last executing test programs: 1m23.407115703s ago: executing program 2 (id=715): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x0, &(0x7f0000000200), 0x1, 0x4bc, &(0x7f0000000a40)="$eJzs3ctvW1UaAPDPdpMmaWb6mNGo7UjTSh2p81DjPDRqMjObWc3MotJoKrEBqYTEDSVOHMVOaaIuUth1wQKBQEIs2PMXsKErKiTEGvaIBSqCEiRAQjK613abOHGwII1p7u8n3ebch/2dU+s7Ovf4Xt8AMuts8k8uYjgiPoyIo43VrQecbfzZuH9zJllyUa9f/iKXHpestw5tve5IRKxHxEBE/P/fEc/ktsetrq7NT5fLpeXmerG2sFSsrq5duLYwPVeaKy2OTV6cmpocnRif2rO23n7puduX3vlv/9vfvHjv7svvvZtUa7i5b3M79lKj6X1xfNO2QxHxz0cRrAcKzfYM9roi/CTJ5/ebiDiX5v/RKKSfJpAF9Xq9/n39cKfd63XgwMqnY+BcfiQiGuV8fmSkMYb/bQzly5Vq7a9XKyuLs42x8rHoy1+9Vi6NNs8VjkVfLlkfS8sP18fb1ici0jHwK4XBdH1kplKe3d+uDmhzpC3/vy408h/ICKf8kF3yH7JL/kN2yX/ILvkP2SX/IbvkP2SX/Ifskv+QXfIfskv+Qyb979KlZKm37n+fvb66Ml+5fmG2VJ0fWViZGZmpLC+NzFUqc+k9Ows/9n7lSmVp7G+xcqNYK1Vrxerq2pWFyspi7Up6X/+VUt++tAroxvEzdz7ORcT63wfTJdHf3CdX4WCr13PR63uQgd4o9LoDAnrG1B9kl3N8oP0netvHBQOdXrj0cL4QeLzke10BoGfOn/L9H2SV+X/ILvP/kF3G+MAOj+jbYrf5f+DxZP4fsmu4w/O/frXp2V2jEfHriPio0He49awv4CDIf5Zrjv/PH/3jcPve/ty36VcE/RHx/BuXX7sxXastjyXbv3ywvfZ6c/v4phd2PGEAeqWVp608BgCya+P+zZnWsp9xP/9X4yKE7fEPNecmB9LvKIc2cluuVcjt0bUL67ci4uRO8XPN5503TmSGNgrb4p9o/s013iKt76H0uen7E//Upvh/2BT/9M/+X4FsuJP0P6M75V8+zel4kH9b+5/hPbp2onP/l3/Q/xU69H9nuozx7JsvfNox/q2I0zvGb8UbSGO1x0/qdr7L+PeeeuJ3nfbV32q8z07xW5JSsbawVKyurl1If0durrQ4NnlxampydGJ8qpjOURdbM9Xb/ePkB3d3a/9Qh/i7tT/Z9ucu2//d799/8uwu8f90bufP/8Qu8Qcj4i9dxv9q/JOnO+1L4s92aH9+l/jJtoku41df/c/hLg8FAPZBdXVtfrpcLi0rKCj0pHDrl1GNtkKveybgUauuJqfmSdL3uiYAAAAAAAAAAABAt/bjcuJetxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4CD4IQAA//9HcdTQ") sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x2200c851, 0x0, 0x0) r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x1a2) r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file2\x00', 0xa4c42, 0x108) fallocate(r0, 0x0, 0xbf5, 0x2000402) ioctl$EXT4_IOC_MOVE_EXT(r1, 0xc028660f, &(0x7f0000000080)={0xc, r0, 0x7, 0x10000000000bf, 0xffff, 0xfffffffffe000001}) 1m23.166691797s ago: executing program 2 (id=720): setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(0xffffffffffffffff, 0x6, 0x14, &(0x7f0000000000)=0x1, 0x4) r0 = socket$inet6_sctp(0xa, 0x5, 0x84) r1 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000040)=0x8) sendmmsg$inet6(r0, &(0x7f00000015c0)=[{{&(0x7f0000000200)={0xa, 0x4e23, 0x40d04, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x5}, 0x1c, &(0x7f00000007c0)=[{&(0x7f00000008c0)='p', 0x1}], 0x1}}], 0x1, 0x20044040) setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r0, 0x84, 0x22, &(0x7f0000000280)={0x2, 0x0, 0x78d, 0x1, r2}, 0x10) 1m22.985785298s ago: executing program 2 (id=727): perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x100000000004, 0x590, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, @perf_bp={0x0, 0x1}, 0x2000, 0x10000, 0x0, 0x1, 0x8, 0x80, 0x1, 0x0, 0x0, 0x0, 0x20000005}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x41100, 0x3}, 0x94) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'geneve0\x00', 0x0}) sendto$packet(r0, &(0x7f0000000180)="0b0312002e0064000200475400f6a13bb1000000086086dd4803", 0x100a6, 0x88a8ffff, &(0x7f0000000140)={0x11, 0x88a8, r1}, 0x14) 1m22.662080356s ago: executing program 2 (id=736): mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x1c1) mount$9p_unix(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x12d7498, 0x0) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0) mount(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x20000, 0x0) open_tree(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x89901) 1m22.615878399s ago: executing program 2 (id=737): bpf$ENABLE_STATS(0x20, 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, 0xffffffffffffffff) r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x16, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000001c0)={r1, 0x5, 0xe, 0xffffff15, &(0x7f0000000100)="4655ac63b1ba52fd850ae2b70000", 0x0, 0xd00, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 1m22.524514204s ago: executing program 2 (id=740): r0 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./file1\x00', 0x42, 0x62) write$P9_RREADLINK(r0, &(0x7f0000000000)={0x10, 0x17, 0x2, {0x7, './file0'}}, 0xfffffdab) r1 = io_uring_setup(0x68af, &(0x7f0000000480)={0x0, 0x0, 0x1880, 0x1}) close_range(r1, 0xffffffffffffffff, 0x0) acct(&(0x7f0000000100)='./file1\x00') acct(0x0) 1m22.186478274s ago: executing program 32 (id=740): r0 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./file1\x00', 0x42, 0x62) write$P9_RREADLINK(r0, &(0x7f0000000000)={0x10, 0x17, 0x2, {0x7, './file0'}}, 0xfffffdab) r1 = io_uring_setup(0x68af, &(0x7f0000000480)={0x0, 0x0, 0x1880, 0x1}) close_range(r1, 0xffffffffffffffff, 0x0) acct(&(0x7f0000000100)='./file1\x00') acct(0x0) 50.435932883s ago: executing program 4 (id=1673): r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) newfstatat(0xffffffffffffff9c, &(0x7f00000000c0)='.\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0}, 0x6000) setresuid(0xee01, r1, r1) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x7}, 0x1c) listen(r0, 0xfffffffc) r2 = socket$netlink(0x10, 0x3, 0x4) writev(r2, &(0x7f00000000c0)=[{&(0x7f0000000180)="580000001400add427323b470c45b45602067fffffff81004e22030d00ff0028925aa8002000eaa57b00090080020efffeffe809020000ff0004f03adcac4b74ffffffffffffffffffffffe7ee0000000000000000020000", 0x58}], 0x1) 50.407099585s ago: executing program 4 (id=1674): r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) close(r0) socket$packet(0x11, 0x2, 0x300) syz_emit_ethernet(0x36, &(0x7f0000000140)={@local, @local, @void, {@ipv6={0x86dd, @generic={0x6, 0x6, "54cefc", 0x0, 0x2f, 0x1, @local, @local}}}}, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r1, 0x4) mount$9p_fd(0x0, &(0x7f00000006c0)='./bus\x00', &(0x7f00000000c0), 0x0, &(0x7f00000002c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 50.377869986s ago: executing program 4 (id=1675): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x894}, 0x0) r1 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000400), 0x121201, 0x0) ioctl$IMADDTIMER(r1, 0x80044940, &(0x7f0000000600)=0x14) syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000280)={[{@noload}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x1}}, {@bh}, {@noload}, {@data_err_ignore}, {@usrjquota}]}, 0xfe, 0x44d, &(0x7f0000000900)="$eJzs3MtvG8UfAPDvrp30/Ut+UB4tLQQKouKRNOnzwKUIJA4gIcGhiFNI0qrUbaAJEq0qKBzKEVXijjgi8RdwggsCTkhc4Y4qVaiXFiQko13vpsa107hx6rb+fKRNZrzjzHx3d+zZGTsBDKyx7EcSsTkifouIkUb2vwXGGr+uXTk389eVczNJ1Otv/Jnk5a5eOTdTFi2ft6mRqdeL/Lo29V54O2K6Vps7XeQnFk++N7Fw5uzzx09OH5s7Nndq6tChfXt3Dh+Y2t+TOLO4rm7/aH7HtlfeuvjazJGL7/z0TdbezcX+5jh6ZaxxdNt6qteV9dmWpnRS7WND6EolIrLTNZT3/5GoxIalfSPx8qd9bRywpur1er3d+3PhfB24hyXR7xYA/VG+0Wf3v+V2m4Yed4TLhyPeP9iI/1qxNfZUIy3KDLXc3/bSWEQcOf/3l9kWazQPAQDQ7LvDEfFcu/FfGg82lftfsYYyGhH/j4j7IuL+iNgaEQ9E5GUfioiHu6y/dYXkxvFPeumWAluhbPz3QrG2tTT++6eex18YrRS5LXn8Q8nR47W5PcUx2R1D67L85DJ1fP/Sr5932tc8/su2rP5yLNiQXqq2TNDNTi9OrzLsJZc/idhebYk/l0S5jJNExLaI2N7VX75+h3H8ma93dCp18/iX0YN1pvpXEU83zv/5aIm/lHRcn5w8eGBq/8T6qM3tmSivihv9/MuF1zvVv6r4eyA7/xtbr//cUvyjyfqIhTNnT+TrtQvd13Hh98863tPc6vU/nLyZp4eLxz6cXlw8PRkxnLx64+NT159b5svyWfy7d7WLP81f48oj8UhEZBfxzoh4NCIeK9r+eEQ8ERG7lon/xxeffLf7+JeZle+hLP7Zm53/aD7/3ScqJ374tvv4S9n535endhePrOT1b6UNXM2xAwAAgLtFmn8GPknHl9JpOj7e+Az/1tiY1uYXFp89Ov/BqdnGZ+VHYygtZ7pGmuZDJ4u54TI/1ZLfW8wbf1HZkOfHZ+Zrs/0OHgbcpg79P/NHpd+tA9ac72vB4NL/YXDp/zC49H8YXPo/DK52/f/jPrQDuP28/8Pg0v9hcOn/MLj0fxhIHb8bn67qK/8S93wi0u6fVY07pPF3U6K64n9mcYuJdW139fuVCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoDf+DQAA//9X4u4v") ioctl$IMADDTIMER(r1, 0x80044940, &(0x7f0000000080)=0x14) close(r1) 50.239359894s ago: executing program 4 (id=1678): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) mount$bind(&(0x7f0000000180)='./file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0) mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0) 50.14086502s ago: executing program 4 (id=1680): syz_usb_connect(0x3, 0xf5, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000772aed408680070bb96c010203010902e30003dc2000000904003f000e01000505a40600010524007f000d240f010400000008"], 0x0) r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={@cgroup, 0xffffffffffffffff, 0xa, 0x1}, 0x20) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x890b, &(0x7f0000000000)) syz_emit_ethernet(0x3e, &(0x7f0000000000)={@broadcast, @empty, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @redirect={0x5, 0x0, 0x0, @rand_addr, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2f, 0x0, @loopback, @remote}}}}}}, 0x0) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x890c, &(0x7f0000000000)) 49.512177907s ago: executing program 4 (id=1688): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) sendmsg$nl_route(r1, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0) getsockname$packet(r1, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=@newlink={0x40, 0x10, 0x439, 0x70bd2a, 0x0, {0x0, 0x0, 0x0, r2, 0x21801, 0x1103}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @erspan={{0xb}, {0x10, 0x2, 0x0, 0x1, [@IFLA_GRE_FWMARK={0x8, 0x14, 0x97}, @IFLA_GRE_COLLECT_METADATA={0x4}]}}}]}, 0x40}, 0x1, 0x0, 0x0, 0x410c0}, 0x4048084) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0)={0x0}, 0x9, 0x0, 0x0, 0x4000000}, 0x0) 49.504052097s ago: executing program 33 (id=1688): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) sendmsg$nl_route(r1, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0) getsockname$packet(r1, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=@newlink={0x40, 0x10, 0x439, 0x70bd2a, 0x0, {0x0, 0x0, 0x0, r2, 0x21801, 0x1103}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @erspan={{0xb}, {0x10, 0x2, 0x0, 0x1, [@IFLA_GRE_FWMARK={0x8, 0x14, 0x97}, @IFLA_GRE_COLLECT_METADATA={0x4}]}}}]}, 0x40}, 0x1, 0x0, 0x0, 0x410c0}, 0x4048084) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0)={0x0}, 0x9, 0x0, 0x0, 0x4000000}, 0x0) 6.445932885s ago: executing program 1 (id=2630): openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000100)=0x1, 0x4) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x1f, 0x0, 0x0, &(0x7f00000000c0)='GPL\x00', 0x3, 0x0, 0x0, 0x41100, 0x18, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xebfb}, 0x94) setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000020, &(0x7f0000000040)=0xa, 0x1959cc36) connect$inet6(r0, &(0x7f00000001c0)={0xa, 0x4000, 0x0, @loopback}, 0x1c) setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000000), 0x4) 6.36012771s ago: executing program 1 (id=2633): perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x9, 0x690bb, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x3, 0x6, 0x2, 0x0, 0x0, 0x0, 0x3}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x1) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0x0, 0x0, &(0x7f0000000080)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000200), 0x10}, 0x94) bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = socket$rxrpc(0x21, 0x2, 0xa) syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, 0x0, 0x0, 0x4) setsockopt$RXRPC_SECURITY_KEY(r0, 0x110, 0x1, &(0x7f0000000440)='*\x00', 0x2) 6.335378051s ago: executing program 1 (id=2636): r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0xe, 0x7fff0000}]}) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_int(r2, 0x29, 0x1a, &(0x7f0000000000)=0x6, 0x4) r3 = socket$inet_udp(0x2, 0x2, 0x0) sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000100)=@newlink={0x40, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x42}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @gtp={{0x8}, {0x14, 0x2, 0x0, 0x1, [@IFLA_GTP_FD1={0x8, 0x2, @udp6=r2}, @IFLA_GTP_FD0={0x8, 0x1, @udp=r3}]}}}]}, 0x40}, 0x1, 0xba01}, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 6.270449555s ago: executing program 1 (id=2639): syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000044, &(0x7f0000000380)={[{@delalloc}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x3}}, {@nodioread_nolock}, {@bh}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4007b1}}, {@data_err_ignore}, {@nouid32}, {@quota}, {@user_xattr}, {@nouid32}, {@dioread_nolock}]}, 0x1, 0x55e, &(0x7f0000001bc0)="$eJzs3d9rW+UbAPDnpM1+f7/rYAwVkcIunMyla+uPCV7MS9HhQO9naM/KaLqMJh1rHbhduBtvZAgiDsR7vfdKhv+Af8VAB0NG0QtvKic9abs1adIuWzrz+cDZ3jfnJO95cs7z9n1zTkgAA2s0+6cQ8WJEfJVEHI6IJF83HPnK0dXtlh9en8qWJFZWPv4zaWyX1Zuv1XzewbzyQkT8+kXEycLmdmuLS7PlSiWdz+tj9bkrY7XFpVOX5soz6Ux6eWJy8sybkxPvvP1Wz2J97fzf33509/0zXx5f/uan+0duJ3E2DuXrNsbxBG5srIzGaP6eFOPsYxuOr/7XizZ3haTfO8CODOV5XoysDzgcQ3nWA/99n0fECjCgEvkPA6o5DmjO7Xs0D35uPHhvdQK0Of7h1c9GYl9jbnRgOXlkZpTNd0d60H7Wxs9/3LmdLdG7zyEAOrpxMyJODw9v7v+SvP/budNdbPN4G/o/eHbuZuOf11uNfwpr459oMf452CJ3d6Jz/hfu96CZtrLx37stx79rF61GhvLa/xpjvmJy8VIlzfq2/0fEiSjuzerjW7RxZvneSrt1G8d/2ZK13xwL5vtxf3jvo8+ZLtfLTxLzRg9uRrzUcvybrB3/pMXxz96P8122cSy980q7dZ3jf7pWfoh4teXxX7+ilWx9fXKscT6MNc+Kzf66dey3du33O/7s+B/YOv6RZOP12tr22/h+3z9pu3WPxB/dn/97kk8a5T35Y9fK9fr8eMSe5MPNj0+sP7dZb26fxX/i+Nb93/r5/8va6+yPiE+7jP/W0R9f3tdN/H06/tPbOv7bL9z74LPv2rXfXf/3RqN0In+km/6vw34VY8dnMwAAAAAAAOxehYg4FEmhtFYuFEql1fs7jsaBQqVaq5+8WF24PB2N78qORLHQvNJ9eMP9EOP5/bDN+sRj9cmIOBIRXw/tb9RLU9XKdL+DBwAAAAAAAAAAAAAAAAAAgF3iYJvv/2d+H+r33gFPnZ/8hsHVMf978UtPwK7k7z8MLvkPg0v+w+CS/zC45D8MLvkPg0v+w+CS/wAAAAAAAAAAAAAAAAAAAAAAAAAAANBT58+dy5aV5YfXp7L69NXFhdnq1VPTaW22NLcwVZqqzl8pzVSrM5W0NFWd6/R6lWr1yvhELFwbq6e1+lhtcenCXHXhcv3CpbnyTHohLT6TqAAAAAAAAAAAAAAAAAAAAOD5Ultcmi1XKum8gsKOCsO7YzcUelzod88EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOv+DQAA//8Kozfs") mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) unshare(0x22020600) umount2(&(0x7f00000002c0)='./file0\x00', 0xb) ftruncate(0xffffffffffffffff, 0x2007ffb) syz_mount_image$ext4(&(0x7f0000000740)='ext4\x00', &(0x7f0000000300)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f00000007c0), 0x1, 0x73a, &(0x7f0000000800)="$eJzs3E9rXOUaAPDnnCZtb5t7Jxfu4uJKqFih9iRN1a6EiOtCoR+ghslJCDnJhMykNjFg68KFIKgI/ulGv4EbRXBT+h0UwZ2CC0FrGheCi8iZzEx1OpOObdKR+vvBmfO875kzz/vMHF7mwLwTwD/W4+VDEjEWERciotLqTyPicDM6GnF193m3tzar21ub1SR2di7eSsrTmn3t10pa++PRPCX+HxE3RyNOvXZ33vr6xuJMUeSrrfZEY2llor6+cXphaWY+n8+XpyYnz559burZZyb3rdY3X/nkpzc+f/HLD88t/fb8radnk5hu1h1ddeyn3fdkNKa7+pcPItkQJcMeAAAAAym/5x+KiJHmt9RKHGpGAAAAwKNk58gOAAAA8MhLYtgjAAAAAA5W+3cAt7c2q+3tYf7+4McXImL8ztri7U7+keYa4oijMRoRx7aTP61MSHZPgwdy9VpE3Jjucf0nrevv/nWvXLdG+u/nRjn/TPea/9LO/BM95p+R9n8nPKD2/Ld91/x3J/+hPvPfhQFzHFk9+VXf/NciHhvplT/p5E/65H9pwPyfjn3zbb9jOx9HnIze+f+Ya4//h5iYWyjy1mPPHCc+e/XUXvUf65c/2bv+lQHr/+761Hy/uaTM/9SJvT//XvnLa+Kt1jjSiHi7tS/b73TlePLm5Ad71T/bp/57ff4fDVj/F69vfD/gUwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKApjYixSNKsE6dplkUcj4j/xbG0qNUbp+Zqa8uz5bGI8RhN5xaKfDIiKrvtpGyfacZ32lNd7bMR8d+IeLfyr2Y7q9aK2WEXDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQMfxiBiLJM0iIo2IXyppmmXDHhUAAACw78aHPQAAAADgwLn/BwAAgEef+38AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgIbhw/ny57WxvbVbL9uzl9bXF2uXTs3l9MVtaq2bV2upKNl+rzRd5Vq0t3ev1ilpt5Vwsr12ZaOT1xkR9fePSUm1tuXFpYWlmPr+Ujz6UqgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPirxppbkmYRkTbjNM2yiH9HxHiMJnMLRT4ZEf+JiK8ro0fK9plhDxoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIB9V1/fWJwpinxVIBAIOsGwZyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIahvr6xOFMU+Wp92CMBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABguNIfkogot5OVJ8a6jx5Ofq009xHx8vWL712ZaTRWz5T9P3f6G++3+qeGMX4AAACgW/s+vX0fDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMKj6+sbiTFHkqwcYDLtGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg/vweAAD//4rSy1s=") unlinkat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x200) 6.065407397s ago: executing program 1 (id=2645): r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='ns\x00') fchdir(r0) mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xbecd6000) r1 = open(&(0x7f00000000c0)='.\x00', 0x8000, 0x50) getdents64(r1, &(0x7f0000000100)=""/134, 0x86) mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0) getdents(r1, &(0x7f0000001fc0)=""/184, 0xb8) 5.610717453s ago: executing program 1 (id=2657): syz_mount_image$ext4(&(0x7f0000000140)='ext2\x00', &(0x7f0000000080)='./file0\x00', 0x0, &(0x7f0000000000), 0x1, 0x47a, &(0x7f0000000180)="$eJzs3M9vVEUcAPDv222L/LIV8QeIgqKRaGxpQeXgAYwmHjQx0QMe67YQpFBDqxFCtHrAoyHxbjya8Bd40otRTyZe9W5IiOECenrm7b7Xvl1217ZsXXA/n2TpzM5bZr7MTHfmDbsBDKx92R9JxLaI+C0iRhvZ5gv2NX7cvH6x9tf1i7Uk0vStP5P6dTeuX6wVlxav21pklpqfL1s4f+H09Nzc7Lk8P7F45v2JhfMXnjt1Zvrk7MnZs1NHjhw+NPniC1PP9yTOrE03dn88v2fXa+9cfqN2/PK7P11Jivib4viwJ/WV/uqyapF4qle13CG2l9LJUB8bwppkAzLrruH6/B+Naqx03mi8+llfGwdsqDRN002di5dS4H8siX63AOiP/H0+iViqZXvg8n5+EFw71tgAZXHfzB+NkqGo5NcMt+xveynbbR1f+vur7BEt91MAADbCd8caP4u138r6o9J0F/9ofjY0FhH3RcSOiLg/InZGxAMR8WBEPBQRD5de0+7cp1XrIcmt65/K1XUFtkrZ+u+l/Gyref1XrP5irJrnttfjH05OnJqbPRgR90bEgRjelOUnu9Tx/Su/ftGpbF9p/Zc9svqLtWDejqtDLTfoZqYXp28n5rJrn0bsHmoXf7J8EpD1466I2L13fXWceuabPZ3K/j3+LnpwzpR+HfF0o/+XoiX+QtL9fHLinpibPThRjIpb/fzLpTdL2dpoKXNb8fdA1v9b2o7/5fjHkvJ57cLa67j0++cd9zSrHP8j5ddk438kebueLgo+ml5cPDcZMZK8nj9/NH++ub76dVMr12fxH9jffv7viJV/iUciIhvEj0bEYxGxN2/74xHxRETs7xL/jy8/+d76499YWfwza+r/jonibPuWourpH76tlxSdNdYl/iTa9P/heupA/ky733+jzUMkurb03O2MZgAAALj7VCJiWySV8eV0pTI+3vj/8jtjS2VufmHx2RPzH5ydaXxGYCyGK8WdrtHl+6GxNJlv669UI7LyqTxf3C89lN83/rK6uZ4fr83PzfQ7eBhwWzvM/8wf1X63DthwPq8Fg2u98z9N00963BTgP+b9HwaX+Q+Dq83839yS7/IdAcDdrN37v409DAbrfxhc5j8MLvMfBpf5DwMp/yT80Go+4L9hiez3T/9qX3siTftU+0j/Y19ORKVvtUe/Y19bIsm/SyO9Q9qzukS9yU4BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAu94/AQAA//8QtN5n") r0 = socket$inet_smc(0x2b, 0x1, 0x0) pselect6(0x40, &(0x7f0000000100)={0x0, 0xfffffffffffffffc, 0xffffffffffffffff, 0x0, 0x800, 0x0, 0x4, 0x10000000}, 0x0, &(0x7f0000001340)={0x1f, 0x0, 0x0, 0x3, 0x0, 0x6, 0xfffffffffffffffe}, 0x0, 0x0) sendto(r0, 0x0, 0x0, 0x200048c4, 0x0, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffdf1) shutdown(r0, 0x1) setsockopt$sock_int(r0, 0x1, 0x7, &(0x7f0000000080)=0x4000004, 0x4) 5.600840814s ago: executing program 34 (id=2657): syz_mount_image$ext4(&(0x7f0000000140)='ext2\x00', &(0x7f0000000080)='./file0\x00', 0x0, &(0x7f0000000000), 0x1, 0x47a, &(0x7f0000000180)="$eJzs3M9vVEUcAPDv222L/LIV8QeIgqKRaGxpQeXgAYwmHjQx0QMe67YQpFBDqxFCtHrAoyHxbjya8Bd40otRTyZe9W5IiOECenrm7b7Xvl1217ZsXXA/n2TpzM5bZr7MTHfmDbsBDKx92R9JxLaI+C0iRhvZ5gv2NX7cvH6x9tf1i7Uk0vStP5P6dTeuX6wVlxav21pklpqfL1s4f+H09Nzc7Lk8P7F45v2JhfMXnjt1Zvrk7MnZs1NHjhw+NPniC1PP9yTOrE03dn88v2fXa+9cfqN2/PK7P11Jivib4viwJ/WV/uqyapF4qle13CG2l9LJUB8bwppkAzLrruH6/B+Naqx03mi8+llfGwdsqDRN002di5dS4H8siX63AOiP/H0+iViqZXvg8n5+EFw71tgAZXHfzB+NkqGo5NcMt+xveynbbR1f+vur7BEt91MAADbCd8caP4u138r6o9J0F/9ofjY0FhH3RcSOiLg/InZGxAMR8WBEPBQRD5de0+7cp1XrIcmt65/K1XUFtkrZ+u+l/Gyref1XrP5irJrnttfjH05OnJqbPRgR90bEgRjelOUnu9Tx/Su/ftGpbF9p/Zc9svqLtWDejqtDLTfoZqYXp28n5rJrn0bsHmoXf7J8EpD1466I2L13fXWceuabPZ3K/j3+LnpwzpR+HfF0o/+XoiX+QtL9fHLinpibPThRjIpb/fzLpTdL2dpoKXNb8fdA1v9b2o7/5fjHkvJ57cLa67j0++cd9zSrHP8j5ddk438kebueLgo+ml5cPDcZMZK8nj9/NH++ub76dVMr12fxH9jffv7viJV/iUciIhvEj0bEYxGxN2/74xHxRETs7xL/jy8/+d76499YWfwza+r/jonibPuWourpH76tlxSdNdYl/iTa9P/heupA/ky733+jzUMkurb03O2MZgAAALj7VCJiWySV8eV0pTI+3vj/8jtjS2VufmHx2RPzH5ydaXxGYCyGK8WdrtHl+6GxNJlv669UI7LyqTxf3C89lN83/rK6uZ4fr83PzfQ7eBhwWzvM/8wf1X63DthwPq8Fg2u98z9N00963BTgP+b9HwaX+Q+Dq83839yS7/IdAcDdrN37v409DAbrfxhc5j8MLvMfBpf5DwMp/yT80Go+4L9hiez3T/9qX3siTftU+0j/Y19ORKVvtUe/Y19bIsm/SyO9Q9qzukS9yU4BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAu94/AQAA//8QtN5n") r0 = socket$inet_smc(0x2b, 0x1, 0x0) pselect6(0x40, &(0x7f0000000100)={0x0, 0xfffffffffffffffc, 0xffffffffffffffff, 0x0, 0x800, 0x0, 0x4, 0x10000000}, 0x0, &(0x7f0000001340)={0x1f, 0x0, 0x0, 0x3, 0x0, 0x6, 0xfffffffffffffffe}, 0x0, 0x0) sendto(r0, 0x0, 0x0, 0x200048c4, 0x0, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffdf1) shutdown(r0, 0x1) setsockopt$sock_int(r0, 0x1, 0x7, &(0x7f0000000080)=0x4000004, 0x4) 4.28394926s ago: executing program 7 (id=2660): r0 = socket$inet(0x2, 0x2, 0x0) setsockopt$inet_mreqn(r0, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc) r1 = socket$netlink(0x10, 0x3, 0x0) writev(r1, &(0x7f00000003c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1) writev(r1, &(0x7f0000000300)=[{&(0x7f00000001c0)="390000001300034700bb5be1c3e4feff06000000010000004500000025000000190004000400ad000d00000000000006040000000000f93132", 0x39}], 0x1) setsockopt$inet_msfilter(0xffffffffffffffff, 0x0, 0x29, 0x0, 0x57) setsockopt$inet_mreqsrc(r0, 0x0, 0x24, &(0x7f0000000440)={@multicast2, @loopback, @empty}, 0xc) 4.12692641s ago: executing program 7 (id=2672): r0 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_bp={0x0, 0x2}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x5, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0x23, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, 0x0, 0x0) r2 = syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1800403, &(0x7f0000000940), 0x2, 0x5ad, &(0x7f0000000180)="$eJzs3c1vVFUbAPDnzkwLpe9rKzEqLkyjIZAoLS1g8GMBe0LwY+fGSgtBho/QGi2aWBLcmBg3LkhcuRD/CyW6dWXiwoUbV4akGsNGY3TMnbkzDO1MOy0dbu39/ZLbOeeeOz3nQp85Z+49ZyaAwhpLf5Qi9kTE5SRipK2sElnhWOO4O7+/fzrdkqjVXv0tiSTb1zw+yR6Hsyf/PRLx/TdJ7C6vrHdu4er56Wp19kqWn5i/cHlibuHqgXMXps/Onp29OPXc1NEjh48cnTx4X+dXakufuP7WOyMfnXz9i8/+Sia//OlkEsfi1zONsvbz2CxjMRZ/1GofLN+f/rse3ezKclJu/Z3clSzfwZZVyWJkMCIei5Eot/1vjsSHL+faOKCvaklEDSioRPxDQTXHAc339r29Dy71eVQCPAhLx9OfAx3iv9K4NhijMRARe5c9r8MlvQ1J6/ju25PX0y36dB0O6Gzx2o4stTz+k3psjsbOem7XndI913nTEcCp7DHd/8oG6x9blhf/8OAsXouIxzuN/9eO/zfa4v/NDdYv/gEAAAAAAGDz3DoeEc92uv9Xyu7N7Yyn6vf/ksb9vx/urhA8tgn1r33/r3R7E6oBOlg6HvFSx/m/rTm+o+Us9//GbMDkzLnq7MGIeCgi9sfAjjQ/uUodBz7efaNbWfv8v3RL62/OBczacbuy497nzEzPT9/POQMNS9cinqh0n/+T9v9Je/+fSV8PLvdYx+69N091K1s7/oF+qX0esa9j/5+0jklW/3yOifp4YKI5Kljpyfc++apb/eIf8pP2/7tWj//RpP3zeubW9/sHI+LQQqXWrXyj4//B5LVy8/en3p2en78yGTGYnFi5f2p9bYbtqhkPzXhJ43//06tf/2uN/9vicCgiFnus89F/hn/uVqb/h/yk8T+zrv5//Ympm6Nfd6u/t/7/cL1P35/tcf0PVtdrgObdTgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4LypFxP8iKY230qXS+HjEcEQ8ErtK1Utz88+cufT2xZm0rP79/6XmN/2ONPJJ8/v/R9vyU8vyhyLi4Yj4tDxUz4+fvlSdyfvkAQAAAAAAAAAAAAAAAAAAYIsY7rL+P/VLOe/WAX1XyR7FOxRPJe8GALkR/1Bc4h+KS/xDcYl/KK4Nxr/bBbAN6P+hqAZ6O2xnv9sB5EH/DwAAAAAA28qtF5+/kUTE4gtD9S01mJW1bgwO5dU6oJ9KeTcAyI05vFBcpv5AcfU4+RfYxpJW6s9ap/Lus/+T/jQIAAAAAAAAAAAAAFhh355bP665/h/Ylqz/h+Ky/h+Ky/p/KC7v8YG1VvFb/w8AAAAAAAAAAAAA+ZtbuHp+ulqdvSIhsdUSAxGxBZqRQ2Iw//DM+YUJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABo+TcAAP//Swsk/Q==") sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="14000000100001000000f5ffffffffffffff000a14000000060a0000000000000000000002"], 0x3c}, 0x1, 0x0, 0x0, 0x20000000}, 0x0) mount(0x0, &(0x7f0000000240)='.\x00', &(0x7f00000000c0)='nfs\x00', 0x0, &(0x7f0000000000)='\x06\x00\x00\x00\x04\xb0\xfe\x98\x9a!s\x91]\xab\xc9\xa2IV\xb6-\xd9z\x81\x91\x8aP}I\xc6\x0e\xd9\v\xda\xbfS\x16 \x04\r\xcd\xdb:\xd4\xaf\r\x11\xa0\xd7\xd7\xb6\x9bz\x99\xaf\xfd\x87fN\xad\x90U\xb4A\xdf\xabB\xbba\x7f\xb8\x96\x1a\xe7\xc1\xab\x16\x02\x000x0) prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) ioprio_set$uid(0x3, 0x0, 0x0) io_submit(0x0, 0x0, 0x0) io_submit(r1, 0x1, &(0x7f0000000300)=[&(0x7f0000000080)={0x0, 0x0, 0x8, 0x7, 0x1, r0, 0x0, 0x0, 0xfffffffffffffffe}]) 3.107668949s ago: executing program 7 (id=2683): r0 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x17}}, 0x10) setsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f00000002c0)={{{@in6=@private2={0xfc, 0x2, '\x00', 0x1}, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x2}, {0x10000, 0x3, 0x5, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0xfffffffffffffff7}, {0x0, 0x8, 0xfffffffffffffffc, 0x8}, 0x0, 0x0, 0x1, 0x0, 0x1}, {{@in6=@empty, 0x2, 0x6c}, 0xa, @in=@empty, 0x0, 0x5, 0x0, 0xb7}}, 0xe8) sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x0) r1 = socket(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000240)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000180)=@newqdisc={0x44, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x14, 0x2, [@TCA_CAKE_TARGET={0x8, 0x8, 0x8}, @TCA_CAKE_AUTORATE={0x8, 0x9, 0xa}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x1}, 0x0) 2.821025075s ago: executing program 3 (id=2687): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000100)=0xb, 0x4) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f00000001c0)={0x11, 0x11, r1, 0x1, 0xf, 0x6, @broadcast}, 0x14) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RGETLOCK(r3, &(0x7f00000000c0)=ANY=[], 0xffffff6a) splice(r2, 0x0, r0, 0x0, 0xfffd, 0x0) 2.7486433s ago: executing program 7 (id=2688): r0 = socket$inet6(0xa, 0x3, 0x84) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000080)={{{@in6=@local, @in=@local, 0x0, 0x0, 0x4e20, 0x0, 0x2}, {0x0, 0x0, 0x0, 0x2, 0x8001, 0x40000000000, 0x2}, {0x0, 0x69f}, 0x0, 0x1, 0x1}, {{@in=@loopback, 0x4d6, 0x3c}, 0x2, @in=@empty, 0x0, 0x3}}, 0xe8) r1 = socket$netlink(0x10, 0x3, 0x10) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x80, 0x0) r2 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_RATE_NEW(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)={0x34, r2, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0) 1.970633545s ago: executing program 3 (id=2704): syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./bus\x00', 0x3000046, &(0x7f00000004c0)={[{@delalloc}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@usrquota}, {@data_err_ignore}, {@nobarrier}, {@oldalloc}, {@grpquota}, {@noload}, {@user_xattr}, {@bh}, {@dioread_nolock}]}, 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==") r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./bus\x00', 0x1c1840, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x200, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000e80)='./bus\x00', 0x1c1002, 0x0) write(r2, &(0x7f00000001c0)="f1", 0x1) sendfile(r2, r0, 0x0, 0x40001) sendfile(r2, r1, 0x0, 0x7ffff000) 1.813823564s ago: executing program 5 (id=2709): socket$inet6_mptcp(0xa, 0x1, 0x106) r0 = io_uring_setup(0x77d4, &(0x7f0000000000)={0x0, 0x6065, 0x2000, 0x2, 0x238}) syz_io_uring_setup(0x40000bdc, &(0x7f0000000540)={0x0, 0x7391, 0x200, 0x3, 0x40004333, 0x0, r0}, 0x0, 0x0) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x6}]}, 0x10) r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x2, 0x7fff7ffc}]}) close_range(r2, 0xffffffffffffffff, 0x200000000000000) 1.742457478s ago: executing program 5 (id=2723): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000300)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cgroup.kill\x00', 0x275a, 0x0) fcntl$lock(r0, 0x6, &(0x7f0000000000)={0x0, 0x0, 0x8}) fcntl$lock(r0, 0x7, &(0x7f00000000c0)={0x1, 0x2, 0x6, 0x80}) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cgroup.kill\x00', 0x275a, 0x0) fcntl$lock(r1, 0x26, &(0x7f0000000000)={0x1, 0x2, 0x1b8, 0x2}) fcntl$lock(r1, 0x6, &(0x7f0000000200)={0x0, 0x0, 0x3, 0x1fd}) 1.125962014s ago: executing program 0 (id=2725): r0 = socket(0x2, 0x80805, 0x0) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) shutdown(r1, 0x0) close(r0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000200)={0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e21, @rand_addr=0x64010100}]}, &(0x7f0000000140)=0x10) getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r1, 0x84, 0x7a, &(0x7f0000000340)={r2, @in6={{0xa, 0x3, 0x4, @mcast1}}}, &(0x7f0000000040)=0x84) setsockopt$inet_sctp6_SCTP_DELAYED_SACK(r0, 0x84, 0x10, &(0x7f0000000440)=@sack_info={r3, 0x10, 0x101}, 0xc) 1.047621639s ago: executing program 0 (id=2727): setresuid(0xee00, 0xee00, 0x0) mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0x3, 0x20132, 0xffffffffffffffff, 0xb299b000) mremap(&(0x7f0000006000/0x3000)=nil, 0x3000, 0xf000, 0x3, &(0x7f0000009000/0xf000)=nil) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mlock2(&(0x7f0000009000/0x4000)=nil, 0x4000, 0x0) syz_clone(0x111, 0x0, 0x0, 0x0, 0x0, 0x0) write$P9_RREADDIR(r0, &(0x7f0000000640)={0xb, 0x29, 0x2, {0xf}}, 0xfffffc95) 936.042895ms ago: executing program 3 (id=2728): r0 = openat(0xffffffffffffff9c, &(0x7f0000000580)='./file0\x00', 0x62c40, 0x0) r1 = eventfd2(0x800, 0x0) io_setup(0x81, &(0x7f0000000400)=0x0) ioprio_set$pid(0x2, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f00000000c0)=0x3) io_submit(r2, 0x1, &(0x7f0000000040)=[&(0x7f0000000000)={0x0, 0x0, 0x30, 0x0, 0xb, r0, 0x0, 0x0, 0x2000000000, 0x0, 0x1, r1}]) 935.762255ms ago: executing program 6 (id=2729): bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x15, 0x2000000000000216, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2400000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r0) r2 = socket(0x10, 0x3, 0x0) write(r2, &(0x7f0000000180)="2000000012005f0214f9f4070000fbe40a0000000000", 0x41d) recvmmsg(r2, &(0x7f00000021c0), 0x5b, 0x40, 0x0) 908.602217ms ago: executing program 6 (id=2730): syz_mount_image$vfat(&(0x7f0000000200), &(0x7f00000000c0)='./file0\x00', 0x204888, &(0x7f0000000740)=ANY=[@ANYBLOB="756e695f786c6174653d312c696f636861727365743d757466382c0097b75cbdde02821d0f899c2377ee9577397fc18b433d0c59e692b381740ca495e1c145c5922679338b5ff21c0653a98440a5725268a242c0263564f988d3c178704feaf8a412df818275708882ea9a4048c6e458a1f05b83f2e69b965b1df203b21de2b0ee375647f886a5310889982079aa7b1fb4eefe7f768eec58b19cf50faaf129503175f4262df740183df51d3641ff78b86127c1db8ef165bfa3bd20797fde6ff91a0e45d3d7c1c6d1ce0a72be8c1fdb00000000", @ANYRES16, @ANYRESDEC, @ANYRES8, @ANYRES32], 0x1, 0x343, &(0x7f0000000bc0)="$eJzs3cGLG1UcB/BfY+22tdvsQQQF8aEXvYTd9R8wSAvigrJ2pXoQpu6shkyTJRMqKWJ7E2/+HcWjN0EEz3vx7s3bXjz2UIwk2d1u4u7BQna25POB5L3My5d5k/DC7zJ5+7d/vNveKRs7WT9q76W4EhG1xxErUYtDFw7a2rh/KY57GO/Ub//5+iefff5hc2PjxmZKN5u33l1PKV1/49dvvv3pzd/6L3368/VflmJv5Yv9v9f/2ntl79X9f2593SpTq0ydbj9l6U6328/uFHnabpXtRkofF3lW5qnVKfPe1PhO0d3dHaSss718dbeXl2XKOoPUzgep30393iBlX2WtTmo0Gmn5aiyWZ7nerUebm1lzDpPhDP0we+DK9Mter5mN1vDSf5Jbj+Y6MQDgXJqt/2txeXy8ovr/sET5//X/hUWv/5+F+n8RjOr/Swfrd5r6HwAAAAAAAAAAAAAAngePh8P6cDisH7azj6rnx3z5/hfbsRv3LkcU39/burc1aSfjzZ1oRRF5rEY9nkQMj8T4TsGbH2zcWE1jK7F898EkP2pfmM6vRT1WpvOj51F+LaU0fJDSdP7F8T9aHOXXox4vn5xfn5x/Jn8p3n7rWL4R9fjjy+hGEdsxyj7Nf7eW0vsfbczkl8bvAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAxNNKRE/fvbzROG5/kj/bXX416PDl5f/7VE/fnvxivXaz22gEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgUDm4386KIu+dfedhnDI0PFDVxM6+EzG3U/x+LU77nHXOV+fawZo8H/Op+IcJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKvB00++qZwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAECVysH9dlYUeW+OnaqvEQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4HnybwAAAP//V3Yinw==") r0 = inotify_init1(0x80800) r1 = inotify_add_watch(r0, &(0x7f0000000200)='.\x00', 0x10000a0) r2 = dup(r0) inotify_rm_watch(r2, r1) r3 = open(&(0x7f00000000c0)='.\x00', 0x8000, 0x50) getdents(r3, &(0x7f0000001fc0)=""/184, 0xb8) 859.22596ms ago: executing program 5 (id=2731): socket$nl_route(0x10, 0x3, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10003, 0x9, 0x1}, 0x48) r1 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c000000020000000000000000000004"], 0x0, 0x26}, 0x20) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0x3, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000950000000000000009000000dfa2bff372df8cdbeb318ab2bec8fc36903c0ec359caa1af3c914019395cc154010c693709800000000000000016a85adef34bf78c76e6222337923e1bea6ef682cc4375f594425d408ccc58187feb0e3d43347f989007a7c63f6dae2acb4af936461f34a8a32a50bbbb69ec85168947b86df9f2609bf93f7a1be259621818c3c75da31290bce645451b851111dd98ac4d8da9317c2c082020e0b2d634086785f3fe41a3053645cc413790faf7e229c782845b5bb774f7f154263178151ea93ff2cac4b181332c9c9a1c7d85616c8100000000000000d8300d19d585000000fc005774b56a7142047326f940e95b8489e1c5650f5c61299a295f39c88456391cffdef93e29f10f4a11f0cfbfc0ff976b20fef6033495b9b94777db9bb9b678ffc1130000009faa798226a080c01e47151268a02dc1a557cfdcf76305fbf6643df66b1b4d2d5e7bf698fc5a18d984ecb91e6683a5f522d536e2f3c43b89823659d1945258fc668950e5aacfffffffffffffff7f7a266c90e64efc8d8f730867202a9ee94e6a00"], &(0x7f0000000080)='GPL\x00', 0x5, 0x1f6, &(0x7f00000002c0)=""/168, 0x0, 0x0, '\x00', 0x0, @sock_ops, r1, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000200), 0x1, 0x0, 0xffffffffffffffff, 0xf5010000}, 0x6d) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000000)={r2, 0xff51, &(0x7f0000000580)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8, 0x0, 0x0}}, 0x10) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000740)={r0, &(0x7f0000000000), &(0x7f0000001a00)=""/122}, 0x20) bpf$MAP_UPDATE_CONST_STR(0x4, &(0x7f0000001800)={{r0}, &(0x7f0000001a80)=0x4, 0x0}, 0x20) 858.78269ms ago: executing program 0 (id=2732): r0 = socket$can_raw(0x1d, 0x3, 0x1) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2, 0x5031, 0xffffffffffffffff, 0xc2dcc000) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000080)={'vcan0\x00', 0x0}) bind$can_raw(r0, &(0x7f0000000000), 0x10) read(r0, &(0x7f00000027c0)=""/4095, 0xfff) setsockopt$CAN_RAW_RECV_OWN_MSGS(r0, 0x65, 0x4, &(0x7f0000000340)=0x1, 0x4) sendmsg$can_raw(r0, &(0x7f0000000240)={&(0x7f0000000780)={0x1d, r1}, 0x10, &(0x7f0000000200)={&(0x7f0000000140)=@can={{0x3, 0x0, 0x1, 0x1}, 0x0, 0x0, 0x0, 0x0, "e5631d6f20af6daa"}, 0x10}}, 0x0) 828.919542ms ago: executing program 5 (id=2733): bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], 0x0, 0x0, 0x0, 0x0, 0x40e00, 0x5a, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x94) r0 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40e00, 0x5a, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000012c0)={r1, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)=[0x0], 0x0, 0x0, 0x1, 0x1}}, 0x40) timer_create(0x0, &(0x7f0000000000)={0x0, 0x21}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x20, 0x10012, r0, 0x0) 823.711432ms ago: executing program 3 (id=2734): perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000d80)={0x7, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000001200000000000000000095"], &(0x7f0000000c00)='GPL\x00'}, 0x90) bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000002c0)={r0, 0x4, 0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) bpf$LINK_GET_NEXT_ID(0x1f, &(0x7f0000000d00)={0x0, 0x0}, 0x8) r2 = bpf$LINK_GET_FD_BY_ID(0x1e, &(0x7f0000000000)=r1, 0x4) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000180)={r2, 0x0, 0x0}, 0x10) 755.961366ms ago: executing program 6 (id=2735): timer_create(0x0, &(0x7f0000000200)={0x0, 0x21, 0x2, @tid=0xffffffffffffffff}, &(0x7f0000000300)=0x0) fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5}) mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) timer_settime(r0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0) mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0xd3283d0368e269b3, 0x8031, 0xffffffffffffffff, 0xffffd000) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000b40)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c00000012b409"], 0x64}}, 0x0) 755.538326ms ago: executing program 0 (id=2736): rt_sigprocmask(0x0, &(0x7f0000001480)={[0xffffffffffffffff]}, 0x0, 0x8) r0 = getpgrp(0x0) r1 = gettid() mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) rt_tgsigqueueinfo(r0, r1, 0x21, &(0x7f00000003c0)={0x26, 0x1, 0x10004}) rt_tgsigqueueinfo(r0, r1, 0x24, &(0x7f0000000040)={0xa, 0x8, 0x29b}) ppoll(0x0, 0x0, 0x0, &(0x7f0000002d40)={[0x100000001]}, 0x8) 735.032327ms ago: executing program 0 (id=2737): openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f00000006c0)=@raw={'raw\x00', 0x4001, 0x3, 0x3e8, 0x0, 0x0, 0x148, 0x0, 0x148, 0x350, 0x240, 0x240, 0x350, 0x240, 0x7fffffe, 0x0, {[{{@ip={@private=0xa010102, @local, 0x0, 0x0, 'ip6gretap0\x00', 'nicvf0\x00', {}, {}, 0x88, 0x3, 0x10}, 0x0, 0xf8, 0x158, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'wg1\x00', {0x0, 0x0, 0x1ff, 0x100000, 0x0, 0xed, 0x10000007}}}, @common=@unspec=@connmark={{0x30}, {0xfffffff9, 0x8}}]}, @common=@CLUSTERIP={0x60, 'CLUSTERIP\x00', 0x0, {0x0, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, 0x85d, 0xf, [0x10, 0x32, 0x1e, 0x32, 0x2b, 0x25, 0x3f, 0x17, 0x19, 0x22, 0x2c, 0x3d, 0x7, 0x3f, 0x1e, 0x31], 0x0, 0x2, 0x2}}}, {{@ip={@rand_addr=0x64010101, @local, 0xff, 0x0, 'tunl0\x00', 'lo\x00', {0xff}, {}, 0x2e, 0x3, 0x4}, 0x0, 0x190, 0x1f8, 0x0, {}, [@common=@inet=@recent0={{0xf8}, {0x8, 0x9, 0x1, 0x1, 'syz1\x00', 0x2}}, @inet=@rpfilter={{0x28}, {0x8}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0xfff, 0x7e, 0x1c, 'netbios-ns\x00', 'syz0\x00', {0x3}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x448) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$inet_mtu(r1, 0x0, 0xa, &(0x7f0000000280)=0x4, 0x4) mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x1, 0x32, 0x0, 0xffffd000) sendto$inet(r1, &(0x7f0000000040)="0400", 0xffec, 0x0, &(0x7f0000000340)={0x2, 0x0, @loopback}, 0x10) 734.501377ms ago: executing program 3 (id=2738): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="02000000040000000400000001"], 0x50) close(0x3) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x10001, 0x9, 0x1}, 0x48) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000000040)={r1, &(0x7f0000000140), &(0x7f00000002c0)=""/4095}, 0x20) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000010000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000850000000500000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_BIND_MAP(0xa, &(0x7f00000001c0)={r2, 0xffffffffffffffff, 0x60000000}, 0xc) 733.079257ms ago: executing program 6 (id=2739): set_mempolicy(0x5, 0x0, 0xf) r0 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x2, 0xf4039, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x147b7e, 0x0, @perf_config_ext={0x1, 0xf60e}, 0x9092, 0x0, 0x43a1bd76, 0x2, 0x9, 0x6, 0x5, 0x0, 0x0, 0x0, 0x200b}, 0x0, 0x4000000000, 0xffffffffffffffff, 0x1) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="1808000000000000000000000000000018000000c3707bf4000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) ioctl$PERF_EVENT_IOC_REFRESH(r0, 0x2402, 0x9) ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="17000000000000000084000001"], 0x48) bpf$MAP_DELETE_ELEM(0x15, &(0x7f0000000400)={r2, 0x0, 0x20000000}, 0x20) 631.364213ms ago: executing program 7 (id=2740): syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./bus\x00', 0x3000046, &(0x7f00000004c0)={[{@delalloc}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@usrquota}, {@data_err_ignore}, {@nobarrier}, {@oldalloc}, {@grpquota}, {@noload}, {@user_xattr}, {@bh}, {@dioread_nolock}]}, 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==") r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./bus\x00', 0x1c1840, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x200, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000e80)='./bus\x00', 0x1c1002, 0x0) write(r2, &(0x7f00000001c0)="f1", 0x1) sendfile(r2, r0, 0x0, 0x40001) sendfile(r2, r1, 0x0, 0x7ffff000) 630.930213ms ago: executing program 3 (id=2741): r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20, @broadcast}, 0x10) sendto$inet(r0, &(0x7f0000000480)='I', 0x1, 0x20008005, &(0x7f0000000100)={0x2, 0x4e20}, 0x10) socket$inet_tcp(0x2, 0x1, 0x0) prctl$PR_SET_MM_MAP(0x23, 0xe, 0x0, 0x0) socket$inet6_sctp(0xa, 0x1, 0x84) close(0x3) 509.1069ms ago: executing program 0 (id=2742): r0 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) pipe2(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) splice(r2, 0x0, r1, 0x0, 0x1, 0x0) fcntl$setpipe(r1, 0x408, 0x7) 456.059773ms ago: executing program 6 (id=2743): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) sendmsg$nl_route(r1, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0) getsockname$packet(r1, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x28a) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000000)=@newlink={0x40, 0x10, 0x439, 0x0, 0xfffffffc, {0x0, 0x0, 0x0, r2, 0x9801}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @gre={{0x8}, {0x14, 0x2, 0x0, 0x1, [@IFLA_GRE_REMOTE={0x8, 0x7, @remote}, @IFLA_GRE_ENCAP_TYPE={0x6, 0xe, 0x2}]}}}]}, 0x40}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=@newlink={0x50, 0x10, 0x439, 0x2, 0x0, {0x0, 0x0, 0x0, r2, 0x1040, 0x44100}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @gre={{0x8}, {0x1c, 0x2, 0x0, 0x1, [@IFLA_GRE_REMOTE={0x8, 0x7, @local}, @IFLA_GRE_OFLAGS={0x6, 0x3, 0x81}, @IFLA_GRE_ENCAP_DPORT={0x6, 0x11, 0x4e21}]}}}, @IFLA_MTU={0x8, 0x4, 0x6}]}, 0x50}}, 0x4040000) 452.958934ms ago: executing program 6 (id=2744): r0 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)=0x0) timer_settime(r1, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r2 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0) flock(r2, 0x2) r3 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0) flock(r3, 0x2) 360.384799ms ago: executing program 5 (id=2745): bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x15, 0x2000000000000216, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2400000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r0) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0xc, 0x20, &(0x7f0000000140)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000007000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000180100002020737200000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000082000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r3, 0xfca804a0, 0x10, 0x38, &(0x7f00000002c0)="b800000500000000", &(0x7f0000000300)=""/8, 0x2f00, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c) 0s ago: executing program 5 (id=2746): r0 = syz_io_uring_setup(0x64d, &(0x7f00000006c0)={0x0, 0x11f8, 0x8, 0x0, 0x3b7}, &(0x7f0000000500)=0x0, &(0x7f0000000080)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) bind$netlink(0xffffffffffffffff, &(0x7f0000000200)={0x10, 0x0, 0x0, 0x80065c9}, 0xc) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f00000000c0)={0x1, &(0x7f0000000200)=[{0x30, 0x4, 0x0, 0x2}]}, 0xffffffffffffff0e) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_UNLINKAT={0x24, 0xa, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x200}) io_uring_enter(r0, 0xd12, 0xd9bd, 0x9, 0x0, 0x0) kernel console output (not intermixed with test programs): 06-0000-000000000000 r/w without journal. Quota mode: none. [ 62.254080][ T6114] ext4 filesystem being mounted at /185/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 62.281190][ T6114] EXT4-fs error (device loop4): ext4_map_blocks:825: inode #15: block 3: comm syz.4.992: lblock 3 mapped to illegal pblock 3 (length 3) [ 62.295651][ T6114] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117 [ 62.308031][ T6114] EXT4-fs (loop4): This should not happen!! Data will be lost [ 62.308031][ T6114] [ 62.320317][ T6114] EXT4-fs error (device loop4): ext4_map_blocks:825: inode #15: block 8: comm syz.4.992: lblock 8 mapped to illegal pblock 8 (length 8) [ 62.341906][ T6114] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 8 with error 117 [ 62.354227][ T6114] EXT4-fs (loop4): This should not happen!! Data will be lost [ 62.354227][ T6114] [ 62.544526][ T6142] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.992: bg 0: block 112: padding at end of block bitmap is not set [ 62.596747][ T6114] EXT4-fs error (device loop4): ext4_map_blocks:825: inode #15: comm syz.4.992: lblock 0 mapped to illegal pblock 0 (length 3) [ 62.620329][ T6114] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 3 with error 117 [ 62.632721][ T6114] EXT4-fs (loop4): This should not happen!! Data will be lost [ 62.632721][ T6114] [ 62.788946][ T31] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 7 with max blocks 1 with error 28 [ 62.801390][ T31] EXT4-fs (loop4): This should not happen!! Data will be lost [ 62.801390][ T31] [ 62.811073][ T31] EXT4-fs (loop4): Total free blocks count 0 [ 63.043889][ T6183] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 63.068493][ T6183] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.1021: bg 0: block 385: padding at end of block bitmap is not set [ 63.275527][ T3319] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 63.309687][ T6178] No such timeout policy "syz1" [ 63.432406][ T6205] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 63.606533][ T29] kauditd_printk_skb: 135 callbacks suppressed [ 63.606550][ T29] audit: type=1326 audit(3917511068.764:739): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6228 comm="syz.1.1039" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe0162aaeb9 code=0x7ffc0000 [ 63.636948][ T29] audit: type=1326 audit(3917511068.764:740): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6228 comm="syz.1.1039" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe0162aaeb9 code=0x7ffc0000 [ 63.660365][ T29] audit: type=1326 audit(3917511068.764:741): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6228 comm="syz.1.1039" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7fe0162aaeb9 code=0x7ffc0000 [ 63.683629][ T29] audit: type=1326 audit(3917511068.764:742): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6228 comm="syz.1.1039" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe0162aaeb9 code=0x7ffc0000 [ 63.707022][ T29] audit: type=1326 audit(3917511068.764:743): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6228 comm="syz.1.1039" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe0162aaeb9 code=0x7ffc0000 [ 63.730352][ T29] audit: type=1326 audit(3917511068.764:744): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6228 comm="syz.1.1039" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7fe0162aaeb9 code=0x7ffc0000 [ 63.753638][ T29] audit: type=1326 audit(3917511068.764:745): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6228 comm="syz.1.1039" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe0162aaeb9 code=0x7ffc0000 [ 63.776997][ T29] audit: type=1326 audit(3917511068.764:746): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6228 comm="syz.1.1039" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe0162aaeb9 code=0x7ffc0000 [ 63.800618][ T29] audit: type=1326 audit(3917511068.764:747): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6228 comm="syz.1.1039" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fe0162aaeb9 code=0x7ffc0000 [ 63.823918][ T29] audit: type=1326 audit(3917511068.764:748): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6228 comm="syz.1.1039" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe0162aaeb9 code=0x7ffc0000 [ 64.241932][ T6270] 9pnet: Limiting 'msize' to 1048576 as this is the maximum supported by transport fd [ 64.244114][ T6268] PF_CAN: dropped non conform CAN XL skbuff: dev type 65534, len 64993 [ 64.597064][ T6284] set_capacity_and_notify: 1 callbacks suppressed [ 64.597132][ T6284] loop4: detected capacity change from 0 to 32768 [ 64.654699][ T3295] loop4: p1 p3 < p5 p6 > [ 64.659069][ T3295] loop4: partition table partially beyond EOD, truncated [ 64.672047][ T6284] loop4: p1 p3 < p5 p6 > [ 64.676414][ T6284] loop4: partition table partially beyond EOD, truncated [ 64.738493][ T6309] loop4: detected capacity change from 0 to 512 [ 64.748718][ T6309] EXT4-fs: inline encryption not supported [ 64.756477][ T6309] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -2 [ 64.764871][ T6309] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #13: comm syz.4.1071: invalid indirect mapped block 2683928664 (level 1) [ 64.783063][ T6309] EXT4-fs (loop4): 1 truncate cleaned up [ 64.789784][ T6309] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 64.810863][ T3295] udevd[3295]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory [ 64.810864][ T3305] udevd[3305]: inotify_add_watch(7, /dev/loop4p6, 10) failed: No such file or directory [ 64.812892][ T3304] udevd[3304]: inotify_add_watch(7, /dev/loop4p5, 10) failed: No such file or directory [ 64.821959][ T3303] udevd[3303]: inotify_add_watch(7, /dev/loop4p3, 10) failed: No such file or directory [ 64.863874][ T3305] udevd[3305]: inotify_add_watch(7, /dev/loop4p6, 10) failed: No such file or directory [ 64.875001][ T3304] udevd[3304]: inotify_add_watch(7, /dev/loop4p5, 10) failed: No such file or directory [ 64.883066][ T3295] udevd[3295]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory [ 64.895650][ T3303] udevd[3303]: inotify_add_watch(7, /dev/loop4p3, 10) failed: No such file or directory [ 64.936294][ T6309] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:483: comm syz.4.1071: Invalid block bitmap block 3 in block_group 0 [ 64.955344][ T6309] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:483: comm syz.4.1071: Invalid block bitmap block 3 in block_group 0 [ 64.972328][ T6309] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:483: comm syz.4.1071: Invalid block bitmap block 3 in block_group 0 [ 65.023486][ T3319] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 65.565688][ T6368] loop4: detected capacity change from 0 to 512 [ 65.581946][ T6368] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 65.603551][ T6368] EXT4-fs warning (device loop4): ext4_expand_extra_isize_ea:2858: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 65.659397][ T6375] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1099'. [ 65.668421][ T6368] EXT4-fs (loop4): 1 truncate cleaned up [ 65.688617][ T6377] loop5: detected capacity change from 0 to 128 [ 65.695791][ T6368] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 65.723046][ T6377] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 65.738746][ T6368] SELinux: policydb table sizes (-1,0) do not match mine (8,7) [ 65.746589][ T6368] SELinux: failed to load policy [ 65.753456][ T6377] ext4 filesystem being mounted at /62/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 65.799361][ T3319] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 65.851895][ T6377] EXT4-fs error (device loop5): dx_make_map:1296: inode #2: block 63: comm syz.5.1100: bad entry in directory: inode out of bounds - offset=988, inode=128, rec_len=36, size=1024 fake=1 [ 65.873567][ T6377] EXT4-fs error (device loop5) in do_split:2027: Corrupt filesystem [ 65.900231][ T5477] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 66.085776][ T6413] loop4: detected capacity change from 0 to 512 [ 66.092951][ T6413] EXT4-fs: Ignoring removed orlov option [ 66.098624][ T6413] EXT4-fs: Ignoring removed mblk_io_submit option [ 66.125197][ T6413] EXT4-fs error (device loop4): ext4_iget_extra_inode:5073: inode #15: comm syz.4.1117: corrupted in-inode xattr: e_value size too large [ 66.147610][ T6413] EXT4-fs error (device loop4): ext4_orphan_get:1396: comm syz.4.1117: couldn't read orphan inode 15 (err -117) [ 66.160095][ T6413] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 66.184496][ T6413] SELinux: Context system_u:object_r:fsa is not valid (left unmapped). [ 66.239164][ T3319] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 66.257633][ T6425] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1123'. [ 66.266622][ T6425] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1123'. [ 66.299537][ T6425] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1123'. [ 66.308561][ T6425] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1123'. [ 66.541816][ T6454] loop1: detected capacity change from 0 to 512 [ 66.553036][ T6454] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 66.566180][ T6454] ext4 filesystem being mounted at /289/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 66.580009][ T6454] EXT4-fs error (device loop1): ext4_search_dir:1474: inode #2: block 3: comm syz.1.1134: bad entry in directory: directory entry overrun - offset=16444, inode=113, rec_len=2048, size=2048 fake=0 [ 66.623878][ T6454] EXT4-fs error (device loop1): ext4_readdir:264: inode #2: block 3: comm syz.1.1134: path /289/file0: bad entry in directory: directory entry overrun - offset=60, inode=113, rec_len=2048, size=2048 fake=0 [ 66.645111][ T6454] EXT4-fs error (device loop1): ext4_readdir:264: inode #2: block 12: comm syz.1.1134: path /289/file0: bad entry in directory: directory entry overrun - offset=0, inode=5066064, rec_len=65536, size=2048 fake=0 [ 66.666048][ T6454] EXT4-fs error (device loop1): ext4_readdir:264: inode #2: block 13: comm syz.1.1134: path /289/file0: bad entry in directory: directory entry overrun - offset=0, inode=3653246737, rec_len=65536, size=2048 fake=0 [ 66.700241][ T3316] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 66.834784][ T1035] IPVS: starting estimator thread 0... [ 66.873946][ T6477] No such timeout policy "syz1" [ 66.923002][ T6475] IPVS: using max 2256 ests per chain, 112800 per kthread [ 67.035909][ T6498] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1153'. [ 67.082345][ T6504] loop1: detected capacity change from 0 to 128 [ 67.112297][ T6504] vfat filesystem being mounted at /299/file0 supports timestamps until 2107-12-31 (0x10391447e) [ 67.128858][ T6511] loop4: detected capacity change from 0 to 256 [ 67.136511][ T6511] FAT-fs (loop4): Invalid FSINFO signature: 0x00fffff8, 0x00000000 (sector = 1) [ 67.146201][ T6511] vfat filesystem being mounted at /215/file0 supports timestamps until 2107-12-31 (0x10391447e) [ 67.187510][ T42] FAT-fs (loop4): Invalid FSINFO signature: 0x00fffff8, 0x00000000 (sector = 1) [ 67.216191][ T3450] kworker/u8:7: attempt to access beyond end of device [ 67.216191][ T3450] loop1: rw=1, sector=145, nr_sectors = 16 limit=128 [ 67.229888][ T3450] kworker/u8:7: attempt to access beyond end of device [ 67.229888][ T3450] loop1: rw=1, sector=169, nr_sectors = 8 limit=128 [ 67.243519][ T3450] kworker/u8:7: attempt to access beyond end of device [ 67.243519][ T3450] loop1: rw=1, sector=185, nr_sectors = 8 limit=128 [ 67.257174][ T3450] kworker/u8:7: attempt to access beyond end of device [ 67.257174][ T3450] loop1: rw=1, sector=201, nr_sectors = 8 limit=128 [ 67.270971][ T3450] kworker/u8:7: attempt to access beyond end of device [ 67.270971][ T3450] loop1: rw=1, sector=217, nr_sectors = 8 limit=128 [ 67.284512][ T3450] kworker/u8:7: attempt to access beyond end of device [ 67.284512][ T3450] loop1: rw=1, sector=233, nr_sectors = 8 limit=128 [ 67.305591][ T3450] kworker/u8:7: attempt to access beyond end of device [ 67.305591][ T3450] loop1: rw=1, sector=249, nr_sectors = 8 limit=128 [ 67.319282][ T3450] kworker/u8:7: attempt to access beyond end of device [ 67.319282][ T3450] loop1: rw=1, sector=265, nr_sectors = 8 limit=128 [ 67.335822][ T3450] kworker/u8:7: attempt to access beyond end of device [ 67.335822][ T3450] loop1: rw=1, sector=281, nr_sectors = 8 limit=128 [ 67.349893][ T3450] kworker/u8:7: attempt to access beyond end of device [ 67.349893][ T3450] loop1: rw=1, sector=297, nr_sectors = 8 limit=128 [ 67.714965][ T6565] loop5: detected capacity change from 0 to 128 [ 67.728045][ T6565] msdos filesystem being mounted at /71/bus supports timestamps until 2107-12-31 (0x10391447e) [ 67.759256][ T6567] netlink: 'syz.1.1183': attribute type 4 has an invalid length. [ 67.777742][ T6570] sctp: [Deprecated]: syz.4.1184 (pid 6570) Use of struct sctp_assoc_value in delayed_ack socket option. [ 67.777742][ T6570] Use struct sctp_sack_info instead [ 67.808446][ T6567] netlink: 'syz.1.1183': attribute type 4 has an invalid length. [ 67.888759][ T6582] loop1: detected capacity change from 0 to 1024 [ 67.892557][ T6584] SELinux: security_context_str_to_sid (system_u) failed with errno=-22 [ 67.933236][ T6582] EXT4-fs error (device loop1): ext4_quota_enable:7177: inode #3: comm syz.1.1189: iget: bad extended attribute block 5 [ 67.946015][ T6584] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1191'. [ 67.958040][ T6582] EXT4-fs error (device loop1): ext4_quota_enable:7180: comm syz.1.1189: Bad quota inode: 3, type: 0 [ 68.001361][ T6582] EXT4-fs warning (device loop1): ext4_enable_quotas:7221: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix. [ 68.046980][ T6582] EXT4-fs (loop1): mount failed [ 68.185149][ T6608] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 68.230162][ T6608] netlink: 104 bytes leftover after parsing attributes in process `syz.5.1200'. [ 68.277940][ T5477] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 68.470172][ T6632] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1209'. [ 68.479141][ T6632] netlink: 'syz.5.1209': attribute type 11 has an invalid length. [ 68.487035][ T6632] netlink: 'syz.5.1209': attribute type 14 has an invalid length. [ 68.514444][ T6632] vxlan0: entered promiscuous mode [ 68.526904][ T52] netdevsim netdevsim5 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 68.553959][ T52] netdevsim netdevsim5 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 68.565527][ T52] netdevsim netdevsim5 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 68.583979][ T52] netdevsim netdevsim5 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 68.683304][ T6651] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1217'. [ 68.815028][ T6664] netem: incorrect gi model size [ 68.820008][ T6664] netem: change failed [ 69.631783][ T29] kauditd_printk_skb: 88 callbacks suppressed [ 69.631798][ T29] audit: type=1400 audit(3917511074.794:837): avc: denied { write } for pid=6689 comm="syz.1.1231" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 70.332363][ T6709] netlink: 'syz.1.1239': attribute type 8 has an invalid length. [ 70.340121][ T6709] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1239'. [ 70.351992][ T6709] bond0: entered promiscuous mode [ 70.357047][ T6709] bond_slave_0: entered promiscuous mode [ 70.362758][ T6709] bond_slave_1: entered promiscuous mode [ 70.369959][ T6709] bond0: left promiscuous mode [ 70.374794][ T6709] bond_slave_0: left promiscuous mode [ 70.380201][ T6709] bond_slave_1: left promiscuous mode [ 70.542555][ T29] audit: type=1326 audit(3917511075.704:838): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6717 comm="syz.1.1243" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe0162aaeb9 code=0x7ffc0000 [ 70.566084][ T29] audit: type=1326 audit(3917511075.704:839): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6717 comm="syz.1.1243" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe0162aaeb9 code=0x7ffc0000 [ 70.589587][ T29] audit: type=1326 audit(3917511075.704:840): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6717 comm="syz.1.1243" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe0162aaeb9 code=0x7ffc0000 [ 70.612927][ T29] audit: type=1326 audit(3917511075.704:841): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6717 comm="syz.1.1243" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe0162aaeb9 code=0x7ffc0000 [ 70.636361][ T29] audit: type=1326 audit(3917511075.704:842): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6717 comm="syz.1.1243" exe="/root/syz-executor" sig=0 arch=c000003e syscall=20 compat=0 ip=0x7fe0162aaeb9 code=0x7ffc0000 [ 70.659609][ T29] audit: type=1326 audit(3917511075.704:843): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6717 comm="syz.1.1243" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe0162aaeb9 code=0x7ffc0000 [ 70.682894][ T29] audit: type=1326 audit(3917511075.704:844): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6717 comm="syz.1.1243" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe0162aaeb9 code=0x7ffc0000 [ 70.706341][ T29] audit: type=1326 audit(3917511075.704:845): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6717 comm="syz.1.1243" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe0162aaeb9 code=0x7ffc0000 [ 70.730381][ T29] audit: type=1326 audit(3917511075.704:846): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6717 comm="syz.1.1243" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fe0162aaeb9 code=0x7ffc0000 [ 71.056931][ T6594] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512 [ 71.736611][ T6815] netlink: 20 bytes leftover after parsing attributes in process `syz.5.1285'. [ 72.111529][ T6840] set_capacity_and_notify: 2 callbacks suppressed [ 72.111555][ T6840] loop4: detected capacity change from 0 to 4096 [ 72.152302][ T6840] EXT4-fs: Ignoring removed bh option [ 72.157830][ T6840] EXT4-fs: Ignoring removed mblk_io_submit option [ 72.168232][ T6846] bond_slave_0: entered promiscuous mode [ 72.174447][ T6846] bond_slave_1: entered promiscuous mode [ 72.180789][ T6846] bond_slave_0: left promiscuous mode [ 72.186219][ T6846] bond_slave_1: left promiscuous mode [ 72.215519][ T6840] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 72.274481][ T6860] loop5: detected capacity change from 0 to 1024 [ 72.302197][ T6860] EXT4-fs: inline encryption not supported [ 72.322790][ T6865] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1307'. [ 72.331841][ T6865] netlink: 'syz.3.1307': attribute type 11 has an invalid length. [ 72.341260][ T6860] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 72.349435][ T6865] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1307'. [ 72.362752][ T6865] netlink: 'syz.3.1307': attribute type 11 has an invalid length. [ 72.384996][ T3319] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 72.395222][ T6860] EXT4-fs error (device loop5): mb_free_blocks:2037: group 0, inode 15: block 241:freeing already freed block (bit 15); block bitmap corrupt. [ 72.410486][ T6860] EXT4-fs (loop5): Remounting filesystem read-only [ 72.417121][ T6860] EXT4-fs warning (device loop5): ext4_convert_unwritten_extents:4984: inode #15: block 64: len 64: ext4_ext_map_blocks returned -30 [ 72.489572][ T5477] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 72.569311][ T6881] netlink: 208 bytes leftover after parsing attributes in process `syz.3.1313'. [ 72.578582][ T6881] netlink: 208 bytes leftover after parsing attributes in process `syz.3.1313'. [ 72.628059][ T6885] loop5: detected capacity change from 0 to 128 [ 72.634964][ T6885] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 72.648914][ T6885] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 72.659067][ T6885] vfat filesystem being mounted at /92/bus supports timestamps until 2107-12-31 (0x10391447e) [ 72.713174][ T42] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 72.768531][ T6900] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6900 comm=syz.4.1320 [ 72.781679][ T6900] netlink: 'syz.4.1320': attribute type 1 has an invalid length. [ 72.800606][ T6900] bond2: (slave bridge2): making interface the new active one [ 72.808474][ T6900] bond2: (slave bridge2): Enslaving as an active interface with an up link [ 73.828627][ T6952] loop3: detected capacity change from 0 to 1 [ 73.912999][ T6957] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1343'. [ 73.921930][ T6957] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1343'. [ 73.936021][ T6957] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1343'. [ 73.945013][ T6957] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1343'. [ 74.396153][ T6965] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1347'. [ 74.405151][ T6965] netlink: 'syz.3.1347': attribute type 30 has an invalid length. [ 74.415804][ T42] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 74.424625][ T42] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 74.433575][ T42] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 74.442400][ T42] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 74.938129][ T29] kauditd_printk_skb: 48 callbacks suppressed [ 74.938210][ T29] audit: type=1326 audit(3917511080.094:895): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6999 comm="syz.0.1362" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0a2920aeb9 code=0x0 [ 75.561461][ T7023] netlink: 212924 bytes leftover after parsing attributes in process `syz.3.1371'. [ 75.763336][ T6902] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512 [ 75.868588][ T7046] loop5: detected capacity change from 0 to 512 [ 75.882552][ T7046] EXT4-fs: Ignoring removed i_version option [ 75.888633][ T7046] EXT4-fs: Ignoring removed bh option [ 75.933969][ T7046] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 75.947230][ T7046] ext4 filesystem being mounted at /96/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 75.970892][ T29] audit: type=1400 audit(3917511081.124:896): avc: denied { ioctl } for pid=7043 comm="syz.5.1381" path="/96/bus/file1" dev="loop5" ino=15 ioctlcmd=0x660f scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 75.996217][ T5477] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 76.035000][ T7058] smc: net device bond0 applied user defined pnetid SYZ2 [ 76.048303][ T7058] smc: removing net device bond0 with user defined pnetid SYZ2 [ 76.067792][ T7058] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 76.082970][ T7058] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 76.093465][ T7058] bond0 (unregistering): Released all slaves [ 76.100832][ T7060] netlink: 'syz.5.1384': attribute type 10 has an invalid length. [ 76.113989][ T7063] SELinux: failed to load policy [ 76.151924][ T23] IPVS: starting estimator thread 0... [ 76.226236][ T29] audit: type=1400 audit(3917511081.384:897): avc: denied { accept } for pid=7073 comm="syz.0.1391" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 76.255611][ T7068] IPVS: using max 2160 ests per chain, 108000 per kthread [ 76.303851][ T52] IPVS: stop unused estimator thread 0... [ 76.309910][ T29] audit: type=1400 audit(3917511081.464:898): avc: denied { name_connect } for pid=7082 comm="syz.1.1396" dest=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=sctp_socket permissive=1 [ 76.655365][ T7115] loop5: detected capacity change from 0 to 1024 [ 76.662216][ T7115] EXT4-fs: Ignoring removed oldalloc option [ 76.676355][ T7115] EXT4-fs (loop5): stripe (3) is not aligned with cluster size (16), stripe is disabled [ 76.695806][ T7119] loop4: detected capacity change from 0 to 512 [ 76.705131][ T7119] EXT4-fs: Ignoring removed oldalloc option [ 76.716649][ T7115] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 76.721923][ T7119] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 76.742169][ T7119] EXT4-fs error (device loop4): ext4_iget_extra_inode:5073: inode #11: comm syz.4.1411: corrupted in-inode xattr: invalid ea_ino [ 76.756413][ T7119] EXT4-fs error (device loop4): ext4_orphan_get:1396: comm syz.4.1411: couldn't read orphan inode 11 (err -117) [ 76.769065][ T7119] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 76.796290][ T5477] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 76.816281][ T29] audit: type=1400 audit(3917511081.964:899): avc: denied { write } for pid=7118 comm="syz.4.1411" name="file3" dev="loop4" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1 [ 76.838094][ T29] audit: type=1400 audit(3917511081.964:900): avc: denied { rename } for pid=7118 comm="syz.4.1411" name="file1" dev="loop4" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 76.860461][ T29] audit: type=1400 audit(3917511081.964:901): avc: denied { rename } for pid=7118 comm="syz.4.1411" name="file3" dev="loop4" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1 [ 76.882265][ T29] audit: type=1400 audit(3917511081.964:902): avc: denied { reparent } for pid=7118 comm="syz.4.1411" name="file3" dev="loop4" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1 [ 76.904608][ T29] audit: type=1400 audit(3917511081.964:903): avc: denied { unlink } for pid=7118 comm="syz.4.1411" name="file1" dev="loop4" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 76.928630][ T3319] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 77.267083][ T7169] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 77.310167][ T29] audit: type=1400 audit(3917511082.444:904): avc: denied { getopt } for pid=7168 comm="syz.5.1433" laddr=172.20.20.10 lport=4 faddr=172.20.20.187 fport=20000 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 77.414106][ T7180] netlink: 'syz.1.1436': attribute type 5 has an invalid length. [ 77.489647][ T7197] netlink: 'syz.1.1444': attribute type 4 has an invalid length. [ 77.767643][ T7203] loop1: detected capacity change from 0 to 8192 [ 77.833581][ T7203] vfat filesystem being mounted at /360/bus supports timestamps until 2107-12-31 (0x10391447e) [ 77.953197][ T7226] __nla_validate_parse: 6 callbacks suppressed [ 77.953212][ T7226] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1457'. [ 77.962178][ T7228] loop1: detected capacity change from 0 to 128 [ 77.968433][ T7226] netlink: 'syz.3.1457': attribute type 12 has an invalid length. [ 78.001976][ T7228] vfat filesystem being mounted at /361/file1 supports timestamps until 2107-12-31 (0x10391447e) [ 78.023640][ T7226] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1457'. [ 78.032685][ T7226] netlink: 'syz.3.1457': attribute type 12 has an invalid length. [ 78.124817][ T7240] netlink: 566 bytes leftover after parsing attributes in process `syz.0.1462'. [ 78.177829][ T7244] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1464'. [ 78.186864][ T7244] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1464'. [ 78.251387][ T7248] bridge0: port 3(ipvlan2) entered blocking state [ 78.257989][ T7248] bridge0: port 3(ipvlan2) entered disabled state [ 78.267987][ T7248] ipvlan2: entered allmulticast mode [ 78.273397][ T7248] bridge0: entered allmulticast mode [ 78.279999][ T7248] ipvlan2: left allmulticast mode [ 78.285106][ T7248] bridge0: left allmulticast mode [ 78.640297][ T7275] netlink: 152 bytes leftover after parsing attributes in process `syz.1.1479'. [ 78.720288][ T7285] tipc: Started in network mode [ 78.725313][ T7285] tipc: Node identity 4, cluster identity 4711 [ 78.731481][ T7285] tipc: Node number set to 4 [ 78.761398][ T7292] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1487'. [ 78.773904][ T7293] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7293 comm=syz.0.1486 [ 78.806224][ T7293] netlink: 'syz.0.1486': attribute type 1 has an invalid length. [ 78.839230][ T7293] bond1: (slave bridge1): making interface the new active one [ 78.847280][ T7293] bond1: (slave bridge1): Enslaving as an active interface with an up link [ 78.851831][ T7292] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1487'. [ 79.066862][ T7315] xt_hashlimit: size too large, truncated to 1048576 [ 79.323164][ T7335] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1504'. [ 79.333020][ T7335] netdevsim netdevsim3 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 79.345377][ T7333] syzkaller1: entered promiscuous mode [ 79.350948][ T7333] syzkaller1: entered allmulticast mode [ 79.359749][ T7333] PF_CAN: dropped non conform CAN skbuff: dev type 280, len 324 [ 79.383688][ T7335] netdevsim netdevsim3 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 79.401260][ T7340] loop5: detected capacity change from 0 to 1024 [ 79.432281][ T7335] netdevsim netdevsim3 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 79.450324][ T7340] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 79.472590][ T7340] EXT4-fs error (device loop5): ext4_xattr_inode_iget:441: comm syz.5.1506: inode #1919248754: comm syz.5.1506: iget: illegal inode # [ 79.487787][ T7340] EXT4-fs (loop5): Remounting filesystem read-only [ 79.494709][ T7340] EXT4-fs warning (device loop5): ext4_xattr_inode_inc_ref_all:1135: inode #19: comm syz.5.1506: cleanup dec ref error -30 [ 79.494856][ T7335] netdevsim netdevsim3 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 79.508209][ T7340] EXT4-fs warning (device loop5): ext4_xattr_block_set:2200: inode #19: comm syz.5.1506: dec ref error=-30 [ 79.553742][ T7348] bridge0: port 2(bridge_slave_1) entered disabled state [ 79.560922][ T7348] bridge0: port 1(bridge_slave_0) entered disabled state [ 79.568802][ T5477] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 79.605014][ T1694] netdevsim netdevsim3 eth0: set [0, 0] type 1 family 0 port 8472 - 0 [ 79.621161][ T1694] netdevsim netdevsim3 eth1: set [0, 0] type 1 family 0 port 8472 - 0 [ 79.630349][ T3450] netdevsim netdevsim3 eth2: set [0, 0] type 1 family 0 port 8472 - 0 [ 79.647993][ T3450] netdevsim netdevsim3 eth3: set [0, 0] type 1 family 0 port 8472 - 0 [ 79.667169][ T7350] x_tables: ip6_tables: CLASSIFY target: used from hooks PREROUTING, but only usable from FORWARD/OUTPUT/POSTROUTING [ 79.747026][ T7360] ipip0: entered promiscuous mode [ 79.837082][ T7370] bridge0: port 2(bridge_slave_1) entered disabled state [ 79.846943][ T7370] bridge_slave_1: left allmulticast mode [ 79.852757][ T7370] bridge_slave_1: left promiscuous mode [ 79.858459][ T7370] bridge0: port 2(bridge_slave_1) entered disabled state [ 79.893184][ T7379] netlink: 'syz.4.1521': attribute type 1 has an invalid length. [ 79.930909][ T7379] smc: adding net device bond0 with user defined pnetid SYZ2 [ 79.940771][ T7382] loop1: detected capacity change from 0 to 4096 [ 79.949262][ T7379] bond0: entered promiscuous mode [ 79.954438][ T7379] bond0: entered allmulticast mode [ 79.969843][ T7382] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 79.971986][ T7379] 8021q: adding VLAN 0 to HW filter on device bond0 [ 80.013026][ T3316] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 80.057202][ T29] kauditd_printk_skb: 15 callbacks suppressed [ 80.057218][ T29] audit: type=1400 audit(3917511085.214:920): avc: denied { open } for pid=7387 comm="syz.4.1525" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1 [ 80.113244][ T29] audit: type=1400 audit(3917511085.214:921): avc: denied { kernel } for pid=7387 comm="syz.4.1525" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1 [ 80.132804][ T29] audit: type=1400 audit(3917511085.214:922): avc: denied { write } for pid=7387 comm="syz.4.1525" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1 [ 80.152029][ T29] audit: type=1326 audit(3917511085.214:923): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7387 comm="syz.4.1525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f97324aaeb9 code=0x7ffc0000 [ 80.175472][ T29] audit: type=1326 audit(3917511085.214:924): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7387 comm="syz.4.1525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f97324aaeb9 code=0x7ffc0000 [ 80.198963][ T29] audit: type=1326 audit(3917511085.214:925): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7387 comm="syz.4.1525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f97324aaeb9 code=0x7ffc0000 [ 80.222339][ T29] audit: type=1326 audit(3917511085.214:926): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7387 comm="syz.4.1525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f97324aaeb9 code=0x7ffc0000 [ 80.246019][ T29] audit: type=1326 audit(3917511085.214:927): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7387 comm="syz.4.1525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=88 compat=0 ip=0x7f97324aaeb9 code=0x7ffc0000 [ 80.269263][ T29] audit: type=1326 audit(3917511085.214:928): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7387 comm="syz.4.1525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f97324aaeb9 code=0x7ffc0000 [ 80.293043][ T29] audit: type=1326 audit(3917511085.214:929): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7387 comm="syz.4.1525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=87 compat=0 ip=0x7f97324aaeb9 code=0x7ffc0000 [ 80.345823][ T7402] loop2: detected capacity change from 0 to 7 [ 80.466380][ T1694] Bluetooth: hci0: Frame reassembly failed (-84) [ 81.560929][ T7468] bridge0: port 3(ipvlan2) entered blocking state [ 81.563794][ T7470] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1559'. [ 81.567519][ T7468] bridge0: port 3(ipvlan2) entered disabled state [ 81.591912][ T7468] ipvlan2: entered allmulticast mode [ 81.597219][ T7468] bridge0: entered allmulticast mode [ 81.633008][ T7468] ipvlan2: left allmulticast mode [ 81.638053][ T7468] bridge0: left allmulticast mode [ 82.531699][ T4208] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 82.531780][ T3754] Bluetooth: hci0: command 0x1003 tx timeout [ 82.585572][ T3415] IPVS: starting estimator thread 0... [ 82.691738][ T7560] IPVS: using max 2304 ests per chain, 115200 per kthread [ 83.276339][ T7633] __nla_validate_parse: 1 callbacks suppressed [ 83.276356][ T7633] netlink: 176 bytes leftover after parsing attributes in process `syz.1.1624'. [ 83.638604][ T7675] loop4: detected capacity change from 0 to 128 [ 83.659031][ T7675] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 83.684767][ T7675] ext4 filesystem being mounted at /298/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 83.772391][ T3319] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 83.877389][ T7679] netlink: 84 bytes leftover after parsing attributes in process `syz.5.1641'. [ 84.064275][ T7709] loop4: detected capacity change from 0 to 128 [ 84.079336][ T7709] vfat filesystem being mounted at /304/file0 supports timestamps until 2107-12-31 (0x10391447e) [ 84.184897][ T7714] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1654'. [ 84.226362][ T7709] bio_check_eod: 58 callbacks suppressed [ 84.226377][ T7709] syz.4.1651: attempt to access beyond end of device [ 84.226377][ T7709] loop4: rw=2049, sector=145, nr_sectors = 16 limit=128 [ 84.245925][ T7709] syz.4.1651: attempt to access beyond end of device [ 84.245925][ T7709] loop4: rw=2049, sector=169, nr_sectors = 8 limit=128 [ 84.260128][ T7709] syz.4.1651: attempt to access beyond end of device [ 84.260128][ T7709] loop4: rw=2049, sector=185, nr_sectors = 8 limit=128 [ 84.260518][ T7722] netdevsim netdevsim0 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 84.274023][ T7709] syz.4.1651: attempt to access beyond end of device [ 84.274023][ T7709] loop4: rw=2049, sector=201, nr_sectors = 8 limit=128 [ 84.283936][ T7722] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 84.298247][ T7709] syz.4.1651: attempt to access beyond end of device [ 84.298247][ T7709] loop4: rw=2049, sector=217, nr_sectors = 8 limit=128 [ 84.342244][ T7709] syz.4.1651: attempt to access beyond end of device [ 84.342244][ T7709] loop4: rw=2049, sector=233, nr_sectors = 8 limit=128 [ 84.356135][ T7709] syz.4.1651: attempt to access beyond end of device [ 84.356135][ T7709] loop4: rw=2049, sector=249, nr_sectors = 8 limit=128 [ 84.370117][ T7709] syz.4.1651: attempt to access beyond end of device [ 84.370117][ T7709] loop4: rw=2049, sector=265, nr_sectors = 8 limit=128 [ 84.385881][ T7709] syz.4.1651: attempt to access beyond end of device [ 84.385881][ T7709] loop4: rw=2049, sector=281, nr_sectors = 8 limit=128 [ 84.406987][ T7709] syz.4.1651: attempt to access beyond end of device [ 84.406987][ T7709] loop4: rw=2049, sector=297, nr_sectors = 8 limit=128 [ 84.425468][ T7722] netdevsim netdevsim0 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 84.435986][ T7722] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 84.483826][ T7731] tipc: Failed to remove unknown binding: 66,1,1/0:2952695788/2952695790 [ 84.492349][ T7731] tipc: Failed to remove unknown binding: 66,1,1/0:2952695788/2952695790 [ 84.519880][ T7722] netdevsim netdevsim0 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 84.530507][ T7722] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 84.591159][ T7722] netdevsim netdevsim0 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 84.601538][ T7722] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 84.682302][ T3338] netdevsim netdevsim0 eth0: set [0, 0] type 1 family 0 port 8472 - 0 [ 84.690535][ T3338] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.747374][ T3338] netdevsim netdevsim0 eth1: set [0, 0] type 1 family 0 port 8472 - 0 [ 84.755708][ T3338] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.764458][ T3338] netdevsim netdevsim0 eth2: set [0, 0] type 1 family 0 port 8472 - 0 [ 84.772844][ T3338] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.835633][ T7752] syzkaller0: entered promiscuous mode [ 84.841204][ T7752] syzkaller0: entered allmulticast mode [ 84.869210][ T3338] netdevsim netdevsim0 eth3: set [0, 0] type 1 family 0 port 8472 - 0 [ 84.877474][ T3338] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.940368][ T7764] loop4: detected capacity change from 0 to 512 [ 84.949893][ T7764] EXT4-fs: Ignoring removed bh option [ 84.959849][ T7764] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem [ 84.971015][ T7764] EXT4-fs (loop4): 1 truncate cleaned up [ 84.977568][ T7764] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 85.017620][ T3319] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 85.027181][ T7768] loop1: detected capacity change from 0 to 1024 [ 85.053731][ T7768] EXT4-fs: Ignoring removed bh option [ 85.061385][ T7771] netlink: 'syz.0.1679': attribute type 29 has an invalid length. [ 85.076556][ T7771] netlink: 'syz.0.1679': attribute type 29 has an invalid length. [ 85.087072][ T7771] netlink: 500 bytes leftover after parsing attributes in process `syz.0.1679'. [ 85.102854][ T7768] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 85.121878][ T29] kauditd_printk_skb: 14 callbacks suppressed [ 85.121953][ T29] audit: type=1400 audit(3917511090.274:944): avc: denied { map } for pid=7767 comm="syz.1.1677" path="/398/file1/file1" dev="loop1" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 85.151015][ T29] audit: type=1400 audit(3917511090.284:945): avc: denied { execute } for pid=7767 comm="syz.1.1677" path="/398/file1/file1" dev="loop1" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 85.180358][ T3316] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 85.197413][ T7777] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1682'. [ 86.020852][ T7792] chnl_net:caif_netlink_parms(): no params data found [ 86.067009][ T7792] bridge0: port 1(bridge_slave_0) entered blocking state [ 86.074204][ T7792] bridge0: port 1(bridge_slave_0) entered disabled state [ 86.081543][ T7792] bridge_slave_0: entered allmulticast mode [ 86.088641][ T7792] bridge_slave_0: entered promiscuous mode [ 86.095717][ T7792] bridge0: port 2(bridge_slave_1) entered blocking state [ 86.102929][ T7792] bridge0: port 2(bridge_slave_1) entered disabled state [ 86.110408][ T7792] bridge_slave_1: entered allmulticast mode [ 86.117067][ T7792] bridge_slave_1: entered promiscuous mode [ 86.137549][ T7792] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 86.148135][ T7792] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 86.169513][ T7792] team0: Port device team_slave_0 added [ 86.176265][ T7792] team0: Port device team_slave_1 added [ 86.193923][ T7792] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 86.200882][ T7792] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 86.226923][ T7792] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 86.238618][ T7792] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 86.245622][ T7792] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 86.271622][ T7792] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 86.319677][ T7792] hsr_slave_0: entered promiscuous mode [ 86.325972][ T7792] hsr_slave_1: entered promiscuous mode [ 86.332055][ T7792] debugfs: 'hsr0' already exists in 'hsr' [ 86.337799][ T7792] Cannot create hsr debugfs directory [ 86.522715][ T7792] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 86.538252][ T7792] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 86.557763][ T7792] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 86.572569][ T7792] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 86.605849][ T7792] bridge0: port 2(bridge_slave_1) entered blocking state [ 86.612956][ T7792] bridge0: port 2(bridge_slave_1) entered forwarding state [ 86.620290][ T7792] bridge0: port 1(bridge_slave_0) entered blocking state [ 86.627490][ T7792] bridge0: port 1(bridge_slave_0) entered forwarding state [ 86.732010][ T7792] 8021q: adding VLAN 0 to HW filter on device bond0 [ 86.750475][ T3338] bridge0: port 1(bridge_slave_0) entered disabled state [ 86.759499][ T3338] bridge0: port 2(bridge_slave_1) entered disabled state [ 86.773745][ T7792] 8021q: adding VLAN 0 to HW filter on device team0 [ 86.785346][ T42] bridge0: port 1(bridge_slave_0) entered blocking state [ 86.792440][ T42] bridge0: port 1(bridge_slave_0) entered forwarding state [ 86.810433][ T42] bridge0: port 2(bridge_slave_1) entered blocking state [ 86.817535][ T42] bridge0: port 2(bridge_slave_1) entered forwarding state [ 87.037261][ T7792] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 87.291319][ T7792] veth0_vlan: entered promiscuous mode [ 87.465676][ T7792] veth1_vlan: entered promiscuous mode [ 87.502534][ T7792] veth0_macvtap: entered promiscuous mode [ 87.520894][ T7792] veth1_macvtap: entered promiscuous mode [ 87.584778][ T7792] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 87.617871][ T7792] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 87.646615][ T3450] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 87.662835][ T3450] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 87.704864][ T3450] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 87.732668][ T3450] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 87.794843][ T7860] netlink: 68 bytes leftover after parsing attributes in process `syz.6.1689'. [ 87.848072][ T7860] netlink: 68 bytes leftover after parsing attributes in process `syz.6.1689'. [ 87.892387][ T29] audit: type=1400 audit(3917511092.884:946): avc: denied { mount } for pid=7792 comm="syz-executor" name="/" dev="gadgetfs" ino=4792 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1 [ 88.024509][ T7877] netlink: 'syz.3.1704': attribute type 4 has an invalid length. [ 88.054395][ T7877] netlink: 'syz.3.1704': attribute type 4 has an invalid length. [ 88.216858][ T7893] netlink: 131740 bytes leftover after parsing attributes in process `syz.1.1716'. [ 88.275068][ T7893] netlink: zone id is out of range [ 88.281114][ T7893] netlink: zone id is out of range [ 88.322423][ T7893] netlink: zone id is out of range [ 88.350686][ T7893] netlink: del zone limit has 8 unknown bytes [ 88.827363][ C0] vxcan0: j1939_tp_rxtimer: 0xffff88811c5fde00: rx timeout, send abort [ 89.016250][ T7921] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1734'. [ 89.243068][ T7933] vcan0: tx drop: invalid sa for name 0x0000000000000001 [ 89.263238][ T29] audit: type=1400 audit(3917511094.424:947): avc: denied { bind } for pid=7934 comm="syz.5.1730" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 89.327391][ C0] vxcan0: j1939_tp_rxtimer: 0xffff88811c5fdc00: rx timeout, send abort [ 89.335748][ C0] vxcan0: j1939_tp_rxtimer: 0xffff88811c5fde00: abort rx timeout. Force session deactivation [ 89.371021][ T7940] loop1: detected capacity change from 0 to 128 [ 89.399664][ T7940] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 89.416190][ T7940] ext4 filesystem being mounted at /405/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 89.459004][ T29] audit: type=1400 audit(3917511094.614:948): avc: denied { setattr } for pid=7939 comm="syz.1.1732" path="/405/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file1" dev="loop1" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 89.519325][ T29] audit: type=1400 audit(3917511094.674:949): avc: denied { mount } for pid=7947 comm="syz.3.1735" name="/" dev="autofs" ino=19075 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_t tclass=filesystem permissive=1 [ 89.560692][ T29] audit: type=1400 audit(3917511094.714:950): avc: denied { ioctl } for pid=7939 comm="syz.1.1732" path="/405/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file1" dev="loop1" ino=12 ioctlcmd=0x6609 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 89.607328][ T7955] loop6: detected capacity change from 0 to 128 [ 89.615646][ T3316] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 89.618289][ T7955] FAT-fs (loop6): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 89.647504][ T7955] FAT-fs (loop6): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 89.657921][ T7955] vfat filesystem being mounted at /9/file1 supports timestamps until 2107-12-31 (0x10391447e) [ 89.810018][ T7968] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant. [ 89.810018][ T7968] The task syz.6.1744 (7968) triggered the difference, watch for misbehavior. [ 89.835767][ C0] vxcan0: j1939_tp_rxtimer: 0xffff88811c5fdc00: abort rx timeout. Force session deactivation [ 89.977523][ T7976] geneve2: entered promiscuous mode [ 89.982793][ T7976] geneve2: entered allmulticast mode [ 89.988727][ T1694] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 20000 - 0 [ 89.997844][ T1694] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 20000 - 0 [ 90.016147][ T1694] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 20000 - 0 [ 90.030626][ T1694] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 20000 - 0 [ 90.467235][ T8012] VFS: Mount too revealing [ 90.467821][ T29] audit: type=1400 audit(3917511095.624:951): avc: denied { associate } for pid=8013 comm="syz.5.1763" name="core" scontext=root:object_r:etc_runtime_t tcontext=system_u:object_r:root_t tclass=filesystem permissive=1 [ 90.639229][ T8026] loop6: detected capacity change from 0 to 512 [ 90.688549][ T8026] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 90.746017][ T8026] ext4 filesystem being mounted at /11/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 90.775712][ T8026] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1769'. [ 90.832015][ T7792] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 90.983305][ T29] audit: type=1400 audit(3917511096.144:952): avc: denied { create } for pid=8039 comm="syz.1.1772" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 91.041651][ T29] audit: type=1400 audit(3917511096.164:953): avc: denied { setopt } for pid=8039 comm="syz.1.1772" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 91.208019][ T3338] netdevsim netdevsim4 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 91.218364][ T3338] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 91.315685][ T3338] netdevsim netdevsim4 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 91.326104][ T3338] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 91.377198][ T8050] xt_hashlimit: size too large, truncated to 1048576 [ 91.496354][ T3338] netdevsim netdevsim4 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 91.506695][ T3338] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 91.575016][ T3338] netdevsim netdevsim4 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 91.585525][ T3338] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 91.729335][ T3338] bridge_slave_0: left allmulticast mode [ 91.735106][ T3338] bridge_slave_0: left promiscuous mode [ 91.740914][ T3338] bridge0: port 1(bridge_slave_0) entered disabled state [ 91.832269][ T29] audit: type=1326 audit(3917511096.994:954): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8055 comm="syz.0.1777" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a2920aeb9 code=0x7ffc0000 [ 91.904008][ T29] audit: type=1326 audit(3917511097.024:955): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8055 comm="syz.0.1777" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7f0a2920aeb9 code=0x7ffc0000 [ 91.927396][ T29] audit: type=1326 audit(3917511097.024:956): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8055 comm="syz.0.1777" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a2920aeb9 code=0x7ffc0000 [ 91.950705][ T29] audit: type=1326 audit(3917511097.024:957): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8055 comm="syz.0.1777" exe="/root/syz-executor" sig=0 arch=c000003e syscall=7 compat=0 ip=0x7f0a2920aeb9 code=0x7ffc0000 [ 91.974020][ T29] audit: type=1326 audit(3917511097.024:958): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8055 comm="syz.0.1777" exe="/root/syz-executor" sig=0 arch=c000003e syscall=219 compat=0 ip=0x7f0a2920aeb9 code=0x7ffc0000 [ 91.997400][ T29] audit: type=1326 audit(3917511097.024:959): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8055 comm="syz.0.1777" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a2920aeb9 code=0x7ffc0000 [ 92.020795][ T29] audit: type=1326 audit(3917511097.024:960): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8055 comm="syz.0.1777" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a2920aeb9 code=0x7ffc0000 [ 92.223309][ T3338] bond1 (unregistering): (slave bridge1): Releasing backup interface [ 92.234882][ T3338] bridge1 (unregistering): left promiscuous mode [ 92.294439][ T3338] bond2 (unregistering): (slave bridge2): Releasing active interface [ 92.333622][ T3338] bond1 (unregistering): Released all slaves [ 92.341664][ T3338] bond2 (unregistering): Released all slaves [ 92.350042][ T3338] smc: removing net device bond0 with user defined pnetid SYZ2 [ 92.361916][ T3338] bond0 (unregistering): Released all slaves [ 92.417443][ T3338] tipc: Left network mode [ 92.433071][ T3338] hsr_slave_0: left promiscuous mode [ 92.464932][ T3338] hsr_slave_1: left promiscuous mode [ 92.488785][ T3338] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 92.496422][ T3338] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 92.529646][ T3338] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 92.537187][ T3338] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 92.568954][ T3338] veth1_macvtap: left promiscuous mode [ 92.574789][ T3338] veth0_macvtap: left promiscuous mode [ 92.583875][ T3338] veth1_vlan: left promiscuous mode [ 92.593029][ T3338] veth0_vlan: left promiscuous mode [ 92.747686][ T3338] team0 (unregistering): Port device team_slave_1 removed [ 92.769459][ T8123] loop1: detected capacity change from 0 to 2048 [ 92.780105][ T3338] team0 (unregistering): Port device team_slave_0 removed [ 92.798197][ T8123] EXT4-fs: Ignoring removed mblk_io_submit option [ 92.823700][ T8123] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 92.943777][ T8123] syzkaller1: entered promiscuous mode [ 92.949315][ T8123] syzkaller1: entered allmulticast mode [ 93.139794][ T3338] IPVS: stop unused estimator thread 0... [ 93.197383][ T3316] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 93.433087][ T8188] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=8192 sclass=netlink_route_socket pid=8188 comm=syz.3.1805 [ 93.744998][ T8215] loop1: detected capacity change from 0 to 764 [ 93.776307][ T8215] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 93.934313][ T8235] program syz.1.1823 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 94.281175][ T8274] hsr1: left promiscuous mode [ 94.292649][ T8274] geneve2: left promiscuous mode [ 94.297624][ T8274] geneve2: left allmulticast mode [ 94.303882][ T1694] netdevsim netdevsim3 eth0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 94.312370][ T1694] netdevsim netdevsim3 eth0: unset [1, 0] type 2 family 0 port 20000 - 0 [ 94.322249][ T1694] netdevsim netdevsim3 eth1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 94.330639][ T1694] netdevsim netdevsim3 eth1: unset [1, 0] type 2 family 0 port 20000 - 0 [ 94.339613][ T8278] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1841'. [ 94.372310][ T1694] netdevsim netdevsim3 eth2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 94.380699][ T1694] netdevsim netdevsim3 eth2: unset [1, 0] type 2 family 0 port 20000 - 0 [ 94.399547][ T1694] netdevsim netdevsim3 eth3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 94.408110][ T1694] netdevsim netdevsim3 eth3: unset [1, 0] type 2 family 0 port 20000 - 0 [ 94.910341][ T8301] sd 0:0:1:0: device reset [ 95.639655][ T8319] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1854'. [ 95.695053][ T8321] bridge_slave_0: left allmulticast mode [ 95.700736][ T8321] bridge_slave_0: left promiscuous mode [ 95.706578][ T8321] bridge0: port 1(bridge_slave_0) entered disabled state [ 95.730204][ T8321] bridge_slave_1: left allmulticast mode [ 95.735960][ T8321] bridge_slave_1: left promiscuous mode [ 95.741659][ T8321] bridge0: port 2(bridge_slave_1) entered disabled state [ 95.752811][ T8321] bond0: (slave bond_slave_0): Releasing backup interface [ 95.769470][ T8321] bond0: (slave bond_slave_1): Releasing backup interface [ 95.805000][ T8321] team0: Port device team_slave_0 removed [ 95.832029][ T8321] team0: Port device team_slave_1 removed [ 95.846754][ T8321] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 95.854340][ T8321] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 95.866022][ T8321] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check. [ 96.466068][ T8356] loop6: detected capacity change from 0 to 2048 [ 96.478490][ T8362] sock: sock_set_timeout: `syz.0.1871' (pid 8362) tries to set negative timeout [ 96.493933][ T8356] EXT4-fs: Ignoring removed mblk_io_submit option [ 96.712043][ T8356] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 96.743524][ T8356] syzkaller1: entered promiscuous mode [ 96.749035][ T8356] syzkaller1: entered allmulticast mode [ 96.853462][ T7792] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 96.898018][ T8389] netlink: 'syz.3.1882': attribute type 1 has an invalid length. [ 96.916577][ T8394] loop6: detected capacity change from 0 to 512 [ 96.939324][ T8389] 8021q: adding VLAN 0 to HW filter on device bond2 [ 96.985011][ T8389] bond2: (slave gretap1): making interface the new active one [ 96.993394][ T8389] bond2: (slave gretap1): Enslaving as an active interface with an up link [ 97.010696][ T8394] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode [ 97.053869][ T8394] EXT4-fs (loop6): 1 truncate cleaned up [ 97.063729][ T8394] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 97.076631][ T29] kauditd_printk_skb: 15 callbacks suppressed [ 97.076644][ T29] audit: type=1326 audit(3917511102.234:976): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8405 comm="syz.1.1890" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe0162aaeb9 code=0x0 [ 97.124965][ T29] audit: type=1326 audit(3917511102.264:977): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8410 comm="syz.3.1892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4351d6aeb9 code=0x7ffc0000 [ 97.148461][ T29] audit: type=1326 audit(3917511102.264:978): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8410 comm="syz.3.1892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4351d6aeb9 code=0x7ffc0000 [ 97.171774][ T29] audit: type=1326 audit(3917511102.264:979): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8410 comm="syz.3.1892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7f4351d6aeb9 code=0x7ffc0000 [ 97.195096][ T29] audit: type=1326 audit(3917511102.264:980): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8412 comm="syz.3.1892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f4351d2b78e code=0x7ffc0000 [ 97.218413][ T29] audit: type=1326 audit(3917511102.264:981): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8410 comm="syz.3.1892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4351d6aeb9 code=0x7ffc0000 [ 97.241828][ T29] audit: type=1326 audit(3917511102.274:982): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8410 comm="syz.3.1892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=101 compat=0 ip=0x7f4351d6aeb9 code=0x7ffc0000 [ 97.265440][ T29] audit: type=1326 audit(3917511102.274:983): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8410 comm="syz.3.1892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f4351d0c2d9 code=0x7ffc0000 [ 97.288677][ T29] audit: type=1326 audit(3917511102.274:984): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8410 comm="syz.3.1892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4351d6aeb9 code=0x7ffc0000 [ 97.312203][ T29] audit: type=1326 audit(3917511102.274:985): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8410 comm="syz.3.1892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4351d6aeb9 code=0x7ffc0000 [ 97.340660][ T7792] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 97.358518][ T8419] macvlan2: entered promiscuous mode [ 97.364048][ T8419] macvlan2: entered allmulticast mode [ 97.610919][ T23] IPVS: starting estimator thread 0... [ 97.711788][ T8446] IPVS: using max 2448 ests per chain, 122400 per kthread [ 98.146768][ T8476] netlink: 'syz.0.1918': attribute type 1 has an invalid length. [ 98.154585][ T8476] netlink: 'syz.0.1918': attribute type 4 has an invalid length. [ 98.162443][ T8476] netlink: 9462 bytes leftover after parsing attributes in process `syz.0.1918'. [ 98.273955][ T8490] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1921'. [ 98.274271][ T8484] ipip0: entered promiscuous mode [ 98.311544][ T8490] A link change request failed with some changes committed already. Interface gre1 may have been left with an inconsistent configuration, please check. [ 98.563963][ T8500] loop6: detected capacity change from 0 to 512 [ 98.622034][ T8500] EXT4-fs (loop6): warning: mounting fs with errors, running e2fsck is recommended [ 98.636638][ T8509] sctp: [Deprecated]: syz.1.1932 (pid 8509) Use of int in max_burst socket option. [ 98.636638][ T8509] Use struct sctp_assoc_value instead [ 98.664670][ T8500] EXT4-fs (loop6): Errors on filesystem, clearing orphan list. [ 98.772338][ T8500] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 98.839531][ T8500] EXT4-fs warning (device loop6): dx_probe:837: inode #2: comm syz.6.1928: Unimplemented hash flags: 0x0001 [ 98.859547][ T8500] EXT4-fs warning (device loop6): dx_probe:934: inode #2: comm syz.6.1928: Corrupt directory, running e2fsck is recommended [ 98.962452][ T8519] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1935'. [ 99.424004][ T7792] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 99.435901][ T8536] IPVS: wrr: UDP 224.0.0.2:0 - no destination available [ 99.545934][ T8542] loop6: detected capacity change from 0 to 1024 [ 99.554613][ T8542] EXT4-fs: Ignoring removed nobh option [ 99.560207][ T8542] EXT4-fs: inline encryption not supported [ 99.625325][ T8542] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 99.641050][ T8542] EXT4-fs error (device loop6): ext4_mb_mark_diskspace_used:4215: comm syz.6.1944: Allocating blocks 385-513 which overlap fs metadata [ 99.660020][ T8542] EXT4-fs (loop6): pa ffff888107a742a0: logic 16, phys. 129, len 24 [ 99.668259][ T8542] EXT4-fs error (device loop6): ext4_mb_release_inode_pa:5466: group 0, free 0, pa_free 8 [ 99.694773][ T7792] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 100.324495][ T8580] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1959'. [ 100.358015][ T8580] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1959'. [ 100.475209][ T8582] netlink: 'syz.6.1960': attribute type 4 has an invalid length. [ 100.533385][ T8582] netlink: 'syz.6.1960': attribute type 4 has an invalid length. [ 100.625648][ T8588] bridge0: port 2(bridge_slave_1) entered disabled state [ 100.665881][ T8588] bridge_slave_1: left allmulticast mode [ 100.671570][ T8588] bridge_slave_1: left promiscuous mode [ 100.677338][ T8588] bridge0: port 2(bridge_slave_1) entered disabled state [ 100.794091][ T8588] bond0: (slave bridge_slave_1): Enslaving as an active interface with an up link [ 100.933460][ T8598] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 100.939872][ T8598] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 101.304074][ T8646] uprobe: syz.5.1991:8646 failed to unregister, leaking uprobe [ 101.338037][ T8649] netlink: 'syz.1.1990': attribute type 3 has an invalid length. [ 101.357453][ T8649] netlink: 'syz.1.1990': attribute type 3 has an invalid length. [ 101.876961][ T8678] loop6: detected capacity change from 0 to 128 [ 101.905776][ T8678] vfat filesystem being mounted at /56/file7 supports timestamps until 2107-12-31 (0x10391447e) [ 101.946973][ T8678] FAT-fs (loop6): error, fat_get_cluster: invalid start cluster (i_pos 550, start 00050006) [ 101.957119][ T8678] FAT-fs (loop6): Filesystem has been set read-only [ 102.803630][ T8719] loop1: detected capacity change from 0 to 1024 [ 102.820387][ T8719] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 102.841942][ T29] kauditd_printk_skb: 73 callbacks suppressed [ 102.841951][ T29] audit: type=1400 audit(3917511108.004:1059): avc: denied { append } for pid=8718 comm="syz.1.2018" name="file1" dev="loop1" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 102.873360][ T8723] netlink: 104 bytes leftover after parsing attributes in process `syz.0.2019'. [ 102.943476][ T3316] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 102.945978][ T29] audit: type=1326 audit(3917511108.074:1060): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8727 comm="syz.5.2021" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff48f94aeb9 code=0x7ffc0000 [ 102.976462][ T29] audit: type=1326 audit(3917511108.074:1061): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8727 comm="syz.5.2021" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7ff48f94aeb9 code=0x7ffc0000 [ 103.000077][ T29] audit: type=1326 audit(3917511108.074:1062): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8727 comm="syz.5.2021" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff48f94aeb9 code=0x7ffc0000 [ 103.023517][ T29] audit: type=1326 audit(3917511108.074:1063): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8727 comm="syz.5.2021" exe="/root/syz-executor" sig=0 arch=c000003e syscall=78 compat=0 ip=0x7ff48f94aeb9 code=0x7ffc0000 [ 103.046848][ T29] audit: type=1326 audit(3917511108.074:1064): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8727 comm="syz.5.2021" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff48f94aeb9 code=0x7ffc0000 [ 103.070288][ T29] audit: type=1326 audit(3917511108.074:1065): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8727 comm="syz.5.2021" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff48f94aeb9 code=0x7ffc0000 [ 103.220737][ T23] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 103.231802][ T23] hid-generic 0000:0000:0000.0002: hidraw0: HID v0.00 Device [syz1] on syz0 [ 103.329055][ T8744] loop1: detected capacity change from 0 to 4096 [ 103.344211][ T8744] EXT4-fs: Ignoring removed mblk_io_submit option [ 103.350685][ T8744] EXT4-fs: test_dummy_encryption option not supported [ 103.573338][ T29] audit: type=1400 audit(3917511108.734:1066): avc: denied { override_creds } for pid=8773 comm="syz.6.2033" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1 [ 103.711936][ T8785] netlink: 'syz.6.2037': attribute type 2 has an invalid length. [ 103.719705][ T8785] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2037'. [ 103.729024][ T8785] netlink: 'syz.6.2037': attribute type 2 has an invalid length. [ 103.736791][ T8785] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2037'. [ 103.837887][ T29] audit: type=1326 audit(3917511108.994:1067): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8793 comm="syz.5.2042" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff48f94aeb9 code=0x7ffc0000 [ 103.867027][ T29] audit: type=1326 audit(3917511109.024:1068): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8793 comm="syz.5.2042" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7ff48f94aeb9 code=0x7ffc0000 [ 104.443650][ T1035] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 104.468130][ T1035] hid-generic 0000:0000:0000.0003: hidraw0: HID v0.00 Device [syz1] on syz0 [ 104.563041][ T8868] batadv_slave_1: entered promiscuous mode [ 104.596583][ T8868] batadv_slave_1: left promiscuous mode [ 104.877095][ T8880] netlink: 'syz.5.2073': attribute type 1 has an invalid length. [ 104.999191][ T8888] bond1: (slave geneve2): making interface the new active one [ 105.041201][ T8888] bond1: (slave geneve2): Enslaving as an active interface with an up link [ 105.049987][ T3450] netdevsim netdevsim5 netdevsim0: set [1, 1] type 2 family 0 port 20004 - 0 [ 105.059378][ T3450] netdevsim netdevsim5 netdevsim1: set [1, 1] type 2 family 0 port 20004 - 0 [ 105.071878][ T3450] netdevsim netdevsim5 netdevsim2: set [1, 1] type 2 family 0 port 20004 - 0 [ 105.080698][ T3450] netdevsim netdevsim5 netdevsim3: set [1, 1] type 2 family 0 port 20004 - 0 [ 105.111227][ T8900] loop1: detected capacity change from 0 to 512 [ 105.127794][ T8900] EXT4-fs error (device loop1): ext4_iget_extra_inode:5073: inode #12: comm syz.1.2079: corrupted in-inode xattr: bad e_name length [ 105.206692][ T8900] EXT4-fs error (device loop1): ext4_orphan_get:1396: comm syz.1.2079: couldn't read orphan inode 12 (err -117) [ 105.222471][ T8900] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 105.260903][ T8900] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6) [ 105.267508][ T8900] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 105.274994][ T8900] vhci_hcd vhci_hcd.0: Device attached [ 105.291696][ T8923] syz_tun: entered allmulticast mode [ 105.300429][ T8921] syz_tun: left allmulticast mode [ 105.309640][ T8918] vhci_hcd: connection closed [ 105.309866][ T52] vhci_hcd vhci_hcd.1: stop threads [ 105.319866][ T52] vhci_hcd vhci_hcd.1: release socket [ 105.325331][ T52] vhci_hcd vhci_hcd.1: disconnect device [ 105.443564][ T8943] can-isotp: isotp_sendmsg: can_send_ret -ENETDOWN [ 105.452075][ T23] kernel write not supported for file [eventfd] (pid: 23 comm: kworker/1:0) [ 105.576718][ T8962] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2092'. [ 105.822174][ T3316] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 105.883985][ T8978] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2099'. [ 105.896917][ T8978] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2099'. [ 105.906515][ T8979] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2098'. [ 107.245027][ T9053] 8021q: adding VLAN 0 to HW filter on device bond3 [ 107.280919][ T9053] team0: Failed to send port change of device bond3 via netlink (err -105) [ 107.318052][ T9053] team0: Failed to send options change via netlink (err -105) [ 107.325667][ T9053] team0: Port device bond3 added [ 107.331374][ T52] team0: Failed to send port change of device bond3 via netlink (err -105) [ 107.569732][ T9070] geneve3: entered promiscuous mode [ 107.591852][ T31] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.612108][ T31] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.620453][ T31] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.641908][ T31] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.657659][ T9077] batadv_slave_0: entered promiscuous mode [ 107.664805][ T9075] batadv_slave_0: left promiscuous mode [ 107.867281][ T29] kauditd_printk_skb: 29 callbacks suppressed [ 107.867358][ T29] audit: type=1326 audit(3917511113.024:1098): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9099 comm="syz.3.2149" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f4351d6aeb9 code=0x0 [ 108.078401][ T29] audit: type=1400 audit(3917511113.234:1099): avc: denied { bind } for pid=9120 comm="syz.1.2153" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 108.100656][ T31] Bluetooth: hci0: Frame reassembly failed (-84) [ 108.242948][ T9127] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2155'. [ 108.251861][ T9127] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2155'. [ 109.033856][ T9168] netlink: 'syz.5.2172': attribute type 29 has an invalid length. [ 109.042656][ T9168] netlink: 'syz.5.2172': attribute type 29 has an invalid length. [ 109.051287][ T9168] netlink: 'syz.5.2172': attribute type 32 has an invalid length. [ 109.059226][ T9168] netlink: 500 bytes leftover after parsing attributes in process `syz.5.2172'. [ 109.228719][ T9178] ------------[ cut here ]------------ [ 109.234285][ T9178] verifier bug: REG INVARIANTS VIOLATION (true_reg1): range bounds violation u64=[0xffffdfcd, 0xffffffffffffdfcc] s64=[0x80000000ffffdfcd, 0x7fffffffffffdfcc] u32=[0xffffdfcd, 0xffffdfcc] s32=[0xffffdfcd, 0xffffdfcc] var_off=(0xffffdfcc, 0xffffffff00000000) [ 109.259283][ T9178] WARNING: kernel/bpf/verifier.c:2748 at reg_bounds_sanity_check+0x15b/0x660, CPU#0: syz.5.2176/9178 [ 109.270317][ T9178] Modules linked in: [ 109.274719][ T9178] CPU: 0 UID: 0 PID: 9178 Comm: syz.5.2176 Not tainted syzkaller #0 PREEMPT(voluntary) [ 109.284579][ T9178] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 109.294682][ T9178] RIP: 0010:reg_bounds_sanity_check+0x27d/0x660 [ 109.300988][ T9178] Code: 24 78 4c 8b 44 24 70 4c 8b 4c 24 60 41 ff 74 24 20 41 55 53 ff 74 24 68 ff 74 24 78 ff b4 24 90 00 00 00 ff b4 24 b0 00 00 00 <67> 48 0f b9 3a 48 83 c4 38 4c 8b ac 24 98 00 00 00 49 8d 85 80 08 [ 109.320665][ T9178] RSP: 0018:ffffc90000f43388 EFLAGS: 00010246 [ 109.326798][ T9178] RAX: ffff88812fe74c90 RBX: 00000000ffffdfcc RCX: 00000000ffffdfcd [ 109.334948][ T9178] RDX: ffffffff867f0c59 RSI: ffffffff866bba0b RDI: ffffffff86fb97b0 [ 109.342940][ T9178] RBP: ffff88810b861270 R08: ffffffffffffdfcc R09: 80000000ffffdfcd [ 109.350901][ T9178] R10: 00000000000000d0 R11: 0000000000000002 R12: ffff88810b861230 [ 109.358883][ T9178] R13: 00000000ffffdfcc R14: ffff88810b86127c R15: ffff88810b861268 [ 109.366920][ T9178] FS: 00007ff48e3a76c0(0000) GS:ffff8882aeb57000(0000) knlGS:0000000000000000 [ 109.376030][ T9178] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 109.382688][ T9178] CR2: 0000200000001000 CR3: 000000011ef3a000 CR4: 00000000003506f0 [ 109.390702][ T9178] DR0: fffffffffffffffe DR1: 0000000000000000 DR2: 0000000000000000 [ 109.398683][ T9178] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 109.406682][ T9178] Call Trace: [ 109.409960][ T9178] [ 109.412922][ T9178] reg_set_min_max+0x1c8/0x260 [ 109.417708][ T9178] check_cond_jmp_op+0x13bd/0x1a80 [ 109.422838][ T9178] do_check+0x440c/0x9060 [ 109.427230][ T9178] do_check_common+0xd0f/0x1630 [ 109.432106][ T9178] bpf_check+0x2f6d/0xc7e0 [ 109.436606][ T9178] ? __alloc_frozen_pages_noprof+0x18a/0x350 [ 109.442648][ T9178] ? alloc_pages_bulk_noprof+0x4a1/0x520 [ 109.448286][ T9178] ? __vmap_pages_range_noflush+0xb9c/0xcc0 [ 109.454204][ T9178] ? _find_next_zero_bit+0x64/0xa0 [ 109.459374][ T9178] ? _find_next_zero_bit+0x64/0xa0 [ 109.464503][ T9178] ? pcpu_block_refresh_hint+0x157/0x170 [ 109.470222][ T9178] ? pcpu_block_update_hint_alloc+0x640/0x660 [ 109.476317][ T9178] ? css_rstat_updated+0xbb/0x280 [ 109.481453][ T9178] ? mod_memcg_state+0x182/0x260 [ 109.486472][ T9178] ? __rcu_read_unlock+0x4e/0x70 [ 109.491427][ T9178] ? pcpu_memcg_post_alloc_hook+0xec/0x170 [ 109.497270][ T9178] ? pcpu_alloc_noprof+0xb08/0x1010 [ 109.502539][ T9178] ? should_fail_ex+0x30/0x280 [ 109.507295][ T9178] ? __kmalloc_noprof+0x2a3/0x580 [ 109.512343][ T9178] ? security_bpf_prog_load+0x60/0x140 [ 109.517909][ T9178] ? selinux_bpf_prog_load+0xac/0xd0 [ 109.523235][ T9178] ? security_bpf_prog_load+0x9e/0x140 [ 109.528706][ T9178] bpf_prog_load+0xf76/0x1140 [ 109.533427][ T9178] ? security_bpf+0x2b/0x90 [ 109.537977][ T9178] __sys_bpf+0x469/0x7b0 [ 109.542326][ T9178] __x64_sys_bpf+0x41/0x50 [ 109.546753][ T9178] x64_sys_call+0x28e1/0x3000 [ 109.551470][ T9178] do_syscall_64+0xc0/0x2a0 [ 109.556036][ T9178] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 109.561979][ T9178] RIP: 0033:0x7ff48f94aeb9 [ 109.566403][ T9178] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 109.586082][ T9178] RSP: 002b:00007ff48e3a7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 109.594559][ T9178] RAX: ffffffffffffffda RBX: 00007ff48fbc5fa0 RCX: 00007ff48f94aeb9 [ 109.597808][ T29] audit: type=1400 audit(3917511114.754:1100): avc: denied { getopt } for pid=9183 comm="syz.6.2179" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 109.602566][ T9178] RDX: 0000000000000049 RSI: 0000200000000140 RDI: 0000000000000005 [ 109.630352][ T9178] RBP: 00007ff48f9b8c1f R08: 0000000000000000 R09: 0000000000000000 [ 109.638513][ T9178] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 109.646641][ T9178] R13: 00007ff48fbc6038 R14: 00007ff48fbc5fa0 R15: 00007ffcd53bf668 [ 109.654674][ T9178] [ 109.657694][ T9178] ---[ end trace 0000000000000000 ]--- [ 109.961913][ T9209] IPVS: wrr: UDP 224.0.0.2:0 - no destination available [ 110.131664][ T3754] Bluetooth: hci0: command 0x1003 tx timeout [ 110.131690][ T4208] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 110.308361][ T9219] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2193'. [ 110.362577][ T9223] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2195'. [ 110.377013][ T9223] 8021q: adding VLAN 0 to HW filter on device bond2 [ 110.387111][ T9223] netlink: 'syz.1.2195': attribute type 33 has an invalid length. [ 110.395100][ T9223] bond2: option broadcast_neighbor: mode dependency failed, not supported in mode balance-rr(0) [ 110.743801][ T9239] all: renamed from bridge_slave_0 (while UP) [ 110.779924][ T9241] all: renamed from lo (while UP) [ 110.823186][ T9245] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2204'. [ 110.856589][ T9245] 8021q: adding VLAN 0 to HW filter on device bond2 [ 110.877495][ T9247] geneve4: entered promiscuous mode [ 110.898325][ T9245] bond2: option ad_select: unable to set because the bond device is up [ 110.949034][ T29] audit: type=1326 audit(3917511116.104:1101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9250 comm="syz.3.2206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4351d6aeb9 code=0x7ffc0000 [ 110.972576][ T29] audit: type=1326 audit(3917511116.104:1102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9250 comm="syz.3.2206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4351d6aeb9 code=0x7ffc0000 [ 110.996146][ T29] audit: type=1326 audit(3917511116.104:1103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9250 comm="syz.3.2206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=97 compat=0 ip=0x7f4351d6aeb9 code=0x7ffc0000 [ 111.019679][ T29] audit: type=1326 audit(3917511116.104:1104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9250 comm="syz.3.2206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4351d6aeb9 code=0x7ffc0000 [ 111.043201][ T29] audit: type=1326 audit(3917511116.104:1105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9250 comm="syz.3.2206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4351d6aeb9 code=0x7ffc0000 [ 111.066600][ T29] audit: type=1326 audit(3917511116.104:1106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9250 comm="syz.3.2206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f4351d6aeb9 code=0x7ffc0000 [ 111.090026][ T29] audit: type=1326 audit(3917511116.104:1107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9250 comm="syz.3.2206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4351d6aeb9 code=0x7ffc0000 [ 111.223675][ T9243] loop6: detected capacity change from 0 to 512 [ 111.253027][ T9243] SELinux: security_context_str_to_sid (system_u) failed with errno=-22 [ 111.348818][ T9267] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2212'. [ 111.357833][ T9267] netlink: 'syz.5.2212': attribute type 5 has an invalid length. [ 111.365653][ T9267] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2212'. [ 111.398944][ T9267] geneve3: entered promiscuous mode [ 111.404289][ T9267] geneve3: entered allmulticast mode [ 111.413306][ T42] netdevsim netdevsim5 netdevsim0: set [1, 2] type 2 family 0 port 65535 - 0 [ 111.467453][ T42] netdevsim netdevsim5 netdevsim1: set [1, 2] type 2 family 0 port 65535 - 0 [ 111.476636][ T9271] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2214'. [ 111.485552][ T9271] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2214'. [ 111.506175][ T42] netdevsim netdevsim5 netdevsim2: set [1, 2] type 2 family 0 port 65535 - 0 [ 111.529897][ T42] netdevsim netdevsim5 netdevsim3: set [1, 2] type 2 family 0 port 65535 - 0 [ 111.579824][ T42] netdevsim netdevsim3 eth0: set [0, 0] type 1 family 0 port 8472 - 0 [ 111.601656][ T42] netdevsim netdevsim3 eth1: set [0, 0] type 1 family 0 port 8472 - 0 [ 111.623927][ T42] netdevsim netdevsim3 eth2: set [0, 0] type 1 family 0 port 8472 - 0 [ 111.656074][ T42] netdevsim netdevsim3 eth3: set [0, 0] type 1 family 0 port 8472 - 0 [ 111.853890][ T9293] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2224'. [ 111.909996][ T9293] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2224'. [ 112.091780][ T9309] netlink: 24 bytes leftover after parsing attributes in process `syz.6.2232'. [ 112.100897][ T9309] netlink: 24 bytes leftover after parsing attributes in process `syz.6.2232'. [ 112.185129][ T9323] netlink: 176 bytes leftover after parsing attributes in process `syz.6.2238'. [ 112.278255][ T9333] loop6: detected capacity change from 0 to 4096 [ 112.322051][ T9333] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 112.386558][ T9333] EXT4-fs error (device loop6): ext4_do_update_inode:5617: inode #15: comm syz.6.2242: corrupted inode contents [ 112.422227][ T9333] EXT4-fs error (device loop6): ext4_dirty_inode:6502: inode #15: comm syz.6.2242: mark_inode_dirty error [ 112.436281][ T9333] EXT4-fs error (device loop6): ext4_do_update_inode:5617: inode #15: comm syz.6.2242: corrupted inode contents [ 112.444718][ T9360] EXT4-fs error (device loop6): ext4_get_first_dir_block:3547: inode #12: block 80: comm syz.6.2242: bad entry in directory: directory entry overrun - offset=12, inode=6, rec_len=4096, size=4096 fake=0 [ 112.469318][ T9333] EXT4-fs error (device loop6): __ext4_ext_dirty:206: inode #15: comm syz.6.2242: mark_inode_dirty error [ 112.470841][ T9360] EXT4-fs error (device loop6): ext4_get_first_dir_block:3550: inode #12: comm syz.6.2242: directory missing '..' [ 112.491975][ T9361] netlink: 'syz.0.2252': attribute type 4 has an invalid length. [ 112.511804][ T9333] EXT4-fs error (device loop6): ext4_do_update_inode:5617: inode #15: comm syz.6.2242: corrupted inode contents [ 112.524126][ T9333] EXT4-fs error (device loop6): __ext4_ext_dirty:206: inode #15: comm syz.6.2242: mark_inode_dirty error [ 112.531830][ T9361] netlink: 'syz.0.2252': attribute type 4 has an invalid length. [ 112.536174][ T9333] EXT4-fs error (device loop6): ext4_do_update_inode:5617: inode #15: comm syz.6.2242: corrupted inode contents [ 112.575563][ T9333] EXT4-fs error (device loop6): ext4_truncate:4635: inode #15: comm syz.6.2242: mark_inode_dirty error [ 112.647454][ T7792] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 112.741072][ T31] netdevsim netdevsim6 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 112.761375][ T31] netdevsim netdevsim6 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 112.788858][ T31] netdevsim netdevsim6 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 112.799185][ T31] netdevsim netdevsim6 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 112.819980][ T9363] loop1: detected capacity change from 0 to 32768 [ 112.862125][ T3295] loop1: p1 p3 < p5 p6 > [ 112.866484][ T3295] loop1: partition table partially beyond EOD, truncated [ 112.879878][ T9363] loop1: p1 p3 < p5 p6 > [ 112.884292][ T9363] loop1: partition table partially beyond EOD, truncated [ 112.990407][ T6315] udevd[6315]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory [ 112.990542][ T3304] udevd[3304]: inotify_add_watch(7, /dev/loop1p6, 10) failed: No such file or directory [ 113.001294][ T3303] udevd[3303]: inotify_add_watch(7, /dev/loop1p5, 10) failed: No such file or directory [ 113.021384][ T3295] udevd[3295]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory [ 113.043121][ T6315] udevd[6315]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory [ 113.044095][ T3304] udevd[3304]: inotify_add_watch(7, /dev/loop1p6, 10) failed: No such file or directory [ 113.056048][ T3295] udevd[3295]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory [ 113.076943][ T3303] udevd[3303]: inotify_add_watch(7, /dev/loop1p5, 10) failed: No such file or directory [ 113.738570][ T9424] loop6: detected capacity change from 0 to 512 [ 113.808746][ T9424] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 113.821510][ T9424] ext4 filesystem being mounted at /108/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 113.836663][ T9424] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1306: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters [ 113.851218][ T9424] __quota_error: 25 callbacks suppressed [ 113.851231][ T9424] Quota error (device loop6): write_blk: dquota write failed [ 113.864352][ T9424] Quota error (device loop6): qtree_write_dquot: Error -28 occurred while creating quota [ 113.874180][ T9424] EXT4-fs error (device loop6): ext4_acquire_dquot:6986: comm syz.6.2277: Failed to acquire dquot type 1 [ 114.012199][ T29] audit: type=1400 audit(3917511119.174:1133): avc: denied { setopt } for pid=9435 comm="syz.1.2282" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 114.033277][ T9436] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 114.041930][ T9436] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 114.050582][ T7792] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 114.232943][ T9464] netdevsim netdevsim5 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 114.243283][ T9464] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 114.253644][ T9464] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 1] type 2 family 0 port 20004 - 0 [ 114.264019][ T9464] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 2] type 2 family 0 port 65535 - 0 [ 114.339491][ T9464] netdevsim netdevsim5 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 114.349776][ T9464] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 114.360041][ T9464] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 1] type 2 family 0 port 20004 - 0 [ 114.370443][ T9464] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 2] type 2 family 0 port 65535 - 0 [ 114.432850][ T9464] netdevsim netdevsim5 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 114.443221][ T9464] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 114.453542][ T9464] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 1] type 2 family 0 port 20004 - 0 [ 114.464057][ T9464] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 2] type 2 family 0 port 65535 - 0 [ 114.513156][ T9464] netdevsim netdevsim5 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 114.523507][ T9464] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 114.533936][ T9464] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 1] type 2 family 0 port 20004 - 0 [ 114.544450][ T9464] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 2] type 2 family 0 port 65535 - 0 [ 114.603509][ T31] netdevsim netdevsim5 eth0: set [0, 0] type 1 family 0 port 8472 - 0 [ 114.611749][ T31] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 65535 - 0 [ 114.620009][ T31] netdevsim netdevsim5 eth0: set [1, 1] type 2 family 0 port 20004 - 0 [ 114.628340][ T31] netdevsim netdevsim5 eth0: set [1, 2] type 2 family 0 port 6081 - 0 [ 114.640109][ T31] netdevsim netdevsim5 eth1: set [0, 0] type 1 family 0 port 8472 - 0 [ 114.648358][ T31] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 65535 - 0 [ 114.656666][ T31] netdevsim netdevsim5 eth1: set [1, 1] type 2 family 0 port 20004 - 0 [ 114.665042][ T31] netdevsim netdevsim5 eth1: set [1, 2] type 2 family 0 port 6081 - 0 [ 114.684910][ T52] netdevsim netdevsim5 eth2: set [0, 0] type 1 family 0 port 8472 - 0 [ 114.693372][ T52] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 65535 - 0 [ 114.701724][ T52] netdevsim netdevsim5 eth2: set [1, 1] type 2 family 0 port 20004 - 0 [ 114.709990][ T52] netdevsim netdevsim5 eth2: set [1, 2] type 2 family 0 port 6081 - 0 [ 114.719234][ T52] netdevsim netdevsim5 eth3: set [0, 0] type 1 family 0 port 8472 - 0 [ 114.727556][ T52] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 65535 - 0 [ 114.735861][ T52] netdevsim netdevsim5 eth3: set [1, 1] type 2 family 0 port 20004 - 0 [ 114.744160][ T52] netdevsim netdevsim5 eth3: set [1, 2] type 2 family 0 port 6081 - 0 [ 114.773860][ T9491] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2581 sclass=netlink_route_socket pid=9491 comm=syz.3.2306 [ 115.182095][ T9520] raw_sendmsg: syz.1.2317 forgot to set AF_INET. Fix it! [ 115.408261][ T9538] loop1: detected capacity change from 0 to 512 [ 115.420144][ T9538] EXT4-fs: inline encryption not supported [ 115.438638][ T9538] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -2 [ 115.446992][ T9538] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #13: comm syz.1.2326: invalid indirect mapped block 2683928664 (level 1) [ 115.463260][ T9538] EXT4-fs (loop1): 1 truncate cleaned up [ 115.469490][ T9538] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 115.482200][ T29] audit: type=1400 audit(3917511120.624:1134): avc: denied { create } for pid=9543 comm="syz.0.2328" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:ramfs_t tclass=chr_file permissive=1 [ 115.589233][ T3316] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 115.619584][ T9553] bond0: (slave lo): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond. [ 115.629869][ T29] audit: type=1400 audit(3917511120.774:1135): avc: denied { ioctl } for pid=9552 comm="syz.3.2332" path="socket:[29461]" dev="sockfs" ino=29461 ioctlcmd=0x89f0 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 115.631709][ T9553] bond0: (slave lo): Error: Device type is different from other slaves [ 115.763430][ T9564] tipc: Started in network mode [ 115.768404][ T9564] tipc: Node identity aaaaaaaaaa35, cluster identity 4711 [ 115.775832][ T9564] tipc: Enabled bearer , priority 18 [ 115.909138][ T29] audit: type=1400 audit(3917511121.064:1136): avc: denied { remount } for pid=9577 comm="syz.5.2343" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 116.123963][ T29] audit: type=1326 audit(3917511121.284:1137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9595 comm="syz.5.2350" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff48f94aeb9 code=0x7ffc0000 [ 116.148414][ T29] audit: type=1326 audit(3917511121.284:1138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9595 comm="syz.5.2350" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff48f94aeb9 code=0x7ffc0000 [ 116.172244][ T29] audit: type=1326 audit(3917511121.284:1139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9595 comm="syz.5.2350" exe="/root/syz-executor" sig=0 arch=c000003e syscall=447 compat=0 ip=0x7ff48f94aeb9 code=0x7ffc0000 [ 116.195818][ T29] audit: type=1326 audit(3917511121.284:1140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9595 comm="syz.5.2350" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff48f94aeb9 code=0x7ffc0000 [ 116.219781][ T9591] loop1: detected capacity change from 0 to 256 [ 116.226593][ T9591] vfat: Unknown parameter '0xffffffffffffffffÿÿÿÿÿÿÿÿÿÿ18446744073709551615ÿÿÿÿÿÿÿÿ' [ 116.528792][ T9620] loop6: detected capacity change from 0 to 2048 [ 116.573308][ T9620] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 116.585585][ T9620] ext4 filesystem being mounted at /127/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 116.771744][ T2966] tipc: Node number set to 10463914 [ 116.931668][ T31] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm kworker/u8:1: bg 0: block 345: padding at end of block bitmap is not set [ 116.952594][ T31] EXT4-fs (loop6): Remounting filesystem read-only [ 117.020543][ T7792] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 117.056073][ T3407] hid-generic 0080:0003:0001.0004: unknown main item tag 0x0 [ 117.063570][ T3407] hid-generic 0080:0003:0001.0004: unknown main item tag 0x0 [ 117.083951][ T3407] hid-generic 0080:0003:0001.0004: hidraw0: HID v0.03 Device [syz0] on syz1 [ 117.507280][ T9686] __nla_validate_parse: 4 callbacks suppressed [ 117.507338][ T9686] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2384'. [ 117.694041][ T9719] loop6: detected capacity change from 0 to 512 [ 117.702661][ T9719] FAT-fs (loop6): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 117.740972][ T9719] vfat filesystem being mounted at /133/file0 supports timestamps until 2107-12-31 (0x10391447e) [ 118.508392][ T9858] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2416'. [ 118.518308][ T9859] loop6: detected capacity change from 0 to 128 [ 118.531356][ T9859] msdos filesystem being mounted at /138/bus supports timestamps until 2107-12-31 (0x10391447e) [ 118.550000][ T9858] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2416'. [ 118.845727][ T9881] netlink: 'syz.1.2424': attribute type 1 has an invalid length. [ 118.868717][ T9881] 8021q: adding VLAN 0 to HW filter on device batadv1 [ 118.877612][ T9881] bond3: (slave batadv1): making interface the new active one [ 118.886292][ T9881] bond3: (slave batadv1): Enslaving as an active interface with an up link [ 118.900860][ T9881] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2424'. [ 118.911703][ T9881] bond3 (unregistering): (slave batadv1): Releasing active interface [ 118.926906][ T9881] bond3 (unregistering): Released all slaves [ 119.178535][ T9901] loop1: detected capacity change from 0 to 256 [ 119.197656][ T9901] vfat filesystem being mounted at /539/bus supports timestamps until 2107-12-31 (0x10391447e) [ 119.284598][ T9903] netlink: 'syz.1.2433': attribute type 1 has an invalid length. [ 119.292514][ T9903] netlink: 'syz.1.2433': attribute type 4 has an invalid length. [ 119.300371][ T9903] netlink: 9462 bytes leftover after parsing attributes in process `syz.1.2433'. [ 119.559242][ T9932] netlink: 20 bytes leftover after parsing attributes in process `syz.6.2446'. [ 119.696186][ T29] kauditd_printk_skb: 9 callbacks suppressed [ 119.696202][ T29] audit: type=1400 audit(3917511124.854:1150): avc: denied { unmount } for pid=9945 comm="syz.3.2453" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=filesystem permissive=1 [ 119.807896][ T9953] netlink: 'syz.0.2456': attribute type 2 has an invalid length. [ 119.815849][ T9953] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2456'. [ 119.857925][ T9959] sch_tbf: burst 32855 is lower than device lo mtu (11337746) ! [ 119.988960][ T9969] netlink: 7 bytes leftover after parsing attributes in process `syz.1.2463'. [ 121.064886][ T9994] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2472'. [ 121.081254][ T9994] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2472'. [ 121.387129][ T29] audit: type=1326 audit(3917511126.544:1151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10007 comm="syz.5.2478" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff48f94aeb9 code=0x7ffc0000 [ 121.410697][ T29] audit: type=1326 audit(3917511126.544:1152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10007 comm="syz.5.2478" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff48f94aeb9 code=0x7ffc0000 [ 121.477530][ T9975] syz.6.2465 (9975) used greatest stack depth: 7232 bytes left [ 121.551373][ T29] audit: type=1326 audit(3917511126.684:1153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10007 comm="syz.5.2478" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7ff48f94aeb9 code=0x7ffc0000 [ 121.575213][ T29] audit: type=1326 audit(3917511126.684:1154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10007 comm="syz.5.2478" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff48f94aeb9 code=0x7ffc0000 [ 121.598976][ T29] audit: type=1326 audit(3917511126.684:1155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10007 comm="syz.5.2478" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff48f94aeb9 code=0x7ffc0000 [ 121.754567][ T9978] syz.0.2466 (9978) used greatest stack depth: 6296 bytes left [ 121.920205][ T29] audit: type=1326 audit(3917511127.074:1156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10027 comm="syz.0.2487" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a2920aeb9 code=0x7ffc0000 [ 121.943854][ T29] audit: type=1326 audit(3917511127.074:1157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10027 comm="syz.0.2487" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a2920aeb9 code=0x7ffc0000 [ 121.987771][ T29] audit: type=1326 audit(3917511127.124:1158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10027 comm="syz.0.2487" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a2920aeb9 code=0x7ffc0000 [ 122.011408][ T29] audit: type=1326 audit(3917511127.124:1159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10027 comm="syz.0.2487" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a2920aeb9 code=0x7ffc0000 [ 122.542699][T10075] __nla_validate_parse: 3 callbacks suppressed [ 122.542717][T10075] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2505'. [ 122.558853][T10075] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2505'. [ 122.655625][T10081] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2508'. [ 122.960977][T10096] loop6: detected capacity change from 0 to 1024 [ 122.988419][T10096] EXT4-fs: Ignoring removed oldalloc option [ 122.995471][T10096] EXT4-fs (loop6): stripe (3) is not aligned with cluster size (16), stripe is disabled [ 123.050287][T10096] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 123.133342][ T7792] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 123.207640][T10120] loop6: detected capacity change from 0 to 1024 [ 123.241989][T10120] ext4: Unknown parameter 'func' [ 124.137343][T10244] loop1: detected capacity change from 0 to 128 [ 124.166232][T10244] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 124.191899][T10244] ext4 filesystem being mounted at /560/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 124.264613][ T3316] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 124.290987][T10263] loop1: detected capacity change from 0 to 128 [ 124.311668][T10263] vfat filesystem being mounted at /561/file1 supports timestamps until 2107-12-31 (0x10391447e) [ 124.726368][T10290] loop1: detected capacity change from 0 to 32768 [ 124.905769][T10338] loop1: detected capacity change from 0 to 1024 [ 124.930010][T10338] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 124.941109][T10338] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 124.956167][T10338] JBD2: no valid journal superblock found [ 124.961956][T10338] EXT4-fs (loop1): Could not load journal inode [ 124.975789][T10338] SELinux: security_context_str_to_sid (Ð-šXܘ7.H\¹ÿ %ºu@) failed with errno=-22 [ 125.090812][ T10] IPVS: starting estimator thread 0... [ 125.201748][T10380] IPVS: using max 2160 ests per chain, 108000 per kthread [ 125.816076][T10469] loop1: detected capacity change from 0 to 1024 [ 125.827177][T10469] ext4: Unknown parameter 'func' [ 126.054367][T10499] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2582'. [ 126.069579][T10499] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 126.150922][T10508] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2583'. [ 126.415862][ T29] kauditd_printk_skb: 53 callbacks suppressed [ 126.415879][ T29] audit: type=1326 audit(3917511387.567:1213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10546 comm="syz.1.2590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe0162aaeb9 code=0x7ffc0000 [ 126.463453][ T29] audit: type=1326 audit(3917511387.607:1214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10546 comm="syz.1.2590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe0162aaeb9 code=0x7ffc0000 [ 126.487087][ T29] audit: type=1326 audit(3917511387.607:1215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10546 comm="syz.1.2590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe0162aaeb9 code=0x7ffc0000 [ 126.510751][ T29] audit: type=1326 audit(3917511387.607:1216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10546 comm="syz.1.2590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe0162aaeb9 code=0x7ffc0000 [ 126.534479][ T29] audit: type=1326 audit(3917511387.607:1217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10546 comm="syz.1.2590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=71 compat=0 ip=0x7fe0162aaeb9 code=0x7ffc0000 [ 126.557975][ T29] audit: type=1326 audit(3917511387.607:1218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10546 comm="syz.1.2590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe0162aaeb9 code=0x7ffc0000 [ 126.581739][ T29] audit: type=1326 audit(3917511387.607:1219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10546 comm="syz.1.2590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe0162aaeb9 code=0x7ffc0000 [ 126.605279][ T29] audit: type=1326 audit(3917511387.607:1220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10546 comm="syz.1.2590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe0162aaeb9 code=0x7ffc0000 [ 126.629048][ T29] audit: type=1326 audit(3917511387.607:1221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10546 comm="syz.1.2590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fe0162aaeb9 code=0x7ffc0000 [ 126.652525][ T29] audit: type=1326 audit(3917511387.607:1222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10546 comm="syz.1.2590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe0162aaeb9 code=0x7ffc0000 [ 127.005227][T10585] netlink: 176 bytes leftover after parsing attributes in process `syz.5.2605'. [ 127.916512][T10613] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2616'. [ 128.022721][T10587] syz.5.2606 (10587) used greatest stack depth: 6008 bytes left [ 128.933795][T10657] SELinux: security_context_str_to_sid (Ð-šXܘ7.H\¹ÿ %ºu@) failed with errno=-22 [ 129.005250][T10665] loop1: detected capacity change from 0 to 1024 [ 129.022598][T10665] EXT4-fs: Ignoring removed bh option [ 129.062233][T10665] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 129.189474][ T3316] EXT4-fs error (device loop1): ext4_lookup:1785: inode #16: comm syz-executor: iget: bad extended attribute block 8 [ 129.215693][ T3316] EXT4-fs error (device loop1): ext4_lookup:1785: inode #16: comm syz-executor: iget: bad extended attribute block 8 [ 129.243122][T10682] netlink: 51 bytes leftover after parsing attributes in process `syz.0.2646'. [ 129.505174][T10699] loop6: detected capacity change from 0 to 1024 [ 129.524889][T10699] EXT4-fs (loop6): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 129.535839][T10699] EXT4-fs (loop6): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 129.562996][T10699] JBD2: no valid journal superblock found [ 129.568743][T10699] EXT4-fs (loop6): Could not load journal inode [ 129.581462][T10699] SELinux: security_context_str_to_sid (Ð-šXܘ7.H\¹ÿ %ºu@) failed with errno=-22 [ 129.607902][ T5785] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 129.806388][T10713] chnl_net:caif_netlink_parms(): no params data found [ 129.858661][T10713] bridge0: port 1(bridge_slave_0) entered blocking state [ 129.865770][T10713] bridge0: port 1(bridge_slave_0) entered disabled state [ 129.876502][T10713] bridge_slave_0: entered allmulticast mode [ 129.883244][T10713] bridge_slave_0: entered promiscuous mode [ 129.890093][T10713] bridge0: port 2(bridge_slave_1) entered blocking state [ 129.897204][T10713] bridge0: port 2(bridge_slave_1) entered disabled state [ 129.904487][T10713] bridge_slave_1: entered allmulticast mode [ 129.910961][T10713] bridge_slave_1: entered promiscuous mode [ 129.929492][T10713] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 129.940130][T10713] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 129.961129][T10713] team0: Port device team_slave_0 added [ 129.967864][T10713] team0: Port device team_slave_1 added [ 129.985513][T10713] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 129.992572][T10713] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 130.018518][T10713] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 130.030104][T10713] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 130.037089][T10713] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 130.063057][T10713] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 130.091775][T10713] hsr_slave_0: entered promiscuous mode [ 130.097960][T10713] hsr_slave_1: entered promiscuous mode [ 130.103989][T10713] debugfs: 'hsr0' already exists in 'hsr' [ 130.109712][T10713] Cannot create hsr debugfs directory [ 130.188191][T10713] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 130.198698][T10713] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 130.208763][T10713] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 130.218089][T10713] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 130.239715][T10713] bridge0: port 2(bridge_slave_1) entered blocking state [ 130.246851][T10713] bridge0: port 2(bridge_slave_1) entered forwarding state [ 130.254192][T10713] bridge0: port 1(bridge_slave_0) entered blocking state [ 130.261235][T10713] bridge0: port 1(bridge_slave_0) entered forwarding state [ 130.293142][T10713] 8021q: adding VLAN 0 to HW filter on device bond0 [ 130.304672][ T9822] bridge0: port 1(bridge_slave_0) entered disabled state [ 130.313193][ T9822] bridge0: port 2(bridge_slave_1) entered disabled state [ 130.333043][T10713] 8021q: adding VLAN 0 to HW filter on device team0 [ 130.343731][T10371] bridge0: port 1(bridge_slave_0) entered blocking state [ 130.350832][T10371] bridge0: port 1(bridge_slave_0) entered forwarding state [ 130.364338][ T9822] bridge0: port 2(bridge_slave_1) entered blocking state [ 130.371479][ T9822] bridge0: port 2(bridge_slave_1) entered forwarding state [ 130.474456][T10748] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2665'. [ 130.483452][T10748] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2665'. [ 130.504406][T10713] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 130.674928][T10713] veth0_vlan: entered promiscuous mode [ 130.694313][T10713] veth1_vlan: entered promiscuous mode [ 130.723090][T10713] veth0_macvtap: entered promiscuous mode [ 130.738714][T10713] veth1_macvtap: entered promiscuous mode [ 130.757948][T10713] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 130.786516][T10713] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 130.811155][ T52] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 130.900934][ T52] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 130.940077][ T52] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 130.983364][ T52] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 131.004105][T10779] netlink: 'syz.7.2660': attribute type 4 has an invalid length. [ 131.058783][T10779] netlink: 'syz.7.2660': attribute type 4 has an invalid length. [ 131.184192][T10784] loop7: detected capacity change from 0 to 1024 [ 131.222527][T10784] EXT4-fs (loop7): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 131.233488][T10784] EXT4-fs (loop7): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 131.254979][T10773] syz.3.2669 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=0 [ 131.264545][T10784] JBD2: no valid journal superblock found [ 131.268974][T10773] CPU: 1 UID: 0 PID: 10773 Comm: syz.3.2669 Tainted: G W syzkaller #0 PREEMPT(voluntary) [ 131.269008][T10773] Tainted: [W]=WARN [ 131.269015][T10773] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 131.269036][T10773] Call Trace: [ 131.269119][T10773] [ 131.269128][T10773] __dump_stack+0x1d/0x30 [ 131.269155][T10773] dump_stack_lvl+0x95/0xd0 [ 131.269185][T10773] dump_stack+0x15/0x1b [ 131.269259][T10773] dump_header+0x80/0x240 [ 131.269282][T10773] oom_kill_process+0x295/0x350 [ 131.269310][T10773] out_of_memory+0x97d/0xb80 [ 131.269337][T10773] try_charge_memcg+0x62e/0xa10 [ 131.269432][T10773] obj_cgroup_charge_pages+0x23/0xc0 [ 131.269497][T10773] __memcg_kmem_charge_page+0x9e/0x170 [ 131.269529][T10773] __alloc_frozen_pages_noprof+0x18a/0x350 [ 131.269622][T10773] alloc_pages_mpol+0xb3/0x260 [ 131.269655][T10773] alloc_pages_noprof+0x8f/0x130 [ 131.269687][T10773] __vmalloc_node_range_noprof+0xa46/0x12b0 [ 131.269802][T10773] __kvmalloc_node_noprof+0x471/0x680 [ 131.269831][T10773] ? ip_set_alloc+0x24/0x30 [ 131.269863][T10773] ? ip_set_alloc+0x24/0x30 [ 131.269920][T10773] ip_set_alloc+0x24/0x30 [ 131.269977][T10773] hash_netiface_create+0x282/0x740 [ 131.270011][T10773] ? __pfx_hash_netiface_create+0x10/0x10 [ 131.270091][T10773] ip_set_create+0x3cf/0x970 [ 131.270120][T10773] ? __nla_parse+0x40/0x60 [ 131.270140][T10773] nfnetlink_rcv_msg+0x509/0x5d0 [ 131.270203][T10773] netlink_rcv_skb+0x123/0x220 [ 131.270263][T10773] ? __pfx_nfnetlink_rcv_msg+0x10/0x10 [ 131.270301][T10773] nfnetlink_rcv+0x167/0x1720 [ 131.270340][T10773] ? __list_del_entry_valid_or_report+0x65/0x130 [ 131.270419][T10773] ? __rmqueue_pcplist+0x9b6/0xb80 [ 131.270471][T10773] ? tracing_gen_ctx_irq_test+0xe4/0x120 [ 131.270498][T10773] ? __rcu_read_unlock+0x4e/0x70 [ 131.270529][T10773] ? perf_tp_event+0x161f/0x1660 [ 131.270563][T10773] ? _raw_spin_lock_bh+0x56/0xb0 [ 131.270597][T10773] ? should_fail_ex+0x30/0x280 [ 131.270680][T10773] ? selinux_nlmsg_lookup+0x99/0x890 [ 131.270703][T10773] ? __rcu_read_unlock+0x33/0x70 [ 131.270733][T10773] ? __netlink_lookup+0x276/0x2b0 [ 131.270806][T10773] netlink_unicast+0x5c0/0x690 [ 131.270870][T10773] netlink_sendmsg+0x5c8/0x6f0 [ 131.270894][T10773] ? __pfx_netlink_sendmsg+0x10/0x10 [ 131.270914][T10773] ____sys_sendmsg+0x5af/0x600 [ 131.270939][T10773] ___sys_sendmsg+0x195/0x1e0 [ 131.270999][T10773] __x64_sys_sendmsg+0xd4/0x160 [ 131.271024][T10773] x64_sys_call+0x17ba/0x3000 [ 131.271077][T10773] do_syscall_64+0xc0/0x2a0 [ 131.271110][T10773] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 131.271189][T10773] RIP: 0033:0x7f4351d6aeb9 [ 131.271278][T10773] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 131.271297][T10773] RSP: 002b:00007f43507c7028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 131.271372][T10773] RAX: ffffffffffffffda RBX: 00007f4351fe5fa0 RCX: 00007f4351d6aeb9 [ 131.271387][T10773] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000003 [ 131.271401][T10773] RBP: 00007f4351dd8c1f R08: 0000000000000000 R09: 0000000000000000 [ 131.271417][T10773] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 131.271430][T10773] R13: 00007f4351fe6038 R14: 00007f4351fe5fa0 R15: 00007fff9d7e50a8 [ 131.271452][T10773] [ 131.271463][T10773] memory: usage 307200kB, limit 307200kB, failcnt 123 [ 131.274569][T10784] EXT4-fs (loop7): Could not load journal inode [ 131.285956][T10773] memory+swap: usage 307620kB, limit 9007199254740988kB, failcnt 0 [ 131.466028][T10784] SELinux: security_context_str_to_sid (Ð-šXܘ7.H\¹ÿ %ºu@) failed with errno=-22 [ 131.470402][T10773] kmem: usage 306984kB, limit 9007199254740988kB, failcnt 0 [ 131.470421][T10773] Memory cgroup stats for /syz3: [ 131.606439][T10791] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2674'. [ 131.652315][T10773] cache 16384 [ 131.655601][T10773] rss 204800 [ 131.658806][T10773] shmem 0 [ 131.661771][T10773] mapped_file 16384 [ 131.665574][T10773] dirty 12288 [ 131.668850][T10773] writeback 0 [ 131.672181][T10773] workingset_refault_anon 3045 [ 131.676989][T10773] workingset_refault_file 128 [ 131.681690][T10773] swap 430080 [ 131.684976][T10773] swapcached 0 [ 131.688339][T10773] pgpgin 193489 [ 131.691872][T10773] pgpgout 193435 [ 131.695413][T10773] pgfault 172186 [ 131.698962][T10773] pgmajfault 421 [ 131.702560][T10773] inactive_anon 0 [ 131.706186][T10773] active_anon 0 [ 131.709662][T10773] inactive_file 0 [ 131.713318][T10773] active_file 0 [ 131.716767][T10773] unevictable 221184 [ 131.720651][T10773] hierarchical_memory_limit 314572800 [ 131.726083][T10773] hierarchical_memsw_limit 9223372036854771712 [ 131.732349][T10773] total_cache 16384 [ 131.736176][T10773] total_rss 204800 [ 131.739899][T10773] total_shmem 0 [ 131.742274][ T29] kauditd_printk_skb: 80 callbacks suppressed [ 131.742288][ T29] audit: type=1400 audit(3917511392.897:1303): avc: denied { append } for pid=10792 comm="syz.5.2675" name="file0" dev="tmpfs" ino=2150 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 131.743386][T10773] total_mapped_file 16384 [ 131.776324][T10773] total_dirty 12288 [ 131.780126][T10773] total_writeback 0 [ 131.783980][T10773] total_workingset_refault_anon 3045 [ 131.789311][T10773] total_workingset_refault_file 128 [ 131.794660][T10773] total_swap 430080 [ 131.798730][T10773] total_swapcached 0 [ 131.802695][T10773] total_pgpgin 193489 [ 131.806671][T10773] total_pgpgout 193435 [ 131.810729][T10773] total_pgfault 172186 [ 131.814902][T10773] total_pgmajfault 421 [ 131.818959][T10773] total_inactive_anon 0 [ 131.823289][T10773] total_active_anon 0 [ 131.827410][T10773] total_inactive_file 0 [ 131.831564][T10773] total_active_file 0 [ 131.835608][T10773] total_unevictable 221184 [ 131.840016][T10773] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz3,task_memcg=/syz3,task=syz.3.2669,pid=10772,uid=0 [ 131.851649][ T4208] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 131.854842][T10773] Memory cgroup out of memory: Killed process 10773 (syz.3.2669) total-vm:96180kB, anon-rss:1208kB, file-rss:22316kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:0 [ 131.985657][T10801] loop6: detected capacity change from 0 to 1024 [ 132.007324][T10801] EXT4-fs: Ignoring removed oldalloc option [ 132.013427][T10801] EXT4-fs: Ignoring removed bh option [ 132.048365][T10801] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 132.149081][T10816] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2684'. [ 132.211697][T10821] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 132.535148][T10831] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 132.954894][ T7792] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 133.297606][T10872] netlink: 24 bytes leftover after parsing attributes in process `syz.6.2706'. [ 133.340569][T10872] loop6: detected capacity change from 0 to 128 [ 133.366742][T10872] vfat filesystem being mounted at /182/file0 supports timestamps until 2107-12-31 (0x10391447e) [ 133.382657][T10876] A link change request failed with some changes committed already. Interface gre3 may have been left with an inconsistent configuration, please check. [ 133.451503][ T52] bio_check_eod: 74 callbacks suppressed [ 133.451519][ T52] kworker/u8:3: attempt to access beyond end of device [ 133.451519][ T52] loop6: rw=1, sector=145, nr_sectors = 896 limit=128 [ 133.845304][T10902] tipc: Started in network mode [ 133.850229][T10902] tipc: Node identity aaaaaaaaaa35, cluster identity 4711 [ 133.857528][T10902] tipc: Enabled bearer , priority 18 [ 133.866375][T10903] netlink: 304 bytes leftover after parsing attributes in process `syz.0.2726'. [ 133.953989][T10907] netlink: 'syz.6.2721': attribute type 5 has an invalid length. [ 134.255235][T10831] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 134.344894][T10831] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 134.361892][T10931] loop6: detected capacity change from 0 to 512 [ 134.370425][T10931] FAT-fs (loop6): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 134.402610][T10931] vfat filesystem being mounted at /192/file0 supports timestamps until 2107-12-31 (0x10391447e) [ 134.435474][T10831] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 134.550083][ T52] netdevsim netdevsim7 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 134.570397][ T52] netdevsim netdevsim7 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 134.595010][ T52] netdevsim netdevsim7 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 134.629967][ T52] netdevsim netdevsim7 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 134.659968][T10958] loop7: detected capacity change from 0 to 1024 [ 134.676129][T10958] EXT4-fs: Ignoring removed oldalloc option [ 134.682225][T10958] EXT4-fs: Ignoring removed bh option [ 134.708626][T10958] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 134.981670][ T2966] tipc: Node number set to 10463914 [ 135.316605][T10969] ================================================================== [ 135.324717][T10969] BUG: KCSAN: data-race in xas_find_marked / xas_set_mark [ 135.331854][T10969] [ 135.334174][T10969] write to 0xffff88811bd9ee9c of 4 bytes by task 10958 on cpu 1: [ 135.341973][T10969] xas_set_mark+0x12b/0x140 [ 135.346577][T10969] __folio_start_writeback+0x17b/0x370 [ 135.352044][T10969] ext4_bio_write_folio+0x5ad/0x9f0 [ 135.357257][T10969] mpage_process_page_bufs+0x4a1/0x620 [ 135.362736][T10969] mpage_prepare_extent_to_map+0x7d4/0xc50 [ 135.368553][T10969] ext4_do_writepages+0x9f6/0x2800 [ 135.373680][T10969] ext4_writepages+0x18f/0x320 [ 135.378462][T10969] do_writepages+0x1c6/0x310 [ 135.383071][T10969] file_write_and_wait_range+0x178/0x2f0 [ 135.388722][T10969] generic_buffers_fsync_noflush+0x45/0x130 [ 135.394723][T10969] ext4_sync_file+0x1aa/0x680 [ 135.399400][T10969] vfs_fsync_range+0x10d/0x130 [ 135.404174][T10969] ext4_buffered_write_iter+0x34f/0x3c0 [ 135.409744][T10969] ext4_file_write_iter+0x380/0xf70 [ 135.414962][T10969] iter_file_splice_write+0x6bc/0xa80 [ 135.420345][T10969] direct_splice_actor+0x156/0x2a0 [ 135.425467][T10969] splice_direct_to_actor+0x311/0x670 [ 135.430837][T10969] do_splice_direct+0x119/0x1a0 [ 135.435695][T10969] do_sendfile+0x382/0x650 [ 135.440123][T10969] __x64_sys_sendfile64+0x105/0x150 [ 135.445333][T10969] x64_sys_call+0x2db1/0x3000 [ 135.450021][T10969] do_syscall_64+0xc0/0x2a0 [ 135.454535][T10969] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 135.460449][T10969] [ 135.462764][T10969] read to 0xffff88811bd9ee9c of 4 bytes by task 10969 on cpu 0: [ 135.470392][T10969] xas_find_marked+0x5d7/0x620 [ 135.475176][T10969] filemap_get_folios_tag+0xfa/0x510 [ 135.480484][T10969] mpage_prepare_extent_to_map+0x328/0xc50 [ 135.486312][T10969] ext4_do_writepages+0x6fe/0x2800 [ 135.491449][T10969] ext4_writepages+0x18f/0x320 [ 135.496227][T10969] do_writepages+0x1c6/0x310 [ 135.500844][T10969] file_write_and_wait_range+0x178/0x2f0 [ 135.506503][T10969] generic_buffers_fsync_noflush+0x45/0x130 [ 135.512435][T10969] ext4_sync_file+0x1aa/0x680 [ 135.517122][T10969] vfs_fsync_range+0x10d/0x130 [ 135.521896][T10969] ext4_buffered_write_iter+0x34f/0x3c0 [ 135.527462][T10969] ext4_file_write_iter+0x380/0xf70 [ 135.532688][T10969] iter_file_splice_write+0x6bc/0xa80 [ 135.538064][T10969] direct_splice_actor+0x156/0x2a0 [ 135.543187][T10969] splice_direct_to_actor+0x311/0x670 [ 135.548566][T10969] do_splice_direct+0x119/0x1a0 [ 135.553425][T10969] do_sendfile+0x382/0x650 [ 135.557855][T10969] __x64_sys_sendfile64+0x105/0x150 [ 135.563071][T10969] x64_sys_call+0x2db1/0x3000 [ 135.567763][T10969] do_syscall_64+0xc0/0x2a0 [ 135.572278][T10969] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 135.578183][T10969] [ 135.580502][T10969] value changed: 0x0a000021 -> 0x04000021 [ 135.586219][T10969] [ 135.588544][T10969] Reported by Kernel Concurrency Sanitizer on: [ 135.594700][T10969] CPU: 0 UID: 0 PID: 10969 Comm: syz.7.2740 Tainted: G W syzkaller #0 PREEMPT(voluntary) [ 135.606080][T10969] Tainted: [W]=WARN [ 135.609875][T10969] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 135.619918][T10969] ================================================================== [ 135.688026][T10713] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.