last executing test programs: 41.250162295s ago: executing program 2 (id=759): bpf$MAP_CREATE(0x0, &(0x7f0000000c80)=ANY=[], 0x48) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r0}, 0x0, &(0x7f0000000040)}, 0x20) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r2, &(0x7f0000000100)={0x0, 0x2800, &(0x7f0000000080)={&(0x7f00000001c0)={0x54, r3, 0x1, 0x0, 0x0, {0x3}, [@TIPC_NLA_BEARER={0x40, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xf}}}, {0x14, 0x2, @in={0x2, 0x0, @broadcast}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}]}]}, 0x54}}, 0x0) 41.208518318s ago: executing program 2 (id=762): r0 = socket(0x10, 0x803, 0x0) sendmsg$nl_route(r0, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0) getsockname$packet(r0, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x28a) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[@ANYBLOB="400000001000390400"/20, @ANYRES32=r1, @ANYBLOB="01980000000000002000128008000100677265001400028008000100", @ANYRES32=r1], 0x40}, 0x1, 0x0, 0x0, 0x4014}, 0x0) r3 = socket(0x10, 0x3, 0x0) getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route_sched(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x44, 0x24, 0x5820a61ca228659, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {0x0, 0x9}, {0xffff, 0xffff}, {0x0, 0x7}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_USC={0x10, 0x3, {0x3, 0x2}}}}]}, 0x44}}, 0x800) sendmsg$nl_route_sched(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000007c0)=@newtfilter={0x54, 0x28, 0xd27, 0x1003ffd, 0x0, {0x0, 0x0, 0x0, r4, {0xffe0, 0x9}, {0x0, 0x9}, {0x2, 0xb}}, [@filter_kind_options=@f_fw={{0x7}, {0x28, 0x2, [@TCA_FW_INDEV={0x14, 0x3, 'geneve0\x00'}, @TCA_FW_POLICE={0x10, 0x2, [@TCA_POLICE_PEAKRATE64={0xc, 0x9, 0x200}]}]}}]}, 0x54}, 0x1, 0x0, 0x0, 0x810}, 0x200008c0) 41.166119122s ago: executing program 2 (id=765): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000ddffffff850000002d00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000300)='sched_switch\x00', r0}, 0x10) sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x40000) r1 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x37, 0x1, 0x0, 0x0, 0x0, 0xb, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x1f5a685a}, 0x4dc8, 0x10000, 0xfffffffc, 0x1, 0x8, 0x20002, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000001c80)={{}, &(0x7f0000001c00)=0x8000000, &(0x7f0000001c40)}, 0x20) r2 = syz_io_uring_setup(0xbdc, &(0x7f0000000640)={0x0, 0xec25, 0x8, 0x1, 0x40000333}, &(0x7f00000006c0)=0x0, &(0x7f00000001c0)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r3, r4, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x6000, @fd=r1, 0x0, 0x0}) io_uring_enter(r2, 0x847ba, 0x0, 0xe, 0x0, 0x0) 39.223156938s ago: executing program 2 (id=808): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2145c99, 0x0) mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101097, 0x0) mount$bind(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b100a, 0x0) mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0) open_tree(0xffffffffffffff9c, &(0x7f0000000180)='./file0/file0\x00', 0x901) mount$bind(&(0x7f0000000140)='./file0/../file0\x00', &(0x7f0000000280)='./file0\x00', 0x0, 0x31a1802, 0x0) umount2(&(0x7f00000003c0)='./file0\x00', 0x0) 39.178696741s ago: executing program 2 (id=811): r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="020b000102"], 0x10}}, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) r2 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r2, &(0x7f0000000000)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="0207000902"], 0x10}}, 0x0) bind$inet(r1, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16) connect$inet(r1, &(0x7f0000000200)={0x2, 0x0, @multicast2}, 0x10) setsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f00000002c0)={{{@in=@broadcast, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xee01}, {0x0, 0x0, 0x0, 0x0, 0x3}, {}, 0x0, 0x0, 0x1}, {{@in=@empty, 0x0, 0x33}, 0x0, @in=@private=0xa010100, 0x0, 0x0, 0x0, 0xb7, 0xffffffff}}, 0xe8) sendmmsg(r1, &(0x7f0000007fc0), 0x800001d, 0x9000000) 39.102407777s ago: executing program 2 (id=815): bpf$PROG_LOAD(0x5, 0x0, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'ip6tnl0\x00', 0x200}) symlinkat(&(0x7f0000002040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00') bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r0}, 0x10) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000004bc311ec8500000075000000a70000000800000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000000c0)='percpu_alloc_percpu\x00', r1}, 0x10) syz_io_uring_setup(0x111, &(0x7f0000000340)={0x0, 0x11, 0x2, 0x2}, 0x0, 0x0) 39.090721308s ago: executing program 32 (id=815): bpf$PROG_LOAD(0x5, 0x0, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'ip6tnl0\x00', 0x200}) symlinkat(&(0x7f0000002040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00') bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r0}, 0x10) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000004bc311ec8500000075000000a70000000800000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000000c0)='percpu_alloc_percpu\x00', r1}, 0x10) syz_io_uring_setup(0x111, &(0x7f0000000340)={0x0, 0x11, 0x2, 0x2}, 0x0, 0x0) 36.106087918s ago: executing program 0 (id=851): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000fdff00000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0xe, '\x00', 0x0, @fallback=0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000001c0)=@newchain={0x24, 0x64, 0x100, 0x70bd2a, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {0xffff, 0x4}, {0xf, 0xc}, {0x3, 0xfff2}}}, 0x24}, 0x1, 0x0, 0x0, 0x24004000}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000002980)=@newtfilter={0x24, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x0, 0xd}, {}, {0x1c, 0xc}}}, 0x24}}, 0x44050) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB="2c0000002100010000000000fcdbdf2502000000000000000000000006001d00"], 0x2c}}, 0x0) sendmsg$TEAM_CMD_OPTIONS_SET(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[], 0x4d8}, 0x1, 0x0, 0x0, 0x20040010}, 0x54) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000580)=@deltaction={0x14, 0x31, 0x1, 0x70bd27, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x4000000}, 0x20000004) r1 = socket$netlink(0x10, 0x3, 0x0) sendmmsg(r1, &(0x7f00000002c0), 0x40000000000009f, 0x0) 36.065177181s ago: executing program 0 (id=852): mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0) remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x200000000000008b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x8) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_clone(0xc0126080, 0x0, 0x0, 0x0, 0x0, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) 35.33271982s ago: executing program 0 (id=861): ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) socket$kcm(0x2, 0xa, 0x2) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x18) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000001ec0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0, 0x0, 0xffffffff}, 0x18) open(0x0, 0x80ff, 0x29c) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, &(0x7f00000000c0)}) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r1, 0x8923, &(0x7f0000000000)={'vlan1\x00', @dev={'\xaa\xaa\xaa\xaa\xaa', 0x15}}) 35.195080781s ago: executing program 0 (id=864): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2145c99, 0x0) mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101097, 0x0) mount$bind(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b100a, 0x0) mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0) open_tree(0xffffffffffffff9c, &(0x7f0000000180)='./file0/file0\x00', 0x901) mount$bind(&(0x7f0000000140)='./file0/../file0\x00', &(0x7f0000000280)='./file0\x00', 0x0, 0x31a1802, 0x0) umount2(&(0x7f00000003c0)='./file0\x00', 0x0) 35.194648811s ago: executing program 0 (id=865): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b708000000000e007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000020850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42032, 0xffffffffffffffff, 0x0) sendmsg$NL80211_CMD_SET_WDS_PEER(0xffffffffffffffff, 0x0, 0x4004801) perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x21, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3af, 0x4}, 0x100000, 0x0, 0x0, 0x3, 0x2, 0x0, 0x3, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9) syz_clone(0x4021400, 0x0, 0x9000, 0x0, 0x0, 0x0) openat$selinux_context(0xffffffffffffff9c, 0x0, 0x2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0) 35.027973015s ago: executing program 0 (id=876): mkdir(&(0x7f0000000400)='./file0\x00', 0x0) pipe2$9p(&(0x7f0000001900)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000073"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020097b1af8ff00000000bfa100000000000007010000b8ffffffb702000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='writeback_bdi_register\x00', r2}, 0x10) r3 = dup(r1) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[], [], 0x6b}}) 35.027806565s ago: executing program 33 (id=876): mkdir(&(0x7f0000000400)='./file0\x00', 0x0) pipe2$9p(&(0x7f0000001900)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000073"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020097b1af8ff00000000bfa100000000000007010000b8ffffffb702000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='writeback_bdi_register\x00', r2}, 0x10) r3 = dup(r1) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[], [], 0x6b}}) 1.275487518s ago: executing program 3 (id=1886): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xb, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0, 0x0, 0x3}, 0x18) pipe2(&(0x7f0000000000)={0x0, 0x0}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x1e, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], 0x0, 0xfffffffe, 0x0, 0x0, 0x40e00, 0x5a, '\x00', 0x0, @fallback=0x31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94) r2 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x0) writev(r2, &(0x7f0000000cc0)=[{&(0x7f00000000c0)="14", 0x1}, {&(0x7f0000000500)="bf1f86611434f128", 0x8}], 0x2) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40e00, 0x5a, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000012c0)={r3, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f0000000100)=[0x9], 0x0, 0x0, 0x1, 0x1}}, 0x40) close_range(r1, 0xffffffffffffffff, 0x0) 1.213631942s ago: executing program 3 (id=1892): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x1, &(0x7f0000006680)) creat(&(0x7f00000000c0)='./file0\x00', 0x0) bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000180)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000600)=ANY=[@ANYBLOB="4c00000002060108000034e40000000000000000050001000600000005000400000000000900020073797a3100000000050005000200000c12000300686173683a6e65742c706f7274"], 0x4c}}, 0x2) sendmsg$IPSET_CMD_ADD(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000080)=ANY=[@ANYBLOB="50000000090601020000ffff00000000020000000900020073797a31000000000500010007000000280007800c00018008000140ffffffff0500070084000000060004404e22000006000540"], 0x50}, 0x1, 0x0, 0x0, 0x10000082}, 0x80) 885.982589ms ago: executing program 3 (id=1896): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000740)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) syz_mount_image$msdos(&(0x7f00000002c0), &(0x7f0000000280)='./bus\x00', 0x2000844, &(0x7f0000000780)={[{@dots}, {@fat=@allow_utime={'allow_utime', 0x3d, 0x10}}, {@fat=@quiet}, {@fat=@allow_utime={'allow_utime', 0x3d, 0x1}}, {@fat=@allow_utime={'allow_utime', 0x3d, 0x4}}, {@fat=@debug}, {@dots}, {@fat=@allow_utime={'allow_utime', 0x3d, 0x4}}, {@nodots}, {@fat=@umask={'umask', 0x3d, 0x4}}, {@fat=@showexec}, {@fat=@check_normal}, {@fat=@fmask={'fmask', 0x3d, 0x7fffffff}}]}, 0x1, 0x249, &(0x7f0000000500)="$eJzs3cFqE0EYB/Avbdpue7Fn8bDgpaeivkGQCOKCENmDnlyoXloRUpDVUx6jz9BH8jFy6m3F7mJqGjzItpt0fz8I85E/A99cMjnM7H588uX05Ov55+rnRSRJGsOIWVxFHMZWbEdt0Ixb1/Vu3DQLAGDTTCbFqOseaNHg1jf7EVHsRMTerSi/vKeuAAAAAAAAAAAAaJnz/wDQP87/P3zT6ag4aP6//c35fwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKA7V1X1qPrHp+v+AID22f8BoH/s/wDQP/Z/AOifd+8/vBll2XiSpknEfFbmZV6Pdf7qdTZ+ll47XMyal2W+09TZ+Hmdp8v5QTP/xcp8N46e1vnv7OXbbCnfi5O7XjwAAAAAAAAAAAAAAAAAAACsieP0jxv3+wcRsV3nx6vyebni+QBL9/eH8Xh4b8sAAAAAAAAAAAAAAAAAAACAjXb+/cdpcXb2abpxxeXRxbc1aONBFvvxH7OSWI/mFa0UXf8yAQAAAAAAAAAAAAAAAABA/ywu/XbdCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB0Z/H+/7srul4jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0A+/AgAA//+BxY58") bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000010000000800000008"], 0x48) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x50) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000d40)=ANY=[@ANYBLOB="180000000000e3ff000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000850000000e00000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r2}, 0x10) msync(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x7) 763.937769ms ago: executing program 3 (id=1904): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000010000000000000000030097850000007b00000095"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x29, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000000c0)='sched_switch\x00', r0}, 0x10) getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, 0x0, 0x0) socket$igmp6(0xa, 0x3, 0x2) r1 = socket$nl_route(0x10, 0x3, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='kfree\x00'}, 0x18) r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'veth1_macvtap\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=@getchain={0x24, 0x11, 0x1, 0x70bd2b, 0x0, {0x0, 0x0, 0x0, r3, {0x6, 0x4}, {0x7}, {0xfff2}}}, 0x24}}, 0x4084) 761.584158ms ago: executing program 4 (id=1905): r0 = socket$netlink(0x10, 0x3, 0x10) r1 = socket$netlink(0x10, 0x3, 0x10) socket$xdp(0x2c, 0x3, 0x0) pwritev2(r0, &(0x7f00000001c0), 0x0, 0xf, 0x0, 0x6) open(0x0, 0x64842, 0x0) bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000000)=0x7a28, 0x4) r2 = syz_genetlink_get_family_id$devlink(&(0x7f0000000200), r1) sendmsg$DEVLINK_CMD_RATE_NEW(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000300)={0x34, r2, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0) 678.415575ms ago: executing program 6 (id=1909): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000040000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000440)='kfree\x00', r1, 0x0, 0x5}, 0x18) socketpair$unix(0x1, 0x1, 0x0, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0) r2 = socket(0x10, 0x3, 0x6) r3 = socket(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r2, 0x8933, &(0x7f0000000040)={'team0\x00', 0x0}) sendmsg$nl_route_sched(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=@newqdisc={0x90, 0x24, 0xf0b, 0x70bd26, 0x0, {0x0, 0x0, 0x0, r4, {0x0, 0xffff}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_mqprio={{0xb}, {0x58, 0x2, {{0x2, [], 0x0, [0x4, 0x2, 0xfffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c4, 0x0, 0x0, 0x0, 0x3dc], [0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000]}}}}, @TCA_RATE={0x6}]}, 0x90}}, 0x20000000) 648.283338ms ago: executing program 6 (id=1914): connect$unix(0xffffffffffffffff, 0x0, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) sendmmsg$inet(r0, &(0x7f0000000cc0)=[{{0x0, 0x0, &(0x7f0000000b40)=[{&(0x7f0000000d40)="b1f56e", 0x3}], 0x1}}], 0x1, 0xc0) sendto$inet(r0, &(0x7f0000000300)="09268a9234f8b358387f1f6588b94b481241ded8974895abfab7511e6e9532120200000000000086b7c4fff5575470f7385a78182eeaea563a905780232726ffbcb5e8d06ec5161ab4b4317995652dc20915e12a020fe3e2bf05b39e5c14312c2f7efc25b5575a7697a9240b578ac6971c54aec0b1ee3d84056a80e7878b37568b295a57f59a9f599bd5ccf5a12920e47c2d37f9140a41ed0ec9392f997cf6", 0xffffffffffffff7f, 0x4000080, 0x0, 0xfffffffffffffff7) 479.755311ms ago: executing program 1 (id=1919): socket(0x11, 0x3, 0x2) gettid() bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFULNL_MSG_CONFIG(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x1c}}, 0x0) fchown(0xffffffffffffffff, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) pipe2(&(0x7f0000001cc0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@access_uid}]}}) 468.519452ms ago: executing program 6 (id=1920): creat(&(0x7f00000000c0)='./file0\x00', 0x48) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x800) write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15) r2 = dup(r1) write$P9_RLERRORu(r2, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53) write$RDMA_USER_CM_CMD_SET_OPTION(r2, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20) write$binfmt_elf64(r2, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2]) creat(&(0x7f00000003c0)='./file0\x00', 0x36) 452.518643ms ago: executing program 6 (id=1921): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x16, 0x0, 0x4, 0x1}, 0x50) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) r2 = socket$pppl2tp(0x18, 0x1, 0x1) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, &(0x7f0000000b00)={0xa, 0xfdfe, 0x100007, @remote, 0xa}, 0x1c) connect$pppl2tp(r2, &(0x7f0000000300)=@pppol2tpin6={0x18, 0x1, {0x0, r3, 0x8, 0x0, 0x2, 0x0, {0xa, 0x0, 0xf9d, @private2={0xfc, 0x2, '\x00', 0x1}}}}, 0x32) writev(r2, &(0x7f0000000180)=[{&(0x7f0000000080)='v', 0x34000}], 0x1) 392.121758ms ago: executing program 5 (id=1923): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)}, 0x48002) socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)) socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'ip6gre0\x00', 0x400}) ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x89f1, &(0x7f0000000080)) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x20, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000480)='GPL\x00', 0x9, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @netfilter=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000200)={r1, 0xffffffffffffffff, 0x2d, 0x0, @val=@netfilter={0xa, 0x0, 0xfff, 0x1}}, 0x20) syz_emit_ethernet(0x4e, &(0x7f0000000780)={@broadcast, @empty, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, '\x00 \x00', 0x18, 0x3a, 0xff, @ipv4={'\x00', '\xff\xff', @private=0xa010100}, @local, {[], @mld={0x187, 0x0, 0x0, 0x0, 0x0, @local}}}}}}, 0x0) 391.883908ms ago: executing program 4 (id=1924): bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000180)={&(0x7f00000003c0)=ANY=[@ANYBLOB="9feb01001800000000000000a4000000a400000004000000100000000000000a0500000002000000040000060400000004000000020000000200000005000000030000000002a5000d0000000100000004000000060000850800000009000000010000000302000000fd000000020000000500002cf06d8e8e57c14b0005000000f6ffffff0d0000000300000001000000090000000100000004000000000000000000000300000000040000000300000005000000002e610000000000000000b286c2087d9bfb7958c5277804255aed2d9f6f5acccbcc9bc4a666a54fc85139c2c8b4645f1bbfdafb921815494046c35ed44f13b1c494c71b1cbdd5e3a1438dca59"], 0x0, 0xc0, 0x0, 0x1, 0x2}, 0x28) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000001000850000007100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000340)='kfree\x00', r1, 0x0, 0x100003c}, 0x18) r2 = syz_io_uring_setup(0x499, &(0x7f0000000400)={0x0, 0xd146, 0x0, 0xc, 0x288}, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_SENDMSG={0x9, 0x40, 0x0, r0, 0x0, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x0, 0x30}}) io_uring_enter(r2, 0x3516, 0x0, 0x4, 0x0, 0x0) 391.594138ms ago: executing program 5 (id=1925): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4) setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f00000013c0)=0x80000000001, 0x4) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback}, 0x1c) sendto$inet6(r0, &(0x7f0000000480)="a6e2976b5c4383036d32dadd2e144d8645ca8d1b230e105614396838da83c754887e7bea2f35d4ea667817d90d532af065f2e398dd9081ea16f8b371a202a6f9e505bbc964a0d3880bf0104a0a0a2f0d311efee1637e85a0125b38f961918f99bf9c2c146e42327f178dc2b3d4936e7f7f0a79f74ba464d83ab4", 0xffffffffffffffca, 0x840, 0x0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = dup3(r0, r1, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r2, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000ffc000/0x4000)=nil, 0xc00, 0x0, 0x0, 0x0, &(0x7f0000001400)=""/200, 0xfffffffffffffecd, 0x0, 0x0}, &(0x7f0000001380)=0x40) 339.902422ms ago: executing program 5 (id=1926): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000040000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000440)='kfree\x00', r1, 0x0, 0x5}, 0x18) socketpair$unix(0x1, 0x1, 0x0, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0) r2 = socket(0x10, 0x3, 0x6) r3 = socket(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r2, 0x8933, &(0x7f0000000040)={'team0\x00', 0x0}) sendmsg$nl_route_sched(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=@newqdisc={0x90, 0x24, 0xf0b, 0x70bd26, 0x0, {0x0, 0x0, 0x0, r4, {0x0, 0xffff}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_mqprio={{0xb}, {0x58, 0x2, {{0x2, [], 0x0, [0x4, 0x2, 0xfffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c4, 0x0, 0x0, 0x0, 0x3dc], [0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000]}}}}, @TCA_RATE={0x6}]}, 0x90}}, 0x20000000) 339.750982ms ago: executing program 1 (id=1927): socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xc, 0xffffbfff, 0x1, 0x1}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000810018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r2}, 0x10) bpf$PROG_LOAD(0x5, 0x0, 0x0) ioctl$SIOCSIFHWADDR(r0, 0x8914, &(0x7f0000000000)={'veth0_vlan\x00', @remote}) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000000)={'veth0_vlan\x00', @random="0106002010ff"}) 339.584922ms ago: executing program 4 (id=1928): mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xdec7}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000071"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020097b1af8ff00000000bfa100000000000007010000b8ffffffb702000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000004c0)='mm_page_free\x00', r0, 0x0, 0x80000}, 0x18) madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x9) poll(&(0x7f0000000000), 0x20000000000000b5, 0x9) 332.748583ms ago: executing program 6 (id=1936): bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0, 0x2}, 0x94) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="17000000000000000400000003"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x2, &(0x7f0000000080)=0x9, 0x8, 0x0) mremap(&(0x7f000008f000/0x2000)=nil, 0x2000, 0x1000, 0x3, &(0x7f0000486000/0x1000)=nil) mbind(&(0x7f0000673000/0x1000)=nil, 0x1000, 0x3, &(0x7f00000009c0)=0x7, 0x3, 0x0) mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x0) 316.033624ms ago: executing program 6 (id=1929): bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="1b000000000000000000"], 0x48) perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0xfffffffd, 0x0, @perf_config_ext={0x3fffffffc}, 0x0, 0x0, 0x0, 0x3, 0xfff, 0x8001, 0x8000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) unshare(0x22020600) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x201, 0x1202, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x7}, 0x440, 0x7, 0x7, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xfec8d000) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x2) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0) 289.394376ms ago: executing program 4 (id=1930): bpf$PROG_LOAD(0x5, &(0x7f0000000d40)={0x11, 0xb, 0x0, &(0x7f0000000200)='GPL\x00', 0x80000000, 0x0, 0x0, 0x41100, 0xe, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cpuset.memory_pressure_enabled\x00', 0x275a, 0x0) write$UHID_CREATE2(r0, &(0x7f00000001c0)=ANY=[], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0) write$binfmt_script(r1, &(0x7f0000000240), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r1, 0x0) r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000000c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x50) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0xd, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bf8100000000000007080000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018210000", @ANYRES32=r2, @ANYBLOB="0000000002000000b705000008000000850000005e00000095"], &(0x7f0000000300)='GPL\x00', 0x4, 0x1002, &(0x7f00000014c0)=""/4098}, 0x94) 260.779809ms ago: executing program 1 (id=1931): r0 = socket$inet_smc(0x2b, 0x1, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000003000010850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r2, 0x0, 0x2}, 0x18) bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='cdg\x00', 0x4) setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4) connect$inet(r0, &(0x7f0000000280)={0x2, 0x0, @dev}, 0x10) close(r0) 260.592679ms ago: executing program 5 (id=1932): creat(&(0x7f00000000c0)='./file0\x00', 0x48) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x800) write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15) r2 = dup(r1) write$P9_RLERRORu(r2, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53) write$RDMA_USER_CM_CMD_SET_OPTION(r2, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20) write$binfmt_elf64(r2, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2]) creat(&(0x7f00000003c0)='./file0\x00', 0x36) 239.16675ms ago: executing program 5 (id=1933): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000002000000000000000000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000040000008500000006000000850000005000000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = socket$inet6(0x10, 0x3, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000380)='neigh_update\x00', r1}, 0x10) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5, 0x1000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000800007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x26, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000380)='neigh_update\x00', r3}, 0x10) sendto$inet6(r0, &(0x7f00000000c0)="900000001c001f4d154a817393278bff0a80a578020000000104740014000100ac1414bb0542d6401051a2d708f37ac8da1a297e0099c5ac0000c5b068d0bf46d323456536016466fcb78dcaaf6c3efed495a46215be0000760700c0c80cefd28581d158ba86c9d2896c6d3bca2d0000000b0015009e49a6560641263da4de1df32c1739d7fbee9aa241731ae9e0b390", 0x90, 0x0, 0x0, 0x0) 238.95344ms ago: executing program 4 (id=1934): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=@base={0xb, 0x7, 0x2, 0x4, 0x5}, 0x50) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r0, 0xffffffffffffffff}, &(0x7f0000000b00), &(0x7f00000003c0)}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000640)='console\x00', r2}, 0x10) r3 = socket$netlink(0x10, 0x3, 0x0) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000640)='console\x00', r4}, 0x4b) sendmsg$TIPC_CMD_GET_MAX_PORTS(r3, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000180)={0x1c}, 0x1c}}, 0x0) 211.828613ms ago: executing program 1 (id=1935): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0700000004000000000100000100000028"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18) r2 = socket$inet6(0xa, 0x2, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$SMC_PNETID_GET(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x14}}, 0x0) getsockname$packet(r3, &(0x7f0000000180)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14) sendmsg$nl_route(r3, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000003c0)=@newlink={0x3c, 0x10, 0x437, 0x0, 0xffffffff, {0x0, 0x0, 0x0, r4, 0x5120b}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @ip6gre={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GRE_LINK={0x8, 0x1, r4}]}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x48800}, 0x4000010) sendmmsg$inet(r2, &(0x7f00000017c0)=[{{&(0x7f0000000040)={0x2, 0x4e1c, @local}, 0x10, 0x0, 0x0, &(0x7f0000000000)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r4, @empty, @multicast1}}}], 0x20}}], 0x1, 0x8000004) 155.760467ms ago: executing program 4 (id=1937): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000fd0f000007"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r0}, &(0x7f0000000040), &(0x7f0000000080)=r1}, 0x20) unshare(0x20000400) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10) r3 = open(&(0x7f0000000000)='./bus\x00', 0x40, 0x170) fgetxattr(r3, &(0x7f00000003c0)=@known='security.selinux\x00', 0x0, 0x0) 139.670088ms ago: executing program 1 (id=1938): creat(0x0, 0xc7) getpid() r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000480)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x2d) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x20000050) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000880)=@base={0x9, 0x8, 0x4, 0x7fc}, 0x50) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000), &(0x7f0000000380), 0xce4, r2}, 0x38) 122.24415ms ago: executing program 3 (id=1939): r0 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0x9, 0x4, 0x8, 0x10}, 0x50) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000040)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r2}, 0x10) ioctl$IMADDTIMER(r0, 0x80044940, &(0x7f0000000080)=0x14) bpf$PROG_LOAD(0x5, 0x0, 0x0) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0xca02}) close(r0) 118.62287ms ago: executing program 5 (id=1940): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000010c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x10, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f00000007c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f00000001c0)='kfree\x00', r1}, 0x18) unshare(0x2c020400) r2 = syz_io_uring_setup(0x7945, &(0x7f0000000100)={0x0, 0x40001452, 0x800, 0x0, 0x2d4}, &(0x7f0000000300)=0x0, &(0x7f0000000200)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000240)=0xfffffc04, 0x0, 0x4) syz_io_uring_submit(r3, r4, &(0x7f0000000180)=@IORING_OP_MKDIRAT={0x25, 0x2, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000280)='./file0\x00', 0x84, 0x0, 0x1}) io_uring_enter(r2, 0x8ba, 0x696d, 0x20, 0x0, 0x0) 56.055085ms ago: executing program 1 (id=1941): getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000500)='/proc/consoles\x00', 0x0, 0x0) r1 = syz_io_uring_setup(0x49d, &(0x7f00000003c0)={0x0, 0x79ac, 0x800, 0x7ff9, 0x32c, 0x0, r0}, &(0x7f00000001c0)=0x0, &(0x7f0000000040)=0x0) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000740)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4) syz_io_uring_submit(r2, r3, &(0x7f0000000080)=@IORING_OP_READ=@pass_buffer={0x16, 0x40, 0x4007, @fd=r0, 0x7, &(0x7f00000000c0)=""/207, 0xcf, 0x10, 0x1}) io_uring_enter(r1, 0xfd0, 0x4c1, 0x43, 0x0, 0x0) 0s ago: executing program 3 (id=1942): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000040000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000440)='kfree\x00', r1, 0x0, 0x5}, 0x18) socketpair$unix(0x1, 0x1, 0x0, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0) r2 = socket(0x10, 0x3, 0x6) r3 = socket(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r2, 0x8933, &(0x7f0000000040)={'team0\x00', 0x0}) sendmsg$nl_route_sched(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=@newqdisc={0x90, 0x24, 0xf0b, 0x70bd26, 0x0, {0x0, 0x0, 0x0, r4, {0x0, 0xffff}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_mqprio={{0xb}, {0x58, 0x2, {{0x2, [], 0x0, [0x4, 0x2, 0xfffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c4, 0x0, 0x0, 0x0, 0x3dc], [0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000]}}}}, @TCA_RATE={0x6}]}, 0x90}}, 0x20000000) kernel console output (not intermixed with test programs): 3104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5025 comm="syz.2.588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f81e751ebe9 code=0x7ffc0000 [ 50.564238][ T5023] SELinux: Context system_u:object_r:hwdata_t:s0 is not valid (left unmapped). [ 50.643918][ T5023] lo speed is unknown, defaulting to 1000 [ 50.649724][ T5023] lo speed is unknown, defaulting to 1000 [ 50.655653][ T5023] lo speed is unknown, defaulting to 1000 [ 50.662152][ T3307] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 50.662196][ T5023] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98 [ 50.681170][ T5023] lo speed is unknown, defaulting to 1000 [ 50.687134][ T5023] lo speed is unknown, defaulting to 1000 [ 50.693172][ T5023] lo speed is unknown, defaulting to 1000 [ 50.699726][ T5023] lo speed is unknown, defaulting to 1000 [ 50.707353][ T5023] lo speed is unknown, defaulting to 1000 [ 50.733547][ T5038] loop1: detected capacity change from 0 to 4096 [ 50.743442][ T5038] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 50.758896][ T5040] loop3: detected capacity change from 0 to 2048 [ 50.784780][ T5040] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 50.809486][ T5046] lo speed is unknown, defaulting to 1000 [ 50.816705][ T5046] lo speed is unknown, defaulting to 1000 [ 50.961277][ T3305] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 51.017526][ T5060] netlink: 'syz.4.599': attribute type 1 has an invalid length. [ 51.032513][ T5060] 8021q: adding VLAN 0 to HW filter on device bond1 [ 51.049784][ T5060] macvlan2: entered promiscuous mode [ 51.055190][ T5060] macvlan2: entered allmulticast mode [ 51.061609][ T5060] bond1: entered promiscuous mode [ 51.066865][ T5060] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 51.075561][ T5060] bond1: left promiscuous mode [ 51.101723][ T3300] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 51.131000][ T5063] loop1: detected capacity change from 0 to 512 [ 51.151686][ T5065] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5065 comm=syz.4.601 [ 51.164909][ T5065] netlink: 12 bytes leftover after parsing attributes in process `syz.4.601'. [ 51.165725][ T5063] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 51.186460][ T5063] ext4 filesystem being mounted at /116/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 51.208794][ T5063] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 51.225627][ T3300] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 51.720971][ T5075] lo speed is unknown, defaulting to 1000 [ 51.727304][ T5081] : renamed from bond0 (while UP) [ 51.733927][ T5075] lo speed is unknown, defaulting to 1000 [ 51.807591][ T5083] lo speed is unknown, defaulting to 1000 [ 51.828697][ T5083] lo speed is unknown, defaulting to 1000 [ 51.849376][ T5093] loop2: detected capacity change from 0 to 2048 [ 51.872522][ T5093] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 52.140757][ T3306] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 52.240756][ T5095] bridge0: entered promiscuous mode [ 52.246143][ T5095] macvtap1: entered allmulticast mode [ 52.251594][ T5095] bridge0: entered allmulticast mode [ 52.260097][ T5095] bridge0: port 3(macvtap1) entered blocking state [ 52.266629][ T5095] bridge0: port 3(macvtap1) entered disabled state [ 52.280601][ T5095] bridge0: left allmulticast mode [ 52.285650][ T5095] bridge0: left promiscuous mode [ 52.424290][ T5113] netlink: 'syz.1.627': attribute type 30 has an invalid length. [ 52.739883][ T5121] loop1: detected capacity change from 0 to 128 [ 52.776207][ T5121] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 52.792305][ T5121] ext4 filesystem being mounted at /122/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 52.805500][ T5127] : renamed from bond0 [ 52.869593][ T3300] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 52.901634][ T5136] loop4: detected capacity change from 0 to 128 [ 53.033361][ T5150] loop4: detected capacity change from 0 to 2048 [ 53.042956][ T5152] netlink: 12 bytes leftover after parsing attributes in process `syz.1.633'. [ 53.050547][ T5150] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 53.201897][ T5163] loop1: detected capacity change from 0 to 1024 [ 53.208980][ T5163] EXT4-fs: Ignoring removed bh option [ 53.209223][ T3299] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 53.233808][ T5163] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 53.271461][ T5169] loop4: detected capacity change from 0 to 1024 [ 53.289156][ T5169] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 53.305260][ T3300] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 53.316552][ T5169] SELinux: Context @ is not valid (left unmapped). [ 53.348094][ T5177] loop3: detected capacity change from 0 to 128 [ 53.349628][ T5179] loop4: detected capacity change from 0 to 1024 [ 53.396511][ T5179] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4183: comm syz.4.644: Allocating blocks 449-513 which overlap fs metadata [ 53.417790][ T5178] EXT4-fs (loop4): pa ffff8881072a8310: logic 48, phys. 177, len 21 [ 53.425832][ T5178] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 4 [ 53.492080][ T5185] loop3: detected capacity change from 0 to 1024 [ 53.499042][ T5185] EXT4-fs: Ignoring removed nobh option [ 53.504590][ T5185] EXT4-fs: Ignoring removed bh option [ 53.660981][ T5191] netlink: 12 bytes leftover after parsing attributes in process `syz.0.646'. [ 53.687620][ T5190] loop4: detected capacity change from 0 to 2048 [ 53.861680][ T5183] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4183: comm syz.3.645: Allocating blocks 497-513 which overlap fs metadata [ 54.004337][ T5213] lo speed is unknown, defaulting to 1000 [ 54.015627][ T5213] lo speed is unknown, defaulting to 1000 [ 54.074153][ T5221] netlink: 'syz.0.657': attribute type 1 has an invalid length. [ 54.110690][ T5221] 8021q: adding VLAN 0 to HW filter on device bond0 [ 54.153069][ T5226] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 54.174400][ T5221] macvlan2: entered promiscuous mode [ 54.179725][ T5221] macvlan2: entered allmulticast mode [ 54.202662][ T5221] bond0: entered promiscuous mode [ 54.208253][ T5221] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 54.222082][ T5221] bond0: left promiscuous mode [ 54.232863][ T5230] loop2: detected capacity change from 0 to 2048 [ 54.260442][ T5232] lo speed is unknown, defaulting to 1000 [ 54.266365][ T5232] lo speed is unknown, defaulting to 1000 [ 54.329167][ T5240] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=5240 comm=syz.3.665 [ 54.341549][ T5240] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=5240 comm=syz.3.665 [ 54.464190][ T5249] loop1: detected capacity change from 0 to 1024 [ 54.471115][ T5249] EXT4-fs: Ignoring removed nobh option [ 54.476674][ T5249] EXT4-fs: Ignoring removed bh option [ 54.503863][ T5253] loop2: detected capacity change from 0 to 128 [ 54.825616][ T5273] loop2: detected capacity change from 0 to 2048 [ 54.877178][ T5275] lo speed is unknown, defaulting to 1000 [ 54.919718][ T5275] lo speed is unknown, defaulting to 1000 [ 55.094275][ T5244] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4183: comm syz.1.666: Allocating blocks 497-513 which overlap fs metadata [ 55.172925][ T29] kauditd_printk_skb: 444 callbacks suppressed [ 55.172939][ T29] audit: type=1326 audit(1755327345.453:3549): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5272 comm="syz.2.679" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f81e751ebe9 code=0x7ffc0000 [ 55.202484][ T29] audit: type=1326 audit(1755327345.453:3550): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5272 comm="syz.2.679" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f81e751ebe9 code=0x7ffc0000 [ 55.360058][ T29] audit: type=1400 audit(1755327345.621:3551): avc: denied { setopt } for pid=5282 comm="syz.4.682" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 55.385951][ T5286] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 55.435455][ T5286] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 55.531793][ T29] audit: type=1326 audit(1755327345.831:3552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5297 comm="syz.2.689" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f81e751ebe9 code=0x7ffc0000 [ 55.555219][ T29] audit: type=1326 audit(1755327345.831:3553): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5297 comm="syz.2.689" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f81e751ebe9 code=0x7ffc0000 [ 55.578666][ T29] audit: type=1326 audit(1755327345.831:3554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5297 comm="syz.2.689" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f81e751ebe9 code=0x7ffc0000 [ 55.601962][ T29] audit: type=1326 audit(1755327345.831:3555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5297 comm="syz.2.689" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f81e751ebe9 code=0x7ffc0000 [ 55.625365][ T29] audit: type=1326 audit(1755327345.831:3556): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5297 comm="syz.2.689" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f81e751ebe9 code=0x7ffc0000 [ 55.648666][ T29] audit: type=1326 audit(1755327345.831:3557): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5297 comm="syz.2.689" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f81e751ebe9 code=0x7ffc0000 [ 55.672134][ T29] audit: type=1326 audit(1755327345.831:3558): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5297 comm="syz.2.689" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f81e751ebe9 code=0x7ffc0000 [ 56.391647][ T5319] netlink: 'syz.1.697': attribute type 1 has an invalid length. [ 56.424035][ T5323] loop4: detected capacity change from 0 to 1024 [ 56.425142][ T5319] 8021q: adding VLAN 0 to HW filter on device bond0 [ 56.466991][ T5323] EXT4-fs: Ignoring removed nobh option [ 56.472592][ T5323] EXT4-fs: Ignoring removed bh option [ 56.482391][ T5325] macvlan2: entered promiscuous mode [ 56.487792][ T5325] macvlan2: entered allmulticast mode [ 56.494115][ T5327] netlink: 4 bytes leftover after parsing attributes in process `syz.2.699'. [ 56.506910][ T5325] bond0: entered promiscuous mode [ 56.522820][ T5325] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 56.535848][ T5325] bond0: left promiscuous mode [ 56.748471][ T5346] vlan2: entered allmulticast mode [ 56.766287][ T5348] syz.0.708 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 56.769770][ T5350] netlink: 4 bytes leftover after parsing attributes in process `syz.1.709'. [ 56.873758][ T5357] loop1: detected capacity change from 0 to 1024 [ 56.907522][ T5316] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4183: comm syz.4.698: Allocating blocks 497-513 which overlap fs metadata [ 56.996504][ T5357] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4183: comm syz.1.713: Allocating blocks 449-513 which overlap fs metadata [ 57.034869][ T5323] EXT4-fs (loop4): pa ffff8881071f02a0: logic 544, phys. 273, len 15 [ 57.043018][ T5323] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 1 [ 57.095937][ T5355] EXT4-fs (loop1): pa ffff8881071f0310: logic 48, phys. 177, len 21 [ 57.104023][ T5355] EXT4-fs error (device loop1): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 4 [ 57.263590][ T5373] syzkaller0: entered promiscuous mode [ 57.269157][ T5373] syzkaller0: entered allmulticast mode [ 57.575591][ T5396] loop2: detected capacity change from 0 to 1024 [ 57.642286][ T5396] EXT4-fs: Ignoring removed nobh option [ 57.647856][ T5396] EXT4-fs: Ignoring removed bh option [ 58.287706][ T5439] team0 (unregistering): Port device team_slave_0 removed [ 58.317400][ T5439] team0 (unregistering): Port device team_slave_1 removed [ 58.466778][ T5456] loop3: detected capacity change from 0 to 128 [ 58.499686][ T5456] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 52) [ 58.508152][ T5456] FAT-fs (loop3): Filesystem has been set read-only [ 58.612106][ T5471] netlink: 96 bytes leftover after parsing attributes in process `syz.3.750'. [ 58.646749][ T5479] bridge: RTM_NEWNEIGH with invalid ether address [ 58.666070][ T5477] netlink: zone id is out of range [ 58.671407][ T5477] netlink: zone id is out of range [ 58.676773][ T5477] netlink: zone id is out of range [ 58.682086][ T5477] netlink: zone id is out of range [ 58.687982][ T5477] netlink: zone id is out of range [ 58.693092][ T5477] netlink: zone id is out of range [ 58.698263][ T5477] netlink: zone id is out of range [ 58.703366][ T5477] netlink: zone id is out of range [ 58.708644][ T5477] netlink: zone id is out of range [ 58.816764][ T5505] tipc: Enabling of bearer rejected, already enabled [ 58.840153][ T5513] netlink: 8 bytes leftover after parsing attributes in process `syz.2.762'. [ 58.850875][ T5515] netlink: 96 bytes leftover after parsing attributes in process `syz.0.763'. [ 58.892556][ T5519] bridge: RTM_NEWNEIGH with invalid ether address [ 58.901949][ T5521] loop1: detected capacity change from 0 to 128 [ 58.921623][ T5521] FAT-fs (loop1): error, fat_bmap_cluster: request beyond EOF (i_pos 52) [ 58.930105][ T5521] FAT-fs (loop1): Filesystem has been set read-only [ 59.141245][ T5550] loop3: detected capacity change from 0 to 512 [ 59.150094][ T5550] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem [ 59.170028][ T5550] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a043c11c, mo2=0002] [ 59.178300][ T5550] System zones: 1-12 [ 59.188273][ T5550] EXT4-fs error (device loop3): ext4_iget_extra_inode:5104: inode #15: comm syz.3.774: corrupted in-inode xattr: e_value size too large [ 59.203834][ T5550] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.774: couldn't read orphan inode 15 (err -117) [ 59.230267][ T5550] EXT4-fs warning (device loop3): dx_probe:801: inode #2: comm syz.3.774: Unrecognised inode hash code 4 [ 59.241639][ T5550] EXT4-fs warning (device loop3): dx_probe:934: inode #2: comm syz.3.774: Corrupt directory, running e2fsck is recommended [ 59.451390][ T5572] tipc: Started in network mode [ 59.456371][ T5572] tipc: Node identity 00000000000000000000000000000001, cluster identity 4711 [ 59.465316][ T5572] tipc: Enabling of bearer rejected, failed to enable media [ 59.605743][ T5589] loop1: detected capacity change from 0 to 512 [ 59.631680][ T5589] ext4 filesystem being mounted at /157/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 59.656965][ T5589] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #2: comm syz.1.792: corrupted inode contents [ 59.678832][ T5589] EXT4-fs error (device loop1): ext4_dirty_inode:6538: inode #2: comm syz.1.792: mark_inode_dirty error [ 59.697093][ T5589] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #2: comm syz.1.792: corrupted inode contents [ 59.725597][ T5589] EXT4-fs error (device loop1): __ext4_ext_dirty:206: inode #2: comm syz.1.792: mark_inode_dirty error [ 59.820068][ T5598] loop1: detected capacity change from 0 to 512 [ 59.858001][ T5598] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem [ 59.891154][ T5598] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a043c11c, mo2=0002] [ 59.901015][ T5605] loop0: detected capacity change from 0 to 128 [ 59.922377][ T5605] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 52) [ 59.930970][ T5605] FAT-fs (loop0): Filesystem has been set read-only [ 59.944308][ T5598] System zones: 1-12 [ 59.957261][ T5607] loop4: detected capacity change from 0 to 1024 [ 59.970568][ T5598] EXT4-fs error (device loop1): ext4_iget_extra_inode:5104: inode #15: comm syz.1.795: corrupted in-inode xattr: e_value size too large [ 60.008012][ T5607] ext4 filesystem being mounted at /187/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 60.019967][ T5598] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.795: couldn't read orphan inode 15 (err -117) [ 60.057468][ T5598] EXT4-fs warning (device loop1): dx_probe:801: inode #2: comm syz.1.795: Unrecognised inode hash code 4 [ 60.068806][ T5598] EXT4-fs warning (device loop1): dx_probe:934: inode #2: comm syz.1.795: Corrupt directory, running e2fsck is recommended [ 60.086254][ T5607] EXT4-fs error (device loop4): ext4_map_blocks:814: inode #15: block 3: comm syz.4.797: lblock 3 mapped to illegal pblock 3 (length 3) [ 60.144972][ T5607] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117 [ 60.157346][ T5607] EXT4-fs (loop4): This should not happen!! Data will be lost [ 60.157346][ T5607] [ 60.194425][ T5607] EXT4-fs error (device loop4): ext4_ext_remove_space:2955: inode #15: comm syz.4.797: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0) [ 60.222552][ T5616] net_ratelimit: 2 callbacks suppressed [ 60.222566][ T5616] openvswitch: netlink: Message has 6 unknown bytes. [ 60.237363][ T5615] tipc: Started in network mode [ 60.242311][ T5615] tipc: Node identity 00000000000000000000000000000001, cluster identity 4711 [ 60.253221][ T5607] EXT4-fs error (device loop4) in ext4_setattr:6071: Corrupt filesystem [ 60.275436][ T5615] tipc: New replicast peer: fe80:0000:0000:0000:0000:0000:0000:00bb [ 60.283722][ T5615] tipc: Enabled bearer , priority 10 [ 60.308356][ T29] kauditd_printk_skb: 112 callbacks suppressed [ 60.308367][ T29] audit: type=1326 audit(1755327350.850:3671): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5620 comm="syz.4.804" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e292eebe9 code=0x7ffc0000 [ 60.317336][ T5624] loop3: detected capacity change from 0 to 128 [ 60.354064][ T29] audit: type=1326 audit(1755327350.850:3672): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5620 comm="syz.4.804" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7e292eebe9 code=0x7ffc0000 [ 60.377394][ T29] audit: type=1326 audit(1755327350.850:3673): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5620 comm="syz.4.804" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e292eebe9 code=0x7ffc0000 [ 60.400811][ T29] audit: type=1326 audit(1755327350.850:3674): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5620 comm="syz.4.804" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e292eebe9 code=0x7ffc0000 [ 60.424272][ T29] audit: type=1326 audit(1755327350.860:3675): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5620 comm="syz.4.804" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e292eebe9 code=0x7ffc0000 [ 60.447499][ T5626] bio_check_eod: 171 callbacks suppressed [ 60.447516][ T5626] syz.3.806: attempt to access beyond end of device [ 60.447516][ T5626] loop3: rw=2049, sector=145, nr_sectors = 16 limit=128 [ 60.447599][ T5626] syz.3.806: attempt to access beyond end of device [ 60.447599][ T5626] loop3: rw=2049, sector=169, nr_sectors = 8 limit=128 [ 60.453302][ T29] audit: type=1326 audit(1755327350.860:3676): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5620 comm="syz.4.804" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e292eebe9 code=0x7ffc0000 [ 60.453328][ T29] audit: type=1326 audit(1755327350.892:3677): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5620 comm="syz.4.804" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f7e292eebe9 code=0x7ffc0000 [ 60.453390][ T29] audit: type=1326 audit(1755327350.892:3678): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5620 comm="syz.4.804" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e292eebe9 code=0x7ffc0000 [ 60.488793][ T5626] syz.3.806: attempt to access beyond end of device [ 60.488793][ T5626] loop3: rw=2049, sector=185, nr_sectors = 8 limit=128 [ 60.503406][ T29] audit: type=1326 audit(1755327350.892:3679): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5620 comm="syz.4.804" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e292eebe9 code=0x7ffc0000 [ 60.503447][ T29] audit: type=1326 audit(1755327350.892:3680): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5620 comm="syz.4.804" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f7e292eebe9 code=0x7ffc0000 [ 60.639867][ T5626] syz.3.806: attempt to access beyond end of device [ 60.639867][ T5626] loop3: rw=2049, sector=201, nr_sectors = 8 limit=128 [ 60.673549][ T5626] syz.3.806: attempt to access beyond end of device [ 60.673549][ T5626] loop3: rw=2049, sector=217, nr_sectors = 8 limit=128 [ 60.687000][ T5626] syz.3.806: attempt to access beyond end of device [ 60.687000][ T5626] loop3: rw=2049, sector=233, nr_sectors = 8 limit=128 [ 60.700552][ T5626] syz.3.806: attempt to access beyond end of device [ 60.700552][ T5626] loop3: rw=2049, sector=249, nr_sectors = 8 limit=128 [ 60.713996][ T5626] syz.3.806: attempt to access beyond end of device [ 60.713996][ T5626] loop3: rw=2049, sector=265, nr_sectors = 8 limit=128 [ 60.727555][ T5626] syz.3.806: attempt to access beyond end of device [ 60.727555][ T5626] loop3: rw=2049, sector=281, nr_sectors = 8 limit=128 [ 60.740939][ T5626] syz.3.806: attempt to access beyond end of device [ 60.740939][ T5626] loop3: rw=2049, sector=297, nr_sectors = 8 limit=128 [ 60.802565][ T5633] netlink: 4 bytes leftover after parsing attributes in process `syz.3.807'. [ 60.814450][ T5633] netlink: 12 bytes leftover after parsing attributes in process `syz.3.807'. [ 60.842978][ T5633] netlink: 156 bytes leftover after parsing attributes in process `syz.3.807'. [ 60.878254][ T5641] loop3: detected capacity change from 0 to 1024 [ 60.916400][ T5641] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4183: comm syz.3.812: Allocating blocks 449-513 which overlap fs metadata [ 60.941766][ T5641] EXT4-fs (loop3): pa ffff8881072a8850: logic 48, phys. 177, len 21 [ 60.949822][ T5641] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 4 [ 61.100747][ T4030] bridge_slave_1: left allmulticast mode [ 61.106407][ T4030] bridge_slave_1: left promiscuous mode [ 61.112088][ T4030] bridge0: port 2(bridge_slave_1) entered disabled state [ 61.134977][ T4030] bridge_slave_0: left promiscuous mode [ 61.140650][ T4030] bridge0: port 1(bridge_slave_0) entered disabled state [ 61.230602][ T3409] tipc: Node number set to 1 [ 61.251239][ T4030]  (unregistering): (slave bond_slave_0): Releasing backup interface [ 61.260363][ T4030]  (unregistering): (slave bond_slave_1): Releasing backup interface [ 61.269053][ T4030]  (unregistering): Released all slaves [ 61.276546][ T4030] bond0 (unregistering): Released all slaves [ 61.295805][ T5652] lo speed is unknown, defaulting to 1000 [ 61.302347][ T5652] lo speed is unknown, defaulting to 1000 [ 61.321214][ T4030] tipc: Disabling bearer [ 61.326475][ T4030] tipc: Left network mode [ 61.343562][ T4030] hsr_slave_0: left promiscuous mode [ 61.352433][ T4030] hsr_slave_1: left promiscuous mode [ 61.362015][ T4030] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 61.379973][ T4030] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 61.448025][ T4030] team0 (unregistering): Port device team_slave_1 removed [ 61.475889][ T4030] team0 (unregistering): Port device team_slave_0 removed [ 61.602875][ T5652] chnl_net:caif_netlink_parms(): no params data found [ 61.651795][ T5652] bridge0: port 1(bridge_slave_0) entered blocking state [ 61.658953][ T5652] bridge0: port 1(bridge_slave_0) entered disabled state [ 61.666256][ T5652] bridge_slave_0: entered allmulticast mode [ 61.676228][ T5652] bridge_slave_0: entered promiscuous mode [ 61.686323][ T5652] bridge0: port 2(bridge_slave_1) entered blocking state [ 61.693473][ T5652] bridge0: port 2(bridge_slave_1) entered disabled state [ 61.701523][ T5730] loop0: detected capacity change from 0 to 1024 [ 61.716303][ T5730] EXT4-fs: Ignoring removed nobh option [ 61.721894][ T5730] EXT4-fs: Ignoring removed bh option [ 61.741852][ T5652] bridge_slave_1: entered allmulticast mode [ 61.758184][ T5652] bridge_slave_1: entered promiscuous mode [ 61.838653][ T5716] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4183: comm syz.0.838: Allocating blocks 497-513 which overlap fs metadata [ 61.839639][ T5652] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 61.863482][ T1036] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65380 sclass=netlink_route_socket pid=1036 comm=kworker/0:2 [ 61.891341][ T5652] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 61.943992][ T5652] team0: Port device team_slave_0 added [ 61.959399][ T5715] EXT4-fs (loop0): pa ffff8881072a87e0: logic 0, phys. 113, len 25 [ 61.960356][ T5652] team0: Port device team_slave_1 added [ 61.967435][ T5715] EXT4-fs error (device loop0): ext4_mb_release_inode_pa:5434: group 0, free 23, pa_free 24 [ 62.032819][ T5652] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 62.039770][ T5652] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 62.065703][ T5652] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 62.130284][ T5772] IPv6: Can't replace route, no match found [ 62.161535][ T5652] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 62.168513][ T5652] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 62.194468][ T5652] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 62.224072][ T5792] tipc: Enabled bearer , priority 0 [ 62.231932][ T5792] tipc: Disabling bearer [ 62.261066][ T5652] hsr_slave_0: entered promiscuous mode [ 62.267166][ T5652] hsr_slave_1: entered promiscuous mode [ 62.297677][ T5652] debugfs: 'hsr0' already exists in 'hsr' [ 62.303411][ T5652] Cannot create hsr debugfs directory [ 62.396143][ T5652] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 62.515257][ T5652] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 62.525843][ T5652] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 62.544208][ T5652] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 62.607062][ T5652] 8021q: adding VLAN 0 to HW filter on device bond0 [ 62.620090][ T5652] 8021q: adding VLAN 0 to HW filter on device team0 [ 62.630067][ T4030] bridge0: port 1(bridge_slave_0) entered blocking state [ 62.637142][ T4030] bridge0: port 1(bridge_slave_0) entered forwarding state [ 62.648103][ T4079] bridge0: port 2(bridge_slave_1) entered blocking state [ 62.655172][ T4079] bridge0: port 2(bridge_slave_1) entered forwarding state [ 62.739839][ T5652] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 62.827031][ T5652] veth0_vlan: entered promiscuous mode [ 62.834831][ T5652] veth1_vlan: entered promiscuous mode [ 62.849222][ T5652] veth0_macvtap: entered promiscuous mode [ 62.856694][ T5652] veth1_macvtap: entered promiscuous mode [ 62.867408][ T5652] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 62.878104][ T5652] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 62.889997][ T4125] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.900313][ T4125] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.909456][ T4125] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.918510][ T4125] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.962532][ T5891] loop3: detected capacity change from 0 to 1024 [ 62.975830][ T5891] ext4 filesystem being mounted at /148/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 62.990339][ T5891] EXT4-fs error (device loop3): ext4_map_blocks:814: inode #15: block 3: comm syz.3.855: lblock 3 mapped to illegal pblock 3 (length 3) [ 63.005863][ T5891] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117 [ 63.018130][ T5891] EXT4-fs (loop3): This should not happen!! Data will be lost [ 63.018130][ T5891] [ 63.033433][ T5891] EXT4-fs error (device loop3): ext4_ext_remove_space:2955: inode #15: comm syz.3.855: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0) [ 63.051731][ T5891] EXT4-fs error (device loop3) in ext4_setattr:6071: Corrupt filesystem [ 63.821876][ T5902] loop3: detected capacity change from 0 to 512 [ 63.853251][ T5910] loop4: detected capacity change from 0 to 128 [ 63.862273][ T5908] lo speed is unknown, defaulting to 1000 [ 63.868247][ T5911] loop5: detected capacity change from 0 to 1024 [ 63.869668][ T5908] lo speed is unknown, defaulting to 1000 [ 63.876300][ T5911] EXT4-fs: Ignoring removed nobh option [ 63.886118][ T5911] EXT4-fs: Ignoring removed bh option [ 63.892895][ T5902] EXT4-fs mount: 33 callbacks suppressed [ 63.892974][ T5902] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 63.938556][ T5902] ext4 filesystem being mounted at /149/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 63.951401][ T5917] netlink: 8 bytes leftover after parsing attributes in process `syz.0.851'. [ 63.978594][ T5911] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 63.999186][ T5902] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #2: comm syz.3.846: corrupted inode contents [ 64.078407][ T5902] EXT4-fs error (device loop3): ext4_dirty_inode:6538: inode #2: comm syz.3.846: mark_inode_dirty error [ 64.222638][ T5902] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #2: comm syz.3.846: corrupted inode contents [ 64.237931][ T5923] lo speed is unknown, defaulting to 1000 [ 64.274273][ T5923] lo speed is unknown, defaulting to 1000 [ 64.301233][ T5902] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #2: comm syz.3.846: mark_inode_dirty error [ 64.415714][ T3305] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 64.776951][ T5941] ªªªªª: renamed from vlan1 [ 64.794369][ T5652] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 64.860660][ T5951] netlink: 168 bytes leftover after parsing attributes in process `syz.1.866'. [ 64.915094][ T5959] netlink: 8 bytes leftover after parsing attributes in process `syz.3.872'. [ 64.932121][ T5962] veth5: entered promiscuous mode [ 64.963925][ T5962] lo speed is unknown, defaulting to 1000 [ 64.974584][ T5962] lo speed is unknown, defaulting to 1000 [ 65.017553][ T5968] loop3: detected capacity change from 0 to 1024 [ 65.066260][ T5968] EXT4-fs: Ignoring removed nobh option [ 65.071955][ T5968] EXT4-fs: Ignoring removed bh option [ 65.120605][ T29] kauditd_printk_skb: 343 callbacks suppressed [ 65.120618][ T29] audit: type=1326 audit(1755327355.900:4024): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5973 comm="syz.5.878" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe7501ebe9 code=0x7ffc0000 [ 65.178184][ T5968] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 65.180157][ T4030] bridge_slave_1: left allmulticast mode [ 65.196329][ T4030] bridge_slave_1: left promiscuous mode [ 65.202024][ T4030] bridge0: port 2(bridge_slave_1) entered disabled state [ 65.209511][ T29] audit: type=1326 audit(1755327355.900:4025): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5973 comm="syz.5.878" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe7501ebe9 code=0x7ffc0000 [ 65.232811][ T29] audit: type=1326 audit(1755327355.911:4026): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5955 comm="syz.1.871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efef951ebe9 code=0x7ffc0000 [ 65.256167][ T29] audit: type=1326 audit(1755327355.911:4027): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5955 comm="syz.1.871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efef951ebe9 code=0x7ffc0000 [ 65.279509][ T29] audit: type=1326 audit(1755327355.932:4028): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5973 comm="syz.5.878" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7efe7501ebe9 code=0x7ffc0000 [ 65.302847][ T29] audit: type=1326 audit(1755327355.932:4029): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5973 comm="syz.5.878" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe7501ebe9 code=0x7ffc0000 [ 65.326194][ T29] audit: type=1326 audit(1755327355.932:4030): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5973 comm="syz.5.878" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe7501ebe9 code=0x7ffc0000 [ 65.349491][ T29] audit: type=1326 audit(1755327355.932:4031): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5973 comm="syz.5.878" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7efe7501ebe9 code=0x7ffc0000 [ 65.372860][ T29] audit: type=1326 audit(1755327355.932:4032): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5973 comm="syz.5.878" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe7501ebe9 code=0x7ffc0000 [ 65.380972][ T5966] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4183: comm syz.3.875: Allocating blocks 497-513 which overlap fs metadata [ 65.396224][ T29] audit: type=1326 audit(1755327355.932:4033): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5973 comm="syz.5.878" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe7501ebe9 code=0x7ffc0000 [ 65.440431][ T4030] bridge_slave_0: left allmulticast mode [ 65.446167][ T4030] bridge_slave_0: left promiscuous mode [ 65.451906][ T4030] bridge0: port 1(bridge_slave_0) entered disabled state [ 65.537804][ T4030]  (unregistering): (slave bond_slave_0): Releasing backup interface [ 65.547924][ T4030]  (unregistering): (slave bond_slave_1): Releasing backup interface [ 65.559432][ T4030]  (unregistering): (slave dummy0): Releasing backup interface [ 65.568191][ T4030]  (unregistering): Released all slaves [ 65.578781][ T4030] bond1 (unregistering): (slave batadv1): Releasing active interface [ 65.590215][ T4030] bond1 (unregistering): Released all slaves [ 65.599756][ T4030] bond0 (unregistering): Released all slaves [ 65.638511][ T5968] EXT4-fs (loop3): pa ffff8881071f02a0: logic 0, phys. 113, len 25 [ 65.646512][ T5968] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:5434: group 0, free 22, pa_free 23 [ 65.660607][ T5990] loop5: detected capacity change from 0 to 128 [ 65.667288][ T4030] tipc: Left network mode [ 65.682106][ T4030] hsr_slave_0: left promiscuous mode [ 65.697360][ T4030] hsr_slave_1: left promiscuous mode [ 65.713022][ T4030] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 65.720103][ T3305] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 65.729615][ T4030] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 65.740071][ T5998] bio_check_eod: 9309 callbacks suppressed [ 65.740086][ T5998] syz.5.880: attempt to access beyond end of device [ 65.740086][ T5998] loop5: rw=2049, sector=145, nr_sectors = 16 limit=128 [ 65.760031][ T5998] syz.5.880: attempt to access beyond end of device [ 65.760031][ T5998] loop5: rw=2049, sector=169, nr_sectors = 8 limit=128 [ 65.774203][ T5998] syz.5.880: attempt to access beyond end of device [ 65.774203][ T5998] loop5: rw=2049, sector=185, nr_sectors = 8 limit=128 [ 65.807917][ T5998] syz.5.880: attempt to access beyond end of device [ 65.807917][ T5998] loop5: rw=2049, sector=201, nr_sectors = 8 limit=128 [ 65.834285][ T5998] syz.5.880: attempt to access beyond end of device [ 65.834285][ T5998] loop5: rw=2049, sector=217, nr_sectors = 8 limit=128 [ 65.849587][ T4030] team0 (unregistering): Port device team_slave_1 removed [ 65.849830][ T6002] netlink: 168 bytes leftover after parsing attributes in process `syz.3.882'. [ 65.870580][ T4030] team0 (unregistering): Port device team_slave_0 removed [ 65.888245][ T5998] syz.5.880: attempt to access beyond end of device [ 65.888245][ T5998] loop5: rw=2049, sector=233, nr_sectors = 8 limit=128 [ 65.907681][ T5998] syz.5.880: attempt to access beyond end of device [ 65.907681][ T5998] loop5: rw=2049, sector=249, nr_sectors = 8 limit=128 [ 65.922024][ T5998] syz.5.880: attempt to access beyond end of device [ 65.922024][ T5998] loop5: rw=2049, sector=265, nr_sectors = 8 limit=128 [ 65.936340][ T5998] syz.5.880: attempt to access beyond end of device [ 65.936340][ T5998] loop5: rw=2049, sector=281, nr_sectors = 8 limit=128 [ 65.942577][ T5969] lo speed is unknown, defaulting to 1000 [ 65.962730][ T5969] lo speed is unknown, defaulting to 1000 [ 66.003443][ T6017] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=0 sclass=netlink_tcpdiag_socket pid=6017 comm=syz.4.886 [ 66.028625][ T5998] syz.5.880: attempt to access beyond end of device [ 66.028625][ T5998] loop5: rw=2049, sector=297, nr_sectors = 8 limit=128 [ 66.085805][ T6023] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 66.093030][ T6023] IPv6: NLM_F_CREATE should be set when creating new route [ 66.109930][ T6019] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 66.181759][ T6019] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 66.199323][ T5969] chnl_net:caif_netlink_parms(): no params data found [ 66.251503][ T5969] bridge0: port 1(bridge_slave_0) entered blocking state [ 66.258611][ T5969] bridge0: port 1(bridge_slave_0) entered disabled state [ 66.266478][ T5969] bridge_slave_0: entered allmulticast mode [ 66.273723][ T5969] bridge_slave_0: entered promiscuous mode [ 66.280675][ T5969] bridge0: port 2(bridge_slave_1) entered blocking state [ 66.287868][ T5969] bridge0: port 2(bridge_slave_1) entered disabled state [ 66.295021][ T5969] bridge_slave_1: entered allmulticast mode [ 66.301552][ T5969] bridge_slave_1: entered promiscuous mode [ 66.308054][ T6049] x_tables: ip6_tables: policy.0 match: invalid size 312 (kernel) != (user) 0 [ 66.321531][ T6019] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 66.348789][ T5969] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 66.361579][ T5969] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 66.382668][ T5969] team0: Port device team_slave_0 added [ 66.389506][ T5969] team0: Port device team_slave_1 added [ 66.427511][ T6019] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 66.439119][ T5969] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 66.446125][ T5969] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 66.472115][ T5969] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 66.491481][ T5969] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 66.498458][ T5969] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 66.524347][ T5969] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 66.552936][ T5969] hsr_slave_0: entered promiscuous mode [ 66.559513][ T5969] hsr_slave_1: entered promiscuous mode [ 66.566235][ T5969] debugfs: 'hsr0' already exists in 'hsr' [ 66.571953][ T5969] Cannot create hsr debugfs directory [ 66.603828][ T4079] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.634725][ T4079] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.673144][ T4079] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.697408][ T4079] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.735988][ T5969] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 66.753827][ T5969] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 66.778051][ T5969] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 66.789275][ T6141] loop4: detected capacity change from 0 to 2048 [ 66.801299][ T5969] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 66.872295][ T6141] loop4: p2 p3 p7 [ 66.932454][ T5969] 8021q: adding VLAN 0 to HW filter on device bond0 [ 66.968861][ T5969] 8021q: adding VLAN 0 to HW filter on device team0 [ 66.989506][ T6138] lo speed is unknown, defaulting to 1000 [ 67.002523][ T6138] lo speed is unknown, defaulting to 1000 [ 67.025564][ T4030] bridge0: port 1(bridge_slave_0) entered blocking state [ 67.032631][ T4030] bridge0: port 1(bridge_slave_0) entered forwarding state [ 67.079625][ T4030] bridge0: port 2(bridge_slave_1) entered blocking state [ 67.086893][ T4030] bridge0: port 2(bridge_slave_1) entered forwarding state [ 67.195576][ T6186] netlink: 8 bytes leftover after parsing attributes in process `syz.3.905'. [ 67.237167][ T5969] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 67.250433][ T6189] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 67.257644][ T6189] IPv6: NLM_F_CREATE should be set when creating new route [ 67.486833][ T5969] veth0_vlan: entered promiscuous mode [ 67.515312][ T5969] veth1_vlan: entered promiscuous mode [ 67.547789][ T6242] lo speed is unknown, defaulting to 1000 [ 67.565150][ T6242] lo speed is unknown, defaulting to 1000 [ 67.567108][ T5969] veth0_macvtap: entered promiscuous mode [ 67.589530][ T5969] veth1_macvtap: entered promiscuous mode [ 67.767834][ T5969] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 67.805407][ T5969] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 67.828698][ T6271] lo speed is unknown, defaulting to 1000 [ 67.854089][ T4030] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.895961][ T6271] lo speed is unknown, defaulting to 1000 [ 67.904143][ T4030] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.957951][ T4030] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 68.053869][ T4030] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 68.193377][ T6309] netlink: 8 bytes leftover after parsing attributes in process `syz.3.921'. [ 68.285289][ T36] hid_parser_main: 46 callbacks suppressed [ 68.285307][ T36] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 68.316927][ T36] hid-generic 0000:0000:0000.0003: hidraw0: HID v0.00 Device [syz1] on syz0 [ 68.618116][ T6367] loop1: detected capacity change from 0 to 512 [ 68.679272][ T6367] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 68.692338][ T6382] veth3: entered promiscuous mode [ 68.708098][ T6367] ext4 filesystem being mounted at /184/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 68.736508][ T6382] lo speed is unknown, defaulting to 1000 [ 68.743725][ T6382] lo speed is unknown, defaulting to 1000 [ 68.796198][ T3300] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 68.993072][ T3412] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 69.022613][ T3412] hid-generic 0000:0000:0000.0004: hidraw0: HID v0.00 Device [syz1] on syz0 [ 69.228175][ T6425] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=0 sclass=netlink_tcpdiag_socket pid=6425 comm=syz.1.942 [ 69.387001][ T6445] netlink: 'syz.5.952': attribute type 30 has an invalid length. [ 69.664569][ T6461] netlink: 4 bytes leftover after parsing attributes in process `syz.5.959'. [ 69.674506][ T6461] netlink: 4 bytes leftover after parsing attributes in process `syz.5.959'. [ 69.829865][ T6483] lo speed is unknown, defaulting to 1000 [ 69.836389][ T6483] lo speed is unknown, defaulting to 1000 [ 69.858699][ T6487] netlink: 8 bytes leftover after parsing attributes in process `syz.4.971'. [ 69.965343][ T29] kauditd_printk_skb: 43 callbacks suppressed [ 69.965355][ T29] audit: type=1326 audit(1755327360.992:4077): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6497 comm="syz.4.975" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e292eebe9 code=0x7ffc0000 [ 69.994747][ T29] audit: type=1326 audit(1755327360.992:4078): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6497 comm="syz.4.975" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e292eebe9 code=0x7ffc0000 [ 70.104295][ T29] audit: type=1326 audit(1755327361.034:4079): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6497 comm="syz.4.975" exe="/root/syz-executor" sig=0 arch=c000003e syscall=294 compat=0 ip=0x7f7e292eebe9 code=0x7ffc0000 [ 70.127750][ T29] audit: type=1326 audit(1755327361.034:4080): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6497 comm="syz.4.975" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e292eebe9 code=0x7ffc0000 [ 70.151100][ T29] audit: type=1326 audit(1755327361.034:4081): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6497 comm="syz.4.975" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e292eebe9 code=0x7ffc0000 [ 70.174380][ T29] audit: type=1326 audit(1755327361.034:4082): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6497 comm="syz.4.975" exe="/root/syz-executor" sig=0 arch=c000003e syscall=254 compat=0 ip=0x7f7e292eebe9 code=0x7ffc0000 [ 70.197680][ T29] audit: type=1326 audit(1755327361.034:4083): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6497 comm="syz.4.975" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e292eebe9 code=0x7ffc0000 [ 70.221029][ T29] audit: type=1326 audit(1755327361.034:4084): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6497 comm="syz.4.975" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e292eebe9 code=0x7ffc0000 [ 70.244324][ T29] audit: type=1326 audit(1755327361.045:4085): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6497 comm="syz.4.975" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7e292eebe9 code=0x7ffc0000 [ 70.267735][ T29] audit: type=1326 audit(1755327361.045:4086): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6497 comm="syz.4.975" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e292eebe9 code=0x7ffc0000 [ 70.504812][ T6520] loop5: detected capacity change from 0 to 512 [ 70.547717][ T6522] loop1: detected capacity change from 0 to 1024 [ 70.558617][ T6522] EXT4-fs: Ignoring removed orlov option [ 70.564303][ T6522] EXT4-fs: Ignoring removed nomblk_io_submit option [ 70.582264][ T6526] loop4: detected capacity change from 0 to 128 [ 70.590161][ T6520] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 70.611404][ T6520] ext4 filesystem being mounted at /37/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 70.634685][ T6526] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 70.655219][ T6531] loop6: detected capacity change from 0 to 1024 [ 70.678166][ T6520] netlink: 'syz.5.983': attribute type 13 has an invalid length. [ 70.687326][ T6522] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 70.709524][ T6526] ext4 filesystem being mounted at /232/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 70.758465][ T6531] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 70.815867][ T3300] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 70.847530][ T6520] bridge0: port 2(bridge_slave_1) entered disabled state [ 70.854791][ T6520] bridge0: port 1(bridge_slave_0) entered disabled state [ 70.908751][ T5969] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 70.924152][ T3299] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 70.960624][ T6544] loop4: detected capacity change from 0 to 128 [ 70.981112][ T6544] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 70.997461][ T6520] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 71.033481][ T6544] ext4 filesystem being mounted at /233/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 71.036013][ T6520] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 71.124995][ T3299] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 71.196266][ T4079] netdevsim netdevsim5 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 71.225996][ T4079] netdevsim netdevsim5 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 71.245920][ T4079] netdevsim netdevsim5 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 71.267351][ T4079] netdevsim netdevsim5 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 71.282556][ T6561] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1009'. [ 71.295691][ T5652] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 71.333370][ T6567] loop5: detected capacity change from 0 to 1024 [ 71.357354][ T6567] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 71.420592][ T6573] loop4: detected capacity change from 0 to 128 [ 71.517280][ T6573] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 71.523151][ T6567] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:4183: comm syz.5.999: Allocating blocks 449-513 which overlap fs metadata [ 71.543920][ T6573] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 71.599565][ T6566] EXT4-fs (loop5): pa ffff8881072a88c0: logic 48, phys. 177, len 21 [ 71.607629][ T6566] EXT4-fs error (device loop5): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 4 [ 71.642766][ T5652] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 71.669693][ T31] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 71.790581][ T6592] loop4: detected capacity change from 0 to 164 [ 71.797577][ T6592] rock: directory entry would overflow storage [ 71.803747][ T6592] rock: sig=0x4543, size=28, remaining=18 [ 71.839906][ T6597] loop4: detected capacity change from 0 to 128 [ 71.848939][ T6597] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback. [ 71.862437][ T6597] ext4 filesystem being mounted at /240/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 71.909893][ T6601] loop6: detected capacity change from 0 to 1024 [ 71.924022][ T6604] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1018'. [ 71.933647][ T6604] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1018'. [ 71.943942][ T6601] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 71.984408][ T6601] EXT4-fs error (device loop6): ext4_mb_mark_diskspace_used:4183: comm syz.6.1016: Allocating blocks 449-513 which overlap fs metadata [ 72.007732][ T6599] EXT4-fs (loop6): pa ffff8881072a89a0: logic 48, phys. 177, len 21 [ 72.015813][ T6599] EXT4-fs error (device loop6): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 4 [ 72.044451][ T5969] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 72.149160][ T3299] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 72.171186][ T6620] loop6: detected capacity change from 0 to 128 [ 72.179137][ T6620] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 72.192361][ T6620] ext4 filesystem being mounted at /17/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 72.240386][ T5969] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 72.249718][ T6625] loop4: detected capacity change from 0 to 1024 [ 72.256413][ T6625] EXT4-fs: Ignoring removed orlov option [ 72.262089][ T6625] EXT4-fs: Ignoring removed nomblk_io_submit option [ 72.272061][ T6625] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 72.302464][ T3299] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 72.306937][ T6629] lo speed is unknown, defaulting to 1000 [ 72.317961][ T6629] lo speed is unknown, defaulting to 1000 [ 72.403074][ T6641] loop4: detected capacity change from 0 to 128 [ 72.411221][ T6640] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 72.426903][ T3412] lo speed is unknown, defaulting to 1000 [ 72.548194][ T6648] loop6: detected capacity change from 0 to 128 [ 72.560102][ T6649] loop1: detected capacity change from 0 to 1024 [ 72.575977][ T6648] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback. [ 72.588703][ T6648] ext4 filesystem being mounted at /22/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 72.596775][ T6649] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 72.704407][ T6649] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4183: comm syz.1.1031: Allocating blocks 449-513 which overlap fs metadata [ 72.792595][ T6645] EXT4-fs (loop1): pa ffff8881072a88c0: logic 48, phys. 177, len 21 [ 72.800693][ T6645] EXT4-fs error (device loop1): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 4 [ 72.870580][ T3300] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 72.921475][ T6661] loop5: detected capacity change from 0 to 128 [ 72.957889][ T6661] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 72.983581][ T6661] ext4 filesystem being mounted at /47/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 73.061216][ T5652] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 73.238931][ T5969] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 73.514351][ T6701] loop3: detected capacity change from 0 to 1024 [ 73.543906][ T6701] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 73.612536][ T6709] vhci_hcd: invalid port number 0 [ 73.651373][ T6701] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4183: comm syz.3.1054: Allocating blocks 449-513 which overlap fs metadata [ 73.693404][ T6700] EXT4-fs (loop3): pa ffff8881072a89a0: logic 48, phys. 177, len 21 [ 73.701440][ T6700] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 4 [ 73.731504][ T3305] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 73.771092][ T6722] loop3: detected capacity change from 0 to 128 [ 73.789469][ T6722] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 73.828966][ T6722] ext4 filesystem being mounted at /181/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 73.843951][ T6732] loop6: detected capacity change from 0 to 512 [ 73.896461][ T6732] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 73.935924][ T6732] ext4 filesystem being mounted at /29/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 73.970526][ T3305] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 73.982997][ T6732] netlink: 'syz.6.1066': attribute type 13 has an invalid length. [ 74.054952][ T6732] bridge0: port 2(bridge_slave_1) entered disabled state [ 74.062192][ T6732] bridge0: port 1(bridge_slave_0) entered disabled state [ 74.108934][ T6732] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 74.119415][ T6732] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 74.194341][ T4068] netdevsim netdevsim6 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 74.204631][ T4068] netdevsim netdevsim6 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 74.214443][ T4068] netdevsim netdevsim6 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 74.231088][ T4068] netdevsim netdevsim6 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 74.241556][ T5969] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 74.295475][ T6772] vlan2: entered allmulticast mode [ 74.397486][ T6784] loop1: detected capacity change from 0 to 128 [ 74.404405][ T6784] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 74.417842][ T6784] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 74.471147][ T4058] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 74.611899][ T6797] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6797 comm=syz.1.1102 [ 74.680444][ T6804] loop3: detected capacity change from 0 to 1024 [ 74.709143][ T6804] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 74.724518][ T6813] loop6: detected capacity change from 0 to 164 [ 74.732990][ T6812] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1098'. [ 74.742717][ T6813] rock: directory entry would overflow storage [ 74.748982][ T6813] rock: sig=0x4543, size=28, remaining=18 [ 74.765404][ T6804] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4183: comm syz.3.1095: Allocating blocks 449-513 which overlap fs metadata [ 74.795545][ T6802] EXT4-fs (loop3): pa ffff8881071f0460: logic 48, phys. 177, len 21 [ 74.803679][ T6802] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 4 [ 74.822431][ T6817] vhci_hcd: invalid port number 0 [ 74.832095][ T3305] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 74.854003][ T6820] vlan2: entered allmulticast mode [ 74.877353][ T6826] loop3: detected capacity change from 0 to 1024 [ 74.899727][ T6826] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 74.929163][ T6826] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4183: comm syz.3.1114: Allocating blocks 449-513 which overlap fs metadata [ 74.947505][ T6832] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6832 comm=syz.6.1106 [ 74.990940][ T6825] EXT4-fs (loop3): pa ffff8881071f0380: logic 48, phys. 177, len 21 [ 74.999007][ T6825] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 4 [ 75.024898][ T3305] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 75.066757][ T6853] loop3: detected capacity change from 0 to 164 [ 75.080218][ T6853] rock: directory entry would overflow storage [ 75.086415][ T6853] rock: sig=0x4543, size=28, remaining=18 [ 75.213859][ T6858] loop4: detected capacity change from 0 to 32768 [ 75.219575][ T6867] netlink: 'syz.3.1123': attribute type 13 has an invalid length. [ 75.228307][ T6868] loop6: detected capacity change from 0 to 1024 [ 75.240200][ T6867] gretap0: refused to change device tx_queue_len [ 75.242531][ T6868] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 75.263092][ T6867] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check. [ 75.284461][ T29] kauditd_printk_skb: 36 callbacks suppressed [ 75.284475][ T29] audit: type=1326 audit(1755327366.567:4123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6856 comm="syz.4.1119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e292eebe9 code=0x7ffc0000 [ 75.314087][ T29] audit: type=1326 audit(1755327366.567:4124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6856 comm="syz.4.1119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e292eebe9 code=0x7ffc0000 [ 75.337577][ T29] audit: type=1326 audit(1755327366.567:4125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6856 comm="syz.4.1119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7e292eebe9 code=0x7ffc0000 [ 75.360977][ T29] audit: type=1326 audit(1755327366.567:4126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6856 comm="syz.4.1119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e292eebe9 code=0x7ffc0000 [ 75.384463][ T29] audit: type=1326 audit(1755327366.567:4127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6856 comm="syz.4.1119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e292eebe9 code=0x7ffc0000 [ 75.407904][ T29] audit: type=1326 audit(1755327366.567:4128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6856 comm="syz.4.1119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7e292eebe9 code=0x7ffc0000 [ 75.431608][ T29] audit: type=1326 audit(1755327366.567:4129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6856 comm="syz.4.1119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e292eebe9 code=0x7ffc0000 [ 75.451846][ T6872] loop3: detected capacity change from 0 to 512 [ 75.455038][ T29] audit: type=1326 audit(1755327366.567:4130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6856 comm="syz.4.1119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e292eebe9 code=0x7ffc0000 [ 75.484736][ T29] audit: type=1326 audit(1755327366.567:4131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6856 comm="syz.4.1119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7e292eebe9 code=0x7ffc0000 [ 75.508148][ T29] audit: type=1326 audit(1755327366.599:4132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6856 comm="syz.4.1119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e292eebe9 code=0x7ffc0000 [ 75.512789][ T6873] EXT4-fs error (device loop6): ext4_mb_mark_diskspace_used:4183: comm syz.6.1124: Allocating blocks 449-513 which overlap fs metadata [ 75.548325][ T6872] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 75.560999][ T6872] ext4 filesystem being mounted at /194/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 75.571468][ T6866] EXT4-fs (loop6): pa ffff8881071f04d0: logic 48, phys. 177, len 21 [ 75.579609][ T6866] EXT4-fs error (device loop6): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 4 [ 75.592056][ T6872] netlink: 'syz.3.1125': attribute type 13 has an invalid length. [ 75.602686][ T5969] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 75.688105][ T6872] bridge0: port 2(bridge_slave_1) entered disabled state [ 75.695361][ T6872] bridge0: port 1(bridge_slave_0) entered disabled state [ 75.760832][ T6872] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 75.771645][ T6872] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 75.847002][ T4030] netdevsim netdevsim3 eth0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 75.881492][ T4030] netdevsim netdevsim3 eth1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 75.892914][ T4030] netdevsim netdevsim3 eth2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 75.902336][ T4030] netdevsim netdevsim3 eth3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 75.994794][ T3305] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 76.008089][ T6925] netlink: 2036 bytes leftover after parsing attributes in process `syz.1.1135'. [ 76.017259][ T6925] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1135'. [ 76.110392][ T6938] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1146'. [ 76.183578][ T6930] loop5: detected capacity change from 0 to 32768 [ 76.254815][ T6952] netlink: 96 bytes leftover after parsing attributes in process `syz.3.1153'. [ 76.445070][ T6890] lo speed is unknown, defaulting to 1000 [ 76.450874][ T6890] syz0: Port: 1 Link DOWN [ 76.456469][ T6969] netlink: 'syz.4.1160': attribute type 13 has an invalid length. [ 76.480571][ T6969] gretap0: refused to change device tx_queue_len [ 76.501048][ T6969] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check. [ 76.516778][ T6890] lo speed is unknown, defaulting to 1000 [ 76.522617][ T6890] syz0: Port: 1 Link ACTIVE [ 76.566896][ T6978] loop5: detected capacity change from 0 to 1024 [ 76.580348][ T6979] SELinux: failed to load policy [ 76.593546][ T6978] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 76.640203][ T6978] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:4183: comm syz.5.1163: Allocating blocks 449-513 which overlap fs metadata [ 76.662704][ T6976] EXT4-fs (loop5): pa ffff8881071f04d0: logic 48, phys. 177, len 21 [ 76.670749][ T6976] EXT4-fs error (device loop5): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 4 [ 76.692460][ T6994] loop3: detected capacity change from 0 to 512 [ 76.702899][ T5652] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 76.704925][ T6993] netlink: 96 bytes leftover after parsing attributes in process `syz.6.1168'. [ 76.712056][ T6994] EXT4-fs: Ignoring removed nomblk_io_submit option [ 76.729483][ T6994] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 76.760170][ T6994] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters [ 76.789331][ T6994] EXT4-fs warning (device loop3): ext4_expand_extra_isize_ea:2848: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 76.806256][ T7003] netlink: 'syz.5.1174': attribute type 13 has an invalid length. [ 76.808349][ T6994] EXT4-fs (loop3): 1 truncate cleaned up [ 76.820353][ T6994] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 76.820717][ T7003] gretap0: refused to change device tx_queue_len [ 76.840844][ T7003] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check. [ 76.866542][ T3305] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 76.899522][ T7007] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1176'. [ 76.908422][ T7007] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 76.915909][ T7007] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 77.108878][ T7035] ªªªªª: renamed from vlan1 [ 77.135433][ T7041] netlink: 'syz.6.1190': attribute type 13 has an invalid length. [ 77.147704][ T7041] gretap0: refused to change device tx_queue_len [ 77.154622][ T7041] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check. [ 77.235468][ T7043] SELinux: failed to load policy [ 77.371946][ T7057] loop3: detected capacity change from 0 to 1024 [ 77.379939][ T7057] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 77.390903][ T7057] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 77.402619][ T7057] EXT4-fs error (device loop3): ext4_ext_check_inode:523: inode #2: comm syz.3.1198: pblk 0 bad header/extent: invalid eh_entries - magic f30a, entries 2, max 1(4), depth 0(0) [ 77.438016][ T7057] EXT4-fs (loop3): no journal found [ 77.763943][ T7075] loop4: detected capacity change from 0 to 512 [ 77.808777][ T7075] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 77.872036][ T7075] ext4 filesystem being mounted at /276/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 77.889785][ T7082] SELinux: failed to load policy [ 77.919238][ T7075] netlink: 'syz.4.1205': attribute type 13 has an invalid length. [ 78.003470][ T7088] loop5: detected capacity change from 0 to 128 [ 78.019375][ T7090] loop1: detected capacity change from 0 to 512 [ 78.031101][ T7088] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback. [ 78.050128][ T7075] bridge0: port 2(bridge_slave_1) entered disabled state [ 78.053185][ T7090] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 78.057615][ T7075] bridge0: port 1(bridge_slave_0) entered disabled state [ 78.073452][ T7088] ext4 filesystem being mounted at /77/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 78.090370][ T7090] ext4 filesystem being mounted at /239/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 78.128709][ T7090] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.1209: bg 0: block 64: padding at end of block bitmap is not set [ 78.208337][ T3300] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 78.210794][ T7075] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 78.228427][ T7075] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 78.314846][ T6889] lo speed is unknown, defaulting to 1000 [ 78.320628][ T6889] syz0: Port: 1 Link DOWN [ 78.325494][ T4068] netdevsim netdevsim4 eth0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 78.345017][ T4068] netdevsim netdevsim4 eth1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 78.364909][ T4068] netdevsim netdevsim4 eth2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 78.387746][ T4068] netdevsim netdevsim4 eth3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 78.462048][ T3299] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 78.502534][ T5652] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 78.616311][ T7138] syz_tun: entered allmulticast mode [ 78.624091][ T7137] syz_tun: left allmulticast mode [ 78.641128][ T7140] loop5: detected capacity change from 0 to 256 [ 78.643319][ T7142] loop1: detected capacity change from 0 to 512 [ 78.671247][ T7142] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 78.683968][ T7142] ext4 filesystem being mounted at /244/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 78.699086][ T7142] netlink: 'syz.1.1228': attribute type 13 has an invalid length. [ 78.741734][ T7142] bridge0: port 2(bridge_slave_1) entered disabled state [ 78.749074][ T7142] bridge0: port 1(bridge_slave_0) entered disabled state [ 78.782580][ T7142] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 78.792440][ T7142] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 78.845542][ T3412] lo speed is unknown, defaulting to 1000 [ 78.851321][ T3412] syz2: Port: 1 Link DOWN [ 78.864630][ T4058] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 78.876001][ T4058] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 78.885248][ T4058] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 78.898862][ T4058] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 78.899368][ T3300] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 78.938438][ T7152] loop1: detected capacity change from 0 to 128 [ 78.967219][ T7152] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback. [ 78.990260][ T7152] ext4 filesystem being mounted at /245/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 79.457085][ T7179] lo speed is unknown, defaulting to 1000 [ 79.473003][ T7179] lo speed is unknown, defaulting to 1000 [ 79.511514][ T7182] loop3: detected capacity change from 0 to 512 [ 79.575936][ T3300] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 79.609776][ T7182] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 79.640431][ T7182] ext4 filesystem being mounted at /219/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 79.661348][ T7189] netlink: 96 bytes leftover after parsing attributes in process `syz.4.1245'. [ 79.713000][ T7179] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #2: comm syz.3.1242: corrupted inode contents [ 79.759563][ T7179] EXT4-fs error (device loop3): ext4_dirty_inode:6538: inode #2: comm syz.3.1242: mark_inode_dirty error [ 79.796048][ T7179] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #2: comm syz.3.1242: corrupted inode contents [ 79.820001][ T7179] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #2: comm syz.3.1242: mark_inode_dirty error [ 79.878482][ T3305] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 80.007882][ T7223] veth3: entered promiscuous mode [ 80.045052][ T7226] loop5: detected capacity change from 0 to 512 [ 80.063555][ T7226] ext4 filesystem being mounted at /93/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 80.079552][ T7226] netlink: 'syz.5.1264': attribute type 13 has an invalid length. [ 80.112516][ T6884] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 80.123649][ T6884] hid-generic 0000:0000:0000.0005: hidraw0: HID v0.00 Device [syz1] on syz0 [ 80.178868][ T7240] loop5: detected capacity change from 0 to 1024 [ 80.187739][ T7240] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 80.198669][ T7240] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 80.229743][ T7240] EXT4-fs error (device loop5): ext4_ext_check_inode:523: inode #2: comm syz.5.1268: pblk 0 bad header/extent: invalid eh_entries - magic f30a, entries 2, max 1(4), depth 0(0) [ 80.254154][ T7240] EXT4-fs (loop5): no journal found [ 80.300190][ T7251] loop5: detected capacity change from 0 to 128 [ 80.526459][ T7268] loop5: detected capacity change from 0 to 1024 [ 80.572527][ T7268] netlink: 'syz.5.1272': attribute type 1 has an invalid length. [ 80.682620][ T7258] Set syz1 is full, maxelem 65536 reached [ 80.727072][ T7299] pim6reg1: entered promiscuous mode [ 80.732445][ T7299] pim6reg1: entered allmulticast mode [ 80.814135][ T7317] netlink: 'syz.1.1279': attribute type 3 has an invalid length. [ 80.822112][ T7317] netlink: 'syz.1.1279': attribute type 3 has an invalid length. [ 80.853742][ T7324] loop1: detected capacity change from 0 to 256 [ 80.864582][ T7326] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1282'. [ 80.873660][ T7326] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 80.890184][ T7326] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 81.039642][ T29] kauditd_printk_skb: 1049 callbacks suppressed [ 81.039656][ T29] audit: type=1400 audit(1755327372.604:5182): avc: denied { validate_trans } for pid=7363 comm="syz.1.1290" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1 [ 81.105544][ T7372] veth3: entered promiscuous mode [ 81.317752][ T7421] loop6: detected capacity change from 0 to 256 [ 81.326861][ T29] audit: type=1400 audit(1755327372.909:5183): avc: denied { create } for pid=7420 comm="syz.1.1304" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=mctp_socket permissive=1 [ 81.384980][ T29] audit: type=1400 audit(1755327372.919:5184): avc: denied { ioctl } for pid=7420 comm="syz.1.1304" path="socket:[16982]" dev="sockfs" ino=16982 ioctlcmd=0x89e2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=mctp_socket permissive=1 [ 81.409773][ T29] audit: type=1400 audit(1755327372.919:5185): avc: denied { bind } for pid=7420 comm="syz.1.1304" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=mctp_socket permissive=1 [ 81.447486][ T7432] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1299'. [ 81.456489][ T7432] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 81.478318][ T7432] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 81.508009][ T7437] loop1: detected capacity change from 0 to 512 [ 81.514597][ T7437] EXT4-fs: Ignoring removed nomblk_io_submit option [ 81.521580][ T7437] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 81.533080][ T7437] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters [ 81.556508][ T7437] EXT4-fs (loop1): 1 truncate cleaned up [ 81.598149][ T7451] netlink: 'syz.4.1307': attribute type 3 has an invalid length. [ 81.605982][ T7451] netlink: 'syz.4.1307': attribute type 3 has an invalid length. [ 81.640335][ T7447] lo speed is unknown, defaulting to 1000 [ 81.648699][ T7447] lo speed is unknown, defaulting to 1000 [ 81.677153][ T29] audit: type=1326 audit(1755327373.276:5186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7446 comm="syz.6.1303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d6ebfebe9 code=0x7ffc0000 [ 81.678042][ T7458] loop6: detected capacity change from 0 to 512 [ 81.700609][ T29] audit: type=1326 audit(1755327373.276:5187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7446 comm="syz.6.1303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9d6ebfebe9 code=0x7ffc0000 [ 81.700640][ T29] audit: type=1326 audit(1755327373.276:5188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7446 comm="syz.6.1303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d6ebfebe9 code=0x7ffc0000 [ 81.700680][ T29] audit: type=1326 audit(1755327373.276:5189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7446 comm="syz.6.1303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f9d6ebfebe9 code=0x7ffc0000 [ 81.700708][ T29] audit: type=1326 audit(1755327373.276:5190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7446 comm="syz.6.1303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f9d6ebfec23 code=0x7ffc0000 [ 81.800674][ T29] audit: type=1326 audit(1755327373.276:5191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7446 comm="syz.6.1303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f9d6ebfd69f code=0x7ffc0000 [ 81.848967][ T7458] ext4 filesystem being mounted at /70/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 81.937456][ T7447] EXT4-fs error (device loop6): ext4_do_update_inode:5653: inode #2: comm syz.6.1303: corrupted inode contents [ 81.958339][ T7447] EXT4-fs error (device loop6): ext4_dirty_inode:6538: inode #2: comm syz.6.1303: mark_inode_dirty error [ 81.990769][ T7447] EXT4-fs error (device loop6): ext4_do_update_inode:5653: inode #2: comm syz.6.1303: corrupted inode contents [ 82.018236][ T7447] EXT4-fs error (device loop6): __ext4_ext_dirty:206: inode #2: comm syz.6.1303: mark_inode_dirty error [ 82.115121][ T7493] loop1: detected capacity change from 0 to 1764 [ 82.124490][ T7493] netlink: 'syz.1.1324': attribute type 4 has an invalid length. [ 82.134807][ T7497] serio: Serial port ptm0 [ 82.160407][ T3412] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 82.168322][ T3412] hid-generic 0000:0000:0000.0006: hidraw0: HID v0.00 Device [syz1] on syz0 [ 82.178576][ T7504] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1329'. [ 82.188605][ T7504] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 82.205639][ T7504] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 82.237751][ T7507] lo speed is unknown, defaulting to 1000 [ 82.245003][ T7507] lo speed is unknown, defaulting to 1000 [ 82.284551][ T7512] loop4: detected capacity change from 0 to 512 [ 82.333642][ T7512] ext4 filesystem being mounted at /305/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 82.448330][ T7507] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #2: comm syz.4.1330: corrupted inode contents [ 82.486591][ T7507] EXT4-fs error (device loop4): ext4_dirty_inode:6538: inode #2: comm syz.4.1330: mark_inode_dirty error [ 82.509997][ T7507] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #2: comm syz.4.1330: corrupted inode contents [ 82.529628][ T7507] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #2: comm syz.4.1330: mark_inode_dirty error [ 82.999071][ T7565] netlink: 'syz.1.1351': attribute type 10 has an invalid length. [ 83.006910][ T7565] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1351'. [ 83.030975][ T7565] batman_adv: batadv0: Adding interface: macvlan0 [ 83.037540][ T7565] batman_adv: batadv0: The MTU of interface macvlan0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 83.041185][ T7571] loop3: detected capacity change from 0 to 512 [ 83.069296][ T7565] batman_adv: batadv0: Interface activated: macvlan0 [ 83.101211][ T7571] ext4 filesystem being mounted at /233/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 83.129422][ T7569] loop4: detected capacity change from 0 to 8192 [ 83.204498][ T7587] loop3: detected capacity change from 0 to 256 [ 83.214330][ T7588] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1359'. [ 83.225909][ T7588] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 83.238515][ T7588] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 83.255601][ T7593] netlink: 24 bytes leftover after parsing attributes in process `syz.6.1361'. [ 83.260554][ T7588] batman_adv: batadv0: Interface deactivated: macvlan0 [ 83.271475][ T7588] batman_adv: batadv0: Removing interface: macvlan0 [ 83.289261][ T7593] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1361'. [ 83.362061][ T7595] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1363'. [ 83.383068][ T7599] loop4: detected capacity change from 0 to 128 [ 83.534638][ T7615] loop4: detected capacity change from 0 to 256 [ 83.736379][ T7621] loop5: detected capacity change from 0 to 512 [ 83.743750][ T7621] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 83.757787][ T7621] ext4 filesystem being mounted at /113/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 83.821744][ T7625] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1377'. [ 84.367012][ T7668] loop3: detected capacity change from 0 to 256 [ 84.383529][ T7666] pim6reg1: entered promiscuous mode [ 84.388938][ T7666] pim6reg1: entered allmulticast mode [ 85.276572][ T7705] netlink: 'syz.6.1422': attribute type 10 has an invalid length. [ 85.284442][ T7705] netlink: 40 bytes leftover after parsing attributes in process `syz.6.1422'. [ 85.295638][ T7705] A link change request failed with some changes committed already. Interface macvlan0 may have been left with an inconsistent configuration, please check. [ 85.363851][ T7710] pim6reg: entered allmulticast mode [ 85.381492][ T7710] pim6reg: left allmulticast mode [ 85.436978][ T7727] loop6: detected capacity change from 0 to 1024 [ 85.444238][ T7727] EXT4-fs: Ignoring removed bh option [ 85.452721][ T7729] loop4: detected capacity change from 0 to 512 [ 85.459364][ T7727] EXT4-fs (loop6): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 85.471821][ T7727] EXT4-fs error (device loop6): ext4_quota_enable:7124: comm syz.6.1424: inode #2304: comm syz.6.1424: iget: illegal inode # [ 85.484897][ T7729] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 85.493953][ T7727] EXT4-fs (loop6): Remounting filesystem read-only [ 85.500503][ T7727] EXT4-fs warning (device loop6): ext4_enable_quotas:7168: Failed to enable quota tracking (type=2, err=-117, ino=2304). Please run e2fsck to fix. [ 85.515833][ T7727] EXT4-fs (loop6): mount failed [ 85.529160][ T7729] ext4 filesystem being mounted at /320/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 85.648380][ T7747] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1430'. [ 85.945198][ T7771] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7771 comm=syz.5.1441 [ 85.972177][ T7775] loop5: detected capacity change from 0 to 256 [ 86.215336][ T7781] syzkaller0: entered promiscuous mode [ 86.220794][ T7781] syzkaller0: entered allmulticast mode [ 86.348390][ T7783] loop1: detected capacity change from 0 to 128 [ 86.422860][ T7783] bio_check_eod: 62 callbacks suppressed [ 86.422872][ T7783] syz.1.1445: attempt to access beyond end of device [ 86.422872][ T7783] loop1: rw=2049, sector=145, nr_sectors = 16 limit=128 [ 86.442894][ T7783] syz.1.1445: attempt to access beyond end of device [ 86.442894][ T7783] loop1: rw=2049, sector=169, nr_sectors = 8 limit=128 [ 86.456289][ T7783] syz.1.1445: attempt to access beyond end of device [ 86.456289][ T7783] loop1: rw=2049, sector=185, nr_sectors = 8 limit=128 [ 86.469810][ T7783] syz.1.1445: attempt to access beyond end of device [ 86.469810][ T7783] loop1: rw=2049, sector=201, nr_sectors = 8 limit=128 [ 86.483336][ T7783] syz.1.1445: attempt to access beyond end of device [ 86.483336][ T7783] loop1: rw=2049, sector=217, nr_sectors = 8 limit=128 [ 86.496742][ T7783] syz.1.1445: attempt to access beyond end of device [ 86.496742][ T7783] loop1: rw=2049, sector=233, nr_sectors = 8 limit=128 [ 86.510240][ T7783] syz.1.1445: attempt to access beyond end of device [ 86.510240][ T7783] loop1: rw=2049, sector=249, nr_sectors = 8 limit=128 [ 86.637309][ T29] kauditd_printk_skb: 660 callbacks suppressed [ 86.637370][ T29] audit: type=1326 audit(1755327378.484:5852): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7792 comm="syz.3.1449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e8242ebe9 code=0x7ffc0000 [ 86.667176][ T29] audit: type=1326 audit(1755327378.484:5853): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7792 comm="syz.3.1449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6e8242ebe9 code=0x7ffc0000 [ 86.690576][ T29] audit: type=1326 audit(1755327378.484:5854): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7792 comm="syz.3.1449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e8242ebe9 code=0x7ffc0000 [ 86.713985][ T29] audit: type=1326 audit(1755327378.484:5855): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7792 comm="syz.3.1449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6e8242ebe9 code=0x7ffc0000 [ 86.745915][ T29] audit: type=1326 audit(1755327378.547:5856): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7792 comm="syz.3.1449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e8242ebe9 code=0x7ffc0000 [ 86.769391][ T29] audit: type=1326 audit(1755327378.547:5857): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7792 comm="syz.3.1449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=105 compat=0 ip=0x7f6e8242ebe9 code=0x7ffc0000 [ 86.772998][ T7797] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 86.792848][ T29] audit: type=1326 audit(1755327378.547:5858): auid=4294967295 uid=255 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7792 comm="syz.3.1449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e8242ebe9 code=0x7ffc0000 [ 86.792872][ T29] audit: type=1326 audit(1755327378.547:5859): auid=4294967295 uid=255 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7792 comm="syz.3.1449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e8242ebe9 code=0x7ffc0000 [ 86.792893][ T29] audit: type=1326 audit(1755327378.547:5860): auid=4294967295 uid=255 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7792 comm="syz.3.1449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=141 compat=0 ip=0x7f6e8242ebe9 code=0x7ffc0000 [ 86.803496][ T7797] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 86.824768][ T29] audit: type=1326 audit(1755327378.547:5861): auid=4294967295 uid=255 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7792 comm="syz.3.1449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e8242ebe9 code=0x7ffc0000 [ 86.947444][ T7803] netlink: 14 bytes leftover after parsing attributes in process `syz.5.1453'. [ 86.958216][ T7803] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 86.969040][ T7803] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 86.979253][ T7803] bond0 (unregistering): Released all slaves [ 86.992501][ T7806] 9pnet_fd: Insufficient options for proto=fd [ 87.159396][ T7830] geneve2: entered promiscuous mode [ 87.177595][ T4125] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 87.189533][ T4125] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 87.220935][ T7837] 9pnet_fd: Insufficient options for proto=fd [ 87.238113][ T4125] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 87.247433][ T4125] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 87.298577][ T7841] netlink: 14 bytes leftover after parsing attributes in process `syz.3.1470'. [ 87.318615][ T7841] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 87.330442][ T7841] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 87.343195][ T7841] bond0 (unregistering): Released all slaves [ 87.456112][ T7861] loop3: detected capacity change from 0 to 128 [ 87.467238][ T7862] geneve2: entered promiscuous mode [ 87.480045][ T7865] loop4: detected capacity change from 0 to 128 [ 87.499380][ T4058] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 87.519679][ T4058] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 87.528784][ T4058] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 87.537584][ T4058] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 87.549525][ T7870] loop6: detected capacity change from 0 to 256 [ 87.581652][ T7874] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1484'. [ 87.600920][ T7865] syz.4.1481: attempt to access beyond end of device [ 87.600920][ T7865] loop4: rw=2049, sector=145, nr_sectors = 16 limit=128 [ 87.615061][ T7865] syz.4.1481: attempt to access beyond end of device [ 87.615061][ T7865] loop4: rw=2049, sector=169, nr_sectors = 8 limit=128 [ 87.628686][ T7865] syz.4.1481: attempt to access beyond end of device [ 87.628686][ T7865] loop4: rw=2049, sector=185, nr_sectors = 8 limit=128 [ 87.690977][ T7887] loop6: detected capacity change from 0 to 2048 [ 87.698802][ T7887] EXT4-fs: Ignoring removed nobh option [ 87.744237][ T7899] geneve2: entered promiscuous mode [ 87.760066][ T4125] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 87.789383][ T4125] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 87.799935][ T7905] pim6reg1: entered promiscuous mode [ 87.805404][ T7905] pim6reg1: entered allmulticast mode [ 87.837968][ T4125] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 87.861951][ T4125] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 87.881531][ T7912] loop5: detected capacity change from 0 to 128 [ 87.960542][ T7920] loop3: detected capacity change from 0 to 128 [ 87.967331][ T7918] loop4: detected capacity change from 0 to 512 [ 87.987948][ T7918] EXT4-fs: Ignoring removed orlov option [ 88.025192][ T7918] ext4 filesystem being mounted at /342/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 88.065939][ T7918] EXT4-fs error (device loop4): ext4_lookup:1787: inode #12: comm syz.4.1503: iget: bad i_size value: 2533274857506816 [ 88.491846][ T7954] loop6: detected capacity change from 0 to 128 [ 88.725743][ T7966] atomic_op ffff88811a203d28 conn xmit_atomic 0000000000000000 [ 88.849938][ T7976] loop4: detected capacity change from 0 to 164 [ 88.857139][ T7976] iso9660: Unknown parameter 'ÿÿÿÿ' [ 88.941760][ T7986] loop1: detected capacity change from 0 to 1024 [ 88.952299][ T7986] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 88.962207][ T7986] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (42152!=20869) [ 88.975624][ T7986] EXT4-fs (loop1): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 88.997586][ T7986] EXT4-fs error (device loop1): ext4_get_journal_inode:5796: inode #32: comm syz.1.1540: iget: special inode unallocated [ 89.012256][ T7986] EXT4-fs (loop1): no journal found [ 89.017565][ T7986] EXT4-fs (loop1): can't get journal size [ 89.042456][ T7986] EXT4-fs error (device loop1): ext4_inlinedir_to_tree:1314: inode #12: block 16: comm syz.1.1540: path /303/file0/file0: bad entry in directory: rec_len is too small for name_len - offset=20, inode=13, rec_len=16, size=60 fake=0 [ 89.093589][ T8003] loop5: detected capacity change from 0 to 1024 [ 89.100328][ T8003] EXT4-fs: inline encryption not supported [ 89.106391][ T8003] EXT4-fs: Ignoring removed bh option [ 89.116176][ T8006] loop1: detected capacity change from 0 to 164 [ 89.125355][ T8006] iso9660: Unknown parameter 'ÿÿÿÿ' [ 89.182493][ T8019] loop1: detected capacity change from 0 to 128 [ 89.192184][ T8017] loop5: detected capacity change from 0 to 128 [ 89.370838][ T8045] netlink: 96 bytes leftover after parsing attributes in process `syz.3.1557'. [ 89.504126][ T8061] loop6: detected capacity change from 0 to 2048 [ 89.521859][ T8069] loop4: detected capacity change from 0 to 128 [ 89.601714][ T8086] netlink: 96 bytes leftover after parsing attributes in process `syz.5.1573'. [ 89.669595][ T8100] sch_tbf: burst 0 is lower than device lo mtu (18) ! [ 89.758596][ T8120] loop6: detected capacity change from 0 to 128 [ 89.951549][ T8157] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1598'. [ 89.960587][ T8157] netlink: 'syz.4.1598': attribute type 7 has an invalid length. [ 89.968370][ T8157] netlink: 'syz.4.1598': attribute type 8 has an invalid length. [ 89.976226][ T8157] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1598'. [ 90.039470][ T8167] netlink: 'syz.6.1601': attribute type 7 has an invalid length. [ 90.047262][ T8167] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1601'. [ 90.093931][ T8173] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1603'. [ 90.196016][ T8188] loop1: detected capacity change from 0 to 128 [ 90.265221][ T8196] loop6: detected capacity change from 0 to 1024 [ 90.280855][ T8196] EXT4-fs (loop6): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 90.290774][ T8196] EXT4-fs (loop6): ext4_check_descriptors: Checksum for group 0 failed (42152!=20869) [ 90.321546][ T8196] EXT4-fs (loop6): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 90.341443][ T8196] EXT4-fs error (device loop6): ext4_get_journal_inode:5796: inode #32: comm syz.6.1610: iget: special inode unallocated [ 90.369907][ T8196] EXT4-fs (loop6): no journal found [ 90.375154][ T8196] EXT4-fs (loop6): can't get journal size [ 90.400832][ T8196] EXT4-fs error (device loop6): ext4_inlinedir_to_tree:1314: inode #12: block 16: comm syz.6.1610: path /134/file0/file0: bad entry in directory: rec_len is too small for name_len - offset=20, inode=13, rec_len=16, size=60 fake=0 [ 90.549241][ T8255] netlink: 1276 bytes leftover after parsing attributes in process `syz.6.1616'. [ 90.743671][ T8288] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 90.786081][ T8288] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 90.861890][ T8288] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 90.919081][ T8288] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 90.970877][ T3444] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.981363][ T3444] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.991942][ T3444] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 91.002143][ T3444] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 91.169701][ T8319] loop4: detected capacity change from 0 to 1024 [ 91.180191][ T8319] EXT4-fs: inline encryption not supported [ 91.198835][ T8319] EXT4-fs: Ignoring removed bh option [ 91.250063][ T8327] loop1: detected capacity change from 0 to 1024 [ 91.265534][ T8327] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 91.281217][ T8332] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1637'. [ 91.296295][ T8327] EXT4-fs error (device loop1): ext4_map_blocks:814: inode #3: block 1: comm syz.1.1636: lblock 1 mapped to illegal pblock 1 (length 1) [ 91.338729][ T8327] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.1636: Failed to acquire dquot type 0 [ 91.365947][ T8327] EXT4-fs error (device loop1): ext4_free_blocks:6696: comm syz.1.1636: Freeing blocks not in datazone - block = 0, count = 4096 [ 91.380159][ T8327] EXT4-fs error (device loop1): ext4_read_inode_bitmap:139: comm syz.1.1636: Invalid inode bitmap blk 0 in block_group 0 [ 91.394747][ T4125] EXT4-fs error (device loop1): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:67: lblock 1 mapped to illegal pblock 1 (length 1) [ 91.427700][ T8327] EXT4-fs error (device loop1) in ext4_free_inode:361: Corrupt filesystem [ 91.439676][ T4125] __quota_error: 379 callbacks suppressed [ 91.439688][ T4125] Quota error (device loop1): remove_tree: Can't read quota data block 1 [ 91.453942][ T4125] EXT4-fs error (device loop1): ext4_release_dquot:6969: comm kworker/u8:67: Failed to release dquot type 0 [ 91.472571][ T8327] EXT4-fs (loop1): 1 orphan inode deleted [ 91.480414][ T29] audit: type=1400 audit(1755327383.576:6239): avc: denied { read } for pid=8326 comm="syz.1.1636" name="loop-control" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1 [ 91.505505][ T29] audit: type=1400 audit(1755327383.576:6240): avc: denied { open } for pid=8326 comm="syz.1.1636" path="/dev/loop-control" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1 [ 91.530219][ T29] audit: type=1400 audit(1755327383.576:6241): avc: denied { ioctl } for pid=8326 comm="syz.1.1636" path="/dev/loop-control" dev="devtmpfs" ino=99 ioctlcmd=0x4c82 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1 [ 91.588362][ T29] audit: type=1326 audit(1755327383.691:6242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8352 comm="syz.1.1647" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efef951ebe9 code=0x7ffc0000 [ 91.611848][ T29] audit: type=1326 audit(1755327383.691:6243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8352 comm="syz.1.1647" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efef951ebe9 code=0x7ffc0000 [ 91.654947][ T29] audit: type=1326 audit(1755327383.691:6244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8352 comm="syz.1.1647" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7efef951ebe9 code=0x7ffc0000 [ 91.678443][ T29] audit: type=1326 audit(1755327383.691:6245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8352 comm="syz.1.1647" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efef951ebe9 code=0x7ffc0000 [ 91.701829][ T29] audit: type=1326 audit(1755327383.691:6246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8352 comm="syz.1.1647" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efef951ebe9 code=0x7ffc0000 [ 91.725295][ T29] audit: type=1326 audit(1755327383.744:6247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8352 comm="syz.1.1647" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7efef951ebe9 code=0x7ffc0000 [ 91.771660][ T8361] loop4: detected capacity change from 0 to 128 [ 91.816057][ T8365] wg2: entered promiscuous mode [ 91.820951][ T8365] wg2: entered allmulticast mode [ 91.835489][ T8366] bio_check_eod: 344 callbacks suppressed [ 91.835502][ T8366] syz.4.1650: attempt to access beyond end of device [ 91.835502][ T8366] loop4: rw=2049, sector=145, nr_sectors = 16 limit=128 [ 91.855402][ T8366] syz.4.1650: attempt to access beyond end of device [ 91.855402][ T8366] loop4: rw=2049, sector=169, nr_sectors = 8 limit=128 [ 91.870131][ T8366] syz.4.1650: attempt to access beyond end of device [ 91.870131][ T8366] loop4: rw=2049, sector=185, nr_sectors = 8 limit=128 [ 91.893336][ T8366] syz.4.1650: attempt to access beyond end of device [ 91.893336][ T8366] loop4: rw=2049, sector=201, nr_sectors = 8 limit=128 [ 91.921097][ T8372] wireguard0: entered promiscuous mode [ 91.925701][ T8366] syz.4.1650: attempt to access beyond end of device [ 91.925701][ T8366] loop4: rw=2049, sector=217, nr_sectors = 8 limit=128 [ 91.926576][ T8372] wireguard0: entered allmulticast mode [ 91.940117][ T8366] syz.4.1650: attempt to access beyond end of device [ 91.940117][ T8366] loop4: rw=2049, sector=233, nr_sectors = 8 limit=128 [ 91.959209][ T8366] syz.4.1650: attempt to access beyond end of device [ 91.959209][ T8366] loop4: rw=2049, sector=249, nr_sectors = 8 limit=128 [ 91.972699][ T8366] syz.4.1650: attempt to access beyond end of device [ 91.972699][ T8366] loop4: rw=2049, sector=265, nr_sectors = 8 limit=128 [ 91.986164][ T8366] syz.4.1650: attempt to access beyond end of device [ 91.986164][ T8366] loop4: rw=2049, sector=281, nr_sectors = 8 limit=128 [ 92.001168][ T8366] syz.4.1650: attempt to access beyond end of device [ 92.001168][ T8366] loop4: rw=2049, sector=297, nr_sectors = 8 limit=128 [ 92.022060][ T8377] netlink: 16 bytes leftover after parsing attributes in process `syz.6.1657'. [ 92.031534][ T8375] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1656'. [ 92.075270][ T8379] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 92.121709][ T8381] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1659'. [ 92.157825][ T8379] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 92.205097][ T8379] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 92.252410][ T8379] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 92.294579][ T4125] netdevsim netdevsim6 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.305523][ T4125] netdevsim netdevsim6 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.316468][ T4125] netdevsim netdevsim6 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.327027][ T3444] netdevsim netdevsim6 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.506203][ T8411] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1671'. [ 92.716395][ T8419] openvswitch: netlink: Message has 6 unknown bytes. [ 92.738376][ T8425] netdevsim netdevsim5 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 92.783147][ T8430] veth5: entered promiscuous mode [ 92.789330][ T8425] netdevsim netdevsim5 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 92.791067][ T8432] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1680'. [ 92.834993][ T8425] netdevsim netdevsim5 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 92.881307][ T8425] netdevsim netdevsim5 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 92.949660][ T4125] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.975654][ T8442] loop1: detected capacity change from 0 to 128 [ 92.984274][ T4125] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.000116][ T4125] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.028281][ T4058] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.094573][ T8447] wg2: entered promiscuous mode [ 93.099625][ T8447] wg2: entered allmulticast mode [ 93.129269][ T8450] netlink: 'syz.4.1688': attribute type 3 has an invalid length. [ 93.186340][ T8457] loop1: detected capacity change from 0 to 128 [ 93.304570][ T8470] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1696'. [ 93.355188][ T8476] bridge0: port 3(macsec1) entered blocking state [ 93.361678][ T8476] bridge0: port 3(macsec1) entered disabled state [ 93.368690][ T8476] macsec1: entered allmulticast mode [ 93.373991][ T8476] bridge0: entered allmulticast mode [ 93.381171][ T8476] macsec1: left allmulticast mode [ 93.386236][ T8476] bridge0: left allmulticast mode [ 94.353018][ T8494] 8021q: adding VLAN 0 to HW filter on device bond0 [ 94.376287][ T8494] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 94.404776][ T3412] lo speed is unknown, defaulting to 1000 [ 94.410505][ T3412] syz0: Port: 1 Link ACTIVE [ 94.484904][ T8509] veth5: entered promiscuous mode [ 94.528230][ T8517] netdevsim netdevsim5 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 94.567320][ T8517] netdevsim netdevsim5 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 94.603454][ T8530] netlink: 'syz.4.1724': attribute type 1 has an invalid length. [ 94.611959][ T8517] netdevsim netdevsim5 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 94.627833][ T8530] 8021q: adding VLAN 0 to HW filter on device bond3 [ 94.636948][ T8530] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1724'. [ 94.648108][ T8530] bond3 (unregistering): Released all slaves [ 94.662534][ T8517] netdevsim netdevsim5 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 94.759842][ T4030] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.772937][ T4030] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.783773][ T4030] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.797790][ T4030] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.848395][ T8545] veth7: entered promiscuous mode [ 94.919377][ T8556] loop4: detected capacity change from 0 to 1024 [ 94.927762][ T8556] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 94.949658][ T8562] loop1: detected capacity change from 0 to 1024 [ 94.957286][ T8562] EXT4-fs: Ignoring removed bh option [ 94.966205][ T8556] EXT4-fs error (device loop4): ext4_map_blocks:814: inode #3: block 1: comm syz.4.1733: lblock 1 mapped to illegal pblock 1 (length 1) [ 94.980978][ T8556] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.1733: Failed to acquire dquot type 0 [ 94.992976][ T8556] EXT4-fs error (device loop4): ext4_free_blocks:6696: comm syz.4.1733: Freeing blocks not in datazone - block = 0, count = 4096 [ 94.993016][ T8562] EXT4-fs mount: 32 callbacks suppressed [ 94.993104][ T8562] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 95.025276][ T8556] EXT4-fs error (device loop4): ext4_read_inode_bitmap:139: comm syz.4.1733: Invalid inode bitmap blk 0 in block_group 0 [ 95.039044][ T8556] EXT4-fs error (device loop4) in ext4_free_inode:361: Corrupt filesystem [ 95.040803][ T8570] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1737'. [ 95.058840][ T8556] EXT4-fs (loop4): 1 orphan inode deleted [ 95.058840][ T4125] EXT4-fs error (device loop4): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:67: lblock 1 mapped to illegal pblock 1 (length 1) [ 95.071495][ T8556] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 95.092222][ T4125] EXT4-fs error (device loop4): ext4_release_dquot:6969: comm kworker/u8:67: Failed to release dquot type 0 [ 95.121820][ T3300] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 95.139000][ T8573] IPVS: Error connecting to the multicast addr [ 95.173133][ T3299] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 95.182789][ T8579] loop6: detected capacity change from 0 to 128 [ 95.284353][ T8593] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 95.388724][ T8610] loop5: detected capacity change from 0 to 128 [ 95.395138][ T8609] loop3: detected capacity change from 0 to 1024 [ 95.397334][ T8610] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 95.413745][ T8609] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 95.426433][ T8610] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 95.429749][ T8609] EXT4-fs error (device loop3): ext4_map_blocks:814: inode #3: block 1: comm syz.3.1756: lblock 1 mapped to illegal pblock 1 (length 1) [ 95.449933][ T8609] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.1756: Failed to acquire dquot type 0 [ 95.461523][ T4125] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 95.474874][ T8609] EXT4-fs error (device loop3): ext4_free_blocks:6696: comm syz.3.1756: Freeing blocks not in datazone - block = 0, count = 4096 [ 95.488544][ T8609] EXT4-fs error (device loop3): ext4_read_inode_bitmap:139: comm syz.3.1756: Invalid inode bitmap blk 0 in block_group 0 [ 95.501246][ T4105] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:66: lblock 1 mapped to illegal pblock 1 (length 1) [ 95.501488][ T8609] EXT4-fs error (device loop3) in ext4_free_inode:361: Corrupt filesystem [ 95.524395][ T8609] EXT4-fs (loop3): 1 orphan inode deleted [ 95.524394][ T4105] EXT4-fs error (device loop3): ext4_release_dquot:6969: comm kworker/u8:66: Failed to release dquot type 0 [ 95.542126][ T8609] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 95.613922][ T3305] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 95.763042][ T8636] syzkaller0: entered allmulticast mode [ 95.771254][ T8636] syzkaller0 (unregistering): left allmulticast mode [ 96.287715][ T29] kauditd_printk_skb: 388 callbacks suppressed [ 96.287729][ T29] audit: type=1400 audit(1755327388.616:6630): avc: denied { bind } for pid=8658 comm="syz.4.1786" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 96.332371][ T29] audit: type=1400 audit(1755327388.668:6631): avc: denied { mounton } for pid=8660 comm="syz.1.1775" path="/360/bus" dev="tmpfs" ino=1906 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 96.380672][ T29] audit: type=1326 audit(1755327388.721:6632): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8670 comm="syz.4.1778" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e292eebe9 code=0x7ffc0000 [ 96.404184][ T29] audit: type=1326 audit(1755327388.721:6633): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8670 comm="syz.4.1778" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e292eebe9 code=0x7ffc0000 [ 96.437264][ T29] audit: type=1326 audit(1755327388.773:6634): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8670 comm="syz.4.1778" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7e292eebe9 code=0x7ffc0000 [ 96.460658][ T29] audit: type=1326 audit(1755327388.773:6635): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8670 comm="syz.4.1778" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e292eebe9 code=0x7ffc0000 [ 96.484033][ T29] audit: type=1326 audit(1755327388.773:6636): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8670 comm="syz.4.1778" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e292eebe9 code=0x7ffc0000 [ 96.507481][ T29] audit: type=1326 audit(1755327388.773:6637): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8670 comm="syz.4.1778" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7e292eebe9 code=0x7ffc0000 [ 96.530942][ T29] audit: type=1326 audit(1755327388.773:6638): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8670 comm="syz.4.1778" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e292eebe9 code=0x7ffc0000 [ 96.554324][ T29] audit: type=1326 audit(1755327388.773:6639): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8670 comm="syz.4.1778" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e292eebe9 code=0x7ffc0000 [ 96.626059][ T8684] 8021q: adding VLAN 0 to HW filter on device  [ 96.635481][ T8684] A link change request failed with some changes committed already. Interface  may have been left with an inconsistent configuration, please check. [ 96.650744][ T6884] lo speed is unknown, defaulting to 1000 [ 96.656531][ T6884] syz2: Port: 1 Link ACTIVE [ 96.670394][ T8687] siw: device registration error -23 [ 96.678231][ T8690] wireguard0: entered promiscuous mode [ 96.683822][ T8690] wireguard0: entered allmulticast mode [ 96.788094][ T8695] loop6: detected capacity change from 0 to 1024 [ 96.795186][ T8695] EXT4-fs (loop6): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 96.809363][ T8695] EXT4-fs error (device loop6): ext4_map_blocks:814: inode #3: block 1: comm syz.6.1791: lblock 1 mapped to illegal pblock 1 (length 1) [ 96.823528][ T8695] EXT4-fs error (device loop6): ext4_acquire_dquot:6933: comm syz.6.1791: Failed to acquire dquot type 0 [ 96.835361][ T8695] EXT4-fs error (device loop6): ext4_free_blocks:6696: comm syz.6.1791: Freeing blocks not in datazone - block = 0, count = 4096 [ 96.849039][ T8695] EXT4-fs error (device loop6): ext4_read_inode_bitmap:139: comm syz.6.1791: Invalid inode bitmap blk 0 in block_group 0 [ 96.861921][ T4030] EXT4-fs error (device loop6): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:10: lblock 1 mapped to illegal pblock 1 (length 1) [ 96.861962][ T8695] EXT4-fs error (device loop6) in ext4_free_inode:361: Corrupt filesystem [ 96.862026][ T8695] EXT4-fs (loop6): 1 orphan inode deleted [ 96.886244][ T4030] EXT4-fs error (device loop6): ext4_release_dquot:6969: comm kworker/u8:10: Failed to release dquot type 0 [ 96.891225][ T8695] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 96.916883][ T8697] bridge0: entered promiscuous mode [ 96.922696][ T8697] bridge0: port 3(macsec1) entered blocking state [ 96.929240][ T8697] bridge0: port 3(macsec1) entered disabled state [ 96.935987][ T8697] macsec1: entered allmulticast mode [ 96.941378][ T8697] bridge0: entered allmulticast mode [ 96.947115][ T8697] macsec1: left allmulticast mode [ 96.952130][ T8697] bridge0: left allmulticast mode [ 96.957587][ T8697] bridge0: left promiscuous mode [ 96.979450][ T5969] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 97.036763][ T8712] netlink: 96 bytes leftover after parsing attributes in process `syz.4.1799'. [ 97.060990][ T8714] pim6reg: entered allmulticast mode [ 97.095819][ T8716] siw: device registration error -23 [ 97.103401][ T8723] syzkaller0: entered allmulticast mode [ 97.134344][ T8723] syzkaller0 (unregistering): left allmulticast mode [ 97.160469][ T8733] netlink: 28 bytes leftover after parsing attributes in process `syz.6.1808'. [ 97.175706][ T8733] netem: change failed [ 97.245193][ T8738] bridge0: entered promiscuous mode [ 97.257785][ T8741] loop5: detected capacity change from 0 to 1024 [ 97.259062][ T8738] bridge0: port 3(macsec1) entered blocking state [ 97.270591][ T8738] bridge0: port 3(macsec1) entered disabled state [ 97.290039][ T8738] macsec1: entered allmulticast mode [ 97.290422][ T8741] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 97.295413][ T8738] bridge0: entered allmulticast mode [ 97.312025][ T8738] macsec1: left allmulticast mode [ 97.317067][ T8738] bridge0: left allmulticast mode [ 97.323626][ T8741] EXT4-fs error (device loop5): ext4_map_blocks:814: inode #3: block 1: comm syz.5.1809: lblock 1 mapped to illegal pblock 1 (length 1) [ 97.338541][ T8741] EXT4-fs error (device loop5): ext4_acquire_dquot:6933: comm syz.5.1809: Failed to acquire dquot type 0 [ 97.351811][ T8741] EXT4-fs error (device loop5): ext4_free_blocks:6696: comm syz.5.1809: Freeing blocks not in datazone - block = 0, count = 4096 [ 97.365425][ T8738] bridge0: left promiscuous mode [ 97.365486][ T8741] EXT4-fs error (device loop5): ext4_read_inode_bitmap:139: comm syz.5.1809: Invalid inode bitmap blk 0 in block_group 0 [ 97.365550][ T8741] EXT4-fs error (device loop5) in ext4_free_inode:361: Corrupt filesystem [ 97.385535][ T4030] EXT4-fs error (device loop5): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:10: lblock 1 mapped to illegal pblock 1 (length 1) [ 97.410510][ T8741] EXT4-fs (loop5): 1 orphan inode deleted [ 97.417061][ T8741] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 97.433946][ T8750] loop6: detected capacity change from 0 to 1024 [ 97.446173][ T4030] EXT4-fs error (device loop5): ext4_release_dquot:6969: comm kworker/u8:10: Failed to release dquot type 0 [ 97.465936][ T8750] EXT4-fs: Ignoring removed orlov option [ 97.477705][ T8750] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 97.510813][ T5652] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 97.541644][ T8758] netlink: 'syz.5.1818': attribute type 1 has an invalid length. [ 97.550964][ T8760] rdma_rxe: rxe_newlink: failed to add syz_tun [ 97.568911][ T5969] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 97.582149][ T8762] siw: device registration error -23 [ 97.584993][ T8758] 8021q: adding VLAN 0 to HW filter on device bond0 [ 97.605256][ T8758] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1818'. [ 97.633398][ T8758] bond0 (unregistering): Released all slaves [ 97.642502][ T8772] loop6: detected capacity change from 0 to 128 [ 97.659614][ T8772] FAT-fs (loop6): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 97.689810][ T8768] pim6reg1: entered promiscuous mode [ 97.695161][ T8768] pim6reg1: entered allmulticast mode [ 97.710049][ T8772] FAT-fs (loop6): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 97.751584][ T4030] FAT-fs (loop6): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 97.930007][ T8811] loop6: detected capacity change from 0 to 164 [ 97.947377][ T8815] @: renamed from vlan0 [ 97.952437][ T8811] bio_check_eod: 309 callbacks suppressed [ 97.952450][ T8811] syz.6.1842: attempt to access beyond end of device [ 97.952450][ T8811] loop6: rw=524288, sector=263328, nr_sectors = 4 limit=164 [ 97.972937][ T8811] syz.6.1842: attempt to access beyond end of device [ 97.972937][ T8811] loop6: rw=0, sector=263328, nr_sectors = 4 limit=164 [ 98.088864][ T8835] loop5: detected capacity change from 0 to 1024 [ 98.101151][ T8835] EXT4-fs: Ignoring removed orlov option [ 98.113182][ T8835] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 98.149080][ T5652] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 98.203171][ T8862] veth0_vlan: entered allmulticast mode [ 98.209306][ T8862] veth0_vlan: left promiscuous mode [ 98.215638][ T8862] veth0_vlan: entered promiscuous mode [ 98.224218][ T8866] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 98.253373][ T8869] 9pnet: p9_errstr2errno: server reported unknown error [ 98.264418][ T8866] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 98.283366][ T8875] netlink: 96 bytes leftover after parsing attributes in process `syz.6.1872'. [ 98.327149][ T8882] netlink: 96 bytes leftover after parsing attributes in process `syz.6.1876'. [ 98.359176][ T8866] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 98.397204][ T8866] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 98.451008][ T4105] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.465508][ T4105] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.476286][ T4105] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.485286][ T4105] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.506208][ T8902] netlink: 'syz.1.1884': attribute type 1 has an invalid length. [ 98.522503][ T8902] 8021q: adding VLAN 0 to HW filter on device bond3 [ 98.536528][ T8902] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1884'. [ 98.547758][ T8902] bond3 (unregistering): Released all slaves [ 98.807742][ T8920] netlink: 96 bytes leftover after parsing attributes in process `syz.4.1890'. [ 99.182943][ T8932] bridge0: port 3(macsec1) entered blocking state [ 99.189432][ T8932] bridge0: port 3(macsec1) entered disabled state [ 99.197810][ T8932] macsec1: entered allmulticast mode [ 99.203172][ T8932] bridge0: entered allmulticast mode [ 99.234769][ T8932] macsec1: left allmulticast mode [ 99.239882][ T8932] bridge0: left allmulticast mode [ 99.249149][ T8946] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1904'. [ 99.262282][ T8945] ip6gre1: entered allmulticast mode [ 99.341691][ T8956] usb usb8: usbfs: process 8956 (syz.6.1908) did not claim interface 0 before use [ 99.396219][ T8967] pim6reg: entered allmulticast mode [ 99.734171][ T8999] veth0_vlan: entered allmulticast mode [ 99.742812][ T8999] veth0_vlan: left promiscuous mode [ 99.748767][ T8999] veth0_vlan: entered promiscuous mode [ 99.807044][ T9011] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=9011 comm=syz.4.1934 [ 99.847014][ T9013] ip6gre3: entered allmulticast mode [ 99.857892][ T9015] netlink: 96 bytes leftover after parsing attributes in process `syz.5.1933'. [ 100.054756][ T9023] ================================================================== [ 100.062864][ T9023] BUG: KCSAN: data-race in __bpf_get_stackid / bcmp [ 100.069470][ T9023] [ 100.071788][ T9023] write to 0xffff88810b8f1b48 of 112 bytes by task 7102 on cpu 1: [ 100.079592][ T9023] __bpf_get_stackid+0x761/0x800 [ 100.084553][ T9023] bpf_get_stackid+0xee/0x120 [ 100.089256][ T9023] bpf_get_stackid_raw_tp+0xf6/0x120 [ 100.094601][ T9023] bpf_prog_e6fc920cfeff8120+0x2a/0x32 [ 100.100086][ T9023] bpf_trace_run2+0x107/0x1c0 [ 100.104776][ T9023] __traceiter_kfree+0x2e/0x50 [ 100.109541][ T9023] kfree+0x27b/0x320 [ 100.113518][ T9023] vfree+0x295/0x3a0 [ 100.117410][ T9023] __bpf_prog_free+0x86/0xa0 [ 100.121992][ T9023] bpf_jit_free+0x273/0x2f0 [ 100.126477][ T9023] bpf_prog_free_deferred+0x418/0x460 [ 100.131832][ T9023] process_scheduled_works+0x4cb/0x9d0 [ 100.137294][ T9023] worker_thread+0x582/0x770 [ 100.141877][ T9023] kthread+0x489/0x510 [ 100.145930][ T9023] ret_from_fork+0xda/0x150 [ 100.150417][ T9023] ret_from_fork_asm+0x1a/0x30 [ 100.155172][ T9023] [ 100.157486][ T9023] read to 0xffff88810b8f1ba0 of 8 bytes by task 9023 on cpu 0: [ 100.165014][ T9023] bcmp+0x23/0x90 [ 100.168640][ T9023] __bpf_get_stackid+0x371/0x800 [ 100.173570][ T9023] bpf_get_stackid+0xee/0x120 [ 100.178242][ T9023] bpf_get_stackid_raw_tp+0xf6/0x120 [ 100.183515][ T9023] bpf_prog_e6fc920cfeff8120+0x2a/0x32 [ 100.188961][ T9023] bpf_trace_run2+0x107/0x1c0 [ 100.193626][ T9023] __traceiter_kfree+0x2e/0x50 [ 100.198374][ T9023] kfree+0x27b/0x320 [ 100.202256][ T9023] io_queue_deferred+0x1d0/0x220 [ 100.207188][ T9023] __io_submit_flush_completions+0x9f5/0xa00 [ 100.213164][ T9023] ctx_flush_and_put+0x9b/0x150 [ 100.218012][ T9023] io_handle_tw_list+0x1a9/0x1c0 [ 100.222948][ T9023] tctx_task_work_run+0x6d/0x1a0 [ 100.227886][ T9023] tctx_task_work+0x3f/0x80 [ 100.232391][ T9023] task_work_run+0x12e/0x1a0 [ 100.236969][ T9023] get_signal+0xe13/0xf70 [ 100.241297][ T9023] arch_do_signal_or_restart+0x96/0x480 [ 100.246834][ T9023] exit_to_user_mode_loop+0x7a/0x100 [ 100.252108][ T9023] do_syscall_64+0x1d6/0x200 [ 100.256686][ T9023] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 100.262571][ T9023] [ 100.264879][ T9023] value changed: 0xffffffff813e60ae -> 0xffffffff813ed4c9 [ 100.271965][ T9023] [ 100.274272][ T9023] Reported by Kernel Concurrency Sanitizer on: [ 100.280412][ T9023] CPU: 0 UID: 0 PID: 9023 Comm: syz.5.1940 Not tainted 6.17.0-rc1-syzkaller-00199-gdfd4b508c8c6 #0 PREEMPT(voluntary) [ 100.292807][ T9023] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 100.302850][ T9023] ==================================================================