last executing test programs: 2.154880224s ago: executing program 1 (id=3134): r0 = syz_open_dev$evdev(&(0x7f0000000140), 0x0, 0x0) syz_usb_disconnect(r0) syz_usb_connect(0x6, 0x24, &(0x7f0000000740)=ANY=[], 0x0) ioctl$EVIOCRMFF(r0, 0x40085503, &(0x7f0000000200)=0x6) 1.513628582s ago: executing program 0 (id=3158): r0 = socket(0x40000000015, 0x5, 0x0) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @loopback}, 0x10) bind$inet(r0, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57) sendmsg$xdp(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000900)='Z', 0xffaa}, {&(0x7f0000000040)="a3d7f3e8a9cf9e3887a6f6eca30e90d85fcfa281378973ab916b0e1d03bd28bca55c552da8cfecb0fbccbfb18ef20fe9541e0e1e8fa214cb6bb0455c2386f5ebb4730be449beb72f481c1429d6eb835b76fd1fdcacd50b884c98caa871ec4e225b6036b6ad2638ab5b06828c10fc355b170075f37b748b8f466fe29f40ec981d1431132bca9884654780b3205ed61f49c3b3b6229593e61d13a8505de19a8a0f502d4f3148f9450ed35ef5950bb7fefcf299beed14", 0xb5}], 0x2}, 0x0) 1.482009684s ago: executing program 0 (id=3159): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0x4, 0x5}, 0x50) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_BIND_MAP(0xa, &(0x7f0000000040)={r2}, 0xc) 1.422429137s ago: executing program 1 (id=3161): bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x3, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000000)={0xfffffffc}, 0x10}, 0x94) mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1) mbind(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x4003, &(0x7f0000000000)=0x7, 0x44, 0x0) mbind(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4003, &(0x7f0000000000)=0x2, 0x44, 0x0) 1.405832809s ago: executing program 0 (id=3165): perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x7, 0x8604, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x8, 0x6}, 0x0, 0x10000, 0x0, 0x6, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000008}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f00000000c0)={0x0, 0x1}, 0x8) sendto$inet6(r0, &(0x7f0000000140)="f4", 0x1, 0x0, &(0x7f0000000240)={0xa, 0x4e21, 0x0, @rand_addr=' \x01\x00'}, 0x1c) 1.334746912s ago: executing program 1 (id=3166): sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000440)=@newqdisc={0x24, 0x24, 0x400, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xfff3, 0x6}, {0x3}}}, 0x24}}, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=@newlink={0x50, 0x10, 0x401, 0x100, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x3c408}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @gretap={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GRE_IFLAGS={0x6, 0x2, 0x2020}]}}}, @IFLA_IFNAME={0x14, 0x3, 'nicvf0\x00'}]}, 0x50}, 0x1, 0x0, 0x0, 0x484c}, 0x0) sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x0) 1.294993084s ago: executing program 1 (id=3169): r0 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0) syz_usb_disconnect(r0) syz_usb_connect(0x2, 0x36, &(0x7f0000000000)=ANY=[], 0x0) ioctl$EVIOCRMFF(r0, 0x40085503, 0x0) 1.117516255s ago: executing program 4 (id=3177): r0 = semget(0x1, 0x4, 0x39c) semop(r0, &(0x7f0000000080)=[{0x1, 0x8001, 0x1000}], 0x1) semop(r0, &(0x7f0000000000)=[{0x3, 0xbbdd, 0x1000}, {0x2, 0x100, 0x800}], 0x2) semctl$SETALL(r0, 0x0, 0x11, &(0x7f0000000140)=[0x6, 0x7fff]) 544.534779ms ago: executing program 1 (id=3188): r0 = socket$nl_sock_diag(0x10, 0x3, 0x4) sendmsg$netlink(r0, 0x0, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="6000000002060300000000000000000007000000140007800800084000000010080012400000ffff0500010006000000050005000200000005000400010000000900020073797a310000000011000300686173683a69702c6d61726b00"], 0x60}, 0x1, 0x0, 0x0, 0x810}, 0x20004000) 528.15481ms ago: executing program 2 (id=3190): perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d2d, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x570000, 0x0, @perf_bp={0x0}, 0x4000, 0x578}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x5, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext={0x1}, 0x440}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f00000015c0)=ANY=[@ANYBLOB="b702000007000000bfa30000000000000703000000feffff7a0af0ff1100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010001011404000011000000b7030000000000006a0a00fe000000008500000032000000b700000001000000950000000000000075cdc4b57b0c65752a3ad50000007ddd0000cb450063dedba767ade51f7f1f66acd19100002000000000000000ff7f0000b52f17cee19d0001000000000000000000cb04fcbb4e4d0b9bafe3ba431351a58a885ba9918d37b056b9bbd11b6b9f6cf7db6d574620260000000000008062d77e85cef4a2ab938f65aac33c4d620de2c9b7dc10d7d313f9f57606b83b994fc4051ade12f41deff6df6a936b4ec3827c739bb39aad16cc75fe369258673b5df11cc2afb53611cc32a790bc0b80e80eae8f5e64be2c9d2d29db3d36dd0cf8f79a015c7bd3f15aa6aadbeab2a01685108e61aa00000000000000000000000000c67c6c6a06e828e5216f601b19db1af1b5d356d0f062137d866d11be4ba3f0151fdbbd4e97d62ecc645e143a60f10800000000000000826151e3b42bcae95239ef5ca2a730a00c87c493db0300e63fda97a296820000000001000000eecc952a3fd2c46f3c1cde71a19d1a2982492a210e00d2bfea3b8d188df2eff8d56aaae7d32a2e180022537395019f02ec4b85f6aad7faca088de9b26797a8446b16c28d85f225992dbdd5bb01ba51508951c7a7d6ca0916c3a12912715649c2b1c7192a4251b59d378d3f00000000000000665c8b7e89eddfc3783f6c9129a7c5f8ee5f50579e2f638f7eb12f63be72a3d81ab324d6e417b1c2cbfdcada0a16e31790e26cf19588a7e0496ee2782224cf30f810da86cf1a3204f4c9404f5d7321a4fefc4d1c9139ca4b65b99909950000006b42077ca60fdecb2717e21f8f187b1866108b6e8c71e2603217606637ece1fa89917e131f4034a8383e99c3568fd04201b37cd92ca6ebf94a2d8310f7032775cfd75652f87b039d5430b3c6643e9146d2478ce31344b554aca7670000000000000010c65608fda6ed5d08e7a796042aa127d874105787d0347aa37801faff5b9050803a19ff6205aa5c263e407a2f7de56f7a0000e094fa4e3f05528caab5a430c08dd810bc97204b767dd969721a26aa740000000000bc433fe2d0a6ef2a8a91cd3cb305aa80dadef8b0caca780000000000000000863e21db415a222bb1a7ab94bfe4a74157d794f9d0430c2c0eb563350559829865a3dd08fb31bd0801e09aa3ee45e61a56fc83076451cff7632e49a41eadb5044a0d5f73d6932161ae5e9ce218a35cd8e7b747887b1a74798982d0b492c3f0ff53189d80733eb04f8124877b648ff438f7d66c7efcc09a8f3330b6c22d14e80db8e5608bdeab9388b758a15f4ce70390c214bc6838798f5b9b0b500d4e8b5174f329b8501c6feb7a6982bcea74a0f2ced7fa2059234a8d10b7f0597151d5c9067d57d85f4ae933eaf5174ba122f3f702ef8695578d3c08562c9fc185f0f65d11b4c58ae52500cbe99cde3758a5cbe6093dd328ac820e2de309d25a324647aadffcecf0f3bbaeda7af4436d9ffbce1b240a2f5e346eba8812e6329e01b087bde7da4a6448f478102e90c8134f531de08d4cf4f6f35b15a202544c0ced0c1715fd3a90099f785a13a2412bedba2981dd22bd9d736c00000000000000000000000000000000eb6fec8d7d2f77f4d470a9caa5b1bfc00cd1d40830ac35f229f8ffe1c02a63d3c2d9"], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x2}, 0x8, 0x10, &(0x7f0000000100), 0x10}, 0x57) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x702, 0xe, 0x700, &(0x7f0000000540)="e460334470b8d480eb00c15286dd", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 500.033461ms ago: executing program 0 (id=3191): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000300)=@updpolicy={0xb8, 0x19, 0x1, 0xfffffffc, 0x0, {{@in=@dev={0xac, 0x14, 0x14, 0x2c}, @in6=@local, 0x4e22, 0x0, 0x4e24, 0x0, 0xa, 0x0, 0x60}, {0x0, 0x1000000000000401, 0xfffffffffffffffe, 0x40000000, 0x0, 0x1a, 0x1, 0xfffffffffffffffe}, {0x7a, 0x5, 0x0, 0x7fff}, 0x8, 0x0, 0x1, 0x0, 0x3}}, 0xb8}}, 0x8044) sendto$inet6(r0, &(0x7f0000000240)="c8", 0x1, 0x51, &(0x7f0000000080)={0xa, 0x3, 0x1, @dev={0xfe, 0x80, '\x00', 0x36}, 0x9}, 0x1c) 499.771171ms ago: executing program 1 (id=3192): r0 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0) syz_usb_disconnect(r0) syz_usb_connect(0x0, 0x24, &(0x7f0000000100)={{0x12, 0x1, 0x0, 0xdb, 0x9d, 0x1b, 0x8, 0x12d1, 0xfae2, 0x708b, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xff, 0x4, 0x1a}}]}}]}}, 0x0) ioctl$EVIOCRMFF(r0, 0x5501, 0x0) 455.746194ms ago: executing program 0 (id=3194): r0 = socket(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000003c0)=@newqdisc={0x24, 0x11, 0x1, 0x70bd2b, 0x25dfdbfb, {0x60, 0x0, 0x0, r2, {0x0, 0x9}, {0xffff, 0xffff}, {0x1, 0xe}}}, 0x24}, 0x1, 0x0, 0x0, 0x4000041}, 0x0) 346.71612ms ago: executing program 0 (id=3196): r0 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) recvmmsg(r0, &(0x7f00000057c0)=[{{0x0, 0x0, 0x0}, 0x23}], 0x1, 0x0, 0x0) syz_emit_ethernet(0x42, &(0x7f00000003c0)={@local, @local, @void, {@ipv6={0x86dd, @udp={0xa, 0x6, "6bbe4d", 0xc, 0x11, 0xff, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @mcast2, {[], {0x4e20, 0x4e20, 0xc, 0x0, @gue={{0x1, 0x1, 0x3, 0x6, 0x0, @void}}}}}}}}, 0x0) 332.227731ms ago: executing program 2 (id=3197): r0 = openat$selinux_policy(0xffffff9c, &(0x7f0000001040), 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r0, 0x0) r1 = socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$sock_buf(r1, 0x1, 0x1f, 0x0, &(0x7f0000001400)) 296.652213ms ago: executing program 2 (id=3198): sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000001001000001"], 0x18, 0x68000000}, 0x0) r0 = socket$kcm(0x21, 0x2, 0xa) sendmsg$kcm(r0, &(0x7f0000000080)={&(0x7f0000000100)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x4e23, 0x0, @private1}}, 0x80, 0x0, 0x0, &(0x7f0000000180)=ANY=[], 0x18, 0x68000000}, 0x80fe) sendmsg$kcm(r0, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=ANY=[], 0x18, 0x68000000}, 0x8044) 246.454356ms ago: executing program 2 (id=3200): unshare(0x20000400) r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb010018000000000000001c0000001c00000003000000010000000000000e0200000000000000000000000000000504000000002e"], 0x0, 0x37, 0x0, 0x1}, 0x28) r1 = bpf$MAP_CREATE(0xe4ffffff00000000, &(0x7f0000004440)=@base={0x14, 0x4, 0x4, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, r0, 0x2, 0x1}, 0x48) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000001740)={r1, &(0x7f0000001600), 0x0}, 0x20) 246.259886ms ago: executing program 4 (id=3201): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x20, 0x3, &(0x7f0000000200)=@framed, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x99ee}, 0x94) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000002380)={r0, 0x0, 0x2d, 0x0, @val=@netfilter={0x2, 0x4, 0x640, 0x1}}, 0x20) r1 = socket$kcm(0x2, 0x1000000000000002, 0x0) sendmsg$inet(r1, &(0x7f0000000380)={&(0x7f0000000080)={0x2, 0x4e1f, @multicast2=0xe0000001}, 0x10, 0x0, 0x0, &(0x7f0000000000)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0xe}, @multicast2}}}], 0x20}, 0x0) 214.485908ms ago: executing program 2 (id=3202): syz_mount_image$vfat(&(0x7f0000000300), &(0x7f00000003c0)='./file1\x00', 0x0, &(0x7f0000001300)=ANY=[@ANYBLOB='nonumtail=0,shortname=lower,shortname=mixed,utf8=1,iocharset=cp1251,nonumtail=0,rodir,shortname=win95,iocharset=utf8,check=relaxed,shortname=mixed,shortname=win95,errors=remount-ro,shortname=winnt,shortname=win95,uni_xlate=0,nonumtail=0,discard,nnonumtail=1,codepage=865,nonumtail=0,shortname=winnt,shortname=win95,Cscontext=unconfined_u,\x00'], 0x1, 0x384, &(0x7f0000002040)="$eJzs3U9rXFUUAPDTtPnT1GSyEEFFvNSNboYkfoEGaVEMKLEj1YXwaiY65DUTZobIFNHu3Lr1KxSX7gTxC2She3fusnHZReiTzJtp/jQmaJoZYn8/CPck957k3NyZx90MZ+fO9/fW19rVtawTYzdSjEXE2KOIuV5UutQfx3rxRBz0IN6q3PnjtY8++fT9peXlmysp3Vq6/fZiSmn29V+++vrH6792rn380+zPk7E999nOX4t/br+0/fLO49tfNtqp0U4bzU7K0t1ms5PdzetptdFer6b0YV7P2vXU2GjXW4fm1/Lm5mY3ZRurM9ObrXq7nbKNblqvd1OnmTqtbsq+yBobqVqtppnp4DS1hysr2VIZT52w7sawCuIctFpL2d57ePKpmdrDkRQEAIzUWe//E8/0/j8ez/D+Pz7kf+UFdPD+z//V3v1/ov/+Pcz9HwAAAAAAAAAAAAAALoJHRVEpiqIyGIvBh4T734+4PM7ZU+d/5GvU9XG+Dnxwbyoi/26rtlUrx3J+aS0akUc95qMSu3uPhYEyvvXe8s351DMXM/e+7eVf/y2idvlw/kJUYu74/IUyPz3Jj71xPKYP5i9GJV48Pn/x2PyJePONA/nVqMTvn0cz8ljtPd72879ZSOmdD5aP5E/21gEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwfKimgVej7Hu/VYu4Glv9/v3V/QVzh/vjz/bmn/TXn49K7B7fn3/+2P78V+KVKyPePAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD0tbv317M8r7eGFQx6/vd+MjEI/jnrUrn8wZGpqzHEmvO8LGK3cvZf+LgoivMqdWq4R3mWYDzipBMs+q+Ss/+tFyLihDWTETHUvf/wbrmz0R/BKcHwn0UAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwavtNv/9NVnH5/CoCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgFNrd++tZntdb/zG4FqevGfUeAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALpK/AwAA//+E9g0l") lsetxattr(0x0, &(0x7f0000000040)=ANY=[@ANYBLOB='b[rgs4}%.'], 0x0, 0x0, 0x3) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) 214.192128ms ago: executing program 3 (id=3203): mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x1c1) r0 = openat(0xffffffffffffff9c, &(0x7f00000013c0)='./file0/file0\x00', 0x42, 0x0) r1 = socket$unix(0x1, 0x5, 0x0) mount$9p_fd(0x0, &(0x7f00000001c0)='.\x00', &(0x7f00000002c0), 0x40, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 213.869208ms ago: executing program 3 (id=3204): perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x7, 0x8601, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x8, 0x40}, 0x10, 0x10000, 0x0, 0x6, 0x8, 0x20009, 0xb, 0x0, 0x0, 0x0, 0x101}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x1, 0x2, 0x3a0, 0x5}, 0x50) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000300)={0xffffffffffffffff, 0x0, &(0x7f0000000080), &(0x7f0000000240), 0x1800, r0}, 0x38) bpf$MAP_GET_NEXT_KEY(0x15, &(0x7f0000000640)={r0, &(0x7f0000000080), &(0x7f0000000540)=""/240}, 0x20) 155.002942ms ago: executing program 4 (id=3205): unshare(0x60400) r0 = syz_clone(0x80842111, 0x0, 0x0, 0x0, 0x0, 0x0) r1 = syz_pidfd_open(r0, 0x0) ioctl$F2FS_IOC_GET_FEATURES(r1, 0xff09, 0x0) 154.574021ms ago: executing program 4 (id=3206): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) setresuid(0xee00, 0x0, 0x0) prlimit64(0x0, 0xd, &(0x7f00000000c0)={0x200000000005, 0x8000000000200003}, 0x0) setpriority(0x2, 0x0, 0xffffffffffffffcd) 154.255031ms ago: executing program 3 (id=3207): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x37, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x1f, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000008c0)={r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8969, 0x0, 0x0, 0x3, 0x0, &(0x7f0000000480)="97d0dc", 0x1, 0x0, 0x3}, 0x50) 148.042292ms ago: executing program 2 (id=3208): mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2000006, 0x31, 0xffffffffffffffff, 0xd0fb8000) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000100)='./bus\x00', 0x410c84, &(0x7f0000000340), 0x1, 0x77f, &(0x7f0000000600)="$eJzs3c9rHFUcAPDvbJKmTauJIPjjFBA0ULoxNbYKHioeRLBQ0LPtstmGmk22ZDelCQEtIngRVDwIeunZH/Xm1R9X/S88iKVqWqx4kMhsZtpts5smbZKt7ucD07w3b7bvfffNvHm7M8wG0LNG038KEY9FxAdJxHC2PomIgWaqP+LY2nbXV5bL6ZLE6uprvyfNba6tLJej5TWp/Vnm0Yj4/t2Ig4X19dYXl2ZK1Wplfi3bFxFnx+uLS4fOzJamK9OVuSMTk5OHjz579Mj2xfrnT0sHLn/48lNfHfv7nUcuvf9DEsfiQFbWGsd2GY3R7D0ZSN/CW7y03ZV1WdLtBnBXCtnB1x/pGDAcfc0UAPB/9lZErAIAPSZx/geAHpN/D3BtZbmcL939RmJ3XXkxIvauxZ9f31wr6c+u2e1tXgcdupbccmUkiYiRbah/NCI+++aNL9Ildug6JEA7b1+IiFMjo+vH/2TdPQtb9fQGZXuyv6O3rTf+we75Np3/PNdu/le4Mf+JNvOfwTbH7t244/G/bxsq2UA6/3uh5d626y3xZ0b6stwDzTnfQHL6TLWSjm0PRsRYDAym+YkN6hi7+s/VTmWt878/Pnrz87T+9O/NLQq/9g/e+pqpUqN0LzG3unIh4vH+dvEnN/o/6TD/PbHJOl55/r1PO5Wl8afx5sv6+CO7O2lnrF6MeLJt/9+8oy1NjTdmO9yfON7cHcbznaKNr3/+ZKhT/a39ny5p/flngd2Q9v/QxvGPJK33a9bXjv2t+PHi8Hedyu4cf/v9f0/yejOdzyPOlxqN+YmIPcmr69cfvvnaPJ9vn8Y/9kT743+j/T/9THhqk/H3X/7tyw3j39/d/p/aUv+3S6SDdIeimVL10vWZvk71b67/J5upsWzNZsa/Ti29PXEv7x0AAAAAAAAAAAAAAAAAAAAAAAAAbFYhIg5EUijeSBcKxeLab3g/HEOFaq3eOHi6tjA3Fc3fyh6JgUL+qMvhluehTmTPw8/zh2/LPxMRD0XEx4P7kvw5ilNdjh0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcvs7/P5/6pfBbrcOANgxe7vdAABg1zn/A0Dvcf4HgN7j/A8Avcf5HwB6j/M/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAO+zE8ePpsvrXynI5zU+dW1yYqZ07NFWpzxRnF8rFcm3+bHG6VpuuVorl2uyd/r9qrXZ2MuYWzo83KvXGeH1x6eRsbWGucfLMbGm6crIysCtRAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDW1BeXZkrVamVe4i4Sq/dHM7qf6Mt2p/ulPbuaSO6PZmxzossDEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMB/xL8BAAD//7KsH7I=") r0 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0) pwritev2(r0, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0xfffffdd6}], 0x1, 0x9c00, 0x0, 0x3) 133.291543ms ago: executing program 4 (id=3209): r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000001740), 0x80000, 0x0) ioctl$RTC_UIE_ON(r0, 0x7003) ioctl$RTC_WKALM_SET(r0, 0x4028700f, &(0x7f0000000000)={0x1, 0x0, {0x14, 0xc, 0x11, 0x10, 0x4, 0xe80, 0x5, 0x40}}) ioctl$RTC_AIE_OFF(r0, 0x7002) 82.835065ms ago: executing program 3 (id=3210): sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)=@in6={0xa, 0x0, 0x0, @mcast1}, 0x80, 0x0, 0x0, 0x0, 0x5c8}, 0x0) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907009875f37538e486dd6317ce620300fe"], 0xfe1b) r0 = socket$kcm(0x10, 0x2, 0x0) write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="563f00001800599c6d0eab070004000523"], 0xfe33) 82.237466ms ago: executing program 3 (id=3211): r0 = syz_io_uring_setup(0x5ca0, &(0x7f00000000c0)={0x0, 0x79bf, 0x1, 0x8000, 0xc00251}, &(0x7f00000003c0)=0x0, &(0x7f0000000300)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000500)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x33, 0x4000, @fd_index=0x1, 0x5, 0x0, 0x0, 0x2, 0x1, {0x2}}) io_uring_enter(r0, 0x627, 0x4c1, 0x43, 0x0, 0x0) 69.324086ms ago: executing program 4 (id=3221): ioprio_set$pid(0x3, 0x0, 0x0) r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/rcu_normal', 0x143000, 0xb2) io_setup(0x3ff, &(0x7f0000000500)=0x0) io_submit(r1, 0x1, &(0x7f0000000300)=[&(0x7f0000000000)={0x0, 0x0, 0x8, 0x8, 0x1, r0, 0x0}]) 0s ago: executing program 3 (id=3212): perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x44, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40040, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x528, 0x0, @perf_bp={0x0, 0x1}, 0x4e4bf788868a65a8, 0x40000000, 0xd, 0x4, 0x200, 0x1ff, 0x1ff, 0x0, 0x0, 0x0, 0x400000000000007}, 0x0, 0x1, 0xffffffffffffffff, 0xb) mlockall(0x7) capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000000280)={0x0, 0x3, 0xffffefee, 0x4, 0x1, 0xcd}) mlock(&(0x7f000083c000/0x3000)=nil, 0x3000) kernel console output (not intermixed with test programs): P) [ 51.812424][ T5387] netlink: 'syz.2.835': attribute type 2 has an invalid length. [ 51.820135][ T5387] netlink: 128 bytes leftover after parsing attributes in process `syz.2.835'. [ 51.830473][ T5387] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check. [ 51.893703][ T5393] loop0: detected capacity change from 0 to 512 [ 51.904769][ T5393] EXT4-fs error (device loop0): ext4_orphan_get:1391: inode #15: comm syz.0.839: inode has both inline data and extents flags [ 51.919971][ T5393] EXT4-fs error (device loop0): ext4_orphan_get:1396: comm syz.0.839: couldn't read orphan inode 15 (err -117) [ 51.929424][ T5391] loop2: detected capacity change from 0 to 764 [ 51.938622][ T5393] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 51.967136][ T3316] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 51.994031][ T29] kauditd_printk_skb: 22 callbacks suppressed [ 51.994047][ T29] audit: type=1326 audit(1769730331.374:410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5390 comm="syz.2.838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43144daeb9 code=0x7ffc0000 [ 52.000284][ T29] audit: type=1326 audit(1769730331.374:412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5390 comm="syz.2.838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=235 compat=0 ip=0x7f43144daeb9 code=0x7ffc0000 [ 52.065558][ T5398] loop0: detected capacity change from 0 to 256 [ 52.077633][ T5391] Symlink component flag not implemented [ 52.082405][ T29] audit: type=1326 audit(1769730331.374:411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5390 comm="syz.2.838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43144daeb9 code=0x7ffc0000 [ 52.097668][ T5391] Symlink component flag not implemented (116) [ 52.106594][ T29] audit: type=1326 audit(1769730331.454:413): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5390 comm="syz.2.838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43144daeb9 code=0x7ffc0000 [ 52.107227][ T5398] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 52.154520][ T29] audit: type=1326 audit(1769730331.534:414): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5390 comm="syz.2.838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43144daeb9 code=0x7ffc0000 [ 52.177932][ T29] audit: type=1326 audit(1769730331.534:415): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5390 comm="syz.2.838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43144daeb9 code=0x7ffc0000 [ 52.201447][ T29] audit: type=1326 audit(1769730331.564:416): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5390 comm="syz.2.838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f43144daeb9 code=0x7ffc0000 [ 52.253794][ T29] audit: type=1326 audit(1769730331.634:417): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5390 comm="syz.2.838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f43144daeb9 code=0x7ffc0000 [ 52.306194][ T29] audit: type=1400 audit(1769730331.654:418): avc: denied { getopt } for pid=5402 comm="syz.0.846" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 52.357182][ T5417] loop4: detected capacity change from 0 to 1024 [ 52.368299][ T5419] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5419 comm=syz.2.851 [ 52.414394][ T5417] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 52.443287][ T5431] netlink: 12 bytes leftover after parsing attributes in process `syz.2.855'. [ 52.470842][ T5417] EXT4-fs error (device loop4): mb_free_blocks:2037: group 0, inode 18: block 241:freeing already freed block (bit 15); block bitmap corrupt. [ 52.552562][ T5443] : renamed from vlan0 (while UP) [ 52.558219][ T29] audit: type=1326 audit(1769730331.924:419): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5440 comm="syz.3.861" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9581c5aeb9 code=0x7ffc0000 [ 52.603993][ T3319] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 52.662388][ T5451] netlink: 12 bytes leftover after parsing attributes in process `syz.0.866'. [ 52.681857][ T5451] openvswitch: netlink: Key 0 has unexpected len 2 expected 0 [ 52.905458][ T5481] netlink: 12 bytes leftover after parsing attributes in process `syz.0.879'. [ 52.916785][ T5484] netlink: 20 bytes leftover after parsing attributes in process `syz.3.880'. [ 52.928823][ T5484] netlink: 152 bytes leftover after parsing attributes in process `syz.3.880'. [ 52.949121][ T5484] A link change request failed with some changes committed already. Interface macvlan1 may have been left with an inconsistent configuration, please check. [ 53.211075][ T5511] netlink: 12 bytes leftover after parsing attributes in process `syz.3.892'. [ 53.244978][ T5513] loop0: detected capacity change from 0 to 764 [ 53.278203][ T5513] rock: directory entry would overflow storage [ 53.284466][ T5513] rock: sig=0x4f50, size=4, remaining=3 [ 53.290026][ T5513] iso9660: Corrupted directory entry in block 6 of inode 1792 [ 53.319986][ T5515] loop3: detected capacity change from 0 to 4096 [ 53.351982][ T5515] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 53.380941][ T5515] EXT4-fs error (device loop3): ext4_do_update_inode:5617: inode #15: comm syz.3.894: corrupted inode contents [ 53.408125][ T5515] EXT4-fs error (device loop3): ext4_dirty_inode:6502: inode #15: comm syz.3.894: mark_inode_dirty error [ 53.434810][ T5515] EXT4-fs error (device loop3): ext4_do_update_inode:5617: inode #15: comm syz.3.894: corrupted inode contents [ 53.452750][ T5515] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #15: comm syz.3.894: mark_inode_dirty error [ 53.465109][ T5515] EXT4-fs error (device loop3): ext4_do_update_inode:5617: inode #15: comm syz.3.894: corrupted inode contents [ 53.479399][ T5515] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #15: comm syz.3.894: mark_inode_dirty error [ 53.497409][ T5515] EXT4-fs error (device loop3): ext4_do_update_inode:5617: inode #15: comm syz.3.894: corrupted inode contents [ 53.510636][ T5515] EXT4-fs error (device loop3): ext4_truncate:4635: inode #15: comm syz.3.894: mark_inode_dirty error [ 53.533148][ T5515] EXT4-fs error (device loop3) in ext4_setattr:6035: Corrupt filesystem [ 53.542338][ T5519] EXT4-fs error (device loop3): ext4_do_update_inode:5617: inode #15: comm syz.3.894: corrupted inode contents [ 53.576955][ T5525] buffer_io_error: 4 callbacks suppressed [ 53.576971][ T5525] Buffer I/O error on dev loop6, logical block 0, async page read [ 53.592244][ T5525] Buffer I/O error on dev loop6, logical block 0, async page read [ 53.600415][ T5525] loop6: unable to read partition table [ 53.606411][ T5525] loop_reread_partitions: partition scan of loop6 (Sj̖P=ý?}X %`ր5) failed (rc=-5) [ 53.607232][ T3326] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 53.619913][ T3303] Buffer I/O error on dev loop6, logical block 0, async page read [ 53.636486][ T3303] Buffer I/O error on dev loop6, logical block 0, async page read [ 53.645809][ T5525] Buffer I/O error on dev loop6, logical block 0, async page read [ 53.686996][ T5525] Buffer I/O error on dev loop6, logical block 0, async page read [ 53.694979][ T5525] loop6: unable to read partition table [ 53.700768][ T3303] Buffer I/O error on dev loop6, logical block 0, async page read [ 53.710778][ T3303] Buffer I/O error on dev loop6, logical block 0, async page read [ 53.718969][ T3303] Buffer I/O error on dev loop6, logical block 0, async page read [ 53.727423][ T3303] Buffer I/O error on dev loop6, logical block 0, async page read [ 53.987883][ T5556] sctp: [Deprecated]: syz.0.911 (pid 5556) Use of struct sctp_assoc_value in delayed_ack socket option. [ 53.987883][ T5556] Use struct sctp_sack_info instead [ 54.020299][ T5560] batadv1: entered promiscuous mode [ 54.264416][ T5581] usb usb9: usbfs: process 5581 (syz.2.922) did not claim interface 1 before use [ 54.391639][ T5590] netlink: 12 bytes leftover after parsing attributes in process `syz.2.926'. [ 54.438637][ T5597] batadv1: entered promiscuous mode [ 54.541736][ T5607] sctp: [Deprecated]: syz.3.934 (pid 5607) Use of int in max_burst socket option. [ 54.541736][ T5607] Use struct sctp_assoc_value instead [ 54.574837][ T5610] usb usb9: usbfs: process 5610 (syz.3.935) did not claim interface 1 before use [ 54.614527][ T5613] sock: sock_set_timeout: `syz.0.948' (pid 5613) tries to set negative timeout [ 54.616455][ T3303] loop6: unable to read partition table [ 54.631106][ T5615] loop6: unable to read partition table [ 54.637375][ T5615] loop_reread_partitions: partition scan of loop6 (Sj̖P=ý?}X %`ր5) failed (rc=-5) [ 54.669997][ T5615] loop6: unable to read partition table [ 54.715656][ T5626] program syz.3.944 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 54.819898][ T5634] sctp: [Deprecated]: syz.1.947 (pid 5634) Use of int in max_burst socket option. [ 54.819898][ T5634] Use struct sctp_assoc_value instead [ 54.853503][ T5636] netlink: 36 bytes leftover after parsing attributes in process `syz.3.950'. [ 54.865093][ T5636] netlink: 12 bytes leftover after parsing attributes in process `syz.3.950'. [ 54.996461][ T5649] loop6: unable to read partition table [ 55.009046][ T5649] loop_reread_partitions: partition scan of loop6 (Sj̖P=ý?}X %`ր5) failed (rc=-5) [ 55.053212][ T5649] loop6: unable to read partition table [ 55.263967][ T5670] msdos: Bad value for 'uid' [ 55.268614][ T5670] msdos: Bad value for 'uid' [ 56.091739][ T5760] set_capacity_and_notify: 6 callbacks suppressed [ 56.091757][ T5760] loop4: detected capacity change from 0 to 512 [ 56.163112][ T5760] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 56.217944][ T5760] ext4 filesystem being mounted at /154/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 56.295236][ T3319] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 56.469283][ T5795] netlink: 'syz.2.1022': attribute type 12 has an invalid length. [ 56.558365][ T5806] tipc: Started in network mode [ 56.564795][ T5806] tipc: Node identity 4246, cluster identity 4711 [ 56.571247][ T5806] tipc: Node number set to 16966 [ 56.630871][ T5812] loop3: detected capacity change from 0 to 512 [ 56.639864][ T5812] EXT4-fs error (device loop3): ext4_orphan_get:1391: inode #15: comm syz.3.1029: iget: bad i_size value: 38620345925642 [ 56.653348][ T5812] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.1029: couldn't read orphan inode 15 (err -117) [ 56.667471][ T5812] EXT4-fs (loop3): mounted filesystem 00000000-0000-00a1-0000-000000000000 r/w without journal. Quota mode: writeback. [ 56.698035][ T31] EXT4-fs error (device loop3): ext4_validate_block_bitmap:432: comm kworker/u8:1: bg 0: block 5: invalid block bitmap [ 56.730176][ T31] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 131075 with max blocks 1 with error 28 [ 56.743997][ T31] EXT4-fs (loop3): This should not happen!! Data will be lost [ 56.743997][ T31] [ 56.753675][ T31] EXT4-fs (loop3): Total free blocks count 0 [ 56.759672][ T31] EXT4-fs (loop3): Free/Dirty block details [ 56.765609][ T31] EXT4-fs (loop3): free_blocks=0 [ 56.770551][ T31] EXT4-fs (loop3): dirty_blocks=1 [ 56.776582][ T31] EXT4-fs (loop3): Block reservation details [ 56.782662][ T31] EXT4-fs (loop3): i_reserved_data_blocks=1 [ 56.789648][ T3326] EXT4-fs (loop3): unmounting filesystem 00000000-0000-00a1-0000-000000000000. [ 56.855020][ T5836] netlink: 'syz.1.1037': attribute type 12 has an invalid length. [ 56.954333][ T5849] tipc: Started in network mode [ 56.959242][ T5849] tipc: Node identity 4246, cluster identity 4711 [ 56.965725][ T5849] tipc: Node number set to 16966 [ 57.057446][ T5865] tap0: tun_chr_ioctl cmd 1074025677 [ 57.063143][ T5865] tap0: linktype set to 1 [ 57.114844][ T5872] program syz.0.1068 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 57.230408][ T5885] C: renamed from team_slave_0 (while UP) [ 57.243507][ T5885] netlink: 'syz.4.1063': attribute type 2 has an invalid length. [ 57.251272][ T5885] __nla_validate_parse: 7 callbacks suppressed [ 57.251286][ T5885] netlink: 128 bytes leftover after parsing attributes in process `syz.4.1063'. [ 57.273220][ T5885] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check. [ 57.383707][ T5903] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5903 comm=syz.3.1074 [ 57.598327][ T5925] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1085'. [ 57.608013][ T5925] openvswitch: netlink: Key 0 has unexpected len 2 expected 0 [ 57.833338][ T5947] loop2: detected capacity change from 0 to 4096 [ 57.856337][ T5947] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 57.890547][ T5947] EXT4-fs error (device loop2): ext4_do_update_inode:5617: inode #15: comm syz.2.1095: corrupted inode contents [ 57.916205][ T5957] can0: slcan on ttyS3. [ 57.931531][ T5947] EXT4-fs error (device loop2): ext4_dirty_inode:6502: inode #15: comm syz.2.1095: mark_inode_dirty error [ 57.944822][ T5947] EXT4-fs error (device loop2): ext4_do_update_inode:5617: inode #15: comm syz.2.1095: corrupted inode contents [ 57.957737][ T5947] EXT4-fs error (device loop2): __ext4_ext_dirty:206: inode #15: comm syz.2.1095: mark_inode_dirty error [ 57.970073][ T5957] can0 (unregistered): slcan off ttyS3. [ 57.978025][ T5947] EXT4-fs error (device loop2): ext4_do_update_inode:5617: inode #15: comm syz.2.1095: corrupted inode contents [ 57.990318][ T5957] Falling back ldisc for ttyS3. [ 57.995825][ T5947] EXT4-fs error (device loop2): __ext4_ext_dirty:206: inode #15: comm syz.2.1095: mark_inode_dirty error [ 58.013585][ T5947] EXT4-fs error (device loop2): ext4_do_update_inode:5617: inode #15: comm syz.2.1095: corrupted inode contents [ 58.037019][ T5947] EXT4-fs error (device loop2): ext4_truncate:4635: inode #15: comm syz.2.1095: mark_inode_dirty error [ 58.058670][ T5964] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1099'. [ 58.068139][ T5947] EXT4-fs error (device loop2) in ext4_setattr:6035: Corrupt filesystem [ 58.079541][ T5964] netlink: 152 bytes leftover after parsing attributes in process `syz.1.1099'. [ 58.090672][ T5964] A link change request failed with some changes committed already. Interface macvlan1 may have been left with an inconsistent configuration, please check. [ 58.116930][ T5960] EXT4-fs error (device loop2): ext4_do_update_inode:5617: inode #15: comm syz.2.1095: corrupted inode contents [ 58.144379][ T5973] can0: slcan on ttyS3. [ 58.180237][ T5981] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1103'. [ 58.207288][ T5981] openvswitch: netlink: Key 0 has unexpected len 2 expected 0 [ 58.216082][ T3312] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 58.225868][ T5973] can0 (unregistered): slcan off ttyS3. [ 58.239902][ T5973] Falling back ldisc for ttyS3. [ 58.335021][ T6001] loop3: detected capacity change from 0 to 128 [ 58.351500][ T6002] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1123'. [ 58.370035][ T6002] openvswitch: netlink: Key 0 has unexpected len 2 expected 0 [ 58.378238][ T6001] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100) [ 58.386211][ T6001] FAT-fs (loop3): Filesystem has been set read-only [ 58.434709][ T6010] usb usb9: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 58.442233][ T6010] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 58.462742][ T6001] bio_check_eod: 15904 callbacks suppressed [ 58.462762][ T6001] syz.3.1114: attempt to access beyond end of device [ 58.462762][ T6001] loop3: rw=8912896, sector=2065, nr_sectors = 8 limit=128 [ 58.491531][ T6001] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100) [ 58.499472][ T6001] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100) [ 58.508211][ T6001] syz.3.1114: attempt to access beyond end of device [ 58.508211][ T6001] loop3: rw=8388608, sector=2065, nr_sectors = 8 limit=128 [ 58.522844][ T6001] syz.3.1114: attempt to access beyond end of device [ 58.522844][ T6001] loop3: rw=8388608, sector=2065, nr_sectors = 8 limit=128 [ 58.544870][ T6001] syz.3.1114: attempt to access beyond end of device [ 58.544870][ T6001] loop3: rw=8388608, sector=2065, nr_sectors = 8 limit=128 [ 58.589624][ T6001] syz.3.1114: attempt to access beyond end of device [ 58.589624][ T6001] loop3: rw=8388608, sector=2065, nr_sectors = 8 limit=128 [ 58.617920][ T6027] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1118'. [ 58.632274][ T6027] netlink: 152 bytes leftover after parsing attributes in process `syz.4.1118'. [ 58.641991][ T6027] A link change request failed with some changes committed already. Interface macvlan1 may have been left with an inconsistent configuration, please check. [ 58.656846][ T6028] loop0: detected capacity change from 0 to 2048 [ 58.658015][ T6001] syz.3.1114: attempt to access beyond end of device [ 58.658015][ T6001] loop3: rw=8388608, sector=2065, nr_sectors = 8 limit=128 [ 58.706752][ T6001] syz.3.1114: attempt to access beyond end of device [ 58.706752][ T6001] loop3: rw=8388608, sector=2065, nr_sectors = 8 limit=128 [ 58.708559][ T6028] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 58.733853][ T6001] syz.3.1114: attempt to access beyond end of device [ 58.733853][ T6001] loop3: rw=8388608, sector=2065, nr_sectors = 8 limit=128 [ 58.733974][ T6001] syz.3.1114: attempt to access beyond end of device [ 58.733974][ T6001] loop3: rw=8388608, sector=2065, nr_sectors = 8 limit=128 [ 58.734017][ T6001] syz.3.1114: attempt to access beyond end of device [ 58.734017][ T6001] loop3: rw=8388608, sector=2065, nr_sectors = 8 limit=128 [ 58.904787][ T3316] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 58.958124][ T6055] loop0: detected capacity change from 0 to 512 [ 58.971795][ T6051] loop2: detected capacity change from 0 to 2048 [ 58.989758][ T6055] EXT4-fs: Ignoring removed mblk_io_submit option [ 59.031008][ T6051] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 59.053415][ T6055] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=885ec129, mo2=0006] [ 59.054964][ T6060] loop4: detected capacity change from 0 to 164 [ 59.061643][ T6055] EXT4-fs error (device loop0): ext4_read_inode_bitmap:139: comm syz.0.1136: Invalid inode bitmap blk 4 in block_group 0 [ 59.121282][ T6055] EXT4-fs (loop0): Remounting filesystem read-only [ 59.135632][ T6055] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 59.261429][ T3316] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 59.301667][ T3312] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 59.336653][ T6073] netlink: 'syz.2.1133': attribute type 12 has an invalid length. [ 59.345668][ T6073] netlink: 132 bytes leftover after parsing attributes in process `syz.2.1133'. [ 59.407779][ T6082] loop3: detected capacity change from 0 to 128 [ 59.434113][ T6082] FAT-fs (loop3): error, corrupted file size (i_pos 548, 512) [ 59.441653][ T6082] FAT-fs (loop3): Filesystem has been set read-only [ 59.462339][ T6082] FAT-fs (loop3): error, invalid FAT chain (i_pos 548, last_block 8) [ 59.495488][ T6091] loop4: detected capacity change from 0 to 512 [ 59.512311][ T6091] EXT4-fs: Ignoring removed mblk_io_submit option [ 59.542748][ T6091] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=885ec129, mo2=0006] [ 59.558678][ T6092] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 59.577823][ T6091] EXT4-fs error (device loop4): ext4_read_inode_bitmap:139: comm syz.4.1143: Invalid inode bitmap blk 4 in block_group 0 [ 59.591164][ T6091] EXT4-fs (loop4): Remounting filesystem read-only [ 59.598207][ T6091] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 59.647011][ T3319] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 59.666882][ T6106] netlink: 'syz.1.1149': attribute type 12 has an invalid length. [ 59.674770][ T6106] netlink: 132 bytes leftover after parsing attributes in process `syz.1.1149'. [ 59.689805][ T6098] buffer_io_error: 34 callbacks suppressed [ 59.689821][ T6098] Buffer I/O error on dev loop0, logical block 1711276063, async page read [ 59.722293][ T6098] Buffer I/O error on dev loop0, logical block 1711276063, async page read [ 59.817870][ T6117] FAT-fs (loop2): error, corrupted file size (i_pos 548, 512) [ 59.825586][ T6117] FAT-fs (loop2): Filesystem has been set read-only [ 59.834674][ T6117] FAT-fs (loop2): error, invalid FAT chain (i_pos 548, last_block 8) [ 60.184215][ T6153] FAT-fs (loop4): error, corrupted file size (i_pos 548, 512) [ 60.191744][ T6153] FAT-fs (loop4): Filesystem has been set read-only [ 60.202738][ T6153] FAT-fs (loop4): error, invalid FAT chain (i_pos 548, last_block 8) [ 60.297685][ T6167] Cannot find set identified by id 0 to match [ 60.337618][ T29] kauditd_printk_skb: 77 callbacks suppressed [ 60.337634][ T29] audit: type=1400 audit(1769730339.714:497): avc: denied { ioctl } for pid=6169 comm="syz.1.1176" path="socket:[13486]" dev="sockfs" ino=13486 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 60.376223][ T6172] netlink: 'syz.2.1178': attribute type 1 has an invalid length. [ 60.610777][ T6195] Cannot find set identified by id 0 to match [ 60.629842][ T29] audit: type=1400 audit(1769730340.004:498): avc: denied { watch_reads } for pid=6196 comm="syz.3.1190" path="/223" dev="tmpfs" ino=1170 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 60.668523][ T6202] netlink: 'syz.0.1192': attribute type 1 has an invalid length. [ 60.693650][ T29] audit: type=1326 audit(1769730340.074:499): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6204 comm="syz.2.1194" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43144daeb9 code=0x7ffc0000 [ 60.718605][ T29] audit: type=1326 audit(1769730340.074:500): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6204 comm="syz.2.1194" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43144daeb9 code=0x7ffc0000 [ 60.742038][ T29] audit: type=1326 audit(1769730340.074:501): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6204 comm="syz.2.1194" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43144daeb9 code=0x7ffc0000 [ 60.767035][ T29] audit: type=1326 audit(1769730340.074:502): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6204 comm="syz.2.1194" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f43144daeb9 code=0x7ffc0000 [ 60.792082][ T29] audit: type=1326 audit(1769730340.074:503): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6204 comm="syz.2.1194" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43144daeb9 code=0x7ffc0000 [ 60.817232][ T29] audit: type=1326 audit(1769730340.074:504): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6204 comm="syz.2.1194" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43144daeb9 code=0x7ffc0000 [ 60.840569][ T29] audit: type=1326 audit(1769730340.074:505): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6204 comm="syz.2.1194" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43144daeb9 code=0x7ffc0000 [ 60.865315][ T29] audit: type=1326 audit(1769730340.074:506): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6204 comm="syz.2.1194" exe="/root/syz-executor" sig=0 arch=c000003e syscall=311 compat=0 ip=0x7f43144daeb9 code=0x7ffc0000 [ 61.079613][ T6231] Cannot find set identified by id 0 to match [ 61.155361][ T6235] netlink: 'syz.3.1207': attribute type 1 has an invalid length. [ 61.242718][ T6239] set_capacity_and_notify: 5 callbacks suppressed [ 61.242732][ T6239] loop0: detected capacity change from 0 to 1024 [ 61.279446][ T6242] loop3: detected capacity change from 0 to 2048 [ 61.294263][ T6239] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 61.321231][ T6239] EXT4-fs error (device loop0): ext4_map_blocks:825: inode #3: block 1: comm syz.0.1210: lblock 1 mapped to illegal pblock 1 (length 1) [ 61.344488][ T6239] EXT4-fs error (device loop0): ext4_acquire_dquot:6986: comm syz.0.1210: Failed to acquire dquot type 0 [ 61.356841][ T6239] EXT4-fs error (device loop0): ext4_free_blocks:6728: comm syz.0.1210: Freeing blocks not in datazone - block = 0, count = 4096 [ 61.370685][ T6239] EXT4-fs error (device loop0): ext4_read_inode_bitmap:139: comm syz.0.1210: Invalid inode bitmap blk 0 in block_group 0 [ 61.384843][ T3448] EXT4-fs error (device loop0): ext4_map_blocks:783: inode #3: block 1: comm kworker/u8:7: lblock 1 mapped to illegal pblock 1 (length 1) [ 61.399578][ T6239] EXT4-fs error (device loop0) in ext4_free_inode:361: Corrupt filesystem [ 61.408313][ T6239] EXT4-fs (loop0): 1 orphan inode deleted [ 61.409833][ T3448] EXT4-fs error (device loop0): ext4_release_dquot:7022: comm kworker/u8:7: Failed to release dquot type 0 [ 61.428400][ T6239] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:483: comm syz.0.1210: Invalid block bitmap block 0 in block_group 0 [ 61.547694][ T6254] loop3: detected capacity change from 0 to 512 [ 61.606203][ T6254] ext4 filesystem being mounted at /235/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 61.632698][ T6254] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1306: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters [ 61.762133][ T6281] loop2: detected capacity change from 0 to 1024 [ 61.769415][ T6281] EXT4-fs: Ignoring removed bh option [ 61.785205][ T6281] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 61.809788][ T6281] EXT4-fs error (device loop2): ext4_map_blocks:825: inode #3: block 1: comm syz.2.1227: lblock 1 mapped to illegal pblock 1 (length 1) [ 61.853861][ T6281] EXT4-fs error (device loop2): ext4_acquire_dquot:6986: comm syz.2.1227: Failed to acquire dquot type 0 [ 61.887107][ T6281] EXT4-fs error (device loop2): ext4_free_blocks:6728: comm syz.2.1227: Freeing blocks not in datazone - block = 0, count = 4096 [ 61.931461][ T6281] EXT4-fs error (device loop2): ext4_read_inode_bitmap:139: comm syz.2.1227: Invalid inode bitmap blk 0 in block_group 0 [ 61.946025][ T3448] EXT4-fs error (device loop2): ext4_map_blocks:783: inode #3: block 1: comm kworker/u8:7: lblock 1 mapped to illegal pblock 1 (length 1) [ 61.960948][ T3448] EXT4-fs error (device loop2): ext4_release_dquot:7022: comm kworker/u8:7: Failed to release dquot type 0 [ 61.962228][ T6281] EXT4-fs error (device loop2) in ext4_free_inode:361: Corrupt filesystem [ 61.978092][ T6297] usb usb6: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 61.990017][ T6281] EXT4-fs (loop2): 1 orphan inode deleted [ 61.990343][ T6297] vhci_hcd vhci_hcd.2: invalid port number 96 [ 62.001956][ T6297] vhci_hcd vhci_hcd.2: default hub control req: 0300 vfffa i0060 l0 [ 62.015152][ T6281] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000. [ 62.060690][ T6303] loop0: detected capacity change from 0 to 128 [ 62.227548][ T6319] loop2: detected capacity change from 0 to 1024 [ 62.236964][ T6319] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 62.252513][ T6319] EXT4-fs error (device loop2): ext4_map_blocks:825: inode #3: block 1: comm syz.2.1244: lblock 1 mapped to illegal pblock 1 (length 1) [ 62.267829][ T6319] EXT4-fs error (device loop2): ext4_acquire_dquot:6986: comm syz.2.1244: Failed to acquire dquot type 0 [ 62.279487][ T6319] EXT4-fs error (device loop2): ext4_free_blocks:6728: comm syz.2.1244: Freeing blocks not in datazone - block = 0, count = 4096 [ 62.295364][ T6319] EXT4-fs error (device loop2): ext4_read_inode_bitmap:139: comm syz.2.1244: Invalid inode bitmap blk 0 in block_group 0 [ 62.308685][ T6319] EXT4-fs error (device loop2) in ext4_free_inode:361: Corrupt filesystem [ 62.317355][ T31] EXT4-fs error (device loop2): ext4_map_blocks:783: inode #3: block 1: comm kworker/u8:1: lblock 1 mapped to illegal pblock 1 (length 1) [ 62.317437][ T6319] EXT4-fs (loop2): 1 orphan inode deleted [ 62.333195][ T31] EXT4-fs error (device loop2): ext4_release_dquot:7022: comm kworker/u8:1: Failed to release dquot type 0 [ 62.355996][ T6319] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:483: comm syz.2.1244: Invalid block bitmap block 0 in block_group 0 [ 62.442801][ T6326] program syz.0.1256 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 62.484505][ T6330] loop0: detected capacity change from 0 to 1024 [ 62.496191][ T6330] EXT4-fs: Ignoring removed bh option [ 62.503779][ T6330] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 62.515291][ T6330] EXT4-fs error (device loop0): ext4_map_blocks:825: inode #3: block 1: comm syz.0.1247: lblock 1 mapped to illegal pblock 1 (length 1) [ 62.530335][ T6330] EXT4-fs error (device loop0): ext4_acquire_dquot:6986: comm syz.0.1247: Failed to acquire dquot type 0 [ 62.542292][ T6330] EXT4-fs error (device loop0): ext4_free_blocks:6728: comm syz.0.1247: Freeing blocks not in datazone - block = 0, count = 4096 [ 62.556721][ T6330] EXT4-fs error (device loop0): ext4_read_inode_bitmap:139: comm syz.0.1247: Invalid inode bitmap blk 0 in block_group 0 [ 62.569646][ T3448] EXT4-fs error (device loop0): ext4_map_blocks:783: inode #3: block 1: comm kworker/u8:7: lblock 1 mapped to illegal pblock 1 (length 1) [ 62.571442][ T6330] EXT4-fs error (device loop0) in ext4_free_inode:361: Corrupt filesystem [ 62.584044][ T3448] EXT4-fs error (device loop0): ext4_release_dquot:7022: comm kworker/u8:7: Failed to release dquot type 0 [ 62.595501][ T6330] EXT4-fs (loop0): 1 orphan inode deleted [ 62.625045][ T6330] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000. [ 62.796281][ T6355] loop3: detected capacity change from 0 to 1024 [ 62.809388][ T6351] program syz.2.1259 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 62.831553][ T6355] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 62.843100][ T6355] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 62.851233][ T6355] EXT4-fs (loop3): orphan cleanup on readonly fs [ 62.860149][ T6355] EXT4-fs error (device loop3): ext4_acquire_dquot:6986: comm syz.3.1261: Failed to acquire dquot type 0 [ 62.871675][ T6355] EXT4-fs error (device loop3): ext4_acquire_dquot:6986: comm syz.3.1261: Failed to acquire dquot type 0 [ 62.884675][ T6355] EXT4-fs error (device loop3): ext4_free_blocks:6728: comm syz.3.1261: Freeing blocks not in datazone - block = 0, count = 4096 [ 62.945791][ T6355] EXT4-fs error (device loop3): ext4_acquire_dquot:6986: comm syz.3.1261: Failed to acquire dquot type 0 [ 62.968393][ T6355] EXT4-fs (loop3): 1 orphan inode deleted [ 63.287149][ T6394] __nla_validate_parse: 16 callbacks suppressed [ 63.287167][ T6394] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1276'. [ 63.324330][ T6396] program syz.4.1277 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 63.334417][ T6385] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 63.349156][ T6385] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 63.403919][ T6404] loop0: detected capacity change from 0 to 764 [ 63.533125][ T6420] usb usb6: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 63.540440][ T6420] vhci_hcd vhci_hcd.2: invalid port number 96 [ 63.546603][ T6420] vhci_hcd vhci_hcd.2: default hub control req: 0300 vfffa i0060 l0 [ 63.894661][ T6425] program syz.3.1291 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 63.904069][ T6427] loop0: detected capacity change from 0 to 128 [ 64.049036][ T6447] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1301'. [ 64.151497][ T6458] program syz.0.1309 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 65.074631][ T6532] program syz.4.1338 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 65.381375][ T6559] EXT4-fs (loop3): 1 truncate cleaned up [ 65.399895][ T6559] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #13: comm syz.3.1353: invalid indirect mapped block 234881024 (level 0) [ 65.413939][ T6562] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm ext4lazyinit: bg 0: block 465: padding at end of block bitmap is not set [ 65.430210][ T6559] EXT4-fs (loop3): Remounting filesystem read-only [ 65.465634][ T6571] program syz.3.1354 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 65.480387][ T6570] EXT4-fs (loop4): 1 truncate cleaned up [ 65.490644][ T6570] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #13: comm syz.4.1368: invalid indirect mapped block 234881024 (level 0) [ 65.510080][ T6570] EXT4-fs (loop4): Remounting filesystem read-only [ 65.782536][ T6599] netlink: 'syz.2.1370': attribute type 1 has an invalid length. [ 65.790326][ T6599] netlink: 128 bytes leftover after parsing attributes in process `syz.2.1370'. [ 65.857871][ T6606] EXT4-fs (loop0): 1 truncate cleaned up [ 65.865677][ T6606] EXT4-fs mount: 19 callbacks suppressed [ 65.865688][ T6606] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 65.886339][ T6606] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #13: comm syz.0.1373: invalid indirect mapped block 234881024 (level 0) [ 65.901906][ T6606] EXT4-fs (loop0): Remounting filesystem read-only [ 65.916037][ T3316] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 66.482423][ T6624] netlink: 104 bytes leftover after parsing attributes in process `syz.3.1380'. [ 66.549414][ T6631] GUP no longer grows the stack in syz.1.1384 (6631): 200000004000-200000005000 (200000001000) [ 66.561309][ T6631] CPU: 0 UID: 0 PID: 6631 Comm: syz.1.1384 Not tainted syzkaller #0 PREEMPT(voluntary) [ 66.561346][ T6631] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 66.561362][ T6631] Call Trace: [ 66.561374][ T6631] [ 66.561452][ T6631] __dump_stack+0x1d/0x30 [ 66.561479][ T6631] dump_stack_lvl+0x95/0xd0 [ 66.561502][ T6631] dump_stack+0x15/0x1b [ 66.561525][ T6631] __get_user_pages+0x195b/0x1ea0 [ 66.561672][ T6631] ? __rcu_read_unlock+0x4e/0x70 [ 66.561715][ T6631] __gup_longterm_locked+0x8d7/0xe30 [ 66.561740][ T6631] ? __rcu_read_unlock+0x33/0x70 [ 66.561788][ T6631] ? try_get_folio+0x369/0x3b0 [ 66.561812][ T6631] ? try_grab_folio_fast+0xdc/0x370 [ 66.561836][ T6631] gup_fast_fallback+0x1f3/0x13c0 [ 66.561939][ T6631] get_user_pages_fast+0x5f/0x90 [ 66.561961][ T6631] __iov_iter_get_pages_alloc+0x24e/0x6f0 [ 66.561988][ T6631] ? __rcu_read_unlock+0x4e/0x70 [ 66.562024][ T6631] iov_iter_get_pages2+0x5e/0xa0 [ 66.562117][ T6631] __se_sys_vmsplice+0x538/0xf90 [ 66.562157][ T6631] __x64_sys_vmsplice+0x55/0x70 [ 66.562235][ T6631] x64_sys_call+0x2344/0x3000 [ 66.562267][ T6631] do_syscall_64+0xc0/0x2a0 [ 66.562414][ T6631] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 66.562438][ T6631] RIP: 0033:0x7f80e685aeb9 [ 66.562459][ T6631] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 66.562481][ T6631] RSP: 002b:00007f80e52b7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000116 [ 66.562506][ T6631] RAX: ffffffffffffffda RBX: 00007f80e6ad5fa0 RCX: 00007f80e685aeb9 [ 66.562533][ T6631] RDX: 0000000000000001 RSI: 0000200000000140 RDI: 0000000000000004 [ 66.562549][ T6631] RBP: 00007f80e68c8c1f R08: 0000000000000000 R09: 0000000000000000 [ 66.562565][ T6631] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 66.562579][ T6631] R13: 00007f80e6ad6038 R14: 00007f80e6ad5fa0 R15: 00007fff26437548 [ 66.562678][ T6631] [ 66.946574][ T29] kauditd_printk_skb: 25 callbacks suppressed [ 66.946590][ T29] audit: type=1400 audit(1769730346.324:514): avc: denied { name_connect } for pid=6643 comm="syz.1.1390" dest=256 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=sctp_socket permissive=1 [ 67.044218][ T29] audit: type=1400 audit(1769730346.424:515): avc: denied { write } for pid=6653 comm="syz.1.1395" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 67.104980][ T6658] netlink: 168 bytes leftover after parsing attributes in process `syz.1.1406'. [ 67.198491][ T29] audit: type=1400 audit(1769730346.574:516): avc: denied { setopt } for pid=6673 comm="syz.1.1404" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 67.236731][ T6678] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1407'. [ 67.245741][ T6678] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1407'. [ 67.286757][ T6685] netlink: 168 bytes leftover after parsing attributes in process `syz.4.1410'. [ 67.460461][ T6710] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1421'. [ 67.469445][ T6710] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1421'. [ 67.578262][ T29] audit: type=1326 audit(1769730346.954:517): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6723 comm="syz.4.1439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa921edaeb9 code=0x7ffc0000 [ 67.601731][ T29] audit: type=1326 audit(1769730346.954:518): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6723 comm="syz.4.1439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=206 compat=0 ip=0x7fa921edaeb9 code=0x7ffc0000 [ 67.625195][ T29] audit: type=1326 audit(1769730346.954:519): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6723 comm="syz.4.1439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa921edaeb9 code=0x7ffc0000 [ 67.648748][ T29] audit: type=1326 audit(1769730346.954:520): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6723 comm="syz.4.1439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=208 compat=0 ip=0x7fa921edaeb9 code=0x7ffc0000 [ 67.674642][ T29] audit: type=1326 audit(1769730346.974:521): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6723 comm="syz.4.1439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa921edaeb9 code=0x7ffc0000 [ 67.698091][ T29] audit: type=1326 audit(1769730346.984:522): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6723 comm="syz.4.1439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa921edaeb9 code=0x7ffc0000 [ 67.751710][ T6737] sctp: [Deprecated]: syz.1.1433 (pid 6737) Use of int in max_burst socket option deprecated. [ 67.751710][ T6737] Use struct sctp_assoc_value instead [ 67.770929][ T29] audit: type=1400 audit(1769730347.154:523): avc: denied { bind } for pid=6738 comm="syz.3.1434" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 67.905330][ T6751] netlink: 'syz.3.1442': attribute type 39 has an invalid length. [ 68.024748][ T6767] sctp: [Deprecated]: syz.4.1449 (pid 6767) Use of int in max_burst socket option deprecated. [ 68.024748][ T6767] Use struct sctp_assoc_value instead [ 68.757296][ T6796] sctp: [Deprecated]: syz.0.1463 (pid 6796) Use of int in max_burst socket option deprecated. [ 68.757296][ T6796] Use struct sctp_assoc_value instead [ 68.921066][ T6811] __nla_validate_parse: 3 callbacks suppressed [ 68.921080][ T6811] netlink: 56 bytes leftover after parsing attributes in process `syz.3.1471'. [ 68.940993][ T6811] vlan3: entered promiscuous mode [ 68.946285][ T6811] bond0: entered promiscuous mode [ 68.951418][ T6811] bond_slave_0: entered promiscuous mode [ 68.957415][ T6811] bond_slave_1: entered promiscuous mode [ 69.078304][ T6822] dvmrp6: entered allmulticast mode [ 69.085327][ T6824] netlink: 'syz.4.1476': attribute type 39 has an invalid length. [ 69.165730][ T6833] set_capacity_and_notify: 8 callbacks suppressed [ 69.165747][ T6833] loop3: detected capacity change from 0 to 128 [ 69.214071][ T6837] netlink: 56 bytes leftover after parsing attributes in process `syz.4.1483'. [ 69.226544][ T6837] vlan2: entered promiscuous mode [ 69.231617][ T6837] bond0: entered promiscuous mode [ 69.236796][ T6837] bond_slave_0: entered promiscuous mode [ 69.242647][ T6837] bond_slave_1: entered promiscuous mode [ 69.269989][ T6843] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1486'. [ 69.692420][ T6850] dvmrp6: entered allmulticast mode [ 70.039229][ T6861] loop0: detected capacity change from 0 to 128 [ 70.130315][ T6871] netlink: 136 bytes leftover after parsing attributes in process `syz.2.1498'. [ 70.139524][ T6871] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check. [ 70.301819][ T6891] netlink: 774 bytes leftover after parsing attributes in process `syz.2.1507'. [ 70.328766][ T6895] loop0: detected capacity change from 0 to 512 [ 70.354557][ T6895] EXT4-fs (loop0): 1 truncate cleaned up [ 70.364804][ T6899] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1511'. [ 70.375716][ T6895] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 70.395716][ T6895] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.1509: bg 0: block 465: padding at end of block bitmap is not set [ 70.410352][ T6895] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6689: Corrupt filesystem [ 70.419332][ T6895] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #13: comm syz.0.1509: invalid indirect mapped block 234881024 (level 0) [ 70.457507][ T3316] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 70.489053][ T6905] netlink: 136 bytes leftover after parsing attributes in process `syz.1.1514'. [ 70.498179][ T6905] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check. [ 70.601402][ T6921] netlink: 774 bytes leftover after parsing attributes in process `syz.0.1521'. [ 70.636474][ T6927] loop3: detected capacity change from 0 to 512 [ 70.647794][ T6927] EXT4-fs (loop3): 1 truncate cleaned up [ 70.660516][ T6927] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 70.679500][ T6927] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.1525: bg 0: block 465: padding at end of block bitmap is not set [ 70.694660][ T6927] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6689: Corrupt filesystem [ 70.712270][ T6927] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #13: comm syz.3.1525: invalid indirect mapped block 234881024 (level 0) [ 70.768577][ T3326] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 70.885224][ T6951] netlink: 136 bytes leftover after parsing attributes in process `syz.4.1533'. [ 70.894365][ T6951] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check. [ 70.956249][ T6959] netlink: 774 bytes leftover after parsing attributes in process `syz.3.1538'. [ 71.278509][ T7000] program syz.2.1557 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 71.327537][ T7006] bpf: Bad value for 'uid' [ 71.638682][ T7061] program syz.1.1587 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 71.772530][ T7083] sd 0:0:1:0: device reset [ 71.852271][ T7087] bridge0: port 2(bridge_slave_1) entered disabled state [ 71.958226][ T29] kauditd_printk_skb: 71 callbacks suppressed [ 71.958240][ T29] audit: type=1400 audit(1769730351.334:595): avc: denied { append } for pid=7107 comm="syz.3.1607" name="loop7" dev="devtmpfs" ino=107 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 72.003192][ T29] audit: type=1400 audit(1769730351.384:596): avc: denied { create } for pid=7110 comm="syz.3.1608" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 72.028000][ T7113] program syz.1.1609 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 72.093791][ T7121] program syz.0.1612 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 72.198767][ T29] audit: type=1400 audit(1769730351.574:597): avc: denied { write } for pid=7136 comm="syz.3.1623" name="file0" dev="tmpfs" ino=1736 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 72.221464][ T29] audit: type=1400 audit(1769730351.574:598): avc: denied { ioctl } for pid=7136 comm="syz.3.1623" path="/332/file0" dev="tmpfs" ino=1736 ioctlcmd=0x1274 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 72.390816][ T7149] program syz.3.1628 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 72.417329][ T29] audit: type=1400 audit(1769730351.794:599): avc: denied { getopt } for pid=7150 comm="syz.1.1630" lport=13 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 72.684970][ T7189] sd 0:0:1:0: device reset [ 72.699031][ T29] audit: type=1326 audit(1769730352.074:600): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7191 comm="syz.1.1650" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80e685aeb9 code=0x7ffc0000 [ 72.722533][ T29] audit: type=1326 audit(1769730352.074:601): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7191 comm="syz.1.1650" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80e685aeb9 code=0x7ffc0000 [ 72.746708][ T29] audit: type=1326 audit(1769730352.104:602): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7191 comm="syz.1.1650" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f80e685aeb9 code=0x7ffc0000 [ 72.784816][ T29] audit: type=1326 audit(1769730352.154:603): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7191 comm="syz.1.1650" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80e685aeb9 code=0x7ffc0000 [ 72.808221][ T29] audit: type=1326 audit(1769730352.154:604): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7191 comm="syz.1.1650" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80e685aeb9 code=0x7ffc0000 [ 72.950518][ T7221] bridge0: port 2(bridge_slave_1) entered disabled state [ 73.022012][ T7231] sd 0:0:1:0: device reset [ 73.113990][ T7241] bridge0: port 2(bridge_slave_1) entered disabled state [ 73.600110][ T7290] bpf: Bad value for 'uid' [ 73.667281][ T7297] loop3: detected capacity change from 0 to 512 [ 73.686647][ T7297] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 73.699412][ T7297] ext4 filesystem being mounted at /351/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 73.728552][ T7297] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1306: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters [ 73.749650][ T7297] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 1 with max blocks 16 with error 28 [ 73.762082][ T7297] EXT4-fs (loop3): This should not happen!! Data will be lost [ 73.762082][ T7297] [ 73.771723][ T7297] EXT4-fs (loop3): Total free blocks count 0 [ 73.777904][ T7297] EXT4-fs (loop3): Free/Dirty block details [ 73.783957][ T7297] EXT4-fs (loop3): free_blocks=65280 [ 73.789446][ T7297] EXT4-fs (loop3): dirty_blocks=16 [ 73.794782][ T7297] EXT4-fs (loop3): Block reservation details [ 73.800760][ T7297] EXT4-fs (loop3): i_reserved_data_blocks=16 [ 73.945051][ T3326] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 74.029396][ T7330] loop2: detected capacity change from 0 to 128 [ 74.333384][ T7354] loop3: detected capacity change from 0 to 128 [ 74.342961][ T7354] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 74.363987][ T7354] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 74.403580][ T31] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 74.814458][ T7378] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 74.823148][ T7378] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 75.198657][ T7395] netlink: 'syz.2.1738': attribute type 10 has an invalid length. [ 75.234953][ T7395] team0 (unregistering): Port device C removed [ 75.245581][ T7395] team0 (unregistering): Port device team_slave_1 removed [ 75.293306][ T7403] loop0: detected capacity change from 0 to 128 [ 75.323879][ T7403] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 75.372854][ T7403] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 75.429853][ T49] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 75.491203][ T7415] __nla_validate_parse: 9 callbacks suppressed [ 75.491222][ T7415] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1748'. [ 75.765593][ T7452] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1763'. [ 75.777190][ T7454] loop2: detected capacity change from 0 to 1024 [ 75.823136][ T7454] EXT4-fs (loop2): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 75.840794][ T7454] ext4 filesystem being mounted at /380/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 75.915957][ T3312] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 75.970162][ T7473] loop2: detected capacity change from 0 to 128 [ 75.993856][ T7473] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 76.028614][ T7473] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 76.164162][ T49] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 76.177322][ T7481] loop0: detected capacity change from 0 to 512 [ 76.241029][ T7490] netlink: 220 bytes leftover after parsing attributes in process `syz.3.1779'. [ 76.282984][ T7492] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1780'. [ 76.399459][ T7510] loop3: detected capacity change from 0 to 512 [ 76.465597][ T7516] loop3: detected capacity change from 0 to 128 [ 76.618606][ T7522] netlink: 220 bytes leftover after parsing attributes in process `syz.2.1794'. [ 76.823159][ T7552] netlink: 'syz.1.1811': attribute type 10 has an invalid length. [ 76.839795][ T7552] team0 (unregistering): Port device C removed [ 76.848251][ T7552] team0 (unregistering): Port device team_slave_1 removed [ 76.888287][ T7556] netlink: 220 bytes leftover after parsing attributes in process `syz.4.1812'. [ 76.923147][ T7558] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1813'. [ 77.071379][ T7585] netlink: 'syz.4.1824': attribute type 10 has an invalid length. [ 77.096094][ T7585] team0 (unregistering): Port device C removed [ 77.113000][ T7585] team0 (unregistering): Port device team_slave_1 removed [ 77.119410][ T7592] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1829'. [ 77.152658][ T29] kauditd_printk_skb: 39 callbacks suppressed [ 77.152673][ T29] audit: type=1400 audit(1769730356.534:644): avc: denied { connect } for pid=7595 comm="syz.2.1830" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 77.179181][ T29] audit: type=1400 audit(1769730356.534:645): avc: denied { write } for pid=7595 comm="syz.2.1830" path="socket:[17828]" dev="sockfs" ino=17828 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 77.369287][ T7623] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1844'. [ 77.468583][ T29] audit: type=1326 audit(1769730356.844:646): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7613 comm="syz.0.1840" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7efd288baeb9 code=0x0 [ 77.558802][ T29] audit: type=1326 audit(1769730356.934:647): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7638 comm="syz.1.1853" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80e685aeb9 code=0x7ffc0000 [ 77.582197][ T29] audit: type=1326 audit(1769730356.934:648): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7638 comm="syz.1.1853" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80e685aeb9 code=0x7ffc0000 [ 77.606167][ T7637] netlink: 'syz.0.1850': attribute type 10 has an invalid length. [ 77.608943][ T29] audit: type=1326 audit(1769730356.934:649): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7638 comm="syz.1.1853" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80e685aeb9 code=0x7ffc0000 [ 77.637347][ T29] audit: type=1326 audit(1769730356.934:650): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7638 comm="syz.1.1853" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80e685aeb9 code=0x7ffc0000 [ 77.660826][ T29] audit: type=1326 audit(1769730356.994:651): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7638 comm="syz.1.1853" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f80e685aeb9 code=0x7ffc0000 [ 77.684140][ T29] audit: type=1326 audit(1769730356.994:652): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7638 comm="syz.1.1853" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80e685aeb9 code=0x7ffc0000 [ 77.707482][ T29] audit: type=1326 audit(1769730356.994:653): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7638 comm="syz.1.1853" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80e685aeb9 code=0x7ffc0000 [ 77.782961][ T7637] team0 (unregistering): Port device C removed [ 77.798619][ T7637] team0 (unregistering): Port device team_slave_1 removed [ 77.914800][ T7662] bridge_slave_1: left allmulticast mode [ 77.920527][ T7662] bridge_slave_1: left promiscuous mode [ 77.927863][ T7662] bridge0: port 2(bridge_slave_1) entered disabled state [ 77.935798][ T7663] loop4: detected capacity change from 0 to 1024 [ 77.958598][ T7662] A link change request failed with some changes committed already. Interface bridge_slave_1 may have been left with an inconsistent configuration, please check. [ 77.990492][ T7663] EXT4-fs (loop4): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 78.022237][ T7663] ext4 filesystem being mounted at /300/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 78.087185][ T7657] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 78.090875][ T7682] loop2: detected capacity change from 0 to 128 [ 78.121401][ T7657] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 78.137377][ T3319] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 78.177972][ T7689] loop3: detected capacity change from 0 to 512 [ 78.238892][ T7689] EXT4-fs warning (device loop3): ext4_enable_quotas:7221: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 78.255219][ T7689] EXT4-fs (loop3): mount failed [ 78.333437][ T7701] EXT4-fs (loop2): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 78.353120][ T7701] ext4 filesystem being mounted at /404/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 78.354557][ T7708] tipc: Started in network mode [ 78.370489][ T7708] tipc: Node identity ac14140f, cluster identity 4711 [ 78.392747][ T7708] tipc: New replicast peer: 255.255.255.255 [ 78.398924][ T7708] tipc: Enabled bearer , priority 10 [ 78.408661][ T7708] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1880'. [ 78.412927][ T3312] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 78.418085][ T7708] tipc: Disabling bearer [ 78.647194][ T7734] EXT4-fs warning (device loop0): ext4_enable_quotas:7221: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 78.685242][ T7734] EXT4-fs (loop0): mount failed [ 79.256432][ T7797] EXT4-fs (loop0): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 79.290469][ T7797] ext4 filesystem being mounted at /380/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 79.376133][ T7808] netlink: 'syz.3.1923': attribute type 12 has an invalid length. [ 79.393556][ T3316] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 79.469321][ T7820] netlink: 'syz.4.1931': attribute type 9 has an invalid length. [ 79.621106][ T7844] netlink: 'syz.2.1941': attribute type 12 has an invalid length. [ 79.654336][ T7849] set_capacity_and_notify: 4 callbacks suppressed [ 79.654355][ T7849] loop2: detected capacity change from 0 to 512 [ 79.679765][ T7849] FAT-fs (loop2): error, clusters badly computed (1 != 0) [ 79.686988][ T7849] FAT-fs (loop2): Filesystem has been set read-only [ 79.804551][ T7860] loop4: detected capacity change from 0 to 1024 [ 79.811371][ T7860] EXT4-fs: Ignoring removed mblk_io_submit option [ 79.838024][ T7860] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 79.859366][ T7860] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 79.956990][ T3319] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 80.108852][ T7887] loop4: detected capacity change from 0 to 1024 [ 80.131185][ T7887] EXT4-fs: Ignoring removed bh option [ 80.174564][ T7887] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 80.205574][ T7887] EXT4-fs warning (device loop4): ext4_expand_extra_isize_ea:2858: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 80.244314][ T3319] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 80.564128][ T7917] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1976'. [ 80.617022][ T7919] loop3: detected capacity change from 0 to 512 [ 80.637835][ T7923] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1979'. [ 80.649602][ T7919] FAT-fs (loop3): error, clusters badly computed (1 != 0) [ 80.658145][ T7919] FAT-fs (loop3): Filesystem has been set read-only [ 80.690866][ T7923] bond1: option ad_actor_system: mode dependency failed, not supported in mode balance-rr(0) [ 80.716976][ T7923] bond1 (unregistering): Released all slaves [ 80.780019][ T7943] loop3: detected capacity change from 0 to 128 [ 80.801921][ T7943] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 80.834737][ T7943] ext4 filesystem being mounted at /420/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 81.002740][ T3326] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 81.059525][ T7964] loop2: detected capacity change from 0 to 1024 [ 81.102795][ T7964] EXT4-fs: Ignoring removed bh option [ 81.129413][ T7964] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 81.178061][ T3312] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 81.279435][ T7986] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 81.481180][ T8017] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2022'. [ 81.596799][ T8034] loop3: detected capacity change from 0 to 1024 [ 81.605431][ T8034] EXT4-fs: Ignoring removed bh option [ 81.646513][ T8034] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 81.679108][ T8050] loop2: detected capacity change from 0 to 512 [ 81.682635][ T8034] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4215: comm syz.3.2029: Allocating blocks 497-513 which overlap fs metadata [ 81.701926][ T8034] EXT4-fs (loop3): Remounting filesystem read-only [ 81.718647][ T8050] EXT4-fs: Ignoring removed nobh option [ 81.743439][ T8050] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 81.757169][ T8050] ext4 filesystem being mounted at /442/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 81.769653][ T3326] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 81.788681][ T3312] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 81.866988][ T8063] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2040'. [ 81.889781][ T8063] bond1: option ad_actor_system: mode dependency failed, not supported in mode balance-rr(0) [ 81.896449][ T8066] loop4: detected capacity change from 0 to 128 [ 81.907644][ T8063] bond1 (unregistering): Released all slaves [ 81.930573][ T8066] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 81.950876][ T8066] ext4 filesystem being mounted at /327/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 81.984432][ T3319] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 81.998623][ T8071] netlink: 182 bytes leftover after parsing attributes in process `syz.3.2044'. [ 82.277876][ T8098] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2 [ 82.292544][ T8100] sctp: [Deprecated]: syz.4.2056 (pid 8100) Use of int in max_burst socket option deprecated. [ 82.292544][ T8100] Use struct sctp_assoc_value instead [ 82.329399][ T8098] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2 [ 82.336505][ T8098] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2 [ 82.343356][ T8098] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2 [ 82.350069][ T8098] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2 [ 82.356826][ T8098] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2 [ 82.363640][ T8098] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2 [ 82.370407][ T8098] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2 [ 82.429726][ T8102] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2057'. [ 82.495137][ T8102] bond1: option ad_actor_system: mode dependency failed, not supported in mode balance-rr(0) [ 82.523436][ T8102] bond1 (unregistering): Released all slaves [ 82.703343][ T8113] loop2: detected capacity change from 0 to 128 [ 82.715779][ T8113] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 82.733308][ T8113] ext4 filesystem being mounted at /452/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 82.830195][ T3312] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 82.986825][ T8129] net_ratelimit: 3515 callbacks suppressed [ 82.986843][ T8129] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2 [ 82.999660][ T8129] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2 [ 83.006474][ T8129] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2 [ 83.013461][ T8129] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2 [ 83.020170][ T8129] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2 [ 83.026923][ T8129] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2 [ 83.033700][ T8129] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2 [ 83.040417][ T8129] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2 [ 83.047278][ T8129] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2 [ 83.054022][ T8129] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2 [ 83.090562][ T8145] program syz.3.2079 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 83.171484][ T29] kauditd_printk_skb: 26 callbacks suppressed [ 83.171499][ T29] audit: type=1400 audit(1769730362.544:678): avc: denied { listen } for pid=8152 comm="syz.2.2083" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1 [ 83.200541][ T29] audit: type=1400 audit(1769730362.574:679): avc: denied { accept } for pid=8152 comm="syz.2.2083" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1 [ 83.520541][ T8165] sctp: [Deprecated]: syz.0.2087 (pid 8165) Use of int in max_burst socket option deprecated. [ 83.520541][ T8165] Use struct sctp_assoc_value instead [ 84.027509][ T8188] sctp: [Deprecated]: syz.3.2099 (pid 8188) Use of int in max_burst socket option deprecated. [ 84.027509][ T8188] Use struct sctp_assoc_value instead [ 84.148780][ T29] audit: type=1400 audit(1769730363.524:680): avc: denied { bind } for pid=8192 comm="syz.3.2101" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 84.198868][ T8196] af_packet: tpacket_rcv: packet too big, clamped from 28 to 4294967272. macoff=96 [ 84.266573][ T8200] program syz.2.2104 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 84.680596][ T29] audit: type=1400 audit(1769730364.054:681): avc: denied { load_policy } for pid=8217 comm="syz.1.2113" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1 [ 84.680605][ T8219] SELinux: security policydb version 18 (MLS) not backwards compatible [ 84.729693][ T8219] SELinux: failed to load policy [ 84.767314][ T8226] netlink: 52 bytes leftover after parsing attributes in process `syz.0.2116'. [ 85.325843][ T8292] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2148'. [ 86.014800][ T8324] wireguard: wg1: Could not create IPv4 socket [ 86.077918][ T8330] netlink: 52 bytes leftover after parsing attributes in process `syz.2.2165'. [ 86.362385][ T8340] netdevsim netdevsim0: loading /lib/firmware/. failed with error -22 [ 86.370946][ T8340] netdevsim netdevsim0: Direct firmware load for . failed with error -22 [ 86.395587][ T8343] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2169'. [ 86.417516][ T8343] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2169'. [ 86.574607][ T8370] netdevsim netdevsim3: loading /lib/firmware/. failed with error -22 [ 86.582996][ T8370] netdevsim netdevsim3: Direct firmware load for . failed with error -22 [ 86.609131][ T8370] loop3: detected capacity change from 0 to 128 [ 86.626288][ T8380] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2188'. [ 86.639694][ T8370] FAT-fs (loop3): bogus number of reserved sectors [ 86.646485][ T8370] FAT-fs (loop3): This doesn't look like a DOS 1.x volume; DOS 2.x BPB is non-zero [ 86.653713][ T8384] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2192'. [ 86.657976][ T8370] FAT-fs (loop3): Can't find a valid FAT filesystem [ 86.677485][ T8385] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2188'. [ 86.709095][ T8389] wireguard: wg1: Could not create IPv4 socket [ 86.754645][ T8393] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2195'. [ 86.809952][ T8403] loop4: detected capacity change from 0 to 512 [ 86.844920][ T29] audit: type=1400 audit(1769730366.224:682): avc: denied { ioctl } for pid=8408 comm="syz.1.2205" path="socket:[20601]" dev="sockfs" ino=20601 ioctlcmd=0x8912 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 86.884226][ T8403] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 86.910040][ T29] audit: type=1400 audit(1769730366.284:683): avc: denied { remount } for pid=8402 comm="syz.4.2203" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 86.942348][ T8403] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 86.955623][ T8418] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2208'. [ 86.965454][ T8418] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2208'. [ 86.989106][ T8403] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 r/w. [ 87.022401][ T8426] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2211'. [ 87.054733][ T8427] netdevsim netdevsim1: loading /lib/firmware/. failed with error -22 [ 87.057236][ T3319] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 87.063073][ T8427] netdevsim netdevsim1: Direct firmware load for . failed with error -22 [ 87.074344][ T29] audit: type=1326 audit(1769730366.454:684): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8428 comm="syz.2.2212" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f43144daeb9 code=0x0 [ 87.256945][ T29] audit: type=1400 audit(1769730366.634:685): avc: denied { accept } for pid=8432 comm="syz.3.2224" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 88.165349][ T29] audit: type=1400 audit(1769730367.534:686): avc: denied { accept } for pid=8482 comm="syz.1.2235" path="socket:[21516]" dev="sockfs" ino=21516 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 88.209996][ T29] audit: type=1400 audit(1769730367.574:687): avc: denied { unmount } for pid=3312 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1 [ 88.261179][ T29] audit: type=1326 audit(1769730367.614:688): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8488 comm="syz.0.2236" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7efd288baeb9 code=0x0 [ 88.288064][ T8490] net_ratelimit: 3129 callbacks suppressed [ 88.288082][ T8490] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 88.311573][ T8495] netlink: 'syz.2.2242': attribute type 8 has an invalid length. [ 88.319537][ T8495] netem: change failed [ 88.685149][ T8538] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 88.801554][ T8556] netlink: 'syz.3.2269': attribute type 8 has an invalid length. [ 88.903046][ T8571] A link change request failed with some changes committed already. Interface sit0 may have been left with an inconsistent configuration, please check. [ 88.976588][ T29] audit: type=1400 audit(1769730368.344:689): avc: denied { mounton } for pid=8578 comm="syz.4.2278" path=2F3337372FE91F7189591E9233614B dev="tmpfs" ino=1956 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=sock_file permissive=1 [ 89.019106][ T8584] loop2: detected capacity change from 0 to 128 [ 89.030913][ T8584] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 89.044429][ T8584] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 89.274840][ T8609] loop3: detected capacity change from 0 to 1024 [ 89.283998][ T8609] EXT4-fs: inline encryption not supported [ 89.297888][ T8609] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 89.339146][ T8618] block device autoloading is deprecated and will be removed. [ 89.394211][ T3326] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 89.568147][ T8648] loop1: detected capacity change from 0 to 1024 [ 89.601686][ T8648] EXT4-fs: inline encryption not supported [ 89.716642][ T8648] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 89.769473][ T3311] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 89.801370][ T29] audit: type=1400 audit(1769730369.164:690): avc: denied { read } for pid=8668 comm="syz.0.2322" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 89.890552][ T8676] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 90.182565][ T8692] loop4: detected capacity change from 0 to 1024 [ 90.215422][ T8692] EXT4-fs: inline encryption not supported [ 90.217587][ T29] audit: type=1400 audit(1769730369.594:691): avc: denied { setattr } for pid=8696 comm="syz.1.2335" name="vcsa" dev="devtmpfs" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tty_device_t tclass=chr_file permissive=1 [ 90.246868][ T8699] loop3: detected capacity change from 0 to 128 [ 90.270595][ T8692] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 90.344651][ T3319] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 90.443400][ T8716] loop1: detected capacity change from 0 to 512 [ 90.497104][ T8729] loop2: detected capacity change from 0 to 128 [ 90.513346][ T8716] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 90.609267][ T8716] ext4 filesystem being mounted at /506/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 90.680015][ T3311] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 90.758931][ T8753] loop1: detected capacity change from 0 to 512 [ 90.790236][ T29] audit: type=1400 audit(1769730370.164:692): avc: denied { remount } for pid=8752 comm="syz.1.2358" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 90.824850][ T8751] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 91.142092][ T29] audit: type=1400 audit(1769730370.514:693): avc: denied { mount } for pid=8778 comm="syz.2.2371" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 91.629354][ T8821] set_capacity_and_notify: 2 callbacks suppressed [ 91.629370][ T8821] loop4: detected capacity change from 0 to 512 [ 91.657092][ T8821] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 91.692706][ T8821] ext4 filesystem being mounted at /391/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 91.732015][ T3319] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 91.761181][ T8836] wireguard0: entered promiscuous mode [ 91.768255][ T8836] wireguard0: entered allmulticast mode [ 91.801499][ T8841] loop4: detected capacity change from 0 to 512 [ 91.833879][ T8843] loop4: detected capacity change from 0 to 128 [ 91.848560][ T29] audit: type=1400 audit(1769730371.224:694): avc: denied { remount } for pid=8842 comm="syz.4.2398" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1 [ 91.951723][ T8854] loop3: detected capacity change from 0 to 128 [ 92.317947][ T8891] loop1: detected capacity change from 0 to 128 [ 92.330774][ T8891] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 92.347093][ T8891] ext4 filesystem being mounted at /517/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 92.381108][ T8891] EXT4-fs error (device loop1): htree_dirblock_to_tree:1080: inode #2: block 4: comm syz.1.2420: bad entry in directory: directory entry overrun - offset=1012, inode=128, rec_len=65544, size=1024 fake=0 [ 92.429270][ T3311] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 92.618144][ T8925] Process accounting resumed [ 92.703570][ C0] vxcan1: j1939_tp_rxtimer: 0xffff888119b0ca00: rx timeout, send abort [ 92.722668][ T29] audit: type=1400 audit(1769730372.104:695): avc: denied { read } for pid=2982 comm="syslogd" name="log" dev="sda1" ino=2010 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1 [ 92.745830][ T29] audit: type=1400 audit(1769730372.104:696): avc: denied { search } for pid=2982 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 93.198058][ T8941] loop4: detected capacity change from 0 to 1024 [ 93.205249][ T8941] EXT4-fs: inline encryption not supported [ 93.213487][ C0] vxcan1: j1939_tp_rxtimer: 0xffff888119b0ca00: abort rx timeout. Force session deactivation [ 93.247608][ T8941] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 93.325628][ T3319] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 93.366085][ T8961] 9pnet: Limiting 'msize' to 1048576 as this is the maximum supported by transport fd [ 93.471031][ T8970] __nla_validate_parse: 6 callbacks suppressed [ 93.471050][ T8970] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2456'. [ 93.534872][ T8977] loop3: detected capacity change from 0 to 128 [ 93.548019][ T8977] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 93.590335][ T8977] ext4 filesystem being mounted at /511/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 93.704513][ T8977] EXT4-fs error (device loop3): htree_dirblock_to_tree:1080: inode #2: block 4: comm syz.3.2459: bad entry in directory: directory entry overrun - offset=1012, inode=128, rec_len=65544, size=1024 fake=0 [ 93.739459][ T3326] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 93.793362][ T29] kauditd_printk_skb: 7 callbacks suppressed [ 93.793433][ T29] audit: type=1400 audit(1769730373.174:704): avc: denied { create } for pid=8990 comm="syz.1.2465" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1 [ 93.823489][ T29] audit: type=1400 audit(1769730373.174:705): avc: denied { ioctl } for pid=8990 comm="syz.1.2465" path="socket:[22285]" dev="sockfs" ino=22285 ioctlcmd=0x89e0 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1 [ 93.858598][ T8997] loop1: detected capacity change from 0 to 1024 [ 93.867825][ T8995] loop2: detected capacity change from 0 to 512 [ 93.869013][ T8997] EXT4-fs: Ignoring removed nomblk_io_submit option [ 93.885261][ T8995] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 93.900498][ T8997] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003] [ 93.910549][ T8997] System zones: 0-1, 3-36 [ 93.915812][ T8995] EXT4-fs (loop2): revision level too high, forcing read-only mode [ 93.924427][ T8995] EXT4-fs (loop2): orphan cleanup on readonly fs [ 93.931983][ T8997] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 93.948219][ T8995] EXT4-fs error (device loop2): ext4_do_update_inode:5617: inode #16: comm syz.2.2466: corrupted inode contents [ 93.965503][ T8995] EXT4-fs (loop2): Remounting filesystem read-only [ 93.972674][ T8995] EXT4-fs (loop2): 1 truncate cleaned up [ 93.978569][ T31] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 93.989150][ T31] Quota error (device loop2): write_blk: dquota write failed [ 93.996619][ T31] Quota error (device loop2): remove_free_dqentry: Can't write block (5) with free entries [ 94.006657][ T31] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 94.017293][ T31] Quota error (device loop2): write_blk: dquota write failed [ 94.024712][ T31] Quota error (device loop2): free_dqentry: Can't move quota data block (5) to free list [ 94.039150][ T31] EXT4-fs (loop2): Quota write (off=8, len=24) cancelled because transaction is not started [ 94.049519][ T31] Quota error (device loop2): v2_write_file_info: Can't write info structure [ 94.060997][ T31] Quota error (device loop2): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 94.108306][ T8995] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 94.153663][ T3311] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 94.178886][ T3312] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 94.278538][ T9034] loop3: detected capacity change from 0 to 1024 [ 94.301342][ T9039] netlink: 87 bytes leftover after parsing attributes in process `syz.0.2486'. [ 94.330105][ T9034] EXT4-fs: Ignoring removed orlov option [ 94.335897][ T9034] EXT4-fs: Ignoring removed nomblk_io_submit option [ 94.385645][ T9043] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #11: comm syz.1.2489: invalid indirect mapped block 4294967295 (level 1) [ 94.390732][ T9034] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 94.422109][ T9043] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #11: comm syz.1.2489: invalid indirect mapped block 4294967295 (level 1) [ 94.472349][ T3326] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 94.474554][ T9058] 9pnet: Limiting 'msize' to 1048576 as this is the maximum supported by transport fd [ 94.497293][ T9043] EXT4-fs (loop1): 2 truncates cleaned up [ 94.503575][ T9043] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 94.525692][ T9043] EXT4-fs (loop1): shut down requested (0) [ 94.576680][ T3311] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 94.771171][ T9091] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2509'. [ 94.845322][ T9095] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.2512: invalid indirect mapped block 4294967295 (level 1) [ 94.914983][ T9095] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.2512: invalid indirect mapped block 4294967295 (level 1) [ 94.929983][ T9101] EXT4-fs: inline encryption not supported [ 94.954367][ T9101] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 94.978706][ T9095] EXT4-fs (loop3): 2 truncates cleaned up [ 94.986956][ T9095] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 95.005478][ T9095] EXT4-fs (loop3): shut down requested (0) [ 95.028330][ T3326] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 95.159490][ T3311] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 95.190776][ T9119] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 95.219080][ T9119] EXT4-fs error (device loop4): ext4_xattr_inode_iget:441: inode #11: comm syz.4.2519: missing EA_INODE flag [ 95.263966][ T9119] EXT4-fs error (device loop4): ext4_xattr_inode_iget:446: comm syz.4.2519: error while reading EA inode 11 err=-117 [ 95.304946][ T9128] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 95.365960][ T9128] EXT4-fs (loop3): orphan cleanup on readonly fs [ 95.372893][ T9134] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2522'. [ 95.397790][ T9128] EXT4-fs error (device loop3): ext4_do_update_inode:5617: inode #16: comm syz.3.2521: corrupted inode contents [ 95.443574][ T9128] EXT4-fs (loop3): Remounting filesystem read-only [ 95.470527][ T9128] EXT4-fs (loop3): 1 truncate cleaned up [ 95.476314][ T3448] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 95.487160][ T3448] Quota error (device loop3): write_blk: dquota write failed [ 95.494682][ T3448] Quota error (device loop3): remove_free_dqentry: Can't write block (5) with free entries [ 95.506321][ T3448] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 95.534819][ T3448] EXT4-fs (loop3): Quota write (off=8, len=24) cancelled because transaction is not started [ 95.545743][ T9128] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 95.573203][ T9141] EXT4-fs: Ignoring removed nobh option [ 95.581322][ T9141] ------------[ cut here ]------------ [ 95.587032][ T9141] EA inode 11 i_nlink=1026 [ 95.587058][ T9141] WARNING: fs/ext4/xattr.c:1059 at ext4_xattr_inode_update_ref+0x313/0x350, CPU#1: syz.2.2525/9141 [ 95.602508][ T9141] Modules linked in: [ 95.606446][ T9141] CPU: 1 UID: 0 PID: 9141 Comm: syz.2.2525 Not tainted syzkaller #0 PREEMPT(voluntary) [ 95.616257][ T9141] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 95.626506][ T9141] RIP: 0010:ext4_xattr_inode_update_ref+0x332/0x350 [ 95.633205][ T9141] Code: c4 e7 9a ff 4c 8d 2d 5d 22 3e 05 49 8d 7e 40 e8 d4 d1 b6 ff 49 8b 6e 40 4c 89 e7 e8 08 cd b6 ff 41 8b 56 48 4c 89 ef 48 89 ee <67> 48 0f b9 3a e9 02 ff ff ff e8 1f d3 d0 03 66 66 66 66 66 66 2e [ 95.653546][ T9141] RSP: 0018:ffffc900016975a8 EFLAGS: 00010246 [ 95.659950][ T9141] RAX: ffff88811bfb0a90 RBX: ffff888100580ee0 RCX: ffffffff81be1808 [ 95.668067][ T9141] RDX: 0000000000000402 RSI: 000000000000000b RDI: ffffffff86fc3a50 [ 95.676198][ T9141] RBP: 000000000000000b R08: 0001888100580e93 R09: 0000000000000000 [ 95.684353][ T9141] R10: 0000000000000406 R11: 0000000000000002 R12: ffff888100580e90 [ 95.692442][ T9141] R13: ffffffff86fc3a50 R14: ffff888100580e48 R15: 0000000000000001 [ 95.700514][ T9141] FS: 00007f4312f376c0(0000) GS:ffff8882aec57000(0000) knlGS:0000000000000000 [ 95.709677][ T9141] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 95.716610][ T9141] CR2: 00007f43144c40c0 CR3: 0000000104318000 CR4: 00000000003506f0 [ 95.724798][ T9141] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000200000000300 [ 95.732854][ T9141] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 95.740833][ T9141] Call Trace: [ 95.744203][ T9141] [ 95.747141][ T9141] ext4_xattr_set_entry+0x77c/0x1010 [ 95.752486][ T9141] ext4_xattr_ibody_set+0x184/0x3c0 [ 95.757705][ T9141] ext4_expand_extra_isize_ea+0xd7b/0x11a0 [ 95.763630][ T9141] __ext4_expand_extra_isize+0x246/0x280 [ 95.769351][ T9141] __ext4_mark_inode_dirty+0x29d/0x3f0 [ 95.774894][ T9141] ext4_evict_inode+0x7c3/0xd40 [ 95.779781][ T9141] ? __pfx_ext4_evict_inode+0x10/0x10 [ 95.785218][ T9141] evict+0x2af/0x510 [ 95.789138][ T9141] ? __dquot_initialize+0x146/0x7c0 [ 95.794502][ T9141] iput+0x4b9/0x650 [ 95.798485][ T9141] ext4_process_orphan+0x1a9/0x1c0 [ 95.803682][ T9141] ext4_orphan_cleanup+0x6a8/0xa00 [ 95.808823][ T9141] ext4_fill_super+0x3476/0x3800 [ 95.814186][ T9141] ? set_blocksize+0x1a3/0x310 [ 95.819041][ T9141] ? setup_bdev_super+0x30e/0x370 [ 95.824112][ T9141] ? __pfx_ext4_fill_super+0x10/0x10 [ 95.829410][ T9141] get_tree_bdev_flags+0x291/0x300 [ 95.834558][ T9141] ? __pfx_ext4_fill_super+0x10/0x10 [ 95.840050][ T9141] get_tree_bdev+0x1f/0x30 [ 95.844535][ T9141] ext4_get_tree+0x1c/0x30 [ 95.849076][ T9141] vfs_get_tree+0x57/0x1d0 [ 95.853543][ T9141] do_new_mount+0x288/0x700 [ 95.858110][ T9141] path_mount+0x4d0/0xbc0 [ 95.862479][ T9141] ? user_path_at+0xbf/0x130 [ 95.867184][ T9141] __se_sys_mount+0x28c/0x2e0 [ 95.871921][ T9141] __x64_sys_mount+0x67/0x80 [ 95.876743][ T9141] x64_sys_call+0x2cca/0x3000 [ 95.881468][ T9141] do_syscall_64+0xc0/0x2a0 [ 95.886015][ T9141] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 95.892220][ T9141] RIP: 0033:0x7f43144dc14a [ 95.896663][ T9141] Code: 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 95.916761][ T9141] RSP: 002b:00007f4312f36e58 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 95.925201][ T9141] RAX: ffffffffffffffda RBX: 00007f4312f36ee0 RCX: 00007f43144dc14a [ 95.933559][ T9141] RDX: 0000200000000180 RSI: 0000200000000140 RDI: 00007f4312f36ea0 [ 95.941599][ T9141] RBP: 0000200000000180 R08: 00007f4312f36ee0 R09: 0000000000800718 [ 95.949580][ T9141] R10: 0000000000800718 R11: 0000000000000246 R12: 0000200000000140 [ 95.957583][ T9141] R13: 00007f4312f36ea0 R14: 00000000000004a3 R15: 0000200000000280 [ 95.965614][ T9141] [ 95.968658][ T9141] ---[ end trace 0000000000000000 ]--- [ 95.987496][ T3319] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 95.988346][ T9141] EXT4-fs (loop2): 1 orphan inode deleted [ 96.003400][ T9141] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 96.041424][ T3326] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 96.174636][ T3312] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 96.188400][ T9170] 9pnet: Limiting 'msize' to 1048576 as this is the maximum supported by transport fd [ 96.258161][ T9178] netlink: 87 bytes leftover after parsing attributes in process `syz.3.2538'. [ 96.281443][ T9183] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 96.285974][ T9186] program syz.0.2545 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 96.302023][ T9183] EXT4-fs (loop2): 1 truncate cleaned up [ 96.308640][ T9183] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 96.359301][ T3312] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 96.369398][ T9193] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2548'. [ 96.555732][ T9215] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 96.573368][ T9219] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2561'. [ 96.603345][ T3312] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 96.754243][ T9240] set_capacity_and_notify: 8 callbacks suppressed [ 96.754255][ T9240] loop3: detected capacity change from 0 to 512 [ 96.769215][ T9240] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 96.850694][ T9245] program syz.0.2573 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 96.911970][ T9251] syz_tun: entered allmulticast mode [ 96.926699][ T9253] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2577'. [ 96.936426][ T9251] syz_tun: left allmulticast mode [ 96.940863][ T12] bio_check_eod: 7259 callbacks suppressed [ 96.940880][ T12] kworker/u8:0: attempt to access beyond end of device [ 96.940880][ T12] loop3: rw=1, sector=2544, nr_sectors = 2048 limit=512 [ 96.963404][ T9253] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2577'. [ 96.976153][ T12] kworker/u8:0: attempt to access beyond end of device [ 96.976153][ T12] loop3: rw=1, sector=4592, nr_sectors = 3464 limit=512 [ 96.995232][ T12] kworker/u8:0: attempt to access beyond end of device [ 96.995232][ T12] loop3: rw=1, sector=8056, nr_sectors = 2048 limit=512 [ 97.014887][ T12] kworker/u8:0: attempt to access beyond end of device [ 97.014887][ T12] loop3: rw=1, sector=10104, nr_sectors = 3576 limit=512 [ 97.057484][ T12] kworker/u8:0: attempt to access beyond end of device [ 97.057484][ T12] loop3: rw=1, sector=13680, nr_sectors = 2912 limit=512 [ 97.076143][ T9263] loop2: detected capacity change from 0 to 512 [ 97.094072][ T9263] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem [ 97.130735][ T9263] EXT4-fs (loop2): 1 truncate cleaned up [ 97.141368][ T9263] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 97.193914][ T9263] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #13: comm syz.2.2583: invalid indirect mapped block 4294901760 (level 0) [ 97.247755][ T9263] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #13: comm syz.2.2583: invalid indirect mapped block 4294967295 (level 1) [ 97.339542][ T3312] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 97.490520][ T9301] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2597'. [ 97.609161][ T9320] bridge0: entered allmulticast mode [ 97.653781][ T9327] raw_sendmsg: syz.2.2610 forgot to set AF_INET. Fix it! [ 97.688165][ T9330] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=9330 comm=syz.3.2612 [ 97.770461][ T9339] batman_adv: batadv0: Adding interface: dummy0 [ 97.777556][ T9339] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 97.805198][ T9339] batman_adv: batadv0: Interface activated: dummy0 [ 97.852999][ T9351] netlink: 'syz.1.2622': attribute type 2 has an invalid length. [ 97.999727][ T9379] loop1: detected capacity change from 0 to 1024 [ 98.055473][ T9379] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 98.120766][ T3311] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 98.304624][ T9412] loop1: detected capacity change from 0 to 256 [ 98.335461][ T9412] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 98.917551][ T29] kauditd_printk_skb: 23 callbacks suppressed [ 98.917568][ T29] audit: type=1400 audit(1769730378.294:725): avc: denied { getopt } for pid=9440 comm="syz.4.2661" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 99.005423][ T9443] loop2: detected capacity change from 0 to 512 [ 99.057073][ T9443] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 99.193143][ T29] audit: type=1400 audit(1769730378.574:726): avc: denied { create } for pid=9457 comm="syz.4.2669" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=isdn_socket permissive=1 [ 99.229011][ T9461] __nla_validate_parse: 7 callbacks suppressed [ 99.229026][ T9461] netlink: 84 bytes leftover after parsing attributes in process `syz.4.2670'. [ 99.244512][ T29] audit: type=1400 audit(1769730378.574:727): avc: denied { accept } for pid=9449 comm="syz.2.2664" lport=55176 faddr=::ffff:100.1.1.2 fport=20001 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 99.569085][ T9495] loop1: detected capacity change from 0 to 512 [ 99.582805][ T9495] EXT4-fs (loop1): orphan cleanup on readonly fs [ 99.590118][ T9495] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.2686: bg 0: block 248: padding at end of block bitmap is not set [ 99.605659][ T9495] Quota error (device loop1): write_blk: dquota write failed [ 99.613178][ T9495] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota [ 99.623230][ T9495] EXT4-fs error (device loop1): ext4_acquire_dquot:6986: comm syz.1.2686: Failed to acquire dquot type 1 [ 99.635999][ T9495] EXT4-fs (loop1): 1 truncate cleaned up [ 99.642378][ T9495] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 99.656315][ T9495] EXT4-fs (loop1): warning: mounting fs with errors, running e2fsck is recommended [ 99.683325][ T9495] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 r/w. [ 99.691929][ T9495] ext4 filesystem being remounted at /568/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 99.704674][ T9495] Quota error (device loop1): write_blk: dquota write failed [ 99.712123][ T9495] Quota error (device loop1): qtree_write_dquot: Error -28 occurred while creating quota [ 99.721049][ T9502] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2688'. [ 99.722069][ T9495] EXT4-fs error (device loop1): ext4_acquire_dquot:6986: comm syz.1.2686: Failed to acquire dquot type 1 [ 99.731011][ T9502] netlink: 'syz.0.2688': attribute type 21 has an invalid length. [ 99.766710][ T3311] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 99.799070][ T9506] loop1: detected capacity change from 0 to 1024 [ 99.808906][ T9506] EXT4-fs: Ignoring removed orlov option [ 99.824474][ T9506] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a002c118, mo2=0002] [ 99.833210][ T9506] System zones: 0-1, 3-12 [ 99.839286][ T9506] EXT4-fs (loop1): mounted filesystem 00000000-0500-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 99.848821][ T9513] loop5: detected capacity change from 0 to 7 [ 99.859060][ T29] audit: type=1400 audit(1769730379.234:728): avc: denied { rmdir } for pid=9503 comm="syz.1.2689" name="control" dev="loop1" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1 [ 99.882014][ T3311] EXT4-fs (loop1): unmounting filesystem 00000000-0500-0000-0000-000000000000. [ 99.975382][ C0] invalid error, dev loop5, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 99.985512][ C0] Buffer I/O error on dev loop5, logical block 0, lost async page write [ 100.039151][ T29] audit: type=1400 audit(1769730379.414:729): avc: denied { bind } for pid=9524 comm="syz.1.2697" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 100.061574][ T9527] ieee802154 phy0 wpan0: encryption failed: -22 [ 100.102510][ T29] audit: type=1326 audit(1769730379.484:730): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9532 comm="syz.1.2700" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f80e685aeb9 code=0x0 [ 100.302295][ T9557] program syz.2.2714 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 100.443581][ T9577] loop4: detected capacity change from 0 to 512 [ 100.454738][ T3912] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 100.483827][ T9577] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 100.513037][ T9577] ext4 filesystem being mounted at /460/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 100.534953][ T3319] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 100.572207][ T9588] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2726'. [ 100.651676][ T9598] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2733'. [ 100.660716][ T9598] netlink: 'syz.3.2733': attribute type 21 has an invalid length. [ 100.735112][ T9607] loop3: detected capacity change from 0 to 1024 [ 100.744050][ T9607] EXT4-fs: Ignoring removed orlov option [ 100.763020][ T9607] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a002c118, mo2=0002] [ 100.771411][ T9607] System zones: 0-1, 3-12 [ 100.777921][ T9607] EXT4-fs (loop3): mounted filesystem 00000000-0500-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 100.806563][ T9614] EXT4-fs: Ignoring removed nomblk_io_submit option [ 100.815326][ T3326] EXT4-fs (loop3): unmounting filesystem 00000000-0500-0000-0000-000000000000. [ 100.825769][ T9614] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003] [ 100.834075][ T9614] System zones: 0-1, 3-36 [ 100.841016][ T9614] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 100.997502][ T3312] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 101.017927][ T9632] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2745'. [ 101.026042][ T9630] sctp: [Deprecated]: syz.1.2743 (pid 9630) Use of int in maxseg socket option. [ 101.026042][ T9630] Use struct sctp_assoc_value instead [ 101.027005][ T9632] netlink: 'syz.2.2745': attribute type 21 has an invalid length. [ 101.186426][ T9655] EXT4-fs: Ignoring removed nomblk_io_submit option [ 101.197824][ T9655] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003] [ 101.206304][ T9655] System zones: 0-1, 3-36 [ 101.211741][ T9655] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 101.240156][ T9660] netlink: 'syz.2.2758': attribute type 1 has an invalid length. [ 101.331974][ T3326] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 101.354782][ T9664] ieee802154 phy0 wpan0: encryption failed: -22 [ 101.364274][ T9662] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 101.410592][ T9668] EXT4-fs: Ignoring removed orlov option [ 101.416544][ T9668] EXT4-fs: Ignoring removed nomblk_io_submit option [ 101.436197][ T9662] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 101.472529][ T9668] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 101.506129][ T3326] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 101.510810][ T9682] EXT4-fs (loop2): orphan cleanup on readonly fs [ 101.523373][ T9682] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.2767: bg 0: block 248: padding at end of block bitmap is not set [ 101.544088][ T9682] EXT4-fs error (device loop2): ext4_acquire_dquot:6986: comm syz.2.2767: Failed to acquire dquot type 1 [ 101.556303][ T9682] EXT4-fs (loop2): 1 truncate cleaned up [ 101.558857][ T9662] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 101.581742][ T9682] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 101.614969][ T9682] EXT4-fs (loop2): warning: mounting fs with errors, running e2fsck is recommended [ 101.642160][ T9682] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 r/w. [ 101.651550][ T9662] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 101.655140][ T9682] ext4 filesystem being remounted at /580/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 101.672960][ T9696] EXT4-fs error (device loop2): ext4_acquire_dquot:6986: comm syz.2.2767: Failed to acquire dquot type 1 [ 101.704006][ T9700] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2773'. [ 101.722831][ T3312] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 101.727222][ T31] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.760899][ T31] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.780911][ T31] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.795287][ T31] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.825681][ T9712] program syz.0.2781 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 101.923707][ T9724] set_capacity_and_notify: 4 callbacks suppressed [ 101.923723][ T9724] loop1: detected capacity change from 0 to 1024 [ 101.941777][ T9724] EXT4-fs: inline encryption not supported [ 101.947983][ T9724] EXT4-fs: Ignoring removed nobh option [ 101.953615][ T9724] EXT4-fs: Ignoring removed bh option [ 101.967791][ T9724] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 101.991899][ T3311] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 102.090474][ T9746] netlink: 'syz.1.2793': attribute type 2 has an invalid length. [ 102.098346][ T9746] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2793'. [ 102.706314][ T9777] sctp: [Deprecated]: syz.3.2811 (pid 9777) Use of int in maxseg socket option. [ 102.706314][ T9777] Use struct sctp_assoc_value instead [ 102.799136][ T9783] netlink: 44 bytes leftover after parsing attributes in process `syz.3.2814'. [ 102.837721][ T9788] netlink: 'syz.0.2816': attribute type 1 has an invalid length. [ 102.999073][ T9803] sock: sock_set_timeout: `syz.3.2823' (pid 9803) tries to set negative timeout [ 103.122812][ T9811] random: crng reseeded on system resumption [ 103.270375][ T9827] netlink: 68 bytes leftover after parsing attributes in process `syz.3.2834'. [ 103.279502][ T9827] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2834'. [ 103.434387][ T9841] erspan0: entered promiscuous mode [ 103.478555][ T9845] netlink: 'syz.3.2843': attribute type 2 has an invalid length. [ 103.543890][ T9851] loop3: detected capacity change from 0 to 1024 [ 103.554623][ T9851] EXT4-fs: inline encryption not supported [ 103.560883][ T9851] EXT4-fs: Ignoring removed nobh option [ 103.566551][ T9851] EXT4-fs: Ignoring removed bh option [ 103.598021][ T9851] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 103.665182][ T3326] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 103.913346][ T9889] loop4: detected capacity change from 0 to 1024 [ 103.939195][ T9889] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 103.981095][ T3319] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 104.029161][ T29] kauditd_printk_skb: 4 callbacks suppressed [ 104.029210][ T29] audit: type=1326 audit(1769730383.404:731): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9896 comm="syz.4.2861" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa921edaeb9 code=0x0 [ 104.068259][ T9899] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 104.142569][ T9899] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 104.194199][ T9899] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 104.225030][ T9908] loop2: detected capacity change from 0 to 1024 [ 104.231837][ T9908] EXT4-fs: Ignoring removed orlov option [ 104.244994][ T9908] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 104.265488][ T9899] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 104.284600][ T3312] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 104.318031][ T3433] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 104.333900][ T3433] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 104.342967][ T3433] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 104.355812][ T3448] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 104.614767][ T9930] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=9930 comm=syz.0.2877 [ 104.973618][ T29] audit: type=1326 audit(1769730384.344:732): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9976 comm="syz.1.2900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80e685aeb9 code=0x7ffc0000 [ 104.997379][ T29] audit: type=1326 audit(1769730384.344:733): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9976 comm="syz.1.2900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80e685aeb9 code=0x7ffc0000 [ 105.020750][ T29] audit: type=1326 audit(1769730384.344:734): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9976 comm="syz.1.2900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80e685aeb9 code=0x7ffc0000 [ 105.045386][ T29] audit: type=1326 audit(1769730384.344:735): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9976 comm="syz.1.2900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80e685aeb9 code=0x7ffc0000 [ 105.071523][ T29] audit: type=1326 audit(1769730384.364:736): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9976 comm="syz.1.2900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f80e685aeb9 code=0x7ffc0000 [ 105.095070][ T29] audit: type=1326 audit(1769730384.444:737): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9976 comm="syz.1.2900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80e685aeb9 code=0x7ffc0000 [ 105.118500][ T29] audit: type=1326 audit(1769730384.444:738): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9976 comm="syz.1.2900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f80e685ac22 code=0x7ffc0000 [ 105.141681][ T29] audit: type=1326 audit(1769730384.444:739): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9976 comm="syz.1.2900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=10 compat=0 ip=0x7f80e685acb7 code=0x7ffc0000 [ 105.165237][ T29] audit: type=1326 audit(1769730384.444:740): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9976 comm="syz.1.2900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=14 compat=0 ip=0x7f80e6817c51 code=0x7ffc0000 [ 105.233799][ T9990] pimreg: entered allmulticast mode [ 105.247713][ T9990] pimreg: left allmulticast mode [ 105.262279][ T9990] dvmrp6: left allmulticast mode [ 105.884328][T10059] xt_hashlimit: size too large, truncated to 1048576 [ 106.069354][T10067] __nla_validate_parse: 5 callbacks suppressed [ 106.069370][T10067] netlink: 27 bytes leftover after parsing attributes in process `syz.4.2943'. [ 106.248267][T10077] loop4: detected capacity change from 0 to 1024 [ 106.255030][T10077] EXT4-fs: inline encryption not supported [ 106.260961][T10077] EXT4-fs: Ignoring removed bh option [ 106.267057][T10077] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 106.277832][T10077] EXT4-fs (loop4): orphan cleanup on readonly fs [ 106.284728][T10077] EXT4-fs error (device loop4): ext4_quota_enable:7177: comm syz.4.2947: inode #2304: comm syz.4.2947: iget: illegal inode # [ 106.298094][T10077] EXT4-fs (loop4): Remounting filesystem read-only [ 106.304712][T10077] EXT4-fs warning (device loop4): ext4_enable_quotas:7221: Failed to enable quota tracking (type=2, err=-117, ino=2304). Please run e2fsck to fix. [ 106.319831][T10077] EXT4-fs (loop4): Cannot turn on quotas: error -117 [ 106.326947][T10077] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 106.356352][ T3319] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 106.391131][T10088] loop4: detected capacity change from 0 to 1764 [ 106.429645][T10092] loop4: detected capacity change from 0 to 1024 [ 106.447850][T10092] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 106.471169][ T3319] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 106.506179][T10098] loop4: detected capacity change from 0 to 128 [ 106.515525][T10098] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 106.529556][T10098] ext4 filesystem being mounted at /513/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 106.571586][ T3319] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 106.588321][T10101] netlink: 52 bytes leftover after parsing attributes in process `syz.4.2957'. [ 106.629649][T10103] vhci_hcd vhci_hcd.0: invalid port number 65 [ 106.635944][T10103] vhci_hcd vhci_hcd.0: invalid port number 65 [ 106.823596][T10118] program syz.1.2964 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 106.959441][T10126] loop1: detected capacity change from 0 to 512 [ 106.970429][T10126] EXT4-fs error (device loop1): ext4_orphan_get:1391: inode #15: comm syz.1.2968: inode has both inline data and extents flags [ 106.991055][T10126] EXT4-fs error (device loop1): ext4_orphan_get:1396: comm syz.1.2968: couldn't read orphan inode 15 (err -117) [ 107.003915][T10126] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 107.054317][ T3311] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 107.077845][T10129] netlink: 64 bytes leftover after parsing attributes in process `syz.4.2969'. [ 107.108223][T10134] netlink: 'syz.1.2970': attribute type 5 has an invalid length. [ 107.155512][T10138] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2972'. [ 107.248545][T10157] netlink: 'syz.4.2981': attribute type 27 has an invalid length. [ 107.268806][T10161] loop2: detected capacity change from 0 to 128 [ 107.301601][T10164] program syz.4.2984 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 107.413671][T10182] netlink: 36 bytes leftover after parsing attributes in process `syz.0.2992'. [ 107.425877][T10185] loop2: detected capacity change from 0 to 128 [ 107.447404][T10187] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2995'. [ 107.617703][T10218] 9pnet: Limiting 'msize' to 1048576 as this is the maximum supported by transport fd [ 107.719630][T10229] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3009'. [ 107.760268][T10231] program syz.4.3011 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 107.800240][T10237] loop4: detected capacity change from 0 to 1024 [ 107.830401][T10237] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 107.878456][ T3319] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 107.914437][T10252] loop4: detected capacity change from 0 to 512 [ 107.925680][T10252] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem [ 107.936910][T10252] EXT4-fs (loop4): 1 truncate cleaned up [ 107.944024][T10252] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 107.976103][T10257] syz_tun: entered allmulticast mode [ 107.981867][T10257] syz_tun: left allmulticast mode [ 107.988156][T10252] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #13: comm syz.4.3019: invalid indirect mapped block 4294901760 (level 0) [ 108.012301][T10252] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #13: comm syz.4.3019: invalid indirect mapped block 4294967295 (level 1) [ 108.012601][T10261] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3023'. [ 108.051574][ T3319] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 108.065790][T10261] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3023'. [ 108.269847][T10286] can0: slcan on ptm0. [ 108.302289][T10285] can0 (unregistered): slcan off ptm0. [ 108.877357][T10364] loop1: detected capacity change from 0 to 1024 [ 108.903356][T10364] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 108.917782][T10364] EXT4-fs warning (device loop1): ext4_empty_dir:3097: inode #11: comm syz.1.3074: directory missing '..' [ 108.936252][ C0] vxcan1: j1939_tp_rxtimer: 0xffff88811a15b400: rx timeout, send abort [ 108.960864][ T3311] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 109.071205][T10391] loop2: detected capacity change from 0 to 512 [ 109.097112][T10395] tap0: tun_chr_ioctl cmd 35108 [ 109.141004][T10400] netlink: 40 bytes leftover after parsing attributes in process `syz.2.3090'. [ 109.207848][T10409] program syz.0.3093 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 109.258060][ T29] kauditd_printk_skb: 51 callbacks suppressed [ 109.258075][ T29] audit: type=1326 audit(1769730388.634:792): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10413 comm="syz.2.3096" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43144daeb9 code=0x7ffc0000 [ 109.329393][ T29] audit: type=1326 audit(1769730388.684:793): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10413 comm="syz.2.3096" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43144daeb9 code=0x7ffc0000 [ 109.354390][ T29] audit: type=1326 audit(1769730388.684:794): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10413 comm="syz.2.3096" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f43144daeb9 code=0x7ffc0000 [ 109.377941][ T29] audit: type=1326 audit(1769730388.684:795): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10413 comm="syz.2.3096" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43144daeb9 code=0x7ffc0000 [ 109.402675][ T29] audit: type=1326 audit(1769730388.684:796): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10413 comm="syz.2.3096" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43144daeb9 code=0x7ffc0000 [ 109.426076][ T29] audit: type=1326 audit(1769730388.694:797): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10413 comm="syz.2.3096" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f43144daeb9 code=0x7ffc0000 [ 109.451129][ C0] vxcan1: j1939_tp_rxtimer: 0xffff88811a15b400: abort rx timeout. Force session deactivation [ 109.461404][ T29] audit: type=1326 audit(1769730388.694:798): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10413 comm="syz.2.3096" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43144daeb9 code=0x7ffc0000 [ 109.486176][ T29] audit: type=1326 audit(1769730388.694:799): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10413 comm="syz.2.3096" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43144daeb9 code=0x7ffc0000 [ 109.509718][ T29] audit: type=1326 audit(1769730388.694:800): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10413 comm="syz.2.3096" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f43144daeb9 code=0x7ffc0000 [ 109.534534][ T29] audit: type=1326 audit(1769730388.694:801): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10413 comm="syz.2.3096" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43144daeb9 code=0x7ffc0000 [ 109.677951][T10431] loop3: detected capacity change from 0 to 512 [ 109.689287][T10431] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.3103: invalid indirect mapped block 4294967295 (level 1) [ 109.715777][T10431] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.3103: invalid indirect mapped block 4294967295 (level 1) [ 109.750664][T10431] EXT4-fs (loop3): 2 truncates cleaned up [ 109.757366][T10431] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 109.856423][ T3326] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 109.897995][T10454] loop3: detected capacity change from 0 to 1024 [ 109.918493][T10454] EXT4-fs: Ignoring removed orlov option [ 109.946188][T10454] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a803c118, mo2=0102] [ 109.964528][T10454] System zones: 0-1, 3-12 [ 109.969519][T10454] EXT4-fs (loop3): mounted filesystem 00000000-0500-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 110.072487][T10454] EXT4-fs error (device loop3): __ext4_remount:6789: comm syz.3.3112: Abort forced by user [ 110.117531][T10454] EXT4-fs (loop3): Remounting filesystem read-only [ 110.124177][T10454] EXT4-fs (loop3): re-mounted 00000000-0500-0000-0000-000000000000 ro. [ 110.128649][T10471] netlink: 'syz.1.3119': attribute type 5 has an invalid length. [ 110.187641][ T10] kernel write not supported for file /sg0 (pid: 10 comm: kworker/0:1) [ 110.196421][ T3326] EXT4-fs (loop3): unmounting filesystem 00000000-0500-0000-0000-000000000000. [ 110.702389][T10517] 9pnet_virtio: no channels available for device ./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa [ 110.704423][T10517] @0: renamed from bond_slave_1 (while UP) [ 110.816336][T10507] loop3: detected capacity change from 0 to 512 [ 110.833158][T10507] EXT4-fs error (device loop3): ext4_orphan_get:1417: comm syz.3.3132: bad orphan inode 15 [ 110.844542][T10507] ext4_test_bit(bit=14, block=5) = 0 [ 110.869129][T10507] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 110.913025][ T3326] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 110.965615][T10537] program syz.3.3146 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 111.247941][T10558] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 111.271557][T10558] EXT4-fs (loop2): resizing filesystem from 512 to 0 blocks [ 111.278998][T10558] EXT4-fs warning (device loop2): ext4_resize_fs:2042: can't shrink FS - resize aborted [ 111.380798][T10572] EXT4-fs: Ignoring removed mblk_io_submit option [ 111.383489][ T3312] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 111.387544][T10572] EXT4-fs: Ignoring removed nobh option [ 111.425224][T10572] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 111.479779][ T3319] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 111.512777][ T3399] IPVS: starting estimator thread 0... [ 111.512972][T10590] IPVS: sed: FWM 3 0x00000003 - no destination available [ 111.613755][T10591] IPVS: using max 2400 ests per chain, 120000 per kthread [ 111.713689][T10588] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 111.722246][T10588] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 112.016180][T10630] pimreg: entered allmulticast mode [ 112.022009][T10630] pimreg: left allmulticast mode [ 112.340815][T10644] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3194'. [ 112.501501][T10640] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 112.516475][T10640] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 112.556106][T10662] set_capacity_and_notify: 3 callbacks suppressed [ 112.556125][T10662] loop2: detected capacity change from 0 to 512 [ 112.587012][T10662] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 112.660487][T10678] netlink: 16186 bytes leftover after parsing attributes in process `syz.3.3210'. [ 112.677549][T10676] loop2: detected capacity change from 0 to 2048 [ 112.701498][T10676] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 112.835183][T10676] ================================================================== [ 112.843829][T10676] BUG: KCSAN: data-race in __xa_clear_mark / xas_find_marked [ 112.851200][T10676] [ 112.853509][T10676] read-write to 0xffff88810777f470 of 8 bytes by task 3448 on cpu 0: [ 112.861560][T10676] __xa_clear_mark+0xf5/0x1e0 [ 112.866449][T10676] __folio_end_writeback+0xf4/0x360 [ 112.871818][T10676] folio_end_writeback_no_dropbehind+0x6d/0x1d0 [ 112.878047][T10676] folio_end_writeback+0x1c/0x70 [ 112.883002][T10676] ext4_finish_bio+0x459/0x8b0 [ 112.887752][T10676] ext4_release_io_end+0x9f/0x1f0 [ 112.892766][T10676] ext4_end_io_end+0x18d/0x240 [ 112.897625][T10676] ext4_end_io_rsv_work+0x15b/0x1f0 [ 112.902805][T10676] process_scheduled_works+0x4cd/0x9d0 [ 112.908248][T10676] worker_thread+0x6bc/0x8b0 [ 112.912818][T10676] kthread+0x488/0x510 [ 112.916869][T10676] ret_from_fork+0x148/0x280 [ 112.921444][T10676] ret_from_fork_asm+0x1a/0x30 [ 112.926303][T10676] [ 112.928611][T10676] read to 0xffff88810777f470 of 8 bytes by task 10676 on cpu 1: [ 112.936301][T10676] xas_find_marked+0x213/0x620 [ 112.941143][T10676] filemap_get_folios_tag+0xfa/0x510 [ 112.946415][T10676] file_write_and_wait_range+0x20c/0x2f0 [ 112.952220][T10676] generic_buffers_fsync_noflush+0x45/0x130 [ 112.958134][T10676] ext4_sync_file+0x1aa/0x680 [ 112.962807][T10676] vfs_fsync_range+0x10d/0x130 [ 112.967639][T10676] ext4_buffered_write_iter+0x34f/0x3c0 [ 112.973172][T10676] ext4_file_write_iter+0xe1c/0xf70 [ 112.978357][T10676] do_iter_readv_writev+0x4fd/0x5a0 [ 112.983540][T10676] vfs_writev+0x2e1/0x900 [ 112.987875][T10676] __se_sys_pwritev2+0xfc/0x1c0 [ 112.992728][T10676] __x64_sys_pwritev2+0x67/0x80 [ 112.997576][T10676] x64_sys_call+0x2c9e/0x3000 [ 113.002250][T10676] do_syscall_64+0xc0/0x2a0 [ 113.006762][T10676] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 113.012640][T10676] [ 113.014958][T10676] value changed: 0xfffffffffffe0000 -> 0xfffffffffff00000 [ 113.022130][T10676] [ 113.024430][T10676] Reported by Kernel Concurrency Sanitizer on: [ 113.030570][T10676] CPU: 1 UID: 0 PID: 10676 Comm: syz.2.3208 Tainted: G W syzkaller #0 PREEMPT(voluntary) [ 113.041951][T10676] Tainted: [W]=WARN [ 113.045803][T10676] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 113.055906][T10676] ================================================================== [ 113.116040][ T3312] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.