last executing test programs: 45.825215228s ago: executing program 0 (id=362): r0 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x2b, 0x1, 0x0, 0x0, 0x0, 0x10009, 0xf40b9, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x4, @perf_config_ext={0x8, 0x100}, 0x204, 0x0, 0x43a1bd78, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x200b}, 0x0, 0x4000000000, 0xffffffffffffffff, 0xa) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) signalfd(0xffffffffffffffff, &(0x7f0000000300)={[0x3]}, 0x8) 45.648569164s ago: executing program 0 (id=367): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff}) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000004500), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@version_9p2000}]}}) write$P9_RVERSION(r2, &(0x7f0000000080)=ANY=[@ANYBLOB="150000006bffff", @ANYRES16=r1, @ANYRES16=r0], 0x15) 45.534064537s ago: executing program 0 (id=371): r0 = socket(0x2, 0x80805, 0x0) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) shutdown(r1, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000200)={0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e23, @rand_addr=0x64010100}]}, &(0x7f0000000140)=0x10) getsockopt$inet_sctp_SCTP_LOCAL_AUTH_CHUNKS(r0, 0x84, 0x1b, &(0x7f0000000000)={r2, 0x2e, "9d72349ce6a840f7a2428371fe4dd9004ea743891444f5531de6f3175f0c76aa2b4fe68a70c5024e14652366eae0"}, &(0x7f0000000040)=0x36) 45.487262719s ago: executing program 0 (id=372): syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file1\x00', 0x404, &(0x7f0000000080)={[{@nodelalloc}, {@nobh}, {@grpjquota}, {@bh}]}, 0x3, 0x439, &(0x7f0000002380)="$eJzs3MtvG0UYAPBv105LXyRU5dEHECiIikfSpKX0wAUEEgeQkOBQjiFJq1K3QU2QaFVBQKgcUSXuiCMSfwEnuCDghMQV7qhShXJp4WS09m5iO3aauE5c8O8nrTuzO9bM592xZ3a6CWBgjWYvScTuiPg9Iobr2eYCo/V/bi1dmf576cp0EtXqW38ltXI3l65MF0WL9+0qMuWI9LMkDrapd/7S5XNTlcrsxTw/vnD+/fH5S5efO3t+6szsmdkLkydPHj828cKJyed7EmcW180DH80d2v/aO9femD517d2fv02K+Fvi6JHRtQ4+Wa32uLr+2tOQTsp9bAgbUqp30xiq9f/hKMXKyRuOVz/ta+OATVWtVqsPdD68WAX+x5LodwuA/ih+6LP5b7Ft0dDjrnDjpfoEKIv7Vr7Vj5QjzcsMtcxve2k0Ik4t/vNVtsXm3IcAAGjyfTb+ebbd+C+NxvtC9+ZrKCMRcV9E7I2IExGxLyLuj6iVfTAiHtpg/a2LJKvHP+n1rgJbp2z892K+ttU8/itGfzFSynN7avEPJafPVmaP5p/JkRjanuUn1qjjh1d++6LTscbxX7Zl9Rdjwbwd18vbm98zM7UwdScxN7rxScSBcrv4k+WVgCQi9kfEgS7rOPv0N4c6Hbt9/GvowTpT9euIp+rnfzFa4i8ka69Pjt8Tldmj48VVsdovv159s1P9dxR/D2Tnf2fb6385/pGkcb12fuN1XP3j845zmm6v/23J2037PpxaWLg4EbEteb3e6JX9pYuTLeUmV8pn8R853L7/742VT+JgRGQX8cMR8UhEPJq3/bGIeDwiDq8R/08vP/Fe9/Fvriz+mQ2d/5XEtmjd0z5ROvfjd02Vjmwk/uz8H6+ljuR71vP9t552dXc1AwAAwH9PGhG7I0nHltNpOjZW/z/8+2JnWpmbX3jm9NwHF2bqzwiMxFBa3OkabrgfOpFP64v8ZEv+WH7f+MvSjlp+bHquMtPv4GHA7erQ/zN/lvrdOmDTdbeOlva8HcDW87wmDC79HwaX/g+Dq03/39GPdgBbr93v/8d9aAew9coNr/nfBAMGhPk/DC79HwaX/g8DaX5H3P4heQmJVYlI74pmSGxSot/fTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAL3xbwAAAP//1Xjmag==") creat(&(0x7f0000000200)='./bus\x00', 0x268) mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0) r0 = open(&(0x7f0000000540)='./bus\x00', 0x4000, 0x0) preadv2(r0, &(0x7f0000000000)=[{&(0x7f0000000580)=""/4105, 0x1009}], 0x1, 0x1, 0x8, 0x8) 45.239956207s ago: executing program 0 (id=378): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='cgroup.controllers\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x22051, r0, 0x0) r1 = socket$rds(0x15, 0x5, 0x0) unshare(0x20000400) setsockopt$RDS_RECVERR(r1, 0x114, 0x5, &(0x7f0000000080)=0x1, 0x4) 44.900653128s ago: executing program 0 (id=387): r0 = fsopen(&(0x7f0000000340)='ramfs\x00', 0x1) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x86) fchdir(r1) mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x21c0, 0x103) 44.882920738s ago: executing program 32 (id=387): r0 = fsopen(&(0x7f0000000340)='ramfs\x00', 0x1) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x86) fchdir(r1) mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x21c0, 0x103) 41.728346139s ago: executing program 1 (id=459): bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x3, 0x0, &(0x7f0000000000)='GPL\x00', 0x5}, 0x94) perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0xc9, 0x0, 0x0, 0x0, 0x0, 0x4, 0x94200, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xc}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'syz_tun\x00', 0x200}) socketpair(0x1, 0x1, 0x0, &(0x7f0000000ac0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x8946, &(0x7f0000000080)) 41.648085092s ago: executing program 1 (id=461): r0 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000080), 0x2) r1 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000040), 0x8002) write$binfmt_aout(r1, &(0x7f0000000380)=ANY=[@ANYBLOB="03070000b5"], 0xc8) write$binfmt_aout(r0, &(0x7f00000003c0)=ANY=[@ANYBLOB="03040000b500000001008aea0000feffe7d5b2a4f9810fc5c81195554c"], 0xc8) dup3(r1, r0, 0x0) 41.637523101s ago: executing program 1 (id=462): chdir(0x0) syz_mount_image$ext4(&(0x7f0000000900)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x1000040, &(0x7f00000000c0)={[{@nouid32}, {@errors_remount}, {@noquota}, {@delalloc}, {@i_version}, {@discard}, {@usrquota}, {@bh}]}, 0x1, 0x5a3, &(0x7f00000002c0)="$eJzs3T1sG3UbAPDnznHTj7xv+krvK72gDhUgFamqk/QDClO7IipV6oDEApHjRlWcuIodaKJIpHuF6IAAdSkbDIwgBgbEwsjKwseMVNEIpKYDGDk+p2nqFCfEMcS/n3TJ/3939vP8fX7OvtOdHEDfOtr4k0Y8EREXk4jhdcsGIlt4tLneyvJi8f7yYjGJev3Sz0kkEXFvebHYWj/J/h+KiKWI+H9EfJWPOJ6uPeW+VqM6vzA1Xi6XZrP+SG366kh1fuHElenxydJkaebU8y+cOXv6zNjJsfXp3q+v7+W3NtYb3998+8Y3L92++fEnR5aK744ncS6GsmXrx7GTmq9JPs5tmH+6G8F6KOl1AmxLLqvzRin9L4Yjl1V9O/X1O4fBXUkP6KL6YER9zbom0AcSRQ99qvU9oHH825p28/vHnfPNA5BG3JXlxeJb0Yo/0Dw3EftXj00O/pI8dGTSON48vJuJsictXY+I0YGBR9//Sfb+277RnUiQrvryfHNDPbr907X9T7TZ/wy1zp3+Ra3930q2/1tpEz+3yf7vYocxfnv1xw82jX99MJ5sGz9Zi5+0iZ9GxOsdxr/1yudnN1tW/zDiWLSP35I8/vzwyOUr5dJo82/bGF8cO/Li5uOPOLhJ/OY52/2riawf/74sp7TD8X/29adPLT0m/rNPP377t3v9D0TEOx3G/8+9j17ebNmd68ndxreArW7/JPJxu8P4z507+l3WdNYQAAAAAAAAAAB2ULp6LVuSFtbaaVooNO/h/W8cTMuVau345crczETzmrfDkU9bV1oNN/tJoz+WXY/b6p/c0D+VywLmDqz2C8VKeaLHYwcAAAAAAAAAAAAAAAAAAIC/i0Mb7v//Nbd6///Gn6sG9qrNf/Ib2OvUP/Svh+s/6VkewO7z+Q99q67+oX+pf+hf6h/6l/qH/tW2/g/sfh7A7vP5D/1L/QMAAAAAAAAAAAAAAAAAAAAAAAAAQFdcvHChMdXvLy8WG/2Jgfm5qcobJyZK1anC9FyxUKzMXi1MViqT5VKhWJn+s+dLKpWrozEzd22kVqrWRqrzC69NV+ZmWr8pWsp3fUQAAAAAAAAAAAAAAAAAAADwzzO0OiVpISLf7KdpoRDxr4g4nERy+Uq5NBoR/46Ib3P5wUZ/rNdJAwAAAAAAAAAAAAAAAAAAwB5TnV+YGi+XS7PdawxkoTp71A+1ruYzsJWVI2JpZ9NoPOOWH5XPXsDubqY+aeQ6fB/2faOHOyUAAAAAAAAAAAAAAAAAAOhTD2767fQRv3c3IQAAAAAAAAAAAAAAAAAAAOhL6U9JRDSmY8PPDG1cui9Zya3+j4g3b11679p4rTY71ph/d21+7f1s/sle5A90qlWnaUQ06hgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4oDq/MDVeLpdmt9kY7GCdXo8RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYDv+CAAA//9bQM66") r0 = open(&(0x7f0000000140)='./file1\x00', 0x66842, 0x1) write$selinux_attr(r0, &(0x7f0000000080)='system_u:object_r:gpg_agent_exec_t:s0\x00', 0x26) pwritev2(r0, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x78c00}], 0x1, 0x1400, 0x0, 0x3) 41.418613149s ago: executing program 1 (id=468): mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mount$bind(&(0x7f0000000080)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89001) mount_setattr(r0, &(0x7f0000001d80)='.\x00', 0x8000, &(0x7f0000001dc0)={0x0, 0x0, 0x40000}, 0x20) 41.344935531s ago: executing program 1 (id=470): bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, '\x00', 0x0, @fallback=0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = syz_io_uring_setup(0x4175, &(0x7f0000000180)={0x0, 0xbf56, 0x10000, 0x2, 0x2d0}, &(0x7f0000000440), &(0x7f0000000400), &(0x7f0000000000)) io_uring_enter(r0, 0x7b1d, 0xe93c, 0xc, 0x0, 0x0) io_uring_register$IORING_REGISTER_NAPI(r0, 0x1b, &(0x7f00000000c0)={0x5, 0x6}, 0x1) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) 41.075840759s ago: executing program 1 (id=476): perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x65, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc093, 0x2, @perf_bp={0x0, 0x8}, 0x4, 0x0, 0x10000, 0x0, 0x2, 0x6, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xdfffffffffffffff, 0xffffffffffffffff, 0x1) r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x8000}, 0x4) r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x8, 0x94, 0x7fff0000}]}) close_range(r1, 0xffffffffffffffff, 0x0) 41.07571214s ago: executing program 33 (id=476): perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x65, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc093, 0x2, @perf_bp={0x0, 0x8}, 0x4, 0x0, 0x10000, 0x0, 0x2, 0x6, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xdfffffffffffffff, 0xffffffffffffffff, 0x1) r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x8000}, 0x4) r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x8, 0x94, 0x7fff0000}]}) close_range(r1, 0xffffffffffffffff, 0x0) 6.457873414s ago: executing program 3 (id=1546): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) clock_gettime(0x0, &(0x7f0000000880)={0x0, 0x0}) setsockopt$sock_timeval(r0, 0x1, 0x42, &(0x7f00000008c0)={r1, r2/1000+60000}, 0x10) recvmmsg(r0, &(0x7f0000006580)=[{{0x0, 0x0, 0x0}, 0x80}], 0x1, 0x2000, 0x0) sendmsg$IPSET_CMD_FLUSH(r0, &(0x7f0000006a80)={0x0, 0x0, &(0x7f0000006a40)={&(0x7f0000006a00)={0x14, 0x4, 0x6, 0x5, 0x0, 0x0, {0x0, 0x0, 0x5}}, 0x14}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) 6.388410186s ago: executing program 3 (id=1551): perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x65, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc093, 0x2, @perf_config_ext={0x8, 0x3}, 0x4, 0x0, 0x10000, 0x0, 0x2, 0x80000001, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xdfffffffffffffff, 0xffffffffffffffff, 0x1) r0 = socket$kcm(0x2, 0x5, 0x84) close(r0) socket$kcm(0x2, 0x1, 0x84) setsockopt$sock_attach_bpf(r0, 0x84, 0x25, &(0x7f0000000000), 0x20000010) 6.27419495s ago: executing program 3 (id=1554): r0 = fsopen(&(0x7f00000003c0)='cgroup2\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x0) r2 = openat$cgroup_int(r1, &(0x7f00000001c0)='cgroup.max.depth\x00', 0x2, 0x0) read(r2, &(0x7f0000000040)=""/208, 0xd0) 6.27380323s ago: executing program 3 (id=1555): syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x1000410, &(0x7f0000000000)={[{@errors_remount}, {@grpquota}]}, 0x4, 0x510, &(0x7f0000001a00)="$eJzs3c9vG1kdAPDvOHGSzbqbLvQACNiyLBRU1fnR3agqB9oLCFWVEBUnDm1I3CiKXUdxUprQQ3rkjkQlTvAncOOA1BNI3LjBjUuRQCpQgRokDl7NeJq4SdykbRI39ucjTWbem0m+72X63vO8xn4B9K2zEbEREUMRcSsixvL8JN/iSmtLr3v29P7s5tP7s0k0mzf+lWTn07xo+57Uu/nPHImIH3w34sfJ7riNtfXFmWq1spynx1dqS+ONtfULC4U8Z2p6cnri0sVPpg6trh/UfvPkOwvXfvi7337p8Z82vvnTtFiln53KzrXX4zC1ql6MUlveYERcO4pgXTKY//vh5Elb22ci4sOs/Y/FQHY3AYBe1myORXOsPQ0A9Lr0+b8USaGczwWUolAol1tzeGditFCtN1bOj9VX78xFNod1OoqF2wvVykQ+V3g6ikmansyOt9NTO9IXI+L9iPj58DtZujxbr85184UPAPSxd3eM//8dbo3/AECPG3nF6/2JAACcfK86/gMAJ5/xHwD6zyuM/6b+AaBHeP4HgP5j/AeA/rPv+P/geMoBAByL71+/nm7Nzfzzr+furq1+q3T3wlylsViurc6WZ+vLS+X5en2+WinPNpv7/bxqvb40+fFWsrG2frNWX72zcnOhNjNfuVkpHnF9AID9vf/Bo78kEbFx+Z1si7a1HIzV0NsKr/VdZ8b/8PdDLwpwzAa6XQCga/Z+P88eC/YBPecAz/imAaDH7Tfid/wToYcWf4WT6tznzf9Dv3q9+X+gF7ze/P+3D70cwPHzeV7Qv5rNxJr/ANBnzPEDb/T//wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANCnStmWFMrZWuAb6ddCuRxxKiJORzG5vVCtTETEexHx5+HicJqe7HahAYA3VPhHkq//dW7so9LOs0PJ/4azfUT85Jc3fnFvZmVleTLN//dW/srDPH9qqBsVAADaXdmd1Rqn833bg/yzp/dnn2/HWcQnV1uLi6ZxN/OtdWYwBrP9SBQjYvQ/SZ5uSV+vDBxC/I0HEfG57frfa4tQyuZAWiuf7oyfxj51BPG3f/874xdeiF/IzqX7Yva7+OwhlAX6zaOrrX4yb3tpE8vbXyHOZvu92/9I1kO9uef93+au/q+w1f8N7IqfZG3+7Fb65SV58vHvv7crsznWOvcg4guDe8VPtuInHfrfjw5Yx79+8csfdjrX/FXEudg7fkst62bHV2pL44219QsLtZn5ynzlztTU9OT0xKWLn0yNZ3PUra9/3CvGPy+ff69T/LT+ox3ij+xT/68dsP6//v+tH33lJfG/8dW97/+Zl8RPx8SvHzD+zOiVjst3p/HnOtT/hfsfu+t//oDxH/9tfe6AlwIAx6Cxtr44U61Wlvc5SF9r7ndNDx4Mvx3FONqD2Ih4C4qRHwzFW1GMfj4YTG9Bt3sm4KhtN/pulwQAAAAAAAAAAAAAAOiksba+OBxH+3aibtcRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA3vVpAAAA//9gQM2x") creat(&(0x7f0000000380)='./bus\x00', 0x0) mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000680)='./bus\x00', 0x0, 0x5000, 0x0) r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x1, 0x2, 0x0, 0x0, 0x19, 0xd, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780800d1cbf7966d61f53dc17769048b0000fd0c000000000000000000000000000000000200000000000000000000000000008000", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x8]}) 5.997949179s ago: executing program 3 (id=1563): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000080)={0xa, 0x2, 0x200, @loopback, 0x7}, 0x1c) sendto$inet6(r0, 0x0, 0x0, 0x200080c0, &(0x7f00000001c0)={0xa, 0x2, 0x8000, @loopback, 0x9}, 0x1c) setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000240)={@in6={{0xa, 0x4e21, 0x10000, @empty, 0x40000}}, 0x0, 0x0, 0x37, 0x0, "306532e8d3216006ab90cbee57bd2c03fe1b85590defa01d816fab79f38553d1af5a3f23b40353bdaa6f511ce73b657d71cd313e95a67e41692efb2db799884f925da7e49a9f7cf1460ac48ba4cec2ee"}, 0xd8) shutdown(r0, 0x1) 5.64458283s ago: executing program 3 (id=1572): syz_mount_image$ext4(&(0x7f0000000400)='ext4\x00', &(0x7f0000000440)='./file0\x00', 0x0, &(0x7f0000000480), 0x1, 0x3f7, &(0x7f00000004c0)="$eJzs281rXFUbAPDn3nyUt2nfxFq/2qrTBjGgJk2iQsBNRUVBcKE7FxKaaSlOmtKM2BYXKoKr4saVrlzpH+DGhSDuXQmudC+FIMW1jNyZe5txMhMzyYyjvb8fTHLO3DOc88yZZ+bcc2cCKK1K9ieJOBIRP0fEdKv61waV1r/fb793Prsl0Wi8/lvSbJfVi6bF46byylwakX6UxMku/W5ev/H2aq1WvZrXF+rrVxY2r9946tL66sXqxerl5ZVnzi4trzy7sjywWG/ePvXTxuev/fHJmV+mnr/51gvZeI/kx9rjGJRKVKKR6zz22KA7G7GjbeVkfIQDoS9jEZFN10Qz/6djLLYnbzpe/HCkgwOGKvtsOtT78PsN4C6WxKhHAIxG8UFfnNsP4zz432zrXOsEaGf845HmbSY6zm8HKTvbuvbmx99mtxjSPgQAQLvvsvXPk93WP2nc39bu//m1oZmIuCcijkXEvRFxPCLui2i2fSAiHuyz/0pHfef6J721r8D2KFv/Pdd1/Vus/mJmLK8dbcY/kVy4VKuezZ+TuZg4lNUXd+njx1e++rLXsUrb+i+7Zf0Xa8F8HLfGOzbo1lbrqweJud3WBxEnuq5/kztXApKIeCgiTuyzj2/ONT7rdezv4x+uxhcRj3ed/+2roMnu1ycXmq+HheJVsdOpd6+s9ep/1PFn83949/hnkvbrtZv99/H1zOmtXsf2+/qfTN5olifz+66t1utXFyMmk1d33r+0/diiXrTP4p+b7Z7/x2L7mTiZzWNEPBwRj0TEo/nYT0fEmYiY3SX+l2Zfru4//uHK4l/ra/77L6wvff9Dr/73Nv9PN0tz+T17ef/b6wAP8twBAADAf0Xa/A58ks7fKafp/HzrO/zH43Ba29isP3Fh453La63vys/ERFrsdE237Ycu5nvDRX2po76c7xt/Ova/Zn3+/Eat56YY8I+Y6pH/mV/HRj06YOj8XgvKS/5Decl/KC/5D+Ul/6G85D+Ul/yH8pL/UF7yH8pL/kMpHeR3/QoKCndrYdTvTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIPxZwAAAP//jYTnFQ==") openat(0xffffffffffffff9c, 0x0, 0x143442, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000600), 0xffffffffffffffff) sendmsg$WG_CMD_GET_DEVICE(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000740)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="010328bd700006dcdf25000000000800010003"], 0x1c}, 0x1, 0x0, 0x0, 0xc0}, 0x40000) 5.627481061s ago: executing program 34 (id=1572): syz_mount_image$ext4(&(0x7f0000000400)='ext4\x00', &(0x7f0000000440)='./file0\x00', 0x0, &(0x7f0000000480), 0x1, 0x3f7, &(0x7f00000004c0)="$eJzs281rXFUbAPDn3nyUt2nfxFq/2qrTBjGgJk2iQsBNRUVBcKE7FxKaaSlOmtKM2BYXKoKr4saVrlzpH+DGhSDuXQmudC+FIMW1jNyZe5txMhMzyYyjvb8fTHLO3DOc88yZZ+bcc2cCKK1K9ieJOBIRP0fEdKv61waV1r/fb793Prsl0Wi8/lvSbJfVi6bF46byylwakX6UxMku/W5ev/H2aq1WvZrXF+rrVxY2r9946tL66sXqxerl5ZVnzi4trzy7sjywWG/ePvXTxuev/fHJmV+mnr/51gvZeI/kx9rjGJRKVKKR6zz22KA7G7GjbeVkfIQDoS9jEZFN10Qz/6djLLYnbzpe/HCkgwOGKvtsOtT78PsN4C6WxKhHAIxG8UFfnNsP4zz432zrXOsEaGf845HmbSY6zm8HKTvbuvbmx99mtxjSPgQAQLvvsvXPk93WP2nc39bu//m1oZmIuCcijkXEvRFxPCLui2i2fSAiHuyz/0pHfef6J721r8D2KFv/Pdd1/Vus/mJmLK8dbcY/kVy4VKuezZ+TuZg4lNUXd+njx1e++rLXsUrb+i+7Zf0Xa8F8HLfGOzbo1lbrqweJud3WBxEnuq5/kztXApKIeCgiTuyzj2/ONT7rdezv4x+uxhcRj3ed/+2roMnu1ycXmq+HheJVsdOpd6+s9ep/1PFn83949/hnkvbrtZv99/H1zOmtXsf2+/qfTN5olifz+66t1utXFyMmk1d33r+0/diiXrTP4p+b7Z7/x2L7mTiZzWNEPBwRj0TEo/nYT0fEmYiY3SX+l2Zfru4//uHK4l/ra/77L6wvff9Dr/73Nv9PN0tz+T17ef/b6wAP8twBAADAf0Xa/A58ks7fKafp/HzrO/zH43Ba29isP3Fh453La63vys/ERFrsdE237Ycu5nvDRX2po76c7xt/Ova/Zn3+/Eat56YY8I+Y6pH/mV/HRj06YOj8XgvKS/5Decl/KC/5D+Ul/6G85D+Ul/yH8pL/UF7yH8pL/kMpHeR3/QoKCndrYdTvTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIPxZwAAAP//jYTnFQ==") openat(0xffffffffffffff9c, 0x0, 0x143442, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000600), 0xffffffffffffffff) sendmsg$WG_CMD_GET_DEVICE(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000740)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="010328bd700006dcdf25000000000800010003"], 0x1c}, 0x1, 0x0, 0x0, 0xc0}, 0x40000) 1.669418137s ago: executing program 5 (id=1672): r0 = socket(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000000)={'team0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000780)=ANY=[@ANYBLOB="5c0000001000ffff25bd7000fbdbdf2500000000", @ANYRES32=0x0, @ANYBLOB="1414000021200000340012800c0001006d6163766c616e002400028008000700070000000800010010000000040005800a000400aaaaaaaaaaaa00000800", @ANYRES32=r2], 0x5c}, 0x1, 0x0, 0x0, 0x1}, 0x8000002) sendmmsg(r0, &(0x7f0000000000), 0x4000000000001f2, 0x0) 1.531091231s ago: executing program 5 (id=1688): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000280)={0x0, 0x1c, &(0x7f0000000000)=[@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x3b}, 0x9}]}, &(0x7f00000002c0)=0x10) getsockopt$inet_sctp6_SCTP_MAX_BURST(r1, 0x84, 0x83, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000300)=0x8) getsockopt$inet_sctp6_SCTP_GET_ASSOC_STATS(r0, 0x84, 0x70, &(0x7f00000001c0)={r2, @in6={{0xa, 0x4e24, 0xfffffff7, @private1={0xfc, 0x1, '\x00', 0x1}, 0xfffffff3}}, [0x1, 0x0, 0xcb30, 0x64bb7762, 0x4d2, 0xa, 0x2, 0xd70, 0x10001, 0x7, 0x100, 0x9, 0x0, 0x4, 0x7]}, &(0x7f0000000040)=0x100) 1.27160851s ago: executing program 6 (id=1690): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)={{0x14}, [@NFT_MSG_NEWRULE={0x6c, 0x6, 0xa, 0x401, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x40, 0x4, 0x0, 0x1, [{0x3c, 0x1, 0x0, 0x1, @exthdr={{0xb}, @val={0x2c, 0x2, 0x0, 0x1, [@NFTA_EXTHDR_TYPE={0x5, 0x2, 0x94}, @NFTA_EXTHDR_OFFSET={0x8}, @NFTA_EXTHDR_LEN={0x8, 0x4, 0x1, 0x0, 0x32}, @NFTA_EXTHDR_FLAGS={0x8, 0x6, 0x1, 0x0, 0x2}, @NFTA_EXTHDR_DREG={0x8, 0x1, 0x1, 0x0, 0x13}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x94}}, 0x0) sendmsg$IPSET_CMD_ADD(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000080)=ANY=[@ANYBLOB="400000000906010200000000000a0000000000000900020073797a31000000000500010007000000180007800c00018008000140ffffffff080009"], 0x40}, 0x1, 0x0, 0x0, 0x10000047}, 0x4000084) 1.23832232s ago: executing program 6 (id=1692): sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000500)=ANY=[], 0x70}}, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0) fcntl$lock(r0, 0x26, &(0x7f0000000140)={0x0, 0x0, 0x76, 0x6031}) 1.222322601s ago: executing program 6 (id=1693): r0 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f0000000040)={0xa, 0xe22}, 0x1c) connect$inet6(r0, &(0x7f0000000100)={0xa, 0x4e24, 0x8d3, @ipv4={'\x00', '\xff\xff', @local}, 0x107da6}, 0x1c) r1 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r1, &(0x7f0000001200)=[{&(0x7f0000000080)="580000001400add427323b472545b45602117fffffff81004e230e227f000001925aa80020007b00090080007f000001e809000000ff0000f03ac710aa7d0000ffffffffffffffffffe7ee00000000000000000200000000", 0x58}], 0x1) 1.201628372s ago: executing program 6 (id=1694): socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(r0, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x1f00) perf_event_open(&(0x7f00000004c0)={0x5, 0x80, 0xa, 0x0, 0x0, 0xa, 0x0, 0x5, 0x44, 0x9, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x2, @perf_config_ext={0x3ff, 0x1}, 0x1186ca, 0xa7, 0x2, 0x5, 0xa5, 0x4, 0x7000, 0x0, 0x0, 0x0, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x9) perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x63, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2, @perf_bp={0x0}, 0x0, 0x0, 0x800000, 0x6, 0x2, 0xcb, 0xffff, 0x0, 0x0, 0x0, 0xbf}, 0xffffffffffffffff, 0xfff8000000000001, 0xffffffffffffffff, 0x1) sendmsg$tipc(r1, &(0x7f0000000240)={0x0, 0x334ecc4b, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0) 1.016033688s ago: executing program 7 (id=1698): unshare(0xe060400) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) io_setup(0x2, &(0x7f0000000000)=0x0) r2 = socket$vsock_stream(0x28, 0x1, 0x0) io_submit(r1, 0x2, &(0x7f00000002c0)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x5, r2, 0x0, 0x0, 0x200}, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2, 0x6518, r0, 0x0, 0x0, 0x5, 0x0, 0x5}]) 870.379352ms ago: executing program 7 (id=1702): r0 = creat(&(0x7f0000000200)='./file0\x00', 0x109) close(r0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x7, 0x34328, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x1, @perf_bp={0x0, 0x2}, 0x10026, 0x10003, 0xfffffff8, 0x3, 0x100008, 0x20005, 0x9, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50) mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000480)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 869.155672ms ago: executing program 2 (id=1703): r0 = socket$inet_sctp(0x2, 0x5, 0x84) r1 = socket(0x2, 0x80805, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x10, &(0x7f0000000080)=[@in={0x2, 0x0, @private=0xa010101}]}, &(0x7f0000000180)=0x10) getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x1d, &(0x7f0000000140)={0x1, [0x0]}, &(0x7f0000000040)=0x8) setsockopt$inet_sctp_SCTP_MAX_BURST(r0, 0x84, 0x14, &(0x7f0000000080)=@assoc_value={r2, 0x8}, 0x8) 826.726833ms ago: executing program 2 (id=1704): r0 = syz_open_dev$loop(&(0x7f0000000100), 0x2, 0x2001) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0) rmdir(0x0) ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f00000002c0)={r1, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x0, 0x0, 0x0, 0x13, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d960001000000000000000000007efff100004000", "6809e8fac11d875397bdb22d0000b420a1a93c527d3d458dd4992861ac0000000000000000000000000000000000000000000000000000000a00", "f4bd000000801900", [0x8, 0xffffffff9673e35d]}}) ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x2, 0xd, 0x0, 0x1b, 0x20, 0x0, "8cbc60f43794fe5807542baf3cf05f477d8fe8895c077c14123c336f059b6652f7bd13cfeca74b6e69a7bc2380380734f146f46c310418f09d00", "c03eb1654e7123c3de8ec6db26049a6753df292cbad23edb079096a140bb404a7e556cebd898af91d177d52d9d82bb770400", "6202ad15a7a8e508a019e45b10955d6e416af307340b4bcc599c71184a3ced11", [0x9, 0xc]}) 782.505095ms ago: executing program 7 (id=1705): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e23, 0x36, @local, 0xf}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000002c0), 0x4) setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000080)=@ccm_128={{0x304}, "f64e40992f79ecf0", "53c272d8b763f690b35605dff8a4a8d2", "3da2d199", "72392a24199b5903"}, 0x28) 716.246047ms ago: executing program 2 (id=1707): socket$inet_tcp(0x2, 0x1, 0x0) openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0) r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000280)={0x29e9c934, 0x3, 0x0, 0x1}, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000010c0)=ANY=[@ANYBLOB="200000001600010a00000000000000000a0000000c0000800800", @ANYRES16=r0], 0x20}, 0x1, 0x0, 0x0, 0x200c0801}, 0x0) 715.560728ms ago: executing program 2 (id=1709): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$fou(&(0x7f0000000b80), 0xffffffffffffffff) sendmsg$FOU_CMD_ADD(r1, &(0x7f0000000c80)={0x0, 0x0, &(0x7f0000000c40)={&(0x7f0000000bc0)={0x1c, r2, 0x1ffd1684a4a9b69d, 0x70bd25, 0x25dfdbff, {}, [@FOU_ATTR_TYPE={0x5, 0x4, 0x1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x8000}, 0x40010) sendmsg$FOU_CMD_DEL(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)={0x14, r2, 0x1, 0x70bd27, 0x25dfdbfd}, 0x14}}, 0x0) 685.860079ms ago: executing program 2 (id=1710): socket$netlink(0x10, 0x3, 0x0) socket$kcm(0x23, 0x5, 0x0) openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) socket$unix(0x1, 0x1, 0x0) pselect6(0x40, &(0x7f0000000000)={0x7f, 0x8, 0x3, 0x7, 0x7, 0x3, 0x800, 0x6}, 0x0, 0x0, 0x0, 0x0) 684.397868ms ago: executing program 4 (id=1711): syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) r0 = socket$rds(0x15, 0x5, 0x0) bind$rds(r0, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10) sendmsg$inet(r0, &(0x7f0000000480)={&(0x7f0000000000)={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10, &(0x7f0000000380)=[{&(0x7f00000001c0)="91cfdfefdb", 0x1a000}], 0x1}, 0x0) sendmsg$rds(r0, &(0x7f0000000140)={&(0x7f00000000c0)={0x2, 0x1, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x801}, 0x0) 684.123669ms ago: executing program 5 (id=1712): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x82000, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x10, 0x572, 0x8000, 0x9, "ff000d00009a468e0cd912098d00"}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETA(r1, 0x5406, &(0x7f0000000200)={0xfffe, 0x81, 0x8, 0xb3, 0xb, "6c06002004dc17a8"}) ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000140)=0x6) 642.30553ms ago: executing program 5 (id=1713): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xc, 0x16, &(0x7f0000000340)=ANY=[@ANYBLOB="61124c00000000006113500000000000bf2000000000000007000000080000002d0301000000000095000000000000006926000000000000bf67000000000000150600000fff070067060000200000006a0200000ee60000bf050000000000003d350000000000006507000002000000070700004a0000000f75000000000000bf54000000000000070400000400f9ff2d530100000000008404000000000000737200000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x7}, 0x94) sendmsg$nl_xfrm(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)=@updpolicy={0xb8, 0x13, 0xcb23c9c9931e99e9, 0x70bd2b, 0x0, {{@in6=@private0, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0xa, 0x40, 0x50, 0x87, 0x0, 0xee01}, {0x0, 0x0, 0x0, 0xfffffffffffffffc}, {0x0, 0x0, 0x0, 0x800000}, 0x4, 0x6e6bb8}}, 0xb8}}, 0x8004) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=@updpolicy={0xb8, 0x13, 0xcb23c9c9931e99e9, 0x0, 0x0, {{@in6=@private0, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0xa, 0x60, 0x30, 0x0, 0x0, 0xee01}, {0x0, 0x0, 0x0, 0x0, 0x4}}}, 0xb8}}, 0x0) 641.95891ms ago: executing program 2 (id=1714): r0 = open(&(0x7f0000000000)='./file0\x00', 0x1607c0, 0x78e22799f4a46ffe) fcntl$setlease(r0, 0x400, 0x0) r1 = syz_create_resource$binfmt(&(0x7f0000001400)='./file0\x00') openat$binfmt(0xffffffffffffff9c, r1, 0x42, 0x1ff) fcntl$getflags(r0, 0x401) 632.65239ms ago: executing program 7 (id=1715): r0 = creat(&(0x7f0000000200)='./file1\x00', 0xea) close(r0) socket$vsock_stream(0x28, 0x1, 0x0) r1 = fsopen(&(0x7f00000002c0)='ext4\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file1\x00', &(0x7f0000001200), 0xa, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) 595.334171ms ago: executing program 5 (id=1716): bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, '\x00', 0x0, @fallback=0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = syz_io_uring_setup(0x5f86, &(0x7f0000000180)={0x0, 0x2a97, 0x10000, 0x2, 0x3b7}, &(0x7f0000001040), &(0x7f0000000080), &(0x7f0000000000)) io_uring_enter(r0, 0x7b20, 0xe93c, 0x0, 0x0, 0x0) io_uring_register$IORING_REGISTER_FILES2(r0, 0xd, &(0x7f00000002c0)={0x5f, 0x0, 0x0, 0x0, 0x0}, 0x20) io_uring_setup(0x62b3, &(0x7f0000000280)={0x0, 0x22b8, 0x10000, 0x1, 0x140}) 594.262181ms ago: executing program 7 (id=1717): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000001240)='./file2\x00', 0x2200400, &(0x7f0000000b40)=ANY=[], 0xfb, 0x1207, &(0x7f0000003680)="$eJzs3E+LW1UYB+B3xtqpU+ePWqstiAfd6ObSmYUb3QwyBWlAaRuhFYRb50ZDrknIDQMRsbpy6+cQQQR3grjTzWz8BoK72bisIF5pYtuJTsGR0lvK8yySF875JeckJHAu95z91774sNepsk4+jsWFhVgcRqQbKVIsxi2fxsuv/vjTc5euXL2w1WptX0zp/NbljVdSSqvPf//Ox1+98MP45Nvfrn63FHvr7+7/tvnr3um9M/t/Xv6gW6VulfqDccrTtcFgnF8ri7TTrXpZSm+VRV4VqduvitFce6ccDIeTlPd3VpaHo6KqUt6fpF4xSeNBGo8mKX8/7/ZTlmVpZTk4umO3q/aXN+q6jqjrR+N41HVdPxbLcTIej5VYjbVYjyfiyXgqTsXTcTqeiWfjm1++ntxMAAAAAAAAAAAAAAAAAAAAAPfOwvTxv+//PzPt1fSoAQAAAAAAAAAAAAAAAAAA4OFy6crVC1ut1vbFlE5ElJ/vtnfbs+dZ+1YnulFGEediLf6I6e7/mVl9/o3W9rk0tR6fldf/zl/fbT8yn9+YHidwaH5jlk/z+aVYPpjfjLU4dXh+81Y+4kD+RLz04oF8Fmvx83sxiDJ2pice3Ml/spHS62+2/vH+Z6f9AAAA4GGQpdsOXb9n2d3aZ/kjXB+YW1/fzJ491ujUiYhq8lEvL8tipHjgi+PNDuP3uq6b/xAaKu7+S1mKiP/9ygsR8WBM8F9F0/9M3A93vvSmRwIAAAAAAAAAAMBR3I/bCZueIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAf7EDxwIAAAAAwvyt0+jYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvgoAAP//uiDOPA==") r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x8042, 0x60) pwrite64(r0, &(0x7f00000001c0)="8a", 0x1, 0x8280c59) r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x8042, 0x60) pwrite64(r1, &(0x7f0000000040)="10", 0xffffffb7, 0x8081000) 428.763447ms ago: executing program 4 (id=1718): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x1f, 0x2, &(0x7f0000001c40)=ANY=[@ANYBLOB="85000000a800000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x13}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48) bpf$MAP_CREATE(0x0, &(0x7f0000000240)=@base={0x2, 0x4, 0x6, 0x6}, 0x50) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="0c000000040000000400000009"], 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000900)={0x0, 0x0, 0x0, 0x0, 0x3, r1, 0x900000000000000}, 0x38) 428.181937ms ago: executing program 4 (id=1719): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x20000000}, [@call={0x85, 0x0, 0x0, 0x2e}, @printk={@lx, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x72}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000000180)=r0, 0x4) sendmsg$inet(r2, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x20000000) 293.747321ms ago: executing program 4 (id=1720): sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000a00)=@delchain={0x18c, 0x65, 0x2, 0x70bd27, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x2, 0x8}, {0x0, 0x1}, {0x0, 0xb}}, [@filter_kind_options=@f_flower={{0xb}, {0x44, 0x2, [@TCA_FLOWER_KEY_ENC_IP_TOS={0x5, 0x50, 0x6}, @TCA_FLOWER_KEY_IPV6_SRC_MASK={0x14, 0xf, [0xffffff00, 0x0, 0xff000000, 0xff000000]}, @TCA_FLOWER_KEY_ARP_THA={0xa, 0x41, @random="98b1b368fac9"}, @TCA_FLOWER_KEY_IP_PROTO={0x5, 0x9, 0x8}, @TCA_FLOWER_KEY_PORT_SRC_MAX={0x6, 0x58, 0x4e22}, @TCA_FLOWER_KEY_CT_MARK_MASK={0x8, 0x60, 0xd}]}}, @TCA_CHAIN={0x8, 0xb, 0x6}, @filter_kind_options=@f_bpf={{0x8}, {0x108, 0x2, [@TCA_BPF_FD={0x8}, @TCA_BPF_NAME={0xc, 0x7, './file0\x00'}, @TCA_BPF_ACT={0xf0, 0x1, [@m_vlan={0x9c, 0x2, 0x0, 0x0, {{0x9}, {0x38, 0x2, 0x0, 0x1, [@TCA_VLAN_PUSH_VLAN_PROTOCOL={0x6, 0x4, 0x88a8}, @TCA_VLAN_PUSH_VLAN_PROTOCOL={0x6, 0x4, 0x88a8}, @TCA_VLAN_PARMS={0x1c, 0x2, {{0x40, 0xffff, 0x10000000, 0xed, 0x8}, 0x3}}, @TCA_VLAN_PUSH_VLAN_ID={0x6, 0x3, 0x4d2}]}, {0x3a, 0x6, "dfcbe56315373395564dd53dac806cb38e1f7fea5713ff518cdde6e8611a50e6682d3078bc3f3c3acd4e05285258f39f0396baca278f"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x1, 0x1}}}}, @m_simple={0x50, 0x1e, 0x0, 0x0, {{0xb}, {0x4}, {0x21, 0x6, "9787c29d6ac649e7ec160dfef7c4cea330102e688fe12213d2bf7dae04"}, {0xc, 0x7, {0x0, 0x79d0f023c2b305dd}}, {0xc, 0x8, {0x3, 0x2}}}}]}]}}]}, 0x18c}, 0x1, 0x0, 0x0, 0x81}, 0x20000080) r0 = socket(0x10, 0x803, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000004c0)={0x0, 0x74}, 0x1, 0x0, 0x0, 0x4060884}, 0x4008010) sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x14}, {&(0x7f00000007c0)=""/154, 0x21}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0xffffffffffffff2f}}], 0x4000000000003b4, 0x2040000, &(0x7f0000003700)={0x77359400}) 244.839292ms ago: executing program 4 (id=1721): r0 = socket$vsock_stream(0x28, 0x1, 0x0) connect$vsock_stream(r0, &(0x7f0000000300)={0x28, 0x0, 0xffffffff, @my=0x0}, 0x10) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x1) ioctl$USBDEVFS_IOCTL(0xffffffffffffffff, 0xc0105512, 0x0) connect$vsock_stream(r0, &(0x7f0000000000)={0x28, 0x0, 0x2711, @host}, 0x10) 225.432153ms ago: executing program 5 (id=1722): r0 = socket$inet_sctp(0x2, 0x5, 0x84) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000280)={0x0, 0x1c, &(0x7f0000000000)=[@in6={0xa, 0x0, 0x0, @private1, 0x9}]}, &(0x7f00000002c0)=0x10) getsockopt$inet_sctp6_SCTP_MAX_BURST(r1, 0x84, 0x83, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f00000004c0)=0x8) setsockopt$inet_sctp_SCTP_DELAYED_SACK(r0, 0x84, 0x10, &(0x7f0000000180)=@sack_info={r2, 0x9, 0x6}, 0xc) 201.515764ms ago: executing program 6 (id=1723): socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r0, &(0x7f0000000940)=[{{&(0x7f0000000040)=@file={0x0, './file0\x00'}, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000240)="8fd6032e42e1e60450b9071516560313587d89775e2c6003f14df6c398e06562a2b66d5889b49ef24f109b56185fe4ef7327cc2a1001ac649e88e542bd46c73047aa0c69c6cafd2d06209a1103720653035021b9a38cd449a170507e71ab378f5cbfc782de67406a1e2e5cbce300dd022d5b6a15a0f8034d2aa27ec310f39e63aed7c573ea018eac8823f2a88f321eb6bf4455ff955a9549df0535bb0ec1d34e7f65c44ad173e835f65c2347e008c9289f3e39612f28495ad51bc23c63ae4ffdfeb6f905d5d7b86058f246f05740e2adf845"}, {&(0x7f0000000100)="40a681186b2989387bf0ce05934b494def9ba167d3e9f367f8441a834772748ac2c33d2a623ffd7d4d9d041e5447b5b1c6181c26"}, {&(0x7f0000000600)="df37020000fb413a00aa45c368f6d341fd64b475b6632e58e9e878691ce1a8fa2fc7"}, {&(0x7f0000000340)="b4b001b898d182a5002b91abc22b77cd0924fd17882ee395b6fb7853f81d1de305f76452680ac35d8ae3e91d3efe9e27248ee86effbcd662d6ffccb475933470fd2c8e35e314b53dc1d643ceebde5ad58fe7df871d36ddc9"}, {&(0x7f00000003c0)="53cbea7694163a80b924c080cf1d34f3fcdf4e426e7fec8aac428f368543d235c53c8aab3df7e2d6a3df41c6aa18ff581c0f966bc884e17242cb94d7262f505eb922de891e19f30f3ba94edc3c9d10a55f2a53d735918c0838c2aa92ed4fe1e6cbbc50610040843bc946"}], 0x0, &(0x7f0000000580)=[@cred, @cred], 0x0, 0x80}}, {{&(0x7f00000006c0)=@file={0x1, './file0/file0\x00'}, 0x0, &(0x7f0000000840)=[{&(0x7f00000005c0)="c188b535ad6af88913a80cb1e9a9b30a2ca5d1c7814397f589daa13c0200000094729d2105afad86bf7fffb0fcf4b0274df41bca"}, {&(0x7f0000000740)="4ea50911e68114722d3e4e1eb834348a"}, {&(0x7f0000000780)="a56bfec4ef6447ca814da2fe35c32b250f099f43e0684cfbae62d8cca721a5abfc47181675e8a0ee07805974ed8dff73afcdcaef6b627b55d5cb76dd8ad4308a80967a9415a3171a9533f594c78fe19fe7b769f891c72c7d50610ce7d7f7794087b1faaac88b0d874324b6e79b7642ac4e906469fa21303773d75ea66c983db1ec548940288483875a8072bddb1c4acd28f1057621ce78"}], 0x0, &(0x7f0000000880)=[@rights={{0x0, 0x1, 0x1, [0xffffffffffffffff]}}, @cred], 0x0, 0x20044041}}], 0x37, 0x0) close(0x3) setsockopt$sock_int(r1, 0x1, 0x2a, &(0x7f0000000000), 0x4) recvmmsg(r1, &(0x7f0000001140)=[{{0x0, 0x0, 0x0}}], 0x700, 0x2, 0x0) 111.498507ms ago: executing program 4 (id=1724): r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000018c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101b01) mremap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x4000, 0x3, &(0x7f0000005000/0x4000)=nil) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbeee, 0x8031, 0xffffffffffffffff, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 9.52329ms ago: executing program 6 (id=1725): unshare(0x6020400) r0 = socket$unix(0x1, 0x2, 0x0) bind$unix(r0, &(0x7f0000000100)=@abs={0x1, 0x0, 0x4e20}, 0x1c) r1 = socket$unix(0x1, 0x2, 0x0) bind$unix(r1, &(0x7f0000000480)=@abs={0x1, 0x0, 0x4e20}, 0x1c) 0s ago: executing program 7 (id=1726): r0 = socket$tipc(0x1e, 0x5, 0x0) bind$tipc(r0, &(0x7f0000000140)=@name={0x1e, 0x2, 0x0, {{0x42, 0x2}}}, 0x10) setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000040)={0x42, 0x1}, 0x10) r1 = socket$tipc(0x1e, 0x5, 0x0) sendmsg$tipc(r1, &(0x7f0000000380)={&(0x7f0000000140)=@name={0x1e, 0x2, 0x3, {{0x42, 0x2}}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x4000884}, 0x4c004) kernel console output (not intermixed with test programs): oop3: p3 < > p4 < > [ 33.071103][ T3856] loop3: partition table partially beyond EOD, truncated [ 33.085543][ T3856] loop3: p3 start 4284289 is beyond EOD, truncated [ 33.183581][ T3877] pimreg: entered allmulticast mode [ 33.197573][ T3877] pimreg: left allmulticast mode [ 33.355056][ T3902] syzkaller1: entered promiscuous mode [ 33.360667][ T3902] syzkaller1: entered allmulticast mode [ 33.386673][ T28] kauditd_printk_skb: 149 callbacks suppressed [ 33.386691][ T28] audit: type=1400 audit(1774950181.452:248): avc: denied { write } for pid=3903 comm="syz.2.188" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 33.456210][ T28] audit: type=1400 audit(1774950181.512:249): avc: denied { execute } for pid=3905 comm="syz.2.189" path="/35/cpu.stat" dev="tmpfs" ino=197 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 33.509459][ T3910] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a843c198, mo2=0002] [ 33.523717][ T3910] System zones: 1-12 [ 33.528895][ T3910] EXT4-fs error (device loop3): ext4_iget_extra_inode:5040: inode #15: comm syz.3.191: corrupted in-inode xattr: e_value size too large [ 33.544488][ T3910] loop3: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 33.544779][ T3910] EXT4-fs error (device loop3): ext4_orphan_get:1402: comm syz.3.191: couldn't read orphan inode 15 (err -117) [ 33.554227][ C0] EXT4-fs (loop3): error count since last fsck: 1 [ 33.554247][ C0] EXT4-fs (loop3): initial error at time 1774950181: ext4_iget_extra_inode:5040: inode 15 [ 33.554274][ C0] EXT4-fs (loop3): last error at time 1774950181: ext4_iget_extra_inode:5040: inode 15 [ 33.593048][ T3910] loop3: lost filesystem error report for type 5 error -117 [ 33.593842][ T3910] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 33.621400][ T28] audit: type=1400 audit(1774950181.692:250): avc: denied { create } for pid=3909 comm="syz.3.191" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=lnk_file permissive=1 [ 33.663718][ T28] audit: type=1400 audit(1774950181.692:251): avc: denied { remove_name } for pid=3909 comm="syz.3.191" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="loop3" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 33.709003][ T28] audit: type=1400 audit(1774950181.692:252): avc: denied { unlink } for pid=3909 comm="syz.3.191" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="loop3" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=lnk_file permissive=1 [ 33.713667][ T3310] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 33.782444][ T3919] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 33.795463][ T3919] ext4 filesystem being mounted at /46/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 33.818276][ T28] audit: type=1400 audit(1774950181.882:253): avc: denied { setattr } for pid=3918 comm="syz.0.195" path="/46/file0" dev="loop0" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 33.843439][ T28] audit: type=1400 audit(1774950181.912:254): avc: denied { create } for pid=3918 comm="syz.0.195" name="bus" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1 [ 33.864069][ T28] audit: type=1400 audit(1774950181.912:255): avc: denied { write } for pid=3918 comm="syz.0.195" name="bus" dev="loop0" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1 [ 33.886463][ T28] audit: type=1400 audit(1774950181.912:256): avc: denied { rename } for pid=3918 comm="syz.0.195" name="file0" dev="loop0" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 33.908805][ T28] audit: type=1400 audit(1774950181.912:257): avc: denied { rmdir } for pid=3918 comm="syz.0.195" name="bus" dev="loop0" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1 [ 33.939977][ T3314] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 34.002644][ T3939] veth1_to_bond: entered allmulticast mode [ 34.030494][ T3938] veth1_to_bond: left allmulticast mode [ 34.063773][ T3946] netlink: 4 bytes leftover after parsing attributes in process `syz.0.207'. [ 34.184803][ T3964] EXT4-fs error (device loop0): ext4_iget_extra_inode:5040: inode #15: comm syz.0.215: corrupted in-inode xattr: invalid ea_ino [ 34.199620][ T3964] loop0: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 34.199802][ T3964] EXT4-fs error (device loop0): ext4_orphan_get:1402: comm syz.0.215: couldn't read orphan inode 15 (err -117) [ 34.209115][ C0] EXT4-fs (loop0): error count since last fsck: 1 [ 34.209137][ C0] EXT4-fs (loop0): initial error at time 1774950182: ext4_iget_extra_inode:5040: inode 15 [ 34.209172][ C0] EXT4-fs (loop0): last error at time 1774950182: ext4_iget_extra_inode:5040: inode 15 [ 34.249418][ T3964] loop0: lost filesystem error report for type 5 error -117 [ 34.250211][ T3964] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 34.329660][ T3314] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 34.341226][ T3970] Freezing with imperfect legacy cgroup freezer. See cgroup.freeze of cgroup v2 [ 34.466763][ T3980] netlink: 16 bytes leftover after parsing attributes in process `syz.1.222'. [ 34.690847][ T4003] set_capacity_and_notify: 4 callbacks suppressed [ 34.690864][ T4003] loop2: detected capacity change from 0 to 128 [ 34.724744][ T4003] syz.2.233: attempt to access beyond end of device [ 34.724744][ T4003] loop2: rw=1, sector=138, nr_sectors = 2 limit=128 [ 34.787645][ T4010] netlink: 72 bytes leftover after parsing attributes in process `syz.4.236'. [ 34.810227][ T4015] loop0: detected capacity change from 0 to 256 [ 34.811559][ T4010] netlink: 12 bytes leftover after parsing attributes in process `syz.4.236'. [ 34.817333][ T4015] vfat: Unknown parameter '0xffffffffffffffffÿÿÿÿÿÿÿÿÿÿ18446744073709551615ÿÿÿÿÿÿÿÿ' [ 34.829369][ T4010] netlink: 16 bytes leftover after parsing attributes in process `syz.4.236'. [ 35.053502][ T4035] usb usb9: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 35.061007][ T4035] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 35.131666][ T4045] netlink: 16 bytes leftover after parsing attributes in process `syz.1.251'. [ 35.194514][ T4054] loop0: detected capacity change from 0 to 164 [ 35.201965][ T4054] ISOFS: Bad logical zone size 2816 [ 35.510417][ T4082] syzkaller1: entered promiscuous mode [ 35.516282][ T4082] syzkaller1: entered allmulticast mode [ 35.803574][ T4093] tap0: tun_chr_ioctl cmd 2148553947 [ 35.809365][ T4093] tap0: tun_chr_ioctl cmd 1074025677 [ 35.815313][ T4093] tap0: linktype set to 804 [ 36.257342][ T4141] loop4: detected capacity change from 0 to 512 [ 36.264182][ T4141] EXT4-fs: Ignoring removed mblk_io_submit option [ 36.280827][ T4141] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 36.305055][ T4146] mmap: syz.3.295 (4146) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 36.328043][ T4141] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 36.340970][ T4141] ext4 filesystem being mounted at /46/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 36.388201][ T3318] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 36.633679][ T4178] serio: Serial port ttyS3 [ 36.669724][ T4138] syz.1.293 (4138) used greatest stack depth: 9336 bytes left [ 36.686806][ T4180] netlink: 16 bytes leftover after parsing attributes in process `syz.1.303'. [ 37.113614][ T4207] loop2: detected capacity change from 0 to 512 [ 37.127985][ T4207] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended [ 37.149390][ T4207] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem [ 37.187040][ T4207] EXT4-fs (loop2): warning: mounting unchecked fs, running e2fsck is recommended [ 37.198172][ T4207] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006] [ 37.207742][ T4207] System zones: 0-2, 18-18, 34-35 [ 37.213518][ T4207] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 37.230115][ T4207] process 'syz.2.316' launched './file1' with NULL argv: empty string added [ 37.267361][ T3312] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 37.302065][ T4222] pim6reg1: entered promiscuous mode [ 37.308084][ T4222] pim6reg1: entered allmulticast mode [ 37.402931][ T4236] netlink: 236 bytes leftover after parsing attributes in process `syz.0.329'. [ 37.421238][ T4236] netlink: 236 bytes leftover after parsing attributes in process `syz.0.329'. [ 37.438959][ T4238] loop4: detected capacity change from 0 to 128 [ 37.464345][ T4238] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 37.652352][ T4255] loop3: detected capacity change from 0 to 512 [ 37.678124][ T4255] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 37.708499][ T4255] EXT4-fs warning (device loop3): ext4_expand_extra_isize_ea:2858: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 37.731869][ T4255] EXT4-fs (loop3): 1 truncate cleaned up [ 37.740466][ T4255] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 37.790635][ T36] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 38.015628][ T3310] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 38.054960][ T4260] GUP no longer grows the stack in syz.3.337 (4260): 200000004000-20000000a000 (200000002000) [ 38.075543][ T4260] CPU: 0 UID: 0 PID: 4260 Comm: syz.3.337 Not tainted syzkaller #0 PREEMPT(full) [ 38.075596][ T4260] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 38.075611][ T4260] Call Trace: [ 38.075620][ T4260] [ 38.075630][ T4260] __dump_stack+0x1d/0x30 [ 38.075657][ T4260] dump_stack_lvl+0x95/0xd0 [ 38.075679][ T4260] dump_stack+0x15/0x1b [ 38.075725][ T4260] __get_user_pages+0x195b/0x1ea0 [ 38.075764][ T4260] ? xfd_validate_state+0x45/0xf0 [ 38.075802][ T4260] ? __rcu_read_unlock+0x4e/0x70 [ 38.075896][ T4260] get_user_pages_remote+0x1d5/0x6b0 [ 38.076069][ T4260] __access_remote_vm+0x15c/0x580 [ 38.076111][ T4260] access_remote_vm+0x32/0x40 [ 38.076139][ T4260] proc_pid_cmdline_read+0x32b/0x6b0 [ 38.076166][ T4260] ? __pfx_proc_pid_cmdline_read+0x10/0x10 [ 38.076250][ T4260] vfs_readv+0x432/0x6e0 [ 38.076358][ T4260] __x64_sys_preadv+0xfd/0x1c0 [ 38.076378][ T4260] x64_sys_call+0x2915/0x3020 [ 38.076459][ T4260] do_syscall_64+0x12c/0x370 [ 38.076485][ T4260] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 38.076509][ T4260] RIP: 0033:0x7f6b5b53c819 [ 38.076529][ T4260] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 38.076602][ T4260] RSP: 002b:00007f6b59f97028 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 38.076623][ T4260] RAX: ffffffffffffffda RBX: 00007f6b5b7b5fa0 RCX: 00007f6b5b53c819 [ 38.076640][ T4260] RDX: 0000000000000001 RSI: 0000200000000680 RDI: 0000000000000003 [ 38.076654][ T4260] RBP: 00007f6b5b5d2c91 R08: 00000000fffffff9 R09: 0000000000000000 [ 38.076667][ T4260] R10: 0000000000000016 R11: 0000000000000246 R12: 0000000000000000 [ 38.076682][ T4260] R13: 00007f6b5b7b6038 R14: 00007f6b5b7b5fa0 R15: 00007ffc2822a688 [ 38.076790][ T4260] [ 38.471778][ T4285] netlink: 64 bytes leftover after parsing attributes in process `syz.3.349'. [ 38.564359][ T28] kauditd_printk_skb: 110 callbacks suppressed [ 38.564376][ T28] audit: type=1400 audit(1774950186.632:368): avc: denied { map } for pid=4289 comm="syz.1.351" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=7216 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 38.632348][ T28] audit: type=1400 audit(1774950186.632:369): avc: denied { read write } for pid=4289 comm="syz.1.351" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=7216 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 38.731013][ T4302] loop0: detected capacity change from 0 to 512 [ 38.801778][ T4302] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 38.824149][ T28] audit: type=1400 audit(1774950186.892:370): avc: denied { view } for pid=4308 comm="syz.3.356" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1 [ 38.879807][ T4302] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 38.893301][ T28] audit: type=1400 audit(1774950186.962:371): avc: denied { create } for pid=4310 comm="syz.3.358" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_connector_socket permissive=1 [ 38.893474][ T4302] ext4 filesystem being mounted at /78/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 38.974444][ T28] audit: type=1400 audit(1774950187.042:372): avc: denied { add_name } for pid=4301 comm="syz.0.355" name=".log" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 38.980017][ T4317] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=none:owns=io+mem [ 38.995671][ T28] audit: type=1400 audit(1774950187.042:373): avc: denied { read write } for pid=4316 comm="syz.2.360" name="vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1 [ 39.031042][ T28] audit: type=1400 audit(1774950187.042:374): avc: denied { open } for pid=4316 comm="syz.2.360" path="/dev/vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1 [ 39.076654][ T3314] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 39.158906][ T28] audit: type=1326 audit(1774950187.222:375): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4324 comm="syz.0.362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f89f8a4c819 code=0x7ffc0000 [ 39.212577][ T28] audit: type=1326 audit(1774950187.252:376): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4324 comm="syz.0.362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=282 compat=0 ip=0x7f89f8a4c819 code=0x7ffc0000 [ 39.273820][ T28] audit: type=1326 audit(1774950187.252:377): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4324 comm="syz.0.362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f89f8a4c819 code=0x7ffc0000 [ 39.331860][ T4334] 9pnet: p9_errstr2errno: server reported unknown error  [ 39.436651][ T4347] loop0: detected capacity change from 0 to 512 [ 39.472091][ T4347] EXT4-fs: Ignoring removed nobh option [ 39.479939][ T4347] EXT4-fs: Ignoring removed bh option [ 39.486722][ T4350] netlink: 'syz.2.373': attribute type 21 has an invalid length. [ 39.501278][ T4350] netlink: 132 bytes leftover after parsing attributes in process `syz.2.373'. [ 39.510847][ T4347] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 39.548547][ T4347] EXT4-fs (loop0): 1 truncate cleaned up [ 39.561245][ T4347] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 39.596997][ T4355] xt_CONNSECMARK: invalid mode: 0 [ 39.687718][ T3314] EXT4-fs error (device loop0): mb_free_blocks:2049: group 0, inode 11: block 54:freeing already freed block (bit 53); block bitmap corrupt. [ 39.742323][ T3314] EXT4-fs error (device loop0): ext4_lookup:1785: inode #14: comm syz-executor: invalid fast symlink length 39 [ 39.768517][ T3314] EXT4-fs error (device loop0): ext4_lookup:1785: inode #14: comm syz-executor: invalid fast symlink length 39 [ 39.793790][ T4369] netlink: 'syz.4.382': attribute type 21 has an invalid length. [ 39.953299][ T3314] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 39.966209][ T2026] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 39.967666][ T4381] loop2: detected capacity change from 0 to 512 [ 40.027100][ T2026] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 40.065432][ T4381] EXT4-fs: Ignoring removed bh option [ 40.092092][ T4381] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended [ 40.114442][ T2026] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 40.144344][ T4381] EXT4-fs (loop2): can't mount with commit=, fs mounted w/o journal [ 40.263062][ T2026] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 40.376683][ T4415] netlink: 8 bytes leftover after parsing attributes in process `syz.4.398'. [ 40.443473][ T2026] bridge_slave_1: left allmulticast mode [ 40.451686][ T2026] bridge_slave_1: left promiscuous mode [ 40.458979][ T2026] bridge0: port 2(bridge_slave_1) entered disabled state [ 40.467325][ T2026] bridge_slave_0: left allmulticast mode [ 40.480488][ T2026] bridge_slave_0: left promiscuous mode [ 40.486496][ T2026] bridge0: port 1(bridge_slave_0) entered disabled state [ 40.566946][ T56] Bluetooth: hci0: Frame reassembly failed (-84) [ 40.688673][ T2026] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 40.699082][ T2026] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 40.708942][ T2026] bond0 (unregistering): Released all slaves [ 40.766432][ T4440] loop3: detected capacity change from 0 to 512 [ 40.827144][ T2026] hsr_slave_0: left promiscuous mode [ 40.872306][ T2026] hsr_slave_1: left promiscuous mode [ 40.886637][ T2026] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 40.899055][ T4456] loop1: detected capacity change from 0 to 1024 [ 40.911552][ T2026] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 40.928823][ T4456] EXT4-fs: inline encryption not supported [ 40.936874][ T2026] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 40.944846][ T2026] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 40.961137][ T2026] veth1_macvtap: left promiscuous mode [ 40.967264][ T2026] veth0_macvtap: left promiscuous mode [ 40.973599][ T2026] veth1_vlan: left promiscuous mode [ 40.979685][ T2026] veth0_vlan: left promiscuous mode [ 40.986978][ T4456] EXT4-fs (loop1): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 40.999388][ T4456] ext4 filesystem being mounted at /92/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 41.014699][ T4456] EXT4-fs error (device loop1): ext4_map_blocks:828: inode #15: comm syz.1.411: lblock 0 mapped to illegal pblock 0 (length 1) [ 41.029740][ T4456] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 117 [ 41.042386][ T4456] EXT4-fs (loop1): This should not happen!! Data will be lost [ 41.042386][ T4456] [ 41.063931][ T3309] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 41.076180][ T2026] team0 (unregistering): Port device team_slave_1 removed [ 41.092129][ T2026] team0 (unregistering): Port device team_slave_0 removed [ 41.248776][ T4389] chnl_net:caif_netlink_parms(): no params data found [ 41.344301][ T4389] bridge0: port 1(bridge_slave_0) entered blocking state [ 41.353914][ T4389] bridge0: port 1(bridge_slave_0) entered disabled state [ 41.361196][ T4389] bridge_slave_0: entered allmulticast mode [ 41.368899][ T4389] bridge_slave_0: entered promiscuous mode [ 41.382780][ T4389] bridge0: port 2(bridge_slave_1) entered blocking state [ 41.390084][ T4389] bridge0: port 2(bridge_slave_1) entered disabled state [ 41.404382][ T4389] bridge_slave_1: entered allmulticast mode [ 41.411036][ T4389] bridge_slave_1: entered promiscuous mode [ 41.447296][ T4389] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 41.473194][ T4389] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 41.518356][ T4389] team0: Port device team_slave_0 added [ 41.529548][ T4389] team0: Port device team_slave_1 added [ 41.547658][ T4389] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 41.555885][ T4389] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 41.584358][ T4389] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 41.595969][ T4389] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 41.603997][ T4389] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 41.639858][ T4389] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 41.676771][ T4389] hsr_slave_0: entered promiscuous mode [ 41.682981][ T4389] hsr_slave_1: entered promiscuous mode [ 41.688745][ T4389] debugfs: 'hsr0' already exists in 'hsr' [ 41.694873][ T4389] Cannot create hsr debugfs directory [ 41.874092][ T4389] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 41.884226][ T4389] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 41.907719][ T4389] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 41.919587][ T4389] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 41.986264][ T4389] 8021q: adding VLAN 0 to HW filter on device bond0 [ 42.003331][ T4389] 8021q: adding VLAN 0 to HW filter on device team0 [ 42.022768][ T36] bridge0: port 1(bridge_slave_0) entered blocking state [ 42.029931][ T36] bridge0: port 1(bridge_slave_0) entered forwarding state [ 42.047260][ T2026] bridge0: port 2(bridge_slave_1) entered blocking state [ 42.054362][ T2026] bridge0: port 2(bridge_slave_1) entered forwarding state [ 42.148766][ T4389] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 42.234296][ T4593] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=4593 comm=syz.3.437 [ 42.263785][ T4597] netlink: 4 bytes leftover after parsing attributes in process `syz.1.438'. [ 42.293105][ T3398] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 42.305716][ T3398] hid-generic 0000:0000:0000.0001: hidraw0: HID v0.00 Device [syz1] on syz0 [ 42.316280][ T4597] team0: Port device team_slave_0 removed [ 42.431533][ T4389] veth0_vlan: entered promiscuous mode [ 42.452493][ T4389] veth1_vlan: entered promiscuous mode [ 42.477816][ T4389] veth0_macvtap: entered promiscuous mode [ 42.500723][ T4389] veth1_macvtap: entered promiscuous mode [ 42.544348][ T4389] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 42.566261][ T4389] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 42.610592][ T12] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 42.636756][ T12] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 42.648159][ T3646] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 42.651550][ T43] Bluetooth: hci0: command 0x1003 tx timeout [ 42.669572][ T12] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 42.679208][ T4633] loop7: detected capacity change from 0 to 7 [ 42.679932][ T12] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 42.710001][ T4637] netlink: 116376 bytes leftover after parsing attributes in process `syz.4.452'. [ 42.738471][ T4637] netlink: zone id is out of range [ 42.744402][ T4637] netlink: zone id is out of range [ 42.756111][ C0] invalid error, dev loop7, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 42.766195][ C0] Buffer I/O error on dev loop7, logical block 0, lost async page write [ 42.780697][ C0] invalid error, dev loop7, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 42.791039][ C0] Buffer I/O error on dev loop7, logical block 0, lost async page write [ 42.811514][ T4643] Driver unsupported XDP return value 0 on prog (id 78) dev N/A, expect packet loss! [ 43.293012][ T4663] loop1: detected capacity change from 0 to 1024 [ 43.303260][ T4663] EXT4-fs: Ignoring removed i_version option [ 43.345468][ T4663] EXT4-fs: Ignoring removed bh option [ 43.372723][ T4666] netlink: 16 bytes leftover after parsing attributes in process `syz.2.464'. [ 43.382094][ T4671] loop5: detected capacity change from 0 to 1024 [ 43.389290][ T4663] EXT4-fs (loop1): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: writeback. [ 43.421077][ T4663] ext4 filesystem being mounted at /111/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 43.438491][ T4663] EXT4-fs error (device loop1): ext4_map_blocks:828: inode #15: comm syz.1.462: lblock 0 mapped to illegal pblock 0 (length 1) [ 43.452920][ T4663] EXT4-fs (loop1): Remounting filesystem read-only [ 43.494407][ T3309] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 43.527163][ T4671] EXT4-fs (loop5): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: writeback. [ 43.544585][ T4671] ext4 filesystem being mounted at /2/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 43.563620][ T4685] loop2: detected capacity change from 0 to 128 [ 43.576879][ T4685] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 43.596838][ T4671] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.465: bg 0: block 112: padding at end of block bitmap is not set [ 43.612275][ T4671] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 52 with error 28 [ 43.626830][ T4671] EXT4-fs (loop5): This should not happen!! Data will be lost [ 43.626830][ T4671] [ 43.636976][ T4671] EXT4-fs (loop5): Total free blocks count 0 [ 43.643123][ T4671] EXT4-fs (loop5): Free/Dirty block details [ 43.649132][ T4671] EXT4-fs (loop5): free_blocks=0 [ 43.654466][ T4671] EXT4-fs (loop5): dirty_blocks=64 [ 43.659759][ T4671] EXT4-fs (loop5): Block reservation details [ 43.665923][ T4671] EXT4-fs (loop5): i_reserved_data_blocks=4 [ 43.697400][ T4389] EXT4-fs warning (device loop5): ext4_evict_inode:195: inode #15: comm syz-executor: data will be lost [ 43.709661][ T4389] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 43.777196][ T56] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 43.814443][ T56] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 43.876712][ T56] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 43.928544][ T56] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 44.089896][ T56] bridge_slave_1: left allmulticast mode [ 44.108748][ T56] bridge_slave_1: left promiscuous mode [ 44.116948][ T56] bridge0: port 2(bridge_slave_1) entered disabled state [ 44.125981][ T56] bridge_slave_0: left allmulticast mode [ 44.138538][ T56] bridge_slave_0: left promiscuous mode [ 44.148975][ T56] bridge0: port 1(bridge_slave_0) entered disabled state [ 44.284075][ T56] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 44.293981][ T56] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 44.303460][ T56] bond0 (unregistering): Released all slaves [ 44.365435][ T56] hsr_slave_0: left promiscuous mode [ 44.373668][ T36] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 44.382900][ T56] hsr_slave_1: left promiscuous mode [ 44.390892][ T56] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 44.398930][ T56] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 44.429511][ T56] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 44.454672][ T56] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 44.461861][ T4752] netlink: 16 bytes leftover after parsing attributes in process `syz.3.484'. [ 44.503731][ T56] veth1_macvtap: left promiscuous mode [ 44.513291][ T56] veth0_macvtap: left promiscuous mode [ 44.519025][ T56] veth1_vlan: left promiscuous mode [ 44.524798][ T56] veth0_vlan: left promiscuous mode [ 44.533997][ T28] kauditd_printk_skb: 35 callbacks suppressed [ 44.534014][ T28] audit: type=1400 audit(1774950192.602:413): avc: denied { mounton } for pid=4760 comm="syz.4.486" path="/proc/166/cgroup" dev="proc" ino=9084 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=file permissive=1 [ 44.669840][ T56] team0 (unregistering): Port device team_slave_1 removed [ 44.704209][ T4752] netlink: 16 bytes leftover after parsing attributes in process `syz.3.484'. [ 44.724979][ T4769] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 44.732571][ T4769] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 44.758742][ T4769] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 44.761580][ T28] audit: type=1400 audit(1774950192.822:414): avc: denied { create } for pid=4779 comm="syz.3.493" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 44.793716][ T4769] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 44.827962][ T28] audit: type=1400 audit(1774950192.892:415): avc: denied { write } for pid=4779 comm="syz.3.493" lport=262 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 44.880568][ T28] audit: type=1326 audit(1774950192.922:416): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4783 comm="syz.2.494" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd5d347c819 code=0x7ffc0000 [ 44.909395][ T28] audit: type=1326 audit(1774950192.922:417): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4783 comm="syz.2.494" exe="/root/syz-executor" sig=0 arch=c000003e syscall=135 compat=0 ip=0x7fd5d347c819 code=0x7ffc0000 [ 44.934505][ T28] audit: type=1326 audit(1774950192.922:418): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4783 comm="syz.2.494" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd5d347c819 code=0x7ffc0000 [ 44.964721][ T28] audit: type=1326 audit(1774950192.922:419): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4783 comm="syz.2.494" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd5d347c819 code=0x7ffc0000 [ 44.970758][ T4704] chnl_net:caif_netlink_parms(): no params data found [ 45.007430][ T28] audit: type=1400 audit(1774950192.932:420): avc: denied { create } for pid=4788 comm="syz.3.495" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1 [ 45.042655][ T4801] loop2: detected capacity change from 0 to 512 [ 45.053627][ T4801] EXT4-fs: Ignoring removed nobh option [ 45.069461][ T28] audit: type=1400 audit(1774950193.002:421): avc: denied { write } for pid=4788 comm="syz.3.495" path="socket:[9122]" dev="sockfs" ino=9122 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1 [ 45.105938][ T4801] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 45.111760][ T4704] bridge0: port 1(bridge_slave_0) entered blocking state [ 45.119273][ T4801] ext4 filesystem being mounted at /96/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 45.126864][ T4704] bridge0: port 1(bridge_slave_0) entered disabled state [ 45.144704][ T4704] bridge_slave_0: entered allmulticast mode [ 45.151311][ T4704] bridge_slave_0: entered promiscuous mode [ 45.158785][ T4704] bridge0: port 2(bridge_slave_1) entered blocking state [ 45.166209][ T4704] bridge0: port 2(bridge_slave_1) entered disabled state [ 45.173621][ T4704] bridge_slave_1: entered allmulticast mode [ 45.180138][ T4704] bridge_slave_1: entered promiscuous mode [ 45.252175][ T4704] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 45.262857][ T4704] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 45.279655][ T3312] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 45.308109][ T4704] team0: Port device team_slave_0 added [ 45.322311][ T4704] team0: Port device team_slave_1 added [ 45.375683][ T4704] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 45.393478][ T4704] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 45.474901][ T4704] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 45.518120][ T4843] bridge1: entered promiscuous mode [ 45.526998][ T4843] bridge1: entered allmulticast mode [ 45.535737][ T4843] team0: Port device bridge1 added [ 45.542281][ T4704] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 45.549341][ T4704] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 45.578423][ T4704] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 45.610393][ T4704] hsr_slave_0: entered promiscuous mode [ 45.617144][ T4704] hsr_slave_1: entered promiscuous mode [ 45.644986][ T4843] bridge0: port 3(team0) entered blocking state [ 45.651803][ T4843] bridge0: port 3(team0) entered disabled state [ 45.658305][ T4843] team0: entered allmulticast mode [ 45.663602][ T4843] team_slave_0: entered allmulticast mode [ 45.669375][ T4843] team_slave_1: entered allmulticast mode [ 45.676593][ T4843] team0: entered promiscuous mode [ 45.682070][ T4843] team_slave_0: entered promiscuous mode [ 45.687945][ T4843] team_slave_1: entered promiscuous mode [ 45.694162][ T4843] bridge0: port 3(team0) entered blocking state [ 45.700491][ T4843] bridge0: port 3(team0) entered forwarding state [ 45.763605][ T28] audit: type=1400 audit(1774950193.812:422): avc: denied { setopt } for pid=4852 comm="syz.2.510" lport=1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 45.799868][ T4859] netlink: 'syz.2.513': attribute type 21 has an invalid length. [ 45.815244][ T4861] loop3: detected capacity change from 0 to 2048 [ 45.838945][ T4861] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 45.891302][ T3310] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 45.916418][ T4704] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 45.953914][ T4704] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 45.960267][ T4872] Invalid argument reading file caps for ./file0 [ 45.977545][ T4704] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 46.036421][ T4704] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 46.066662][ T4881] loop2: detected capacity change from 0 to 1024 [ 46.091625][ T4881] EXT4-fs: inline encryption not supported [ 46.140518][ T4894] netlink: 4 bytes leftover after parsing attributes in process `syz.3.523'. [ 46.153440][ T4881] EXT4-fs (loop2): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 46.169247][ T4704] 8021q: adding VLAN 0 to HW filter on device bond0 [ 46.179755][ T4881] ext4 filesystem being mounted at /105/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 46.183149][ T4704] 8021q: adding VLAN 0 to HW filter on device team0 [ 46.204426][ T56] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.206480][ T4881] EXT4-fs error (device loop2): ext4_map_blocks:828: inode #15: comm syz.2.520: lblock 0 mapped to illegal pblock 0 (length 1) [ 46.211565][ T56] bridge0: port 1(bridge_slave_0) entered forwarding state [ 46.225120][ T4881] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 117 [ 46.244736][ T4881] EXT4-fs (loop2): This should not happen!! Data will be lost [ 46.244736][ T4881] [ 46.268974][ T4881] EXT4-fs error (device loop2): ext4_map_blocks:786: inode #15: comm syz.2.520: lblock 0 mapped to illegal pblock 0 (length 1) [ 46.284119][ T56] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.291313][ T56] bridge0: port 2(bridge_slave_1) entered forwarding state [ 46.291903][ T4881] EXT4-fs error (device loop2): ext4_map_blocks:786: inode #15: comm syz.2.520: lblock 0 mapped to illegal pblock 0 (length 1) [ 46.316044][ T4881] EXT4-fs error (device loop2): ext4_map_blocks:786: inode #15: comm syz.2.520: lblock 0 mapped to illegal pblock 0 (length 1) [ 46.322934][ T4704] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 46.340220][ T4881] EXT4-fs error (device loop2): ext4_map_blocks:786: inode #15: comm syz.2.520: lblock 0 mapped to illegal pblock 0 (length 1) [ 46.340387][ T4704] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 46.408842][ T3312] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 46.454933][ T4704] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 46.642713][ T4704] veth0_vlan: entered promiscuous mode [ 46.679770][ T4704] veth1_vlan: entered promiscuous mode [ 46.703704][ T4704] veth0_macvtap: entered promiscuous mode [ 46.723560][ T4704] veth1_macvtap: entered promiscuous mode [ 46.749642][ T4704] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 46.761045][ T4704] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 46.779476][ T36] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 46.790328][ T36] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 46.810180][ T12] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 46.824567][ T12] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.146967][ T4985] xt_hashlimit: size too large, truncated to 1048576 [ 47.225962][ T4994] Invalid argument reading file caps for ./file0 [ 47.321134][ T5000] netlink: 8 bytes leftover after parsing attributes in process `syz.3.557'. [ 47.337108][ T5003] loop5: detected capacity change from 0 to 128 [ 47.490055][ T5024] loop5: detected capacity change from 0 to 512 [ 47.507139][ T5025] loop6: detected capacity change from 0 to 512 [ 47.530791][ T5025] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode [ 47.551626][ T5025] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1317: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters [ 47.566724][ T5024] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.566: bg 0: block 393: padding at end of block bitmap is not set [ 47.585491][ T5025] EXT4-fs (loop6): 1 truncate cleaned up [ 47.591326][ T5024] loop5: lost filesystem error report for type 5 error -117 [ 47.591460][ C1] EXT4-fs (loop6): error count since last fsck: 1 [ 47.591630][ C0] EXT4-fs (loop5): error count since last fsck: 1 [ 47.598847][ C1] EXT4-fs (loop6): initial error at time 1774950195: ext4_mb_generate_buddy:1317 [ 47.598874][ C1] EXT4-fs (loop6): last error at time 1774950195: ext4_mb_generate_buddy:1317 [ 47.612355][ T5025] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 47.620965][ C0] EXT4-fs (loop5): initial error at time 1774950195: ext4_validate_block_bitmap:441 [ 47.620995][ C0] EXT4-fs (loop5): last error at time 1774950195: ext4_validate_block_bitmap:441 [ 47.633172][ T5024] EXT4-fs error (device loop5) in ext4_mb_clear_bb:6685: Corrupt filesystem [ 47.677476][ T5024] loop5: lost filesystem error report for type 5 error -117 [ 47.699593][ T4704] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 47.699825][ T5024] EXT4-fs (loop5): 2 truncates cleaned up [ 47.749256][ T5024] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 47.832778][ T4389] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 47.859052][ T5044] loop3: detected capacity change from 0 to 128 [ 48.053948][ T5060] ipvlan2: entered promiscuous mode [ 48.089604][ T5060] team0: Device ipvlan2 failed to register rx_handler [ 48.093705][ T5064] netlink: 4 bytes leftover after parsing attributes in process `syz.2.586'. [ 48.126083][ T5064] chnl_net:caif_netlink_parms(): no params data found [ 48.232389][ T3646] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 48.443886][ T5089] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=5089 comm=syz.5.597 [ 48.457654][ T5092] netlink: 8 bytes leftover after parsing attributes in process `syz.3.599'. [ 48.466799][ T5092] netlink: 'syz.3.599': attribute type 30 has an invalid length. [ 48.482382][ T119] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 48.522945][ T119] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 48.546265][ T119] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 48.565423][ T119] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 48.566352][ T5100] x_tables: ip6_tables: CLASSIFY target: used from hooks PREROUTING, but only usable from FORWARD/OUTPUT/POSTROUTING [ 48.605966][ T5106] loop2: detected capacity change from 0 to 512 [ 48.644747][ T5112] loop2: detected capacity change from 0 to 128 [ 48.817577][ T5130] netlink: 12 bytes leftover after parsing attributes in process `syz.2.614'. [ 48.920003][ T36] Bluetooth: hci1: Frame reassembly failed (-84) [ 48.971609][ T10] hid-generic 0000:0000:000E.0002: unknown main item tag 0x0 [ 48.979800][ T10] hid-generic 0000:0000:000E.0002: unknown main item tag 0x0 [ 48.987777][ T10] hid-generic 0000:0000:000E.0002: unknown main item tag 0x0 [ 48.995748][ T10] hid-generic 0000:0000:000E.0002: unknown main item tag 0x0 [ 49.003393][ T10] hid-generic 0000:0000:000E.0002: unknown main item tag 0x0 [ 49.011173][ T10] hid-generic 0000:0000:000E.0002: unknown main item tag 0x0 [ 49.020952][ T10] hid-generic 0000:0000:000E.0002: unknown main item tag 0x0 [ 49.030250][ T10] hid-generic 0000:0000:000E.0002: unknown main item tag 0x0 [ 49.040088][ T10] hid-generic 0000:0000:000E.0002: unknown main item tag 0x0 [ 49.049519][ T10] hid-generic 0000:0000:000E.0002: unknown main item tag 0x0 [ 49.060803][ T10] hid-generic 0000:0000:000E.0002: hidraw0: HID v0.00 Device [syz0] on syz0 [ 49.159955][ T5169] rtc_cmos 00:00: Alarms can be up to one day in the future [ 49.378814][ T5194] netlink: 24 bytes leftover after parsing attributes in process `syz.3.642'. [ 49.490794][ T5204] sctp: [Deprecated]: syz.4.647 (pid 5204) Use of int in max_burst socket option. [ 49.490794][ T5204] Use struct sctp_assoc_value instead [ 49.647005][ T5221] netlink: 'syz.4.654': attribute type 5 has an invalid length. [ 49.729033][ T5223] IPVS: wrr: UDP 224.0.0.2:0 - no destination available [ 49.736090][ T10] IPVS: starting estimator thread 0... [ 49.841521][ T5231] IPVS: using max 2544 ests per chain, 127200 per kthread [ 49.899371][ T10] rtc_cmos 00:00: Alarms can be up to one day in the future [ 49.908160][ T10] rtc_cmos 00:00: Alarms can be up to one day in the future [ 49.916774][ T10] rtc_cmos 00:00: Alarms can be up to one day in the future [ 49.924936][ T10] rtc_cmos 00:00: Alarms can be up to one day in the future [ 49.932449][ T10] rtc rtc0: __rtc_set_alarm: err=-22 [ 50.043943][ T5244] batadv_slave_1: entered promiscuous mode [ 50.050268][ T5244] batadv_slave_1: left promiscuous mode [ 50.445958][ T28] kauditd_printk_skb: 77 callbacks suppressed [ 50.445981][ T28] audit: type=1400 audit(1774950198.512:500): avc: denied { append } for pid=5263 comm="syz.4.673" name="ppp" dev="devtmpfs" ino=140 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1 [ 50.475163][ T43] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 50.511477][ T28] audit: type=1326 audit(1774950198.562:501): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5269 comm="syz.4.675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f89d1d6c819 code=0x7ffc0000 [ 50.545421][ T28] audit: type=1326 audit(1774950198.562:502): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5269 comm="syz.4.675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f89d1d6c819 code=0x7ffc0000 [ 50.572202][ T28] audit: type=1326 audit(1774950198.562:503): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5269 comm="syz.4.675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f89d1d6c819 code=0x7ffc0000 [ 50.597296][ T28] audit: type=1326 audit(1774950198.562:504): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5269 comm="syz.4.675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f89d1d6c819 code=0x7ffc0000 [ 50.620872][ T28] audit: type=1326 audit(1774950198.562:505): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5269 comm="syz.4.675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f89d1d6c819 code=0x7ffc0000 [ 50.644785][ T28] audit: type=1326 audit(1774950198.562:507): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5269 comm="syz.4.675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f89d1d6c819 code=0x7ffc0000 [ 50.668432][ T28] audit: type=1326 audit(1774950198.572:508): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5269 comm="syz.4.675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f89d1d6c819 code=0x7ffc0000 [ 50.693260][ T28] audit: type=1326 audit(1774950198.572:509): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5269 comm="syz.4.675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f89d1d6c819 code=0x7ffc0000 [ 50.717611][ T28] audit: type=1326 audit(1774950198.562:506): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5269 comm="syz.4.675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f89d1d6c819 code=0x7ffc0000 [ 50.853342][ T5294] loop5: detected capacity change from 0 to 256 [ 50.901379][ T5298] Invalid argument reading file caps for ./file0 [ 50.942783][ T5303] netlink: 8 bytes leftover after parsing attributes in process `syz.4.690'. [ 50.951836][ T3646] Bluetooth: hci1: Opcode 0x1003 failed: -110 [ 51.411130][ T5345] netlink: 24 bytes leftover after parsing attributes in process `syz.6.709'. [ 51.445284][ T5345] bond0: ARP target 8.4.0.0 is already present [ 51.455077][ T5345] bond0: option arp_ip_target: invalid value (1032) [ 51.691675][ T5368] IPVS: sync thread started: state = MASTER, mcast_ifn = ip_vti0, syncid = 4, id = 0 [ 51.912810][ T5400] batadv_slave_0: entered promiscuous mode [ 51.930510][ T5399] batadv_slave_0: left promiscuous mode [ 52.204710][ T5427] Invalid argument reading file caps for ./file0 [ 52.250005][ T5435] loop5: detected capacity change from 0 to 128 [ 52.256758][ T5436] loop4: detected capacity change from 0 to 512 [ 52.264203][ T5436] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 52.283477][ T5436] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.747: invalid indirect mapped block 9 (level 0) [ 52.296732][ T5436] loop4: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 52.297000][ T5436] EXT4-fs (loop4): 1 truncate cleaned up [ 52.306159][ C0] EXT4-fs (loop4): error count since last fsck: 1 [ 52.306187][ C0] EXT4-fs (loop4): initial error at time 1774950200: ext4_free_branches:1023: inode 11 [ 52.306221][ C0] EXT4-fs (loop4): last error at time 1774950200: ext4_free_branches:1023: inode 11 [ 52.327578][ T5435] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 52.329613][ T5436] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 52.342990][ T5435] ext4 filesystem being mounted at /54/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 52.434113][ T3318] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 52.475433][ T4389] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 52.551622][ T4429] Bluetooth: hci2: Opcode 0x1003 failed: -110 [ 52.827939][ T5508] netdevsim netdevsim3 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 52.843730][ T5508] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 52.866842][ T5512] netlink: 8 bytes leftover after parsing attributes in process `syz.5.770'. [ 52.879921][ T5512] vlan2: entered allmulticast mode [ 52.885255][ T5512] dummy0: entered allmulticast mode [ 52.890681][ T5512] bridge0: port 4(vlan2) entered blocking state [ 52.897386][ T5512] bridge0: port 4(vlan2) entered disabled state [ 52.904869][ T5512] vlan2: entered promiscuous mode [ 52.910096][ T5512] dummy0: entered promiscuous mode [ 52.930637][ T5508] netdevsim netdevsim3 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 52.941756][ T5508] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 52.959325][ T5518] xt_connbytes: Forcing CT accounting to be enabled [ 52.968261][ T5518] capability: warning: `syz.4.773' uses 32-bit capabilities (legacy support in use) [ 52.981280][ T5518] program syz.4.773 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 53.011760][ T5508] netdevsim netdevsim3 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 53.034115][ T5508] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 53.034215][ T5524] program syz.5.776 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 53.120117][ T5508] netdevsim netdevsim3 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 53.131843][ T5508] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 53.173263][ T5536] loop4: detected capacity change from 0 to 1024 [ 53.193128][ T5536] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 53.217129][ T56] netdevsim netdevsim3 eth0: set [0, 0] type 1 family 0 port 8472 - 0 [ 53.225585][ T56] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 53.234276][ T56] netdevsim netdevsim3 eth1: set [0, 0] type 1 family 0 port 8472 - 0 [ 53.236749][ T3318] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 53.242761][ T56] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 53.272489][ T56] netdevsim netdevsim3 eth2: set [0, 0] type 1 family 0 port 8472 - 0 [ 53.281158][ T56] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 53.290629][ T56] netdevsim netdevsim3 eth3: set [0, 0] type 1 family 0 port 8472 - 0 [ 53.320770][ T56] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 53.355208][ T5549] loop3: detected capacity change from 0 to 164 [ 53.366685][ T5549] rock: directory entry would overflow storage [ 53.373606][ T5549] rock: sig=0x5252, size=5, remaining=3 [ 53.911662][ T3646] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 53.912112][ T5146] Bluetooth: hci0: command 0x1003 tx timeout [ 53.966521][ T5577] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=5577 comm=syz.6.794 [ 54.025956][ T5583] loop6: detected capacity change from 0 to 512 [ 54.072020][ T5583] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode [ 54.132524][ T5583] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1317: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters [ 54.151464][ C0] EXT4-fs (loop6): error count since last fsck: 1 [ 54.157959][ C0] EXT4-fs (loop6): initial error at time 1774950202: ext4_mb_generate_buddy:1317 [ 54.167313][ C0] EXT4-fs (loop6): last error at time 1774950202: ext4_mb_generate_buddy:1317 [ 54.185248][ T5602] netlink: 'syz.5.799': attribute type 83 has an invalid length. [ 54.200004][ T5583] EXT4-fs (loop6): 1 truncate cleaned up [ 54.206580][ T5583] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 54.240983][ T5583] EXT4-fs error (device loop6) in ext4_setattr:6028: error 28 [ 54.261856][ T5605] loop2: detected capacity change from 0 to 256 [ 54.305879][ T5610] tap0: tun_chr_ioctl cmd 1074025675 [ 54.313080][ T4704] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 54.324404][ T5610] tap0: persist disabled [ 54.340396][ T5610] tap0: tun_chr_ioctl cmd 1074025675 [ 54.355776][ T5610] tap0: persist disabled [ 54.847325][ T5637] loop6: detected capacity change from 0 to 512 [ 54.882213][ T5637] EXT4-fs (loop6): mounting ext2 file system using the ext4 subsystem [ 54.908716][ T5642] loop5: detected capacity change from 0 to 2048 [ 54.923726][ T5637] EXT4-fs error (device loop6): mb_free_blocks:2049: group 0, inode 11: block 64:freeing already freed block (bit 63); block bitmap corrupt. [ 54.941451][ C0] EXT4-fs (loop6): error count since last fsck: 1 [ 54.947913][ C0] EXT4-fs (loop6): initial error at time 1774950203: mb_free_blocks:2049: inode 11: block 64 [ 54.958243][ C0] EXT4-fs (loop6): last error at time 1774950203: mb_free_blocks:2049: inode 11: block 64 [ 54.973520][ T5643] IPv6: NLM_F_REPLACE set, but no existing node found! [ 54.980756][ T5637] EXT4-fs error (device loop6): ext4_do_update_inode:5602: inode #11: comm syz.6.814: corrupted inode contents [ 54.993326][ T5637] loop6: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 54.993495][ T5637] EXT4-fs error (device loop6): ext4_dirty_inode:6495: inode #11: comm syz.6.814: mark_inode_dirty error [ 55.023297][ T3295] Alternate GPT is invalid, using primary GPT. [ 55.039837][ T3295] loop5: p1 p2 p3 [ 55.039877][ T5637] loop6: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 55.045029][ T5637] EXT4-fs error (device loop6): ext4_free_branches:1023: inode #11: comm syz.6.814: invalid indirect mapped block 1 (level 1) [ 55.068335][ T5637] loop6: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 55.068648][ T5637] EXT4-fs error (device loop6): ext4_do_update_inode:5602: inode #11: comm syz.6.814: corrupted inode contents [ 55.090314][ T5637] loop6: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 55.090508][ T5637] EXT4-fs error (device loop6) in ext4_orphan_del:303: Corrupt filesystem [ 55.092027][ T5642] Alternate GPT is invalid, using primary GPT. [ 55.112368][ T5637] loop6: lost filesystem error report for type 5 error -117 [ 55.122740][ T5637] EXT4-fs error (device loop6): ext4_do_update_inode:5602: inode #11: comm syz.6.814: corrupted inode contents [ 55.123822][ T5642] loop5: p1 p2 p3 [ 55.130371][ T5637] loop6: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 55.148569][ T5637] EXT4-fs error (device loop6): ext4_truncate:4602: inode #11: comm syz.6.814: mark_inode_dirty error [ 55.168943][ T5637] loop6: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 55.169159][ T5637] EXT4-fs error (device loop6) in ext4_process_orphan:345: Corrupt filesystem [ 55.187920][ T5637] loop6: lost filesystem error report for type 5 error -117 [ 55.188167][ T5637] EXT4-fs (loop6): 1 truncate cleaned up [ 55.202683][ T5637] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 55.270138][ T4704] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 55.272501][ T3301] udevd[3301]: inotify_add_watch(7, /dev/loop5p2, 10) failed: No such file or directory [ 55.290265][ T5652] xt_connbytes: Forcing CT accounting to be enabled [ 55.291794][ T3295] udevd[3295]: inotify_add_watch(7, /dev/loop5p1, 10) failed: No such file or directory [ 55.308947][ T3300] udevd[3300]: inotify_add_watch(7, /dev/loop5p3, 10) failed: No such file or directory [ 55.333078][ T5652] program syz.5.820 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 55.333449][ T3301] udevd[3301]: inotify_add_watch(7, /dev/loop5p2, 10) failed: No such file or directory [ 55.356179][ T3300] udevd[3300]: inotify_add_watch(7, /dev/loop5p3, 10) failed: No such file or directory [ 55.368368][ T3295] udevd[3295]: inotify_add_watch(7, /dev/loop5p1, 10) failed: No such file or directory [ 55.393397][ T5658] smc: net device bond0 applied user defined pnetid SYZ2 [ 55.407467][ T5658] netlink: 14 bytes leftover after parsing attributes in process `syz.6.823'. [ 55.425681][ T5658] smc: removing net device bond0 with user defined pnetid SYZ2 [ 55.435503][ T5658] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 55.446198][ T5658] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 55.472698][ T5658] bond0 (unregistering): Released all slaves [ 55.517157][ T28] kauditd_printk_skb: 75 callbacks suppressed [ 55.517174][ T28] audit: type=1400 audit(1774950203.582:585): avc: denied { ioctl } for pid=5662 comm="syz.5.825" path="/dev/usbmon0" dev="devtmpfs" ino=141 ioctlcmd=0x9207 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 55.701887][ T5676] IPVS: dh: UDP 224.0.0.2:0 - no destination available [ 55.708931][ T3391] IPVS: starting estimator thread 0... [ 55.811770][ T5681] IPVS: using max 2688 ests per chain, 134400 per kthread [ 55.859250][ T5696] netlink: 20 bytes leftover after parsing attributes in process `syz.4.839'. [ 55.921474][ T28] audit: type=1326 audit(1774950203.972:586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5699 comm="syz.4.841" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f89d1d6c819 code=0x0 [ 56.047923][ T28] audit: type=1326 audit(1774950204.052:587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5702 comm="syz.6.842" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f2fcd4bc819 code=0x0 [ 56.155056][ T28] audit: type=1400 audit(1774950204.222:588): avc: denied { read write } for pid=5714 comm="syz.5.846" name="loop-control" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1 [ 56.180465][ T28] audit: type=1400 audit(1774950204.222:589): avc: denied { open } for pid=5714 comm="syz.5.846" path="/dev/loop-control" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1 [ 56.205626][ T28] audit: type=1400 audit(1774950204.222:590): avc: denied { ioctl } for pid=5714 comm="syz.5.846" path="/dev/loop-control" dev="devtmpfs" ino=99 ioctlcmd=0x4c80 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1 [ 56.275585][ T5725] netlink: 20 bytes leftover after parsing attributes in process `syz.5.851'. [ 56.323210][ T5727] xt_hashlimit: size too large, truncated to 1048576 [ 56.555674][ T28] audit: type=1400 audit(1774950204.622:591): avc: denied { setopt } for pid=5749 comm="syz.3.861" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 56.770290][ T28] audit: type=1400 audit(1774950204.832:592): avc: denied { setopt } for pid=5778 comm="syz.3.869" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 56.786559][ T5783] pim6reg0: tun_chr_ioctl cmd 1074025694 [ 57.017535][ T28] audit: type=1400 audit(1774950205.082:593): avc: denied { map } for pid=5814 comm="syz.4.880" path="/dev/sg0" dev="devtmpfs" ino=137 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1 [ 57.109947][ T28] audit: type=1400 audit(1774950205.082:594): avc: denied { execute } for pid=5814 comm="syz.4.880" path="/dev/sg0" dev="devtmpfs" ino=137 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1 [ 57.124444][ T5830] loop4: detected capacity change from 0 to 512 [ 57.210312][ T5840] netlink: 4 bytes leftover after parsing attributes in process `syz.3.891'. [ 57.419735][ T5876] netlink: 16 bytes leftover after parsing attributes in process `syz.3.898'. [ 57.430295][ T5876] netlink: 16 bytes leftover after parsing attributes in process `syz.3.898'. [ 57.438979][ T5871] infiniband syz1: set active [ 57.446266][ T5871] infiniband syz1: added bond_slave_1 [ 57.463323][ T5871] RDS/IB: syz1: added [ 57.473239][ T5871] smc: adding ib device syz1 with port count 1 [ 57.488345][ T5871] smc: ib device syz1 port 1 has no pnetid [ 57.616464][ T5898] vxcan1: tx drop: invalid sa for name 0x0000000000000001 [ 57.755891][ T5903] netlink: 4 bytes leftover after parsing attributes in process `syz.4.906'. [ 57.894478][ T5909] loop4: detected capacity change from 0 to 512 [ 57.906666][ T5909] EXT4-fs: Ignoring removed bh option [ 57.921653][ T5909] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem [ 57.936203][ T5909] EXT4-fs (loop4): 1 truncate cleaned up [ 57.944041][ T5909] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 57.970214][ T3318] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 58.126886][ T5919] loop2: detected capacity change from 0 to 512 [ 58.145216][ T5919] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 58.158822][ T5919] ext4 filesystem being mounted at /171/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 58.183907][ T3312] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 58.342792][ T5929] loop2: detected capacity change from 0 to 128 [ 58.394555][ T3483] hid_parser_main: 7 callbacks suppressed [ 58.394575][ T3483] hid-generic 19EF:47889E4A:0008.0003: unknown main item tag 0x0 [ 58.408316][ T3483] hid-generic 19EF:47889E4A:0008.0003: unknown main item tag 0x0 [ 58.416164][ T3483] hid-generic 19EF:47889E4A:0008.0003: unknown main item tag 0x0 [ 58.424000][ T3483] hid-generic 19EF:47889E4A:0008.0003: unknown main item tag 0x0 [ 58.431902][ T3483] hid-generic 19EF:47889E4A:0008.0003: unknown main item tag 0x0 [ 58.439884][ T3483] hid-generic 19EF:47889E4A:0008.0003: unknown main item tag 0x0 [ 58.447693][ T3483] hid-generic 19EF:47889E4A:0008.0003: unknown main item tag 0x0 [ 58.455529][ T3483] hid-generic 19EF:47889E4A:0008.0003: unknown main item tag 0x0 [ 58.463753][ T3483] hid-generic 19EF:47889E4A:0008.0003: unknown main item tag 0x0 [ 58.471813][ T3483] hid-generic 19EF:47889E4A:0008.0003: unknown main item tag 0x0 [ 58.485200][ T5935] pim6reg1: entered promiscuous mode [ 58.490792][ T5935] pim6reg1: entered allmulticast mode [ 58.492517][ T3483] hid-generic 19EF:47889E4A:0008.0003: hidraw0: HID v0.2a Device [syz0] on syz1 [ 58.526923][ T5936] fido_id[5936]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 58.554859][ T5940] ref_ctr_offset mismatch. inode: 0x3a8 offset: 0x0 ref_ctr_offset(old): 0x44 ref_ctr_offset(new): 0x0 [ 58.777874][ T5961] syzkaller1: entered promiscuous mode [ 58.783904][ T5961] syzkaller1: entered allmulticast mode [ 59.008181][ T5988] netlink: 16 bytes leftover after parsing attributes in process `syz.4.944'. [ 59.091741][ T5997] netlink: 32 bytes leftover after parsing attributes in process `syz.4.949'. [ 59.183846][ T6004] loop4: detected capacity change from 0 to 164 [ 59.195533][ T6004] rock: directory entry would overflow storage [ 59.218769][ T6004] rock: sig=0x66, size=4, remaining=3 [ 59.300790][ T6012] loop3: detected capacity change from 0 to 512 [ 59.388181][ T6012] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 59.409172][ T6012] ext4 filesystem being mounted at /219/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 59.472137][ T3310] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 59.505175][ T6031] loop4: detected capacity change from 0 to 128 [ 59.512920][ T6032] loop6: detected capacity change from 0 to 512 [ 59.525453][ T6032] ext4: Unknown parameter 'nouser_xattr' [ 59.585456][ T6031] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 59.623552][ T6031] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 59.740819][ T12] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 59.949394][ T6063] loop3: detected capacity change from 0 to 256 [ 60.413711][ T6092] vcan0: tx drop: invalid sa for name 0x0000000000000003 [ 60.538138][ T6104] IPVS: dh: UDP 224.0.0.2:0 - no destination available [ 60.573385][ T28] kauditd_printk_skb: 64 callbacks suppressed [ 60.573403][ T28] audit: type=1400 audit(1774950208.642:659): avc: denied { read } for pid=6100 comm="syz.2.991" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 60.625274][ T28] audit: type=1326 audit(1774950208.682:660): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6106 comm="syz.4.993" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f89d1d6c819 code=0x7ffc0000 [ 60.649237][ T28] audit: type=1326 audit(1774950208.682:661): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6106 comm="syz.4.993" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f89d1d6c819 code=0x7ffc0000 [ 60.679703][ T28] audit: type=1326 audit(1774950208.682:662): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6106 comm="syz.4.993" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f89d1d6c819 code=0x7ffc0000 [ 60.703958][ T28] audit: type=1326 audit(1774950208.682:663): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6106 comm="syz.4.993" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f89d1d6c819 code=0x7ffc0000 [ 60.774404][ T28] audit: type=1326 audit(1774950208.682:664): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6106 comm="syz.4.993" exe="/root/syz-executor" sig=0 arch=c000003e syscall=152 compat=0 ip=0x7f89d1d6c819 code=0x7ffc0000 [ 60.846641][ T28] audit: type=1326 audit(1774950208.682:665): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6106 comm="syz.4.993" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f89d1d6c819 code=0x7ffc0000 [ 60.877764][ T28] audit: type=1326 audit(1774950208.682:666): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6106 comm="syz.4.993" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f89d1d6c819 code=0x7ffc0000 [ 60.913530][ T6123] rdma_rxe: rxe_newlink: failed to add bond_slave_1 [ 60.913847][ T28] audit: type=1326 audit(1774950208.682:667): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6106 comm="syz.4.993" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f89d1d6c819 code=0x7ffc0000 [ 60.951199][ T28] audit: type=1326 audit(1774950208.682:668): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6106 comm="syz.4.993" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f89d1d6c819 code=0x7ffc0000 [ 61.152996][ T6144] loop4: detected capacity change from 0 to 512 [ 61.162518][ T6145] EXT4-fs: Ignoring removed bh option [ 61.195913][ T6144] EXT4-fs: Ignoring removed i_version option [ 61.203545][ T6145] EXT4-fs (loop3): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: writeback. [ 61.218557][ T6145] ext4 filesystem being mounted at /227/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 61.229711][ T6144] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 61.251582][ T6144] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a84ee02c, mo2=0002] [ 61.261507][ T6144] System zones: 1-12 [ 61.265543][ T6144] EXT4-fs (loop4): orphan cleanup on readonly fs [ 61.281908][ T6144] EXT4-fs error (device loop4): ext4_get_branch:178: inode #11: block 33619980: comm syz.4.1010: invalid block [ 61.309508][ T6144] loop4: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 61.310347][ T6144] EXT4-fs (loop4): Remounting filesystem read-only [ 61.319643][ C0] EXT4-fs (loop4): error count since last fsck: 1 [ 61.319667][ C0] EXT4-fs (loop4): initial error at time 1774950209: ext4_get_branch:178: inode 11: block 33619980 [ 61.319703][ C0] EXT4-fs (loop4): last error at time 1774950209: ext4_get_branch:178: inode 11: block 33619980 [ 61.387108][ T6144] EXT4-fs (loop4): 1 truncate cleaned up [ 61.400328][ T6144] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: writeback. [ 61.477294][ T3318] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000007. [ 61.662405][ T6148] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm ext4lazyinit: bg 0: block 112: padding at end of block bitmap is not set [ 61.694084][ T50] EXT4-fs error (device loop3): ext4_map_blocks:828: inode #15: comm kworker/u8:3: lblock 0 mapped to illegal pblock 0 (length 6) [ 61.714500][ T50] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 6 with error 117 [ 61.733879][ T50] EXT4-fs (loop3): This should not happen!! Data will be lost [ 61.733879][ T50] [ 61.747616][ T50] EXT4-fs error (device loop3): ext4_map_blocks:828: inode #15: block 8: comm kworker/u8:3: lblock 8 mapped to illegal pblock 8 (length 8) [ 61.775822][ T50] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 8 with error 117 [ 61.794716][ T50] EXT4-fs (loop3): This should not happen!! Data will be lost [ 61.794716][ T50] [ 61.813150][ T50] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 2060 with max blocks 2048 with error 28 [ 61.826083][ T50] EXT4-fs (loop3): This should not happen!! Data will be lost [ 61.826083][ T50] [ 61.837321][ T50] EXT4-fs (loop3): Total free blocks count 0 [ 61.844259][ T50] EXT4-fs (loop3): Free/Dirty block details [ 61.850679][ T50] EXT4-fs (loop3): free_blocks=0 [ 61.900767][ T3310] EXT4-fs warning (device loop3): ext4_evict_inode:195: inode #15: comm syz-executor: data will be lost [ 62.149810][ T35] Process accounting resumed [ 62.186013][ T6216] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 62.281409][ T6225] set_capacity_and_notify: 1 callbacks suppressed [ 62.290652][ T6225] loop6: detected capacity change from 0 to 512 [ 62.367358][ T6225] EXT4-fs error (device loop6): ext4_free_branches:1023: inode #11: comm syz.6.1045: invalid indirect mapped block 256 (level 2) [ 62.388503][ T6225] loop6: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 62.390602][ T6225] EXT4-fs (loop6): 2 truncates cleaned up [ 62.399881][ C0] EXT4-fs (loop6): error count since last fsck: 1 [ 62.399904][ C0] EXT4-fs (loop6): initial error at time 1774950210: ext4_free_branches:1023: inode 11 [ 62.399933][ C0] EXT4-fs (loop6): last error at time 1774950210: ext4_free_branches:1023: inode 11 [ 62.431770][ T6225] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 62.465617][ T4704] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 62.512366][ T35] hid-generic 0000:0000:0000.0004: hidraw0: HID v0.00 Device [syz1] on syz0 [ 62.573402][ T6252] loop2: detected capacity change from 0 to 512 [ 62.617230][ T6252] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 62.641531][ T6252] ext4 filesystem being mounted at /202/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 62.692223][ T6258] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1058'. [ 62.701299][ T6258] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1058'. [ 62.741593][ T6258] netlink: 504 bytes leftover after parsing attributes in process `syz.3.1058'. [ 62.964961][ T6272] loop6: detected capacity change from 0 to 512 [ 62.987863][ T3312] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 63.003552][ T6272] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode [ 63.016568][ T6277] netlink: 104 bytes leftover after parsing attributes in process `syz.3.1066'. [ 63.033394][ T6272] EXT4-fs (loop6): 1 truncate cleaned up [ 63.039550][ T6272] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 63.208841][ T4704] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 63.228688][ T6283] serio: Serial port ttyS3 [ 63.351838][ T35] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 63.354518][ T6292] batadv_slave_1: entered promiscuous mode [ 63.383205][ T6291] loop2: detected capacity change from 0 to 2048 [ 63.385886][ T6288] batadv_slave_1: left promiscuous mode [ 63.392271][ T6291] EXT4-fs: Ignoring removed i_version option [ 63.418164][ T6296] sctp: [Deprecated]: syz.6.1074 (pid 6296) Use of int in max_burst socket option. [ 63.418164][ T6296] Use struct sctp_assoc_value instead [ 63.437292][ T6291] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 63.451957][ T6291] ext4 filesystem being mounted at /204/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 63.507382][ T6304] netlink: 7 bytes leftover after parsing attributes in process `syz.6.1077'. [ 63.513468][ T6306] syzkaller1: entered promiscuous mode [ 63.526042][ T6306] syzkaller1: entered allmulticast mode [ 63.578607][ T3312] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 63.676454][ T6323] loop6: detected capacity change from 0 to 1024 [ 63.691027][ T6323] EXT4-fs: inline encryption not supported [ 63.704280][ T6323] EXT4-fs (loop6): bad geometry: bigalloc file system with non-zero first_data_block [ 63.704280][ T6323] [ 64.403768][ T35] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 64.516721][ T35] kernel read not supported for file /newroot/218 (pid: 35 comm: kworker/1:1) [ 64.533101][ T1032] IPVS: starting estimator thread 0... [ 64.594638][ T6398] loop2: detected capacity change from 0 to 1024 [ 64.601611][ T6398] EXT4-fs: Ignoring removed oldalloc option [ 64.608316][ T6398] EXT4-fs (loop2): couldn't mount as ext3 due to feature incompatibilities [ 64.621508][ T6391] IPVS: using max 2592 ests per chain, 129600 per kthread [ 64.710372][ T6406] netem: incorrect gi model size [ 64.715685][ T1032] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 64.716052][ T6406] netem: change failed [ 64.851606][ T6414] syzkaller0: tun_chr_ioctl cmd 1074025672 [ 64.860811][ T6414] syzkaller0: ignored: set checksum disabled [ 64.873946][ T6414] syzkaller0: tun_chr_ioctl cmd 35111 [ 65.271537][ T3646] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 65.274238][ T5146] Bluetooth: hci0: command 0x1003 tx timeout [ 65.399281][ T6458] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1147'. [ 65.430765][ T6458] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1147'. [ 65.440159][ T3398] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 65.656243][ T28] kauditd_printk_skb: 159 callbacks suppressed [ 65.656261][ T28] audit: type=1400 audit(1774950213.722:828): avc: denied { connect } for pid=6476 comm="syz.3.1156" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 65.732602][ T28] audit: type=1400 audit(1774950213.762:829): avc: denied { bind } for pid=6476 comm="syz.3.1156" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 65.770306][ T28] audit: type=1400 audit(1774950213.772:830): avc: denied { write } for pid=6476 comm="syz.3.1156" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 65.780011][ T6484] loop4: detected capacity change from 0 to 512 [ 65.789991][ T28] audit: type=1400 audit(1774950213.772:831): avc: denied { getopt } for pid=6476 comm="syz.3.1156" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 65.832017][ T6484] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 65.848249][ T6487] batadv_slave_1: entered promiscuous mode [ 65.854558][ T6486] batadv_slave_1: left promiscuous mode [ 65.869062][ T6484] ext4 filesystem being mounted at /242/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 65.912244][ T6479] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 65.928274][ T6479] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 65.937119][ T6491] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1162'. [ 66.088911][ T6497] loop3: detected capacity change from 0 to 512 [ 66.113874][ T6497] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 66.128053][ T6497] EXT4-fs (loop3): 1 truncate cleaned up [ 66.140817][ T6497] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 66.172798][ T3310] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 66.199896][ T3318] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 66.295055][ T6512] netlink: 16 bytes leftover after parsing attributes in process `syz.6.1172'. [ 66.403708][ T28] audit: type=1400 audit(1774950214.462:832): avc: denied { append } for pid=6517 comm="syz.4.1175" name="sg0" dev="devtmpfs" ino=137 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1 [ 66.428572][ T28] audit: type=1400 audit(1774950214.462:833): avc: denied { map } for pid=6517 comm="syz.4.1175" path="/dev/sg0" dev="devtmpfs" ino=137 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1 [ 66.473283][ T3398] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 66.485272][ T28] audit: type=1400 audit(1774950214.462:834): avc: denied { execute } for pid=6517 comm="syz.4.1175" path="/dev/sg0" dev="devtmpfs" ino=137 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1 [ 66.510481][ T28] audit: type=1400 audit(1774950214.552:835): avc: denied { execute } for pid=6525 comm="syz.4.1179" path=2F616E6F6E5F6875676570616765202864656C6574656429 dev="hugetlbfs" ino=15478 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1 [ 66.575645][ T28] audit: type=1400 audit(1774950214.612:836): avc: denied { read write } for pid=6527 comm="syz.4.1180" name="rdma_cm" dev="devtmpfs" ino=252 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:infiniband_device_t tclass=chr_file permissive=1 [ 66.607934][ T28] audit: type=1400 audit(1774950214.612:837): avc: denied { open } for pid=6527 comm="syz.4.1180" path="/dev/infiniband/rdma_cm" dev="devtmpfs" ino=252 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:infiniband_device_t tclass=chr_file permissive=1 [ 66.644885][ T6543] xt_hashlimit: size too large, truncated to 1048576 [ 66.873420][ T6565] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 66.900894][ T6565] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 66.912173][ T6565] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 66.920689][ T6571] loop2: detected capacity change from 0 to 256 [ 66.920818][ T6565] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 66.936992][ T6565] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 66.950122][ T6571] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 66.985302][ T6575] loop3: detected capacity change from 0 to 256 [ 67.039299][ T6581] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 67.053929][ T6581] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 67.056869][ T6583] EXT4-fs: Ignoring removed oldalloc option [ 67.079429][ T6583] EXT4-fs error (device loop3): ext4_iget_extra_inode:5040: inode #15: comm syz.3.1202: corrupted in-inode xattr: invalid ea_ino [ 67.093345][ T6583] loop3: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 67.093656][ T6583] EXT4-fs error (device loop3): ext4_orphan_get:1402: comm syz.3.1202: couldn't read orphan inode 15 (err -117) [ 67.103089][ C0] EXT4-fs (loop3): error count since last fsck: 1 [ 67.103112][ C0] EXT4-fs (loop3): initial error at time 1774950215: ext4_iget_extra_inode:5040: inode 15 [ 67.103138][ C0] EXT4-fs (loop3): last error at time 1774950215: ext4_iget_extra_inode:5040: inode 15 [ 67.141171][ T6583] loop3: lost filesystem error report for type 5 error -117 [ 67.142817][ T6583] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 67.180381][ T3310] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 67.194648][ T6588] ªªªªªª: renamed from dummy0 (while UP) [ 67.342712][ T6599] netlink: 14 bytes leftover after parsing attributes in process `syz.6.1209'. [ 67.555163][ T6614] set_capacity_and_notify: 2 callbacks suppressed [ 67.555207][ T6614] loop5: detected capacity change from 0 to 1024 [ 67.587937][ T6614] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 67.626021][ T4389] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 67.758888][ T6633] loop6: detected capacity change from 0 to 512 [ 67.778111][ T6633] EXT4-fs (loop6): 1 truncate cleaned up [ 67.804300][ T6633] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 67.867282][ T4704] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 68.248368][ T6658] loop6: detected capacity change from 0 to 8192 [ 68.497351][ T6684] loop4: detected capacity change from 0 to 512 [ 68.547202][ T6684] EXT4-fs error (device loop4): ext4_do_update_inode:5602: inode #3: comm syz.4.1247: corrupted inode contents [ 68.559472][ T23] net_ratelimit: 11 callbacks suppressed [ 68.559489][ T23] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 68.578490][ T6684] loop4: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117 [ 68.578727][ T6684] EXT4-fs error (device loop4): ext4_dirty_inode:6495: inode #3: comm syz.4.1247: mark_inode_dirty error [ 68.588088][ C0] EXT4-fs (loop4): error count since last fsck: 1 [ 68.588111][ C0] EXT4-fs (loop4): initial error at time 1774950216: ext4_do_update_inode:5602: inode 3 [ 68.588149][ C0] EXT4-fs (loop4): last error at time 1774950216: ext4_do_update_inode:5602: inode 3 [ 68.625860][ T6684] loop4: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117 [ 68.630614][ T6684] EXT4-fs error (device loop4): ext4_do_update_inode:5602: inode #3: comm syz.4.1247: corrupted inode contents [ 68.651916][ T6684] loop4: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117 [ 68.653486][ T6684] EXT4-fs error (device loop4): __ext4_ext_dirty:207: inode #3: comm syz.4.1247: mark_inode_dirty error [ 68.673902][ T6684] loop4: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117 [ 68.674223][ T6684] EXT4-fs error (device loop4): ext4_acquire_dquot:7026: comm syz.4.1247: Failed to acquire dquot type 0 [ 68.694689][ T6684] loop4: lost filesystem error report for type 5 error -117 [ 68.702496][ T6684] EXT4-fs error (device loop4): ext4_do_update_inode:5602: inode #16: comm syz.4.1247: corrupted inode contents [ 68.735229][ T6684] loop4: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117 [ 68.741480][ T6684] EXT4-fs error (device loop4): ext4_dirty_inode:6495: inode #16: comm syz.4.1247: mark_inode_dirty error [ 68.762971][ T6684] loop4: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117 [ 68.771485][ T6684] EXT4-fs error (device loop4): ext4_do_update_inode:5602: inode #16: comm syz.4.1247: corrupted inode contents [ 68.804841][ T6684] loop4: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117 [ 68.805239][ T6684] EXT4-fs error (device loop4): __ext4_ext_dirty:207: inode #16: comm syz.4.1247: mark_inode_dirty error [ 68.851485][ T6684] loop4: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117 [ 68.858000][ T6684] EXT4-fs error (device loop4): ext4_do_update_inode:5602: inode #16: comm syz.4.1247: corrupted inode contents [ 68.882256][ T3398] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 68.901510][ T6684] loop4: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117 [ 68.902142][ T6684] EXT4-fs error (device loop4) in ext4_orphan_del:303: Corrupt filesystem [ 68.939135][ T6684] loop4: lost filesystem error report for type 5 error -117 [ 68.943934][ T6684] EXT4-fs error (device loop4): ext4_do_update_inode:5602: inode #16: comm syz.4.1247: corrupted inode contents [ 68.968933][ T6684] EXT4-fs error (device loop4): ext4_truncate:4602: inode #16: comm syz.4.1247: mark_inode_dirty error [ 68.991296][ T6701] SELinux: failed to load policy [ 68.998693][ T6699] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 69.007814][ T6699] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 69.035354][ T6699] syz.3.1251 (6699) used greatest stack depth: 8104 bytes left [ 69.065356][ T6684] EXT4-fs error (device loop4) in ext4_process_orphan:345: Corrupt filesystem [ 69.081920][ T6684] loop4: lost filesystem error report for type 5 error -117 [ 69.082287][ T6684] EXT4-fs (loop4): 1 truncate cleaned up [ 69.096207][ T6684] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 69.108962][ T6684] ext4 filesystem being mounted at /259/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 69.139171][ T6707] loop5: detected capacity change from 0 to 256 [ 69.157558][ T6684] EXT4-fs warning (device loop4): ext4_es_cache_extent:1082: inode #3: comm syz.4.1247: ES cache extent failed: add [1,1,41,0x1] conflict with existing [1,-2,576460752303423487,0x18] [ 69.157558][ T6684] [ 69.161255][ T6707] FAT-fs (loop5): Directory bread(block 64) failed [ 69.191499][ T6707] FAT-fs (loop5): Directory bread(block 65) failed [ 69.234023][ T6711] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 69.238076][ T6707] FAT-fs (loop5): Directory bread(block 66) failed [ 69.255151][ T6711] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 69.259931][ T6707] FAT-fs (loop5): Directory bread(block 67) failed [ 69.275008][ T6707] FAT-fs (loop5): Directory bread(block 68) failed [ 69.282471][ T6707] FAT-fs (loop5): Directory bread(block 69) failed [ 69.297458][ T6707] FAT-fs (loop5): Directory bread(block 70) failed [ 69.299023][ T6711] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 69.310530][ T3318] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 69.313096][ T6716] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 69.324331][ T6707] FAT-fs (loop5): Directory bread(block 71) failed [ 69.331368][ T6716] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 69.337232][ T6707] FAT-fs (loop5): Directory bread(block 72) failed [ 69.345848][ T6716] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 69.359668][ T6707] FAT-fs (loop5): Directory bread(block 73) failed [ 69.380465][ T6718] program syz.4.1259 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 69.417808][ T6707] syz.5.1255: attempt to access beyond end of device [ 69.417808][ T6707] loop5: rw=8388608, sector=1192, nr_sectors = 4 limit=256 [ 69.420454][ T6720] syzkaller1: entered promiscuous mode [ 69.434855][ T6707] syz.5.1255: attempt to access beyond end of device [ 69.434855][ T6707] loop5: rw=8388608, sector=1192, nr_sectors = 4 limit=256 [ 69.448930][ T6720] syzkaller1: entered allmulticast mode [ 69.559710][ T6730] netlink: 88 bytes leftover after parsing attributes in process `syz.6.1265'. [ 69.692328][ T6741] loop4: detected capacity change from 0 to 512 [ 69.754951][ T6741] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 69.771549][ T6741] ext4 filesystem being mounted at /263/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 69.807228][ T6751] Invalid logical block size (2) [ 69.821148][ T6741] EXT4-fs (loop4): shut down requested (0) [ 69.930339][ T3318] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 70.068580][ T6765] netlink: 'syz.6.1279': attribute type 12 has an invalid length. [ 70.099034][ T6765] netlink: 'syz.6.1279': attribute type 29 has an invalid length. [ 70.127867][ T6765] netlink: 148 bytes leftover after parsing attributes in process `syz.6.1279'. [ 70.157618][ T6765] netlink: 43 bytes leftover after parsing attributes in process `syz.6.1279'. [ 70.227595][ T6779] hugetlbfs: syz.4.1282 (6779): Using mlock ulimits for SHM_HUGETLB is obsolete [ 70.583935][ T35] kernel read not supported for file /282/ns (pid: 35 comm: kworker/1:1) [ 70.608595][ T6814] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1298'. [ 70.668733][ T6814] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1298'. [ 70.676241][ T6822] loop2: detected capacity change from 0 to 512 [ 70.762814][ T6822] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 70.803193][ T6834] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1547 sclass=netlink_route_socket pid=6834 comm=syz.4.1308 [ 70.834289][ T6822] ext4 filesystem being mounted at /250/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 70.861951][ T28] kauditd_printk_skb: 62 callbacks suppressed [ 70.861969][ T28] audit: type=1400 audit(1774950218.932:897): avc: denied { create } for pid=6820 comm="syz.2.1304" name="errors=remount-ro,grpquota," scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1 [ 70.898016][ T6837] loop6: detected capacity change from 0 to 512 [ 70.935644][ T3312] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 70.959069][ T6837] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 70.979058][ T6837] ext4 filesystem being mounted at /132/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 71.048041][ T6847] loop4: detected capacity change from 0 to 512 [ 71.066542][ T6847] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 71.137842][ T6847] EXT4-fs (loop4): 1 truncate cleaned up [ 71.158765][ T6847] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 71.361072][ T28] audit: type=1400 audit(1774950219.422:898): avc: denied { sqpoll } for pid=6861 comm="syz.3.1318" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1 [ 71.390245][ T4704] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 71.465457][ T3318] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 71.504973][ T28] audit: type=1326 audit(1774950219.572:899): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6874 comm="syz.3.1323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b5b53c819 code=0x7ffc0000 [ 71.528769][ T28] audit: type=1326 audit(1774950219.572:900): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6874 comm="syz.3.1323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b5b53c819 code=0x7ffc0000 [ 71.552533][ T28] audit: type=1326 audit(1774950219.572:901): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6874 comm="syz.3.1323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b5b53c819 code=0x7ffc0000 [ 71.581534][ T28] audit: type=1326 audit(1774950219.572:902): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6874 comm="syz.3.1323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f6b5b53c819 code=0x7ffc0000 [ 71.605437][ T28] audit: type=1326 audit(1774950219.572:903): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6874 comm="syz.3.1323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b5b53c819 code=0x7ffc0000 [ 71.629618][ T28] audit: type=1326 audit(1774950219.572:904): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6874 comm="syz.3.1323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b5b53c819 code=0x7ffc0000 [ 71.656905][ T28] audit: type=1326 audit(1774950219.572:905): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6874 comm="syz.3.1323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b5b53c819 code=0x7ffc0000 [ 71.686012][ T28] audit: type=1326 audit(1774950219.572:906): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6874 comm="syz.3.1323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b5b53c819 code=0x7ffc0000 [ 72.235153][ T6902] loop6: detected capacity change from 0 to 512 [ 72.272710][ T6902] EXT4-fs: Ignoring removed mblk_io_submit option [ 72.285329][ T6902] EXT4-fs error (device loop6): __ext4_iget:5393: inode #11: block 1: comm syz.6.1332: invalid block [ 72.298610][ T6902] fserror_report: 2 callbacks suppressed [ 72.298626][ T6902] loop6: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 72.304902][ T6902] EXT4-fs error (device loop6): ext4_orphan_get:1402: comm syz.6.1332: couldn't read orphan inode 11 (err -117) [ 72.314390][ C0] EXT4-fs (loop6): error count since last fsck: 1 [ 72.314416][ C0] EXT4-fs (loop6): initial error at time 1774950220: __ext4_iget:5393: inode 11: block 1 [ 72.314453][ C0] EXT4-fs (loop6): last error at time 1774950220: __ext4_iget:5393: inode 11: block 1 [ 72.353161][ T6902] loop6: lost filesystem error report for type 5 error -117 [ 72.362258][ T6902] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 72.583188][ T6924] netlink: 56 bytes leftover after parsing attributes in process `syz.4.1345'. [ 72.592672][ T6922] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1344'. [ 72.603251][ T6922] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1344'. [ 72.839894][ T6955] netlink: 'syz.4.1357': attribute type 3 has an invalid length. [ 72.892466][ T6963] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1360'. [ 72.953839][ T6957] set_capacity_and_notify: 1 callbacks suppressed [ 72.953858][ T6957] loop5: detected capacity change from 0 to 8192 [ 73.119236][ T6977] loop3: detected capacity change from 0 to 2048 [ 73.153058][ T6977] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 73.219548][ T3310] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 73.360745][ T6999] loop2: detected capacity change from 0 to 512 [ 73.389312][ T6999] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 73.442986][ T3312] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 73.586687][ T7026] syzkaller1: entered promiscuous mode [ 73.606906][ T7030] loop4: detected capacity change from 0 to 512 [ 73.616735][ T7025] loop5: detected capacity change from 0 to 2048 [ 73.619729][ T7026] syzkaller1: entered allmulticast mode [ 73.648226][ T7025] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 73.663618][ T7025] ext4 filesystem being mounted at /190/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 73.681211][ T7030] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 73.699526][ T7025] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 73.729798][ T3318] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 73.751774][ T35] net_ratelimit: 1049 callbacks suppressed [ 73.751789][ T35] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 73.794760][ T7047] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1547 sclass=netlink_route_socket pid=7047 comm=syz.6.1397 [ 73.894210][ T7058] capability: warning: `syz.6.1401' uses deprecated v2 capabilities in a way that may be insecure [ 73.950817][ T7067] loop2: detected capacity change from 0 to 512 [ 73.970236][ T7067] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 74.005058][ T7067] EXT4-fs (loop2): 1 truncate cleaned up [ 74.010898][ T7070] syzkaller1: entered promiscuous mode [ 74.011895][ T7067] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 74.016660][ T7070] syzkaller1: entered allmulticast mode [ 74.216734][ T7079] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1409'. [ 74.298336][ T3312] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 74.303927][ T7053] loop5: detected capacity change from 0 to 1024 [ 74.333655][ T7053] EXT4-fs: Ignoring removed nomblk_io_submit option [ 74.392088][ T7053] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 74.409454][ T7092] syzkaller1: entered promiscuous mode [ 74.419920][ T7092] syzkaller1: entered allmulticast mode [ 74.426696][ T7053] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e054c018, mo2=0002] [ 74.453487][ T7053] System zones: 0-1, 3-36 [ 74.499949][ T7053] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 74.522823][ T7102] loop4: detected capacity change from 0 to 128 [ 74.539177][ T4389] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 74.612112][ T7110] syz.4.1420: attempt to access beyond end of device [ 74.612112][ T7110] loop4: rw=2049, sector=145, nr_sectors = 16 limit=128 [ 74.662215][ T7110] syz.4.1420: attempt to access beyond end of device [ 74.662215][ T7110] loop4: rw=2049, sector=169, nr_sectors = 8 limit=128 [ 74.689001][ T7113] loop3: detected capacity change from 0 to 512 [ 74.701706][ T7113] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 74.753314][ T7113] EXT4-fs (loop3): 1 truncate cleaned up [ 74.765656][ T7113] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 74.779599][ T7110] syz.4.1420: attempt to access beyond end of device [ 74.779599][ T7110] loop4: rw=2049, sector=185, nr_sectors = 8 limit=128 [ 74.793784][ T23] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 74.809833][ T7121] team0 (unregistering): Port device team_slave_0 removed [ 74.825034][ T7122] loop5: detected capacity change from 0 to 1024 [ 74.832951][ T7121] team0 (unregistering): Port device team_slave_1 removed [ 74.855737][ T7110] syz.4.1420: attempt to access beyond end of device [ 74.855737][ T7110] loop4: rw=2049, sector=201, nr_sectors = 8 limit=128 [ 74.869393][ T7110] syz.4.1420: attempt to access beyond end of device [ 74.869393][ T7110] loop4: rw=2049, sector=217, nr_sectors = 8 limit=128 [ 74.883289][ T7110] syz.4.1420: attempt to access beyond end of device [ 74.883289][ T7110] loop4: rw=2049, sector=233, nr_sectors = 8 limit=128 [ 74.885126][ T7122] EXT4-fs: Ignoring removed orlov option [ 74.897101][ T7110] syz.4.1420: attempt to access beyond end of device [ 74.897101][ T7110] loop4: rw=2049, sector=249, nr_sectors = 8 limit=128 [ 74.917717][ T7110] syz.4.1420: attempt to access beyond end of device [ 74.917717][ T7110] loop4: rw=2049, sector=265, nr_sectors = 8 limit=128 [ 74.951573][ T3483] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 74.953189][ T7110] syz.4.1420: attempt to access beyond end of device [ 74.953189][ T7110] loop4: rw=2049, sector=281, nr_sectors = 8 limit=128 [ 74.979313][ T7110] syz.4.1420: attempt to access beyond end of device [ 74.979313][ T7110] loop4: rw=2049, sector=297, nr_sectors = 8 limit=128 [ 75.022846][ T7122] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 75.154083][ T4389] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 75.166021][ T3310] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 75.470531][ T7183] Invalid argument reading file caps for ./file0 [ 75.841779][ T23] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 75.863227][ T7223] syzkaller0: tun_chr_ioctl cmd 1074025680 [ 75.869802][ T7223] syzkaller0: tun_chr_ioctl cmd 1074025673 [ 75.997591][ T7231] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 76.011921][ T7231] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 76.047562][ T7234] __nla_validate_parse: 2 callbacks suppressed [ 76.047578][ T7234] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1475'. [ 76.213014][ T28] kauditd_printk_skb: 68 callbacks suppressed [ 76.213030][ T28] audit: type=1400 audit(1774950224.282:975): avc: denied { getopt } for pid=7238 comm="syz.3.1478" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 76.461115][ T7263] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 76.474100][ T7263] ext4 filesystem being mounted at /313/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 76.501047][ T28] audit: type=1400 audit(1774950224.552:976): avc: denied { map } for pid=7262 comm="syz.3.1488" path="/313/file1/file1" dev="loop3" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 76.532935][ T3310] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 76.634205][ T7277] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 76.667878][ T7283] EXT4-fs: Ignoring removed orlov option [ 76.674876][ T7277] ext4 filesystem being mounted at /314/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 76.705266][ T7283] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 76.725720][ T7277] EXT4-fs error (device loop3): ext4_do_update_inode:5602: inode #2: comm syz.3.1490: corrupted inode contents [ 76.745846][ T7277] EXT4-fs error (device loop3): ext4_dirty_inode:6495: inode #2: comm syz.3.1490: mark_inode_dirty error [ 76.754800][ T7286] EXT4-fs (loop3): shut down requested (1) [ 76.757706][ T7277] EXT4-fs error (device loop3): ext4_do_update_inode:5602: inode #2: comm syz.3.1490: corrupted inode contents [ 76.774159][ T3312] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 76.774977][ T7277] EXT4-fs error (device loop3): __ext4_ext_dirty:207: inode #2: comm syz.3.1490: mark_inode_dirty error [ 76.839964][ T3310] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 76.871790][ T3398] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 76.991288][ T7294] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 77.002605][ T7294] EXT4-fs (loop5): 1 truncate cleaned up [ 77.008833][ T7294] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 77.066760][ T7299] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1501'. [ 77.090155][ T7299] tipc: Started in network mode [ 77.095309][ T7299] tipc: Node identity 5, cluster identity 3 [ 77.111911][ T7299] tipc: Node number set to 5 [ 77.232448][ T4389] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 77.296690][ T7309] EXT4-fs: test_dummy_encryption option not supported [ 77.371742][ T28] audit: type=1400 audit(1774950225.432:977): avc: denied { write } for pid=7307 comm="syz.5.1504" path="socket:[17887]" dev="sockfs" ino=17887 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 77.399440][ T7319] netlink: 'syz.6.1510': attribute type 1 has an invalid length. [ 77.500016][ T28] audit: type=1400 audit(1774950225.562:978): avc: denied { read } for pid=7330 comm="syz.2.1516" name="loop-control" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1 [ 77.532031][ T28] audit: type=1400 audit(1774950225.602:979): avc: denied { open } for pid=7330 comm="syz.2.1516" path="/dev/loop-control" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1 [ 77.566791][ T28] audit: type=1400 audit(1774950225.602:980): avc: denied { ioctl } for pid=7330 comm="syz.2.1516" path="/dev/loop-control" dev="devtmpfs" ino=99 ioctlcmd=0x4c82 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1 [ 77.610858][ T28] audit: type=1400 audit(1774950225.672:981): avc: denied { connect } for pid=7342 comm="syz.6.1520" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 77.753693][ T7360] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1528'. [ 77.798838][ T7358] bridge0: port 2(bridge_slave_1) entered disabled state [ 77.806158][ T7358] bridge0: port 1(bridge_slave_0) entered disabled state [ 77.984768][ T7384] netlink: 336 bytes leftover after parsing attributes in process `syz.3.1535'. [ 77.995195][ T7386] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 78.006901][ T7384] netlink: 336 bytes leftover after parsing attributes in process `syz.3.1535'. [ 78.009040][ T35] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 78.046898][ T35] kernel write not supported for file bpf-prog (pid: 35 comm: kworker/1:1) [ 78.091731][ T56] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 78.105004][ T28] audit: type=1400 audit(1774950226.172:982): avc: denied { getopt } for pid=7392 comm="syz.5.1538" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 78.111561][ T56] netdevsim netdevsim4 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 78.156217][ T7396] netlink: 'syz.3.1537': attribute type 13 has an invalid length. [ 78.158048][ T7398] set_capacity_and_notify: 6 callbacks suppressed [ 78.158063][ T7398] loop5: detected capacity change from 0 to 512 [ 78.181594][ T56] netdevsim netdevsim4 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 78.192079][ T28] audit: type=1400 audit(1774950226.202:983): avc: denied { create } for pid=7392 comm="syz.5.1538" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_connector_socket permissive=1 [ 78.230207][ T7402] loop2: detected capacity change from 0 to 128 [ 78.233190][ T28] audit: type=1400 audit(1774950226.202:984): avc: denied { setopt } for pid=7392 comm="syz.5.1538" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_connector_socket permissive=1 [ 78.260847][ T7396] gretap0: refused to change device tx_queue_len [ 78.276857][ T7398] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 78.291182][ T7396] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check. [ 78.310472][ T7402] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 78.322541][ T7398] EXT4-fs (loop5): couldn't mount as ext2 due to feature incompatibilities [ 78.332116][ T7402] ext4 filesystem being mounted at /299/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 78.372131][ T56] netdevsim netdevsim4 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 78.422679][ T3312] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 78.505465][ T7422] loop4: detected capacity change from 0 to 512 [ 78.534339][ T7422] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 78.560323][ T7422] ext4 filesystem being mounted at /316/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 78.575816][ T7422] EXT4-fs error (device loop4): ext4_do_update_inode:5602: inode #2: comm syz.4.1550: corrupted inode contents [ 78.590813][ T7422] EXT4-fs error (device loop4): ext4_dirty_inode:6495: inode #2: comm syz.4.1550: mark_inode_dirty error [ 78.602932][ T7422] EXT4-fs error (device loop4): ext4_do_update_inode:5602: inode #2: comm syz.4.1550: corrupted inode contents [ 78.615531][ T7422] EXT4-fs error (device loop4): __ext4_ext_dirty:207: inode #2: comm syz.4.1550: mark_inode_dirty error [ 78.632014][ T7437] EXT4-fs warning (device loop4): ext4_es_cache_extent:1082: inode #2: comm syz.4.1550: ES cache extent failed: add [0,1,21,0x1] conflict with existing [0,8,576460752303423487,0x18] [ 78.632014][ T7437] [ 78.659765][ T7438] loop3: detected capacity change from 0 to 512 [ 78.665447][ T7437] EXT4-fs error (device loop4): ext4_do_update_inode:5602: inode #2: comm syz.4.1550: corrupted inode contents [ 78.683902][ T7437] EXT4-fs error (device loop4): ext4_append:88: inode #2: comm syz.4.1550: mark_inode_dirty error [ 78.696075][ T7437] EXT4-fs error (device loop4) in ext4_append:100: Corrupt filesystem [ 78.710523][ T7422] EXT4-fs error (device loop4): ext4_do_update_inode:5602: inode #2: comm syz.4.1550: corrupted inode contents [ 78.723040][ T7422] EXT4-fs error (device loop4): add_dirent_to_buf:2151: inode #2: comm syz.4.1550: mark_inode_dirty error [ 78.754830][ T7438] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 78.778994][ T3318] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 78.787630][ T7438] ext4 filesystem being mounted at /323/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 78.871692][ T7438] loop3: detected capacity change from 512 to 0 [ 78.903320][ T3310] EXT4-fs error (device loop3): ext4_get_inode_loc:4935: inode #2: block 34: comm syz-executor: unable to read itable block [ 78.920797][ T3310] Buffer I/O error on dev loop3, logical block 0, lost sync page write [ 78.929523][ T3310] EXT4-fs (loop3): I/O error while writing superblock [ 78.942338][ T3310] EXT4-fs (loop3): Remounting filesystem read-only [ 79.007012][ T4269] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 79.041947][ T3398] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 79.061942][ T7445] Buffer I/O error on dev loop3, logical block 12, lost sync page write [ 79.258510][ T7507] netlink: 'syz.6.1573': attribute type 6 has an invalid length. [ 79.326893][ T7516] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=263 sclass=netlink_audit_socket pid=7516 comm=syz.5.1575 [ 79.751938][ T7386] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 79.846190][ T7515] chnl_net:caif_netlink_parms(): no params data found [ 79.907316][ T7515] bridge0: port 1(bridge_slave_0) entered blocking state [ 79.921834][ T7515] bridge0: port 1(bridge_slave_0) entered disabled state [ 79.935094][ T7515] bridge_slave_0: entered allmulticast mode [ 79.937266][ T7632] loop5: detected capacity change from 0 to 128 [ 79.948521][ T7515] bridge_slave_0: entered promiscuous mode [ 79.962282][ T7632] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 79.962562][ T7515] bridge0: port 2(bridge_slave_1) entered blocking state [ 79.981334][ T7515] bridge0: port 2(bridge_slave_1) entered disabled state [ 79.988956][ T7515] bridge_slave_1: entered allmulticast mode [ 79.992780][ T7629] loop4: detected capacity change from 0 to 8192 [ 80.000219][ T7515] bridge_slave_1: entered promiscuous mode [ 80.019457][ T7515] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 80.030890][ T7515] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 80.046635][ T7632] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 80.052438][ T7515] team0: Port device team_slave_0 added [ 80.063529][ T7515] team0: Port device team_slave_1 added [ 80.071569][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 80.080069][ T7375] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 80.108370][ T7597] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 80.119663][ T7515] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 80.131669][ T7515] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 80.159297][ T7515] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 80.171033][ T7515] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 80.178183][ T7515] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 80.204659][ T7515] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 80.259796][ T7515] hsr_slave_0: entered promiscuous mode [ 80.280960][ T7515] hsr_slave_1: entered promiscuous mode [ 80.325416][ T7515] debugfs: 'hsr0' already exists in 'hsr' [ 80.350156][ T7515] Cannot create hsr debugfs directory [ 80.538467][ T7515] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 80.555920][ T7515] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 80.619608][ T7515] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 80.630970][ T7515] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 80.694865][ T7515] bridge0: port 2(bridge_slave_1) entered blocking state [ 80.702209][ T7515] bridge0: port 2(bridge_slave_1) entered forwarding state [ 80.709487][ T7515] bridge0: port 1(bridge_slave_0) entered blocking state [ 80.716572][ T7515] bridge0: port 1(bridge_slave_0) entered forwarding state [ 80.726762][ T7610] bridge0: port 1(bridge_slave_0) entered disabled state [ 80.752051][ T7610] bridge0: port 2(bridge_slave_1) entered disabled state [ 80.828251][ T7515] 8021q: adding VLAN 0 to HW filter on device bond0 [ 80.843363][ T7515] 8021q: adding VLAN 0 to HW filter on device team0 [ 80.855749][ T30] bridge0: port 1(bridge_slave_0) entered blocking state [ 80.862855][ T30] bridge0: port 1(bridge_slave_0) entered forwarding state [ 80.874653][ T7610] bridge0: port 2(bridge_slave_1) entered blocking state [ 80.881841][ T7610] bridge0: port 2(bridge_slave_1) entered forwarding state [ 80.982673][ T7515] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 81.034376][ T7385] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 81.049555][ T7695] netlink: 64 bytes leftover after parsing attributes in process `syz.4.1617'. [ 81.060780][ T7695] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check. [ 81.112917][ T7375] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 81.234717][ T7515] veth0_vlan: entered promiscuous mode [ 81.250619][ T7515] veth1_vlan: entered promiscuous mode [ 81.290398][ T7515] veth0_macvtap: entered promiscuous mode [ 81.298462][ T7515] veth1_macvtap: entered promiscuous mode [ 81.320748][ T7515] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 81.350722][ T7515] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 81.367293][ T7610] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 81.378084][ T7729] netlink: 'syz.5.1628': attribute type 3 has an invalid length. [ 81.419949][ T7610] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 81.428821][ T7729] netlink: 'syz.5.1628': attribute type 1 has an invalid length. [ 81.441815][ T7610] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 81.451531][ T7729] netlink: 60387 bytes leftover after parsing attributes in process `syz.5.1628'. [ 81.473753][ T28] kauditd_printk_skb: 25 callbacks suppressed [ 81.473769][ T28] audit: type=1400 audit(1774950229.542:1010): avc: denied { mounton } for pid=7515 comm="syz-executor" path="/root/syzkaller.VY5GNl/syz-tmp" dev="sda1" ino=2051 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1 [ 81.505021][ T7610] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 81.514673][ T28] audit: type=1400 audit(1774950229.542:1011): avc: denied { mount } for pid=7515 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 81.563413][ T7732] syzkaller1: entered promiscuous mode [ 81.575660][ T7732] syzkaller1: entered allmulticast mode [ 81.595182][ T28] audit: type=1400 audit(1774950229.542:1012): avc: denied { mount } for pid=7515 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1 [ 81.620390][ T28] audit: type=1400 audit(1774950229.542:1013): avc: denied { mounton } for pid=7515 comm="syz-executor" path="/root/syzkaller.VY5GNl/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1 [ 81.660977][ T28] audit: type=1400 audit(1774950229.542:1014): avc: denied { mounton } for pid=7515 comm="syz-executor" path="/root/syzkaller.VY5GNl/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=19183 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1 [ 81.689859][ T28] audit: type=1400 audit(1774950229.582:1015): avc: denied { mounton } for pid=7515 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=538 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1 [ 81.746892][ T28] audit: type=1400 audit(1774950229.582:1016): avc: denied { mount } for pid=7515 comm="syz-executor" name="/" dev="gadgetfs" ino=4654 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1 [ 81.772205][ T28] audit: type=1400 audit(1774950229.662:1017): avc: denied { map } for pid=7740 comm="syz.5.1632" path="/dev/zero" dev="devtmpfs" ino=5 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:zero_device_t tclass=chr_file permissive=1 [ 81.810815][ T7745] netlink: 83 bytes leftover after parsing attributes in process `syz.4.1634'. [ 81.907441][ T7615] Bluetooth: hci0: Frame reassembly failed (-84) [ 81.917081][ T28] audit: type=1400 audit(1774950229.982:1018): avc: denied { ioctl } for pid=7757 comm="syz.2.1639" path="socket:[19220]" dev="sockfs" ino=19220 ioctlcmd=0x48d3 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 82.075055][ T28] audit: type=1400 audit(1774950230.142:1019): avc: denied { remount } for pid=7772 comm="syz.6.1647" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 82.151923][ T3376] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 82.219894][ T7786] bridge0: port 3(team0) entered disabled state [ 82.226350][ T7786] bridge0: port 2(bridge_slave_1) entered disabled state [ 82.233645][ T7786] bridge0: port 1(bridge_slave_0) entered disabled state [ 82.283197][ T7796] loop4: detected capacity change from 0 to 128 [ 82.333915][ T7786] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 82.344313][ T7786] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 82.422537][ T2179] netdevsim netdevsim5 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 82.445327][ T2179] netdevsim netdevsim5 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 82.467331][ T2179] netdevsim netdevsim5 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 82.492473][ T2179] netdevsim netdevsim5 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 82.871976][ T7808] loop5: detected capacity change from 0 to 512 [ 82.911183][ T7808] EXT4-fs (loop5): 1 truncate cleaned up [ 82.927731][ T7808] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 82.956236][ T7808] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #13: comm syz.5.1662: invalid indirect mapped block 4294901760 (level 0) [ 83.015035][ T7808] EXT4-fs (loop5): Remounting filesystem read-only [ 83.039785][ T4389] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 83.102469][ T7818] serio: Serial port ttyS3 [ 83.205952][ T7375] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 83.272827][ T7831] netlink: 'syz.5.1672': attribute type 16 has an invalid length. [ 83.293006][ T7831] netlink: 'syz.5.1672': attribute type 16 has an invalid length. [ 83.452824][ T7855] netlink: 40 bytes leftover after parsing attributes in process `syz.6.1682'. [ 83.482782][ T7855] netlink: 40 bytes leftover after parsing attributes in process `syz.6.1682'. [ 83.592554][ T7867] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1689'. [ 83.608981][ T7867] netlink: 24 bytes leftover after parsing attributes in process `syz.7.1689'. [ 83.892597][ T7847] loop4: detected capacity change from 0 to 1024 [ 83.911530][ T3646] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 83.915035][ T7847] EXT4-fs: Ignoring removed nomblk_io_submit option [ 83.962239][ T7847] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 84.008509][ T7847] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e054c018, mo2=0002] [ 84.030662][ T7847] System zones: 0-1, 3-36 [ 84.079395][ T7385] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 84.086524][ T7847] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 84.133194][ T3318] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 84.232284][ T3376] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 84.354595][ T7933] loop7: detected capacity change from 0 to 8192 [ 84.921732][ T7515] ================================================================== [ 84.929877][ T7515] BUG: KCSAN: data-race in __xa_clear_mark / xas_find_marked [ 84.937291][ T7515] [ 84.939693][ T7515] read-write to 0xffff88811ae8cb50 of 8 bytes by interrupt on cpu 0: [ 84.947790][ T7515] __xa_clear_mark+0xf5/0x1e0 [ 84.952706][ T7515] __folio_end_writeback+0xf4/0x360 [ 84.958017][ T7515] folio_end_writeback_no_dropbehind+0x6d/0x1d0 [ 84.964297][ T7515] folio_end_writeback+0x1c/0x70 [ 84.969526][ T7515] mpage_write_end_io+0x270/0x630 [ 84.974591][ T7515] bio_endio+0x38a/0x420 [ 84.978843][ T7515] blk_update_request+0x338/0x740 [ 84.983898][ T7515] blk_mq_end_request+0x26/0x50 [ 84.988749][ T7515] lo_complete_rq+0x98/0x140 [ 84.993352][ T7515] blk_done_softirq+0x77/0xb0 [ 84.998042][ T7515] handle_softirqs+0xb9/0x2a0 [ 85.002818][ T7515] __irq_exit_rcu+0x39/0xc0 [ 85.007329][ T7515] sysvec_apic_timer_interrupt+0x74/0x80 [ 85.012964][ T7515] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 85.018953][ T7515] generic_perform_write+0xa5/0x490 [ 85.024158][ T7515] shmem_file_write_iter+0xc5/0xf0 [ 85.029456][ T7515] lo_rw_aio+0x67d/0x730 [ 85.033829][ T7515] loop_process_work+0x56c/0xac0 [ 85.038814][ T7515] loop_rootcg_workfn+0x22/0x30 [ 85.043678][ T7515] process_scheduled_works+0x513/0xa10 [ 85.049143][ T7515] worker_thread+0x58a/0x780 [ 85.053738][ T7515] kthread+0x22a/0x280 [ 85.057897][ T7515] ret_from_fork+0x150/0x360 [ 85.062502][ T7515] ret_from_fork_asm+0x1a/0x30 [ 85.067375][ T7515] [ 85.069703][ T7515] read to 0xffff88811ae8cb50 of 8 bytes by task 7515 on cpu 1: [ 85.077342][ T7515] xas_find_marked+0x213/0x620 [ 85.082119][ T7515] filemap_get_folios_tag+0xfa/0x510 [ 85.087413][ T7515] filemap_fdatawait_keep_errors+0x6c/0x190 [ 85.093408][ T7515] sync_inodes_sb+0x424/0x4d0 [ 85.098105][ T7515] sync_filesystem+0x102/0x190 [ 85.102875][ T7515] generic_shutdown_super+0x4c/0x220 [ 85.108180][ T7515] kill_block_super+0x2a/0x70 [ 85.113038][ T7515] deactivate_locked_super+0x75/0x1c0 [ 85.118419][ T7515] deactivate_super+0x97/0xa0 [ 85.123109][ T7515] cleanup_mnt+0x2bb/0x330 [ 85.127537][ T7515] __cleanup_mnt+0x19/0x20 [ 85.131980][ T7515] task_work_run+0x130/0x1a0 [ 85.136572][ T7515] exit_to_user_mode_loop+0x1f4/0x6f0 [ 85.141947][ T7515] do_syscall_64+0x249/0x370 [ 85.146668][ T7515] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 85.152565][ T7515] [ 85.154890][ T7515] value changed: 0xffff000000000000 -> 0xc000000000000000 [ 85.161995][ T7515] [ 85.164329][ T7515] Reported by Kernel Concurrency Sanitizer on: SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 85.170505][ T7515] CPU: 1 UID: 0 PID: 7515 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) [ 85.179973][ T7515] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 85.190213][ T7515] ================================================================== [ 85.271702][ T3398] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 85.306897][ T5704] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 85.680484][ T7610] bridge_slave_1: left allmulticast mode [ 85.686253][ T7610] bridge_slave_1: left promiscuous mode [ 85.692015][ T7610] bridge0: port 2(bridge_slave_1) entered disabled state [ 85.699833][ T7610] bridge_slave_0: left allmulticast mode [ 85.705502][ T7610] bridge_slave_0: left promiscuous mode [ 85.711178][ T7610] bridge0: port 1(bridge_slave_0) entered disabled state [ 85.813219][ T7610] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 85.822545][ T7610] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 85.832016][ T7610] bond0 (unregistering): Released all slaves [ 85.884796][ T7610] tipc: Left network mode [ 85.908887][ T7610] hsr_slave_0: left promiscuous mode [ 85.914796][ T7610] hsr_slave_1: left promiscuous mode [ 85.954288][ T7610] team0 (unregistering): Port device team_slave_1 removed [ 85.964048][ T7610] team0 (unregistering): Port device team_slave_0 removed [ 85.984052][ T7608] smc: removing ib device syz1 [ 86.125550][ T7610] IPVS: stop unused estimator thread 0... [ 86.176091][ T7610] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 86.231722][ T7610] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 86.274578][ T7610] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 86.311769][ T3376] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 86.325191][ T7610] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 86.602665][ T7610] bridge_slave_1: left allmulticast mode [ 86.608537][ T7610] bridge_slave_1: left promiscuous mode [ 86.614422][ T7610] bridge0: port 2(bridge_slave_1) entered disabled state [ 86.622492][ T7610] bridge_slave_0: left allmulticast mode [ 86.628165][ T7610] bridge_slave_0: left promiscuous mode [ 86.634477][ T7610] bridge0: port 1(bridge_slave_0) entered disabled state [ 86.642556][ T7610] vlan2: left promiscuous mode [ 86.647316][ T7610] dummy0: left promiscuous mode [ 86.652399][ T7610] bridge0: port 4(vlan2) entered disabled state [ 86.659363][ T7610] team0: left allmulticast mode [ 86.664392][ T7610] team_slave_0: left allmulticast mode [ 86.669862][ T7610] team_slave_1: left allmulticast mode [ 86.675438][ T7610] team0: left promiscuous mode [ 86.680290][ T7610] team_slave_0: left promiscuous mode [ 86.685857][ T7610] team_slave_1: left promiscuous mode [ 86.691573][ T7610] bridge0: port 3(team0) entered disabled state [ 86.698490][ T7610] bridge_slave_1: left allmulticast mode [ 86.704171][ T7610] bridge_slave_1: left promiscuous mode [ 86.709833][ T7610] bridge0: port 2(bridge_slave_1) entered disabled state [ 86.717653][ T7610] bridge_slave_0: left allmulticast mode [ 86.723359][ T7610] bridge_slave_0: left promiscuous mode [ 86.728988][ T7610] bridge0: port 1(bridge_slave_0) entered disabled state [ 86.796218][ T7610] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 86.806052][ T7610] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 86.815605][ T7610] bond0 (unregistering): Released all slaves [ 86.883045][ T7610] team0: Port device bridge1 removed [ 86.933293][ T7610] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 86.942650][ T7610] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 86.951982][ T7610] bond0 (unregistering): Released all slaves [ 87.014833][ T7610] hsr_slave_0: left promiscuous mode [ 87.020659][ T7610] hsr_slave_1: left promiscuous mode [ 87.026676][ T7610] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 87.034357][ T7610] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 87.042235][ T7610] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 87.049755][ T7610] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 87.059639][ T7610] hsr_slave_0: left promiscuous mode [ 87.066054][ T7610] hsr_slave_1: left promiscuous mode [ 87.071734][ T7610] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 87.079172][ T7610] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 87.089143][ T7610] veth1_macvtap: left promiscuous mode [ 87.095355][ T7610] veth0_macvtap: left promiscuous mode [ 87.100961][ T7610] veth1_vlan: left promiscuous mode [ 87.106339][ T7610] veth0_vlan: left promiscuous mode [ 87.111877][ T7386] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 87.172620][ T7610] team0 (unregistering): Port device team_slave_1 removed [ 87.181926][ T7610] team0 (unregistering): Port device team_slave_0 removed [ 87.239370][ T7610] team0 (unregistering): Port device team_slave_1 removed [ 87.248891][ T7610] team0 (unregistering): Port device team_slave_0 removed [ 87.361694][ T3398] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 87.698995][ T7610] IPVS: stop unused estimator thread 0... [ 88.071621][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 88.401838][ T7374] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 89.353941][ T10] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 89.433036][ T3405] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 90.151655][ T7387] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 90.471741][ T3405] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 91.271949][ T3483] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 91.511816][ T7375] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 92.551772][ T35] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 93.191963][ T7386] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 93.200188][ T3483] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 93.591690][ T3405] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 94.471927][ T3483] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 94.631946][ T7375] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog