last executing test programs: 1m36.733063775s ago: executing program 2 (id=124): r0 = socket$inet6(0xa, 0x2, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x12, 0x5, 0x8, 0x9}, 0x50) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000300)={r1, &(0x7f0000000240), &(0x7f00000000c0)=@udp6=r0}, 0x20) ioctl$sock_inet6_tcp_SIOCINQ(r0, 0x541b, &(0x7f0000000100)) 1m36.698680087s ago: executing program 2 (id=126): bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={0xffffffffffffffff, 0x18000000000002a0, 0x0, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'vlan0\x00'}) socketpair(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x89b0, &(0x7f0000000080)) 1m36.650871749s ago: executing program 2 (id=131): r0 = socket(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000680)=@newqdisc={0x38, 0x24, 0xd0f, 0x470bd2d, 0xfffffffd, {0x60, 0x0, 0x0, r2, {0x0, 0xfff2}, {0xfff1, 0xffff}, {0x0, 0xd}}, [@qdisc_kind_options=@q_clsact={0xb}, @TCA_INGRESS_BLOCK={0x8, 0xd, 0x83}]}, 0x38}, 0x1, 0x0, 0x0, 0x24000040}, 0x0) 1m36.600989531s ago: executing program 2 (id=134): mkdir(&(0x7f0000000280)='./file0\x00', 0x112) r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000002c0)=0x20) rmdir(&(0x7f00000000c0)='./file0\x00') 1m36.567465143s ago: executing program 2 (id=135): setresuid(0x0, 0xee00, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$TIPC_CMD_ENABLE_BEARER(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)={0x34, r1, 0x401, 0x70bd2a, 0x25dfdbfd, {{}, {}, {0x18, 0x17, {0x1c, 0xffff, @l2={'eth', 0x3a, 'batadv0\x00'}}}}}, 0x34}, 0x1, 0x0, 0x0, 0x8000}, 0x0) 1m36.294497856s ago: executing program 2 (id=146): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r0, 0x84, 0x6b, &(0x7f0000000300)=[@in6={0xa, 0x4e22, 0x2, @rand_addr=' \x01\x00', 0x4}], 0x1c) readv(r0, &(0x7f0000000600)=[{&(0x7f0000000180)=""/135, 0x87}], 0x1) setsockopt(r0, 0x84, 0x7f, &(0x7f0000000040)="020000000980ffff", 0x8) 1m36.294335986s ago: executing program 32 (id=146): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r0, 0x84, 0x6b, &(0x7f0000000300)=[@in6={0xa, 0x4e22, 0x2, @rand_addr=' \x01\x00', 0x4}], 0x1c) readv(r0, &(0x7f0000000600)=[{&(0x7f0000000180)=""/135, 0x87}], 0x1) setsockopt(r0, 0x84, 0x7f, &(0x7f0000000040)="020000000980ffff", 0x8) 1m23.126003912s ago: executing program 1 (id=625): mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x2f) mount$tmpfs(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180), 0x400, &(0x7f0000000100)={[{@mpol={'mpol', 0x3d, {'prefer', '=relative', @val={0x3a, [0x30]}}}}]}) chdir(&(0x7f0000000140)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000440)='./file1\x00', 0x103a42, 0x32) 1m23.087207984s ago: executing program 1 (id=627): r0 = syz_open_procfs(0x0, &(0x7f0000000100)='comm\x00') write$binfmt_script(r0, &(0x7f0000000080)={'#! ', './file0'}, 0xb) r1 = syz_open_procfs(0x0, &(0x7f0000000140)='status\x00') preadv(r1, &(0x7f0000000000)=[{&(0x7f0000000240)=""/135, 0x87}], 0x1, 0x0, 0x0) 1m23.045167106s ago: executing program 1 (id=630): mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000) r0 = gettid() sigaltstack(&(0x7f00000000c0)={&(0x7f00000012c0)=""/4086, 0x0, 0xff6}, 0x0) rt_sigqueueinfo(r0, 0x21, &(0x7f0000000000)) 1m23.018866467s ago: executing program 1 (id=631): mkdir(&(0x7f0000000280)='./file0\x00', 0x112) r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000002c0)=0x20) rmdir(&(0x7f00000000c0)='./file0\x00') 1m22.971133319s ago: executing program 1 (id=633): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000c80)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq={{0x7}, {0x1c, 0x2, [@TCA_FQ_FLOW_DEFAULT_RATE={0x18, 0x10, 0x3}, @TCA_FQ_FLOW_MAX_RATE={0x2, 0x2}, @TCA_FQ_QUANTUM={0x2, 0x2}]}}]}, 0x48}}, 0x0) 1m22.683028974s ago: executing program 1 (id=643): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0x18, &(0x7f0000000100)=0xc, 0x4) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'ip6gretap0\x00', 0x0}) sendto$packet(r0, &(0x7f0000000180)="0b0368002e0064000200475400f6a13bb1000000086086dd6558", 0x100a6, 0x0, &(0x7f0000000140)={0x11, 0x8100, r1}, 0x14) 1m22.682921904s ago: executing program 33 (id=643): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0x18, &(0x7f0000000100)=0xc, 0x4) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'ip6gretap0\x00', 0x0}) sendto$packet(r0, &(0x7f0000000180)="0b0368002e0064000200475400f6a13bb1000000086086dd6558", 0x100a6, 0x0, &(0x7f0000000140)={0x11, 0x8100, r1}, 0x14) 54.723992586s ago: executing program 0 (id=1503): mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = openat$cgroup_ro(r0, &(0x7f0000000140)='hugetlb.2MB.rsvd.usage_in_bytes\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000940)={[{0x2b, 'net_cls'}]}, 0x9) 54.714726926s ago: executing program 0 (id=1506): r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt(r0, 0xff, 0x24, &(0x7f0000002d80)="f0c46000", 0x4) syz_emit_ethernet(0x66, 0x0, 0x0) syz_emit_ethernet(0x46, &(0x7f0000000440)={@link_local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x28}, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "0e0050", 0x10, 0x3a, 0xff, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010101}, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x20, 0x4, 0x7, 0x2}}}}}}, 0x0) 54.648101609s ago: executing program 0 (id=1509): creat(&(0x7f00000002c0)='./file0\x00', 0x1) r0 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0) fcntl$setlease(r0, 0x400, 0x0) truncate(&(0x7f0000000040)='./file0\x00', 0x0) 54.63524716s ago: executing program 0 (id=1511): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x7) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0b00000000010000fd0000000900000001"], 0x50) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000000), &(0x7f0000000000), 0xcff5, r0}, 0x38) 54.324211846s ago: executing program 0 (id=1524): r0 = syz_open_dev$loop(&(0x7f0000000300), 0x8f, 0x40240) openat$cgroup(0xffffffffffffffff, &(0x7f00000001c0)='syz0\x00', 0x200002, 0x0) ioctl$LOOP_CONFIGURE(r0, 0x4c0a, 0x0) ioctl$LOOP_SET_DIRECT_IO(r0, 0x4c08, 0x0) 54.319605236s ago: executing program 0 (id=1526): ptrace(0x10, 0x1) sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x6, 0x0, 0x0, 0x0, 0x8000000009917, 0x400000000000fffd}, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x0, 0x0, 0xffffffffffffffff}, 0x0) sched_setattr(0x0, &(0x7f00000000c0)={0x38, 0x0, 0x0, 0x1}, 0x0) 39.010540198s ago: executing program 34 (id=1526): ptrace(0x10, 0x1) sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x6, 0x0, 0x0, 0x0, 0x8000000009917, 0x400000000000fffd}, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x0, 0x0, 0xffffffffffffffff}, 0x0) sched_setattr(0x0, &(0x7f00000000c0)={0x38, 0x0, 0x0, 0x1}, 0x0) 33.032521875s ago: executing program 3 (id=1957): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r0, &(0x7f0000000300)="8b", 0x34000, 0x0, &(0x7f0000000000)={0xa, 0x0, 0x0, @private1}, 0x1c) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000200)={0x0, 0x1c, &(0x7f0000000100)=[@in6={0xa, 0x4e23, 0x9b5, @rand_addr=' \x01\x00', 0x747b5461}]}, &(0x7f0000000240)=0x10) ppoll(&(0x7f0000000140)=[{r0, 0x12}], 0x1, 0x0, 0x0, 0x0) shutdown(r0, 0x1) 32.169716169s ago: executing program 3 (id=1976): sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={0x0}, 0x1, 0x0, 0x0, 0x4000811}, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=@newtaction={0xb0, 0x30, 0x105, 0x70bd28, 0x0, {}, [{0x9c, 0x1, [@m_simple={0x98, 0x1, 0x0, 0x0, {{0xb}, {0x6c, 0x2, 0x0, 0x1, [@TCA_DEF_DATA={0x5, 0x3, '\x00'}, @TCA_DEF_DATA={0xd, 0x3, ')+@$(:(\\\x00'}, @TCA_DEF_DATA={0x6, 0x3, '-\x00'}, @TCA_DEF_PARMS={0x18, 0x2, {0x6, 0x2, 0x7, 0x0, 0x3b604f5b}}, @TCA_DEF_PARMS={0x18, 0x2, {0x2, 0xe, 0x6, 0x1, 0x65}}, @TCA_DEF_PARMS={0x18, 0x2, {0x9, 0x80, 0x0, 0x7fffffff, 0x80000000}}]}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x2, 0x1}}}}]}]}, 0xb0}, 0x1, 0x0, 0x0, 0x4}, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28"], 0x7c}}, 0x0) sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x0) 31.956192929s ago: executing program 3 (id=1981): r0 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x80) fchdir(r1) fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0) 31.868018313s ago: executing program 3 (id=1986): mkdir(&(0x7f00000020c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='proc\x00', 0x810c03, 0x0) chroot(&(0x7f0000000100)='./file0\x00') mount$bind(&(0x7f0000000040)='.\x00', &(0x7f00000003c0)='./file0\x00', 0x0, 0x2a05004, 0x0) pivot_root(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)='./file0/../file0\x00') 31.858275864s ago: executing program 3 (id=1987): prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) syz_clone(0x1300211, 0x0, 0x0, 0x0, 0x0, 0x0) rt_sigsuspend(&(0x7f0000000080)={[0x5]}, 0x8) 31.72919316s ago: executing program 3 (id=1994): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f0000000000)=[{0x6, 0x85, 0x4, 0x7ffc0001}]}) r0 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x2b, 0x1, 0x0, 0x0, 0x0, 0x9, 0xf40b9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_bp={0x0, 0x8}, 0x204, 0x0, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x200b}, 0x0, 0x4000000000, 0xffffffffffffffff, 0x8) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x48, '\x00', 0x0, @fallback=0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1) lsm_set_self_attr(0x66, 0x0, 0x0, 0x20) 31.690701312s ago: executing program 35 (id=1994): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f0000000000)=[{0x6, 0x85, 0x4, 0x7ffc0001}]}) r0 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x2b, 0x1, 0x0, 0x0, 0x0, 0x9, 0xf40b9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_bp={0x0, 0x8}, 0x204, 0x0, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x200b}, 0x0, 0x4000000000, 0xffffffffffffffff, 0x8) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x48, '\x00', 0x0, @fallback=0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1) lsm_set_self_attr(0x66, 0x0, 0x0, 0x20) 2.889160706s ago: executing program 8 (id=2924): r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace(0x10, r0) prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0) ptrace(0x10, r0) ptrace$peeksig(0x4212, r0, &(0x7f0000000140)={0x0, 0x0, 0x4}, &(0x7f0000001500)) 2.818632219s ago: executing program 7 (id=2925): r0 = eventfd2(0x0, 0x0) io_setup(0x81, &(0x7f0000000080)=0x0) read$eventfd(r0, &(0x7f0000000000), 0x8) io_getevents(r1, 0x2, 0x800000000000071, &(0x7f0000000040), 0x0) io_submit(r1, 0x1, &(0x7f0000000440)=[&(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1fd, r0, 0x0, 0x0, 0x0, 0x0, 0x1, r0}]) 2.818279939s ago: executing program 4 (id=2926): r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4) connect$inet(r0, &(0x7f0000000140)={0x2, 0x0, @remote}, 0x10) setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000000), 0x20000328) setsockopt$inet_tcp_int(r0, 0x6, 0x1b, &(0x7f0000000040)=0x2, 0x4) 2.737468443s ago: executing program 6 (id=2927): syz_emit_ethernet(0x36, &(0x7f00000007c0)={@local, @link_local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x1, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5}}}}}}, 0x0) mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0) syz_io_uring_setup(0x71d6, 0x0, 0x0, 0x0) prctl$PR_MCE_KILL(0x4e, 0x1, 0x1000000) syz_genetlink_get_family_id$tipc2(0x0, 0xffffffffffffffff) 2.041498278s ago: executing program 8 (id=2934): r0 = openat(0xffffffffffffff9c, &(0x7f0000000440)='./file1\x00', 0x103a42, 0x32) r1 = inotify_init1(0x0) inotify_add_watch(r1, &(0x7f0000000180)='./file1\x00', 0x44000106) unlinkat(0xffffffffffffff9c, &(0x7f0000000380)='./file1\x00', 0x0) pwrite64(r0, &(0x7f0000000100)="64ec", 0x2, 0x7) 2.00253184s ago: executing program 6 (id=2935): perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x65, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc093, 0x2, @perf_bp={0x0, 0x8}, 0x4, 0x0, 0xe723, 0x0, 0x2, 0x80000001, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xdfffffffffffffff, 0xffffffffffffffff, 0xb) openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x1) pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x800) mount$9p_fd(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000480), 0x1489a, &(0x7f0000000500)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@debug={'debug', 0x3d, 0x7f}}], [{@flag='async'}]}}) 1.901363745s ago: executing program 7 (id=2937): perf_event_open(&(0x7f0000002600)={0x5, 0x80, 0xf, 0x1, 0xd, 0x8, 0x0, 0xe15, 0x10480, 0x3, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x3, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x2, @perf_bp={0x0, 0x8}, 0x41, 0x5, 0xfffffffe, 0x7, 0x8, 0x7, 0x3e2, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) syz_io_uring_setup(0x191c, &(0x7f0000000480)={0x0, 0x896a, 0x2, 0xffffffff, 0xda}, 0x0, 0x0) syz_io_uring_setup(0x5041, &(0x7f0000000100)={0x0, 0xd9fb, 0x42, 0x0, 0x66}, 0x0, 0x0) prctl$PR_TASK_PERF_EVENTS_DISABLE(0x1f) prctl$PR_TASK_PERF_EVENTS_DISABLE(0x1f) 1.901221975s ago: executing program 5 (id=2938): r0 = syz_io_uring_setup(0x83e, &(0x7f00000000c0)={0x0, 0x811b, 0x400, 0x3, 0x3c4}, &(0x7f0000000180)=0x0, &(0x7f0000000280)=0x0) r3 = socket(0x2a, 0x2, 0x6) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0, 0x0, 0x100}) io_uring_enter(r0, 0x4ce1, 0x0, 0x0, 0x0, 0x0) 1.901176765s ago: executing program 8 (id=2939): r0 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0) fcntl$notify(r0, 0x402, 0xda92b92eb38eb61c) r1 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0) fcntl$notify(r1, 0x402, 0x8000001f) close_range(r1, 0xffffffffffffffff, 0x0) 1.877462246s ago: executing program 8 (id=2940): r0 = syz_io_uring_setup(0xe42, &(0x7f00000005c0)={0x0, 0x2119, 0x100, 0x0, 0x54}, &(0x7f0000000140)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000040)=0xfffffffc, 0x0, 0x4) r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_ASYNC_CANCEL={0xe, 0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, {0x0, r3}}) io_uring_enter(r0, 0x6f58, 0x0, 0x0, 0x0, 0x0) 1.867532936s ago: executing program 7 (id=2941): r0 = socket(0x840000000002, 0x3, 0x100) connect$inet(r0, &(0x7f0000000000)={0x2, 0x0, @remote}, 0x10) sendmmsg$inet(r0, &(0x7f0000005240), 0x4000095, 0x0) setsockopt$inet_mreqn(r0, 0x0, 0xa85fd9b5ca15c507, 0x0, 0x0) 1.81464856s ago: executing program 6 (id=2942): getrandom(&(0x7f0000000240)=""/286, 0xffffff9a, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x4e2c, 0x13, @local, 0xc}, 0x1c) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x8) 1.739548273s ago: executing program 5 (id=2943): r0 = syz_io_uring_setup(0x4e0, &(0x7f00000000c0)={0x0, 0x79ae, 0x3180, 0x8000, 0x400252}, &(0x7f0000000640)=0x0, &(0x7f0000000340)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4) r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_POLL_ADD={0x6, 0x4, 0x0, @fd_index=0x2, 0x0, 0x0, 0x0, {0x20}, 0x1, {0x0, r3}}) io_uring_enter(r0, 0x627, 0x4c1, 0x43, 0x0, 0x0) 1.697807135s ago: executing program 8 (id=2944): r0 = syz_io_uring_setup(0x88f, &(0x7f00000010c0)={0x0, 0xc941, 0x0, 0x0, 0xbfdffffc}, &(0x7f0000000000)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) r3 = socket$can_j1939(0x1d, 0x2, 0x7) syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_CONNECT={0x10, 0x8, 0x0, r3, 0x80, &(0x7f00000000c0)=@can, 0x0, 0x0, 0x2}) io_uring_enter(r0, 0x47f6, 0x0, 0x4, 0x0, 0x0) 1.647226127s ago: executing program 5 (id=2945): r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace(0x10, r0) prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0) ptrace(0x10, r0) ptrace$peeksig(0x4212, r0, &(0x7f0000000140)={0x0, 0x0, 0x4}, &(0x7f0000001500)) 1.534035563s ago: executing program 8 (id=2946): perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x52, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) prctl$PR_MCE_KILL(0x4e, 0x1, 0x1000000) 924.893784ms ago: executing program 6 (id=2947): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000004c0)={r0}, 0x4) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x4, 0x19, &(0x7f0000000380)=@framed={{0x18, 0x0, 0x0, 0x0, 0x100, 0x0, 0x0, 0x0, 0x100}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfff}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x5}}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1000}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0xb6}}]}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000640)={r2, 0x0, 0x10, 0x10, &(0x7f00000006c0)="0000000005000000", &(0x7f0000000700)=""/8, 0x2f00, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c) 924.796994ms ago: executing program 4 (id=2948): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x12, 0xb, 0x8, 0x2}, 0x50) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000140)={{r1, 0xffffffffffffffff}, &(0x7f0000000180), &(0x7f0000000280)=r0}, 0x20) syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000440)={r2, &(0x7f00000001c0), 0x0}, 0x20) 924.208374ms ago: executing program 7 (id=2957): syz_mount_image$iso9660(&(0x7f0000000380), &(0x7f00000000c0)='./file0\x00', 0x204818, &(0x7f0000000240)={[{@map_off}, {@check_strict}, {@cruft}, {@dmode={'dmode', 0x3d, 0x4}}, {@unhide}, {@iocharset={'iocharset', 0x3d, 'cp437'}}, {@map_off}, {@mode={'mode', 0x3d, 0x483}}]}, 0xff, 0x544, &(0x7f0000001000)="$eJzs3V9v01YfwPGfS/sQ5ZGqRw8TQlWBQ9mkIpXgJBAUceU5J+mBxI5sB7VXqKIpqkhhokxae8O4YZu0vQh2uRexd4T2EjbZTvqHJjHQv6u+nwjOiX3s8zup5Z/cxscCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADEcmu2XbSkabzOkhrNrQV+a/dtf+sDC+TWvmJMvyJW/E9yObmSLrry1e7qy/F/czKbvpuVXFzkZPu/l//34NLkxGD7MQF/lt+/cE+bW9vPV3q97qujCuQMunpx9LqG9kzom5bT0MqEvqpWKvadxXqo6qapw+Uw0i3lBtqJ/EDNu7dUsVotK11Y9jteo+Y09WDh/dsl266oh4W2doLQ9+48LITuomk2jddI2sSr4zb34wPxkYlUpJ2WUmvrvW45awBxo+KnNCplNSrZpVKxWCoVK/eq9+7b9uSBBfZH5ECLozto8e90hGdv4HAm+vlfmmLEk44siRr6cqUmgfjSGrG+b5D/v7mjx/a7N/8PsvyV3dUzkuT/a+m7a6Py/4hYTu61KVuyLc9lRXrSk668OvWITvbVEC2eGAnFFyMtcZIlqr9ESVUqUhFbnsii1CUUJXUx0hQtoSxLKJHo5IhyJRAtjkTiSyBK5sWVW6KkKFWpSlmUaCnIsvjSEU8aUhMn2cuarCefe1mUNSrGnUbFkcPID467rpTGjJb8j8M70vM3cBh/D/I/AAAAAAA4t6zkt+/x9f+UXE1qddPU9mmHBQAAAAAAjlDyl//ZuJiKa1fF4vofAAAAAIDzxkrusbNEJC/X09qaWMntUvwSAAAAAACAcyL5+/+1uEjmQLku1s50KVz/AwAAAABwTvycOcd+2L5o/fmXBMGU9ba99LW1kczN62xcSLe78PEeo/qMNd3fSVJU0mJy0tWzVi5ttDMJ5od+sZYVh7UbgLMTwI+fE8ClSflVbqRtbqym5epgTdpLvm6auuD6zQdFcZzpiUgvRd+/WP9BkuH/4rWmrZys97qFpy97q0ksb+O9vN3oT6B4YB7FMbG8TuZbSO65GDriqeRGjH6/eUvW1ntde+/4J9LNJ/b3+GZ6TJ/vZC5tNdef8Ta/f/y5uM9iYdTo+1EUDznyd3IzbXNz/mZaDImilBVFaW8Uwz+Lw0dRzoqifMgoAOC0rGVkIUsO5N0vOMt9WXaXz8zu72Q+bTM/k5xYJ2eGnNHtrDO6fcjs9seBZyCNyrFxv799lFXfxxu8H9lv2CxZ8Ud44fXGd3J5c2v79vrGyrPus+6LUqlcse/a9r2STCXD6BfkHgDAEHufsWMNzf+ZT+Gx7mZcVf9/5ysFBXkqL6Unq7KQ3G2QfONg6F7ze76GsJBx1ZpP0mT6hJeFMVd1/0nuchjstzS27f4YyifwkwAA4OTMZeThT8n/CxnX3ftz+fir4/yep7UBAIDjoYMPVj76yQoC035SrFaLTrSoVeC7j1Rgag2tjBfpwF10vIZW7cCPfNdvxpXHpqZDFXbabT+IVN0PVNsPzVIyfaDqP/o91C3Hi4wbtpvaCbVyfS9y3EjVTOiqdufbpgkXdZBsHLa1a+rGdSLjeyr0O4GrC0qFWu9paGrai0zdxFVPtQPTcoKceuw3Oy2tajp0A9OO/HSHg76MV/eDVrLbwml/2AAAnBGbW9vPV3q97qtjrAztOHfiQwUAAH0ZWRoAAAAAAAAAAAAAAAAAAAAAAJwBJ3H/H5VzXhlMBX1W4qFyBJXMU8ebYz85AThW/wQAAP//rVVPjw==") munmap(&(0x7f0000002000/0x1000)=nil, 0x1000) r0 = open(&(0x7f0000000140)='.\x00', 0x0, 0x112) getdents(r0, &(0x7f0000001fc0)=""/184, 0xb8) getdents(r0, &(0x7f0000001fc0)=""/184, 0xb8) 905.982154ms ago: executing program 7 (id=2949): r0 = openat(0xffffffffffffff9c, &(0x7f0000000440)='./file1\x00', 0x103a42, 0x32) r1 = inotify_init1(0x0) inotify_add_watch(r1, &(0x7f0000000180)='./file1\x00', 0x44000106) unlinkat(0xffffffffffffff9c, &(0x7f0000000380)='./file1\x00', 0x0) pwrite64(r0, &(0x7f0000000100)="64ec", 0x2, 0x7) 891.306475ms ago: executing program 4 (id=2950): r0 = socket$netlink(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_RATE_NEW(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)={0x34, r1, 0x1, 0x0, 0x25dfdbfd, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}}, 0x6048800) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x44, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="01000000120000007f00000001"], 0x48) 883.591416ms ago: executing program 6 (id=2951): sendmsg$NL80211_CMD_JOIN_IBSS(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000580)={0x0, 0x248}, 0x1, 0x0, 0x0, 0x4010}, 0x800) sendmsg$RDMA_NLDEV_CMD_RES_CQ_GET(0xffffffffffffffff, 0x0, 0x4000) r0 = socket(0x10, 0x3, 0x0) sendto(r0, &(0x7f00000000c0)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000000)=""/102, 0x365}, {&(0x7f0000000280)=""/76, 0x14c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/92, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x188}, {&(0x7f00000007c0)=""/154, 0x2c}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400}) 870.720906ms ago: executing program 7 (id=2952): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file1\x00', 0x14, &(0x7f00000004c0)={[{@i_version}, {@nodiscard}, {@grpjquota}]}, 0x1, 0x3f7, &(0x7f0000000ac0)="$eJzs3U1vG0UfAPD/bt7atE+TSs+Bl4sFSERCJE3aApVAIuLCoT3RA0es2C1RnQYlRqJVxItA3EAC8QHgAHwEjnDgO8AZOEClCOVAys1o7V3HxHbapA6ukt9PGnlmZ+2Z9XjW68nsJIBjqxQRL0fESESci4ipfHuah3i/FbL9trc2lv7e2lhKotF47c8kknxb8VpJ/ngqf4GZNCL9KInHe5S7fuv2jXKtVl3L03P1lbfm1m/dfnZ5pXy9er16c+G58xcuXnzh0sLzAzvWzZXkk6e+ufzbZx9XPv/pj++ns/qezvM6j2NQSlFqvye7XRp0YUN2oiOejA6xIgAA7CnNr/1Hm9f/UzESOxdvU/Hpj0OtHAAAADAQjUbxCAAAABxdid/+AAAAcMQV8wC2tzaWijDE6Qj8xzYXI2K61f5389DKGW3f0zu26/7eQSpFxKsnrixkIQ7pPmwAAACA4+yHxdbCf93jf2k80rHfyYiYLNb2G6DSrnT3+E96Z8BF0mFzMeLFiLjbNf6XFrtMj+Sp/zWHCseSa8u16rmIOBMRMzE2kaXn9yjj3SdufNsvr3P878tfX5/Pys8ed/ZI74xO/Ps5lXK9/CDHzI7NDyIeG+3V/kl7zLdzncyDeGN5+6V+eVn7Z+1dhO725zA1vop4umf/31m5NNl7fda55vlgLj8rTHSX8cvprz/sV35n/89CVn7xtwAOX9b/J/du/+Y6ue31etf3X8Z3f135uV/evdu/9/l/PLnarOB4vu2dcr2+Nh8xnlzu3u7T1Fa8H8X7lbX/zJO9v/+L678k/+4/07E+9H688t7Zq/3y9P/hytq/sq/+v//Im5OPzvQr//76/4VmZYoXcf13b/fbQMOuJwAAAAAAAACDkTbn9iXpbDueprOzrXm+/4/JtLa6Xn/m2urbNyutOYDTMZYW8z+nOuaDzrduI2+nF3alz0fE2Yj4YupkMz27tFqrDPvgAQAA4Jg41ef3f+b3g9zsAQAAADycpoddAQAAAODQ+f0PAAAAR9qDrOtfq64V/yLogE8XETlYZCT/4D0s9Tl6kSGelAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACIfwIAAP//keS8Nw==") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) pwrite64(r0, &(0x7f0000000080)='7', 0xfffffe8a, 0x8000c61) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) sendfile(r1, r1, 0x0, 0xe3aa6ea) 790.020521ms ago: executing program 5 (id=2953): accept4$x25(0xffffffffffffffff, 0x0, &(0x7f0000000300), 0x80800) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000200)={0xffffffffffffffff, 0x0, 0xe, 0x0, &(0x7f0000000140)="05a42f284a5bf1fa61960ae8f0f9", 0x0, 0x4fd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_GET_BYNAME(r0, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x38, 0xe, 0x6, 0x301, 0x0, 0x0, {0x2, 0x0, 0x3}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}]}, 0x38}, 0x1, 0x0, 0x0, 0xc010}, 0x0) syz_mount_image$ext4(&(0x7f0000000ac0)='ext4\x00', &(0x7f0000003080)='./cgroup/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x3810746, &(0x7f00000012c0)={[{@noauto_da_alloc}, {@user_xattr}, {@commit={'commit', 0x3d, 0x5}}, {@mblk_io_submit}, {@stripe={'stripe', 0x3d, 0x4}}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x8}}, {@dioread_nolock}, {@noquota}, {@nodiscard}]}, 0xff, 0x451, &(0x7f0000000d00)="$eJzs281vVFUbAPDn3pkCL/DSivgBglbR2PjR0oLKwo1GExeamOgCl7UtBBmooTUR0mg1BpeGxL1xaeJf4MqVUVcmbnVvSIg2JqAbx9yZe9vOdKb0Y8pU5vdLBs6Ze+ae8+Tcc+fMOb0B9KzB7J8kYm9E/BIR/fVsY4HB+n83F+Ym/lqYm0iiWn3j96RW7sbC3ERRtPjcnjwzlEaknyR5JY1mLl0+N16pTF3M8yOz598dmbl0+emz58fPTJ2ZujB28uSJ46PPPTv2TEfizNp049AH04cPvvLW1dcmTl19+4evs/bee6R+fHkcnTKYBf5Htab52GOdrqzL/qkuxZmUu90a1qoUEVl39dXGf3+UYqnz+uPlj7vaOGBLZffsne0Pz1eBO1gS3W4B0B3FF332+7d43aapx7Zw/YX6D6As7pv5q36kHGlepm8L6x+MiFPzf3+RvaJpHaLaYt0AAGCzvs3mP0+tnP/V9kaWlUvyvaGBiLgrIvZHxN0RcSAi7snL3hcR96+z/uatoZXzz/TaBkNbk2z+93y+t9U4/ytmfzFQynP/r8Xfl5w+W5k6FhH7ImIo+nZm+dFWJy9O8dLPn7Wrf/n8L3tl9Rdzwfwk18pNC3ST47PjnZqUXv8o4lC5VfzJ4k5A1vcHI+LQ+k69r0icfeKrw+0K3Tr+VXRgn6n6ZcTj9f6fj6b4C8nq+5Mju6IydWykuCpW+vGnK6+3q39T8XdA1v+7G6//phL9fybL92tn1l/HlV8/bfubsrzB639H8mZtz3pH/t7747OzF0cjdiSv1vIN748tfbbIF+Wz+IeOth7/+/PPZPE/EBHZRXwkIh6MiIfyvns4Ih6JiKOrxP/9i4++0+7Yduj/yZb3v8Xrf6Cx/9efKJ377pt29a/t/neilhrK36nd/26hfXN25SU2ejUDAADAf08aEXsjSYcX02k6PFz/e/kDsTutTM/MPnl6+r0Lk/VnBAaiLy1WuvqXrYeOJvP5Gev5sXytuDh+PF83/rz0v1p+eGK6Mtnl2KHX7Wkz/jO/lbrdOmDLeV4Lelfz+E+71A7g9vP9D73L+IfeZfxD72o1/j9sytsLgDuT73/oXcY/9C7jH3qX8Q89aTPP9W9VorzK0/sS2yUR6bZohkSLRLkDo7vLNyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAO+TcAAP//uZjx6g==") 584.922ms ago: executing program 4 (id=2954): perf_event_open(&(0x7f0000002600)={0x5, 0x80, 0xf, 0x1, 0xd, 0x8, 0x0, 0xe15, 0x10480, 0x3, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x3, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x2, @perf_bp={0x0, 0x8}, 0x41, 0x5, 0xfffffffe, 0x7, 0x8, 0x7, 0x3e2, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) syz_io_uring_setup(0x191c, &(0x7f0000000480)={0x0, 0x896a, 0x2, 0xffffffff, 0xda}, 0x0, 0x0) syz_io_uring_setup(0x5041, &(0x7f0000000100)={0x0, 0xd9fb, 0x42, 0x0, 0x66}, 0x0, 0x0) prctl$PR_TASK_PERF_EVENTS_DISABLE(0x1f) prctl$PR_TASK_PERF_EVENTS_DISABLE(0x1f) 432.498468ms ago: executing program 4 (id=2955): perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x65, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x100000001, 0xdd5}, 0x0, 0x0, 0xfffc, 0x2, 0x0, 0x80000001, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xdfffffffffffffff, 0xffffffffffffffff, 0x1) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1e000000000000000600000007"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r1, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 206.153469ms ago: executing program 5 (id=2956): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="1400000010000100ab5a0000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4024}, 0x4000010) sendmsg$NFT_BATCH(r1, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc200011800e000100636f6e6e6c696d69740000000c00028008000140fffff27414000000110001"], 0x84}, 0x1, 0x0, 0x0, 0x40008d0}, 0x40) sendmsg$NFT_MSG_GETSET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000c80)={0x2c, 0xa, 0xa, 0x5, 0x0, 0x0, {0xa, 0x0, 0x9}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}]}, 0x2c}, 0x1, 0x0, 0x0, 0x24048014}, 0x4000) 155.118802ms ago: executing program 5 (id=2958): mmap(&(0x7f0000002000/0x2000)=nil, 0x2000, 0x8, 0x32, 0xffffffffffffffff, 0x0) r0 = socket(0x1d, 0x2, 0x6) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000200)={'vxcan0\x00', 0x0}) bind$can_j1939(r0, &(0x7f0000000380)={0x1d, r1, 0x1, {0x0, 0x0, 0x1}, 0xfd}, 0x18) writev(r0, &(0x7f0000000280)=[{&(0x7f0000000140)='H', 0x206c}], 0x1) 155.023942ms ago: executing program 4 (id=2959): getrandom(&(0x7f0000000240)=""/286, 0xffffff9a, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x4e2c, 0x13, @local, 0xc}, 0x1c) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x8) 0s ago: executing program 6 (id=2960): r0 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x800000, 0x3fff8001}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x9}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000001100)={0x5, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000440)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1) r2 = perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x7, 0x2, 0x0, 0x0, 0x0, 0x2, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb, 0x0, @perf_bp={0x0, 0x9}, 0x2000, 0x37, 0x9, 0x7, 0x0, 0x0, 0xefff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x40082406, &(0x7f00000001c0)='!pu<20\t||') kernel console output (not intermixed with test programs): 764 [ 55.820526][ T28] audit: type=1400 audit(1774313543.262:381): avc: denied { execute } for pid=5912 comm="syz.6.964" name="file0" dev="tmpfs" ino=220 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 55.849597][ T5914] rock: directory entry would overflow storage [ 55.858696][ T5914] rock: sig=0x4654, size=5, remaining=4 [ 55.914844][ T28] audit: type=1400 audit(1774313543.262:382): avc: denied { execute_no_trans } for pid=5912 comm="syz.6.964" path="/39/file0" dev="tmpfs" ino=220 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 56.034037][ T5926] loop3: detected capacity change from 0 to 1764 [ 56.154752][ T5938] loop3: detected capacity change from 0 to 512 [ 56.232286][ T5938] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 56.273945][ T5938] ext4 filesystem being mounted at /230/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 56.298143][ T5958] loop0: detected capacity change from 0 to 512 [ 56.345304][ T5958] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 56.369147][ T5958] ext4 filesystem being mounted at /191/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 56.432570][ T3320] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 56.469176][ T3315] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 56.510784][ T5968] __nla_validate_parse: 8 callbacks suppressed [ 56.510837][ T5968] netlink: 52 bytes leftover after parsing attributes in process `syz.3.985'. [ 56.573330][ T5976] netlink: 884 bytes leftover after parsing attributes in process `syz.4.989'. [ 56.681134][ T5992] loop0: detected capacity change from 0 to 512 [ 56.688634][ T5992] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 56.800404][ T6002] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1003'. [ 56.865030][ T6011] loop6: detected capacity change from 0 to 128 [ 56.918485][ T6015] ieee802154 phy0 wpan0: encryption failed: -22 [ 57.043432][ T6027] loop6: detected capacity change from 0 to 764 [ 57.080213][ T28] audit: type=1326 audit(1774313544.532:383): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6028 comm="syz.4.1016" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f3abfe1c799 code=0x0 [ 57.104924][ T6027] rock: directory entry would overflow storage [ 57.111187][ T6027] rock: sig=0x4654, size=5, remaining=4 [ 57.530747][ T6059] loop0: detected capacity change from 0 to 128 [ 57.807876][ T6093] ip6tnl1: entered allmulticast mode [ 57.813989][ T198] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured! [ 57.825180][ T198] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured! [ 57.840195][ T35] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured! [ 57.902904][ T6103] loop3: detected capacity change from 0 to 512 [ 57.921436][ T6103] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 58.120158][ T28] audit: type=1400 audit(1774313545.572:384): avc: denied { read write } for pid=6124 comm="syz.5.1058" name="rdma_cm" dev="devtmpfs" ino=251 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:infiniband_device_t tclass=chr_file permissive=1 [ 58.158493][ T28] audit: type=1400 audit(1774313545.572:385): avc: denied { open } for pid=6124 comm="syz.5.1058" path="/dev/infiniband/rdma_cm" dev="devtmpfs" ino=251 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:infiniband_device_t tclass=chr_file permissive=1 [ 58.209772][ T6131] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1060'. [ 58.213135][ T6137] netlink: 'syz.0.1063': attribute type 21 has an invalid length. [ 58.226894][ T6137] netlink: 128 bytes leftover after parsing attributes in process `syz.0.1063'. [ 58.284444][ T6137] netlink: 'syz.0.1063': attribute type 4 has an invalid length. [ 58.292400][ T6137] netlink: 'syz.0.1063': attribute type 3 has an invalid length. [ 58.300416][ T6137] netlink: 3 bytes leftover after parsing attributes in process `syz.0.1063'. [ 58.309459][ T6146] ip6_vti0 speed is unknown, defaulting to 1000 [ 58.477125][ T6164] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1074'. [ 58.486904][ T6164] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1074'. [ 58.540397][ T3364] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured! [ 58.611301][ T6146] netlink: 16 bytes leftover after parsing attributes in process `syz.6.1066'. [ 58.622173][ T6173] tap0: tun_chr_ioctl cmd 1074025677 [ 58.627715][ T6173] tap0: linktype set to 780 [ 58.700332][ T3364] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured! [ 58.818338][ T6184] loop0: detected capacity change from 0 to 512 [ 58.869466][ T6184] EXT4-fs (loop0): 1 truncate cleaned up [ 58.878056][ T6184] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 58.925967][ T3315] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 58.976035][ T6191] loop6: detected capacity change from 0 to 512 [ 58.991718][ T6191] FAT-fs (loop6): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 59.135397][ T6197] ip6_vti0 speed is unknown, defaulting to 1000 [ 59.179797][ T6206] loop3: detected capacity change from 0 to 256 [ 59.187335][ T6206] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 59.221377][ T6206] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1091'. [ 59.617017][ T6263] loop5: detected capacity change from 0 to 1024 [ 59.666111][ T6263] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 59.703297][ T6263] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:4222: comm syz.5.1119: Allocating blocks 449-513 which overlap fs metadata [ 60.015965][ T3820] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 60.090665][ T6325] loop5: detected capacity change from 0 to 1024 [ 60.112528][ T6325] EXT4-fs (loop5): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 60.146904][ T6325] ext4 filesystem being mounted at /184/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 60.290561][ T3820] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 60.307101][ T6335] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 60.404632][ T28] audit: type=1400 audit(1774313547.862:386): avc: denied { mount } for pid=6349 comm="syz.4.1139" name="/" dev="sysfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1 [ 60.516290][ T3320] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 60.625929][ T28] audit: type=1400 audit(1774313548.082:387): avc: denied { bind } for pid=6372 comm="syz.3.1149" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 60.653540][ T28] audit: type=1400 audit(1774313548.082:388): avc: denied { connect } for pid=6372 comm="syz.3.1149" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 60.660137][ T6364] ip6_vti0 speed is unknown, defaulting to 1000 [ 60.733404][ T6388] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 60.805144][ T6388] EXT4-fs (loop3): orphan file too big: 4294967295 [ 60.812194][ T6388] EXT4-fs (loop3): mount failed [ 61.270216][ T3364] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured! [ 61.576511][ T6479] syzkaller1: tun_chr_ioctl cmd 1074025677 [ 61.582573][ T6479] syzkaller1: linktype set to 825 [ 61.759462][ T6483] ip6_vti0 speed is unknown, defaulting to 1000 [ 61.766020][ T6488] syz_tun: entered allmulticast mode [ 61.856656][ T6487] syz_tun: left allmulticast mode [ 61.990225][ T3364] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured! [ 62.010150][ T6493] __nla_validate_parse: 7 callbacks suppressed [ 62.010162][ T6493] netlink: 140 bytes leftover after parsing attributes in process `syz.0.1195'. [ 62.220163][ C1] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured! [ 62.386757][ T6463] syz.6.1194 (6463) used greatest stack depth: 8744 bytes left [ 62.731963][ T6526] syz_tun: entered allmulticast mode [ 62.778477][ T6525] syz_tun: left allmulticast mode [ 63.837644][ T6535] syz.3.1215 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=1000 [ 63.852510][ T6535] CPU: 1 UID: 0 PID: 6535 Comm: syz.3.1215 Not tainted syzkaller #0 PREEMPT(full) [ 63.852531][ T6535] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 63.852544][ T6535] Call Trace: [ 63.852551][ T6535] [ 63.852557][ T6535] __dump_stack+0x1d/0x30 [ 63.852637][ T6535] dump_stack_lvl+0x95/0xd0 [ 63.852657][ T6535] dump_stack+0x15/0x1b [ 63.852678][ T6535] dump_header+0x80/0x240 [ 63.852697][ T6535] oom_kill_process+0x295/0x350 [ 63.852781][ T6535] out_of_memory+0x97d/0xb80 [ 63.852871][ T6535] try_charge_memcg+0x62e/0xa10 [ 63.852901][ T6535] obj_cgroup_charge_pages+0x23/0xc0 [ 63.852997][ T6535] __memcg_kmem_charge_page+0x9e/0x170 [ 63.853020][ T6535] __alloc_frozen_pages_noprof+0x18a/0x360 [ 63.853061][ T6535] alloc_pages_mpol+0x1f6/0x260 [ 63.853085][ T6535] alloc_pages_noprof+0x8f/0x130 [ 63.853107][ T6535] __vmalloc_node_range_noprof+0xa46/0x12b0 [ 63.853177][ T6535] __kvmalloc_node_noprof+0x3d4/0x650 [ 63.853259][ T6535] ? futex_hash_allocate+0x190/0x9d0 [ 63.853280][ T6535] ? futex_hash_allocate+0x190/0x9d0 [ 63.853395][ T6535] futex_hash_allocate+0x190/0x9d0 [ 63.853450][ T6535] ? cap_task_prctl+0x13f/0x6e0 [ 63.853477][ T6535] futex_hash_prctl+0xd8/0xf0 [ 63.853511][ T6535] __se_sys_prctl+0xa3d/0x13f0 [ 63.853587][ T6535] __x64_sys_prctl+0x67/0x80 [ 63.853623][ T6535] x64_sys_call+0x2533/0x3020 [ 63.853648][ T6535] do_syscall_64+0x12c/0x370 [ 63.853674][ T6535] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 63.853694][ T6535] RIP: 0033:0x7f79a656c799 [ 63.853713][ T6535] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 63.853782][ T6535] RSP: 002b:00007f79a4fc7028 EFLAGS: 00000246 ORIG_RAX: 000000000000009d [ 63.853798][ T6535] RAX: ffffffffffffffda RBX: 00007f79a67e5fa0 RCX: 00007f79a656c799 [ 63.853809][ T6535] RDX: 0000000001000000 RSI: 0000000000000001 RDI: 000000000000004e [ 63.853819][ T6535] RBP: 00007f79a6602c99 R08: 0000000000000000 R09: 0000000000000000 [ 63.853829][ T6535] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 63.853899][ T6535] R13: 00007f79a67e6038 R14: 00007f79a67e5fa0 R15: 00007fff03887ed8 [ 63.853914][ T6535] [ 63.853922][ T6535] memory: usage 307196kB, limit 307200kB, failcnt 229 [ 64.240142][ T6535] memory+swap: usage 307536kB, limit 9007199254740988kB, failcnt 0 [ 64.257017][ T6535] kmem: usage 307196kB, limit 9007199254740988kB, failcnt 0 [ 64.283752][ T6535] Memory cgroup stats for /syz3: [ 64.283932][ T6535] cache 0 [ 64.314598][ T6535] rss 0 [ 64.321986][ T6535] shmem 0 [ 64.331604][ T6535] mapped_file 0 [ 64.348463][ T6535] dirty 0 [ 64.354752][ T6535] writeback 0 [ 64.366778][ T6535] workingset_refault_anon 9 [ 64.382930][ T6535] workingset_refault_file 0 [ 64.401332][ T6535] swap 344064 [ 64.412259][ T6535] swapcached 5672960 [ 64.432138][ T6535] pgpgin 78364 [ 64.440445][ T6535] pgpgout 78363 [ 64.454348][ T6535] pgfault 62869 [ 64.468664][ T6535] pgmajfault 6 [ 64.479959][ T6535] inactive_anon 0 [ 64.497011][ T6535] active_anon 4096 [ 64.509993][ T6535] inactive_file 0 [ 64.539262][ T6535] active_file 0 [ 64.559330][ T6535] unevictable 0 [ 64.570278][ T6535] hierarchical_memory_limit 314572800 [ 64.575656][ T6535] hierarchical_memsw_limit 9223372036854771712 [ 64.619402][ T6535] total_cache 0 [ 64.622928][ T6535] total_rss 0 [ 64.626232][ T6535] total_shmem 0 [ 64.629689][ T6535] total_mapped_file 0 [ 64.650391][ T6535] total_dirty 0 [ 64.653862][ T6535] total_writeback 0 [ 64.680118][ T6535] total_workingset_refault_anon 9 [ 64.685253][ T6535] total_workingset_refault_file 0 [ 64.700347][ T6535] total_swap 344064 [ 64.710134][ T6535] total_swapcached 5672960 [ 64.714552][ T6535] total_pgpgin 78364 [ 64.718435][ T6535] total_pgpgout 78363 [ 64.740106][ T6535] total_pgfault 62869 [ 64.744095][ T6535] total_pgmajfault 6 [ 64.748163][ T6535] total_inactive_anon 0 [ 64.770106][ T6535] total_active_anon 4096 [ 64.774375][ T6535] total_inactive_file 0 [ 64.778515][ T6535] total_active_file 0 [ 64.800159][ T6535] total_unevictable 0 [ 64.804167][ T6535] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz3,task_memcg=/syz3,task=syz.3.1215,pid=6534,uid=0 [ 64.830121][ T6535] Memory cgroup out of memory: Killed process 6534 (syz.3.1215) total-vm:96080kB, anon-rss:1228kB, file-rss:22020kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000 [ 65.528590][ T6599] netlink: 340 bytes leftover after parsing attributes in process `syz.0.1239'. [ 65.829491][ T6630] ip6_vti0 speed is unknown, defaulting to 1000 [ 66.159760][ T403] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 20001 - 0 [ 66.168891][ T403] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 20001 - 0 [ 66.178910][ T403] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 20001 - 0 [ 66.188254][ T403] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 20001 - 0 [ 66.360338][ T6645] ip6_vti0 speed is unknown, defaulting to 1000 [ 66.682267][ T6659] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1266'. [ 66.701320][ T6662] dvmrp6: entered allmulticast mode [ 66.832802][ T28] audit: type=1400 audit(1774313554.292:389): avc: denied { name_bind } for pid=6667 comm="syz.5.1272" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1 [ 67.049217][ T6674] ip6_vti0 speed is unknown, defaulting to 1000 [ 67.722840][ T6692] set_capacity_and_notify: 2 callbacks suppressed [ 67.722857][ T6692] loop0: detected capacity change from 0 to 1024 [ 67.754461][ T6692] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 67.769765][ T6692] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4222: comm syz.0.1278: Allocating blocks 449-513 which overlap fs metadata [ 67.822407][ T3315] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 67.842235][ T6699] netlink: 'syz.5.1281': attribute type 10 has an invalid length. [ 67.888238][ T28] audit: type=1400 audit(1774313555.342:390): avc: denied { create } for pid=6703 comm="syz.6.1282" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1 [ 67.911711][ T28] audit: type=1400 audit(1774313555.362:391): avc: denied { bind } for pid=6703 comm="syz.6.1282" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1 [ 67.933132][ T6706] loop5: detected capacity change from 0 to 512 [ 67.953128][ T6706] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 67.965913][ T6706] ext4 filesystem being mounted at /222/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 67.979021][ T6706] EXT4-fs (loop5): shut down requested (0) [ 67.986175][ T6706] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop5 ino=12 [ 67.988007][ T6710] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1285'. [ 67.995750][ T6706] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop5 ino=12 [ 68.038283][ T28] audit: type=1400 audit(1774313555.492:392): avc: denied { mounton } for pid=6705 comm="syz.5.1284" path="/222/file0/file0" dev="loop5" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 68.092561][ T3820] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 68.147268][ T6722] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1299'. [ 68.417043][ T6736] netlink: 'syz.4.1296': attribute type 10 has an invalid length. [ 68.586463][ T6757] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1304'. [ 68.598053][ T6755] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1305'. [ 68.649133][ T6757] bridge0: port 2(bridge_slave_1) entered disabled state [ 68.712332][ T6757] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 68.722600][ T6757] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 68.778711][ T2536] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 68.787730][ T2536] netdevsim netdevsim4 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 68.806943][ T2536] netdevsim netdevsim4 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 68.822321][ T2536] netdevsim netdevsim4 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 68.917917][ T6779] batadv_slave_1: entered promiscuous mode [ 68.930774][ T6777] batadv_slave_1: left promiscuous mode [ 69.125350][ T6799] ip6_vti0 speed is unknown, defaulting to 1000 [ 69.273207][ T6799] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1324'. [ 69.849506][ T6811] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1327'. [ 69.854267][ T6810] tipc: Started in network mode [ 69.870566][ T6810] tipc: Node identity 0000000000002d000000000000000001, cluster identity 4711 [ 69.889461][ T6810] tipc: Enabling of bearer rejected, failed to enable media [ 70.060138][ C0] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured! [ 70.124222][ T6846] syz_tun: entered allmulticast mode [ 70.140685][ T6842] syz_tun: left allmulticast mode [ 70.152161][ T6849] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1348'. [ 70.171353][ T6849] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1348'. [ 70.483753][ T28] audit: type=1400 audit(1774313557.942:393): avc: denied { create } for pid=6863 comm="syz.0.1365" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=netlink_selinux_socket permissive=1 [ 70.689524][ T6885] netlink: 16 bytes leftover after parsing attributes in process `syz.6.1360'. [ 70.700168][ C1] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured! [ 70.717022][ T6887] rdma_rxe: rxe_newlink: failed to add ip6_vti0 [ 70.737067][ T6875] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 70.748438][ T6891] loop0: detected capacity change from 0 to 1024 [ 70.755023][ T6875] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 70.766027][ T6885] bridge0: port 2(bridge_slave_1) entered disabled state [ 70.773238][ T6885] bridge0: port 1(bridge_slave_0) entered disabled state [ 70.792514][ T6891] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 70.847066][ T6891] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1364'. [ 70.869642][ T6885] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 70.888954][ T6885] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 70.897692][ T3315] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 70.984910][ T198] netdevsim netdevsim6 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 71.010233][ T198] netdevsim netdevsim6 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 71.019206][ T198] netdevsim netdevsim6 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 71.047092][ T198] netdevsim netdevsim6 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 71.139249][ T6912] loop0: detected capacity change from 0 to 2048 [ 71.166093][ T6916] futex_wake_op: syz.4.1379 tries to shift op by -3; fix this program [ 71.271343][ T6918] loop0: detected capacity change from 0 to 4096 [ 71.309584][ T6918] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 71.341071][ T6918] EXT4-fs (loop0): Online resizing not supported with bigalloc [ 71.402626][ T6936] bridge0: port 2(bridge_slave_1) entered disabled state [ 71.409841][ T6936] bridge0: port 1(bridge_slave_0) entered disabled state [ 71.449539][ T3315] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 71.486224][ T6945] loop3: detected capacity change from 0 to 128 [ 71.562397][ T6936] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 71.583701][ T6936] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 71.636593][ T40] netdevsim netdevsim5 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 71.654405][ T40] netdevsim netdevsim5 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 71.678582][ T40] netdevsim netdevsim5 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 71.695384][ T40] netdevsim netdevsim5 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 71.745505][ T6963] loop5: detected capacity change from 0 to 512 [ 71.762262][ T6963] EXT4-fs: Ignoring removed nobh option [ 71.795463][ T6963] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 71.806681][ T6963] EXT4-fs (loop5): 1 truncate cleaned up [ 71.820532][ T6963] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 71.853535][ T6963] Invalid option length (255) for dns_resolver key [ 71.973669][ T3820] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 72.017978][ T6978] program syz.0.1408 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 72.090766][ T403] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 20001 - 0 [ 72.115135][ T6989] loop5: detected capacity change from 0 to 128 [ 72.123388][ T403] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 20001 - 0 [ 72.140558][ T403] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 20001 - 0 [ 72.168253][ T403] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 20001 - 0 [ 72.347345][ T7013] loop3: detected capacity change from 0 to 736 [ 72.442556][ T28] audit: type=1400 audit(1774313559.892:394): avc: denied { ioctl } for pid=7024 comm="syz.5.1428" path="socket:[16895]" dev="sockfs" ino=16895 ioctlcmd=0x8910 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 72.499108][ T35] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 72.511005][ T7030] SELinux: failed to load policy [ 72.525811][ T28] audit: type=1400 audit(1774313559.972:395): avc: denied { load_policy } for pid=7029 comm="syz.4.1433" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1 [ 72.543067][ T7035] loop3: detected capacity change from 0 to 128 [ 72.555371][ T35] hid-generic 0000:0000:0000.0002: hidraw0: HID v0.00 Device [syz1] on syz0 [ 72.604878][ T7035] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 72.656895][ T7035] ext4 filesystem being mounted at /323/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 72.729464][ T28] audit: type=1400 audit(1774313560.182:396): avc: denied { unmount } for pid=5096 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bpf_t tclass=filesystem permissive=1 [ 72.806432][ T28] audit: type=1400 audit(1774313560.252:397): avc: denied { write } for pid=7034 comm="syz.3.1435" path="/323/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file1" dev="loop3" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 72.861073][ T28] audit: type=1400 audit(1774313560.252:398): avc: denied { ioctl } for pid=7034 comm="syz.3.1435" path="/323/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file1" dev="loop3" ino=12 ioctlcmd=0x5829 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 72.916263][ T3320] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 73.004765][ T7068] __nla_validate_parse: 9 callbacks suppressed [ 73.004780][ T7068] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1448'. [ 73.039134][ T28] audit: type=1400 audit(1774313560.492:399): avc: denied { bind } for pid=7069 comm="syz.3.1449" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 73.239694][ T7089] loop0: detected capacity change from 0 to 256 [ 73.256152][ T7089] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 73.270304][ T7089] FAT-fs (loop0): Filesystem has been set read-only [ 73.277009][ T7089] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 73.294860][ T7089] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 73.305353][ T7089] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 73.375143][ T7103] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1465'. [ 73.401695][ T7109] netlink: 72 bytes leftover after parsing attributes in process `syz.6.1468'. [ 73.410877][ T7109] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1468'. [ 73.501607][ T28] audit: type=1400 audit(1774313560.952:400): avc: denied { ioctl } for pid=7120 comm="syz.0.1472" path="socket:[17060]" dev="sockfs" ino=17060 ioctlcmd=0x89e0 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 73.576506][ T28] audit: type=1400 audit(1774313560.962:401): avc: denied { bind } for pid=7118 comm="syz.4.1473" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 73.620102][ T28] audit: type=1400 audit(1774313561.072:402): avc: denied { setopt } for pid=7130 comm="syz.0.1478" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 73.680177][ T28] audit: type=1400 audit(1774313561.072:403): avc: denied { read } for pid=7130 comm="syz.0.1478" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 73.868256][ T7175] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 73.890262][ T7175] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 74.205870][ T7207] loop5: detected capacity change from 0 to 512 [ 74.225697][ T7213] netlink: 277 bytes leftover after parsing attributes in process `syz.6.1508'. [ 74.225782][ T7207] ext4: Unknown parameter 'noacl' [ 74.456686][ T7235] loop5: detected capacity change from 0 to 1024 [ 74.535542][ T7245] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1523'. [ 74.545064][ T7235] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 74.623304][ T7257] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 74.632365][ T3820] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 74.641820][ T7257] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 74.712691][ T7267] ip6_vti0 speed is unknown, defaulting to 1000 [ 75.028800][ T7290] netlink: 'syz.5.1544': attribute type 49 has an invalid length. [ 75.680495][ T7342] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw' [ 75.760053][ T7346] syzkaller1: entered promiscuous mode [ 75.765596][ T7346] syzkaller1: entered allmulticast mode [ 76.037405][ T7366] loop5: detected capacity change from 0 to 2048 [ 76.052478][ T7366] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 76.171370][ T3820] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 76.353036][ T7388] netlink: 28 bytes leftover after parsing attributes in process `syz.6.1585'. [ 76.362503][ T7388] netlink: 32 bytes leftover after parsing attributes in process `syz.6.1585'. [ 76.372869][ T7388] netlink: 28 bytes leftover after parsing attributes in process `syz.6.1585'. [ 76.382130][ T7388] netlink: 32 bytes leftover after parsing attributes in process `syz.6.1585'. [ 76.434344][ T7396] openvswitch: netlink: Missing key (keys=40, expected=100) [ 76.488751][ T7400] xt_hashlimit: size too large, truncated to 1048576 [ 77.027722][ T7420] pim6reg: entered allmulticast mode [ 77.033994][ T7420] pim6reg: left allmulticast mode [ 77.556833][ T28] kauditd_printk_skb: 82 callbacks suppressed [ 77.556848][ T28] audit: type=1326 audit(1774313565.012:486): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7455 comm="syz.6.1625" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f02b0a8c799 code=0x7ffc0000 [ 77.589271][ T28] audit: type=1326 audit(1774313565.012:487): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7455 comm="syz.6.1625" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f02b0a8c799 code=0x7ffc0000 [ 77.612740][ T28] audit: type=1326 audit(1774313565.012:488): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7455 comm="syz.6.1625" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f02b0a8c799 code=0x7ffc0000 [ 77.636150][ T28] audit: type=1326 audit(1774313565.012:489): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7455 comm="syz.6.1625" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f02b0a8c799 code=0x7ffc0000 [ 77.659949][ T28] audit: type=1326 audit(1774313565.042:490): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7455 comm="syz.6.1625" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f02b0a8c799 code=0x7ffc0000 [ 77.699113][ T28] audit: type=1326 audit(1774313565.042:491): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7455 comm="syz.6.1625" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f02b0a8c799 code=0x7ffc0000 [ 77.723351][ T28] audit: type=1326 audit(1774313565.062:492): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7455 comm="syz.6.1625" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f02b0a8c799 code=0x7ffc0000 [ 77.746848][ T28] audit: type=1326 audit(1774313565.062:493): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7455 comm="syz.6.1625" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f02b0a8c799 code=0x7ffc0000 [ 77.770195][ T28] audit: type=1326 audit(1774313565.062:494): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7455 comm="syz.6.1625" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f02b0a8c799 code=0x7ffc0000 [ 77.793644][ T28] audit: type=1326 audit(1774313565.062:495): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7455 comm="syz.6.1625" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f02b0a8c799 code=0x7ffc0000 [ 78.400103][ T7466] loop5: detected capacity change from 0 to 512 [ 78.431914][ T7466] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 78.444597][ T7466] ext4 filesystem being mounted at /296/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 78.605898][ T3820] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 78.645693][ T7477] __nla_validate_parse: 5 callbacks suppressed [ 78.645706][ T7477] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1621'. [ 78.662296][ T7477] netlink: 32 bytes leftover after parsing attributes in process `syz.5.1621'. [ 78.671653][ T7477] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1621'. [ 78.680955][ T7477] netlink: 32 bytes leftover after parsing attributes in process `syz.5.1621'. [ 78.765217][ T7483] loop3: detected capacity change from 0 to 2048 [ 78.782318][ T7487] xt_hashlimit: size too large, truncated to 1048576 [ 78.808887][ T7483] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 78.943950][ T3320] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 78.954748][ T7496] netlink: 16 bytes leftover after parsing attributes in process `syz.6.1629'. [ 79.217530][ T70] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 20001 - 0 [ 79.230463][ T70] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 20001 - 0 [ 79.239559][ T70] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 20001 - 0 [ 79.248977][ T70] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 20001 - 0 [ 79.839513][ T7524] xt_hashlimit: size too large, truncated to 1048576 [ 82.472975][ T7651] loop5: detected capacity change from 0 to 512 [ 82.491553][ T7651] EXT4-fs: Ignoring removed i_version option [ 82.506125][ T7651] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 82.596770][ T3820] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 82.732921][ T7661] netlink: 'syz.6.1696': attribute type 3 has an invalid length. [ 82.752285][ T7661] netlink: 'syz.6.1696': attribute type 4 has an invalid length. [ 82.760269][ T7661] netlink: 9067 bytes leftover after parsing attributes in process `syz.6.1696'. [ 82.920094][ T28] kauditd_printk_skb: 55 callbacks suppressed [ 82.920141][ T28] audit: type=1400 audit(1774313570.372:551): avc: denied { mount } for pid=7673 comm="syz.5.1703" name="/" dev="hugetlbfs" ino=18846 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=filesystem permissive=1 [ 83.641591][ T7691] netlink: 148 bytes leftover after parsing attributes in process `syz.6.1711'. [ 84.149464][ T7704] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 84.222202][ T28] audit: type=1400 audit(1774313571.682:552): avc: denied { bind } for pid=7713 comm="syz.6.1721" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 84.487878][ T28] audit: type=1400 audit(1774313571.942:553): avc: denied { lock } for pid=7719 comm="syz.6.1733" path="socket:[18982]" dev="sockfs" ino=18982 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1 [ 84.675726][ T28] audit: type=1400 audit(1774313572.132:554): avc: denied { ioctl } for pid=7731 comm="syz.5.1728" path="socket:[19529]" dev="sockfs" ino=19529 ioctlcmd=0x89e2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1 [ 84.726512][ T7736] netlink: 'syz.5.1730': attribute type 10 has an invalid length. [ 84.736470][ T7736] team0: Device wg1 is of different type [ 84.775143][ T28] audit: type=1326 audit(1774313572.232:555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7737 comm="syz.5.1731" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6c137c799 code=0x7ffc0000 [ 84.798665][ T28] audit: type=1326 audit(1774313572.232:556): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7737 comm="syz.5.1731" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6c137c799 code=0x7ffc0000 [ 84.822747][ T28] audit: type=1326 audit(1774313572.232:557): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7737 comm="syz.5.1731" exe="/root/syz-executor" sig=0 arch=c000003e syscall=125 compat=0 ip=0x7fd6c137c799 code=0x7ffc0000 [ 84.846227][ T28] audit: type=1326 audit(1774313572.232:558): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7737 comm="syz.5.1731" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6c137c799 code=0x7ffc0000 [ 84.869961][ T28] audit: type=1326 audit(1774313572.232:559): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7737 comm="syz.5.1731" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6c137c799 code=0x7ffc0000 [ 85.327688][ T28] audit: type=1400 audit(1774313572.782:560): avc: denied { wake_alarm } for pid=7751 comm="syz.4.1739" capability=35 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 85.359986][ T7754] veth1_to_bond: entered allmulticast mode [ 85.366224][ T7753] veth1_to_bond: left allmulticast mode [ 86.168091][ T7802] SELinux: failed to load policy [ 86.302005][ T7808] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1762'. [ 86.317647][ T3820] syz-executor invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0 [ 86.336636][ T3820] CPU: 0 UID: 0 PID: 3820 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) [ 86.336658][ T3820] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 86.336667][ T3820] Call Trace: [ 86.336672][ T3820] [ 86.336678][ T3820] __dump_stack+0x1d/0x30 [ 86.336730][ T3820] dump_stack_lvl+0x95/0xd0 [ 86.336751][ T3820] dump_stack+0x15/0x1b [ 86.336909][ T3820] dump_header+0x80/0x240 [ 86.336933][ T3820] oom_kill_process+0x295/0x350 [ 86.336954][ T3820] out_of_memory+0x97d/0xb80 [ 86.336976][ T3820] try_charge_memcg+0x62e/0xa10 [ 86.337012][ T3820] mem_cgroup_swapin_charge_folio+0x103/0x1f0 [ 86.337111][ T3820] __swap_cache_prepare_and_add+0x386/0x530 [ 86.337148][ T3820] swap_cache_alloc_folio+0xa2/0x120 [ 86.337217][ T3820] swap_cluster_readahead+0x26e/0x3d0 [ 86.337302][ T3820] swapin_readahead+0xde/0x840 [ 86.337326][ T3820] ? __rcu_read_unlock+0x4e/0x70 [ 86.337346][ T3820] ? __perf_event_task_sched_in+0xa65/0xad0 [ 86.337380][ T3820] ? __rcu_read_unlock+0x4e/0x70 [ 86.337406][ T3820] ? swap_cache_get_folio+0x26f/0x280 [ 86.337454][ T3820] do_swap_page+0x30d/0x2220 [ 86.337529][ T3820] ? __schedule+0x93c/0xd40 [ 86.337584][ T3820] ? __rcu_read_lock+0x36/0x50 [ 86.337601][ T3820] ? pte_offset_map_rw_nolock+0x19e/0x200 [ 86.337706][ T3820] handle_mm_fault+0xb46/0x3020 [ 86.337730][ T3820] ? vma_start_read+0x1c7/0x2c0 [ 86.337757][ T3820] do_user_addr_fault+0x62f/0x1050 [ 86.337812][ T3820] ? trace_page_fault_user+0x1f/0xe0 [ 86.337833][ T3820] exc_page_fault+0x62/0xa0 [ 86.337862][ T3820] asm_exc_page_fault+0x26/0x30 [ 86.337910][ T3820] RIP: 0033:0x7fd6c1337917 [ 86.337925][ T3820] Code: 48 89 fa 4c 89 df e8 a8 56 00 00 8b 93 08 03 00 00 59 5e 48 83 f8 fc 74 1a 5b c3 0f 1f 84 00 00 00 00 00 48 8b 44 24 10 0f 05 <5b> c3 0f 1f 80 00 00 00 00 83 e2 39 83 fa 08 75 de e8 23 ff ff ff [ 86.337937][ T3820] RSP: 002b:00007ffecb9c2b10 EFLAGS: 00010202 [ 86.337950][ T3820] RAX: 0000000000000000 RBX: 000055556edeb500 RCX: 00007fd6c1337917 [ 86.337987][ T3820] RDX: 00007ffecb9c2b50 RSI: 0000000000000000 RDI: 0000000000000000 [ 86.337999][ T3820] RBP: 00007ffecb9c2bbc R08: 0000000000000000 R09: 0000000000000000 [ 86.338011][ T3820] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000001388 [ 86.338023][ T3820] R13: 00000000000927c0 R14: 0000000000014f98 R15: 00007ffecb9c2c10 [ 86.338042][ T3820] [ 86.338069][ T3820] memory: usage 307200kB, limit 307200kB, failcnt 273 [ 86.576901][ T3820] memory+swap: usage 307476kB, limit 9007199254740988kB, failcnt 0 [ 86.584833][ T3820] kmem: usage 299008kB, limit 9007199254740988kB, failcnt 0 [ 86.592143][ T3820] Memory cgroup stats for /syz5: [ 86.592354][ T3820] cache 0 [ 86.600234][ T3820] rss 8388608 [ 86.603503][ T3820] shmem 0 [ 86.606426][ T3820] mapped_file 0 [ 86.609946][ T3820] dirty 0 [ 86.613149][ T3820] writeback 0 [ 86.616486][ T3820] workingset_refault_anon 27 [ 86.621281][ T3820] workingset_refault_file 0 [ 86.625867][ T3820] swap 282624 [ 86.629144][ T3820] swapcached 6807552 [ 86.633365][ T3820] pgpgin 101809 [ 86.636820][ T3820] pgpgout 99761 [ 86.640338][ T3820] pgfault 93544 [ 86.643826][ T3820] pgmajfault 24 [ 86.647303][ T3820] inactive_anon 0 [ 86.650964][ T3820] active_anon 0 [ 86.654436][ T3820] inactive_file 0 [ 86.658065][ T3820] active_file 0 [ 86.661582][ T3820] unevictable 8388608 [ 86.665554][ T3820] hierarchical_memory_limit 314572800 [ 86.671011][ T3820] hierarchical_memsw_limit 9223372036854771712 [ 86.677170][ T3820] total_cache 0 [ 86.680684][ T3820] total_rss 8388608 [ 86.684480][ T3820] total_shmem 0 [ 86.687920][ T3820] total_mapped_file 0 [ 86.691917][ T3820] total_dirty 0 [ 86.695361][ T3820] total_writeback 0 [ 86.699163][ T3820] total_workingset_refault_anon 27 [ 86.704407][ T3820] total_workingset_refault_file 0 [ 86.709445][ T3820] total_swap 282624 [ 86.713301][ T3820] total_swapcached 6807552 [ 86.717729][ T3820] total_pgpgin 101809 [ 86.721717][ T3820] total_pgpgout 99761 [ 86.725714][ T3820] total_pgfault 93544 [ 86.729765][ T3820] total_pgmajfault 24 [ 86.733773][ T3820] total_inactive_anon 0 [ 86.737998][ T3820] total_active_anon 0 [ 86.741982][ T3820] total_inactive_file 0 [ 86.746129][ T3820] total_active_file 0 [ 86.750194][ T3820] total_unevictable 8388608 [ 86.754685][ T3820] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz5,task_memcg=/syz5,task=syz.5.1758,pid=7798,uid=0 [ 86.769389][ T3820] Memory cgroup out of memory: Killed process 7798 (syz.5.1758) total-vm:94032kB, anon-rss:9420kB, file-rss:22280kB, shmem-rss:0kB, UID:0 pgtables:144kB oom_score_adj:1000 [ 86.792029][ T7832] ip6_vti0 speed is unknown, defaulting to 1000 [ 87.116968][ T7847] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1779'. [ 87.135833][ T7847] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1779'. [ 87.160033][ T7851] loop5: detected capacity change from 0 to 512 [ 87.265483][ T7864] loop5: detected capacity change from 0 to 512 [ 87.284619][ T7864] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 87.297245][ T7864] ext4 filesystem being mounted at /337/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 87.331822][ T7864] delete_channel: no stack [ 87.349620][ T3820] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 87.442543][ T7874] sctp: [Deprecated]: syz.6.1789 (pid 7874) Use of struct sctp_assoc_value in delayed_ack socket option. [ 87.442543][ T7874] Use struct sctp_sack_info instead [ 88.061904][ T28] kauditd_printk_skb: 15 callbacks suppressed [ 88.061996][ T28] audit: type=1400 audit(1774313575.522:576): avc: denied { unmount } for pid=5096 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1 [ 88.103813][ T7926] netlink: 40 bytes leftover after parsing attributes in process `syz.6.1812'. [ 88.680376][ T7971] IPVS: sh: UDP 224.0.0.2:0 - no destination available [ 88.687341][ T35] IPVS: starting estimator thread 0... [ 88.780195][ T7979] IPVS: using max 2448 ests per chain, 122400 per kthread [ 88.884790][ T7999] IPVS: sync thread started: state = BACKUP, mcast_ifn = veth0_to_bridge, syncid = 2, id = 0 [ 88.907572][ T28] audit: type=1400 audit(1774313576.362:577): avc: denied { connect } for pid=8000 comm="syz.4.1847" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 88.928027][ T28] audit: type=1400 audit(1774313576.392:578): avc: denied { bind } for pid=8000 comm="syz.4.1847" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 88.951231][ T28] audit: type=1400 audit(1774313576.412:579): avc: denied { read } for pid=8002 comm="syz.5.1848" name="usbmon0" dev="devtmpfs" ino=141 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 88.992051][ T28] audit: type=1400 audit(1774313576.412:580): avc: denied { open } for pid=8002 comm="syz.5.1848" path="/dev/usbmon0" dev="devtmpfs" ino=141 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 89.017798][ T28] audit: type=1400 audit(1774313576.442:581): avc: denied { map } for pid=8002 comm="syz.5.1848" path="/dev/usbmon0" dev="devtmpfs" ino=141 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 89.031632][ T8006] xt_hashlimit: size too large, truncated to 1048576 [ 89.136790][ T28] audit: type=1400 audit(1774313576.592:582): avc: denied { getopt } for pid=8021 comm="syz.6.1856" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1 [ 89.983906][ T8045] ip6_vti0 speed is unknown, defaulting to 1000 [ 90.042420][ T28] audit: type=1400 audit(1774313577.502:583): avc: denied { create } for pid=8056 comm="syz.4.1866" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1 [ 90.069673][ T28] audit: type=1400 audit(1774313577.522:584): avc: denied { bind } for pid=8056 comm="syz.4.1866" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1 [ 90.084519][ T8045] chnl_net:caif_netlink_parms(): no params data found [ 90.091089][ T28] audit: type=1400 audit(1774313577.522:585): avc: denied { connect } for pid=8056 comm="syz.4.1866" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1 [ 90.176852][ T8045] bridge0: port 1(bridge_slave_0) entered blocking state [ 90.190210][ T8045] bridge0: port 1(bridge_slave_0) entered disabled state [ 90.201870][ T8045] bridge_slave_0: entered allmulticast mode [ 90.230680][ T8045] bridge_slave_0: entered promiscuous mode [ 90.250759][ T8045] bridge0: port 2(bridge_slave_1) entered blocking state [ 90.257923][ T8045] bridge0: port 2(bridge_slave_1) entered disabled state [ 90.280282][ T8045] bridge_slave_1: entered allmulticast mode [ 90.289092][ T8045] bridge_slave_1: entered promiscuous mode [ 90.316568][ T8073] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1871'. [ 90.335040][ T8045] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 90.345517][ T8045] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 90.373956][ T8045] team0: Port device team_slave_0 added [ 90.380779][ T8045] team0: Port device team_slave_1 added [ 90.418996][ T8045] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 90.428574][ T8045] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 90.464188][ T8045] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 90.486526][ T8045] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 90.493670][ T8045] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 90.548646][ T8045] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 90.574607][ T403] bridge_slave_1: left allmulticast mode [ 90.580293][ T403] bridge_slave_1: left promiscuous mode [ 90.591765][ T403] bridge0: port 2(bridge_slave_1) entered disabled state [ 90.610251][ T403] bridge_slave_0: left allmulticast mode [ 90.619134][ T403] bridge_slave_0: left promiscuous mode [ 90.651247][ T403] bridge0: port 1(bridge_slave_0) entered disabled state [ 90.728599][ T403] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 90.787970][ T403] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 90.820694][ T403] bond0 (unregistering): Released all slaves [ 90.861264][ T8045] hsr_slave_0: entered promiscuous mode [ 90.938901][ T8106] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1882'. [ 91.110741][ T8045] hsr_slave_1: entered promiscuous mode [ 91.116688][ T8045] debugfs: 'hsr0' already exists in 'hsr' [ 91.156812][ T8045] Cannot create hsr debugfs directory [ 91.345650][ T403] hsr_slave_0: left promiscuous mode [ 91.352163][ T403] hsr_slave_1: left promiscuous mode [ 91.360386][ T403] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 91.369891][ T403] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 91.402939][ T8145] loop5: detected capacity change from 0 to 512 [ 91.459403][ T8145] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.1901: bg 0: block 248: padding at end of block bitmap is not set [ 91.477713][ T403] team0 (unregistering): Port device team_slave_1 removed [ 91.487879][ T403] team0 (unregistering): Port device team_slave_0 removed [ 91.490238][ T8145] loop5: lost filesystem error report for type 5 error -117 [ 91.495582][ T8145] EXT4-fs error (device loop5): ext4_acquire_dquot:7001: comm syz.5.1901: Failed to acquire dquot type 1 [ 91.502907][ C1] EXT4-fs (loop5): error count since last fsck: 1 [ 91.502937][ C1] EXT4-fs (loop5): last error at time 1774313578: ext4_validate_block_bitmap:441 [ 91.529832][ T8145] loop5: lost filesystem error report for type 5 error -117 [ 91.554202][ T8145] EXT4-fs (loop5): 1 truncate cleaned up [ 91.569895][ T8145] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 91.597275][ T8145] ext4 filesystem being mounted at /364/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 91.610362][ T8045] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 91.621766][ T8045] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 91.632047][ T8045] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 91.641412][ T8045] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 91.668377][ T3820] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 91.732442][ T8045] 8021q: adding VLAN 0 to HW filter on device bond0 [ 91.749688][ T8045] 8021q: adding VLAN 0 to HW filter on device team0 [ 91.771153][ T30] bridge0: port 1(bridge_slave_0) entered blocking state [ 91.778207][ T30] bridge0: port 1(bridge_slave_0) entered forwarding state [ 91.796694][ T70] bridge0: port 2(bridge_slave_1) entered blocking state [ 91.803802][ T70] bridge0: port 2(bridge_slave_1) entered forwarding state [ 91.988544][ T8045] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 92.111572][ T3316] syz-executor invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0 [ 92.149357][ T3316] CPU: 0 UID: 0 PID: 3316 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) [ 92.149385][ T3316] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 92.149397][ T3316] Call Trace: [ 92.149469][ T3316] [ 92.149474][ T3316] __dump_stack+0x1d/0x30 [ 92.149496][ T3316] dump_stack_lvl+0x95/0xd0 [ 92.149522][ T3316] dump_stack+0x15/0x1b [ 92.149542][ T3316] dump_header+0x80/0x240 [ 92.149563][ T3316] oom_kill_process+0x295/0x350 [ 92.149631][ T3316] out_of_memory+0x97d/0xb80 [ 92.149653][ T3316] try_charge_memcg+0x62e/0xa10 [ 92.149760][ T3316] mem_cgroup_swapin_charge_folio+0x103/0x1f0 [ 92.149790][ T3316] __swap_cache_prepare_and_add+0x386/0x530 [ 92.149828][ T3316] swap_cache_alloc_folio+0xa2/0x120 [ 92.149866][ T3316] swap_cluster_readahead+0x26e/0x3d0 [ 92.149947][ T3316] swapin_readahead+0xde/0x840 [ 92.149995][ T3316] ? __rcu_read_unlock+0x4e/0x70 [ 92.150093][ T3316] ? __perf_event_task_sched_in+0xa65/0xad0 [ 92.150113][ T3316] ? __list_add_valid_or_report+0x38/0xe0 [ 92.150138][ T3316] ? __rcu_read_unlock+0x4e/0x70 [ 92.150153][ T3316] ? swap_cache_get_folio+0x26f/0x280 [ 92.150246][ T3316] do_swap_page+0x30d/0x2220 [ 92.150273][ T3316] ? __schedule+0x93c/0xd40 [ 92.150298][ T3316] ? __rcu_read_lock+0x36/0x50 [ 92.150326][ T3316] ? pte_offset_map_rw_nolock+0x19e/0x200 [ 92.150351][ T3316] handle_mm_fault+0xb46/0x3020 [ 92.150379][ T3316] ? vma_start_read+0x1c7/0x2c0 [ 92.150406][ T3316] do_user_addr_fault+0x62f/0x1050 [ 92.150516][ T3316] ? trace_page_fault_user+0x1f/0xe0 [ 92.150546][ T3316] exc_page_fault+0x62/0xa0 [ 92.150568][ T3316] asm_exc_page_fault+0x26/0x30 [ 92.150600][ T3316] RIP: 0033:0x7f3abfdd7917 [ 92.150623][ T3316] Code: 48 89 fa 4c 89 df e8 a8 56 00 00 8b 93 08 03 00 00 59 5e 48 83 f8 fc 74 1a 5b c3 0f 1f 84 00 00 00 00 00 48 8b 44 24 10 0f 05 <5b> c3 0f 1f 80 00 00 00 00 83 e2 39 83 fa 08 75 de e8 23 ff ff ff [ 92.150639][ T3316] RSP: 002b:00007fff93aa62b0 EFLAGS: 00010202 [ 92.150656][ T3316] RAX: 0000000000000000 RBX: 000055556a39f500 RCX: 00007f3abfdd7917 [ 92.150699][ T3316] RDX: 00007fff93aa62f0 RSI: 0000000000000000 RDI: 0000000000000000 [ 92.150709][ T3316] RBP: 00007fff93aa635c R08: 0000000000000000 R09: 0000000000000000 [ 92.150719][ T3316] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000001388 [ 92.150756][ T3316] R13: 00000000000927c0 R14: 0000000000016544 R15: 00007fff93aa63b0 [ 92.150775][ T3316] [ 92.387998][ T3316] memory: usage 307200kB, limit 307200kB, failcnt 301 [ 92.404356][ T3316] memory+swap: usage 307744kB, limit 9007199254740988kB, failcnt 0 [ 92.420248][ T3316] kmem: usage 307200kB, limit 9007199254740988kB, failcnt 0 [ 92.427551][ T3316] Memory cgroup stats for /syz4: [ 92.427740][ T3316] cache 0 [ 92.437921][ T8045] veth0_vlan: entered promiscuous mode [ 92.446255][ T3316] rss 0 [ 92.449125][ T3316] shmem 0 [ 92.449386][ T8045] veth1_vlan: entered promiscuous mode [ 92.453868][ T3316] mapped_file 0 [ 92.466303][ T3316] dirty 0 [ 92.469982][ T8045] veth0_macvtap: entered promiscuous mode [ 92.477552][ T8045] veth1_macvtap: entered promiscuous mode [ 92.483348][ T3316] writeback 0 [ 92.486655][ T3316] workingset_refault_anon 12 [ 92.497791][ T3316] workingset_refault_file 384 [ 92.503686][ T8045] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 92.511043][ T3316] swap 557056 [ 92.514422][ T8045] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 92.521720][ T3316] swapcached 557056 [ 92.525761][ T3316] pgpgin 139140 [ 92.529402][ T3316] pgpgout 139140 [ 92.533226][ T403] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.540971][ T3316] pgfault 131209 [ 92.545478][ T3316] pgmajfault 10 [ 92.545749][ T403] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.548921][ T3316] inactive_anon 0 [ 92.548929][ T3316] active_anon 0 [ 92.548940][ T3316] inactive_file 0 [ 92.548946][ T3316] active_file 0 [ 92.548951][ T3316] unevictable 0 [ 92.548956][ T3316] hierarchical_memory_limit 314572800 [ 92.548963][ T3316] hierarchical_memsw_limit 9223372036854771712 [ 92.548969][ T3316] total_cache 0 [ 92.548979][ T3316] total_rss 0 [ 92.548984][ T3316] total_shmem 0 [ 92.548991][ T3316] total_mapped_file 0 [ 92.602372][ T3316] total_dirty 0 [ 92.605844][ T3316] total_writeback 0 [ 92.609637][ T3316] total_workingset_refault_anon 12 [ 92.615836][ T403] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.618779][ T3316] total_workingset_refault_file 384 [ 92.625538][ T403] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.630394][ T3316] total_swap 557056 [ 92.646490][ T3316] total_swapcached 557056 [ 92.651191][ T3316] total_pgpgin 139140 [ 92.655160][ T3316] total_pgpgout 139140 [ 92.659217][ T3316] total_pgfault 131209 [ 92.663825][ T3316] total_pgmajfault 10 [ 92.667806][ T3316] total_inactive_anon 0 [ 92.672271][ T3316] total_active_anon 0 [ 92.676339][ T3316] total_inactive_file 0 [ 92.685161][ T3316] total_active_file 0 [ 92.689329][ T3316] total_unevictable 0 [ 92.700232][ T3316] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz.4.1902,pid=8141,uid=0 [ 92.717720][ T3316] Memory cgroup out of memory: Killed process 8141 (syz.4.1902) total-vm:94164kB, anon-rss:1228kB, file-rss:22296kB, shmem-rss:0kB, UID:0 pgtables:132kB oom_score_adj:1000 [ 94.640293][ T8237] netlink: 'syz.4.1895': attribute type 4 has an invalid length. [ 94.653827][ T8240] loop7: detected capacity change from 0 to 2048 [ 94.701310][ T8240] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 94.777344][ T8249] loop3: detected capacity change from 0 to 512 [ 94.784251][ T8251] netlink: 32 bytes leftover after parsing attributes in process `syz.6.1913'. [ 94.810086][ T28] kauditd_printk_skb: 4 callbacks suppressed [ 94.810100][ T28] audit: type=1400 audit(1774313582.262:588): avc: denied { write } for pid=8245 comm="syz.5.1898" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1 [ 94.844811][ T8249] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 94.873460][ T8249] ext4 filesystem being mounted at /418/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 94.998593][ T8045] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 95.188470][ T28] audit: type=1400 audit(1774313582.642:589): avc: denied { setopt } for pid=8285 comm="syz.5.1918" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 95.250170][ T28] audit: type=1400 audit(1774313582.702:590): avc: denied { watch_reads } for pid=8287 comm="syz.5.1919" path="/374/file1" dev="tmpfs" ino=1934 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 95.326302][ T3320] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 95.380595][ T8296] netlink: 'syz.6.1927': attribute type 1 has an invalid length. [ 95.427925][ T28] audit: type=1400 audit(1774313582.882:591): avc: denied { unmount } for pid=3320 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1 [ 95.477467][ T8310] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=8310 comm=syz.3.1932 [ 95.517647][ T8314] ALSA: seq fatal error: cannot create timer (-22) [ 95.692430][ T28] audit: type=1400 audit(1774313583.152:592): avc: denied { setopt } for pid=8335 comm="syz.3.1944" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 95.721156][ T28] audit: type=1400 audit(1774313583.182:593): avc: denied { listen } for pid=8335 comm="syz.3.1944" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 95.813235][ T28] audit: type=1326 audit(1774313583.272:594): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8358 comm="syz.4.1953" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3abfe1c799 code=0x0 [ 96.402206][ T28] audit: type=1400 audit(1774313583.862:595): avc: denied { read } for pid=8395 comm="syz.7.1970" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 96.506981][ T8402] loop7: detected capacity change from 0 to 512 [ 96.519393][ T8402] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode [ 96.532937][ T8402] EXT4-fs error (device loop7): ext4_read_block_bitmap_nowait:483: comm syz.7.1972: Invalid block bitmap block 0 in block_group 0 [ 96.547896][ T8402] loop7: lost filesystem error report for type 5 error -117 [ 96.548034][ T8402] EXT4-fs error (device loop7) in ext4_mb_clear_bb:6685: Corrupt filesystem [ 96.555348][ C0] EXT4-fs (loop7): error count since last fsck: 1 [ 96.555363][ C0] EXT4-fs (loop7): initial error at time 1774313584: ext4_read_block_bitmap_nowait:483 [ 96.555382][ C0] EXT4-fs (loop7): last error at time 1774313584: ext4_read_block_bitmap_nowait:483 [ 96.590101][ T8402] loop7: lost filesystem error report for type 5 error -117 [ 96.590258][ T8402] EXT4-fs error (device loop7): ext4_clear_blocks:876: inode #11: comm syz.7.1972: attempt to clear invalid blocks 983261 len 1 [ 96.607538][ T8408] openvswitch: netlink: Missing key (keys=40, expected=2000) [ 96.611085][ T8402] loop7: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 96.618906][ T8402] EXT4-fs error (device loop7): __ext4_get_inode_loc:4782: comm syz.7.1972: Invalid inode table block 0 in block_group 0 [ 96.640843][ T8402] loop7: lost filesystem error report for type 5 error -117 [ 96.640993][ T8402] EXT4-fs error (device loop7) in ext4_reserve_inode_write:6246: Corrupt filesystem [ 96.658693][ T8402] loop7: lost filesystem error report for type 5 error -117 [ 96.658844][ T8402] EXT4-fs error (device loop7) in ext4_orphan_del:303: Corrupt filesystem [ 96.675217][ T8402] loop7: lost filesystem error report for type 5 error -117 [ 96.675347][ T8402] EXT4-fs error (device loop7): __ext4_get_inode_loc:4782: comm syz.7.1972: Invalid inode table block 0 in block_group 0 [ 96.675833][ T8411] ip6_vti0 speed is unknown, defaulting to 1000 [ 96.683003][ T8402] loop7: lost filesystem error report for type 5 error -117 [ 96.702557][ T8402] EXT4-fs error (device loop7) in ext4_reserve_inode_write:6246: Corrupt filesystem [ 96.735225][ T8402] loop7: lost filesystem error report for type 5 error -117 [ 96.735372][ T8402] EXT4-fs error (device loop7): ext4_truncate:4587: inode #11: comm syz.7.1972: mark_inode_dirty error [ 96.759636][ T8402] loop7: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 96.759775][ T8402] EXT4-fs error (device loop7) in ext4_process_orphan:345: Corrupt filesystem [ 96.760649][ T8415] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1976'. [ 96.769896][ T8402] loop7: lost filesystem error report for type 5 error -117 [ 96.793281][ T8402] EXT4-fs error (device loop7): __ext4_get_inode_loc:4782: comm syz.7.1972: Invalid inode table block 0 in block_group 0 [ 96.831552][ T8402] loop7: lost filesystem error report for type 5 error -117 [ 96.831742][ T8402] EXT4-fs (loop7): 1 truncate cleaned up [ 96.832579][ T8415] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1976'. [ 96.854940][ T8402] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 96.864120][ T8415] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1976'. [ 96.876879][ T8415] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1976'. [ 96.896598][ T8421] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1978'. [ 96.912240][ T8402] EXT4-fs (loop7): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 96.922385][ T8421] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1978'. [ 96.965698][ T8045] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 97.010149][ T28] audit: type=1400 audit(1774313584.462:596): avc: denied { mounton } for pid=8431 comm="syz.3.1986" path="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=dir permissive=1 [ 97.349459][ T8469] ip6_vti0 speed is unknown, defaulting to 1000 [ 97.439825][ T8469] chnl_net:caif_netlink_parms(): no params data found [ 97.482138][ T8469] bridge0: port 1(bridge_slave_0) entered blocking state [ 97.490242][ T8469] bridge0: port 1(bridge_slave_0) entered disabled state [ 97.497499][ T8469] bridge_slave_0: entered allmulticast mode [ 97.505142][ T8469] bridge_slave_0: entered promiscuous mode [ 97.511951][ T8469] bridge0: port 2(bridge_slave_1) entered blocking state [ 97.519060][ T8469] bridge0: port 2(bridge_slave_1) entered disabled state [ 97.526716][ T8469] bridge_slave_1: entered allmulticast mode [ 97.534363][ T8469] bridge_slave_1: entered promiscuous mode [ 97.563691][ T8469] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 97.574446][ T8469] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 97.600932][ T8469] team0: Port device team_slave_0 added [ 97.619144][ T8469] team0: Port device team_slave_1 added [ 97.634074][ T8469] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 97.641147][ T8469] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 97.667664][ T8469] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 97.679030][ T8469] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 97.686033][ T8469] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 97.712098][ T8469] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 97.731678][ T30] bridge_slave_1: left allmulticast mode [ 97.737320][ T30] bridge_slave_1: left promiscuous mode [ 97.743120][ T30] bridge0: port 2(bridge_slave_1) entered disabled state [ 97.751131][ T30] bridge_slave_0: left allmulticast mode [ 97.756751][ T30] bridge_slave_0: left promiscuous mode [ 97.762495][ T30] bridge0: port 1(bridge_slave_0) entered disabled state [ 97.776008][ T403] smc: removing ib device syz2 [ 97.802983][ T30] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 97.812523][ T30] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 97.821747][ T30] bond0 (unregistering): Released all slaves [ 97.847876][ T8469] hsr_slave_0: entered promiscuous mode [ 97.855702][ T8469] hsr_slave_1: entered promiscuous mode [ 97.862394][ T8469] debugfs: 'hsr0' already exists in 'hsr' [ 97.868216][ T8469] Cannot create hsr debugfs directory [ 97.972165][ T30] tipc: Left network mode [ 97.976287][ T8469] netdevsim netdevsim8 netdevsim0: renamed from eth0 [ 97.988208][ T30] hsr_slave_0: left promiscuous mode [ 97.996966][ T30] hsr_slave_1: left promiscuous mode [ 98.002726][ T30] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 98.010384][ T30] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 98.038465][ T30] team0 (unregistering): Port device team_slave_1 removed [ 98.068206][ T8469] netdevsim netdevsim8 netdevsim1: renamed from eth1 [ 98.077453][ T8469] netdevsim netdevsim8 netdevsim2: renamed from eth2 [ 98.088361][ T8469] netdevsim netdevsim8 netdevsim3: renamed from eth3 [ 98.107472][ T8469] bridge0: port 2(bridge_slave_1) entered blocking state [ 98.114561][ T8469] bridge0: port 2(bridge_slave_1) entered forwarding state [ 98.121872][ T8469] bridge0: port 1(bridge_slave_0) entered blocking state [ 98.128947][ T8469] bridge0: port 1(bridge_slave_0) entered forwarding state [ 98.145016][ T40] bridge0: port 1(bridge_slave_0) entered disabled state [ 98.153147][ T40] bridge0: port 2(bridge_slave_1) entered disabled state [ 98.178150][ T8469] 8021q: adding VLAN 0 to HW filter on device bond0 [ 98.189835][ T8469] 8021q: adding VLAN 0 to HW filter on device team0 [ 98.209544][ T403] bridge0: port 1(bridge_slave_0) entered blocking state [ 98.216686][ T403] bridge0: port 1(bridge_slave_0) entered forwarding state [ 98.231239][ T40] bridge0: port 2(bridge_slave_1) entered blocking state [ 98.238337][ T40] bridge0: port 2(bridge_slave_1) entered forwarding state [ 98.308192][ T8469] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 98.422706][ T8469] veth0_vlan: entered promiscuous mode [ 98.431177][ T8469] veth1_vlan: entered promiscuous mode [ 98.446098][ T8469] veth0_macvtap: entered promiscuous mode [ 98.454372][ T8469] veth1_macvtap: entered promiscuous mode [ 98.465470][ T8469] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 98.476759][ T8469] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 98.487885][ T70] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.502471][ T70] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.511991][ T70] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.521903][ T198] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.677010][ T8606] syzkaller0: tun_chr_ioctl cmd 1074025672 [ 98.683091][ T8606] syzkaller0: ignored: set checksum disabled [ 98.693415][ T8606] syzkaller0: tun_chr_ioctl cmd 35111 [ 98.806587][ T28] audit: type=1400 audit(1774313586.262:597): avc: denied { accept } for pid=8623 comm="syz.5.2027" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 98.848288][ T8634] loop5: detected capacity change from 0 to 256 [ 98.896355][ T8640] sock: sock_set_timeout: `syz.6.2034' (pid 8640) tries to set negative timeout [ 98.931740][ T8646] loop8: detected capacity change from 0 to 128 [ 100.042678][ T8732] loop5: detected capacity change from 0 to 128 [ 100.229258][ T8759] tmpfs: Bad value for 'mpol' [ 100.537880][ T8785] netlink: 'syz.5.2097': attribute type 15 has an invalid length. [ 100.767494][ T8794] tipc: Started in network mode [ 100.779282][ T8794] tipc: Node identity ff25, cluster identity 4711 [ 100.789687][ T8794] tipc: Enabling of bearer rejected, failed to enable media [ 100.798320][ T8796] netlink: 8 bytes leftover after parsing attributes in process `syz.8.2102'. [ 100.824686][ T8800] syzkaller1: entered promiscuous mode [ 100.831811][ T8800] syzkaller1: entered allmulticast mode [ 101.115022][ T8826] netlink: 92 bytes leftover after parsing attributes in process `syz.6.2115'. [ 101.147742][ T8831] netlink: 'syz.7.2117': attribute type 13 has an invalid length. [ 101.165714][ T8831] netlink: 24859 bytes leftover after parsing attributes in process `syz.7.2117'. [ 101.240989][ T8838] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 101.249549][ T8838] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 101.411356][ T8848] netlink: 40 bytes leftover after parsing attributes in process `syz.8.2125'. [ 101.424794][ T8848] netlink: 40 bytes leftover after parsing attributes in process `syz.8.2125'. [ 101.488308][ T28] kauditd_printk_skb: 10 callbacks suppressed [ 101.488321][ T28] audit: type=1400 audit(1774313847.942:608): avc: denied { mounton } for pid=8853 comm="syz.5.2128" path="/proc/924/task" dev="proc" ino=23232 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1 [ 101.527404][ T28] audit: type=1400 audit(1774313847.982:609): avc: denied { associate } for pid=8855 comm="syz.5.2128" name="core" scontext=root:object_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1 [ 101.827709][ T28] audit: type=1400 audit(1774313848.282:610): avc: denied { open } for pid=8871 comm="syz.7.2134" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1 [ 101.866899][ T28] audit: type=1400 audit(1774313848.282:611): avc: denied { kernel } for pid=8871 comm="syz.7.2134" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1 [ 102.052026][ T8886] macvtap1: entered promiscuous mode [ 102.083931][ T8886] macvtap1: entered allmulticast mode [ 102.089468][ T8886] veth1_vlan: entered allmulticast mode [ 102.207560][ T28] audit: type=1326 audit(1774313848.662:612): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8896 comm="syz.6.2146" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f02b0a8c799 code=0x0 [ 102.357202][ T8905] loop5: detected capacity change from 0 to 2048 [ 102.567067][ T8915] loop8: detected capacity change from 0 to 512 [ 102.593526][ T8915] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode [ 102.645269][ T28] audit: type=1400 audit(1774313849.102:613): avc: denied { name_bind } for pid=8920 comm="syz.7.2155" src=65530 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=rawip_socket permissive=1 [ 102.764513][ T8926] loop7: detected capacity change from 0 to 4096 [ 102.835201][ T8905] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 102.850256][ T8915] EXT4-fs (loop8): 1 truncate cleaned up [ 102.856539][ T8915] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 102.869418][ T8926] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 102.891740][ T8926] EXT4-fs (loop7): Online resizing not supported with bigalloc [ 102.943974][ T28] audit: type=1400 audit(1774313849.402:614): avc: denied { ioctl } for pid=8914 comm="syz.8.2153" path="/29/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file1" dev="loop8" ino=15 ioctlcmd=0x662b scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 102.997656][ T3820] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 103.017520][ T8469] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 103.032957][ T8045] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 103.081967][ T8940] loop8: detected capacity change from 0 to 512 [ 103.109161][ T28] audit: type=1400 audit(1774313849.562:615): avc: denied { tracepoint } for pid=8950 comm="syz.7.2159" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1 [ 103.165974][ T8940] EXT4-fs error (device loop8): ext4_free_branches:1023: inode #11: comm syz.8.2158: invalid indirect mapped block 256 (level 2) [ 103.187363][ T8940] loop8: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 103.188555][ T8940] EXT4-fs (loop8): 2 truncates cleaned up [ 103.198158][ C1] EXT4-fs (loop8): error count since last fsck: 1 [ 103.198189][ C1] EXT4-fs (loop8): initial error at time 1774313849: ext4_free_branches:1023: inode 11 [ 103.198217][ C1] EXT4-fs (loop8): last error at time 1774313849: ext4_free_branches:1023: inode 11 [ 103.230273][ T8940] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 103.244627][ T28] audit: type=1400 audit(1774313849.712:616): avc: denied { create } for pid=8939 comm="syz.8.2158" name="bus" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1 [ 103.265376][ T8958] geneve2: entered promiscuous mode [ 103.278438][ T28] audit: type=1400 audit(1774313849.732:617): avc: denied { mounton } for pid=8939 comm="syz.8.2158" path="/30/file1/bus" dev="loop8" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1 [ 103.279267][ T8469] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 103.417550][ T8976] loop5: detected capacity change from 0 to 256 [ 103.470453][ T8981] futex_wake_op: syz.8.2169 tries to shift op by -3; fix this program [ 103.500591][ T8985] netlink: 16 bytes leftover after parsing attributes in process `syz.7.2170'. [ 103.564673][ T8988] loop8: detected capacity change from 0 to 4096 [ 103.620215][ T8988] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 103.677147][ T8988] EXT4-fs (loop8): Online resizing not supported with bigalloc [ 103.713846][ T8469] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 103.729303][ T9008] loop7: detected capacity change from 0 to 128 [ 103.898949][ T9018] infiniband syz1: set down [ 103.904885][ T9018] infiniband syz1: added syz_tun [ 103.916034][ T9018] RDS/IB: syz1: added [ 103.920264][ T9018] smc: adding ib device syz1 with port count 1 [ 103.926524][ T9018] smc: ib device syz1 port 1 has no pnetid [ 103.990301][ T9029] loop7: detected capacity change from 0 to 1024 [ 104.039738][ T9029] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 104.109849][ T8045] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 104.162930][ T9044] futex_wake_op: syz.7.2182 tries to shift op by -3; fix this program [ 104.241905][ T9023] infiniband syz0: set down [ 104.247996][ T9023] infiniband syz0: added ipvlan0 [ 104.264939][ T9023] RDS/IB: syz0: added [ 104.270812][ T9023] smc: adding ib device syz0 with port count 1 [ 104.277009][ T9023] smc: ib device syz0 port 1 has no pnetid [ 104.726114][ T9058] netlink: 16 bytes leftover after parsing attributes in process `syz.8.2184'. [ 104.793051][ T9072] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2190'. [ 105.200006][ T9109] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2209'. [ 105.209366][ T9109] netlink: 32 bytes leftover after parsing attributes in process `syz.4.2209'. [ 105.663831][ T9125] loop7: detected capacity change from 0 to 512 [ 105.691858][ T9125] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 105.704743][ T9125] ext4 filesystem being mounted at /67/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 105.830739][ T8045] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 105.861676][ T9140] loop8: detected capacity change from 0 to 736 [ 105.885809][ T9146] program syz.7.2224 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 106.352844][ T9207] SELinux: failed to load policy [ 106.469582][ T9222] loop7: detected capacity change from 0 to 1024 [ 106.478137][ T9222] EXT4-fs: Ignoring removed orlov option [ 106.495998][ T9222] EXT4-fs: Ignoring removed nobh option [ 106.511804][ T9222] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 106.543416][ T8045] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 106.690853][ T9248] __nla_validate_parse: 2 callbacks suppressed [ 106.690867][ T9248] netlink: 20 bytes leftover after parsing attributes in process `syz.6.2271'. [ 106.719152][ T28] kauditd_printk_skb: 8 callbacks suppressed [ 106.719166][ T28] audit: type=1400 audit(1774313853.172:626): avc: denied { kexec_image_load } for pid=9250 comm="syz.7.2272" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=system permissive=1 [ 107.002364][ T28] audit: type=1400 audit(1774313853.462:627): avc: denied { listen } for pid=9280 comm="syz.5.2286" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 107.140481][ T28] audit: type=1326 audit(1774313853.602:628): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9289 comm="syz.4.2290" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3abfe1c799 code=0x7ffc0000 [ 107.165645][ T28] audit: type=1326 audit(1774313853.602:629): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9289 comm="syz.4.2290" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3abfe1c799 code=0x7ffc0000 [ 107.198543][ T9296] netlink: 72 bytes leftover after parsing attributes in process `syz.7.2293'. [ 107.208820][ T9296] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2293'. [ 107.211645][ T28] audit: type=1326 audit(1774313853.602:630): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9289 comm="syz.4.2290" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3abfe1c799 code=0x7ffc0000 [ 107.250838][ T28] audit: type=1326 audit(1774313853.602:631): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9289 comm="syz.4.2290" exe="/root/syz-executor" sig=0 arch=c000003e syscall=14 compat=0 ip=0x7f3abfe1c799 code=0x7ffc0000 [ 107.292826][ T28] audit: type=1326 audit(1774313853.602:632): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9289 comm="syz.4.2290" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3abfe1c799 code=0x7ffc0000 [ 107.308556][ T9309] loop7: detected capacity change from 0 to 256 [ 107.322380][ T28] audit: type=1326 audit(1774313853.602:633): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9289 comm="syz.4.2290" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3abfe1c799 code=0x7ffc0000 [ 107.391482][ T28] audit: type=1326 audit(1774313853.602:634): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9289 comm="syz.4.2290" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3abfe1c799 code=0x7ffc0000 [ 107.415811][ T28] audit: type=1326 audit(1774313853.602:635): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9289 comm="syz.4.2290" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3abfe1c799 code=0x7ffc0000 [ 107.420529][ T9317] netlink: 24 bytes leftover after parsing attributes in process `syz.6.2303'. [ 107.622065][ T9347] loop8: detected capacity change from 0 to 512 [ 107.628812][ T9349] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2319'. [ 107.655493][ T9347] EXT4-fs (loop8): 1 truncate cleaned up [ 107.664600][ T9347] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 107.693897][ T8469] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 108.189722][ T9392] loop8: detected capacity change from 0 to 512 [ 108.225260][ T9392] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 108.242314][ T9392] ext4 filesystem being mounted at /66/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 108.280595][ T8469] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 108.633137][ T9451] loop8: detected capacity change from 0 to 128 [ 108.653757][ T9451] EXT4-fs (loop8): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 108.673636][ T9451] ext4 filesystem being mounted at /69/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 108.725706][ T8469] EXT4-fs (loop8): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 109.338217][ T9529] loop8: detected capacity change from 0 to 512 [ 109.348232][ T9528] netlink: 277 bytes leftover after parsing attributes in process `syz.5.2378'. [ 109.382858][ T9529] ext4: Unknown parameter 'noacl' [ 109.789182][ T9582] netlink: 36 bytes leftover after parsing attributes in process `syz.6.2393'. [ 109.889495][ T9589] netlink: 'syz.6.2395': attribute type 49 has an invalid length. [ 109.982169][ T9602] loop7: detected capacity change from 0 to 512 [ 110.046633][ T9602] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 110.134619][ T8045] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 110.612872][ T9659] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw' [ 110.684120][ T9665] openvswitch: netlink: Missing key (keys=40, expected=100) [ 110.729103][ T9669] syzkaller1: entered promiscuous mode [ 110.735031][ T9669] syzkaller1: entered allmulticast mode [ 110.926813][ T9682] loop7: detected capacity change from 0 to 512 [ 110.950260][ T9682] msdos: Unknown parameter 'nodojs' [ 111.102737][ T9691] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2444'. [ 111.128470][ T9691] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 111.191296][ T9691] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 111.370784][ T9] kernel write not supported for file bpf-prog (pid: 9 comm: kworker/0:0) [ 111.523769][ T9730] netlink: 'syz.8.2459': attribute type 3 has an invalid length. [ 111.628147][ T9724] loop7: detected capacity change from 0 to 32768 [ 111.702368][ T9739] loop8: detected capacity change from 0 to 128 [ 111.750479][ T9739] syz.8.2463: attempt to access beyond end of device [ 111.750479][ T9739] loop8: rw=2049, sector=138, nr_sectors = 8 limit=128 [ 111.780423][ T9739] syz.8.2463: attempt to access beyond end of device [ 111.780423][ T9739] loop8: rw=2049, sector=146, nr_sectors = 6 limit=128 [ 111.814922][ T9739] syz.8.2463: attempt to access beyond end of device [ 111.814922][ T9739] loop8: rw=8390657, sector=150, nr_sectors = 2 limit=128 [ 111.829070][ T9739] Buffer I/O error on dev loop8, logical block 75, lost async page write [ 111.837990][ T9739] syz.8.2463: attempt to access beyond end of device [ 111.837990][ T9739] loop8: rw=8390657, sector=152, nr_sectors = 2 limit=128 [ 111.854981][ T9739] Buffer I/O error on dev loop8, logical block 76, lost async page write [ 111.864266][ T9739] syz.8.2463: attempt to access beyond end of device [ 111.864266][ T9739] loop8: rw=2049, sector=170, nr_sectors = 6 limit=128 [ 111.881703][ T9739] syz.8.2463: attempt to access beyond end of device [ 111.881703][ T9739] loop8: rw=8390657, sector=174, nr_sectors = 2 limit=128 [ 111.895673][ T9739] Buffer I/O error on dev loop8, logical block 87, lost async page write [ 111.904347][ T9739] syz.8.2463: attempt to access beyond end of device [ 111.904347][ T9739] loop8: rw=8390657, sector=176, nr_sectors = 2 limit=128 [ 111.918211][ T9739] Buffer I/O error on dev loop8, logical block 88, lost async page write [ 111.927052][ T9739] syz.8.2463: attempt to access beyond end of device [ 111.927052][ T9739] loop8: rw=2049, sector=178, nr_sectors = 6 limit=128 [ 111.943016][ T9739] syz.8.2463: attempt to access beyond end of device [ 111.943016][ T9739] loop8: rw=8390657, sector=182, nr_sectors = 2 limit=128 [ 111.956883][ T9739] Buffer I/O error on dev loop8, logical block 91, lost async page write [ 111.965545][ T9739] syz.8.2463: attempt to access beyond end of device [ 111.965545][ T9739] loop8: rw=8390657, sector=184, nr_sectors = 2 limit=128 [ 111.979436][ T9739] Buffer I/O error on dev loop8, logical block 92, lost async page write [ 112.393851][ T9808] loop5: detected capacity change from 0 to 512 [ 112.401311][ T9808] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 112.413422][ T9808] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8842c018, mo2=0002] [ 112.421588][ T9808] EXT4-fs (loop5): orphan cleanup on readonly fs [ 112.428324][ T9808] EXT4-fs warning (device loop5): ext4_enable_quotas:7236: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix. [ 112.443612][ T9808] EXT4-fs (loop5): Cannot turn on quotas: error -22 [ 112.450555][ T9808] EXT4-fs error (device loop5): ext4_ext_check_inode:521: inode #13: comm syz.5.2493: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0) [ 112.468729][ T9808] loop5: lost file I/O error report for ino 13 type 5 pos 0x0 len 0x0 error -117 [ 112.468985][ T9808] EXT4-fs error (device loop5): ext4_orphan_get:1396: comm syz.5.2493: couldn't read orphan inode 13 (err -117) [ 112.478127][ C1] EXT4-fs (loop5): error count since last fsck: 1 [ 112.478144][ C1] EXT4-fs (loop5): last error at time 1774313858: ext4_ext_check_inode:521: inode 13 [ 112.505890][ T9808] loop5: lost filesystem error report for type 5 error -117 [ 112.506432][ T9808] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 112.529665][ T9808] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 112.538300][ T9808] EXT4-fs (loop5): warning: mounting fs with errors, running e2fsck is recommended [ 112.548019][ T9808] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=2842c09c, mo2=0002] [ 112.560555][ T9808] System zones: 0-2, 18-18, 34-34 [ 112.565829][ T9808] EXT4-fs warning (device loop5): ext4_enable_quotas:7236: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix. [ 112.587966][ T3820] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 112.681045][ T28] kauditd_printk_skb: 55 callbacks suppressed [ 112.681115][ T28] audit: type=1400 audit(1774313859.142:691): avc: denied { setopt } for pid=9821 comm="syz.5.2497" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1 [ 112.706965][ T28] audit: type=1400 audit(1774313859.152:692): avc: denied { getopt } for pid=9821 comm="syz.5.2497" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1 [ 112.736062][ T28] audit: type=1326 audit(1774313859.192:693): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9825 comm="syz.5.2500" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6c137c799 code=0x7ffc0000 [ 112.759655][ T28] audit: type=1326 audit(1774313859.192:694): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9825 comm="syz.5.2500" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6c137c799 code=0x7ffc0000 [ 112.792712][ T28] audit: type=1326 audit(1774313859.192:695): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9825 comm="syz.5.2500" exe="/root/syz-executor" sig=0 arch=c000003e syscall=240 compat=0 ip=0x7fd6c137c799 code=0x7ffc0000 [ 112.817614][ T28] audit: type=1326 audit(1774313859.192:696): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9825 comm="syz.5.2500" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6c137c799 code=0x7ffc0000 [ 112.848779][ T28] audit: type=1326 audit(1774313859.192:697): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9825 comm="syz.5.2500" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6c137c799 code=0x7ffc0000 [ 112.872425][ T28] audit: type=1326 audit(1774313859.192:698): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9825 comm="syz.5.2500" exe="/root/syz-executor" sig=0 arch=c000003e syscall=242 compat=0 ip=0x7fd6c137c799 code=0x7ffc0000 [ 112.902974][ T28] audit: type=1326 audit(1774313859.192:699): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9825 comm="syz.5.2500" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6c137c799 code=0x7ffc0000 [ 112.926402][ T28] audit: type=1326 audit(1774313859.192:700): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9825 comm="syz.5.2500" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6c137c799 code=0x7ffc0000 [ 112.995982][ T9847] loop7: detected capacity change from 0 to 512 [ 113.010404][ T9847] EXT4-fs: Ignoring removed mblk_io_submit option [ 113.028167][ T9847] EXT4-fs error (device loop7): __ext4_iget:5378: inode #11: block 1: comm syz.7.2509: invalid block [ 113.039280][ T9847] loop7: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 113.039395][ T9847] EXT4-fs error (device loop7): ext4_orphan_get:1396: comm syz.7.2509: couldn't read orphan inode 11 (err -117) [ 113.048547][ C0] EXT4-fs (loop7): error count since last fsck: 1 [ 113.048565][ C0] EXT4-fs (loop7): initial error at time 1774313859: __ext4_iget:5378: inode 11: block 1 [ 113.048596][ C0] EXT4-fs (loop7): last error at time 1774313859: __ext4_iget:5378: inode 11: block 1 [ 113.086415][ T9847] loop7: lost filesystem error report for type 5 error -117 [ 113.087323][ T9847] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 113.645729][ T9917] netlink: 'syz.7.2538': attribute type 3 has an invalid length. [ 113.653738][ T9917] netlink: 'syz.7.2538': attribute type 4 has an invalid length. [ 113.662062][ T9917] netlink: 9067 bytes leftover after parsing attributes in process `syz.7.2538'. [ 113.957285][ T9941] netlink: 148 bytes leftover after parsing attributes in process `syz.7.2550'. [ 115.227362][ T9976] netlink: 'syz.7.2565': attribute type 10 has an invalid length. [ 115.260940][ T9976] team0: Device wg1 is of different type [ 115.454949][ T9993] veth1_to_bond: entered allmulticast mode [ 115.463908][ T9992] veth1_to_bond: left allmulticast mode [ 115.648062][T10009] loop8: detected capacity change from 0 to 1024 [ 115.656901][T10009] SELinux: security_context_str_to_sid (root) failed with errno=-22 [ 115.683017][T10015] SELinux: failed to load policy [ 115.743474][T10021] netlink: 28 bytes leftover after parsing attributes in process `syz.7.2587'. [ 116.082683][T10037] netlink: 24 bytes leftover after parsing attributes in process `syz.6.2602'. [ 116.105305][T10037] netlink: 24 bytes leftover after parsing attributes in process `syz.6.2602'. [ 116.572916][T10041] syz.6.2594 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=1000 [ 116.587293][T10041] CPU: 1 UID: 0 PID: 10041 Comm: syz.6.2594 Not tainted syzkaller #0 PREEMPT(full) [ 116.587374][T10041] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 116.587386][T10041] Call Trace: [ 116.587394][T10041] [ 116.587401][T10041] __dump_stack+0x1d/0x30 [ 116.587423][T10041] dump_stack_lvl+0x95/0xd0 [ 116.587471][T10041] dump_stack+0x15/0x1b [ 116.587487][T10041] dump_header+0x80/0x240 [ 116.587505][T10041] oom_kill_process+0x295/0x350 [ 116.587543][T10041] out_of_memory+0x97d/0xb80 [ 116.587566][T10041] try_charge_memcg+0x62e/0xa10 [ 116.587598][T10041] obj_cgroup_charge_pages+0x23/0xc0 [ 116.587681][T10041] __memcg_kmem_charge_page+0x9e/0x170 [ 116.587755][T10041] __alloc_frozen_pages_noprof+0x18a/0x360 [ 116.587786][T10041] alloc_pages_mpol+0xb3/0x260 [ 116.587828][T10041] alloc_pages_noprof+0x8f/0x130 [ 116.587851][T10041] __vmalloc_node_range_noprof+0xa46/0x12b0 [ 116.587961][T10041] __kvmalloc_node_noprof+0x3d4/0x650 [ 116.587982][T10041] ? futex_hash_allocate+0x190/0x9d0 [ 116.588003][T10041] ? futex_hash_allocate+0x190/0x9d0 [ 116.588027][T10041] futex_hash_allocate+0x190/0x9d0 [ 116.588049][T10041] ? cap_task_prctl+0x13f/0x6e0 [ 116.588070][T10041] futex_hash_prctl+0xd8/0xf0 [ 116.588093][T10041] __se_sys_prctl+0xa3d/0x13f0 [ 116.588171][T10041] __x64_sys_prctl+0x67/0x80 [ 116.588194][T10041] x64_sys_call+0x2533/0x3020 [ 116.588295][T10041] do_syscall_64+0x12c/0x370 [ 116.588319][T10041] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 116.588359][T10041] RIP: 0033:0x7f02b0a8c799 [ 116.588375][T10041] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 116.588389][T10041] RSP: 002b:00007f02af4df028 EFLAGS: 00000246 ORIG_RAX: 000000000000009d [ 116.588406][T10041] RAX: ffffffffffffffda RBX: 00007f02b0d05fa0 RCX: 00007f02b0a8c799 [ 116.588420][T10041] RDX: 0000000001000000 RSI: 0000000000000001 RDI: 000000000000004e [ 116.588506][T10041] RBP: 00007f02b0b22c99 R08: 0000000000000000 R09: 0000000000000000 [ 116.588518][T10041] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 116.588579][T10041] R13: 00007f02b0d06038 R14: 00007f02b0d05fa0 R15: 00007ffc6eedfdb8 [ 116.588629][T10041] [ 116.588713][T10041] memory: usage 307200kB, limit 307200kB, failcnt 270 [ 116.814643][ T4100] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 116.815977][T10041] memory+swap: usage 308040kB, limit 9007199254740988kB, failcnt 0 [ 116.836900][ T4100] hid-generic 0000:0000:0000.0003: hidraw0: HID v0.00 Device [syz1] on syz0 [ 116.851528][T10041] kmem: usage 299004kB, limit 9007199254740988kB, failcnt 0 [ 116.858821][T10041] Memory cgroup stats for /syz6: [ 116.858966][T10041] cache 0 [ 116.879571][T10041] rss 8388608 [ 116.883863][T10041] shmem 0 [ 116.886803][T10041] mapped_file 0 [ 116.893009][T10041] dirty 0 [ 116.896039][T10041] writeback 0 [ 116.899347][T10041] workingset_refault_anon 84 [ 116.910310][T10041] workingset_refault_file 1856 [ 116.915317][T10041] swap 860160 [ 116.920333][T10041] swapcached 7278592 [ 116.924220][T10041] pgpgin 145268 [ 116.937839][T10041] pgpgout 143219 [ 116.941565][T10041] pgfault 138953 [ 116.945122][T10041] pgmajfault 62 [ 116.948752][T10041] inactive_anon 0 [ 116.952577][T10041] active_anon 4096 [ 116.958840][T10041] inactive_file 0 [ 116.965972][T10041] active_file 0 [ 116.971683][T10041] unevictable 8388608 [ 116.979067][T10041] hierarchical_memory_limit 314572800 [ 116.988014][T10041] hierarchical_memsw_limit 9223372036854771712 [ 116.995564][T10041] total_cache 0 [ 116.999251][T10041] total_rss 8388608 [ 117.003381][T10041] total_shmem 0 [ 117.006888][T10041] total_mapped_file 0 [ 117.011074][T10041] total_dirty 0 [ 117.014564][T10041] total_writeback 0 [ 117.018453][T10041] total_workingset_refault_anon 84 [ 117.023789][T10041] total_workingset_refault_file 1856 [ 117.029133][T10041] total_swap 860160 [ 117.033158][T10041] total_swapcached 7278592 [ 117.037668][T10041] total_pgpgin 145268 [ 117.041878][T10041] total_pgpgout 143219 [ 117.046039][T10041] total_pgfault 138953 [ 117.050296][T10041] total_pgmajfault 62 [ 117.054329][T10041] total_inactive_anon 0 [ 117.058516][T10041] total_active_anon 4096 [ 117.063133][T10041] total_inactive_file 0 [ 117.067402][T10041] total_active_file 0 [ 117.071643][T10041] total_unevictable 8388608 [ 117.076173][T10041] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz6,task_memcg=/syz6,task=syz.6.2594,pid=10040,uid=0 [ 117.091051][T10041] Memory cgroup out of memory: Killed process 10040 (syz.6.2594) total-vm:96080kB, anon-rss:9416kB, file-rss:22304kB, shmem-rss:0kB, UID:0 pgtables:140kB oom_score_adj:1000 [ 117.222672][T10069] syz.7.2607 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=1000 [ 117.280156][T10069] CPU: 1 UID: 0 PID: 10069 Comm: syz.7.2607 Not tainted syzkaller #0 PREEMPT(full) [ 117.280180][T10069] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 117.280190][T10069] Call Trace: [ 117.280197][T10069] [ 117.280280][T10069] __dump_stack+0x1d/0x30 [ 117.280355][T10069] dump_stack_lvl+0x95/0xd0 [ 117.280378][T10069] dump_stack+0x15/0x1b [ 117.280401][T10069] dump_header+0x80/0x240 [ 117.280419][T10069] oom_kill_process+0x295/0x350 [ 117.280437][T10069] out_of_memory+0x97d/0xb80 [ 117.280533][T10069] try_charge_memcg+0x62e/0xa10 [ 117.280568][T10069] obj_cgroup_charge_pages+0x23/0xc0 [ 117.280595][T10069] __memcg_kmem_charge_page+0x9e/0x170 [ 117.280653][T10069] __alloc_frozen_pages_noprof+0x18a/0x360 [ 117.280680][T10069] alloc_pages_mpol+0xb3/0x260 [ 117.280704][T10069] alloc_pages_noprof+0x8f/0x130 [ 117.280725][T10069] __vmalloc_node_range_noprof+0xa46/0x12b0 [ 117.280781][T10069] __kvmalloc_node_noprof+0x3d4/0x650 [ 117.280806][T10069] ? futex_hash_allocate+0x190/0x9d0 [ 117.280837][T10069] ? futex_hash_allocate+0x190/0x9d0 [ 117.280927][T10069] futex_hash_allocate+0x190/0x9d0 [ 117.280949][T10069] ? cap_task_prctl+0x13f/0x6e0 [ 117.281073][T10069] futex_hash_prctl+0xd8/0xf0 [ 117.281095][T10069] __se_sys_prctl+0xa3d/0x13f0 [ 117.281122][T10069] __x64_sys_prctl+0x67/0x80 [ 117.281156][T10069] x64_sys_call+0x2533/0x3020 [ 117.281327][T10069] do_syscall_64+0x12c/0x370 [ 117.281349][T10069] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 117.281437][T10069] RIP: 0033:0x7f358e38c799 [ 117.281454][T10069] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 117.281471][T10069] RSP: 002b:00007f358cde7028 EFLAGS: 00000246 ORIG_RAX: 000000000000009d [ 117.281489][T10069] RAX: ffffffffffffffda RBX: 00007f358e605fa0 RCX: 00007f358e38c799 [ 117.281501][T10069] RDX: 0000000001000000 RSI: 0000000000000001 RDI: 000000000000004e [ 117.281514][T10069] RBP: 00007f358e422c99 R08: 0000000000000000 R09: 0000000000000000 [ 117.281583][T10069] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 117.281594][T10069] R13: 00007f358e606038 R14: 00007f358e605fa0 R15: 00007ffe5a865698 [ 117.281610][T10069] [ 117.281660][T10069] memory: usage 276780kB, limit 307200kB, failcnt 55 [ 117.508635][T10069] memory+swap: usage 277444kB, limit 9007199254740988kB, failcnt 0 [ 117.537294][T10069] kmem: usage 235924kB, limit 9007199254740988kB, failcnt 0 [ 117.555450][T10069] Memory cgroup stats for /syz7: [ 117.555644][T10069] cache 4096 [ 117.573170][T10069] rss 32768 [ 117.579576][T10069] shmem 0 [ 117.587309][T10069] mapped_file 0 [ 117.619922][T10069] dirty 0 [ 117.632717][T10069] writeback 0 [ 117.645082][T10069] workingset_refault_anon 8 [ 117.675883][T10069] workingset_refault_file 0 [ 117.684340][T10069] swap 679936 [ 117.687680][T10069] swapcached 7512064 [ 117.691734][ T28] kauditd_printk_skb: 13 callbacks suppressed [ 117.691745][ T28] audit: type=1400 audit(1774313864.122:714): avc: denied { create } for pid=10081 comm="syz.8.2611" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1 [ 117.722123][T10069] pgpgin 38963 [ 117.730520][T10069] pgpgout 38949 [ 117.732851][ T28] audit: type=1400 audit(1774313864.122:715): avc: denied { getopt } for pid=10081 comm="syz.8.2611" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1 [ 117.750102][T10069] pgfault 41934 [ 117.774579][T10090] IPVS: sync thread started: state = BACKUP, mcast_ifn = veth0_to_bridge, syncid = 2, id = 0 [ 117.799927][T10069] pgmajfault 2 [ 117.863400][T10093] IPVS: sh: UDP 224.0.0.2:0 - no destination available [ 117.875743][ T4100] IPVS: starting estimator thread 0... [ 117.902585][T10111] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2624'. [ 117.911953][T10069] inactive_anon 12288 [ 117.916000][T10069] active_anon 40960 [ 117.919810][T10069] inactive_file 0 [ 117.928023][T10111] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2624'. [ 117.941424][T10111] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2624'. [ 117.950611][T10069] active_file 4096 [ 117.957723][T10069] unevictable 0 [ 117.963008][T10111] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2624'. [ 117.972068][T10069] hierarchical_memory_limit 314572800 [ 117.985748][T10106] IPVS: using max 2496 ests per chain, 124800 per kthread [ 118.000233][T10069] hierarchical_memsw_limit 9223372036854771712 [ 118.016425][T10069] total_cache 4096 [ 118.049920][T10069] total_rss 32768 [ 118.076629][T10069] total_shmem 0 [ 118.092896][T10069] total_mapped_file 0 [ 118.096899][T10069] total_dirty 0 [ 118.100625][T10069] total_writeback 0 [ 118.104422][T10069] total_workingset_refault_anon 8 [ 118.109496][T10069] total_workingset_refault_file 0 [ 118.114634][T10069] total_swap 679936 [ 118.118496][T10069] total_swapcached 7512064 [ 118.131675][T10069] total_pgpgin 38963 [ 118.137723][T10069] total_pgpgout 38949 [ 118.142345][T10069] total_pgfault 41934 [ 118.151450][T10069] total_pgmajfault 2 [ 118.156637][T10069] total_inactive_anon 12288 [ 118.161197][T10069] total_active_anon 40960 [ 118.165539][T10069] total_inactive_file 0 [ 118.170360][T10069] total_active_file 4096 [ 118.179872][T10069] total_unevictable 0 [ 118.191750][T10069] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz7,task_memcg=/syz7,task=syz.7.2607,pid=10068,uid=0 [ 118.212095][T10069] Memory cgroup out of memory: Killed process 10069 (syz.7.2607) total-vm:96212kB, anon-rss:1340kB, file-rss:22520kB, shmem-rss:0kB, UID:0 pgtables:132kB oom_score_adj:1000 [ 118.597191][T10180] loop5: detected capacity change from 0 to 256 [ 118.620889][T10180] FAT-fs (loop5): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 118.637054][T10180] FAT-fs (loop5): Filesystem has been set read-only [ 118.644183][T10180] FAT-fs (loop5): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 118.655049][T10180] FAT-fs (loop5): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 118.666186][T10180] FAT-fs (loop5): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 118.672497][T10182] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2655'. [ 118.734527][T10192] tipc: Started in network mode [ 118.739517][T10192] tipc: Node identity ff25, cluster identity 4711 [ 118.746190][T10192] tipc: Enabling of bearer rejected, failed to enable media [ 118.879525][T10210] loop8: detected capacity change from 0 to 256 [ 118.906164][T10210] FAT-fs (loop8): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 118.916605][T10210] FAT-fs (loop8): Filesystem has been set read-only [ 118.923898][T10210] FAT-fs (loop8): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 118.936527][T10210] FAT-fs (loop8): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 118.947859][T10210] FAT-fs (loop8): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 118.993251][T10220] loop8: detected capacity change from 0 to 512 [ 119.039450][T10220] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 119.050625][T10230] netlink: 'syz.4.2678': attribute type 15 has an invalid length. [ 119.084177][T10220] ext4 filesystem being mounted at /124/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 119.119182][T10220] delete_channel: no stack [ 119.150646][ T8469] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 119.168643][ T28] audit: type=1400 audit(1774314124.613:716): avc: denied { create } for pid=10238 comm="syz.5.2683" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 119.193674][ T28] audit: type=1400 audit(1774314124.613:717): avc: denied { read } for pid=10238 comm="syz.5.2683" path="socket:[27948]" dev="sockfs" ino=27948 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 119.254063][T10243] syzkaller1: entered promiscuous mode [ 119.280349][T10243] syzkaller1: entered allmulticast mode [ 119.372868][T10258] loop5: detected capacity change from 0 to 128 [ 119.435716][T10264] netlink: 12 bytes leftover after parsing attributes in process `syz.7.2703'. [ 119.503273][T10271] syzkaller0: tun_chr_ioctl cmd 1074025672 [ 119.509265][T10271] syzkaller0: ignored: set checksum disabled [ 119.515755][T10271] syzkaller0: tun_chr_ioctl cmd 35111 [ 119.633747][T10286] loop8: detected capacity change from 0 to 1024 [ 119.668322][T10286] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 119.731089][ T8469] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 119.840010][T10298] loop8: detected capacity change from 0 to 1024 [ 119.861601][T10298] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 119.920762][ T8469] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 119.959460][T10310] loop8: detected capacity change from 0 to 512 [ 119.969149][T10310] EXT4-fs (loop8): mounting ext3 file system using the ext4 subsystem [ 119.978973][T10310] EXT4-fs (loop8): 1 truncate cleaned up [ 119.986713][T10310] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 120.078674][ T8469] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 120.189950][T10329] program syz.8.2720 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 120.453970][T10363] loop5: detected capacity change from 0 to 1024 [ 120.471646][T10363] EXT4-fs: Ignoring removed orlov option [ 120.479050][T10363] EXT4-fs: Ignoring removed nobh option [ 120.501592][T10363] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 120.526079][ T3820] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 120.775307][T10407] loop5: detected capacity change from 0 to 256 [ 120.927640][ T28] audit: type=1326 audit(1774314126.383:718): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10431 comm="syz.5.2766" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6c137c799 code=0x7ffc0000 [ 120.973388][ T28] audit: type=1326 audit(1774314126.383:719): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10431 comm="syz.5.2766" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6c137c799 code=0x7ffc0000 [ 120.996991][ T28] audit: type=1326 audit(1774314126.383:720): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10431 comm="syz.5.2766" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6c137c799 code=0x7ffc0000 [ 121.022184][ T28] audit: type=1326 audit(1774314126.383:721): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10431 comm="syz.5.2766" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6c137c799 code=0x7ffc0000 [ 121.076918][ T28] audit: type=1326 audit(1774314126.383:722): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10431 comm="syz.5.2766" exe="/root/syz-executor" sig=0 arch=c000003e syscall=14 compat=0 ip=0x7fd6c137c799 code=0x7ffc0000 [ 121.101202][ T28] audit: type=1326 audit(1774314126.383:723): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10431 comm="syz.5.2766" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6c137c799 code=0x7ffc0000 [ 121.178273][T10452] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2774'. [ 121.220928][T10456] netlink: 20 bytes leftover after parsing attributes in process `syz.5.2777'. [ 121.260429][T10460] geneve2: entered promiscuous mode [ 121.350119][ T9] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 121.370717][ T9] hid-generic 0000:0000:0000.0004: hidraw0: HID v0.00 Device [syz1] on syz0 [ 121.611526][T10505] loop8: detected capacity change from 0 to 128 [ 121.767981][T10511] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 121.901359][T10526] sctp: [Deprecated]: syz.5.2809 (pid 10526) Use of struct sctp_assoc_value in delayed_ack socket option. [ 121.901359][T10526] Use struct sctp_sack_info instead [ 121.968112][ T8469] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 122.160440][ T35] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 122.164475][T10557] netlink: 40 bytes leftover after parsing attributes in process `syz.7.2820'. [ 122.188670][ T35] hid-generic 0000:0000:0000.0005: hidraw0: HID v0.00 Device [syz1] on syz0 [ 122.234969][T10561] fido_id[10561]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 122.323778][T10574] netlink: 32 bytes leftover after parsing attributes in process `syz.7.2830'. [ 122.457981][T10593] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=10593 comm=syz.7.2840 [ 122.583408][T10603] netlink: 'syz.8.2836': attribute type 1 has an invalid length. [ 122.690296][T10614] IPVS: sync thread started: state = BACKUP, mcast_ifn = veth0_to_bridge, syncid = 2, id = 0 [ 122.921849][ T3387] IPVS: starting estimator thread 0... [ 122.931223][T10633] IPVS: sh: UDP 224.0.0.2:0 - no destination available [ 122.963482][T10651] IPVS: sync thread started: state = BACKUP, mcast_ifn = veth0_to_bridge, syncid = 2, id = 0 [ 123.031743][T10644] IPVS: using max 2400 ests per chain, 120000 per kthread [ 123.975953][T10688] syzkaller1: entered promiscuous mode [ 123.986929][T10688] syzkaller1: entered allmulticast mode [ 124.080138][ T28] kauditd_printk_skb: 34 callbacks suppressed [ 124.080189][ T28] audit: type=1400 audit(1774314129.533:758): avc: denied { read } for pid=10694 comm="syz.5.2884" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1 [ 124.123802][T10701] macvtap1: entered promiscuous mode [ 124.129222][T10701] macvtap1: entered allmulticast mode [ 124.135206][T10701] veth1_vlan: entered allmulticast mode [ 124.199093][T10709] set_capacity_and_notify: 1 callbacks suppressed [ 124.199108][T10709] loop8: detected capacity change from 0 to 512 [ 124.250501][T10709] msdos: Unknown parameter 'nodojs' [ 124.364167][T10717] loop8: detected capacity change from 0 to 128 [ 125.158815][ T28] audit: type=1400 audit(1774314130.613:759): avc: denied { write } for pid=10745 comm="syz.5.2903" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 125.376286][T10768] netlink: 20 bytes leftover after parsing attributes in process `syz.8.2915'. [ 126.050097][ T28] audit: type=1326 audit(1774314131.503:760): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10797 comm="syz.8.2924" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f72d1c9c799 code=0x0 [ 126.324176][T10808] syz.6.2927 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=1000 [ 126.340243][T10808] CPU: 1 UID: 0 PID: 10808 Comm: syz.6.2927 Not tainted syzkaller #0 PREEMPT(full) [ 126.340270][T10808] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 126.340335][T10808] Call Trace: [ 126.340343][T10808] [ 126.340352][T10808] __dump_stack+0x1d/0x30 [ 126.340391][T10808] dump_stack_lvl+0x95/0xd0 [ 126.340411][T10808] dump_stack+0x15/0x1b [ 126.340432][T10808] dump_header+0x80/0x240 [ 126.340530][T10808] oom_kill_process+0x295/0x350 [ 126.340553][T10808] out_of_memory+0x97d/0xb80 [ 126.340575][T10808] try_charge_memcg+0x62e/0xa10 [ 126.340631][T10808] obj_cgroup_charge_pages+0x23/0xc0 [ 126.340652][T10808] __memcg_kmem_charge_page+0x9e/0x170 [ 126.340676][T10808] __alloc_frozen_pages_noprof+0x18a/0x360 [ 126.340743][T10808] alloc_pages_mpol+0xb3/0x260 [ 126.340765][T10808] alloc_pages_noprof+0x8f/0x130 [ 126.340787][T10808] __vmalloc_node_range_noprof+0xa46/0x12b0 [ 126.340821][T10808] __kvmalloc_node_noprof+0x3d4/0x650 [ 126.340844][T10808] ? futex_hash_allocate+0x190/0x9d0 [ 126.340865][T10808] ? futex_hash_allocate+0x190/0x9d0 [ 126.340968][T10808] futex_hash_allocate+0x190/0x9d0 [ 126.340989][T10808] ? cap_task_prctl+0x13f/0x6e0 [ 126.341059][T10808] futex_hash_prctl+0xd8/0xf0 [ 126.341085][T10808] __se_sys_prctl+0xa3d/0x13f0 [ 126.341107][T10808] __x64_sys_prctl+0x67/0x80 [ 126.341127][T10808] x64_sys_call+0x2533/0x3020 [ 126.341213][T10808] do_syscall_64+0x12c/0x370 [ 126.341239][T10808] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 126.341322][T10808] RIP: 0033:0x7f02b0a8c799 [ 126.341337][T10808] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 126.341351][T10808] RSP: 002b:00007f02af4df028 EFLAGS: 00000246 ORIG_RAX: 000000000000009d [ 126.341367][T10808] RAX: ffffffffffffffda RBX: 00007f02b0d05fa0 RCX: 00007f02b0a8c799 [ 126.341436][T10808] RDX: 0000000001000000 RSI: 0000000000000001 RDI: 000000000000004e [ 126.341450][T10808] RBP: 00007f02b0b22c99 R08: 0000000000000000 R09: 0000000000000000 [ 126.341463][T10808] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 126.341476][T10808] R13: 00007f02b0d06038 R14: 00007f02b0d05fa0 R15: 00007ffc6eedfdb8 [ 126.341532][T10808] [ 126.341608][T10808] memory: usage 302520kB, limit 307200kB, failcnt 367 [ 126.570663][T10808] memory+swap: usage 61376kB, limit 9007199254740988kB, failcnt 0 [ 126.579250][T10808] kmem: usage 54376kB, limit 9007199254740988kB, failcnt 0 [ 126.586897][T10808] Memory cgroup stats for /syz6: [ 126.587214][T10812] netlink: 'syz.5.2928': attribute type 4 has an invalid length. [ 126.587317][T10808] cache 0 [ 126.603325][T10808] rss 36864 [ 126.606426][T10808] shmem 0 [ 126.609372][T10808] mapped_file 0 [ 126.612850][T10808] dirty 0 [ 126.615930][T10808] writeback 0 [ 126.619208][T10808] workingset_refault_anon 106 [ 126.623949][T10808] workingset_refault_file 1856 [ 126.628757][T10808] swap 937984 [ 126.640002][T10808] swapcached 7569408 [ 126.644084][T10808] pgpgin 152150 [ 126.647705][T10808] pgpgout 152127 [ 126.652508][T10808] pgfault 152058 [ 126.656656][T10808] pgmajfault 71 [ 126.660264][T10808] inactive_anon 65536 [ 126.664506][T10808] active_anon 28672 [ 126.668703][T10808] inactive_file 0 [ 126.672587][T10808] active_file 0 [ 126.676065][T10808] unevictable 0 [ 126.679521][T10808] hierarchical_memory_limit 314572800 [ 126.685007][T10808] hierarchical_memsw_limit 9223372036854771712 [ 126.691269][T10808] total_cache 0 [ 126.694714][T10808] total_rss 36864 [ 126.698538][T10808] total_shmem 0 [ 126.705174][T10808] total_mapped_file 0 [ 126.710869][T10808] total_dirty 0 [ 126.725630][T10808] total_writeback 0 [ 126.729455][T10808] total_workingset_refault_anon 106 [ 126.736080][T10808] total_workingset_refault_file 1856 [ 126.742279][T10808] total_swap 937984 [ 126.746700][T10808] total_swapcached 7569408 [ 126.751129][T10808] total_pgpgin 152150 [ 126.755102][T10808] total_pgpgout 152127 [ 126.759205][T10808] total_pgfault 152058 [ 126.763428][T10808] total_pgmajfault 71 [ 126.767473][T10808] total_inactive_anon 65536 [ 126.772082][T10808] total_active_anon 28672 [ 126.776419][T10808] total_inactive_file 0 [ 126.780694][T10808] total_active_file 0 [ 126.784697][T10808] total_unevictable 0 [ 126.788666][T10808] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz6,task_memcg=/syz6,task=syz.6.2927,pid=10807,uid=0 [ 126.811770][T10808] Memory cgroup out of memory: Killed process 10807 (syz.6.2927) total-vm:96212kB, anon-rss:1256kB, file-rss:22316kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000 [ 127.214347][ T28] audit: type=1400 audit(1774314132.663:761): avc: denied { connect } for pid=10847 comm="syz.8.2944" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 127.291758][ T28] audit: type=1326 audit(1774314132.743:762): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10850 comm="syz.5.2945" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fd6c137c799 code=0x0 [ 128.121282][T10874] loop5: detected capacity change from 0 to 512 [ 128.134865][T10874] EXT4-fs: Ignoring removed mblk_io_submit option [ 128.194494][T10854] syz.8.2946 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000 [ 128.220440][T10854] CPU: 0 UID: 0 PID: 10854 Comm: syz.8.2946 Not tainted syzkaller #0 PREEMPT(full) [ 128.220569][T10854] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 128.220581][T10854] Call Trace: [ 128.220587][T10854] [ 128.220595][T10854] __dump_stack+0x1d/0x30 [ 128.220685][T10854] dump_stack_lvl+0x95/0xd0 [ 128.220706][T10854] dump_stack+0x15/0x1b [ 128.220796][T10854] dump_header+0x80/0x240 [ 128.220818][T10854] oom_kill_process+0x295/0x350 [ 128.220892][T10854] out_of_memory+0x97d/0xb80 [ 128.220914][T10854] try_charge_memcg+0x62e/0xa10 [ 128.220948][T10854] mem_cgroup_swapin_charge_folio+0x103/0x1f0 [ 128.221010][T10854] __swap_cache_prepare_and_add+0x386/0x530 [ 128.221041][T10854] swap_cache_alloc_folio+0xa2/0x120 [ 128.221145][T10854] swap_cluster_readahead+0x26e/0x3d0 [ 128.221236][T10854] swapin_readahead+0xde/0x840 [ 128.221260][T10854] ? __rcu_read_unlock+0x4e/0x70 [ 128.221306][T10854] ? __perf_event_task_sched_in+0xa65/0xad0 [ 128.221334][T10854] ? __list_add_valid_or_report+0x38/0xe0 [ 128.221364][T10854] ? __rcu_read_unlock+0x4e/0x70 [ 128.221423][T10854] ? swap_cache_get_folio+0x26f/0x280 [ 128.221449][T10854] do_swap_page+0x30d/0x2220 [ 128.221476][T10854] ? __schedule+0x93c/0xd40 [ 128.221499][T10854] ? __rcu_read_lock+0x36/0x50 [ 128.221556][T10854] ? pte_offset_map_rw_nolock+0x19e/0x200 [ 128.221585][T10854] handle_mm_fault+0xb46/0x3020 [ 128.221647][T10854] ? vma_start_read+0x1c7/0x2c0 [ 128.221672][T10854] do_user_addr_fault+0x62f/0x1050 [ 128.221781][T10854] ? trace_page_fault_user+0x1f/0xe0 [ 128.221809][T10854] exc_page_fault+0x62/0xa0 [ 128.221835][T10854] asm_exc_page_fault+0x26/0x30 [ 128.221854][T10854] RIP: 0033:0x7f72d1c578c3 [ 128.221932][T10854] Code: 25 00 03 00 00 e8 9d 50 06 00 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 53 49 89 ca 64 48 8b 1c 25 10 00 00 00 8b 83 08 03 00 00 <80> 3d ee 5d 29 00 00 75 44 a8 01 75 40 a8 10 75 3c 41 51 4c 8d 9b [ 128.222009][T10854] RSP: 002b:00007ffd9101ef40 EFLAGS: 00010246 [ 128.222026][T10854] RAX: 0000000000000000 RBX: 0000555590b77500 RCX: 0000000000000000 [ 128.222039][T10854] RDX: 00007ffd9101ef80 RSI: 0000000000000000 RDI: 0000000000000000 [ 128.222093][T10854] RBP: 00007f72d1f17da0 R08: 0000000000000000 R09: 0000000000000000 [ 128.222106][T10854] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000001f4c5 [ 128.222118][T10854] R13: 00007f72d1f15fac R14: 000000000001f20a R15: 00007ffd9101f0b0 [ 128.222136][T10854] [ 128.222143][T10854] memory: usage 307200kB, limit 307200kB, failcnt 219 [ 128.463873][T10854] memory+swap: usage 307456kB, limit 9007199254740988kB, failcnt 0 [ 128.471876][T10854] kmem: usage 299000kB, limit 9007199254740988kB, failcnt 0 [ 128.471972][T10874] EXT4-fs error (device loop5): __ext4_iget:5378: inode #11: block 1: comm syz.5.2953: invalid block [ 128.479147][T10854] Memory cgroup stats for /syz8: [ 128.479330][T10854] cache 0 [ 128.498017][T10854] rss 8392704 [ 128.501323][T10854] shmem 0 [ 128.503637][T10874] loop5: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 128.504286][T10854] mapped_file 0 [ 128.504456][T10874] EXT4-fs error (device loop5): ext4_orphan_get:1396: comm syz.5.2953: couldn't read orphan inode 11 (err -117) [ 128.513416][ C1] EXT4-fs (loop5): error count since last fsck: 1 [ 128.513433][ C1] EXT4-fs (loop5): initial error at time 1774314133: __ext4_iget:5378 [ 128.513446][T10854] dirty 0 [ 128.513449][ C1] : inode 11 [ 128.513456][T10854] writeback 4096 [ 128.513457][ C1] : block 1 [ 128.513471][ C1] [ 128.513476][T10854] workingset_refault_anon 2 [ 128.513484][T10854] workingset_refault_file 0 [ 128.513481][ C1] EXT4-fs (loop5): last error at time 1774314133: __ext4_iget:5378 [ 128.513492][T10854] swap 262144 [ 128.513498][T10854] swapcached 270336 [ 128.513499][ C1] : inode 11 [ 128.513506][T10854] pgpgin 53496 [ 128.513506][ C1] : block 1 [ 128.513513][T10854] pgpgout 51446 [ 128.513546][T10854] pgfault 59652 [ 128.513552][T10854] pgmajfault 6 [ 128.513559][T10854] inactive_anon 8192 [ 128.513565][T10854] active_anon 0 [ 128.513571][T10854] inactive_file 0 [ 128.513578][T10854] active_file 0 [ 128.617185][T10874] loop5: lost filesystem error report for type 5 error -117 [ 128.617265][T10854] unevictable 8388608 [ 128.629023][T10874] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 128.641137][T10854] hierarchical_memory_limit 314572800 [ 128.667071][T10854] hierarchical_memsw_limit 9223372036854771712 [ 128.678588][T10854] total_cache 0 [ 128.685881][T10854] total_rss 8392704 [ 128.689679][T10854] total_shmem 0 [ 128.696195][T10854] total_mapped_file 0 [ 128.700256][T10854] total_dirty 0 [ 128.704224][T10854] total_writeback 4096 [ 128.708403][T10854] total_workingset_refault_anon 2 [ 128.713648][T10854] total_workingset_refault_file 0 [ 128.718882][T10854] total_swap 262144 [ 128.722949][T10854] total_swapcached 270336 [ 128.727301][T10854] total_pgpgin 53496 [ 128.731456][T10854] total_pgpgout 51446 [ 128.747161][T10854] total_pgfault 59652 [ 128.751386][T10854] total_pgmajfault 6 [ 128.775532][T10854] total_inactive_anon 8192 [ 128.785648][T10854] total_active_anon 0 [ 128.791868][T10854] total_inactive_file 0 [ 128.799289][T10854] total_active_file 0 [ 128.810826][T10854] total_unevictable 8388608 [ 128.818718][T10854] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz8,task_memcg=/syz8,task=syz.8.2946,pid=10854,uid=0 [ 128.841237][T10854] Memory cgroup out of memory: Killed process 10854 (syz.8.2946) total-vm:96080kB, anon-rss:9416kB, file-rss:22304kB, shmem-rss:0kB, UID:0 pgtables:140kB oom_score_adj:1000 [ 128.880128][T10855] ================================================================== [ 128.888233][T10855] BUG: KCSAN: data-race in mem_cgroup_flush_stats_ratelimited / tick_do_update_jiffies64 [ 128.898050][T10855] [ 128.900367][T10855] read-write to 0xffffffff86c09a00 of 8 bytes by interrupt on cpu 0: [ 128.908418][T10855] tick_do_update_jiffies64+0x113/0x1c0 [ 128.913959][T10855] tick_nohz_handler+0x8d/0x3d0 [ 128.918801][T10855] __hrtimer_run_queues+0x218/0x4f0 [ 128.923985][T10855] hrtimer_interrupt+0x269/0x810 [ 128.928905][T10855] __sysvec_apic_timer_interrupt+0x5f/0x1f0 [ 128.934782][T10855] sysvec_apic_timer_interrupt+0x32/0x80 [ 128.940403][T10855] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 128.946456][T10855] [ 128.948765][T10855] read to 0xffffffff86c09a00 of 8 bytes by task 10855 on cpu 1: [ 128.956377][T10855] mem_cgroup_flush_stats_ratelimited+0x29/0x70 [ 128.962601][T10855] count_shadow_nodes+0x6a/0x230 [ 128.967534][T10855] do_shrink_slab+0x63/0x6a0 [ 128.972113][T10855] shrink_slab+0x538/0x880 [ 128.976509][T10855] shrink_node+0x6bc/0x2130 [ 128.981000][T10855] do_try_to_free_pages+0x408/0xc80 [ 128.986187][T10855] try_to_free_mem_cgroup_pages+0x1f5/0x470 [ 128.992069][T10855] try_charge_memcg+0x37e/0xa10 [ 128.996921][T10855] mem_cgroup_swapin_charge_folio+0x103/0x1f0 [ 129.002999][T10855] __swap_cache_prepare_and_add+0x386/0x530 [ 129.008896][T10855] swap_cache_alloc_folio+0xa2/0x120 [ 129.014173][T10855] swap_cluster_readahead+0x26e/0x3d0 [ 129.019537][T10855] swapin_readahead+0xde/0x840 [ 129.024294][T10855] do_swap_page+0x30d/0x2220 [ 129.028879][T10855] handle_mm_fault+0xb46/0x3020 [ 129.033734][T10855] do_user_addr_fault+0x3fd/0x1050 [ 129.038833][T10855] exc_page_fault+0x62/0xa0 [ 129.043326][T10855] asm_exc_page_fault+0x26/0x30 [ 129.048157][T10855] __get_user_8+0x14/0x30 [ 129.052472][T10855] exit_robust_list+0x31/0x280 [ 129.057224][T10855] futex_exit_release+0xe0/0x130 [ 129.062149][T10855] exit_mm_release+0x1a/0x30 [ 129.066727][T10855] exit_mm+0x37/0x180 [ 129.070705][T10855] do_exit+0x442/0x1600 [ 129.074844][T10855] do_group_exit+0xfe/0x140 [ 129.079340][T10855] get_signal+0xe54/0xf60 [ 129.083654][T10855] arch_do_signal_or_restart+0x96/0x450 [ 129.089188][T10855] exit_to_user_mode_loop+0x6a/0x6f0 [ 129.094458][T10855] do_syscall_64+0x249/0x370 [ 129.099467][T10855] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 129.105341][T10855] [ 129.107648][T10855] value changed: 0x00000000ffffbcf9 -> 0x00000000ffffbcfa [ 129.114734][T10855] [ 129.117034][T10855] Reported by Kernel Concurrency Sanitizer on: [ 129.123174][T10855] CPU: 1 UID: 0 PID: 10855 Comm: syz.8.2946 Not tainted syzkaller #0 PREEMPT(full) [ 129.132555][T10855] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 129.142589][T10855] ==================================================================