6907] loop4: p123 size 108986237 extends beyond EOD, truncated [ 81.263070][ T6907] loop4: p124 size 108986237 extends beyond EOD, truncated [ 81.278875][ T6907] loop4: p125 size 108986237 extends beyond EOD, truncated [ 81.288522][ T6907] loop4: p126 size 108986237 extends beyond EOD, truncated [ 81.298835][ T6907] loop4: p127 size 108986237 extends beyond EOD, truncated [ 81.310446][ T6907] loop4: p128 size 108986237 extends beyond EOD, truncated [ 81.321781][ T6907] loop4: p129 size 108986237 extends beyond EOD, truncated [ 81.330839][ T6907] loop4: p130 size 108986237 extends beyond EOD, truncated [ 81.340767][ T6907] loop4: p131 size 108986237 extends beyond EOD, truncated [ 81.349378][ T6907] loop4: p132 size 108986237 extends beyond EOD, truncated [ 81.358888][ T6907] loop4: p133 size 108986237 extends beyond EOD, truncated [ 81.376425][ T6907] loop4: p134 size 108986237 extends beyond EOD, truncated [ 81.395779][ T6907] loop4: p135 size 108986237 extends beyond EOD, truncated [ 81.405721][ T6907] loop4: p136 size 108986237 extends beyond EOD, truncated [ 81.418925][ T6907] loop4: p137 size 108986237 extends beyond EOD, truncated [ 81.429254][ T6907] loop4: p138 size 108986237 extends beyond EOD, truncated [ 81.455931][ T6907] loop4: p139 size 108986237 extends beyond EOD, truncated [ 81.481273][ T6907] loop4: p140 size 108986237 extends beyond EOD, truncated [ 81.490973][ T6907] loop4: p141 size 108986237 extends beyond EOD, truncated [ 81.518960][ T6907] loop4: p142 size 108986237 extends beyond EOD, truncated [ 81.560083][ T6907] loop4: p143 size 108986237 extends beyond EOD, truncated [ 81.577864][ T6907] loop4: p144 size 108986237 extends beyond EOD, truncated [ 81.588603][ T6907] loop4: p145 size 108986237 extends beyond EOD, truncated [ 81.598311][ T6907] loop4: p146 size 108986237 extends beyond EOD, truncated [ 81.607574][ T7066] loop1: detected capacity change from 0 to 512 [ 81.615016][ T6907] loop4: p147 size 108986237 extends beyond EOD, truncated [ 81.624170][ T6907] loop4: p148 size 108986237 extends beyond EOD, truncated [ 81.641843][ T6907] loop4: p149 size 108986237 extends beyond EOD, truncated [ 81.652631][ T6907] loop4: p150 size 108986237 extends beyond EOD, truncated [ 81.662486][ T7066] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 81.680736][ T6907] loop4: p151 size 108986237 extends beyond EOD, truncated [ 81.688575][ T7066] ext4 filesystem being mounted at /328/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 81.702321][ T6907] loop4: p152 size 108986237 extends beyond EOD, truncated [ 81.720158][ T6907] loop4: p153 size 108986237 extends beyond EOD, truncated [ 81.752409][ T6907] loop4: p154 size 108986237 extends beyond EOD, truncated [ 81.775071][ T6907] loop4: p155 size 108986237 extends beyond EOD, truncated [ 81.786764][ T6907] loop4: p156 size 108986237 extends beyond EOD, truncated [ 81.795648][ T6907] loop4: p157 size 108986237 extends beyond EOD, truncated [ 81.804896][ T6907] loop4: p158 size 108986237 extends beyond EOD, truncated [ 81.813664][ T6907] loop4: p159 size 108986237 extends beyond EOD, truncated [ 81.823413][ T6907] loop4: p160 size 108986237 extends beyond EOD, truncated [ 81.832711][ T6907] loop4: p161 size 108986237 extends beyond EOD, truncated [ 81.837635][ T7083] SELinux: ebitmap: truncated map [ 81.842065][ T6907] loop4: p162 size 108986237 extends beyond EOD, truncated [ 81.856862][ T6907] loop4: p163 size 108986237 extends beyond EOD, truncated [ 81.866214][ T6907] loop4: p164 size 108986237 extends beyond EOD, truncated [ 81.875485][ T7083] SELinux: failed to load policy [ 81.875615][ T6907] loop4: p165 size 108986237 extends beyond EOD, truncated [ 81.893131][ T6907] loop4: p166 size 108986237 extends beyond EOD, truncated [ 81.894003][ T3296] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 81.902604][ T6907] loop4: p167 size 108986237 extends beyond EOD, truncated [ 81.922667][ T6907] loop4: p168 size 108986237 extends beyond EOD, truncated [ 81.935875][ T6907] loop4: p169 size 108986237 extends beyond EOD, truncated [ 81.948639][ T6907] loop4: p170 size 108986237 extends beyond EOD, truncated [ 81.968493][ T6907] loop4: p171 size 108986237 extends beyond EOD, truncated [ 81.983478][ T7096] loop1: detected capacity change from 0 to 1024 [ 82.003794][ T6907] loop4: p172 size 108986237 extends beyond EOD, truncated [ 82.021629][ T7096] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 82.036828][ T6907] loop4: p173 size 108986237 extends beyond EOD, truncated [ 82.046244][ T6907] loop4: p174 size 108986237 extends beyond EOD, truncated [ 82.056538][ T6907] loop4: p175 size 108986237 extends beyond EOD, truncated [ 82.065677][ T6907] loop4: p176 size 108986237 extends beyond EOD, truncated [ 82.076026][ T6907] loop4: p177 size 108986237 extends beyond EOD, truncated [ 82.085562][ T6907] loop4: p178 size 108986237 extends beyond EOD, truncated [ 82.094824][ T6907] loop4: p179 size 108986237 extends beyond EOD, truncated [ 82.103159][ T6907] loop4: p180 size 108986237 extends beyond EOD, truncated [ 82.112596][ T6907] loop4: p181 size 108986237 extends beyond EOD, truncated [ 82.121838][ T6907] loop4: p182 size 108986237 extends beyond EOD, truncated [ 82.130102][ T6907] loop4: p183 size 108986237 extends beyond EOD, truncated [ 82.139172][ T6907] loop4: p184 size 108986237 extends beyond EOD, truncated [ 82.148711][ T6907] loop4: p185 size 108986237 extends beyond EOD, truncated [ 82.157337][ T6907] loop4: p186 size 108986237 extends beyond EOD, truncated [ 82.167066][ T6907] loop4: p187 size 108986237 extends beyond EOD, truncated [ 82.167826][ T29] kauditd_printk_skb: 66 callbacks suppressed [ 82.167843][ T29] audit: type=1326 audit(1740507896.138:1234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7106 comm="syz.3.1434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a93d1d169 code=0x7ffc0000 [ 82.175258][ T6907] loop4: p188 size 108986237 extends beyond EOD, truncated [ 82.216455][ T29] audit: type=1326 audit(1740507896.158:1235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7106 comm="syz.3.1434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=122 compat=0 ip=0x7f4a93d1d169 code=0x7ffc0000 [ 82.216619][ T6907] loop4: p189 size 108986237 extends beyond EOD, truncated [ 82.241895][ T29] audit: type=1326 audit(1740507896.158:1236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7106 comm="syz.3.1434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a93d1d169 code=0x7ffc0000 [ 82.250504][ T6907] loop4: p190 size 108986237 extends beyond EOD, [ 82.275211][ T29] audit: type=1326 audit(1740507896.158:1237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7106 comm="syz.3.1434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a93d1d169 code=0x7ffc0000 [ 82.275263][ T6907] truncated [ 82.309437][ T6907] loop4: p191 size 108986237 extends beyond EOD, truncated [ 82.311042][ T29] audit: type=1326 audit(1740507896.178:1238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7106 comm="syz.3.1434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f4a93d1d169 code=0x7ffc0000 [ 82.344262][ T29] audit: type=1326 audit(1740507896.178:1239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7106 comm="syz.3.1434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a93d1d169 code=0x7ffc0000 [ 82.369053][ T29] audit: type=1326 audit(1740507896.178:1240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7106 comm="syz.3.1434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a93d1d169 code=0x7ffc0000 [ 82.369583][ T6907] loop4: p192 size 108986237 extends beyond EOD, truncated [ 82.418340][ T3296] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 82.425382][ T29] audit: type=1326 audit(1740507896.368:1241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7106 comm="syz.3.1434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4a93d1d169 code=0x7ffc0000 [ 82.451501][ T29] audit: type=1326 audit(1740507896.368:1242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7106 comm="syz.3.1434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a93d1d169 code=0x7ffc0000 [ 82.478061][ T29] audit: type=1326 audit(1740507896.368:1243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7106 comm="syz.3.1434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a93d1d169 code=0x7ffc0000 [ 82.503366][ T6907] loop4: p193 size 108986237 extends beyond EOD, truncated [ 82.512713][ T6907] loop4: p194 size 108986237 extends beyond EOD, truncated [ 82.521045][ T6907] loop4: p195 size 108986237 extends beyond EOD, truncated [ 82.542244][ T6907] loop4: p196 size 108986237 extends beyond EOD, truncated [ 82.560330][ T6907] loop4: p197 size 108986237 extends beyond EOD, truncated [ 82.584964][ T6907] loop4: p198 size 108986237 extends beyond EOD, truncated [ 82.600004][ T6907] loop4: p199 size 108986237 extends beyond EOD, truncated [ 82.608875][ T6907] loop4: p200 size 108986237 extends beyond EOD, truncated [ 82.619624][ T6907] loop4: p201 size 108986237 extends beyond EOD, truncated [ 82.629635][ T6907] loop4: p202 size 108986237 extends beyond EOD, truncated [ 82.638226][ T6907] loop4: p203 size 108986237 extends beyond EOD, truncated [ 82.646498][ T6907] loop4: p204 size 108986237 extends beyond EOD, truncated [ 82.654763][ T6907] loop4: p205 size 108986237 extends beyond EOD, truncated [ 82.668223][ T6907] loop4: p206 size 108986237 extends beyond EOD, truncated [ 82.696377][ T6907] loop4: p207 size 108986237 extends beyond EOD, truncated [ 82.741023][ T6907] loop4: p208 size 108986237 extends beyond EOD, truncated [ 82.755911][ T6907] loop4: p209 size 108986237 extends beyond EOD, truncated [ 82.776845][ T6907] loop4: p210 size 108986237 extends beyond EOD, truncated [ 82.801062][ T6907] loop4: p211 size 108986237 extends beyond EOD, truncated [ 82.816591][ T6907] loop4: p212 size 108986237 extends beyond EOD, truncated [ 82.830884][ T6907] loop4: p213 size 108986237 extends beyond EOD, truncated [ 82.844314][ T6907] loop4: p214 size 108986237 extends beyond EOD, truncated [ 82.867135][ T6907] loop4: p215 size 108986237 extends beyond EOD, truncated [ 82.887204][ T6907] loop4: p216 size 108986237 extends beyond EOD, truncated [ 82.907287][ T6907] loop4: p217 size 108986237 extends beyond EOD, truncated [ 82.932112][ T6907] loop4: p218 size 108986237 extends beyond EOD, truncated [ 82.940364][ T6405] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 82.950471][ T6907] loop4: p219 size 108986237 extends beyond EOD, truncated [ 82.960213][ T6405] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 82.961247][ T6907] loop4: p220 size 108986237 extends beyond EOD, truncated [ 82.976973][ T6405] bond0 (unregistering): Released all slaves [ 82.982342][ T6907] loop4: p221 size 108986237 extends beyond EOD, truncated [ 82.992261][ T6907] loop4: p222 size 108986237 extends beyond EOD, truncated [ 83.004809][ T6907] loop4: p223 size 108986237 extends beyond EOD, truncated [ 83.024471][ T6907] loop4: p224 size 108986237 extends beyond EOD, truncated [ 83.042093][ T6907] loop4: p225 size 108986237 extends beyond EOD, truncated [ 83.061672][ T6405] IPVS: stopping backup sync thread 4930 ... [ 83.071052][ T6907] loop4: p226 size 108986237 extends beyond EOD, truncated [ 83.089896][ T6907] loop4: p227 size 108986237 extends beyond EOD, truncated [ 83.115340][ T6907] loop4: p228 size 108986237 extends beyond EOD, truncated [ 83.131254][ T6907] loop4: p229 size 108986237 extends beyond EOD, truncated [ 83.151901][ T6907] loop4: p230 size 108986237 extends beyond EOD, truncated [ 83.161354][ T6405] hsr_slave_0: left promiscuous mode [ 83.162264][ T6907] loop4: p231 size 108986237 extends beyond EOD, truncated [ 83.177381][ T6405] hsr_slave_1: left promiscuous mode [ 83.191390][ T6907] loop4: p232 size 108986237 extends beyond EOD, truncated [ 83.196954][ T6405] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 83.206821][ T6907] loop4: p233 size 108986237 extends beyond EOD, truncated [ 83.224085][ T6405] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 83.231917][ T6907] loop4: p234 size 108986237 extends beyond EOD, truncated [ 83.241098][ T6907] loop4: p235 size 108986237 extends beyond EOD, truncated [ 83.250142][ T6907] loop4: p236 size 108986237 extends beyond EOD, truncated [ 83.258626][ T6907] loop4: p237 size 108986237 extends beyond EOD, truncated [ 83.276249][ T6907] loop4: p238 size 108986237 extends beyond EOD, truncated [ 83.286854][ T6907] loop4: p239 size 108986237 extends beyond EOD, truncated [ 83.296853][ T6907] loop4: p240 size 108986237 extends beyond EOD, truncated [ 83.308333][ T6907] loop4: p241 size 108986237 extends beyond EOD, truncated [ 83.317755][ T6405] team0 (unregistering): Port device team_slave_1 removed [ 83.318133][ T6907] loop4: p242 size 108986237 extends beyond EOD, truncated [ 83.335106][ T6907] loop4: p243 size 108986237 extends beyond EOD, truncated [ 83.344274][ T6907] loop4: p244 size 108986237 extends beyond EOD, truncated [ 83.354062][ T6405] team0 (unregistering): Port device team_slave_0 removed [ 83.362755][ T6907] loop4: p245 size 108986237 extends beyond EOD, truncated [ 83.372512][ T6907] loop4: p246 size 108986237 extends beyond EOD, truncated [ 83.388963][ T6907] loop4: p247 size 108986237 extends beyond EOD, truncated [ 83.417040][ T6907] loop4: p248 size 108986237 extends beyond EOD, truncated [ 83.433041][ T6907] loop4: p249 size 108986237 extends beyond EOD, truncated [ 83.442795][ T6907] loop4: p250 size 108986237 extends beyond EOD, truncated [ 83.452616][ T6907] loop4: p251 size 108986237 extends beyond EOD, truncated [ 83.462592][ T6907] loop4: p252 size 108986237 extends beyond EOD, truncated [ 83.474252][ T6907] loop4: p253 size 108986237 extends beyond EOD, truncated [ 83.485041][ T6907] loop4: p254 size 108986237 extends beyond EOD, truncated [ 83.491906][ T7156] syzkaller0: entered promiscuous mode [ 83.493943][ T6907] loop4: p255 size 108986237 extends beyond EOD, truncated [ 83.499085][ T7156] syzkaller0: entered allmulticast mode [ 83.537892][ T6417] syzkaller0: tun_net_xmit 48 [ 83.543182][ T7161] syzkaller0: tun_chr_ioctl cmd 1074025677 [ 83.549305][ T7161] syzkaller0: Linktype set failed because interface is up [ 83.553459][ T7160] SELinux: failed to load policy [ 83.663795][ T7133] chnl_net:caif_netlink_parms(): no params data found [ 83.762623][ T7133] bridge0: port 1(bridge_slave_0) entered blocking state [ 83.769982][ T7133] bridge0: port 1(bridge_slave_0) entered disabled state [ 83.818286][ T7176] SELinux: security policydb version 18 (MLS) not backwards compatible [ 83.834578][ T7133] bridge_slave_0: entered allmulticast mode [ 83.848437][ T7176] SELinux: failed to load policy [ 83.862351][ T7133] bridge_slave_0: entered promiscuous mode [ 83.877619][ T7180] loop2: detected capacity change from 0 to 764 [ 83.893200][ T7133] bridge0: port 2(bridge_slave_1) entered blocking state [ 83.900852][ T7133] bridge0: port 2(bridge_slave_1) entered disabled state [ 83.924747][ T7133] bridge_slave_1: entered allmulticast mode [ 83.952790][ T7133] bridge_slave_1: entered promiscuous mode [ 83.998540][ T6405] IPVS: stop unused estimator thread 0... [ 84.027021][ T7133] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 84.049750][ T7133] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 84.098773][ T7133] team0: Port device team_slave_0 added [ 84.141749][ T7133] team0: Port device team_slave_1 added [ 84.190192][ T7133] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 84.197893][ T7133] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 84.224830][ T7133] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 84.291502][ T7133] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 84.299284][ T7133] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 84.327523][ T7133] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 84.354750][ T7201] loop1: detected capacity change from 0 to 1024 [ 84.392419][ T7201] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 84.392897][ T7133] hsr_slave_0: entered promiscuous mode [ 84.423020][ T7133] hsr_slave_1: entered promiscuous mode [ 84.438751][ T7133] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 84.447986][ T7133] Cannot create hsr debugfs directory [ 84.472929][ T3296] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 84.737202][ T7133] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 84.747586][ T7133] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 84.757164][ T7133] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 84.767970][ T7133] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 84.848493][ T7133] 8021q: adding VLAN 0 to HW filter on device bond0 [ 84.861068][ T7235] netlink: 96 bytes leftover after parsing attributes in process `syz.3.1484'. [ 84.880089][ T7133] 8021q: adding VLAN 0 to HW filter on device team0 [ 84.892417][ T6405] bridge0: port 1(bridge_slave_0) entered blocking state [ 84.899680][ T6405] bridge0: port 1(bridge_slave_0) entered forwarding state [ 84.929707][ T6423] bridge0: port 2(bridge_slave_1) entered blocking state [ 84.937218][ T6423] bridge0: port 2(bridge_slave_1) entered forwarding state [ 84.962929][ T7133] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 84.974626][ T7133] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 85.044680][ T7243] loop1: detected capacity change from 0 to 8192 [ 85.058783][ T7243] syz.1.1488: attempt to access beyond end of device [ 85.058783][ T7243] loop1: rw=0, sector=57847, nr_sectors = 1 limit=8192 [ 85.060459][ T7133] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 85.081862][ T7243] FAT-fs (loop1): error, invalid access to FAT (entry 0x0000e1b1) [ 85.089990][ T7243] FAT-fs (loop1): Filesystem has been set read-only [ 85.097716][ T7243] FAT-fs (loop1): error, invalid access to FAT (entry 0x0000e1b1) [ 85.106558][ T7243] FAT-fs (loop1): error, invalid access to FAT (entry 0x0000e1b1) [ 85.116232][ T7257] netlink: 2028 bytes leftover after parsing attributes in process `syz.3.1491'. [ 85.127685][ T7257] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1491'. [ 85.178623][ T7133] veth0_vlan: entered promiscuous mode [ 85.187861][ T7133] veth1_vlan: entered promiscuous mode [ 85.211754][ T7133] veth0_macvtap: entered promiscuous mode [ 85.220266][ T7133] veth1_macvtap: entered promiscuous mode [ 85.237152][ T7133] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 85.248404][ T7133] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 85.262841][ T7133] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 85.290235][ T7133] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 85.301721][ T7133] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 85.319792][ T7133] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 85.333492][ T7133] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 85.343117][ T7133] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 85.352379][ T7133] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 85.362055][ T7133] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 85.865980][ T7272] Set syz1 is full, maxelem 65536 reached [ 85.964140][ T7286] vxcan0: tx drop: invalid sa for name 0x0000000000000001 [ 86.103051][ T7310] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1507'. [ 86.104896][ T7309] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1510'. [ 86.207943][ T7318] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1514'. [ 86.217889][ T7314] loop2: detected capacity change from 0 to 8192 [ 86.476606][ T7341] 9pnet: Could not find request transport: f [ 86.558829][ T7350] Set syz1 is full, maxelem 65536 reached [ 86.587906][ T7355] netlink: 'syz.4.1530': attribute type 10 has an invalid length. [ 86.596289][ T7355] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1530'. [ 86.606049][ T7355] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 86.615190][ T7355] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 86.624504][ T7355] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 86.633885][ T7355] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 86.644541][ T7355] team0: Port device geneve1 added [ 86.676755][ T7359] syzkaller1: entered promiscuous mode [ 86.682519][ T7359] syzkaller1: entered allmulticast mode [ 87.054841][ T7379] syzkaller1: entered promiscuous mode [ 87.060933][ T7379] syzkaller1: entered allmulticast mode [ 87.791936][ T7484] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1552'. [ 87.827741][ T7491] loop2: detected capacity change from 0 to 256 [ 87.835781][ T7491] vfat: Unknown parameter '' [ 87.900329][ T7504] loop2: detected capacity change from 0 to 512 [ 87.919687][ T7504] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 87.947829][ T3305] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 88.112259][ T29] kauditd_printk_skb: 75 callbacks suppressed [ 88.112309][ T29] audit: type=1400 audit(1740770302.081:1319): avc: denied { write } for pid=7546 comm="syz.1.1562" name="snapshot" dev="devtmpfs" ino=90 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1 [ 88.112352][ T7548] random: crng reseeded on system resumption [ 88.139749][ T29] audit: type=1400 audit(1740770302.081:1320): avc: denied { open } for pid=7546 comm="syz.1.1562" path="/dev/snapshot" dev="devtmpfs" ino=90 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1 [ 88.382634][ T7574] loop3: detected capacity change from 0 to 256 [ 88.411400][ T7572] loop1: detected capacity change from 0 to 8192 [ 88.432626][ T29] audit: type=1326 audit(1740770302.401:1321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7577 comm="syz.3.1577" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a93d1d169 code=0x7ffc0000 [ 88.458754][ T29] audit: type=1326 audit(1740770302.401:1322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7577 comm="syz.3.1577" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a93d1d169 code=0x7ffc0000 [ 88.463031][ T7578] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1577'. [ 88.484437][ T29] audit: type=1326 audit(1740770302.401:1323): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7577 comm="syz.3.1577" exe="/root/syz-executor" sig=0 arch=c000003e syscall=83 compat=0 ip=0x7f4a93d1d169 code=0x7ffc0000 [ 88.484475][ T29] audit: type=1326 audit(1740770302.401:1324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7577 comm="syz.3.1577" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a93d1d169 code=0x7ffc0000 [ 88.545492][ T29] audit: type=1326 audit(1740770302.401:1325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7577 comm="syz.3.1577" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a93d1d169 code=0x7ffc0000 [ 88.553566][ T7572] loop1: p1 < > p2 [ 88.572753][ T29] audit: type=1326 audit(1740770302.401:1326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7577 comm="syz.3.1577" exe="/root/syz-executor" sig=0 arch=c000003e syscall=6 compat=0 ip=0x7f4a93d1d169 code=0x7ffc0000 [ 88.577057][ T7572] loop1: partition table partially beyond EOD, truncated [ 88.601499][ T7572] loop1: p1 start 4177526784 is beyond EOD, [ 88.609189][ T29] audit: type=1326 audit(1740770302.401:1327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7577 comm="syz.3.1577" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a93d1d169 code=0x7ffc0000 [ 88.616193][ T7572] truncated [ 88.642173][ T29] audit: type=1326 audit(1740770302.401:1328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7577 comm="syz.3.1577" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a93d1d169 code=0x7ffc0000 [ 88.645336][ T7572] loop1: p2 start 163840 is beyond EOD, truncated [ 88.701618][ T7581] netlink: 1196 bytes leftover after parsing attributes in process `syz.3.1579'. [ 88.995959][ T7606] loop1: detected capacity change from 0 to 128 [ 89.117247][ T7606] syz.1.1591: attempt to access beyond end of device [ 89.117247][ T7606] loop1: rw=0, sector=121, nr_sectors = 920 limit=128 [ 89.453606][ T7624] netlink: 'syz.3.1596': attribute type 2 has an invalid length. [ 89.553582][ T7633] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=7633 comm=syz.0.1601 [ 89.567893][ T7633] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=7633 comm=syz.0.1601 [ 89.612731][ T7636] loop3: detected capacity change from 0 to 256 [ 89.652010][ T7636] FAT-fs (loop3): Directory bread(block 64) failed [ 89.667279][ T7636] FAT-fs (loop3): Directory bread(block 65) failed [ 89.689116][ T7636] FAT-fs (loop3): Directory bread(block 66) failed [ 89.706406][ T7636] FAT-fs (loop3): Directory bread(block 67) failed [ 89.727541][ T7636] FAT-fs (loop3): Directory bread(block 68) failed [ 89.741933][ T7636] FAT-fs (loop3): Directory bread(block 69) failed [ 89.771610][ T7636] FAT-fs (loop3): Directory bread(block 70) failed [ 89.786216][ T7636] FAT-fs (loop3): Directory bread(block 71) failed [ 89.804706][ T7636] FAT-fs (loop3): Directory bread(block 72) failed [ 89.820004][ T7636] FAT-fs (loop3): Directory bread(block 73) failed [ 89.859581][ T7636] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 89.880261][ T7636] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 90.128159][ T7674] pim6reg1: entered promiscuous mode [ 90.134265][ T7674] pim6reg1: entered allmulticast mode [ 90.193113][ C1] vxcan0: j1939_tp_rxtimer: 0xffff888118743600: rx timeout, send abort [ 90.202354][ C1] vxcan0: j1939_tp_rxtimer: 0xffff888118743e00: rx timeout, send abort [ 90.212199][ C1] vxcan0: j1939_xtp_rx_abort_one: 0xffff888118743600: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 90.227581][ C1] vxcan0: j1939_xtp_rx_abort_one: 0xffff888118743e00: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 90.741826][ T7708] __nla_validate_parse: 2 callbacks suppressed [ 90.741843][ T7708] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1635'. [ 91.393570][ T7737] pim6reg1: entered promiscuous mode [ 91.399139][ T7737] pim6reg1: entered allmulticast mode [ 91.461144][ T7740] netlink: 'syz.3.1649': attribute type 4 has an invalid length. [ 91.469663][ T7740] netlink: 1772 bytes leftover after parsing attributes in process `syz.3.1649'. [ 91.479819][ T7740] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1649'. [ 91.515389][ T7744] netlink: 180900 bytes leftover after parsing attributes in process `syz.2.1651'. [ 91.526352][ T7744] netlink: zone id is out of range [ 91.532393][ T7744] netlink: zone id is out of range [ 91.539319][ T7744] netlink: zone id is out of range [ 91.545427][ T7744] netlink: zone id is out of range [ 91.554956][ T7744] netlink: set zone limit has 8 unknown bytes [ 91.578945][ T7746] netlink: 'syz.2.1652': attribute type 1 has an invalid length. [ 91.734078][ T7751] SELinux: ebitmap: truncated map [ 91.740093][ T7751] SELinux: failed to load policy [ 91.844191][ T7769] pim6reg1: entered allmulticast mode [ 91.863149][ T7769] pim6reg1: entered promiscuous mode [ 92.210755][ T7794] SELinux: ebitmap: truncated map [ 92.230546][ T7794] SELinux: failed to load policy [ 92.289824][ T7805] loop3: detected capacity change from 0 to 128 [ 92.298264][ T7805] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 92.360848][ T7802] Falling back ldisc for ttyS3. [ 93.023806][ T7859] loop4: detected capacity change from 0 to 1024 [ 93.036336][ T7859] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 93.048591][ T7859] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 93.064298][ T7859] JBD2: no valid journal superblock found [ 93.070292][ T7859] EXT4-fs (loop4): Could not load journal inode [ 93.224441][ T7875] sd 0:0:1:0: device reset [ 93.575935][ T7868] loop2: detected capacity change from 0 to 512 [ 93.604564][ T7868] EXT4-fs error (device loop2): ext4_orphan_get:1389: inode #15: comm syz.2.1708: casefold flag without casefold feature [ 93.652564][ T7868] EXT4-fs error (device loop2): ext4_orphan_get:1394: comm syz.2.1708: couldn't read orphan inode 15 (err -117) [ 93.655909][ T7895] netlink: 'syz.0.1717': attribute type 4 has an invalid length. [ 93.691751][ T7868] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 93.800538][ T7902] smc: net device bond0 applied user defined pnetid SYZ0 [ 93.808241][ T7902] smc: net device bond0 erased user defined pnetid SYZ0 [ 93.874034][ T29] kauditd_printk_skb: 61 callbacks suppressed [ 93.874053][ T29] audit: type=1326 audit(1740770307.841:1390): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7907 comm="syz.0.1722" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f66be3dd169 code=0x7ffc0000 [ 93.961742][ T3305] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 93.975613][ T29] audit: type=1326 audit(1740770307.841:1391): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7907 comm="syz.0.1722" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f66be3dd169 code=0x7ffc0000 [ 94.002226][ T29] audit: type=1326 audit(1740770307.891:1392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7907 comm="syz.0.1722" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f66be3dd169 code=0x7ffc0000 [ 94.029187][ T29] audit: type=1326 audit(1740770307.891:1393): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7907 comm="syz.0.1722" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f66be3dd169 code=0x7ffc0000 [ 94.054835][ T29] audit: type=1326 audit(1740770307.891:1394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7907 comm="syz.0.1722" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f66be3dd169 code=0x7ffc0000 [ 94.081981][ T29] audit: type=1326 audit(1740770307.891:1395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7907 comm="syz.0.1722" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f66be3dd169 code=0x7ffc0000 [ 94.107896][ T29] audit: type=1326 audit(1740770307.891:1396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7907 comm="syz.0.1722" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f66be3dd169 code=0x7ffc0000 [ 94.134388][ T29] audit: type=1326 audit(1740770307.891:1397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7907 comm="syz.0.1722" exe="/root/syz-executor" sig=0 arch=c000003e syscall=163 compat=0 ip=0x7f66be3dd169 code=0x7ffc0000 [ 94.162468][ T29] audit: type=1326 audit(1740770307.891:1398): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7907 comm="syz.0.1722" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f66be3dd169 code=0x7ffc0000 [ 94.189547][ T29] audit: type=1326 audit(1740770307.891:1399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7907 comm="syz.0.1722" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f66be3dd169 code=0x7ffc0000 [ 94.268928][ T7928] loop2: detected capacity change from 0 to 1024 [ 94.318616][ T7928] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 94.408421][ T7928] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4115: comm syz.2.1727: Allocating blocks 497-513 which overlap fs metadata [ 94.429370][ T7928] EXT4-fs (loop2): pa ffff8881069912a0: logic 256, phys. 385, len 8 [ 94.437921][ T7928] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:5366: group 0, free 0, pa_free 1 [ 94.589027][ T3305] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 95.208866][ T7981] netlink: 96 bytes leftover after parsing attributes in process `syz.4.1752'. [ 95.426897][ T8012] loop4: detected capacity change from 0 to 128 [ 95.527221][ T8024] sg_write: data in/out 209152/1 bytes for SCSI command 0xf2-- guessing data in; [ 95.527221][ T8024] program syz.4.1771 not setting count and/or reply_len properly [ 95.713798][ T8042] bridge: RTM_NEWNEIGH with invalid ether address [ 96.030070][ T8060] loop1: detected capacity change from 0 to 2048 [ 96.042585][ T8060] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 96.059621][ T8060] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 96.076952][ T8060] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 33 with error 28 [ 96.091270][ T8060] EXT4-fs (loop1): This should not happen!! Data will be lost [ 96.091270][ T8060] [ 96.101265][ T8060] EXT4-fs (loop1): Total free blocks count 0 [ 96.107367][ T8060] EXT4-fs (loop1): Free/Dirty block details [ 96.113539][ T8060] EXT4-fs (loop1): free_blocks=2415919104 [ 96.119332][ T8060] EXT4-fs (loop1): dirty_blocks=48 [ 96.124923][ T8060] EXT4-fs (loop1): Block reservation details [ 96.131383][ T8060] EXT4-fs (loop1): i_reserved_data_blocks=3 [ 96.165805][ T3296] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 96.303178][ T8019] syz.0.1769 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000 [ 96.314672][ T8019] CPU: 1 UID: 0 PID: 8019 Comm: syz.0.1769 Not tainted 6.14.0-rc4-syzkaller-00015-g2a1944bff549 #0 [ 96.314704][ T8019] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 96.314840][ T8019] Call Trace: [ 96.314850][ T8019] [ 96.314860][ T8019] dump_stack_lvl+0xf2/0x150 [ 96.314890][ T8019] dump_stack+0x15/0x1a [ 96.314916][ T8019] dump_header+0x83/0x2d0 [ 96.314957][ T8019] oom_kill_process+0x341/0x4c0 [ 96.315038][ T8019] out_of_memory+0x9af/0xbe0 [ 96.315078][ T8019] ? css_next_descendant_pre+0x11c/0x140 [ 96.315120][ T8019] mem_cgroup_out_of_memory+0x13e/0x190 [ 96.315212][ T8019] try_charge_memcg+0x508/0x7f0 [ 96.315242][ T8019] charge_memcg+0x50/0xc0 [ 96.315265][ T8019] mem_cgroup_swapin_charge_folio+0xd0/0x150 [ 96.315313][ T8019] __read_swap_cache_async+0x236/0x480 [ 96.315355][ T8019] swap_cluster_readahead+0x279/0x3f0 [ 96.315465][ T8019] swapin_readahead+0xe4/0x6f0 [ 96.315498][ T8019] ? __lruvec_stat_mod_folio+0xdb/0x120 [ 96.315607][ T8019] ? swap_cache_get_folio+0x77/0x210 [ 96.315640][ T8019] do_swap_page+0x31b/0x2550 [ 96.315687][ T8019] ? __rcu_read_lock+0x36/0x50 [ 96.315711][ T8019] ? __pfx_default_wake_function+0x10/0x10 [ 96.315754][ T8019] handle_mm_fault+0x8e4/0x2ac0 [ 96.315892][ T8019] exc_page_fault+0x3b9/0x650 [ 96.315928][ T8019] asm_exc_page_fault+0x26/0x30 [ 96.316001][ T8019] RIP: 0033:0x7f66be2b3bcc [ 96.316085][ T8019] Code: 66 0f 1f 44 00 00 69 3d e6 1a e7 00 e8 03 00 00 48 8d 1d e7 23 34 00 e8 02 95 12 00 eb 0c 48 81 c3 e0 00 00 00 48 39 eb 74 24 <80> 7b 20 00 74 ee 8b 43 0c 85 c0 74 e7 48 89 df 48 81 c3 e0 00 00 [ 96.316106][ T8019] RSP: 002b:00007ffcf1b4dcf0 EFLAGS: 00010206 [ 96.316124][ T8019] RAX: 0000000000000000 RBX: 00007f66be5f5fa0 RCX: 0000000000000000 [ 96.316139][ T8019] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000555578679808 [ 96.316192][ T8019] RBP: 00007f66be5f7ba0 R08: 0000000000000000 R09: 7fffffffffffffff [ 96.316204][ T8019] R10: 0000000000000000 R11: 0000000000000293 R12: 000000000001782e [ 96.316216][ T8019] R13: 00007ffcf1b4dde0 R14: ffffffffffffffff R15: 00007ffcf1b4de00 [ 96.316238][ T8019] [ 96.316246][ T8019] memory: usage 307200kB, limit 307200kB, failcnt 172 [ 96.539641][ T8019] memory+swap: usage 307372kB, limit 9007199254740988kB, failcnt 0 [ 96.549774][ T8019] kmem: usage 307184kB, limit 9007199254740988kB, failcnt 0 [ 96.557537][ T8019] Memory cgroup stats for /syz0: [ 96.557754][ T8019] cache 0 [ 96.566161][ T8019] rss 0 [ 96.568956][ T8019] shmem 0 [ 96.571921][ T8019] mapped_file 0 [ 96.575627][ T8019] dirty 0 [ 96.578779][ T8019] writeback 8192 [ 96.582448][ T8019] workingset_refault_anon 18 [ 96.587347][ T8019] workingset_refault_file 116 [ 96.592274][ T8019] swap 176128 [ 96.595827][ T8019] swapcached 16384 [ 96.599594][ T8019] pgpgin 89161 [ 96.603294][ T8019] pgpgout 89157 [ 96.606895][ T8019] pgfault 82987 [ 96.610382][ T8019] pgmajfault 11 [ 96.613909][ T8019] inactive_anon 16384 [ 96.617935][ T8019] active_anon 0 [ 96.621713][ T8019] inactive_file 0 [ 96.625605][ T8019] active_file 0 [ 96.629133][ T8019] unevictable 0 [ 96.632796][ T8019] hierarchical_memory_limit 314572800 [ 96.638614][ T8019] hierarchical_memsw_limit 9223372036854771712 [ 96.641638][ T8082] netlink: 88 bytes leftover after parsing attributes in process `syz.4.1793'. [ 96.644999][ T8019] total_cache 0 [ 96.657480][ T8019] total_rss 0 [ 96.660874][ T8019] total_shmem 0 [ 96.664351][ T8019] total_mapped_file 0 [ 96.668428][ T8019] total_dirty 0 [ 96.671938][ T8019] total_writeback 8192 [ 96.676186][ T8019] total_workingset_refault_anon 18 [ 96.681445][ T8019] total_workingset_refault_file 116 [ 96.686658][ T8019] total_swap 176128 [ 96.690600][ T8019] total_swapcached 16384 [ 96.695541][ T8019] total_pgpgin 89161 [ 96.699700][ T8019] total_pgpgout 89157 [ 96.703874][ T8019] total_pgfault 82987 [ 96.707935][ T8019] total_pgmajfault 11 [ 96.711980][ T8019] total_inactive_anon 16384 [ 96.716496][ T8019] total_active_anon 0 [ 96.720532][ T8019] total_inactive_file 0 [ 96.724727][ T8019] total_active_file 0 [ 96.728844][ T8019] total_unevictable 0 [ 96.733115][ T8019] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz.0.1769,pid=8019,uid=0 [ 96.748158][ T8019] Memory cgroup out of memory: Killed process 8019 (syz.0.1769) total-vm:93580kB, anon-rss:916kB, file-rss:22060kB, shmem-rss:0kB, UID:0 pgtables:124kB oom_score_adj:1000 [ 97.301697][ T8106] loop4: detected capacity change from 0 to 128 [ 97.363555][ T8111] loop4: detected capacity change from 0 to 512 [ 97.400665][ T8111] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 97.457790][ T8020] syz.0.1769 (8020) used greatest stack depth: 6344 bytes left [ 97.508765][ T3303] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 97.656605][ T8122] Invalid ELF header magic: != ELF [ 97.669849][ T8130] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=8130 comm=syz.2.1815 [ 97.987392][ T8152] syzkaller1: entered promiscuous mode [ 97.993115][ T8152] syzkaller1: entered allmulticast mode [ 98.125253][ T8156] serio: Serial port ptm0 [ 98.251701][ T8161] syzkaller1: entered promiscuous mode [ 98.258634][ T8161] syzkaller1: entered allmulticast mode [ 98.870698][ T5597] page_pool_release_retry() stalled pool shutdown: id 27, 2 inflight 60 sec [ 99.479047][ T8186] loop2: detected capacity change from 0 to 512 [ 99.560162][ T29] kauditd_printk_skb: 58 callbacks suppressed [ 99.560180][ T29] audit: type=1326 audit(1740770313.521:1458): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8194 comm="syz.4.1843" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20e44cd169 code=0x7ffc0000 [ 99.593070][ T29] audit: type=1326 audit(1740770313.521:1459): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8194 comm="syz.4.1843" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20e44cd169 code=0x7ffc0000 [ 99.687185][ T29] audit: type=1326 audit(1740770313.521:1460): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8194 comm="syz.4.1843" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f20e44cd169 code=0x7ffc0000 [ 99.711537][ T29] audit: type=1326 audit(1740770313.531:1461): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8194 comm="syz.4.1843" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20e44cd169 code=0x7ffc0000 [ 99.736006][ T29] audit: type=1326 audit(1740770313.531:1462): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8194 comm="syz.4.1843" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20e44cd169 code=0x7ffc0000 [ 99.763838][ T29] audit: type=1326 audit(1740770313.581:1463): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8194 comm="syz.4.1843" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f20e44cd169 code=0x7ffc0000 [ 99.789538][ T29] audit: type=1326 audit(1740770313.581:1464): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8194 comm="syz.4.1843" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20e44cd169 code=0x7ffc0000 [ 99.815673][ T29] audit: type=1326 audit(1740770313.581:1465): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8194 comm="syz.4.1843" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f20e44cd169 code=0x7ffc0000 [ 99.840342][ T29] audit: type=1326 audit(1740770313.581:1466): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8194 comm="syz.4.1843" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20e44cd169 code=0x7ffc0000 [ 99.864854][ T29] audit: type=1326 audit(1740770313.581:1467): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8194 comm="syz.4.1843" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f20e44cd169 code=0x7ffc0000 [ 99.897786][ T8207] loop2: detected capacity change from 0 to 1024 [ 99.905809][ T8207] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 99.938618][ T8207] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 99.970540][ T3305] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 100.144236][ T8225] netlink: 96 bytes leftover after parsing attributes in process `syz.4.1853'. [ 100.218849][ T8237] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1859'. [ 100.350013][ T8246] netlink: 'syz.2.1863': attribute type 12 has an invalid length. [ 100.686137][ T8263] syzkaller0: entered promiscuous mode [ 100.691823][ T8263] syzkaller0: entered allmulticast mode [ 100.857101][ T8270] netlink: 180900 bytes leftover after parsing attributes in process `syz.0.1874'. [ 100.868268][ T8270] netlink: zone id is out of range [ 100.873685][ T8270] netlink: zone id is out of range [ 100.879580][ T8270] netlink: zone id is out of range [ 100.887014][ T8270] netlink: zone id is out of range [ 100.896789][ T8270] netlink: set zone limit has 8 unknown bytes [ 101.358782][ T8315] SELinux: ebitmap: truncated map [ 101.370661][ T8315] SELinux: failed to load policy [ 101.426872][ T8320] sch_tbf: burst 3298 is lower than device lo mtu (11337746) ! [ 101.622952][ T8344] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1907'. [ 102.072023][ T8382] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 102.082199][ T8382] vhci_hcd: default hub control req: 2314 v0008 i0002 l0 [ 102.145935][ T8386] netlink: 96 bytes leftover after parsing attributes in process `syz.3.1925'. [ 102.199359][ T8388] vlan2: entered allmulticast mode [ 102.205328][ T8388] bridge_slave_0: entered allmulticast mode [ 102.213601][ T8388] bridge_slave_0: left allmulticast mode [ 102.279763][ T8392] sg_write: data in/out 209152/1 bytes for SCSI command 0xf2-- guessing data in; [ 102.279763][ T8392] program syz.0.1928 not setting count and/or reply_len properly [ 102.561544][ T8419] loop3: detected capacity change from 0 to 1024 [ 102.575262][ T8419] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 102.587417][ T8419] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 102.615686][ T8419] JBD2: no valid journal superblock found [ 102.621949][ T8419] EXT4-fs (loop3): Could not load journal inode [ 102.744413][ T8437] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1950'. [ 102.789776][ T8433] loop1: detected capacity change from 0 to 8192 [ 102.809519][ T8441] hub 6-0:1.0: USB hub found [ 102.835737][ T8441] hub 6-0:1.0: 8 ports detected [ 102.866681][ T8445] smc: net device bond0 applied user defined pnetid SYZ0 [ 102.885351][ T8445] smc: net device bond0 erased user defined pnetid SYZ0 [ 102.924895][ T8443] loop3: detected capacity change from 0 to 8192 [ 103.066224][ T8457] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1959'. [ 103.116043][ T8457] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1959'. [ 103.437834][ T8488] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1971'. [ 103.461781][ T8482] loop1: detected capacity change from 0 to 2048 [ 103.544932][ T8482] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 103.717780][ T8513] tipc: Started in network mode [ 103.723070][ T8513] tipc: Node identity ffffffff, cluster identity 4711 [ 103.730096][ T8513] tipc: Node number set to 4294967295 [ 103.893616][ T8523] netlink: 'syz.2.1988': attribute type 2 has an invalid length. [ 103.901902][ T8523] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1988'. [ 104.269800][ T8549] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2000'. [ 104.279441][ T8549] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2000'. [ 104.328091][ T3296] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 104.384125][ T8562] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2005'. [ 104.393811][ T8562] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2005'. [ 104.519375][ T8582] bridge: RTM_NEWNEIGH with invalid ether address [ 104.567614][ T29] kauditd_printk_skb: 160 callbacks suppressed [ 104.567633][ T29] audit: type=1400 audit(1740770318.531:1628): avc: denied { read } for pid=8587 comm="syz.4.2017" name="cgroup.procs" dev="cgroup" ino=200 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="system_u:object_r:semanage_exec_t:s0" [ 104.631797][ T29] audit: type=1400 audit(1740770318.571:1629): avc: denied { open } for pid=8587 comm="syz.4.2017" path="/syzcgroup/cpu/syz4/cgroup.procs" dev="cgroup" ino=200 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="system_u:object_r:semanage_exec_t:s0" [ 104.886289][ T29] audit: type=1400 audit(1740770318.851:1630): avc: denied { setopt } for pid=8607 comm="syz.0.2026" lport=255 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 105.002604][ T29] audit: type=1400 audit(1740770318.971:1631): avc: denied { create } for pid=8616 comm="syz.4.2029" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 105.056720][ T29] audit: type=1400 audit(1740770319.001:1632): avc: denied { setopt } for pid=8616 comm="syz.4.2029" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 105.102561][ T29] audit: type=1400 audit(1740770319.021:1633): avc: denied { read write } for pid=8618 comm="syz.0.2031" name="uhid" dev="devtmpfs" ino=253 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1 [ 105.128764][ T29] audit: type=1400 audit(1740770319.021:1634): avc: denied { open } for pid=8618 comm="syz.0.2031" path="/dev/uhid" dev="devtmpfs" ino=253 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1 [ 105.154015][ T29] audit: type=1400 audit(1740770319.071:1635): avc: denied { bind } for pid=8620 comm="syz.4.2032" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 105.176170][ T29] audit: type=1400 audit(1740770319.121:1636): avc: denied { setopt } for pid=8620 comm="syz.4.2032" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 105.202103][ T29] audit: type=1400 audit(1740770319.171:1637): avc: denied { ioctl } for pid=8620 comm="syz.4.2032" path="socket:[20741]" dev="sockfs" ino=20741 ioctlcmd=0x8946 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 105.420785][ T8634] syzkaller1: entered promiscuous mode [ 105.426944][ T8634] syzkaller1: entered allmulticast mode [ 105.592579][ T8650] netlink: 'syz.2.2045': attribute type 10 has an invalid length. [ 105.862325][ T8678] loop2: detected capacity change from 0 to 256 [ 105.886458][ T8678] FAT-fs (loop2): Directory bread(block 64) failed [ 105.904698][ T8678] FAT-fs (loop2): Directory bread(block 65) failed [ 105.919295][ T8678] FAT-fs (loop2): Directory bread(block 66) failed [ 105.934812][ T8678] FAT-fs (loop2): Directory bread(block 67) failed [ 105.942698][ T8686] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=8686 comm=syz.4.2062 [ 105.943361][ T8678] FAT-fs (loop2): Directory bread(block 68) failed [ 105.964871][ T8678] FAT-fs (loop2): Directory bread(block 69) failed [ 105.971697][ T8678] FAT-fs (loop2): Directory bread(block 70) failed [ 105.982710][ T8678] FAT-fs (loop2): Directory bread(block 71) failed [ 105.992429][ T8678] FAT-fs (loop2): Directory bread(block 72) failed [ 105.999418][ T8678] FAT-fs (loop2): Directory bread(block 73) failed [ 106.017635][ T8690] loop3: detected capacity change from 0 to 128 [ 106.041894][ T8692] : renamed from vlan0 [ 106.052262][ T8678] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 106.081510][ T8678] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 106.123767][ T8690] syz.3.2063: attempt to access beyond end of device [ 106.123767][ T8690] loop3: rw=0, sector=121, nr_sectors = 920 limit=128 [ 106.246379][ T8713] syzkaller0: entered promiscuous mode [ 106.252169][ T8713] syzkaller0: entered allmulticast mode [ 106.324431][ T8720] loop3: detected capacity change from 0 to 2048 [ 106.349337][ T8720] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 106.366852][ T8720] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 106.382544][ T8720] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 33 with error 28 [ 106.395366][ T8720] EXT4-fs (loop3): This should not happen!! Data will be lost [ 106.395366][ T8720] [ 106.405565][ T8720] EXT4-fs (loop3): Total free blocks count 0 [ 106.411813][ T8720] EXT4-fs (loop3): Free/Dirty block details [ 106.417840][ T8720] EXT4-fs (loop3): free_blocks=2415919104 [ 106.423794][ T8720] EXT4-fs (loop3): dirty_blocks=48 [ 106.429316][ T8720] EXT4-fs (loop3): Block reservation details [ 106.436050][ T8720] EXT4-fs (loop3): i_reserved_data_blocks=3 [ 106.474074][ T3297] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 106.538407][ T8734] netlink: 'syz.3.2082': attribute type 3 has an invalid length. [ 106.630031][ T8743] SELinux: failed to load policy [ 106.909996][ T8761] netlink: 'syz.2.2103': attribute type 4 has an invalid length. [ 107.157970][ T8787] xt_hashlimit: max too large, truncated to 1048576 [ 107.187274][ T8787] Cannot find set identified by id 0 to match [ 107.678769][ T8820] loop4: detected capacity change from 0 to 2048 [ 107.751808][ T8820] loop4: p1 < > p4 [ 107.768018][ T8820] loop4: p4 size 8388608 extends beyond EOD, truncated [ 107.794641][ T8835] loop1: detected capacity change from 0 to 128 [ 107.814408][ T8837] geneve0: left allmulticast mode [ 107.824505][ T8835] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 107.854536][ T8835] ext4 filesystem being mounted at /453/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 108.052364][ T8851] __nla_validate_parse: 5 callbacks suppressed [ 108.052385][ T8851] netlink: 168 bytes leftover after parsing attributes in process `syz.3.2135'. [ 108.196381][ T8859] netlink: 36 bytes leftover after parsing attributes in process `syz.2.2139'. [ 108.359638][ T3296] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 108.420103][ T8869] loop3: detected capacity change from 0 to 512 [ 108.591523][ T8884] vlan1: entered allmulticast mode [ 108.624990][ T8885] loop2: detected capacity change from 0 to 4096 [ 108.637452][ T8887] loop3: detected capacity change from 0 to 736 [ 108.652759][ T8885] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 108.666791][ T8885] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 108.834778][ T8912] SELinux: ebitmap: truncated map [ 108.841367][ T8912] SELinux: failed to load policy [ 108.865919][ T8917] loop1: detected capacity change from 0 to 256 [ 109.003255][ T5587] Process accounting resumed [ 109.011573][ T8927] loop1: detected capacity change from 0 to 512 [ 109.021857][ T8927] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 109.043028][ T8927] EXT4-fs (loop1): 1 truncate cleaned up [ 109.049979][ T8927] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 109.096791][ T8934] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2169'. [ 109.117061][ T3296] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 109.155863][ T8936] loop1: detected capacity change from 0 to 2048 [ 109.204948][ T8936] loop1: p1 < > p4 [ 109.209926][ T8936] loop1: p4 size 8388608 extends beyond EOD, truncated [ 109.691117][ T29] kauditd_printk_skb: 183 callbacks suppressed [ 109.691135][ T29] audit: type=1400 audit(1740770323.661:1821): avc: denied { setopt } for pid=8970 comm="syz.4.2185" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 109.786077][ T29] audit: type=1400 audit(1740770323.711:1822): avc: denied { map } for pid=8952 comm="syz.2.2177" path="socket:[21300]" dev="sockfs" ino=21300 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tcp_socket permissive=1 [ 109.810394][ T29] audit: type=1400 audit(1740770323.721:1823): avc: denied { bind } for pid=8970 comm="syz.4.2185" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 109.833635][ T8976] loop1: detected capacity change from 0 to 1024 [ 109.853821][ T8977] loop4: detected capacity change from 0 to 512 [ 109.866240][ T8976] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (29950!=20869) [ 109.866920][ T8977] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.2187: bg 0: block 418: padding at end of block bitmap is not set [ 109.900000][ T8976] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 109.931901][ T8976] EXT4-fs (loop1): invalid journal inode [ 109.937877][ T8976] EXT4-fs (loop1): can't get journal size [ 109.945426][ T8983] wg2: entered promiscuous mode [ 109.946348][ T8977] EXT4-fs (loop4): Remounting filesystem read-only [ 109.950458][ T8983] wg2: entered allmulticast mode [ 109.960805][ T8976] EXT4-fs error (device loop1): ext4_protect_reserved_inode:182: inode #2: comm syz.1.2186: blocks 48-48 from inode overlap system zone [ 109.993012][ T8977] EXT4-fs (loop4): 1 truncate cleaned up [ 110.001310][ T8977] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 110.010885][ T8976] EXT4-fs (loop1): failed to initialize system zone (-117) [ 110.015057][ T8977] SELinux: (dev loop4, type ext4) getxattr errno 5 [ 110.029896][ T8977] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 110.032989][ T29] audit: type=1326 audit(1740770323.991:1824): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8939 comm="syz.3.2173" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f4a93d14127 code=0x7fc00000 [ 110.040198][ T8976] EXT4-fs (loop1): mount failed [ 110.153081][ T9001] veth0_vlan: entered allmulticast mode [ 110.162751][ T9000] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2195'. [ 110.192605][ T9001] : renamed from vlan0 [ 110.289970][ T9021] smc: net device bond0 applied user defined pnetid SYZ0 [ 110.297949][ T9021] smc: net device bond0 erased user defined pnetid SYZ0 [ 110.390255][ T9024] hub 2-0:1.0: USB hub found [ 110.404461][ T9024] hub 2-0:1.0: 8 ports detected [ 110.472325][ T29] audit: type=1400 audit(1740770324.441:1825): avc: denied { read } for pid=9031 comm="syz.2.2206" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1 [ 110.554833][ T29] audit: type=1326 audit(1740770324.521:1826): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9044 comm="syz.0.2213" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f66be3dd169 code=0x7ffc0000 [ 110.578359][ T29] audit: type=1326 audit(1740770324.521:1827): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9044 comm="syz.0.2213" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f66be3dd169 code=0x7ffc0000 [ 110.630315][ T29] audit: type=1326 audit(1740770324.521:1828): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9044 comm="syz.0.2213" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f66be3dd169 code=0x7ffc0000 [ 110.654115][ T29] audit: type=1326 audit(1740770324.521:1829): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9044 comm="syz.0.2213" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f66be3dd169 code=0x7ffc0000 [ 110.677901][ T29] audit: type=1326 audit(1740770324.521:1830): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9044 comm="syz.0.2213" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f66be3dd169 code=0x7ffc0000 [ 111.325680][ T9095] vlan2: entered allmulticast mode [ 111.413057][ T9102] loop4: detected capacity change from 0 to 512 [ 111.419988][ T9102] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 111.432361][ T9102] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2240: inode #17: comm syz.4.2236: corrupted in-inode xattr: invalid ea_ino [ 111.446277][ T9102] EXT4-fs error (device loop4): ext4_orphan_get:1394: comm syz.4.2236: couldn't read orphan inode 17 (err -117) [ 111.460048][ T9102] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 111.474828][ T9106] SELinux: ebitmap: map size 695 does not match my size 64 (high bit was 469762068) [ 111.484634][ T9106] SELinux: failed to load policy [ 111.491984][ T3303] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 111.566778][ T9110] tipc: Started in network mode [ 111.571898][ T9110] tipc: Node identity ffffffff, cluster identity 4711 [ 111.578960][ T9110] tipc: Node number set to 4294967295 [ 111.628804][ T9118] loop3: detected capacity change from 0 to 512 [ 111.638705][ T9118] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.2245: bg 0: block 35: padding at end of block bitmap is not set [ 111.653963][ T9118] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6550: Corrupt filesystem [ 111.666266][ T9118] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #13: comm syz.3.2245: invalid indirect mapped block 4294967295 (level 1) [ 111.681807][ T9118] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #13: comm syz.3.2245: invalid indirect mapped block 4294967295 (level 2) [ 111.697742][ T9118] EXT4-fs (loop3): 1 truncate cleaned up [ 111.705934][ T9118] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 111.785474][ T3297] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 112.091599][ T9154] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2259'. [ 112.199465][ T9168] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2267'. [ 112.208688][ T9168] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2267'. [ 112.392084][ T5594] page_pool_release_retry() stalled pool shutdown: id 35, 2 inflight 60 sec [ 113.145221][ T9226] netlink: 'syz.3.2289': attribute type 4 has an invalid length. [ 113.154626][ T9226] netlink: 'syz.3.2289': attribute type 4 has an invalid length. [ 113.255515][ T9234] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2292'. [ 113.276577][ T9237] loop3: detected capacity change from 0 to 1024 [ 113.304131][ T9237] EXT4-fs: Ignoring removed bh option [ 113.331488][ T9237] EXT4-fs (loop3): can't mount with journal_async_commit, fs mounted w/o journal [ 113.399406][ T9246] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies. [ 113.509792][ T9259] nfs4: Bad value for 'source' [ 113.705988][ T9277] loop2: detected capacity change from 0 to 128 [ 114.051846][ T9304] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=9304 comm=syz.1.2321 [ 114.117510][ T9310] loop3: detected capacity change from 0 to 128 [ 114.835291][ T9348] netlink: 'syz.2.2351': attribute type 1 has an invalid length. [ 114.871285][ T9348] 8021q: adding VLAN 0 to HW filter on device bond1 [ 115.073923][ T9367] syzkaller0: entered promiscuous mode [ 115.080020][ T9367] syzkaller0: entered allmulticast mode [ 115.097131][ T29] kauditd_printk_skb: 66 callbacks suppressed [ 115.097150][ T29] audit: type=1400 audit(1740770329.061:1897): avc: denied { ioctl } for pid=9375 comm="syz.1.2355" path="socket:[22083]" dev="sockfs" ino=22083 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 115.160275][ T9380] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2355'. [ 115.243880][ T9387] SELinux: failed to load policy [ 115.283204][ T9391] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2359'. [ 115.334911][ T9398] pim6reg: entered allmulticast mode [ 115.352507][ T9398] pim6reg: left allmulticast mode [ 115.364333][ T9402] netlink: 'syz.0.2364': attribute type 3 has an invalid length. [ 115.444158][ T9414] SELinux: failed to load policy [ 115.477655][ T9418] loop4: detected capacity change from 0 to 2048 [ 115.515105][ T9418] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 115.535576][ T9418] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 115.551902][ T9418] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 33 with error 28 [ 115.564404][ T9418] EXT4-fs (loop4): This should not happen!! Data will be lost [ 115.564404][ T9418] [ 115.574408][ T9418] EXT4-fs (loop4): Total free blocks count 0 [ 115.580623][ T9418] EXT4-fs (loop4): Free/Dirty block details [ 115.586673][ T9418] EXT4-fs (loop4): free_blocks=2415919104 [ 115.592671][ T9418] EXT4-fs (loop4): dirty_blocks=48 [ 115.597837][ T9418] EXT4-fs (loop4): Block reservation details [ 115.604168][ T9418] EXT4-fs (loop4): i_reserved_data_blocks=3 [ 115.630726][ T3303] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 115.718954][ T9429] syzkaller0: entered promiscuous mode [ 115.724584][ T9429] syzkaller0: entered allmulticast mode [ 115.791063][ T9437] nfs4: Bad value for 'source' [ 115.835515][ T9438] loop1: detected capacity change from 0 to 1024 [ 115.856652][ T9438] EXT4-fs: Ignoring removed bh option [ 115.872044][ T9438] EXT4-fs (loop1): can't mount with journal_async_commit, fs mounted w/o journal [ 115.886018][ T29] audit: type=1326 audit(1740770329.851:1898): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9444 comm="syz.2.2380" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f306376d169 code=0x0 [ 115.996382][ T9454] netlink: 'syz.1.2382': attribute type 3 has an invalid length. [ 116.015493][ T9451] SELinux: ebitmap: truncated map [ 116.023405][ T9451] SELinux: failed to load policy [ 116.048076][ T9460] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2386'. [ 116.082515][ T29] audit: type=1400 audit(1740770330.051:1899): avc: denied { mount } for pid=9461 comm="syz.4.2387" name="/" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 116.105996][ T29] audit: type=1400 audit(1740770330.051:1900): avc: denied { mounton } for pid=9461 comm="syz.4.2387" path="/460/file0" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 116.129243][ T29] audit: type=1400 audit(1740770330.081:1901): avc: denied { unmount } for pid=3303 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 116.235922][ T29] audit: type=1400 audit(1740770330.201:1902): avc: denied { map } for pid=9474 comm="syz.3.2395" path="socket:[23072]" dev="sockfs" ino=23072 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=udp_socket permissive=1 [ 116.341185][ T9489] netlink: 96 bytes leftover after parsing attributes in process `syz.3.2401'. [ 116.369540][ T9492] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2402'. [ 116.437150][ T9497] IPVS: wrr: SCTP 172.20.20.187:0 - no destination available [ 116.516064][ T9509] xt_hashlimit: size too large, truncated to 1048576 [ 116.768793][ T9524] xt_hashlimit: max too large, truncated to 1048576 [ 116.795826][ T9526] SELinux: Context is not valid (left unmapped). [ 116.795840][ T29] audit: type=1400 audit(1740770330.761:1903): avc: denied { mac_admin } for pid=9525 comm="syz.0.2416" capability=33 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 116.904005][ T9532] netlink: 'syz.0.2429': attribute type 1 has an invalid length. [ 116.918976][ T9534] loop2: detected capacity change from 0 to 512 [ 116.926989][ T9534] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 116.938728][ T9534] EXT4-fs (loop2): 1 orphan inode deleted [ 116.944804][ T9534] EXT4-fs (loop2): 1 truncate cleaned up [ 116.951055][ T9534] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 116.964571][ T9532] 8021q: adding VLAN 0 to HW filter on device bond1 [ 116.984887][ T3305] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 117.038092][ T29] audit: type=1326 audit(1740770331.001:1904): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9545 comm="syz.1.2424" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffac9f0d169 code=0x7ffc0000 [ 117.062564][ T29] audit: type=1326 audit(1740770331.001:1905): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9545 comm="syz.1.2424" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ffac9f0d169 code=0x7ffc0000 [ 117.087129][ T29] audit: type=1326 audit(1740770331.001:1906): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9545 comm="syz.1.2424" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffac9f0d169 code=0x7ffc0000 [ 117.392340][ T9574] netlink: 168 bytes leftover after parsing attributes in process `syz.1.2437'. [ 117.424722][ T9576] xt_hashlimit: max too large, truncated to 1048576 [ 117.747440][ T9593] netlink: 'syz.1.2446': attribute type 1 has an invalid length. [ 117.761723][ T9593] 8021q: adding VLAN 0 to HW filter on device bond2 [ 118.143685][ T9612] loop4: detected capacity change from 0 to 128 [ 118.152664][ T9612] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 118.167868][ T9612] ext4 filesystem being mounted at /466/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 118.530694][ T3303] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 119.408272][ T9707] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2497'. [ 119.654036][ T9731] veth0_vlan: entered allmulticast mode [ 119.692363][ T9733] wg2: entered promiscuous mode [ 119.697301][ T9733] wg2: entered allmulticast mode [ 119.702950][ T6445] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 119.822357][ T9742] loop3: detected capacity change from 0 to 1024 [ 119.831466][ T9742] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (29950!=20869) [ 119.841982][ T9742] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 119.853836][ T9742] EXT4-fs (loop3): invalid journal inode [ 119.859709][ T9742] EXT4-fs (loop3): can't get journal size [ 119.876856][ T9742] EXT4-fs error (device loop3): ext4_protect_reserved_inode:182: inode #2: comm syz.3.2514: blocks 48-48 from inode overlap system zone [ 119.892906][ T9742] EXT4-fs (loop3): failed to initialize system zone (-117) [ 119.900305][ T9742] EXT4-fs (loop3): mount failed [ 120.007253][ T9755] hub 2-0:1.0: USB hub found [ 120.012483][ T9755] hub 2-0:1.0: 8 ports detected [ 120.102898][ T9763] : renamed from vlan0 (while UP) [ 120.128951][ T29] kauditd_printk_skb: 34 callbacks suppressed [ 120.128975][ T29] audit: type=1326 audit(1740770334.091:1941): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9770 comm="syz.4.2526" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20e44cd169 code=0x7ffc0000 [ 120.163155][ T29] audit: type=1326 audit(1740770334.131:1942): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9770 comm="syz.4.2526" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f20e44cd169 code=0x7ffc0000 [ 120.189923][ T29] audit: type=1326 audit(1740770334.161:1943): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9770 comm="syz.4.2526" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20e44cd169 code=0x7ffc0000 [ 120.214513][ T29] audit: type=1326 audit(1740770334.161:1944): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9770 comm="syz.4.2526" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20e44cd169 code=0x7ffc0000 [ 120.255735][ T29] audit: type=1326 audit(1740770334.161:1945): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9770 comm="syz.4.2526" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f20e44cd169 code=0x7ffc0000 [ 120.279897][ T29] audit: type=1326 audit(1740770334.161:1946): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9770 comm="syz.4.2526" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20e44cd169 code=0x7ffc0000 [ 120.303554][ T29] audit: type=1326 audit(1740770334.161:1947): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9770 comm="syz.4.2526" exe="/root/syz-executor" sig=0 arch=c000003e syscall=94 compat=0 ip=0x7f20e44cd169 code=0x7ffc0000 [ 120.327884][ T29] audit: type=1326 audit(1740770334.161:1948): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9770 comm="syz.4.2526" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20e44cd169 code=0x7ffc0000 [ 120.351628][ T29] audit: type=1326 audit(1740770334.161:1949): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9770 comm="syz.4.2526" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f20e44cd169 code=0x7ffc0000 [ 120.375374][ T29] audit: type=1326 audit(1740770334.161:1950): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9770 comm="syz.4.2526" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20e44cd169 code=0x7ffc0000 [ 120.494031][ T9790] loop2: detected capacity change from 0 to 2048 [ 120.544594][ T9790] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 120.590263][ T3305] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 120.643561][ T5587] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 120.652047][ T9817] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 120.661611][ T9817] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 120.669717][ T5587] hid-generic 0000:0000:0000.0002: hidraw0: HID v0.00 Device [syz1] on syz0 [ 120.939467][ T9847] binfmt_misc: register: failed to install interpreter file ./file2 [ 120.973223][ T9853] wg2: left promiscuous mode [ 120.977876][ T9853] wg2: left allmulticast mode [ 120.986040][ T9853] wg2: entered promiscuous mode [ 120.991097][ T9853] wg2: entered allmulticast mode [ 121.200085][ T9875] loop5: detected capacity change from 0 to 7 [ 121.206715][ T9875] Buffer I/O error on dev loop5, logical block 0, async page read [ 121.216284][ T9875] Buffer I/O error on dev loop5, logical block 0, async page read [ 121.224270][ T9875] loop5: unable to read partition table [ 121.230103][ T9875] loop_reread_partitions: partition scan of loop5 (被xڬdƤݡ [ 121.230103][ T9875] ) failed (rc=-5) [ 121.330817][ T9883] netlink: 52 bytes leftover after parsing attributes in process `syz.2.2575'. [ 121.652011][ T9902] loop3: detected capacity change from 0 to 512 [ 121.669402][ T9902] EXT4-fs: Ignoring removed mblk_io_submit option [ 121.681576][ T9902] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem [ 121.716670][ T9902] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=b042c118, mo2=0002] [ 121.745411][ T9902] System zones: 1-12 [ 121.754706][ T9902] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2240: inode #15: comm syz.3.2585: corrupted in-inode xattr: e_value size too large [ 121.792057][ T9902] EXT4-fs error (device loop3): ext4_orphan_get:1394: comm syz.3.2585: couldn't read orphan inode 15 (err -117) [ 121.812064][ T9902] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 121.867333][ T3297] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 122.797372][ T9962] loop2: detected capacity change from 0 to 128 [ 122.805239][ T9964] netlink: 128 bytes leftover after parsing attributes in process `syz.0.2611'. [ 122.892064][ T9962] ================================================================== [ 122.900496][ T9962] BUG: KCSAN: data-race in __mark_inode_dirty / __mark_inode_dirty [ 122.909168][ T9962] [ 122.911617][ T9962] write to 0xffff8881069eba28 of 4 bytes by task 9967 on cpu 0: [ 122.920232][ T9962] __mark_inode_dirty+0x24e/0x7e0 [ 122.925377][ T9962] mark_buffer_dirty+0x149/0x230 [ 122.931177][ T9962] block_write_end+0x123/0x210 [ 122.936624][ T9962] generic_write_end+0x5c/0x160 [ 122.941934][ T9962] fat_write_end+0x4e/0x160 [ 122.946565][ T9962] generic_perform_write+0x33c/0x4a0 [ 122.952197][ T9962] __generic_file_write_iter+0xa1/0x120 [ 122.957961][ T9962] generic_file_write_iter+0x8f/0x310 [ 122.964066][ T9962] iter_file_splice_write+0x5f1/0x980 [ 122.969601][ T9962] direct_splice_actor+0x160/0x2c0 [ 122.974840][ T9962] splice_direct_to_actor+0x302/0x670 [ 122.980288][ T9962] do_splice_direct+0xd7/0x150 [ 122.985180][ T9962] do_sendfile+0x398/0x660 [ 122.990152][ T9962] __x64_sys_sendfile64+0x110/0x150 [ 122.995402][ T9962] x64_sys_call+0xfbd/0x2dc0 [ 123.000037][ T9962] do_syscall_64+0xc9/0x1c0 [ 123.004777][ T9962] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 123.010868][ T9962] [ 123.013423][ T9962] read to 0xffff8881069eba28 of 4 bytes by task 9962 on cpu 1: [ 123.021252][ T9962] __mark_inode_dirty+0x198/0x7e0 [ 123.026618][ T9962] fat_update_time+0x1e8/0x200 [ 123.031393][ T9962] touch_atime+0x14f/0x350 [ 123.035907][ T9962] filemap_splice_read+0x8a5/0x910 [ 123.041035][ T9962] splice_direct_to_actor+0x269/0x670 [ 123.046465][ T9962] do_splice_direct+0xd7/0x150 [ 123.052113][ T9962] do_sendfile+0x398/0x660 [ 123.056835][ T9962] __x64_sys_sendfile64+0x110/0x150 [ 123.062483][ T9962] x64_sys_call+0xfbd/0x2dc0 [ 123.067099][ T9962] do_syscall_64+0xc9/0x1c0 [ 123.071724][ T9962] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 123.077663][ T9962] [ 123.080003][ T9962] value changed: 0x00000008 -> 0x00000038 [ 123.086688][ T9962] [ 123.089032][ T9962] Reported by Kernel Concurrency Sanitizer on: [ 123.095564][ T9962] CPU: 1 UID: 0 PID: 9962 Comm: syz.2.2610 Not tainted 6.14.0-rc4-syzkaller-00015-g2a1944bff549 #0 [ 123.106697][ T9962] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 123.117073][ T9962] ================================================================== [ 123.150375][ T9967] syz.2.2610: attempt to access beyond end of device [ 123.150375][ T9967] loop2: rw=2049, sector=241, nr_sectors = 1 limit=128 [ 123.164312][ T9967] Buffer I/O error on dev loop2, logical block 241, lost async page write [ 123.175869][ T9967] syz.2.2610: attempt to access beyond end of device [ 123.175869][ T9967] loop2: rw=2049, sector=241, nr_sectors = 136 limit=128 [ 123.225772][ T6439] kworker/u8:60: attempt to access beyond end of device [ 123.225772][ T6439] loop2: rw=1, sector=377, nr_sectors = 664 limit=128 [ 125.191119][ T6445] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 130.950968][ T5923] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 131.430801][ T3374] page_pool_release_retry() stalled pool shutdown: id 36, 1 inflight 60 sec