last executing test programs: 41.245118222s ago: executing program 2 (id=1616): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000007d000000850000000e00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000000)='io_uring_link\x00', r0, 0x0, 0x4}, 0x18) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000000)='io_uring_link\x00', r1, 0x0, 0x4}, 0x18) r2 = syz_io_uring_setup(0x110, &(0x7f0000000380)={0x0, 0xfffffff8}, &(0x7f00000007c0)=0x0, &(0x7f0000000800)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffff8, 0x0, 0x4) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x44, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x40000022}) io_uring_enter(r2, 0x47f6, 0x0, 0x0, 0x0, 0x0) 41.176973628s ago: executing program 2 (id=1620): bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x50) unshare(0x2040400) r0 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff}) vmsplice(r1, &(0x7f0000000080)=[{&(0x7f0000000500)="7c15b6bce0568bdbef75e4667376c6507c51094765fcc21aa8810d5a760327a50bc67e6f84d202", 0x27}], 0x1, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00'}, 0x10) 40.345417534s ago: executing program 2 (id=1638): r0 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x12, 0x5, 0x8, 0x8}, 0x48) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000300)={r1, &(0x7f0000000240), &(0x7f00000000c0)=@udp6=r0}, 0x20) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000001400000000000000ff000000850000000e000000850000000700000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r2}, 0x10) sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000180)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c) recvfrom$inet6(r0, &(0x7f0000000240)=""/117, 0x75, 0x20040, 0x0, 0x0) 40.330155936s ago: executing program 2 (id=1639): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000a40)={[{@stripe={'stripe', 0x3d, 0x3}}, {@noauto_da_alloc}, {@jqfmt_vfsold}, {@data_err_ignore}, {@noauto_da_alloc}, {@delalloc}, {@resuid}, {@oldalloc}, {@jqfmt_vfsv1}]}, 0xfc, 0x550, &(0x7f0000000b00)="$eJzs3d9rW1UcAPDvTdv91nUwhvoghT04mUvX1h8TfJiPosOBvs/Q3pXRZBlNOtY6cHtwL77IEEQciH+A7z4O/wH/ioEOhoyiD75EbnrTZWvSZm22Zubzgduec89Nzz0593t6bk5CAhhaE9mPQsSrEfFtEnG4rWw08sKJteNWH16fzbYkGo3P/koiyfe1jk/y3wfzzCsR8dvXEScLG+utLa8slMrldDHPT9YrVyZryyunLlVK8+l8enl6ZubMOzPT77/3bt/a+ub5f3749O5HZ745vvr9L/eP3E7ibBzKy9rbsQM32jMTMZE/J2Nx9okDp/pQ2SBJdvsE2JaRPM7HIhsDDsdIHvXA/99XEdEAhlQi/mFIteYBrXv7Pt0HvzAefLh2A7Sx/aNrr43Evua90YHV5LE7o+x+d7wP9Wd1/PrnndvZFv17HQJgSzduRsTp0dGN41+Sj3/bd7qHY56sw/gHz8/dbP7zVqf5T2F9/hMd5j8HO8Tudmwd/4X7faimq2z+90HH+e/6otX4SJ57qTnnG0suXiqn2dj2ckSciLG9WX6z9Zwzq/ca3cra53/ZltXfmgvm53F/dO/jj5kr1Us7aXO7BzcjXus4/03W+z/p0P/Z83G+xzqOpXde71a2dfufrcbPEW907P9HK1rJ5uuTk83rYbJ1VWz0961jv3erf7fbn/X/gc3bP560r9fWnr6On/b9m3Yr2+71vyf5vJnek++7VqrXF6ci9iSfbNw//eixrXzr+Kz9J45vPv51uv73R8QXPbb/1tFbXQ8dhP6fe6r+f/rEvY+//LFb/b31/9vN1Il8Ty/jX68nuJPnDgAAAAAAAAZNISIORVIorqcLhWJx7f0dR+NAoVyt1U9erC5dnovmZ2XHY6zQWuk+3PZ+iKn8/bCt/PQT+ZmIOBIR343sb+aLs9Xy3G43HgAAAAAAAAAAAAAAAAAAAAbEwYh9nT7/n/ljZLfPDnjmfOU3DK/u8Z+X9OObnoCB5P8/DC/xD8NL/MPwEv8wvMQ/DC/xD8NL/MPwEv8AAAAAAAAAAAAAAAAAAAAAAAAAAADQV+fPncu2xurD67NZfu7q8tJC9eqpubS2UKwszRZnq4tXivPV6nw5Lc5WK1v9vXK1emVqOpauTdbTWn2ytrxyoVJduly/cKlSmk8vpGPPpVUAAAAAAAAAAAAAAAAAAADwYqktryyUyuV0UUJiW4nRwTgNiT4ndntkAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBH/gsAAP//sQI4ww==") openat(0xffffffffffffff9c, 0x0, 0x101042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x103042, 0x0) open(&(0x7f0000000180)='./bus\x00', 0x14937e, 0x111) mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x1, 0x8005, 0x0, 0x0, 0x19, 0x1c, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x204]}) pwritev2(r0, &(0x7f00000001c0)=[{&(0x7f0000000380)="e9", 0x1}], 0x1, 0x7fff, 0x0, 0x0) 40.051122708s ago: executing program 2 (id=1649): syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x20c006, &(0x7f0000000480)={[{@nomblk_io_submit}, {@mblk_io_submit}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@lazytime}, {@discard}, {@nojournal_checksum}], [{@seclabel}]}, 0x1, 0x45f, &(0x7f0000000c80)="$eJzs3M9vVFUbAOD33pkC/eCTkSDKD7WKBqKxhYLIwg1GExeamOgCl7UtBBmooTURQhSNwaUhcW9cmvgXuNKNUVcmbnVvSIjpBtTNmNu5t52ZTkunnXZq53mSC+fce6bnvPfeM3PuOZ0G0LeGsn+SiF0R8VtE7K5nmwsM1f+7N3t9/K/Z6+NJ1Gpv/pnMlbs7e328KFq8bmeRKUeknyZxsE2901evXRyrViev5PmRmUvvjUxfvfbchUtj5yfPT14ePX365InjL5wafb4rcWZx3T3w4dSh/a++fev18bO33vnpm6SIvyWOiNjRhSqHljv4dK3WhSo2j/83pJNyDxtCR0r1bhoDc/1/d5Ri4eLtjlc+6WnjgHVVq9Vq+/L+38aNGrCFJdHrFgC9UXzQZ8+/xbaBw4+eu3Om/gCUxX0v3+pHypHmZQZanm+7aSgizt74+8tsi8XzEAAAXffdmYgjh/PxX9PCTxr7GnIP5GsolYh4MCL2RMSpiNgbEQ9FzJV9OCIe6bD+1kWSxeOf9HaHP7Ij2fjvxXxtq3n8V4z+olKK+KcYLldiIDl3oTp5LD8nR2Nge5Zfbnz4/cu/fr7UscbxX7Zl9Rdjwbwdt8vbm18zMTYztpaYG935OOJAuV38yfxKQHZb7I+IA6us48IzXx9a6tj942+2rTHThXWm2lcRR+rX/0a0xF9Ill+fHNkR1cljI8VdsdjPv9x8Y6n6O42/27Lrn7a9/+fjrySN67XTnddx8/fPlnymWe39vy15q2nfB2MzM1eOR2xLXqs3unH/aEu50YXyWfxHD7fv/3ti4UwcjIjsJn40Ih6LiMfztj8REU9GxOFl4v/xpafebd6TdBD/+srin+jo+i8kBvMCbQ41JUoXf/i2qdLKQnJl1//kXOpovmcl73/LNKcpsZZzBwAAAP8VaUTsiiQdnk+n6fBw/Xf498b/0urU9Myz56bevzxR/45AJQbSYqarPh9cnw89nj/WF/nRlvyJfN74i9LgXH54fKo60evgoc/tXKL/Z/4o9bp1wLpbxTqar3jBFqEzQ//S/6F/6f/Qv8qLU4O9aguwsdp9/n/Ug3YAG6+l/1v2gz7i+R/6l/4P/Uv/h740PRj3/5L8Zk3s2BzN2NKJYiFo0aFIe9ewYoZqE5yftSUGV/yHKjY80cM3JQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgC76NwAA//8lJN+h") syz_clone3(&(0x7f0000000780)={0x1c3002480, 0x0, 0x0, 0x0, {0x2b}, 0x0, 0x0, 0x0, 0x0}, 0x58) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) lsm_get_self_attr(0x67, &(0x7f0000000180)={0x0, 0x0, 0xdb, 0xbb, ""/187}, &(0x7f0000000040)=0xdb, 0x0) socket$inet6_mptcp(0xa, 0x1, 0x106) setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, 0x0, 0x0) utimensat(0xffffffffffffff9c, 0x0, 0x0, 0x0) 39.749191842s ago: executing program 2 (id=1654): r0 = socket(0x11, 0x3, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000005c0)={'gre0\x00', 0x0}) bind$packet(r0, &(0x7f0000000180)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @dev}, 0x14) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000240)=0xe9, 0x4) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f00000003c0)=0x6121, 0x4) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000a40)=[{{0x0, 0x0, &(0x7f00000007c0)=[{&(0x7f0000000440)="46900a97984df7eaaf4acc129dbd1a3407543c09156ec6cb7a3456c7771a15fa754eae", 0x23}], 0x1, 0x0, 0x98, 0x4000000}}], 0x1, 0x0) sendmsg$netlink(r0, &(0x7f0000002ac0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000400)=ANY=[@ANYBLOB="02011400012918000e1a80009f0001140000002f0600ac141430e0000003808a8972bd0b72e41082b1a3d206"], 0xdd12}], 0x1, 0x0, 0x0, 0x4000007}, 0x1) 39.749056232s ago: executing program 32 (id=1654): r0 = socket(0x11, 0x3, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000005c0)={'gre0\x00', 0x0}) bind$packet(r0, &(0x7f0000000180)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @dev}, 0x14) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000240)=0xe9, 0x4) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f00000003c0)=0x6121, 0x4) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000a40)=[{{0x0, 0x0, &(0x7f00000007c0)=[{&(0x7f0000000440)="46900a97984df7eaaf4acc129dbd1a3407543c09156ec6cb7a3456c7771a15fa754eae", 0x23}], 0x1, 0x0, 0x98, 0x4000000}}], 0x1, 0x0) sendmsg$netlink(r0, &(0x7f0000002ac0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000400)=ANY=[@ANYBLOB="02011400012918000e1a80009f0001140000002f0600ac141430e0000003808a8972bd0b72e41082b1a3d206"], 0xdd12}], 0x1, 0x0, 0x0, 0x4000007}, 0x1) 1.849580511s ago: executing program 5 (id=2835): syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x4000, &(0x7f0000000c00)={[{@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@nombcache}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x4}}, {@mblk_io_submit}, {@resuid}, {@norecovery}]}, 0x8, 0x445, &(0x7f0000001dc0)="$eJzs28tvG0UYAPBv105KX8RU5dEHECiIikfSpKX0wAEQSBxAQoJDOYYkrUrdBjVBolUFBaFyRJW4I45I/AWc4IKAExJX4IwqVSiXFk5Ga+82jmunSbDrEP9+0tYzu+POfJ4de3YnG8DAGs3+SSJ2RMRvETHSyC4vMNp4ubF4cfrvxYvTSdRqb/6V1MtdX7w4XRQt3re9yJQj0k+T2Nem3vnzF05PVauz5/L8+MKZ98bnz1945tSZqZOzJ2fPTh47duTwxHNHJ5/tSpxZXNf3fji3f8+rb195ffr4lXd++iYp4m+Jo0tG2+4tN14er9W6XF1/7WxKJ+U+NoQ1KeWn5FB9/I9EKZY6byRe+aSvjQN6qlar1e7rfPhSDdjEkuh3C4D+KH7os+vfYrtDU48N4dqLjQugLO4b+dY4Uo40LzPUcn3bTaMRcfzSP19mW7Teh9jao0oBgIH2XTb/ebrd/C+N5vtCd+drKJWIuCcidkXE0YjYHRH3RtTL3h8RD6yx/tZFklvnn+nVdQW2Stn87/l8bWv5/K+Y/UWllOd21uMfSk6cqs4eyj+TgzG0JctPrFDH9y//+nmnY83zv2zL6i/mgnk7rpa3LH/PzNTC1H+Judm1jyP2ltvFn9xcCUgiYk9EvLDOOk49+fX+Tsc6xD+8qv+4C+tMta8inmj0/6Voib+QrLw+OX5XVGcPjRdnxa1+/uXyG53qv33/91bW/9vanv9F/H9Ukub12vm113H59886XlOu9/wfTt5atu+DqYWFcxMRw8lr9Xylef9kS7nJpfJZ/AcPtB//u2Lpk9gXEdlJ/GBEPBQRD+dtfyQiHo2IAyvE/+NLj727/vh7K4t/ZsX+j5b+X0oMR+ue9onS6R++XVZpZS3xZ/1/pJ46mO9Zzfffatq1vrMZAAAA/n/SiNgRSTp2M52mY2ONv+HfHdvS6tz8wlMn5t4/O9N4RqASQ2lxp2uk6X7oRH5ZX+QnW/KH8/vGX5S21vNj03PVmX4HDwNue4fxn/mz1O/WAT3neS0YXMY/DC7jHwaX8Q+Dq8349+gZDIh2v/8f9aEdwJ3XMv5XXPYzMYDNxfU/DC7jHwaX8Q8DaX5r3P4h+c2RSCNiAzRjsyQi3RDNkOhRot/fTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAN3xbwAAAP//ynflmQ==") r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./bus\x00', 0x1c5042, 0x12) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) sendmsg$kcm(0xffffffffffffffff, 0x0, 0x14) write(r1, &(0x7f00000009c0)="3bf58d7d45d32cfe", 0x8) sendfile(r1, r0, 0x0, 0x3ffff) sendfile(r1, r0, 0x0, 0x7fffeffd) 1.767233847s ago: executing program 0 (id=2837): openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={0x0}, 0x18) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000004bc311ec8500000075000000a70000000800000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000000c0)='percpu_alloc_percpu\x00', r2}, 0x10) syz_io_uring_setup(0x111, &(0x7f0000000340)={0x0, 0x11, 0x2}, 0x0, 0x0) 1.084391132s ago: executing program 4 (id=2848): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000500000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000011c0)={0x11, 0x13, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000206a932500000000002000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000100000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000095"], &(0x7f00000012c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000001a80)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='net_dev_xmit\x00', r2}, 0x10) perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x9d, 0x1, 0x0, 0x0, 0x0, 0x5, 0x40200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x3, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='net_dev_xmit\x00', r1}, 0x10) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000640)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd020f4c0c8c56147d66527da307bf731fef97861750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3665f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fff0d7216fdb0d3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447c2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2acb72e7ead0509d380578673f8b6e74ce23877a6b24db0000000000000003629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d7b90dfae158b94f50adab988dd8e12b1b56073d0d10f7067c881434af5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a331bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf77bfc95769a9294df517d90bdc01e73835efd98ad5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b31592479ecf2392548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4e62b445c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708194cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbe1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5646ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4766e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec859c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f250057931d828ec78e116ae46c4897e2795b6ff92e9a1f63a6ed8fb4f8f3a6ec4e76f8621e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403f02734137ff47257f164391c673b6071b6ad0f05eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb79f5589829b6b0679b5d65a81826fc9b38f791c8f1892b51ad65a89bc84646ebf78f5d5d4804d9abb071fd711b5e7cc163b42a6510b8f5ee6747df0b560eabe0499bf1fef7c18bb9f55effa018679845c6598fb78bf1b8d9d9f04a5f6062c2bbb91952755b3f7c948268cb647d0a0bb1286480615941154a01d23734bcafe3b164474e2f2efa77850686ee4541f3e79efa63545a7ae53d5f0c40cc86473f7eb093980bd0d97bb4750128d9c519984c5f731ea259e71b2f12d67ce12e52c283e74594dfc933e625737ed231d61263721d46daf093f770357cd78fe1431aef52b4a0a933f1a5334ad03f3876fc8a8e187f80318427b4c922075cf829e3cc49d71d52137b48e1fb6b05dd1c7b251a7059f0a4b4f3431f67fc65b75c202e43816e34ff41db85bacd77b25242830b788ae1e00"/2566], &(0x7f0000000340)='syzkaller\x00'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r3, 0x18000000000002a0, 0xe40, 0x0, &(0x7f0000000100)="b9ff03076844268cb89e14f005dd1be0ffff00fe3a21632f77fbac14141de007031762079f4b4d2f87e5feca6aab845013f2325f1a3901050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0x8, 0x60000000}, 0x1e) 942.037744ms ago: executing program 4 (id=2851): openat(0xffffffffffffff9c, 0x0, 0x141042, 0x0) socket(0xa, 0x3, 0x3a) prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed074479000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000040)='sched_switch\x00', r0, 0x0, 0x2000000005}, 0x18) syz_open_dev$evdev(0x0, 0x0, 0x2002) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_MON_PEER_GET(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="0d030000000000000000130000001c000980080002"], 0x30}}, 0x0) 839.296332ms ago: executing program 4 (id=2853): bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000b703000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000500)='page_pool_state_release\x00', r3}, 0x10) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000300)={r2, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000280)="b9ff03076804268c989e14f088a8", 0x0, 0x2, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50) 830.246453ms ago: executing program 1 (id=2854): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) r1 = socket$inet6(0xa, 0x80002, 0x0) r2 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r2, &(0x7f0000000000)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x2c}}, 0x10) connect$inet(r2, &(0x7f0000000280)={0x2, 0x4, @multicast1}, 0x10) sendmmsg$inet(r2, &(0x7f0000004540)=[{{&(0x7f0000000040)={0x2, 0x4e22, @multicast1}, 0x7e1f, 0x0}, 0xee0000b0}, {{0x0, 0x0, &(0x7f00000012c0)=[{&(0x7f0000001100)="15b26f226e2966667482d50903b0a8d92ccd9e69d5cc4cb3d467a670b237a9225fb56c0f7ea725dee27c4bb43bb50c6748c83b71d59f0537405dfab648c096607340fac939a2efd31cbe2f8ca29c409e87ea0974b7bceff9afef5d07d691575f5115f2f961ad488e3386036913e98181a6034febaab853a3e928b9035b0e3a8e1cb393c70f6d0448970e0af2476f8b923ee09c19deca55d58f70e8eeff55dda6381cb96afe97196c0af0a8fd450a1447a1a521e2c211fb84cbcf4aebd31298972ec6bea1764fbde5500fa30c5f2459cff4d7f123ab94cfd5762d586ec7a28abc2f8c9e608f8f964b96ecb0883d60d444f317834a3d734cb304051a60d1a084a84da8f9a23a1b9d4951c0a81985c63ae193f40e9deb358b2f08553324fd6086be9e70e5061568abefebcda50e70f4dab2e4dc0cf6d85aced044d7005326922886194895267165f7f592036ebe11dcf1cad98f5cda766eaea90fb4cb5e793525126c7594f8599055192d63a81d3cd26aadd50983f1c3f1d4655c1b5f59e80f733e3abc4792b760729fd26298ef15141cf76cc4", 0xc3}, {&(0x7f0000000d80)="7d68e6de85f9b0cbc9d710267f321ec64eab043ecad9af7e01e9463218ec45924a99867163e468d36a682fadd749caa325e685d75559a87139e02fae7271be8f55671cfd32a09896278d1941370174720838039d0989bc3394b8a4c4f4a30f0496be313d6d60fe47966c634a3ee1f659e8ef310647725bda0130d5de5028220a4cf5fc808a75694738ee26cb21302b4bba4265b845a5d5dce706d9820c6936b122f9658446d74a9016b94424971dd443a6907eb5c73b6b200e92b23f2c36a214729b0bc231511e4c", 0xc8}, {&(0x7f0000000380)="73fd71361e8d6c80ae1bc9953e2a4aeac7a314273066fc7f65a51969b46df1774bb0be94ccd4824f2d57ad2cd37242b1258402395481f9f07e067652e52aa8ccefcd0962ba0c48757b68d493f3ad702e65d4daa7dfc1605a173185472ae12470eea64c70ef4e64793b8a830447de0f423bef3964934eef4243cac42939ba6fa68d821b9373b5f3e2c26e7ca75ed8fb3203aef3a6637cecdd0251532b99537e02f604058f50e66c8a657d59beeed127695475f082d3d2b9790181fc987ad000ac00887d1506be89f388ecb405660b4ea196ee8f5a92b12ec43bbf49567db613d478ebe2358364f7600bf4f80ef4b2756fb13416c4fa22880cc96a03f07888575aedb001d5a74bb2f906797912b5ac080a0a3d361425f1a92ab03bbe65d5dcb235f43b5ad1162a16ebdc647baac013bf076945126cdd5a080853976a97ad55184601102fbb8df86b21aa8162858d74465c5fb7dc766602a3567f6eaf441f85ec50ca7fb3a4fdb450d1420531da25d01a412958a5e3895c59542238cf8e188e7fb5641eb24a5f1819bf8d2e9dd6c1d0e93564d723e311db9cd268bb1e477036e822b135cdbaf40f812aa7db01d22c829ab01ae24997dae96ddeed49e62d285701d5419e3f94a8b95790cf5a296ed15bffae1f71470c6a6eda872528844a2df42590d898630263cab5cccec57b7cea365ad8c91bfbe7cb419635ce6bf340a56115c0ad922b6fade9538e543bc5def2a85d35ab16d20c219c4733837be2c14ba4d3d32c3a6882ce6857626f55109b4cdcb634425d710bf3108f9b31b4af0cc17a58e49e871a56126dd8bed08e038ba64008587237b3442d28032e52fc9fae1a5784ba59d0edfa03d38352724903ed6f6970b3f4dfa6e40bf933b6765c6ee648174765f1e8ec71b80cac86abd065a3005b40a43a665707cc590997c5048183006a9dd8026d39def05950183b3d4f12f4e1644ef78cddac7c5569985c2c232bb350f28857675339e53f63a868704d2e0b38993dc57a02d3e297fc9a5b9384622841018c303a05bac25d509df5a2d0e3232927283fcc3ec67e4fa7b71d22f115cf693851dcceab4bce38cbfbb32829e211cdcb6a359e14fe416663541050d340aef2555dbd292bd9cbab8fcf20378149cc994569c2bc95fb33fd2d9321b8ac8e5160b02e202492f470eb719a8f2ac3a4be37ea0918b54b14789b7aa228d47f7b13fd9af608740c5a8fe02109a7cc0e555b22628ef790e513ecadfd338d30aed8ca219e64ee4fb0bd0e21e5101bf2072ffa071eb1aa0454caccc015ff1e166813f819a142b56a22e4ff387bb319288a0ef747c6fc8fdee3a0e193b0d086eb816e97e0322fcdaa30da61cd26ac9d8d0748fccd911ce0fd4adc953e9486e137fe66bc8aedfd5b78c562ebfc578ac9f96a453311766564541e16955e30b95914e9411a0b4cd95e0d8732d5ff7a4f921ef41d986a195334266585353b16b9449955523913a30c087532bcb899f733af3abea59baea174cf04359547a633b5f8a582ae3ef12a1d0125bef8c6e8c9fb589d3597c5ab3879491b0c5e3607203f06836a6805d3f7979c4325f9fecb2aceddedb272237132460cda812ef7d613a585898d59f92ef68ec95f12b47b440f6d899ecbfab48055e0c1605ba4cd9dbc17c4cbfec8a953ebbd38c45a6737a57ee58e21a20e530171137968ae4f0d0366cdb0b9d6a4667b011fcd7cd9e77364e5221989d8f0d80793260e748e3bd394849c090c744f6044328304cd6f02e941c5405647daffc1fd2f2864b37f92bbf4931c8e4a7c6bafd0ea79d39d330e70e6776bf6a926de227e5a43653bba04883e98d67bb64aa86e8bf271ba87604bc598e47f2992c7618ad25068860a481554b53352c7339de7e79c3bd1aed5bef8f398432858c888a5d8651969ea40eb3d486e9fe61d49b20500fdfd1548f567da970103d36730657c35d03d2c36b142665f62203b1fb12d616478cfef6f38b34cda87a634dd06d359f33e98b94a5e5b46b2a8d73126352d1d5b65af75055455cc903e384c41876fbdff935d047284d9d203b147a6ba0e9cb50beef7798886c33d2f2f0c0d9abe0e32c7c809f8b0b28fc59471987353c862a311776b8275bf319d5cb9a59f8f103b6e567ef5dd8859973cc3fe41e356bf5bd3186240e49286977eca36a8ad44185973b276cd7958b73e14a221b7fd567818bebf54ad27ee95161bd2aeeb356482ff467500a7d36f0464f58a591ec6b728f984ec78d0abe14c6d3411ac3ffc4c3179d1f95d029f26cceb545723519d3d4209a2b1243e78767273c13dc2bd320512674b6f1a50313bae7b9d16aebb476dbc829e8fd8dd46a1696efaff5795cf75de57c90f05ed9ef4a5cdfbf20d3d9ed95fb4114b1d5c9ade0856212e7ba330ce5bccf2c993dff89112b28bd3b17d3fcfacef7590f62bf948977dd79e2d8025946c80bf263e34035409b5ba1443d4929727180761bd56d258c3670a0aa4de21111fc3172367582de2d164ff3a18d0696b8dd8e5c1423b2ea1e2c0cfe141e4cf04f8cdaed48976b94c40d6a581300458661bbdbfeeb4969af6319eb1798843d0872f68f0c6537bbc9c7dd1e9b0564bf442d8d25f8aa884aba1df074d374f99750d9227bb821ba0355f60de2829a5c8cd47c89d29a2e3d7d53d59db5c3ace8f484664202c210c68a3b33076fb00d59938e84fbad6d6618c0bb89cf94035fa2de4da351e0d71df416450ea7ec3af33aa5c0313c63e654bd79c73b39dc1933636956761058d76648746daca469f8fce62c17a8160cdefc6a927eef9ec4a8dd684e46f35282546ce2362ab8afedd39bf699fd7c2cde538f52ea43c08558f42ba77b2986b800c45fa76a130b30919b3e1d504573e3c1e7dd2dc5d81379df53d736511f1da4ad8791e46adb27bb5c38129e89edda0aed99dcc03fe400f7d05d48e3e9e17744e8487f8ac464c86f7332211fb9799e9d27a6832d5f17ccd1a2da255f6da047e4728dd80860c04391bca4b7833f0346866401ec20033bcf6dfa85fd1520de5a03b4f9f6f5d2f8d7b6e7d7df1cbe5c05e23e080cf335639c94c48aaeb0bfebbe79530d67d35fb101c91839954c0e50dd4b90a86428b22b0be1e906fee30f68d7ce4bf9c68eafe695f07f5e4e4d473d77104b7b1b5dcfeb84e8c83624c0068d4e1cccfe740f8e5d5699603f8481ef2a1f2d4b8fd2314c5cb1985fe34cf8ede7d2e8bddea269422490903489c7f5951114d7ccb29a19455a987d538955712a460243105b25ccb6e6f34c370a6bbb234bee150dbcea5188e45305253f1014f7c0b5d60d517d2d05707f5ca9249a921d6c5307caf41deca0509b49102d801320db65c00f6e1c05fb8c2e1cc554673bf6168dd64086b19af28eec508fd0c304837e802173ac9947c4d73929c61d9632ab929a25f2a04350954612c2de705c1c25215284fe933fc8ccfd30ab3fc9ff5e04dd68d4720d95a29d6da176ac9d332c9ce77358f3c262777ea828fe6473638bc77be2aa586a3733e275744bc42c3742c1ad8f89d25c31958902f2f498c58fc85e9b78fb7a331734cb081cfa9ccfd262df927c0ff46983f8765af4add3532de2b91f2436df028", 0x9fd}], 0x3}}, {{0x0, 0x0, &(0x7f00000017c0)=[{&(0x7f0000001700)="a6", 0x1}], 0x300}}], 0x3, 0x0) connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @loopback={0xff00000000000000}, 0x400}, 0x1c) sendmmsg$inet6(r1, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4000000) 810.463674ms ago: executing program 1 (id=2856): r0 = socket$inet_sctp(0x2, 0x5, 0x84) close(r0) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000027b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000e00)='kfree\x00', r3, 0x0, 0x4ab}, 0x18) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000040)={0x0, 0x10, &(0x7f0000000000)=[@in={0x2, 0x0, @private=0xa010101}]}, &(0x7f0000000080)=0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x1d, &(0x7f0000000140)={0x1, [0x0]}, &(0x7f0000000240)=0x8) sendmsg$inet_sctp(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f00000001c0)='F', 0x1}], 0x1, &(0x7f00000000c0)=[@sndinfo={0x20, 0x84, 0x2, {0xa, 0x4, 0x28, 0x200000b, r4}}], 0x20, 0x2400e044}, 0x0) 799.007195ms ago: executing program 4 (id=2857): r0 = socket$netlink(0x10, 0x3, 0xf) bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000300), 0x4) setsockopt$netlink_NETLINK_BROADCAST_ERROR(r0, 0x10e, 0x4, &(0x7f0000000040)=0x1800, 0x4) r1 = socket$netlink(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000110000000000000000850000007b00000095"], &(0x7f0000000140)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000000)='kmem_cache_free\x00', r3}, 0x10) sendmsg$DEVLINK_CMD_RATE_NEW(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)={0x34, r2, 0x21, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0) 740.90884ms ago: executing program 0 (id=2859): bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000200)=0x474c, 0x4) bind$inet(r0, &(0x7f0000000240)={0x2, 0x0, @local}, 0x6f) connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10) sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x300) setsockopt$inet_int(r0, 0x0, 0x19, &(0x7f0000000180)=0x1f5, 0x4) setsockopt$inet_int(r0, 0x0, 0xc, &(0x7f0000000040)=0x2, 0x4) recvmmsg(r0, &(0x7f0000000040), 0x291962b, 0x45833af92e4b39ff, 0x0) 719.200592ms ago: executing program 1 (id=2860): r0 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0) fcntl$setsig(r0, 0xa, 0x13) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000000000000000000ff000000850000000e000000c500000001f0ffff95"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10) fcntl$setlease(r0, 0x400, 0x0) timer_create(0x0, &(0x7f00000005c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000280)=0x0) timer_settime(r2, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) truncate(&(0x7f0000000040)='./file0\x00', 0x0) fcntl$setlease(r0, 0x400, 0x2) 657.743436ms ago: executing program 5 (id=2861): bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000"], 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x18, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x7, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10) mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) symlinkat(&(0x7f0000001040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000640)='./file0\x00') 641.951378ms ago: executing program 5 (id=2862): getpid() socketpair$tipc(0x1e, 0x2, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r0 = socket$inet6(0xa, 0x2, 0x0) r1 = socket(0x10, 0x803, 0x0) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), r1) getsockname$packet(r1, &(0x7f0000000180)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14) sendmsg$nl_route(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000580)=ANY=[@ANYBLOB="8c000000100037042a00"/20, @ANYRES32=r3, @ANYBLOB="83040500000000006c0012800900010069706970000000005c000280060012004e210000060010000f00000008000100", @ANYRES32=r2, @ANYBLOB="05000a0001000000060010007f000000060011004e200000050004004b000000060011004e20000006000f0002"], 0x8c}, 0x1, 0x0, 0x0, 0x40000}, 0x4004082) sendmmsg$inet(r0, &(0x7f0000000880)=[{{&(0x7f0000000040)={0x2, 0x4e1c, @multicast1}, 0x10, 0x0, 0x0, &(0x7f0000000000)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r3, @empty, @multicast1}}}], 0x20}}], 0x1, 0x4880) 636.564968ms ago: executing program 0 (id=2863): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000500000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0}, &(0x7f0000000380), &(0x7f00000003c0)=r1}, 0x20) bpf$MAP_CREATE(0x0, 0x0, 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) r2 = socket$inet6(0xa, 0x3, 0xff) setsockopt$inet6_int(r2, 0x29, 0x16, &(0x7f0000fcb000), 0x4) setsockopt$inet6_int(r2, 0x29, 0x16, &(0x7f0000fcb000)=0x80, 0x4) 601.623301ms ago: executing program 1 (id=2864): bpf$MAP_CREATE(0x0, 0x0, 0x0) write$tun(0xffffffffffffffff, 0x0, 0xfdef) socket$unix(0x1, 0x1, 0x0) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x84aa5000) mbind(&(0x7f0000188000/0x4000)=nil, 0x4000, 0x1, 0x0, 0x1, 0x1) madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x3) 581.420603ms ago: executing program 0 (id=2866): syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f0000000040)={[{@usrquota}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x800}}, {@minixdf}]}, 0x1, 0x513, &(0x7f0000000440)="$eJzs3c9vI1cdAPCvnThxfrRJSw+AoF3awoJW6yTeNqp6oOWEEKqE6BGkbUi8URQ7jmKnNGEP6RmJExKVOMGRP4DznrhzQXDjshyQ+BGBNkgcjGY8znoTexM2GzuKPx9pNPPmzc73vfX6vcw3a78ARtaNiDiIiImI+Cgi5rLzuWyL99tbct2jw/urR4f3V3PRan34j1xan5yLrj+TmMnuWYyI73874ke503Ebe/ubK9VqZScrLzRr2wuNvf3bG7WV9cp6ZatcXl5aXnznztvlJ+59Ea/VJrKjLz/8/cE3fpLcczY7092P56nd7sJxnMR4RHz3MoINwVjWn4lhN4Rnko+IlyPi9fT9Pxdj6asJAFxnrdZctOa6ywDAdZdPc2C5fCnLBcxGPl8qtXN4r8R0vlpvNG/dq+9urbVzZfNRyN/bqFYWs1zhfBRySXkpPX5cLp8o34mIlyLi55NTabm0Wq+uDfMHHwAYYTMn5v9/T7bnfwDgmisOuwEAwMCZ/wFg9Jj/AWD0mP8BYPS05/+pYTcDABggz/8AMHrM/wAwUr73wQfJ1jrKvv967eO93c36x7fXKo3NUm13tbRa39kurdfr6+l39tTOul+1Xt9eeit2P5n/5najudDY279bq+9uNe+m3+t9t1JIrzoYQM8AgH5eeu3Bn3LJjPzuVLpF11oOhaG2DLhs+WE3ABiasWE3ABiaHqt9TQ6jHcDgXeAZX3oAromz1tctnv6A0HuX2R7g8t38gvw/jKqu/L//BQwjRv4fRleP/D8wIlqt3HnX/I/zXggAXG1y/ECf3/+/nO1/k/1y4IdrJ6/47DJbBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFdbZ/3fUrYW+Gzk86VSxAsRMR+F3L2NamUxIl6MiD9OFiaT8tKQ2wwAXFT+r7ls/a+bc2/OPlH16szx4URE/PiXH/7ik5Vmc+cPERO5f052zjc/y86XB996AOBsnXk63Xc9yD86vL/a2QbZnr99KyKK7fhHhxNxdBx/PMbTfTEKETH9r1xWbst15S4u4uDTiPh8r/7nYjbNgbRXPj0ZP4n9wkDj55+In0/r2vvk7+Jzz6EtMGoeJOPP+73ef/m4ke57v/+L6Qh1cdn4l9xq9SgdAx/H74x/Y33GvxvnjfHW777TPpo6XfdpxBfHIzqxj7rGn078XJ/4b54z/p+/9Orr/epav4q4Gb3jd8daaNa2Fxp7+7c3aivrlfXKVrm8vLS8+M6dt8sLaY56of9s8Pd3b73Yry7p/3Sf+MUz+v/Vc/b/1//96AdfeUr8r7/RK34+XnlK/GRO/No5469M/7Z46uTM4/hrffp/1ut/65zxH/5l/9Sy4QDA8DT29jdXqtXKzigcJM/agwza+XH7KvT9ehzEgF/B/+fgvUHFmojeVT99o/3P7URVq/VMsfqNGM8j6wZcBcdv+oj4z1Ov/NmjVmtgzQIAAAAAAAAAAAAAALoM4hNLw+4jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA19f/AgAA//9prcps") r0 = inotify_init1(0x800) inotify_add_watch(r0, &(0x7f0000000240)='.\x00', 0x60000526) mkdirat(0xffffffffffffff9c, 0x0, 0x1c0) close(0x3) r1 = getpid() r2 = syz_pidfd_open(r1, 0x0) setns(r2, 0x24020000) umount2(&(0x7f0000000040)='.\x00', 0x2) 581.266903ms ago: executing program 5 (id=2867): r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0) fcntl$setlease(r0, 0x400, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000040000000800000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='leases_conflict\x00', r2}, 0x10) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000340)='leases_conflict\x00', r3}, 0x18) openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0, 0x0) 548.184545ms ago: executing program 5 (id=2868): perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x8, 0x6}, 0x0, 0x10000, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = socket$netlink(0x10, 0x3, 0x10) bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000000), 0x4) setsockopt$netlink_NETLINK_BROADCAST_ERROR(r0, 0x10e, 0x4, &(0x7f0000000640)=0x1800, 0x4) r1 = socket$netlink(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_RATE_NEW(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)={0x34, r2, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x20008000) bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48) 528.034037ms ago: executing program 4 (id=2869): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x4f, 0x0, 0x0, 0x0, 0x1}, 0x94) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000300)='fib_table_lookup\x00', r2}, 0x10) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000040)={'macsec0\x00'}) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'macsec0\x00', 0xca58c30f81b6079f}) socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r3, 0x8914, &(0x7f0000000080)) 453.359583ms ago: executing program 3 (id=2871): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) syz_emit_ethernet(0x4e, &(0x7f00000003c0)={@local, @multicast, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x6, 0x0, @rand_addr=0x64010102, @local}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x6, 0xb, 0x0, 0x0, 0x0, 0x0, {[@window={0x3, 0x3, 0xea}, @md5sig={0x1d, 0x12}]}}}}}}}, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = socket(0x400000000010, 0x3, 0x0) r2 = socket$unix(0x1, 0x5, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x2}}}]}, 0x38}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@newtfilter={0x4c, 0x2c, 0xd27, 0x70bd24, 0x25dfdbff, {0x0, 0x0, 0x0, r3, {0x4, 0xa}, {}, {0xfff2, 0x2}}, [@filter_kind_options=@f_bpf={{0x8}, {0x20, 0x2, [@TCA_BPF_FLAGS_GEN={0x8, 0x9, 0x1}, @TCA_BPF_OPS={{0x6, 0x4, 0x1}, {0xc, 0x5, [{0x6, 0xd, 0x5, 0x4}]}}]}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x8848}, 0x20004804) request_key(&(0x7f0000002740)='asymmetric\x00', &(0x7f0000002780)={'syz', 0x3}, &(0x7f00000027c0)=',*[\\/&)\x00', 0xffffffffffffffff) 436.719394ms ago: executing program 4 (id=2872): syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x4000, &(0x7f0000000c00)={[{@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@nombcache}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x4}}, {@mblk_io_submit}, {@resuid}, {@norecovery}]}, 0x8, 0x445, &(0x7f0000001dc0)="$eJzs28tvG0UYAPBv105KX8RU5dEHECiIikfSpKX0wAEQSBxAQoJDOYYkrUrdBjVBolUFBaFyRJW4I45I/AWc4IKAExJX4IwqVSiXFk5Ga+82jmunSbDrEP9+0tYzu+POfJ4de3YnG8DAGs3+SSJ2RMRvETHSyC4vMNp4ubF4cfrvxYvTSdRqb/6V1MtdX7w4XRQt3re9yJQj0k+T2Nem3vnzF05PVauz5/L8+MKZ98bnz1945tSZqZOzJ2fPTh47duTwxHNHJ5/tSpxZXNf3fji3f8+rb195ffr4lXd++iYp4m+Jo0tG2+4tN14er9W6XF1/7WxKJ+U+NoQ1KeWn5FB9/I9EKZY6byRe+aSvjQN6qlar1e7rfPhSDdjEkuh3C4D+KH7os+vfYrtDU48N4dqLjQugLO4b+dY4Uo40LzPUcn3bTaMRcfzSP19mW7Teh9jao0oBgIH2XTb/ebrd/C+N5vtCd+drKJWIuCcidkXE0YjYHRH3RtTL3h8RD6yx/tZFklvnn+nVdQW2Stn87/l8bWv5/K+Y/UWllOd21uMfSk6cqs4eyj+TgzG0JctPrFDH9y//+nmnY83zv2zL6i/mgnk7rpa3LH/PzNTC1H+Judm1jyP2ltvFn9xcCUgiYk9EvLDOOk49+fX+Tsc6xD+8qv+4C+tMta8inmj0/6Voib+QrLw+OX5XVGcPjRdnxa1+/uXyG53qv33/91bW/9vanv9F/H9Ukub12vm113H59886XlOu9/wfTt5atu+DqYWFcxMRw8lr9Xylef9kS7nJpfJZ/AcPtB//u2Lpk9gXEdlJ/GBEPBQRD+dtfyQiHo2IAyvE/+NLj727/vh7K4t/ZsX+j5b+X0oMR+ue9onS6R++XVZpZS3xZ/1/pJ46mO9Zzfffatq1vrMZAAAA/n/SiNgRSTp2M52mY2ONv+HfHdvS6tz8wlMn5t4/O9N4RqASQ2lxp2uk6X7oRH5ZX+QnW/KH8/vGX5S21vNj03PVmX4HDwNue4fxn/mz1O/WAT3neS0YXMY/DC7jHwaX8Q+Dq8349+gZDIh2v/8f9aEdwJ3XMv5XXPYzMYDNxfU/DC7jHwaX8Q8DaX5r3P4h+c2RSCNiAzRjsyQi3RDNkOhRot/fTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAN3xbwAAAP//ynflmQ==") r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./bus\x00', 0x1c5042, 0x12) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) sendmsg$kcm(0xffffffffffffffff, 0x0, 0x14) write(r1, &(0x7f00000009c0)="3bf58d7d45d32cfe", 0x8) sendfile(r1, r0, 0x0, 0x3ffff) sendfile(r1, r0, 0x0, 0x7fffeffd) 385.226879ms ago: executing program 0 (id=2873): sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0) creat(&(0x7f00000000c0)='./file0\x00', 0x48) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15) r2 = dup(r1) write$P9_RLERRORu(r2, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53) write$RDMA_USER_CM_CMD_SET_OPTION(r2, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20) write$binfmt_elf64(r2, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe935"], 0x7c8) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2]) 361.53051ms ago: executing program 3 (id=2874): bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000200)=0x474c, 0x4) bind$inet(r0, &(0x7f0000000240)={0x2, 0x0, @local}, 0x6f) connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10) sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x300) setsockopt$inet_int(r0, 0x0, 0x19, &(0x7f0000000180)=0x1f5, 0x4) setsockopt$inet_int(r0, 0x0, 0xc, &(0x7f0000000040)=0x2, 0x4) recvmmsg(r0, &(0x7f0000000040), 0x291962b, 0x45833af92e4b39ff, 0x0) 258.316439ms ago: executing program 3 (id=2875): bpf$MAP_CREATE(0x0, 0x0, 0x48) sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x4000) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000640)={{r0}, &(0x7f0000000540), &(0x7f0000000600)}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000240)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) setrlimit(0x1, 0x0) 250.395039ms ago: executing program 0 (id=2876): semtimedop(0x0, &(0x7f00000006c0)=[{0x0, 0x6, 0x3000}], 0x1, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000001c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x40000}, [@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x3ff}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}]}, &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x6, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100}, 0x94) r0 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x4, @tid=r0}, &(0x7f0000bbdffc)=0x0) timer_settime(r1, 0x1, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0) pipe(&(0x7f0000000080)={0xffffffffffffffff}) vmsplice(r2, &(0x7f0000001280)=[{&(0x7f0000001180)="83", 0x1}], 0x1, 0x0) 185.118485ms ago: executing program 3 (id=2877): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000580)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) r2 = socket$tipc(0x1e, 0x5, 0x0) bind$tipc(r2, &(0x7f0000000340)=@nameseq={0x1e, 0x1, 0x3, {0x43}}, 0x10) r3 = socket$tipc(0x1e, 0x5, 0x0) setsockopt$TIPC_GROUP_JOIN(r3, 0x10f, 0x87, &(0x7f0000000300)={0x43, 0x0, 0x3, 0x3}, 0x10) setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x4, 0x3, 0x3}, 0x10) sendmsg$tipc(r2, &(0x7f0000000400)={&(0x7f00000008c0)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2400c09d}, 0x20) 163.812577ms ago: executing program 3 (id=2878): r0 = socket$netlink(0x10, 0x3, 0xc) bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) setsockopt$netlink_NETLINK_BROADCAST_ERROR(r0, 0x10e, 0x4, &(0x7f0000000140)=0x6, 0x4) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000200), 0x4) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="980000000001010400000000000000000a0000003c0001802c00018014000300fe8000000000000000000000000000aa14000400ff0100000000000000000000000000010c00028005000100000000003c0002802c00018014000300fe8000000000000000000000000000aa14000400fe8800000000000000000000000000010c0002800500010000000000080007"], 0x98}}, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000001c0)=ANY=[], 0x98}, 0x1, 0x0, 0x0, 0x20040800}, 0x0) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000008c0)={0x50, 0x0, 0x1, 0x3, 0x0, 0x0, {0xa}, [@CTA_TUPLE_ORIG={0x3c, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @local}, {0x14, 0x4, @mcast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}]}, 0x50}}, 0x0) 142.166498ms ago: executing program 1 (id=2879): socket(0x10, 0x3, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x18, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000093850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x4, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x18) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) close(0xffffffffffffffff) syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000740)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xc000, &(0x7f00000006c0), 0x2, 0x246, &(0x7f0000000ac0)="$eJzs3T9oM2UcB/DvXRJf+75BXnURxD8gIloor5vg8rooFKQUEUGFioiL0gq1xa1xcnHQWaWTSxE3q6N0KS6K4FS1Q10ELQ4WBx0iybVS24ja1Jz0Ph+43l3vee73HLnvkyyXBGisq0muJ2klmU7SSVIcb3B3tVw93F2f2l5I+v0nfiqG7ar9ylG/K0l6SR5KslUWeamdrG4+s/fLzmP3vbnSuff9zaenJnqRh/b3dh8/eG/ujY9mH1z94qsf5opcT/dP13X+ihH/axfJLf9Fsf+Jol33CPgn5l/78OtB7m9Ncs8w/52UqV68t5Zv2OrkgXf/qu/bP355+yTHCpy/fr8zeA/s9YHGKZN0U5QzSartspyZqT7Df9O6XL68tPzq9ItLK4sv1D1TAeelm+w++smlj6+cyP/3rSr/wMU1yP+T8xvfDrYPWnWPBpiIO6rVIP/Tz63dH/mHxpF/aC75h+aSf2gu+Yfmkn9oLvmHC6xztNEbeVj+obnkH5pL/qG5jucfAGiW/qW6n0AG6lL3/AMAAAAAAAAAAAAAAAAAAJy2PrW9cLRMquZn7yT7jyRpj6rfGv4ecXLj8O/ln4tBsz8UVbexPHvXmCcY0wc1P31903f11v/8znrrry0mvdeTXGu3T99/xeH9d3Y3/83xzvNjFviXihP7Dz812fon/bZRb/3ZneTTwfxzbdT8U+a24Xr0/NM9/hXLZ/TKr2OeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIn5PQAA//8PK23M") r1 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./file1\x00', 0x143142, 0x40) pwritev2(r1, &(0x7f0000000100)=[{&(0x7f0000000080)="ff", 0xabfb}], 0x1, 0x5405, 0x0, 0x0) ioctl$EXT4_IOC_GET_ES_CACHE(r1, 0xc020662a, &(0x7f0000000880)={0x0, 0x8000000003ff, 0x5, 0x6}) 102.102512ms ago: executing program 5 (id=2880): r0 = socket$netlink(0x10, 0x3, 0xf) bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000300), 0x4) setsockopt$netlink_NETLINK_BROADCAST_ERROR(r0, 0x10e, 0x4, &(0x7f0000000040)=0x1800, 0x4) r1 = socket$netlink(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000110000000000000000850000007b00000095"], &(0x7f0000000140)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000000)='kmem_cache_free\x00', r3}, 0x10) sendmsg$DEVLINK_CMD_RATE_NEW(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)={0x34, r2, 0x21, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0) 49.157526ms ago: executing program 3 (id=2881): syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x40, &(0x7f00000002c0)={[], [{@fowner_eq}]}, 0x1, 0x58a, &(0x7f0000001b40)="$eJzs3T1sG2UfAPD/neOmH3nf9JXeV3pBHSpAKlJVJ+kHFKZ2RVSq1AGJBSLHjao4cRUn0EQZ0r1CdECAupQNBkYQAwNiYWRlATEjVTQCqekARv5K09QJTohjyP1+0tnPc3f2/3nu/H/sO93JAWTW8fpDGvFURFxOIobXLRuI1sLjzfVWV5aKD1eWiknUald+TiKJiAcrS8X2+knr+UhELEfE/yPi63zEyXTtLQ+0C9WFxanxcrk026qPzE1fH6kuLJ66Nj0+WZoszZx58aVz58+eGzs9tr65D2vra/nt9fXWD7ffufXtK3dvf/LpseXie+NJXIih1rL1/dhNzW2Sjwsb5p/tRbA+SvrdAHYk18rzeir9L4Yj18r6TmrrB4fBPWke0EO1wYgakFGJ/IeMav8OqB//tqe9/P1x72LzAKQed7U1NZcMNM9NxMHGscnhX5LHjkzqx5tH97Kh7EvLNyNidGDgyc9/0vr87dzobjSQnvrqYnNHPbn/07XxJzqMP0Ptc6d/UXv8W31i/HsUP7fJ+He5yxi/vf7jh5vGvxnxdMf4yVr8pEP8NCLe7DL+nde+OL/ZstpHESeic/y2ZOvzwyNXr5VLo83HjjG+PHHs5a36f3iT+M1ztgcbXzOdtn/aZf8//+azZ5a3iP/8s1vv/07b/1BEvNtl/P88+PjVzZbdu5ncr/8K2O7+TyIfd7uM/8KF49+3is4aAgAAAAAAAADALkob17IlaWGtnKaFQvMe3v/G4bRcqc6dvFqZn5loXvN2NPJp+0qr4WY9qdfHWtfjtuunN9TP5FoBc4ca9UKxUp7oc98BAAAAAAAAAAAAAAAAAADg7+LIhvv/f8017v/f+HfVwH61+V9+A/ud/Ifsejz/k761A9h7vv8hs2ryH7JL/kN2yX/ILvkP2SX/IbvkP2SX/AcAAAAAAAAAAAAAAAAAAAAAAAAAgJ64fOlSfao9XFkq1usTAwvzU5W3Tk2UqlOF6flioViZvV6YrFQmy6VCsTL9Z++XVCrXR2Nm/sbIXKk6N1JdWHxjujI/0/5P0VK+5z0CAAAAAAAAAAAAAAAAAACAf56hxpSkhYh8s56mhULEvyLiaBLJ1Wvl0mhE/DsivsvlB+v1sX43GgAAAAAAAAAAAAAAAAAAAPaZ6sLi1Hi5XJrtXWGgFaqHIbovDGxn5YhY3t1m1N9x26/KtzZgnzedQqYKfRyUAAAAAAAAAAAAAAAAAAAgox7d9NvtK37vbYMAAAAAAAAAAAAAAAAAAAAgk9KfkoioTyeGnxvauPRAspprPEfE23euvH9jfG5udqw+//7a/LkPWvNP96P9QLfaeZpGRD2PAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgEeqC4tT4+VyaXaHhcEu1ul3HwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB24o8AAAD//+mR0Yo=") perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x100b28, 0x6, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x0) preadv2(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x401c5820, 0x0) openat$ttyS3(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000100)={'team0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB="200000001100010100"/20, @ANYRES32=r1], 0x20}, 0x1, 0x0, 0x0, 0x80d5}, 0x0) 0s ago: executing program 1 (id=2882): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r1}, 0x10) r2 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file2\x00', 0x42, 0x0) pwrite64(r2, &(0x7f00000000c0)='a', 0x200000c1, 0x9000) lseek(r2, 0x5, 0x4) getdents(r2, 0x0, 0x0) kernel console output (not intermixed with test programs): overlap fs metadata [ 59.220760][ T5620] EXT4-fs (loop2): pa ffff8881071ff380: logic 16, phys. 129, len 24 [ 59.228799][ T5620] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 8 [ 59.281131][ T5640] netlink: 24 bytes leftover after parsing attributes in process `syz.3.896'. [ 59.346972][ T3302] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 59.390796][ T5654] pimreg: entered allmulticast mode [ 59.410856][ T5655] netdevsim netdevsim2: Direct firmware load for ./file0/file1 failed with error -2 [ 59.418455][ T5657] netlink: 'syz.3.904': attribute type 4 has an invalid length. [ 59.420467][ T5654] pimreg: left allmulticast mode [ 59.531875][ T5667] 8021q: adding VLAN 0 to HW filter on device bond1 [ 59.548097][ T5667] vlan2: entered allmulticast mode [ 59.553288][ T5667] bond1: entered allmulticast mode [ 59.654051][ T5682] SELinux: Context system_u:object_r:hwdata_t:s0 is not valid (left unmapped). [ 59.669196][ T5682] loop0: detected capacity change from 0 to 1024 [ 59.687298][ T5682] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 59.740620][ T5665] loop1: detected capacity change from 0 to 512 [ 59.747337][ T5665] EXT4-fs: Ignoring removed mblk_io_submit option [ 59.753824][ T5665] EXT4-fs: Ignoring removed bh option [ 59.760717][ T5665] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 59.784777][ T5665] EXT4-fs (loop1): 1 truncate cleaned up [ 59.791045][ T5665] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 59.827724][ T5690] loop3: detected capacity change from 0 to 128 [ 59.836744][ T5690] ext4 filesystem being mounted at /174/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 59.978851][ T5698] netdevsim netdevsim3: Direct firmware load for ./file0/file1 failed with error -2 [ 60.010865][ T3360] tipc: Node number set to 2886997007 [ 60.342156][ T5735] loop1: detected capacity change from 0 to 128 [ 60.690036][ T5766] bond1: entered allmulticast mode [ 60.702208][ T5766] 8021q: adding VLAN 0 to HW filter on device bond1 [ 60.709685][ T5773] loop3: detected capacity change from 0 to 512 [ 60.710093][ T5766] bridge0: port 3(bond1) entered blocking state [ 60.722459][ T5766] bridge0: port 3(bond1) entered disabled state [ 60.730216][ T5766] bond1: entered promiscuous mode [ 60.735785][ T5766] bridge0: port 3(bond1) entered blocking state [ 60.742170][ T5766] bridge0: port 3(bond1) entered forwarding state [ 60.750151][ T5773] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -13 [ 60.763555][ T5773] EXT4-fs error (device loop3): ext4_orphan_get:1392: inode #13: comm syz.3.954: iget: bad i_size value: 12154757448730 [ 60.776453][ T5773] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.954: couldn't read orphan inode 13 (err -117) [ 60.849828][ T5782] loop0: detected capacity change from 0 to 512 [ 60.874315][ T5782] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.957: corrupted inode contents [ 60.892518][ T5782] EXT4-fs error (device loop0): ext4_dirty_inode:6538: inode #16: comm syz.0.957: mark_inode_dirty error [ 60.965911][ T5782] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.957: corrupted inode contents [ 61.026012][ T5782] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #16: comm syz.0.957: mark_inode_dirty error [ 61.052065][ T5782] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.957: corrupted inode contents [ 61.065253][ T5782] EXT4-fs error (device loop0) in ext4_orphan_del:305: Corrupt filesystem [ 61.074262][ T5782] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.957: corrupted inode contents [ 61.090544][ T3730] bridge0: port 3(bond1) entered disabled state [ 61.170669][ T5782] EXT4-fs error (device loop0): ext4_truncate:4666: inode #16: comm syz.0.957: mark_inode_dirty error [ 61.185078][ T5806] loop4: detected capacity change from 0 to 1024 [ 61.195782][ T5782] EXT4-fs error (device loop0) in ext4_process_orphan:347: Corrupt filesystem [ 61.211332][ T5782] EXT4-fs (loop0): 1 truncate cleaned up [ 61.228532][ T5806] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4183: comm syz.4.967: Allocating blocks 385-513 which overlap fs metadata [ 61.241001][ T5782] ext4 filesystem being mounted at /185/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 61.255981][ T3729] EXT4-fs error (device loop0): ext4_release_dquot:6969: comm kworker/u8:42: Failed to release dquot type 1 [ 61.278754][ T5806] EXT4-fs (loop4): pa ffff8881072977e0: logic 16, phys. 129, len 24 [ 61.286819][ T5806] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 8 [ 61.402345][ T5836] ipvlan2: entered promiscuous mode [ 61.408138][ T5836] bridge0: port 3(ipvlan2) entered blocking state [ 61.414632][ T5836] bridge0: port 3(ipvlan2) entered disabled state [ 61.424942][ T5836] ipvlan2: entered allmulticast mode [ 61.430249][ T5836] bridge0: entered allmulticast mode [ 61.436207][ T5836] ipvlan2: left allmulticast mode [ 61.441294][ T5836] bridge0: left allmulticast mode [ 61.625824][ T5853] loop0: detected capacity change from 0 to 1024 [ 61.644955][ T5853] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4183: comm syz.0.986: Allocating blocks 385-513 which overlap fs metadata [ 61.664731][ T5853] EXT4-fs (loop0): pa ffff8881071ff4d0: logic 16, phys. 129, len 24 [ 61.672862][ T5853] EXT4-fs error (device loop0): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 8 [ 61.859861][ T5871] loop2: detected capacity change from 0 to 512 [ 61.877979][ T5871] ext4 filesystem being mounted at /192/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 62.007439][ T5881] vhci_hcd: SetHubDepth req not supported for USB 2.0 roothub [ 62.101996][ T5889] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in; [ 62.101996][ T5889] program syz.3.1002 not setting count and/or reply_len properly [ 62.157049][ T5899] loop3: detected capacity change from 0 to 164 [ 62.164603][ T5899] rock: directory entry would overflow storage [ 62.170868][ T5899] rock: sig=0x66, size=4, remaining=3 [ 62.178871][ T5899] rock: directory entry would overflow storage [ 62.185156][ T5899] rock: sig=0x66, size=4, remaining=3 [ 62.191571][ T5899] iso9660: Corrupted directory entry in block 4 of inode 1792 [ 62.199841][ T5899] rock: directory entry would overflow storage [ 62.206144][ T5899] rock: sig=0x66, size=4, remaining=3 [ 62.213500][ T5899] iso9660: Corrupted directory entry in block 4 of inode 1792 [ 62.257975][ T5913] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 62.266679][ T5913] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 62.516232][ T5946] loop2: detected capacity change from 0 to 512 [ 62.524355][ T5946] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -13 [ 62.532718][ T5946] EXT4-fs error (device loop2): ext4_orphan_get:1392: inode #13: comm syz.2.1027: iget: bad i_size value: 12154757448730 [ 62.545750][ T5946] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.1027: couldn't read orphan inode 13 (err -117) [ 62.697502][ T5964] loop2: detected capacity change from 0 to 1024 [ 62.704795][ T5964] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 62.715817][ T5964] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 62.726243][ T5964] EXT4-fs (loop2): corrupt root inode, run e2fsck [ 62.732871][ T5964] EXT4-fs (loop2): mount failed [ 62.960686][ T5996] loop1: detected capacity change from 0 to 1024 [ 62.974907][ T5996] EXT4-fs: Ignoring removed orlov option [ 63.125500][ T6011] __nla_validate_parse: 11 callbacks suppressed [ 63.125516][ T6011] netlink: 96 bytes leftover after parsing attributes in process `syz.0.1051'. [ 63.142975][ T6011] netlink: 96 bytes leftover after parsing attributes in process `syz.0.1051'. [ 63.211322][ T6013] loop4: detected capacity change from 0 to 1024 [ 63.218084][ T6013] EXT4-fs: Ignoring removed orlov option [ 63.375800][ T6045] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1065'. [ 63.428960][ T6045] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1065'. [ 63.714690][ T6060] $H: renamed from bond0 (while UP) [ 63.742197][ T6060] $H: entered promiscuous mode [ 63.747267][ T6060] bond_slave_0: entered promiscuous mode [ 63.753054][ T6060] bond_slave_1: entered promiscuous mode [ 63.844130][ T6069] validate_nla: 1 callbacks suppressed [ 63.844144][ T6069] netlink: 'syz.3.1070': attribute type 298 has an invalid length. [ 63.876755][ T6071] tipc: Started in network mode [ 63.881802][ T6071] tipc: Node identity ac14140f, cluster identity 4711 [ 63.889598][ T6071] tipc: New replicast peer: 255.255.255.255 [ 63.895749][ T6071] tipc: Enabled bearer , priority 10 [ 63.906680][ T6071] netlink: 340 bytes leftover after parsing attributes in process `syz.4.1076'. [ 63.951084][ T6074] loop1: detected capacity change from 0 to 512 [ 63.994608][ T6078] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1079'. [ 64.005295][ T6078] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 64.013036][ T6078] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 64.049754][ T6074] ext4 filesystem being mounted at /241/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 64.111484][ T29] kauditd_printk_skb: 105 callbacks suppressed [ 64.111501][ T29] audit: type=1400 audit(1755169068.978:2861): avc: denied { ioctl } for pid=6082 comm="syz.0.1081" path="socket:[12954]" dev="sockfs" ino=12954 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 64.327458][ T29] audit: type=1400 audit(1755169069.208:2862): avc: denied { create } for pid=6090 comm="syz.3.1085" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1 [ 64.352906][ T6091] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1085'. [ 64.576469][ T6110] loop2: detected capacity change from 0 to 512 [ 64.585048][ T6110] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 64.596253][ T29] audit: type=1400 audit(1755169069.478:2863): avc: denied { ioctl } for pid=6111 comm="syz.3.1094" path="socket:[13020]" dev="sockfs" ino=13020 ioctlcmd=0x9435 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 64.632199][ T6110] EXT4-fs (loop2): 1 truncate cleaned up [ 64.638883][ T6114] netlink: 'syz.4.1087': attribute type 17 has an invalid length. [ 64.646898][ T6114] netlink: 152 bytes leftover after parsing attributes in process `syz.4.1087'. [ 64.656338][ T29] audit: type=1400 audit(1755169069.518:2864): avc: denied { remove_name } for pid=6109 comm="syz.2.1093" name="file1" dev="loop2" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 64.679191][ T29] audit: type=1400 audit(1755169069.518:2865): avc: denied { unlink } for pid=6109 comm="syz.2.1093" name="file1" dev="loop2" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 64.708122][ T29] audit: type=1400 audit(1755169069.588:2866): avc: denied { ioctl } for pid=6118 comm="syz.3.1095" path="socket:[13036]" dev="sockfs" ino=13036 ioctlcmd=0x745a scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 64.708397][ T6114] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 64.764749][ T6121] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1097'. [ 64.973702][ T29] audit: type=1326 audit(1755169069.848:2867): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6155 comm="syz.4.1113" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f06f10bebe9 code=0x7ffc0000 [ 64.997297][ T29] audit: type=1326 audit(1755169069.848:2868): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6155 comm="syz.4.1113" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f06f10bebe9 code=0x7ffc0000 [ 65.010678][ T23] tipc: Node number set to 2886997007 [ 65.020753][ T29] audit: type=1326 audit(1755169069.848:2869): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6159 comm="syz.2.1115" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1dd75cebe9 code=0x7ffc0000 [ 65.049430][ T29] audit: type=1326 audit(1755169069.858:2870): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6159 comm="syz.2.1115" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1dd75cebe9 code=0x7ffc0000 [ 65.214428][ T6179] loop4: detected capacity change from 0 to 512 [ 65.302271][ T6181] loop3: detected capacity change from 0 to 1024 [ 65.354340][ T6181] EXT4-fs: Ignoring removed orlov option [ 65.378842][ T6179] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -13 [ 65.389218][ T6181] EXT4-fs mount: 24 callbacks suppressed [ 65.389234][ T6181] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 65.514255][ T6179] EXT4-fs error (device loop4): ext4_orphan_get:1392: inode #13: comm syz.4.1124: iget: bad i_size value: 12154757448730 [ 65.551826][ T6179] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.1124: couldn't read orphan inode 13 (err -117) [ 65.582425][ T6179] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 65.598594][ T3307] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 65.615685][ T6195] netlink: 536 bytes leftover after parsing attributes in process `syz.0.1129'. [ 65.637885][ T3299] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 65.787978][ T6127] syz.1.1099 (6127) used greatest stack depth: 7536 bytes left [ 66.004787][ T6237] loop1: detected capacity change from 0 to 512 [ 66.014349][ T6237] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -13 [ 66.023624][ T6239] loop2: detected capacity change from 0 to 1024 [ 66.030955][ T6237] EXT4-fs error (device loop1): ext4_orphan_get:1392: inode #13: comm syz.1.1148: iget: bad i_size value: 12154757448730 [ 66.045330][ T6237] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.1148: couldn't read orphan inode 13 (err -117) [ 66.058906][ T6239] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 66.073870][ T6237] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 66.100162][ T3298] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 66.238092][ T6239] EXT4-fs error (device loop2): mb_free_blocks:2017: group 0, inode 18: block 177:freeing already freed block (bit 11); block bitmap corrupt. [ 66.274873][ T3302] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 66.517984][ T6263] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 66.526657][ T6263] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 66.549265][ T6266] netem: change failed [ 66.559809][ T6268] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) ! [ 66.597122][ T6274] loop2: detected capacity change from 0 to 1024 [ 66.612026][ T6274] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 66.654323][ T3302] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 66.762527][ T6285] loop0: detected capacity change from 0 to 512 [ 66.769531][ T6285] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 66.781472][ T6285] EXT4-fs (loop0): 1 truncate cleaned up [ 66.787502][ T6285] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 66.823277][ T3305] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 66.840801][ T6288] batman_adv: batadv0: Adding interface: dummy0 [ 66.847103][ T6288] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 66.872391][ T6288] batman_adv: batadv0: Not using interface dummy0 (retrying later): interface not active [ 66.909780][ T6294] tipc: Started in network mode [ 66.914700][ T6294] tipc: Node identity 1e2bd0c10818, cluster identity 4711 [ 66.921919][ T6294] tipc: Enabled bearer , priority 0 [ 66.929914][ T6294] tipc: Disabling bearer [ 67.025235][ T6302] program syz.0.1174 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 67.034801][ T6302] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 67.405064][ T6342] pim6reg1: entered promiscuous mode [ 67.410401][ T6342] pim6reg1: entered allmulticast mode [ 67.591512][ T6351] loop1: detected capacity change from 0 to 4096 [ 67.680208][ T6351] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 67.732491][ T3298] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 67.770551][ T6361] netem: change failed [ 67.938931][ T6374] tipc: Enabled bearer , priority 0 [ 67.949816][ T6374] tipc: Disabling bearer [ 68.038079][ T6380] netlink: 'syz.1.1208': attribute type 10 has an invalid length. [ 68.058777][ T6380] team0: Port device geneve1 added [ 68.300321][ T6407] loop2: detected capacity change from 0 to 512 [ 68.321994][ T6407] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 68.336742][ T6407] ext4 filesystem being mounted at /247/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 68.366285][ T6407] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #18: comm syz.2.1219: corrupted inode contents [ 68.389834][ T6407] EXT4-fs error (device loop2): ext4_dirty_inode:6538: inode #18: comm syz.2.1219: mark_inode_dirty error [ 68.411439][ T6407] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #18: comm syz.2.1219: corrupted inode contents [ 68.424796][ T6407] EXT4-fs error (device loop2): ext4_xattr_delete_inode:2991: inode #18: comm syz.2.1219: mark_inode_dirty error [ 68.437016][ T6407] EXT4-fs error (device loop2): ext4_xattr_delete_inode:2994: inode #18: comm syz.2.1219: mark inode dirty (error -117) [ 68.453527][ T6407] EXT4-fs warning (device loop2): ext4_evict_inode:274: xattr delete (err -117) [ 68.500143][ T3302] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 68.546954][ T6419] __nla_validate_parse: 4 callbacks suppressed [ 68.546970][ T6419] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1223'. [ 70.133885][ T6431] loop2: detected capacity change from 0 to 512 [ 70.157629][ T6433] netlink: 96 bytes leftover after parsing attributes in process `syz.4.1229'. [ 70.200961][ T6431] EXT4-fs (loop2): orphan cleanup on readonly fs [ 70.209079][ T6431] EXT4-fs error (device loop2): ext4_orphan_get:1418: comm syz.2.1228: bad orphan inode 13 [ 70.338532][ T6431] ext4_test_bit(bit=12, block=18) = 1 [ 70.343974][ T6431] is_bad_inode(inode)=0 [ 70.348138][ T6431] NEXT_ORPHAN(inode)=2130706432 [ 70.353021][ T6431] max_ino=32 [ 70.356203][ T6431] i_nlink=1 [ 70.361213][ T6431] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 70.394350][ T6450] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1234'. [ 70.429701][ T6450] 8021q: adding VLAN 0 to HW filter on device bond2 [ 70.452743][ T3302] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 70.661164][ T29] kauditd_printk_skb: 156 callbacks suppressed [ 70.661253][ T29] audit: type=1326 audit(1755169075.538:3027): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6495 comm="syz.4.1254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f06f10bebe9 code=0x7ffc0000 [ 70.690935][ T29] audit: type=1326 audit(1755169075.538:3028): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6495 comm="syz.4.1254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f06f10bd550 code=0x7ffc0000 [ 70.714337][ T29] audit: type=1326 audit(1755169075.538:3029): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6495 comm="syz.4.1254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f06f10bd550 code=0x7ffc0000 [ 70.737805][ T29] audit: type=1326 audit(1755169075.538:3030): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6495 comm="syz.4.1254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f06f10bebe9 code=0x7ffc0000 [ 70.761347][ T29] audit: type=1326 audit(1755169075.538:3031): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6495 comm="syz.4.1254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f06f10bebe9 code=0x7ffc0000 [ 70.784731][ T29] audit: type=1326 audit(1755169075.538:3032): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6495 comm="syz.4.1254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f06f10bebe9 code=0x7ffc0000 [ 70.808153][ T29] audit: type=1326 audit(1755169075.538:3033): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6495 comm="syz.4.1254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=217 compat=0 ip=0x7f06f10bebe9 code=0x7ffc0000 [ 70.831571][ T29] audit: type=1326 audit(1755169075.538:3034): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6495 comm="syz.4.1254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f06f10bebe9 code=0x7ffc0000 [ 70.965484][ T29] audit: type=1400 audit(1755169075.848:3035): avc: denied { connect } for pid=6523 comm="syz.1.1265" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 71.023811][ T29] audit: type=1400 audit(1755169075.898:3036): avc: denied { getopt } for pid=6521 comm="syz.2.1264" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 71.199744][ T6559] netlink: 96 bytes leftover after parsing attributes in process `syz.2.1279'. [ 71.283726][ T6572] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1285'. [ 71.287272][ T6573] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1284'. [ 71.543498][ T6621] netlink: 'syz.4.1298': attribute type 3 has an invalid length. [ 71.578747][ T6625] bond2: entered promiscuous mode [ 71.583922][ T6625] bond2: entered allmulticast mode [ 71.593267][ T6625] 8021q: adding VLAN 0 to HW filter on device bond2 [ 71.603693][ T6625] bond2 (unregistering): Released all slaves [ 71.754312][ T6710] loop4: detected capacity change from 0 to 128 [ 71.922003][ T6734] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1327'. [ 72.209800][ T6788] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1337'. [ 72.425394][ T6803] geneve2: entered promiscuous mode [ 72.430846][ T6803] geneve2: entered allmulticast mode [ 72.513261][ T6824] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1351'. [ 72.691586][ T6850] loop3: detected capacity change from 0 to 128 [ 72.699474][ T6850] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 72.712784][ T6850] ext4 filesystem being mounted at /249/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 72.763108][ T3307] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 73.007553][ T6867] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1362'. [ 73.022752][ T6867] team1: entered promiscuous mode [ 73.027789][ T6867] team1: entered allmulticast mode [ 73.093112][ T6907] loop3: detected capacity change from 0 to 1024 [ 73.100042][ T6907] EXT4-fs: Ignoring removed orlov option [ 73.107661][ T6907] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 73.318021][ T3307] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 73.447422][ T6929] team2: entered promiscuous mode [ 73.452580][ T6929] team2: entered allmulticast mode [ 73.465208][ T6973] loop2: detected capacity change from 0 to 128 [ 73.484161][ T6973] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 73.499713][ T6973] ext4 filesystem being mounted at /284/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 73.550353][ T3302] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 73.767550][ T7019] loop0: detected capacity change from 0 to 128 [ 73.776621][ T7019] bio_check_eod: 10131 callbacks suppressed [ 73.776635][ T7019] syz.0.1392: attempt to access beyond end of device [ 73.776635][ T7019] loop0: rw=2049, sector=145, nr_sectors = 3 limit=128 [ 73.851391][ T7026] bond0: entered promiscuous mode [ 73.856635][ T7026] bond0: entered allmulticast mode [ 73.863494][ T7026] 8021q: adding VLAN 0 to HW filter on device bond0 [ 73.874797][ T7026] bond0 (unregistering): Released all slaves [ 73.986022][ T7094] loop0: detected capacity change from 0 to 128 [ 73.990251][ T7095] geneve2: entered promiscuous mode [ 73.997547][ T7095] geneve2: entered allmulticast mode [ 74.001563][ T7094] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 74.015235][ T7094] ext4 filesystem being mounted at /278/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 74.063278][ T3305] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 74.157503][ T7117] loop0: detected capacity change from 0 to 1024 [ 74.167358][ T7117] EXT4-fs (loop0): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 74.182486][ T7117] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 74.216105][ T7124] syzkaller1: entered promiscuous mode [ 74.221943][ T7124] syzkaller1: entered allmulticast mode [ 74.232403][ T3305] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 74.428473][ T7179] serio: Serial port ptm0 [ 74.442502][ T7184] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=7184 comm=syz.4.1421 [ 74.455411][ T7184] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=7184 comm=syz.4.1421 [ 74.555646][ T7205] loop0: detected capacity change from 0 to 164 [ 74.581319][ T7205] __nla_validate_parse: 3 callbacks suppressed [ 74.581335][ T7205] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1428'. [ 74.596711][ T7205] unsupported nla_type 10042 [ 74.701123][ T7231] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1439'. [ 74.741271][ T7235] netlink: 'syz.0.1441': attribute type 3 has an invalid length. [ 74.764885][ T7243] loop3: detected capacity change from 0 to 1024 [ 74.783230][ T7243] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 74.795551][ T7240] loop4: detected capacity change from 0 to 4096 [ 74.804062][ T7243] ext4 filesystem being mounted at /270/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 74.805649][ T7240] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 74.852395][ T3299] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 74.873437][ T7267] syz_tun: entered allmulticast mode [ 74.879449][ T7266] syz_tun: left allmulticast mode [ 74.899892][ T7272] loop4: detected capacity change from 0 to 128 [ 74.907228][ T3307] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 74.918069][ T7272] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 74.937413][ T7272] ext4 filesystem being mounted at /280/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 74.990805][ T3299] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 75.034251][ T7295] loop4: detected capacity change from 0 to 512 [ 75.062028][ T7295] EXT4-fs: Ignoring removed nobh option [ 75.072098][ T7301] loop1: detected capacity change from 0 to 128 [ 75.079639][ T7295] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -117 [ 75.092290][ T7301] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 75.104153][ T7308] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1459'. [ 75.106397][ T7295] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #13: comm syz.4.1453: invalid indirect mapped block 256 (level 1) [ 75.113166][ T7308] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1459'. [ 75.128153][ T7301] ext4 filesystem being mounted at /301/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 75.171610][ T7295] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #13: comm syz.4.1453: invalid indirect mapped block 2683928664 (level 1) [ 75.186253][ T7295] EXT4-fs (loop4): 1 truncate cleaned up [ 75.192452][ T7295] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 75.216310][ T7308] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1459'. [ 75.225272][ T7308] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1459'. [ 75.254013][ T3298] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 75.265710][ T7323] loop2: detected capacity change from 0 to 128 [ 75.274124][ T7323] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 75.287620][ T7323] ext4 filesystem being mounted at /309/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 75.327798][ T7295] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:483: comm syz.4.1453: Invalid block bitmap block 3 in block_group 0 [ 75.357331][ T3302] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 75.389077][ T7342] loop3: detected capacity change from 0 to 128 [ 75.416684][ T7350] smc: net device bond0 applied user defined pnetid SYZ0 [ 75.424143][ T7350] smc: net device bond0 erased user defined pnetid SYZ0 [ 75.445674][ T7342] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 75.447687][ T7344] SELinux: failed to load policy [ 75.469453][ T7342] ext4 filesystem being mounted at /275/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 75.520925][ T3307] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 75.546914][ T7363] netlink: 'syz.1.1479': attribute type 29 has an invalid length. [ 75.566491][ T7363] netlink: 'syz.1.1479': attribute type 29 has an invalid length. [ 75.576465][ T7363] netlink: 500 bytes leftover after parsing attributes in process `syz.1.1479'. [ 75.688268][ T7383] serio: Serial port ptm0 [ 75.779999][ T7391] loop1: detected capacity change from 0 to 128 [ 75.789919][ T7391] syz.1.1486: attempt to access beyond end of device [ 75.789919][ T7391] loop1: rw=2049, sector=145, nr_sectors = 3 limit=128 [ 75.836708][ T29] kauditd_printk_skb: 218 callbacks suppressed [ 75.836722][ T29] audit: type=1326 audit(1755169080.718:3255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7399 comm="syz.3.1489" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41ea50ebe9 code=0x7ffc0000 [ 75.885856][ T29] audit: type=1326 audit(1755169080.758:3256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7399 comm="syz.3.1489" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41ea50ebe9 code=0x7ffc0000 [ 75.909344][ T29] audit: type=1326 audit(1755169080.758:3257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7399 comm="syz.3.1489" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f41ea50ebe9 code=0x7ffc0000 [ 75.932755][ T29] audit: type=1326 audit(1755169080.758:3258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7399 comm="syz.3.1489" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41ea50ebe9 code=0x7ffc0000 [ 75.942501][ T3299] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 75.956217][ T29] audit: type=1326 audit(1755169080.758:3259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7399 comm="syz.3.1489" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41ea50ebe9 code=0x7ffc0000 [ 75.988618][ T29] audit: type=1326 audit(1755169080.758:3260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7399 comm="syz.3.1489" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f41ea50ebe9 code=0x7ffc0000 [ 76.012068][ T29] audit: type=1326 audit(1755169080.758:3261): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7399 comm="syz.3.1489" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41ea50ebe9 code=0x7ffc0000 [ 76.035447][ T29] audit: type=1326 audit(1755169080.758:3262): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7399 comm="syz.3.1489" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f41ea50ebe9 code=0x7ffc0000 [ 76.058881][ T29] audit: type=1326 audit(1755169080.758:3263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7399 comm="syz.3.1489" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41ea50ebe9 code=0x7ffc0000 [ 76.082420][ T29] audit: type=1326 audit(1755169080.758:3264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7399 comm="syz.3.1489" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f41ea50ebe9 code=0x7ffc0000 [ 76.404404][ T7426] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1494'. [ 76.414722][ T7422] syzkaller1: entered promiscuous mode [ 76.420213][ T7422] syzkaller1: entered allmulticast mode [ 76.445808][ T7428] loop3: detected capacity change from 0 to 1024 [ 76.456629][ T7428] EXT4-fs (loop3): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 76.472182][ T7428] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 76.503931][ T3307] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 76.533722][ T7441] loop3: detected capacity change from 0 to 164 [ 76.543044][ T7441] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1497'. [ 76.646368][ T7461] loop0: detected capacity change from 0 to 164 [ 76.655095][ T7461] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 76.692462][ T7471] loop2: detected capacity change from 0 to 1024 [ 76.705523][ T7477] tipc: Started in network mode [ 76.710421][ T7477] tipc: Node identity ac14140f, cluster identity 4711 [ 76.718332][ T7477] tipc: New replicast peer: 255.255.255.255 [ 76.724508][ T7477] tipc: Enabled bearer , priority 10 [ 76.731109][ T7471] EXT4-fs (loop2): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 76.742140][ T7477] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1511'. [ 76.751104][ T7477] tipc: Disabling bearer [ 76.767535][ T7471] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 76.847882][ T3302] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 76.858079][ T7501] loop0: detected capacity change from 0 to 512 [ 76.871904][ T7501] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 76.898251][ T7512] -: renamed from syzkaller0 [ 76.926893][ T3305] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 76.982027][ T7526] smc: net device bond0 applied user defined pnetid SYZ0 [ 76.990259][ T7526] smc: net device bond0 erased user defined pnetid SYZ0 [ 77.068211][ T7540] loop4: detected capacity change from 0 to 1024 [ 77.076082][ T7540] EXT4-fs (loop4): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 77.092798][ T7540] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 77.120406][ T3299] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 77.206174][ T7561] loop4: detected capacity change from 0 to 128 [ 77.245207][ T7561] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 77.266961][ T7561] ext4 filesystem being mounted at /287/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 77.272752][ T7566] SELinux: failed to load policy [ 77.367806][ T3299] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 77.626787][ T7616] loop0: detected capacity change from 0 to 1024 [ 77.633796][ T7616] EXT4-fs: Ignoring removed orlov option [ 77.643118][ T7616] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 78.051454][ T7640] loop2: detected capacity change from 0 to 2048 [ 78.081857][ T7640] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 78.101445][ T3305] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 78.173731][ T3302] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz-executor: bg 0: block 234: padding at end of block bitmap is not set [ 78.188565][ T3302] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6657: Corrupt filesystem [ 78.264553][ T3302] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 78.417301][ T7665] netlink: 'syz.3.1571': attribute type 3 has an invalid length. [ 78.778665][ T7746] veth1_to_bond: entered allmulticast mode [ 78.788194][ T7746] bond0: (slave bond_slave_1): Releasing backup interface [ 78.814560][ T7746] veth1_to_bond (unregistering): left allmulticast mode [ 79.185318][ T7791] loop1: detected capacity change from 0 to 512 [ 79.226445][ T7791] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 79.257234][ T7791] EXT4-fs (loop1): 1 truncate cleaned up [ 79.280966][ T7791] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 79.345827][ T3298] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 79.608603][ T7846] SELinux: failed to load policy [ 79.761131][ T7853] netlink: 'syz.0.1626': attribute type 3 has an invalid length. [ 80.014805][ T3381] kernel write not supported for file [eventfd] (pid: 3381 comm: kworker/0:4) [ 80.344054][ T7883] loop2: detected capacity change from 0 to 1024 [ 80.350729][ T7883] EXT4-fs: Ignoring removed oldalloc option [ 80.360861][ T7883] EXT4-fs (loop2): stripe (3) is not aligned with cluster size (16), stripe is disabled [ 80.396154][ T7883] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 80.412604][ T7889] __nla_validate_parse: 5 callbacks suppressed [ 80.412625][ T7889] netlink: 432 bytes leftover after parsing attributes in process `syz.3.1641'. [ 80.478312][ T7900] loop3: detected capacity change from 0 to 128 [ 80.490654][ T7883] loop2: detected capacity change from 1024 to 64 [ 80.497563][ T7901] EXT4-fs error (device loop2): xattr_find_entry:333: inode #15: comm syz.2.1639: corrupted xattr entries [ 80.511132][ T7901] EXT4-fs error (device loop2): get_max_inline_xattr_value_size:74: inode #15: comm syz.2.1639: corrupt xattr in inline inode [ 80.526722][ T7901] EXT4-fs error (device loop2): xattr_find_entry:333: inode #15: comm syz.2.1639: corrupted xattr entries [ 80.571556][ T3302] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 16: comm syz-executor: path /340/file1: bad entry in directory: inode out of bounds - offset=0, inode=201326592, rec_len=256, size=1024 fake=0 [ 80.605098][ T3302] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 80.621583][ T7887] kmmpd-loop2: attempt to access beyond end of device [ 80.621583][ T7887] loop2: rw=14337, sector=128, nr_sectors = 2 limit=64 [ 80.635147][ T7887] buffer_io_error: 10129 callbacks suppressed [ 80.635161][ T7887] Buffer I/O error on dev loop2, logical block 64, lost sync page write [ 80.688317][ T3708] netdevsim netdevsim2 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 80.740064][ T7920] SELinux: failed to load policy [ 80.753407][ T3708] netdevsim netdevsim2 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 80.807083][ T3708] netdevsim netdevsim2 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 80.852015][ T3708] netdevsim netdevsim2 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 80.951329][ T3708] bridge_slave_1: left allmulticast mode [ 80.957033][ T3708] bridge_slave_1: left promiscuous mode [ 80.962767][ T3708] bridge0: port 2(bridge_slave_1) entered disabled state [ 80.973047][ T29] kauditd_printk_skb: 185 callbacks suppressed [ 80.973059][ T29] audit: type=1400 audit(1755169085.848:3450): avc: denied { mounton } for pid=7943 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1 [ 81.002801][ T29] audit: type=1326 audit(1755169085.888:3451): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7944 comm="syz.4.1656" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f06f10bebe9 code=0x7ffc0000 [ 81.026385][ T29] audit: type=1326 audit(1755169085.888:3452): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7944 comm="syz.4.1656" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f06f10bebe9 code=0x7ffc0000 [ 81.049991][ T29] audit: type=1326 audit(1755169085.888:3453): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7944 comm="syz.4.1656" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f06f10bebe9 code=0x7ffc0000 [ 81.073533][ T29] audit: type=1326 audit(1755169085.888:3454): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7944 comm="syz.4.1656" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f06f10bebe9 code=0x7ffc0000 [ 81.096977][ T29] audit: type=1326 audit(1755169085.888:3455): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7944 comm="syz.4.1656" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f06f10bebe9 code=0x7ffc0000 [ 81.120457][ T29] audit: type=1326 audit(1755169085.888:3456): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7944 comm="syz.4.1656" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f06f10bebe9 code=0x7ffc0000 [ 81.143861][ T29] audit: type=1326 audit(1755169085.888:3457): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7944 comm="syz.4.1656" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f06f10bebe9 code=0x7ffc0000 [ 81.167378][ T29] audit: type=1326 audit(1755169085.988:3458): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7944 comm="syz.4.1656" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f06f10bebe9 code=0x7ffc0000 [ 81.190755][ T29] audit: type=1326 audit(1755169085.988:3459): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7944 comm="syz.4.1656" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f06f10bebe9 code=0x7ffc0000 [ 81.190935][ T3708] bridge_slave_0: left allmulticast mode [ 81.219953][ T3708] bridge_slave_0: left promiscuous mode [ 81.225608][ T3708] bridge0: port 1(bridge_slave_0) entered disabled state [ 81.369566][ T7958] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1661'. [ 81.378545][ T7958] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1661'. [ 81.410511][ T7962] loop3: detected capacity change from 0 to 2048 [ 81.420662][ T3708] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 81.430421][ T3708] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 81.448365][ T3708] bond0 (unregistering): Released all slaves [ 81.460247][ T7962] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 81.494209][ T7971] loop1: detected capacity change from 0 to 128 [ 81.500348][ T7973] loop4: detected capacity change from 0 to 512 [ 81.507669][ T7973] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 81.519260][ T3708] tipc: Left network mode [ 81.535633][ T3307] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz-executor: bg 0: block 234: padding at end of block bitmap is not set [ 81.536274][ T7973] EXT4-fs (loop4): 1 truncate cleaned up [ 81.556401][ T7973] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 81.594743][ T3307] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6657: Corrupt filesystem [ 81.604895][ T3708] hsr_slave_0: left promiscuous mode [ 81.624021][ T3299] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 81.633101][ T3708] hsr_slave_1: left promiscuous mode [ 81.639249][ T3708] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 81.648623][ T3307] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 81.668935][ T3708] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 81.686885][ T3708] batman_adv: batadv0: Removing interface: dummy0 [ 81.701198][ T7999] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1672'. [ 81.759441][ T3708] team0 (unregistering): Port device team_slave_1 removed [ 81.769237][ T3708] team0 (unregistering): Port device team_slave_0 removed [ 81.881129][ T8002] Falling back ldisc for ttyS3. [ 81.917948][ T8052] netlink: 14593 bytes leftover after parsing attributes in process `syz.4.1679'. [ 81.985323][ T7943] chnl_net:caif_netlink_parms(): no params data found [ 82.050373][ T7943] bridge0: port 1(bridge_slave_0) entered blocking state [ 82.057531][ T7943] bridge0: port 1(bridge_slave_0) entered disabled state [ 82.097743][ T7943] bridge_slave_0: entered allmulticast mode [ 82.108029][ T7943] bridge_slave_0: entered promiscuous mode [ 82.117479][ T7943] bridge0: port 2(bridge_slave_1) entered blocking state [ 82.124699][ T7943] bridge0: port 2(bridge_slave_1) entered disabled state [ 82.132151][ T7943] bridge_slave_1: entered allmulticast mode [ 82.138626][ T7943] bridge_slave_1: entered promiscuous mode [ 82.167025][ T7943] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 82.187479][ T7943] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 82.227440][ T7943] team0: Port device team_slave_0 added [ 82.234298][ T7943] team0: Port device team_slave_1 added [ 82.256177][ T7943] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 82.263248][ T7943] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 82.289299][ T7943] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 82.302626][ T7943] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 82.309591][ T7943] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 82.335539][ T7943] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 82.371482][ T7943] hsr_slave_0: entered promiscuous mode [ 82.382262][ T7943] hsr_slave_1: entered promiscuous mode [ 82.471616][ T7943] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 82.480200][ T7943] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 82.488876][ T7943] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 82.497860][ T7943] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 82.516584][ T7943] bridge0: port 2(bridge_slave_1) entered blocking state [ 82.523676][ T7943] bridge0: port 2(bridge_slave_1) entered forwarding state [ 82.531077][ T7943] bridge0: port 1(bridge_slave_0) entered blocking state [ 82.538115][ T7943] bridge0: port 1(bridge_slave_0) entered forwarding state [ 82.573146][ T8404] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1700'. [ 82.575753][ T7943] 8021q: adding VLAN 0 to HW filter on device bond0 [ 82.612547][ T3708] bridge0: port 1(bridge_slave_0) entered disabled state [ 82.620386][ T3708] bridge0: port 2(bridge_slave_1) entered disabled state [ 82.633663][ T7943] 8021q: adding VLAN 0 to HW filter on device team0 [ 82.650522][ T3731] bridge0: port 1(bridge_slave_0) entered blocking state [ 82.657727][ T3731] bridge0: port 1(bridge_slave_0) entered forwarding state [ 82.672590][ T3708] bridge0: port 2(bridge_slave_1) entered blocking state [ 82.679717][ T3708] bridge0: port 2(bridge_slave_1) entered forwarding state [ 82.777793][ T7943] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 82.814250][ T8447] loop1: detected capacity change from 0 to 128 [ 82.843085][ T8451] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1714'. [ 82.861698][ T8451] hsr_slave_1 (unregistering): left promiscuous mode [ 82.927579][ T7943] veth0_vlan: entered promiscuous mode [ 82.935875][ T7943] veth1_vlan: entered promiscuous mode [ 82.952029][ T7943] veth0_macvtap: entered promiscuous mode [ 82.959418][ T7943] veth1_macvtap: entered promiscuous mode [ 82.969493][ T7943] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 82.979846][ T7943] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 82.989984][ T3733] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.998981][ T3733] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.008213][ T3733] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.018898][ T3733] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.098223][ T8476] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1725'. [ 83.111408][ T8479] netlink: 64 bytes leftover after parsing attributes in process `syz.4.1728'. [ 83.379343][ T8538] netlink: 96 bytes leftover after parsing attributes in process `syz.0.1723'. [ 83.481822][ T8549] loop4: detected capacity change from 0 to 256 [ 83.490591][ T8549] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 83.500799][ T8549] FAT-fs (loop4): Filesystem has been set read-only [ 83.543289][ T8555] loop3: detected capacity change from 0 to 128 [ 83.770161][ T8586] loop0: detected capacity change from 0 to 512 [ 83.802783][ T8595] af_packet: tpacket_rcv: packet too big, clamped from 64993 to 3952. macoff=96 [ 83.811925][ T8595] ip6_tunnel: non-ECT from fe88:a43d:e1a4:0000:0000:0000:0000:7d01 with DS=0xe [ 84.191481][ T8620] hsr_slave_1 (unregistering): left promiscuous mode [ 84.583455][ T8665] netlink: 'syz.1.1770': attribute type 10 has an invalid length. [ 84.599502][ T8665] bond0: (slave dummy0): Releasing backup interface [ 84.609709][ T8665] team0: Port device dummy0 added [ 85.234504][ T8715] vhci_hcd: invalid port number 96 [ 85.239647][ T8715] vhci_hcd: default hub control req: 0318 vf7fa i0060 l0 [ 85.278700][ T8723] netlink: 'syz.5.1795': attribute type 13 has an invalid length. [ 85.335333][ T8724] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=8192 sclass=netlink_route_socket pid=8724 comm=syz.1.1794 [ 85.350114][ T8723] bridge0: port 2(bridge_slave_1) entered disabled state [ 85.357368][ T8723] bridge0: port 1(bridge_slave_0) entered disabled state [ 85.399449][ T8723] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 85.409925][ T8723] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 85.472349][ T3731] netdevsim netdevsim5 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 85.483210][ T3731] netdevsim netdevsim5 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 85.523760][ T3731] netdevsim netdevsim5 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 85.597701][ T8732] loop5: detected capacity change from 0 to 512 [ 85.767314][ T3731] netdevsim netdevsim5 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 86.186334][ T29] kauditd_printk_skb: 311 callbacks suppressed [ 86.186348][ T29] audit: type=1400 audit(1755169347.070:3771): avc: denied { read write } for pid=8751 comm="syz.1.1805" name="rdma_cm" dev="devtmpfs" ino=251 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:infiniband_device_t tclass=chr_file permissive=1 [ 86.216732][ T29] audit: type=1400 audit(1755169347.070:3772): avc: denied { open } for pid=8751 comm="syz.1.1805" path="/dev/infiniband/rdma_cm" dev="devtmpfs" ino=251 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:infiniband_device_t tclass=chr_file permissive=1 [ 86.327009][ T8757] ip6_tunnel: non-ECT from fe88:a43d:e1a4:0000:0000:0000:0000:7d01 with DS=0xe [ 86.433195][ T29] audit: type=1400 audit(1755169347.320:3773): avc: denied { sqpoll } for pid=8765 comm="syz.1.1810" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1 [ 86.458914][ T8719] syz.3.1793 (8719) used greatest stack depth: 7304 bytes left [ 86.469854][ T29] audit: type=1400 audit(1755169347.350:3774): avc: denied { create } for pid=8765 comm="syz.1.1810" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 86.513727][ T29] audit: type=1400 audit(1755169347.350:3775): avc: denied { bind } for pid=8765 comm="syz.1.1810" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 86.533226][ T29] audit: type=1400 audit(1755169347.380:3776): avc: denied { listen } for pid=8765 comm="syz.1.1810" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 86.590991][ T29] audit: type=1400 audit(1755169347.470:3777): avc: denied { ioctl } for pid=8773 comm="GPL" path="socket:[19913]" dev="sockfs" ino=19913 ioctlcmd=0x890b scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 86.635792][ T29] audit: type=1326 audit(1755169347.520:3778): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8777 comm="syz.5.1815" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb3d877ebe9 code=0x7ffc0000 [ 86.659485][ T29] audit: type=1326 audit(1755169347.520:3779): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8777 comm="syz.5.1815" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb3d877ebe9 code=0x7ffc0000 [ 86.683032][ T29] audit: type=1326 audit(1755169347.520:3780): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8777 comm="syz.5.1815" exe="/root/syz-executor" sig=0 arch=c000003e syscall=435 compat=0 ip=0x7fb3d877ebe9 code=0x7ffc0000 [ 86.775329][ T8796] __nla_validate_parse: 6 callbacks suppressed [ 86.775343][ T8796] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1822'. [ 86.799681][ T8798] netlink: 'syz.0.1823': attribute type 13 has an invalid length. [ 86.820068][ T8789] vlan2: entered allmulticast mode [ 86.893594][ T8798] bridge0: port 2(bridge_slave_1) entered disabled state [ 86.900798][ T8798] bridge0: port 1(bridge_slave_0) entered disabled state [ 86.950532][ T8820] loop5: detected capacity change from 0 to 2048 [ 86.997436][ T7943] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz-executor: bg 0: block 234: padding at end of block bitmap is not set [ 87.029918][ T8798] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 87.042578][ T7943] EXT4-fs error (device loop5) in ext4_mb_clear_bb:6657: Corrupt filesystem [ 87.053235][ T8798] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 87.123259][ T3729] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 87.183173][ T3729] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 87.209158][ T3729] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 87.228383][ T3729] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 87.636200][ T8880] syzkaller1: entered promiscuous mode [ 87.641729][ T8880] syzkaller1: entered allmulticast mode [ 87.767362][ T8899] loop0: detected capacity change from 0 to 512 [ 87.794245][ T8899] ext4 filesystem being mounted at /371/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 87.856992][ T8911] loop3: detected capacity change from 0 to 512 [ 87.872492][ T8913] vlan2: entered allmulticast mode [ 87.883676][ T8911] EXT4-fs: Ignoring removed oldalloc option [ 87.900599][ T8911] EXT4-fs error (device loop3): ext4_xattr_inode_iget:433: comm syz.3.1861: Parent and EA inode have the same ino 15 [ 87.916702][ T8911] EXT4-fs error (device loop3): ext4_xattr_inode_iget:433: comm syz.3.1861: Parent and EA inode have the same ino 15 [ 87.929417][ T8911] EXT4-fs (loop3): 1 orphan inode deleted [ 87.941273][ T8930] loop0: detected capacity change from 0 to 2048 [ 87.962334][ T8937] netlink: 'syz.3.1864': attribute type 13 has an invalid length. [ 87.979079][ T3305] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz-executor: bg 0: block 234: padding at end of block bitmap is not set [ 88.001699][ T3305] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6657: Corrupt filesystem [ 88.027954][ T3729] netdevsim netdevsim3 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 88.038400][ T3729] netdevsim netdevsim3 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 88.055692][ T3729] netdevsim netdevsim3 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 88.062272][ T8945] loop1: detected capacity change from 0 to 1024 [ 88.073197][ T3729] netdevsim netdevsim3 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 88.084927][ T8943] pim6reg1: entered promiscuous mode [ 88.090280][ T8943] pim6reg1: entered allmulticast mode [ 88.405819][ T8985] vlan2: entered allmulticast mode [ 88.512517][ T9017] loop1: detected capacity change from 0 to 128 [ 89.173709][ T9143] bridge0: port 3(batadv0) entered blocking state [ 89.180195][ T9143] bridge0: port 3(batadv0) entered disabled state [ 89.193231][ T9143] batadv0: entered allmulticast mode [ 89.199173][ T9143] batadv0: entered promiscuous mode [ 89.267936][ T9161] loop1: detected capacity change from 0 to 1764 [ 89.539276][ T9185] loop0: detected capacity change from 0 to 2048 [ 89.578019][ T9185] EXT4-fs (loop0): failed to initialize system zone (-117) [ 89.650955][ T9185] EXT4-fs (loop0): mount failed [ 89.670621][ T3730] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled [ 89.679933][ T3730] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled [ 89.715582][ T9200] loop0: detected capacity change from 0 to 128 [ 89.723029][ T9200] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 89.736547][ T9200] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 89.763406][ T3730] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 89.793747][ T9220] netlink: 'syz.0.1925': attribute type 1 has an invalid length. [ 89.943337][ T9241] loop5: detected capacity change from 0 to 164 [ 89.961386][ T9241] syz.5.1932: attempt to access beyond end of device [ 89.961386][ T9241] loop5: rw=524288, sector=263328, nr_sectors = 4 limit=164 [ 89.977554][ T9241] syz.5.1932: attempt to access beyond end of device [ 89.977554][ T9241] loop5: rw=0, sector=263328, nr_sectors = 4 limit=164 [ 90.049458][ T9249] bridge0: port 3(macsec1) entered blocking state [ 90.056069][ T9249] bridge0: port 3(macsec1) entered disabled state [ 90.064349][ T9249] macsec1: entered allmulticast mode [ 90.069673][ T9249] bridge0: entered allmulticast mode [ 90.075459][ T9249] macsec1: left allmulticast mode [ 90.080478][ T9249] bridge0: left allmulticast mode [ 90.253473][ T9265] macvlan1: entered promiscuous mode [ 90.261429][ T9265] ipvlan0: entered promiscuous mode [ 90.268466][ T9265] ipvlan0: left promiscuous mode [ 90.274080][ T9265] macvlan1: left promiscuous mode [ 90.313611][ T9273] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 90.385008][ T9283] IPVS: Error connecting to the multicast addr [ 90.558340][ T9293] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1949'. [ 90.567754][ T9295] netlink: 'syz.1.1947': attribute type 13 has an invalid length. [ 90.726881][ T9295] bridge0: port 2(bridge_slave_1) entered disabled state [ 90.734143][ T9295] bridge0: port 1(bridge_slave_0) entered disabled state [ 90.952887][ T9295] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 90.965531][ T9295] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 91.035892][ T9293] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1949'. [ 91.055818][ T9293] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1949'. [ 91.066134][ T9293] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1949'. [ 91.093163][ T9320] vlan2: entered allmulticast mode [ 91.125058][ T3731] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 91.149722][ T3731] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 91.158835][ T3731] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 91.174996][ T3731] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 91.208073][ T9340] bridge0: port 3(batadv1) entered blocking state [ 91.214696][ T9340] bridge0: port 3(batadv1) entered disabled state [ 91.225372][ T9340] batadv1: entered allmulticast mode [ 91.231362][ T9340] batadv1: entered promiscuous mode [ 91.262133][ T9353] loop3: detected capacity change from 0 to 512 [ 91.276255][ T29] kauditd_printk_skb: 193 callbacks suppressed [ 91.276303][ T29] audit: type=1400 audit(1755169352.160:3974): avc: denied { create } for pid=9357 comm="syz.1.1963" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 91.304500][ T29] audit: type=1400 audit(1755169352.160:3975): avc: denied { write } for pid=9357 comm="syz.1.1963" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 91.305240][ T9353] ext4 filesystem being mounted at /398/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 91.324898][ T29] audit: type=1400 audit(1755169352.160:3976): avc: denied { nlmsg_write } for pid=9357 comm="syz.1.1963" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 91.710626][ T3723] batman_adv: batadv1: No IGMP Querier present - multicast optimizations disabled [ 91.719886][ T3723] batman_adv: batadv1: No MLD Querier present - multicast optimizations disabled [ 92.098518][ T9399] netlink: 'syz.4.1968': attribute type 13 has an invalid length. [ 92.150066][ T29] audit: type=1326 audit(1755169353.030:3977): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9409 comm="syz.0.1973" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0968ccebe9 code=0x7ffc0000 [ 92.173619][ T29] audit: type=1326 audit(1755169353.030:3978): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9409 comm="syz.0.1973" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0968ccebe9 code=0x7ffc0000 [ 92.214690][ T29] audit: type=1326 audit(1755169353.030:3979): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9409 comm="syz.0.1973" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7f0968ccebe9 code=0x7ffc0000 [ 92.238059][ T29] audit: type=1326 audit(1755169353.030:3980): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9409 comm="syz.0.1973" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0968ccebe9 code=0x7ffc0000 [ 92.261495][ T29] audit: type=1326 audit(1755169353.030:3981): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9409 comm="syz.0.1973" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f0968ccebe9 code=0x7ffc0000 [ 92.284827][ T29] audit: type=1326 audit(1755169353.030:3982): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9409 comm="syz.0.1973" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0968ccebe9 code=0x7ffc0000 [ 92.308312][ T29] audit: type=1326 audit(1755169353.030:3983): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9409 comm="syz.0.1973" exe="/root/syz-executor" sig=0 arch=c000003e syscall=47 compat=0 ip=0x7f0968ccebe9 code=0x7ffc0000 [ 92.339823][ T9413] loop0: detected capacity change from 0 to 1024 [ 92.354061][ T9418] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1976'. [ 92.372977][ T9424] loop3: detected capacity change from 0 to 512 [ 92.398565][ T9424] ext4 filesystem being mounted at /401/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 92.401505][ T9420] SELinux: failed to load policy [ 92.471816][ T9432] bridge: RTM_NEWNEIGH with invalid ether address [ 92.523500][ T9439] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1984'. [ 92.673712][ T9460] bridge_slave_0: left promiscuous mode [ 92.679461][ T9460] bridge0: port 1(bridge_slave_0) entered disabled state [ 92.707594][ T9460] bridge_slave_1: left allmulticast mode [ 92.713349][ T9460] bridge_slave_1: left promiscuous mode [ 92.719283][ T9460] bridge0: port 2(bridge_slave_1) entered disabled state [ 92.734441][ T9460] : (slave bond_slave_0): Releasing backup interface [ 92.753159][ T9460] : (slave bond_slave_1): Releasing backup interface [ 92.764711][ T9460] team0: Port device team_slave_0 removed [ 92.782788][ T9460] team0: Port device team_slave_1 removed [ 92.789166][ T9460] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 92.797296][ T9460] bond0: (slave batadv1): Releasing active interface [ 92.829094][ T9471] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1994'. [ 92.840263][ T9471] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1994'. [ 92.849759][ T9471] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1994'. [ 92.860796][ T9471] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1994'. [ 92.869875][ T9471] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1994'. [ 92.984104][ T9490] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2002'. [ 92.996677][ T9490] netem: change failed [ 93.073990][ T9502] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2008'. [ 93.085481][ T9502] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2008'. [ 93.102557][ T9504] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=8192 sclass=netlink_route_socket pid=9504 comm=syz.1.2006 [ 93.372884][ T9525] random: crng reseeded on system resumption [ 93.620406][ T9545] loop9: detected capacity change from 0 to 7 [ 93.626793][ T9545] Buffer I/O error on dev loop9, logical block 0, async page read [ 93.634945][ T9545] Buffer I/O error on dev loop9, logical block 0, async page read [ 93.642984][ T9545] loop9: unable to read partition table [ 93.648819][ T9545] loop_reread_partitions: partition scan of loop9 (被xڬdGݡ [ 93.648819][ T9545] ) failed (rc=-5) [ 93.954423][ T9574] -1: renamed from syzkaller0 [ 94.082532][ T9602] loop5: detected capacity change from 0 to 512 [ 94.093936][ T9602] ext4 filesystem being mounted at /62/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 94.378669][ T9620] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 94.405028][ T9620] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 94.568592][ T9641] loop0: detected capacity change from 0 to 8192 [ 94.579012][ T9646] sg_write: process 886 (syz.4.2056) changed security contexts after opening file descriptor, this is not allowed. [ 94.914276][ T9690] pim6reg1: entered promiscuous mode [ 94.919608][ T9690] pim6reg1: entered allmulticast mode [ 94.968989][ T9694] loop0: detected capacity change from 0 to 512 [ 94.992964][ T9700] netlink: 'syz.5.2067': attribute type 1 has an invalid length. [ 95.006246][ T9700] 8021q: adding VLAN 0 to HW filter on device bond1 [ 95.024696][ T9700] 8021q: adding VLAN 0 to HW filter on device bond1 [ 95.024966][ T9694] ext4 filesystem being mounted at /411/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 95.031952][ T9700] bond1: (slave vxcan3): The slave device specified does not support setting the MAC address [ 95.053664][ T9700] bond1: (slave vxcan3): Error -95 calling set_mac_address [ 95.291141][ T9769] -1: renamed from syzkaller0 [ 95.356795][ T9780] loop5: detected capacity change from 0 to 2048 [ 95.395486][ T9780] EXT4-fs mount: 20 callbacks suppressed [ 95.395500][ T9780] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 95.477869][ T9780] EXT4-fs error (device loop5): ext4_find_extent:939: inode #2: comm syz.5.2076: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4) [ 95.547559][ T9780] EXT4-fs (loop5): Remounting filesystem read-only [ 95.556940][ T9811] loop4: detected capacity change from 0 to 256 [ 95.604646][ T7943] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 96.137391][ T9898] loop3: detected capacity change from 0 to 2048 [ 96.164178][ T9898] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 96.195392][ T9898] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.2100: bg 0: block 234: padding at end of block bitmap is not set [ 96.221265][ T9898] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 32 with error 117 [ 96.233685][ T9898] EXT4-fs (loop3): This should not happen!! Data will be lost [ 96.233685][ T9898] [ 96.256906][ T3307] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 96.434761][ T9938] pim6reg1: entered promiscuous mode [ 96.440111][ T9938] pim6reg1: entered allmulticast mode [ 96.749306][ T29] kauditd_printk_skb: 60 callbacks suppressed [ 96.749321][ T29] audit: type=1400 audit(1755169357.630:4044): avc: denied { create } for pid=10009 comm="syz.3.2123" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 96.795824][ T29] audit: type=1400 audit(1755169357.680:4045): avc: denied { mount } for pid=10013 comm="syz.0.2124" name="/" dev="ramfs" ino=21361 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1 [ 96.931016][T10022] syz_tun: entered allmulticast mode [ 96.954735][T10024] loop0: detected capacity change from 0 to 128 [ 96.993702][ T29] audit: type=1400 audit(1755169357.880:4046): avc: denied { write } for pid=10037 comm="syz.0.2132" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1 [ 97.043279][ T29] audit: type=1400 audit(1755169357.930:4047): avc: denied { mounton } for pid=10045 comm="syz.5.2135" path="/proc/181/cgroup" dev="proc" ino=21421 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=file permissive=1 [ 97.111762][T10052] netlink: 'syz.0.2138': attribute type 1 has an invalid length. [ 97.125384][T10052] 8021q: adding VLAN 0 to HW filter on device bond0 [ 97.148543][T10052] 8021q: adding VLAN 0 to HW filter on device bond0 [ 97.173458][T10052] bond0: (slave vxcan3): The slave device specified does not support setting the MAC address [ 97.177029][T10093] loop4: detected capacity change from 0 to 8192 [ 97.188260][T10052] bond0: (slave vxcan3): Error -95 calling set_mac_address [ 97.385890][T10115] ip6tnl3: entered promiscuous mode [ 97.391156][T10115] ip6tnl3: entered allmulticast mode [ 97.449438][T10109] loop5: detected capacity change from 0 to 32768 [ 97.602220][ T29] audit: type=1400 audit(1755169358.490:4048): avc: denied { bind } for pid=10141 comm="syz.3.2153" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 97.621872][ T29] audit: type=1400 audit(1755169358.490:4049): avc: denied { listen } for pid=10141 comm="syz.3.2153" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 97.643648][ T29] audit: type=1400 audit(1755169358.530:4050): avc: denied { accept } for pid=10141 comm="syz.3.2153" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 97.663868][ T29] audit: type=1400 audit(1755169358.530:4051): avc: denied { read } for pid=10141 comm="syz.3.2153" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 97.709086][T10150] __nla_validate_parse: 10 callbacks suppressed [ 97.709100][T10150] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2155'. [ 97.724370][T10150] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2155'. [ 97.733460][T10150] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2155'. [ 97.744155][T10150] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2155'. [ 97.753269][T10150] netlink: 'syz.1.2155': attribute type 6 has an invalid length. [ 97.813907][ T29] audit: type=1326 audit(1755169358.700:4052): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10160 comm="syz.3.2159" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41ea50ebe9 code=0x7ffc0000 [ 97.851925][ T29] audit: type=1326 audit(1755169358.720:4053): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10160 comm="syz.3.2159" exe="/root/syz-executor" sig=0 arch=c000003e syscall=68 compat=0 ip=0x7f41ea50ebe9 code=0x7ffc0000 [ 98.004332][T10183] futex_wake_op: syz.5.2168 tries to shift op by -1; fix this program [ 98.104546][T10208] loop5: detected capacity change from 0 to 8192 [ 98.202613][T10216] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2174'. [ 98.255122][T10216] netlink: 'syz.3.2174': attribute type 2 has an invalid length. [ 98.343444][T10262] loop3: detected capacity change from 0 to 512 [ 98.441088][T10262] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 98.486260][T10262] ext4 filesystem being mounted at /427/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 98.540208][T10285] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=10285 comm=syz.0.2192 [ 98.621838][ T3307] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 98.759234][T10310] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2190'. [ 98.846541][T10288] loop0: detected capacity change from 0 to 32768 [ 98.866204][T10312] loop3: detected capacity change from 0 to 8192 [ 99.183064][T10357] SELinux: failed to load policy [ 99.870673][T10485] loop5: detected capacity change from 0 to 1024 [ 99.878199][T10485] EXT4-fs: Ignoring removed oldalloc option [ 99.885191][T10489] syzkaller0: entered promiscuous mode [ 99.885632][T10485] EXT4-fs: Ignoring removed orlov option [ 99.890710][T10489] syzkaller0: entered allmulticast mode [ 99.933391][T10490] loop1: detected capacity change from 0 to 8192 [ 99.934930][T10485] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 99.990198][ T7943] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 100.111752][T10516] 8021q: adding VLAN 0 to HW filter on device  [ 100.121798][T10516] 8021q: adding VLAN 0 to HW filter on device team0 [ 100.140370][T10516] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 100.310231][T10537] loop3: detected capacity change from 0 to 128 [ 100.320339][T10537] FAT-fs (loop3): error, fat_free: invalid cluster chain (i_pos 52) [ 100.328411][T10537] FAT-fs (loop3): Filesystem has been set read-only [ 100.610758][T10572] 9pnet_fd: Insufficient options for proto=fd [ 100.856951][T10621] netlink: 16402 bytes leftover after parsing attributes in process `syz.4.2245'. [ 100.866879][T10616] netlink: 16402 bytes leftover after parsing attributes in process `syz.4.2245'. [ 100.896936][T10624] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2249'. [ 100.939415][T10634] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2255'. [ 101.094659][T10648] netlink: 'syz.3.2262': attribute type 39 has an invalid length. [ 101.281349][T10682] loop5: detected capacity change from 0 to 512 [ 101.318423][T10682] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 101.368699][T10682] ext4 filesystem being mounted at /112/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 101.477696][ T7943] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 101.611064][T10726] loop4: detected capacity change from 0 to 512 [ 101.633752][T10726] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 101.650645][T10726] ext4 filesystem being mounted at /442/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 101.669730][T10726] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 101.706366][T10735] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) ! [ 101.770489][T10749] ip6gre1: entered allmulticast mode [ 101.830539][ T29] kauditd_printk_skb: 113 callbacks suppressed [ 101.836853][ T29] audit: type=1326 audit(1755169362.710:4167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10774 comm="syz.3.2295" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41ea50ebe9 code=0x7ffc0000 [ 101.842795][T10776] loop4: detected capacity change from 0 to 512 [ 101.864893][ T29] audit: type=1326 audit(1755169362.750:4168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10774 comm="syz.3.2295" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f41ea50ebe9 code=0x7ffc0000 [ 101.890219][ T29] audit: type=1326 audit(1755169362.750:4169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10774 comm="syz.3.2295" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41ea50ebe9 code=0x7ffc0000 [ 101.913711][ T29] audit: type=1326 audit(1755169362.750:4170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10774 comm="syz.3.2295" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41ea50ebe9 code=0x7ffc0000 [ 101.938235][ T29] audit: type=1326 audit(1755169362.750:4171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10774 comm="syz.3.2295" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f41ea50ebe9 code=0x7ffc0000 [ 101.961771][ T29] audit: type=1326 audit(1755169362.750:4172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10774 comm="syz.3.2295" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41ea50ebe9 code=0x7ffc0000 [ 101.985446][ T29] audit: type=1326 audit(1755169362.750:4173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10774 comm="syz.3.2295" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41ea50ebe9 code=0x7ffc0000 [ 102.008945][ T29] audit: type=1326 audit(1755169362.750:4174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10774 comm="syz.3.2295" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f41ea50ebe9 code=0x7ffc0000 [ 102.032427][ T29] audit: type=1326 audit(1755169362.750:4175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10774 comm="syz.3.2295" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41ea50ebe9 code=0x7ffc0000 [ 102.056123][ T29] audit: type=1326 audit(1755169362.750:4176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10774 comm="syz.3.2295" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41ea50ebe9 code=0x7ffc0000 [ 102.099758][T10776] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 102.112515][T10776] ext4 filesystem being mounted at /446/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 102.274400][ T3299] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 102.304816][T10796] loop3: detected capacity change from 0 to 1024 [ 102.348903][T10796] EXT4-fs: Ignoring removed oldalloc option [ 102.369337][T10796] EXT4-fs: Ignoring removed orlov option [ 102.385030][T10796] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 102.463024][ T3307] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 102.583346][T10854] loop3: detected capacity change from 0 to 1024 [ 102.599029][T10854] EXT4-fs: Ignoring removed oldalloc option [ 102.605293][T10856] netlink: 'syz.0.2306': attribute type 7 has an invalid length. [ 102.625306][T10854] EXT4-fs (loop3): stripe (3) is not aligned with cluster size (16), stripe is disabled [ 102.660387][T10854] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 102.767328][ T3307] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 103.475274][T10938] __nla_validate_parse: 1 callbacks suppressed [ 103.475288][T10938] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2326'. [ 103.500743][T10938] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2326'. [ 103.565455][T10949] syz.1.2330: attempt to access beyond end of device [ 103.565455][T10949] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 103.620060][T10962] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) ! [ 103.924682][T11030] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2348'. [ 104.388769][T11080] loop4: detected capacity change from 0 to 512 [ 104.403802][T11080] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349) [ 104.431507][T11080] EXT4-fs (loop4): orphan cleanup on readonly fs [ 104.441883][T11080] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:517: comm syz.4.2364: Block bitmap for bg 0 marked uninitialized [ 104.458809][T11080] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6657: Corrupt filesystem [ 104.467838][T11080] EXT4-fs (loop4): 1 orphan inode deleted [ 104.474145][T11080] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 104.507311][ T3299] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 104.634441][T11115] netlink: 348 bytes leftover after parsing attributes in process `syz.0.2373'. [ 104.683489][T11125] netlink: '+}[@': attribute type 1 has an invalid length. [ 104.690965][T11125] netlink: 198116 bytes leftover after parsing attributes in process `+}[@'. [ 104.934985][T11144] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2384'. [ 105.235848][T11187] sch_tbf: burst 32855 is lower than device lo mtu (65550) ! [ 105.310261][T11192] program syz.1.2403 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 105.326451][T11192] loop1: detected capacity change from 0 to 164 [ 105.340753][T11192] Unable to read rock-ridge attributes [ 105.355681][T11192] ISOFS: unable to read i-node block [ 105.451295][T11209] ------------[ cut here ]------------ [ 105.456786][T11209] verifier bug: REG INVARIANTS VIOLATION (true_reg2): range bounds violation u64=[0x0, 0x7800000000] s64=[0x0, 0xffffffffffffffff] u32=[0x80000000, 0x0] s32=[0x0, 0xffffffff] var_off=(0x0, 0x7800000000)(1) [ 105.477061][T11209] WARNING: CPU: 0 PID: 11209 at kernel/bpf/verifier.c:2728 reg_bounds_sanity_check+0x673/0x680 [ 105.487469][T11209] Modules linked in: [ 105.491400][T11209] CPU: 0 UID: 0 PID: 11209 Comm: syz.5.2410 Not tainted 6.17.0-rc1-syzkaller-00038-g0cc53520e68b #0 PREEMPT(voluntary) [ 105.503929][T11209] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 105.514083][T11209] RIP: 0010:reg_bounds_sanity_check+0x673/0x680 [ 105.520398][T11209] Code: 7c 24 18 41 ff 74 24 20 55 41 56 4d 89 ee 53 48 8b 5c 24 30 ff 74 24 40 ff 74 24 50 ff 74 24 30 e8 92 80 ba ff 48 83 c4 38 90 <0f> 0b 90 90 e9 02 fb ff ff 0f 1f 40 00 90 90 90 90 90 90 90 90 90 [ 105.540119][T11209] RSP: 0018:ffffc900078c3440 EFLAGS: 00010292 [ 105.546237][T11209] RAX: 13c98cd036d6dc00 RBX: ffff8881370ae840 RCX: 0000000000080000 [ 105.554263][T11209] RDX: ffffc900102dc000 RSI: 000000000001ba4f RDI: 000000000001ba50 [ 105.562319][T11209] RBP: 0000000000000000 R08: 0001c900078c327f R09: 0000000000000000 [ 105.570358][T11209] R10: 00000000ffffffff R11: 0000000000000002 R12: ffff8881370ae800 [ 105.578464][T11209] R13: ffff888130bf0000 R14: ffff888130bf0000 R15: ffff8881370ae838 [ 105.586494][T11209] FS: 00007fb3d71e76c0(0000) GS:ffff8882aee44000(0000) knlGS:0000000000000000 [ 105.595647][T11209] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 105.602342][T11209] CR2: 0000000000000000 CR3: 000000011a7b2000 CR4: 00000000003506f0 [ 105.610325][T11209] DR0: 0000000000000002 DR1: 0000000000000000 DR2: 0000000000000000 [ 105.618331][T11209] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 105.626371][T11209] Call Trace: [ 105.629656][T11209] [ 105.632616][T11209] reg_set_min_max+0x1eb/0x260 [ 105.637488][T11209] check_cond_jmp_op+0x1080/0x16e0 [ 105.642701][T11209] do_check+0x332a/0x7a10 [ 105.647077][T11209] do_check_common+0xc3a/0x12a0 [ 105.651983][T11209] bpf_check+0x942b/0xd9e0 [ 105.656415][T11209] ? __rcu_read_unlock+0x4f/0x70 [ 105.661390][T11209] ? __alloc_frozen_pages_noprof+0x188/0x360 [ 105.667521][T11209] ? alloc_pages_bulk_noprof+0x4b8/0x540 [ 105.673159][T11209] ? __vmap_pages_range_noflush+0xbb3/0xbd0 [ 105.679173][T11209] ? css_rstat_updated+0xb7/0x240 [ 105.684244][T11209] ? css_rstat_updated+0xb7/0x240 [ 105.689308][T11209] ? pcpu_block_update_hint_alloc+0x63d/0x660 [ 105.695505][T11209] ? pcpu_block_update_hint_alloc+0x63d/0x660 [ 105.701604][T11209] ? css_rstat_updated+0xb7/0x240 [ 105.706634][T11209] ? __rcu_read_unlock+0x4f/0x70 [ 105.711602][T11209] ? pcpu_memcg_post_alloc_hook+0xf1/0x150 [ 105.717390][T11209] ? should_fail_ex+0x30/0x280 [ 105.722277][T11209] ? selinux_bpf_prog_load+0x36/0xf0 [ 105.727564][T11209] ? should_failslab+0x8c/0xb0 [ 105.732377][T11209] ? __kmalloc_cache_noprof+0x189/0x320 [ 105.737975][T11209] ? selinux_bpf_prog_load+0xbf/0xf0 [ 105.743438][T11209] ? security_bpf_prog_load+0x2c/0xa0 [ 105.748888][T11209] bpf_prog_load+0xedd/0x1070 [ 105.753619][T11209] ? security_bpf+0x2b/0x90 [ 105.758134][T11209] __sys_bpf+0x462/0x7b0 [ 105.762476][T11209] __x64_sys_bpf+0x41/0x50 [ 105.766973][T11209] x64_sys_call+0x2aea/0x2ff0 [ 105.771781][T11209] do_syscall_64+0xd2/0x200 [ 105.776325][T11209] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 105.782403][T11209] ? irqentry_exit_to_user_mode+0x7e/0xa0 [ 105.788280][T11209] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 105.794226][T11209] RIP: 0033:0x7fb3d877ebe9 [ 105.798644][T11209] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 105.818351][T11209] RSP: 002b:00007fb3d71e7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 105.826808][T11209] RAX: ffffffffffffffda RBX: 00007fb3d89a5fa0 RCX: 00007fb3d877ebe9 [ 105.834830][T11209] RDX: 0000000000000048 RSI: 00002000000054c0 RDI: 0000000000000005 [ 105.842795][T11209] RBP: 00007fb3d8801e19 R08: 0000000000000000 R09: 0000000000000000 [ 105.851060][T11209] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 105.859016][T11209] R13: 00007fb3d89a6038 R14: 00007fb3d89a5fa0 R15: 00007ffe574df528 [ 105.867190][T11209] [ 105.870193][T11209] ---[ end trace 0000000000000000 ]--- [ 105.987634][T11241] program syz.0.2418 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 105.998828][T11241] loop0: detected capacity change from 0 to 164 [ 106.006092][T11241] Unable to read rock-ridge attributes [ 106.012572][T11241] ISOFS: unable to read i-node block [ 106.035019][T11250] netlink: 96 bytes leftover after parsing attributes in process `syz.1.2422'. [ 106.058829][T11256] loop1: detected capacity change from 0 to 128 [ 106.067258][T11256] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 106.082820][T11256] ext4 filesystem being mounted at /503/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 106.137455][ T3298] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 106.187242][T11283] loop3: detected capacity change from 0 to 4096 [ 106.197491][T11283] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 106.271836][T11297] loop1: detected capacity change from 0 to 1024 [ 106.278642][T11297] EXT4-fs: inline encryption not supported [ 106.286222][T11297] EXT4-fs: Ignoring removed bh option [ 106.293235][T11297] /dev/loop1: Can't open blockdev [ 106.311839][ T3307] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 106.658944][T11361] loop5: detected capacity change from 0 to 1024 [ 106.684101][T11361] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 106.712863][T11361] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:4183: comm syz.5.2440: Allocating blocks 449-513 which overlap fs metadata [ 106.747866][T11360] EXT4-fs (loop5): pa ffff8881071ff3f0: logic 48, phys. 177, len 21 [ 106.755941][T11360] EXT4-fs error (device loop5): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 4 [ 106.789046][ T7943] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 106.841248][T11382] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2446'. [ 106.846640][T11383] 8021q: adding VLAN 0 to HW filter on device bond0 [ 106.850221][ T29] kauditd_printk_skb: 126 callbacks suppressed [ 106.850235][ T29] audit: type=1400 audit(1755169367.730:4303): avc: denied { write } for pid=11387 comm="syz.5.2444" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 106.859329][T11383] 8021q: adding VLAN 0 to HW filter on device team0 [ 106.894838][T11383] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 106.980470][T11406] netlink: 20 bytes leftover after parsing attributes in process `syz.5.2451'. [ 107.170914][T11445] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 107.186706][T11424] loop5: detected capacity change from 0 to 8192 [ 107.214031][T11449] loop0: detected capacity change from 0 to 1024 [ 107.222617][T11424] FAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 107.226257][T11449] EXT4-fs (loop0): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 107.263417][T11449] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 107.277550][T11454] loop1: detected capacity change from 0 to 2048 [ 107.296631][ T29] audit: type=1400 audit(1755169368.180:4304): avc: denied { setattr } for pid=11448 comm="syz.0.2464" name="file0" dev="loop0" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 107.325781][T11454] Alternate GPT is invalid, using primary GPT. [ 107.332145][T11454] loop1: p1 p2 p3 [ 107.366674][ T3305] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 107.422494][T11500] ref_ctr_offset mismatch. inode: 0x9f9 offset: 0x0 ref_ctr_offset(old): 0x200000000200 ref_ctr_offset(new): 0x0 [ 107.475409][ T29] audit: type=1326 audit(1755169368.360:4305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11517 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41ea50ebe9 code=0x7ffc0000 [ 107.498522][ T29] audit: type=1326 audit(1755169368.360:4306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11517 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7f41ea50ebe9 code=0x7ffc0000 [ 107.521468][ T29] audit: type=1326 audit(1755169368.360:4307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11517 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41ea50ebe9 code=0x7ffc0000 [ 107.544597][ T29] audit: type=1326 audit(1755169368.360:4308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11517 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=291 compat=0 ip=0x7f41ea50ebe9 code=0x7ffc0000 [ 107.567776][ T29] audit: type=1326 audit(1755169368.360:4309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11517 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41ea50ebe9 code=0x7ffc0000 [ 107.591928][ T29] audit: type=1326 audit(1755169368.390:4310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11517 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=233 compat=0 ip=0x7f41ea50ebe9 code=0x7ffc0000 [ 107.614907][ T29] audit: type=1326 audit(1755169368.390:4311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11517 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41ea50ebe9 code=0x7ffc0000 [ 107.637983][ T29] audit: type=1326 audit(1755169368.390:4312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11517 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41ea50ebe9 code=0x7ffc0000 [ 107.689973][T11529] 8021q: adding VLAN 0 to HW filter on device bond0 [ 107.700830][T11529] 8021q: adding VLAN 0 to HW filter on device team0 [ 107.749521][T11529] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 107.768026][T11540] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2484'. [ 107.906693][T11559] loop4: detected capacity change from 0 to 1024 [ 107.935278][T11559] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 108.036676][T11559] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4183: comm syz.4.2491: Allocating blocks 449-513 which overlap fs metadata [ 108.097607][T11558] EXT4-fs (loop4): pa ffff8881072979a0: logic 48, phys. 177, len 21 [ 108.105825][T11558] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 4 [ 108.196128][T11574] vlan2: entered allmulticast mode [ 108.205240][ T3299] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 108.355258][T11597] ref_ctr_offset mismatch. inode: 0xa9b offset: 0x0 ref_ctr_offset(old): 0x200000000200 ref_ctr_offset(new): 0x0 [ 108.356285][T11590] 8021q: adding VLAN 0 to HW filter on device bond0 [ 108.376876][T11590] 8021q: adding VLAN 0 to HW filter on device team0 [ 108.387379][T11590] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 108.529799][T11627] loop3: detected capacity change from 0 to 2048 [ 108.571747][T11627] Alternate GPT is invalid, using primary GPT. [ 108.578040][T11627] loop3: p1 p2 p3 [ 108.689118][T11680] loop3: detected capacity change from 0 to 2048 [ 108.716503][T11689] __nla_validate_parse: 3 callbacks suppressed [ 108.716517][T11689] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2522'. [ 108.720921][T11680] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 108.723738][T11689] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2522'. [ 108.764658][T11680] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters [ 108.830007][ T3307] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 108.849233][T11700] loop3: detected capacity change from 0 to 512 [ 108.855982][T11700] EXT4-fs: Ignoring removed mblk_io_submit option [ 108.863179][T11700] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 108.875355][T11700] EXT4-fs (loop3): 1 truncate cleaned up [ 108.881743][T11700] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 109.021540][T11719] netlink: 272 bytes leftover after parsing attributes in process `syz.0.2538'. [ 109.239891][T11739] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 109.412781][T11757] loop1: detected capacity change from 0 to 1024 [ 109.419509][T11757] EXT4-fs: Ignoring removed orlov option [ 109.448313][T11757] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 109.486386][T11771] netlink: 76 bytes leftover after parsing attributes in process `syz.5.2546'. [ 109.515749][ T3298] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 109.672973][T11793] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2552'. [ 109.717247][T11793] IPVS: Unknown mcast interface: vcan0 [ 109.760030][T11805] ref_ctr_offset mismatch. inode: 0xa3a offset: 0x0 ref_ctr_offset(old): 0x200000000200 ref_ctr_offset(new): 0x0 [ 109.789238][ T3307] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 109.818300][T11813] loop3: detected capacity change from 0 to 128 [ 109.991083][T11842] netlink: 84 bytes leftover after parsing attributes in process `syz.3.2568'. [ 110.000040][T11842] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2568'. [ 110.009367][T11842] netlink: 84 bytes leftover after parsing attributes in process `syz.3.2568'. [ 110.028383][T11846] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in; [ 110.028383][T11846] program syz.0.2569 not setting count and/or reply_len properly [ 110.028506][T11842] netlink: 84 bytes leftover after parsing attributes in process `syz.3.2568'. [ 110.054269][T11842] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2568'. [ 110.068892][T11848] loop1: detected capacity change from 0 to 764 [ 110.087216][T11848] Symlink component flag not implemented [ 110.092910][T11848] Symlink component flag not implemented [ 110.104234][T11848] Symlink component flag not implemented (129) [ 110.110473][T11848] Symlink component flag not implemented (6) [ 110.325601][T11901] ref_ctr going negative. vaddr: 0x200000ffc002, curr val: -2561, delta: 1 [ 110.334329][T11901] ref_ctr increment failed for inode: 0xaa2 offset: 0x4 ref_ctr_offset: 0x2 of mm: 0xffff88811ae24ac0 [ 110.366647][T11904] bond0: entered promiscuous mode [ 110.371760][T11904] bond_slave_0: entered promiscuous mode [ 110.377544][T11904] bond_slave_1: entered promiscuous mode [ 110.383281][T11904] bond0: entered allmulticast mode [ 110.388543][T11904] bond_slave_0: entered allmulticast mode [ 110.389138][T11907] loop0: detected capacity change from 0 to 1024 [ 110.394288][T11904] bond_slave_1: entered allmulticast mode [ 110.408653][T11907] EXT4-fs: Ignoring removed nomblk_io_submit option [ 110.434557][T11907] EXT4-fs (loop0): warning: checktime reached, running e2fsck is recommended [ 110.444204][T11907] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 110.465825][T11907] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000. [ 110.496110][ T3305] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 110.577541][T11954] loop3: detected capacity change from 0 to 1024 [ 110.616235][T11954] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 110.644610][T11954] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4183: comm syz.3.2592: Allocating blocks 449-513 which overlap fs metadata [ 110.687213][T11949] EXT4-fs (loop3): pa ffff8881071ff540: logic 48, phys. 177, len 21 [ 110.695414][T11949] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 4 [ 110.708416][T11973] loop1: detected capacity change from 0 to 136 [ 110.715562][T11973] Attempt to read inode for relocated directory [ 110.723361][ T3307] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 110.743080][T11980] vhci_hcd: USB_PORT_FEAT_U1/2_TIMEOUT req not supported for USB 2.0 roothub [ 111.053956][T12030] loop4: detected capacity change from 0 to 128 [ 111.063296][T12030] syz.4.2611: attempt to access beyond end of device [ 111.063296][T12030] loop4: rw=0, sector=2072, nr_sectors = 1 limit=128 [ 111.257896][T12036] loop4: detected capacity change from 0 to 4096 [ 111.266735][T12036] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 111.296504][ T3299] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 111.583062][T12075] sctp: [Deprecated]: syz.5.2623 (pid 12075) Use of struct sctp_assoc_value in delayed_ack socket option. [ 111.583062][T12075] Use struct sctp_sack_info instead [ 111.838304][T12107] loop5: detected capacity change from 0 to 4096 [ 111.854556][T12107] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 111.886990][ T7943] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 111.979802][T12118] loop5: detected capacity change from 0 to 1024 [ 111.989983][T12118] EXT4-fs: Ignoring removed nomblk_io_submit option [ 111.998938][ T29] kauditd_printk_skb: 66 callbacks suppressed [ 111.998953][ T29] audit: type=1326 audit(1755169372.880:4379): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12119 comm="syz.0.2639" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0968ccebe9 code=0x7ffc0000 [ 112.028698][ T29] audit: type=1326 audit(1755169372.880:4380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12119 comm="syz.0.2639" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0968ccebe9 code=0x7ffc0000 [ 112.054458][ T29] audit: type=1326 audit(1755169372.940:4381): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12119 comm="syz.0.2639" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0968ccebe9 code=0x7ffc0000 [ 112.078129][ T29] audit: type=1326 audit(1755169372.940:4382): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12119 comm="syz.0.2639" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0968ccebe9 code=0x7ffc0000 [ 112.101615][ T29] audit: type=1326 audit(1755169372.940:4383): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12119 comm="syz.0.2639" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0968ccebe9 code=0x7ffc0000 [ 112.125142][ T29] audit: type=1326 audit(1755169372.940:4384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12119 comm="syz.0.2639" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0968ccebe9 code=0x7ffc0000 [ 112.148687][ T29] audit: type=1326 audit(1755169372.940:4385): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12119 comm="syz.0.2639" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0968ccebe9 code=0x7ffc0000 [ 112.172178][ T29] audit: type=1326 audit(1755169372.940:4386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12119 comm="syz.0.2639" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f0968ccebe9 code=0x7ffc0000 [ 112.181982][T12118] EXT4-fs (loop5): warning: checktime reached, running e2fsck is recommended [ 112.195587][ T29] audit: type=1326 audit(1755169372.940:4387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12119 comm="syz.0.2639" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0968ccebe9 code=0x7ffc0000 [ 112.214744][T12118] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 112.240890][ T29] audit: type=1326 audit(1755169372.940:4388): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12119 comm="syz.0.2639" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f0968cce7eb code=0x7ffc0000 [ 112.306605][T12118] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000. [ 112.343031][ T7943] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 112.369272][T12142] netlink: 'syz.0.2647': attribute type 13 has an invalid length. [ 112.398788][T12142] 8021q: adding VLAN 0 to HW filter on device $H [ 112.408493][T12142] 8021q: adding VLAN 0 to HW filter on device team0 [ 112.418091][T12142] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 112.535635][T12165] loop3: detected capacity change from 0 to 1024 [ 112.542717][T12165] EXT4-fs: Ignoring removed nomblk_io_submit option [ 112.561799][T12165] EXT4-fs (loop3): warning: checktime reached, running e2fsck is recommended [ 112.578228][T12165] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 112.595738][T12165] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000. [ 112.663705][ T3307] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 112.731582][T12218] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=12218 comm=syz.5.2667 [ 112.744173][T12218] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=12218 comm=syz.5.2667 [ 112.796831][T12220] loop4: detected capacity change from 0 to 2048 [ 112.891201][T12220] loop4: p1 < > p4 [ 112.895432][T12220] loop4: p4 size 8388608 extends beyond EOD, truncated [ 113.195543][T12285] loop3: detected capacity change from 0 to 128 [ 113.215873][T12285] syz.3.2685: attempt to access beyond end of device [ 113.215873][T12285] loop3: rw=0, sector=2072, nr_sectors = 1 limit=128 [ 113.508240][T12315] loop0: detected capacity change from 0 to 128 [ 113.524496][T12315] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100) [ 113.532400][T12315] FAT-fs (loop0): Filesystem has been set read-only [ 113.548061][T12315] syz.0.2695: attempt to access beyond end of device [ 113.548061][T12315] loop0: rw=524288, sector=2065, nr_sectors = 8 limit=128 [ 113.566006][T12315] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100) [ 113.573887][T12315] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100) [ 113.583694][T12315] syz.0.2695: attempt to access beyond end of device [ 113.583694][T12315] loop0: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 113.597163][T12315] syz.0.2695: attempt to access beyond end of device [ 113.597163][T12315] loop0: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 113.614630][T12315] syz.0.2695: attempt to access beyond end of device [ 113.614630][T12315] loop0: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 113.644217][T12315] syz.0.2695: attempt to access beyond end of device [ 113.644217][T12315] loop0: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 113.669004][T12315] syz.0.2695: attempt to access beyond end of device [ 113.669004][T12315] loop0: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 113.689906][T12315] syz.0.2695: attempt to access beyond end of device [ 113.689906][T12315] loop0: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 113.714267][T12315] syz.0.2695: attempt to access beyond end of device [ 113.714267][T12315] loop0: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 113.816135][T12342] __nla_validate_parse: 8 callbacks suppressed [ 113.816150][T12342] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2702'. [ 113.889102][T12350] netlink: 16 bytes leftover after parsing attributes in process `syz.5.2704'. [ 114.085489][T12372] loop4: detected capacity change from 0 to 128 [ 114.116518][T12372] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 114.196881][T12372] ext4 filesystem being mounted at /531/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 114.373804][T12380] loop1: detected capacity change from 0 to 128 [ 114.386401][T12380] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 114.394278][T12380] FAT-fs (loop1): Filesystem has been set read-only [ 114.410878][T12380] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 114.418723][T12380] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 114.481589][ T3299] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 114.557810][T12394] netlink: 168 bytes leftover after parsing attributes in process `syz.5.2717'. [ 114.753893][T12415] netlink: 96 bytes leftover after parsing attributes in process `syz.3.2723'. [ 114.796143][T12421] IPVS: Error connecting to the multicast addr [ 115.168403][T12455] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2734'. [ 115.221974][T12471] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2737'. [ 115.238296][T12473] loop1: detected capacity change from 0 to 1024 [ 115.327683][T12473] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 115.416739][T12473] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4183: comm syz.1.2738: Allocating blocks 449-513 which overlap fs metadata [ 115.462154][T12472] EXT4-fs (loop1): pa ffff888107297a80: logic 48, phys. 177, len 21 [ 115.470216][T12472] EXT4-fs error (device loop1): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 4 [ 115.548221][T12513] hub 9-0:1.0: USB hub found [ 115.552978][ T3298] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 115.572856][T12513] hub 9-0:1.0: 8 ports detected [ 115.587221][T12518] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2746'. [ 115.596297][T12518] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2746'. [ 115.666036][T12546] loop5: detected capacity change from 0 to 512 [ 115.675584][T12518] bridge0: port 1(vlan2) entered blocking state [ 115.682242][T12518] bridge0: port 1(vlan2) entered disabled state [ 115.689600][T12546] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 115.713052][T12518] vlan2: entered allmulticast mode [ 115.718186][T12518] bridge0: entered allmulticast mode [ 115.724817][T12518] vlan2: left allmulticast mode [ 115.729677][T12518] bridge0: left allmulticast mode [ 115.740527][T12553] loop0: detected capacity change from 0 to 512 [ 115.759473][T12553] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 115.782859][T12553] ext4 filesystem being mounted at /535/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 115.823997][T12546] EXT4-fs (loop5): 1 truncate cleaned up [ 115.830045][T12546] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 115.898402][ T3305] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 115.924631][ T7943] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 116.058551][T12584] : renamed from vlan1 [ 116.100742][T12597] loop0: detected capacity change from 0 to 512 [ 116.107726][T12597] EXT4-fs: Ignoring removed mblk_io_submit option [ 116.115625][T12597] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 116.129450][T12597] EXT4-fs (loop0): 1 truncate cleaned up [ 116.137625][T12597] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 116.152752][T12605] loop3: detected capacity change from 0 to 128 [ 116.160905][T12605] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 116.183016][T12605] ext4 filesystem being mounted at /554/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 116.388327][ T3307] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 117.039019][T12687] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2779'. [ 117.048049][T12687] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2779'. [ 117.079340][ T29] kauditd_printk_skb: 171 callbacks suppressed [ 117.079355][ T29] audit: type=1326 audit(1755169377.960:4560): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12689 comm="syz.4.2781" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f06f10bebe9 code=0x7ffc0000 [ 117.103446][T12687] bridge0: port 4(vlan2) entered blocking state [ 117.109126][ T29] audit: type=1326 audit(1755169377.960:4561): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12689 comm="syz.4.2781" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f06f10bebe9 code=0x7ffc0000 [ 117.115466][T12687] bridge0: port 4(vlan2) entered disabled state [ 117.138809][ T29] audit: type=1326 audit(1755169377.960:4562): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12689 comm="syz.4.2781" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f06f10bebe9 code=0x7ffc0000 [ 117.168583][ T29] audit: type=1326 audit(1755169377.960:4563): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12689 comm="syz.4.2781" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f06f10bebe9 code=0x7ffc0000 [ 117.193732][T12687] vlan2: entered allmulticast mode [ 117.198858][T12687] bridge0: entered allmulticast mode [ 117.244836][ T29] audit: type=1326 audit(1755169378.090:4564): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12689 comm="syz.4.2781" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f06f10bebe9 code=0x7ffc0000 [ 117.268474][ T29] audit: type=1326 audit(1755169378.090:4565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12689 comm="syz.4.2781" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f06f10bebe9 code=0x7ffc0000 [ 117.296095][ T3305] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 117.305699][T12687] vlan2: left allmulticast mode [ 117.310856][T12687] bridge0: left allmulticast mode [ 117.346397][ T29] audit: type=1400 audit(1755169378.230:4566): avc: denied { read write } for pid=12703 comm="syz.0.2783" name="rdma_cm" dev="devtmpfs" ino=251 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:infiniband_device_t tclass=chr_file permissive=1 [ 117.370830][ T29] audit: type=1400 audit(1755169378.230:4567): avc: denied { open } for pid=12703 comm="syz.0.2783" path="/dev/infiniband/rdma_cm" dev="devtmpfs" ino=251 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:infiniband_device_t tclass=chr_file permissive=1 [ 117.442311][ T29] audit: type=1400 audit(1755169378.290:4568): avc: denied { read write } for pid=7943 comm="syz-executor" name="loop5" dev="devtmpfs" ino=105 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 117.466710][ T29] audit: type=1400 audit(1755169378.290:4569): avc: denied { open } for pid=7943 comm="syz-executor" path="/dev/loop5" dev="devtmpfs" ino=105 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 117.558657][T12719] hub 9-0:1.0: USB hub found [ 117.563703][T12719] hub 9-0:1.0: 8 ports detected [ 117.607353][T12721] loop3: detected capacity change from 0 to 2048 [ 117.621148][T12708] usb usb8: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 117.629097][T12708] vhci_hcd: invalid port number 129 [ 117.634360][T12708] vhci_hcd: default hub control req: 4003 v0017 i0081 l0 [ 117.693053][T12721] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 117.820836][T12740] SELinux: failed to load policy [ 117.841479][ T3307] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 117.938330][T12757] loop3: detected capacity change from 0 to 128 [ 117.983583][T12762] usb usb8: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 118.004980][T12757] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100) [ 118.008079][T12762] vhci_hcd: invalid port number 129 [ 118.012854][T12757] FAT-fs (loop3): Filesystem has been set read-only [ 118.024716][T12762] vhci_hcd: default hub control req: 4003 v0017 i0081 l0 [ 118.063293][T12757] bio_check_eod: 21218 callbacks suppressed [ 118.063321][T12757] syz.3.2804: attempt to access beyond end of device [ 118.063321][T12757] loop3: rw=524288, sector=2065, nr_sectors = 8 limit=128 [ 118.084509][T12757] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100) [ 118.092454][T12757] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100) [ 118.102228][T12757] syz.3.2804: attempt to access beyond end of device [ 118.102228][T12757] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 118.115786][T12757] syz.3.2804: attempt to access beyond end of device [ 118.115786][T12757] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 118.131230][T12757] syz.3.2804: attempt to access beyond end of device [ 118.131230][T12757] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 118.145568][T12757] syz.3.2804: attempt to access beyond end of device [ 118.145568][T12757] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 118.159565][T12757] syz.3.2804: attempt to access beyond end of device [ 118.159565][T12757] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 118.176404][T12757] syz.3.2804: attempt to access beyond end of device [ 118.176404][T12757] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 118.193105][T12757] syz.3.2804: attempt to access beyond end of device [ 118.193105][T12757] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 118.206622][T12757] syz.3.2804: attempt to access beyond end of device [ 118.206622][T12757] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 118.220153][T12757] syz.3.2804: attempt to access beyond end of device [ 118.220153][T12757] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 118.247213][T12774] loop1: detected capacity change from 0 to 512 [ 118.256174][T12776] loop5: detected capacity change from 0 to 512 [ 118.263333][T12774] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 118.282110][T12774] EXT4-fs (loop1): 1 truncate cleaned up [ 118.288229][T12774] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 118.303361][T12776] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 118.338455][T12776] ext4 filesystem being mounted at /224/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 118.433977][T12795] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 118.447420][T12795] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 118.469787][T12795] pimreg: entered allmulticast mode [ 118.930372][T12847] futex_wake_op: syz.4.2832 tries to shift op by -1; fix this program [ 119.584751][T12867] SELinux: failed to load policy [ 119.594030][T12869] __nla_validate_parse: 3 callbacks suppressed [ 119.594047][T12869] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2847'. [ 119.738127][T12877] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2851'. [ 119.854988][T12889] macsec0: entered promiscuous mode [ 119.860327][T12889] macsec0: entered allmulticast mode [ 119.865689][T12889] veth1_macvtap: entered allmulticast mode [ 120.027421][T12914] netlink: 16 bytes leftover after parsing attributes in process `syz.5.2862'. [ 120.100474][T12935] loop0: detected capacity change from 0 to 512 [ 120.155295][T12946] macsec0: entered promiscuous mode [ 120.160851][T12946] macsec0: entered allmulticast mode [ 120.166161][T12946] veth1_macvtap: entered allmulticast mode [ 120.175429][T12935] ext4 filesystem being mounted at /554/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 120.235162][T12968] loop4: detected capacity change from 0 to 512 [ 120.248910][T12968] EXT4-fs: Ignoring removed mblk_io_submit option [ 120.256569][T12968] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 120.280698][T12968] EXT4-fs (loop4): 1 truncate cleaned up [ 120.510153][T12997] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2878'. [ 120.522388][T12997] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2878'. [ 120.543570][T12999] loop1: detected capacity change from 0 to 128 [ 120.569178][T12999] ext4 filesystem being mounted at /593/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 120.610428][T13007] loop3: detected capacity change from 0 to 1024 [ 120.618034][T13007] ext4: Unknown parameter 'fowner' [ 120.691928][T13007] team0 (unregistering): Port device team_slave_0 removed [ 120.724419][T13007] team0 (unregistering): Port device team_slave_1 removed [ 120.744095][T12968] ================================================================== [ 120.752202][T12968] BUG: KCSAN: data-race in file_write_and_wait_range / xas_set_mark [ 120.760186][T12968] [ 120.762495][T12968] write to 0xffff88811a99b254 of 4 bytes by task 12981 on cpu 1: [ 120.770197][T12968] xas_set_mark+0x12b/0x140 [ 120.774708][T12968] tag_pages_for_writeback+0xc2/0x290 [ 120.780080][T12968] ext4_do_writepages+0x6b2/0x2750 [ 120.785201][T12968] ext4_writepages+0x176/0x300 [ 120.789964][T12968] do_writepages+0x1c6/0x310 [ 120.794552][T12968] filemap_write_and_wait_range+0x144/0x340 [ 120.800452][T12968] filemap_invalidate_pages+0xa4/0x1a0 [ 120.805915][T12968] kiocb_invalidate_pages+0x6e/0x80 [ 120.811120][T12968] __iomap_dio_rw+0x5d4/0x1250 [ 120.815898][T12968] iomap_dio_rw+0x40/0x90 [ 120.820229][T12968] ext4_file_write_iter+0xad9/0xf00 [ 120.825435][T12968] iter_file_splice_write+0x669/0x9e0 [ 120.830805][T12968] direct_splice_actor+0x156/0x2a0 [ 120.835941][T12968] splice_direct_to_actor+0x312/0x680 [ 120.841323][T12968] do_splice_direct+0xda/0x150 [ 120.846092][T12968] do_sendfile+0x380/0x650 [ 120.850523][T12968] __x64_sys_sendfile64+0x105/0x150 [ 120.855734][T12968] x64_sys_call+0x2bb0/0x2ff0 [ 120.860503][T12968] do_syscall_64+0xd2/0x200 [ 120.865015][T12968] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 120.870911][T12968] [ 120.873230][T12968] read to 0xffff88811a99b254 of 4 bytes by task 12968 on cpu 0: [ 120.880888][T12968] file_write_and_wait_range+0x10e/0x2c0 [ 120.886535][T12968] generic_buffers_fsync_noflush+0x45/0x120 [ 120.892529][T12968] ext4_sync_file+0x1ab/0x690 [ 120.897225][T12968] vfs_fsync_range+0x10a/0x130 [ 120.902005][T12968] ext4_buffered_write_iter+0x34f/0x3c0 [ 120.907995][T12968] ext4_file_write_iter+0xdbf/0xf00 [ 120.913208][T12968] iter_file_splice_write+0x669/0x9e0 [ 120.918584][T12968] direct_splice_actor+0x156/0x2a0 [ 120.923694][T12968] splice_direct_to_actor+0x312/0x680 [ 120.929073][T12968] do_splice_direct+0xda/0x150 [ 120.933834][T12968] do_sendfile+0x380/0x650 [ 120.938258][T12968] __x64_sys_sendfile64+0x105/0x150 [ 120.943457][T12968] x64_sys_call+0x2bb0/0x2ff0 [ 120.948226][T12968] do_syscall_64+0xd2/0x200 [ 120.952762][T12968] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 120.958658][T12968] [ 120.960972][T12968] value changed: 0x02000021 -> 0x04000021 [ 120.966682][T12968] [ 120.968999][T12968] Reported by Kernel Concurrency Sanitizer on: [ 120.975148][T12968] CPU: 0 UID: 0 PID: 12968 Comm: syz.4.2872 Tainted: G W 6.17.0-rc1-syzkaller-00038-g0cc53520e68b #0 PREEMPT(voluntary) [ 120.989215][T12968] Tainted: [W]=WARN [ 120.993011][T12968] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 121.003164][T12968] ==================================================================