last executing test programs: 35.849726257s ago: executing program 2 (id=2223): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10) syz_clone(0x6200, 0x0, 0x0, 0x0, 0x0, 0x0) 35.578050821s ago: executing program 2 (id=2231): bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000500000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10002, 0x9, 0x1}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r1, 0x2000002, 0xe, 0x0, &(0x7f0000000200)="df12c9f7b9a60000000000000000", 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50) 35.557071752s ago: executing program 2 (id=2232): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xb, &(0x7f0000000700)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='kfree\x00', r0, 0x0, 0xfffffffffffffffd}, 0x18) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000480), r1) sendmsg$NL80211_CMD_GET_WIPHY(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="59bb22bd7000000020001100000008002b01"], 0x28}}, 0x0) 35.512840882s ago: executing program 2 (id=2236): mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mount$bind(&(0x7f0000000440)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0) mount$bind(0x0, &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x20000, 0x0) open_tree(0xffffffffffffff9c, &(0x7f0000000080)='./file0/file0\x00', 0x89901) 35.495040792s ago: executing program 2 (id=2237): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x3, &(0x7f0000000280)=@framed={{0x18, 0x0, 0x0, 0x0, 0x660}}, &(0x7f0000000040)='GPL\x00', 0xc, 0x0, 0x0, 0x0, 0x28, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r0}, 0x10) r1 = socket$kcm(0x10, 0x2, 0x0) sendmsg$inet(r1, &(0x7f0000000080)={0x0, 0x9, &(0x7f0000000100)=[{&(0x7f00000001c0)="5c00000026006bab9a3fe3d86e17aa31106b876c1d0000007ea60864160af36504001a0038001d004231a0e69ee517d34460bc06000000a705251e6182949a3651f60a84c9f4d4938037e70e4509c5bb5b64f69853362ac3407173ec", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0) recvmsg(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001140)=[{&(0x7f0000001ac0)=""/4081, 0xff1}], 0x1}, 0x0) 35.194034327s ago: executing program 2 (id=2252): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000f80)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000007b00000095"], &(0x7f0000000140)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x10) r1 = socket$inet6(0xa, 0x800000000000002, 0x0) setsockopt$sock_linger(r1, 0x1, 0x3c, &(0x7f0000000180)={0x200000000000001}, 0x8) sendto$inet6(r1, 0x0, 0x5c4, 0x404c844, &(0x7f0000000540)={0x2, 0x4e24, 0x0, @local, 0x4000000}, 0x1c) 35.193954987s ago: executing program 32 (id=2252): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000f80)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000007b00000095"], &(0x7f0000000140)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x10) r1 = socket$inet6(0xa, 0x800000000000002, 0x0) setsockopt$sock_linger(r1, 0x1, 0x3c, &(0x7f0000000180)={0x200000000000001}, 0x8) sendto$inet6(r1, 0x0, 0x5c4, 0x404c844, &(0x7f0000000540)={0x2, 0x4e24, 0x0, @local, 0x4000000}, 0x1c) 2.598042649s ago: executing program 5 (id=3588): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000008da4b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0xf) r1 = socket$phonet_pipe(0x23, 0x5, 0x2) connect$phonet_pipe(r1, &(0x7f0000000040)={0x23, 0x0, 0x0, 0x1}, 0x10) ioctl$SIOCPNENABLEPIPE(r1, 0x89ed, 0x0) 2.517908341s ago: executing program 5 (id=3592): r0 = socket$inet_sctp(0x2, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(0xffffffffffffffff, 0x84, 0x6e, &(0x7f0000000000)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}}], 0x10) r1 = socket$inet(0x2, 0x80001, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000040)=0x8) getsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(r0, 0x84, 0x18, &(0x7f0000000040)={r2, 0x7}, &(0x7f0000000140)=0x8) 2.446137611s ago: executing program 5 (id=3605): r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4) sendto$inet(r0, &(0x7f0000000300)="0906c422e0243219ff7b440e76a1b51b82ba23599f81b52c9d4db4486cec105e4b9f0f859f8a43eef6352f1e46e3145089b6a22f618ca14e288029b613a329c422481c6b7aff6806bce699cea461ecf591d9018b2a1d84e389a8d3127fd35913fe69754435c2", 0xffffffffffffffbb, 0x40040011, 0x0, 0x0) 1.545946646s ago: executing program 5 (id=3620): r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000000040)=0x1, 0x4) setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000000c0)=0x1, 0x4) connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10) sendmmsg(r0, &(0x7f0000000640)=[{{0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000200)='$', 0x1}], 0x1}}], 0x1, 0x4004804) 1.524546966s ago: executing program 5 (id=3622): r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000940)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad1f50ad32d3fd25dfd73a015e0ca6a0f68a7d007f15451dfb265a0e3ccae669e173a64bc1cfd5587d452d64e7cc957d77578f4c25235138d5521f9453559c35da860e8efbc64e57cbb7aee976f2b54421eed73d5661ca3dbe74bd09de8793dbcceef76b2e5feecf9c66c54c3b3ffe1b4ce25d7c983c044c06cd0a48dfe3e26e7a23129d6606fd28a69989d552af6d9a9df2c3af36e0360050011bbecc2f4a3799af2551ce935b0f327cb3f011a7d06602e2fd5234712596b696418f163d1a13ed38ae82f87925bfacba83109753f541cd027edd68149ee99eebc6f7d6dd4aed4af7588c8e1b44ccb19e810879b70a7000000e7ffffff00000000d7900a820b63278f4e9a217b98ef7042ad2a92895614cd50cbe43a1ed25268816b00000000000009d27d753a30a147b24a48435bd8a568669596e9e0867958e1dd7a0defb6670c06054002238260000000000040587c1ed797aa21a38e1e389f640a0b8b0000000000a835ad0f61ba73c31b05c00fba8a4aee676d7c45bb29671a68ee2e60da7b01a2e5785a238afa4aba70c07fcd95bf8b0d71b6f72d6a8d87fb08533d97ad96d3943c4cc8306dac433a5cdf334178b04963d67dd5a5707e618a1ef9057fec00f9e930219fa8d30e716de8cde9c60f0000000c3b64d10f0939b42b788daa7075fa542242b00f6bf9b64ad460e386b6f388351fbdacb3ad074574ee9d450f9dcfaef1be95ff3c449e6482e4403174618c20e887d6f320616d31d78a0e5421d5742cc52509fd90cf2df6d1404f6b8f810d7b94d421971b77a3270153a0d57cccfe27872f3e8e44480f93c33421986a7737842627301fb2fee8cabab074adaa2024ff57e609ba2f4d83b3bbf52309484532416f48f43b31395c6f45fee8f1682a4e8d5e3b9ae634ed24fb0e8b5fadaf5cb7eea62b7bb4264e72950c9dc791d771acc24c08cdb6ef24c813d082a86d9b879bdf5aefdfd905a2bd4ea36b0b54915a68fe149db154a8340017e1855511e9c0fe62d0cf55"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x70) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10) ioctl$sock_bt_hci(r0, 0x800448d3, 0x0) bind$bt_hci(r0, &(0x7f0000000100)={0x1f, 0xffffffffffffffff, 0x3}, 0x6) 1.489027096s ago: executing program 5 (id=3624): r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x401c2, 0x0) ftruncate(r0, 0x8800000) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvmmsg(r2, &(0x7f00000006c0)=[{{0x0, 0x0, &(0x7f0000001e40)=[{&(0x7f0000000b80)=""/4096, 0x1000}, {&(0x7f0000001b80)=""/112, 0x70}], 0x2}}, {{&(0x7f0000000140)=@x25, 0x80, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/234, 0xea}, {&(0x7f0000000740)=""/219, 0xdb}, {&(0x7f00000003c0)=""/131, 0x83}, {&(0x7f0000000480)=""/168, 0xa8}, {&(0x7f0000000540)=""/248, 0xf8}], 0x5, &(0x7f0000000040)}, 0x6}], 0x40001b2, 0x712, 0x0) sendfile(r1, r0, 0x0, 0x578410eb) 862.998116ms ago: executing program 3 (id=3649): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000480)='kfree\x00', r1}, 0x10) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='setgroups\x00') close_range(r2, 0xffffffffffffffff, 0x0) 801.972117ms ago: executing program 3 (id=3640): perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x36, 0x1, 0x0, 0x0, 0x0, 0x7, 0x400, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0xd}, 0x0, 0x10000, 0x0, 0x1, 0x4, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x2) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_calipso(&(0x7f0000000ac0), r1) sendmsg$NLBL_CALIPSO_C_ADD(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000280)={0x24, r2, 0x1, 0x70bd2a, 0x25dfdbfb, {}, [@NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x2}, @NLBL_CALIPSO_A_MTYPE={0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x10) 675.365929ms ago: executing program 3 (id=3643): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400a685b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x1, 0x0, 0x0, 0x40f00, 0x49, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc9ffb}]}) ustat(0x9, &(0x7f0000000000)) 674.622829ms ago: executing program 3 (id=3644): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0, 0x0, 0xfffffffffffffffd}, 0x18) r1 = syz_open_dev$usbfs(&(0x7f0000003f00), 0x1ff, 0xa401) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$USBDEVFS_SUBMITURB(r2, 0x8038550a, &(0x7f0000000140)=@urb_type_control={0x2, {}, 0x0, 0xa0, &(0x7f0000000480)={0x2, 0x17, 0x6, 0x6}, 0x8, 0x0, 0x0, 0x0, 0x2002, 0x0, 0x0}) 644.65854ms ago: executing program 1 (id=3645): perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x64, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2, @perf_config_ext={0x8, 0x6}, 0x0, 0x0, 0x800000, 0x0, 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x2) readv(r0, &(0x7f0000000000)=[{&(0x7f0000001300)=""/244, 0x940}], 0x1) ioctl$TIOCVHANGUP(r0, 0x5437, 0x0) 613.86767ms ago: executing program 3 (id=3646): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0) remap_file_pages(&(0x7f00005fd000/0x4000)=nil, 0x4000, 0x0, 0x5, 0x20000) mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x2) mbind(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x4003, &(0x7f0000000c00)=0xc, 0x6, 0x2) mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0) 524.961781ms ago: executing program 1 (id=3651): munmap(&(0x7f0000002000/0x1000)=nil, 0x1000) r0 = syz_io_uring_setup(0x3ac6, &(0x7f00000001c0)={0x0, 0xfffffffd, 0x10100, 0x4, 0x37c}, &(0x7f0000000080)=0x0, &(0x7f0000000100)=0x0) socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000380)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r3, 0x0, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, &(0x7f0000002640)=ANY=[], 0x1c48}, 0x0, 0xe3d08660d3cd4684}) io_uring_enter(r0, 0x92, 0x0, 0x0, 0x0, 0x0) 474.285482ms ago: executing program 4 (id=3652): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x18, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10) r2 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffe) keyctl$KEYCTL_MOVE(0x1e, r2, 0xfffffffffffffffe, r2, 0x1) 474.081252ms ago: executing program 1 (id=3653): r0 = syz_open_dev$sg(&(0x7f00000002c0), 0x0, 0x2000) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0500000004000000990000000b"], 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10) ioctl$SG_SET_RESERVED_SIZE(r0, 0x2275, &(0x7f0000000000)=0x3) 446.692623ms ago: executing program 4 (id=3654): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) writev(r0, &(0x7f0000000200)=[{&(0x7f0000000340)="2f0e08", 0x3}], 0x1) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1, 0x10012, r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f0000000140)={&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000000000)=0x40) 432.011693ms ago: executing program 0 (id=3655): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x7, 0x6, &(0x7f0000000000)=ANY=[@ANYBLOB="05000000000000007111ae00000000008510000002000000850000000500000095000000000000009500a50500000000"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x70) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000180)={0xffffffffffffffff, 0xe0, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000004, 0x0, 0x29, 0x10, &(0x7f0000002e00), &(0x7f00000001c0), 0x8, 0x7c, 0x8, 0x0, 0x0}}, 0x10) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x18, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x44, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='kfree\x00', r1}, 0x18) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000340)={r0, 0xe8, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10) 429.871533ms ago: executing program 1 (id=3657): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0xc, 0x0, 0x0, 0x41000}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000004c0)='mm_page_free\x00', r1, 0x0, 0x178}, 0x18) kexec_load(0x0, 0x1, &(0x7f0000000140)=[{0x0, 0x3e00, 0x116094000, 0x41000000}], 0x0) 403.792113ms ago: executing program 4 (id=3658): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e00000004000000080000000c"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000e00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@newqdisc={0x54, 0x10, 0x1, 0x0, 0x10000000, {0x0, 0x0, 0x0, 0x0, {0x1}, {}, {0xe, 0xd}}, [@TCA_INGRESS_BLOCK={0x8}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1a, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x80}, 0x0) 357.668774ms ago: executing program 1 (id=3659): bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) rt_sigprocmask(0x0, &(0x7f0000000200)={[0xffffffff]}, 0x0, 0x8) r0 = gettid() tkill(r0, 0x11) pselect6(0x40, &(0x7f0000000040)={0xa, 0xbc, 0x3ff, 0x100000001, 0x7, 0x4, 0x4, 0x5}, 0x0, 0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000280)={[0x2]}, 0x8}) 337.289334ms ago: executing program 0 (id=3660): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'team_slave_1\x00', 0x0}) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x3, &(0x7f0000000280)=@framed, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r2}, 0x10) sendmsg$nl_route(r0, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=ANY=[@ANYBLOB="800000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000005000128009000100766c616e000000004000028006000100000ffe00340003800c0001000ffe0000000000000c00010094040000000000000c00010000010000000000000c000100040000000000000008000500", @ANYRES32=r1, @ANYBLOB="080003"], 0x80}}, 0x8000) 312.823015ms ago: executing program 0 (id=3661): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000002540)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x6e, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10) name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0) 301.392175ms ago: executing program 1 (id=3662): r0 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000f40)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10) syz_usb_disconnect(r0) 267.609265ms ago: executing program 0 (id=3663): r0 = socket$inet_smc(0x2b, 0x1, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e00000004000000080000000c"], 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000e00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r2}, 0x10) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000180)=@filter={'filter\x00', 0xe, 0x0, 0x90, [0x6000000, 0x2000000000c0, 0x2000000000f0, 0x200000000120], 0x100000, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000006000000feffffff0000000000000000000000000000d9e4aa2f0000000000000000000000000000000000000000000000000000feffffff0020000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff00000000"]}, 0x108) 267.288005ms ago: executing program 4 (id=3664): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000440)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f00000002c0)='percpu_create_chunk\x00', r1}, 0x18) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xa, 0x101, 0x7fff, 0xcc}, 0x50) 193.000987ms ago: executing program 0 (id=3665): prctl$PR_SET_NAME(0xf, &(0x7f0000000480)='\xac\xed\x00\x00') r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000300)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48284b70043dc6124d877142a48448b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d4023f210fa34b63a715a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f01000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb796ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab04000000ffe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890decace0200f404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef29cd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf0100483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6c354463d7d0917fc80e5009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab4000000000000000028df75cf43f8ecc8d37b126602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89fa516dab183ee65744fb8fc4f9ce2242e0f00000000010000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f49198e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bde54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85eff010000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1099e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677ec97c5c568a89d6e36b165c391339878b699644c96bd6ea589765ed2a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac4741201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef365303f0e9b4fc969c9dab6d00000000000000000000008f6555f3b7d5021dfc8eb504f1e4fef716d60f0d50b03fc014fd3dff46f56750f0ba4f1b9f7de5c17e7d1f18522897edab8e9e76b667ec6b01908400f55e16f0cfbf026be5f5acc681053f697d62b3545aec4606e190216c22c1d8807b6c43f0f0a4b53619fe5c9412821c3816194a5e29cf12cc7a197b5bdafb096d2d7f6be483814c92ef29c3a21c169794c7de3b4c706f4de5f4b93c831944c7b66fa49f317aa22dbc211e19f031c4f8bee14ecd5eb061a052044adc4dd1b63a1500a9c0e09dbba23f2726a55975efb4519d864d984dcb3a1dcafa1124a6b004029a706478df3be2438d2e35e6ca674dc190143a0b6f7db3408c0c08011e5d8f54711a0bd410ab53a15b1596cb77d2b58df2d8d8"], &(0x7f0000000100)='GPL\x00'}, 0x41) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f00000015c0)='kmem_cache_free\x00', r0}, 0x10) mmap(&(0x7f0000340000/0x2000)=nil, 0x2000, 0x2, 0x31, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x27fa7000) 167.987397ms ago: executing program 4 (id=3666): r0 = openat$selinux_access(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000021007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r2}, 0x10) write$selinux_access(r0, &(0x7f0000000400)=ANY=[@ANYBLOB='system_u:object_r::ing_exec_t:s0 unconfined 0'], 0x41) 130.052998ms ago: executing program 0 (id=3667): r0 = socket$can_j1939(0x1d, 0x2, 0x7) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000000)={'vxcan1\x00', 0x0}) bind$can_j1939(r0, &(0x7f00000000c0)={0x1d, r1}, 0x18) connect$can_j1939(r0, &(0x7f0000000140)={0x1d, r1, 0x0, {0x1, 0xff, 0xa8fe8ad4eea2351f}, 0x2}, 0x18) sendmmsg(r0, &(0x7f0000003e40), 0x3fffffffffffe3d, 0x0) 124.879158ms ago: executing program 4 (id=3668): socket$inet(0x2, 0x80001, 0x84) r0 = socket$inet(0x2, 0x2, 0x88) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000280)=0x3, 0x4) bind$inet(r0, &(0x7f0000000180)={0x2, 0xce20, @local}, 0x10) close(0x4) 0s ago: executing program 3 (id=3669): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) r1 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}}) writev(r0, &(0x7f00000006c0)=[{&(0x7f0000000080)="2e9b3d0007e03dd65193dfb6c575963f86ddf06712e9001c2f8db0049d90491ceaebfd26d4eef23248000000f858dbb8a190", 0x32}, {&(0x7f0000000100)="051a00", 0x23}], 0x2) kernel console output (not intermixed with test programs): ll use data=ordered instead of data journaling mode [ 76.417286][ T7431] EXT4-fs: inline encryption not supported [ 76.419640][ T7429] EXT4-fs (loop0): 1 truncate cleaned up [ 76.429859][ T7429] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 76.443282][ T7431] EXT4-fs: Ignoring removed bh option [ 76.450392][ T7429] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 76.464912][ T7431] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 76.516323][ T7447] syz.4.1753: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz4,mems_allowed=0 [ 76.531264][ T7447] CPU: 1 UID: 0 PID: 7447 Comm: syz.4.1753 Not tainted 6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(voluntary) [ 76.531323][ T7447] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 76.531406][ T7447] Call Trace: [ 76.531415][ T7447] [ 76.531424][ T7447] __dump_stack+0x1d/0x30 [ 76.531451][ T7447] dump_stack_lvl+0xe8/0x140 [ 76.531475][ T7447] dump_stack+0x15/0x1b [ 76.531524][ T7447] warn_alloc+0x12b/0x1a0 [ 76.531553][ T7447] ? audit_log_end+0x1d7/0x1f0 [ 76.531596][ T7447] ? audit_log_end+0x1d7/0x1f0 [ 76.531633][ T7447] __vmalloc_node_range_noprof+0x9c/0xe00 [ 76.531663][ T7447] ? __pfx_avc_audit_post_callback+0x10/0x10 [ 76.531695][ T7447] ? __rcu_read_unlock+0x4f/0x70 [ 76.531757][ T7447] ? __perf_event_task_sched_in+0xa5b/0xac0 [ 76.531786][ T7447] ? perf_cgroup_switch+0x10c/0x480 [ 76.531825][ T7447] ? update_load_avg+0x1da/0x820 [ 76.531936][ T7447] ? __list_add_valid_or_report+0x38/0xe0 [ 76.531965][ T7447] ? should_fail_ex+0x30/0x280 [ 76.532051][ T7447] ? xskq_create+0x36/0xe0 [ 76.532122][ T7447] vmalloc_user_noprof+0x7d/0xb0 [ 76.532176][ T7447] ? xskq_create+0x80/0xe0 [ 76.532204][ T7447] xskq_create+0x80/0xe0 [ 76.532233][ T7447] xsk_init_queue+0x95/0xf0 [ 76.532276][ T7447] xsk_setsockopt+0x35c/0x510 [ 76.532299][ T7447] ? __pfx_xsk_setsockopt+0x10/0x10 [ 76.532317][ T7447] __sys_setsockopt+0x184/0x200 [ 76.532370][ T7447] __x64_sys_setsockopt+0x64/0x80 [ 76.532411][ T7447] x64_sys_call+0x2bd5/0x2fb0 [ 76.532433][ T7447] do_syscall_64+0xd2/0x200 [ 76.532455][ T7447] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 76.532523][ T7447] ? clear_bhb_loop+0x40/0x90 [ 76.532543][ T7447] ? clear_bhb_loop+0x40/0x90 [ 76.532564][ T7447] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 76.532622][ T7447] RIP: 0033:0x7fb21f41e929 [ 76.532643][ T7447] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 76.532660][ T7447] RSP: 002b:00007fb21da87038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 76.532677][ T7447] RAX: ffffffffffffffda RBX: 00007fb21f645fa0 RCX: 00007fb21f41e929 [ 76.532694][ T7447] RDX: 0000000000000006 RSI: 000000000000011b RDI: 0000000000000003 [ 76.532751][ T7447] RBP: 00007fb21f4a0b39 R08: 0000000000000004 R09: 0000000000000000 [ 76.532767][ T7447] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000 [ 76.532782][ T7447] R13: 0000000000000000 R14: 00007fb21f645fa0 R15: 00007ffe445c0208 [ 76.532806][ T7447] [ 76.532819][ T7447] Mem-Info: [ 76.784039][ T7447] active_anon:4129 inactive_anon:5 isolated_anon:0 [ 76.784039][ T7447] active_file:5599 inactive_file:12959 isolated_file:0 [ 76.784039][ T7447] unevictable:0 dirty:316 writeback:0 [ 76.784039][ T7447] slab_reclaimable:2992 slab_unreclaimable:14585 [ 76.784039][ T7447] mapped:28815 shmem:321 pagetables:1279 [ 76.784039][ T7447] sec_pagetables:0 bounce:0 [ 76.784039][ T7447] kernel_misc_reclaimable:0 [ 76.784039][ T7447] free:1897631 free_pcp:4951 free_cma:0 [ 76.828905][ T7447] Node 0 active_anon:16516kB inactive_anon:20kB active_file:22396kB inactive_file:51836kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:115260kB dirty:1264kB writeback:0kB shmem:1284kB writeback_tmp:0kB kernel_stack:3328kB pagetables:5116kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 76.858013][ T7447] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 76.887031][ T7447] lowmem_reserve[]: 0 2882 7860 7860 [ 76.892581][ T7447] Node 0 DMA32 free:2947736kB boost:0kB min:4132kB low:7060kB high:9988kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:2951364kB mlocked:0kB bounce:0kB free_pcp:3628kB local_pcp:3528kB free_cma:0kB [ 76.922973][ T7447] lowmem_reserve[]: 0 0 4978 4978 [ 76.928163][ T7447] Node 0 Normal free:4627428kB boost:0kB min:7188kB low:12284kB high:17380kB reserved_highatomic:0KB free_highatomic:0KB active_anon:16516kB inactive_anon:20kB active_file:22396kB inactive_file:51836kB unevictable:0kB writepending:1264kB present:5242880kB managed:5098240kB mlocked:0kB bounce:0kB free_pcp:16176kB local_pcp:7764kB free_cma:0kB [ 76.960342][ T7447] lowmem_reserve[]: 0 0 0 0 [ 76.964993][ T7447] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 76.978083][ T7447] Node 0 DMA32: 2*4kB (M) 2*8kB (M) 4*16kB (M) 2*32kB (M) 4*64kB (M) 4*128kB (M) 3*256kB (M) 4*512kB (M) 3*1024kB (M) 2*2048kB (M) 717*4096kB (M) = 2947736kB [ 76.994207][ T7447] Node 0 Normal: 763*4kB (UME) 472*8kB (UME) 337*16kB (UME) 296*32kB (UME) 148*64kB (UME) 100*128kB (UME) 50*256kB (UME) 25*512kB (UM) 19*1024kB (UME) 12*2048kB (UME) 1102*4096kB (UM) = 4627388kB [ 77.013777][ T7447] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB [ 77.023157][ T7447] 18876 total pagecache pages [ 77.027873][ T7447] 7 pages in swap cache [ 77.032080][ T7447] Free swap = 124972kB [ 77.036393][ T7447] Total swap = 124996kB [ 77.040754][ T7447] 2097051 pages RAM [ 77.044600][ T7447] 0 pages HighMem/MovableOnly [ 77.049292][ T7447] 80810 pages reserved [ 77.055210][ T3307] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 77.261487][ T7467] loop1: detected capacity change from 0 to 512 [ 77.270730][ T7467] journal_path: Non-blockdev passed as './bus' [ 77.277093][ T7467] EXT4-fs: error: could not find journal device path [ 77.358038][ T7476] netlink: 116 bytes leftover after parsing attributes in process `syz.1.1766'. [ 77.421132][ T7486] program syz.0.1771 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 77.584481][ T7518] loop1: detected capacity change from 0 to 1024 [ 77.621615][ T7518] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 77.643649][ T7518] EXT4-fs error (device loop1): mb_free_blocks:1948: group 0, inode 15: block 433:freeing already freed block (bit 27); block bitmap corrupt. [ 77.658815][ T7530] loop3: detected capacity change from 0 to 512 [ 77.683882][ T3306] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 77.701932][ T7536] loop0: detected capacity change from 0 to 512 [ 77.727017][ T7536] EXT4-fs: Ignoring removed mblk_io_submit option [ 77.742265][ T7536] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem [ 77.751988][ T7536] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a043c11c, mo2=0002] [ 77.761255][ T7536] System zones: 1-12 [ 77.765585][ T7536] EXT4-fs error (device loop0): ext4_iget_extra_inode:5035: inode #15: comm syz.0.1796: corrupted in-inode xattr: e_value size too large [ 77.781420][ T7536] EXT4-fs error (device loop0): ext4_orphan_get:1398: comm syz.0.1796: couldn't read orphan inode 15 (err -117) [ 77.796094][ T7536] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 77.839026][ T7544] loop1: detected capacity change from 0 to 512 [ 77.848492][ T7551] syzkaller1: entered promiscuous mode [ 77.854236][ T7551] syzkaller1: entered allmulticast mode [ 77.857773][ T7544] EXT4-fs: Ignoring removed mblk_io_submit option [ 77.861152][ T3316] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 77.877119][ T7544] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 77.919640][ T7544] EXT4-fs (loop1): 1 truncate cleaned up [ 77.926203][ T7561] loop3: detected capacity change from 0 to 256 [ 77.926601][ T7544] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 77.947608][ T7544] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 77.998433][ T7569] loop0: detected capacity change from 0 to 512 [ 78.005890][ T7569] EXT4-fs (loop0): can't mount with data_err=abort, fs mounted w/o journal [ 78.065510][ T7569] loop0: detected capacity change from 0 to 8192 [ 78.126051][ T7569] loop0: p1 < > p2 < p5 > p3 p4 [ 78.142326][ T7569] loop0: p3 start 83890176 is beyond EOD, truncated [ 78.149155][ T7569] loop0: p4 size 16776960 extends beyond EOD, truncated [ 78.162573][ T7569] loop0: p5 size 16776960 extends beyond EOD, truncated [ 78.253974][ T7601] loop0: detected capacity change from 0 to 1024 [ 78.272852][ T7601] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 78.299521][ T7601] EXT4-fs error (device loop0): mb_free_blocks:1948: group 0, inode 15: block 433:freeing already freed block (bit 27); block bitmap corrupt. [ 78.354789][ T3316] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 78.382874][ T7617] loop4: detected capacity change from 0 to 128 [ 78.563186][ T7617] syz.4.1829: attempt to access beyond end of device [ 78.563186][ T7617] loop4: rw=2049, sector=140, nr_sectors = 8 limit=128 [ 78.579157][ T7617] syz.4.1829: attempt to access beyond end of device [ 78.579157][ T7617] loop4: rw=2049, sector=156, nr_sectors = 1 limit=128 [ 78.593513][ T7617] Buffer I/O error on dev loop4, logical block 156, lost async page write [ 78.604998][ T7617] syz.4.1829: attempt to access beyond end of device [ 78.604998][ T7617] loop4: rw=2049, sector=157, nr_sectors = 1 limit=128 [ 78.618510][ T7617] Buffer I/O error on dev loop4, logical block 157, lost async page write [ 78.637229][ T7617] syz.4.1829: attempt to access beyond end of device [ 78.637229][ T7617] loop4: rw=2049, sector=158, nr_sectors = 1 limit=128 [ 78.650755][ T7617] Buffer I/O error on dev loop4, logical block 158, lost async page write [ 78.662358][ T7617] syz.4.1829: attempt to access beyond end of device [ 78.662358][ T7617] loop4: rw=2049, sector=159, nr_sectors = 1 limit=128 [ 78.675847][ T7617] Buffer I/O error on dev loop4, logical block 159, lost async page write [ 78.687476][ T7631] loop3: detected capacity change from 0 to 128 [ 78.691658][ T7617] syz.4.1829: attempt to access beyond end of device [ 78.691658][ T7617] loop4: rw=2049, sector=160, nr_sectors = 1 limit=128 [ 78.707366][ T7617] Buffer I/O error on dev loop4, logical block 160, lost async page write [ 78.717685][ T7617] syz.4.1829: attempt to access beyond end of device [ 78.717685][ T7617] loop4: rw=2049, sector=161, nr_sectors = 1 limit=128 [ 78.731790][ T7617] Buffer I/O error on dev loop4, logical block 161, lost async page write [ 78.741950][ T7617] syz.4.1829: attempt to access beyond end of device [ 78.741950][ T7617] loop4: rw=2049, sector=132, nr_sectors = 1 limit=128 [ 78.755544][ T7617] Buffer I/O error on dev loop4, logical block 132, lost async page write [ 78.768610][ T7617] syz.4.1829: attempt to access beyond end of device [ 78.768610][ T7617] loop4: rw=2049, sector=133, nr_sectors = 1 limit=128 [ 78.782104][ T7617] Buffer I/O error on dev loop4, logical block 133, lost async page write [ 78.798897][ T7617] syz.4.1829: attempt to access beyond end of device [ 78.798897][ T7617] loop4: rw=2049, sector=150, nr_sectors = 1 limit=128 [ 78.812436][ T7617] Buffer I/O error on dev loop4, logical block 150, lost async page write [ 78.823548][ T7617] Buffer I/O error on dev loop4, logical block 151, lost async page write [ 78.945413][ T7658] loop2: detected capacity change from 0 to 512 [ 78.962862][ T7658] EXT4-fs error (device loop2): ext4_iget_extra_inode:5035: inode #15: comm syz.2.1848: corrupted in-inode xattr: invalid ea_ino [ 78.978327][ T7662] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1851'. [ 78.988493][ T7658] EXT4-fs error (device loop2): ext4_orphan_get:1398: comm syz.2.1848: couldn't read orphan inode 15 (err -117) [ 79.004209][ T7658] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 79.024985][ T7669] netlink: 830 bytes leftover after parsing attributes in process `syz.3.1854'. [ 79.049609][ T3307] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 79.070138][ T7671] loop4: detected capacity change from 0 to 2048 [ 79.089266][ T7676] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1857'. [ 79.098810][ T7676] x_tables: (null)_tables: SNAT target: only valid in nat table, not syz0 [ 79.100726][ T7675] loop2: detected capacity change from 0 to 128 [ 79.108407][ T7671] loop4: p1 < > p4 [ 79.119902][ T7671] loop4: p4 size 8388608 extends beyond EOD, truncated [ 79.299844][ T7690] loop2: detected capacity change from 0 to 1764 [ 79.484072][ T7709] loop3: detected capacity change from 0 to 128 [ 79.540365][ T7707] vhci_hcd: default hub control req: 6031 v09fa i0008 l0 [ 79.608638][ T7718] loop0: detected capacity change from 0 to 1024 [ 79.618616][ T7718] EXT4-fs: Ignoring removed nobh option [ 79.624217][ T7718] EXT4-fs: Ignoring removed bh option [ 79.646461][ T7718] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 79.705113][ T3316] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 79.911993][ T7742] random: crng reseeded on system resumption [ 80.019859][ T7750] loop0: detected capacity change from 0 to 512 [ 80.042589][ T7750] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 80.084435][ T7750] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 80.097901][ T7750] ext4 filesystem being mounted at /316/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 80.100964][ T7761] loop3: detected capacity change from 0 to 512 [ 80.140224][ T7750] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 80.150134][ T7762] 9pnet: Could not find request transport: f [ 80.216868][ T7772] loop3: detected capacity change from 0 to 256 [ 80.503456][ T7807] loop3: detected capacity change from 0 to 512 [ 80.591428][ T7814] netlink: 4436 bytes leftover after parsing attributes in process `syz.3.1919'. [ 80.631783][ T7814] x_tables: ip_tables: osf.0 match: invalid size 48 (kernel) != (user) 4096 [ 80.695662][ T7826] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1925'. [ 80.731266][ T7832] loop3: detected capacity change from 0 to 256 [ 80.757201][ T7831] loop2: detected capacity change from 0 to 4096 [ 80.811808][ T7831] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 80.896313][ T7831] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #15: comm syz.2.1926: corrupted inode contents [ 80.952661][ T7853] 9pnet_fd: Insufficient options for proto=fd [ 80.963644][ T7851] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(6) [ 80.970254][ T7851] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 80.977815][ T7851] vhci_hcd vhci_hcd.0: Device attached [ 80.989994][ T7855] loop0: detected capacity change from 0 to 2048 [ 81.009031][ T7858] vhci_hcd: connection closed [ 81.009021][ T7831] EXT4-fs error (device loop2): ext4_dirty_inode:6459: inode #15: comm syz.2.1926: mark_inode_dirty error [ 81.025702][ T12] vhci_hcd: stop threads [ 81.029058][ T7831] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #15: comm syz.2.1926: corrupted inode contents [ 81.030099][ T12] vhci_hcd: release socket [ 81.047287][ T12] vhci_hcd: disconnect device [ 81.049798][ T7855] Alternate GPT is invalid, using primary GPT. [ 81.058417][ T7855] loop0: p2 p3 p7 [ 81.065627][ T7831] EXT4-fs error (device loop2): __ext4_ext_dirty:206: inode #15: comm syz.2.1926: mark_inode_dirty error [ 81.078671][ T7831] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #15: comm syz.2.1926: corrupted inode contents [ 81.092451][ T7831] EXT4-fs error (device loop2): __ext4_ext_dirty:206: inode #15: comm syz.2.1926: mark_inode_dirty error [ 81.126249][ T29] kauditd_printk_skb: 230 callbacks suppressed [ 81.126266][ T29] audit: type=1400 audit(1752174341.938:2732): avc: denied { name_bind } for pid=7863 comm="syz.4.1943" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1 [ 81.156056][ T7860] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #15: comm syz.2.1926: corrupted inode contents [ 81.178000][ T7860] EXT4-fs error (device loop2): swap_inode_boot_loader:472: inode #15: comm syz.2.1926: mark_inode_dirty error [ 81.197319][ T7860] EXT4-fs warning (device loop2): swap_inode_boot_loader:477: couldn't mark inode #15 dirty (err -117) [ 81.210365][ T7860] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #15: comm syz.2.1926: corrupted inode contents [ 81.223790][ T29] audit: type=1400 audit(1752174342.032:2733): avc: denied { mount } for pid=7870 comm="syz.0.1945" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 81.247510][ T7860] EXT4-fs error (device loop2): swap_inode_boot_loader:480: inode #15: comm syz.2.1926: mark_inode_dirty error [ 81.297072][ T29] audit: type=1400 audit(1752174342.097:2734): avc: denied { read } for pid=7878 comm="syz.4.1947" name="sg0" dev="devtmpfs" ino=135 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1 [ 81.313544][ T7881] loop0: detected capacity change from 0 to 128 [ 81.320921][ T29] audit: type=1400 audit(1752174342.097:2735): avc: denied { open } for pid=7878 comm="syz.4.1947" path="/dev/sg0" dev="devtmpfs" ino=135 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1 [ 81.352114][ T29] audit: type=1400 audit(1752174342.097:2736): avc: denied { unmount } for pid=3307 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 81.354199][ T7881] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 81.386606][ T7879] program syz.4.1947 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 81.397202][ T3307] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 81.422641][ T7881] ext4 filesystem being mounted at /330/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 81.513067][ T29] audit: type=1400 audit(1752174342.303:2737): avc: denied { mac_admin } for pid=7880 comm="syz.0.1949" capability=33 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 81.539398][ T7891] loop4: detected capacity change from 0 to 256 [ 81.552931][ T29] audit: type=1400 audit(1752174342.303:2738): avc: denied { relabelto } for pid=7880 comm="syz.0.1949" name="/" dev="loop0" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:fsadm_exec_t:s0" [ 81.581286][ T3316] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 81.601381][ T29] audit: type=1400 audit(1752174342.378:2739): avc: denied { read write } for pid=7892 comm="syz.2.1954" name="rdma_cm" dev="devtmpfs" ino=252 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:infiniband_device_t tclass=chr_file permissive=1 [ 81.626250][ T29] audit: type=1400 audit(1752174342.378:2740): avc: denied { open } for pid=7892 comm="syz.2.1954" path="/dev/infiniband/rdma_cm" dev="devtmpfs" ino=252 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:infiniband_device_t tclass=chr_file permissive=1 [ 81.635118][ T7891] FAT-fs (loop4): Directory bread(block 64) failed [ 81.660538][ T7891] FAT-fs (loop4): Directory bread(block 65) failed [ 81.667171][ T7891] FAT-fs (loop4): Directory bread(block 66) failed [ 81.674530][ T7891] FAT-fs (loop4): Directory bread(block 67) failed [ 81.682095][ T7891] FAT-fs (loop4): Directory bread(block 68) failed [ 81.688730][ T7891] FAT-fs (loop4): Directory bread(block 69) failed [ 81.701177][ T7891] FAT-fs (loop4): Directory bread(block 70) failed [ 81.728057][ T7891] FAT-fs (loop4): Directory bread(block 71) failed [ 81.748960][ T7891] FAT-fs (loop4): Directory bread(block 72) failed [ 81.755729][ T29] audit: type=1400 audit(1752174342.518:2741): avc: denied { unmount } for pid=3316 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 81.764444][ T7891] FAT-fs (loop4): Directory bread(block 73) failed [ 81.882844][ T7916] netlink: 268 bytes leftover after parsing attributes in process `syz.3.1964'. [ 81.892428][ T7916] unsupported nla_type 65024 [ 81.936788][ T7926] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1969'. [ 81.993182][ T7938] syzkaller1: entered promiscuous mode [ 81.998734][ T7938] syzkaller1: entered allmulticast mode [ 82.025829][ T7945] loop3: detected capacity change from 0 to 1024 [ 82.154281][ T7967] loop1: detected capacity change from 0 to 512 [ 82.198880][ T7967] EXT4-fs (loop1): 1 orphan inode deleted [ 82.207824][ T7967] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 82.220608][ T51] EXT4-fs error (device loop1): ext4_release_dquot:6969: comm kworker/u8:3: Failed to release dquot type 1 [ 82.235311][ T7967] ext4 filesystem being mounted at /394/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 82.238886][ T7972] PID 7972 killed due to inadequate hugepage pool [ 82.271688][ T7986] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1995'. [ 82.315475][ T3306] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 82.383481][ T8002] SELinux: syz.1.1997 (8002) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace. [ 82.467817][ T8017] netlink: 'syz.4.2008': attribute type 1 has an invalid length. [ 82.475663][ T8017] netlink: 'syz.4.2008': attribute type 3 has an invalid length. [ 82.484147][ T8017] netlink: 216 bytes leftover after parsing attributes in process `syz.4.2008'. [ 82.554869][ T8027] xt_connbytes: Forcing CT accounting to be enabled [ 82.561834][ T8027] Cannot find add_set index 0 as target [ 83.451890][ T8067] loop2: detected capacity change from 0 to 512 [ 83.492570][ T8067] EXT4-fs (loop2): 1 orphan inode deleted [ 83.500769][ T8067] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 83.519165][ T8067] ext4 filesystem being mounted at /437/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 83.529937][ T273] EXT4-fs error (device loop2): ext4_release_dquot:6969: comm kworker/u8:5: Failed to release dquot type 1 [ 83.563435][ T3307] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 83.737501][ T8112] loop4: detected capacity change from 0 to 512 [ 83.751422][ T8112] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 83.763838][ T8112] EXT4-fs (loop4): 1 truncate cleaned up [ 83.769959][ T8112] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 83.808266][ T3312] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 83.914433][ T8135] program syz.3.2059 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 83.929745][ T8137] netlink: 'syz.2.2060': attribute type 3 has an invalid length. [ 83.960802][ T8142] IPv6: NLM_F_CREATE should be specified when creating new route [ 84.039235][ T8150] netlink: 'syz.2.2066': attribute type 21 has an invalid length. [ 84.050485][ T8150] netlink: 132 bytes leftover after parsing attributes in process `syz.2.2066'. [ 84.060461][ T8150] netlink: 'syz.2.2066': attribute type 1 has an invalid length. [ 84.090976][ T8156] loop4: detected capacity change from 0 to 128 [ 84.102618][ T8156] EXT4-fs: Ignoring removed nomblk_io_submit option [ 84.111537][ T8156] EXT4-fs: test_dummy_encryption option not supported [ 84.204315][ T8177] macvtap0: entered promiscuous mode [ 84.210296][ T8177] macvtap0: left promiscuous mode [ 84.249964][ T8183] xt_CHECKSUM: CHECKSUM should be avoided. If really needed, restrict with "-p udp" and only use in OUTPUT [ 84.261849][ T8183] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0' [ 84.462067][ T8216] loop1: detected capacity change from 0 to 512 [ 84.494869][ T8216] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 84.511577][ T8216] ext4 filesystem being mounted at /402/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 84.523570][ T8222] __nla_validate_parse: 1 callbacks suppressed [ 84.523586][ T8222] netlink: 36 bytes leftover after parsing attributes in process `syz.3.2099'. [ 84.547700][ T8216] netlink: 208 bytes leftover after parsing attributes in process `syz.1.2097'. [ 84.596018][ T3306] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 84.623784][ T8230] macvlan1: entered promiscuous mode [ 84.630668][ T8230] ipvlan0: entered promiscuous mode [ 84.637259][ T8230] ipvlan0: left promiscuous mode [ 84.642737][ T8230] macvlan1: left promiscuous mode [ 84.724782][ T8238] loop3: detected capacity change from 0 to 1024 [ 84.763947][ T8242] af_packet: tpacket_rcv: packet too big, clamped from 86 to 4294967286. macoff=82 [ 85.367295][ T8270] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2121'. [ 85.605515][ T8286] loop0: detected capacity change from 0 to 8192 [ 85.791200][ T8297] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2134'. [ 85.801336][ T8297] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2134'. [ 85.811528][ T8297] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2134'. [ 85.820763][ T8297] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2134'. [ 85.848582][ T8300] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2136'. [ 85.874693][ T8304] loop1: detected capacity change from 0 to 512 [ 85.886216][ T8304] EXT4-fs (loop1): orphan cleanup on readonly fs [ 85.895396][ T8304] EXT4-fs error (device loop1): ext4_orphan_get:1419: comm syz.1.2137: bad orphan inode 13 [ 85.910271][ T8304] ext4_test_bit(bit=12, block=18) = 1 [ 85.915781][ T8304] is_bad_inode(inode)=0 [ 85.920035][ T8304] NEXT_ORPHAN(inode)=2130706432 [ 85.924920][ T8304] max_ino=32 [ 85.928269][ T8304] i_nlink=1 [ 85.931995][ T8304] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 85.961528][ T3306] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 86.034128][ T8325] netlink: 'syz.4.2148': attribute type 29 has an invalid length. [ 86.043025][ T8325] netlink: 'syz.4.2148': attribute type 29 has an invalid length. [ 86.054133][ T8325] netlink: 500 bytes leftover after parsing attributes in process `syz.4.2148'. [ 86.062212][ T8328] loop2: detected capacity change from 0 to 2048 [ 86.079972][ T8328] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 86.095251][ T8328] ext4 filesystem being mounted at /467/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 86.117040][ T8328] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.2149: bg 0: block 345: padding at end of block bitmap is not set [ 86.148900][ T8328] EXT4-fs (loop2): Remounting filesystem read-only [ 86.157902][ T8328] EXT4-fs warning (device loop2): ext4_xattr_inode_lookup_create:1597: inode #18: comm syz.2.2149: cleanup dec ref error -117 [ 86.185440][ T3307] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 86.240338][ T8351] loop1: detected capacity change from 0 to 2048 [ 86.269916][ T8351] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 86.285351][ T8359] netlink: 'syz.2.2162': attribute type 1 has an invalid length. [ 86.500431][ T29] kauditd_printk_skb: 145 callbacks suppressed [ 86.500447][ T29] audit: type=1326 audit(1752174346.961:2885): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8368 comm="syz.2.2166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=60 compat=0 ip=0x7fcd4fffe929 code=0x7ffc0000 [ 86.554227][ T29] audit: type=1326 audit(1752174346.990:2886): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8366 comm="syz.2.2166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fcd4ff9ab19 code=0x7ffc0000 [ 86.577676][ T29] audit: type=1326 audit(1752174346.990:2887): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8366 comm="syz.2.2166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd4fffe929 code=0x7ffc0000 [ 86.601163][ T29] audit: type=1326 audit(1752174346.990:2888): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8366 comm="syz.2.2166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd4fffe929 code=0x7ffc0000 [ 86.622240][ T8371] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 86.641151][ T8371] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28 [ 86.650634][ T29] audit: type=1400 audit(1752174347.083:2889): avc: denied { map } for pid=8374 comm="syz.2.2169" path="socket:[19813]" dev="sockfs" ino=19813 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 86.654426][ T8371] EXT4-fs (loop1): This should not happen!! Data will be lost [ 86.654426][ T8371] [ 86.676935][ T29] audit: type=1400 audit(1752174347.083:2890): avc: denied { read } for pid=8374 comm="syz.2.2169" path="socket:[19813]" dev="sockfs" ino=19813 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 86.687377][ T8371] EXT4-fs (loop1): Total free blocks count 0 [ 86.716086][ T8371] EXT4-fs (loop1): Free/Dirty block details [ 86.722667][ T8371] EXT4-fs (loop1): free_blocks=2415919104 [ 86.728452][ T8371] EXT4-fs (loop1): dirty_blocks=8208 [ 86.733770][ T8371] EXT4-fs (loop1): Block reservation details [ 86.739807][ T8371] EXT4-fs (loop1): i_reserved_data_blocks=513 [ 86.847744][ T29] audit: type=1326 audit(1752174347.280:2891): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8386 comm="syz.2.2174" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd4fffe929 code=0x7ffc0000 [ 86.871800][ T29] audit: type=1326 audit(1752174347.280:2892): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8386 comm="syz.2.2174" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd4fffe929 code=0x7ffc0000 [ 86.907687][ T51] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 2050 with max blocks 2048 with error 28 [ 86.976395][ T29] audit: type=1326 audit(1752174347.345:2893): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8386 comm="syz.2.2174" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcd4fffe929 code=0x7ffc0000 [ 86.999995][ T29] audit: type=1326 audit(1752174347.345:2894): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8386 comm="syz.2.2174" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd4fffe929 code=0x7ffc0000 [ 87.038808][ T8399] loop3: detected capacity change from 0 to 512 [ 87.191717][ T8414] loop2: detected capacity change from 0 to 1024 [ 87.219271][ T8414] EXT4-fs: Ignoring removed oldalloc option [ 87.225291][ T8414] EXT4-fs: Ignoring removed orlov option [ 87.263881][ T8414] EXT4-fs (loop2): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 87.299722][ T8414] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 87.334700][ T8414] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4113: comm syz.2.2186: Allocating blocks 385-513 which overlap fs metadata [ 87.356036][ T8426] loop4: detected capacity change from 0 to 256 [ 87.364444][ T8426] FAT-fs (loop4): bogus number of FAT sectors [ 87.371417][ T8426] FAT-fs (loop4): Can't find a valid FAT filesystem [ 87.378696][ T8414] EXT4-fs (loop2): pa ffff88810699c5b0: logic 16, phys. 129, len 24 [ 87.386795][ T8414] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 8 [ 87.445734][ T3307] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 87.467925][ T8431] loop3: detected capacity change from 0 to 256 [ 87.512449][ T8437] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2194'. [ 87.666652][ T8457] loop1: detected capacity change from 0 to 1024 [ 87.675361][ T8457] EXT4-fs: Ignoring removed oldalloc option [ 87.682668][ T8457] EXT4-fs: Ignoring removed orlov option [ 87.689215][ T8457] EXT4-fs (loop1): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 87.704655][ T8457] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 87.767217][ T8457] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4113: comm syz.1.2205: Allocating blocks 385-513 which overlap fs metadata [ 87.814557][ T8457] EXT4-fs (loop1): pa ffff888106abb150: logic 16, phys. 129, len 24 [ 87.822813][ T8457] EXT4-fs error (device loop1): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 8 [ 87.845313][ T8475] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=8475 comm=syz.3.2211 [ 87.859954][ T3306] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 88.076570][ T8499] loop4: detected capacity change from 0 to 2048 [ 88.103937][ T3388] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x4 [ 88.112488][ T3388] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x2 [ 88.120033][ T8499] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 88.120338][ T3388] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x0 [ 88.140664][ T3388] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x0 [ 88.147623][ T8499] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters [ 88.148364][ T3388] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x0 [ 88.170688][ T3388] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x0 [ 88.178424][ T3388] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x0 [ 88.178982][ T8499] EXT4-fs (loop4): Remounting filesystem read-only [ 88.186960][ T3388] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x0 [ 88.200497][ T3388] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x0 [ 88.208203][ T3388] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x0 [ 88.216596][ T3388] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x0 [ 88.224358][ T3388] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x0 [ 88.232065][ T3388] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x0 [ 88.239800][ T3388] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x0 [ 88.248004][ T3388] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x0 [ 88.255656][ T3388] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x0 [ 88.263920][ T3388] hid-generic 0000:3000000:0000.0002: hidraw0: HID v0.00 Device [sy] on syz0 [ 88.265262][ T3312] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 88.649902][ T51] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 88.739502][ T8567] program syz.4.2254 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 88.749881][ T51] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 88.794684][ T51] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 88.844053][ T8584] syzkaller1: entered promiscuous mode [ 88.849598][ T8584] syzkaller1: entered allmulticast mode [ 88.862005][ T8587] program syz.4.2258 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 88.878918][ T51] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 88.987790][ T8602] netlink: 'syz.1.2263': attribute type 1 has an invalid length. [ 89.007983][ T8568] chnl_net:caif_netlink_parms(): no params data found [ 89.074848][ T8613] loop4: detected capacity change from 0 to 512 [ 89.097037][ T8613] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem [ 89.107327][ T8568] bridge0: port 1(bridge_slave_0) entered blocking state [ 89.108703][ T8613] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8042c119, mo2=0002] [ 89.115188][ T8568] bridge0: port 1(bridge_slave_0) entered disabled state [ 89.129614][ T8568] bridge_slave_0: entered allmulticast mode [ 89.132876][ T8613] EXT4-fs error (device loop4): ext4_iget_extra_inode:5035: inode #15: comm syz.4.2268: corrupted in-inode xattr: e_value size too large [ 89.136996][ T8568] bridge_slave_0: entered promiscuous mode [ 89.152522][ T8613] EXT4-fs error (device loop4): ext4_orphan_get:1398: comm syz.4.2268: couldn't read orphan inode 15 (err -117) [ 89.168526][ T8568] bridge0: port 2(bridge_slave_1) entered blocking state [ 89.176299][ T8568] bridge0: port 2(bridge_slave_1) entered disabled state [ 89.193299][ T8613] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 89.212762][ T8568] bridge_slave_1: entered allmulticast mode [ 89.213487][ T8568] bridge_slave_1: entered promiscuous mode [ 89.253314][ T8568] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 89.266583][ T8568] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 89.280899][ T3312] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 89.298292][ T51] bridge_slave_1: left allmulticast mode [ 89.304204][ T51] bridge_slave_1: left promiscuous mode [ 89.309943][ T51] bridge0: port 2(bridge_slave_1) entered disabled state [ 89.323763][ T51] bridge_slave_0: left allmulticast mode [ 89.329557][ T51] bridge_slave_0: left promiscuous mode [ 89.335468][ T51] bridge0: port 1(bridge_slave_0) entered disabled state [ 89.347314][ T8633] vhci_hcd: invalid port number 23 [ 89.352475][ T8633] vhci_hcd: default hub control req: a306 v0000 i0017 l0 [ 89.414347][ T51] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 89.425613][ T51] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 89.437820][ T51] bond0 (unregistering): Released all slaves [ 89.450803][ T8568] team0: Port device team_slave_0 added [ 89.460801][ T8568] team0: Port device team_slave_1 added [ 89.484265][ T51] hsr_slave_0: left promiscuous mode [ 89.491604][ T51] hsr_slave_1: left promiscuous mode [ 89.497756][ T51] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 89.505468][ T51] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 89.513989][ T51] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 89.521586][ T51] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 89.534337][ T51] veth1_macvtap: left promiscuous mode [ 89.540054][ T51] veth0_macvtap: left promiscuous mode [ 89.545694][ T51] veth1_vlan: left promiscuous mode [ 89.551302][ T51] veth0_vlan: left promiscuous mode [ 89.631237][ T51] team0 (unregistering): Port device team_slave_1 removed [ 89.642161][ T51] team0 (unregistering): Port device team_slave_0 removed [ 89.682261][ T8568] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 89.689302][ T8568] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 89.715301][ T8568] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 89.727908][ T8568] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 89.734939][ T8568] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 89.760921][ T8568] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 89.791923][ T8568] hsr_slave_0: entered promiscuous mode [ 89.798131][ T8568] hsr_slave_1: entered promiscuous mode [ 89.803968][ T8568] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 89.811585][ T8568] Cannot create hsr debugfs directory [ 89.899152][ T8568] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 89.908210][ T8568] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 89.917394][ T8568] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 89.926415][ T8568] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 89.962621][ T8568] 8021q: adding VLAN 0 to HW filter on device bond0 [ 89.975649][ T8568] 8021q: adding VLAN 0 to HW filter on device team0 [ 89.985905][ T31] bridge0: port 1(bridge_slave_0) entered blocking state [ 89.993090][ T31] bridge0: port 1(bridge_slave_0) entered forwarding state [ 90.004845][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 90.012067][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 90.072403][ T8674] loop1: detected capacity change from 0 to 2048 [ 90.096804][ T8674] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 90.121070][ T8568] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 90.150500][ T8674] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters [ 90.167385][ T8674] EXT4-fs (loop1): Remounting filesystem read-only [ 90.175117][ T8688] syzkaller1: entered promiscuous mode [ 90.180744][ T8688] syzkaller1: entered allmulticast mode [ 90.212291][ T3306] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 90.388891][ T8568] veth0_vlan: entered promiscuous mode [ 90.428023][ T8568] veth1_vlan: entered promiscuous mode [ 90.485010][ T8568] veth0_macvtap: entered promiscuous mode [ 90.494762][ T8568] veth1_macvtap: entered promiscuous mode [ 90.523336][ T8568] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 90.546600][ T8568] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 90.555961][ T8568] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.564723][ T8568] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.573600][ T8568] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.582452][ T8568] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.596674][ T8736] bridge0: port 3(vlan2) entered blocking state [ 90.603100][ T8736] bridge0: port 3(vlan2) entered disabled state [ 90.609709][ T8736] vlan2: entered allmulticast mode [ 90.614950][ T8736] bond0: entered allmulticast mode [ 90.620122][ T8736] bond_slave_0: entered allmulticast mode [ 90.625868][ T8736] bond_slave_1: entered allmulticast mode [ 90.633236][ T8736] vlan2: entered promiscuous mode [ 90.638324][ T8736] bond0: entered promiscuous mode [ 90.643432][ T8736] bond_slave_0: entered promiscuous mode [ 90.649210][ T8736] bond_slave_1: entered promiscuous mode [ 90.688998][ T8745] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=8745 comm=syz.0.2314 [ 90.842129][ T8761] syzkaller1: entered promiscuous mode [ 90.847739][ T8761] syzkaller1: entered allmulticast mode [ 90.921324][ T8769] SELinux: syz.0.2323 (8769) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace. [ 91.318021][ T8781] __nla_validate_parse: 5 callbacks suppressed [ 91.318034][ T8781] netlink: 256 bytes leftover after parsing attributes in process `syz.1.2330'. [ 91.419428][ T8793] wireguard1: entered promiscuous mode [ 91.425997][ T8793] wireguard1: entered allmulticast mode [ 91.437310][ T8796] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2336'. [ 91.596461][ T8819] tipc: Started in network mode [ 91.601388][ T8819] tipc: Node identity 000000005f0000000000000000000001, cluster identity 4711 [ 91.610393][ T8819] tipc: Enabling of bearer rejected, failed to enable media [ 91.691592][ T8831] wireguard0: entered promiscuous mode [ 91.697225][ T8831] wireguard0: entered allmulticast mode [ 91.770989][ T8844] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=8844 comm=syz.3.2358 [ 91.801627][ T8846] netlink: 'syz.1.2359': attribute type 11 has an invalid length. [ 91.809669][ T8846] netlink: 448 bytes leftover after parsing attributes in process `syz.1.2359'. [ 91.905826][ T8859] can0: slcan on ttyS3. [ 91.978440][ T8859] can0 (unregistered): slcan off ttyS3. [ 92.022951][ T29] kauditd_printk_skb: 144 callbacks suppressed [ 92.022966][ T29] audit: type=1400 audit(1752174352.134:3039): avc: denied { create } for pid=8878 comm="syz.1.2376" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 92.024426][ T29] audit: type=1400 audit(1752174352.134:3040): avc: denied { setopt } for pid=8878 comm="syz.1.2376" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 92.126076][ T29] audit: type=1400 audit(1752174352.181:3041): avc: denied { getopt } for pid=8878 comm="syz.1.2376" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 92.146374][ T29] audit: type=1326 audit(1752174352.200:3042): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8883 comm="syz.4.2378" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb21f41e929 code=0x7ffc0000 [ 92.170565][ T29] audit: type=1326 audit(1752174352.200:3043): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8883 comm="syz.4.2378" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb21f41e929 code=0x7ffc0000 [ 92.194185][ T29] audit: type=1326 audit(1752174352.200:3044): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8883 comm="syz.4.2378" exe="/root/syz-executor" sig=0 arch=c000003e syscall=460 compat=0 ip=0x7fb21f41e929 code=0x7ffc0000 [ 92.218283][ T29] audit: type=1326 audit(1752174352.200:3045): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8883 comm="syz.4.2378" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb21f41e929 code=0x7ffc0000 [ 92.241814][ T29] audit: type=1326 audit(1752174352.209:3046): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8883 comm="syz.4.2378" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb21f41e929 code=0x7ffc0000 [ 92.334018][ T8895] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(6) [ 92.340603][ T8895] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 92.348382][ T8895] vhci_hcd vhci_hcd.0: Device attached [ 92.384362][ T8897] vhci_hcd: connection closed [ 92.384638][ T56] vhci_hcd: stop threads [ 92.393799][ T56] vhci_hcd: release socket [ 92.398238][ T56] vhci_hcd: disconnect device [ 92.484104][ T8903] loop5: detected capacity change from 0 to 2048 [ 92.503245][ T29] audit: type=1400 audit(1752174352.583:3047): avc: denied { getopt } for pid=8904 comm="syz.4.2385" lport=55112 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1 [ 92.609793][ T8903] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters [ 92.660685][ T8903] EXT4-fs (loop5): Remounting filesystem read-only [ 92.797458][ T8932] netlink: '+}[@': attribute type 6 has an invalid length. [ 92.818032][ T8934] loop5: detected capacity change from 0 to 2048 [ 92.847412][ T8938] netdevsim netdevsim0: loading /lib/firmware/. failed with error -22 [ 92.855777][ T8938] netdevsim netdevsim0: Direct firmware load for . failed with error -22 [ 92.876537][ T8934] support for the xor transformation has been removed. [ 92.959924][ T29] audit: type=1326 audit(1752174353.004:3048): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8945 comm="syz.1.2403" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff82863e929 code=0x7ffc0000 [ 92.998944][ T8948] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=8948 comm=syz.0.2405 [ 93.011477][ T8948] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=8948 comm=syz.0.2405 [ 93.237318][ T8968] loop1: detected capacity change from 0 to 512 [ 93.253108][ T8968] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 93.292913][ T8974] SELinux: syz.3.2418 (8974) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace. [ 93.307307][ T8968] EXT4-fs (loop1): 1 truncate cleaned up [ 93.420145][ T8991] wireguard0: entered promiscuous mode [ 93.425730][ T8991] wireguard0: entered allmulticast mode [ 93.455457][ T8996] loop3: detected capacity change from 0 to 1024 [ 93.462747][ T8996] EXT4-fs: inline encryption not supported [ 93.468662][ T8996] EXT4-fs: Ignoring removed i_version option [ 93.476132][ T8998] hub 9-0:1.0: USB hub found [ 93.481016][ T8998] hub 9-0:1.0: 8 ports detected [ 93.498724][ T9002] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2429'. [ 93.526715][ T9004] loop0: detected capacity change from 0 to 2048 [ 93.549251][ T9004] Alternate GPT is invalid, using primary GPT. [ 93.555599][ T9004] loop0: p1 p2 p3 [ 93.649775][ T9023] loop4: detected capacity change from 0 to 1024 [ 93.659871][ T9023] EXT4-fs: inline encryption not supported [ 93.665804][ T9023] EXT4-fs: Ignoring removed i_version option [ 93.672589][ T9023] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 93.715312][ T9023] EXT4-fs error (device loop4): ext4_map_blocks:780: inode #3: block 2: comm syz.4.2441: lblock 2 mapped to illegal pblock 2 (length 1) [ 93.731025][ T9023] EXT4-fs error (device loop4): ext4_map_blocks:780: inode #3: block 48: comm syz.4.2441: lblock 0 mapped to illegal pblock 48 (length 1) [ 93.746070][ T9023] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.2441: Failed to acquire dquot type 0 [ 93.759127][ T9023] EXT4-fs error (device loop4) in ext4_reserve_inode_write:6255: Corrupt filesystem [ 93.769277][ T9023] EXT4-fs error (device loop4): ext4_evict_inode:254: inode #11: comm syz.4.2441: mark_inode_dirty error [ 93.782443][ T9023] EXT4-fs warning (device loop4): ext4_evict_inode:257: couldn't mark inode dirty (err -117) [ 93.792768][ T9023] EXT4-fs (loop4): 1 orphan inode deleted [ 93.799435][ T37] EXT4-fs error (device loop4): ext4_map_blocks:780: inode #3: block 1: comm kworker/u8:2: lblock 1 mapped to illegal pblock 1 (length 1) [ 93.818113][ T9039] 9pnet_virtio: no channels available for device 127.0.0.1 [ 93.818765][ T37] EXT4-fs error (device loop4): ext4_release_dquot:6969: comm kworker/u8:2: Failed to release dquot type 0 [ 93.839311][ T9038] wireguard0: entered promiscuous mode [ 93.840142][ T9023] EXT4-fs error (device loop4): __ext4_get_inode_loc:4792: comm syz.4.2441: Invalid inode table block 1 in block_group 0 [ 93.844806][ T9038] wireguard0: entered allmulticast mode [ 93.857722][ T9023] EXT4-fs error (device loop4) in ext4_reserve_inode_write:6255: Corrupt filesystem [ 93.875365][ T9023] EXT4-fs error (device loop4): ext4_quota_off:7217: inode #3: comm syz.4.2441: mark_inode_dirty error [ 93.923189][ T9044] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=9044 comm=syz.4.2448 [ 94.577731][ T9069] netlink: '+}[@': attribute type 6 has an invalid length. [ 94.973404][ T9097] SELinux: failed to load policy [ 95.134878][ T9115] loop9: detected capacity change from 0 to 7 [ 95.143206][ T9115] buffer_io_error: 26 callbacks suppressed [ 95.143220][ T9115] Buffer I/O error on dev loop9, logical block 0, async page read [ 95.157484][ T9115] Buffer I/O error on dev loop9, logical block 0, async page read [ 95.165402][ T9115] loop9: unable to read partition table [ 95.171488][ T9115] loop_reread_partitions: partition scan of loop9 (þ被xüŸÑø éÚ¬§½dG¤´à–ƒÝ¡¯ â·û [ 95.171488][ T9115] ) failed (rc=-5) [ 95.236699][ T9125] syzkaller1: entered promiscuous mode [ 95.243065][ T9125] syzkaller1: entered allmulticast mode [ 95.603859][ T9141] loop3: detected capacity change from 0 to 8192 [ 95.683741][ T9147] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2496'. [ 95.712969][ T9152] loop3: detected capacity change from 0 to 256 [ 95.796591][ T9166] loop3: detected capacity change from 0 to 128 [ 95.861185][ T9174] 9pnet_fd: Insufficient options for proto=fd [ 95.941885][ T31] tipc: Subscription rejected, illegal request [ 96.010946][ T9185] netlink: 272 bytes leftover after parsing attributes in process `syz.3.2514'. [ 96.116489][ T9192] loop4: detected capacity change from 0 to 512 [ 96.128967][ T9192] EXT4-fs: Ignoring removed nomblk_io_submit option [ 96.136175][ T9192] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 96.148471][ T9192] EXT4-fs (loop4): 1 truncate cleaned up [ 96.159406][ T9192] EXT4-fs (loop4): shut down requested (0) [ 96.210499][ T9199] netlink: 'syz.4.2520': attribute type 39 has an invalid length. [ 96.303884][ T9206] syzkaller1: entered promiscuous mode [ 96.309496][ T9206] syzkaller1: entered allmulticast mode [ 96.357910][ T9210] random: crng reseeded on system resumption [ 96.454096][ T9227] loop4: detected capacity change from 0 to 512 [ 96.461274][ T9227] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 96.471326][ T9227] EXT4-fs error (device loop4): ext4_get_branch:178: inode #11: block 4294967295: comm syz.4.2532: invalid block [ 96.483984][ T9232] loop0: detected capacity change from 0 to 1024 [ 96.484408][ T9227] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.2532: invalid indirect mapped block 4294967295 (level 1) [ 96.504871][ T9227] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.2532: invalid indirect mapped block 4294967295 (level 1) [ 96.504936][ T9232] EXT4-fs: Ignoring removed nobh option [ 96.524736][ T9232] EXT4-fs: Ignoring removed bh option [ 96.526528][ T9227] EXT4-fs (loop4): 2 truncates cleaned up [ 96.598046][ T9242] loop0: detected capacity change from 0 to 256 [ 96.608752][ T9244] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2539'. [ 96.617783][ T9244] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2539'. [ 96.635151][ T9242] FAT-fs (loop0): Directory bread(block 64) failed [ 96.643173][ T9242] FAT-fs (loop0): Directory bread(block 65) failed [ 96.664017][ T9250] IPv6: Can't replace route, no match found [ 96.677148][ T9242] FAT-fs (loop0): Directory bread(block 66) failed [ 96.684989][ T9242] FAT-fs (loop0): Directory bread(block 67) failed [ 96.692019][ T9242] FAT-fs (loop0): Directory bread(block 68) failed [ 96.698897][ T9242] FAT-fs (loop0): Directory bread(block 69) failed [ 96.705908][ T9242] FAT-fs (loop0): Directory bread(block 70) failed [ 96.716400][ T9254] loop1: detected capacity change from 0 to 256 [ 96.736061][ T9242] FAT-fs (loop0): Directory bread(block 71) failed [ 96.742802][ T9242] FAT-fs (loop0): Directory bread(block 72) failed [ 96.750920][ T9242] FAT-fs (loop0): Directory bread(block 73) failed [ 96.774809][ T9242] bio_check_eod: 30 callbacks suppressed [ 96.774824][ T9242] syz.0.2538: attempt to access beyond end of device [ 96.774824][ T9242] loop0: rw=524288, sector=1736, nr_sectors = 32 limit=256 [ 96.796778][ T9242] syz.0.2538: attempt to access beyond end of device [ 96.796778][ T9242] loop0: rw=0, sector=1736, nr_sectors = 8 limit=256 [ 96.849839][ T9269] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) ! [ 96.893562][ T9278] loop0: detected capacity change from 0 to 164 [ 96.903965][ T9278] iso9660: Corrupted directory entry in block 2 of inode 1792 [ 96.911681][ T9279] loop1: detected capacity change from 0 to 128 [ 96.914722][ T9279] ext4 filesystem being mounted at /489/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 96.959435][ T9282] SELinux: failed to load policy [ 96.980722][ T9284] loop1: detected capacity change from 0 to 1024 [ 96.987885][ T9284] EXT4-fs: Ignoring removed nomblk_io_submit option [ 96.995891][ T9284] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 97.046078][ T9292] loop1: detected capacity change from 0 to 256 [ 97.062415][ T9295] Freezing with imperfect legacy cgroup freezer. See cgroup.freeze of cgroup v2 [ 97.077388][ T9292] FAT-fs (loop1): Directory bread(block 64) failed [ 97.085857][ T9292] FAT-fs (loop1): Directory bread(block 65) failed [ 97.095101][ T9292] FAT-fs (loop1): Directory bread(block 66) failed [ 97.102088][ T9292] FAT-fs (loop1): Directory bread(block 67) failed [ 97.109468][ T9292] FAT-fs (loop1): Directory bread(block 68) failed [ 97.116176][ T9292] FAT-fs (loop1): Directory bread(block 69) failed [ 97.123080][ T9292] FAT-fs (loop1): Directory bread(block 70) failed [ 97.130941][ T9292] FAT-fs (loop1): Directory bread(block 71) failed [ 97.150113][ T9292] FAT-fs (loop1): Directory bread(block 72) failed [ 97.158913][ T9292] FAT-fs (loop1): Directory bread(block 73) failed [ 97.182897][ T9292] syz.1.2561: attempt to access beyond end of device [ 97.182897][ T9292] loop1: rw=524288, sector=1736, nr_sectors = 32 limit=256 [ 97.204840][ T9292] syz.1.2561: attempt to access beyond end of device [ 97.204840][ T9292] loop1: rw=0, sector=1736, nr_sectors = 8 limit=256 [ 97.226245][ T9324] loop0: detected capacity change from 0 to 512 [ 97.233273][ T9324] EXT4-fs: Ignoring removed nomblk_io_submit option [ 97.251846][ T9324] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 97.323532][ T9324] EXT4-fs (loop0): 1 truncate cleaned up [ 97.333579][ T9324] EXT4-fs (loop0): shut down requested (0) [ 97.449201][ T29] kauditd_printk_skb: 108 callbacks suppressed [ 97.449218][ T29] audit: type=1400 audit(1752174360.203:3154): avc: denied { write } for pid=9383 comm="syz.0.2577" path="socket:[22475]" dev="sockfs" ino=22475 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 97.501442][ T29] audit: type=1326 audit(1752174360.250:3155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9385 comm="syz.0.2578" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f16e87b58e7 code=0x7ffc0000 [ 97.525585][ T29] audit: type=1326 audit(1752174360.250:3156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9385 comm="syz.0.2578" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f16e875ab19 code=0x7ffc0000 [ 97.551438][ T29] audit: type=1326 audit(1752174360.250:3157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9385 comm="syz.0.2578" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f16e87b58e7 code=0x7ffc0000 [ 97.575861][ T29] audit: type=1326 audit(1752174360.250:3158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9385 comm="syz.0.2578" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f16e875ab19 code=0x7ffc0000 [ 97.599437][ T29] audit: type=1326 audit(1752174360.250:3159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9385 comm="syz.0.2578" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f16e87be929 code=0x7ffc0000 [ 97.623732][ T29] audit: type=1326 audit(1752174360.250:3160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9385 comm="syz.0.2578" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f16e87be929 code=0x7ffc0000 [ 97.647243][ T29] audit: type=1326 audit(1752174360.250:3161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9385 comm="syz.0.2578" exe="/root/syz-executor" sig=0 arch=c000003e syscall=149 compat=0 ip=0x7f16e87be929 code=0x7ffc0000 [ 97.672665][ T29] audit: type=1326 audit(1752174360.325:3162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9385 comm="syz.0.2578" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f16e87be929 code=0x7ffc0000 [ 97.696293][ T29] audit: type=1326 audit(1752174360.325:3163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9385 comm="syz.0.2578" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f16e87be929 code=0x7ffc0000 [ 97.750736][ T9389] loop3: detected capacity change from 0 to 164 [ 97.763310][ T9389] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 97.792849][ T9389] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 97.792986][ T9389] Symlink component flag not implemented [ 97.792995][ T9389] Symlink component flag not implemented [ 97.794646][ T9389] Symlink component flag not implemented (7) [ 97.819201][ T9389] Symlink component flag not implemented (116) [ 97.832729][ T9394] loop4: detected capacity change from 0 to 1024 [ 97.833129][ T9394] EXT4-fs: Ignoring removed nobh option [ 97.833150][ T9394] EXT4-fs: Ignoring removed bh option [ 98.093584][ T9418] loop3: detected capacity change from 0 to 512 [ 98.110445][ T9418] EXT4-fs: Ignoring removed nomblk_io_submit option [ 98.247864][ T9440] netlink: 'syz.4.2604': attribute type 3 has an invalid length. [ 98.293972][ T9447] loop4: detected capacity change from 0 to 1024 [ 98.307272][ T9447] EXT4-fs: Ignoring removed nomblk_io_submit option [ 98.326587][ T9447] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 98.379309][ T9453] loop3: detected capacity change from 0 to 512 [ 98.449416][ T9462] loop3: detected capacity change from 0 to 512 [ 98.458180][ T9462] EXT4-fs: Ignoring removed nomblk_io_submit option [ 98.469883][ T9464] loop4: detected capacity change from 0 to 2048 [ 98.488839][ T9467] sd 0:0:1:0: device reset [ 98.513574][ T9470] IPv6: Can't replace route, no match found [ 98.762336][ T9464] EXT4-fs (loop4): failed to initialize system zone (-117) [ 98.776957][ T9464] EXT4-fs (loop4): mount failed [ 99.174686][ T9506] loop4: detected capacity change from 0 to 512 [ 99.181456][ T9506] EXT4-fs: Ignoring removed orlov option [ 99.187208][ T9506] EXT4-fs: Ignoring removed nomblk_io_submit option [ 99.207079][ T9506] EXT4-fs error (device loop4): ext4_init_orphan_info:585: comm syz.4.2633: inode #0: comm syz.4.2633: iget: illegal inode # [ 99.257907][ T9510] loop3: detected capacity change from 0 to 4096 [ 99.267687][ T9506] EXT4-fs (loop4): Remounting filesystem read-only [ 99.274243][ T9506] EXT4-fs (loop4): get orphan inode failed [ 99.288842][ T9506] EXT4-fs (loop4): mount failed [ 99.302188][ T9510] loop3: detected capacity change from 0 to 512 [ 99.333810][ T9510] EXT4-fs: Ignoring removed orlov option [ 99.346968][ T9510] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 99.356735][ T9510] EXT4-fs (loop3): write access unavailable, skipping orphan cleanup [ 99.365763][ T9519] syzkaller1: entered promiscuous mode [ 99.371367][ T9519] syzkaller1: entered allmulticast mode [ 99.379284][ T9510] EXT4-fs: Ignoring removed orlov option [ 99.547207][ T9542] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2650'. [ 99.588552][ T9551] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2654'. [ 99.597567][ T9551] netlink: 32 bytes leftover after parsing attributes in process `syz.1.2654'. [ 99.606629][ T9551] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2654'. [ 99.615835][ T9551] netlink: 2 bytes leftover after parsing attributes in process `syz.1.2654'. [ 99.625419][ T9551] netlink: 32 bytes leftover after parsing attributes in process `syz.1.2654'. [ 99.625434][ T9557] program syz.3.2657 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 99.736690][ T9575] loop3: detected capacity change from 0 to 1024 [ 99.755113][ T9577] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2667'. [ 99.779085][ T9581] xt_hashlimit: max too large, truncated to 1048576 [ 99.826283][ T9589] qrtr: Invalid version 91 [ 99.833335][ T9591] netlink: 'syz.3.2674': attribute type 39 has an invalid length. [ 99.997686][ T9603] loop4: detected capacity change from 0 to 164 [ 100.006185][ T9603] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 100.017384][ T9603] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 100.025857][ T9603] Symlink component flag not implemented [ 100.031624][ T9603] Symlink component flag not implemented [ 100.039594][ T9603] Symlink component flag not implemented (7) [ 100.045634][ T9603] Symlink component flag not implemented (116) [ 100.114677][ T9621] binfmt_misc: register: failed to install interpreter file ./file0 [ 100.145253][ T9623] program syz.3.2691 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 100.195546][ T9633] binfmt_misc: register: failed to install interpreter file ./file2 [ 100.264094][ T9645] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in; [ 100.264094][ T9645] program syz.4.2700 not setting count and/or reply_len properly [ 100.304914][ T9651] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2704'. [ 100.420988][ T9668] loop5: detected capacity change from 0 to 4096 [ 101.307878][ T9687] loop3: detected capacity change from 0 to 8192 [ 101.348500][ T9695] @: renamed from vlan0 (while UP) [ 101.477632][ T9721] loop3: detected capacity change from 0 to 1024 [ 101.488721][ T9721] SELinux: security_context_str_to_sid (Ð-šXܘ7.H\¹ÿ %ºu@) failed with errno=-22 [ 101.503853][ T9724] netlink: 24 bytes leftover after parsing attributes in process `syz.5.2736'. [ 101.537820][ T9730] loop3: detected capacity change from 0 to 128 [ 101.843127][ T9769] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant. [ 101.843127][ T9769] The task syz.5.2748 (9769) triggered the difference, watch for misbehavior. [ 101.871223][ T9771] Cannot find add_set index 0 as target [ 101.956812][ T9783] loop3: detected capacity change from 0 to 1024 [ 101.996096][ T9785] binfmt_misc: register: failed to install interpreter file ./file2 [ 102.024288][ T9787] loop1: detected capacity change from 0 to 512 [ 102.037330][ T9787] EXT4-fs warning (device loop1): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 102.053770][ T9787] EXT4-fs (loop1): mount failed [ 102.278030][ T9817] loop0: detected capacity change from 0 to 512 [ 102.295996][ T9817] EXT4-fs warning (device loop0): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 102.312585][ T9817] EXT4-fs (loop0): mount failed [ 102.347801][ T9828] loop4: detected capacity change from 0 to 256 [ 102.369436][ T9828] FAT-fs (loop4): unable to read block(603979776) for building NFS inode [ 102.418646][ T9832] team0 (unregistering): Port device team_slave_0 removed [ 102.429421][ T9832] team0 (unregistering): Port device team_slave_1 removed [ 102.455645][ T9838] loop0: detected capacity change from 0 to 512 [ 102.463251][ T9838] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 102.489717][ T9838] EXT4-fs (loop0): 1 orphan inode deleted [ 102.496216][ T9838] ext4 filesystem being mounted at /519/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 102.508771][ T9350] EXT4-fs error (device loop0): ext4_release_dquot:6969: comm kworker/u8:44: Failed to release dquot type 1 [ 102.602089][ T9862] loop1: detected capacity change from 0 to 1024 [ 102.615814][ T9862] ext4 filesystem being mounted at /538/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 102.683638][ T9872] program syz.4.2797 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 102.764613][ T9360] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm kworker/u8:54: bg 0: block 393: padding at end of block bitmap is not set [ 102.787870][ T9881] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=9881 comm=syz.4.2803 [ 102.801119][ T29] kauditd_printk_skb: 173 callbacks suppressed [ 102.801134][ T29] audit: type=1400 audit(1752174365.217:3334): avc: denied { audit_write } for pid=9880 comm="syz.4.2803" capability=29 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 102.825216][ T9360] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 2035 with error 117 [ 102.841194][ T9360] EXT4-fs (loop1): This should not happen!! Data will be lost [ 102.841194][ T9360] [ 102.850957][ T29] audit: type=1107 audit(1752174365.254:3335): pid=9880 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg='' [ 102.864175][ T29] audit: type=1400 audit(1752174365.273:3336): avc: denied { name_bind } for pid=9882 comm="syz.5.2805" src=20004 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1 [ 102.881802][ T3306] EXT4-fs unmount: 31 callbacks suppressed [ 102.881819][ T3306] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 102.917717][ T29] audit: type=1326 audit(1752174365.320:3337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9886 comm="syz.4.2807" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb21f41e929 code=0x7ffc0000 [ 102.942009][ T29] audit: type=1326 audit(1752174365.320:3338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9886 comm="syz.4.2807" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb21f41e929 code=0x7ffc0000 [ 102.965619][ T29] audit: type=1326 audit(1752174365.320:3339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9886 comm="syz.4.2807" exe="/root/syz-executor" sig=0 arch=c000003e syscall=114 compat=0 ip=0x7fb21f41e929 code=0x7ffc0000 [ 102.989134][ T29] audit: type=1326 audit(1752174365.320:3340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9886 comm="syz.4.2807" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb21f41e929 code=0x7ffc0000 [ 103.033121][ T9896] loop1: detected capacity change from 0 to 164 [ 103.054968][ T9896] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 103.078353][ T29] audit: type=1400 audit(1752174365.469:3341): avc: denied { mount } for pid=9893 comm="syz.1.2809" name="/" dev="loop1" ino=1792 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:iso9660_t tclass=filesystem permissive=1 [ 103.112832][ T9896] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 103.131539][ T9902] loop4: detected capacity change from 0 to 512 [ 103.136571][ T9896] Symlink component flag not implemented [ 103.144233][ T9896] Symlink component flag not implemented [ 103.151117][ T29] audit: type=1400 audit(1752174365.544:3342): avc: denied { bind } for pid=9899 comm="syz.5.2812" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 103.153193][ T9896] Symlink component flag not implemented (7) [ 103.170529][ T29] audit: type=1400 audit(1752174365.544:3343): avc: denied { name_bind } for pid=9899 comm="syz.5.2812" src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1 [ 103.199017][ T9896] Symlink component flag not implemented (116) [ 103.226071][ T9902] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 103.241058][ T9902] ext4 filesystem being mounted at /593/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 103.243807][ T9918] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2819'. [ 103.336087][ T9920] loop3: detected capacity change from 0 to 164 [ 103.347508][ T9920] ISOFS: unable to read i-node block [ 103.352957][ T9920] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet. [ 103.363093][ T9924] SELinux: failed to load policy [ 103.363978][ T9920] isofs_fill_super: get root inode failed [ 103.402071][ T9920] loop3: detected capacity change from 0 to 512 [ 103.421784][ T9902] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 103.483615][ T9934] team0 (unregistering): Port device team_slave_0 removed [ 103.508899][ T9934] team0 (unregistering): Port device team_slave_1 removed [ 103.652846][ T9957] loop5: detected capacity change from 0 to 512 [ 103.672418][ T9957] EXT4-fs: Ignoring removed orlov option [ 103.706302][ T9967] netlink: 'syz.3.2843': attribute type 10 has an invalid length. [ 103.714258][ T9967] netlink: 'syz.3.2843': attribute type 19 has an invalid length. [ 103.730686][ T9957] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 103.756557][ T9957] ext4 filesystem being mounted at /69/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 103.830339][ T9977] team0 (unregistering): Port device team_slave_0 removed [ 103.845947][ T8568] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 103.872587][ T9977] team0 (unregistering): Port device team_slave_1 removed [ 103.921931][ T9984] loop3: detected capacity change from 0 to 164 [ 103.930353][ T9984] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 103.942805][ T9984] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 103.955113][ T9984] Symlink component flag not implemented [ 103.960828][ T9984] Symlink component flag not implemented [ 103.970211][ T9984] Symlink component flag not implemented (7) [ 103.976329][ T9984] Symlink component flag not implemented (116) [ 104.040570][ T9994] unsupported nlmsg_type 40 [ 104.063894][ T9998] sch_tbf: peakrate 8 is lower than or equals to rate 12 ! [ 104.071228][ T9996] loop4: detected capacity change from 0 to 2048 [ 104.089228][ T9996] loop4: p1 < > p4 [ 104.104175][ T9996] loop4: p4 size 8388608 extends beyond EOD, truncated [ 104.135297][ T3388] IPVS: starting estimator thread 0... [ 104.137811][T10000] IPVS: lc: UDP 224.0.0.2:0 - no destination available [ 104.238326][T10006] IPVS: using max 2688 ests per chain, 134400 per kthread [ 104.448300][T10059] netlink: 'syz.0.2882': attribute type 21 has an invalid length. [ 104.539500][T10072] loop5: detected capacity change from 0 to 1024 [ 104.570261][T10072] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 104.583932][T10072] ext4 filesystem being mounted at /80/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 104.776882][ T9363] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm kworker/u8:57: bg 0: block 393: padding at end of block bitmap is not set [ 104.807611][ T9363] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 2035 with error 117 [ 104.820335][ T9363] EXT4-fs (loop5): This should not happen!! Data will be lost [ 104.820335][ T9363] [ 104.849272][ T8568] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 105.064440][T10139] ALSA: seq fatal error: cannot create timer (-19) [ 105.086340][T10146] SELinux: Context system_u:object_r:gpg_exec_t:s0 is not valid (left unmapped). [ 105.115240][T10148] loop3: detected capacity change from 0 to 1024 [ 105.124278][T10150] program syz.1.2922 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 105.153799][T10154] __nla_validate_parse: 5 callbacks suppressed [ 105.153816][T10154] netlink: 128 bytes leftover after parsing attributes in process `syz.1.2924'. [ 105.171705][T10154] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2924'. [ 105.271326][T10172] loop3: detected capacity change from 0 to 512 [ 105.380338][T10180] xt_hashlimit: max too large, truncated to 1048576 [ 105.471847][T10186] netlink: 128 bytes leftover after parsing attributes in process `syz.4.2939'. [ 105.482046][T10186] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2939'. [ 105.530565][T10192] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2942'. [ 105.539638][T10192] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2942'. [ 105.582530][T10198] netlink: 36 bytes leftover after parsing attributes in process `syz.1.2946'. [ 105.613260][T10202] sg_write: data in/out 49276/1 bytes for SCSI command 0x1c-- guessing data in; [ 105.613260][T10202] program syz.3.2944 not setting count and/or reply_len properly [ 105.783976][T10224] loop1: detected capacity change from 0 to 256 [ 105.804483][T10224] msdos: Unknown parameter 'fowner>18446744073709551615' [ 105.929382][T10245] geneve2: entered promiscuous mode [ 105.934909][T10245] geneve2: entered allmulticast mode [ 105.975548][T10249] binfmt_misc: register: failed to install interpreter file ./file0 [ 105.983754][T10254] loop0: detected capacity change from 0 to 1024 [ 105.997366][T10253] sctp: [Deprecated]: syz.5.2972 (pid 10253) Use of struct sctp_assoc_value in delayed_ack socket option. [ 105.997366][T10253] Use struct sctp_sack_info instead [ 106.029325][T10254] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 106.049582][T10254] ext4 filesystem being mounted at /554/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 106.180801][T10280] loop4: detected capacity change from 0 to 1024 [ 106.187457][T10278] ALSA: seq fatal error: cannot create timer (-19) [ 106.202092][ T2959] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 106.209631][ T2959] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 106.217126][ T2959] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 106.225579][ T2959] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 106.233083][ T2959] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 106.240702][ T2959] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 106.242080][ T9347] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm kworker/u8:41: bg 0: block 393: padding at end of block bitmap is not set [ 106.248215][ T2959] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 106.248319][ T2959] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 106.248344][ T2959] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 106.248369][ T2959] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 106.248393][ T2959] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 106.248419][ T2959] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 106.248518][ T2959] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 106.251247][ T2959] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 106.283569][ T9347] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 2035 with error 117 [ 106.286355][ T2959] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 106.293232][ T9347] EXT4-fs (loop0): This should not happen!! Data will be lost [ 106.293232][ T9347] [ 106.342693][ T3316] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 106.343515][ T2959] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 106.369672][ T2959] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 106.377097][ T2959] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 106.384497][ T2959] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 106.387196][T10280] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 106.391915][ T2959] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 106.411414][ T2959] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 106.418911][ T2959] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 106.426333][ T2959] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 106.433846][ T2959] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 106.441554][ T2959] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 106.448981][ T2959] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 106.456510][ T2959] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 106.463943][ T2959] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 106.493875][ T3312] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 106.505305][ T2959] hid-generic 0000:0000:0000.0003: hidraw0: HID v0.00 Device [syz0] on syz1 [ 106.807394][T10327] syzkaller1: entered promiscuous mode [ 106.813008][T10327] syzkaller1: entered allmulticast mode [ 106.971136][T10347] loop3: detected capacity change from 0 to 1024 [ 106.978646][T10347] EXT4-fs: inline encryption not supported [ 107.038630][T10356] loop1: detected capacity change from 0 to 512 [ 107.051098][T10356] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 107.070114][T10356] EXT4-fs (loop1): 1 orphan inode deleted [ 107.075941][T10356] EXT4-fs (loop1): 1 truncate cleaned up [ 107.083267][T10356] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 107.112885][T10356] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters [ 107.149877][ T3306] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 107.234601][T10370] geneve2: entered promiscuous mode [ 107.239937][T10370] geneve2: entered allmulticast mode [ 107.279421][T10382] netlink: 36 bytes leftover after parsing attributes in process `syz.1.3030'. [ 107.313022][T10384] program syz.3.3031 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 107.551521][T10424] loop5: detected capacity change from 0 to 764 [ 107.560568][T10430] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3053'. [ 107.584282][T10430] (unnamed net_device) (uninitialized): Invalid ad_actor_system MAC address. [ 107.593346][T10430] (unnamed net_device) (uninitialized): option ad_actor_system: invalid value (133) [ 107.616928][T10424] Symlink component flag not implemented [ 107.623372][T10424] Symlink component flag not implemented (116) [ 107.741189][T10455] loop5: detected capacity change from 0 to 512 [ 107.794655][T10455] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.3065: bg 0: block 248: padding at end of block bitmap is not set [ 107.814603][T10455] EXT4-fs error (device loop5): ext4_acquire_dquot:6933: comm syz.5.3065: Failed to acquire dquot type 1 [ 107.846243][T10455] EXT4-fs (loop5): 1 truncate cleaned up [ 107.865810][T10455] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 107.884640][T10455] ext4 filesystem being mounted at /99/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 107.913383][T10455] EXT4-fs error (device loop5): ext4_lookup:1791: inode #2: comm syz.5.3065: deleted inode referenced: 12 [ 107.984981][ T8568] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 108.045307][T10494] geneve2: entered promiscuous mode [ 108.050768][T10494] geneve2: entered allmulticast mode [ 108.113551][T10499] bridge1: entered promiscuous mode [ 108.114650][T10501] loop5: detected capacity change from 0 to 512 [ 108.118783][T10499] bridge1: entered allmulticast mode [ 108.132055][T10501] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 108.145080][T10501] EXT4-fs (loop5): 1 orphan inode deleted [ 108.152848][T10501] EXT4-fs (loop5): 1 truncate cleaned up [ 108.164475][T10501] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 108.184443][T10501] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters [ 108.200958][T10507] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3086'. [ 108.222938][ T8568] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 108.304162][ T29] kauditd_printk_skb: 242 callbacks suppressed [ 108.304176][ T29] audit: type=1326 audit(1752174370.362:3584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10520 comm="syz.1.3092" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff82863e929 code=0x7ffc0000 [ 108.334929][ T29] audit: type=1326 audit(1752174370.362:3585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10520 comm="syz.1.3092" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff82863e929 code=0x7ffc0000 [ 108.358753][ T29] audit: type=1326 audit(1752174370.362:3586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10520 comm="syz.1.3092" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff82863e929 code=0x7ffc0000 [ 108.383234][ T29] audit: type=1326 audit(1752174370.362:3587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10520 comm="syz.1.3092" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff82863e929 code=0x7ffc0000 [ 108.406881][ T29] audit: type=1326 audit(1752174370.362:3588): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10520 comm="syz.1.3092" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff82863e929 code=0x7ffc0000 [ 108.444116][ T29] audit: type=1326 audit(1752174370.362:3589): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10520 comm="syz.1.3092" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff82863e929 code=0x7ffc0000 [ 108.468494][ T29] audit: type=1326 audit(1752174370.362:3590): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10520 comm="syz.1.3092" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff82863e929 code=0x7ffc0000 [ 108.492105][ T29] audit: type=1326 audit(1752174370.362:3591): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10520 comm="syz.1.3092" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff82863e929 code=0x7ffc0000 [ 108.516260][ T29] audit: type=1326 audit(1752174370.493:3592): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10520 comm="syz.1.3092" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff82863e929 code=0x7ffc0000 [ 108.539811][ T29] audit: type=1326 audit(1752174370.493:3593): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10520 comm="syz.1.3092" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff82863e929 code=0x7ffc0000 [ 108.592331][T10523] loop5: detected capacity change from 0 to 512 [ 108.615741][T10523] journal_path: Non-blockdev passed as './file0/../file0' [ 108.623639][T10523] EXT4-fs: error: could not find journal device path [ 108.909390][T10553] sctp: [Deprecated]: syz.3.3107 (pid 10553) Use of struct sctp_assoc_value in delayed_ack socket option. [ 108.909390][T10553] Use struct sctp_sack_info instead [ 109.051579][T10568] SELinux: failed to load policy [ 109.291337][T10594] dummy0: entered promiscuous mode [ 109.303821][T10594] dummy0: left promiscuous mode [ 109.481578][T10608] loop0: detected capacity change from 0 to 1024 [ 109.502181][T10608] EXT4-fs: Ignoring removed mblk_io_submit option [ 109.522600][T10608] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 109.540424][T10608] EXT4-fs (loop0): shut down requested (2) [ 109.566979][ T3316] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 109.741851][T10633] loop1: detected capacity change from 0 to 2048 [ 109.768439][T10633] EXT4-fs: Ignoring removed mblk_io_submit option [ 109.815881][T10633] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 109.875541][T10633] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.3143: bg 0: block 234: padding at end of block bitmap is not set [ 109.947879][T10633] EXT4-fs (loop1): Remounting filesystem read-only [ 109.979531][ T3306] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 110.251604][T10698] loop1: detected capacity change from 0 to 1024 [ 110.374139][T10707] futex_wake_op: syz.0.3176 tries to shift op by -1; fix this program [ 110.384475][T10698] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 110.473657][T10698] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4113: comm syz.1.3173: Allocating blocks 385-513 which overlap fs metadata [ 110.570498][T10727] EXT4-fs (loop1): pa ffff888106abb310: logic 16, phys. 129, len 24 [ 110.578611][T10727] EXT4-fs error (device loop1): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 8 [ 110.579012][T10733] loop3: detected capacity change from 0 to 256 [ 110.625446][T10735] program syz.3.3188 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 110.663196][ T3306] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 110.708839][T10744] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=10744 comm=syz.1.3190 [ 110.872392][T10762] infiniband syz!: set down [ 110.877027][T10762] infiniband syz!: added team_slave_0 [ 110.953688][T10762] RDS/IB: syz!: added [ 110.957728][T10762] smc: adding ib device syz! with port count 1 [ 110.974292][T10762] smc: ib device syz! port 1 has pnetid [ 111.026590][T10788] futex_wake_op: syz.4.3214 tries to shift op by -1; fix this program [ 111.054286][T10789] __nla_validate_parse: 3 callbacks suppressed [ 111.054302][T10789] netlink: 132 bytes leftover after parsing attributes in process `syz.0.3211'. [ 111.292146][T10817] usb usb1: usbfs: interface 0 claimed by hub while 'syz.0.3228' sets config #0 [ 111.348379][T10827] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3232'. [ 111.424833][T10841] loop5: detected capacity change from 0 to 512 [ 111.440249][T10841] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a842c11d, mo2=0002] [ 111.448344][T10841] System zones: 1-12 [ 111.452561][T10841] EXT4-fs error (device loop5): ext4_iget_extra_inode:5035: inode #15: comm syz.5.3236: corrupted in-inode xattr: e_value size too large [ 111.467711][T10841] EXT4-fs error (device loop5): ext4_orphan_get:1398: comm syz.5.3236: couldn't read orphan inode 15 (err -117) [ 111.480511][T10841] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 111.511535][ T8568] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 111.527736][T10845] loop0: detected capacity change from 0 to 512 [ 111.552320][T10845] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 111.588235][T10845] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 111.603593][T10845] ext4 filesystem being mounted at /606/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 111.619898][T10845] EXT4-fs error (device loop0): ext4_xattr_block_get:593: inode #15: comm syz.0.3237: corrupted xattr block 19: overlapping e_value [ 111.638624][T10845] SELinux: inode_doinit_use_xattr: getxattr returned 117 for dev=loop0 ino=15 [ 111.651620][T10871] loop1: detected capacity change from 0 to 512 [ 111.657003][T10845] EXT4-fs error (device loop0): ext4_xattr_block_get:593: inode #15: comm syz.0.3237: corrupted xattr block 19: overlapping e_value [ 111.662542][T10871] EXT4-fs: Ignoring removed oldalloc option [ 111.679228][T10845] SELinux: inode_doinit_use_xattr: getxattr returned 117 for dev=loop0 ino=15 [ 111.689569][T10871] EXT4-fs error (device loop1): ext4_xattr_inode_iget:433: comm syz.1.3242: Parent and EA inode have the same ino 15 [ 111.699262][T10845] EXT4-fs error (device loop0): ext4_xattr_block_get:593: inode #15: comm syz.0.3237: corrupted xattr block 19: overlapping e_value [ 111.716956][T10871] EXT4-fs (loop1): 1 orphan inode deleted [ 111.724249][T10871] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 111.727534][T10845] EXT4-fs error (device loop0): ext4_xattr_block_get:593: inode #15: comm syz.0.3237: corrupted xattr block 19: overlapping e_value [ 111.774971][ T3306] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 111.776257][T10845] SELinux: inode_doinit_use_xattr: getxattr returned 117 for dev=loop0 ino=15 [ 111.866476][ T3316] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 111.984399][T10919] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(6) [ 111.991024][T10919] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 111.998832][T10919] vhci_hcd vhci_hcd.0: Device attached [ 112.013495][T10920] vhci_hcd: connection closed [ 112.013617][ T9350] vhci_hcd: stop threads [ 112.022662][ T9350] vhci_hcd: release socket [ 112.027162][ T9350] vhci_hcd: disconnect device [ 112.347176][T10990] loop3: detected capacity change from 0 to 764 [ 112.368547][T10990] Symlink component flag not implemented [ 112.374348][T10990] Symlink component flag not implemented [ 112.385547][T10990] Symlink component flag not implemented (129) [ 112.391818][T10990] Symlink component flag not implemented (6) [ 112.488704][T11010] loop4: detected capacity change from 0 to 512 [ 112.504232][T11010] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.3274: bg 0: block 248: padding at end of block bitmap is not set [ 112.545792][T11010] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.3274: Failed to acquire dquot type 1 [ 112.564498][T11016] loop3: detected capacity change from 0 to 512 [ 112.597872][T11010] EXT4-fs (loop4): 1 truncate cleaned up [ 112.622673][T11010] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 112.637489][T11010] ext4 filesystem being mounted at /665/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 112.660413][T11010] EXT4-fs error (device loop4): ext4_lookup:1791: inode #2: comm syz.4.3274: deleted inode referenced: 12 [ 112.719142][T11039] netlink: 'syz.0.3286': attribute type 13 has an invalid length. [ 112.728279][ T3312] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 112.737611][T11039] gretap0: refused to change device tx_queue_len [ 112.752137][T11039] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check. [ 112.779421][T11045] IPv6: Can't replace route, no match found [ 112.867252][T11058] rdma_rxe: rxe_newlink: failed to add team_slave_0 [ 112.889545][T11063] loop4: detected capacity change from 0 to 512 [ 112.917066][T11063] EXT4-fs: Ignoring removed oldalloc option [ 112.923761][T11067] openvswitch: netlink: Message has 6 unknown bytes. [ 112.943078][T11063] EXT4-fs error (device loop4): ext4_xattr_inode_iget:433: comm syz.4.3299: Parent and EA inode have the same ino 15 [ 112.967202][T11063] EXT4-fs (loop4): 1 orphan inode deleted [ 112.976823][T11076] netlink: 12 bytes leftover after parsing attributes in process `syz.5.3305'. [ 112.981324][T11063] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 113.011074][T11082] syzkaller1: entered promiscuous mode [ 113.016613][T11082] syzkaller1: entered allmulticast mode [ 113.031724][ T3312] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 113.093822][T11090] rdma_rxe: rxe_newlink: failed to add team_slave_0 [ 113.105009][T11092] gre0: Master is either lo or non-ether device [ 113.166773][T11100] loop3: detected capacity change from 0 to 1024 [ 113.242851][T11109] loop0: detected capacity change from 0 to 512 [ 113.258262][T11109] EXT4-fs: Ignoring removed oldalloc option [ 113.284782][T11109] EXT4-fs error (device loop0): ext4_xattr_inode_iget:433: comm syz.0.3320: Parent and EA inode have the same ino 15 [ 113.311916][T11109] EXT4-fs (loop0): 1 orphan inode deleted [ 113.321902][T11118] openvswitch: netlink: Message has 6 unknown bytes. [ 113.341130][T11109] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 113.436105][ T3316] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 113.480727][T11128] netlink: 'syz.1.3331': attribute type 30 has an invalid length. [ 113.791238][ T29] kauditd_printk_skb: 224 callbacks suppressed [ 113.791277][ T29] audit: type=1400 audit(1752174375.488:3816): avc: denied { read } for pid=11162 comm="syz.0.3347" name="autofs" dev="devtmpfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1 [ 113.889071][T11169] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3351'. [ 113.947714][ T29] audit: type=1400 audit(1752174375.488:3817): avc: denied { open } for pid=11162 comm="syz.0.3347" path="/dev/autofs" dev="devtmpfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1 [ 113.971570][ T29] audit: type=1400 audit(1752174375.488:3818): avc: denied { ioctl } for pid=11162 comm="syz.0.3347" path="/dev/autofs" dev="devtmpfs" ino=91 ioctlcmd=0x9374 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1 [ 114.055796][ T29] audit: type=1326 audit(1752174375.740:3819): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11178 comm="syz.0.3355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f16e87be929 code=0x7ffc0000 [ 114.082436][ T29] audit: type=1326 audit(1752174375.759:3820): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11178 comm="syz.0.3355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f16e87be929 code=0x7ffc0000 [ 114.106196][ T29] audit: type=1326 audit(1752174375.759:3821): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11178 comm="syz.0.3355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f16e87be929 code=0x7ffc0000 [ 114.129733][ T29] audit: type=1326 audit(1752174375.759:3822): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11178 comm="syz.0.3355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f16e87be929 code=0x7ffc0000 [ 114.158111][T11181] loop5: detected capacity change from 0 to 512 [ 114.169853][T11181] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 114.184227][T11181] EXT4-fs (loop5): 1 truncate cleaned up [ 114.188081][ T29] audit: type=1326 audit(1752174375.759:3823): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11178 comm="syz.0.3355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f16e87be929 code=0x7ffc0000 [ 114.190408][T11181] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 114.213496][ T29] audit: type=1326 audit(1752174375.759:3824): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11178 comm="syz.0.3355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f16e87be929 code=0x7ffc0000 [ 114.213528][ T29] audit: type=1326 audit(1752174375.759:3825): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11178 comm="syz.0.3355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f16e87be929 code=0x7ffc0000 [ 114.327317][ T8568] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 114.566875][T11215] bond1: entered promiscuous mode [ 114.572225][T11215] bond1: entered allmulticast mode [ 114.666997][T11223] x_tables: duplicate underflow at hook 2 [ 114.684877][T11215] 8021q: adding VLAN 0 to HW filter on device bond1 [ 114.795471][T11215] bond1 (unregistering): Released all slaves [ 114.863257][T11231] loop3: detected capacity change from 0 to 1024 [ 114.889648][T11231] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 114.900707][T11231] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 114.955964][T11231] JBD2: no valid journal superblock found [ 114.961831][T11231] EXT4-fs (loop3): Could not load journal inode [ 115.065963][T11244] netlink: 132 bytes leftover after parsing attributes in process `syz.5.3384'. [ 115.135846][T11249] loop5: detected capacity change from 0 to 1024 [ 115.176128][T11249] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 115.225593][T11249] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:4113: comm syz.5.3386: Allocating blocks 385-513 which overlap fs metadata [ 115.258527][T11249] EXT4-fs (loop5): pa ffff888106abb3f0: logic 16, phys. 129, len 24 [ 115.266662][T11249] EXT4-fs error (device loop5): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 8 [ 115.309481][ T8568] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 115.335771][T11265] loop5: detected capacity change from 0 to 256 [ 115.384791][T11269] loop5: detected capacity change from 0 to 128 [ 115.393587][T11269] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000100) [ 115.401488][T11269] FAT-fs (loop5): Filesystem has been set read-only [ 115.409213][T11269] syz.5.3395: attempt to access beyond end of device [ 115.409213][T11269] loop5: rw=524288, sector=2065, nr_sectors = 8 limit=128 [ 115.429251][T11269] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000100) [ 115.437264][T11269] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000100) [ 115.446739][T11269] syz.5.3395: attempt to access beyond end of device [ 115.446739][T11269] loop5: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 115.461614][T11272] syz.5.3395: attempt to access beyond end of device [ 115.461614][T11272] loop5: rw=0, sector=2065, nr_sectors = 1 limit=128 [ 115.474908][T11272] Buffer I/O error on dev loop5, logical block 2065, async page read [ 115.483357][T11272] syz.5.3395: attempt to access beyond end of device [ 115.483357][T11272] loop5: rw=0, sector=2066, nr_sectors = 1 limit=128 [ 115.496702][T11272] Buffer I/O error on dev loop5, logical block 2066, async page read [ 115.506369][T11272] syz.5.3395: attempt to access beyond end of device [ 115.506369][T11272] loop5: rw=0, sector=2067, nr_sectors = 1 limit=128 [ 115.519719][T11272] Buffer I/O error on dev loop5, logical block 2067, async page read [ 115.528606][T11272] syz.5.3395: attempt to access beyond end of device [ 115.528606][T11272] loop5: rw=0, sector=2068, nr_sectors = 1 limit=128 [ 115.541972][T11272] Buffer I/O error on dev loop5, logical block 2068, async page read [ 115.551708][T11272] syz.5.3395: attempt to access beyond end of device [ 115.551708][T11272] loop5: rw=0, sector=2069, nr_sectors = 1 limit=128 [ 115.565693][T11272] Buffer I/O error on dev loop5, logical block 2069, async page read [ 115.602993][T11272] syz.5.3395: attempt to access beyond end of device [ 115.602993][T11272] loop5: rw=0, sector=2070, nr_sectors = 1 limit=128 [ 115.616326][T11272] Buffer I/O error on dev loop5, logical block 2070, async page read [ 115.626150][T11272] syz.5.3395: attempt to access beyond end of device [ 115.626150][T11272] loop5: rw=0, sector=2071, nr_sectors = 1 limit=128 [ 115.639566][T11272] Buffer I/O error on dev loop5, logical block 2071, async page read [ 115.653494][T11280] loop0: detected capacity change from 0 to 1024 [ 115.661342][T11280] EXT4-fs: inline encryption not supported [ 115.667392][T11280] EXT4-fs: Ignoring removed i_version option [ 115.673463][T11272] syz.5.3395: attempt to access beyond end of device [ 115.673463][T11272] loop5: rw=0, sector=2072, nr_sectors = 1 limit=128 [ 115.686712][T11272] Buffer I/O error on dev loop5, logical block 2072, async page read [ 115.695457][T11269] Buffer I/O error on dev loop5, logical block 2065, async page read [ 115.705577][T11280] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 115.718197][T11269] Buffer I/O error on dev loop5, logical block 2066, async page read [ 115.740522][T11280] EXT4-fs error (device loop0): ext4_map_blocks:816: inode #3: block 1: comm syz.0.3400: lblock 1 mapped to illegal pblock 1 (length 1) [ 115.767483][T11280] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.3400: Failed to acquire dquot type 0 [ 115.950806][T11280] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz.0.3400: Freeing blocks not in datazone - block = 0, count = 4096 [ 115.965996][T11280] EXT4-fs error (device loop0): ext4_read_inode_bitmap:139: comm syz.0.3400: Invalid inode bitmap blk 0 in block_group 0 [ 115.979768][ T9347] EXT4-fs error (device loop0): ext4_map_blocks:780: inode #3: block 1: comm kworker/u8:41: lblock 1 mapped to illegal pblock 1 (length 1) [ 116.003060][T11285] loop4: detected capacity change from 0 to 8192 [ 116.014339][ T9347] EXT4-fs error (device loop0): ext4_release_dquot:6969: comm kworker/u8:41: Failed to release dquot type 0 [ 116.025972][T11280] EXT4-fs error (device loop0) in ext4_free_inode:361: Corrupt filesystem [ 116.034813][T11280] EXT4-fs (loop0): 1 orphan inode deleted [ 116.043058][T11280] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 116.113763][T11280] EXT4-fs error (device loop0): ext4_readdir:264: inode #2: block 16: comm syz.0.3400: path /645/file0: bad entry in directory: inode out of bounds - offset=44, inode=40, rec_len=16, size=1024 fake=0 [ 116.174202][ T3316] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 116.289263][ T2959] hid-generic 0000:3000000:0000.0004: unknown main item tag 0x4 [ 116.296980][ T2959] hid-generic 0000:3000000:0000.0004: unknown main item tag 0x2 [ 116.307982][ T2959] hid-generic 0000:3000000:0000.0004: unknown main item tag 0x0 [ 116.315661][ T2959] hid-generic 0000:3000000:0000.0004: unknown main item tag 0x0 [ 116.323426][ T2959] hid-generic 0000:3000000:0000.0004: unknown main item tag 0x0 [ 116.331127][ T2959] hid-generic 0000:3000000:0000.0004: unknown main item tag 0x0 [ 116.338855][ T2959] hid-generic 0000:3000000:0000.0004: unknown main item tag 0x0 [ 116.346683][ T2959] hid-generic 0000:3000000:0000.0004: unknown main item tag 0x0 [ 116.354466][ T2959] hid-generic 0000:3000000:0000.0004: unknown main item tag 0x0 [ 116.362186][ T2959] hid-generic 0000:3000000:0000.0004: unknown main item tag 0x0 [ 116.369890][ T2959] hid-generic 0000:3000000:0000.0004: unknown main item tag 0x0 [ 116.377555][ T2959] hid-generic 0000:3000000:0000.0004: unknown main item tag 0x0 [ 116.385329][ T2959] hid-generic 0000:3000000:0000.0004: unknown main item tag 0x0 [ 116.393056][ T2959] hid-generic 0000:3000000:0000.0004: unknown main item tag 0x0 [ 116.400785][ T2959] hid-generic 0000:3000000:0000.0004: unknown main item tag 0x0 [ 116.408549][ T2959] hid-generic 0000:3000000:0000.0004: unknown main item tag 0x0 [ 116.430438][ T2959] hid-generic 0000:3000000:0000.0004: hidraw0: HID v0.00 Device [sy] on syz0 [ 116.540266][T11305] hub 6-0:1.0: USB hub found [ 116.553334][T11305] hub 6-0:1.0: 8 ports detected [ 116.560803][T11311] loop0: detected capacity change from 0 to 1024 [ 116.605453][T11311] EXT4-fs: Ignoring removed nomblk_io_submit option [ 116.632463][T11311] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 116.749351][ T3316] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 116.803094][T11339] SELinux: syz.0.3425 (11339) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace. [ 116.928846][T11360] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3436'. [ 116.937936][T11360] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3436'. [ 117.001501][T11369] 9pnet: Could not find request transport: M [ 117.101629][T11384] netlink: 'syz.3.3447': attribute type 10 has an invalid length. [ 117.109692][T11384] netlink: 40 bytes leftover after parsing attributes in process `syz.3.3447'. [ 117.144320][T11384] dummy0: entered promiscuous mode [ 117.150398][T11384] bridge0: port 3(dummy0) entered blocking state [ 117.156897][T11384] bridge0: port 3(dummy0) entered disabled state [ 117.157412][T11391] loop0: detected capacity change from 0 to 128 [ 117.184552][T11391] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback. [ 117.195746][T11384] dummy0: entered allmulticast mode [ 117.203224][T11384] bridge0: port 3(dummy0) entered blocking state [ 117.205543][T11391] ext4 filesystem being mounted at /657/file0/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 117.209641][T11384] bridge0: port 3(dummy0) entered forwarding state [ 117.279858][T11398] loop3: detected capacity change from 0 to 512 [ 117.289657][T11400] loop5: detected capacity change from 0 to 128 [ 117.301899][ T3316] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 117.322923][T11400] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000100) [ 117.331475][T11400] FAT-fs (loop5): Filesystem has been set read-only [ 117.353428][T11400] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000100) [ 117.361965][T11400] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000100) [ 117.429772][T11407] netlink: 'syz.5.3457': attribute type 6 has an invalid length. [ 117.481901][T11414] loop4: detected capacity change from 0 to 512 [ 117.510066][T11414] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 117.527628][T11414] EXT4-fs (loop4): 1 truncate cleaned up [ 117.533776][T11414] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 117.589735][ T3312] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 117.628231][T11428] SELinux: policydb version 555861952 does not match my version range 15-34 [ 117.638548][T11428] SELinux: failed to load policy [ 117.951573][T11453] netlink: 16 bytes leftover after parsing attributes in process `syz.4.3477'. [ 118.023437][T11460] loop4: detected capacity change from 0 to 512 [ 118.024731][T11461] loop0: detected capacity change from 0 to 1024 [ 118.040868][T11460] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 118.050889][T11461] EXT4-fs: Ignoring removed oldalloc option [ 118.056979][T11461] EXT4-fs: Ignoring removed orlov option [ 118.073710][T11461] EXT4-fs (loop0): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 118.085196][T11460] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 118.110347][T11461] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 118.113089][T11460] ext4 filesystem being mounted at /712/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 118.204351][T11461] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4113: comm syz.0.3481: Allocating blocks 497-513 which overlap fs metadata [ 118.304328][ T3312] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 118.365678][ T3316] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 118.382259][T11485] netlink: 176 bytes leftover after parsing attributes in process `syz.5.3487'. [ 118.481232][T11492] netem: change failed [ 118.799598][T11512] netlink: 76 bytes leftover after parsing attributes in process `syz.4.3503'. [ 119.038714][T11519] loop4: detected capacity change from 0 to 512 [ 119.057875][T11519] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 119.070785][T11519] EXT4-fs (loop4): failed to initialize system zone (-117) [ 119.078327][T11519] EXT4-fs (loop4): mount failed [ 119.170476][ T29] kauditd_printk_skb: 179 callbacks suppressed [ 119.170494][ T29] audit: type=1400 audit(1752174380.455:4002): avc: denied { create } for pid=11521 comm="syz.1.3507" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1 [ 119.197113][ T29] audit: type=1400 audit(1752174380.455:4003): avc: denied { connect } for pid=11521 comm="syz.1.3507" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1 [ 119.249510][T11479] Set syz1 is full, maxelem 65536 reached [ 119.356550][ T29] audit: type=1400 audit(1752174380.688:4004): avc: denied { create } for pid=11527 comm="syz.5.3510" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1 [ 119.376380][ T29] audit: type=1400 audit(1752174380.688:4005): avc: denied { write } for pid=11527 comm="syz.5.3510" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1 [ 119.422691][ T29] audit: type=1400 audit(1752174380.745:4006): avc: denied { mounton } for pid=11532 comm="syz.0.3511" path="/672/file1" dev="tmpfs" ino=3473 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 119.445568][ T29] audit: type=1400 audit(1752174380.745:4007): avc: denied { mount } for pid=11532 comm="syz.0.3511" name="/" dev="ramfs" ino=30551 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1 [ 119.476350][ T29] audit: type=1400 audit(1752174380.810:4008): avc: denied { read write } for pid=11536 comm="syz.1.3515" name="rdma_cm" dev="devtmpfs" ino=252 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:infiniband_device_t tclass=chr_file permissive=1 [ 119.501362][ T29] audit: type=1400 audit(1752174380.810:4009): avc: denied { open } for pid=11536 comm="syz.1.3515" path="/dev/infiniband/rdma_cm" dev="devtmpfs" ino=252 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:infiniband_device_t tclass=chr_file permissive=1 [ 119.527275][ T29] audit: type=1326 audit(1752174380.810:4010): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11536 comm="syz.1.3515" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff82863e929 code=0x0 [ 119.578049][T11540] loop0: detected capacity change from 0 to 128 [ 119.598770][ T29] audit: type=1400 audit(1752174380.913:4011): avc: denied { execmem } for pid=11546 comm="syz.5.3519" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 119.790144][T11558] netlink: 268 bytes leftover after parsing attributes in process `syz.0.3524'. [ 119.917186][T11569] loop3: detected capacity change from 0 to 512 [ 119.924884][T11569] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22 [ 119.934683][T11572] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3531'. [ 119.939405][T11574] loop5: detected capacity change from 0 to 512 [ 119.943613][T11572] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3531'. [ 119.961792][T11574] EXT4-fs: quotafile must be on filesystem root [ 119.974394][T11572] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 119.983243][T11572] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 119.991974][T11572] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 120.000783][T11572] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 120.025720][T11576] SELinux: ebitmap: truncated map [ 120.032045][T11576] SELinux: failed to load policy [ 120.080848][T11587] syz_tun: entered promiscuous mode [ 120.086191][T11587] macsec1: entered promiscuous mode [ 120.091577][T11587] macsec1: entered allmulticast mode [ 120.096990][T11587] syz_tun: entered allmulticast mode [ 120.113585][T11587] syz_tun: left allmulticast mode [ 120.118833][T11587] syz_tun: left promiscuous mode [ 120.151985][T11595] netlink: 76 bytes leftover after parsing attributes in process `syz.5.3542'. [ 120.185882][T11603] program syz.3.3544 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 120.337004][T11631] loop0: detected capacity change from 0 to 1024 [ 120.347593][T11631] EXT4-fs: Ignoring removed oldalloc option [ 120.358193][T11631] EXT4-fs: Ignoring removed orlov option [ 120.364379][T11631] EXT4-fs (loop0): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 120.382617][T11631] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 120.411743][ T3316] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 120.910793][T11682] syz_tun: entered promiscuous mode [ 120.916742][T11682] macsec1: entered promiscuous mode [ 120.922215][T11682] macsec1: entered allmulticast mode [ 120.927626][T11682] syz_tun: entered allmulticast mode [ 120.934621][T11682] syz_tun: left allmulticast mode [ 120.939942][T11682] syz_tun: left promiscuous mode [ 121.270921][T11704] loop1: detected capacity change from 0 to 512 [ 121.287424][T11704] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22 [ 121.368612][T11713] serio: Serial port ptm0 [ 121.389668][T11717] vhci_hcd: default hub control req: 800f v0000 i0000 l31125 [ 121.399552][T11719] usb usb1: usbfs: interface 0 claimed by hub while 'syz.3.3594' sets config #0 [ 121.431831][T11723] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 121.440697][T11723] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 121.449442][T11723] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 121.458986][T11723] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 121.499812][T11731] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(6) [ 121.506376][T11731] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 121.513949][T11731] vhci_hcd vhci_hcd.0: Device attached [ 121.522230][T11734] vhci_hcd: connection closed [ 121.533664][ T9326] vhci_hcd: stop threads [ 121.542733][ T9326] vhci_hcd: release socket [ 121.548003][ T9326] vhci_hcd: disconnect device [ 121.640480][T11744] loop1: detected capacity change from 0 to 2048 [ 121.647356][T11744] EXT4-fs: Ignoring removed orlov option [ 121.674373][T11744] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 121.690639][T11750] random: crng reseeded on system resumption [ 121.708738][ T3306] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 121.766074][T11760] usb usb1: usbfs: interface 0 claimed by hub while 'syz.1.3610' sets config #0 [ 122.418045][T11796] SELinux: syz.4.3636 (11796) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace. [ 122.482014][T11801] syz_tun: entered promiscuous mode [ 122.488493][T11801] macsec1: entered promiscuous mode [ 122.493845][T11801] macsec1: entered allmulticast mode [ 122.499210][T11801] syz_tun: entered allmulticast mode [ 122.509237][T11801] syz_tun: left allmulticast mode [ 122.514484][T11801] syz_tun: left promiscuous mode [ 122.533257][T11803] loop4: detected capacity change from 0 to 512 [ 122.550564][T11805] loop0: detected capacity change from 0 to 512 [ 122.552017][T11803] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 122.566407][T11805] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a842c11d, mo2=0002] [ 122.574665][T11805] System zones: 1-12 [ 122.578818][T11805] EXT4-fs error (device loop0): ext4_iget_extra_inode:5035: inode #15: comm syz.0.3627: corrupted in-inode xattr: e_value size too large [ 122.595143][T11805] EXT4-fs error (device loop0): ext4_orphan_get:1398: comm syz.0.3627: couldn't read orphan inode 15 (err -117) [ 122.617060][T11803] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 122.638284][T11803] ext4 filesystem being mounted at /732/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 122.665911][T11805] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 122.694310][T11803] EXT4-fs error (device loop4): ext4_xattr_block_get:593: inode #15: comm syz.4.3626: corrupted xattr block 32: bad e_name length [ 122.714823][T11803] SELinux: inode_doinit_use_xattr: getxattr returned 117 for dev=loop4 ino=15 [ 122.726360][T11803] EXT4-fs error (device loop4): ext4_xattr_block_get:593: inode #15: comm syz.4.3626: corrupted xattr block 32: bad e_name length [ 122.753026][ T3316] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 122.764010][T11803] SELinux: inode_doinit_use_xattr: getxattr returned 117 for dev=loop4 ino=15 [ 122.775423][T11815] EXT4-fs error (device loop4): __ext4_new_inode:1279: comm syz.4.3626: failed to insert inode 16: doubly allocated? [ 122.790702][T11816] loop1: detected capacity change from 0 to 128 [ 122.821104][ T3312] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 122.840887][T11816] bio_check_eod: 47989 callbacks suppressed [ 122.840910][T11816] syz.1.3631: attempt to access beyond end of device [ 122.840910][T11816] loop1: rw=2049, sector=140, nr_sectors = 8 limit=128 [ 122.878632][T11816] syz.1.3631: attempt to access beyond end of device [ 122.878632][T11816] loop1: rw=2049, sector=156, nr_sectors = 1 limit=128 [ 122.892143][T11816] buffer_io_error: 47984 callbacks suppressed [ 122.892175][T11816] Buffer I/O error on dev loop1, logical block 156, lost async page write [ 122.906949][T11816] syz.1.3631: attempt to access beyond end of device [ 122.906949][T11816] loop1: rw=2049, sector=157, nr_sectors = 1 limit=128 [ 122.920408][T11816] Buffer I/O error on dev loop1, logical block 157, lost async page write [ 122.929123][T11816] syz.1.3631: attempt to access beyond end of device [ 122.929123][T11816] loop1: rw=2049, sector=158, nr_sectors = 1 limit=128 [ 122.942605][T11816] Buffer I/O error on dev loop1, logical block 158, lost async page write [ 122.951326][T11816] syz.1.3631: attempt to access beyond end of device [ 122.951326][T11816] loop1: rw=2049, sector=159, nr_sectors = 1 limit=128 [ 122.964775][T11816] Buffer I/O error on dev loop1, logical block 159, lost async page write [ 122.988893][T11816] syz.1.3631: attempt to access beyond end of device [ 122.988893][T11816] loop1: rw=2049, sector=160, nr_sectors = 1 limit=128 [ 123.002384][T11816] Buffer I/O error on dev loop1, logical block 160, lost async page write [ 123.017747][T11816] syz.1.3631: attempt to access beyond end of device [ 123.017747][T11816] loop1: rw=2049, sector=161, nr_sectors = 1 limit=128 [ 123.031266][T11816] Buffer I/O error on dev loop1, logical block 161, lost async page write [ 123.047722][T11829] loop4: detected capacity change from 0 to 764 [ 123.058029][T11816] syz.1.3631: attempt to access beyond end of device [ 123.058029][T11816] loop1: rw=2049, sector=132, nr_sectors = 1 limit=128 [ 123.071515][T11816] Buffer I/O error on dev loop1, logical block 132, lost async page write [ 123.087817][T11816] syz.1.3631: attempt to access beyond end of device [ 123.087817][T11816] loop1: rw=2049, sector=133, nr_sectors = 1 limit=128 [ 123.101306][T11816] Buffer I/O error on dev loop1, logical block 133, lost async page write [ 123.101822][T11816] syz.1.3631: attempt to access beyond end of device [ 123.101822][T11816] loop1: rw=2049, sector=150, nr_sectors = 1 limit=128 [ 123.124044][T11816] Buffer I/O error on dev loop1, logical block 150, lost async page write [ 123.128607][T11829] Symlink component flag not implemented [ 123.134244][T11816] Buffer I/O error on dev loop1, logical block 151, lost async page write [ 123.138253][T11829] Symlink component flag not implemented [ 123.160679][T11829] Symlink component flag not implemented (129) [ 123.166974][T11829] Symlink component flag not implemented (6) [ 123.248066][T11843] serio: Serial port ptm0 [ 123.486999][T11868] netlink: 'syz.4.3658': attribute type 13 has an invalid length. [ 123.508414][T11868] gretap0: refused to change device tx_queue_len [ 123.523729][T11868] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check. [ 123.935421][ C0] ================================================================== [ 123.943563][ C0] BUG: KCSAN: data-race in can_can_gw_rcv / can_can_gw_rcv [ 123.950792][ C0] [ 123.953133][ C0] read-write to 0xffff888129e33020 of 4 bytes by interrupt on cpu 1: [ 123.961213][ C0] can_can_gw_rcv+0x807/0x820 [ 123.965926][ C0] can_rcv_filter+0xc4/0x4f0 [ 123.970556][ C0] can_receive+0x163/0x1c0 [ 123.975003][ C0] can_rcv+0xed/0x190 [ 123.979011][ C0] __netif_receive_skb+0x120/0x270 [ 123.984163][ C0] process_backlog+0x229/0x420 [ 123.988952][ C0] __napi_poll+0x63/0x3a0 [ 123.993311][ C0] net_rx_action+0x391/0x830 [ 123.997940][ C0] handle_softirqs+0xb7/0x290 [ 124.002644][ C0] run_ksoftirqd+0x1c/0x30 [ 124.007090][ C0] smpboot_thread_fn+0x328/0x530 [ 124.012062][ C0] kthread+0x489/0x510 [ 124.016154][ C0] ret_from_fork+0xda/0x150 [ 124.020680][ C0] ret_from_fork_asm+0x1a/0x30 [ 124.025459][ C0] [ 124.027793][ C0] read-write to 0xffff888129e33020 of 4 bytes by interrupt on cpu 0: [ 124.035872][ C0] can_can_gw_rcv+0x807/0x820 [ 124.040574][ C0] can_rcv_filter+0xc4/0x4f0 [ 124.045195][ C0] can_receive+0x163/0x1c0 [ 124.049640][ C0] can_rcv+0xed/0x190 [ 124.053655][ C0] __netif_receive_skb+0x120/0x270 [ 124.058787][ C0] process_backlog+0x229/0x420 [ 124.063580][ C0] __napi_poll+0x63/0x3a0 [ 124.067936][ C0] net_rx_action+0x391/0x830 [ 124.072560][ C0] handle_softirqs+0xb7/0x290 [ 124.077256][ C0] run_ksoftirqd+0x1c/0x30 [ 124.081712][ C0] smpboot_thread_fn+0x328/0x530 [ 124.086683][ C0] kthread+0x489/0x510 [ 124.090764][ C0] ret_from_fork+0xda/0x150 [ 124.095302][ C0] ret_from_fork_asm+0x1a/0x30 [ 124.100094][ C0] [ 124.102434][ C0] value changed: 0x00003749 -> 0x0000374b [ 124.108254][ C0] [ 124.110594][ C0] Reported by Kernel Concurrency Sanitizer on: [ 124.116758][ C0] CPU: 0 UID: 0 PID: 14 Comm: ksoftirqd/0 Not tainted 6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(voluntary) [ 124.129126][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 124.139223][ C0] ================================================================== [ 124.165424][ C1] ================================================================== [ 124.173642][ C1] BUG: KCSAN: data-race in can_rcv_filter / can_rcv_filter [ 124.180895][ C1] [ 124.183237][ C1] read-write to 0xffff888101450158 of 8 bytes by interrupt on cpu 0: [ 124.191350][ C1] can_rcv_filter+0xd9/0x4f0 [ 124.195973][ C1] can_receive+0x163/0x1c0 [ 124.200423][ C1] can_rcv+0xed/0x190 [ 124.204431][ C1] __netif_receive_skb+0x120/0x270 [ 124.209559][ C1] process_backlog+0x229/0x420 [ 124.214337][ C1] __napi_poll+0x63/0x3a0 [ 124.218682][ C1] net_rx_action+0x391/0x830 [ 124.223309][ C1] handle_softirqs+0xb7/0x290 [ 124.228017][ C1] do_softirq+0x5d/0x90 [ 124.232214][ C1] __local_bh_enable_ip+0x70/0x80 [ 124.237266][ C1] copy_fpstate_to_sigframe+0x311/0x7d0 [ 124.242854][ C1] get_sigframe+0x34d/0x490 [ 124.247380][ C1] x64_setup_rt_frame+0xa8/0x580 [ 124.252331][ C1] arch_do_signal_or_restart+0x27c/0x480 [ 124.257993][ C1] exit_to_user_mode_loop+0x7a/0x100 [ 124.263320][ C1] do_syscall_64+0x1d6/0x200 [ 124.267941][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 124.273865][ C1] [ 124.276201][ C1] read-write to 0xffff888101450158 of 8 bytes by interrupt on cpu 1: [ 124.284298][ C1] can_rcv_filter+0xd9/0x4f0 [ 124.288920][ C1] can_receive+0x163/0x1c0 [ 124.293358][ C1] can_rcv+0xed/0x190 [ 124.297375][ C1] __netif_receive_skb+0x120/0x270 [ 124.302518][ C1] process_backlog+0x229/0x420 [ 124.307328][ C1] __napi_poll+0x63/0x3a0 [ 124.311673][ C1] net_rx_action+0x391/0x830 [ 124.316286][ C1] handle_softirqs+0xb7/0x290 [ 124.320987][ C1] do_softirq+0x5d/0x90 [ 124.325204][ C1] __local_bh_enable_ip+0x70/0x80 [ 124.330361][ C1] _raw_spin_unlock_bh+0x36/0x40 [ 124.335337][ C1] batadv_nc_purge_paths+0x22b/0x270 [ 124.340660][ C1] batadv_nc_worker+0x3ff/0xae0 [ 124.345548][ C1] process_scheduled_works+0x4cb/0x9d0 [ 124.351139][ C1] worker_thread+0x582/0x770 [ 124.355776][ C1] kthread+0x489/0x510 [ 124.359869][ C1] ret_from_fork+0xda/0x150 [ 124.364390][ C1] ret_from_fork_asm+0x1a/0x30 [ 124.369184][ C1] [ 124.371551][ C1] value changed: 0x0000000000007c22 -> 0x0000000000007c23 [ 124.378676][ C1] [ 124.381013][ C1] Reported by Kernel Concurrency Sanitizer on: [ 124.387179][ C1] CPU: 1 UID: 0 PID: 51 Comm: kworker/u8:3 Not tainted 6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(voluntary) [ 124.399635][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 124.409712][ C1] Workqueue: bat_events batadv_nc_worker [ 124.415388][ C1] ================================================================== [ 127.188349][ C1] ================================================================== [ 127.196683][ C1] BUG: KCSAN: data-race in can_can_gw_rcv / can_can_gw_rcv [ 127.203914][ C1] [ 127.206270][ C1] read-write to 0xffff888129e33020 of 4 bytes by interrupt on cpu 0: [ 127.214355][ C1] can_can_gw_rcv+0x807/0x820 [ 127.219059][ C1] can_rcv_filter+0xc4/0x4f0 [ 127.223679][ C1] can_receive+0x163/0x1c0 [ 127.228135][ C1] can_rcv+0xed/0x190 [ 127.232172][ C1] __netif_receive_skb+0x120/0x270 [ 127.237322][ C1] process_backlog+0x229/0x420 [ 127.242110][ C1] __napi_poll+0x63/0x3a0 [ 127.246492][ C1] net_rx_action+0x391/0x830 [ 127.251113][ C1] handle_softirqs+0xb7/0x290 [ 127.255815][ C1] do_softirq+0x5d/0x90 [ 127.259995][ C1] __local_bh_enable_ip+0x70/0x80 [ 127.265064][ C1] _raw_spin_unlock_bh+0x36/0x40 [ 127.270036][ C1] lock_sock_nested+0x112/0x140 [ 127.274930][ C1] tcp_recvmsg+0x114/0x490 [ 127.279395][ C1] inet_recvmsg+0xb7/0x290 [ 127.283855][ C1] sock_recvmsg+0xf6/0x170 [ 127.288296][ C1] sock_read_iter+0x152/0x1a0 [ 127.293000][ C1] vfs_read+0x5ca/0x6f0 [ 127.297193][ C1] ksys_read+0xda/0x1a0 [ 127.301410][ C1] __x64_sys_read+0x40/0x50 [ 127.305955][ C1] x64_sys_call+0x2d77/0x2fb0 [ 127.310665][ C1] do_syscall_64+0xd2/0x200 [ 127.315196][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 127.321122][ C1] [ 127.323468][ C1] read-write to 0xffff888129e33020 of 4 bytes by interrupt on cpu 1: [ 127.331555][ C1] can_can_gw_rcv+0x807/0x820 [ 127.336406][ C1] can_rcv_filter+0xc4/0x4f0 [ 127.341086][ C1] can_receive+0x163/0x1c0 [ 127.345545][ C1] can_rcv+0xed/0x190 [ 127.349558][ C1] __netif_receive_skb+0x120/0x270 [ 127.354703][ C1] process_backlog+0x229/0x420 [ 127.359508][ C1] __napi_poll+0x63/0x3a0 [ 127.363857][ C1] net_rx_action+0x391/0x830 [ 127.368481][ C1] handle_softirqs+0xb7/0x290 [ 127.373190][ C1] do_softirq+0x5d/0x90 [ 127.377380][ C1] __local_bh_enable_ip+0x70/0x80 [ 127.382449][ C1] wg_timers_any_authenticated_packet_traversal+0xdd/0x100 [ 127.389681][ C1] wg_packet_handshake_send_worker+0xd8/0x160 [ 127.395796][ C1] process_scheduled_works+0x4cb/0x9d0 [ 127.401288][ C1] worker_thread+0x582/0x770 [ 127.405927][ C1] kthread+0x489/0x510 [ 127.410019][ C1] ret_from_fork+0xda/0x150 [ 127.414534][ C1] ret_from_fork_asm+0x1a/0x30 [ 127.419334][ C1] [ 127.421675][ C1] value changed: 0x000604eb -> 0x000604ec [ 127.427398][ C1] [ 127.429733][ C1] Reported by Kernel Concurrency Sanitizer on: [ 127.435898][ C1] CPU: 1 UID: 0 PID: 9347 Comm: kworker/u8:41 Not tainted 6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(voluntary) [ 127.448606][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 127.458686][ C1] Workqueue: wg-kex-wg2 wg_packet_handshake_send_worker [ 127.465683][ C1] ================================================================== [ 127.478422][ C0] ================================================================== [ 127.486536][ C0] BUG: KCSAN: data-race in can_rcv_filter / can_rcv_filter [ 127.493781][ C0] [ 127.496112][ C0] read-write to 0xffff888101450158 of 8 bytes by interrupt on cpu 1: [ 127.504197][ C0] can_rcv_filter+0xd9/0x4f0 [ 127.508891][ C0] can_receive+0x163/0x1c0 [ 127.513327][ C0] can_rcv+0xed/0x190 [ 127.517342][ C0] __netif_receive_skb+0x120/0x270 [ 127.522465][ C0] process_backlog+0x229/0x420 [ 127.527259][ C0] __napi_poll+0x63/0x3a0 [ 127.531594][ C0] net_rx_action+0x391/0x830 [ 127.536200][ C0] handle_softirqs+0xb7/0x290 [ 127.540905][ C0] run_ksoftirqd+0x1c/0x30 [ 127.545339][ C0] smpboot_thread_fn+0x328/0x530 [ 127.550300][ C0] kthread+0x489/0x510 [ 127.554381][ C0] ret_from_fork+0xda/0x150 [ 127.558913][ C0] ret_from_fork_asm+0x1a/0x30 [ 127.563707][ C0] [ 127.566046][ C0] read-write to 0xffff888101450158 of 8 bytes by interrupt on cpu 0: [ 127.574122][ C0] can_rcv_filter+0xd9/0x4f0 [ 127.578743][ C0] can_receive+0x163/0x1c0 [ 127.583192][ C0] can_rcv+0xed/0x190 [ 127.587196][ C0] __netif_receive_skb+0x120/0x270 [ 127.592317][ C0] process_backlog+0x229/0x420 [ 127.597100][ C0] __napi_poll+0x63/0x3a0 [ 127.601446][ C0] net_rx_action+0x391/0x830 [ 127.606048][ C0] handle_softirqs+0xb7/0x290 [ 127.610737][ C0] __irq_exit_rcu+0x3a/0xc0 [ 127.615247][ C0] sysvec_apic_timer_interrupt+0x74/0x80 [ 127.620894][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 127.626882][ C0] _raw_spin_unlock_irqrestore+0x3c/0x60 [ 127.632521][ C0] hrtimer_start_range_ns+0x6e3/0x740 [ 127.637908][ C0] j1939_tp_schedule_txtimer+0x68/0xa0 [ 127.643390][ C0] j1939_sk_sendmsg+0x991/0xc00 [ 127.648264][ C0] __sock_sendmsg+0x142/0x180 [ 127.652960][ C0] ____sys_sendmsg+0x345/0x4e0 [ 127.657750][ C0] ___sys_sendmsg+0x17b/0x1d0 [ 127.662448][ C0] __sys_sendmmsg+0x178/0x300 [ 127.667148][ C0] __x64_sys_sendmmsg+0x57/0x70 [ 127.672020][ C0] x64_sys_call+0x2f2f/0x2fb0 [ 127.676720][ C0] do_syscall_64+0xd2/0x200 [ 127.681233][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 127.687136][ C0] [ 127.689463][ C0] value changed: 0x0000000000064ca1 -> 0x0000000000064ca3 [ 127.696577][ C0] [ 127.698901][ C0] Reported by Kernel Concurrency Sanitizer on: [ 127.705055][ C0] CPU: 0 UID: 0 PID: 11886 Comm: syz.0.3667 Not tainted 6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(voluntary) [ 127.717565][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 127.727632][ C0] ================================================================== [ 130.437342][ C0] ================================================================== [ 130.445489][ C0] BUG: KCSAN: data-race in can_can_gw_rcv / can_can_gw_rcv [ 130.452729][ C0] [ 130.455067][ C0] read-write to 0xffff888129e33020 of 4 bytes by interrupt on cpu 1: [ 130.463158][ C0] can_can_gw_rcv+0x807/0x820 [ 130.467871][ C0] can_rcv_filter+0xc4/0x4f0 [ 130.472523][ C0] can_receive+0x163/0x1c0 [ 130.476987][ C0] can_rcv+0xed/0x190 [ 130.481007][ C0] __netif_receive_skb+0x120/0x270 [ 130.486142][ C0] process_backlog+0x229/0x420 [ 130.490937][ C0] __napi_poll+0x63/0x3a0 [ 130.495291][ C0] net_rx_action+0x391/0x830 [ 130.499908][ C0] handle_softirqs+0xb7/0x290 [ 130.504607][ C0] do_softirq+0x5d/0x90 [ 130.508786][ C0] __local_bh_enable_ip+0x70/0x80 [ 130.513842][ C0] _raw_spin_unlock_bh+0x36/0x40 [ 130.518820][ C0] batadv_forw_packet_steal+0xb9/0xd0 [ 130.524213][ C0] batadv_iv_send_outstanding_bat_ogm_packet+0x42b/0x470 [ 130.531274][ C0] process_scheduled_works+0x4cb/0x9d0 [ 130.536764][ C0] worker_thread+0x582/0x770 [ 130.541394][ C0] kthread+0x489/0x510 [ 130.545483][ C0] ret_from_fork+0xda/0x150 [ 130.550021][ C0] ret_from_fork_asm+0x1a/0x30 [ 130.554896][ C0] [ 130.557242][ C0] read-write to 0xffff888129e33020 of 4 bytes by interrupt on cpu 0: [ 130.565335][ C0] can_can_gw_rcv+0x807/0x820 [ 130.570058][ C0] can_rcv_filter+0xc4/0x4f0 [ 130.574680][ C0] can_receive+0x163/0x1c0 [ 130.579136][ C0] can_rcv+0xed/0x190 [ 130.583158][ C0] __netif_receive_skb+0x120/0x270 [ 130.588295][ C0] process_backlog+0x229/0x420 [ 130.593079][ C0] __napi_poll+0x63/0x3a0 [ 130.597531][ C0] net_rx_action+0x391/0x830 [ 130.602179][ C0] handle_softirqs+0xb7/0x290 [ 130.606895][ C0] do_softirq+0x5d/0x90 [ 130.611180][ C0] __local_bh_enable_ip+0x70/0x80 [ 130.616232][ C0] _raw_spin_unlock_bh+0x36/0x40 [ 130.621206][ C0] nsim_dev_trap_report_work+0x52b/0x630 [ 130.626870][ C0] process_scheduled_works+0x4cb/0x9d0 [ 130.632368][ C0] worker_thread+0x582/0x770 [ 130.636999][ C0] kthread+0x489/0x510 [ 130.641095][ C0] ret_from_fork+0xda/0x150 [ 130.645649][ C0] ret_from_fork_asm+0x1a/0x30 [ 130.650439][ C0] [ 130.652777][ C0] value changed: 0x000b7e0f -> 0x000b7e10 [ 130.658514][ C0] [ 130.660852][ C0] Reported by Kernel Concurrency Sanitizer on: [ 130.667018][ C0] CPU: 0 UID: 0 PID: 9315 Comm: kworker/u8:11 Not tainted 6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(voluntary) [ 130.679710][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 130.689789][ C0] Workqueue: events_unbound nsim_dev_trap_report_work [ 130.696580][ C0] ================================================================== [ 130.707133][ C0] ================================================================== [ 130.715263][ C0] BUG: KCSAN: data-race in can_rcv_filter / can_rcv_filter [ 130.722517][ C0] [ 130.724856][ C0] read-write to 0xffff888101450158 of 8 bytes by interrupt on cpu 1: [ 130.732948][ C0] can_rcv_filter+0xd9/0x4f0 [ 130.737577][ C0] can_receive+0x163/0x1c0 [ 130.742027][ C0] can_rcv+0xed/0x190 [ 130.746047][ C0] __netif_receive_skb+0x120/0x270 [ 130.751178][ C0] process_backlog+0x229/0x420 [ 130.755977][ C0] __napi_poll+0x63/0x3a0 [ 130.760505][ C0] net_rx_action+0x391/0x830 [ 130.765119][ C0] handle_softirqs+0xb7/0x290 [ 130.769825][ C0] run_ksoftirqd+0x1c/0x30 [ 130.774255][ C0] smpboot_thread_fn+0x328/0x530 [ 130.779225][ C0] kthread+0x489/0x510 [ 130.783313][ C0] ret_from_fork+0xda/0x150 [ 130.787850][ C0] ret_from_fork_asm+0x1a/0x30 [ 130.792644][ C0] [ 130.794981][ C0] read-write to 0xffff888101450158 of 8 bytes by interrupt on cpu 0: [ 130.803064][ C0] can_rcv_filter+0xd9/0x4f0 [ 130.807687][ C0] can_receive+0x163/0x1c0 [ 130.812135][ C0] can_rcv+0xed/0x190 [ 130.816159][ C0] __netif_receive_skb+0x120/0x270 [ 130.821288][ C0] process_backlog+0x229/0x420 [ 130.826071][ C0] __napi_poll+0x63/0x3a0 [ 130.830417][ C0] net_rx_action+0x391/0x830 [ 130.835017][ C0] handle_softirqs+0xb7/0x290 [ 130.839815][ C0] do_softirq+0x5d/0x90 [ 130.843982][ C0] __local_bh_enable_ip+0x70/0x80 [ 130.849022][ C0] _raw_spin_unlock_bh+0x36/0x40 [ 130.853987][ C0] nsim_dev_trap_report_work+0x52b/0x630 [ 130.859658][ C0] process_scheduled_works+0x4cb/0x9d0 [ 130.865154][ C0] worker_thread+0x582/0x770 [ 130.869787][ C0] kthread+0x489/0x510 [ 130.873886][ C0] ret_from_fork+0xda/0x150 [ 130.878414][ C0] ret_from_fork_asm+0x1a/0x30 [ 130.883209][ C0] [ 130.885545][ C0] value changed: 0x00000000000c0072 -> 0x00000000000c0074 [ 130.892655][ C0] [ 130.894989][ C0] Reported by Kernel Concurrency Sanitizer on: [ 130.901178][ C0] CPU: 0 UID: 0 PID: 9315 Comm: kworker/u8:11 Not tainted 6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(voluntary) [ 130.913963][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 130.924036][ C0] Workqueue: events_unbound nsim_dev_trap_report_work [ 130.930822][ C0] ================================================================== [ 133.650546][ C1] ================================================================== [ 133.658770][ C1] BUG: KCSAN: data-race in can_can_gw_rcv / can_can_gw_rcv [ 133.665999][ C1] [ 133.668340][ C1] read-write to 0xffff888129e33020 of 4 bytes by interrupt on cpu 0: [ 133.676454][ C1] can_can_gw_rcv+0x807/0x820 [ 133.681162][ C1] can_rcv_filter+0xc4/0x4f0 [ 133.685789][ C1] can_receive+0x163/0x1c0 [ 133.690254][ C1] can_rcv+0xed/0x190 [ 133.694439][ C1] __netif_receive_skb+0x120/0x270 [ 133.699581][ C1] process_backlog+0x229/0x420 [ 133.704362][ C1] __napi_poll+0x63/0x3a0 [ 133.708714][ C1] net_rx_action+0x391/0x830 [ 133.713340][ C1] handle_softirqs+0xb7/0x290 [ 133.718049][ C1] do_softirq+0x5d/0x90 [ 133.722238][ C1] __local_bh_enable_ip+0x70/0x80 [ 133.727306][ C1] _raw_spin_unlock_bh+0x36/0x40 [ 133.732277][ C1] hash_net4_gc+0xf1/0x260 [ 133.736725][ C1] process_scheduled_works+0x4cb/0x9d0 [ 133.742239][ C1] worker_thread+0x582/0x770 [ 133.746863][ C1] kthread+0x489/0x510 [ 133.750952][ C1] ret_from_fork+0xda/0x150 [ 133.755494][ C1] ret_from_fork_asm+0x1a/0x30 [ 133.760285][ C1] [ 133.762630][ C1] read-write to 0xffff888129e33020 of 4 bytes by interrupt on cpu 1: [ 133.770722][ C1] can_can_gw_rcv+0x807/0x820 [ 133.775471][ C1] can_rcv_filter+0xc4/0x4f0 [ 133.780110][ C1] can_receive+0x163/0x1c0 [ 133.784566][ C1] can_rcv+0xed/0x190 [ 133.788666][ C1] __netif_receive_skb+0x120/0x270 [ 133.793806][ C1] process_backlog+0x229/0x420 [ 133.798597][ C1] __napi_poll+0x63/0x3a0 [ 133.802952][ C1] net_rx_action+0x391/0x830 [ 133.807563][ C1] handle_softirqs+0xb7/0x290 [ 133.812267][ C1] do_softirq+0x5d/0x90 [ 133.816446][ C1] __local_bh_enable_ip+0x70/0x80 [ 133.821495][ C1] _raw_spin_unlock_bh+0x36/0x40 [ 133.826540][ C1] nsim_dev_trap_report_work+0x52b/0x630 [ 133.832208][ C1] process_scheduled_works+0x4cb/0x9d0 [ 133.837739][ C1] worker_thread+0x582/0x770 [ 133.842368][ C1] kthread+0x489/0x510 [ 133.846484][ C1] ret_from_fork+0xda/0x150 [ 133.851024][ C1] ret_from_fork_asm+0x1a/0x30 [ 133.855824][ C1] [ 133.858182][ C1] value changed: 0x0010fdf0 -> 0x0010fdf1 [ 133.863929][ C1] [ 133.866257][ C1] Reported by Kernel Concurrency Sanitizer on: [ 133.872428][ C1] CPU: 1 UID: 0 PID: 9347 Comm: kworker/u8:41 Not tainted 6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(voluntary) [ 133.885154][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 133.895231][ C1] Workqueue: events_unbound nsim_dev_trap_report_work [ 133.902023][ C1] ================================================================== [ 133.930125][ C0] ================================================================== [ 133.938255][ C0] BUG: KCSAN: data-race in can_rcv_filter / can_rcv_filter [ 133.945503][ C0]